====================================================== WARNING: possible circular locking dependency detected 6.4.0-rc1-syzkaller-00012-gb104dbedbe61 #0 Not tainted ------------------------------------------------------ syz-executor.1/4754 is trying to acquire lock: ff60000015145088 (&ei->xattr_sem){++++}-{3:3}, at: ext4_write_lock_xattr fs/ext4/xattr.h:155 [inline] ff60000015145088 (&ei->xattr_sem){++++}-{3:3}, at: ext4_xattr_set_handle+0x160/0xeb2 fs/ext4/xattr.c:2372 but task is already holding lock: ff600000151453c0 (&ea_inode->i_rwsem#8/1){+.+.}-{3:3}, at: inode_lock include/linux/fs.h:775 [inline] ff600000151453c0 (&ea_inode->i_rwsem#8/1){+.+.}-{3:3}, at: vfs_setxattr+0x122/0x29a fs/xattr.c:321 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #1 (&ea_inode->i_rwsem#8/1){+.+.}-{3:3}: lock_acquire kernel/locking/lockdep.c:5691 [inline] lock_acquire+0x276/0x588 kernel/locking/lockdep.c:5656 down_write+0xa4/0x166 kernel/locking/rwsem.c:1573 inode_lock include/linux/fs.h:775 [inline] ext4_xattr_inode_create fs/ext4/xattr.c:1524 [inline] ext4_xattr_inode_lookup_create fs/ext4/xattr.c:1607 [inline] ext4_xattr_set_entry+0x1b24/0x217a fs/ext4/xattr.c:1736 ext4_xattr_block_set+0x946/0x1c4c fs/ext4/xattr.c:2042 ext4_xattr_set_handle+0xaf0/0xeb2 fs/ext4/xattr.c:2457 ext4_xattr_set+0x12e/0x2b8 fs/ext4/xattr.c:2559 ext4_xattr_trusted_set+0x34/0x46 fs/ext4/xattr_trusted.c:38 __vfs_setxattr+0x162/0x1ce fs/xattr.c:201 __vfs_setxattr_noperm+0xca/0x378 fs/xattr.c:235 __vfs_setxattr_locked+0x16a/0x186 fs/xattr.c:296 vfs_setxattr+0x136/0x29a fs/xattr.c:322 do_setxattr+0xf4/0xf8 fs/xattr.c:630 setxattr+0x190/0x1a8 fs/xattr.c:653 path_setxattr+0x1a2/0x1bc fs/xattr.c:672 __do_sys_setxattr fs/xattr.c:688 [inline] sys_setxattr+0x36/0x48 fs/xattr.c:684 syscall_handler+0xfa/0x148 arch/riscv/include/asm/syscall.h:90 do_trap_ecall_u+0xea/0xec arch/riscv/kernel/traps.c:279 ret_from_exception+0x0/0x64 arch/riscv/kernel/entry.S:102 -> #0 (&ei->xattr_sem){++++}-{3:3}: check_noncircular+0x1da/0x1fa kernel/locking/lockdep.c:2188 check_prev_add kernel/locking/lockdep.c:3108 [inline] check_prevs_add kernel/locking/lockdep.c:3227 [inline] validate_chain kernel/locking/lockdep.c:3842 [inline] __lock_acquire+0x19aa/0x34a2 kernel/locking/lockdep.c:5074 lock_acquire kernel/locking/lockdep.c:5691 [inline] lock_acquire+0x276/0x588 kernel/locking/lockdep.c:5656 down_write+0xa4/0x166 kernel/locking/rwsem.c:1573 ext4_write_lock_xattr fs/ext4/xattr.h:155 [inline] ext4_xattr_set_handle+0x160/0xeb2 fs/ext4/xattr.c:2372 ext4_xattr_set+0x12e/0x2b8 fs/ext4/xattr.c:2559 ext4_xattr_trusted_set+0x34/0x46 fs/ext4/xattr_trusted.c:38 __vfs_setxattr+0x162/0x1ce fs/xattr.c:201 __vfs_setxattr_noperm+0xca/0x378 fs/xattr.c:235 __vfs_setxattr_locked+0x16a/0x186 fs/xattr.c:296 vfs_setxattr+0x136/0x29a fs/xattr.c:322 do_setxattr+0xf4/0xf8 fs/xattr.c:630 setxattr+0x190/0x1a8 fs/xattr.c:653 path_setxattr+0x1a2/0x1bc fs/xattr.c:672 __do_sys_lsetxattr fs/xattr.c:695 [inline] sys_lsetxattr+0x36/0x48 fs/xattr.c:691 syscall_handler+0xfa/0x148 arch/riscv/include/asm/syscall.h:90 do_trap_ecall_u+0xea/0xec arch/riscv/kernel/traps.c:279 ret_from_exception+0x0/0x64 arch/riscv/kernel/entry.S:102 other info that might help us debug this: Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(&ea_inode->i_rwsem#8/1); lock(&ei->xattr_sem); lock(&ea_inode->i_rwsem#8/1); lock(&ei->xattr_sem); *** DEADLOCK *** 2 locks held by syz-executor.1/4754: #0: ff6000001317e460 (sb_writers#4){.+.+}-{0:0}, at: __sb_start_write include/linux/fs.h:1494 [inline] #0: ff6000001317e460 (sb_writers#4){.+.+}-{0:0}, at: sb_start_write include/linux/fs.h:1569 [inline] #0: ff6000001317e460 (sb_writers#4){.+.+}-{0:0}, at: mnt_want_write+0x2c/0x78 fs/namespace.c:394 #1: ff600000151453c0 (&ea_inode->i_rwsem#8/1){+.+.}-{3:3}, at: inode_lock include/linux/fs.h:775 [inline] #1: ff600000151453c0 (&ea_inode->i_rwsem#8/1){+.+.}-{3:3}, at: vfs_setxattr+0x122/0x29a fs/xattr.c:321 stack backtrace: CPU: 0 PID: 4754 Comm: syz-executor.1 Not tainted 6.4.0-rc1-syzkaller-00012-gb104dbedbe61 #0 Hardware name: riscv-virtio,qemu (DT) Call Trace: [] dump_backtrace+0x2e/0x3c arch/riscv/kernel/stacktrace.c:121 [] show_stack+0x34/0x40 arch/riscv/kernel/stacktrace.c:127 [] __dump_stack lib/dump_stack.c:88 [inline] [] dump_stack_lvl+0xe0/0x14c lib/dump_stack.c:106 [] dump_stack+0x1c/0x24 lib/dump_stack.c:113 [] print_circular_bug+0x3ae/0x47c kernel/locking/lockdep.c:2066 [] check_noncircular+0x1da/0x1fa kernel/locking/lockdep.c:2188 [] check_prev_add kernel/locking/lockdep.c:3108 [inline] [] check_prevs_add kernel/locking/lockdep.c:3227 [inline] [] validate_chain kernel/locking/lockdep.c:3842 [inline] [] __lock_acquire+0x19aa/0x34a2 kernel/locking/lockdep.c:5074 [] lock_acquire kernel/locking/lockdep.c:5691 [inline] [] lock_acquire+0x276/0x588 kernel/locking/lockdep.c:5656 [] down_write+0xa4/0x166 kernel/locking/rwsem.c:1573 [] ext4_write_lock_xattr fs/ext4/xattr.h:155 [inline] [] ext4_xattr_set_handle+0x160/0xeb2 fs/ext4/xattr.c:2372 [] ext4_xattr_set+0x12e/0x2b8 fs/ext4/xattr.c:2559 [] ext4_xattr_trusted_set+0x34/0x46 fs/ext4/xattr_trusted.c:38 [] __vfs_setxattr+0x162/0x1ce fs/xattr.c:201 [] __vfs_setxattr_noperm+0xca/0x378 fs/xattr.c:235 [] __vfs_setxattr_locked+0x16a/0x186 fs/xattr.c:296 [] vfs_setxattr+0x136/0x29a fs/xattr.c:322 [] do_setxattr+0xf4/0xf8 fs/xattr.c:630 [] setxattr+0x190/0x1a8 fs/xattr.c:653 [] path_setxattr+0x1a2/0x1bc fs/xattr.c:672 [] __do_sys_lsetxattr fs/xattr.c:695 [inline] [] sys_lsetxattr+0x36/0x48 fs/xattr.c:691 [] syscall_handler+0xfa/0x148 arch/riscv/include/asm/syscall.h:90 [] do_trap_ecall_u+0xea/0xec arch/riscv/kernel/traps.c:279 [] ret_from_exception+0x0/0x64 arch/riscv/kernel/entry.S:102