Warning: Permanently added '10.128.0.8' (ED25519) to the list of known hosts. executing program [ 44.575267][ T4023] loop0: detected capacity change from 0 to 32768 [ 44.600785][ T4023] ======================================================= [ 44.600785][ T4023] WARNING: The mand mount option has been deprecated and [ 44.600785][ T4023] and is ignored by this kernel. Remove the mand [ 44.600785][ T4023] option from the mount to silence this warning. [ 44.600785][ T4023] ======================================================= [ 44.667827][ T4023] JBD2: Ignoring recovery information on journal [ 44.687581][ T4023] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 44.695746][ T4023] [ 44.696298][ T4023] ====================================================== [ 44.697710][ T4023] WARNING: possible circular locking dependency detected [ 44.699137][ T4023] 5.15.176-syzkaller #0 Not tainted [ 44.700109][ T4023] ------------------------------------------------------ [ 44.701509][ T4023] syz-executor289/4023 is trying to acquire lock: [ 44.702825][ T4023] ffff0000e1d1bf60 (&oi->ip_alloc_sem){+.+.}-{3:3}, at: ocfs2_try_remove_refcount_tree+0xb4/0x2f0 [ 44.704960][ T4023] [ 44.704960][ T4023] but task is already holding lock: [ 44.706608][ T4023] ffff0000e1d1bff8 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_try_remove_refcount_tree+0xa8/0x2f0 [ 44.708749][ T4023] [ 44.708749][ T4023] which lock already depends on the new lock. [ 44.708749][ T4023] [ 44.710867][ T4023] [ 44.710867][ T4023] the existing dependency chain (in reverse order) is: [ 44.712640][ T4023] [ 44.712640][ T4023] -> #4 (&oi->ip_xattr_sem){++++}-{3:3}: [ 44.714173][ T4023] down_read+0xc0/0x398 [ 44.715166][ T4023] ocfs2_init_acl+0x2d0/0x778 [ 44.716258][ T4023] ocfs2_mknod+0x1558/0x24f8 [ 44.717299][ T4023] ocfs2_create+0x184/0x4c8 [ 44.718320][ T4023] path_openat+0xf18/0x26cc [ 44.719294][ T4023] do_filp_open+0x1a8/0x3b4 [ 44.720413][ T4023] do_sys_openat2+0x128/0x3e0 [ 44.721415][ T4023] __arm64_sys_openat+0x1f0/0x240 [ 44.722595][ T4023] invoke_syscall+0x98/0x2b8 [ 44.723580][ T4023] el0_svc_common+0x138/0x258 [ 44.724564][ T4023] do_el0_svc+0x58/0x14c [ 44.725615][ T4023] el0_svc+0x7c/0x1f0 [ 44.726576][ T4023] el0t_64_sync_handler+0x84/0xe4 [ 44.727721][ T4023] el0t_64_sync+0x1a0/0x1a4 [ 44.728678][ T4023] [ 44.728678][ T4023] -> #3 (jbd2_handle){.+.+}-{0:0}: [ 44.730139][ T4023] start_this_handle+0xfc0/0x12a4 [ 44.731255][ T4023] jbd2__journal_start+0x29c/0x7b4 [ 44.732459][ T4023] jbd2_journal_start+0x3c/0x4c [ 44.733588][ T4023] ocfs2_start_trans+0x468/0x804 [ 44.734704][ T4023] ocfs2_mknod+0xe68/0x24f8 [ 44.735673][ T4023] ocfs2_create+0x184/0x4c8 [ 44.736749][ T4023] path_openat+0xf18/0x26cc [ 44.737772][ T4023] do_filp_open+0x1a8/0x3b4 [ 44.738948][ T4023] do_sys_openat2+0x128/0x3e0 [ 44.740102][ T4023] __arm64_sys_openat+0x1f0/0x240 [ 44.741242][ T4023] invoke_syscall+0x98/0x2b8 [ 44.742315][ T4023] el0_svc_common+0x138/0x258 [ 44.743341][ T4023] do_el0_svc+0x58/0x14c [ 44.744306][ T4023] el0_svc+0x7c/0x1f0 [ 44.745272][ T4023] el0t_64_sync_handler+0x84/0xe4 [ 44.746408][ T4023] el0t_64_sync+0x1a0/0x1a4 [ 44.747436][ T4023] [ 44.747436][ T4023] -> #2 (&journal->j_trans_barrier){.+.+}-{3:3}: [ 44.749167][ T4023] down_read+0xc0/0x398 [ 44.750109][ T4023] ocfs2_start_trans+0x45c/0x804 [ 44.751269][ T4023] ocfs2_mknod+0xe68/0x24f8 [ 44.752351][ T4023] ocfs2_create+0x184/0x4c8 [ 44.753348][ T4023] path_openat+0xf18/0x26cc [ 44.754312][ T4023] do_filp_open+0x1a8/0x3b4 [ 44.755341][ T4023] do_sys_openat2+0x128/0x3e0 [ 44.756433][ T4023] __arm64_sys_openat+0x1f0/0x240 [ 44.757540][ T4023] invoke_syscall+0x98/0x2b8 [ 44.758534][ T4023] el0_svc_common+0x138/0x258 [ 44.759564][ T4023] do_el0_svc+0x58/0x14c [ 44.760518][ T4023] el0_svc+0x7c/0x1f0 [ 44.761396][ T4023] el0t_64_sync_handler+0x84/0xe4 [ 44.762598][ T4023] el0t_64_sync+0x1a0/0x1a4 [ 44.763663][ T4023] [ 44.763663][ T4023] -> #1 (sb_internal#2){.+.+}-{0:0}: [ 44.765259][ T4023] ocfs2_start_trans+0x2dc/0x804 [ 44.766457][ T4023] ocfs2_truncate_file+0x5f8/0x14dc [ 44.767603][ T4023] ocfs2_setattr+0xd78/0x1920 [ 44.768680][ T4023] notify_change+0xa34/0xcf8 [ 44.769683][ T4023] do_truncate+0x1c0/0x28c [ 44.770618][ T4023] path_openat+0x20c4/0x26cc [ 44.771600][ T4023] do_filp_open+0x1a8/0x3b4 [ 44.772589][ T4023] do_sys_openat2+0x128/0x3e0 [ 44.773634][ T4023] __arm64_sys_openat+0x1f0/0x240 [ 44.774687][ T4023] invoke_syscall+0x98/0x2b8 [ 44.775745][ T4023] el0_svc_common+0x138/0x258 [ 44.776959][ T4023] do_el0_svc+0x58/0x14c [ 44.777872][ T4023] el0_svc+0x7c/0x1f0 [ 44.778740][ T4023] el0t_64_sync_handler+0x84/0xe4 [ 44.779775][ T4023] el0t_64_sync+0x1a0/0x1a4 [ 44.780817][ T4023] [ 44.780817][ T4023] -> #0 (&oi->ip_alloc_sem){+.+.}-{3:3}: [ 44.782528][ T4023] __lock_acquire+0x32d4/0x7638 [ 44.783587][ T4023] lock_acquire+0x240/0x77c [ 44.784515][ T4023] down_write+0xbc/0x12c [ 44.785530][ T4023] ocfs2_try_remove_refcount_tree+0xb4/0x2f0 [ 44.786848][ T4023] ocfs2_truncate_file+0xd0c/0x14dc [ 44.787945][ T4023] ocfs2_setattr+0xd78/0x1920 [ 44.788969][ T4023] notify_change+0xa34/0xcf8 [ 44.789956][ T4023] do_truncate+0x1c0/0x28c [ 44.790869][ T4023] path_openat+0x20c4/0x26cc [ 44.791876][ T4023] do_filp_open+0x1a8/0x3b4 [ 44.792845][ T4023] do_sys_openat2+0x128/0x3e0 [ 44.793834][ T4023] __arm64_sys_openat+0x1f0/0x240 [ 44.794912][ T4023] invoke_syscall+0x98/0x2b8 [ 44.795872][ T4023] el0_svc_common+0x138/0x258 [ 44.796884][ T4023] do_el0_svc+0x58/0x14c [ 44.797791][ T4023] el0_svc+0x7c/0x1f0 [ 44.798647][ T4023] el0t_64_sync_handler+0x84/0xe4 [ 44.799758][ T4023] el0t_64_sync+0x1a0/0x1a4 [ 44.800710][ T4023] [ 44.800710][ T4023] other info that might help us debug this: [ 44.800710][ T4023] [ 44.802711][ T4023] Chain exists of: [ 44.802711][ T4023] &oi->ip_alloc_sem --> jbd2_handle --> &oi->ip_xattr_sem [ 44.802711][ T4023] [ 44.805230][ T4023] Possible unsafe locking scenario: [ 44.805230][ T4023] [ 44.806648][ T4023] CPU0 CPU1 [ 44.807702][ T4023] ---- ---- [ 44.808715][ T4023] lock(&oi->ip_xattr_sem); [ 44.809598][ T4023] lock(jbd2_handle); [ 44.810854][ T4023] lock(&oi->ip_xattr_sem); [ 44.812278][ T4023] lock(&oi->ip_alloc_sem); [ 44.813154][ T4023] [ 44.813154][ T4023] *** DEADLOCK *** [ 44.813154][ T4023] [ 44.814717][ T4023] 3 locks held by syz-executor289/4023: [ 44.815786][ T4023] #0: ffff0000cbca0460 (sb_writers#8){.+.+}-{0:0}, at: mnt_want_write+0x44/0x9c [ 44.817598][ T4023] #1: ffff0000e1d1c2c8 (&sb->s_type->i_mutex_key#17){+.+.}-{3:3}, at: do_truncate+0x1ac/0x28c [ 44.819603][ T4023] #2: ffff0000e1d1bff8 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_try_remove_refcount_tree+0xa8/0x2f0 [ 44.821703][ T4023] [ 44.821703][ T4023] stack backtrace: [ 44.822834][ T4023] CPU: 0 PID: 4023 Comm: syz-executor289 Not tainted 5.15.176-syzkaller #0 [ 44.824573][ T4023] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 44.826593][ T4023] Call trace: [ 44.827266][ T4023] dump_backtrace+0x0/0x530 [ 44.828137][ T4023] show_stack+0x2c/0x3c [ 44.828982][ T4023] dump_stack_lvl+0x108/0x170 [ 44.829923][ T4023] dump_stack+0x1c/0x58 [ 44.830809][ T4023] print_circular_bug+0x150/0x1b8 [ 44.831811][ T4023] check_noncircular+0x2cc/0x378 [ 44.832816][ T4023] __lock_acquire+0x32d4/0x7638 [ 44.833826][ T4023] lock_acquire+0x240/0x77c [ 44.834677][ T4023] down_write+0xbc/0x12c [ 44.835515][ T4023] ocfs2_try_remove_refcount_tree+0xb4/0x2f0 [ 44.836723][ T4023] ocfs2_truncate_file+0xd0c/0x14dc [ 44.837832][ T4023] ocfs2_setattr+0xd78/0x1920 [ 44.838832][ T4023] notify_change+0xa34/0xcf8 [ 44.839759][ T4023] do_truncate+0x1c0/0x28c [ 44.840574][ T4023] path_openat+0x20c4/0x26cc [ 44.841446][ T4023] do_filp_open+0x1a8/0x3b4 [ 44.842338][ T4023] do_sys_openat2+0x128/0x3e0 [ 44.843318][ T4023] __arm64_sys_openat+0x1f0/0x240 [ 44.844326][ T4023] invoke_syscall+0x98/0x2b8 [ 44.845231][ T4023] el0_svc_common+0x138/0x258 [ 44.846181][ T4023] do_el0_svc+0x58/0x14c [ 44.847092][ T4023] el0_svc+0x7c/0x1f0 [ 44.847925][ T4023] el0t_64_sync_handler+0x84/0xe4 [ 44.848873][ T4023] el0t_64_sync+0x1a0/0x1a4