Warning: Permanently added '10.128.0.178' (ED25519) to the list of known hosts. 2026/01/07 10:57:54 parsed 1 programs [ 72.944765][ T4269] cgroup: Unknown subsys name 'net' [ 73.079068][ T4269] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 74.676355][ T4269] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS [ 76.235122][ T4288] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 76.243485][ T4288] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 76.250916][ T4288] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 76.259024][ T4288] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 76.266998][ T4288] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 76.274721][ T4288] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 76.589871][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.598046][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.615791][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 76.628414][ T40] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.636510][ T40] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.644851][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 78.918965][ T4344] chnl_net:caif_netlink_parms(): no params data found [ 78.962161][ T4344] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.969926][ T4344] bridge0: port 1(bridge_slave_0) entered disabled state [ 78.978554][ T4344] device bridge_slave_0 entered promiscuous mode [ 78.993003][ T4344] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.000131][ T4344] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.008152][ T4344] device bridge_slave_1 entered promiscuous mode [ 79.031935][ T4344] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 79.043227][ T4344] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 79.073858][ T4344] team0: Port device team_slave_0 added [ 79.080975][ T4344] team0: Port device team_slave_1 added [ 79.099342][ T4344] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 79.106368][ T4344] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.132341][ T4344] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 79.145335][ T4344] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 79.152296][ T4344] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.178287][ T4344] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 79.219114][ T4344] device hsr_slave_0 entered promiscuous mode [ 79.228693][ T4344] device hsr_slave_1 entered promiscuous mode [ 79.365345][ T4344] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 79.376354][ T4344] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 79.385599][ T4344] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 79.394868][ T4344] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 79.457266][ T4344] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.464637][ T4344] bridge0: port 2(bridge_slave_1) entered forwarding state [ 79.472395][ T4344] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.479540][ T4344] bridge0: port 1(bridge_slave_0) entered forwarding state [ 79.536837][ T4344] 8021q: adding VLAN 0 to HW filter on device bond0 [ 79.551282][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 79.560608][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.569790][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.583479][ T4344] 8021q: adding VLAN 0 to HW filter on device team0 [ 79.595828][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 79.604762][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.611839][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 79.621670][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 79.631093][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.638221][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 79.663779][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 79.672137][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 79.685865][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 79.704956][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 79.717072][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 79.727844][ T4344] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 79.900604][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 79.908552][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 79.928217][ T4344] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 79.945747][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 79.954887][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 79.982566][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 79.991366][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 80.000742][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 80.008828][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 80.030127][ T4344] device veth0_vlan entered promiscuous mode [ 80.040502][ T4344] device veth1_vlan entered promiscuous mode [ 80.059574][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 80.068188][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 80.076483][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 80.085971][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 80.096423][ T4344] device veth0_macvtap entered promiscuous mode [ 80.112036][ T4344] device veth1_macvtap entered promiscuous mode [ 80.126871][ T4344] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 80.134815][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 80.142951][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 80.150771][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 80.159750][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 80.171066][ T4344] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 80.180024][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 80.189307][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 80.210064][ T4344] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.219204][ T4344] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.228262][ T4344] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.237275][ T4344] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.432730][ T75] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 2026/01/07 10:58:03 executed programs: 0 [ 80.747392][ T48] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 80.755432][ T48] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 80.763264][ T48] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 80.771102][ T48] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 80.779176][ T48] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 80.786744][ T48] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 80.904793][ T4371] chnl_net:caif_netlink_parms(): no params data found [ 80.945046][ T4371] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.952156][ T4371] bridge0: port 1(bridge_slave_0) entered disabled state [ 80.959986][ T4371] device bridge_slave_0 entered promiscuous mode [ 80.967829][ T4371] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.975414][ T4371] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.983372][ T4371] device bridge_slave_1 entered promiscuous mode [ 81.007313][ T4371] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 81.018117][ T4371] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 81.041500][ T4371] team0: Port device team_slave_0 added [ 81.049033][ T4371] team0: Port device team_slave_1 added [ 81.074298][ T4371] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 81.081263][ T4371] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 81.107438][ T4371] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 81.120001][ T4371] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 81.127010][ T4371] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 81.153113][ T4371] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 81.189739][ T4371] device hsr_slave_0 entered promiscuous mode [ 81.196493][ T4371] device hsr_slave_1 entered promiscuous mode [ 81.203154][ T4371] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 81.210985][ T4371] Cannot create hsr debugfs directory [ 81.614155][ T127] cfg80211: failed to load regulatory.db [ 82.733114][ T75] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 82.813586][ T4288] Bluetooth: hci0: command 0x0409 tx timeout [ 84.893071][ T4288] Bluetooth: hci0: command 0x041b tx timeout [ 85.022419][ T75] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 85.084908][ T75] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 85.967555][ T75] device hsr_slave_0 left promiscuous mode [ 85.976589][ T75] device hsr_slave_1 left promiscuous mode [ 85.983854][ T75] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 85.991324][ T75] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 86.003179][ T75] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 86.010598][ T75] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 86.023400][ T75] device bridge_slave_1 left promiscuous mode [ 86.030383][ T75] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.045942][ T75] device bridge_slave_0 left promiscuous mode [ 86.052203][ T75] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.080897][ T75] device veth1_macvtap left promiscuous mode [ 86.087328][ T75] device veth0_macvtap left promiscuous mode [ 86.096274][ T75] device veth1_vlan left promiscuous mode [ 86.102301][ T75] device veth0_vlan left promiscuous mode [ 86.398357][ T75] team0 (unregistering): Port device team_slave_1 removed [ 86.426940][ T75] team0 (unregistering): Port device team_slave_0 removed [ 86.457900][ T75] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 86.489853][ T75] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 86.746981][ T75] bond0 (unregistering): Released all slaves [ 86.801815][ T4371] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 86.811730][ T4371] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 86.821118][ T4371] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 86.833578][ T4371] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 86.891514][ T4371] 8021q: adding VLAN 0 to HW filter on device bond0 [ 86.912736][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 86.926757][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 86.938395][ T4371] 8021q: adding VLAN 0 to HW filter on device team0 [ 86.948000][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 86.957142][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 86.966105][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.973237][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 86.981971][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 86.983556][ T4288] Bluetooth: hci0: command 0x040f tx timeout [ 86.996524][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 87.009227][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 87.017964][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.025155][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.037189][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 87.048260][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 87.059231][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 87.069108][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 87.079999][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 87.091854][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 87.101450][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 87.112804][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 87.123857][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 87.139911][ T4378] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 87.148744][ T4378] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 87.160341][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 87.360504][ T4378] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 87.368637][ T4378] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 87.381053][ T4371] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 87.401657][ T4378] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 87.410559][ T4378] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 87.426721][ T4378] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 87.435391][ T4378] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 87.444674][ T4378] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 87.452357][ T4378] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 87.466697][ T4371] device veth0_vlan entered promiscuous mode [ 87.477730][ T4371] device veth1_vlan entered promiscuous mode [ 87.497211][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 87.505350][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 87.514196][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 87.524092][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 87.534326][ T4371] device veth0_macvtap entered promiscuous mode [ 87.542676][ T4371] device veth1_macvtap entered promiscuous mode [ 87.560573][ T4371] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 87.568071][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 87.576358][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 87.585130][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 87.594458][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 87.606210][ T4371] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 87.618803][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 87.627941][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 87.639147][ T4371] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.648654][ T4371] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.658762][ T4371] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.667709][ T4371] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.721164][ T75] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.737125][ T75] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.747871][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 87.765363][ T75] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.774098][ T75] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.782588][ T75] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 87.832798][ T4421] loop0: detected capacity change from 0 to 512 [ 87.847275][ T4421] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 87.876745][ T4421] [ 87.879133][ T4421] ====================================================== [ 87.886171][ T4421] WARNING: possible circular locking dependency detected [ 87.893208][ T4421] syzkaller #0 Not tainted [ 87.897621][ T4421] ------------------------------------------------------ [ 87.904644][ T4421] syz.0.17/4421 is trying to acquire lock: [ 87.910434][ T4421] ffff8880731aab98 (&sbi->s_writepages_rwsem){.+.+}-{0:0}, at: ext4_writepages+0x1c0/0x2e50 [ 87.920521][ T4421] [ 87.920521][ T4421] but task is already holding lock: [ 87.927874][ T4421] ffff88806f029ee0 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3fe/0x770 [ 87.937706][ T4421] [ 87.937706][ T4421] which lock already depends on the new lock. [ 87.937706][ T4421] [ 87.948118][ T4421] [ 87.948118][ T4421] the existing dependency chain (in reverse order) is: [ 87.957118][ T4421] [ 87.957118][ T4421] -> #2 (&ei->xattr_sem){++++}-{3:3}: [ 87.964663][ T4421] down_read+0x42/0x2d0 [ 87.969338][ T4421] ext4_setattr+0x92a/0x19f0 [ 87.974438][ T4421] notify_change+0xc74/0xf40 [ 87.979539][ T4421] chown_common+0x486/0x620 [ 87.984558][ T4421] do_fchownat+0x164/0x270 [ 87.989488][ T4421] __x64_sys_chown+0x7e/0x90 [ 87.994591][ T4421] do_syscall_64+0x4c/0xa0 [ 87.999520][ T4421] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 88.005930][ T4421] [ 88.005930][ T4421] -> #1 (jbd2_handle){++++}-{0:0}: [ 88.013232][ T4421] start_this_handle+0x1f49/0x2150 [ 88.018863][ T4421] jbd2__journal_start+0x2b7/0x5a0 [ 88.024492][ T4421] __ext4_journal_start_sb+0x187/0x3d0 [ 88.030464][ T4421] ext4_writepages+0xde7/0x2e50 [ 88.035840][ T4421] do_writepages+0x3b7/0x610 [ 88.040965][ T4421] filemap_fdatawrite_wbc+0x11e/0x180 [ 88.046860][ T4421] file_write_and_wait_range+0x137/0x200 [ 88.053006][ T4421] ext4_sync_file+0x23b/0xca0 [ 88.058197][ T4421] __x64_sys_fsync+0x1a5/0x1e0 [ 88.063477][ T4421] do_syscall_64+0x4c/0xa0 [ 88.068409][ T4421] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 88.074815][ T4421] [ 88.074815][ T4421] -> #0 (&sbi->s_writepages_rwsem){.+.+}-{0:0}: [ 88.083243][ T4421] __lock_acquire+0x2cf8/0x7c50 [ 88.088628][ T4421] lock_acquire+0x1b4/0x490 [ 88.093648][ T4421] percpu_down_read+0x44/0x1a0 [ 88.098922][ T4421] ext4_writepages+0x1c0/0x2e50 [ 88.104280][ T4421] do_writepages+0x3b7/0x610 [ 88.109380][ T4421] __writeback_single_inode+0x156/0x1160 [ 88.115523][ T4421] writeback_single_inode+0x221/0x8b0 [ 88.121407][ T4421] write_inode_now+0x15d/0x1d0 [ 88.126686][ T4421] iput+0x613/0x980 [ 88.131002][ T4421] ext4_xattr_block_set+0x2736/0x32a0 [ 88.136891][ T4421] ext4_expand_extra_isize_ea+0x109b/0x19b0 [ 88.143307][ T4421] __ext4_expand_extra_isize+0x301/0x3e0 [ 88.149447][ T4421] __ext4_mark_inode_dirty+0x47f/0x770 [ 88.155419][ T4421] ext4_evict_inode+0xa73/0x1100 [ 88.160869][ T4421] evict+0x485/0x870 [ 88.165275][ T4421] ext4_orphan_cleanup+0xbd3/0x1400 [ 88.170988][ T4421] ext4_fill_super+0x7bdf/0x8150 [ 88.176434][ T4421] get_tree_bdev+0x3f1/0x610 [ 88.181535][ T4421] vfs_get_tree+0x88/0x270 [ 88.186465][ T4421] do_new_mount+0x24a/0xa40 [ 88.191476][ T4421] __se_sys_mount+0x2d6/0x3c0 [ 88.196664][ T4421] do_syscall_64+0x4c/0xa0 [ 88.201596][ T4421] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 88.208002][ T4421] [ 88.208002][ T4421] other info that might help us debug this: [ 88.208002][ T4421] [ 88.218219][ T4421] Chain exists of: [ 88.218219][ T4421] &sbi->s_writepages_rwsem --> jbd2_handle --> &ei->xattr_sem [ 88.218219][ T4421] [ 88.231595][ T4421] Possible unsafe locking scenario: [ 88.231595][ T4421] [ 88.239039][ T4421] CPU0 CPU1 [ 88.244414][ T4421] ---- ---- [ 88.249763][ T4421] lock(&ei->xattr_sem); [ 88.254088][ T4421] lock(jbd2_handle); [ 88.260680][ T4421] lock(&ei->xattr_sem); [ 88.267517][ T4421] lock(&sbi->s_writepages_rwsem); [ 88.272705][ T4421] [ 88.272705][ T4421] *** DEADLOCK *** [ 88.272705][ T4421] [ 88.280839][ T4421] 3 locks held by syz.0.17/4421: [ 88.285769][ T4421] #0: ffff8880731a80e0 (&type->s_umount_key#27/1){+.+.}-{3:3}, at: alloc_super+0x1fa/0x930 [ 88.295861][ T4421] #1: ffff8880731a8650 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x436/0x1100 [ 88.305338][ T4421] #2: ffff88806f029ee0 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3fe/0x770 [ 88.315594][ T4421] [ 88.315594][ T4421] stack backtrace: [ 88.321469][ T4421] CPU: 1 PID: 4421 Comm: syz.0.17 Not tainted syzkaller #0 [ 88.328653][ T4421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 88.338735][ T4421] Call Trace: [ 88.342007][ T4421] [ 88.344937][ T4421] dump_stack_lvl+0x168/0x22e [ 88.349611][ T4421] ? load_image+0x3b0/0x3b0 [ 88.354107][ T4421] ? show_regs_print_info+0x12/0x12 [ 88.359300][ T4421] ? print_circular_bug+0x12b/0x1a0 [ 88.364493][ T4421] check_noncircular+0x274/0x310 [ 88.369425][ T4421] ? add_chain_block+0x940/0x940 [ 88.374360][ T4421] ? lockdep_lock+0xdc/0x1e0 [ 88.378946][ T4421] ? verify_lock_unused+0x140/0x140 [ 88.384138][ T4421] ? _find_first_zero_bit+0xcf/0x100 [ 88.389418][ T4421] __lock_acquire+0x2cf8/0x7c50 [ 88.394270][ T4421] ? verify_lock_unused+0x140/0x140 [ 88.399464][ T4421] ? mark_lock+0x94/0x320 [ 88.403788][ T4421] ? __lock_acquire+0x13c0/0x7c50 [ 88.408817][ T4421] lock_acquire+0x1b4/0x490 [ 88.413314][ T4421] ? ext4_writepages+0x1c0/0x2e50 [ 88.418331][ T4421] ? __might_sleep+0xd0/0xd0 [ 88.422924][ T4421] ? read_lock_is_recursive+0x10/0x10 [ 88.428293][ T4421] ? __lock_acquire+0x12e5/0x7c50 [ 88.433320][ T4421] ? mark_lock+0x94/0x320 [ 88.437679][ T4421] percpu_down_read+0x44/0x1a0 [ 88.442436][ T4421] ? ext4_writepages+0x1c0/0x2e50 [ 88.447448][ T4421] ext4_writepages+0x1c0/0x2e50 [ 88.452314][ T4421] ? __lock_acquire+0x13c0/0x7c50 [ 88.457335][ T4421] ? verify_lock_unused+0x140/0x140 [ 88.462528][ T4421] ? mark_lock+0x94/0x320 [ 88.466852][ T4421] ? ext4_read_folio+0x370/0x370 [ 88.471789][ T4421] ? __lock_acquire+0x13c0/0x7c50 [ 88.476830][ T4421] ? __lock_acquire+0x7c50/0x7c50 [ 88.481845][ T4421] ? do_raw_spin_lock+0x11d/0x280 [ 88.486869][ T4421] ? do_raw_spin_unlock+0x11d/0x230 [ 88.492067][ T4421] ? ext4_read_folio+0x370/0x370 [ 88.496993][ T4421] do_writepages+0x3b7/0x610 [ 88.501579][ T4421] ? __writepage+0x130/0x130 [ 88.506161][ T4421] ? writeback_single_inode+0x216/0x8b0 [ 88.511702][ T4421] ? __lock_acquire+0x7c50/0x7c50 [ 88.516720][ T4421] ? do_raw_spin_lock+0x11d/0x280 [ 88.521738][ T4421] ? __ext4_expand_extra_isize+0x301/0x3e0 [ 88.527534][ T4421] __writeback_single_inode+0x156/0x1160 [ 88.533181][ T4421] writeback_single_inode+0x221/0x8b0 [ 88.538586][ T4421] ? write_inode_now+0x1d0/0x1d0 [ 88.543548][ T4421] write_inode_now+0x15d/0x1d0 [ 88.548302][ T4421] ? bdi_split_work_to_wbs+0x890/0x890 [ 88.553763][ T4421] ? rcu_is_watching+0x11/0xa0 [ 88.558524][ T4421] ? do_raw_spin_unlock+0x11d/0x230 [ 88.563721][ T4421] iput+0x613/0x980 [ 88.567519][ T4421] ext4_xattr_block_set+0x2736/0x32a0 [ 88.572894][ T4421] ? __might_sleep+0xd0/0xd0 [ 88.577508][ T4421] ? xattr_find_entry+0x12b/0x2f0 [ 88.582524][ T4421] ? ext4_xattr_block_find+0x2b0/0x2b0 [ 88.587982][ T4421] ? ext4_xattr_block_find+0x241/0x2b0 [ 88.593439][ T4421] ext4_expand_extra_isize_ea+0x109b/0x19b0 [ 88.599334][ T4421] __ext4_expand_extra_isize+0x301/0x3e0 [ 88.604958][ T4421] __ext4_mark_inode_dirty+0x47f/0x770 [ 88.610413][ T4421] ext4_evict_inode+0xa73/0x1100 [ 88.615350][ T4421] ? _raw_spin_unlock+0x24/0x40 [ 88.620208][ T4421] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 88.626121][ T4421] ? do_raw_spin_unlock+0x11d/0x230 [ 88.631346][ T4421] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 88.637271][ T4421] evict+0x485/0x870 [ 88.641164][ T4421] ? __lock_acquire+0x7c50/0x7c50 [ 88.646190][ T4421] ? proc_nr_inodes+0x2f0/0x2f0 [ 88.651034][ T4421] ? do_raw_spin_unlock+0x11d/0x230 [ 88.656230][ T4421] ? _raw_spin_unlock+0x24/0x40 [ 88.661076][ T4421] ? iput+0x768/0x980 [ 88.665051][ T4421] ext4_orphan_cleanup+0xbd3/0x1400 [ 88.670246][ T4421] ? ext4_orphan_del+0xb90/0xb90 [ 88.675177][ T4421] ? errseq_check_and_advance+0x62/0x120 [ 88.680805][ T4421] ext4_fill_super+0x7bdf/0x8150 [ 88.685738][ T4421] ? bdev_name+0x2c1/0x3f0 [ 88.690155][ T4421] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 88.696396][ T4421] ? snprintf+0xd7/0x120 [ 88.700630][ T4421] ? preempt_count_add+0x8d/0x190 [ 88.705647][ T4421] ? vscnprintf+0x80/0x80 [ 88.709967][ T4421] ? set_blocksize+0x1d0/0x470 [ 88.714723][ T4421] ? sb_set_blocksize+0xa5/0xe0 [ 88.719589][ T4421] get_tree_bdev+0x3f1/0x610 [ 88.724174][ T4421] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 88.730403][ T4421] vfs_get_tree+0x88/0x270 [ 88.734837][ T4421] do_new_mount+0x24a/0xa40 [ 88.739336][ T4421] __se_sys_mount+0x2d6/0x3c0 [ 88.744008][ T4421] ? __x64_sys_mount+0xc0/0xc0 [ 88.748760][ T4421] ? lockdep_hardirqs_on+0x94/0x140 [ 88.753947][ T4421] ? __x64_sys_mount+0x1c/0xc0 [ 88.758720][ T4421] do_syscall_64+0x4c/0xa0 [ 88.763132][ T4421] ? clear_bhb_loop+0x60/0xb0 [ 88.767802][ T4421] ? clear_bhb_loop+0x60/0xb0 [ 88.772489][ T4421] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 88.778381][ T4421] RIP: 0033:0x7f3797990eea [ 88.782804][ T4421] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 88.802411][ T4421] RSP: 002b:00007ffeacdbe028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 88.810822][ T4421] RAX: ffffffffffffffda RBX: 00007ffeacdbe0b0 RCX: 00007f3797990eea [ 88.818788][ T4421] RDX: 0000200000000180 RSI: 0000200000000080 RDI: 00007ffeacdbe070 [ 88.826753][ T4421] RBP: 0000200000000180 R08: 00007ffeacdbe0b0 R09: 0000000000800700 [ 88.834719][ T4421] R10: 0000000000800700 R11: 0000000000000246 R12: 0000200000000080 [ 88.842690][ T4421] R13: 00007ffeacdbe070 R14: 000000000000046f R15: 00002000000007c0 [ 88.850657][ T4421] [ 88.867897][ T4421] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #11: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 88.881575][ T4421] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 11 err=-117 [ 88.896170][ T4421] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2819: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 88.909279][ T4421] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #11: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 88.923409][ T4421] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 11 err=-117 [ 88.936167][ T4421] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #18: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 88.950082][ T4421] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 18 err=-117 [ 88.963796][ T4421] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #18: comm syz.0.17: iget: bad extra_isize 90 (inode size 256) [ 88.977479][ T4421] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.17: error while reading EA inode 18 err=-117 [ 88.990013][ T4421] EXT4-fs (loop0): 1 orphan inode deleted [ 88.995813][ T4421] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 89.034631][ T4371] EXT4-fs (loop0): unmounting filesystem. [ 89.063137][ T4288] Bluetooth: hci0: command 0x0419 tx timeout