DUID 00:04:fd:d1:b1:d5:68:a0:3a:5f:50:0a:64:49:ea:42:3f:75 forked to background, child pid 3172 [ 29.591989][ T3173] 8021q: adding VLAN 0 to HW filter on device bond0 [ 29.604041][ T3173] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.1.37' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 52.687412][ T3497] loop0: detected capacity change from 0 to 512 [ 52.697893][ T3497] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 52.717461][ T3497] EXT4-fs (loop0): 1 truncate cleaned up [ 52.723311][ T3497] EXT4-fs (loop0): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000000000,nogrpid,debug_want_extra_isize=0x0000000000000066,dioread_nolock,max_batch_time=0x0000000000000008,resgid=0x0000000000000000,,errors=continue. Quota mode: writeback. [ 52.757826][ T3497] [ 52.760192][ T3497] ====================================================== [ 52.767213][ T3497] WARNING: possible circular locking dependency detected [ 52.774235][ T3497] 5.15.114-syzkaller #0 Not tainted [ 52.779431][ T3497] ------------------------------------------------------ [ 52.786436][ T3497] syz-executor407/3497 is trying to acquire lock: [ 52.792846][ T3497] ffff8880746053b0 (&ea_inode->i_rwsem#9/1){+.+.}-{3:3}, at: ext4_xattr_inode_iget+0x4a3/0x5e0 [ 52.803210][ T3497] [ 52.803210][ T3497] but task is already holding lock: [ 52.810644][ T3497] ffff888074604840 (&ei->i_data_sem){++++}-{3:3}, at: ext4_setattr+0x12e8/0x1990 [ 52.819853][ T3497] [ 52.819853][ T3497] which lock already depends on the new lock. [ 52.819853][ T3497] [ 52.830258][ T3497] [ 52.830258][ T3497] the existing dependency chain (in reverse order) is: [ 52.839338][ T3497] [ 52.839338][ T3497] -> #1 (&ei->i_data_sem){++++}-{3:3}: [ 52.846967][ T3497] lock_acquire+0x1db/0x4f0 [ 52.852167][ T3497] down_write+0x97/0x170 [ 52.856999][ T3497] ext4_xattr_set_entry+0x3187/0x3c00 [ 52.862898][ T3497] ext4_xattr_ibody_set+0x11d/0x330 [ 52.868604][ T3497] ext4_xattr_set_handle+0xc72/0x1560 [ 52.874486][ T3497] ext4_xattr_set+0x231/0x3d0 [ 52.879668][ T3497] __vfs_setxattr+0x3e7/0x420 [ 52.884854][ T3497] __vfs_setxattr_noperm+0x12a/0x5e0 [ 52.890648][ T3497] vfs_setxattr+0x21d/0x420 [ 52.895657][ T3497] setxattr+0x27e/0x2e0 [ 52.900318][ T3497] path_setxattr+0x1bc/0x2a0 [ 52.905416][ T3497] __x64_sys_setxattr+0xb7/0xd0 [ 52.910771][ T3497] do_syscall_64+0x3d/0xb0 [ 52.915695][ T3497] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 52.922094][ T3497] [ 52.922094][ T3497] -> #0 (&ea_inode->i_rwsem#9/1){+.+.}-{3:3}: [ 52.930338][ T3497] validate_chain+0x1646/0x58b0 [ 52.935693][ T3497] __lock_acquire+0x1295/0x1ff0 [ 52.941054][ T3497] lock_acquire+0x1db/0x4f0 [ 52.946066][ T3497] down_write+0x97/0x170 [ 52.950816][ T3497] ext4_xattr_inode_iget+0x4a3/0x5e0 [ 52.956608][ T3497] ext4_xattr_inode_get+0x17d/0x9a0 [ 52.962309][ T3497] ext4_expand_extra_isize_ea+0xe70/0x1bb0 [ 52.968624][ T3497] __ext4_expand_extra_isize+0x2f7/0x3d0 [ 52.974766][ T3497] __ext4_mark_inode_dirty+0x539/0x860 [ 52.980732][ T3497] ext4_setattr+0x1374/0x1990 [ 52.986002][ T3497] notify_change+0xd4d/0x1000 [ 52.991182][ T3497] do_truncate+0x21c/0x300 [ 52.996119][ T3497] path_openat+0x28a0/0x2f20 [ 53.001236][ T3497] do_filp_open+0x21c/0x460 [ 53.006430][ T3497] do_sys_openat2+0x13b/0x500 [ 53.011626][ T3497] __x64_sys_creat+0x11f/0x160 [ 53.016896][ T3497] do_syscall_64+0x3d/0xb0 [ 53.021822][ T3497] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 53.028225][ T3497] [ 53.028225][ T3497] other info that might help us debug this: [ 53.028225][ T3497] [ 53.038433][ T3497] Possible unsafe locking scenario: [ 53.038433][ T3497] [ 53.045862][ T3497] CPU0 CPU1 [ 53.051294][ T3497] ---- ---- [ 53.056639][ T3497] lock(&ei->i_data_sem); [ 53.061044][ T3497] lock(&ea_inode->i_rwsem#9/1); [ 53.068595][ T3497] lock(&ei->i_data_sem); [ 53.075515][ T3497] lock(&ea_inode->i_rwsem#9/1); [ 53.080531][ T3497] [ 53.080531][ T3497] *** DEADLOCK *** [ 53.080531][ T3497] [ 53.088829][ T3497] 5 locks held by syz-executor407/3497: [ 53.094374][ T3497] #0: ffff888078f1c460 (sb_writers#5){.+.+}-{0:0}, at: mnt_want_write+0x3b/0x80 [ 53.103508][ T3497] #1: ffff8880746049b8 (&sb->s_type->i_mutex_key#9){++++}-{3:3}, at: do_truncate+0x208/0x300 [ 53.113764][ T3497] #2: ffff888074604b58 (mapping.invalidate_lock){++++}-{3:3}, at: ext4_setattr+0xd6c/0x1990 [ 53.123929][ T3497] #3: ffff888074604840 (&ei->i_data_sem){++++}-{3:3}, at: ext4_setattr+0x12e8/0x1990 [ 53.133484][ T3497] #4: ffff888074604690 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x4a0/0x860 [ 53.143822][ T3497] [ 53.143822][ T3497] stack backtrace: [ 53.149784][ T3497] CPU: 1 PID: 3497 Comm: syz-executor407 Not tainted 5.15.114-syzkaller #0 [ 53.158457][ T3497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023 [ 53.169096][ T3497] Call Trace: [ 53.172375][ T3497] [ 53.175303][ T3497] dump_stack_lvl+0x1e3/0x2cb [ 53.179976][ T3497] ? io_uring_drop_tctx_refs+0x19d/0x19d [ 53.185605][ T3497] ? print_circular_bug+0x12b/0x1a0 [ 53.190790][ T3497] check_noncircular+0x2f8/0x3b0 [ 53.195891][ T3497] ? add_chain_block+0x850/0x850 [ 53.200815][ T3497] ? lockdep_lock+0x11f/0x2a0 [ 53.205486][ T3497] ? __lock_acquire+0x1295/0x1ff0 [ 53.210502][ T3497] validate_chain+0x1646/0x58b0 [ 53.215347][ T3497] ? find_inode_fast+0x421/0x450 [ 53.220277][ T3497] ? reacquire_held_locks+0x660/0x660 [ 53.225726][ T3497] ? do_raw_spin_lock+0x14a/0x370 [ 53.230749][ T3497] ? mark_lock+0x98/0x340 [ 53.235191][ T3497] __lock_acquire+0x1295/0x1ff0 [ 53.240148][ T3497] lock_acquire+0x1db/0x4f0 [ 53.244649][ T3497] ? ext4_xattr_inode_iget+0x4a3/0x5e0 [ 53.250100][ T3497] ? read_lock_is_recursive+0x10/0x10 [ 53.255477][ T3497] ? __might_sleep+0xc0/0xc0 [ 53.260156][ T3497] down_write+0x97/0x170 [ 53.264388][ T3497] ? ext4_xattr_inode_iget+0x4a3/0x5e0 [ 53.269832][ T3497] ? down_read_killable+0x350/0x350 [ 53.275027][ T3497] ext4_xattr_inode_iget+0x4a3/0x5e0 [ 53.280302][ T3497] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 53.286273][ T3497] ext4_xattr_inode_get+0x17d/0x9a0 [ 53.291459][ T3497] ? __phys_addr+0xb6/0x170 [ 53.295953][ T3497] ? __xattr_check_inode+0x3f0/0x3f0 [ 53.301225][ T3497] ? rcu_is_watching+0x11/0xa0 [ 53.305975][ T3497] ? trace_kmalloc_node+0x1f/0x90 [ 53.310985][ T3497] ? __kmalloc_node+0x278/0x390 [ 53.315823][ T3497] ? __kmalloc+0x168/0x300 [ 53.320231][ T3497] ext4_expand_extra_isize_ea+0xe70/0x1bb0 [ 53.326035][ T3497] ? ext4_xattr_set+0x3d0/0x3d0 [ 53.330877][ T3497] ? down_write_trylock+0x173/0x2d0 [ 53.336158][ T3497] ? __ext4_mark_inode_dirty+0x4a0/0x860 [ 53.341790][ T3497] ? dquot_initialize_needed+0x128/0x320 [ 53.347507][ T3497] __ext4_expand_extra_isize+0x2f7/0x3d0 [ 53.353134][ T3497] __ext4_mark_inode_dirty+0x539/0x860 [ 53.358584][ T3497] ? ext4_blocks_for_truncate+0x270/0x270 [ 53.364296][ T3497] ? down_read_killable+0x350/0x350 [ 53.369501][ T3497] ? ext4_journal_check_start+0x17b/0x240 [ 53.375212][ T3497] ? ext4_setattr+0xf05/0x1990 [ 53.379964][ T3497] ? __ext4_journal_start_sb+0x1cb/0x370 [ 53.385589][ T3497] ext4_setattr+0x1374/0x1990 [ 53.390261][ T3497] ? bpf_lsm_inode_setattr+0x5/0x10 [ 53.396056][ T3497] ? ext4_write_inode+0x730/0x730 [ 53.401071][ T3497] notify_change+0xd4d/0x1000 [ 53.405741][ T3497] do_truncate+0x21c/0x300 [ 53.410147][ T3497] ? put_page_bootmem+0x280/0x280 [ 53.415168][ T3497] ? ima_bprm_check+0x2b0/0x2b0 [ 53.420015][ T3497] ? bpf_lsm_path_truncate+0x5/0x10 [ 53.425204][ T3497] path_openat+0x28a0/0x2f20 [ 53.429805][ T3497] ? do_filp_open+0x460/0x460 [ 53.434502][ T3497] do_filp_open+0x21c/0x460 [ 53.439252][ T3497] ? vfs_tmpfile+0x2e0/0x2e0 [ 53.443928][ T3497] ? _raw_spin_unlock+0x24/0x40 [ 53.448768][ T3497] ? alloc_fd+0x594/0x630 [ 53.453088][ T3497] do_sys_openat2+0x13b/0x500 [ 53.457755][ T3497] ? read_lock_is_recursive+0x10/0x10 [ 53.463204][ T3497] ? __context_tracking_exit+0x4c/0x80 [ 53.468743][ T3497] ? do_sys_open+0x220/0x220 [ 53.473325][ T3497] ? rcu_is_watching+0x11/0xa0 [ 53.478167][ T3497] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 53.484137][ T3497] __x64_sys_creat+0x11f/0x160 [ 53.488988][ T3497] ? __x64_compat_sys_openat+0x290/0x290 [ 53.494614][ T3497] ? syscall_enter_from_user_mode+0x2e/0x230 [ 53.500849][ T3497] ? lockdep_hardirqs_on+0x94/0x130 [ 53.506039][ T3497] ? syscall_enter_from_user_mode+0x2e/0x230 [ 53.512014][ T3497] do_syscall_64+0x3d/0xb0 [ 53.516421][ T3497] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 53.522478][ T3497] RIP: 0033:0x7f38942efc59 [ 53.526886][ T3497] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 53.546572][ T3497] RSP: 002b:00007fffa951af98 EFLAGS: 00000246 ORIG_RAX: 0000000000000055 [ 53.554975][ T3497] RAX: ffffffffffffffda RBX: 0031656c69662f2e RCX: 00007f38942efc59 [ 53.562940][ T3497] RDX: 00007f38942efc59 RSI: 0000000000000000 RDI: 0000000020000080 [ 53.570900][ T3497] RBP: 00007f38942af260 R08: 0000000000000000 R09: 0000000000000000 [ 53.578855][ T3497] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f38942af2f0 [ 53.586900][ T3497] R13: 0000000000000000 R14: 0000