Warning: Permanently added '10.128.0.208' (ED25519) to the list of known hosts. executing program [ 31.997006][ T5993] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=5993 'syz-executor346' [ 32.183290][ T5993] loop0: detected capacity change from 0 to 40427 [ 32.189291][ T5993] F2FS-fs (loop0): invalid crc value [ 32.193688][ T5993] F2FS-fs (loop0): Found nat_bits in checkpoint [ 32.205834][ T5993] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 32.212718][ T5993] [ 32.213277][ T5993] ====================================================== [ 32.215024][ T5993] WARNING: possible circular locking dependency detected [ 32.216798][ T5993] 6.5.0-rc7-syzkaller-gfe4469582053 #0 Not tainted [ 32.218415][ T5993] ------------------------------------------------------ [ 32.220216][ T5993] syz-executor346/5993 is trying to acquire lock: [ 32.221857][ T5993] ffff0000e02ab160 (&fi->i_sem){+.+.}-{3:3}, at: f2fs_add_inline_entry+0x350/0x650 [ 32.224177][ T5993] [ 32.224177][ T5993] but task is already holding lock: [ 32.226008][ T5993] ffff0000e02aa250 (&fi->i_xattr_sem){.+.+}-{3:3}, at: f2fs_do_add_link+0x2ac/0x5a4 [ 32.228532][ T5993] [ 32.228532][ T5993] which lock already depends on the new lock. [ 32.228532][ T5993] [ 32.231193][ T5993] [ 32.231193][ T5993] the existing dependency chain (in reverse order) is: [ 32.233531][ T5993] [ 32.233531][ T5993] -> #1 (&fi->i_xattr_sem){.+.+}-{3:3}: [ 32.235486][ T5993] down_read+0x58/0x2fc [ 32.236693][ T5993] f2fs_getxattr+0x9c/0x11b0 [ 32.238011][ T5993] __f2fs_get_acl+0x6c/0x5e4 [ 32.239337][ T5993] f2fs_init_acl+0xe8/0x8f0 [ 32.240644][ T5993] f2fs_init_inode_metadata+0x840/0x11a8 [ 32.242234][ T5993] f2fs_add_regular_entry+0x760/0xe0c [ 32.243761][ T5993] f2fs_do_add_link+0x300/0x5a4 [ 32.245138][ T5993] f2fs_mkdir+0x2a4/0x4ec [ 32.246434][ T5993] vfs_mkdir+0x240/0x3a8 [ 32.247639][ T5993] do_mkdirat+0x20c/0x610 [ 32.248913][ T5993] __arm64_sys_mkdirat+0x90/0xa8 [ 32.250336][ T5993] invoke_syscall+0x98/0x2b8 [ 32.251675][ T5993] el0_svc_common+0x130/0x23c [ 32.253024][ T5993] do_el0_svc+0x48/0x58 [ 32.254223][ T5993] el0_svc+0x58/0x16c [ 32.255426][ T5993] el0t_64_sync_handler+0x84/0xfc [ 32.256866][ T5993] el0t_64_sync+0x190/0x194 [ 32.258136][ T5993] [ 32.258136][ T5993] -> #0 (&fi->i_sem){+.+.}-{3:3}: [ 32.259957][ T5993] __lock_acquire+0x3370/0x75e8 [ 32.261313][ T5993] lock_acquire+0x23c/0x71c [ 32.262607][ T5993] down_write+0x50/0xc0 [ 32.263778][ T5993] f2fs_add_inline_entry+0x350/0x650 [ 32.265361][ T5993] f2fs_do_add_link+0x2c4/0x5a4 [ 32.266712][ T5993] f2fs_mkdir+0x2a4/0x4ec [ 32.268003][ T5993] vfs_mkdir+0x240/0x3a8 [ 32.269278][ T5993] ovl_mkdir_real+0xa8/0x1fc [ 32.270611][ T5993] ovl_workdir_create+0x354/0x74c [ 32.272081][ T5993] ovl_get_workdir+0x28c/0x129c [ 32.273411][ T5993] ovl_fill_super+0x1b6c/0x2d94 [ 32.274726][ T5993] get_tree_nodev+0xb4/0x16c [ 32.276031][ T5993] ovl_get_tree+0x28/0x38 [ 32.277305][ T5993] vfs_get_tree+0x90/0x274 [ 32.278568][ T5993] do_new_mount+0x25c/0x8c8 [ 32.279831][ T5993] path_mount+0x590/0xe04 [ 32.281069][ T5993] __arm64_sys_mount+0x45c/0x594 [ 32.282464][ T5993] invoke_syscall+0x98/0x2b8 [ 32.283806][ T5993] el0_svc_common+0x130/0x23c [ 32.285146][ T5993] do_el0_svc+0x48/0x58 [ 32.286297][ T5993] el0_svc+0x58/0x16c [ 32.287424][ T5993] el0t_64_sync_handler+0x84/0xfc [ 32.288872][ T5993] el0t_64_sync+0x190/0x194 [ 32.290163][ T5993] [ 32.290163][ T5993] other info that might help us debug this: [ 32.290163][ T5993] [ 32.292706][ T5993] Possible unsafe locking scenario: [ 32.292706][ T5993] [ 32.294559][ T5993] CPU0 CPU1 [ 32.295921][ T5993] ---- ---- [ 32.297330][ T5993] rlock(&fi->i_xattr_sem); [ 32.298477][ T5993] lock(&fi->i_sem); [ 32.300119][ T5993] lock(&fi->i_xattr_sem); [ 32.301887][ T5993] lock(&fi->i_sem); [ 32.302933][ T5993] [ 32.302933][ T5993] *** DEADLOCK *** [ 32.302933][ T5993] [ 32.305021][ T5993] 5 locks held by syz-executor346/5993: [ 32.306435][ T5993] #0: ffff0000dbf5a0e0 (&type->s_umount_key#42/1){+.+.}-{3:3}, at: alloc_super+0x1b4/0x80c [ 32.309110][ T5993] #1: ffff0000c27c0410 (sb_writers#8){.+.+}-{0:0}, at: mnt_want_write+0x44/0x9c [ 32.311499][ T5993] #2: ffff0000e02a9bd8 (&type->i_mutex_dir_key#6/1){+.+.}-{3:3}, at: ovl_workdir_create+0x138/0x74c [ 32.314413][ T5993] #3: ffff0000da5903b0 (&sbi->cp_rwsem){.+.+}-{3:3}, at: f2fs_mkdir+0x1f8/0x4ec [ 32.316816][ T5993] #4: ffff0000e02aa250 (&fi->i_xattr_sem){.+.+}-{3:3}, at: f2fs_do_add_link+0x2ac/0x5a4 [ 32.319449][ T5993] [ 32.319449][ T5993] stack backtrace: [ 32.320919][ T5993] CPU: 0 PID: 5993 Comm: syz-executor346 Not tainted 6.5.0-rc7-syzkaller-gfe4469582053 #0 [ 32.323404][ T5993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023 [ 32.326034][ T5993] Call trace: [ 32.326891][ T5993] dump_backtrace+0x1b8/0x1e4 [ 32.328135][ T5993] show_stack+0x2c/0x44 [ 32.329203][ T5993] dump_stack_lvl+0xd0/0x124 [ 32.330363][ T5993] dump_stack+0x1c/0x28 [ 32.331474][ T5993] print_circular_bug+0x150/0x1b8 [ 32.332737][ T5993] check_noncircular+0x310/0x404 [ 32.333986][ T5993] __lock_acquire+0x3370/0x75e8 [ 32.335189][ T5993] lock_acquire+0x23c/0x71c [ 32.336322][ T5993] down_write+0x50/0xc0 [ 32.337390][ T5993] f2fs_add_inline_entry+0x350/0x650 [ 32.338757][ T5993] f2fs_do_add_link+0x2c4/0x5a4 [ 32.340007][ T5993] f2fs_mkdir+0x2a4/0x4ec [ 32.341138][ T5993] vfs_mkdir+0x240/0x3a8 [ 32.342193][ T5993] ovl_mkdir_real+0xa8/0x1fc [ 32.343372][ T5993] ovl_workdir_create+0x354/0x74c [ 32.344650][ T5993] ovl_get_workdir+0x28c/0x129c [ 32.345950][ T5993] ovl_fill_super+0x1b6c/0x2d94 [ 32.347237][ T5993] get_tree_nodev+0xb4/0x16c [ 32.348413][ T5993] ovl_get_tree+0x28/0x38 [ 32.349562][ T5993] vfs_get_tree+0x90/0x274 [ 32.350714][ T5993] do_new_mount+0x25c/0x8c8 [ 32.351911][ T5993] path_mount+0x590/0xe04 [ 32.353043][ T5993] __arm64_sys_mount+0x45c/0x594 [ 32.354341][ T5993] invoke_syscall+0x98/0x2b8 [ 32.355520][ T5993] el0_svc_common+0x130/0x23c [ 32.356778][ T5993] do_el0_svc+0x48/0x58 [ 32.357867][ T5993] el0_svc+0x58/0x16c [ 32.358829][ T5993] el0t_64_sync_handler+0x84/0xfc [ 32.360147][ T5993] el0t_64_sync+0x190/0x194