Warning: Permanently added '10.128.1.137' (ED25519) to the list of known hosts. 2025/11/26 12:46:07 parsed 1 programs [ 52.744996][ T4190] cgroup: Unknown subsys name 'net' [ 52.906901][ T4190] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 54.130981][ T4190] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS [ 55.508302][ T4202] chnl_net:caif_netlink_parms(): no params data found [ 55.552771][ T4202] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.560358][ T4202] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.568299][ T4202] device bridge_slave_0 entered promiscuous mode [ 55.579599][ T4202] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.586763][ T4202] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.594882][ T4202] device bridge_slave_1 entered promiscuous mode [ 55.623060][ T4202] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 55.634061][ T4202] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 55.655582][ T4202] team0: Port device team_slave_0 added [ 55.666142][ T4202] team0: Port device team_slave_1 added [ 55.682752][ T4202] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 55.689845][ T4202] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.715978][ T4202] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 55.728143][ T4202] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 55.735228][ T4202] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.761213][ T4202] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 55.787980][ T4202] device hsr_slave_0 entered promiscuous mode [ 55.794858][ T4202] device hsr_slave_1 entered promiscuous mode [ 55.875587][ T4202] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 55.886467][ T4202] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 55.895487][ T4202] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 55.909013][ T4202] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 55.931582][ T4202] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.938804][ T4202] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.946754][ T4202] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.954001][ T4202] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.996291][ T4202] 8021q: adding VLAN 0 to HW filter on device bond0 [ 56.009953][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.019436][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.028247][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.040693][ T4202] 8021q: adding VLAN 0 to HW filter on device team0 [ 56.054155][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 56.063612][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.070657][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 56.080986][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 56.090247][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.097367][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 56.119933][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 56.128980][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 56.139873][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 56.152334][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 56.167908][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 56.179926][ T4202] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 56.290560][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 56.298644][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 56.315799][ T4202] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 56.337638][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 56.360126][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 56.371881][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 56.379832][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 56.393311][ T4202] device veth0_vlan entered promiscuous mode [ 56.405788][ T4202] device veth1_vlan entered promiscuous mode [ 56.429793][ T3083] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 56.438130][ T3083] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 56.446758][ T3083] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 56.459385][ T4202] device veth0_macvtap entered promiscuous mode [ 56.470735][ T4202] device veth1_macvtap entered promiscuous mode [ 56.489655][ T4202] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 56.498008][ T3083] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 56.508064][ T3083] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 56.520441][ T4202] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 56.530477][ T3083] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 56.540187][ T3083] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 56.552778][ T4202] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.561648][ T4202] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.579579][ T4202] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.589015][ T4202] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.392204][ T1308] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 59.707677][ T1308] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 61.756255][ T1308] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 61.837866][ T1308] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 62.308143][ T3083] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.321205][ T3083] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 62.335335][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 62.368147][ T3083] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.377114][ T3083] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 62.388784][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 62.778755][ T1308] device hsr_slave_0 left promiscuous mode [ 62.793300][ T1308] device hsr_slave_1 left promiscuous mode [ 62.823558][ T1308] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 62.831021][ T1308] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 62.872121][ T1308] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 62.879791][ T1308] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 62.902800][ T1308] device bridge_slave_1 left promiscuous mode [ 62.920039][ T1308] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.946491][ T1308] device bridge_slave_0 left promiscuous mode [ 62.958542][ T1308] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.983739][ T1308] device veth1_macvtap left promiscuous mode [ 62.990127][ T1308] device veth0_macvtap left promiscuous mode [ 63.013216][ T1308] device veth1_vlan left promiscuous mode [ 63.019657][ T1308] device veth0_vlan left promiscuous mode [ 63.255346][ T1308] team0 (unregistering): Port device team_slave_1 removed [ 63.270507][ T1308] team0 (unregistering): Port device team_slave_0 removed [ 63.284727][ T1308] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 63.297087][ T1308] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 63.342034][ T1308] bond0 (unregistering): Released all slaves 2025/11/26 12:46:21 executed programs: 0 [ 65.074782][ T4373] chnl_net:caif_netlink_parms(): no params data found [ 65.152671][ T4373] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.164133][ T4373] bridge0: port 1(bridge_slave_0) entered disabled state [ 65.174372][ T4373] device bridge_slave_0 entered promiscuous mode [ 65.183324][ T4373] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.190499][ T4373] bridge0: port 2(bridge_slave_1) entered disabled state [ 65.199708][ T4373] device bridge_slave_1 entered promiscuous mode [ 65.228363][ T4373] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 65.240213][ T4373] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 65.294134][ T4373] team0: Port device team_slave_0 added [ 65.313245][ T4373] team0: Port device team_slave_1 added [ 65.351095][ T4373] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 65.359090][ T4373] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 65.385899][ T4373] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 65.403050][ T4373] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 65.410015][ T4373] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 65.436318][ T4373] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 65.478635][ T4373] device hsr_slave_0 entered promiscuous mode [ 65.486942][ T4373] device hsr_slave_1 entered promiscuous mode [ 66.136706][ T4373] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 66.185425][ T4373] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 66.195231][ T4373] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 66.205683][ T4373] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 66.360193][ T4373] 8021q: adding VLAN 0 to HW filter on device bond0 [ 66.375858][ T3083] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 66.387320][ T3083] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 66.429955][ T4373] 8021q: adding VLAN 0 to HW filter on device team0 [ 66.442237][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 66.451032][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 66.461165][ T154] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.468303][ T154] bridge0: port 1(bridge_slave_0) entered forwarding state [ 66.478501][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 66.517335][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 66.527246][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 66.537224][ T154] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.544384][ T154] bridge0: port 2(bridge_slave_1) entered forwarding state [ 66.556323][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 66.614331][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 66.623586][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 66.633224][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 66.641616][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 66.653091][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 66.661639][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 66.680408][ T4373] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 66.693217][ T4373] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 66.705590][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 66.715016][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 66.726732][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 66.736836][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 66.746609][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 66.882496][ T4215] Bluetooth: hci0: command 0x0409 tx timeout [ 66.939384][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 66.948014][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 66.961500][ T4373] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 67.006015][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 67.015930][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 67.036470][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 67.047275][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 67.057756][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 67.067312][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 67.076802][ T4373] device veth0_vlan entered promiscuous mode [ 67.111032][ T4373] device veth1_vlan entered promiscuous mode [ 67.154822][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 67.172733][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 67.188026][ T4373] device veth0_macvtap entered promiscuous mode [ 67.212006][ T4373] device veth1_macvtap entered promiscuous mode [ 67.268189][ T4373] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 67.277829][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 67.291144][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 67.299483][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 67.309905][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 67.321584][ T4373] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 67.334762][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 67.345164][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 67.357841][ T4373] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.368194][ T4373] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.378115][ T4373] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.388313][ T4373] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.491644][ T154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.507370][ T154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.527688][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 67.545009][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.554872][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.565976][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 67.645142][ T4511] loop0: detected capacity change from 0 to 512 [ 67.723378][ T4511] ======================================================= [ 67.723378][ T4511] WARNING: The mand mount option has been deprecated and [ 67.723378][ T4511] and is ignored by this kernel. Remove the mand [ 67.723378][ T4511] option from the mount to silence this warning. [ 67.723378][ T4511] ======================================================= [ 67.875504][ T4511] [ 67.877935][ T4511] ====================================================== [ 67.884951][ T4511] WARNING: possible circular locking dependency detected [ 67.891980][ T4511] syzkaller #0 Not tainted [ 67.896392][ T4511] ------------------------------------------------------ [ 67.903403][ T4511] syz.0.17/4511 is trying to acquire lock: [ 67.909191][ T4511] ffff8880191a8bd8 (&sbi->s_writepages_rwsem){.+.+}-{0:0}, at: ext4_writepages+0x1c0/0x2d20 [ 67.919360][ T4511] [ 67.919360][ T4511] but task is already holding lock: [ 67.926724][ T4511] ffff88807365d088 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3e8/0x700 [ 67.936562][ T4511] [ 67.936562][ T4511] which lock already depends on the new lock. [ 67.936562][ T4511] [ 67.946959][ T4511] [ 67.946959][ T4511] the existing dependency chain (in reverse order) is: [ 67.956065][ T4511] [ 67.956065][ T4511] -> #2 (&ei->xattr_sem){++++}-{3:3}: [ 67.963627][ T4511] down_read+0x44/0x2e0 [ 67.968310][ T4511] ext4_setattr+0x71d/0x19e0 [ 67.973421][ T4511] notify_change+0xbcd/0xee0 [ 67.978537][ T4511] chown_common+0x483/0x610 [ 67.983663][ T4511] do_fchownat+0x164/0x270 [ 67.988620][ T4511] __x64_sys_chown+0x7e/0x90 [ 67.993822][ T4511] do_syscall_64+0x4c/0xa0 [ 67.998764][ T4511] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 68.005284][ T4511] [ 68.005284][ T4511] -> #1 (jbd2_handle){++++}-{0:0}: [ 68.012580][ T4511] start_this_handle+0x1338/0x15a0 [ 68.018221][ T4511] jbd2__journal_start+0x2b7/0x5a0 [ 68.023864][ T4511] __ext4_journal_start_sb+0x167/0x360 [ 68.029892][ T4511] ext4_writepages+0xdc2/0x2d20 [ 68.035270][ T4511] do_writepages+0x48d/0x6d0 [ 68.040388][ T4511] filemap_fdatawrite_wbc+0x1eb/0x240 [ 68.046285][ T4511] file_write_and_wait_range+0x129/0x1e0 [ 68.052438][ T4511] ext4_sync_file+0x1ff/0xae0 [ 68.057631][ T4511] __x64_sys_fsync+0x1a5/0x1e0 [ 68.062909][ T4511] do_syscall_64+0x4c/0xa0 [ 68.067835][ T4511] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 68.074251][ T4511] [ 68.074251][ T4511] -> #0 (&sbi->s_writepages_rwsem){.+.+}-{0:0}: [ 68.082691][ T4511] __lock_acquire+0x2c33/0x7c60 [ 68.088076][ T4511] lock_acquire+0x197/0x3f0 [ 68.093098][ T4511] percpu_down_read+0x46/0x1b0 [ 68.098378][ T4511] ext4_writepages+0x1c0/0x2d20 [ 68.103832][ T4511] do_writepages+0x48d/0x6d0 [ 68.108952][ T4511] __writeback_single_inode+0x153/0xda0 [ 68.115009][ T4511] writeback_single_inode+0x221/0x8b0 [ 68.120897][ T4511] write_inode_now+0x217/0x280 [ 68.126163][ T4511] iput+0x5ab/0x8a0 [ 68.130479][ T4511] ext4_xattr_set_entry+0x10ff/0x3d30 [ 68.136435][ T4511] ext4_xattr_block_set+0x4f7/0x2d30 [ 68.142308][ T4511] ext4_expand_extra_isize_ea+0xf4b/0x19a0 [ 68.148793][ T4511] __ext4_expand_extra_isize+0x301/0x3e0 [ 68.154927][ T4511] __ext4_mark_inode_dirty+0x469/0x700 [ 68.160902][ T4511] ext4_evict_inode+0xa81/0x1080 [ 68.166359][ T4511] evict+0x485/0x870 [ 68.170756][ T4511] ext4_orphan_cleanup+0xaa9/0x12e0 [ 68.176736][ T4511] ext4_fill_super+0x92f0/0x9a60 [ 68.182199][ T4511] mount_bdev+0x287/0x3c0 [ 68.187038][ T4511] legacy_get_tree+0xe6/0x180 [ 68.192214][ T4511] vfs_get_tree+0x88/0x270 [ 68.197133][ T4511] do_new_mount+0x24a/0xa40 [ 68.202139][ T4511] __se_sys_mount+0x2d6/0x3c0 [ 68.207341][ T4511] do_syscall_64+0x4c/0xa0 [ 68.212261][ T4511] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 68.218774][ T4511] [ 68.218774][ T4511] other info that might help us debug this: [ 68.218774][ T4511] [ 68.228985][ T4511] Chain exists of: [ 68.228985][ T4511] &sbi->s_writepages_rwsem --> jbd2_handle --> &ei->xattr_sem [ 68.228985][ T4511] [ 68.242620][ T4511] Possible unsafe locking scenario: [ 68.242620][ T4511] [ 68.250282][ T4511] CPU0 CPU1 [ 68.255665][ T4511] ---- ---- [ 68.261027][ T4511] lock(&ei->xattr_sem); [ 68.265367][ T4511] lock(jbd2_handle); [ 68.271942][ T4511] lock(&ei->xattr_sem); [ 68.278769][ T4511] lock(&sbi->s_writepages_rwsem); [ 68.283946][ T4511] [ 68.283946][ T4511] *** DEADLOCK *** [ 68.283946][ T4511] [ 68.292069][ T4511] 3 locks held by syz.0.17/4511: [ 68.297031][ T4511] #0: ffff88801fa4e0e0 (&type->s_umount_key#28/1){+.+.}-{3:3}, at: alloc_super+0x201/0x950 [ 68.307111][ T4511] #1: ffff88801fa4e650 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x444/0x1080 [ 68.316575][ T4511] #2: ffff88807365d088 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3e8/0x700 [ 68.326813][ T4511] [ 68.326813][ T4511] stack backtrace: [ 68.332692][ T4511] CPU: 1 PID: 4511 Comm: syz.0.17 Not tainted syzkaller #0 [ 68.339948][ T4511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 68.350254][ T4511] Call Trace: [ 68.353514][ T4511] [ 68.356458][ T4511] dump_stack_lvl+0x168/0x230 [ 68.361127][ T4511] ? load_image+0x3b0/0x3b0 [ 68.365612][ T4511] ? show_regs_print_info+0x20/0x20 [ 68.370801][ T4511] ? print_circular_bug+0x12b/0x1a0 [ 68.375984][ T4511] check_noncircular+0x274/0x310 [ 68.380900][ T4511] ? add_chain_block+0x940/0x940 [ 68.385843][ T4511] ? lockdep_lock+0xdc/0x1e0 [ 68.390417][ T4511] ? lockdep_unlock+0x134/0x2d0 [ 68.395247][ T4511] ? mark_lock+0x94/0x320 [ 68.399556][ T4511] __lock_acquire+0x2c33/0x7c60 [ 68.404409][ T4511] ? verify_lock_unused+0x140/0x140 [ 68.409598][ T4511] ? verify_lock_unused+0x140/0x140 [ 68.414777][ T4511] ? mark_lock+0x94/0x320 [ 68.419087][ T4511] ? mark_lock+0x94/0x320 [ 68.423401][ T4511] ? verify_lock_unused+0x140/0x140 [ 68.428585][ T4511] ? __lock_acquire+0x13ad/0x7c60 [ 68.433595][ T4511] lock_acquire+0x197/0x3f0 [ 68.438083][ T4511] ? ext4_writepages+0x1c0/0x2d20 [ 68.443106][ T4511] ? deref_stack_reg+0xd0/0x120 [ 68.447939][ T4511] ? __might_sleep+0xf0/0xf0 [ 68.452511][ T4511] ? read_lock_is_recursive+0x10/0x10 [ 68.457872][ T4511] ? mark_lock+0x94/0x320 [ 68.462183][ T4511] ? __lock_acquire+0x13ad/0x7c60 [ 68.467200][ T4511] percpu_down_read+0x46/0x1b0 [ 68.471973][ T4511] ? ext4_writepages+0x1c0/0x2d20 [ 68.476981][ T4511] ext4_writepages+0x1c0/0x2d20 [ 68.481904][ T4511] ? _raw_spin_unlock_irqrestore+0xaa/0x100 [ 68.487787][ T4511] ? _raw_spin_unlock+0x40/0x40 [ 68.492621][ T4511] ? stack_trace_save+0x98/0xe0 [ 68.497457][ T4511] ? verify_lock_unused+0x140/0x140 [ 68.502636][ T4511] ? mark_lock+0x94/0x320 [ 68.506950][ T4511] ? ext4_readpage+0x2e0/0x2e0 [ 68.511697][ T4511] ? __lock_acquire+0x13ad/0x7c60 [ 68.516701][ T4511] ? rcu_lock_release+0x5/0x20 [ 68.521449][ T4511] ? __lock_acquire+0x7c60/0x7c60 [ 68.526468][ T4511] ? do_raw_spin_lock+0x11d/0x280 [ 68.531474][ T4511] ? _raw_spin_lock_irqsave+0x7f/0xf0 [ 68.536976][ T4511] ? do_raw_spin_unlock+0x11d/0x230 [ 68.542176][ T4511] ? ext4_readpage+0x2e0/0x2e0 [ 68.546933][ T4511] do_writepages+0x48d/0x6d0 [ 68.551688][ T4511] ? __writepage+0x130/0x130 [ 68.556367][ T4511] ? writeback_single_inode+0x216/0x8b0 [ 68.561900][ T4511] ? __lock_acquire+0x7c60/0x7c60 [ 68.566903][ T4511] ? do_raw_spin_lock+0x11d/0x280 [ 68.571911][ T4511] __writeback_single_inode+0x153/0xda0 [ 68.577525][ T4511] writeback_single_inode+0x221/0x8b0 [ 68.582882][ T4511] ? write_inode_now+0x280/0x280 [ 68.587803][ T4511] write_inode_now+0x217/0x280 [ 68.592546][ T4511] ? bdi_split_work_to_wbs+0x820/0x820 [ 68.598003][ T4511] ? do_raw_spin_unlock+0x11d/0x230 [ 68.603182][ T4511] iput+0x5ab/0x8a0 [ 68.606981][ T4511] ext4_xattr_set_entry+0x10ff/0x3d30 [ 68.612349][ T4511] ? ext4_xattr_ibody_set+0x330/0x330 [ 68.617793][ T4511] ? rcu_is_watching+0x11/0xa0 [ 68.622559][ T4511] ? kmem_cache_free+0x14c/0x210 [ 68.627477][ T4511] ? mb_cache_entry_delete_or_get+0x1bd/0x1e0 [ 68.633530][ T4511] ext4_xattr_block_set+0x4f7/0x2d30 [ 68.638830][ T4511] ? do_raw_spin_unlock+0x11d/0x230 [ 68.644100][ T4511] ? __ext4_xattr_check_block+0x7d8/0x8d0 [ 68.649804][ T4511] ? ext4_xattr_block_find+0x500/0x500 [ 68.655245][ T4511] ? ext4_xattr_block_find+0x433/0x500 [ 68.660690][ T4511] ext4_expand_extra_isize_ea+0xf4b/0x19a0 [ 68.666491][ T4511] __ext4_expand_extra_isize+0x301/0x3e0 [ 68.672106][ T4511] __ext4_mark_inode_dirty+0x469/0x700 [ 68.677588][ T4511] ext4_evict_inode+0xa81/0x1080 [ 68.682622][ T4511] ? _raw_spin_unlock+0x24/0x40 [ 68.687466][ T4511] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 68.693434][ T4511] ? do_raw_spin_unlock+0x11d/0x230 [ 68.698622][ T4511] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 68.704592][ T4511] evict+0x485/0x870 [ 68.708500][ T4511] ? __lock_acquire+0x7c60/0x7c60 [ 68.713508][ T4511] ? proc_nr_inodes+0x320/0x320 [ 68.718342][ T4511] ? do_raw_spin_unlock+0x11d/0x230 [ 68.723543][ T4511] ? _raw_spin_unlock+0x24/0x40 [ 68.728373][ T4511] ? iput+0x706/0x8a0 [ 68.732339][ T4511] ext4_orphan_cleanup+0xaa9/0x12e0 [ 68.737527][ T4511] ? ext4_orphan_del+0xb90/0xb90 [ 68.742442][ T4511] ? errseq_check_and_advance+0x62/0x120 [ 68.748065][ T4511] ext4_fill_super+0x92f0/0x9a60 [ 68.752995][ T4511] ? ext4_mount+0x40/0x40 [ 68.757316][ T4511] ? set_blocksize+0x1f1/0x370 [ 68.762069][ T4511] ? sb_set_blocksize+0xa5/0xe0 [ 68.766906][ T4511] mount_bdev+0x287/0x3c0 [ 68.771226][ T4511] ? ext4_mount+0x40/0x40 [ 68.775551][ T4511] legacy_get_tree+0xe6/0x180 [ 68.780212][ T4511] ? ext4_errno_to_code+0x160/0x160 [ 68.785391][ T4511] vfs_get_tree+0x88/0x270 [ 68.789794][ T4511] do_new_mount+0x24a/0xa40 [ 68.794428][ T4511] __se_sys_mount+0x2d6/0x3c0 [ 68.799110][ T4511] ? __x64_sys_mount+0xc0/0xc0 [ 68.803868][ T4511] ? lockdep_hardirqs_on+0x94/0x140 [ 68.809061][ T4511] ? __x64_sys_mount+0x1c/0xc0 [ 68.813811][ T4511] do_syscall_64+0x4c/0xa0 [ 68.818214][ T4511] ? clear_bhb_loop+0x30/0x80 [ 68.822872][ T4511] ? clear_bhb_loop+0x30/0x80 [ 68.827535][ T4511] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 68.833421][ T4511] RIP: 0033:0x7f2d5dfa3eea [ 68.837907][ T4511] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 68.857934][ T4511] RSP: 002b:00007ffe2d3f7e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 68.867476][ T4511] RAX: ffffffffffffffda RBX: 00007ffe2d3f7ee0 RCX: 00007f2d5dfa3eea [ 68.875431][ T4511] RDX: 0000200000000180 RSI: 0000200000000080 RDI: 00007ffe2d3f7ea0 [ 68.883396][ T4511] RBP: 0000200000000180 R08: 00007ffe2d3f7ee0 R09: 0000000002808340 [ 68.891372][ T4511] R10: 0000000002808340 R11: 0000000000000246 R12: 0000200000000080 [ 68.899323][ T4511] R13: 00007ffe2d3f7ea0 R14: 000000000000047c R15: 0000200000000640 [ 68.907281][ T4511] [ 68.932102][ T4511] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #11: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 68.955251][ T4511] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 11 err=-117 [ 68.962020][ T4215] Bluetooth: hci0: command 0x041b tx timeout [ 68.968391][ T4511] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2826: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 68.987018][ T4511] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #11: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 69.000523][ T4511] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 11 err=-117 [ 69.014478][ T4511] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #18: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 69.028662][ T4511] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 18 err=-117 [ 69.041460][ T4511] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #18: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 69.055349][ T4511] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 18 err=-117 [ 69.082091][ T4511] EXT4-fs (loop0): 1 orphan inode deleted [ 69.087876][ T4511] EXT4-fs (loop0): mounted filesystem without journal. Opts: i_version,nobarrier,debug_want_extra_isize=0x000000000000005a,sysvgroups,resgid=0x0000000000000000,acl,init_itable=0x0000000000000003,,errors=continue. Quota mode: none.