Warning: Permanently added '10.128.1.7' (ED25519) to the list of known hosts. executing program [ 53.666692][ T3538] loop0: detected capacity change from 0 to 40427 [ 53.676845][ T3538] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 53.684825][ T3538] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 53.698728][ T3538] F2FS-fs (loop0): Found nat_bits in checkpoint [ 53.727149][ T3538] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 53.734383][ T3538] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 53.760079][ T3538] [ 53.762459][ T3538] ====================================================== [ 53.769489][ T3538] WARNING: possible circular locking dependency detected [ 53.776530][ T3538] 6.1.42-syzkaller #0 Not tainted [ 53.781596][ T3538] ------------------------------------------------------ [ 53.788608][ T3538] syz-executor272/3538 is trying to acquire lock: [ 53.795029][ T3538] ffff8880744510a8 (&fi->i_xattr_sem){.+.+}-{3:3}, at: f2fs_getxattr+0xb4/0x1460 [ 53.804162][ T3538] [ 53.804162][ T3538] but task is already holding lock: [ 53.811614][ T3538] ffff888075fd16f8 (&fi->i_sem){+.+.}-{3:3}, at: f2fs_do_tmpfile+0x21/0x160 [ 53.820490][ T3538] [ 53.820490][ T3538] which lock already depends on the new lock. [ 53.820490][ T3538] [ 53.830957][ T3538] [ 53.830957][ T3538] the existing dependency chain (in reverse order) is: [ 53.839948][ T3538] [ 53.839948][ T3538] -> #1 (&fi->i_sem){+.+.}-{3:3}: [ 53.847135][ T3538] lock_acquire+0x1f8/0x5a0 [ 53.852145][ T3538] down_write+0x36/0x60 [ 53.856821][ T3538] f2fs_add_inline_entry+0x3a4/0x760 [ 53.862612][ T3538] f2fs_add_dentry+0xb6/0x1e0 [ 53.867807][ T3538] f2fs_do_add_link+0x21a/0x340 [ 53.873231][ T3538] f2fs_create+0x749/0xa10 [ 53.878149][ T3538] path_openat+0x12f1/0x2e60 [ 53.883246][ T3538] do_filp_open+0x230/0x480 [ 53.888250][ T3538] do_sys_openat2+0x13b/0x500 [ 53.893434][ T3538] __x64_sys_creat+0x11f/0x160 [ 53.898699][ T3538] do_syscall_64+0x3d/0xb0 [ 53.903656][ T3538] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 53.910058][ T3538] [ 53.910058][ T3538] -> #0 (&fi->i_xattr_sem){.+.+}-{3:3}: [ 53.917765][ T3538] validate_chain+0x1667/0x58e0 [ 53.923119][ T3538] __lock_acquire+0x125b/0x1f80 [ 53.928469][ T3538] lock_acquire+0x1f8/0x5a0 [ 53.933471][ T3538] down_read+0x43/0x2e0 [ 53.938211][ T3538] f2fs_getxattr+0xb4/0x1460 [ 53.943307][ T3538] __f2fs_get_acl+0x52/0x8a0 [ 53.948487][ T3538] f2fs_init_acl+0xd3/0x960 [ 53.953496][ T3538] f2fs_init_inode_metadata+0xaa0/0x11d0 [ 53.959638][ T3538] f2fs_do_tmpfile+0x30/0x160 [ 53.964833][ T3538] __f2fs_tmpfile+0x1f9/0x380 [ 53.970028][ T3538] __f2fs_ioctl+0x9a02/0xbf70 [ 53.975223][ T3538] __se_sys_ioctl+0xf1/0x160 [ 53.980319][ T3538] do_syscall_64+0x3d/0xb0 [ 53.985241][ T3538] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 53.991657][ T3538] [ 53.991657][ T3538] other info that might help us debug this: [ 53.991657][ T3538] [ 54.001876][ T3538] Possible unsafe locking scenario: [ 54.001876][ T3538] [ 54.009305][ T3538] CPU0 CPU1 [ 54.014650][ T3538] ---- ---- [ 54.019997][ T3538] lock(&fi->i_sem); [ 54.023964][ T3538] lock(&fi->i_xattr_sem); [ 54.030969][ T3538] lock(&fi->i_sem); [ 54.037447][ T3538] lock(&fi->i_xattr_sem); [ 54.041930][ T3538] [ 54.041930][ T3538] *** DEADLOCK *** [ 54.041930][ T3538] [ 54.050089][ T3538] 5 locks held by syz-executor272/3538: [ 54.055619][ T3538] #0: ffff888076186460 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write_file+0x5a/0x1f0 [ 54.065267][ T3538] #1: ffff888075fd0a38 (&sb->s_type->i_mutex_key#15){+.+.}-{3:3}, at: __f2fs_ioctl+0x4142/0xbf70 [ 54.076506][ T3538] #2: ffff888075fd1010 (&fi->i_gc_rwsem[WRITE]){+.+.}-{3:3}, at: __f2fs_ioctl+0x5457/0xbf70 [ 54.086683][ T3538] #3: ffff88807d1803b0 (&sbi->cp_rwsem){++++}-{3:3}, at: __f2fs_tmpfile+0x1ce/0x380 [ 54.096166][ T3538] #4: ffff888075fd16f8 (&fi->i_sem){+.+.}-{3:3}, at: f2fs_do_tmpfile+0x21/0x160 [ 54.105303][ T3538] [ 54.105303][ T3538] stack backtrace: [ 54.111219][ T3538] CPU: 1 PID: 3538 Comm: syz-executor272 Not tainted 6.1.42-syzkaller #0 [ 54.119626][ T3538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 54.129660][ T3538] Call Trace: [ 54.132933][ T3538] [ 54.135852][ T3538] dump_stack_lvl+0x1e3/0x2cb [ 54.140519][ T3538] ? nf_tcp_handle_invalid+0x642/0x642 [ 54.145974][ T3538] ? print_circular_bug+0x12b/0x1a0 [ 54.151161][ T3538] check_noncircular+0x2fa/0x3b0 [ 54.156109][ T3538] ? add_chain_block+0x850/0x850 [ 54.161325][ T3538] ? lockdep_lock+0x11f/0x2a0 [ 54.166022][ T3538] ? _find_first_zero_bit+0xd0/0x100 [ 54.171321][ T3538] validate_chain+0x1667/0x58e0 [ 54.176181][ T3538] ? reacquire_held_locks+0x660/0x660 [ 54.181554][ T3538] ? mark_lock+0x9a/0x340 [ 54.185878][ T3538] ? __lock_acquire+0x125b/0x1f80 [ 54.190892][ T3538] ? mark_lock+0x9a/0x340 [ 54.195224][ T3538] __lock_acquire+0x125b/0x1f80 [ 54.200084][ T3538] lock_acquire+0x1f8/0x5a0 [ 54.204580][ T3538] ? f2fs_getxattr+0xb4/0x1460 [ 54.209484][ T3538] ? read_lock_is_recursive+0x10/0x10 [ 54.215044][ T3538] ? __might_sleep+0xb0/0xb0 [ 54.220426][ T3538] ? __mark_inode_dirty+0x430/0xf80 [ 54.225618][ T3538] ? percpu_counter_add_batch+0x142/0x160 [ 54.231355][ T3538] down_read+0x43/0x2e0 [ 54.235499][ T3538] ? f2fs_getxattr+0xb4/0x1460 [ 54.240253][ T3538] ? f2fs_getxattr+0xa5/0x1460 [ 54.245002][ T3538] f2fs_getxattr+0xb4/0x1460 [ 54.249585][ T3538] ? f2fs_alloc_nid+0x740/0x740 [ 54.254882][ T3538] ? is_dynamic_key+0x1f0/0x1f0 [ 54.259726][ T3538] __f2fs_get_acl+0x52/0x8a0 [ 54.264309][ T3538] f2fs_init_acl+0xd3/0x960 [ 54.268802][ T3538] f2fs_init_inode_metadata+0xaa0/0x11d0 [ 54.274430][ T3538] ? f2fs_acquire_orphan_inode+0x18b/0x350 [ 54.280223][ T3538] ? f2fs_update_dentry+0x520/0x520 [ 54.285408][ T3538] ? rwsem_write_trylock+0x166/0x210 [ 54.290680][ T3538] ? clear_nonspinnable+0x60/0x60 [ 54.295692][ T3538] ? f2fs_get_link+0x110/0x110 [ 54.300443][ T3538] f2fs_do_tmpfile+0x30/0x160 [ 54.305106][ T3538] __f2fs_tmpfile+0x1f9/0x380 [ 54.309770][ T3538] __f2fs_ioctl+0x9a02/0xbf70 [ 54.314432][ T3538] ? do_vfs_ioctl+0x1ab2/0x2a90 [ 54.319264][ T3538] ? __x64_compat_sys_ioctl+0x80/0x80 [ 54.324620][ T3538] ? __lock_acquire+0x1f80/0x1f80 [ 54.329641][ T3538] ? lockdep_hardirqs_on+0x94/0x130 [ 54.334840][ T3538] ? __kmem_cache_free+0x25c/0x3c0 [ 54.339932][ T3538] ? f2fs_ioctl+0x1d0/0x1d0 [ 54.344433][ T3538] ? tomoyo_path_number_perm+0x5f4/0x7b0 [ 54.350052][ T3538] ? tomoyo_path_number_perm+0x657/0x7b0 [ 54.355777][ T3538] ? tomoyo_check_path_acl+0x1c0/0x1c0 [ 54.361261][ T3538] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 54.367229][ T3538] ? print_irqtrace_events+0x210/0x210 [ 54.372672][ T3538] ? print_irqtrace_events+0x210/0x210 [ 54.378115][ T3538] ? f2fs_ioctl+0x132/0x1d0 [ 54.382612][ T3538] ? f2fs_precache_extents+0x3e0/0x3e0 [ 54.388053][ T3538] __se_sys_ioctl+0xf1/0x160 [ 54.392665][ T3538] do_syscall_64+0x3d/0xb0 [ 54.397117][ T3538] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 54.403008][ T3538] RIP: 0033:0x7fa316d78639 [ 54.408193][ T3538] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 54.427790][ T3538] RSP: