Warning: Permanently added '10.128.0.82' (ED25519) to the list of known hosts. 2026/01/11 13:04:29 parsed 1 programs [ 57.955067][ T4270] cgroup: Unknown subsys name 'net' [ 58.086932][ T4270] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 59.344528][ T4270] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS [ 61.013852][ T4295] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 61.021606][ T4295] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 61.029877][ T4295] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 61.038971][ T4295] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 61.047151][ T4295] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 61.055034][ T4295] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 61.250389][ T1237] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.265585][ T1237] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.274980][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 61.286251][ T1237] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.294418][ T1237] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.304568][ T1237] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 62.749243][ T4345] chnl_net:caif_netlink_parms(): no params data found [ 62.801991][ T4345] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.810079][ T4345] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.818962][ T4345] device bridge_slave_0 entered promiscuous mode [ 62.837311][ T4345] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.844521][ T4345] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.852254][ T4345] device bridge_slave_1 entered promiscuous mode [ 62.881759][ T4345] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 62.892443][ T4345] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 62.914762][ T4345] team0: Port device team_slave_0 added [ 62.921849][ T4345] team0: Port device team_slave_1 added [ 62.944863][ T4345] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 62.951799][ T4345] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.978175][ T4345] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 62.990425][ T4345] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 62.997426][ T4345] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 63.023478][ T4345] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 63.060862][ T4345] device hsr_slave_0 entered promiscuous mode [ 63.068068][ T4345] device hsr_slave_1 entered promiscuous mode [ 63.170323][ T4345] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 63.180011][ T4345] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 63.189265][ T4345] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 63.201007][ T4345] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 63.229422][ T4345] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.236701][ T4345] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.244492][ T4345] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.251560][ T4345] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.273511][ T1237] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.284147][ T1237] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.338320][ T4345] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.350478][ T1237] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 63.359119][ T1237] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 63.379392][ T4345] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.410665][ T1237] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 63.419266][ T1237] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 63.428840][ T1237] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.435972][ T1237] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.473708][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 63.485332][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 63.494283][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.501387][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.510186][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 63.519680][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 63.528621][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 63.537254][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 63.546331][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 63.558281][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 63.567283][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 63.583404][ T4345] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 63.594307][ T4345] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 63.606611][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 63.614930][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 63.624052][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 63.632691][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 63.641760][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 63.838009][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 63.847125][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 63.860820][ T4345] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.876952][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 63.885591][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 63.904988][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 63.913698][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 63.921921][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 63.930645][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 63.940161][ T4345] device veth0_vlan entered promiscuous mode [ 63.954632][ T4345] device veth1_vlan entered promiscuous mode [ 63.970416][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 63.979174][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 63.987540][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 63.996162][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 64.010561][ T4345] device veth0_macvtap entered promiscuous mode [ 64.019389][ T4345] device veth1_macvtap entered promiscuous mode [ 64.034077][ T4345] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 64.041513][ T1237] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 64.049987][ T1237] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 64.058073][ T1237] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 64.067722][ T1237] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 64.078610][ T4345] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 64.089926][ T1237] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 64.098603][ T1237] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 64.109896][ T4345] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.118874][ T4345] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.128520][ T4345] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.137433][ T4345] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 2026/01/11 13:04:37 executed programs: 0 [ 64.553141][ T9] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.589507][ T4297] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 64.597762][ T4297] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 64.606339][ T4297] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 64.614633][ T4297] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 64.622091][ T4297] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 64.629317][ T4297] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 64.740025][ T4373] chnl_net:caif_netlink_parms(): no params data found [ 64.778325][ T4373] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.785711][ T4373] bridge0: port 1(bridge_slave_0) entered disabled state [ 64.793974][ T4373] device bridge_slave_0 entered promiscuous mode [ 64.802907][ T4373] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.810773][ T4373] bridge0: port 2(bridge_slave_1) entered disabled state [ 64.819191][ T4373] device bridge_slave_1 entered promiscuous mode [ 64.838017][ T4373] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 64.849261][ T4373] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 64.871363][ T4373] team0: Port device team_slave_0 added [ 64.881800][ T4373] team0: Port device team_slave_1 added [ 64.898872][ T4373] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 64.906006][ T4373] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 64.932438][ T4373] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 64.944124][ T4373] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 64.951065][ T4373] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 64.977411][ T4373] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 65.011270][ T4373] device hsr_slave_0 entered promiscuous mode [ 65.017955][ T4373] device hsr_slave_1 entered promiscuous mode [ 65.024693][ T4373] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 65.032817][ T4373] Cannot create hsr debugfs directory [ 66.631659][ T9] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.712752][ T4297] Bluetooth: hci0: command 0x0409 tx timeout [ 68.792944][ T4297] Bluetooth: hci0: command 0x041b tx timeout [ 68.901317][ T9] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.963143][ T9] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 69.841532][ T4373] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 69.851855][ T4373] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 69.864473][ T9] device hsr_slave_0 left promiscuous mode [ 69.870748][ T9] device hsr_slave_1 left promiscuous mode [ 69.877494][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 69.885035][ T9] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 69.893254][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 69.900645][ T9] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 69.908817][ T9] device bridge_slave_1 left promiscuous mode [ 69.915769][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.926191][ T9] device bridge_slave_0 left promiscuous mode [ 69.932374][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.951827][ T9] device veth1_macvtap left promiscuous mode [ 69.958127][ T9] device veth0_macvtap left promiscuous mode [ 69.964309][ T9] device veth1_vlan left promiscuous mode [ 69.970151][ T9] device veth0_vlan left promiscuous mode [ 70.224617][ T9] team0 (unregistering): Port device team_slave_1 removed [ 70.249717][ T9] team0 (unregistering): Port device team_slave_0 removed [ 70.275747][ T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 70.300402][ T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 70.511090][ T9] bond0 (unregistering): Released all slaves [ 70.591176][ T4373] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 70.601150][ T4373] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 70.648284][ T4373] 8021q: adding VLAN 0 to HW filter on device bond0 [ 70.664974][ T1237] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 70.677775][ T1237] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 70.688532][ T4373] 8021q: adding VLAN 0 to HW filter on device team0 [ 70.698041][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 70.709048][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 70.718111][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.725315][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 70.736441][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 70.744857][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 70.753871][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 70.762462][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.769555][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 70.785437][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 70.804696][ T1237] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 70.815680][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 70.824872][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 70.835319][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 70.858259][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 70.866963][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 70.875472][ T4297] Bluetooth: hci0: command 0x040f tx timeout [ 70.878047][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 70.891260][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 70.901962][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 70.910389][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 70.921869][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 71.090222][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 71.098166][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 71.114753][ T4373] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 71.133141][ T1237] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 71.141742][ T1237] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 71.158226][ T1237] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 71.167606][ T1237] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 71.176401][ T1237] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 71.184276][ T1237] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 71.194932][ T1275] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.196582][ T4373] device veth0_vlan entered promiscuous mode [ 71.201476][ T1275] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.219088][ T4373] device veth1_vlan entered promiscuous mode [ 71.235212][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 71.243659][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 71.251724][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 71.261030][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 71.270941][ T4373] device veth0_macvtap entered promiscuous mode [ 71.280085][ T4373] device veth1_macvtap entered promiscuous mode [ 71.297411][ T4373] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 71.304810][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 71.312947][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 71.321088][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 71.330383][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 71.342871][ T4373] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 71.350415][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 71.359601][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 71.374291][ T4373] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.383812][ T4373] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.392863][ T4373] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.401571][ T4373] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.450457][ T1237] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.465075][ T1237] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.479062][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.484809][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 71.488943][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.506046][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 71.546356][ T4426] loop0: detected capacity change from 0 to 512 [ 71.574423][ T4426] [ 71.576784][ T4426] ====================================================== [ 71.583799][ T4426] WARNING: possible circular locking dependency detected [ 71.591711][ T4426] syzkaller #0 Not tainted [ 71.596127][ T4426] ------------------------------------------------------ [ 71.603157][ T4426] syz.0.17/4426 is trying to acquire lock: [ 71.608954][ T4426] ffff8880799a4b98 (&sbi->s_writepages_rwsem){.+.+}-{0:0}, at: ext4_writepages+0x1c0/0x2e50 [ 71.619034][ T4426] [ 71.619034][ T4426] but task is already holding lock: [ 71.626383][ T4426] ffff88806bcc5b10 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3fe/0x770 [ 71.636215][ T4426] [ 71.636215][ T4426] which lock already depends on the new lock. [ 71.636215][ T4426] [ 71.646660][ T4426] [ 71.646660][ T4426] the existing dependency chain (in reverse order) is: [ 71.655757][ T4426] [ 71.655757][ T4426] -> #2 (&ei->xattr_sem){++++}-{3:3}: [ 71.663301][ T4426] down_read+0x42/0x2d0 [ 71.667975][ T4426] ext4_setattr+0x92a/0x19f0 [ 71.673075][ T4426] notify_change+0xc74/0xf40 [ 71.678201][ T4426] chown_common+0x486/0x620 [ 71.683224][ T4426] do_fchownat+0x164/0x270 [ 71.688342][ T4426] __x64_sys_chown+0x7e/0x90 [ 71.693459][ T4426] do_syscall_64+0x4c/0xa0 [ 71.698395][ T4426] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 71.704798][ T4426] [ 71.704798][ T4426] -> #1 (jbd2_handle){++++}-{0:0}: [ 71.712085][ T4426] start_this_handle+0x1f49/0x2150 [ 71.717715][ T4426] jbd2__journal_start+0x2b7/0x5a0 [ 71.723341][ T4426] __ext4_journal_start_sb+0x187/0x3d0 [ 71.729322][ T4426] ext4_writepages+0xde7/0x2e50 [ 71.734695][ T4426] do_writepages+0x3b7/0x610 [ 71.739799][ T4426] filemap_fdatawrite_wbc+0x11e/0x180 [ 71.745682][ T4426] file_write_and_wait_range+0x137/0x200 [ 71.751838][ T4426] ext4_sync_file+0x23b/0xca0 [ 71.757030][ T4426] __x64_sys_fsync+0x1a5/0x1e0 [ 71.762312][ T4426] do_syscall_64+0x4c/0xa0 [ 71.767243][ T4426] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 71.773650][ T4426] [ 71.773650][ T4426] -> #0 (&sbi->s_writepages_rwsem){.+.+}-{0:0}: [ 71.782089][ T4426] __lock_acquire+0x2cf8/0x7c50 [ 71.787450][ T4426] lock_acquire+0x1b4/0x490 [ 71.792501][ T4426] percpu_down_read+0x44/0x1a0 [ 71.797772][ T4426] ext4_writepages+0x1c0/0x2e50 [ 71.803129][ T4426] do_writepages+0x3b7/0x610 [ 71.808225][ T4426] __writeback_single_inode+0x156/0x1160 [ 71.814366][ T4426] writeback_single_inode+0x221/0x8b0 [ 71.820251][ T4426] write_inode_now+0x15d/0x1d0 [ 71.825524][ T4426] iput+0x613/0x980 [ 71.829882][ T4426] ext4_xattr_block_set+0x2736/0x32a0 [ 71.835765][ T4426] ext4_expand_extra_isize_ea+0x109b/0x19b0 [ 71.842167][ T4426] __ext4_expand_extra_isize+0x301/0x3e0 [ 71.848316][ T4426] __ext4_mark_inode_dirty+0x47f/0x770 [ 71.854298][ T4426] ext4_evict_inode+0xa73/0x1100 [ 71.859746][ T4426] evict+0x485/0x870 [ 71.864237][ T4426] ext4_orphan_cleanup+0xbd3/0x1400 [ 71.869950][ T4426] ext4_fill_super+0x7bdf/0x8150 [ 71.875398][ T4426] get_tree_bdev+0x3f1/0x610 [ 71.880491][ T4426] vfs_get_tree+0x88/0x270 [ 71.885413][ T4426] do_new_mount+0x24a/0xa40 [ 71.890494][ T4426] __se_sys_mount+0x2d6/0x3c0 [ 71.895677][ T4426] do_syscall_64+0x4c/0xa0 [ 71.900602][ T4426] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 71.907000][ T4426] [ 71.907000][ T4426] other info that might help us debug this: [ 71.907000][ T4426] [ 71.917209][ T4426] Chain exists of: [ 71.917209][ T4426] &sbi->s_writepages_rwsem --> jbd2_handle --> &ei->xattr_sem [ 71.917209][ T4426] [ 71.930580][ T4426] Possible unsafe locking scenario: [ 71.930580][ T4426] [ 71.938023][ T4426] CPU0 CPU1 [ 71.943367][ T4426] ---- ---- [ 71.948719][ T4426] lock(&ei->xattr_sem); [ 71.953031][ T4426] lock(jbd2_handle); [ 71.959600][ T4426] lock(&ei->xattr_sem); [ 71.966432][ T4426] lock(&sbi->s_writepages_rwsem); [ 71.971612][ T4426] [ 71.971612][ T4426] *** DEADLOCK *** [ 71.971612][ T4426] [ 71.979748][ T4426] 3 locks held by syz.0.17/4426: [ 71.984663][ T4426] #0: ffff8880799a20e0 (&type->s_umount_key#27/1){+.+.}-{3:3}, at: alloc_super+0x1fa/0x930 [ 71.994748][ T4426] #1: ffff8880799a2650 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x436/0x1100 [ 72.004219][ T4426] #2: ffff88806bcc5b10 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3fe/0x770 [ 72.014470][ T4426] [ 72.014470][ T4426] stack backtrace: [ 72.020355][ T4426] CPU: 0 PID: 4426 Comm: syz.0.17 Not tainted syzkaller #0 [ 72.027540][ T4426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 72.037694][ T4426] Call Trace: [ 72.040977][ T4426] [ 72.043904][ T4426] dump_stack_lvl+0x168/0x22e [ 72.048577][ T4426] ? load_image+0x3b0/0x3b0 [ 72.053073][ T4426] ? show_regs_print_info+0x12/0x12 [ 72.058272][ T4426] ? print_circular_bug+0x12b/0x1a0 [ 72.063469][ T4426] check_noncircular+0x274/0x310 [ 72.068421][ T4426] ? add_chain_block+0x940/0x940 [ 72.073448][ T4426] ? lockdep_lock+0xdc/0x1e0 [ 72.078122][ T4426] ? _find_first_zero_bit+0xcf/0x100 [ 72.083398][ T4426] __lock_acquire+0x2cf8/0x7c50 [ 72.088239][ T4426] ? mark_lock+0x94/0x320 [ 72.092825][ T4426] ? mark_lock+0x94/0x320 [ 72.097234][ T4426] ? verify_lock_unused+0x140/0x140 [ 72.102433][ T4426] ? mark_lock+0x94/0x320 [ 72.106755][ T4426] ? __lock_acquire+0x13c0/0x7c50 [ 72.111768][ T4426] lock_acquire+0x1b4/0x490 [ 72.116261][ T4426] ? ext4_writepages+0x1c0/0x2e50 [ 72.121268][ T4426] ? __might_sleep+0xd0/0xd0 [ 72.125847][ T4426] ? read_lock_is_recursive+0x10/0x10 [ 72.131206][ T4426] ? __lock_acquire+0x12e5/0x7c50 [ 72.136228][ T4426] ? mark_lock+0x94/0x320 [ 72.140550][ T4426] percpu_down_read+0x44/0x1a0 [ 72.145298][ T4426] ? ext4_writepages+0x1c0/0x2e50 [ 72.150306][ T4426] ext4_writepages+0x1c0/0x2e50 [ 72.155143][ T4426] ? __lock_acquire+0x13c0/0x7c50 [ 72.160247][ T4426] ? verify_lock_unused+0x140/0x140 [ 72.165445][ T4426] ? mark_lock+0x94/0x320 [ 72.169762][ T4426] ? ext4_read_folio+0x370/0x370 [ 72.174684][ T4426] ? __lock_acquire+0x13c0/0x7c50 [ 72.179700][ T4426] ? __lock_acquire+0x7c50/0x7c50 [ 72.184711][ T4426] ? do_raw_spin_lock+0x11d/0x280 [ 72.189725][ T4426] ? do_raw_spin_unlock+0x11d/0x230 [ 72.194913][ T4426] ? ext4_read_folio+0x370/0x370 [ 72.199837][ T4426] do_writepages+0x3b7/0x610 [ 72.204421][ T4426] ? __writepage+0x130/0x130 [ 72.208994][ T4426] ? writeback_single_inode+0x216/0x8b0 [ 72.214592][ T4426] ? __lock_acquire+0x7c50/0x7c50 [ 72.219624][ T4426] ? do_raw_spin_lock+0x11d/0x280 [ 72.224648][ T4426] ? __ext4_expand_extra_isize+0x301/0x3e0 [ 72.230447][ T4426] __writeback_single_inode+0x156/0x1160 [ 72.236077][ T4426] writeback_single_inode+0x221/0x8b0 [ 72.241444][ T4426] ? write_inode_now+0x1d0/0x1d0 [ 72.246376][ T4426] write_inode_now+0x15d/0x1d0 [ 72.251215][ T4426] ? bdi_split_work_to_wbs+0x890/0x890 [ 72.256664][ T4426] ? rcu_is_watching+0x11/0xa0 [ 72.261421][ T4426] ? do_raw_spin_unlock+0x11d/0x230 [ 72.266609][ T4426] iput+0x613/0x980 [ 72.270840][ T4426] ext4_xattr_block_set+0x2736/0x32a0 [ 72.276200][ T4426] ? __might_sleep+0xd0/0xd0 [ 72.280873][ T4426] ? xattr_find_entry+0x12b/0x2f0 [ 72.285892][ T4426] ? ext4_xattr_block_find+0x2b0/0x2b0 [ 72.291338][ T4426] ? ext4_xattr_block_find+0x241/0x2b0 [ 72.296786][ T4426] ext4_expand_extra_isize_ea+0x109b/0x19b0 [ 72.302675][ T4426] __ext4_expand_extra_isize+0x301/0x3e0 [ 72.308295][ T4426] __ext4_mark_inode_dirty+0x47f/0x770 [ 72.313749][ T4426] ext4_evict_inode+0xa73/0x1100 [ 72.318675][ T4426] ? _raw_spin_unlock+0x24/0x40 [ 72.323609][ T4426] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 72.329493][ T4426] ? do_raw_spin_unlock+0x11d/0x230 [ 72.334680][ T4426] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 72.340560][ T4426] evict+0x485/0x870 [ 72.344442][ T4426] ? __lock_acquire+0x7c50/0x7c50 [ 72.349457][ T4426] ? proc_nr_inodes+0x2f0/0x2f0 [ 72.354294][ T4426] ? do_raw_spin_unlock+0x11d/0x230 [ 72.359483][ T4426] ? _raw_spin_unlock+0x24/0x40 [ 72.364317][ T4426] ? iput+0x768/0x980 [ 72.368292][ T4426] ext4_orphan_cleanup+0xbd3/0x1400 [ 72.373485][ T4426] ? ext4_orphan_del+0xb90/0xb90 [ 72.378419][ T4426] ? errseq_check_and_advance+0x62/0x120 [ 72.384047][ T4426] ext4_fill_super+0x7bdf/0x8150 [ 72.389054][ T4426] ? bdev_name+0x2c1/0x3f0 [ 72.393469][ T4426] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 72.399695][ T4426] ? snprintf+0xd7/0x120 [ 72.403923][ T4426] ? preempt_count_add+0x8d/0x190 [ 72.408931][ T4426] ? vscnprintf+0x80/0x80 [ 72.413246][ T4426] ? set_blocksize+0x1d0/0x470 [ 72.417998][ T4426] ? sb_set_blocksize+0xa5/0xe0 [ 72.422836][ T4426] get_tree_bdev+0x3f1/0x610 [ 72.427413][ T4426] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 72.433729][ T4426] vfs_get_tree+0x88/0x270 [ 72.438220][ T4426] do_new_mount+0x24a/0xa40 [ 72.442715][ T4426] __se_sys_mount+0x2d6/0x3c0 [ 72.447391][ T4426] ? __x64_sys_mount+0xc0/0xc0 [ 72.452139][ T4426] ? lockdep_hardirqs_on+0x94/0x140 [ 72.457321][ T4426] ? __x64_sys_mount+0x1c/0xc0 [ 72.462068][ T4426] do_syscall_64+0x4c/0xa0 [ 72.466479][ T4426] ? clear_bhb_loop+0x60/0xb0 [ 72.471140][ T4426] ? clear_bhb_loop+0x60/0xb0 [ 72.475801][ T4426] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 72.481681][ T4426] RIP: 0033:0x7f12dfd90eea [ 72.486092][ T4426] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 72.505703][ T4426] RSP: 002b:00007ffc63d70aa8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 72.514106][ T4426] RAX: ffffffffffffffda RBX: 00007ffc63d70b30 RCX: 00007f12dfd90eea [ 72.522076][ T4426] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007ffc63d70af0 [ 72.530042][ T4426] RBP: 0000200000000180 R08: 00007ffc63d70b30 R09: 0000000000800700 [ 72.538009][ T4426] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0 [ 72.545965][ T4426] R13: 00007ffc63d70af0 R14: 000000000000046f R15: 000000000000002c [ 72.554021][ T4426] [ 72.566922][ T4426] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #11: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 72.580616][ T4426] EXT4-fs (loop0): Remounting filesystem read-only [ 72.587574][ T4426] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 11 err=-117 [ 72.600374][ T4426] EXT4-fs (loop0): Remounting filesystem read-only [ 72.607356][ T4426] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2819: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 72.620553][ T4426] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #11: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 72.634139][ T4426] EXT4-fs (loop0): Remounting filesystem read-only [ 72.640930][ T4426] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 11 err=-117 [ 72.653482][ T4426] EXT4-fs (loop0): Remounting filesystem read-only [ 72.660048][ T4426] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #18: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 72.673627][ T4426] EXT4-fs (loop0): Remounting filesystem read-only [ 72.680271][ T4426] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 18 err=-117 [ 72.692628][ T4426] EXT4-fs (loop0): Remounting filesystem read-only [ 72.699205][ T4426] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #18: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 72.712693][ T4426] EXT4-fs (loop0): Remounting filesystem read-only [ 72.719321][ T4426] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 18 err=-117 [ 72.731756][ T4426] EXT4-fs (loop0): Remounting filesystem read-only [ 72.740600][ T4426] EXT4-fs (loop0): 1 orphan inode deleted [ 72.746386][ T4426] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 72.771378][ T4373] EXT4-fs (loop0): unmounting filesystem.