Warning: Permanently added '10.128.0.212' (ED25519) to the list of known hosts. 2025/12/20 00:58:57 parsed 1 programs [ 84.880004][ T4279] cgroup: Unknown subsys name 'net' [ 85.012070][ T4279] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 86.527970][ T4279] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS [ 86.748068][ T14] cfg80211: failed to load regulatory.db [ 89.327476][ T4308] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 89.335397][ T4308] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 89.343646][ T4308] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 89.355187][ T4308] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 89.363013][ T4308] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 89.370634][ T4308] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 89.584502][ T34] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.611292][ T34] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.629520][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 89.669489][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.677815][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.687317][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 90.247114][ T4332] chnl_net:caif_netlink_parms(): no params data found [ 90.310724][ T4332] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.318106][ T4332] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.326848][ T4332] device bridge_slave_0 entered promiscuous mode [ 90.336157][ T4332] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.343313][ T4332] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.351868][ T4332] device bridge_slave_1 entered promiscuous mode [ 90.383332][ T4332] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 90.394470][ T4332] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 90.422236][ T4332] team0: Port device team_slave_0 added [ 90.431842][ T4332] team0: Port device team_slave_1 added [ 90.457068][ T4332] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 90.464068][ T4332] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 90.490360][ T4332] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 90.503433][ T4332] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 90.510646][ T4332] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 90.536745][ T4332] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 90.578506][ T4332] device hsr_slave_0 entered promiscuous mode [ 90.585286][ T4332] device hsr_slave_1 entered promiscuous mode [ 90.710560][ T4332] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 90.731279][ T4332] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 90.771736][ T4332] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 90.792430][ T4332] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 90.859326][ T4332] 8021q: adding VLAN 0 to HW filter on device bond0 [ 90.873243][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 90.883400][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 90.894860][ T4332] 8021q: adding VLAN 0 to HW filter on device team0 [ 90.908028][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 90.918242][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 90.927803][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.935170][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 90.945266][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 90.965964][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 90.975312][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 90.984461][ T34] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.991629][ T34] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.002122][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 91.024516][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 91.038434][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 91.047423][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 91.057441][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 91.077351][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 91.086662][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 91.099218][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 91.108363][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 91.132227][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 91.141041][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 91.153416][ T4332] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 91.360003][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 91.368364][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 91.391024][ T4332] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.408674][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 91.417891][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 91.440719][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 91.450627][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 91.458728][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 91.502148][ T4332] device veth0_vlan entered promiscuous mode [ 91.516410][ T4332] device veth1_vlan entered promiscuous mode [ 91.538569][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 91.548578][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 91.557863][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 91.572634][ T4332] device veth0_macvtap entered promiscuous mode [ 91.584857][ T4332] device veth1_macvtap entered promiscuous mode [ 91.624940][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 91.642115][ T4332] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 91.650491][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 91.660320][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 91.690710][ T4332] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 91.699164][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 91.708111][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 91.721135][ T4332] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.730769][ T4332] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.739795][ T4332] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.749501][ T4332] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.923222][ T11] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 2025/12/20 00:59:07 executed programs: 0 [ 92.785193][ T48] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 92.793760][ T48] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 92.801660][ T48] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 92.811719][ T48] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 92.820340][ T48] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 92.828463][ T48] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 92.972128][ T4371] chnl_net:caif_netlink_parms(): no params data found [ 93.034115][ T4371] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.041386][ T4371] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.049539][ T4371] device bridge_slave_0 entered promiscuous mode [ 93.057866][ T4371] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.065060][ T4371] bridge0: port 2(bridge_slave_1) entered disabled state [ 93.073340][ T4371] device bridge_slave_1 entered promiscuous mode [ 93.106529][ T4371] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 93.117944][ T4371] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 93.155686][ T4371] team0: Port device team_slave_0 added [ 93.171056][ T4371] team0: Port device team_slave_1 added [ 93.202066][ T4371] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 93.209269][ T4371] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.235922][ T4371] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 93.250173][ T4371] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 93.257551][ T4371] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.283845][ T4371] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 93.324645][ T4371] device hsr_slave_0 entered promiscuous mode [ 93.333179][ T4371] device hsr_slave_1 entered promiscuous mode [ 93.342124][ T4371] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 93.352939][ T4371] Cannot create hsr debugfs directory [ 94.448236][ T11] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 94.906616][ T4308] Bluetooth: hci0: command 0x0409 tx timeout [ 96.758335][ T11] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.839733][ T11] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.986827][ T48] Bluetooth: hci0: command 0x041b tx timeout [ 97.665179][ T4371] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 97.678396][ T4371] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 97.701579][ T4371] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 97.714893][ T4371] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 97.802586][ T11] device hsr_slave_0 left promiscuous mode [ 97.811441][ T11] device hsr_slave_1 left promiscuous mode [ 97.818895][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 97.826840][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 97.835401][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 97.842988][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 97.851089][ T11] device bridge_slave_1 left promiscuous mode [ 97.858365][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 97.870965][ T11] device bridge_slave_0 left promiscuous mode [ 97.878820][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 97.906781][ T11] device veth1_macvtap left promiscuous mode [ 97.913283][ T11] device veth0_macvtap left promiscuous mode [ 97.919615][ T11] device veth1_vlan left promiscuous mode [ 97.925707][ T11] device veth0_vlan left promiscuous mode [ 98.270144][ T11] team0 (unregistering): Port device team_slave_1 removed [ 98.303509][ T11] team0 (unregistering): Port device team_slave_0 removed [ 98.332132][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 98.362623][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 98.660165][ T11] bond0 (unregistering): Released all slaves [ 98.751896][ T4371] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.765515][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 98.773905][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 98.785388][ T4371] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.813399][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 98.822267][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 98.831764][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.838916][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.848338][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 98.857628][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 98.866622][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.873743][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.881698][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 98.893084][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 98.914236][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 98.927328][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 98.936640][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 98.945317][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 98.964867][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 98.977315][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 98.993240][ T4371] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 99.004430][ T4371] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 99.020870][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 99.030249][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 99.039375][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 99.048118][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 99.057328][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 99.066101][ T48] Bluetooth: hci0: command 0x040f tx timeout [ 99.297350][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 99.304882][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 99.317965][ T4371] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.335627][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 99.344715][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 99.367425][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 99.376030][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 99.384499][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 99.393170][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 99.401884][ T4371] device veth0_vlan entered promiscuous mode [ 99.413477][ T4371] device veth1_vlan entered promiscuous mode [ 99.441876][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 99.450312][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 99.459116][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 99.468059][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 99.478745][ T4371] device veth0_macvtap entered promiscuous mode [ 99.498686][ T4371] device veth1_macvtap entered promiscuous mode [ 99.514166][ T4371] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.523414][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 99.532130][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 99.540794][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 99.549893][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 99.575056][ T4371] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.583148][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 99.591872][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 99.603353][ T4371] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.612287][ T4371] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.622212][ T4371] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.632956][ T4371] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.705098][ T56] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.716121][ T56] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.732738][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 99.753005][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.761261][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.771445][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 99.832918][ T4422] loop0: detected capacity change from 0 to 512 [ 99.863347][ T4422] [ 99.865753][ T4422] ====================================================== [ 99.872800][ T4422] WARNING: possible circular locking dependency detected [ 99.879853][ T4422] syzkaller #0 Not tainted [ 99.884296][ T4422] ------------------------------------------------------ [ 99.891335][ T4422] syz.0.17/4422 is trying to acquire lock: [ 99.897184][ T4422] ffff88802413ab98 (&sbi->s_writepages_rwsem){.+.+}-{0:0}, at: ext4_writepages+0x1c0/0x2e50 [ 99.907342][ T4422] [ 99.907342][ T4422] but task is already holding lock: [ 99.914741][ T4422] ffff88806917db10 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3fe/0x770 [ 99.924624][ T4422] [ 99.924624][ T4422] which lock already depends on the new lock. [ 99.924624][ T4422] [ 99.935037][ T4422] [ 99.935037][ T4422] the existing dependency chain (in reverse order) is: [ 99.944049][ T4422] [ 99.944049][ T4422] -> #2 (&ei->xattr_sem){++++}-{3:3}: [ 99.951618][ T4422] down_read+0x42/0x2d0 [ 99.956308][ T4422] ext4_setattr+0x92a/0x19f0 [ 99.961425][ T4422] notify_change+0xc74/0xf40 [ 99.966545][ T4422] chown_common+0x486/0x620 [ 99.971570][ T4422] do_fchownat+0x164/0x270 [ 99.976513][ T4422] __x64_sys_chown+0x7e/0x90 [ 99.981628][ T4422] do_syscall_64+0x4c/0xa0 [ 99.986570][ T4422] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 99.992990][ T4422] [ 99.992990][ T4422] -> #1 (jbd2_handle){++++}-{0:0}: [ 100.000292][ T4422] start_this_handle+0x1f49/0x2150 [ 100.005945][ T4422] jbd2__journal_start+0x2b7/0x5a0 [ 100.011603][ T4422] __ext4_journal_start_sb+0x187/0x3d0 [ 100.017585][ T4422] ext4_writepages+0xde7/0x2e50 [ 100.022953][ T4422] do_writepages+0x3b7/0x610 [ 100.028156][ T4422] __writeback_single_inode+0x156/0x1160 [ 100.034317][ T4422] writeback_sb_inodes+0xad8/0x17d0 [ 100.040043][ T4422] __writeback_inodes_wb+0x12a/0x3f0 [ 100.045885][ T4422] wb_writeback+0x47a/0xd00 [ 100.050910][ T4422] wb_workfn+0xb66/0xec0 [ 100.055673][ T4422] process_one_work+0x898/0x1160 [ 100.061138][ T4422] worker_thread+0xaa2/0x1250 [ 100.066340][ T4422] kthread+0x29d/0x330 [ 100.070938][ T4422] ret_from_fork+0x1f/0x30 [ 100.075891][ T4422] [ 100.075891][ T4422] -> #0 (&sbi->s_writepages_rwsem){.+.+}-{0:0}: [ 100.084367][ T4422] __lock_acquire+0x2cf8/0x7c50 [ 100.089764][ T4422] lock_acquire+0x1b4/0x490 [ 100.094801][ T4422] percpu_down_read+0x44/0x1a0 [ 100.100096][ T4422] ext4_writepages+0x1c0/0x2e50 [ 100.105490][ T4422] do_writepages+0x3b7/0x610 [ 100.110615][ T4422] __writeback_single_inode+0x156/0x1160 [ 100.116781][ T4422] writeback_single_inode+0x221/0x8b0 [ 100.122686][ T4422] write_inode_now+0x15d/0x1d0 [ 100.127976][ T4422] iput+0x613/0x980 [ 100.132333][ T4422] ext4_xattr_block_set+0x2736/0x32a0 [ 100.138258][ T4422] ext4_expand_extra_isize_ea+0x109b/0x19b0 [ 100.144678][ T4422] __ext4_expand_extra_isize+0x301/0x3e0 [ 100.150837][ T4422] __ext4_mark_inode_dirty+0x47f/0x770 [ 100.156829][ T4422] ext4_evict_inode+0xa73/0x1100 [ 100.162294][ T4422] evict+0x485/0x870 [ 100.166717][ T4422] ext4_orphan_cleanup+0xbd3/0x1400 [ 100.172459][ T4422] ext4_fill_super+0x7bdf/0x8150 [ 100.177940][ T4422] get_tree_bdev+0x3f1/0x610 [ 100.183065][ T4422] vfs_get_tree+0x88/0x270 [ 100.188018][ T4422] do_new_mount+0x24a/0xa40 [ 100.193047][ T4422] __se_sys_mount+0x2d6/0x3c0 [ 100.198253][ T4422] do_syscall_64+0x4c/0xa0 [ 100.203204][ T4422] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 100.209626][ T4422] [ 100.209626][ T4422] other info that might help us debug this: [ 100.209626][ T4422] [ 100.219853][ T4422] Chain exists of: [ 100.219853][ T4422] &sbi->s_writepages_rwsem --> jbd2_handle --> &ei->xattr_sem [ 100.219853][ T4422] [ 100.233261][ T4422] Possible unsafe locking scenario: [ 100.233261][ T4422] [ 100.240726][ T4422] CPU0 CPU1 [ 100.246094][ T4422] ---- ---- [ 100.251457][ T4422] lock(&ei->xattr_sem); [ 100.255822][ T4422] lock(jbd2_handle); [ 100.262425][ T4422] lock(&ei->xattr_sem); [ 100.269288][ T4422] lock(&sbi->s_writepages_rwsem); [ 100.274511][ T4422] [ 100.274511][ T4422] *** DEADLOCK *** [ 100.274511][ T4422] [ 100.282658][ T4422] 3 locks held by syz.0.17/4422: [ 100.287593][ T4422] #0: ffff8880241380e0 (&type->s_umount_key#27/1){+.+.}-{3:3}, at: alloc_super+0x1fa/0x930 [ 100.297743][ T4422] #1: ffff888024138650 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x436/0x1100 [ 100.307249][ T4422] #2: ffff88806917db10 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3fe/0x770 [ 100.317549][ T4422] [ 100.317549][ T4422] stack backtrace: [ 100.323457][ T4422] CPU: 0 PID: 4422 Comm: syz.0.17 Not tainted syzkaller #0 [ 100.330660][ T4422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 100.340764][ T4422] Call Trace: [ 100.344056][ T4422] [ 100.347000][ T4422] dump_stack_lvl+0x168/0x22e [ 100.351696][ T4422] ? load_image+0x3b0/0x3b0 [ 100.356214][ T4422] ? show_regs_print_info+0x12/0x12 [ 100.361431][ T4422] ? print_circular_bug+0x12b/0x1a0 [ 100.366660][ T4422] check_noncircular+0x274/0x310 [ 100.371613][ T4422] ? add_chain_block+0x940/0x940 [ 100.376654][ T4422] ? lockdep_lock+0xdc/0x1e0 [ 100.381269][ T4422] ? verify_lock_unused+0x140/0x140 [ 100.386487][ T4422] ? _find_first_zero_bit+0xcf/0x100 [ 100.391783][ T4422] __lock_acquire+0x2cf8/0x7c50 [ 100.396678][ T4422] ? verify_lock_unused+0x140/0x140 [ 100.401900][ T4422] ? mark_lock+0x94/0x320 [ 100.406242][ T4422] ? __lock_acquire+0x13c0/0x7c50 [ 100.411278][ T4422] lock_acquire+0x1b4/0x490 [ 100.415793][ T4422] ? ext4_writepages+0x1c0/0x2e50 [ 100.420836][ T4422] ? __might_sleep+0xd0/0xd0 [ 100.425437][ T4422] ? read_lock_is_recursive+0x10/0x10 [ 100.430826][ T4422] ? __lock_acquire+0x12e5/0x7c50 [ 100.435874][ T4422] ? mark_lock+0x94/0x320 [ 100.440228][ T4422] percpu_down_read+0x44/0x1a0 [ 100.444998][ T4422] ? ext4_writepages+0x1c0/0x2e50 [ 100.450025][ T4422] ext4_writepages+0x1c0/0x2e50 [ 100.454882][ T4422] ? __lock_acquire+0x13c0/0x7c50 [ 100.459923][ T4422] ? verify_lock_unused+0x140/0x140 [ 100.465130][ T4422] ? mark_lock+0x94/0x320 [ 100.469468][ T4422] ? ext4_read_folio+0x370/0x370 [ 100.474409][ T4422] ? __lock_acquire+0x13c0/0x7c50 [ 100.479454][ T4422] ? __lock_acquire+0x7c50/0x7c50 [ 100.484484][ T4422] ? do_raw_spin_lock+0x11d/0x280 [ 100.489555][ T4422] ? do_raw_spin_unlock+0x11d/0x230 [ 100.494768][ T4422] ? ext4_read_folio+0x370/0x370 [ 100.499710][ T4422] do_writepages+0x3b7/0x610 [ 100.504319][ T4422] ? __writepage+0x130/0x130 [ 100.508934][ T4422] ? writeback_single_inode+0x216/0x8b0 [ 100.514520][ T4422] ? __lock_acquire+0x7c50/0x7c50 [ 100.519557][ T4422] ? do_raw_spin_lock+0x11d/0x280 [ 100.524592][ T4422] ? __ext4_expand_extra_isize+0x301/0x3e0 [ 100.530490][ T4422] __writeback_single_inode+0x156/0x1160 [ 100.536147][ T4422] writeback_single_inode+0x221/0x8b0 [ 100.541550][ T4422] ? write_inode_now+0x1d0/0x1d0 [ 100.546535][ T4422] write_inode_now+0x15d/0x1d0 [ 100.551316][ T4422] ? bdi_split_work_to_wbs+0x890/0x890 [ 100.556789][ T4422] ? rcu_is_watching+0x11/0xa0 [ 100.561577][ T4422] ? do_raw_spin_unlock+0x11d/0x230 [ 100.566791][ T4422] iput+0x613/0x980 [ 100.570603][ T4422] ext4_xattr_block_set+0x2736/0x32a0 [ 100.575982][ T4422] ? __might_sleep+0xd0/0xd0 [ 100.580678][ T4422] ? xattr_find_entry+0x12b/0x2f0 [ 100.585724][ T4422] ? ext4_xattr_block_find+0x2b0/0x2b0 [ 100.591205][ T4422] ? ext4_xattr_block_find+0x241/0x2b0 [ 100.596678][ T4422] ext4_expand_extra_isize_ea+0x109b/0x19b0 [ 100.602592][ T4422] __ext4_expand_extra_isize+0x301/0x3e0 [ 100.608266][ T4422] __ext4_mark_inode_dirty+0x47f/0x770 [ 100.613759][ T4422] ext4_evict_inode+0xa73/0x1100 [ 100.618723][ T4422] ? _raw_spin_unlock+0x24/0x40 [ 100.623589][ T4422] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 100.629497][ T4422] ? do_raw_spin_unlock+0x11d/0x230 [ 100.634706][ T4422] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 100.640632][ T4422] evict+0x485/0x870 [ 100.644540][ T4422] ? __lock_acquire+0x7c50/0x7c50 [ 100.649577][ T4422] ? proc_nr_inodes+0x2f0/0x2f0 [ 100.654438][ T4422] ? do_raw_spin_unlock+0x11d/0x230 [ 100.659651][ T4422] ? _raw_spin_unlock+0x24/0x40 [ 100.664511][ T4422] ? iput+0x768/0x980 [ 100.668513][ T4422] ext4_orphan_cleanup+0xbd3/0x1400 [ 100.673727][ T4422] ? ext4_orphan_del+0xb90/0xb90 [ 100.678677][ T4422] ? errseq_check_and_advance+0x62/0x120 [ 100.684346][ T4422] ext4_fill_super+0x7bdf/0x8150 [ 100.689290][ T4422] ? bdev_name+0x2c1/0x3f0 [ 100.693727][ T4422] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 100.699975][ T4422] ? snprintf+0xd7/0x120 [ 100.704221][ T4422] ? preempt_count_add+0x8d/0x190 [ 100.709259][ T4422] ? vscnprintf+0x80/0x80 [ 100.713600][ T4422] ? set_blocksize+0x1d0/0x470 [ 100.718382][ T4422] ? sb_set_blocksize+0xa5/0xe0 [ 100.723238][ T4422] get_tree_bdev+0x3f1/0x610 [ 100.727834][ T4422] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 100.734077][ T4422] vfs_get_tree+0x88/0x270 [ 100.738503][ T4422] do_new_mount+0x24a/0xa40 [ 100.743009][ T4422] __se_sys_mount+0x2d6/0x3c0 [ 100.747705][ T4422] ? __x64_sys_mount+0xc0/0xc0 [ 100.752512][ T4422] ? lockdep_hardirqs_on+0x94/0x140 [ 100.757739][ T4422] ? __x64_sys_mount+0x1c/0xc0 [ 100.762522][ T4422] do_syscall_64+0x4c/0xa0 [ 100.766959][ T4422] ? clear_bhb_loop+0x60/0xb0 [ 100.771645][ T4422] ? clear_bhb_loop+0x60/0xb0 [ 100.776338][ T4422] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 100.782235][ T4422] RIP: 0033:0x7fda89d90eea [ 100.786669][ T4422] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 100.806283][ T4422] RSP: 002b:00007ffe43527108 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 100.814712][ T4422] RAX: ffffffffffffffda RBX: 00007ffe43527190 RCX: 00007fda89d90eea [ 100.822688][ T4422] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007ffe43527150 [ 100.830672][ T4422] RBP: 0000200000000180 R08: 00007ffe43527190 R09: 0000000000800700 [ 100.838734][ T4422] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0 [ 100.846706][ T4422] R13: 00007ffe43527150 R14: 000000000000046f R15: 000000000000002c [ 100.854683][ T4422] [ 100.866455][ T4422] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #11: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 100.880535][ T4422] EXT4-fs (loop0): Remounting filesystem read-only [ 100.889455][ T4422] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 11 err=-117 [ 100.902383][ T4422] EXT4-fs (loop0): Remounting filesystem read-only [ 100.909900][ T4422] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2819: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 100.923394][ T4422] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #11: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 100.937304][ T4422] EXT4-fs (loop0): Remounting filesystem read-only [ 100.943868][ T4422] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 11 err=-117 [ 100.956516][ T4422] EXT4-fs (loop0): Remounting filesystem read-only [ 100.963102][ T4422] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #18: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 100.976664][ T4422] EXT4-fs (loop0): Remounting filesystem read-only [ 100.983232][ T4422] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 18 err=-117 [ 100.996325][ T4422] EXT4-fs (loop0): Remounting filesystem read-only [ 101.002970][ T4422] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #18: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 101.016902][ T4422] EXT4-fs (loop0): Remounting filesystem read-only [ 101.023500][ T4422] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 18 err=-117 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 101.036344][ T4422] EXT4-fs (loop0): Remounting filesystem read-only [ 101.042965][ T4422] EXT4-fs (loop0): 1 orphan inode deleted [ 101.048777][ T4422] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 101.098136][ T4371] EXT4-fs (loop0): unmounting filesystem.