ci starts bisection 2024-11-02 19:14:14.309280672 +0000 UTC m=+105861.674569404 bisecting fixing commit since fe46a7dd189e25604716c03576d05ac8a5209743 building syzkaller on 6baf506947ba27ed9ce775cf9351cb0886166083 ensuring issue is reproducible on original commit fe46a7dd189e25604716c03576d05ac8a5209743 testing commit fe46a7dd189e25604716c03576d05ac8a5209743 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 0e4dfdd6bf2441daa7ce2d88e49e9e89127f0c3dbf266befe83b3273c72b2aa3 run #0: crashed: possible deadlock in ext4_xattr_inode_iget run #1: crashed: possible deadlock in ext4_xattr_inode_iget run #2: crashed: possible deadlock in ext4_xattr_inode_iget run #3: crashed: possible deadlock in ext4_xattr_inode_iget run #4: crashed: possible deadlock in ext4_xattr_inode_iget run #5: crashed: possible deadlock in ext4_xattr_inode_iget run #6: crashed: possible deadlock in ext4_xattr_inode_iget run #7: crashed: possible deadlock in ext4_xattr_inode_iget run #8: crashed: possible deadlock in ext4_xattr_inode_iget run #9: crashed: possible deadlock in ext4_xattr_inode_iget run #10: crashed: possible deadlock in ext4_xattr_inode_iget run #11: crashed: possible deadlock in ext4_xattr_inode_iget run #12: crashed: possible deadlock in ext4_xattr_inode_iget run #13: crashed: possible deadlock in ext4_xattr_inode_iget run #14: crashed: possible deadlock in ext4_xattr_inode_iget run #15: crashed: possible deadlock in ext4_xattr_inode_iget run #16: crashed: possible deadlock in ext4_xattr_inode_iget run #17: crashed: possible deadlock in ext4_xattr_inode_iget run #18: crashed: possible deadlock in ext4_xattr_inode_iget run #19: crashed: no output from test machine representative crash: possible deadlock in ext4_xattr_inode_iget, types: [LOCKDEP] check whether we can drop unnecessary instrumentation disabling configs for [BUG KASAN ATOMIC_SLEEP HANG LEAK UBSAN], they are not needed testing commit fe46a7dd189e25604716c03576d05ac8a5209743 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: cc1c7f365c81c628fab2c3531d8c947fff02c548d90910abb18e05ed0aa818c4 all runs: crashed: possible deadlock in ext4_xattr_inode_iget representative crash: possible deadlock in ext4_xattr_inode_iget, types: [LOCKDEP] the bug reproduces without the instrumentation disabling configs for [ATOMIC_SLEEP HANG LEAK UBSAN BUG KASAN], they are not needed kconfig minimization: base=4047 full=7990 leaves diff=2006 split chunks (needed=false): <2006> split chunk #0 of len 2006 into 5 parts testing without sub-chunk 1/5 disabling configs for [BUG KASAN ATOMIC_SLEEP HANG LEAK UBSAN], they are not needed testing commit fe46a7dd189e25604716c03576d05ac8a5209743 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: b7e1f80cfad621adcd4b439e3afb959697ed4c11f74281b5aedf011aa948427a all runs: crashed: possible deadlock in ext4_xattr_inode_iget representative crash: possible deadlock in ext4_xattr_inode_iget, types: [LOCKDEP] the chunk can be dropped testing without sub-chunk 2/5 disabling configs for [LEAK UBSAN BUG KASAN ATOMIC_SLEEP HANG], they are not needed testing commit fe46a7dd189e25604716c03576d05ac8a5209743 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: e3aae7bff156e932ce21ec8fd5fb63ffbd025409c016f0205a2bc4568340f391 all runs: crashed: possible deadlock in ext4_xattr_inode_iget representative crash: possible deadlock in ext4_xattr_inode_iget, types: [LOCKDEP] the chunk can be dropped testing without sub-chunk 3/5 disabling configs for [UBSAN BUG KASAN ATOMIC_SLEEP HANG LEAK], they are not needed testing commit fe46a7dd189e25604716c03576d05ac8a5209743 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 16a2fb326f015c3df0be28fa638ca7ab8a55c48b2b903749263bc0825d5dbcd2 all runs: crashed: possible deadlock in ext4_xattr_inode_iget representative crash: possible deadlock in ext4_xattr_inode_iget, types: [LOCKDEP] the chunk can be dropped testing without sub-chunk 4/5 disabling configs for [HANG LEAK UBSAN BUG KASAN ATOMIC_SLEEP], they are not needed testing commit fe46a7dd189e25604716c03576d05ac8a5209743 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 521a51a0a07b06423fad1dc083d4eb23247a84b2dc4f74fdc4be7eddfc570f76 all runs: crashed: possible deadlock in ext4_xattr_inode_iget representative crash: possible deadlock in ext4_xattr_inode_iget, types: [LOCKDEP] the chunk can be dropped testing without sub-chunk 5/5 disabling configs for [HANG LEAK UBSAN BUG KASAN ATOMIC_SLEEP], they are not needed testing commit fe46a7dd189e25604716c03576d05ac8a5209743 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 10a62f95868dac0e5e18a2531917d8d8242d41f0655ab8f0a5416cb68486c645 all runs: crashed: possible deadlock in ext4_xattr_inode_iget representative crash: possible deadlock in ext4_xattr_inode_iget, types: [LOCKDEP] the chunk can be dropped disabling configs for [KASAN ATOMIC_SLEEP HANG LEAK UBSAN BUG], they are not needed testing current HEAD 11066801dd4b7c4d75fce65c812723a80c1481ae testing commit 11066801dd4b7c4d75fce65c812723a80c1481ae gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: a6fcd629c2f6d8074d074a8c694f6b8030e59666e67926bc326ac67f90486ec5 all runs: OK false negative chance: 0.000 # git bisect start 11066801dd4b7c4d75fce65c812723a80c1481ae fe46a7dd189e25604716c03576d05ac8a5209743 Bisecting: 24604 revisions left to test after this (roughly 15 steps) [51835949dda3783d4639cfa74ce13a3c9829de00] Merge tag 'net-next-6.11' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next determine whether the revision contains the guilty commit revision fe46a7dd189e25604716c03576d05ac8a5209743 crashed and is reachable testing commit 51835949dda3783d4639cfa74ce13a3c9829de00 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 72678965c0a3a294867de69c33e87219fada11a24d781f8822ef4c1bc4dc4ce9 all runs: crashed: possible deadlock in ext4_xattr_inode_iget representative crash: possible deadlock in ext4_xattr_inode_iget, types: [LOCKDEP] # git bisect good 51835949dda3783d4639cfa74ce13a3c9829de00 Bisecting: 12333 revisions left to test after this (roughly 14 steps) [8617d7d6298f54dfef4038281863270b5864fe83] Merge tag 'mips_6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/mips/linux determine whether the revision contains the guilty commit revision 51835949dda3783d4639cfa74ce13a3c9829de00 crashed and is reachable testing commit 8617d7d6298f54dfef4038281863270b5864fe83 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 6fc381e001f7023383b4540ee898f97a1afc8012acbede00e023563ac9645cc3 all runs: crashed: possible deadlock in ext4_xattr_inode_iget representative crash: possible deadlock in ext4_xattr_inode_iget, types: [LOCKDEP] # git bisect good 8617d7d6298f54dfef4038281863270b5864fe83 Bisecting: 6075 revisions left to test after this (roughly 13 steps) [617a814f14b8914271f7a70366d72c6196d17663] Merge tag 'mm-stable-2024-09-20-02-31' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm determine whether the revision contains the guilty commit revision fe46a7dd189e25604716c03576d05ac8a5209743 crashed and is reachable testing commit 617a814f14b8914271f7a70366d72c6196d17663 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 6642384bf95996d55a85e7e91ba2b182dfa5ff278a371ccdeaf1b7eeb5294ce0 all runs: OK false negative chance: 0.000 # git bisect bad 617a814f14b8914271f7a70366d72c6196d17663 Bisecting: 3132 revisions left to test after this (roughly 12 steps) [bfbb96324a4a8dfd44c88f64e4e0ef8ea4ab128b] Merge tag 'hsi-for-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/sre/linux-hsi determine whether the revision contains the guilty commit revision fe46a7dd189e25604716c03576d05ac8a5209743 crashed and is reachable testing commit bfbb96324a4a8dfd44c88f64e4e0ef8ea4ab128b gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 57b6ab04e2deb7a7bce77a6aeac727286cb6c500bf275c3dba727073c201be44 all runs: crashed: possible deadlock in ext4_xattr_inode_iget representative crash: possible deadlock in ext4_xattr_inode_iget, types: [LOCKDEP] # git bisect good bfbb96324a4a8dfd44c88f64e4e0ef8ea4ab128b Bisecting: 1776 revisions left to test after this (roughly 11 steps) [ae2c6d8b3b88c176dff92028941a4023f1b4cb91] Merge tag 'drm-xe-next-fixes-2024-09-12' of https://gitlab.freedesktop.org/drm/xe/kernel into drm-next determine whether the revision contains the guilty commit revision 51835949dda3783d4639cfa74ce13a3c9829de00 crashed and is reachable testing commit ae2c6d8b3b88c176dff92028941a4023f1b4cb91 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: cab82d6751ad8b7d5904e38aa0c30a97c9fb5e9a580851b5ee207a08466a59ba all runs: crashed: possible deadlock in ext4_xattr_inode_iget representative crash: possible deadlock in ext4_xattr_inode_iget, types: [LOCKDEP] # git bisect good ae2c6d8b3b88c176dff92028941a4023f1b4cb91 Bisecting: 863 revisions left to test after this (roughly 10 steps) [84bbfe6b6435658132df2880258d34babe46d3e0] Merge tag 'platform-drivers-x86-v6.12-1' of git://git.kernel.org/pub/scm/linux/kernel/git/pdx86/platform-drivers-x86 determine whether the revision contains the guilty commit revision bfbb96324a4a8dfd44c88f64e4e0ef8ea4ab128b crashed and is reachable testing commit 84bbfe6b6435658132df2880258d34babe46d3e0 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: e2ce957a945b46da18078b529c35abb4458ad3e411fb6c1ca829d74306b0123e all runs: crashed: possible deadlock in ext4_xattr_inode_iget representative crash: possible deadlock in ext4_xattr_inode_iget, types: [LOCKDEP] # git bisect good 84bbfe6b6435658132df2880258d34babe46d3e0 Bisecting: 418 revisions left to test after this (roughly 9 steps) [056f8c437dc33e9e8e64b9344e816d7d46c06c16] Merge tag 'ext4_for_linus-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4 determine whether the revision contains the guilty commit revision 8617d7d6298f54dfef4038281863270b5864fe83 crashed and is reachable testing commit 056f8c437dc33e9e8e64b9344e816d7d46c06c16 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: cb4f466585fe9523bea65663bcc11afc9cb37cc3a4d7cf611032652b73a38a2a all runs: OK false negative chance: 0.000 # git bisect bad 056f8c437dc33e9e8e64b9344e816d7d46c06c16 Bisecting: 210 revisions left to test after this (roughly 8 steps) [a1d1eb2f57501b2e7e2076ce89b3f3a666ddbfdd] Merge tag 'scsi-misc' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi determine whether the revision contains the guilty commit revision fe46a7dd189e25604716c03576d05ac8a5209743 crashed and is reachable testing commit a1d1eb2f57501b2e7e2076ce89b3f3a666ddbfdd gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 89e81cad50285cf98b51b7802bf6bea7531a5553b313b38c376a641a1885ec59 all runs: crashed: possible deadlock in ext4_xattr_inode_iget representative crash: possible deadlock in ext4_xattr_inode_iget, types: [LOCKDEP] # git bisect good a1d1eb2f57501b2e7e2076ce89b3f3a666ddbfdd Bisecting: 93 revisions left to test after this (roughly 7 steps) [171754c3808214d4fd8843eab584599a429deb52] Merge tag 'vfs-6.12.blocksize' of gitolite.kernel.org:pub/scm/linux/kernel/git/vfs/vfs determine whether the revision contains the guilty commit revision ae2c6d8b3b88c176dff92028941a4023f1b4cb91 crashed and is reachable testing commit 171754c3808214d4fd8843eab584599a429deb52 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 2ddd08852f95970e416f7fbcf1e6b848653912f106dea6b731150c43f9c6d2c1 all runs: crashed: possible deadlock in ext4_xattr_inode_iget representative crash: possible deadlock in ext4_xattr_inode_iget, types: [LOCKDEP] # git bisect good 171754c3808214d4fd8843eab584599a429deb52 Bisecting: 46 revisions left to test after this (roughly 6 steps) [2046657e64a11b61d5ed07e0d60befd86303125e] ext4: drop all delonly descriptions determine whether the revision contains the guilty commit revision fe46a7dd189e25604716c03576d05ac8a5209743 crashed and is reachable testing commit 2046657e64a11b61d5ed07e0d60befd86303125e gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: cfffb79f1b67f6b9e370191ea42723b15b0040631f7222547d4b1f6a2156f5f3 all runs: OK false negative chance: 0.000 # git bisect bad 2046657e64a11b61d5ed07e0d60befd86303125e Bisecting: 23 revisions left to test after this (roughly 5 steps) [736c24e62e7e1f5d00fb5b750bb7c13c56410d07] Documentation: ext4.rst: remove obsolete descriptions of noacl/nouser_xattr options determine whether the revision contains the guilty commit revision fe46a7dd189e25604716c03576d05ac8a5209743 crashed and is reachable testing commit 736c24e62e7e1f5d00fb5b750bb7c13c56410d07 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 41cd59e89ea3de71fb22c04f4c7e63e64ebfdb2c0378e90d147e0ff0c924328c all runs: crashed: possible deadlock in ext4_xattr_inode_iget representative crash: possible deadlock in ext4_xattr_inode_iget, types: [LOCKDEP] # git bisect good 736c24e62e7e1f5d00fb5b750bb7c13c56410d07 Bisecting: 11 revisions left to test after this (roughly 4 steps) [dda898d7ffe85931f9cca6d702a51f33717c501e] ext4: dax: fix overflowing extents beyond inode size when partially writing determine whether the revision contains the guilty commit revision 51835949dda3783d4639cfa74ce13a3c9829de00 crashed and is reachable testing commit dda898d7ffe85931f9cca6d702a51f33717c501e gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: c4be60359e9ee1a8b2b71b3ebf92b920a0fa398c80dfeaa3f5793b1bf5945696 all runs: OK false negative chance: 0.000 # git bisect bad dda898d7ffe85931f9cca6d702a51f33717c501e Bisecting: 5 revisions left to test after this (roughly 3 steps) [7c48e7d5a195fc918f9ab281390a5ba4b3e18022] jbd2: remove unneeded done_copy_out variable in jbd2_journal_write_metadata_buffer determine whether the revision contains the guilty commit revision 736c24e62e7e1f5d00fb5b750bb7c13c56410d07 crashed and is reachable testing commit 7c48e7d5a195fc918f9ab281390a5ba4b3e18022 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 857774140100069043e213791e87d35d128fa73162b1d68fef7fcaab9dbba740 all runs: crashed: possible deadlock in ext4_xattr_inode_iget representative crash: possible deadlock in ext4_xattr_inode_iget, types: [LOCKDEP] # git bisect good 7c48e7d5a195fc918f9ab281390a5ba4b3e18022 Bisecting: 2 revisions left to test after this (roughly 2 steps) [6140ceb9b224fd178f405a7805d3fd82d2d02c39] jbd2: remove unneeded check of ret in jbd2_fc_get_buf determine whether the revision contains the guilty commit revision 736c24e62e7e1f5d00fb5b750bb7c13c56410d07 crashed and is reachable testing commit 6140ceb9b224fd178f405a7805d3fd82d2d02c39 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: ce3f850e3f9554e5ebf733a4f514158d5c7a3efdfd67a47187492cee2048a9ab all runs: crashed: possible deadlock in ext4_xattr_inode_iget representative crash: possible deadlock in ext4_xattr_inode_iget, types: [LOCKDEP] # git bisect good 6140ceb9b224fd178f405a7805d3fd82d2d02c39 Bisecting: 0 revisions left to test after this (roughly 1 step) [d3476f3dad4ad68ae5f6b008ea6591d1520da5d8] ext4: don't set SB_RDONLY after filesystem errors determine whether the revision contains the guilty commit revision 736c24e62e7e1f5d00fb5b750bb7c13c56410d07 crashed and is reachable testing commit d3476f3dad4ad68ae5f6b008ea6591d1520da5d8 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 457a3ffbb0b3bdd1e2554baf155e3ceffb2f0caf05cb10fa04882270cfc262fa all runs: OK false negative chance: 0.000 # git bisect bad d3476f3dad4ad68ae5f6b008ea6591d1520da5d8 Bisecting: 0 revisions left to test after this (roughly 0 steps) [d1bc560e9a9c78d0b2314692847fc8661e0aeb99] ext4: nested locking for xattr inode determine whether the revision contains the guilty commit revision 51835949dda3783d4639cfa74ce13a3c9829de00 crashed and is reachable testing commit d1bc560e9a9c78d0b2314692847fc8661e0aeb99 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: f1adff5672949cfcd479ff9e378c080cacc3d0a738fb59ddc226f5948452072b all runs: OK false negative chance: 0.000 # git bisect bad d1bc560e9a9c78d0b2314692847fc8661e0aeb99 d1bc560e9a9c78d0b2314692847fc8661e0aeb99 is the first bad commit commit d1bc560e9a9c78d0b2314692847fc8661e0aeb99 Author: Wojciech Gładysz Date: Thu Aug 1 16:38:27 2024 +0200 ext4: nested locking for xattr inode Add nested locking with I_MUTEX_XATTR subclass to avoid lockdep warning while handling xattr inode on file open syscall at ext4_xattr_inode_iget. Backtrace EXT4-fs (loop0): Ignoring removed oldalloc option ====================================================== WARNING: possible circular locking dependency detected 5.10.0-syzkaller #0 Not tainted ------------------------------------------------------ syz-executor543/2794 is trying to acquire lock: ffff8880215e1a48 (&ea_inode->i_rwsem#7/1){+.+.}-{3:3}, at: inode_lock include/linux/fs.h:782 [inline] ffff8880215e1a48 (&ea_inode->i_rwsem#7/1){+.+.}-{3:3}, at: ext4_xattr_inode_iget+0x42a/0x5c0 fs/ext4/xattr.c:425 but task is already holding lock: ffff8880215e3278 (&ei->i_data_sem/3){++++}-{3:3}, at: ext4_setattr+0x136d/0x19c0 fs/ext4/inode.c:5559 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #1 (&ei->i_data_sem/3){++++}-{3:3}: lock_acquire+0x197/0x480 kernel/locking/lockdep.c:5566 down_write+0x93/0x180 kernel/locking/rwsem.c:1564 ext4_update_i_disksize fs/ext4/ext4.h:3267 [inline] ext4_xattr_inode_write fs/ext4/xattr.c:1390 [inline] ext4_xattr_inode_lookup_create fs/ext4/xattr.c:1538 [inline] ext4_xattr_set_entry+0x331a/0x3d80 fs/ext4/xattr.c:1662 ext4_xattr_ibody_set+0x124/0x390 fs/ext4/xattr.c:2228 ext4_xattr_set_handle+0xc27/0x14e0 fs/ext4/xattr.c:2385 ext4_xattr_set+0x219/0x390 fs/ext4/xattr.c:2498 ext4_xattr_user_set+0xc9/0xf0 fs/ext4/xattr_user.c:40 __vfs_setxattr+0x404/0x450 fs/xattr.c:177 __vfs_setxattr_noperm+0x11d/0x4f0 fs/xattr.c:208 __vfs_setxattr_locked+0x1f9/0x210 fs/xattr.c:266 vfs_setxattr+0x112/0x2c0 fs/xattr.c:283 setxattr+0x1db/0x3e0 fs/xattr.c:548 path_setxattr+0x15a/0x240 fs/xattr.c:567 __do_sys_setxattr fs/xattr.c:582 [inline] __se_sys_setxattr fs/xattr.c:578 [inline] __x64_sys_setxattr+0xc5/0xe0 fs/xattr.c:578 do_syscall_64+0x6d/0xa0 arch/x86/entry/common.c:62 entry_SYSCALL_64_after_hwframe+0x61/0xcb -> #0 (&ea_inode->i_rwsem#7/1){+.+.}-{3:3}: check_prev_add kernel/locking/lockdep.c:2988 [inline] check_prevs_add kernel/locking/lockdep.c:3113 [inline] validate_chain+0x1695/0x58f0 kernel/locking/lockdep.c:3729 __lock_acquire+0x12fd/0x20d0 kernel/locking/lockdep.c:4955 lock_acquire+0x197/0x480 kernel/locking/lockdep.c:5566 down_write+0x93/0x180 kernel/locking/rwsem.c:1564 inode_lock include/linux/fs.h:782 [inline] ext4_xattr_inode_iget+0x42a/0x5c0 fs/ext4/xattr.c:425 ext4_xattr_inode_get+0x138/0x410 fs/ext4/xattr.c:485 ext4_xattr_move_to_block fs/ext4/xattr.c:2580 [inline] ext4_xattr_make_inode_space fs/ext4/xattr.c:2682 [inline] ext4_expand_extra_isize_ea+0xe70/0x1bb0 fs/ext4/xattr.c:2774 __ext4_expand_extra_isize+0x304/0x3f0 fs/ext4/inode.c:5898 ext4_try_to_expand_extra_isize fs/ext4/inode.c:5941 [inline] __ext4_mark_inode_dirty+0x591/0x810 fs/ext4/inode.c:6018 ext4_setattr+0x1400/0x19c0 fs/ext4/inode.c:5562 notify_change+0xbb6/0xe60 fs/attr.c:435 do_truncate+0x1de/0x2c0 fs/open.c:64 handle_truncate fs/namei.c:2970 [inline] do_open fs/namei.c:3311 [inline] path_openat+0x29f3/0x3290 fs/namei.c:3425 do_filp_open+0x20b/0x450 fs/namei.c:3452 do_sys_openat2+0x124/0x460 fs/open.c:1207 do_sys_open fs/open.c:1223 [inline] __do_sys_open fs/open.c:1231 [inline] __se_sys_open fs/open.c:1227 [inline] __x64_sys_open+0x221/0x270 fs/open.c:1227 do_syscall_64+0x6d/0xa0 arch/x86/entry/common.c:62 entry_SYSCALL_64_after_hwframe+0x61/0xcb other info that might help us debug this: Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(&ei->i_data_sem/3); lock(&ea_inode->i_rwsem#7/1); lock(&ei->i_data_sem/3); lock(&ea_inode->i_rwsem#7/1); *** DEADLOCK *** 5 locks held by syz-executor543/2794: #0: ffff888026fbc448 (sb_writers#4){.+.+}-{0:0}, at: mnt_want_write+0x4a/0x2a0 fs/namespace.c:365 #1: ffff8880215e3488 (&sb->s_type->i_mutex_key#7){++++}-{3:3}, at: inode_lock include/linux/fs.h:782 [inline] #1: ffff8880215e3488 (&sb->s_type->i_mutex_key#7){++++}-{3:3}, at: do_truncate+0x1cf/0x2c0 fs/open.c:62 #2: ffff8880215e3310 (&ei->i_mmap_sem){++++}-{3:3}, at: ext4_setattr+0xec4/0x19c0 fs/ext4/inode.c:5519 #3: ffff8880215e3278 (&ei->i_data_sem/3){++++}-{3:3}, at: ext4_setattr+0x136d/0x19c0 fs/ext4/inode.c:5559 #4: ffff8880215e30c8 (&ei->xattr_sem){++++}-{3:3}, at: ext4_write_trylock_xattr fs/ext4/xattr.h:162 [inline] #4: ffff8880215e30c8 (&ei->xattr_sem){++++}-{3:3}, at: ext4_try_to_expand_extra_isize fs/ext4/inode.c:5938 [inline] #4: ffff8880215e30c8 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x4fb/0x810 fs/ext4/inode.c:6018 stack backtrace: CPU: 1 PID: 2794 Comm: syz-executor543 Not tainted 5.10.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x177/0x211 lib/dump_stack.c:118 print_circular_bug+0x146/0x1b0 kernel/locking/lockdep.c:2002 check_noncircular+0x2cc/0x390 kernel/locking/lockdep.c:2123 check_prev_add kernel/locking/lockdep.c:2988 [inline] check_prevs_add kernel/locking/lockdep.c:3113 [inline] validate_chain+0x1695/0x58f0 kernel/locking/lockdep.c:3729 __lock_acquire+0x12fd/0x20d0 kernel/locking/lockdep.c:4955 lock_acquire+0x197/0x480 kernel/locking/lockdep.c:5566 down_write+0x93/0x180 kernel/locking/rwsem.c:1564 inode_lock include/linux/fs.h:782 [inline] ext4_xattr_inode_iget+0x42a/0x5c0 fs/ext4/xattr.c:425 ext4_xattr_inode_get+0x138/0x410 fs/ext4/xattr.c:485 ext4_xattr_move_to_block fs/ext4/xattr.c:2580 [inline] ext4_xattr_make_inode_space fs/ext4/xattr.c:2682 [inline] ext4_expand_extra_isize_ea+0xe70/0x1bb0 fs/ext4/xattr.c:2774 __ext4_expand_extra_isize+0x304/0x3f0 fs/ext4/inode.c:5898 ext4_try_to_expand_extra_isize fs/ext4/inode.c:5941 [inline] __ext4_mark_inode_dirty+0x591/0x810 fs/ext4/inode.c:6018 ext4_setattr+0x1400/0x19c0 fs/ext4/inode.c:5562 notify_change+0xbb6/0xe60 fs/attr.c:435 do_truncate+0x1de/0x2c0 fs/open.c:64 handle_truncate fs/namei.c:2970 [inline] do_open fs/namei.c:3311 [inline] path_openat+0x29f3/0x3290 fs/namei.c:3425 do_filp_open+0x20b/0x450 fs/namei.c:3452 do_sys_openat2+0x124/0x460 fs/open.c:1207 do_sys_open fs/open.c:1223 [inline] __do_sys_open fs/open.c:1231 [inline] __se_sys_open fs/open.c:1227 [inline] __x64_sys_open+0x221/0x270 fs/open.c:1227 do_syscall_64+0x6d/0xa0 arch/x86/entry/common.c:62 entry_SYSCALL_64_after_hwframe+0x61/0xcb RIP: 0033:0x7f0cde4ea229 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007ffd81d1c978 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 RAX: ffffffffffffffda RBX: 0030656c69662f30 RCX: 00007f0cde4ea229 RDX: 0000000000000089 RSI: 00000000000a0a00 RDI: 00000000200001c0 RBP: 2f30656c69662f2e R08: 0000000000208000 R09: 0000000000208000 R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd81d1c9c0 R13: 00007ffd81d1ca00 R14: 0000000000080000 R15: 0000000000000003 EXT4-fs error (device loop0): ext4_expand_extra_isize_ea:2730: inode #13: comm syz-executor543: corrupted in-inode xattr Signed-off-by: Wojciech Gładysz Link: https://patch.msgid.link/20240801143827.19135-1-wojciech.gladysz@infogain.com Signed-off-by: Theodore Ts'o fs/ext4/xattr.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) accumulated error probability: 0.00 culprit signature: f1adff5672949cfcd479ff9e378c080cacc3d0a738fb59ddc226f5948452072b parent signature: ce3f850e3f9554e5ebf733a4f514158d5c7a3efdfd67a47187492cee2048a9ab revisions tested: 24, total time: 3h43m37.167123136s (build: 1h15m36.491352246s, test: 2h14m30.498675696s) first good commit: d1bc560e9a9c78d0b2314692847fc8661e0aeb99 ext4: nested locking for xattr inode recipients (to): ["adilger.kernel@dilger.ca" "linux-ext4@vger.kernel.org" "tytso@mit.edu" "tytso@mit.edu" "wojciech.gladysz@infogain.com"] recipients (cc): ["linux-kernel@vger.kernel.org"]