Warning: Permanently added '10.128.1.113' (ED25519) to the list of known hosts.
2026/05/04 23:53:21 parsed 1 programs
[ 81.559453][ T820] cfg80211: failed to load regulatory.db
[ 81.681771][ T5612] cgroup: Unknown subsys name 'net'
[ 81.930241][ T5612] cgroup: Unknown subsys name 'cpuset'
[ 82.006162][ T5612] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 83.706478][ T5612] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 86.688759][ T59] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 86.694860][ T59] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 86.712231][ T59] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 86.723085][ T59] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 86.726319][ T59] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 88.448465][ T5650] bridge0: port 1(bridge_slave_0) entered blocking state
[ 88.449362][ T5650] bridge0: port 1(bridge_slave_0) entered disabled state
[ 88.449459][ T5650] bridge_slave_0: entered allmulticast mode
[ 88.450880][ T5650] bridge_slave_0: entered promiscuous mode
[ 88.483048][ T5650] bridge0: port 2(bridge_slave_1) entered blocking state
[ 88.483151][ T5650] bridge0: port 2(bridge_slave_1) entered disabled state
[ 88.483290][ T5650] bridge_slave_1: entered allmulticast mode
[ 88.487606][ T5650] bridge_slave_1: entered promiscuous mode
[ 88.544339][ T5650] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 88.548060][ T5650] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 88.585817][ T5650] team0: Port device team_slave_0 added
[ 88.587731][ T5650] team0: Port device team_slave_1 added
[ 88.666858][ T5650] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 88.666868][ T5650] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 88.666884][ T5650] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 88.669281][ T5650] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 88.669293][ T5650] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 88.669308][ T5650] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 88.731953][ T5650] hsr_slave_0: entered promiscuous mode
[ 88.733301][ T5650] hsr_slave_1: entered promiscuous mode
[ 88.972520][ T5650] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 89.019989][ T5650] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 89.021733][ T5650] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 89.059602][ T5650] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 89.060415][ T5650] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 89.108957][ T5650] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 89.109714][ T5650] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 89.147742][ T5650] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 89.194958][ T5650] bridge0: port 2(bridge_slave_1) entered blocking state
[ 89.195043][ T5650] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 89.203787][ T5650] bridge0: port 1(bridge_slave_0) entered blocking state
[ 89.204395][ T5650] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 89.255929][ T1452] bridge0: port 1(bridge_slave_0) entered disabled state
[ 89.295724][ T1452] bridge0: port 2(bridge_slave_1) entered disabled state
[ 89.513586][ T5650] 8021q: adding VLAN 0 to HW filter on device bond0
[ 89.547776][ T5650] 8021q: adding VLAN 0 to HW filter on device team0
[ 89.558768][ T1452] bridge0: port 1(bridge_slave_0) entered blocking state
[ 89.558926][ T1452] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 89.574754][ T1452] bridge0: port 2(bridge_slave_1) entered blocking state
[ 89.574935][ T1452] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 89.953329][ T5650] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 90.010446][ T5650] veth0_vlan: entered promiscuous mode
[ 90.025333][ T5650] veth1_vlan: entered promiscuous mode
[ 90.068402][ T5650] veth0_macvtap: entered promiscuous mode
[ 90.083037][ T5650] veth1_macvtap: entered promiscuous mode
[ 90.102783][ T5650] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 90.119721][ T5650] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 90.135148][ T66] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 90.152716][ T66] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 90.153503][ T66] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 90.176601][ T66] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 90.730388][ T1038] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 91.022405][ T1038] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 91.500389][ T1038] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 91.703480][ T1436] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 91.703503][ T1436] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 91.817394][ T1436] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 91.817417][ T1436] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 92.068762][ T1038] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 93.358203][ T1038] bridge_slave_1: left allmulticast mode
[ 93.358303][ T1038] bridge_slave_1: left promiscuous mode
[ 93.364051][ T1038] bridge0: port 2(bridge_slave_1) entered disabled state
[ 93.513850][ T1038] bridge_slave_0: left allmulticast mode
[ 93.513888][ T1038] bridge_slave_0: left promiscuous mode
[ 93.528426][ T1038] bridge0: port 1(bridge_slave_0) entered disabled state
[ 94.236242][ T1038] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 94.316087][ T1038] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 94.338476][ T1038] bond0 (unregistering): Released all slaves
[ 94.424174][ T5261] 8021q: adding VLAN 0 to HW filter on device eth1
[ 94.819447][ T1038] hsr_slave_0: left promiscuous mode
[ 94.856767][ T1038] hsr_slave_1: left promiscuous mode
[ 94.858032][ T1038] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 94.858096][ T1038] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 94.909592][ T1038] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 94.909619][ T1038] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 95.047214][ T1038] veth1_macvtap: left promiscuous mode
[ 95.047440][ T1038] veth0_macvtap: left promiscuous mode
[ 95.047712][ T1038] veth1_vlan: left promiscuous mode
[ 95.048903][ T1038] veth0_vlan: left promiscuous mode
[ 95.756032][ T1038] team0 (unregistering): Port device team_slave_1 removed
[ 95.795972][ T1038] team0 (unregistering): Port device team_slave_0 removed
[ 96.189501][ T5261] 8021q: adding VLAN 0 to HW filter on device eth2
[ 97.011994][ T5261] 8021q: adding VLAN 0 to HW filter on device eth3
[ 98.102996][ T5261] 8021q: adding VLAN 0 to HW filter on device eth4
2026/05/04 23:53:40 executed programs: 0
[ 99.011778][ T59] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 99.035711][ T59] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 99.036881][ T59] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 99.062910][ T59] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 99.063769][ T59] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 100.186571][ T5800] bridge0: port 1(bridge_slave_0) entered blocking state
[ 100.186727][ T5800] bridge0: port 1(bridge_slave_0) entered disabled state
[ 100.186872][ T5800] bridge_slave_0: entered allmulticast mode
[ 100.204131][ T5800] bridge_slave_0: entered promiscuous mode
[ 100.207961][ T5800] bridge0: port 2(bridge_slave_1) entered blocking state
[ 100.208146][ T5800] bridge0: port 2(bridge_slave_1) entered disabled state
[ 100.208293][ T5800] bridge_slave_1: entered allmulticast mode
[ 100.210527][ T5800] bridge_slave_1: entered promiscuous mode
[ 100.249356][ T5800] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 100.253077][ T5800] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 100.317587][ T5800] team0: Port device team_slave_0 added
[ 100.447157][ T5800] team0: Port device team_slave_1 added
[ 100.489522][ T5800] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 100.489539][ T5800] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 100.489563][ T5800] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 100.491999][ T5800] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 100.492037][ T5800] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 100.492060][ T5800] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 100.611696][ T5800] hsr_slave_0: entered promiscuous mode
[ 100.612427][ T5800] hsr_slave_1: entered promiscuous mode
[ 101.137228][ T4916] Bluetooth: hci0: command tx timeout
[ 102.641431][ T5800] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 102.687590][ T5800] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 102.688994][ T5800] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 102.738806][ T5800] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 102.739896][ T5800] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 102.789148][ T5800] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 102.790716][ T5800] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 102.814969][ T5800] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 102.933839][ T5800] 8021q: adding VLAN 0 to HW filter on device bond0
[ 102.965058][ T5800] 8021q: adding VLAN 0 to HW filter on device team0
[ 102.980387][ T13] bridge0: port 1(bridge_slave_0) entered blocking state
[ 102.980463][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 103.010824][ T1038] bridge0: port 2(bridge_slave_1) entered blocking state
[ 103.011108][ T1038] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 103.215773][ T4916] Bluetooth: hci0: command tx timeout
[ 103.672138][ T5800] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 103.802951][ T5800] veth0_vlan: entered promiscuous mode
[ 103.819247][ T5800] veth1_vlan: entered promiscuous mode
[ 103.889016][ T5800] veth0_macvtap: entered promiscuous mode
[ 103.894646][ T5800] veth1_macvtap: entered promiscuous mode
[ 103.933745][ T5800] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 103.954814][ T5800] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 103.985469][ T1038] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 103.988407][ T1038] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 103.988601][ T1038] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 103.989236][ T1038] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 104.419750][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 104.419770][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 104.514106][ T160] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 104.514125][ T160] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2026/05/04 23:53:46 executed programs: 2
[ 104.670273][ T5933] loop0: detected capacity change from 0 to 512
[ 104.885130][ T5933]
[ 104.885140][ T5933] ======================================================
[ 104.885147][ T5933] WARNING: possible circular locking dependency detected
[ 104.885164][ T5933] syzkaller[ 104.885164][ T5933] syzkaller #0 Not tainted
[ 104.885172][ T5933] ------------------------------------------------------
[ 104.885178][ T5933] syz.0.17/5933 is trying to acquire lock:
[ 104.885187][ T5933] ffff888032f68cd8 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_writepages+0x205/0x3b0
[ 104.885246][ T5933]
[ 104.885246][ T5933] but task is already holding lock:
[ 104.885256][ T5933] ffff88804634a428 (&ei->xattr_sem){++++}-{4:4}, at: __ext4_mark_inode_dirty+0x3db/0x710
[ 104.885295][ T5933]
[ 104.885295][ T5933] which lock already depends on the new lock.
[ 104.885295][ T5933]
[ 104.885301][ T5933]
[ 104.885301][ T5933] the existing dependency chain (in reverse order) is:
[ 104.885307][ T5933]
[ 104.885307][ T5933] -> #2 (&ei->xattr_sem){++++}-{4:4}:
[ 104.885330][ T5933] down_write+0x3a/0x50
[ 104.885348][ T5933] ext4_xattr_set_handle+0x19c/0x14c0
[ 104.885369][ T5933] ext4_initxattrs+0x9f/0x110
[ 104.885385][ T5933] security_inode_init_security+0x296/0x3d0
[ 104.885401][ T5933] __ext4_new_inode+0x3319/0x3ce0
[ 104.885420][ T5933] ext4_create+0x233/0x470
[ 104.885435][ T5933] path_openat+0x13b4/0x38a0
[ 104.885451][ T5933] do_file_open+0x23e/0x4a0
[ 104.885465][ T5933] do_sys_openat2+0x113/0x200
[ 104.885486][ T5933] __x64_sys_openat+0x138/0x170
[ 104.885506][ T5933] do_syscall_64+0x15f/0xf80
[ 104.885522][ T5933] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 104.885538][ T5933]
[ 104.885538][ T5933] -> #1 (jbd2_handle){++++}-{0:0}:
[ 104.885562][ T5933] wait_transaction_locked+0x1c2/0x280
[ 104.885582][ T5933] start_this_handle+0x7dc/0x2290
[ 104.885600][ T5933] jbd2__journal_start+0x2c0/0x5c0
[ 104.885618][ T5933] __ext4_journal_start_sb+0x203/0x5d0
[ 104.885639][ T5933] ext4_do_writepages+0xf79/0x4670
[ 104.885657][ T5933] ext4_writepages+0x241/0x3b0
[ 104.885677][ T5933] do_writepages+0x32e/0x550
[ 104.885704][ T5933] __writeback_single_inode+0x133/0x10e0
[ 104.885725][ T5933] writeback_sb_inodes+0x97f/0x1980
[ 104.885743][ T5933] __writeback_inodes_wb+0x111/0x240
[ 104.885761][ T5933] wb_writeback+0x459/0xb00
[ 104.885780][ T5933] wb_workfn+0xb17/0xf20
[ 104.885794][ T5933] process_scheduled_works+0xb5d/0x1860
[ 104.885809][ T5933] worker_thread+0xa53/0xfc0
[ 104.885824][ T5933] kthread+0x388/0x470
[ 104.885842][ T5933] ret_from_fork+0x514/0xb70
[ 104.885856][ T5933] ret_from_fork_asm+0x1a/0x30
[ 104.885873][ T5933]
[ 104.885873][ T5933] -> #0 (&sbi->s_writepages_rwsem){++++}-{0:0}:
[ 104.885893][ T5933] __lock_acquire+0x15a5/0x2cf0
[ 104.885912][ T5933] lock_acquire+0x106/0x350
[ 104.885929][ T5933] percpu_down_read_internal+0x48/0x1d0
[ 104.885949][ T5933] ext4_writepages+0x205/0x3b0
[ 104.885970][ T5933] do_writepages+0x32e/0x550
[ 104.885987][ T5933] __writeback_single_inode+0x133/0x10e0
[ 104.886006][ T5933] writeback_single_inode+0x488/0xd60
[ 104.886022][ T5933] write_inode_now+0x1c2/0x290
[ 104.886039][ T5933] iput+0x8c1/0xe80
[ 104.886052][ T5933] ext4_xattr_block_set+0x1fd4/0x2ad0
[ 104.886071][ T5933] ext4_expand_extra_isize_ea+0x12cf/0x1ea0
[ 104.886092][ T5933] __ext4_expand_extra_isize+0x30d/0x400
[ 104.886113][ T5933] __ext4_mark_inode_dirty+0x45c/0x710
[ 104.886129][ T5933] ext4_evict_inode+0x986/0x10e0
[ 104.886143][ T5933] evict+0x61e/0xb10
[ 104.886159][ T5933] ext4_orphan_cleanup+0xc38/0x1470
[ 104.886175][ T5933] ext4_fill_super+0x59bb/0x62d0
[ 104.886197][ T5933] get_tree_bdev_flags+0x431/0x4f0
[ 104.886213][ T5933] vfs_get_tree+0x92/0x2a0
[ 104.886228][ T5933] do_new_mount+0x341/0xd30
[ 104.886248][ T5933] __se_sys_mount+0x31d/0x420
[ 104.886267][ T5933] do_syscall_64+0x15f/0xf80
[ 104.886283][ T5933] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 104.886299][ T5933]
[ 104.886299][ T5933] other info that might help us debug this:
[ 104.886299][ T5933]
[ 104.886305][ T5933] Chain exists of:
[ 104.886305][ T5933] &sbi->s_writepages_rwsem --> jbd2_handle --> &ei->xattr_sem
[ 104.886305][ T5933]
[ 104.886333][ T5933] Possible unsafe locking scenario:
[ 104.886333][ T5933]
[ 104.886338][ T5933] CPU0 CPU1
[ 104.886344][ T5933] ---- ----
[ 104.886349][ T5933] lock(&ei->xattr_sem);
[ 104.886360][ T5933] lock(jbd2_handle);
[ 104.886373][ T5933] lock(&ei->xattr_sem);
[ 104.886385][ T5933] rlock(&sbi->s_writepages_rwsem);
[ 104.886397][ T5933]
[ 104.886397][ T5933] *** DEADLOCK ***
[ 104.886397][ T5933]
[ 104.886408][ T5933] 3 locks held by syz.0.17/5933:
[ 104.886419][ T5933] #0: ffff888039da60d0 (&type->s_umount_key#28/1){+.+.}-{4:4}, at: alloc_super+0x28c/0xac0
[ 104.886467][ T5933] #1: ffff888039da6770 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x426/0x10e0
[ 104.886505][ T5933] #2: ffff88804634a428 (&ei->xattr_sem){++++}-{4:4}, at: __ext4_mark_inode_dirty+0x3db/0x710
[ 104.886543][ T5933]
[ 104.886543][ T5933] stack backtrace:
[ 104.886566][ T5933] CPU: 0 UID: 0 PID: 5933 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT_{RT,(full)}
[ 104.886585][ T5933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 104.886603][ T5933] Call Trace:
[ 104.886609][ T5933]
[ 104.886617][ T5933] dump_stack_lvl+0xe8/0x150
[ 104.886636][ T5933] print_circular_bug+0x2e1/0x300
[ 104.886654][ T5933] check_noncircular+0x12e/0x150
[ 104.886687][ T5933] __lock_acquire+0x15a5/0x2cf0
[ 104.886712][ T5933] ? __lock_acquire+0x6b5/0x2cf0
[ 104.886736][ T5933] ? ext4_writepages+0x205/0x3b0
[ 104.886758][ T5933] lock_acquire+0x106/0x350
[ 104.886777][ T5933] ? ext4_writepages+0x205/0x3b0
[ 104.886804][ T5933] percpu_down_read_internal+0x48/0x1d0
[ 104.886826][ T5933] ? ext4_writepages+0x205/0x3b0
[ 104.886849][ T5933] ext4_writepages+0x205/0x3b0
[ 104.886873][ T5933] ? __pfx_ext4_writepages+0x10/0x10
[ 104.886895][ T5933] ? rt_mutex_slowunlock+0x4a7/0x8b0
[ 104.886921][ T5933] ? rt_spin_unlock+0x14f/0x200
[ 104.886944][ T5933] ? rt_spin_unlock+0x160/0x200
[ 104.886964][ T5933] ? __pfx_ext4_writepages+0x10/0x10
[ 104.886987][ T5933] do_writepages+0x32e/0x550
[ 104.887009][ T5933] ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 104.887027][ T5933] ? rt_mutex_slowunlock+0x4a7/0x8b0
[ 104.887048][ T5933] ? rt_spin_lock+0x1e0/0x400
[ 104.887071][ T5933] __writeback_single_inode+0x133/0x10e0
[ 104.887096][ T5933] ? rt_spin_unlock+0x160/0x200
[ 104.887118][ T5933] writeback_single_inode+0x488/0xd60
[ 104.887139][ T5933] write_inode_now+0x1c2/0x290
[ 104.887159][ T5933] ? __pfx_write_inode_now+0x10/0x10
[ 104.887192][ T5933] ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 104.887214][ T5933] ? rt_spin_unlock+0x14f/0x200
[ 104.887237][ T5933] ? rt_spin_unlock+0x160/0x200
[ 104.887259][ T5933] iput+0x8c1/0xe80
[ 104.887278][ T5933] ext4_xattr_block_set+0x1fd4/0x2ad0
[ 104.887308][ T5933] ? __pfx_check_xattrs+0x10/0x10
[ 104.887331][ T5933] ? __pfx_ext4_xattr_block_set+0x10/0x10
[ 104.887354][ T5933] ? ext4_xattr_block_find+0x2d4/0x350
[ 104.887377][ T5933] ext4_expand_extra_isize_ea+0x12cf/0x1ea0
[ 104.887413][ T5933] __ext4_expand_extra_isize+0x30d/0x400
[ 104.887439][ T5933] __ext4_mark_inode_dirty+0x45c/0x710
[ 104.887461][ T5933] ext4_evict_inode+0x986/0x10e0
[ 104.887477][ T5933] ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 104.887499][ T5933] ? __pfx_ext4_evict_inode+0x10/0x10
[ 104.887516][ T5933] ? rt_spin_unlock+0x14f/0x200
[ 104.887539][ T5933] ? rt_spin_unlock+0x160/0x200
[ 104.887559][ T5933] ? __pfx_ext4_evict_inode+0x10/0x10
[ 104.887576][ T5933] evict+0x61e/0xb10
[ 104.887598][ T5933] ? __pfx_evict+0x10/0x10
[ 104.887616][ T5933] ? rt_spin_unlock+0x160/0x200
[ 104.887638][ T5933] ? iput+0xb25/0xe80
[ 104.887657][ T5933] ext4_orphan_cleanup+0xc38/0x1470
[ 104.887686][ T5933] ? __pfx_ext4_orphan_cleanup+0x10/0x10
[ 104.887705][ T5933] ? ext4_register_li_request+0x640/0x720
[ 104.887722][ T5933] ? errseq_check_and_advance+0x66/0x120
[ 104.887743][ T5933] ext4_fill_super+0x59bb/0x62d0
[ 104.887774][ T5933] ? __pfx_ext4_fill_super+0x10/0x10
[ 104.887796][ T5933] ? snprintf+0xe8/0x140
[ 104.887816][ T5933] ? reacquire_held_locks+0x104/0x190
[ 104.887838][ T5933] ? rt_spin_lock+0x1e0/0x400
[ 104.887861][ T5933] ? __pfx_snprintf+0x10/0x10
[ 104.887885][ T5933] ? sb_set_blocksize+0x11b/0x210
[ 104.887906][ T5933] ? setup_bdev_super+0x4c1/0x5b0
[ 104.887926][ T5933] get_tree_bdev_flags+0x431/0x4f0
[ 104.887944][ T5933] ? __pfx_ext4_fill_super+0x10/0x10
[ 104.887967][ T5933] ? __pfx_get_tree_bdev_flags+0x10/0x10
[ 104.887986][ T5933] ? cap_capable+0x123/0x460
[ 104.888006][ T5933] ? safesetid_security_capable+0xa9/0x1a0
[ 104.888029][ T5933] vfs_get_tree+0x92/0x2a0
[ 104.888048][ T5933] do_new_mount+0x341/0xd30
[ 104.888069][ T5933] ? safesetid_security_capable+0xa9/0x1a0
[ 104.888091][ T5933] ? __pfx_do_new_mount+0x10/0x10
[ 104.888114][ T5933] ? ns_capable+0x89/0xe0
[ 104.888133][ T5933] ? user_path_at+0xd4/0x160
[ 104.888151][ T5933] ? user_path_at+0xd4/0x160
[ 104.888168][ T5933] __se_sys_mount+0x31d/0x420
[ 104.888192][ T5933] ? __pfx___se_sys_mount+0x10/0x10
[ 104.888217][ T5933] ? __x64_sys_mount+0x20/0xc0
[ 104.888239][ T5933] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 104.888257][ T5933] do_syscall_64+0x15f/0xf80
[ 104.888274][ T5933] ? trace_irq_disable+0x3b/0x140
[ 104.888292][ T5933] ? clear_bhb_loop+0x40/0x90
[ 104.888310][ T5933] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 104.888327][ T5933] RIP: 0033:0x7fe972a6e04a
[ 104.888353][ T5933] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 104.888367][ T5933] RSP: 002b:00007fff6f24e6c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 104.888386][ T5933] RAX: ffffffffffffffda RBX: 00007fff6f24e750 RCX: 00007fe972a6e04a
[ 104.888399][ T5933] RDX: 0000200000000180 RSI: 0000200000000040 RDI: 00007fff6f24e710
[ 104.888411][ T5933] RBP: 0000200000000180 R08: 00007fff6f24e750 R09: 0000000000000000
[ 104.888422][ T5933] R10: 0000000000000000 R11: 0000000000000246 R12: 0000200000000040
[ 104.888433][ T5933] R13: 00007fff6f24e710 R14: 0000000000000485 R15: 0000200000000b40
[ 104.888451][ T5933]
[ 104.903915][ T5933] ------------[ cut here ]------------
[ 104.903933][ T5933] EA inode 11 i_nlink=65535
[ 104.903946][ T5933] WARNING: fs/ext4/xattr.c:1059 at ext4_xattr_inode_update_ref+0x4c9/0x5a0, CPU#1: syz.0.17/5933
[ 104.903983][ T5933] Modules linked in:
[ 104.903997][ T5933] CPU: 1 UID: 0 PID: 5933 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT_{RT,(full)}
[ 104.904017][ T5933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 104.904027][ T5933] RIP: 0010:ext4_xattr_inode_update_ref+0x511/0x5a0
[ 104.904053][ T5933] Code: 74 08 4c 89 ef e8 7f 30 9b ff 4d 8b 6d 00 48 b8 00 00 00 00 00 fc ff df 41 0f b6 04 06 84 c0 75 77 41 8b 17 4c 89 e7 4c 89 ee <67> 48 0f b9 3a 4c 8b 6c 24 28 e9 59 fe ff ff e8 7b 09 8c 08 44 89
[ 104.904067][ T5933] RSP: 0018:ffffc90003b77100 EFLAGS: 00010246
[ 104.904081][ T5933] RAX: 0000000000000000 RBX: 00000000ffffffff RCX: dffffc0000000000
[ 104.904093][ T5933] RDX: 000000000000ffff RSI: 000000000000000b RDI: ffffffff8f8f2f70
[ 104.904104][ T5933] RBP: ffffc90003b77200 R08: 0000000000000000 R09: 0000000000000000
[ 104.904115][ T5933] R10: dffffc0000000000 R11: ffffed100b1c638e R12: ffffffff8f8f2f70
[ 104.904128][ T5933] R13: 000000000000000b R14: 1ffff1100b1c6352 R15: ffff888058e31a90
[ 104.904140][ T5933] FS: 0000555568a01500(0000) GS:ffff888126279000(0000) knlGS:0000000000000000
[ 104.904155][ T5933] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 104.904168][ T5933] CR2: 00007f7935ec4a90 CR3: 00000000431b4000 CR4: 00000000003526f0
[ 104.904182][ T5933] Call Trace:
[ 104.904189][ T5933]
[ 104.904195][ T5933] ? __pfx_inode_set_ctime_to_ts+0x10/0x10
[ 104.904217][ T5933] ? __pfx_ext4_xattr_inode_update_ref+0x10/0x10
[ 104.904242][ T5933] ? ext4_xattr_inode_iget+0x3d2/0x5f0
[ 104.904267][ T5933] ext4_xattr_set_entry+0xabb/0x1e20
[ 104.904295][ T5933] ext4_xattr_ibody_set+0x254/0x6a0
[ 104.904319][ T5933] ext4_expand_extra_isize_ea+0x13a2/0x1ea0
[ 104.904354][ T5933] __ext4_expand_extra_isize+0x30d/0x400
[ 104.904381][ T5933] __ext4_mark_inode_dirty+0x45c/0x710
[ 104.904402][ T5933] ext4_evict_inode+0x986/0x10e0
[ 104.904419][ T5933] ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 104.904442][ T5933] ? __pfx_ext4_evict_inode+0x10/0x10
[ 104.904458][ T5933] ? rt_spin_unlock+0x14f/0x200
[ 104.904481][ T5933] ? rt_spin_unlock+0x160/0x200
[ 104.904501][ T5933] ? __pfx_ext4_evict_inode+0x10/0x10
[ 104.904518][ T5933] evict+0x61e/0xb10
[ 104.904539][ T5933] ? __pfx_evict+0x10/0x10
[ 104.904557][ T5933] ? rt_spin_unlock+0x160/0x200
[ 104.904579][ T5933] ? iput+0xb25/0xe80
[ 104.904609][ T5933] ext4_orphan_cleanup+0xc38/0x1470
[ 104.904631][ T5933] ? __pfx_ext4_orphan_cleanup+0x10/0x10
[ 104.904649][ T5933] ? ext4_register_li_request+0x640/0x720
[ 104.904666][ T5933] ? errseq_check_and_advance+0x66/0x120
[ 104.904686][ T5933] ext4_fill_super+0x59bb/0x62d0
[ 104.904717][ T5933] ? __pfx_ext4_fill_super+0x10/0x10
[ 104.904739][ T5933] ? snprintf+0xe8/0x140
[ 104.904759][ T5933] ? reacquire_held_locks+0x104/0x190
[ 104.904782][ T5933] ? rt_spin_lock+0x1e0/0x400
[ 104.904804][ T5933] ? __pfx_snprintf+0x10/0x10
[ 104.904827][ T5933] ? sb_set_blocksize+0x11b/0x210
[ 104.904848][ T5933] ? setup_bdev_super+0x4c1/0x5b0
[ 104.904867][ T5933] get_tree_bdev_flags+0x431/0x4f0
[ 104.904886][ T5933] ? __pfx_ext4_fill_super+0x10/0x10
[ 104.904909][ T5933] ? __pfx_get_tree_bdev_flags+0x10/0x10
[ 104.904926][ T5933] ? cap_capable+0x123/0x460
[ 104.904951][ T5933] ? safesetid_security_capable+0xa9/0x1a0
[ 104.904974][ T5933] vfs_get_tree+0x92/0x2a0
[ 104.904993][ T5933] do_new_mount+0x341/0xd30
[ 104.905015][ T5933] ? safesetid_security_capable+0xa9/0x1a0
[ 104.905037][ T5933] ? __pfx_do_new_mount+0x10/0x10
[ 104.905058][ T5933] ? ns_capable+0x89/0xe0
[ 104.905076][ T5933] ? user_path_at+0xd4/0x160
[ 104.905093][ T5933] ? user_path_at+0xd4/0x160
[ 104.905110][ T5933] __se_sys_mount+0x31d/0x420
[ 104.905135][ T5933] ? __pfx___se_sys_mount+0x10/0x10
[ 104.905159][ T5933] ? __x64_sys_mount+0x20/0xc0
[ 104.905180][ T5933] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 104.905198][ T5933] do_syscall_64+0x15f/0xf80
[ 104.905232][ T5933] ? trace_irq_disable+0x3b/0x140
[ 104.905251][ T5933] ? clear_bhb_loop+0x40/0x90
[ 104.905270][ T5933] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 104.905285][ T5933] RIP: 0033:0x7fe972a6e04a
[ 104.905300][ T5933] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 104.905314][ T5933] RSP: 002b:00007fff6f24e6c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 104.905331][ T5933] RAX: ffffffffffffffda RBX: 00007fff6f24e750 RCX: 00007fe972a6e04a
[ 104.905344][ T5933] RDX: 0000200000000180 RSI: 0000200000000040 RDI: 00007fff6f24e710
[ 104.905356][ T5933] RBP: 0000200000000180 R08: 00007fff6f24e750 R09: 0000000000000000
[ 104.905367][ T5933] R10: 0000000000000000 R11: 0000000000000246 R12: 0000200000000040
[ 104.905378][ T5933] R13: 00007fff6f24e710 R14: 0000000000000485 R15: 0000200000000b40
[ 104.905420][ T5933]
[ 104.905431][ T5933] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 104.905442][ T5933] CPU: 1 UID: 0 PID: 5933 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT_{RT,(full)}
[ 104.905461][ T5933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 104.905470][ T5933] Call Trace:
[ 104.905476][ T5933]
[ 104.905482][ T5933] vpanic+0x56c/0xa60
[ 104.905502][ T5933] ? __pfx__printk+0x10/0x10
[ 104.905524][ T5933] ? __pfx_vpanic+0x10/0x10
[ 104.905542][ T5933] ? is_bpf_text_address+0x292/0x2b0
[ 104.905563][ T5933] ? is_bpf_text_address+0x26/0x2b0
[ 104.905586][ T5933] panic+0xc5/0xd0
[ 104.905604][ T5933] ? __pfx_panic+0x10/0x10
[ 104.905629][ T5933] __warn+0x315/0x4c0
[ 104.905647][ T5933] ? ext4_xattr_inode_update_ref+0x4c9/0x5a0
[ 104.905671][ T5933] ? ext4_xattr_inode_update_ref+0x4c9/0x5a0
[ 104.905693][ T5933] __report_bug+0x29a/0x540
[ 104.905710][ T5933] ? ext4_get_group_desc+0x434/0x4e0
[ 104.905731][ T5933] ? ext4_xattr_inode_update_ref+0x4c9/0x5a0
[ 104.905754][ T5933] ? __pfx___report_bug+0x10/0x10
[ 104.905775][ T5933] ? set_normalized_timespec64+0xf0/0x1a0
[ 104.905797][ T5933] report_bug_entry+0x19a/0x290
[ 104.905815][ T5933] ? ext4_xattr_inode_update_ref+0x511/0x5a0
[ 104.905837][ T5933] ? ext4_xattr_inode_update_ref+0x516/0x5a0
[ 104.905860][ T5933] handle_bug+0xce/0x200
[ 104.905879][ T5933] exc_invalid_op+0x1a/0x50
[ 104.905898][ T5933] asm_exc_invalid_op+0x1a/0x20
[ 104.905913][ T5933] RIP: 0010:ext4_xattr_inode_update_ref+0x511/0x5a0
[ 104.905945][ T5933] Code: 74 08 4c 89 ef e8 7f 30 9b ff 4d 8b 6d 00 48 b8 00 00 00 00 00 fc ff df 41 0f b6 04 06 84 c0 75 77 41 8b 17 4c 89 e7 4c 89 ee <67> 48 0f b9 3a 4c 8b 6c 24 28 e9 59 fe ff ff e8 7b 09 8c 08 44 89
[ 104.905958][ T5933] RSP: 0018:ffffc90003b77100 EFLAGS: 00010246
[ 104.905973][ T5933] RAX: 0000000000000000 RBX: 00000000ffffffff RCX: dffffc0000000000
[ 104.905985][ T5933] RDX: 000000000000ffff RSI: 000000000000000b RDI: ffffffff8f8f2f70
[ 104.905995][ T5933] RBP: ffffc90003b77200 R08: 0000000000000000 R09: 0000000000000000
[ 104.906006][ T5933] R10: dffffc0000000000 R11: ffffed100b1c638e R12: ffffffff8f8f2f70
[ 104.906018][ T5933] R13: 000000000000000b R14: 1ffff1100b1c6352 R15: ffff888058e31a90
[ 104.906037][ T5933] ? __pfx_inode_set_ctime_to_ts+0x10/0x10
[ 104.906058][ T5933] ? __pfx_ext4_xattr_inode_update_ref+0x10/0x10
[ 104.906083][ T5933] ? ext4_xattr_inode_iget+0x3d2/0x5f0
[ 104.906108][ T5933] ext4_xattr_set_entry+0xabb/0x1e20
[ 104.906137][ T5933] ext4_xattr_ibody_set+0x254/0x6a0
[ 104.906161][ T5933] ext4_expand_extra_isize_ea+0x13a2/0x1ea0
[ 104.906196][ T5933] __ext4_expand_extra_isize+0x30d/0x400
[ 104.906221][ T5933] __ext4_mark_inode_dirty+0x45c/0x710
[ 104.906243][ T5933] ext4_evict_inode+0x986/0x10e0
[ 104.906260][ T5933] ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 104.906282][ T5933] ? __pfx_ext4_evict_inode+0x10/0x10
[ 104.906299][ T5933] ? rt_spin_unlock+0x14f/0x200
[ 104.906321][ T5933] ? rt_spin_unlock+0x160/0x200
[ 104.906341][ T5933] ? __pfx_ext4_evict_inode+0x10/0x10
[ 104.906359][ T5933] evict+0x61e/0xb10
[ 104.906380][ T5933] ? __pfx_evict+0x10/0x10
[ 104.906397][ T5933] ? rt_spin_unlock+0x160/0x200
[ 104.906420][ T5933] ? iput+0xb25/0xe80
[ 104.906438][ T5933] ext4_orphan_cleanup+0xc38/0x1470
[ 104.906459][ T5933] ? __pfx_ext4_orphan_cleanup+0x10/0x10
[ 104.906478][ T5933] ? ext4_register_li_request+0x640/0x720
[ 104.906494][ T5933] ? errseq_check_and_advance+0x66/0x120
[ 104.906514][ T5933] ext4_fill_super+0x59bb/0x62d0
[ 104.906545][ T5933] ? __pfx_ext4_fill_super+0x10/0x10
[ 104.906567][ T5933] ? snprintf+0xe8/0x140
[ 104.906587][ T5933] ? reacquire_held_locks+0x104/0x190
[ 104.906609][ T5933] ? rt_spin_lock+0x1e0/0x400
[ 104.906631][ T5933] ? __pfx_snprintf+0x10/0x10
[ 104.906655][ T5933] ? sb_set_blocksize+0x11b/0x210
[ 104.906676][ T5933] ? setup_bdev_super+0x4c1/0x5b0
[ 104.906695][ T5933] get_tree_bdev_flags+0x431/0x4f0
[ 104.906714][ T5933] ? __pfx_ext4_fill_super+0x10/0x10
[ 104.906736][ T5933] ? __pfx_get_tree_bdev_flags+0x10/0x10
[ 104.906754][ T5933] ? cap_capable+0x123/0x460
[ 104.906774][ T5933] ? safesetid_security_capable+0xa9/0x1a0
[ 104.906798][ T5933] vfs_get_tree+0x92/0x2a0
[ 104.906817][ T5933] do_new_mount+0x341/0xd30
[ 104.906838][ T5933] ? safesetid_security_capable+0xa9/0x1a0
[ 104.906860][ T5933] ? __pfx_do_new_mount+0x10/0x10
[ 104.906882][ T5933] ? ns_capable+0x89/0xe0
[ 104.906900][ T5933] ? user_path_at+0xd4/0x160
[ 104.906917][ T5933] ? user_path_at+0xd4/0x160
[ 104.906940][ T5933] __se_sys_mount+0x31d/0x420
[ 104.906963][ T5933] ? __pfx___se_sys_mount+0x10/0x10
[ 104.906988][ T5933] ? __x64_sys_mount+0x20/0xc0
[ 104.907010][ T5933] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 104.907027][ T5933] do_syscall_64+0x15f/0xf80
[ 104.907044][ T5933] ? trace_irq_disable+0x3b/0x140
[ 104.907062][ T5933] ? clear_bhb_loop+0x40/0x90
[ 104.907080][ T5933] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 104.907096][ T5933] RIP: 0033:0x7fe972a6e04a
[ 104.907110][ T5933] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 104.907123][ T5933] RSP: 002b:00007fff6f24e6c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 104.907140][ T5933] RAX: ffffffffffffffda RBX: 00007fff6f24e750 RCX: 00007fe972a6e04a
[ 104.907152][ T5933] RDX: 0000200000000180 RSI: 0000200000000040 RDI: 00007fff6f24e710
[ 104.907164][ T5933] RBP: 0000200000000180 R08: 00007fff6f24e750 R09: 0000000000000000
[ 104.907176][ T5933] R10: 0000000000000000 R11: 0000000000000246 R12: 0000200000000040
[ 104.907186][ T5933] R13: 00007fff6f24e710 R14: 0000000000000485 R15: 0000200000000b40
[ 104.907205][ T5933]
[ 104.907532][ T5933] Kernel Offset: disabled