syzbot

 sign-in | mailing list | source | docs
🐞 Open [854]
🐞 Fixed [87]
🐞 Invalid [1303]
Missing Backports [132]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

possible deadlock in ext4_destroy_inline_data

Status: upstream: reported on 2025/11/07 02:20
Reported-by: syzbot+77dc833fe5577a238762@syzkaller.appspotmail.com
First crash: 181d, last: 1d16h
Similar bugs (4)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-6.1 possible deadlock in ext4_destroy_inline_data 4 194 2d09h 179d 0/3 upstream: reported on 2025/11/09 09:23
upstream possible deadlock in ext4_destroy_inline_data (2) ext4 4 C error 2906 1h18m 182d 0/29 upstream: reported C repro on 2025/11/05 22:08
upstream possible deadlock in ext4_destroy_inline_data ext4 4 1 508d 504d 0/29 auto-obsoleted due to no activity on 2025/03/25 12:07
linux-6.6 possible deadlock in ext4_destroy_inline_data origin:upstream 4 C 96 2d01h 187d 0/2 upstream: reported C repro on 2025/11/01 09:40

Sample crash report:
======================================================
WARNING: possible circular locking dependency detected
syzkaller #0 Not tainted
------------------------------------------------------
syz.9.2775/14986 is trying to acquire lock:
ffff88805fac94b8 (&ei->xattr_sem){++++}-{3:3}, at: ext4_write_lock_xattr fs/ext4/xattr.h:158 [inline]
ffff88805fac94b8 (&ei->xattr_sem){++++}-{3:3}, at: ext4_destroy_inline_data+0x24/0xe0 fs/ext4/inline.c:1900

but task is already holding lock:
ffff8880737e8c58 (&sbi->s_writepages_rwsem){.+.+}-{0:0}, at: ext4_writepages+0x20f/0x2df0 fs/ext4/inode.c:2691

which lock already depends on the new lock.


the existing dependency chain (in reverse order) is:

-> #1 (&sbi->s_writepages_rwsem){.+.+}-{0:0}:
       percpu_down_read+0x46/0x1b0 include/linux/percpu-rwsem.h:51
       ext4_writepages+0x20f/0x2df0 fs/ext4/inode.c:2691
       do_writepages+0x476/0x6e0 mm/page-writeback.c:2386
       __writeback_single_inode+0x153/0xda0 fs/fs-writeback.c:1657
       writeback_single_inode+0x3cb/0x8e0 fs/fs-writeback.c:1770
       write_inode_now+0x23b/0x2c0 fs/fs-writeback.c:2817
       iput_final fs/inode.c:1756 [inline]
       iput+0x5ab/0x8a0 fs/inode.c:1795
       ext4_xattr_set_entry+0x34f4/0x3ea0 fs/ext4/xattr.c:1825
       ext4_xattr_block_set+0x4fd/0x2d20 fs/ext4/xattr.c:1924
       ext4_xattr_move_to_block fs/ext4/xattr.c:2618 [inline]
       ext4_xattr_make_inode_space fs/ext4/xattr.c:2693 [inline]
       ext4_expand_extra_isize_ea+0xf3f/0x19b0 fs/ext4/xattr.c:2781
       __ext4_expand_extra_isize+0x301/0x3e0 fs/ext4/inode.c:5924
       ext4_try_to_expand_extra_isize fs/ext4/inode.c:5967 [inline]
       __ext4_mark_inode_dirty+0x469/0x700 fs/ext4/inode.c:6045
       ext4_evict_inode+0xa8d/0x1090 fs/ext4/inode.c:284
       evict+0x4c9/0x8d0 fs/inode.c:647
       ext4_orphan_cleanup+0xad2/0x1320 fs/ext4/orphan.c:472
       ext4_fill_super+0x8d6e/0x94f0 fs/ext4/super.c:5006
       mount_bdev+0x287/0x3c0 fs/super.c:1400
       legacy_get_tree+0xe6/0x180 fs/fs_context.c:611
       vfs_get_tree+0x88/0x270 fs/super.c:1530
       do_new_mount+0x24a/0xa40 fs/namespace.c:3034
       do_mount fs/namespace.c:3377 [inline]
       __do_sys_mount fs/namespace.c:3585 [inline]
       __se_sys_mount+0x2e3/0x3d0 fs/namespace.c:3562
       do_syscall_x64 arch/x86/entry/common.c:50 [inline]
       do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
       entry_SYSCALL_64_after_hwframe+0x66/0xd0

-> #0 (&ei->xattr_sem){++++}-{3:3}:
       check_prev_add kernel/locking/lockdep.c:3053 [inline]
       check_prevs_add kernel/locking/lockdep.c:3172 [inline]
       validate_chain kernel/locking/lockdep.c:3788 [inline]
       __lock_acquire+0x2c42/0x7d10 kernel/locking/lockdep.c:5012
       lock_acquire+0x19e/0x400 kernel/locking/lockdep.c:5623
       down_write+0x38/0x60 kernel/locking/rwsem.c:1551
       ext4_write_lock_xattr fs/ext4/xattr.h:158 [inline]
       ext4_destroy_inline_data+0x24/0xe0 fs/ext4/inline.c:1900
       ext4_writepages+0x670/0x2df0 fs/ext4/inode.c:2737
       do_writepages+0x476/0x6e0 mm/page-writeback.c:2386
       filemap_fdatawrite_wbc+0x1eb/0x240 mm/filemap.c:400
       __filemap_fdatawrite_range mm/filemap.c:433 [inline]
       file_write_and_wait_range+0x14d/0x220 mm/filemap.c:810
       ext4_sync_file+0x1ff/0xae0 fs/ext4/fsync.c:151
       generic_write_sync include/linux/fs.h:2990 [inline]
       ext4_buffered_write_iter+0x338/0x3b0 fs/ext4/file.c:275
       ext4_file_write_iter+0x74d/0x1700 fs/ext4/file.c:-1
       call_write_iter include/linux/fs.h:2173 [inline]
       new_sync_write fs/read_write.c:507 [inline]
       vfs_write+0x745/0xd60 fs/read_write.c:594
       ksys_write+0x152/0x260 fs/read_write.c:647
       do_syscall_x64 arch/x86/entry/common.c:50 [inline]
       do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
       entry_SYSCALL_64_after_hwframe+0x66/0xd0

other info that might help us debug this:

 Possible unsafe locking scenario:

       CPU0                    CPU1
       ----                    ----
  lock(&sbi->s_writepages_rwsem);
                               lock(&ei->xattr_sem);
                               lock(&sbi->s_writepages_rwsem);
  lock(&ei->xattr_sem);

 *** DEADLOCK ***

3 locks held by syz.9.2775/14986:
 #0: ffff888022facd70 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0x2bf/0x370 fs/file.c:1056
 #1: ffff88807b9b4460 (sb_writers#5){.+.+}-{0:0}, at: vfs_write+0x295/0xd60 fs/read_write.c:590
 #2: ffff8880737e8c58 (&sbi->s_writepages_rwsem){.+.+}-{0:0}, at: ext4_writepages+0x20f/0x2df0 fs/ext4/inode.c:2691

stack backtrace:
CPU: 1 PID: 14986 Comm: syz.9.2775 Not tainted syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
Call Trace:
 <TASK>
 dump_stack_lvl+0x188/0x250 lib/dump_stack.c:106
 check_noncircular+0x296/0x330 kernel/locking/lockdep.c:2133
 check_prev_add kernel/locking/lockdep.c:3053 [inline]
 check_prevs_add kernel/locking/lockdep.c:3172 [inline]
 validate_chain kernel/locking/lockdep.c:3788 [inline]
 __lock_acquire+0x2c42/0x7d10 kernel/locking/lockdep.c:5012
 lock_acquire+0x19e/0x400 kernel/locking/lockdep.c:5623
 down_write+0x38/0x60 kernel/locking/rwsem.c:1551
 ext4_write_lock_xattr fs/ext4/xattr.h:158 [inline]
 ext4_destroy_inline_data+0x24/0xe0 fs/ext4/inline.c:1900
 ext4_writepages+0x670/0x2df0 fs/ext4/inode.c:2737
 do_writepages+0x476/0x6e0 mm/page-writeback.c:2386
 filemap_fdatawrite_wbc+0x1eb/0x240 mm/filemap.c:400
 __filemap_fdatawrite_range mm/filemap.c:433 [inline]
 file_write_and_wait_range+0x14d/0x220 mm/filemap.c:810
 ext4_sync_file+0x1ff/0xae0 fs/ext4/fsync.c:151
 generic_write_sync include/linux/fs.h:2990 [inline]
 ext4_buffered_write_iter+0x338/0x3b0 fs/ext4/file.c:275
 ext4_file_write_iter+0x74d/0x1700 fs/ext4/file.c:-1
 call_write_iter include/linux/fs.h:2173 [inline]
 new_sync_write fs/read_write.c:507 [inline]
 vfs_write+0x745/0xd60 fs/read_write.c:594
 ksys_write+0x152/0x260 fs/read_write.c:647
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x66/0xd0
RIP: 0033:0x7f22e51dfdd9
Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f22e3418028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 00007f22e5459090 RCX: 00007f22e51dfdd9
RDX: 0000000000001006 RSI: 0000200000001440 RDI: 0000000000000005
RBP: 00007f22e5275d69 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f22e5459128 R14: 00007f22e5459090 R15: 00007fff7c930bf8
 </TASK>
EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 3 with error 28
EXT4-fs (loop9): This should not happen!! Data will be lost

EXT4-fs (loop9): Total free blocks count 0
EXT4-fs (loop9): Free/Dirty block details
EXT4-fs (loop9): free_blocks=4096
EXT4-fs (loop9): dirty_blocks=16
EXT4-fs (loop9): Block reservation details
EXT4-fs (loop9): i_reserved_data_blocks=1

Crashes (194):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2026/05/06 01:26 linux-5.15.y ef251c45f1cd 26da2c66 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/05/05 18:15 linux-5.15.y ef251c45f1cd 06e69a27 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/05/05 15:50 linux-5.15.y ef251c45f1cd 06e69a27 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/05/05 11:34 linux-5.15.y ef251c45f1cd 06e69a27 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/05/05 01:04 linux-5.15.y ef251c45f1cd a898ba9c .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/05/04 20:12 linux-5.15.y ef251c45f1cd a898ba9c .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/05/04 12:43 linux-5.15.y ef251c45f1cd 85f1bcf2 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/05/04 06:55 linux-5.15.y ef251c45f1cd a0d91488 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/05/03 17:24 linux-5.15.y ef251c45f1cd a0d91488 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/05/01 07:35 linux-5.15.y ef251c45f1cd 753c55b9 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/05/01 06:03 linux-5.15.y ef251c45f1cd 753c55b9 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/04/30 20:57 linux-5.15.y ef251c45f1cd a7464baf .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/04/30 18:05 linux-5.15.y ef251c45f1cd a7464baf .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/04/30 08:49 linux-5.15.y b9d57c40a767 005438fc .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/04/30 00:48 linux-5.15.y b9d57c40a767 005438fc .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/04/29 10:01 linux-5.15.y b9d57c40a767 7ca9e4d8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/04/29 04:33 linux-5.15.y b9d57c40a767 95008c03 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/04/29 00:27 linux-5.15.y b9d57c40a767 95008c03 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/04/28 12:29 linux-5.15.y b9d57c40a767 ce741359 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/04/28 05:49 linux-5.15.y b9d57c40a767 ce741359 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/04/28 03:47 linux-5.15.y b9d57c40a767 ce741359 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/04/28 03:46 linux-5.15.y b9d57c40a767 ce741359 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/04/28 01:20 linux-5.15.y b9d57c40a767 ce741359 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/04/27 22:29 linux-5.15.y b9d57c40a767 ce741359 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/04/27 16:43 linux-5.15.y b9d57c40a767 0f700595 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/04/26 08:47 linux-5.15.y b9d57c40a767 9c2d0995 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/04/26 07:33 linux-5.15.y b9d57c40a767 9c2d0995 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/04/26 00:22 linux-5.15.y b9d57c40a767 9c2d0995 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/04/25 19:53 linux-5.15.y b9d57c40a767 9c2d0995 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/04/25 00:05 linux-5.15.y b9d57c40a767 1c2b9291 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/04/24 17:10 linux-5.15.y b9d57c40a767 1c2b9291 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/04/24 15:47 linux-5.15.y b9d57c40a767 1c2b9291 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/04/24 04:07 linux-5.15.y b9d57c40a767 9cfb3ca7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/04/23 15:26 linux-5.15.y b9d57c40a767 4c3406dc .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/04/23 07:35 linux-5.15.y b9d57c40a767 b10da5ec .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/04/23 02:19 linux-5.15.y b9d57c40a767 b10da5ec .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/04/20 09:44 linux-5.15.y b9d57c40a767 303e2802 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/04/19 12:23 linux-5.15.y b9d57c40a767 303e2802 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/04/16 20:02 linux-5.15.y 91d48252ad4b 4743f87d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/04/15 08:55 linux-5.15.y 91d48252ad4b e2e976a8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/04/12 06:44 linux-5.15.y 91d48252ad4b 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/04/10 17:54 linux-5.15.y 91d48252ad4b 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2026/04/06 19:07 linux-5.15.y 91d48252ad4b 4440e7c2 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
2025/11/07 02:19 linux-5.15.y cc5ec8769306 4e1406b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in ext4_destroy_inline_data
* Struck through repros no longer work on HEAD.