ci2 starts bisection 2024-03-31 05:40:16.084486817 +0000 UTC m=+102372.815804834 bisecting fixing commit since 8a7f2a5c5aa1648edb4f2029c6ec33870afb7a95 building syzkaller on 90c93c40627cb0ac3c2c7cb99d807fd4c137adcb ensuring issue is reproducible on original commit 8a7f2a5c5aa1648edb4f2029c6ec33870afb7a95 testing commit 8a7f2a5c5aa1648edb4f2029c6ec33870afb7a95 gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: d0c44caf6f7cc1ba18c2dd35684368284b148277112fe7b7939424e55bfc0227 all runs: crashed: possible deadlock in ext4_xattr_inode_iget representative crash: possible deadlock in ext4_xattr_inode_iget, types: [LOCKDEP] check whether we can drop unnecessary instrumentation disabling configs for [KASAN ATOMIC_SLEEP HANG LEAK UBSAN BUG], they are not needed testing commit 8a7f2a5c5aa1648edb4f2029c6ec33870afb7a95 gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 339f73c2950f7c1c0082dc607bb8fd3c5e907d463f8071857d8a57fe875ed289 all runs: crashed: possible deadlock in ext4_xattr_inode_iget representative crash: possible deadlock in ext4_xattr_inode_iget, types: [LOCKDEP] the bug reproduces without the instrumentation disabling configs for [BUG KASAN ATOMIC_SLEEP HANG LEAK UBSAN], they are not needed kconfig minimization: base=3703 full=7272 leaves diff=1986 split chunks (needed=false): <1986> split chunk #0 of len 1986 into 5 parts testing without sub-chunk 1/5 disabling configs for [HANG LEAK UBSAN BUG KASAN ATOMIC_SLEEP], they are not needed testing commit 8a7f2a5c5aa1648edb4f2029c6ec33870afb7a95 gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 9c58962a9840d0e5f3ff442902704f843db1559767486ccd11c28a0cc5705ee1 all runs: crashed: possible deadlock in ext4_xattr_inode_iget representative crash: possible deadlock in ext4_xattr_inode_iget, types: [LOCKDEP] the chunk can be dropped testing without sub-chunk 2/5 disabling configs for [HANG LEAK UBSAN BUG KASAN ATOMIC_SLEEP], they are not needed testing commit 8a7f2a5c5aa1648edb4f2029c6ec33870afb7a95 gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: aa79b4882808fdeaada76119eede9629dd71b1472037f6d42060b2a78c84dfe4 all runs: crashed: possible deadlock in ext4_xattr_inode_iget representative crash: possible deadlock in ext4_xattr_inode_iget, types: [LOCKDEP] the chunk can be dropped testing without sub-chunk 3/5 disabling configs for [ATOMIC_SLEEP HANG LEAK UBSAN BUG KASAN], they are not needed testing commit 8a7f2a5c5aa1648edb4f2029c6ec33870afb7a95 gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 42ae75d8104eb33aa70b175fd27ddab6e1dde0b342f04029ebb268e7b0646eb7 all runs: crashed: possible deadlock in ext4_xattr_inode_iget representative crash: possible deadlock in ext4_xattr_inode_iget, types: [LOCKDEP] the chunk can be dropped testing without sub-chunk 4/5 disabling configs for [BUG KASAN ATOMIC_SLEEP HANG LEAK UBSAN], they are not needed testing commit 8a7f2a5c5aa1648edb4f2029c6ec33870afb7a95 gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 84d30b01cdf9697ce72f4a29de77705aabf8cc682c03e247d31c7ff8998ce50c all runs: crashed: possible deadlock in ext4_xattr_inode_iget representative crash: possible deadlock in ext4_xattr_inode_iget, types: [LOCKDEP] the chunk can be dropped testing without sub-chunk 5/5 disabling configs for [HANG LEAK UBSAN BUG KASAN ATOMIC_SLEEP], they are not needed testing commit 8a7f2a5c5aa1648edb4f2029c6ec33870afb7a95 gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: b01912e1ad8eb498457b979e525a93068a515a85d392e634e3c69f602cbecd4b all runs: crashed: possible deadlock in ext4_xattr_inode_iget representative crash: possible deadlock in ext4_xattr_inode_iget, types: [LOCKDEP] the chunk can be dropped disabling configs for [UBSAN BUG KASAN ATOMIC_SLEEP HANG LEAK], they are not needed testing current HEAD 9465fef4ae351749f7068da8c78af4ca27e61928 testing commit 9465fef4ae351749f7068da8c78af4ca27e61928 gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: ec8b90f7aabb01fce5a163f984ed83b46895c5f461c9d61df99f052fb9cd1fe1 all runs: crashed: possible deadlock in ext4_xattr_inode_iget representative crash: possible deadlock in ext4_xattr_inode_iget, types: [LOCKDEP] crash still not fixed/happens on the oldest tested release revisions tested: 8, total time: 1h20m32.250560145s (build: 45m13.625320148s, test: 33m11.012397137s) crash still not fixed or there were kernel test errors commit msg: Linux 5.15.153 crash: possible deadlock in ext4_xattr_inode_iget loop0: detected capacity change from 0 to 512 EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE EXT4-fs (loop0): 1 truncate cleaned up EXT4-fs (loop0): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000000000,nogrpid,debug_want_extra_isize=0x0000000000000066,dioread_nolock,max_batch_time=0x0000000000000008,resgid=0x0000000000000000,,errors=continue. Quota mode: writeback. ====================================================== WARNING: possible circular locking dependency detected 5.15.153-syzkaller #0 Not tainted ------------------------------------------------------ syz-executor.0/1527 is trying to acquire lock: ffff88811042f410 (&ea_inode->i_rwsem#7/1){+.+.}-{3:3}, at: inode_lock include/linux/fs.h:789 [inline] ffff88811042f410 (&ea_inode->i_rwsem#7/1){+.+.}-{3:3}, at: ext4_xattr_inode_iget+0x6e/0x120 fs/ext4/xattr.c:425 but task is already holding lock: ffff888110428278 (&ei->i_data_sem/3){++++}-{3:3}, at: ext4_setattr+0x5f4/0x9f0 fs/ext4/inode.c:5499 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #1 (&ei->i_data_sem/3){++++}-{3:3}: down_write+0x20/0x60 kernel/locking/rwsem.c:1541 ext4_update_i_disksize fs/ext4/ext4.h:3401 [inline] ext4_xattr_inode_write fs/ext4/xattr.c:1397 [inline] ext4_xattr_inode_lookup_create fs/ext4/xattr.c:1545 [inline] ext4_xattr_set_entry+0x11df/0x1310 fs/ext4/xattr.c:1669 ext4_xattr_ibody_set+0x4d/0xb0 fs/ext4/xattr.c:2237 ext4_xattr_set_handle+0x346/0x650 fs/ext4/xattr.c:2394 ext4_xattr_set+0x7c/0x150 fs/ext4/xattr.c:2507 __vfs_setxattr+0x62/0x80 fs/xattr.c:182 __vfs_setxattr_noperm+0x74/0x220 fs/xattr.c:216 vfs_setxattr+0x99/0x180 fs/xattr.c:303 setxattr+0x83/0xa0 fs/xattr.c:611 path_setxattr+0xbe/0xe0 fs/xattr.c:630 __do_sys_setxattr fs/xattr.c:646 [inline] __se_sys_setxattr fs/xattr.c:642 [inline] __x64_sys_setxattr+0x22/0x30 fs/xattr.c:642 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x35/0x80 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x61/0xcb -> #0 (&ea_inode->i_rwsem#7/1){+.+.}-{3:3}: check_prev_add kernel/locking/lockdep.c:3053 [inline] check_prevs_add kernel/locking/lockdep.c:3172 [inline] validate_chain kernel/locking/lockdep.c:3788 [inline] __lock_acquire+0x10b6/0x1a40 kernel/locking/lockdep.c:5012 lock_acquire kernel/locking/lockdep.c:5623 [inline] lock_acquire+0xbb/0x290 kernel/locking/lockdep.c:5588 down_write+0x20/0x60 kernel/locking/rwsem.c:1541 inode_lock include/linux/fs.h:789 [inline] ext4_xattr_inode_iget+0x6e/0x120 fs/ext4/xattr.c:425 ext4_xattr_inode_get+0x45/0x1e0 fs/ext4/xattr.c:485 ext4_xattr_move_to_block fs/ext4/xattr.c:2589 [inline] ext4_xattr_make_inode_space fs/ext4/xattr.c:2691 [inline] ext4_expand_extra_isize_ea+0x571/0x900 fs/ext4/xattr.c:2783 __ext4_expand_extra_isize+0xc4/0x110 fs/ext4/inode.c:5840 ext4_try_to_expand_extra_isize fs/ext4/inode.c:5883 [inline] __ext4_mark_inode_dirty+0x17b/0x220 fs/ext4/inode.c:5961 ext4_setattr+0x623/0x9f0 fs/ext4/inode.c:5502 notify_change+0x1f8/0x500 fs/attr.c:505 do_truncate+0x7b/0xd0 fs/open.c:65 handle_truncate fs/namei.c:3265 [inline] do_open fs/namei.c:3612 [inline] path_openat+0x869/0xb10 fs/namei.c:3742 do_filp_open+0xa4/0x150 fs/namei.c:3769 do_sys_openat2+0x92/0x160 fs/open.c:1211 do_sys_open fs/open.c:1227 [inline] __do_sys_creat fs/open.c:1301 [inline] __se_sys_creat fs/open.c:1295 [inline] __x64_sys_creat+0x44/0x60 fs/open.c:1295 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x35/0x80 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x61/0xcb other info that might help us debug this: Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(&ei->i_data_sem/3); lock(&ea_inode->i_rwsem#7/1); lock(&ei->i_data_sem/3); lock(&ea_inode->i_rwsem#7/1); *** DEADLOCK *** 5 locks held by syz-executor.0/1527: #0: ffff88810dd7b438 (sb_writers#4){.+.+}-{0:0}, at: do_open fs/namei.c:3601 [inline] #0: ffff88810dd7b438 (sb_writers#4){.+.+}-{0:0}, at: path_openat+0x81c/0xb10 fs/namei.c:3742 #1: ffff8881104283f0 (&sb->s_type->i_mutex_key#7){++++}-{3:3}, at: inode_lock include/linux/fs.h:789 [inline] #1: ffff8881104283f0 (&sb->s_type->i_mutex_key#7){++++}-{3:3}, at: do_truncate+0x6b/0xd0 fs/open.c:63 #2: ffff888110428580 (mapping.invalidate_lock){++++}-{3:3}, at: filemap_invalidate_lock include/linux/fs.h:834 [inline] #2: ffff888110428580 (mapping.invalidate_lock){++++}-{3:3}, at: ext4_setattr+0x364/0x9f0 fs/ext4/inode.c:5459 #3: ffff888110428278 (&ei->i_data_sem/3){++++}-{3:3}, at: ext4_setattr+0x5f4/0x9f0 fs/ext4/inode.c:5499 #4: ffff8881104280c8 (&ei->xattr_sem){++++}-{3:3}, at: ext4_write_trylock_xattr fs/ext4/xattr.h:162 [inline] #4: ffff8881104280c8 (&ei->xattr_sem){++++}-{3:3}, at: ext4_try_to_expand_extra_isize fs/ext4/inode.c:5880 [inline] #4: ffff8881104280c8 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x140/0x220 fs/ext4/inode.c:5961 stack backtrace: CPU: 0 PID: 1527 Comm: syz-executor.0 Not tainted 5.15.153-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 Call Trace: __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x57/0x7d lib/dump_stack.c:106 check_noncircular+0xcc/0xe0 kernel/locking/lockdep.c:2133 check_prev_add kernel/locking/lockdep.c:3053 [inline] check_prevs_add kernel/locking/lockdep.c:3172 [inline] validate_chain kernel/locking/lockdep.c:3788 [inline] __lock_acquire+0x10b6/0x1a40 kernel/locking/lockdep.c:5012 lock_acquire kernel/locking/lockdep.c:5623 [inline] lock_acquire+0xbb/0x290 kernel/locking/lockdep.c:5588 down_write+0x20/0x60 kernel/locking/rwsem.c:1541 inode_lock include/linux/fs.h:789 [inline] ext4_xattr_inode_iget+0x6e/0x120 fs/ext4/xattr.c:425 ext4_xattr_inode_get+0x45/0x1e0 fs/ext4/xattr.c:485 ext4_xattr_move_to_block fs/ext4/xattr.c:2589 [inline] ext4_xattr_make_inode_space fs/ext4/xattr.c:2691 [inline] ext4_expand_extra_isize_ea+0x571/0x900 fs/ext4/xattr.c:2783 __ext4_expand_extra_isize+0xc4/0x110 fs/ext4/inode.c:5840 ext4_try_to_expand_extra_isize fs/ext4/inode.c:5883 [inline] __ext4_mark_inode_dirty+0x17b/0x220 fs/ext4/inode.c:5961 ext4_setattr+0x623/0x9f0 fs/ext4/inode.c:5502 notify_change+0x1f8/0x500 fs/attr.c:505 do_truncate+0x7b/0xd0 fs/open.c:65 handle_truncate fs/namei.c:3265 [inline] do_open fs/namei.c:3612 [inline] path_openat+0x869/0xb10 fs/namei.c:3742 do_filp_open+0xa4/0x150 fs/namei.c:3769 do_sys_openat2+0x92/0x160 fs/open.c:1211 do_sys_open fs/open.c:1227 [inline] __do_sys_creat fs/open.c:1301 [inline] __se_sys_creat fs/open.c:1295 [inline] __x64_sys_creat+0x44/0x60 fs/open.c:1295 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x35/0x80 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x61/0xcb RIP: 0033:0x7f0a76105959 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f0a75c880c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000055 RAX: ffffffffffffffda RBX: 00007f0a76224f80 RCX: 00007f0a76105959 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000400 RBP: 00007f0a76161c88 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000006 R14: 00007f0a76224f80 R15: 00007ffd29b19908