Warning: Permanently added '10.128.0.146' (ED25519) to the list of known hosts. executing program [ 43.312739][ T3500] loop0: detected capacity change from 0 to 63271 [ 43.413119][ T3500] F2FS-fs (loop0): Mismatch start address, segment0(512) cp_blkaddr(605) [ 43.421832][ T3500] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 43.433430][ T3500] F2FS-fs (loop0): invalid crc value [ 43.441995][ T3500] F2FS-fs (loop0): Found nat_bits in checkpoint [ 43.467036][ T3500] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 43.474170][ T3500] F2FS-fs (loop0): Mounted with checkpoint version = 753bd00b [ 43.550975][ T3500] [ 43.553307][ T3500] ====================================================== [ 43.560297][ T3500] WARNING: possible circular locking dependency detected [ 43.567309][ T3500] 5.15.159-syzkaller #0 Not tainted [ 43.572479][ T3500] ------------------------------------------------------ [ 43.579468][ T3500] syz-executor212/3500 is trying to acquire lock: [ 43.585847][ T3500] ffff888015dcf138 ((wq_completion)loop0){+.+.}-{0:0}, at: flush_workqueue+0x154/0x1610 [ 43.595568][ T3500] [ 43.595568][ T3500] but task is already holding lock: [ 43.602902][ T3500] ffff88801b58f468 (&lo->lo_mutex){+.+.}-{3:3}, at: __loop_clr_fd+0xa9/0xbe0 [ 43.611670][ T3500] [ 43.611670][ T3500] which lock already depends on the new lock. [ 43.611670][ T3500] [ 43.622045][ T3500] [ 43.622045][ T3500] the existing dependency chain (in reverse order) is: [ 43.631034][ T3500] [ 43.631034][ T3500] -> #7 (&lo->lo_mutex){+.+.}-{3:3}: [ 43.638472][ T3500] lock_acquire+0x1db/0x4f0 [ 43.643470][ T3500] __mutex_lock_common+0x1da/0x25a0 [ 43.649161][ T3500] mutex_lock_killable_nested+0x17/0x20 [ 43.655201][ T3500] lo_open+0x68/0x100 [ 43.659678][ T3500] blkdev_get_whole+0x94/0x390 [ 43.664933][ T3500] blkdev_get_by_dev+0x2bc/0xa50 [ 43.670363][ T3500] blkdev_open+0x138/0x2d0 [ 43.675271][ T3500] do_dentry_open+0x807/0xfb0 [ 43.680449][ T3500] path_openat+0x2705/0x2f20 [ 43.685541][ T3500] do_filp_open+0x21c/0x460 [ 43.690536][ T3500] do_sys_openat2+0x13b/0x500 [ 43.695705][ T3500] __x64_sys_openat+0x243/0x290 [ 43.701046][ T3500] do_syscall_64+0x3b/0xb0 [ 43.706150][ T3500] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 43.712536][ T3500] [ 43.712536][ T3500] -> #6 (&disk->open_mutex){+.+.}-{3:3}: [ 43.720317][ T3500] lock_acquire+0x1db/0x4f0 [ 43.725322][ T3500] __mutex_lock_common+0x1da/0x25a0 [ 43.731016][ T3500] mutex_lock_nested+0x17/0x20 [ 43.736273][ T3500] blkdev_get_by_dev+0x14d/0xa50 [ 43.741714][ T3500] swsusp_check+0xb1/0x2c0 [ 43.746630][ T3500] software_resume+0xc6/0x3c0 [ 43.751809][ T3500] resume_store+0xe3/0x130 [ 43.756729][ T3500] kernfs_fop_write_iter+0x3a2/0x4f0 [ 43.762507][ T3500] vfs_write+0xacf/0xe50 [ 43.767241][ T3500] ksys_write+0x1a2/0x2c0 [ 43.772075][ T3500] do_syscall_64+0x3b/0xb0 [ 43.776987][ T3500] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 43.783372][ T3500] [ 43.783372][ T3500] -> #5 (system_transition_mutex/1){+.+.}-{3:3}: [ 43.791853][ T3500] lock_acquire+0x1db/0x4f0 [ 43.796853][ T3500] __mutex_lock_common+0x1da/0x25a0 [ 43.802540][ T3500] mutex_lock_nested+0x17/0x20 [ 43.807792][ T3500] software_resume+0x7c/0x3c0 [ 43.812973][ T3500] resume_store+0xe3/0x130 [ 43.817888][ T3500] kernfs_fop_write_iter+0x3a2/0x4f0 [ 43.823663][ T3500] vfs_write+0xacf/0xe50 [ 43.828406][ T3500] ksys_write+0x1a2/0x2c0 [ 43.833226][ T3500] do_syscall_64+0x3b/0xb0 [ 43.838150][ T3500] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 43.844551][ T3500] [ 43.844551][ T3500] -> #4 (&of->mutex){+.+.}-{3:3}: [ 43.851724][ T3500] lock_acquire+0x1db/0x4f0 [ 43.856721][ T3500] __mutex_lock_common+0x1da/0x25a0 [ 43.862411][ T3500] mutex_lock_nested+0x17/0x20 [ 43.867663][ T3500] kernfs_seq_start+0x50/0x3b0 [ 43.873004][ T3500] seq_read_iter+0x3d0/0xd10 [ 43.878085][ T3500] vfs_read+0xa9f/0xe10 [ 43.882735][ T3500] ksys_read+0x1a2/0x2c0 [ 43.887487][ T3500] do_syscall_64+0x3b/0xb0 [ 43.892396][ T3500] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 43.898795][ T3500] [ 43.898795][ T3500] -> #3 (&p->lock){+.+.}-{3:3}: [ 43.905795][ T3500] lock_acquire+0x1db/0x4f0 [ 43.910790][ T3500] __mutex_lock_common+0x1da/0x25a0 [ 43.916489][ T3500] mutex_lock_nested+0x17/0x20 [ 43.921741][ T3500] seq_read_iter+0xae/0xd10 [ 43.926732][ T3500] proc_reg_read_iter+0x1b7/0x280 [ 43.932260][ T3500] generic_file_splice_read+0x4ad/0x790 [ 43.938297][ T3500] splice_direct_to_actor+0x448/0xc10 [ 43.944163][ T3500] do_splice_direct+0x285/0x3d0 [ 43.949504][ T3500] do_sendfile+0x625/0xff0 [ 43.954584][ T3500] __se_sys_sendfile64+0x178/0x1e0 [ 43.960187][ T3500] do_syscall_64+0x3b/0xb0 [ 43.965094][ T3500] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 43.971482][ T3500] [ 43.971482][ T3500] -> #2 (sb_writers#3){.+.+}-{0:0}: [ 43.978842][ T3500] lock_acquire+0x1db/0x4f0 [ 43.983842][ T3500] lo_write_bvec+0x1a3/0x740 [ 43.988934][ T3500] loop_process_work+0x2309/0x2af0 [ 43.994546][ T3500] process_one_work+0x8a1/0x10c0 [ 43.999982][ T3500] worker_thread+0xaca/0x1280 [ 44.005153][ T3500] kthread+0x3f6/0x4f0 [ 44.009733][ T3500] ret_from_fork+0x1f/0x30 [ 44.014644][ T3500] [ 44.014644][ T3500] -> #1 ((work_completion)(&lo->rootcg_work)){+.+.}-{0:0}: [ 44.023993][ T3500] lock_acquire+0x1db/0x4f0 [ 44.028994][ T3500] process_one_work+0x7f1/0x10c0 [ 44.034426][ T3500] worker_thread+0xaca/0x1280 [ 44.039594][ T3500] kthread+0x3f6/0x4f0 [ 44.044153][ T3500] ret_from_fork+0x1f/0x30 [ 44.049071][ T3500] [ 44.049071][ T3500] -> #0 ((wq_completion)loop0){+.+.}-{0:0}: [ 44.057134][ T3500] validate_chain+0x1649/0x5930 [ 44.062483][ T3500] __lock_acquire+0x1295/0x1ff0 [ 44.067827][ T3500] lock_acquire+0x1db/0x4f0 [ 44.072844][ T3500] flush_workqueue+0x170/0x1610 [ 44.078187][ T3500] drain_workqueue+0xc5/0x390 [ 44.083360][ T3500] destroy_workqueue+0x7b/0xae0 [ 44.088708][ T3500] __loop_clr_fd+0x241/0xbe0 [ 44.093789][ T3500] blkdev_put+0x455/0x790 [ 44.098613][ T3500] kill_f2fs_super+0x2ff/0x3c0 [ 44.103869][ T3500] deactivate_locked_super+0xa0/0x110 [ 44.109737][ T3500] cleanup_mnt+0x44e/0x500 [ 44.114653][ T3500] task_work_run+0x129/0x1a0 [ 44.119736][ T3500] do_exit+0x6a3/0x2480 [ 44.124382][ T3500] do_group_exit+0x144/0x310 [ 44.129466][ T3500] __x64_sys_exit_group+0x3b/0x40 [ 44.134986][ T3500] do_syscall_64+0x3b/0xb0 [ 44.139895][ T3500] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 44.146276][ T3500] [ 44.146276][ T3500] other info that might help us debug this: [ 44.146276][ T3500] [ 44.156473][ T3500] Chain exists of: [ 44.156473][ T3500] (wq_completion)loop0 --> &disk->open_mutex --> &lo->lo_mutex [ 44.156473][ T3500] [ 44.169906][ T3500] Possible unsafe locking scenario: [ 44.169906][ T3500] [ 44.177325][ T3500] CPU0 CPU1 [ 44.182662][ T3500] ---- ---- [ 44.187997][ T3500] lock(&lo->lo_mutex); [ 44.192214][ T3500] lock(&disk->open_mutex); [ 44.199293][ T3500] lock(&lo->lo_mutex); [ 44.206021][ T3500] lock((wq_completion)loop0); [ 44.210842][ T3500] [ 44.210842][ T3500] *** DEADLOCK *** [ 44.210842][ T3500] [ 44.218958][ T3500] 2 locks held by syz-executor212/3500: [ 44.224471][ T3500] #0: ffff88801b59c118 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_put+0xfb/0x790 [ 44.233931][ T3500] #1: ffff88801b58f468 (&lo->lo_mutex){+.+.}-{3:3}, at: __loop_clr_fd+0xa9/0xbe0 [ 44.243116][ T3500] [ 44.243116][ T3500] stack backtrace: [ 44.248975][ T3500] CPU: 0 PID: 3500 Comm: syz-executor212 Not tainted 5.15.159-syzkaller #0 [ 44.257538][ T3500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 44.267564][ T3500] Call Trace: [ 44.270821][ T3500] [ 44.273738][ T3500] dump_stack_lvl+0x1e3/0x2d0 [ 44.278405][ T3500] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 44.284010][ T3500] ? print_circular_bug+0x12b/0x1a0 [ 44.289179][ T3500] check_noncircular+0x2f8/0x3b0 [ 44.294088][ T3500] ? add_chain_block+0x850/0x850 [ 44.299013][ T3500] ? lockdep_lock+0x11f/0x2a0 [ 44.303667][ T3500] ? lockdep_unlock+0x166/0x300 [ 44.308486][ T3500] ? lockdep_lock+0x2a0/0x2a0 [ 44.313135][ T3500] validate_chain+0x1649/0x5930 [ 44.317960][ T3500] ? validate_chain+0x13bd/0x5930 [ 44.322958][ T3500] ? reacquire_held_locks+0x660/0x660 [ 44.328320][ T3500] ? reacquire_held_locks+0x660/0x660 [ 44.333664][ T3500] ? __lock_acquire+0x1295/0x1ff0 [ 44.338664][ T3500] ? reacquire_held_locks+0x660/0x660 [ 44.344008][ T3500] ? mark_lock+0x98/0x340 [ 44.348395][ T3500] __lock_acquire+0x1295/0x1ff0 [ 44.353396][ T3500] lock_acquire+0x1db/0x4f0 [ 44.357874][ T3500] ? flush_workqueue+0x154/0x1610 [ 44.362882][ T3500] ? read_lock_is_recursive+0x10/0x10 [ 44.368229][ T3500] ? lockdep_softirqs_off+0x420/0x420 [ 44.373574][ T3500] ? __init_swait_queue_head+0xaa/0x140 [ 44.379092][ T3500] flush_workqueue+0x170/0x1610 [ 44.383913][ T3500] ? flush_workqueue+0x154/0x1610 [ 44.388906][ T3500] ? __mutex_lock_common+0x444/0x25a0 [ 44.394252][ T3500] ? rcu_work_rcufn+0x140/0x140 [ 44.399079][ T3500] ? finish_wait+0xc5/0x1d0 [ 44.403555][ T3500] drain_workqueue+0xc5/0x390 [ 44.408206][ T3500] destroy_workqueue+0x7b/0xae0 [ 44.413027][ T3500] __loop_clr_fd+0x241/0xbe0 [ 44.417595][ T3500] ? lo_release+0x177/0x1f0 [ 44.422066][ T3500] ? lo_open+0x100/0x100 [ 44.426284][ T3500] blkdev_put+0x455/0x790 [ 44.430587][ T3500] kill_f2fs_super+0x2ff/0x3c0 [ 44.435325][ T3500] ? unregister_shrinker+0x266/0x320 [ 44.440586][ T3500] ? f2fs_mount+0x40/0x40 [ 44.444885][ T3500] ? kfree+0x4a/0x270 [ 44.448841][ T3500] ? unregister_shrinker+0x266/0x320 [ 44.454096][ T3500] deactivate_locked_super+0xa0/0x110 [ 44.459440][ T3500] cleanup_mnt+0x44e/0x500 [ 44.463829][ T3500] ? lockdep_hardirqs_on+0x94/0x130 [ 44.469000][ T3500] task_work_run+0x129/0x1a0 [ 44.473562][ T3500] do_exit+0x6a3/0x2480 [ 44.477692][ T3500] ? put_task_struct+0x80/0x80 [ 44.482445][ T3500] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 44.488410][ T3500] ? vtime_user_exit+0x2d1/0x400 [ 44.493335][ T3500] do_group_exit+0x144/0x310 [ 44.497905][ T3500] __x64_sys_exit_group+0x3b/0x40 [ 44.502907][ T3500] do_syscall_64+0x3b/0xb0 [ 44.507301][ T3500] ? clear_bhb_loop+0x15/0x70 [ 44.511954][ T3500] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 44.517819][ T3500] RIP: 0033:0x7f09879e1b49 [ 44.522206][ T3500] Code: Unable to access opcode bytes at RIP 0x7f09879e1b1f. [ 44.529541][ T3500] RSP: 002b:00007ffd17f60ca8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 44.537927][ T3500] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f09879e1b49 [ 44.545888][ T3500] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001 [ 44.553835][ T3500] RBP: 00007f0987a653d0 R08: ffffffffffffffb8 R09: 0000555555661378 [ 44.561784][ T3500] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f0987a653d0 [ 44.569727][ T3500] R13: 0000000000000000 R14: 00007f0987a66140 R15: 00007f09879afe20 [ 44.577674][ T3500]