loop3: detected capacity change from 0 to 512
EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2800: Unable to expand inode 15. Delete some EAs or run e2fsck.
------------[ cut here ]------------
EA inode 11 i_nlink=2
WARNING: CPU: 0 PID: 5722 at fs/ext4/xattr.c:1006 ext4_xattr_inode_update_ref+0x474/0x4b8 fs/ext4/xattr.c:1004
Modules linked in:
CPU: 0 PID: 5722 Comm: syz.3.448 Not tainted syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025
pstate: 62400005 (nZCv daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--)
pc : ext4_xattr_inode_update_ref+0x474/0x4b8 fs/ext4/xattr.c:1004
lr : ext4_xattr_inode_update_ref+0x474/0x4b8 fs/ext4/xattr.c:1004
sp : ffff8000207e6f60
x29: ffff8000207e7000 x28: 0000000000000000 x27: dfff800000000000
x26: ffff8000207e6f80 x25: ffff7000040fcdf0 x24: 0000000000000000
x23: ffff800017bd9000 x22: ffff0000e41e4928 x21: 0000000000000002
x20: 0000000000000001 x19: ffff0000e41e48e8 x18: ffff800011b8bf60
x17: 1fffe00033ea877e x16: ffff8000082d9364 x15: 0000000040000000
x14: 0000000000000001 x13: 1fffe00033eaae30 x12: 0000000000ff0100
x11: ff0080000a8d9d44 x10: 0000000000000003 x9 : 6f2cf60aa303ab00
x8 : 6f2cf60aa303ab00 x7 : ffff80000825796c x6 : 0000000000000000
x5 : 0000000000000080 x4 : 0000000000000001 x3 : 0000000000000000
x2 : 0000000000000006 x1 : ffff800011b8da80 x0 : ffff80018a3de000
Call trace:
 ext4_xattr_inode_update_ref+0x474/0x4b8 fs/ext4/xattr.c:1004
 ext4_xattr_inode_dec_ref fs/ext4/xattr.c:1029 [inline]
 ext4_xattr_inode_dec_ref_all+0x8d4/0xd8c fs/ext4/xattr.c:1175
 ext4_xattr_delete_inode+0x888/0xa18 fs/ext4/xattr.c:2896
 ext4_evict_inode+0xcdc/0x1278 fs/ext4/inode.c:296
 evict+0x3e0/0x828 fs/inode.c:705
 iput_final fs/inode.c:1834 [inline]
 iput+0x754/0x7e4 fs/inode.c:1860
 ext4_process_orphan+0x240/0x2b4 fs/ext4/orphan.c:358
 ext4_orphan_cleanup+0x920/0x1060 fs/ext4/orphan.c:472
 __ext4_fill_super fs/ext4/super.c:5556 [inline]
 ext4_fill_super+0x6188/0x660c fs/ext4/super.c:5687
 get_tree_bdev+0x358/0x544 fs/super.c:1366
 ext4_get_tree+0x28/0x38 fs/ext4/super.c:5717
 vfs_get_tree+0x90/0x274 fs/super.c:1573
 do_new_mount+0x228/0x810 fs/namespace.c:3078
 path_mount+0x5bc/0xe80 fs/namespace.c:3408
 do_mount fs/namespace.c:3421 [inline]
 __do_sys_mount fs/namespace.c:3629 [inline]
 __se_sys_mount fs/namespace.c:3606 [inline]
 __arm64_sys_mount+0x49c/0x59c fs/namespace.c:3606
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x98/0x2b4 arch/arm64/kernel/syscall.c:52
 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:140
 do_el0_svc+0x58/0x130 arch/arm64/kernel/syscall.c:204
 el0_svc+0x58/0x128 arch/arm64/kernel/entry-common.c:637
 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:585
irq event stamp: 3538
hardirqs last  enabled at (3537): [<ffff800008257a00>] raw_spin_rq_unlock_irq kernel/sched/sched.h:1374 [inline]
hardirqs last  enabled at (3537): [<ffff800008257a00>] finish_lock_switch+0xb0/0x1c4 kernel/sched/core.c:5004
hardirqs last disabled at (3538): [<ffff800011a223fc>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:405
softirqs last  enabled at (2290): [<ffff8000081ac37c>] softirq_handle_end kernel/softirq.c:439 [inline]
softirqs last  enabled at (2290): [<ffff8000081ac37c>] handle_softirqs+0xaec/0xc60 kernel/softirq.c:624
softirqs last disabled at (2255): [<ffff800008020164>] __do_softirq+0x14/0x20 kernel/softirq.c:630
---[ end trace 0000000000000000 ]---
EXT4-fs (loop3): 1 orphan inode deleted
EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
syz.3.448 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_NOWARN|__GFP_ZERO), order=0, oom_score_adj=1000
CPU: 0 PID: 5722 Comm: syz.3.448 Tainted: G        W          syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025
Call trace:
 dump_backtrace+0x1c0/0x1ec arch/arm64/kernel/stacktrace.c:158
 show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:165
 __dump_stack+0x30/0x40 lib/dump_stack.c:88
 dump_stack_lvl+0xf4/0x15c lib/dump_stack.c:106
 dump_stack+0x1c/0x5c lib/dump_stack.c:113
 dump_header+0xc0/0x724 mm/oom_kill.c:467
 oom_kill_process+0x35c/0x660 mm/oom_kill.c:1046
 out_of_memory+0xcb0/0xfd4 mm/oom_kill.c:1184
 mem_cgroup_out_of_memory+0x228/0x2d0 mm/memcontrol.c:1709
 mem_cgroup_oom mm/memcontrol.c:1939 [inline]
 try_charge_memcg+0xa94/0x143c mm/memcontrol.c:2732
 obj_cgroup_charge_pages mm/memcontrol.c:3099 [inline]
 __memcg_kmem_charge_page+0x304/0x54c mm/memcontrol.c:3125
 __alloc_pages+0x1fc/0x53c mm/page_alloc.c:5660
 alloc_pages+0x434/0x6f8 mm/mempolicy.c:-1
 vm_area_alloc_pages mm/vmalloc.c:3002 [inline]
 __vmalloc_area_node mm/vmalloc.c:3071 [inline]
 __vmalloc_node_range+0x744/0xe3c mm/vmalloc.c:3243
 kvmalloc_node+0x160/0x1d4 mm/util.c:606
 kvmalloc include/linux/slab.h:716 [inline]
 kvzalloc include/linux/slab.h:724 [inline]
 ip_set_alloc+0x2c/0x3c net/netfilter/ipset/ip_set_core.c:261
 hash_netiface_create+0x2c4/0xcb0 net/netfilter/ipset/ip_set_hash_gen.h:1515
 ip_set_create+0x4b4/0x1084 net/netfilter/ipset/ip_set_core.c:1111
 nfnetlink_rcv_msg+0xad0/0xfac net/netfilter/nfnetlink.c:302
 netlink_rcv_skb+0x218/0x3e8 net/netlink/af_netlink.c:2511
 nfnetlink_rcv+0x214/0x1bfc net/netfilter/nfnetlink.c:659
 netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]
 netlink_unicast+0x60c/0x814 net/netlink/af_netlink.c:1344
 netlink_sendmsg+0x6f4/0x9c0 net/netlink/af_netlink.c:1872
 sock_sendmsg_nosec net/socket.c:718 [inline]
 __sock_sendmsg net/socket.c:730 [inline]
 ____sys_sendmsg+0x5c8/0x938 net/socket.c:2518
 ___sys_sendmsg net/socket.c:2572 [inline]
 __sys_sendmsg+0x288/0x374 net/socket.c:2601
 __do_sys_sendmsg net/socket.c:2610 [inline]
 __se_sys_sendmsg net/socket.c:2608 [inline]
 __arm64_sys_sendmsg+0x80/0x94 net/socket.c:2608
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x98/0x2b4 arch/arm64/kernel/syscall.c:52
 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:140
 do_el0_svc+0x58/0x130 arch/arm64/kernel/syscall.c:204
 el0_svc+0x58/0x128 arch/arm64/kernel/entry-common.c:637
 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:585
memory: usage 307200kB, limit 307200kB, failcnt 203
memory+swap: usage 307760kB, limit 9007199254740988kB, failcnt 0
kmem: usage 307176kB, limit 9007199254740988kB, failcnt 0
Memory cgroup stats for /syz3:
anon 0
file 24576
kernel 314548224
kernel_stack 131072
pagetables 196608
sec_pagetables 0
percpu 1184
sock 0
vmalloc 0
shmem 0
zswap 0
zswapped 0
file_mapped 8192
file_dirty 24576
file_writeback 0
swapcached 606208
anon_thp 0
file_thp 0
shmem_thp 0
inactive_anon 0
active_anon 0
inactive_file 0
active_file 24576
unevictable 0
slab_reclaimable 41016
slab_unreclaimable 219656
slab 260672
oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.448,pid=5721,uid=0
Memory cgroup out of memory: Killed process 5721 (syz.3.448) total-vm:102332kB, anon-rss:1160kB, file-rss:21768kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000