forked to background, child pid 3174
no interfaces have a carrier
[ 26.552458][ T3175] 8021q: adding VLAN 0 to HW filter on device bond0
[ 26.566880][ T3175] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK
syzkaller
Warning: Permanently added '10.128.1.4' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [ 48.456535][ T3591] loop0: detected capacity change from 0 to 512
[ 48.480311][ T3591] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[ 48.489581][ T3591] ext4 filesystem being mounted at /root/syzkaller.7IbyCG/0/file0 supports timestamps until 2038 (0x7fffffff)
[ 48.608123][ T3591] syz-executor314 (3591): drop_caches: 1
[ 48.671048][ T3591] syz-executor314 (3591): drop_caches: 1
[ 48.682411][ T3590] Please do not flush events WQ.
[ 48.687422][ T3590] CPU: 1 PID: 3590 Comm: syz-executor314 Not tainted 5.17.0-next-20220330-syzkaller #0
[ 48.697180][ T3590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 48.707223][ T3590] Call Trace:
[ 48.710491][ T3590]
[ 48.713409][ T3590] dump_stack_lvl+0xcd/0x134
[ 48.718001][ T3590] flush_workqueue.cold+0x24/0x29
[ 48.723017][ T3590] ? lock_downgrade+0x6e0/0x6e0
[ 48.727884][ T3590] ? check_flush_dependency+0x400/0x400
[ 48.733426][ T3590] ? __fsnotify_vfsmount_delete+0x20/0x20
[ 48.739158][ T3590] ext4_put_super+0x99/0x1150
[ 48.743827][ T3590] ? ext4_quota_write+0x620/0x620
[ 48.748851][ T3590] generic_shutdown_super+0x14c/0x400
[ 48.754211][ T3590] kill_block_super+0x97/0xf0
[ 48.758873][ T3590] deactivate_locked_super+0x94/0x160
[ 48.764232][ T3590] deactivate_super+0xad/0xd0
[ 48.768911][ T3590] cleanup_mnt+0x3a2/0x540
[ 48.773339][ T3590] task_work_run+0xdd/0x1a0
[ 48.777831][ T3590] exit_to_user_mode_prepare+0x23c/0x250
[ 48.783550][ T3590] syscall_exit_to_user_mode+0x19/0x60
[ 48.788997][ T3590] do_syscall_64+0x42/0x80
[ 48.793396][ T3590] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 48.799279][ T3590] RIP: 0033:0x7f2437452687
[ 48.803676][ T3590] Code: 07 00 48 83 c4 08 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 48.823261][ T3590] RSP: 002b:00007ffc747c27a8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a6
[ 48.831664][ T3590] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f2437452687
[ 48.839625][ T3590] RDX: 00007ffc747c2869 RSI: 000000000000000a RDI: 00007ffc747c2860
[ 48.847581][ T3590] RBP: 00007ffc747c2860 R08: 00000000ffffffff R09: 00007ffc747c2640
[ 48.855541][ T3590] R10: 0000555555879653 R11: 0000000000000202 R12: 00007ffc747c38d0
[ 48.863502][ T3590] R13: 00005555558795f0 R14: 00007ffc747c27d0 R15: 0000000000000001
[ 48.871474][ T3590]
[ 48.875266][ T3590]
[ 48.877621][ T3590] ======================================================
[ 48.884614][ T3590] WARNING: possible circular locking dependency detected
[ 48.891607][ T3590] 5.17.0-next-20220330-syzkaller #0 Not tainted
[ 48.897823][ T3590] ------------------------------------------------------
[ 48.904814][ T3590] syz-executor314/3590 is trying to acquire lock:
[ 48.911200][ T3590] ffff888010c64d38 ((wq_completion)events){+.+.}-{0:0}, at: flush_workqueue+0x135/0x1440
[ 48.921003][ T3590]
[ 48.921003][ T3590] but task is already holding lock:
[ 48.928340][ T3590] ffff88801df760e0 (&type->s_umount_key#32){++++}-{3:3}, at: deactivate_super+0xa5/0xd0
[ 48.938056][ T3590]
[ 48.938056][ T3590] which lock already depends on the new lock.
[ 48.938056][ T3590]
[ 48.948433][ T3590]
[ 48.948433][ T3590] the existing dependency chain (in reverse order) is:
[ 48.957420][ T3590]
[ 48.957420][ T3590] -> #3 (&type->s_umount_key#32){++++}-{3:3}:
[ 48.965646][ T3590] down_read+0x98/0x440
[ 48.970308][ T3590] iterate_supers+0xdb/0x290
[ 48.975398][ T3590] drop_caches_sysctl_handler+0xdb/0x110
[ 48.981530][ T3590] proc_sys_call_handler+0x4a1/0x6e0
[ 48.987315][ T3590] do_iter_readv_writev+0x3d1/0x640
[ 48.993019][ T3590] do_iter_write+0x182/0x700
[ 48.998129][ T3590] vfs_iter_write+0x70/0xa0
[ 49.003136][ T3590] iter_file_splice_write+0x723/0xc70
[ 49.009010][ T3590] direct_splice_actor+0x110/0x180
[ 49.014620][ T3590] splice_direct_to_actor+0x34b/0x8c0
[ 49.020493][ T3590] do_splice_direct+0x1a7/0x270
[ 49.025857][ T3590] do_sendfile+0xae0/0x1240
[ 49.030862][ T3590] __x64_sys_sendfile64+0x149/0x210
[ 49.036566][ T3590] do_syscall_64+0x35/0x80
[ 49.041483][ T3590] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 49.047882][ T3590]
[ 49.047882][ T3590] -> #2 (sb_writers#3){.+.+}-{0:0}:
[ 49.055243][ T3590] kernel_write+0x2ac/0x540
[ 49.060264][ T3590] p9_write_work+0x25e/0xca0
[ 49.065357][ T3590] process_one_work+0x996/0x1610
[ 49.070794][ T3590] worker_thread+0x665/0x1080
[ 49.075968][ T3590] kthread+0x2e9/0x3a0
[ 49.080540][ T3590] ret_from_fork+0x1f/0x30
[ 49.085475][ T3590]
[ 49.085475][ T3590] -> #1 ((work_completion)(&m->wq)){+.+.}-{0:0}:
[ 49.093961][ T3590] process_one_work+0x905/0x1610
[ 49.099411][ T3590] worker_thread+0x665/0x1080
[ 49.104599][ T3590] kthread+0x2e9/0x3a0
[ 49.109173][ T3590] ret_from_fork+0x1f/0x30
[ 49.114095][ T3590]
[ 49.114095][ T3590] -> #0 ((wq_completion)events){+.+.}-{0:0}:
[ 49.122228][ T3590] __lock_acquire+0x2ac6/0x56c0
[ 49.127584][ T3590] lock_acquire+0x1ab/0x510
[ 49.132588][ T3590] flush_workqueue+0x164/0x1440
[ 49.137936][ T3590] ext4_put_super+0x99/0x1150
[ 49.143119][ T3590] generic_shutdown_super+0x14c/0x400
[ 49.148998][ T3590] kill_block_super+0x97/0xf0
[ 49.154173][ T3590] deactivate_locked_super+0x94/0x160
[ 49.160044][ T3590] deactivate_super+0xad/0xd0
[ 49.165219][ T3590] cleanup_mnt+0x3a2/0x540
[ 49.170144][ T3590] task_work_run+0xdd/0x1a0
[ 49.175150][ T3590] exit_to_user_mode_prepare+0x23c/0x250
[ 49.181287][ T3590] syscall_exit_to_user_mode+0x19/0x60
[ 49.187259][ T3590] do_syscall_64+0x42/0x80
[ 49.192187][ T3590] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 49.198601][ T3590]
[ 49.198601][ T3590] other info that might help us debug this:
[ 49.198601][ T3590]
[ 49.208807][ T3590] Chain exists of:
[ 49.208807][ T3590] (wq_completion)events --> sb_writers#3 --> &type->s_umount_key#32
[ 49.208807][ T3590]
[ 49.222685][ T3590] Possible unsafe locking scenario:
[ 49.222685][ T3590]
[ 49.230119][ T3590] CPU0 CPU1
[ 49.235468][ T3590] ---- ----
[ 49.240808][ T3590] lock(&type->s_umount_key#32);
[ 49.245810][ T3590] lock(sb_writers#3);
[ 49.252463][ T3590] lock(&type->s_umount_key#32);
[ 49.260002][ T3590] lock((wq_completion)events);
[ 49.264911][ T3590]
[ 49.264911][ T3590] *** DEADLOCK ***
[ 49.264911][ T3590]
[ 49.273115][ T3590] 1 lock held by syz-executor314/3590:
[ 49.278545][ T3590] #0: ffff88801df760e0 (&type->s_umount_key#32){++++}-{3:3}, at: deactivate_super+0xa5/0xd0
[ 49.288701][ T3590]
[ 49.288701][ T3590] stack backtrace:
[ 49.294561][ T3590] CPU: 1 PID: 3590 Comm: syz-executor314 Not tainted 5.17.0-next-20220330-syzkaller #0
[ 49.304164][ T3590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 49.314196][ T3590] Call Trace:
[ 49.317459][ T3590]
[ 49.320371][ T3590] dump_stack_lvl+0xcd/0x134
[ 49.324947][ T3590] check_noncircular+0x25f/0x2e0
[ 49.329868][ T3590] ? print_circular_bug+0x1e0/0x1e0
[ 49.335051][ T3590] ? mark_lock.part.0+0xee/0x1910
[ 49.340059][ T3590] __lock_acquire+0x2ac6/0x56c0
[ 49.344895][ T3590] ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 49.350858][ T3590] lock_acquire+0x1ab/0x510
[ 49.355342][ T3590] ? flush_workqueue+0x135/0x1440
[ 49.360347][ T3590] ? lock_release+0x720/0x720
[ 49.365002][ T3590] ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 49.371143][ T3590] ? dump_stack_lvl+0x120/0x134
[ 49.375973][ T3590] ? dump_stack_lvl+0x12a/0x134
[ 49.380802][ T3590] flush_workqueue+0x164/0x1440
[ 49.385641][ T3590] ? flush_workqueue+0x135/0x1440
[ 49.390640][ T3590] ? lock_downgrade+0x6e0/0x6e0
[ 49.395477][ T3590] ? check_flush_dependency+0x400/0x400
[ 49.401004][ T3590] ? __fsnotify_vfsmount_delete+0x20/0x20
[ 49.406711][ T3590] ext4_put_super+0x99/0x1150
[ 49.411385][ T3590] ? ext4_quota_write+0x620/0x620
[ 49.416394][ T3590] generic_shutdown_super+0x14c/0x400
[ 49.421744][ T3590] kill_block_super+0x97/0xf0
[ 49.426401][ T3590] deactivate_locked_super+0x94/0x160
[ 49.431752][ T3590] deactivate_super+0xad/0xd0
[ 49.436408][ T3590] cleanup_mnt+0x3a2/0x540
[ 49.440813][ T3590] task_work_run+0xdd/0x1a0
[ 49.445300][ T3590] exit_to_user_mode_prepare+0x23c/0x250
[ 49.450916][ T3590] syscall_exit_to_user_mode+0x19/0x60
[ 49.456363][ T3590] do_syscall_64+0x42/0x80
[ 49.460773][ T3590] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 49.466652][ T3590] RIP: 0033:0x7f2437452687
[ 49.471045][ T3590] Code: 07 00 48 83 c4 08 5b 5d c3 66 2e 0f 1f 84 00 00 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 49.490630][ T3590] RSP: 002b:00007ffc747c27a8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a6
[ 49.499020][ T3590] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f2437452687
[ 49.506986][ T3590] RDX: 00007ffc747c2869 RSI: 000000000000000a RDI: 00007ffc747c2860
[ 49.514934][ T3590] RBP: 00007ffc747c2860 R08: 00000000ffffffff R09: 00007ffc747c2640
[ 49.522882][ T3590] R10: 0000555555879653 R11: 0000000000000202 R12: 00007ffc747c38d0
[ 49.530830][ T3590] R13: 00005555558795f0 R14: 00007ffc747c27d0 R15: 0000000000000001
[ 49.538782][ T3590]