Warning: Permanently added '10.128.0.145' (ED25519) to the list of known hosts. executing program [ 38.089313][ T4289] loop0: detected capacity change from 0 to 32768 [ 38.093064][ T4289] ======================================================= [ 38.093064][ T4289] WARNING: The mand mount option has been deprecated and [ 38.093064][ T4289] and is ignored by this kernel. Remove the mand [ 38.093064][ T4289] option from the mount to silence this warning. [ 38.093064][ T4289] ======================================================= [ 38.114779][ T4289] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 38.126863][ T4289] [ 38.127388][ T4289] ====================================================== [ 38.129048][ T4289] WARNING: possible circular locking dependency detected [ 38.130520][ T4289] 6.1.114-syzkaller #0 Not tainted [ 38.131594][ T4289] ------------------------------------------------------ [ 38.133061][ T4289] syz-executor176/4289 is trying to acquire lock: [ 38.134427][ T4289] ffff0000e1ba3f60 (&oi->ip_alloc_sem){++++}-{3:3}, at: ocfs2_try_remove_refcount_tree+0xb4/0x2f0 [ 38.136684][ T4289] [ 38.136684][ T4289] but task is already holding lock: [ 38.138255][ T4289] ffff0000e1ba3ff8 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_try_remove_refcount_tree+0xa8/0x2f0 [ 38.140574][ T4289] [ 38.140574][ T4289] which lock already depends on the new lock. [ 38.140574][ T4289] [ 38.142835][ T4289] [ 38.142835][ T4289] the existing dependency chain (in reverse order) is: [ 38.144780][ T4289] [ 38.144780][ T4289] -> #4 (&oi->ip_xattr_sem){++++}-{3:3}: [ 38.146517][ T4289] down_read+0x64/0x308 [ 38.147587][ T4289] ocfs2_init_acl+0x2c8/0x764 [ 38.148649][ T4289] ocfs2_mknod+0x1574/0x2560 [ 38.149774][ T4289] ocfs2_create+0x1a8/0x560 [ 38.150786][ T4289] path_openat+0xeac/0x2548 [ 38.151975][ T4289] do_filp_open+0x1bc/0x3cc [ 38.153210][ T4289] do_sys_openat2+0x128/0x3e0 [ 38.154224][ T4289] __arm64_sys_openat+0x1f0/0x240 [ 38.155468][ T4289] invoke_syscall+0x98/0x2c0 [ 38.156568][ T4289] el0_svc_common+0x138/0x258 [ 38.157618][ T4289] do_el0_svc+0x64/0x218 [ 38.158631][ T4289] el0_svc+0x58/0x168 [ 38.159553][ T4289] el0t_64_sync_handler+0x84/0xf0 [ 38.160790][ T4289] el0t_64_sync+0x18c/0x190 [ 38.161869][ T4289] [ 38.161869][ T4289] -> #3 (jbd2_handle){.+.+}-{0:0}: [ 38.163455][ T4289] start_this_handle+0x1140/0x13ac [ 38.164514][ T4289] jbd2__journal_start+0x298/0x544 [ 38.165726][ T4289] jbd2_journal_start+0x3c/0x4c [ 38.166834][ T4289] ocfs2_start_trans+0x3e8/0x73c [ 38.168104][ T4289] ocfs2_mknod+0xe64/0x2560 [ 38.169112][ T4289] ocfs2_create+0x1a8/0x560 [ 38.170104][ T4289] path_openat+0xeac/0x2548 [ 38.171224][ T4289] do_filp_open+0x1bc/0x3cc [ 38.172209][ T4289] do_sys_openat2+0x128/0x3e0 [ 38.173382][ T4289] __arm64_sys_openat+0x1f0/0x240 [ 38.174650][ T4289] invoke_syscall+0x98/0x2c0 [ 38.175678][ T4289] el0_svc_common+0x138/0x258 [ 38.176693][ T4289] do_el0_svc+0x64/0x218 [ 38.177621][ T4289] el0_svc+0x58/0x168 [ 38.178546][ T4289] el0t_64_sync_handler+0x84/0xf0 [ 38.179704][ T4289] el0t_64_sync+0x18c/0x190 [ 38.180722][ T4289] [ 38.180722][ T4289] -> #2 (&journal->j_trans_barrier){.+.+}-{3:3}: [ 38.182512][ T4289] down_read+0x64/0x308 [ 38.183514][ T4289] ocfs2_start_trans+0x3dc/0x73c [ 38.184623][ T4289] ocfs2_mknod+0xe64/0x2560 [ 38.185656][ T4289] ocfs2_create+0x1a8/0x560 [ 38.186822][ T4289] path_openat+0xeac/0x2548 [ 38.187963][ T4289] do_filp_open+0x1bc/0x3cc [ 38.189044][ T4289] do_sys_openat2+0x128/0x3e0 [ 38.190181][ T4289] __arm64_sys_openat+0x1f0/0x240 [ 38.191384][ T4289] invoke_syscall+0x98/0x2c0 [ 38.192519][ T4289] el0_svc_common+0x138/0x258 [ 38.193666][ T4289] do_el0_svc+0x64/0x218 [ 38.194782][ T4289] el0_svc+0x58/0x168 [ 38.195803][ T4289] el0t_64_sync_handler+0x84/0xf0 [ 38.197022][ T4289] el0t_64_sync+0x18c/0x190 [ 38.198190][ T4289] [ 38.198190][ T4289] -> #1 (sb_internal#2){.+.+}-{0:0}: [ 38.200026][ T4289] ocfs2_start_trans+0x260/0x73c [ 38.201269][ T4289] ocfs2_write_begin_nolock+0xa1c/0x3f6c [ 38.202636][ T4289] ocfs2_write_begin+0x1ac/0x38c [ 38.203794][ T4289] generic_perform_write+0x278/0x55c [ 38.205057][ T4289] __generic_file_write_iter+0x168/0x388 [ 38.206275][ T4289] ocfs2_file_write_iter+0x15ac/0x1fbc [ 38.207544][ T4289] vfs_write+0x610/0x91c [ 38.208603][ T4289] ksys_write+0x15c/0x26c [ 38.209675][ T4289] __arm64_sys_write+0x7c/0x90 [ 38.210796][ T4289] invoke_syscall+0x98/0x2c0 [ 38.211910][ T4289] el0_svc_common+0x138/0x258 [ 38.213008][ T4289] do_el0_svc+0x64/0x218 [ 38.213985][ T4289] el0_svc+0x58/0x168 [ 38.214916][ T4289] el0t_64_sync_handler+0x84/0xf0 [ 38.216044][ T4289] el0t_64_sync+0x18c/0x190 [ 38.217243][ T4289] [ 38.217243][ T4289] -> #0 (&oi->ip_alloc_sem){++++}-{3:3}: [ 38.218877][ T4289] __lock_acquire+0x3338/0x7680 [ 38.219954][ T4289] lock_acquire+0x26c/0x7cc [ 38.221074][ T4289] down_write+0x5c/0x88 [ 38.221937][ T4289] ocfs2_try_remove_refcount_tree+0xb4/0x2f0 [ 38.223265][ T4289] ocfs2_truncate_file+0xd54/0x1618 [ 38.224409][ T4289] ocfs2_setattr+0x13d0/0x1b3c [ 38.225505][ T4289] notify_change+0xb58/0xe1c [ 38.226570][ T4289] do_truncate+0x1c0/0x28c [ 38.227576][ T4289] do_sys_ftruncate+0x288/0x31c [ 38.228715][ T4289] __arm64_sys_ftruncate+0x60/0x74 [ 38.230137][ T4289] invoke_syscall+0x98/0x2c0 [ 38.231359][ T4289] el0_svc_common+0x138/0x258 [ 38.232488][ T4289] do_el0_svc+0x64/0x218 [ 38.233522][ T4289] el0_svc+0x58/0x168 [ 38.234454][ T4289] el0t_64_sync_handler+0x84/0xf0 [ 38.235582][ T4289] el0t_64_sync+0x18c/0x190 [ 38.236698][ T4289] [ 38.236698][ T4289] other info that might help us debug this: [ 38.236698][ T4289] [ 38.238852][ T4289] Chain exists of: [ 38.238852][ T4289] &oi->ip_alloc_sem --> jbd2_handle --> &oi->ip_xattr_sem [ 38.238852][ T4289] [ 38.241619][ T4289] Possible unsafe locking scenario: [ 38.241619][ T4289] [ 38.243141][ T4289] CPU0 CPU1 [ 38.244338][ T4289] ---- ---- [ 38.245383][ T4289] lock(&oi->ip_xattr_sem); [ 38.246468][ T4289] lock(jbd2_handle); [ 38.248006][ T4289] lock(&oi->ip_xattr_sem); [ 38.249538][ T4289] lock(&oi->ip_alloc_sem); [ 38.250460][ T4289] [ 38.250460][ T4289] *** DEADLOCK *** [ 38.250460][ T4289] [ 38.252363][ T4289] 3 locks held by syz-executor176/4289: [ 38.253468][ T4289] #0: ffff0000c3d9e460 (sb_writers#8){.+.+}-{0:0}, at: do_sys_ftruncate+0x214/0x31c [ 38.255515][ T4289] #1: ffff0000e1ba42c8 (&sb->s_type->i_mutex_key#17){+.+.}-{3:3}, at: do_truncate+0x1ac/0x28c [ 38.257837][ T4289] #2: ffff0000e1ba3ff8 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_try_remove_refcount_tree+0xa8/0x2f0 [ 38.260176][ T4289] [ 38.260176][ T4289] stack backtrace: [ 38.261349][ T4289] CPU: 0 PID: 4289 Comm: syz-executor176 Not tainted 6.1.114-syzkaller #0 [ 38.263247][ T4289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 38.265238][ T4289] Call trace: [ 38.265949][ T4289] dump_backtrace+0x1c8/0x1f4 [ 38.266929][ T4289] show_stack+0x2c/0x3c [ 38.267784][ T4289] dump_stack_lvl+0x108/0x170 [ 38.268838][ T4289] dump_stack+0x1c/0x58 [ 38.269677][ T4289] print_circular_bug+0x150/0x1b8 [ 38.270658][ T4289] check_noncircular+0x2cc/0x378 [ 38.271615][ T4289] __lock_acquire+0x3338/0x7680 [ 38.272579][ T4289] lock_acquire+0x26c/0x7cc [ 38.273517][ T4289] down_write+0x5c/0x88 [ 38.274509][ T4289] ocfs2_try_remove_refcount_tree+0xb4/0x2f0 [ 38.275751][ T4289] ocfs2_truncate_file+0xd54/0x1618 [ 38.276873][ T4289] ocfs2_setattr+0x13d0/0x1b3c [ 38.277910][ T4289] notify_change+0xb58/0xe1c [ 38.278779][ T4289] do_truncate+0x1c0/0x28c [ 38.279670][ T4289] do_sys_ftruncate+0x288/0x31c [ 38.280643][ T4289] __arm64_sys_ftruncate+0x60/0x74 [ 38.281625][ T4289] invoke_syscall+0x98/0x2c0 [ 38.282603][ T4289] el0_svc_common+0x138/0x258 [ 38.283640][ T4289] do_el0_svc+0x64/0x218 [ 38.284500][ T4289] el0_svc+0x58/0x168 [ 38.285241][ T4289] el0t_64_sync_handler+0x84/0xf0 [ 38.286209][ T4289] el0t_64_sync+0x18c/0x190