Warning: Permanently added '10.128.0.233' (ED25519) to the list of known hosts. 2025/12/01 18:02:35 parsed 1 programs [ 56.099753][ T4188] cgroup: Unknown subsys name 'net' [ 56.262877][ T4188] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 57.915585][ T4188] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS [ 61.989178][ T4269] chnl_net:caif_netlink_parms(): no params data found [ 62.047542][ T4269] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.057095][ T4269] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.068856][ T4269] device bridge_slave_0 entered promiscuous mode [ 62.103014][ T4269] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.118532][ T4269] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.132381][ T4269] device bridge_slave_1 entered promiscuous mode [ 62.177524][ T4269] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 62.217468][ T4269] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 62.279577][ T4269] team0: Port device team_slave_0 added [ 62.295500][ T4269] team0: Port device team_slave_1 added [ 62.321430][ T4269] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 62.333038][ T4269] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.373644][ T4269] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 62.390658][ T4269] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 62.398619][ T4269] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.436936][ T4269] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 62.495210][ T4269] device hsr_slave_0 entered promiscuous mode [ 62.504289][ T4269] device hsr_slave_1 entered promiscuous mode [ 62.692888][ T4269] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 62.712178][ T4269] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 62.730476][ T4269] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 62.760883][ T4269] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 62.799456][ T4269] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.814659][ T4269] bridge0: port 2(bridge_slave_1) entered forwarding state [ 62.826863][ T4269] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.836659][ T4269] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.954524][ T154] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.969003][ T154] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.995059][ T4269] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.013662][ T1281] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 63.034252][ T1281] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 63.055054][ T4269] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.074477][ T1281] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 63.089090][ T1281] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 63.099295][ T1281] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.115497][ T1281] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.152533][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 63.172928][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 63.190945][ T144] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.199349][ T144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.220649][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 63.250572][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 63.271509][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 63.285508][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 63.311847][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 63.322674][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 63.337863][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 63.354217][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 63.368265][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 63.378796][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 63.390420][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 63.403303][ T4269] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 63.594075][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 63.606424][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 63.637584][ T4269] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.693067][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 63.704832][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 63.735529][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 63.746286][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 63.764065][ T4269] device veth0_vlan entered promiscuous mode [ 63.773544][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 63.787555][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 63.813385][ T4269] device veth1_vlan entered promiscuous mode [ 63.843577][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 63.864699][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 63.881850][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 63.894438][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 63.908018][ T4269] device veth0_macvtap entered promiscuous mode [ 63.925179][ T4269] device veth1_macvtap entered promiscuous mode [ 63.954654][ T4269] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 63.965931][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 63.978459][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 63.988821][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 64.000968][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 64.017413][ T4269] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 64.029134][ T1281] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 64.039671][ T1281] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 64.053554][ T4269] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.067818][ T4269] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.078062][ T4269] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.088654][ T4269] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.372339][ T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 64.391455][ T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 64.406453][ T1281] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 64.413985][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 64.435700][ T1281] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 64.447653][ T1281] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 64.874548][ T9] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 2025/12/01 18:02:45 executed programs: 0 [ 65.236097][ T4295] chnl_net:caif_netlink_parms(): no params data found [ 65.285114][ T4295] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.301892][ T4295] bridge0: port 1(bridge_slave_0) entered disabled state [ 65.310989][ T4295] device bridge_slave_0 entered promiscuous mode [ 65.324949][ T4295] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.335721][ T4295] bridge0: port 2(bridge_slave_1) entered disabled state [ 65.345599][ T4295] device bridge_slave_1 entered promiscuous mode [ 65.391156][ T4295] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 65.403561][ T4295] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 65.436889][ T4295] team0: Port device team_slave_0 added [ 65.445784][ T4295] team0: Port device team_slave_1 added [ 65.473568][ T4295] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 65.489913][ T4295] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 65.529912][ T4295] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 65.551305][ T4295] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 65.563372][ T4295] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 65.604266][ T4295] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 65.653371][ T4295] device hsr_slave_0 entered promiscuous mode [ 65.663705][ T4295] device hsr_slave_1 entered promiscuous mode [ 65.675799][ T4295] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 65.690856][ T4295] Cannot create hsr debugfs directory [ 67.136033][ T9] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 67.168898][ T13] Bluetooth: hci0: command 0x0409 tx timeout [ 68.785769][ T9] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.847278][ T9] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 69.249345][ T4260] Bluetooth: hci0: command 0x041b tx timeout [ 69.734869][ T4295] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 69.774766][ T4295] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 69.791713][ T4295] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 69.825296][ T4295] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 69.920525][ T4295] 8021q: adding VLAN 0 to HW filter on device bond0 [ 69.948901][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 69.962318][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 69.985419][ T4295] 8021q: adding VLAN 0 to HW filter on device team0 [ 70.004551][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 70.015618][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 70.025815][ T1153] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.033586][ T1153] bridge0: port 1(bridge_slave_0) entered forwarding state [ 70.058268][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 70.067248][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 70.078132][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 70.088760][ T1153] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.098677][ T1153] bridge0: port 2(bridge_slave_1) entered forwarding state [ 70.111705][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 70.146228][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 70.163206][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 70.175538][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 70.187311][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 70.202934][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 70.213727][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 70.234550][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 70.247771][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 70.275694][ T4295] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 70.290517][ T4295] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 70.302849][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 70.313718][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 70.357775][ T9] device hsr_slave_0 left promiscuous mode [ 70.365819][ T9] device hsr_slave_1 left promiscuous mode [ 70.382768][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 70.391728][ T9] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 70.410444][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 70.422580][ T9] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 70.431882][ T9] device bridge_slave_1 left promiscuous mode [ 70.442725][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 70.456712][ T9] device bridge_slave_0 left promiscuous mode [ 70.464773][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 70.486392][ T9] device veth1_macvtap left promiscuous mode [ 70.498520][ T9] device veth0_macvtap left promiscuous mode [ 70.506399][ T9] device veth1_vlan left promiscuous mode [ 70.518231][ T9] device veth0_vlan left promiscuous mode [ 70.680305][ T9] team0 (unregistering): Port device team_slave_1 removed [ 70.697330][ T9] team0 (unregistering): Port device team_slave_0 removed [ 70.716151][ T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 70.732095][ T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 70.789271][ T9] bond0 (unregistering): Released all slaves [ 70.961957][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 70.984686][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 71.005560][ T4295] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 71.050382][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 71.076990][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 71.112644][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 71.131325][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 71.152711][ T4295] device veth0_vlan entered promiscuous mode [ 71.162639][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 71.177177][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 71.212538][ T4295] device veth1_vlan entered promiscuous mode [ 71.254216][ T1422] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.266847][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.275930][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 71.288466][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 71.300086][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 71.314195][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 71.328498][ T4295] device veth0_macvtap entered promiscuous mode [ 71.337279][ T4257] Bluetooth: hci0: command 0x040f tx timeout [ 71.350916][ T4295] device veth1_macvtap entered promiscuous mode [ 71.393764][ T4295] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 71.430982][ T1281] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 71.443246][ T1281] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 71.455886][ T1281] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 71.471477][ T1281] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 71.512305][ T4295] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 71.532682][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 71.544402][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 71.578468][ T4295] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.595826][ T4295] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.609958][ T4295] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.633737][ T4295] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.735687][ T1281] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.756936][ T1281] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.770143][ T154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.783640][ T154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.798957][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 71.823492][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 71.946167][ T4353] loop0: detected capacity change from 0 to 512 [ 72.004847][ T4353] [ 72.007532][ T4353] ====================================================== [ 72.018001][ T4353] WARNING: possible circular locking dependency detected [ 72.028385][ T4353] syzkaller #0 Not tainted [ 72.036025][ T4353] ------------------------------------------------------ [ 72.045328][ T4353] syz.0.17/4353 is trying to acquire lock: [ 72.053773][ T4353] ffff88807c208bd8 (&sbi->s_writepages_rwsem){.+.+}-{0:0}, at: ext4_writepages+0x1c0/0x2d20 [ 72.069515][ T4353] [ 72.069515][ T4353] but task is already holding lock: [ 72.080999][ T4353] ffff888070aeda80 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3e8/0x700 [ 72.093887][ T4353] [ 72.093887][ T4353] which lock already depends on the new lock. [ 72.093887][ T4353] [ 72.117914][ T4353] [ 72.117914][ T4353] the existing dependency chain (in reverse order) is: [ 72.130103][ T4353] [ 72.130103][ T4353] -> #2 (&ei->xattr_sem){++++}-{3:3}: [ 72.144172][ T4353] down_read+0x44/0x2e0 [ 72.149236][ T4353] ext4_setattr+0x71d/0x19e0 [ 72.160865][ T4353] notify_change+0xbcd/0xee0 [ 72.168095][ T4353] chown_common+0x483/0x610 [ 72.175635][ T4353] do_fchownat+0x164/0x270 [ 72.182375][ T4353] __x64_sys_chown+0x7e/0x90 [ 72.190483][ T4353] do_syscall_64+0x4c/0xa0 [ 72.201698][ T4353] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 72.210672][ T4353] [ 72.210672][ T4353] -> #1 (jbd2_handle){++++}-{0:0}: [ 72.232403][ T4353] start_this_handle+0x1338/0x15a0 [ 72.244657][ T4353] jbd2__journal_start+0x2b7/0x5a0 [ 72.252379][ T4353] __ext4_journal_start_sb+0x167/0x360 [ 72.266144][ T4353] ext4_writepages+0xdc2/0x2d20 [ 72.272430][ T4353] do_writepages+0x48d/0x6d0 [ 72.280777][ T4353] filemap_fdatawrite_wbc+0x1eb/0x240 [ 72.293517][ T4353] file_write_and_wait_range+0x129/0x1e0 [ 72.304337][ T4353] ext4_sync_file+0x1ff/0xae0 [ 72.310685][ T4353] __x64_sys_fsync+0x1a5/0x1e0 [ 72.318680][ T4353] do_syscall_64+0x4c/0xa0 [ 72.330292][ T4353] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 72.339412][ T4353] [ 72.339412][ T4353] -> #0 (&sbi->s_writepages_rwsem){.+.+}-{0:0}: [ 72.353035][ T4353] __lock_acquire+0x2c33/0x7c60 [ 72.359577][ T4353] lock_acquire+0x197/0x3f0 [ 72.366590][ T4353] percpu_down_read+0x46/0x1b0 [ 72.376135][ T4353] ext4_writepages+0x1c0/0x2d20 [ 72.382708][ T4353] do_writepages+0x48d/0x6d0 [ 72.388409][ T4353] __writeback_single_inode+0x153/0xda0 [ 72.397851][ T4353] writeback_single_inode+0x221/0x8b0 [ 72.405376][ T4353] write_inode_now+0x217/0x280 [ 72.412648][ T4353] iput+0x5ab/0x8a0 [ 72.419515][ T4353] ext4_xattr_set_entry+0x10ff/0x3d30 [ 72.426190][ T4353] ext4_xattr_block_set+0x4f7/0x2d30 [ 72.434225][ T4353] ext4_expand_extra_isize_ea+0xf4b/0x19a0 [ 72.441579][ T4353] __ext4_expand_extra_isize+0x301/0x3e0 [ 72.448619][ T4353] __ext4_mark_inode_dirty+0x469/0x700 [ 72.459140][ T4353] ext4_evict_inode+0xa81/0x1080 [ 72.469221][ T4353] evict+0x485/0x870 [ 72.474835][ T4353] ext4_orphan_cleanup+0xaa9/0x12e0 [ 72.483340][ T4353] ext4_fill_super+0x92f0/0x9a60 [ 72.492355][ T4353] mount_bdev+0x287/0x3c0 [ 72.497399][ T4353] legacy_get_tree+0xe6/0x180 [ 72.506067][ T4353] vfs_get_tree+0x88/0x270 [ 72.516449][ T4353] do_new_mount+0x24a/0xa40 [ 72.527105][ T4353] __se_sys_mount+0x2d6/0x3c0 [ 72.536897][ T4353] do_syscall_64+0x4c/0xa0 [ 72.542110][ T4353] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 72.548965][ T4353] [ 72.548965][ T4353] other info that might help us debug this: [ 72.548965][ T4353] [ 72.565491][ T4353] Chain exists of: [ 72.565491][ T4353] &sbi->s_writepages_rwsem --> jbd2_handle --> &ei->xattr_sem [ 72.565491][ T4353] [ 72.581381][ T4353] Possible unsafe locking scenario: [ 72.581381][ T4353] [ 72.589724][ T4353] CPU0 CPU1 [ 72.598024][ T4353] ---- ---- [ 72.603702][ T4353] lock(&ei->xattr_sem); [ 72.608875][ T4353] lock(jbd2_handle); [ 72.618546][ T4353] lock(&ei->xattr_sem); [ 72.627453][ T4353] lock(&sbi->s_writepages_rwsem); [ 72.635511][ T4353] [ 72.635511][ T4353] *** DEADLOCK *** [ 72.635511][ T4353] [ 72.644609][ T4353] 3 locks held by syz.0.17/4353: [ 72.650279][ T4353] #0: ffff88807c20a0e0 (&type->s_umount_key#28/1){+.+.}-{3:3}, at: alloc_super+0x201/0x950 [ 72.663027][ T4353] #1: ffff88807c20a650 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x444/0x1080 [ 72.679160][ T4353] #2: ffff888070aeda80 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3e8/0x700 [ 72.691788][ T4353] [ 72.691788][ T4353] stack backtrace: [ 72.703418][ T4353] CPU: 1 PID: 4353 Comm: syz.0.17 Not tainted syzkaller #0 [ 72.711173][ T4353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 72.727364][ T4353] Call Trace: [ 72.730966][ T4353] [ 72.735018][ T4353] dump_stack_lvl+0x168/0x230 [ 72.741772][ T4353] ? load_image+0x3b0/0x3b0 [ 72.746661][ T4353] ? show_regs_print_info+0x20/0x20 [ 72.753570][ T4353] ? print_circular_bug+0x12b/0x1a0 [ 72.759409][ T4353] check_noncircular+0x274/0x310 [ 72.764655][ T4353] ? add_chain_block+0x940/0x940 [ 72.770381][ T4353] ? lockdep_lock+0xdc/0x1e0 [ 72.777559][ T4353] ? lockdep_unlock+0x134/0x2d0 [ 72.783777][ T4353] ? mark_lock+0x94/0x320 [ 72.788922][ T4353] __lock_acquire+0x2c33/0x7c60 [ 72.795120][ T4353] ? verify_lock_unused+0x140/0x140 [ 72.802293][ T4353] ? verify_lock_unused+0x140/0x140 [ 72.807778][ T4353] lock_acquire+0x197/0x3f0 [ 72.816214][ T4353] ? ext4_writepages+0x1c0/0x2d20 [ 72.823644][ T4353] ? check_path+0x40/0x40 [ 72.829049][ T4353] ? __might_sleep+0xf0/0xf0 [ 72.834103][ T4353] ? read_lock_is_recursive+0x10/0x10 [ 72.839856][ T4353] ? mark_lock+0x94/0x320 [ 72.845434][ T4353] ? __lock_acquire+0x13ad/0x7c60 [ 72.852418][ T4353] percpu_down_read+0x46/0x1b0 [ 72.859268][ T4353] ? ext4_writepages+0x1c0/0x2d20 [ 72.865583][ T4353] ext4_writepages+0x1c0/0x2d20 [ 72.871522][ T4353] ? rcu_is_watching+0x11/0xa0 [ 72.877868][ T4353] ? lock_release+0xba/0x870 [ 72.883132][ T4353] ? rcu_lock_release+0x5/0x20 [ 72.888883][ T4353] ? mark_lock+0x94/0x320 [ 72.894496][ T4353] ? verify_lock_unused+0x140/0x140 [ 72.901412][ T4353] ? mark_lock+0x94/0x320 [ 72.906169][ T4353] ? ext4_readpage+0x2e0/0x2e0 [ 72.912526][ T4353] ? __lock_acquire+0x13ad/0x7c60 [ 72.919046][ T4353] ? rcu_lock_release+0x5/0x20 [ 72.930306][ T4353] ? __lock_acquire+0x7c60/0x7c60 [ 72.935968][ T4353] ? do_raw_spin_lock+0x11d/0x280 [ 72.941549][ T4353] ? _raw_spin_lock_irqsave+0x7f/0xf0 [ 72.947446][ T4353] ? do_raw_spin_unlock+0x11d/0x230 [ 72.953609][ T4353] ? ext4_readpage+0x2e0/0x2e0 [ 72.960231][ T4353] do_writepages+0x48d/0x6d0 [ 72.965726][ T4353] ? __writepage+0x130/0x130 [ 72.970488][ T4353] ? writeback_single_inode+0x216/0x8b0 [ 72.978489][ T4353] ? __lock_acquire+0x7c60/0x7c60 [ 72.983833][ T4353] ? do_raw_spin_lock+0x11d/0x280 [ 72.989499][ T4353] __writeback_single_inode+0x153/0xda0 [ 72.996001][ T4353] writeback_single_inode+0x221/0x8b0 [ 73.005164][ T4353] ? write_inode_now+0x280/0x280 [ 73.010658][ T4353] write_inode_now+0x217/0x280 [ 73.016834][ T4353] ? bdi_split_work_to_wbs+0x820/0x820 [ 73.026332][ T4353] ? do_raw_spin_unlock+0x11d/0x230 [ 73.031845][ T4353] iput+0x5ab/0x8a0 [ 73.036400][ T4353] ext4_xattr_set_entry+0x10ff/0x3d30 [ 73.042741][ T4353] ? ext4_xattr_ibody_set+0x330/0x330 [ 73.048744][ T4353] ? rcu_is_watching+0x11/0xa0 [ 73.056354][ T4353] ? kmem_cache_free+0x14c/0x210 [ 73.061945][ T4353] ? mb_cache_entry_delete_or_get+0x1bd/0x1e0 [ 73.069095][ T4353] ext4_xattr_block_set+0x4f7/0x2d30 [ 73.076339][ T4353] ? do_raw_spin_unlock+0x11d/0x230 [ 73.082738][ T4353] ? __ext4_xattr_check_block+0x7d8/0x8d0 [ 73.090479][ T4353] ? ext4_xattr_block_find+0x500/0x500 [ 73.097654][ T4353] ? ext4_xattr_block_find+0x433/0x500 [ 73.104132][ T4353] ext4_expand_extra_isize_ea+0xf4b/0x19a0 [ 73.110547][ T4353] __ext4_expand_extra_isize+0x301/0x3e0 [ 73.120169][ T4353] __ext4_mark_inode_dirty+0x469/0x700 [ 73.125997][ T4353] ext4_evict_inode+0xa81/0x1080 [ 73.131280][ T4353] ? _raw_spin_unlock+0x24/0x40 [ 73.136620][ T4353] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 73.144179][ T4353] ? do_raw_spin_unlock+0x11d/0x230 [ 73.149797][ T4353] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 73.156556][ T4353] evict+0x485/0x870 [ 73.161812][ T4353] ? __lock_acquire+0x7c60/0x7c60 [ 73.167437][ T4353] ? proc_nr_inodes+0x320/0x320 [ 73.173298][ T4353] ? do_raw_spin_unlock+0x11d/0x230 [ 73.179879][ T4353] ? _raw_spin_unlock+0x24/0x40 [ 73.185441][ T4353] ? iput+0x706/0x8a0 [ 73.191120][ T4353] ext4_orphan_cleanup+0xaa9/0x12e0 [ 73.197193][ T4353] ? ext4_orphan_del+0xb90/0xb90 [ 73.203778][ T4353] ? errseq_check_and_advance+0x62/0x120 [ 73.210021][ T4353] ext4_fill_super+0x92f0/0x9a60 [ 73.218531][ T4353] ? ext4_mount+0x40/0x40 [ 73.226437][ T4353] ? set_blocksize+0x1f1/0x370 [ 73.233845][ T4353] ? sb_set_blocksize+0xa5/0xe0 [ 73.240664][ T4353] mount_bdev+0x287/0x3c0 [ 73.245890][ T4353] ? ext4_mount+0x40/0x40 [ 73.250298][ T4353] legacy_get_tree+0xe6/0x180 [ 73.256100][ T4353] ? ext4_errno_to_code+0x160/0x160 [ 73.262491][ T4353] vfs_get_tree+0x88/0x270 [ 73.267488][ T4353] do_new_mount+0x24a/0xa40 [ 73.272947][ T4353] __se_sys_mount+0x2d6/0x3c0 [ 73.280438][ T4353] ? __x64_sys_mount+0xc0/0xc0 [ 73.285616][ T4353] ? lockdep_hardirqs_on+0x94/0x140 [ 73.293109][ T4353] ? __x64_sys_mount+0x1c/0xc0 [ 73.299627][ T4353] do_syscall_64+0x4c/0xa0 [ 73.311430][ T4353] ? clear_bhb_loop+0x30/0x80 [ 73.324197][ T4353] ? clear_bhb_loop+0x30/0x80 [ 73.329956][ T4353] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 73.344533][ T4353] RIP: 0033:0x7f02c2767eea [ 73.362782][ T4353] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 73.390859][ T4353] RSP: 002b:00007ffd86e8bbc8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 73.404264][ T4353] RAX: ffffffffffffffda RBX: 00007ffd86e8bc50 RCX: 00007f02c2767eea [ 73.412959][ T4353] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007ffd86e8bc10 [ 73.422346][ T4353] RBP: 0000200000000180 R08: 00007ffd86e8bc50 R09: 0000000000800700 [ 73.432154][ T4353] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0 [ 73.442007][ T4353] R13: 00007ffd86e8bc10 R14: 000000000000046f R15: 000000000000002c [ 73.451303][ T4353] [ 73.456208][ T4259] Bluetooth: hci0: command 0x0419 tx timeout [ 73.463927][ T4353] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #11: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 73.485402][ T4353] EXT4-fs (loop0): Remounting filesystem read-only [ 73.493759][ T4353] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 11 err=-117 [ 73.508678][ T4353] EXT4-fs (loop0): Remounting filesystem read-only [ 73.516964][ T4353] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2826: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 73.531987][ T4353] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #11: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 73.553146][ T4353] EXT4-fs (loop0): Remounting filesystem read-only [ 73.564727][ T4353] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 11 err=-117 [ 73.578976][ T4353] EXT4-fs (loop0): Remounting filesystem read-only [ 73.586907][ T4353] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #18: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 73.602841][ T4353] EXT4-fs (loop0): Remounting filesystem read-only [ 73.610524][ T4353] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 18 err=-117 [ 73.625271][ T4353] EXT4-fs (loop0): Remounting filesystem read-only [ 73.636114][ T4353] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #18: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 73.655743][ T4353] EXT4-fs (loop0): Remounting filesystem read-only [ 73.663564][ T4353] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 18 err=-117 [ 73.683359][ T4353] EXT4-fs (loop0): Remounting filesystem read-only [ 73.690710][ T4353] EXT4-fs (loop0): 1 orphan inode deleted [ 73.698610][ T4353] EXT4-fs (loop0): mounted filesystem without journal. Opts: nodioread_nolock,errors=remount-ro,debug_want_extra_isize=0x000000000000005a,nouid32,resgid=0x0000000000000000,acl,init_itable=0x0000000000000003,. Quota mode: none.