./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3961353427

<...>
Warning: Permanently added '10.128.0.205' (ED25519) to the list of known hosts.
execve("./syz-executor3961353427", ["./syz-executor3961353427"], 0x7ffcbc7e2900 /* 10 vars */) = 0
brk(NULL)                               = 0x5555557e5000
brk(0x5555557e5d00)                     = 0x5555557e5d00
arch_prctl(ARCH_SET_FS, 0x5555557e5380) = 0
set_tid_address(0x5555557e5650)         = 5014
set_robust_list(0x5555557e5660, 24)     = 0
rseq(0x5555557e5ca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor3961353427", 4096) = 28
getrandom("\x34\xdc\xbe\x67\x9a\x2e\xe8\x91", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x5555557e5d00
brk(0x555555806d00)                     = 0x555555806d00
brk(0x555555807000)                     = 0x555555807000
mprotect(0x7f03e9741000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
memfd_create("syzkaller", 0)            = 3
mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f03e128c000
[   55.925331][ T5014] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=5014 'syz-executor396'
write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
munmap(0x7f03e128c000, 20699119)        = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 4
ioctl(4, LOOP_SET_FD, 3)                = 0
close(3)                                = 0
mkdir("./bus", 0777)                    = 0
[   56.104915][ T5014] loop0: detected capacity change from 0 to 40427
[   56.117519][ T5014] F2FS-fs (loop0): invalid crc value
[   56.126525][ T5014] F2FS-fs (loop0): Found nat_bits in checkpoint
mount("/dev/loop0", "./bus", "f2fs", MS_STRICTATIME|MS_LAZYTIME, "") = 0
openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
chdir("./bus")                          = 0
ioctl(4, LOOP_CLR_FD)                   = 0
close(4)                                = 0
mkdirat(AT_FDCWD, "./file1", 000)       = 0
mkdirat(AT_FDCWD, "./file0", 000)       = 0
openat(AT_FDCWD, ".", O_RDONLY)         = 4
mkdirat(4, "./bus", 000)                = 0
[   56.155258][ T5014] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[   56.185819][ T5014] 
[   56.188193][ T5014] ======================================================
[   56.195226][ T5014] WARNING: possible circular locking dependency detected
[   56.202352][ T5014] 6.5.0-rc5-syzkaller-00056-gcacc6e22932f #0 Not tainted
[   56.209637][ T5014] ------------------------------------------------------
[   56.216640][ T5014] syz-executor396/5014 is trying to acquire lock:
[   56.223035][ T5014] ffff8880751dba38 (&fi->i_sem){+.+.}-{3:3}, at: f2fs_add_inline_entry+0x3a8/0x760
[   56.232377][ T5014] 
[   56.232377][ T5014] but task is already holding lock:
[   56.239807][ T5014] ffff8880751dab28 (&fi->i_xattr_sem){.+.+}-{3:3}, at: f2fs_add_dentry+0x9f/0x1e0
[   56.249038][ T5014] 
[   56.249038][ T5014] which lock already depends on the new lock.
[   56.249038][ T5014] 
[   56.259546][ T5014] 
[   56.259546][ T5014] the existing dependency chain (in reverse order) is:
[   56.268562][ T5014] 
[   56.268562][ T5014] -> #1 (&fi->i_xattr_sem){.+.+}-{3:3}:
[   56.277535][ T5014]        down_read+0x47/0x2f0
[   56.282229][ T5014]        f2fs_getxattr+0xb8/0x1460
[   56.287329][ T5014]        __f2fs_get_acl+0x52/0x8e0
[   56.292425][ T5014]        f2fs_init_acl+0xd7/0x9a0
[   56.297437][ T5014]        f2fs_init_inode_metadata+0x824/0x1190
[   56.303601][ T5014]        f2fs_add_regular_entry+0x904/0xe30
[   56.309496][ T5014]        f2fs_add_dentry+0xf7/0x1e0
[   56.314879][ T5014]        f2fs_do_add_link+0x21e/0x340
[   56.320253][ T5014]        f2fs_mkdir+0x2f5/0x530
[   56.325132][ T5014]        vfs_mkdir+0x29d/0x450
[   56.329927][ T5014]        do_mkdirat+0x264/0x520
[   56.334782][ T5014]        __x64_sys_mkdirat+0x89/0xa0
[   56.340260][ T5014]        do_syscall_64+0x41/0xc0
[   56.345205][ T5014]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   56.351621][ T5014] 
[   56.351621][ T5014] -> #0 (&fi->i_sem){+.+.}-{3:3}:
[   56.358822][ T5014]        __lock_acquire+0x39ff/0x7f70
[   56.364184][ T5014]        lock_acquire+0x1e3/0x520
[   56.369196][ T5014]        down_write+0x3a/0x50
[   56.373867][ T5014]        f2fs_add_inline_entry+0x3a8/0x760
[   56.379667][ T5014]        f2fs_add_dentry+0xba/0x1e0
[   56.384868][ T5014]        f2fs_do_add_link+0x21e/0x340
[   56.390354][ T5014]        f2fs_mkdir+0x2f5/0x530
[   56.395221][ T5014]        vfs_mkdir+0x29d/0x450
[   56.400346][ T5014]        ovl_mkdir_real+0xd3/0x2d0
[   56.405549][ T5014]        ovl_workdir_create+0x451/0x970
[   56.411101][ T5014]        ovl_get_workdir+0x2f4/0x17f0
[   56.416499][ T5014]        ovl_fill_super+0x21af/0x3660
[   56.422203][ T5014]        get_tree_nodev+0xb3/0x160
[   56.427323][ T5014]        vfs_get_tree+0x8c/0x270
[   56.432445][ T5014]        do_new_mount+0x28f/0xae0
[   56.437580][ T5014]        __se_sys_mount+0x2d9/0x3c0
[   56.442812][ T5014]        do_syscall_64+0x41/0xc0
[   56.447943][ T5014]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   56.454365][ T5014] 
[   56.454365][ T5014] other info that might help us debug this:
[   56.454365][ T5014] 
[   56.464628][ T5014]  Possible unsafe locking scenario:
[   56.464628][ T5014] 
[   56.472101][ T5014]        CPU0                    CPU1
[   56.477483][ T5014]        ----                    ----
[   56.482836][ T5014]   rlock(&fi->i_xattr_sem);
[   56.487420][ T5014]                                lock(&fi->i_sem);
[   56.494013][ T5014]                                lock(&fi->i_xattr_sem);
[   56.501148][ T5014]   lock(&fi->i_sem);
[   56.505136][ T5014] 
[   56.505136][ T5014]  *** DEADLOCK ***
[   56.505136][ T5014] 
[   56.513371][ T5014] 5 locks held by syz-executor396/5014:
[   56.519009][ T5014]  #0: ffff8880136ae0e0 (&type->s_umount_key#43/1){+.+.}-{3:3}, at: alloc_super+0x217/0x920
[   56.530353][ T5014]  #1: ffff88807bf46410 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90
[   56.539516][ T5014]  #2: ffff8880751da4b0 (&type->i_mutex_dir_key#6/1){+.+.}-{3:3}, at: ovl_workdir_create+0x160/0x970
[   56.550516][ T5014]  #3: ffff888016ab43b0 (&sbi->cp_rwsem){.+.+}-{3:3}, at: f2fs_mkdir+0x225/0x530
[   56.559740][ T5014]  #4: ffff8880751dab28 (&fi->i_xattr_sem){.+.+}-{3:3}, at: f2fs_add_dentry+0x9f/0x1e0
[   56.569385][ T5014] 
[   56.569385][ T5014] stack backtrace:
[   56.575273][ T5014] CPU: 0 PID: 5014 Comm: syz-executor396 Not tainted 6.5.0-rc5-syzkaller-00056-gcacc6e22932f #0
[   56.585776][ T5014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023
[   56.595925][ T5014] Call Trace:
[   56.599198][ T5014]  <TASK>
[   56.602120][ T5014]  dump_stack_lvl+0x1e7/0x2d0
[   56.606799][ T5014]  ? nf_tcp_handle_invalid+0x650/0x650
[   56.612250][ T5014]  ? print_circular_bug+0x12b/0x1a0
[   56.617446][ T5014]  check_noncircular+0x375/0x4a0
[   56.622475][ T5014]  ? print_deadlock_bug+0x600/0x600
[   56.628122][ T5014]  ? lockdep_lock+0x123/0x2b0
[   56.632825][ T5014]  ? mark_lock+0x9a/0x340
[   56.637248][ T5014]  ? _find_first_zero_bit+0xd4/0x100
[   56.642729][ T5014]  __lock_acquire+0x39ff/0x7f70
[   56.647597][ T5014]  ? verify_lock_unused+0x140/0x140
[   56.652976][ T5014]  ? rcu_lock_release+0x5/0x30
[   56.657749][ T5014]  ? f2fs_inode_chksum_verify+0xd9/0x360
[   56.663484][ T5014]  lock_acquire+0x1e3/0x520
[   56.667991][ T5014]  ? f2fs_add_inline_entry+0x3a8/0x760
[   56.673462][ T5014]  ? read_lock_is_recursive+0x20/0x20
[   56.678921][ T5014]  ? __might_sleep+0xc0/0xc0
[   56.683506][ T5014]  ? pagecache_get_page+0xeb/0x220
[   56.688613][ T5014]  ? f2fs_grab_cache_page+0x38/0x360
[   56.693892][ T5014]  ? _find_next_zero_bit+0x8c/0x140
[   56.699268][ T5014]  ? _find_next_bit+0xed/0x130
[   56.704054][ T5014]  down_write+0x3a/0x50
[   56.708314][ T5014]  ? f2fs_add_inline_entry+0x3a8/0x760
[   56.713772][ T5014]  f2fs_add_inline_entry+0x3a8/0x760
[   56.719094][ T5014]  ? f2fs_setup_filename+0x145/0x360
[   56.724402][ T5014]  ? do_convert_inline_dir+0x1cb0/0x1cb0
[   56.730045][ T5014]  ? down_read+0x1b5/0x2f0
[   56.734457][ T5014]  f2fs_add_dentry+0xba/0x1e0
[   56.739142][ T5014]  f2fs_do_add_link+0x21e/0x340
[   56.745307][ T5014]  ? __might_sleep+0xc0/0xc0
[   56.749915][ T5014]  ? f2fs_add_dentry+0x1e0/0x1e0
[   56.754860][ T5014]  ? f2fs_get_link+0x110/0x110
[   56.759627][ T5014]  ? down_read+0x1b5/0x2f0
[   56.764039][ T5014]  f2fs_mkdir+0x2f5/0x530
[   56.768365][ T5014]  vfs_mkdir+0x29d/0x450
[   56.772681][ T5014]  ? lookup_one+0x1a9/0x2f0
[   56.777176][ T5014]  ovl_mkdir_real+0xd3/0x2d0
[   56.782255][ T5014]  ovl_workdir_create+0x451/0x970
[   56.787298][ T5014]  ? ovl_statfs+0x1c0/0x1c0
[   56.791822][ T5014]  ? rcu_read_lock_any_held+0xb7/0x160
[   56.797309][ T5014]  ? __mnt_want_write+0x22d/0x2b0
[   56.802347][ T5014]  ovl_get_workdir+0x2f4/0x17f0
[   56.807211][ T5014]  ? ovl_fill_super+0x3660/0x3660
[   56.812256][ T5014]  ? ovl_inuse_trylock+0xbc/0xd0
[   56.817293][ T5014]  ? do_raw_spin_lock+0x14d/0x3a0
[   56.822329][ T5014]  ? __lock_acquire+0x7f70/0x7f70
[   56.827639][ T5014]  ? do_raw_spin_unlock+0x13b/0x8b0
[   56.833859][ T5014]  ? rcu_is_watching+0x15/0xb0
[   56.838641][ T5014]  ? _raw_spin_unlock+0x28/0x40
[   56.843616][ T5014]  ? ovl_inuse_trylock+0xbc/0xd0
[   56.848579][ T5014]  ovl_fill_super+0x21af/0x3660
[   56.853452][ T5014]  ? sget_fc+0x5c2/0x630
[   56.857698][ T5014]  ? virtio_fs_zero_page_range+0x190/0x190
[   56.863584][ T5014]  ? read_lock_is_recursive+0x20/0x20
[   56.868955][ T5014]  ? up_write+0x1a9/0x580
[   56.873272][ T5014]  ? __lock_acquire+0x7f70/0x7f70
[   56.878294][ T5014]  ? kill_litter_super+0xa0/0xa0
[   56.883654][ T5014]  ? virtio_fs_zero_page_range+0x190/0x190
[   56.889539][ T5014]  get_tree_nodev+0xb3/0x160
[   56.894131][ T5014]  vfs_get_tree+0x8c/0x270
[   56.899323][ T5014]  do_new_mount+0x28f/0xae0
[   56.903835][ T5014]  ? do_move_mount_old+0x170/0x170
[   56.908944][ T5014]  ? user_path_at_empty+0x12f/0x180
[   56.914138][ T5014]  __se_sys_mount+0x2d9/0x3c0
[   56.918858][ T5014]  ? __x64_sys_mount+0xc0/0xc0
[   56.923734][ T5014]  ? syscall_enter_from_user_mode+0x32/0x230
[   56.929757][ T5014]  ? __x64_sys_mount+0x20/0xc0
[   56.934531][ T5014]  do_syscall_64+0x41/0xc0
[   56.938940][ T5014]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   56.944844][ T5014] RIP: 0033:0x7f03e96c9779
[   56.949246][ T5014] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   56.968928][ T5014] RSP: 002b:00007ffc183b9058 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   56.977329][ T5014] RAX: ffffffffffffffda RBX: 00007ffc183b9228 RCX: 00007f03e96c9779
[   56.985288][ T5014] RDX: 0000000020000240 RSI: 0000000020000500 RDI: 0000000020000f7a
[   56.993247][ T5014] RBP: 00007f03e9741610 R08: 0000000020000080 R09: 00007ffc183b9228
[   57.001218][ T5014] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
mount("", "./bus", "overlay", 0, "workdir=./file0,upperdir=./bus,lowerdir=./file1,") = 0
exit_group(0)                           = ?
+++ exited with 0 +++
[