Warning: Permanently added '10.128.0.227' (ED25519) to the list of known hosts.
2025/12/15 14:08:08 parsed 1 programs
syzkaller login: [ 84.577840][ T5772] cgroup: Unknown subsys name 'net'
[ 84.723216][ T5772] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 86.545990][ T5772] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 88.334885][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 88.343227][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 88.371110][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 88.379388][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 90.890034][ T5824] chnl_net:caif_netlink_parms(): no params data found
[ 90.968469][ T5824] bridge0: port 1(bridge_slave_0) entered blocking state
[ 90.977171][ T5824] bridge0: port 1(bridge_slave_0) entered disabled state
[ 90.984386][ T5824] bridge_slave_0: entered allmulticast mode
[ 90.994832][ T5824] bridge_slave_0: entered promiscuous mode
[ 91.009063][ T5824] bridge0: port 2(bridge_slave_1) entered blocking state
[ 91.016639][ T5824] bridge0: port 2(bridge_slave_1) entered disabled state
[ 91.023805][ T5824] bridge_slave_1: entered allmulticast mode
[ 91.031088][ T5824] bridge_slave_1: entered promiscuous mode
[ 91.070795][ T5824] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 91.084067][ T5824] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 91.120030][ T5824] team0: Port device team_slave_0 added
[ 91.135759][ T5824] team0: Port device team_slave_1 added
[ 91.164265][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 91.171773][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 91.199960][ T5824] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 91.217807][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 91.224783][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 91.252056][ T5824] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 91.303092][ T5824] hsr_slave_0: entered promiscuous mode
[ 91.310274][ T5824] hsr_slave_1: entered promiscuous mode
[ 91.486675][ T5824] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 91.499358][ T5824] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 91.510074][ T5824] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 91.521835][ T5824] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 91.558725][ T5824] bridge0: port 2(bridge_slave_1) entered blocking state
[ 91.566062][ T5824] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 91.574031][ T5824] bridge0: port 1(bridge_slave_0) entered blocking state
[ 91.581691][ T5824] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 91.661188][ T5824] 8021q: adding VLAN 0 to HW filter on device bond0
[ 91.681628][ T11] bridge0: port 1(bridge_slave_0) entered disabled state
[ 91.691440][ T11] bridge0: port 2(bridge_slave_1) entered disabled state
[ 91.713882][ T5824] 8021q: adding VLAN 0 to HW filter on device team0
[ 91.729270][ T11] bridge0: port 1(bridge_slave_0) entered blocking state
[ 91.736528][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 91.751989][ T49] bridge0: port 2(bridge_slave_1) entered blocking state
[ 91.759248][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 91.971153][ T5824] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 91.997871][ T27] cfg80211: failed to load regulatory.db
[ 92.037885][ T5824] veth0_vlan: entered promiscuous mode
[ 92.056371][ T5824] veth1_vlan: entered promiscuous mode
[ 92.087151][ T5824] veth0_macvtap: entered promiscuous mode
[ 92.098658][ T5824] veth1_macvtap: entered promiscuous mode
[ 92.121455][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 92.141683][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 92.157658][ T5824] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 92.167013][ T5824] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 92.176702][ T5824] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 92.185474][ T5824] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 92.362312][ T11] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 93.354563][ T5871] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 93.371311][ T5871] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 93.379236][ T5871] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 93.390013][ T5871] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 93.397848][ T5871] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 93.406335][ T5871] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
2025/12/15 14:08:20 executed programs: 0
[ 94.194551][ T5082] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 94.202625][ T5082] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 94.212562][ T5082] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 94.220879][ T5082] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 94.229016][ T5082] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 94.236594][ T5082] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 94.404368][ T5881] chnl_net:caif_netlink_parms(): no params data found
[ 94.473223][ T5881] bridge0: port 1(bridge_slave_0) entered blocking state
[ 94.481557][ T5881] bridge0: port 1(bridge_slave_0) entered disabled state
[ 94.488989][ T5881] bridge_slave_0: entered allmulticast mode
[ 94.496071][ T5881] bridge_slave_0: entered promiscuous mode
[ 94.505140][ T5881] bridge0: port 2(bridge_slave_1) entered blocking state
[ 94.512314][ T5881] bridge0: port 2(bridge_slave_1) entered disabled state
[ 94.521063][ T5881] bridge_slave_1: entered allmulticast mode
[ 94.528249][ T5881] bridge_slave_1: entered promiscuous mode
[ 94.560983][ T5881] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 94.573080][ T5881] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 94.608213][ T5881] team0: Port device team_slave_0 added
[ 94.617522][ T5881] team0: Port device team_slave_1 added
[ 94.646241][ T5881] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 94.653321][ T5881] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 94.679452][ T5881] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 94.691641][ T5881] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 94.699349][ T5881] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 94.725582][ T5881] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 94.778536][ T11] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 94.798318][ T5881] hsr_slave_0: entered promiscuous mode
[ 94.804694][ T5881] hsr_slave_1: entered promiscuous mode
[ 94.811925][ T5881] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 94.820093][ T5881] Cannot create hsr debugfs directory
[ 96.316356][ T5082] Bluetooth: hci0: command tx timeout
[ 97.357759][ T11] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 97.451616][ T11] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 98.344689][ T11] hsr_slave_0: left promiscuous mode
[ 98.354709][ T11] hsr_slave_1: left promiscuous mode
[ 98.361571][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 98.381321][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 98.392772][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 98.401611][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 98.408237][ T5082] Bluetooth: hci0: command tx timeout
[ 98.416140][ T11] bridge_slave_1: left allmulticast mode
[ 98.421897][ T11] bridge_slave_1: left promiscuous mode
[ 98.431100][ T11] bridge0: port 2(bridge_slave_1) entered disabled state
[ 98.444413][ T11] bridge_slave_0: left allmulticast mode
[ 98.454141][ T11] bridge_slave_0: left promiscuous mode
[ 98.460404][ T11] bridge0: port 1(bridge_slave_0) entered disabled state
[ 98.497542][ T11] veth1_macvtap: left promiscuous mode
[ 98.503550][ T11] veth0_macvtap: left promiscuous mode
[ 98.512110][ T11] veth1_vlan: left promiscuous mode
[ 98.519406][ T11] veth0_vlan: left promiscuous mode
[ 98.963054][ T11] team0 (unregistering): Port device team_slave_1 removed
[ 98.999602][ T11] team0 (unregistering): Port device team_slave_0 removed
[ 99.033176][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 99.068697][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 99.386231][ T11] bond0 (unregistering): Released all slaves
[ 99.500060][ T5881] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 99.519814][ T5881] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 99.534274][ T5881] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 99.560566][ T5881] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 99.664306][ T5881] 8021q: adding VLAN 0 to HW filter on device bond0
[ 99.694806][ T5881] 8021q: adding VLAN 0 to HW filter on device team0
[ 99.707645][ T49] bridge0: port 1(bridge_slave_0) entered blocking state
[ 99.714927][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 99.732461][ T40] bridge0: port 2(bridge_slave_1) entered blocking state
[ 99.739669][ T40] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 100.003949][ T5881] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 100.077506][ T5881] veth0_vlan: entered promiscuous mode
[ 100.101160][ T5881] veth1_vlan: entered promiscuous mode
[ 100.129520][ T5881] veth0_macvtap: entered promiscuous mode
[ 100.139353][ T5881] veth1_macvtap: entered promiscuous mode
[ 100.159133][ T5881] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 100.176966][ T5881] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 100.190652][ T5881] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 100.199841][ T5881] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 100.208855][ T5881] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 100.217702][ T5881] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 100.303225][ T1296] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 100.311634][ T1296] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 100.372681][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 100.381715][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 100.470101][ T5928] syz.0.17[5928]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[ 100.479586][ T5082] Bluetooth: hci0: command tx timeout
[ 100.499548][ T5928] loop0: detected capacity change from 0 to 512
[ 100.554937][ T5928]
[ 100.557342][ T5928] ======================================================
[ 100.564399][ T5928] WARNING: possible circular locking dependency detected
[ 100.571455][ T5928] syzkaller #0 Not tainted
[ 100.575903][ T5928] ------------------------------------------------------
[ 100.582944][ T5928] syz.0.17/5928 is trying to acquire lock:
[ 100.588776][ T5928] ffff88801f290bd8 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_writepages+0x170/0x2f0
[ 100.598942][ T5928]
[ 100.598942][ T5928] but task is already holding lock:
[ 100.606318][ T5928] ffff888060c350c8 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3dc/0x6e0
[ 100.616179][ T5928]
[ 100.616179][ T5928] which lock already depends on the new lock.
[ 100.616179][ T5928]
[ 100.626586][ T5928]
[ 100.626586][ T5928] the existing dependency chain (in reverse order) is:
[ 100.635604][ T5928]
[ 100.635604][ T5928] -> #2 (&ei->xattr_sem){++++}-{3:3}:
[ 100.643173][ T5928] down_read+0x46/0x2e0
[ 100.647913][ T5928] ext4_setattr+0x86b/0x1c90
[ 100.653051][ T5928] notify_change+0xb0d/0xe10
[ 100.658170][ T5928] chown_common+0x3f9/0x5a0
[ 100.663210][ T5928] do_fchownat+0x168/0x270
[ 100.668156][ T5928] __x64_sys_chown+0x82/0x90
[ 100.673283][ T5928] do_syscall_64+0x55/0xb0
[ 100.678233][ T5928] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 100.684659][ T5928]
[ 100.684659][ T5928] -> #1 (jbd2_handle){++++}-{0:0}:
[ 100.691984][ T5928] start_this_handle+0x1e9d/0x20c0
[ 100.697641][ T5928] jbd2__journal_start+0x2bb/0x5b0
[ 100.703311][ T5928] __ext4_journal_start_sb+0x203/0x570
[ 100.709313][ T5928] ext4_do_writepages+0xf92/0x38d0
[ 100.714956][ T5928] ext4_writepages+0x1a8/0x2f0
[ 100.720263][ T5928] do_writepages+0x3a2/0x600
[ 100.725395][ T5928] __writeback_single_inode+0x153/0xee0
[ 100.731477][ T5928] writeback_sb_inodes+0x77c/0xef0
[ 100.737126][ T5928] __writeback_inodes_wb+0x111/0x240
[ 100.742944][ T5928] wb_writeback+0x464/0xba0
[ 100.747978][ T5928] wb_workfn+0xb32/0xe20
[ 100.752753][ T5928] process_scheduled_works+0xa45/0x15b0
[ 100.758829][ T5928] worker_thread+0xa55/0xfc0
[ 100.763948][ T5928] kthread+0x2fa/0x390
[ 100.768546][ T5928] ret_from_fork+0x48/0x80
[ 100.773489][ T5928] ret_from_fork_asm+0x11/0x20
[ 100.778787][ T5928]
[ 100.778787][ T5928] -> #0 (&sbi->s_writepages_rwsem){++++}-{0:0}:
[ 100.787224][ T5928] __lock_acquire+0x2ddb/0x7c80
[ 100.792602][ T5928] lock_acquire+0x197/0x410
[ 100.797651][ T5928] percpu_down_read+0x44/0x1a0
[ 100.802949][ T5928] ext4_writepages+0x170/0x2f0
[ 100.808267][ T5928] do_writepages+0x3a2/0x600
[ 100.813406][ T5928] __writeback_single_inode+0x153/0xee0
[ 100.819479][ T5928] writeback_single_inode+0x211/0x720
[ 100.825378][ T5928] write_inode_now+0x161/0x1e0
[ 100.830671][ T5928] iput+0x5b2/0x920
[ 100.835002][ T5928] ext4_xattr_block_set+0x273a/0x32a0
[ 100.840909][ T5928] ext4_expand_extra_isize_ea+0x10ea/0x19e0
[ 100.847339][ T5928] __ext4_expand_extra_isize+0x306/0x400
[ 100.853504][ T5928] __ext4_mark_inode_dirty+0x45d/0x6e0
[ 100.859619][ T5928] ext4_evict_inode+0x7ed/0xea0
[ 100.864999][ T5928] evict+0x486/0x870
[ 100.869424][ T5928] ext4_orphan_cleanup+0xbd4/0x1400
[ 100.875161][ T5928] ext4_fill_super+0x5de4/0x66c0
[ 100.880636][ T5928] get_tree_bdev+0x3e4/0x510
[ 100.885764][ T5928] vfs_get_tree+0x8c/0x280
[ 100.890729][ T5928] do_new_mount+0x24b/0xa40
[ 100.895772][ T5928] __se_sys_mount+0x2da/0x3c0
[ 100.900986][ T5928] do_syscall_64+0x55/0xb0
[ 100.905951][ T5928] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 100.912384][ T5928]
[ 100.912384][ T5928] other info that might help us debug this:
[ 100.912384][ T5928]
[ 100.922611][ T5928] Chain exists of:
[ 100.922611][ T5928] &sbi->s_writepages_rwsem --> jbd2_handle --> &ei->xattr_sem
[ 100.922611][ T5928]
[ 100.936180][ T5928] Possible unsafe locking scenario:
[ 100.936180][ T5928]
[ 100.943629][ T5928] CPU0 CPU1
[ 100.948993][ T5928] ---- ----
[ 100.954358][ T5928] lock(&ei->xattr_sem);
[ 100.958696][ T5928] lock(jbd2_handle);
[ 100.965294][ T5928] lock(&ei->xattr_sem);
[ 100.972158][ T5928] rlock(&sbi->s_writepages_rwsem);
[ 100.977449][ T5928]
[ 100.977449][ T5928] *** DEADLOCK ***
[ 100.977449][ T5928]
[ 100.985679][ T5928] 3 locks held by syz.0.17/5928:
[ 100.990620][ T5928] #0: ffff88802160e0e0 (&type->s_umount_key#31){++++}-{3:3}, at: get_tree_bdev+0x344/0x510
[ 101.000733][ T5928] #1: ffff88802160e608 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x2b9/0xea0
[ 101.010144][ T5928] #2: ffff888060c350c8 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3dc/0x6e0
[ 101.020419][ T5928]
[ 101.020419][ T5928] stack backtrace:
[ 101.026321][ T5928] CPU: 0 PID: 5928 Comm: syz.0.17 Not tainted syzkaller #0
[ 101.033519][ T5928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 101.043599][ T5928] Call Trace:
[ 101.046886][ T5928]
[ 101.049835][ T5928] dump_stack_lvl+0x16c/0x230
[ 101.054536][ T5928] ? load_image+0x3b0/0x3b0
[ 101.059060][ T5928] ? show_regs_print_info+0x20/0x20
[ 101.064297][ T5928] ? print_circular_bug+0x12b/0x1a0
[ 101.069512][ T5928] check_noncircular+0x2bd/0x3c0
[ 101.074458][ T5928] ? look_up_lock_class+0x75/0x140
[ 101.079582][ T5928] ? print_deadlock_bug+0x5d0/0x5d0
[ 101.084807][ T5928] ? lockdep_lock+0xe0/0x220
[ 101.089413][ T5928] ? _find_first_zero_bit+0xd3/0x100
[ 101.094716][ T5928] __lock_acquire+0x2ddb/0x7c80
[ 101.099584][ T5928] ? mark_lock+0x94/0x320
[ 101.103920][ T5928] ? verify_lock_unused+0x140/0x140
[ 101.109126][ T5928] ? __lock_acquire+0x1334/0x7c80
[ 101.114184][ T5928] lock_acquire+0x197/0x410
[ 101.118697][ T5928] ? ext4_writepages+0x170/0x2f0
[ 101.123653][ T5928] ? __might_sleep+0xe0/0xe0
[ 101.128249][ T5928] ? mark_lock+0x94/0x320
[ 101.132584][ T5928] ? read_lock_is_recursive+0x20/0x20
[ 101.137969][ T5928] ? __lock_acquire+0x1334/0x7c80
[ 101.143010][ T5928] percpu_down_read+0x44/0x1a0
[ 101.147794][ T5928] ? ext4_writepages+0x170/0x2f0
[ 101.152747][ T5928] ext4_writepages+0x170/0x2f0
[ 101.157529][ T5928] ? ext4_read_folio+0x2f0/0x2f0
[ 101.162490][ T5928] ? __rwlock_init+0x150/0x150
[ 101.167273][ T5928] ? do_raw_spin_unlock+0x121/0x230
[ 101.172487][ T5928] ? ext4_read_folio+0x2f0/0x2f0
[ 101.177441][ T5928] do_writepages+0x3a2/0x600
[ 101.182061][ T5928] ? folio_clear_dirty_for_io+0xc30/0xc30
[ 101.187796][ T5928] ? writeback_single_inode+0x206/0x720
[ 101.193354][ T5928] ? __lock_acquire+0x7c80/0x7c80
[ 101.198475][ T5928] ? do_raw_spin_lock+0x121/0x2c0
[ 101.203603][ T5928] __writeback_single_inode+0x153/0xee0
[ 101.209170][ T5928] writeback_single_inode+0x211/0x720
[ 101.214555][ T5928] ? blk_free_queue_rcu+0x40/0x40
[ 101.219588][ T5928] ? write_inode_now+0x1e0/0x1e0
[ 101.224578][ T5928] write_inode_now+0x161/0x1e0
[ 101.229483][ T5928] ? bdi_split_work_to_wbs+0x890/0x890
[ 101.234979][ T5928] ? do_raw_spin_unlock+0x121/0x230
[ 101.240211][ T5928] iput+0x5b2/0x920
[ 101.244066][ T5928] ext4_xattr_block_set+0x273a/0x32a0
[ 101.249457][ T5928] ? __might_sleep+0xe0/0xe0
[ 101.254098][ T5928] ? xattr_find_entry+0x12b/0x2f0
[ 101.259177][ T5928] ? ext4_xattr_block_find+0x350/0x350
[ 101.264658][ T5928] ? ext4_xattr_block_find+0x2d4/0x350
[ 101.270141][ T5928] ext4_expand_extra_isize_ea+0x10ea/0x19e0
[ 101.276073][ T5928] __ext4_expand_extra_isize+0x306/0x400
[ 101.281737][ T5928] __ext4_mark_inode_dirty+0x45d/0x6e0
[ 101.287308][ T5928] ext4_evict_inode+0x7ed/0xea0
[ 101.292173][ T5928] ? _raw_spin_unlock+0x28/0x40
[ 101.297052][ T5928] ? ext4_inode_is_fast_symlink+0x390/0x390
[ 101.302958][ T5928] ? do_raw_spin_unlock+0x121/0x230
[ 101.308183][ T5928] ? ext4_inode_is_fast_symlink+0x390/0x390
[ 101.314089][ T5928] evict+0x486/0x870
[ 101.317995][ T5928] ? __lock_acquire+0x7c80/0x7c80
[ 101.323046][ T5928] ? proc_nr_inodes+0x230/0x230
[ 101.327905][ T5928] ? do_raw_spin_unlock+0x121/0x230
[ 101.333139][ T5928] ? _raw_spin_unlock+0x28/0x40
[ 101.338028][ T5928] ? iput+0x70a/0x920
[ 101.342025][ T5928] ext4_orphan_cleanup+0xbd4/0x1400
[ 101.347251][ T5928] ? ext4_orphan_del+0xba0/0xba0
[ 101.352213][ T5928] ? ext4_register_li_request+0x183/0x940
[ 101.357956][ T5928] ? errseq_check_and_advance+0x66/0x120
[ 101.363601][ T5928] ext4_fill_super+0x5de4/0x66c0
[ 101.368562][ T5928] ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[ 101.374809][ T5928] ? __might_sleep+0xe0/0xe0
[ 101.379407][ T5928] ? read_lock_is_recursive+0x20/0x20
[ 101.384784][ T5928] ? snprintf+0xdb/0x120
[ 101.389049][ T5928] ? vscnprintf+0x80/0x80
[ 101.393393][ T5928] ? down_write+0x162/0x1f0
[ 101.397914][ T5928] ? down_read_killable+0x340/0x340
[ 101.403124][ T5928] ? setup_bdev_super+0x56b/0x660
[ 101.408159][ T5928] get_tree_bdev+0x3e4/0x510
[ 101.412783][ T5928] ? vfs_parse_fs_string+0x160/0x160
[ 101.418081][ T5928] ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[ 101.424331][ T5928] ? setup_bdev_super+0x660/0x660
[ 101.429360][ T5928] ? apparmor_capable+0x137/0x1a0
[ 101.434389][ T5928] ? bpf_lsm_capable+0x9/0x10
[ 101.439097][ T5928] ? security_capable+0x89/0xb0
[ 101.443963][ T5928] vfs_get_tree+0x8c/0x280
[ 101.448396][ T5928] do_new_mount+0x24b/0xa40
[ 101.452912][ T5928] __se_sys_mount+0x2da/0x3c0
[ 101.457602][ T5928] ? __x64_sys_mount+0xc0/0xc0
[ 101.462374][ T5928] ? lockdep_hardirqs_on+0x98/0x150
[ 101.467584][ T5928] ? __x64_sys_mount+0x20/0xc0
[ 101.472355][ T5928] do_syscall_64+0x55/0xb0
[ 101.476780][ T5928] ? clear_bhb_loop+0x40/0x90
[ 101.481469][ T5928] ? clear_bhb_loop+0x40/0x90
[ 101.486160][ T5928] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 101.492065][ T5928] RIP: 0033:0x7f3d64f90eea
[ 101.496500][ T5928] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 101.516122][ T5928] RSP: 002b:00007fffd973d1c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 101.524577][ T5928] RAX: ffffffffffffffda RBX: 00007fffd973d250 RCX: 00007f3d64f90eea
[ 101.532560][ T5928] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007fffd973d210
[ 101.540539][ T5928] RBP: 0000200000000180 R08: 00007fffd973d250 R09: 0000000000800718
[ 101.548521][ T5928] R10: 0000000000800718 R11: 0000000000000246 R12: 00002000000001c0
[ 101.556500][ T5928] R13: 00007fffd973d210 R14: 000000000000046f R15: 0000200000000480
[ 101.564485][ T5928]
[ 101.576473][ T5928] ------------[ cut here ]------------
[ 101.581987][ T5928] EA inode 11 i_nlink=2
[ 101.582344][ T5928] WARNING: CPU: 0 PID: 5928 at fs/ext4/xattr.c:1075 ext4_xattr_inode_update_ref+0x4fb/0x550
[ 101.597752][ T5928] Modules linked in:
[ 101.601679][ T5928] CPU: 0 PID: 5928 Comm: syz.0.17 Not tainted syzkaller #0
[ 101.609421][ T5928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 101.619838][ T5928] RIP: 0010:ext4_xattr_inode_update_ref+0x4fb/0x550
[ 101.626950][ T5928] Code: 8d 7e 50 4c 89 f8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ff e8 06 2c 9a ff 49 8b 37 48 c7 c7 a0 c6 be 8a 89 da e8 35 3a 0d ff <0f> 0b 4c 8b 74 24 08 4c 8b 7c 24 10 e9 b9 fe ff ff e8 7f a3 24 08
[ 101.646927][ T5928] RSP: 0018:ffffc900032a71c0 EFLAGS: 00010246
[ 101.653015][ T5928] RAX: 6ac0ea673a395e00 RBX: 0000000000000002 RCX: ffff888024673c00
[ 101.661152][ T5928] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002
[ 101.669234][ T5928] RBP: ffffc900032a72b8 R08: ffffc900032a6dc7 R09: 1ffff92000654db8
[ 101.677292][ T5928] R10: dffffc0000000000 R11: fffff52000654db9 R12: dffffc0000000000
[ 101.685364][ T5928] R13: ffff888060c35ea8 R14: ffff888060c35cb0 R15: ffff888060c35d00
[ 101.693360][ T5928] FS: 0000555576238500(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[ 101.702350][ T5928] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 101.709012][ T5928] CR2: 00007f9527064000 CR3: 0000000075891000 CR4: 00000000003506f0
[ 101.717061][ T5928] Call Trace:
[ 101.720376][ T5928]
[ 101.723765][ T5928] ? ext4_xattr_list_entries+0x3d0/0x3d0
[ 101.729470][ T5928] ? ext4_xattr_inode_iget+0x3df/0x600
[ 101.735024][ T5928] ext4_xattr_set_entry+0xcda/0x1e90
[ 101.740370][ T5928] ext4_xattr_ibody_set+0x254/0x6a0
[ 101.745625][ T5928] ext4_expand_extra_isize_ea+0x113a/0x19e0
[ 101.751607][ T5928] __ext4_expand_extra_isize+0x306/0x400
[ 101.757309][ T5928] __ext4_mark_inode_dirty+0x45d/0x6e0
[ 101.762798][ T5928] ext4_evict_inode+0x7ed/0xea0
[ 101.767713][ T5928] ? _raw_spin_unlock+0x28/0x40
[ 101.772605][ T5928] ? ext4_inode_is_fast_symlink+0x390/0x390
[ 101.778563][ T5928] ? do_raw_spin_unlock+0x121/0x230
[ 101.783795][ T5928] ? ext4_inode_is_fast_symlink+0x390/0x390
[ 101.789756][ T5928] evict+0x486/0x870
[ 101.793690][ T5928] ? __lock_acquire+0x7c80/0x7c80
[ 101.798788][ T5928] ? proc_nr_inodes+0x230/0x230
[ 101.803670][ T5928] ? do_raw_spin_unlock+0x121/0x230
[ 101.808932][ T5928] ? _raw_spin_unlock+0x28/0x40
[ 101.813819][ T5928] ? iput+0x70a/0x920
[ 101.817853][ T5928] ext4_orphan_cleanup+0xbd4/0x1400
[ 101.823095][ T5928] ? ext4_orphan_del+0xba0/0xba0
[ 101.828100][ T5928] ? ext4_register_li_request+0x183/0x940
[ 101.833864][ T5928] ? errseq_check_and_advance+0x66/0x120
[ 101.839546][ T5928] ext4_fill_super+0x5de4/0x66c0
[ 101.844524][ T5928] ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[ 101.850838][ T5928] ? __might_sleep+0xe0/0xe0
[ 101.855498][ T5928] ? read_lock_is_recursive+0x20/0x20
[ 101.860882][ T5928] ? snprintf+0xdb/0x120
[ 101.865188][ T5928] ? vscnprintf+0x80/0x80
[ 101.869546][ T5928] ? down_write+0x162/0x1f0
[ 101.874054][ T5928] ? down_read_killable+0x340/0x340
[ 101.879380][ T5928] ? setup_bdev_super+0x56b/0x660
[ 101.884432][ T5928] get_tree_bdev+0x3e4/0x510
[ 101.889091][ T5928] ? vfs_parse_fs_string+0x160/0x160
[ 101.894418][ T5928] ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[ 101.900738][ T5928] ? setup_bdev_super+0x660/0x660
[ 101.905961][ T5928] ? apparmor_capable+0x137/0x1a0
[ 101.911038][ T5928] ? bpf_lsm_capable+0x9/0x10
[ 101.915806][ T5928] ? security_capable+0x89/0xb0
[ 101.920723][ T5928] vfs_get_tree+0x8c/0x280
[ 101.925188][ T5928] do_new_mount+0x24b/0xa40
[ 101.929714][ T5928] __se_sys_mount+0x2da/0x3c0
[ 101.934413][ T5928] ? __x64_sys_mount+0xc0/0xc0
[ 101.939227][ T5928] ? lockdep_hardirqs_on+0x98/0x150
[ 101.944458][ T5928] ? __x64_sys_mount+0x20/0xc0
[ 101.949284][ T5928] do_syscall_64+0x55/0xb0
[ 101.953729][ T5928] ? clear_bhb_loop+0x40/0x90
[ 101.958464][ T5928] ? clear_bhb_loop+0x40/0x90
[ 101.963171][ T5928] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 101.969129][ T5928] RIP: 0033:0x7f3d64f90eea
[ 101.973570][ T5928] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 101.993305][ T5928] RSP: 002b:00007fffd973d1c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 102.001774][ T5928] RAX: ffffffffffffffda RBX: 00007fffd973d250 RCX: 00007f3d64f90eea
[ 102.009859][ T5928] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007fffd973d210
[ 102.017889][ T5928] RBP: 0000200000000180 R08: 00007fffd973d250 R09: 0000000000800718
[ 102.026003][ T5928] R10: 0000000000800718 R11: 0000000000000246 R12: 00002000000001c0
[ 102.033994][ T5928] R13: 00007fffd973d210 R14: 000000000000046f R15: 0000200000000480
[ 102.042025][ T5928]
[ 102.045100][ T5928] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 102.052384][ T5928] CPU: 0 PID: 5928 Comm: syz.0.17 Not tainted syzkaller #0
[ 102.059599][ T5928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 102.069662][ T5928] Call Trace:
[ 102.072963][ T5928]
[ 102.075909][ T5928] dump_stack_lvl+0x16c/0x230
[ 102.080640][ T5928] ? show_regs_print_info+0x20/0x20
[ 102.085872][ T5928] ? load_image+0x3b0/0x3b0
[ 102.090404][ T5928] panic+0x2c0/0x710
[ 102.094317][ T5928] ? bpf_jit_dump+0xd0/0xd0
[ 102.098843][ T5928] __warn+0x2e0/0x470
[ 102.102843][ T5928] ? ext4_xattr_inode_update_ref+0x4fb/0x550
[ 102.108840][ T5928] ? ext4_xattr_inode_update_ref+0x4fb/0x550
[ 102.114836][ T5928] report_bug+0x2be/0x4f0
[ 102.119186][ T5928] ? ext4_xattr_inode_update_ref+0x4fb/0x550
[ 102.125190][ T5928] ? ext4_xattr_inode_update_ref+0x4fb/0x550
[ 102.131191][ T5928] ? ext4_xattr_inode_update_ref+0x4fd/0x550
[ 102.137193][ T5928] handle_bug+0xcf/0x120
[ 102.141449][ T5928] exc_invalid_op+0x1a/0x50
[ 102.145964][ T5928] asm_exc_invalid_op+0x1a/0x20
[ 102.150826][ T5928] RIP: 0010:ext4_xattr_inode_update_ref+0x4fb/0x550
[ 102.157434][ T5928] Code: 8d 7e 50 4c 89 f8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ff e8 06 2c 9a ff 49 8b 37 48 c7 c7 a0 c6 be 8a 89 da e8 35 3a 0d ff <0f> 0b 4c 8b 74 24 08 4c 8b 7c 24 10 e9 b9 fe ff ff e8 7f a3 24 08
[ 102.177048][ T5928] RSP: 0018:ffffc900032a71c0 EFLAGS: 00010246
[ 102.183129][ T5928] RAX: 6ac0ea673a395e00 RBX: 0000000000000002 RCX: ffff888024673c00
[ 102.191124][ T5928] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002
[ 102.199108][ T5928] RBP: ffffc900032a72b8 R08: ffffc900032a6dc7 R09: 1ffff92000654db8
[ 102.207089][ T5928] R10: dffffc0000000000 R11: fffff52000654db9 R12: dffffc0000000000
[ 102.215164][ T5928] R13: ffff888060c35ea8 R14: ffff888060c35cb0 R15: ffff888060c35d00
[ 102.223177][ T5928] ? ext4_xattr_list_entries+0x3d0/0x3d0
[ 102.228830][ T5928] ? ext4_xattr_inode_iget+0x3df/0x600
[ 102.234305][ T5928] ext4_xattr_set_entry+0xcda/0x1e90
[ 102.239614][ T5928] ext4_xattr_ibody_set+0x254/0x6a0
[ 102.244833][ T5928] ext4_expand_extra_isize_ea+0x113a/0x19e0
[ 102.250861][ T5928] __ext4_expand_extra_isize+0x306/0x400
[ 102.256519][ T5928] __ext4_mark_inode_dirty+0x45d/0x6e0
[ 102.261994][ T5928] ext4_evict_inode+0x7ed/0xea0
[ 102.266853][ T5928] ? _raw_spin_unlock+0x28/0x40
[ 102.271718][ T5928] ? ext4_inode_is_fast_symlink+0x390/0x390
[ 102.277627][ T5928] ? do_raw_spin_unlock+0x121/0x230
[ 102.282836][ T5928] ? ext4_inode_is_fast_symlink+0x390/0x390
[ 102.288752][ T5928] evict+0x486/0x870
[ 102.292670][ T5928] ? __lock_acquire+0x7c80/0x7c80
[ 102.297705][ T5928] ? proc_nr_inodes+0x230/0x230
[ 102.302603][ T5928] ? do_raw_spin_unlock+0x121/0x230
[ 102.307817][ T5928] ? _raw_spin_unlock+0x28/0x40
[ 102.312677][ T5928] ? iput+0x70a/0x920
[ 102.316670][ T5928] ext4_orphan_cleanup+0xbd4/0x1400
[ 102.321892][ T5928] ? ext4_orphan_del+0xba0/0xba0
[ 102.326852][ T5928] ? ext4_register_li_request+0x183/0x940
[ 102.332594][ T5928] ? errseq_check_and_advance+0x66/0x120
[ 102.338241][ T5928] ext4_fill_super+0x5de4/0x66c0
[ 102.343196][ T5928] ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[ 102.349445][ T5928] ? __might_sleep+0xe0/0xe0
[ 102.354044][ T5928] ? read_lock_is_recursive+0x20/0x20
[ 102.359420][ T5928] ? snprintf+0xdb/0x120
[ 102.363676][ T5928] ? vscnprintf+0x80/0x80
[ 102.368018][ T5928] ? down_write+0x162/0x1f0
[ 102.372526][ T5928] ? down_read_killable+0x340/0x340
[ 102.377729][ T5928] ? setup_bdev_super+0x56b/0x660
[ 102.382759][ T5928] get_tree_bdev+0x3e4/0x510
[ 102.387359][ T5928] ? vfs_parse_fs_string+0x160/0x160
[ 102.392663][ T5928] ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[ 102.398921][ T5928] ? setup_bdev_super+0x660/0x660
[ 102.403951][ T5928] ? apparmor_capable+0x137/0x1a0
[ 102.408983][ T5928] ? bpf_lsm_capable+0x9/0x10
[ 102.413674][ T5928] ? security_capable+0x89/0xb0
[ 102.418540][ T5928] vfs_get_tree+0x8c/0x280
[ 102.422966][ T5928] do_new_mount+0x24b/0xa40
[ 102.427480][ T5928] __se_sys_mount+0x2da/0x3c0
[ 102.432168][ T5928] ? __x64_sys_mount+0xc0/0xc0
[ 102.436940][ T5928] ? lockdep_hardirqs_on+0x98/0x150
[ 102.442149][ T5928] ? __x64_sys_mount+0x20/0xc0
[ 102.446929][ T5928] do_syscall_64+0x55/0xb0
[ 102.451350][ T5928] ? clear_bhb_loop+0x40/0x90
[ 102.456036][ T5928] ? clear_bhb_loop+0x40/0x90
[ 102.460739][ T5928] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 102.466638][ T5928] RIP: 0033:0x7f3d64f90eea
[ 102.471063][ T5928] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 102.490682][ T5928] RSP: 002b:00007fffd973d1c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 102.499105][ T5928] RAX: ffffffffffffffda RBX: 00007fffd973d250 RCX: 00007f3d64f90eea
[ 102.507086][ T5928] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007fffd973d210
[ 102.515061][ T5928] RBP: 0000200000000180 R08: 00007fffd973d250 R09: 0000000000800718
[ 102.523070][ T5928] R10: 0000000000800718 R11: 0000000000000246 R12: 00002000000001c0
[ 102.531062][ T5928] R13: 00007fffd973d210 R14: 000000000000046f R15: 0000200000000480
[ 102.539146][ T5928]
[ 102.542506][ T5928] Kernel Offset: disabled
[ 102.546842][ T5928] Rebooting in 86400 seconds..