./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor482769339 <...> Warning: Permanently added '10.128.0.141' (ED25519) to the list of known hosts. execve("./syz-executor482769339", ["./syz-executor482769339"], 0x7ffc202e5a70 /* 10 vars */) = 0 brk(NULL) = 0x555564ac6000 brk(0x555564ac6d00) = 0x555564ac6d00 arch_prctl(ARCH_SET_FS, 0x555564ac6380) = 0 set_tid_address(0x555564ac6650) = 5225 set_robust_list(0x555564ac6660, 24) = 0 rseq(0x555564ac6ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor482769339", 4096) = 27 getrandom("\x95\xa8\xe0\xdf\x6b\xcd\x68\x7d", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555564ac6d00 brk(0x555564ae7d00) = 0x555564ae7d00 brk(0x555564ae8000) = 0x555564ae8000 mprotect(0x7f61d04bd000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 executing program write(1, "executing program\n", 18) = 18 memfd_create("syzkaller", 0) = 3 mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f61c8000000 write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216 munmap(0x7f61c8000000, 138412032) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 ioctl(4, LOOP_SET_FD, 3) = 0 close(3) = 0 close(4) = 0 mkdir("./file0", 0777) = 0 [ 57.311113][ T5225] loop0: detected capacity change from 0 to 32768 [ 57.410402][ T5225] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names [ 57.428604][ T5225] [ 57.431003][ T5225] ============================================ [ 57.437522][ T5225] WARNING: possible recursive locking detected [ 57.444523][ T5225] 6.12.0-rc2-syzkaller-00305-g7234e2ea0edd #0 Not tainted [ 57.451949][ T5225] -------------------------------------------- [ 57.459347][ T5225] syz-executor482/5225 is trying to acquire lock: [ 57.466031][ T5225] ffff888075400908 (&c->sb_lock){+.+.}-{3:3}, at: bch2_replicas_entry_validate+0x2a/0x80 [ 57.480181][ T5225] [ 57.480181][ T5225] but task is already holding lock: [ 57.488707][ T5225] ffff888075400908 (&c->sb_lock){+.+.}-{3:3}, at: bch2_read_superblock_clean+0x36/0x520 [ 57.500533][ T5225] [ 57.500533][ T5225] other info that might help us debug this: [ 57.510441][ T5225] Possible unsafe locking scenario: [ 57.510441][ T5225] [ 57.518606][ T5225] CPU0 [ 57.521947][ T5225] ---- [ 57.525258][ T5225] lock(&c->sb_lock); [ 57.529445][ T5225] lock(&c->sb_lock); [ 57.534117][ T5225] [ 57.534117][ T5225] *** DEADLOCK *** [ 57.534117][ T5225] [ 57.543859][ T5225] May be due to missing lock nesting notation [ 57.543859][ T5225] [ 57.556093][ T5225] 2 locks held by syz-executor482/5225: [ 57.562621][ T5225] #0: ffff888075400278 (&c->state_lock){+.+.}-{3:3}, at: bch2_fs_start+0x45/0x5b0 [ 57.574292][ T5225] #1: ffff888075400908 (&c->sb_lock){+.+.}-{3:3}, at: bch2_read_superblock_clean+0x36/0x520 [ 57.587443][ T5225] [ 57.587443][ T5225] stack backtrace: [ 57.593812][ T5225] CPU: 0 UID: 0 PID: 5225 Comm: syz-executor482 Not tainted 6.12.0-rc2-syzkaller-00305-g7234e2ea0edd #0 [ 57.607359][ T5225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 57.618171][ T5225] Call Trace: [ 57.622181][ T5225] [ 57.625174][ T5225] dump_stack_lvl+0x241/0x360 [ 57.629890][ T5225] ? __pfx_dump_stack_lvl+0x10/0x10 [ 57.635374][ T5225] ? __pfx__printk+0x10/0x10 [ 57.640059][ T5225] ? lockdep_unlock+0x16a/0x300 [ 57.646173][ T5225] print_deadlock_bug+0x483/0x620 [ 57.651419][ T5225] validate_chain+0x15e2/0x5920 [ 57.656815][ T5225] ? __pfx___bfs+0x10/0x10 [ 57.661921][ T5225] ? __pfx_validate_chain+0x10/0x10 [ 57.667511][ T5225] ? mark_lock+0x9a/0x360 [ 57.672918][ T5225] ? __lock_acquire+0x1384/0x2050 [ 57.680091][ T5225] ? mark_lock+0x9a/0x360 [ 57.685131][ T5225] __lock_acquire+0x1384/0x2050 [ 57.690538][ T5225] lock_acquire+0x1ed/0x550 [ 57.696422][ T5225] ? bch2_replicas_entry_validate+0x2a/0x80 [ 57.704306][ T5225] ? __pfx_lock_acquire+0x10/0x10 [ 57.709630][ T5225] ? lockdep_hardirqs_on+0x99/0x150 [ 57.715114][ T5225] ? __pfx___might_resched+0x10/0x10 [ 57.720498][ T5225] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 57.726588][ T5225] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 57.733046][ T5225] ? stack_trace_save+0x118/0x1d0 [ 57.738210][ T5225] __mutex_lock+0x136/0xd70 [ 57.742786][ T5225] ? bch2_replicas_entry_validate+0x2a/0x80 [ 57.748902][ T5225] ? kasan_save_track+0x51/0x80 [ 57.754569][ T5225] ? kasan_save_track+0x3f/0x80 [ 57.759521][ T5225] ? __kasan_kmalloc+0x98/0xb0 [ 57.764282][ T5225] ? __kmalloc_node_track_caller_noprof+0x225/0x440 [ 57.771669][ T5225] ? kmemdup_noprof+0x2a/0x60 [ 57.776494][ T5225] ? bch2_read_superblock_clean+0xd6/0x520 [ 57.782690][ T5225] ? bch2_replicas_entry_validate+0x2a/0x80 [ 57.790004][ T5225] ? bch2_fs_start+0x356/0x5b0 [ 57.796714][ T5225] ? __pfx___mutex_lock+0x10/0x10 [ 57.802290][ T5225] ? do_syscall_64+0xf3/0x230 [ 57.807110][ T5225] bch2_replicas_entry_validate+0x2a/0x80 [ 57.812948][ T5225] journal_entry_data_usage_validate+0x2b6/0x690 [ 57.819502][ T5225] ? __pfx_journal_entry_data_usage_validate+0x10/0x10 [ 57.826449][ T5225] ? journal_entry_usage_validate+0xc2/0x360 [ 57.832619][ T5225] ? __pfx_journal_entry_usage_validate+0x10/0x10 [ 57.839334][ T5225] ? rcu_is_watching+0x15/0xb0 [ 57.844496][ T5225] ? trace_kmalloc+0x1f/0xd0 [ 57.849204][ T5225] ? __kmalloc_node_track_caller_noprof+0x242/0x440 [ 57.856778][ T5225] ? kmemdup_noprof+0x45/0x60 [ 57.861783][ T5225] ? bch2_journal_entry_validate+0x6a/0xf0 [ 57.868680][ T5225] bch2_read_superblock_clean+0x207/0x520 [ 57.874885][ T5225] bch2_fs_recovery+0x1f4/0x39c0 [ 57.880693][ T5225] ? mark_lock+0x9a/0x360 [ 57.885298][ T5225] ? __lock_acquire+0x1384/0x2050 [ 57.890931][ T5225] ? __pfx_bch2_fs_recovery+0x10/0x10 [ 57.896427][ T5225] ? __pfx_lock_release+0x10/0x10 [ 57.901941][ T5225] ? bch2_get_next_online_dev+0x2b/0x4f0 [ 57.907808][ T5225] ? __pfx_lock_release+0x10/0x10 [ 57.913404][ T5225] ? bch2_get_next_online_dev+0x2b/0x4f0 [ 57.919428][ T5225] ? bch2_get_next_online_dev+0x4b9/0x4f0 [ 57.925906][ T5225] ? bch2_get_next_online_dev+0x2b/0x4f0 [ 57.932782][ T5225] ? llist_reverse_order+0x72/0x90 [ 57.938521][ T5225] bch2_fs_start+0x356/0x5b0 [ 57.943724][ T5225] bch2_fs_get_tree+0xd68/0x1710 [ 57.949834][ T5225] ? __pfx_bch2_fs_get_tree+0x10/0x10 [ 57.956880][ T5225] ? generic_parse_monolithic+0x387/0x400 [ 57.964215][ T5225] ? cap_capable+0x1b4/0x250 [ 57.973185][ T5225] ? safesetid_security_capable+0xb2/0x1d0 [ 57.980076][ T5225] vfs_get_tree+0x90/0x2b0 [ 57.984743][ T5225] do_new_mount+0x2be/0xb40 [ 57.990806][ T5225] ? __pfx_do_new_mount+0x10/0x10 [ 57.996057][ T5225] __se_sys_mount+0x2d6/0x3c0 [ 58.001215][ T5225] ? __pfx___se_sys_mount+0x10/0x10 [ 58.006461][ T5225] ? do_syscall_64+0x100/0x230 [ 58.011607][ T5225] ? __x64_sys_mount+0x20/0xc0 [ 58.016581][ T5225] do_syscall_64+0xf3/0x230 [ 58.021291][ T5225] ? clear_bhb_loop+0x35/0x90 [ 58.025986][ T5225] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 58.032010][ T5225] RIP: 0033:0x7f61d044593a [ 58.036453][ T5225] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 5e 04 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 58.058085][ T5225] RSP: 002b:00007ffcecf20138 EFLAGS: 00000282 ORIG_RAX: 00000000000000a5 [ 58.067554][ T5225] RAX: ffffffffffffffda RBX: 00007ffcecf20150 RCX: 00007f61d044593a [ 58.076352][ T5225] RDX: 00000000200058c0 RSI: 0000000020005900 RDI: 00007ffcecf20150 [ 58.085294][ T5225] RBP: 0000000000000004 R08: 00007ffcecf20190 R09: 00000000000058ff [ 58.094180][ T5225] R10: 0000000000000000 R11: 0000000000000282 R12: 0000000000000000 [ 58.102898][ T5225] R13: 00007ffcecf20190 R14: 0000000000000003 R15: 0000000001000000 [ 58.110986][ T5225]