Warning: Permanently added '10.128.1.145' (ED25519) to the list of known hosts. 2025/12/15 05:02:30 parsed 1 programs [ 63.011603][ T4269] cgroup: Unknown subsys name 'net' [ 63.149605][ T4269] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 64.449526][ T4269] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS [ 65.956106][ T4286] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 65.963590][ T4286] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 65.971453][ T4286] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 65.979531][ T4286] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 65.987041][ T4286] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 65.995504][ T4286] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 66.698145][ T4306] chnl_net:caif_netlink_parms(): no params data found [ 66.756321][ T4306] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.763819][ T4306] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.771831][ T4306] device bridge_slave_0 entered promiscuous mode [ 66.780538][ T4306] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.787780][ T4306] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.795448][ T4306] device bridge_slave_1 entered promiscuous mode [ 66.814917][ T4306] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 66.825941][ T4306] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 66.848048][ T4306] team0: Port device team_slave_0 added [ 66.855579][ T4306] team0: Port device team_slave_1 added [ 66.872130][ T4306] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 66.879217][ T4306] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 66.905256][ T4306] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 66.917867][ T4306] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 66.924973][ T4306] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 66.950927][ T4306] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 66.989385][ T4306] device hsr_slave_0 entered promiscuous mode [ 66.996723][ T4306] device hsr_slave_1 entered promiscuous mode [ 67.094264][ T4306] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 67.112843][ T4306] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 67.122098][ T4306] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 67.130756][ T4306] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 67.153417][ T4306] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.160651][ T4306] bridge0: port 2(bridge_slave_1) entered forwarding state [ 67.168487][ T4306] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.175577][ T4306] bridge0: port 1(bridge_slave_0) entered forwarding state [ 67.219361][ T4306] 8021q: adding VLAN 0 to HW filter on device bond0 [ 67.231703][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 67.242486][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.251048][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.259715][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 67.280025][ T4306] 8021q: adding VLAN 0 to HW filter on device team0 [ 67.290768][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 67.299534][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.306664][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 67.326719][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 67.335281][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.342336][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 67.351027][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 67.360020][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 67.378591][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 67.390608][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 67.401530][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 67.412084][ T4306] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 67.566825][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 67.574390][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 67.589991][ T4306] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 67.611980][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 67.630545][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 67.640426][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 67.650136][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 67.661613][ T4306] device veth0_vlan entered promiscuous mode [ 67.680173][ T4306] device veth1_vlan entered promiscuous mode [ 67.706345][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 67.716589][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 67.727603][ T4306] device veth0_macvtap entered promiscuous mode [ 67.736750][ T4306] device veth1_macvtap entered promiscuous mode [ 67.751081][ T4306] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 67.759397][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 67.767384][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 67.775983][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 67.785936][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 67.800281][ T4306] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 67.808434][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 67.817828][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 67.828683][ T4306] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.838053][ T4306] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.846964][ T4306] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.856169][ T4306] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.973279][ T9] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.121783][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.138146][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.147168][ T75] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.149118][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 68.157023][ T75] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.171482][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 2025/12/15 05:02:38 executed programs: 0 [ 69.596072][ T48] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 69.603840][ T48] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 69.612337][ T48] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 69.620257][ T48] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 69.629116][ T48] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 69.636947][ T48] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 69.741340][ T4367] chnl_net:caif_netlink_parms(): no params data found [ 69.779142][ T4367] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.786950][ T4367] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.795297][ T4367] device bridge_slave_0 entered promiscuous mode [ 69.804236][ T4367] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.811347][ T4367] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.819153][ T4367] device bridge_slave_1 entered promiscuous mode [ 69.839477][ T4367] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.850193][ T4367] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.877720][ T4367] team0: Port device team_slave_0 added [ 69.885684][ T4367] team0: Port device team_slave_1 added [ 69.902375][ T4367] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 69.909425][ T4367] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.935597][ T4367] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 69.948694][ T4367] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 69.955920][ T4367] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.982487][ T4367] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 70.010899][ T4367] device hsr_slave_0 entered promiscuous mode [ 70.017562][ T4367] device hsr_slave_1 entered promiscuous mode [ 70.025096][ T4367] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 70.032883][ T4367] Cannot create hsr debugfs directory [ 70.463769][ T9] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 71.227420][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.233822][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.704674][ T48] Bluetooth: hci0: command 0x0409 tx timeout [ 72.821858][ T9] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 72.884372][ T9] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.630423][ T9] device hsr_slave_0 left promiscuous mode [ 73.649629][ T9] device hsr_slave_1 left promiscuous mode [ 73.673402][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 73.685236][ T9] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 73.693625][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 73.703304][ T9] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 73.712036][ T9] device bridge_slave_1 left promiscuous mode [ 73.721555][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.733338][ T9] device bridge_slave_0 left promiscuous mode [ 73.742958][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 73.767213][ T9] device veth1_macvtap left promiscuous mode [ 73.773460][ T9] device veth0_macvtap left promiscuous mode [ 73.780017][ T9] device veth1_vlan left promiscuous mode [ 73.786432][ T48] Bluetooth: hci0: command 0x041b tx timeout [ 73.787134][ T9] device veth0_vlan left promiscuous mode [ 74.047785][ T9] team0 (unregistering): Port device team_slave_1 removed [ 74.071547][ T9] team0 (unregistering): Port device team_slave_0 removed [ 74.096332][ T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 74.121489][ T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 74.324609][ T9] bond0 (unregistering): Released all slaves [ 74.391426][ T4367] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 74.400615][ T4367] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 74.409200][ T4367] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 74.421894][ T4367] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 74.479561][ T4367] 8021q: adding VLAN 0 to HW filter on device bond0 [ 74.496072][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 74.509571][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 74.519732][ T4367] 8021q: adding VLAN 0 to HW filter on device team0 [ 74.528908][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 74.538936][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 74.547685][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.554791][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.563268][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 74.586689][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 74.595613][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 74.605814][ T75] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.612874][ T75] bridge0: port 2(bridge_slave_1) entered forwarding state [ 74.620989][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 74.634654][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 74.645777][ T4369] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 74.657524][ T4369] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 74.667549][ T4369] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 74.684518][ T4369] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 74.693247][ T4369] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 74.704036][ T4369] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 74.712512][ T4369] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 74.725679][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 74.734661][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 74.749508][ T4367] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 74.946732][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 74.955336][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 74.968387][ T4367] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 74.987076][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 74.999245][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 75.030732][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 75.040213][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 75.056348][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 75.068346][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 75.079310][ T4367] device veth0_vlan entered promiscuous mode [ 75.090146][ T4367] device veth1_vlan entered promiscuous mode [ 75.106183][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 75.115198][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 75.123777][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 75.132291][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 75.142144][ T4367] device veth0_macvtap entered promiscuous mode [ 75.152122][ T4367] device veth1_macvtap entered promiscuous mode [ 75.166263][ T4367] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 75.173558][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 75.181932][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 75.189905][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 75.199106][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 75.210904][ T4367] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 75.218381][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 75.227006][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 75.237918][ T4367] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.246686][ T4367] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.255642][ T4367] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.264691][ T4367] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.309424][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.321069][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.336670][ T4369] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 75.358207][ T4369] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.366665][ T4369] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.375896][ T4369] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 75.428825][ T4429] loop0: detected capacity change from 0 to 512 [ 75.454270][ T4429] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 75.487631][ T4429] [ 75.489992][ T4429] ====================================================== [ 75.497079][ T4429] WARNING: possible circular locking dependency detected [ 75.504095][ T4429] syzkaller #0 Not tainted [ 75.508492][ T4429] ------------------------------------------------------ [ 75.515491][ T4429] syz.0.17/4429 is trying to acquire lock: [ 75.521281][ T4429] ffff888028ca6b98 (&sbi->s_writepages_rwsem){.+.+}-{0:0}, at: ext4_writepages+0x1c0/0x2e50 [ 75.531394][ T4429] [ 75.531394][ T4429] but task is already holding lock: [ 75.538743][ T4429] ffff88806ae34700 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3fe/0x770 [ 75.548828][ T4429] [ 75.548828][ T4429] which lock already depends on the new lock. [ 75.548828][ T4429] [ 75.559222][ T4429] [ 75.559222][ T4429] the existing dependency chain (in reverse order) is: [ 75.568320][ T4429] [ 75.568320][ T4429] -> #2 (&ei->xattr_sem){++++}-{3:3}: [ 75.575856][ T4429] down_read+0x42/0x2d0 [ 75.580521][ T4429] ext4_setattr+0x92a/0x19f0 [ 75.585614][ T4429] notify_change+0xc74/0xf40 [ 75.590722][ T4429] chown_common+0x486/0x620 [ 75.595730][ T4429] do_fchownat+0x164/0x270 [ 75.600655][ T4429] __x64_sys_chown+0x7e/0x90 [ 75.605746][ T4429] do_syscall_64+0x4c/0xa0 [ 75.610667][ T4429] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 75.618557][ T4429] [ 75.618557][ T4429] -> #1 (jbd2_handle){++++}-{0:0}: [ 75.626011][ T4429] start_this_handle+0x1f49/0x2150 [ 75.631647][ T4429] jbd2__journal_start+0x2b7/0x5a0 [ 75.637285][ T4429] __ext4_journal_start_sb+0x187/0x3d0 [ 75.643251][ T4429] ext4_writepages+0xde7/0x2e50 [ 75.648613][ T4429] do_writepages+0x3b7/0x610 [ 75.653707][ T4429] filemap_fdatawrite_wbc+0x11e/0x180 [ 75.659589][ T4429] file_write_and_wait_range+0x137/0x200 [ 75.665733][ T4429] ext4_sync_file+0x23b/0xca0 [ 75.670915][ T4429] __x64_sys_fsync+0x1a5/0x1e0 [ 75.676183][ T4429] do_syscall_64+0x4c/0xa0 [ 75.681112][ T4429] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 75.687511][ T4429] [ 75.687511][ T4429] -> #0 (&sbi->s_writepages_rwsem){.+.+}-{0:0}: [ 75.695918][ T4429] __lock_acquire+0x2cf8/0x7c50 [ 75.701301][ T4429] lock_acquire+0x1b4/0x490 [ 75.706307][ T4429] percpu_down_read+0x44/0x1a0 [ 75.711570][ T4429] ext4_writepages+0x1c0/0x2e50 [ 75.716921][ T4429] do_writepages+0x3b7/0x610 [ 75.722013][ T4429] __writeback_single_inode+0x156/0x1160 [ 75.728150][ T4429] writeback_single_inode+0x221/0x8b0 [ 75.734024][ T4429] write_inode_now+0x15d/0x1d0 [ 75.739292][ T4429] iput+0x613/0x980 [ 75.743600][ T4429] ext4_xattr_block_set+0x2736/0x32a0 [ 75.749496][ T4429] ext4_expand_extra_isize_ea+0x109b/0x19b0 [ 75.755928][ T4429] __ext4_expand_extra_isize+0x301/0x3e0 [ 75.762136][ T4429] __ext4_mark_inode_dirty+0x47f/0x770 [ 75.768113][ T4429] ext4_evict_inode+0xa73/0x1100 [ 75.773553][ T4429] evict+0x485/0x870 [ 75.777954][ T4429] ext4_orphan_cleanup+0xbd3/0x1400 [ 75.783655][ T4429] ext4_fill_super+0x7bdf/0x8150 [ 75.789094][ T4429] get_tree_bdev+0x3f1/0x610 [ 75.794202][ T4429] vfs_get_tree+0x88/0x270 [ 75.799140][ T4429] do_new_mount+0x24a/0xa40 [ 75.804142][ T4429] __se_sys_mount+0x2d6/0x3c0 [ 75.809317][ T4429] do_syscall_64+0x4c/0xa0 [ 75.814237][ T4429] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 75.820632][ T4429] [ 75.820632][ T4429] other info that might help us debug this: [ 75.820632][ T4429] [ 75.830837][ T4429] Chain exists of: [ 75.830837][ T4429] &sbi->s_writepages_rwsem --> jbd2_handle --> &ei->xattr_sem [ 75.830837][ T4429] [ 75.844219][ T4429] Possible unsafe locking scenario: [ 75.844219][ T4429] [ 75.851663][ T4429] CPU0 CPU1 [ 75.857016][ T4429] ---- ---- [ 75.862358][ T4429] lock(&ei->xattr_sem); [ 75.866665][ T4429] lock(jbd2_handle); [ 75.873232][ T4429] lock(&ei->xattr_sem); [ 75.880057][ T4429] lock(&sbi->s_writepages_rwsem); [ 75.885321][ T4429] [ 75.885321][ T4429] *** DEADLOCK *** [ 75.885321][ T4429] [ 75.893460][ T4429] 3 locks held by syz.0.17/4429: [ 75.898377][ T4429] #0: ffff888028ca40e0 (&type->s_umount_key#28/1){+.+.}-{3:3}, at: alloc_super+0x1fa/0x930 [ 75.908452][ T4429] #1: ffff888028ca4650 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x436/0x1100 [ 75.917912][ T4429] #2: ffff88806ae34700 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3fe/0x770 [ 75.928155][ T4429] [ 75.928155][ T4429] stack backtrace: [ 75.934030][ T4429] CPU: 1 PID: 4429 Comm: syz.0.17 Not tainted syzkaller #0 [ 75.941205][ T4429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 75.951254][ T4429] Call Trace: [ 75.954531][ T4429] [ 75.957448][ T4429] dump_stack_lvl+0x168/0x22e [ 75.962117][ T4429] ? load_image+0x3b0/0x3b0 [ 75.966611][ T4429] ? show_regs_print_info+0x12/0x12 [ 75.971814][ T4429] ? print_circular_bug+0x12b/0x1a0 [ 75.977004][ T4429] check_noncircular+0x274/0x310 [ 75.981933][ T4429] ? add_chain_block+0x940/0x940 [ 75.986862][ T4429] ? lockdep_lock+0xdc/0x1e0 [ 75.991441][ T4429] ? verify_lock_unused+0x140/0x140 [ 75.996627][ T4429] ? _find_first_zero_bit+0xcf/0x100 [ 76.001899][ T4429] __lock_acquire+0x2cf8/0x7c50 [ 76.006750][ T4429] ? verify_lock_unused+0x140/0x140 [ 76.011936][ T4429] ? mark_lock+0x94/0x320 [ 76.017037][ T4429] ? __lock_acquire+0x13c0/0x7c50 [ 76.022054][ T4429] lock_acquire+0x1b4/0x490 [ 76.026545][ T4429] ? ext4_writepages+0x1c0/0x2e50 [ 76.031558][ T4429] ? __might_sleep+0xd0/0xd0 [ 76.036141][ T4429] ? read_lock_is_recursive+0x10/0x10 [ 76.041503][ T4429] ? __lock_acquire+0x12e5/0x7c50 [ 76.046530][ T4429] ? mark_lock+0x94/0x320 [ 76.050896][ T4429] percpu_down_read+0x44/0x1a0 [ 76.055647][ T4429] ? ext4_writepages+0x1c0/0x2e50 [ 76.060659][ T4429] ext4_writepages+0x1c0/0x2e50 [ 76.065492][ T4429] ? __lock_acquire+0x13c0/0x7c50 [ 76.070597][ T4429] ? verify_lock_unused+0x140/0x140 [ 76.075797][ T4429] ? mark_lock+0x94/0x320 [ 76.080117][ T4429] ? ext4_read_folio+0x370/0x370 [ 76.085040][ T4429] ? __lock_acquire+0x13c0/0x7c50 [ 76.090058][ T4429] ? __lock_acquire+0x7c50/0x7c50 [ 76.095067][ T4429] ? do_raw_spin_lock+0x11d/0x280 [ 76.100084][ T4429] ? do_raw_spin_unlock+0x11d/0x230 [ 76.105275][ T4429] ? ext4_read_folio+0x370/0x370 [ 76.110202][ T4429] do_writepages+0x3b7/0x610 [ 76.114785][ T4429] ? __writepage+0x130/0x130 [ 76.119361][ T4429] ? writeback_single_inode+0x216/0x8b0 [ 76.124896][ T4429] ? __lock_acquire+0x7c50/0x7c50 [ 76.129910][ T4429] ? do_raw_spin_lock+0x11d/0x280 [ 76.134930][ T4429] ? __ext4_expand_extra_isize+0x301/0x3e0 [ 76.140723][ T4429] __writeback_single_inode+0x156/0x1160 [ 76.146354][ T4429] writeback_single_inode+0x221/0x8b0 [ 76.151719][ T4429] ? write_inode_now+0x1d0/0x1d0 [ 76.156647][ T4429] write_inode_now+0x15d/0x1d0 [ 76.161398][ T4429] ? bdi_split_work_to_wbs+0x890/0x890 [ 76.166849][ T4429] ? rcu_is_watching+0x11/0xa0 [ 76.171603][ T4429] ? do_raw_spin_unlock+0x11d/0x230 [ 76.176794][ T4429] iput+0x613/0x980 [ 76.180606][ T4429] ext4_xattr_block_set+0x2736/0x32a0 [ 76.185967][ T4429] ? __might_sleep+0xd0/0xd0 [ 76.190553][ T4429] ? xattr_find_entry+0x12b/0x2f0 [ 76.195654][ T4429] ? ext4_xattr_block_find+0x2b0/0x2b0 [ 76.201102][ T4429] ? ext4_xattr_block_find+0x241/0x2b0 [ 76.206549][ T4429] ext4_expand_extra_isize_ea+0x109b/0x19b0 [ 76.212437][ T4429] __ext4_expand_extra_isize+0x301/0x3e0 [ 76.218059][ T4429] __ext4_mark_inode_dirty+0x47f/0x770 [ 76.223512][ T4429] ext4_evict_inode+0xa73/0x1100 [ 76.228548][ T4429] ? _raw_spin_unlock+0x24/0x40 [ 76.233388][ T4429] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 76.239270][ T4429] ? do_raw_spin_unlock+0x11d/0x230 [ 76.244462][ T4429] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 76.250605][ T4429] evict+0x485/0x870 [ 76.254489][ T4429] ? __lock_acquire+0x7c50/0x7c50 [ 76.259510][ T4429] ? proc_nr_inodes+0x2f0/0x2f0 [ 76.264347][ T4429] ? do_raw_spin_unlock+0x11d/0x230 [ 76.269538][ T4429] ? _raw_spin_unlock+0x24/0x40 [ 76.274375][ T4429] ? iput+0x768/0x980 [ 76.278349][ T4429] ext4_orphan_cleanup+0xbd3/0x1400 [ 76.283540][ T4429] ? ext4_orphan_del+0xb90/0xb90 [ 76.288465][ T4429] ? errseq_check_and_advance+0x62/0x120 [ 76.294084][ T4429] ext4_fill_super+0x7bdf/0x8150 [ 76.299006][ T4429] ? bdev_name+0x2c1/0x3f0 [ 76.303414][ T4429] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 76.309640][ T4429] ? snprintf+0xd7/0x120 [ 76.313871][ T4429] ? preempt_count_add+0x8d/0x190 [ 76.318885][ T4429] ? vscnprintf+0x80/0x80 [ 76.323204][ T4429] ? set_blocksize+0x1d0/0x470 [ 76.327959][ T4429] ? sb_set_blocksize+0xa5/0xe0 [ 76.332803][ T4429] get_tree_bdev+0x3f1/0x610 [ 76.337380][ T4429] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 76.343611][ T4429] vfs_get_tree+0x88/0x270 [ 76.348013][ T4429] do_new_mount+0x24a/0xa40 [ 76.352501][ T4429] __se_sys_mount+0x2d6/0x3c0 [ 76.357162][ T4429] ? __x64_sys_mount+0xc0/0xc0 [ 76.361917][ T4429] ? lockdep_hardirqs_on+0x94/0x140 [ 76.367099][ T4429] ? __x64_sys_mount+0x1c/0xc0 [ 76.371847][ T4429] do_syscall_64+0x4c/0xa0 [ 76.376253][ T4429] ? clear_bhb_loop+0x60/0xb0 [ 76.380923][ T4429] ? clear_bhb_loop+0x60/0xb0 [ 76.385588][ T4429] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 76.391468][ T4429] RIP: 0033:0x7f5a90590eea [ 76.395879][ T4429] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 76.415555][ T4429] RSP: 002b:00007fff13e27058 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 76.423954][ T4429] RAX: ffffffffffffffda RBX: 00007fff13e270e0 RCX: 00007f5a90590eea [ 76.431909][ T4429] RDX: 0000200000000180 RSI: 0000200000000080 RDI: 00007fff13e270a0 [ 76.439866][ T4429] RBP: 0000200000000180 R08: 00007fff13e270e0 R09: 0000000000800700 [ 76.447825][ T4429] R10: 0000000000800700 R11: 0000000000000246 R12: 0000200000000080 [ 76.455779][ T4429] R13: 00007fff13e270a0 R14: 000000000000046f R15: 00002000000007c0 [ 76.463743][ T4429] [ 76.467982][ T14] cfg80211: failed to load regulatory.db [ 76.473879][ T4286] Bluetooth: hci0: command 0x040f tx timeout [ 76.497290][ T4429] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #11: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 76.525960][ T4429] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 11 err=-117 [ 76.538679][ T4429] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2819: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 76.552388][ T4429] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #11: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 76.589516][ T4429] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 11 err=-117 [ 76.614858][ T4429] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #18: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 76.634464][ T4429] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 18 err=-117 [ 76.653646][ T4429] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #18: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 76.667965][ T4429] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 18 err=-117 [ 76.680669][ T4429] EXT4-fs (loop0): 1 orphan inode deleted [ 76.686974][ T4429] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 76.717817][ T4367] EXT4-fs (loop0): unmounting filesystem.