Warning: Permanently added '10.128.1.77' (ED25519) to the list of known hosts. 1970/01/01 00:00:32 parsed 1 programs [ 33.099894][ T4327] cgroup: Unknown subsys name 'net' [ 33.330154][ T4327] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 33.595926][ T4327] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SSFS [ 38.773402][ T4348] chnl_net:caif_netlink_parms(): no params data found [ 38.789835][ T4348] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.791073][ T4348] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.792607][ T4348] device bridge_slave_0 entered promiscuous mode [ 38.794792][ T4348] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.796002][ T4348] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.797819][ T4348] device bridge_slave_1 entered promiscuous mode [ 38.805248][ T4348] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 38.807696][ T4348] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 38.816306][ T4348] team0: Port device team_slave_0 added [ 38.817968][ T4348] team0: Port device team_slave_1 added [ 38.824208][ T4348] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 38.825187][ T4348] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.829413][ T4348] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 38.832380][ T4348] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 38.833382][ T4348] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.837737][ T4348] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 38.908173][ T4348] device hsr_slave_0 entered promiscuous mode [ 38.967264][ T4348] device hsr_slave_1 entered promiscuous mode [ 39.050856][ T4348] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 39.069452][ T4348] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 39.120398][ T4348] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 39.169077][ T4348] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 39.216421][ T4348] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.217599][ T4348] bridge0: port 2(bridge_slave_1) entered forwarding state [ 39.218862][ T4348] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.219920][ T4348] bridge0: port 1(bridge_slave_0) entered forwarding state [ 39.237154][ T4348] 8021q: adding VLAN 0 to HW filter on device bond0 [ 39.240579][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 39.243069][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 39.244679][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.246451][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 39.251761][ T4348] 8021q: adding VLAN 0 to HW filter on device team0 [ 39.254916][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 39.256489][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.257605][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 39.289169][ T4348] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 39.290828][ T4348] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 39.293740][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 39.295265][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.296417][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 39.298479][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 39.300114][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 39.301569][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 39.303197][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 39.304943][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 39.306371][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 39.361870][ T4348] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 39.368968][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 39.370222][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 39.371506][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 39.376197][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 39.379034][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 39.380365][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 39.383099][ T4348] device veth0_vlan entered promiscuous mode [ 39.386779][ T4348] device veth1_vlan entered promiscuous mode [ 39.393337][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 39.394897][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 39.396430][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 39.400118][ T4348] device veth0_macvtap entered promiscuous mode [ 39.402361][ T4348] device veth1_macvtap entered promiscuous mode [ 39.408646][ T4348] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 39.409871][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 39.411734][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 39.414784][ T4348] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 39.416093][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 39.418817][ T4348] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.420327][ T4348] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.421669][ T4348] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.423079][ T4348] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.563009][ T4380] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 39.564455][ T4380] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 39.565735][ T4380] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 39.568440][ T4380] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 39.569719][ T4380] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 39.570899][ T4380] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 39.712789][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.714033][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.715680][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 39.726278][ T1663] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.727799][ T1663] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.731447][ T1663] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 40.620897][ T529] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 1970/01/01 00:00:40 executed programs: 0 [ 40.781813][ T47] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 40.783459][ T47] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 40.784813][ T47] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 40.786497][ T47] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 40.788217][ T47] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 40.789485][ T47] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 40.839971][ T4422] chnl_net:caif_netlink_parms(): no params data found [ 40.855287][ T4422] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.856542][ T4422] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.858096][ T4422] device bridge_slave_0 entered promiscuous mode [ 40.859943][ T4422] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.861101][ T4422] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.862619][ T4422] device bridge_slave_1 entered promiscuous mode [ 40.869928][ T4422] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 40.872319][ T4422] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 40.879454][ T4422] team0: Port device team_slave_0 added [ 40.881585][ T4422] team0: Port device team_slave_1 added [ 40.887394][ T4422] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 40.888531][ T4422] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 40.892713][ T4422] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 40.894892][ T4422] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 40.895870][ T4422] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 40.899986][ T4422] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 40.958075][ T4422] device hsr_slave_0 entered promiscuous mode [ 40.997226][ T4422] device hsr_slave_1 entered promiscuous mode [ 41.047122][ T4422] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 41.048310][ T4422] Cannot create hsr debugfs directory [ 42.627832][ T529] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 42.817312][ T4380] Bluetooth: hci0: command 0x0409 tx timeout [ 44.907327][ T4380] Bluetooth: hci0: command 0x041b tx timeout [ 44.958463][ T529] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 45.038857][ T529] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 46.201862][ T4422] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 46.309565][ T4422] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 46.358279][ T4422] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 46.448896][ T4422] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 46.557437][ T4422] 8021q: adding VLAN 0 to HW filter on device bond0 [ 46.561256][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 46.562763][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 46.565234][ T4422] 8021q: adding VLAN 0 to HW filter on device team0 [ 46.609849][ T1663] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 46.611556][ T1663] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 46.613043][ T1663] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.614201][ T1663] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.616202][ T1663] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 46.619852][ T1663] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 46.621452][ T1663] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 46.623218][ T1663] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.624397][ T1663] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.626756][ T1663] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 46.629614][ T1663] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 46.632170][ T1663] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 46.633935][ T1663] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 46.635475][ T1663] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 46.638112][ T1663] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 46.640069][ T1663] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 46.642990][ T1663] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 46.644720][ T1663] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 46.710004][ T4422] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 46.712046][ T4422] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 46.713401][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 46.715033][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 46.792558][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 46.794004][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 46.796981][ T4422] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 46.802677][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 46.804371][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 46.809706][ T1663] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 46.811156][ T1663] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 46.812761][ T1663] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 46.814389][ T1663] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 46.816530][ T4422] device veth0_vlan entered promiscuous mode [ 46.850880][ T4422] device veth1_vlan entered promiscuous mode [ 46.858055][ T1663] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 46.859556][ T1663] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 46.861046][ T1663] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 46.862555][ T1663] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 46.864949][ T4422] device veth0_macvtap entered promiscuous mode [ 46.867396][ T4422] device veth1_macvtap entered promiscuous mode [ 46.871605][ T4422] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 46.873230][ T4422] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.875161][ T4422] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 46.876433][ T1663] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 46.878142][ T1663] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 46.879546][ T1663] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 46.881007][ T1663] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 46.884229][ T4422] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 46.885895][ T4422] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.888844][ T4422] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 46.890438][ T1663] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 46.892042][ T1663] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 46.894439][ T4422] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.895807][ T4422] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.897212][ T4422] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.898649][ T4422] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.922383][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 46.923557][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 46.924615][ T1663] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 46.925132][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 46.926005][ T1663] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 46.987081][ T4380] Bluetooth: hci0: command 0x040f tx timeout [ 47.222181][ T1663] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 47.279842][ T4521] loop0: detected capacity change from 0 to 512 [ 47.290954][ T4521] [ 47.291402][ T4521] ====================================================== [ 47.292575][ T4521] WARNING: possible circular locking dependency detected [ 47.293754][ T4521] syzkaller #0 Not tainted [ 47.294456][ T4521] ------------------------------------------------------ [ 47.295534][ T4521] syz.0.17/4521 is trying to acquire lock: [ 47.296423][ T4521] ffff0000c39a0b98 (&sbi->s_writepages_rwsem){.+.+}-{0:0}, at: ext4_writepages+0x188/0x284c [ 47.297909][ T4521] [ 47.297909][ T4521] but task is already holding lock: [ 47.299017][ T4521] ffff0000e9ca32f0 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x37c/0x790 [ 47.300596][ T4521] [ 47.300596][ T4521] which lock already depends on the new lock. [ 47.300596][ T4521] [ 47.302210][ T4521] [ 47.302210][ T4521] the existing dependency chain (in reverse order) is: [ 47.303487][ T4521] [ 47.303487][ T4521] -> #2 (&ei->xattr_sem){++++}-{3:3}: [ 47.304640][ T4521] down_read+0x64/0x304 [ 47.305265][ T4521] ext4_setattr+0x7c4/0x150c [ 47.306006][ T4521] notify_change+0xb0c/0xdcc [ 47.306847][ T4521] chown_common+0x414/0x574 [ 47.307631][ T4521] do_fchownat+0x158/0x268 [ 47.308375][ T4521] __arm64_sys_fchownat+0xb8/0xd4 [ 47.309098][ T4521] invoke_syscall+0x98/0x2bc [ 47.309877][ T4521] el0_svc_common+0x138/0x258 [ 47.310708][ T4521] do_el0_svc+0x58/0x13c [ 47.311487][ T4521] el0_svc+0x58/0x138 [ 47.312152][ T4521] el0t_64_sync_handler+0x84/0xf0 [ 47.312796][ T4521] el0t_64_sync+0x18c/0x190 [ 47.313416][ T4521] [ 47.313416][ T4521] -> #1 (jbd2_handle){++++}-{0:0}: [ 47.314354][ T4521] start_this_handle+0xfe0/0x122c [ 47.315095][ T4521] jbd2__journal_start+0x288/0x51c [ 47.316035][ T4521] __ext4_journal_start_sb+0x2fc/0x674 [ 47.316984][ T4521] ext4_writepages+0xa28/0x284c [ 47.317842][ T4521] do_writepages+0x2c0/0x4fc [ 47.318714][ T4521] __writeback_single_inode+0x164/0x157c [ 47.319752][ T4521] writeback_sb_inodes+0x824/0x1404 [ 47.320637][ T4521] __writeback_inodes_wb+0x110/0x394 [ 47.321486][ T4521] wb_writeback+0x414/0xfb0 [ 47.322233][ T4521] wb_workfn+0xac0/0xd98 [ 47.322973][ T4521] process_one_work+0x7f4/0x13a8 [ 47.323780][ T4521] worker_thread+0x8c8/0xfbc [ 47.324603][ T4521] kthread+0x250/0x2d8 [ 47.325327][ T4521] ret_from_fork+0x10/0x20 [ 47.326159][ T4521] [ 47.326159][ T4521] -> #0 (&sbi->s_writepages_rwsem){.+.+}-{0:0}: [ 47.327430][ T4521] __lock_acquire+0x293c/0x6544 [ 47.328226][ T4521] lock_acquire+0x20c/0x644 [ 47.329012][ T4521] percpu_down_read+0x70/0x2a8 [ 47.329987][ T4521] ext4_writepages+0x188/0x284c [ 47.330913][ T4521] do_writepages+0x2c0/0x4fc [ 47.331716][ T4521] __writeback_single_inode+0x164/0x157c [ 47.332700][ T4521] writeback_single_inode+0x1c0/0x720 [ 47.333533][ T4521] write_inode_now+0x144/0x1b0 [ 47.334361][ T4521] iput+0x5cc/0x7f4 [ 47.335022][ T4521] ext4_xattr_block_set+0x17a4/0x2810 [ 47.335952][ T4521] ext4_expand_extra_isize_ea+0xcb8/0x15cc [ 47.337028][ T4521] __ext4_expand_extra_isize+0x298/0x358 [ 47.337934][ T4521] __ext4_mark_inode_dirty+0x3e4/0x790 [ 47.338891][ T4521] ext4_evict_inode+0xb58/0x1270 [ 47.339678][ T4521] evict+0x3c8/0x810 [ 47.340279][ T4521] iput+0x764/0x7f4 [ 47.340900][ T4521] ext4_process_orphan+0x240/0x2b4 [ 47.341775][ T4521] ext4_orphan_cleanup+0x908/0x104c [ 47.342645][ T4521] ext4_fill_super+0x6440/0x68a8 [ 47.343456][ T4521] get_tree_bdev+0x358/0x544 [ 47.344350][ T4521] ext4_get_tree+0x28/0x38 [ 47.345161][ T4521] vfs_get_tree+0x90/0x274 [ 47.345921][ T4521] do_new_mount+0x228/0x810 [ 47.346753][ T4521] path_mount+0x5b4/0xe78 [ 47.347501][ T4521] __arm64_sys_mount+0x49c/0x584 [ 47.348352][ T4521] invoke_syscall+0x98/0x2bc [ 47.349118][ T4521] el0_svc_common+0x138/0x258 [ 47.349951][ T4521] do_el0_svc+0x58/0x13c [ 47.350729][ T4521] el0_svc+0x58/0x138 [ 47.351421][ T4521] el0t_64_sync_handler+0x84/0xf0 [ 47.352379][ T4521] el0t_64_sync+0x18c/0x190 [ 47.353202][ T4521] [ 47.353202][ T4521] other info that might help us debug this: [ 47.353202][ T4521] [ 47.354780][ T4521] Chain exists of: [ 47.354780][ T4521] &sbi->s_writepages_rwsem --> jbd2_handle --> &ei->xattr_sem [ 47.354780][ T4521] [ 47.356750][ T4521] Possible unsafe locking scenario: [ 47.356750][ T4521] [ 47.357908][ T4521] CPU0 CPU1 [ 47.358715][ T4521] ---- ---- [ 47.359530][ T4521] lock(&ei->xattr_sem); [ 47.360232][ T4521] lock(jbd2_handle); [ 47.361192][ T4521] lock(&ei->xattr_sem); [ 47.362344][ T4521] lock(&sbi->s_writepages_rwsem); [ 47.363108][ T4521] [ 47.363108][ T4521] *** DEADLOCK *** [ 47.363108][ T4521] [ 47.364697][ T4521] 3 locks held by syz.0.17/4521: [ 47.365531][ T4521] #0: ffff0000d080e0e0 (&type->s_umount_key#26/1){+.+.}-{3:3}, at: alloc_super+0x1a4/0x804 [ 47.367219][ T4521] #1: ffff0000d080e650 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x3dc/0x1270 [ 47.368854][ T4521] #2: ffff0000e9ca32f0 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x37c/0x790 [ 47.370590][ T4521] [ 47.370590][ T4521] stack backtrace: [ 47.371586][ T4521] CPU: 0 PID: 4521 Comm: syz.0.17 Not tainted syzkaller #0 [ 47.372804][ T4521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 47.374394][ T4521] Call trace: [ 47.374875][ T4521] dump_backtrace+0x1c8/0x1f4 [ 47.375634][ T4521] show_stack+0x2c/0x3c [ 47.376267][ T4521] __dump_stack+0x30/0x40 [ 47.376905][ T4521] dump_stack_lvl+0xf8/0x160 [ 47.377535][ T4521] dump_stack+0x1c/0x5c [ 47.378222][ T4521] print_circular_bug+0x148/0x1b0 [ 47.379015][ T4521] check_noncircular+0x240/0x2d4 [ 47.379805][ T4521] __lock_acquire+0x293c/0x6544 [ 47.380519][ T4521] lock_acquire+0x20c/0x644 [ 47.381212][ T4521] percpu_down_read+0x70/0x2a8 [ 47.381963][ T4521] ext4_writepages+0x188/0x284c [ 47.382665][ T4521] do_writepages+0x2c0/0x4fc [ 47.383326][ T4521] __writeback_single_inode+0x164/0x157c [ 47.384168][ T4521] writeback_single_inode+0x1c0/0x720 [ 47.384964][ T4521] write_inode_now+0x144/0x1b0 [ 47.385676][ T4521] iput+0x5cc/0x7f4 [ 47.386299][ T4521] ext4_xattr_block_set+0x17a4/0x2810 [ 47.387126][ T4521] ext4_expand_extra_isize_ea+0xcb8/0x15cc [ 47.388046][ T4521] __ext4_expand_extra_isize+0x298/0x358 [ 47.388889][ T4521] __ext4_mark_inode_dirty+0x3e4/0x790 [ 47.389669][ T4521] ext4_evict_inode+0xb58/0x1270 [ 47.390412][ T4521] evict+0x3c8/0x810 [ 47.391078][ T4521] iput+0x764/0x7f4 [ 47.391626][ T4521] ext4_process_orphan+0x240/0x2b4 [ 47.392392][ T4521] ext4_orphan_cleanup+0x908/0x104c [ 47.393174][ T4521] ext4_fill_super+0x6440/0x68a8 [ 47.393910][ T4521] get_tree_bdev+0x358/0x544 [ 47.394573][ T4521] ext4_get_tree+0x28/0x38 [ 47.395301][ T4521] vfs_get_tree+0x90/0x274 [ 47.395992][ T4521] do_new_mount+0x228/0x810 [ 47.396653][ T4521] path_mount+0x5b4/0xe78 [ 47.397347][ T4521] __arm64_sys_mount+0x49c/0x584 [ 47.398052][ T4521] invoke_syscall+0x98/0x2bc [ 47.398754][ T4521] el0_svc_common+0x138/0x258 [ 47.399468][ T4521] do_el0_svc+0x58/0x13c [ 47.400079][ T4521] el0_svc+0x58/0x138 [ 47.400715][ T4521] el0t_64_sync_handler+0x84/0xf0 [ 47.401483][ T4521] el0t_64_sync+0x18c/0x190 [ 47.403747][ T4521] ------------[ cut here ]------------ [ 47.404493][ T4521] EA inode 11 i_nlink=2 [ 47.404567][ T4521] WARNING: CPU: 0 PID: 4521 at fs/ext4/xattr.c:1022 ext4_xattr_inode_update_ref+0x42c/0x470 [ 47.406774][ T4521] Modules linked in: [ 47.407381][ T4521] CPU: 0 PID: 4521 Comm: syz.0.17 Not tainted syzkaller #0 [ 47.408587][ T4521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 47.410125][ T4521] pstate: 62400005 (nZCv daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 47.411456][ T4521] pc : ext4_xattr_inode_update_ref+0x42c/0x470 [ 47.412424][ T4521] lr : ext4_xattr_inode_update_ref+0x42c/0x470 [ 47.413416][ T4521] sp : ffff800020e86e00 [ 47.414072][ T4521] x29: ffff800020e86ea0 x28: 0000000000000000 x27: dfff800000000000 [ 47.415329][ T4521] x26: 1fffe0001d394a9d x25: ffff7000041d0dc4 x24: 0000000000000000 [ 47.416631][ T4521] x23: ffff800017a8a000 x22: ffff0000e9ca5330 x21: 0000000000000002 [ 47.417862][ T4521] x20: 0000000000000001 x19: ffff0000e9ca52f0 x18: ffff800011abbcc0 [ 47.419140][ T4521] x17: 0000000000000000 x16: ffff800008042d90 x15: 0000000000000000 [ 47.420398][ T4521] x14: 00000000ffffffff x13: 0000000000000001 x12: 0000000000ff0100 [ 47.421595][ T4521] x11: ff00800008191ca8 x10: 0000000000000000 x9 : 19481f31fdfb5600 [ 47.422843][ T4521] x8 : 19481f31fdfb5600 x7 : 0000000000000001 x6 : 0000000000000001 [ 47.424057][ T4521] x5 : ffff800020e86898 x4 : ffff8000151a4920 x3 : ffff800008311fcc [ 47.425325][ T4521] x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000000 [ 47.426544][ T4521] Call trace: [ 47.427080][ T4521] ext4_xattr_inode_update_ref+0x42c/0x470 [ 47.428004][ T4521] ext4_xattr_set_entry+0x918/0x15ac [ 47.428834][ T4521] ext4_xattr_ibody_set+0x204/0x600 [ 47.429599][ T4521] ext4_expand_extra_isize_ea+0xd00/0x15cc [ 47.430458][ T4521] __ext4_expand_extra_isize+0x298/0x358 [ 47.431301][ T4521] __ext4_mark_inode_dirty+0x3e4/0x790 [ 47.432116][ T4521] ext4_evict_inode+0xb58/0x1270 [ 47.432801][ T4521] evict+0x3c8/0x810 [ 47.433386][ T4521] iput+0x764/0x7f4 [ 47.434011][ T4521] ext4_process_orphan+0x240/0x2b4 [ 47.434790][ T4521] ext4_orphan_cleanup+0x908/0x104c [ 47.435604][ T4521] ext4_fill_super+0x6440/0x68a8 [ 47.436354][ T4521] get_tree_bdev+0x358/0x544 [ 47.437033][ T4521] ext4_get_tree+0x28/0x38 [ 47.437730][ T4521] vfs_get_tree+0x90/0x274 [ 47.438501][ T4521] do_new_mount+0x228/0x810 [ 47.439258][ T4521] path_mount+0x5b4/0xe78 [ 47.439908][ T4521] __arm64_sys_mount+0x49c/0x584 [ 47.440734][ T4521] invoke_syscall+0x98/0x2bc [ 47.441475][ T4521] el0_svc_common+0x138/0x258 [ 47.442182][ T4521] do_el0_svc+0x58/0x13c [ 47.442862][ T4521] el0_svc+0x58/0x138 [ 47.443472][ T4521] el0t_64_sync_handler+0x84/0xf0 [ 47.444220][ T4521] el0t_64_sync+0x18c/0x190 [ 47.445016][ T4521] irq event stamp: 4223 [ 47.445646][ T4521] hardirqs last enabled at (4223): [] _raw_spin_unlock_irqrestore+0x48/0xac [ 47.447254][ T4521] hardirqs last disabled at (4222): [] _raw_spin_lock_irqsave+0xa4/0xb4 [ 47.448755][ T4521] softirqs last enabled at (3494): [] handle_softirqs+0xaf8/0xc6c [ 47.450192][ T4521] softirqs last disabled at (3479): [] __do_softirq+0x14/0x20 [ 47.451530][ T4521] ---[ end trace 0000000000000000 ]--- [ 47.452754][ T4521] EXT4-fs (loop0): 1 orphan inode deleted [ 47.453608][ T4521] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 47.459660][ T4422] EXT4-fs (loop0): unmounting filesystem.