Warning: Permanently added '[localhost]:60825' (ED25519) to the list of known hosts. executing program [ 68.276143][ T5298] loop0: detected capacity change from 0 to 32768 [ 68.290979][ T5298] ======================================================= [ 68.290979][ T5298] WARNING: The mand mount option has been deprecated and [ 68.290979][ T5298] and is ignored by this kernel. Remove the mand [ 68.290979][ T5298] option from the mount to silence this warning. [ 68.290979][ T5298] ======================================================= [ 68.353208][ T5298] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 68.366942][ T5298] [ 68.368032][ T5298] ====================================================== [ 68.370617][ T5298] WARNING: possible circular locking dependency detected [ 68.373242][ T5298] 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0 Not tainted [ 68.377182][ T5298] ------------------------------------------------------ [ 68.379675][ T5298] syz-executor199/5298 is trying to acquire lock: [ 68.382023][ T5298] ffff8880465dbf60 (&oi->ip_alloc_sem){+.+.}-{4:4}, at: ocfs2_try_remove_refcount_tree+0xb6/0x330 [ 68.386117][ T5298] [ 68.386117][ T5298] but task is already holding lock: [ 68.388924][ T5298] ffff8880465dbff8 (&oi->ip_xattr_sem){++++}-{4:4}, at: ocfs2_try_remove_refcount_tree+0xa5/0x330 [ 68.392866][ T5298] [ 68.392866][ T5298] which lock already depends on the new lock. [ 68.392866][ T5298] [ 68.396736][ T5298] [ 68.396736][ T5298] the existing dependency chain (in reverse order) is: [ 68.400120][ T5298] [ 68.400120][ T5298] -> #4 (&oi->ip_xattr_sem){++++}-{4:4}: [ 68.402671][ T5298] lock_acquire+0x1ed/0x550 [ 68.404668][ T5298] down_read+0xb1/0xa40 [ 68.406458][ T5298] ocfs2_init_acl+0x397/0x930 [ 68.408456][ T5298] ocfs2_mknod+0x1c05/0x2b30 [ 68.410474][ T5298] ocfs2_create+0x1ab/0x470 [ 68.412152][ T5298] path_openat+0x1c03/0x3590 [ 68.413941][ T5298] do_filp_open+0x27f/0x4e0 [ 68.415724][ T5298] do_sys_openat2+0x13e/0x1d0 [ 68.417526][ T5298] __x64_sys_open+0x225/0x270 [ 68.419243][ T5298] do_syscall_64+0xf3/0x230 [ 68.421078][ T5298] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 68.423531][ T5298] [ 68.423531][ T5298] -> #3 (jbd2_handle){.+.+}-{0:0}: [ 68.426412][ T5298] lock_acquire+0x1ed/0x550 [ 68.428363][ T5298] start_this_handle+0x1eb4/0x2110 [ 68.430365][ T5298] jbd2__journal_start+0x2da/0x5d0 [ 68.432443][ T5298] jbd2_journal_start+0x29/0x40 [ 68.434367][ T5298] ocfs2_start_trans+0x3c9/0x700 [ 68.436487][ T5298] ocfs2_mknod+0x150c/0x2b30 [ 68.438529][ T5298] ocfs2_create+0x1ab/0x470 [ 68.440524][ T5298] path_openat+0x1c03/0x3590 [ 68.442228][ T5298] do_filp_open+0x27f/0x4e0 [ 68.444205][ T5298] do_sys_openat2+0x13e/0x1d0 [ 68.445973][ T5298] __x64_sys_open+0x225/0x270 [ 68.447910][ T5298] do_syscall_64+0xf3/0x230 [ 68.449862][ T5298] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 68.452300][ T5298] [ 68.452300][ T5298] -> #2 (&journal->j_trans_barrier){.+.+}-{4:4}: [ 68.455369][ T5298] lock_acquire+0x1ed/0x550 [ 68.457349][ T5298] down_read+0xb1/0xa40 [ 68.458889][ T5298] ocfs2_start_trans+0x3be/0x700 [ 68.460820][ T5298] ocfs2_mknod+0x150c/0x2b30 [ 68.462637][ T5298] ocfs2_create+0x1ab/0x470 [ 68.464563][ T5298] path_openat+0x1c03/0x3590 [ 68.466455][ T5298] do_filp_open+0x27f/0x4e0 [ 68.468391][ T5298] do_sys_openat2+0x13e/0x1d0 [ 68.470509][ T5298] __x64_sys_open+0x225/0x270 [ 68.472926][ T5298] do_syscall_64+0xf3/0x230 [ 68.475327][ T5298] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 68.478381][ T5298] [ 68.478381][ T5298] -> #1 (sb_internal#2){.+.+}-{0:0}: [ 68.481212][ T5298] lock_acquire+0x1ed/0x550 [ 68.483137][ T5298] ocfs2_start_trans+0x2b9/0x700 [ 68.485140][ T5298] ocfs2_truncate_file+0x69a/0x1560 [ 68.487173][ T5298] ocfs2_setattr+0x1890/0x1ef0 [ 68.489075][ T5298] notify_change+0xbca/0xe90 [ 68.490898][ T5298] do_truncate+0x220/0x310 [ 68.492599][ T5298] path_openat+0x2e1e/0x3590 [ 68.494425][ T5298] do_filp_open+0x27f/0x4e0 [ 68.496349][ T5298] do_sys_openat2+0x13e/0x1d0 [ 68.498390][ T5298] __x64_sys_open+0x225/0x270 [ 68.500344][ T5298] do_syscall_64+0xf3/0x230 [ 68.501943][ T5298] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 68.504365][ T5298] [ 68.504365][ T5298] -> #0 (&oi->ip_alloc_sem){+.+.}-{4:4}: [ 68.506890][ T5298] validate_chain+0x18ef/0x5920 [ 68.508847][ T5298] __lock_acquire+0x1397/0x2100 [ 68.510927][ T5298] lock_acquire+0x1ed/0x550 [ 68.512853][ T5298] down_write+0x99/0x220 [ 68.514666][ T5298] ocfs2_try_remove_refcount_tree+0xb6/0x330 [ 68.516999][ T5298] ocfs2_truncate_file+0xe1b/0x1560 [ 68.519185][ T5298] ocfs2_setattr+0x1890/0x1ef0 [ 68.521134][ T5298] notify_change+0xbca/0xe90 [ 68.522989][ T5298] do_truncate+0x220/0x310 [ 68.524834][ T5298] path_openat+0x2e1e/0x3590 [ 68.526763][ T5298] do_filp_open+0x27f/0x4e0 [ 68.528487][ T5298] do_sys_openat2+0x13e/0x1d0 [ 68.530436][ T5298] __x64_sys_open+0x225/0x270 [ 68.532563][ T5298] do_syscall_64+0xf3/0x230 [ 68.534461][ T5298] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 68.536999][ T5298] [ 68.536999][ T5298] other info that might help us debug this: [ 68.536999][ T5298] [ 68.540708][ T5298] Chain exists of: [ 68.540708][ T5298] &oi->ip_alloc_sem --> jbd2_handle --> &oi->ip_xattr_sem [ 68.540708][ T5298] [ 68.545374][ T5298] Possible unsafe locking scenario: [ 68.545374][ T5298] [ 68.548079][ T5298] CPU0 CPU1 [ 68.550025][ T5298] ---- ---- [ 68.552083][ T5298] lock(&oi->ip_xattr_sem); [ 68.553770][ T5298] lock(jbd2_handle); [ 68.556345][ T5298] lock(&oi->ip_xattr_sem); [ 68.558936][ T5298] lock(&oi->ip_alloc_sem); [ 68.560700][ T5298] [ 68.560700][ T5298] *** DEADLOCK *** [ 68.560700][ T5298] [ 68.563480][ T5298] 3 locks held by syz-executor199/5298: [ 68.565505][ T5298] #0: ffff888040732420 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 [ 68.568767][ T5298] #1: ffff8880465dc2c0 (&sb->s_type->i_mutex_key#15){+.+.}-{4:4}, at: do_truncate+0x20c/0x310 [ 68.572717][ T5298] #2: ffff8880465dbff8 (&oi->ip_xattr_sem){++++}-{4:4}, at: ocfs2_try_remove_refcount_tree+0xa5/0x330 [ 68.577037][ T5298] [ 68.577037][ T5298] stack backtrace: [ 68.579316][ T5298] CPU: 0 UID: 0 PID: 5298 Comm: syz-executor199 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0 [ 68.583449][ T5298] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 68.587157][ T5298] Call Trace: [ 68.588429][ T5298] [ 68.589541][ T5298] dump_stack_lvl+0x241/0x360 [ 68.591359][ T5298] ? __pfx_dump_stack_lvl+0x10/0x10 [ 68.593206][ T5298] ? __pfx__printk+0x10/0x10 [ 68.594888][ T5298] print_circular_bug+0x13a/0x1b0 [ 68.596818][ T5298] check_noncircular+0x36a/0x4a0 [ 68.598708][ T5298] ? __pfx_check_noncircular+0x10/0x10 [ 68.600734][ T5298] ? lockdep_lock+0x123/0x2b0 [ 68.602278][ T5298] validate_chain+0x18ef/0x5920 [ 68.604158][ T5298] ? __pfx_validate_chain+0x10/0x10 [ 68.606462][ T5298] ? stack_trace_save+0x118/0x1d0 [ 68.608823][ T5298] ? __pfx_stack_trace_save+0x10/0x10 [ 68.611342][ T5298] ? lockdep_unlock+0x16a/0x300 [ 68.613158][ T5298] ? mark_lock+0x9a/0x360 [ 68.614557][ T5298] __lock_acquire+0x1397/0x2100 [ 68.616240][ T5298] lock_acquire+0x1ed/0x550 [ 68.617702][ T5298] ? ocfs2_try_remove_refcount_tree+0xb6/0x330 [ 68.619843][ T5298] ? __pfx_lock_acquire+0x10/0x10 [ 68.621620][ T5298] ? __pfx___might_resched+0x10/0x10 [ 68.623559][ T5298] ? ocfs2_truncate_file+0xd45/0x1560 [ 68.625639][ T5298] ? __pfx_lock_release+0x10/0x10 [ 68.627439][ T5298] down_write+0x99/0x220 [ 68.628994][ T5298] ? ocfs2_try_remove_refcount_tree+0xb6/0x330 [ 68.631499][ T5298] ? __pfx_down_write+0x10/0x10 [ 68.633387][ T5298] ocfs2_try_remove_refcount_tree+0xb6/0x330 [ 68.635790][ T5298] ? __pfx_ocfs2_try_remove_refcount_tree+0x10/0x10 [ 68.638399][ T5298] ? ocfs2_metadata_cache_get_super+0x43/0x80 [ 68.640800][ T5298] ? ocfs2_inode_cache_get_super+0xd/0x40 [ 68.643034][ T5298] ocfs2_truncate_file+0xe1b/0x1560 [ 68.644998][ T5298] ? ocfs2_inode_lock_tracker+0x45a/0x760 [ 68.647162][ T5298] ? __pfx_ocfs2_truncate_file+0x10/0x10 [ 68.649410][ T5298] ? do_raw_spin_unlock+0x58/0x8b0 [ 68.651211][ T5298] ? __asan_memset+0x23/0x50 [ 68.652834][ T5298] ? _raw_spin_unlock+0x28/0x50 [ 68.654566][ T5298] ? ocfs2_inode_lock_tracker+0x45a/0x760 [ 68.656567][ T5298] ? __pfx_ocfs2_inode_lock_tracker+0x10/0x10 [ 68.658706][ T5298] ? ocfs2_rw_lock+0x13e/0x260 [ 68.660419][ T5298] ? __pfx_ocfs2_rw_lock+0x10/0x10 [ 68.662216][ T5298] ? setattr_prepare+0x1f5/0xb20 [ 68.663964][ T5298] ? jbd2_journal_begin_ordered_truncate+0xc0/0x160 [ 68.666431][ T5298] ocfs2_setattr+0x1890/0x1ef0 [ 68.668419][ T5298] ? __pfx_ocfs2_setattr+0x10/0x10 [ 68.670369][ T5298] ? seqcount_lockdep_reader_access+0x1d7/0x220 [ 68.672556][ T5298] ? __pfx_seqcount_lockdep_reader_access+0x10/0x10 [ 68.674811][ T5298] ? ktime_get_coarse_real_ts64_mg+0x207/0x220 [ 68.677013][ T5298] ? current_time+0x282/0x3c0 [ 68.678468][ T5298] ? evm_inode_setattr+0x1b2/0x7d0 [ 68.680621][ T5298] ? security_inode_setattr+0xdb/0x350 [ 68.682525][ T5298] ? __pfx_ocfs2_setattr+0x10/0x10 [ 68.684439][ T5298] notify_change+0xbca/0xe90 [ 68.686356][ T5298] do_truncate+0x220/0x310 [ 68.688461][ T5298] ? __pfx_do_truncate+0x10/0x10 [ 68.690651][ T5298] ? apparmor_file_truncate+0x297/0x350 [ 68.693142][ T5298] path_openat+0x2e1e/0x3590 [ 68.695408][ T5298] ? __pfx_path_openat+0x10/0x10 [ 68.697716][ T5298] do_filp_open+0x27f/0x4e0 [ 68.699864][ T5298] ? __pfx_do_filp_open+0x10/0x10 [ 68.701967][ T5298] ? do_raw_spin_lock+0x14f/0x370 [ 68.703950][ T5298] do_sys_openat2+0x13e/0x1d0 [ 68.705573][ T5298] ? __might_fault+0xaa/0x120 [ 68.707184][ T5298] ? __pfx_do_sys_openat2+0x10/0x10 [ 68.709264][ T5298] ? rcu_is_watching+0x15/0xb0 [ 68.711217][ T5298] ? __rseq_handle_notify_resume+0x34d/0x14e0 [ 68.713590][ T5298] __x64_sys_open+0x225/0x270 [ 68.715436][ T5298] ? __pfx___x64_sys_open+0x10/0x10 [ 68.717827][ T5298] ? do_syscall_64+0x100/0x230 [ 68.719923][ T5298] ? do_syscall_64+0xb6/0x230 [ 68.721917][ T5298] do_syscall_64+0xf3/0x230 [ 68.723723][ T5298] ? clear_bhb_loop+0x35/0x90 [ 68.725568][ T5298] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 68.727812][ T5298] RIP: 0033:0x7ffb7c1429f9 [ 68.729376][ T5298] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 68.735660][ T5298] RSP: 002b:00007ffcff68ce08 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 68.738438][ T5298] RAX: ffffffffffffffda RBX: 0000000000000020 RCX: 00007ffb7c1429f9 [ 68.741285][ T5298] RDX: 0000000000000000 RSI: 000000000014927e RDI: 0000000020000180 [ 68.744461][ T5298] RBP: 00007ffb7c1b9610 R08: 0000000000000000 R09: 00007ffcff68cfd8 [ 68.747563][ T5298] R10: 0000000000004425 R11: 0000000000000246 R12: 0000000000000001 [ 68.750771][ T5298] R13: 00007ffcff68cfc8 R14: 0000000000000001 R15: 0000000000000001 [ 68.753946][ T5298] VM DIAGNOSIS: 17:37:42 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000061 RBX=ffffffff9a705820 RCX=0000000000000000 RDX=00000000000003f8 RSI=0000000000000000 RDI=0000000000000020 RBP=0000000000000000 RSP=ffffc9000d14e330 R8 =ffffffff8558470b R9 =1ffff11003dc3046 R10=dffffc0000000000 R11=ffffffff855846c0 R12=dffffc0000000000 R13=ffffffff9a3fff87 R14=0000000000000061 R15=00000000000003f8 RIP=ffffffff8558473e RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00005555871d5380 ffffffff 00c00000 GS =0000 ffff88801fc00000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000561dff6c7180 CR3=0000000042e28000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fffff800 Opmask01=0000000000000000 Opmask02=000000000000001f Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcff68c3f0 00007ffcff68c3d0 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcff68c530 00007ffcff68c3b0 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffb7c1ab5c4 00007ffb7c1be240 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcff68c3f0 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcff68c530 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcff68c530 00007ffcff68c3b0 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcff68c3f0 00007ffcff68c3d0 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000327366636f ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6b636f6c666c6163 6f6c2c74696d6d6f 635f636e7973615f 6c616e72756f6a2c ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3030303030303030 30303d6c6576656c 5f767365725f7269 642c72746e692c73 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000002c3030 3030303030303030 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000