Warning: Permanently added '10.128.1.98' (ED25519) to the list of known hosts. executing program [ 55.186683][ T3487] loop0: detected capacity change from 0 to 63271 [ 55.197095][ T3487] F2FS-fs (loop0): Mismatch start address, segment0(512) cp_blkaddr(605) [ 55.205658][ T3487] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 55.217050][ T3487] F2FS-fs (loop0): invalid crc value [ 55.226718][ T3487] F2FS-fs (loop0): Found nat_bits in checkpoint [ 55.262016][ T3487] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 55.269282][ T3487] F2FS-fs (loop0): Mounted with checkpoint version = 753bd00b [ 55.364709][ T3487] [ 55.367059][ T3487] ====================================================== [ 55.374086][ T3487] WARNING: possible circular locking dependency detected [ 55.381175][ T3487] 5.15.127-syzkaller #0 Not tainted [ 55.386357][ T3487] ------------------------------------------------------ [ 55.393358][ T3487] syz-executor428/3487 is trying to acquire lock: [ 55.399753][ T3487] ffff8880240c0938 ((wq_completion)loop0){+.+.}-{0:0}, at: flush_workqueue+0x154/0x1610 [ 55.409521][ T3487] [ 55.409521][ T3487] but task is already holding lock: [ 55.416881][ T3487] ffff8881473f8468 (&lo->lo_mutex){+.+.}-{3:3}, at: __loop_clr_fd+0xa9/0xbe0 [ 55.425669][ T3487] [ 55.425669][ T3487] which lock already depends on the new lock. [ 55.425669][ T3487] [ 55.436056][ T3487] [ 55.436056][ T3487] the existing dependency chain (in reverse order) is: [ 55.445054][ T3487] [ 55.445054][ T3487] -> #7 (&lo->lo_mutex){+.+.}-{3:3}: [ 55.452525][ T3487] lock_acquire+0x1db/0x4f0 [ 55.457551][ T3487] __mutex_lock_common+0x1da/0x25a0 [ 55.463256][ T3487] mutex_lock_killable_nested+0x17/0x20 [ 55.469317][ T3487] lo_open+0x68/0x100 [ 55.475389][ T3487] blkdev_get_whole+0x94/0x390 [ 55.480663][ T3487] blkdev_get_by_dev+0x2b2/0xa50 [ 55.486197][ T3487] blkdev_open+0x138/0x2d0 [ 55.491139][ T3487] do_dentry_open+0x807/0xfb0 [ 55.496327][ T3487] path_openat+0x2702/0x2f20 [ 55.501427][ T3487] do_filp_open+0x21c/0x460 [ 55.506442][ T3487] do_sys_openat2+0x13b/0x500 [ 55.511631][ T3487] __x64_sys_openat+0x243/0x290 [ 55.516990][ T3487] do_syscall_64+0x3d/0xb0 [ 55.521917][ T3487] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 55.528425][ T3487] [ 55.528425][ T3487] -> #6 (&disk->open_mutex){+.+.}-{3:3}: [ 55.536233][ T3487] lock_acquire+0x1db/0x4f0 [ 55.541248][ T3487] __mutex_lock_common+0x1da/0x25a0 [ 55.546952][ T3487] mutex_lock_nested+0x17/0x20 [ 55.552228][ T3487] blkdev_get_by_dev+0x14d/0xa50 [ 55.557694][ T3487] swsusp_check+0xb1/0x2c0 [ 55.562622][ T3487] software_resume+0xc6/0x3c0 [ 55.567809][ T3487] resume_store+0xe3/0x130 [ 55.572741][ T3487] kernfs_fop_write_iter+0x3a2/0x4f0 [ 55.578537][ T3487] vfs_write+0xacf/0xe50 [ 55.583295][ T3487] ksys_write+0x1a2/0x2c0 [ 55.588136][ T3487] do_syscall_64+0x3d/0xb0 [ 55.593085][ T3487] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 55.599489][ T3487] [ 55.599489][ T3487] -> #5 (system_transition_mutex/1){+.+.}-{3:3}: [ 55.608114][ T3487] lock_acquire+0x1db/0x4f0 [ 55.613172][ T3487] __mutex_lock_common+0x1da/0x25a0 [ 55.618906][ T3487] mutex_lock_nested+0x17/0x20 [ 55.624180][ T3487] software_resume+0x7c/0x3c0 [ 55.629366][ T3487] resume_store+0xe3/0x130 [ 55.634290][ T3487] kernfs_fop_write_iter+0x3a2/0x4f0 [ 55.640086][ T3487] vfs_write+0xacf/0xe50 [ 55.644855][ T3487] ksys_write+0x1a2/0x2c0 [ 55.649736][ T3487] do_syscall_64+0x3d/0xb0 [ 55.654668][ T3487] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 55.661076][ T3487] [ 55.661076][ T3487] -> #4 (&of->mutex){+.+.}-{3:3}: [ 55.668273][ T3487] lock_acquire+0x1db/0x4f0 [ 55.673289][ T3487] __mutex_lock_common+0x1da/0x25a0 [ 55.679018][ T3487] mutex_lock_nested+0x17/0x20 [ 55.684290][ T3487] kernfs_seq_start+0x50/0x3b0 [ 55.689569][ T3487] seq_read_iter+0x3d0/0xd10 [ 55.694756][ T3487] vfs_read+0xa9f/0xe10 [ 55.699422][ T3487] ksys_read+0x1a2/0x2c0 [ 55.704172][ T3487] do_syscall_64+0x3d/0xb0 [ 55.709104][ T3487] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 55.715608][ T3487] [ 55.715608][ T3487] -> #3 (&p->lock){+.+.}-{3:3}: [ 55.722643][ T3487] lock_acquire+0x1db/0x4f0 [ 55.727663][ T3487] __mutex_lock_common+0x1da/0x25a0 [ 55.733372][ T3487] mutex_lock_nested+0x17/0x20 [ 55.738644][ T3487] seq_read_iter+0xae/0xd10 [ 55.743673][ T3487] proc_reg_read_iter+0x1b7/0x280 [ 55.749224][ T3487] generic_file_splice_read+0x4ad/0x790 [ 55.755285][ T3487] splice_direct_to_actor+0x448/0xc10 [ 55.761165][ T3487] do_splice_direct+0x285/0x3d0 [ 55.766538][ T3487] do_sendfile+0x625/0xff0 [ 55.771484][ T3487] __se_sys_sendfile64+0x178/0x1e0 [ 55.777118][ T3487] do_syscall_64+0x3d/0xb0 [ 55.782051][ T3487] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 55.788589][ T3487] [ 55.788589][ T3487] -> #2 (sb_writers#3){.+.+}-{0:0}: [ 55.795977][ T3487] lock_acquire+0x1db/0x4f0 [ 55.801003][ T3487] lo_write_bvec+0x1a3/0x740 [ 55.806126][ T3487] loop_process_work+0x2309/0x2af0 [ 55.811761][ T3487] process_one_work+0x8a1/0x10c0 [ 55.817216][ T3487] worker_thread+0xaca/0x1280 [ 55.822404][ T3487] kthread+0x3f6/0x4f0 [ 55.826983][ T3487] ret_from_fork+0x1f/0x30 [ 55.831941][ T3487] [ 55.831941][ T3487] -> #1 ((work_completion)(&lo->rootcg_work)){+.+.}-{0:0}: [ 55.841309][ T3487] lock_acquire+0x1db/0x4f0 [ 55.846327][ T3487] process_one_work+0x7f1/0x10c0 [ 55.851795][ T3487] worker_thread+0xaca/0x1280 [ 55.856998][ T3487] kthread+0x3f6/0x4f0 [ 55.861577][ T3487] ret_from_fork+0x1f/0x30 [ 55.866514][ T3487] [ 55.866514][ T3487] -> #0 ((wq_completion)loop0){+.+.}-{0:0}: [ 55.874598][ T3487] validate_chain+0x1646/0x58b0 [ 55.879960][ T3487] __lock_acquire+0x1295/0x1ff0 [ 55.885320][ T3487] lock_acquire+0x1db/0x4f0 [ 55.890338][ T3487] flush_workqueue+0x170/0x1610 [ 55.895706][ T3487] drain_workqueue+0xc5/0x390 [ 55.900907][ T3487] destroy_workqueue+0x7b/0xae0 [ 55.906281][ T3487] __loop_clr_fd+0x241/0xbe0 [ 55.911390][ T3487] blkdev_put+0x455/0x790 [ 55.916241][ T3487] kill_f2fs_super+0x2ff/0x3c0 [ 55.921625][ T3487] deactivate_locked_super+0xa0/0x110 [ 55.927608][ T3487] cleanup_mnt+0x44e/0x500 [ 55.932538][ T3487] task_work_run+0x129/0x1a0 [ 55.937639][ T3487] do_exit+0x6a3/0x2480 [ 55.942304][ T3487] do_group_exit+0x144/0x310 [ 55.947421][ T3487] __x64_sys_exit_group+0x3b/0x40 [ 55.952959][ T3487] do_syscall_64+0x3d/0xb0 [ 55.957896][ T3487] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 55.964316][ T3487] [ 55.964316][ T3487] other info that might help us debug this: [ 55.964316][ T3487] [ 55.974538][ T3487] Chain exists of: [ 55.974538][ T3487] (wq_completion)loop0 --> &disk->open_mutex --> &lo->lo_mutex [ 55.974538][ T3487] [ 55.987998][ T3487] Possible unsafe locking scenario: [ 55.987998][ T3487] [ 55.995434][ T3487] CPU0 CPU1 [ 56.000781][ T3487] ---- ---- [ 56.006127][ T3487] lock(&lo->lo_mutex); [ 56.010359][ T3487] lock(&disk->open_mutex); [ 56.017451][ T3487] lock(&lo->lo_mutex); [ 56.024197][ T3487] lock((wq_completion)loop0); [ 56.029055][ T3487] [ 56.029055][ T3487] *** DEADLOCK *** [ 56.029055][ T3487] [ 56.037182][ T3487] 2 locks held by syz-executor428/3487: [ 56.042709][ T3487] #0: ffff88801b604118 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_put+0xfb/0x790 [ 56.052017][ T3487] #1: ffff8881473f8468 (&lo->lo_mutex){+.+.}-{3:3}, at: __loop_clr_fd+0xa9/0xbe0 [ 56.061256][ T3487] [ 56.061256][ T3487] stack backtrace: [ 56.067304][ T3487] CPU: 0 PID: 3487 Comm: syz-executor428 Not tainted 5.15.127-syzkaller #0 [ 56.075983][ T3487] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 56.086024][ T3487] Call Trace: [ 56.089328][ T3487] [ 56.092247][ T3487] dump_stack_lvl+0x1e3/0x2cb [ 56.096918][ T3487] ? io_uring_drop_tctx_refs+0x19d/0x19d [ 56.102642][ T3487] ? print_circular_bug+0x12b/0x1a0 [ 56.107833][ T3487] check_noncircular+0x2f8/0x3b0 [ 56.112781][ T3487] ? add_chain_block+0x850/0x850 [ 56.117711][ T3487] ? lockdep_lock+0x11f/0x2a0 [ 56.122497][ T3487] ? lockdep_unlock+0x166/0x300 [ 56.127359][ T3487] ? lockdep_lock+0x2a0/0x2a0 [ 56.132030][ T3487] validate_chain+0x1646/0x58b0 [ 56.136881][ T3487] ? reacquire_held_locks+0x660/0x660 [ 56.142245][ T3487] ? reacquire_held_locks+0x660/0x660 [ 56.147629][ T3487] ? __lock_acquire+0x1295/0x1ff0 [ 56.152648][ T3487] ? reacquire_held_locks+0x660/0x660 [ 56.158030][ T3487] ? mark_lock+0x98/0x340 [ 56.162358][ T3487] __lock_acquire+0x1295/0x1ff0 [ 56.167212][ T3487] lock_acquire+0x1db/0x4f0 [ 56.171721][ T3487] ? flush_workqueue+0x154/0x1610 [ 56.176749][ T3487] ? read_lock_is_recursive+0x10/0x10 [ 56.182115][ T3487] ? lockdep_softirqs_off+0x420/0x420 [ 56.187485][ T3487] ? __init_swait_queue_head+0xaa/0x140 [ 56.193045][ T3487] flush_workqueue+0x170/0x1610 [ 56.197887][ T3487] ? flush_workqueue+0x154/0x1610 [ 56.202917][ T3487] ? __mutex_lock_common+0x444/0x25a0 [ 56.208283][ T3487] ? rcu_work_rcufn+0x140/0x140 [ 56.213130][ T3487] ? finish_wait+0xc5/0x1d0 [ 56.217627][ T3487] drain_workqueue+0xc5/0x390 [ 56.222296][ T3487] destroy_workqueue+0x7b/0xae0 [ 56.227137][ T3487] __loop_clr_fd+0x241/0xbe0 [ 56.231723][ T3487] ? lo_release+0x177/0x1f0 [ 56.236211][ T3487] ? lo_open+0x100/0x100 [ 56.240445][ T3487] blkdev_put+0x455/0x790 [ 56.244768][ T3487] kill_f2fs_super+0x2ff/0x3c0 [ 56.249521][ T3487] ? unregister_shrinker+0x266/0x320 [ 56.254804][ T3487] ? f2fs_mount+0x40/0x40 [ 56.259124][ T3487] ? kfree+0x4a/0x270 [ 56.263092][ T3487] ? unregister_shrinker+0x266/0x320 [ 56.269844][ T3487] deactivate_locked_super+0xa0/0x110 [ 56.275210][ T3487] cleanup_mnt+0x44e/0x500 [ 56.279629][ T3487] ? lockdep_hardirqs_on+0x94/0x130 [ 56.284819][ T3487] task_work_run+0x129/0x1a0 [ 56.289422][ T3487] do_exit+0x6a3/0x2480 [ 56.293573][ T3487] ? put_task_struct+0x80/0x80 [ 56.298348][ T3487] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 56.304324][ T3487] ? vtime_user_exit+0x2d1/0x400 [ 56.309256][ T3487] do_group_exit+0x144/0x310 [ 56.313857][ T3487] __x64_sys_exit_group+0x3b/0x40 [ 56.318896][ T3487] do_syscall_64+0x3d/0xb0 [ 56.323390][ T3487] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 56.329275][ T3487] RIP: 0033:0x7f15bf4b5b49 [ 56.333701][ T3487] Code: Unable to access opcode bytes at RIP 0x7f15bf4b5b1f. [ 56.341061][ T3487] RSP: 002b:00007ffe6d1339b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 56.349484][ T3487] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f15bf4b5b49 [ 56.357543][ T3487] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001 [ 56.365503][ T3487] RBP: 00007f15bf5393d0 R08: ffffffffffffffb8 R09: 0000555555e4e378 [ 56.373462][ T3487] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f15bf5393d0 [ 56.381419][ T3487] R13: 0000000000000000 R14: 00007f15bf53a140 R15: 00007f15bf483e20 [ 56.389384][ T3487]