syzbot

 sign-in | mailing list | source | docs
🐞 Open [849]
🐞 Fixed [87]
🐞 Invalid [1246]
Missing Backports [132]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

possible deadlock in ext4_destroy_inline_data

Status: upstream: reported on 2025/11/07 02:20
Reported-by: syzbot+77dc833fe5577a238762@syzkaller.appspotmail.com
First crash: 133d, last: 13d
Similar bugs (4)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-6.1 possible deadlock in ext4_destroy_inline_data 4 96 11h08m 130d 0/3 upstream: reported on 2025/11/09 09:23
upstream possible deadlock in ext4_destroy_inline_data (2) ext4 4 C error 1925 6h09m 134d 0/29 upstream: reported C repro on 2025/11/05 22:08
upstream possible deadlock in ext4_destroy_inline_data ext4 4 1 459d 455d 0/29 auto-obsoleted due to no activity on 2025/03/25 12:07
linux-6.6 possible deadlock in ext4_destroy_inline_data 4 66 9h00m 138d 0/2 upstream: reported on 2025/11/01 09:40

Sample crash report:
======================================================
WARNING: possible circular locking dependency detected
syzkaller #0 Not tainted
------------------------------------------------------
syz.4.964/7976 is trying to acquire lock:
ffff88805b9480c8 (&ei->xattr_sem){++++}-{3:3}, at: ext4_write_lock_xattr fs/ext4/xattr.h:158 [inline]
ffff88805b9480c8 (&ei->xattr_sem){++++}-{3:3}, at: ext4_destroy_inline_data+0x24/0xe0 fs/ext4/inline.c:1900

but task is already holding lock:
ffff888077a1abd8 (&sbi->s_writepages_rwsem){.+.+}-{0:0}, at: ext4_writepages+0x20f/0x2df0 fs/ext4/inode.c:2689

which lock already depends on the new lock.


the existing dependency chain (in reverse order) is:

-> #1 (&sbi->s_writepages_rwsem){.+.+}-{0:0}:
       percpu_down_read+0x46/0x1b0 include/linux/percpu-rwsem.h:51
       ext4_writepages+0x20f/0x2df0 fs/ext4/inode.c:2689
       do_writepages+0x476/0x6e0 mm/page-writeback.c:2386
       __writeback_single_inode+0x153/0xda0 fs/fs-writeback.c:1657
       writeback_single_inode+0x3cb/0x8e0 fs/fs-writeback.c:1770
       write_inode_now+0x23b/0x2c0 fs/fs-writeback.c:2817
       iput_final fs/inode.c:1756 [inline]
       iput+0x5ab/0x8a0 fs/inode.c:1795
       ext4_xattr_set_entry+0x34f4/0x3ea0 fs/ext4/xattr.c:1825
       ext4_xattr_block_set+0x4fd/0x2d20 fs/ext4/xattr.c:1924
       ext4_xattr_move_to_block fs/ext4/xattr.c:2618 [inline]
       ext4_xattr_make_inode_space fs/ext4/xattr.c:2693 [inline]
       ext4_expand_extra_isize_ea+0xf3f/0x19b0 fs/ext4/xattr.c:2781
       __ext4_expand_extra_isize+0x301/0x3e0 fs/ext4/inode.c:5905
       ext4_try_to_expand_extra_isize fs/ext4/inode.c:5948 [inline]
       __ext4_mark_inode_dirty+0x469/0x700 fs/ext4/inode.c:6026
       ext4_evict_inode+0xa8d/0x1090 fs/ext4/inode.c:282
       evict+0x4c9/0x8d0 fs/inode.c:647
       ext4_orphan_cleanup+0xad2/0x1320 fs/ext4/orphan.c:472
       ext4_fill_super+0x8e25/0x95a0 fs/ext4/super.c:5000
       mount_bdev+0x287/0x3c0 fs/super.c:1400
       legacy_get_tree+0xe6/0x180 fs/fs_context.c:611
       vfs_get_tree+0x88/0x270 fs/super.c:1530
       do_new_mount+0x24a/0xa40 fs/namespace.c:3034
       do_mount fs/namespace.c:3377 [inline]
       __do_sys_mount fs/namespace.c:3585 [inline]
       __se_sys_mount+0x2e3/0x3d0 fs/namespace.c:3562
       do_syscall_x64 arch/x86/entry/common.c:50 [inline]
       do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
       entry_SYSCALL_64_after_hwframe+0x66/0xd0

-> #0 (&ei->xattr_sem){++++}-{3:3}:
       check_prev_add kernel/locking/lockdep.c:3053 [inline]
       check_prevs_add kernel/locking/lockdep.c:3172 [inline]
       validate_chain kernel/locking/lockdep.c:3788 [inline]
       __lock_acquire+0x2c42/0x7d10 kernel/locking/lockdep.c:5012
       lock_acquire+0x19e/0x400 kernel/locking/lockdep.c:5623
       down_write+0x38/0x60 kernel/locking/rwsem.c:1551
       ext4_write_lock_xattr fs/ext4/xattr.h:158 [inline]
       ext4_destroy_inline_data+0x24/0xe0 fs/ext4/inline.c:1900
       ext4_writepages+0x670/0x2df0 fs/ext4/inode.c:2735
       do_writepages+0x476/0x6e0 mm/page-writeback.c:2386
       filemap_fdatawrite_wbc+0x1eb/0x240 mm/filemap.c:400
       __filemap_fdatawrite_range mm/filemap.c:433 [inline]
       __filemap_fdatawrite mm/filemap.c:439 [inline]
       filemap_flush+0xd4/0x130 mm/filemap.c:466
       ext4_convert_inline_data+0x18b/0x5f0 fs/ext4/inline.c:2076
       ext4_fallocate+0xf4/0x1ed0 fs/ext4/extents.c:4765
       vfs_fallocate+0x587/0x6f0 fs/open.c:308
       ksys_fallocate fs/open.c:331 [inline]
       __do_sys_fallocate fs/open.c:339 [inline]
       __se_sys_fallocate fs/open.c:337 [inline]
       __x64_sys_fallocate+0xbd/0x100 fs/open.c:337
       do_syscall_x64 arch/x86/entry/common.c:50 [inline]
       do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
       entry_SYSCALL_64_after_hwframe+0x66/0xd0

other info that might help us debug this:

 Possible unsafe locking scenario:

       CPU0                    CPU1
       ----                    ----
  lock(&sbi->s_writepages_rwsem);
                               lock(&ei->xattr_sem);
                               lock(&sbi->s_writepages_rwsem);
  lock(&ei->xattr_sem);

 *** DEADLOCK ***

3 locks held by syz.4.964/7976:
 #0: ffff888077a18460 (sb_writers#5){.+.+}-{0:0}, at: file_start_write include/linux/fs.h:3043 [inline]
 #0: ffff888077a18460 (sb_writers#5){.+.+}-{0:0}, at: vfs_fallocate+0x4f4/0x6f0 fs/open.c:307
 #1: ffff88805b9483f0 (&sb->s_type->i_mutex_key#9){++++}-{3:3}, at: inode_lock include/linux/fs.h:787 [inline]
 #1: ffff88805b9483f0 (&sb->s_type->i_mutex_key#9){++++}-{3:3}, at: ext4_fallocate+0xec/0x1ed0 fs/ext4/extents.c:4764
 #2: ffff888077a1abd8 (&sbi->s_writepages_rwsem){.+.+}-{0:0}, at: ext4_writepages+0x20f/0x2df0 fs/ext4/inode.c:2689

stack backtrace:
CPU: 1 PID: 7976 Comm: syz.4.964 Not tainted syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
Call Trace:
 <TASK>
 dump_stack_lvl+0x188/0x250 lib/dump_stack.c:106
 check_noncircular+0x296/0x330 kernel/locking/lockdep.c:2133
 check_prev_add kernel/locking/lockdep.c:3053 [inline]
 check_prevs_add kernel/locking/lockdep.c:3172 [inline]
 validate_chain kernel/locking/lockdep.c:3788 [inline]
 __lock_acquire+0x2c42/0x7d10 kernel/locking/lockdep.c:5012
 lock_acquire+0x19e/0x400 kernel/locking/lockdep.c:5623
 down_write+0x38/0x60 kernel/locking/rwsem.c:1551
 ext4_write_lock_xattr fs/ext4/xattr.h:158 [inline]
 ext4_destroy_inline_data+0x24/0xe0 fs/ext4/inline.c:1900
 ext4_writepages+0x670/0x2df0 fs/ext4/inode.c:2735
 do_writepages+0x476/0x6e0 mm/page-writeback.c:2386
 filemap_fdatawrite_wbc+0x1eb/0x240 mm/filemap.c:400
 __filemap_fdatawrite_range mm/filemap.c:433 [inline]
 __filemap_fdatawrite mm/filemap.c:439 [inline]
 filemap_flush+0xd4/0x130 mm/filemap.c:466
 ext4_convert_inline_data+0x18b/0x5f0 fs/ext4/inline.c:2076
 ext4_fallocate+0xf4/0x1ed0 fs/ext4/extents.c:4765
 vfs_fallocate+0x587/0x6f0 fs/open.c:308
 ksys_fallocate fs/open.c:331 [inline]
 __do_sys_fallocate fs/open.c:339 [inline]
 __se_sys_fallocate fs/open.c:337 [inline]
 __x64_sys_fallocate+0xbd/0x100 fs/open.c:337
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x66/0xd0
RIP: 0033:0x7f05d96d5799
Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f05d790e028 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
RAX: ffffffffffffffda RBX: 00007f05d994f090 RCX: 00007f05d96d5799
RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000006
RBP: 00007f05d976bbd9 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000008000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f05d994f128 R14: 00007f05d994f090 R15: 00007ffdb6e1ff28
 </TASK>
EXT4-fs error (device loop4): ext4_mb_generate_buddy:1161: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 224 with error 28
EXT4-fs (loop4): This should not happen!! Data will be lost

EXT4-fs (loop4): Total free blocks count 0
EXT4-fs (loop4): Free/Dirty block details
EXT4-fs (loop4): free_blocks=2415919104
EXT4-fs (loop4): dirty_blocks=224
EXT4-fs (loop4): Block reservation details
EXT4-fs (loop4): i_reserved_data_blocks=14

Crashes (110):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2026/03/06 22:38 linux-5.15.y 91d48252ad4b 41d8037d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/03/04 19:07 linux-5.15.y 91d48252ad4b e6b6b96b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/03/04 11:57 linux-5.15.y 3330a8d33e08 e6b6b96b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/02/28 09:45 linux-5.15.y 3330a8d33e08 43249bac .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/02/28 08:43 linux-5.15.y 3330a8d33e08 43249bac .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/02/25 23:40 linux-5.15.y 3330a8d33e08 e0f78d93 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/02/24 04:53 linux-5.15.y 3330a8d33e08 41d2fa6a .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/02/23 06:39 linux-5.15.y 3330a8d33e08 6e7b5511 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/02/22 17:16 linux-5.15.y 3330a8d33e08 6e7b5511 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/02/21 22:22 linux-5.15.y 3330a8d33e08 6e7b5511 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/02/16 18:08 linux-5.15.y e45d5d41c134 5d52cba5 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/02/15 23:50 linux-5.15.y e45d5d41c134 1e62d198 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/02/15 00:32 linux-5.15.y e45d5d41c134 1e62d198 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/02/14 17:18 linux-5.15.y e45d5d41c134 1e62d198 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/02/13 20:43 linux-5.15.y e45d5d41c134 1e62d198 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/02/13 09:13 linux-5.15.y e45d5d41c134 6a673c50 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/02/12 15:27 linux-5.15.y e45d5d41c134 76a109e2 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/02/10 17:51 linux-5.15.y 7b232985052f 91d776d3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/02/10 15:32 linux-5.15.y 7b232985052f 91d776d3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/02/08 00:00 linux-5.15.y 7b232985052f 4c131dc4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/02/07 19:04 linux-5.15.y 7b232985052f 4c131dc4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/02/05 16:54 linux-5.15.y 9eec9a14ee10 4936e85c .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/02/05 16:32 linux-5.15.y 9eec9a14ee10 4936e85c .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/02/05 05:20 linux-5.15.y 9eec9a14ee10 ea10c935 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/02/04 15:08 linux-5.15.y 9eec9a14ee10 ea10c935 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/02/03 22:28 linux-5.15.y 9eec9a14ee10 42b01fab .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/02/02 09:48 linux-5.15.y 9eec9a14ee10 018ebef2 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/02/02 05:04 linux-5.15.y 9eec9a14ee10 6b8752f2 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/01/31 00:53 linux-5.15.y 9eec9a14ee10 c75a2f6e .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/01/30 17:45 linux-5.15.y 9eec9a14ee10 ae7dc18c .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/01/22 07:07 linux-5.15.y 9eec9a14ee10 a16aed1d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/01/21 18:56 linux-5.15.y 9eec9a14ee10 8fc37797 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/01/20 00:32 linux-5.15.y 9eec9a14ee10 572effc1 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/01/17 02:32 linux-5.15.y 68efe5a6c16a 20d37d28 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/01/16 15:26 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/01/16 04:14 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/01/15 02:28 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/01/14 05:42 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/01/12 21:58 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/01/09 07:21 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/01/08 15:51 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/01/07 19:03 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/01/03 06:33 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/01/02 15:27 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/01/02 13:32 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/01/02 03:46 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2025/12/31 20:45 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2025/12/29 16:41 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2025/12/28 19:54 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2025/11/07 02:19 linux-5.15.y cc5ec8769306 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
* Struck through repros no longer work on HEAD.