syzbot

loop0: detected capacity change from 0 to 512
------------[ cut here ]------------
EA inode 11 ref_count=-1
WARNING: CPU: 1 PID: 4507 at fs/ext4/xattr.c:1016 ext4_xattr_inode_update_ref+0x3dc/0x4ac fs/ext4/xattr.c:1015
Modules linked in:
CPU: 1 PID: 4507 Comm: syz.0.17 Not tainted syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025
pstate: 62400005 (nZCv daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--)
pc : ext4_xattr_inode_update_ref+0x3dc/0x4ac fs/ext4/xattr.c:1015
lr : ext4_xattr_inode_update_ref+0x3dc/0x4ac fs/ext4/xattr.c:1015
sp : ffff8000213b6fe0
x29: ffff8000213b7060 x28: 00000000ffffffff x27: dfff800000000000
x26: 1fffe0001cac581b x25: ffff700004276dfc x24: 00000000ffffffff
x23: ffff800017a8b000 x22: ffff0000e562bf20 x21: ffffffffffffffff
x20: 0000000000000001 x19: ffff0000e562bee0 x18: ffff800011abbcc0
x17: 0000000000000000 x16: ffff8000082d22d4 x15: 0000000000000000
x14: 00000000ffffffff x13: 0000000000000001 x12: 0000000000ff0100
x11: ff00800008191ca8 x10: 0000000000000000 x9 : 5d2bfc233d26d100
x8 : 5d2bfc233d26d100 x7 : 0000000000000001 x6 : 0000000000000001
x5 : ffff8000213b6a78 x4 : ffff8000151a4820 x3 : ffff80000852e3f8
x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000000
Call trace:
 ext4_xattr_inode_update_ref+0x3dc/0x4ac fs/ext4/xattr.c:1015
 ext4_xattr_inode_dec_ref fs/ext4/xattr.c:1044 [inline]
 ext4_xattr_inode_dec_ref_all+0x8b4/0xd48 fs/ext4/xattr.c:1186
 ext4_xattr_delete_inode+0x870/0xa00 fs/ext4/xattr.c:2914
 ext4_evict_inode+0xcd0/0x1270 fs/ext4/inode.c:296
 evict+0x3c8/0x810 fs/inode.c:705
 iput_final fs/inode.c:1834 [inline]
 iput+0x764/0x7f4 fs/inode.c:1860
 ext4_process_orphan+0x240/0x2b4 fs/ext4/orphan.c:360
 ext4_orphan_cleanup+0x908/0x104c fs/ext4/orphan.c:474
 __ext4_fill_super fs/ext4/super.c:5537 [inline]
 ext4_fill_super+0x6920/0x6e34 fs/ext4/super.c:5668
 get_tree_bdev+0x358/0x544 fs/super.c:1366
 ext4_get_tree+0x28/0x38 fs/ext4/super.c:5698
 vfs_get_tree+0x90/0x274 fs/super.c:1573
 do_new_mount+0x228/0x810 fs/namespace.c:3069
 path_mount+0x5b4/0xe78 fs/namespace.c:3399
 do_mount fs/namespace.c:3412 [inline]
 __do_sys_mount fs/namespace.c:3620 [inline]
 __se_sys_mount fs/namespace.c:3597 [inline]
 __arm64_sys_mount+0x49c/0x584 fs/namespace.c:3597
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x98/0x2bc arch/arm64/kernel/syscall.c:52
 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:140
 do_el0_svc+0x58/0x13c arch/arm64/kernel/syscall.c:204
 el0_svc+0x58/0x138 arch/arm64/kernel/entry-common.c:637
 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:585
irq event stamp: 4326
hardirqs last  enabled at (4325): [<ffff800008308418>] __up_console_sem+0xb4/0x100 kernel/printk/printk.c:261
hardirqs last disabled at (4326): [<ffff800011956c70>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:405
softirqs last  enabled at (4182): [<ffff8000081a967c>] softirq_handle_end kernel/softirq.c:439 [inline]
softirqs last  enabled at (4182): [<ffff8000081a967c>] handle_softirqs+0xaf8/0xc6c kernel/softirq.c:624
softirqs last disabled at (4127): [<ffff800008020164>] __do_softirq+0x14/0x20 kernel/softirq.c:630
---[ end trace 0000000000000000 ]---
EXT4-fs error (device loop0): ext4_do_update_inode:5254: inode #15: comm syz.0.17: corrupted inode contents
EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
EXT4-fs error (device loop0): ext4_do_update_inode:5254: inode #15: comm syz.0.17: corrupted inode contents
EXT4-fs error (device loop0): ext4_evict_inode:327: inode #15: comm syz.0.17: mark_inode_dirty error
EXT4-fs (loop0): 1 orphan inode deleted
EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.