Warning: Permanently added '10.128.1.135' (ED25519) to the list of known hosts.
[ 91.974188][ T809] cfg80211: failed to load regulatory.db
2026/03/04 06:57:20 parsed 1 programs
[ 95.914428][ T5800] cgroup: Unknown subsys name 'net'
[ 96.155297][ T5800] cgroup: Unknown subsys name 'cpuset'
[ 96.240493][ T5800] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 98.192839][ T5800] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 102.143591][ T1029] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 102.143620][ T1029] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 102.241150][ T1029] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 102.241173][ T1029] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 104.963028][ T5847] chnl_net:caif_netlink_parms(): no params data found
[ 105.236890][ T5847] bridge0: port 1(bridge_slave_0) entered blocking state
[ 105.238254][ T5847] bridge0: port 1(bridge_slave_0) entered disabled state
[ 105.238451][ T5847] bridge_slave_0: entered allmulticast mode
[ 105.253760][ T5847] bridge_slave_0: entered promiscuous mode
[ 105.271787][ T5847] bridge0: port 2(bridge_slave_1) entered blocking state
[ 105.271897][ T5847] bridge0: port 2(bridge_slave_1) entered disabled state
[ 105.272253][ T5847] bridge_slave_1: entered allmulticast mode
[ 105.274654][ T5847] bridge_slave_1: entered promiscuous mode
[ 105.338668][ T5847] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 105.348283][ T5847] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 105.397263][ T5847] team0: Port device team_slave_0 added
[ 105.405950][ T5847] team0: Port device team_slave_1 added
[ 105.440800][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 105.440813][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 105.440834][ T5847] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 105.443290][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 105.443307][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 105.443327][ T5847] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 105.658866][ T5847] hsr_slave_0: entered promiscuous mode
[ 105.665112][ T5847] hsr_slave_1: entered promiscuous mode
[ 106.410444][ T5847] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 106.459045][ T5847] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 106.484964][ T5847] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 106.524983][ T5847] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 106.654823][ T5847] 8021q: adding VLAN 0 to HW filter on device bond0
[ 106.682796][ T5847] 8021q: adding VLAN 0 to HW filter on device team0
[ 106.694213][ T3538] bridge0: port 1(bridge_slave_0) entered blocking state
[ 106.694872][ T3538] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 106.723528][ T57] bridge0: port 2(bridge_slave_1) entered blocking state
[ 106.723897][ T57] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 106.954461][ T5847] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 107.005100][ T5847] veth0_vlan: entered promiscuous mode
[ 107.018717][ T5847] veth1_vlan: entered promiscuous mode
[ 107.059083][ T5847] veth0_macvtap: entered promiscuous mode
[ 107.071697][ T5847] veth1_macvtap: entered promiscuous mode
[ 107.098008][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 107.111807][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 107.131120][ T3538] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 107.134105][ T3538] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 107.134521][ T3538] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 107.135087][ T3538] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 107.936530][ T114] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 108.174575][ T114] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 108.414002][ T114] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 108.453836][ T5875] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 108.456926][ T5875] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 108.457728][ T5875] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 108.459001][ T5875] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 108.471798][ T5875] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 108.695791][ T114] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 110.368764][ T114] bridge_slave_1: left allmulticast mode
[ 110.368837][ T114] bridge_slave_1: left promiscuous mode
[ 110.372452][ T114] bridge0: port 2(bridge_slave_1) entered disabled state
[ 110.441171][ T114] bridge_slave_0: left allmulticast mode
[ 110.441195][ T114] bridge_slave_0: left promiscuous mode
[ 110.441379][ T114] bridge0: port 1(bridge_slave_0) entered disabled state
[ 111.210659][ T114] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 111.270894][ T114] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 111.313201][ T114] bond0 (unregistering): Released all slaves
[ 111.659897][ T114] hsr_slave_0: left promiscuous mode
[ 111.699892][ T114] hsr_slave_1: left promiscuous mode
[ 111.701274][ T114] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 111.701344][ T114] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 111.769884][ T114] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 111.769923][ T114] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 111.843488][ T114] veth1_macvtap: left promiscuous mode
[ 111.843715][ T114] veth0_macvtap: left promiscuous mode
[ 111.844021][ T114] veth1_vlan: left promiscuous mode
[ 111.844315][ T114] veth0_vlan: left promiscuous mode
2026/03/04 06:57:41 executed programs: 0
[ 112.285295][ T5875] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 112.301015][ T5875] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 112.304890][ T5875] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 112.306248][ T5875] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 112.307064][ T5875] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 112.780615][ T114] team0 (unregistering): Port device team_slave_1 removed
[ 112.830654][ T114] team0 (unregistering): Port device team_slave_0 removed
[ 113.336553][ T5922] chnl_net:caif_netlink_parms(): no params data found
[ 113.528726][ T5922] bridge0: port 1(bridge_slave_0) entered blocking state
[ 113.542624][ T5922] bridge0: port 1(bridge_slave_0) entered disabled state
[ 113.542861][ T5922] bridge_slave_0: entered allmulticast mode
[ 113.545694][ T5922] bridge_slave_0: entered promiscuous mode
[ 113.548988][ T5922] bridge0: port 2(bridge_slave_1) entered blocking state
[ 113.549198][ T5922] bridge0: port 2(bridge_slave_1) entered disabled state
[ 113.549385][ T5922] bridge_slave_1: entered allmulticast mode
[ 113.595441][ T5922] bridge_slave_1: entered promiscuous mode
[ 113.662920][ T5922] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 113.667706][ T5922] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 113.728437][ T5922] team0: Port device team_slave_0 added
[ 113.736622][ T5922] team0: Port device team_slave_1 added
[ 113.801132][ T5922] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 113.801150][ T5922] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 113.801678][ T5922] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 113.804141][ T5922] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 113.804156][ T5922] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 113.804184][ T5922] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 113.952914][ T5922] hsr_slave_0: entered promiscuous mode
[ 113.957056][ T5922] hsr_slave_1: entered promiscuous mode
[ 114.371881][ T5875] Bluetooth: hci0: command tx timeout
[ 116.428996][ T5922] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 116.449827][ T5875] Bluetooth: hci0: command tx timeout
[ 116.456734][ T5922] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 116.498118][ T5922] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 116.546236][ T5922] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 116.751166][ T5922] 8021q: adding VLAN 0 to HW filter on device bond0
[ 116.777740][ T5922] 8021q: adding VLAN 0 to HW filter on device team0
[ 116.793211][ T157] bridge0: port 1(bridge_slave_0) entered blocking state
[ 116.793426][ T157] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 116.816988][ T157] bridge0: port 2(bridge_slave_1) entered blocking state
[ 116.817202][ T157] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 117.191186][ T5922] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 117.263788][ T5922] veth0_vlan: entered promiscuous mode
[ 117.276722][ T5922] veth1_vlan: entered promiscuous mode
[ 117.316042][ T5922] veth0_macvtap: entered promiscuous mode
[ 117.325601][ T5922] veth1_macvtap: entered promiscuous mode
[ 117.355619][ T5922] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 117.384060][ T5922] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 117.416657][ T3538] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 117.425310][ T3538] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 117.431759][ T3538] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 117.433251][ T3538] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 117.692211][ T1011] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 117.692233][ T1011] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 117.782052][ T157] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 117.782077][ T157] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2026/03/04 06:57:46 executed programs: 2
[ 117.951807][ T6028] loop0: detected capacity change from 0 to 512
[ 117.956333][ T6028] EXT4-fs: Ignoring removed nobh option
[ 118.059593][ T6028]
[ 118.059606][ T6028] ======================================================
[ 118.059615][ T6028] WARNING: possible circular locking dependency detected
[ 118.059652][ T6028] syzkaller #0 Not tainted
[ 118.059663][ T6028] ------------------------------------------------------
[ 118.059671][ T6028] syz.0.17/6028 is trying to acquire lock:
[ 118.059683][ T6028] ffff888039f10c58 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_writepages+0x205/0x3b0
[ 118.059762][ T6028]
[ 118.059762][ T6028] but task is already holding lock:
[ 118.059769][ T6028] ffff888058603038 (&ei->xattr_sem){++++}-{4:4}, at: __ext4_mark_inode_dirty+0x3db/0x730
[ 118.059820][ T6028]
[ 118.059820][ T6028] which lock already depends on the new lock.
[ 118.059820][ T6028]
[ 118.059827][ T6028]
[ 118.059827][ T6028] the existing dependency chain (in reverse order) is:
[ 118.059835][ T6028]
[ 118.059835][ T6028] -> #2 (&ei->xattr_sem){++++}-{4:4}:
[ 118.059862][ T6028] down_write+0x3a/0x50
[ 118.059893][ T6028] ext4_xattr_set_handle+0x19c/0x14c0
[ 118.059928][ T6028] ext4_initxattrs+0x9f/0x110
[ 118.059954][ T6028] security_inode_init_security+0x296/0x3d0
[ 118.059977][ T6028] __ext4_new_inode+0x332f/0x3d20
[ 118.060008][ T6028] ext4_create+0x233/0x470
[ 118.060031][ T6028] path_openat+0x13b4/0x38a0
[ 118.060059][ T6028] do_file_open+0x23e/0x4a0
[ 118.060087][ T6028] do_sys_openat2+0x113/0x200
[ 118.060111][ T6028] __x64_sys_openat+0x138/0x170
[ 118.060135][ T6028] do_syscall_64+0x14d/0xf80
[ 118.060164][ T6028] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 118.060185][ T6028]
[ 118.060185][ T6028] -> #1 (jbd2_handle){++++}-{0:0}:
[ 118.060214][ T6028] wait_transaction_locked+0x1c2/0x280
[ 118.060232][ T6028] start_this_handle+0x7dc/0x2290
[ 118.060261][ T6028] jbd2__journal_start+0x2c0/0x5b0
[ 118.060291][ T6028] __ext4_journal_start_sb+0x203/0x620
[ 118.060323][ T6028] ext4_do_writepages+0xf97/0x46e0
[ 118.060351][ T6028] ext4_writepages+0x241/0x3b0
[ 118.060371][ T6028] do_writepages+0x32e/0x550
[ 118.060392][ T6028] __writeback_single_inode+0x133/0x11a0
[ 118.060414][ T6028] writeback_sb_inodes+0x995/0x19d0
[ 118.060436][ T6028] __writeback_inodes_wb+0x111/0x240
[ 118.060456][ T6028] wb_writeback+0x46a/0xb70
[ 118.060476][ T6028] wb_workfn+0xb52/0xf60
[ 118.060504][ T6028] process_scheduled_works+0xb02/0x1830
[ 118.060533][ T6028] worker_thread+0xa50/0xfc0
[ 118.060560][ T6028] kthread+0x388/0x470
[ 118.060580][ T6028] ret_from_fork+0x51e/0xb90
[ 118.060609][ T6028] ret_from_fork_asm+0x1a/0x30
[ 118.060628][ T6028]
[ 118.060628][ T6028] -> #0 (&sbi->s_writepages_rwsem){++++}-{0:0}:
[ 118.060658][ T6028] __lock_acquire+0x15a5/0x2cf0
[ 118.060677][ T6028] lock_acquire+0xf0/0x2e0
[ 118.060694][ T6028] percpu_down_read_internal+0x48/0x1d0
[ 118.060713][ T6028] ext4_writepages+0x205/0x3b0
[ 118.060743][ T6028] do_writepages+0x32e/0x550
[ 118.060765][ T6028] __writeback_single_inode+0x133/0x11a0
[ 118.060787][ T6028] writeback_single_inode+0x488/0xd60
[ 118.060819][ T6028] write_inode_now+0x1c2/0x290
[ 118.060849][ T6028] iput+0x8c1/0xe80
[ 118.060873][ T6028] ext4_xattr_block_set+0x1fd4/0x2ad0
[ 118.060892][ T6028] ext4_expand_extra_isize_ea+0x12cf/0x1ea0
[ 118.060913][ T6028] __ext4_expand_extra_isize+0x30d/0x400
[ 118.060932][ T6028] __ext4_mark_inode_dirty+0x45c/0x730
[ 118.060958][ T6028] ext4_evict_inode+0x7a1/0xeb0
[ 118.060982][ T6028] evict+0x61e/0xb10
[ 118.061012][ T6028] ext4_orphan_cleanup+0xc38/0x1470
[ 118.061037][ T6028] ext4_fill_super+0x5a0b/0x6320
[ 118.061059][ T6028] get_tree_bdev_flags+0x431/0x4f0
[ 118.061091][ T6028] vfs_get_tree+0x92/0x2a0
[ 118.061121][ T6028] do_new_mount+0x341/0xd30
[ 118.061143][ T6028] __se_sys_mount+0x31d/0x420
[ 118.061167][ T6028] do_syscall_64+0x14d/0xf80
[ 118.061194][ T6028] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 118.061216][ T6028]
[ 118.061216][ T6028] other info that might help us debug this:
[ 118.061216][ T6028]
[ 118.061223][ T6028] Chain exists of:
[ 118.061223][ T6028] &sbi->s_writepages_rwsem --> jbd2_handle --> &ei->xattr_sem
[ 118.061223][ T6028]
[ 118.061256][ T6028] Possible unsafe locking scenario:
[ 118.061256][ T6028]
[ 118.061263][ T6028] CPU0 CPU1
[ 118.061270][ T6028] ---- ----
[ 118.061277][ T6028] lock(&ei->xattr_sem);
[ 118.061291][ T6028] lock(jbd2_handle);
[ 118.061306][ T6028] lock(&ei->xattr_sem);
[ 118.061322][ T6028] rlock(&sbi->s_writepages_rwsem);
[ 118.061337][ T6028]
[ 118.061337][ T6028] *** DEADLOCK ***
[ 118.061337][ T6028]
[ 118.061343][ T6028] 3 locks held by syz.0.17/6028:
[ 118.061355][ T6028] #0: ffff88803e8720d0 (&type->s_umount_key#29/1){+.+.}-{4:4}, at: alloc_super+0x28c/0xac0
[ 118.061424][ T6028] #1: ffff88803e872770 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x274/0xeb0
[ 118.061480][ T6028] #2: ffff888058603038 (&ei->xattr_sem){++++}-{4:4}, at: __ext4_mark_inode_dirty+0x3db/0x730
[ 118.061536][ T6028]
[ 118.061536][ T6028] stack backtrace:
[ 118.061567][ T6028] CPU: 0 UID: 0 PID: 6028 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT_{RT,(full)}
[ 118.061591][ T6028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 118.061612][ T6028] Call Trace:
[ 118.061625][ T6028]
[ 118.061635][ T6028] dump_stack_lvl+0xe8/0x150
[ 118.061670][ T6028] print_circular_bug+0x2e1/0x300
[ 118.061698][ T6028] check_noncircular+0x12e/0x150
[ 118.061727][ T6028] __lock_acquire+0x15a5/0x2cf0
[ 118.061761][ T6028] ? __lock_acquire+0x6b5/0x2cf0
[ 118.061784][ T6028] lock_acquire+0xf0/0x2e0
[ 118.061803][ T6028] ? ext4_writepages+0x205/0x3b0
[ 118.061830][ T6028] percpu_down_read_internal+0x48/0x1d0
[ 118.061850][ T6028] ? ext4_writepages+0x205/0x3b0
[ 118.061874][ T6028] ext4_writepages+0x205/0x3b0
[ 118.061899][ T6028] ? __pfx_ext4_writepages+0x10/0x10
[ 118.061921][ T6028] ? rt_mutex_slowunlock+0x4a7/0x8b0
[ 118.061950][ T6028] ? rt_spin_unlock+0x14f/0x200
[ 118.061975][ T6028] ? rt_spin_unlock+0x160/0x200
[ 118.061998][ T6028] ? __pfx_ext4_writepages+0x10/0x10
[ 118.062027][ T6028] do_writepages+0x32e/0x550
[ 118.062051][ T6028] ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 118.062082][ T6028] ? rt_mutex_slowunlock+0x4a7/0x8b0
[ 118.062106][ T6028] ? rt_spin_lock+0x1e0/0x400
[ 118.062134][ T6028] __writeback_single_inode+0x133/0x11a0
[ 118.062159][ T6028] ? rt_spin_unlock+0x160/0x200
[ 118.062184][ T6028] writeback_single_inode+0x488/0xd60
[ 118.062246][ T6028] write_inode_now+0x1c2/0x290
[ 118.062280][ T6028] ? __pfx_write_inode_now+0x10/0x10
[ 118.062328][ T6028] ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 118.062367][ T6028] ? rt_spin_unlock+0x14f/0x200
[ 118.062394][ T6028] ? rt_spin_unlock+0x160/0x200
[ 118.062419][ T6028] iput+0x8c1/0xe80
[ 118.062450][ T6028] ext4_xattr_block_set+0x1fd4/0x2ad0
[ 118.062482][ T6028] ? __pfx_check_xattrs+0x10/0x10
[ 118.062520][ T6028] ? __pfx_ext4_xattr_block_set+0x10/0x10
[ 118.062543][ T6028] ? ext4_xattr_block_find+0x2d4/0x350
[ 118.062565][ T6028] ext4_expand_extra_isize_ea+0x12cf/0x1ea0
[ 118.062604][ T6028] __ext4_expand_extra_isize+0x30d/0x400
[ 118.062631][ T6028] __ext4_mark_inode_dirty+0x45c/0x730
[ 118.062664][ T6028] ext4_evict_inode+0x7a1/0xeb0
[ 118.062691][ T6028] ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 118.062727][ T6028] ? __pfx_ext4_evict_inode+0x10/0x10
[ 118.062760][ T6028] ? rt_spin_unlock+0x14f/0x200
[ 118.062785][ T6028] ? rt_spin_unlock+0x160/0x200
[ 118.062808][ T6028] ? __pfx_ext4_evict_inode+0x10/0x10
[ 118.062836][ T6028] evict+0x61e/0xb10
[ 118.062872][ T6028] ? __pfx_evict+0x10/0x10
[ 118.062925][ T6028] ? rt_spin_unlock+0x160/0x200
[ 118.062951][ T6028] ? iput+0xb25/0xe80
[ 118.062981][ T6028] ext4_orphan_cleanup+0xc38/0x1470
[ 118.063015][ T6028] ? __pfx_ext4_orphan_cleanup+0x10/0x10
[ 118.063044][ T6028] ? ext4_register_li_request+0x640/0x720
[ 118.063071][ T6028] ? errseq_check_and_advance+0x66/0x120
[ 118.063102][ T6028] ext4_fill_super+0x5a0b/0x6320
[ 118.063137][ T6028] ? __pfx_ext4_fill_super+0x10/0x10
[ 118.063159][ T6028] ? snprintf+0xe8/0x140
[ 118.063180][ T6028] ? reacquire_held_locks+0x104/0x190
[ 118.063205][ T6028] ? rt_spin_lock+0x1e0/0x400
[ 118.063230][ T6028] ? __pfx_snprintf+0x10/0x10
[ 118.063256][ T6028] ? sb_set_blocksize+0x11b/0x210
[ 118.063290][ T6028] ? setup_bdev_super+0x4c1/0x5b0
[ 118.063324][ T6028] get_tree_bdev_flags+0x431/0x4f0
[ 118.063358][ T6028] ? __pfx_ext4_fill_super+0x10/0x10
[ 118.063381][ T6028] ? __pfx_get_tree_bdev_flags+0x10/0x10
[ 118.063412][ T6028] ? cap_capable+0x123/0x490
[ 118.063442][ T6028] ? safesetid_security_capable+0xa9/0x1a0
[ 118.063475][ T6028] vfs_get_tree+0x92/0x2a0
[ 118.063510][ T6028] do_new_mount+0x341/0xd30
[ 118.063534][ T6028] ? safesetid_security_capable+0xa9/0x1a0
[ 118.063566][ T6028] ? __pfx_do_new_mount+0x10/0x10
[ 118.063591][ T6028] ? ns_capable+0x89/0xe0
[ 118.063626][ T6028] ? user_path_at+0xd4/0x160
[ 118.063655][ T6028] __se_sys_mount+0x31d/0x420
[ 118.063684][ T6028] ? __pfx___se_sys_mount+0x10/0x10
[ 118.063714][ T6028] ? __x64_sys_mount+0x20/0xc0
[ 118.063748][ T6028] do_syscall_64+0x14d/0xf80
[ 118.063777][ T6028] ? trace_irq_disable+0x3b/0x150
[ 118.063801][ T6028] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 118.063824][ T6028] ? clear_bhb_loop+0x40/0x90
[ 118.063848][ T6028] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 118.063870][ T6028] RIP: 0033:0x7f02108ada0a
[ 118.063900][ T6028] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 118.063920][ T6028] RSP: 002b:00007ffe8f4ec078 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 118.063942][ T6028] RAX: ffffffffffffffda RBX: 00007ffe8f4ec100 RCX: 00007f02108ada0a
[ 118.063957][ T6028] RDX: 0000200000000180 RSI: 0000200000000140 RDI: 00007ffe8f4ec0c0
[ 118.063973][ T6028] RBP: 0000200000000180 R08: 00007ffe8f4ec100 R09: 0000000000800718
[ 118.063987][ T6028] R10: 0000000000800718 R11: 0000000000000246 R12: 0000200000000140
[ 118.064001][ T6028] R13: 00007ffe8f4ec0c0 R14: 00000000000004a3 R15: 00002000000003c0
[ 118.064025][ T6028]
[ 118.084359][ T6028] ------------[ cut here ]------------
[ 118.084392][ T6028] EA inode 11 i_nlink=1026
[ 118.084431][ T6028] WARNING: fs/ext4/xattr.c:1059 at ext4_xattr_inode_update_ref+0x4c9/0x5a0, CPU#0: syz.0.17/6028
[ 118.084537][ T6028] Modules linked in:
[ 118.084587][ T6028] CPU: 0 UID: 0 PID: 6028 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT_{RT,(full)}
[ 118.084650][ T6028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 118.084683][ T6028] RIP: 0010:ext4_xattr_inode_update_ref+0x511/0x5a0
[ 118.084756][ T6028] Code: 74 08 4c 89 ef e8 0f 54 9b ff 4d 8b 6d 00 48 b8 00 00 00 00 00 fc ff df 41 0f b6 04 06 84 c0 75 77 41 8b 17 4c 89 e7 4c 89 ee <67> 48 0f b9 3a 4c 8b 6c 24 28 e9 59 fe ff ff e8 bb f1 92 08 44 89
[ 118.084807][ T6028] RSP: 0018:ffffc90003b2f100 EFLAGS: 00010246
[ 118.084851][ T6028] RAX: 0000000000000000 RBX: 00000000ffffffff RCX: dffffc0000000000
[ 118.084899][ T6028] RDX: 0000000000000402 RSI: 000000000000000b RDI: ffffffff8f7074f0
[ 118.084933][ T6028] RBP: ffffc90003b2f200 R08: 0000000000000000 R09: 0000000000000000
[ 118.084973][ T6028] R10: dffffc0000000000 R11: ffffed10089c8228 R12: ffffffff8f7074f0
[ 118.085016][ T6028] R13: 000000000000000b R14: 1ffff110089c81ec R15: ffff888044e40f60
[ 118.085061][ T6028] FS: 00005555605a4500(0000) GS:ffff888126340000(0000) knlGS:0000000000000000
[ 118.085079][ T6028] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 118.085130][ T6028] CR2: 00007f8ef4944000 CR3: 000000003f346000 CR4: 00000000003526f0
[ 118.085184][ T6028] Call Trace:
[ 118.085205][ T6028]
[ 118.085227][ T6028] ? __pfx_inode_set_ctime_to_ts+0x10/0x10
[ 118.085327][ T6028] ? __pfx_ext4_xattr_inode_update_ref+0x10/0x10
[ 118.085439][ T6028] ? ext4_xattr_inode_iget+0x3d2/0x5f0
[ 118.085509][ T6028] ext4_xattr_set_entry+0xabb/0x1e20
[ 118.085622][ T6028] ext4_xattr_ibody_set+0x254/0x6a0
[ 118.085716][ T6028] ext4_expand_extra_isize_ea+0x13a2/0x1ea0
[ 118.085821][ T6028] __ext4_expand_extra_isize+0x30d/0x400
[ 118.085891][ T6028] __ext4_mark_inode_dirty+0x45c/0x730
[ 118.085975][ T6028] ext4_evict_inode+0x7a1/0xeb0
[ 118.086038][ T6028] ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 118.086139][ T6028] ? __pfx_ext4_evict_inode+0x10/0x10
[ 118.086202][ T6028] ? rt_spin_unlock+0x14f/0x200
[ 118.086260][ T6028] ? rt_spin_unlock+0x160/0x200
[ 118.086313][ T6028] ? __pfx_ext4_evict_inode+0x10/0x10
[ 118.086385][ T6028] evict+0x61e/0xb10
[ 118.086478][ T6028] ? __pfx_evict+0x10/0x10
[ 118.086573][ T6028] ? rt_spin_unlock+0x160/0x200
[ 118.086656][ T6028] ? iput+0xb25/0xe80
[ 118.086737][ T6028] ext4_orphan_cleanup+0xc38/0x1470
[ 118.086823][ T6028] ? __pfx_ext4_orphan_cleanup+0x10/0x10
[ 118.086903][ T6028] ? ext4_register_li_request+0x640/0x720
[ 118.086968][ T6028] ? errseq_check_and_advance+0x66/0x120
[ 118.087049][ T6028] ext4_fill_super+0x5a0b/0x6320
[ 118.087141][ T6028] ? __pfx_ext4_fill_super+0x10/0x10
[ 118.087195][ T6028] ? snprintf+0xe8/0x140
[ 118.087258][ T6028] ? reacquire_held_locks+0x104/0x190
[ 118.087321][ T6028] ? rt_spin_lock+0x1e0/0x400
[ 118.087384][ T6028] ? __pfx_snprintf+0x10/0x10
[ 118.087447][ T6028] ? sb_set_blocksize+0x11b/0x210
[ 118.087532][ T6028] ? setup_bdev_super+0x4c1/0x5b0
[ 118.087623][ T6028] get_tree_bdev_flags+0x431/0x4f0
[ 118.087706][ T6028] ? __pfx_ext4_fill_super+0x10/0x10
[ 118.087769][ T6028] ? __pfx_get_tree_bdev_flags+0x10/0x10
[ 118.087852][ T6028] ? cap_capable+0x123/0x490
[ 118.087932][ T6028] ? safesetid_security_capable+0xa9/0x1a0
[ 118.088029][ T6028] vfs_get_tree+0x92/0x2a0
[ 118.088120][ T6028] do_new_mount+0x341/0xd30
[ 118.088189][ T6028] ? safesetid_security_capable+0xa9/0x1a0
[ 118.088260][ T6028] ? __pfx_do_new_mount+0x10/0x10
[ 118.088322][ T6028] ? ns_capable+0x89/0xe0
[ 118.088413][ T6028] ? user_path_at+0xd4/0x160
[ 118.088488][ T6028] __se_sys_mount+0x31d/0x420
[ 118.088561][ T6028] ? __pfx___se_sys_mount+0x10/0x10
[ 118.088632][ T6028] ? __x64_sys_mount+0x20/0xc0
[ 118.088702][ T6028] do_syscall_64+0x14d/0xf80
[ 118.088785][ T6028] ? trace_irq_disable+0x3b/0x150
[ 118.088855][ T6028] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 118.088909][ T6028] ? clear_bhb_loop+0x40/0x90
[ 118.088971][ T6028] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 118.089024][ T6028] RIP: 0033:0x7f02108ada0a
[ 118.089075][ T6028] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 118.089125][ T6028] RSP: 002b:00007ffe8f4ec078 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 118.089178][ T6028] RAX: ffffffffffffffda RBX: 00007ffe8f4ec100 RCX: 00007f02108ada0a
[ 118.089219][ T6028] RDX: 0000200000000180 RSI: 0000200000000140 RDI: 00007ffe8f4ec0c0
[ 118.089255][ T6028] RBP: 0000200000000180 R08: 00007ffe8f4ec100 R09: 0000000000800718
[ 118.089289][ T6028] R10: 0000000000800718 R11: 0000000000000246 R12: 0000200000000140
[ 118.089336][ T6028] R13: 00007ffe8f4ec0c0 R14: 00000000000004a3 R15: 00002000000003c0
[ 118.089417][ T6028]
[ 118.089447][ T6028] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 118.089487][ T6028] CPU: 0 UID: 0 PID: 6028 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT_{RT,(full)}
[ 118.089548][ T6028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 118.089579][ T6028] Call Trace:
[ 118.089600][ T6028]
[ 118.089620][ T6028] vpanic+0x56c/0xa60
[ 118.089704][ T6028] ? __pfx__printk+0x10/0x10
[ 118.089746][ T6028] ? __pfx_vpanic+0x10/0x10
[ 118.089791][ T6028] ? is_bpf_text_address+0x292/0x2b0
[ 118.089866][ T6028] ? is_bpf_text_address+0x26/0x2b0
[ 118.089957][ T6028] panic+0xc5/0xd0
[ 118.090037][ T6028] ? __pfx_panic+0x10/0x10
[ 118.090134][ T6028] __warn+0x315/0x4f0
[ 118.090214][ T6028] ? ext4_xattr_inode_update_ref+0x4c9/0x5a0
[ 118.090281][ T6028] ? ext4_xattr_inode_update_ref+0x4c9/0x5a0
[ 118.090344][ T6028] __report_bug+0x29a/0x540
[ 118.090417][ T6028] ? ext4_get_group_desc+0x434/0x4e0
[ 118.090492][ T6028] ? ext4_xattr_inode_update_ref+0x4c9/0x5a0
[ 118.090561][ T6028] ? __pfx___report_bug+0x10/0x10
[ 118.090646][ T6028] ? set_normalized_timespec64+0xf0/0x1a0
[ 118.090760][ T6028] ? __ext4_journal_get_write_access+0x84/0x590
[ 118.090869][ T6028] report_bug_entry+0x19a/0x290
[ 118.090942][ T6028] ? ext4_xattr_inode_update_ref+0x511/0x5a0
[ 118.091003][ T6028] ? ext4_xattr_inode_update_ref+0x516/0x5a0
[ 118.091064][ T6028] handle_bug+0xce/0x200
[ 118.091148][ T6028] exc_invalid_op+0x1a/0x50
[ 118.091232][ T6028] asm_exc_invalid_op+0x1a/0x20
[ 118.091278][ T6028] RIP: 0010:ext4_xattr_inode_update_ref+0x511/0x5a0
[ 118.091339][ T6028] Code: 74 08 4c 89 ef e8 0f 54 9b ff 4d 8b 6d 00 48 b8 00 00 00 00 00 fc ff df 41 0f b6 04 06 84 c0 75 77 41 8b 17 4c 89 e7 4c 89 ee <67> 48 0f b9 3a 4c 8b 6c 24 28 e9 59 fe ff ff e8 bb f1 92 08 44 89
[ 118.091389][ T6028] RSP: 0018:ffffc90003b2f100 EFLAGS: 00010246
[ 118.091431][ T6028] RAX: 0000000000000000 RBX: 00000000ffffffff RCX: dffffc0000000000
[ 118.091472][ T6028] RDX: 0000000000000402 RSI: 000000000000000b RDI: ffffffff8f7074f0
[ 118.091505][ T6028] RBP: ffffc90003b2f200 R08: 0000000000000000 R09: 0000000000000000
[ 118.091544][ T6028] R10: dffffc0000000000 R11: ffffed10089c8228 R12: ffffffff8f7074f0
[ 118.091586][ T6028] R13: 000000000000000b R14: 1ffff110089c81ec R15: ffff888044e40f60
[ 118.091647][ T6028] ? __pfx_inode_set_ctime_to_ts+0x10/0x10
[ 118.091725][ T6028] ? __pfx_ext4_xattr_inode_update_ref+0x10/0x10
[ 118.091791][ T6028] ? ext4_xattr_inode_iget+0x3d2/0x5f0
[ 118.091862][ T6028] ext4_xattr_set_entry+0xabb/0x1e20
[ 118.091976][ T6028] ext4_xattr_ibody_set+0x254/0x6a0
[ 118.092079][ T6028] ext4_expand_extra_isize_ea+0x13a2/0x1ea0
[ 118.092126][ T6028] __ext4_expand_extra_isize+0x30d/0x400
[ 118.092150][ T6028] __ext4_mark_inode_dirty+0x45c/0x730
[ 118.092181][ T6028] ext4_evict_inode+0x7a1/0xeb0
[ 118.092205][ T6028] ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 118.092239][ T6028] ? __pfx_ext4_evict_inode+0x10/0x10
[ 118.092264][ T6028] ? rt_spin_unlock+0x14f/0x200
[ 118.092290][ T6028] ? rt_spin_unlock+0x160/0x200
[ 118.092312][ T6028] ? __pfx_ext4_evict_inode+0x10/0x10
[ 118.092339][ T6028] evict+0x61e/0xb10
[ 118.092374][ T6028] ? __pfx_evict+0x10/0x10
[ 118.092405][ T6028] ? rt_spin_unlock+0x160/0x200
[ 118.092428][ T6028] ? iput+0xb25/0xe80
[ 118.092456][ T6028] ext4_orphan_cleanup+0xc38/0x1470
[ 118.092489][ T6028] ? __pfx_ext4_orphan_cleanup+0x10/0x10
[ 118.092517][ T6028] ? ext4_register_li_request+0x640/0x720
[ 118.092542][ T6028] ? errseq_check_and_advance+0x66/0x120
[ 118.092571][ T6028] ext4_fill_super+0x5a0b/0x6320
[ 118.092605][ T6028] ? __pfx_ext4_fill_super+0x10/0x10
[ 118.092627][ T6028] ? snprintf+0xe8/0x140
[ 118.092648][ T6028] ? reacquire_held_locks+0x104/0x190
[ 118.092672][ T6028] ? rt_spin_lock+0x1e0/0x400
[ 118.092697][ T6028] ? __pfx_snprintf+0x10/0x10
[ 118.092722][ T6028] ? sb_set_blocksize+0x11b/0x210
[ 118.092765][ T6028] ? setup_bdev_super+0x4c1/0x5b0
[ 118.092799][ T6028] get_tree_bdev_flags+0x431/0x4f0
[ 118.092831][ T6028] ? __pfx_ext4_fill_super+0x10/0x10
[ 118.092854][ T6028] ? __pfx_get_tree_bdev_flags+0x10/0x10
[ 118.092886][ T6028] ? cap_capable+0x123/0x490
[ 118.092915][ T6028] ? safesetid_security_capable+0xa9/0x1a0
[ 118.092949][ T6028] vfs_get_tree+0x92/0x2a0
[ 118.092982][ T6028] do_new_mount+0x341/0xd30
[ 118.093007][ T6028] ? safesetid_security_capable+0xa9/0x1a0
[ 118.093040][ T6028] ? __pfx_do_new_mount+0x10/0x10
[ 118.093064][ T6028] ? ns_capable+0x89/0xe0
[ 118.093100][ T6028] ? user_path_at+0xd4/0x160
[ 118.093129][ T6028] __se_sys_mount+0x31d/0x420
[ 118.093158][ T6028] ? __pfx___se_sys_mount+0x10/0x10
[ 118.093187][ T6028] ? __x64_sys_mount+0x20/0xc0
[ 118.093214][ T6028] do_syscall_64+0x14d/0xf80
[ 118.093245][ T6028] ? trace_irq_disable+0x3b/0x150
[ 118.093271][ T6028] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 118.093294][ T6028] ? clear_bhb_loop+0x40/0x90
[ 118.093319][ T6028] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 118.093341][ T6028] RIP: 0033:0x7f02108ada0a
[ 118.093360][ T6028] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 118.093379][ T6028] RSP: 002b:00007ffe8f4ec078 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 118.093401][ T6028] RAX: ffffffffffffffda RBX: 00007ffe8f4ec100 RCX: 00007f02108ada0a
[ 118.093417][ T6028] RDX: 0000200000000180 RSI: 0000200000000140 RDI: 00007ffe8f4ec0c0
[ 118.093433][ T6028] RBP: 0000200000000180 R08: 00007ffe8f4ec100 R09: 0000000000800718
[ 118.093447][ T6028] R10: 0000000000800718 R11: 0000000000000246 R12: 0000200000000140
[ 118.093462][ T6028] R13: 00007ffe8f4ec0c0 R14: 00000000000004a3 R15: 00002000000003c0
[ 118.093485][ T6028]
[ 118.094087][ T6028] Kernel Offset: disabled