DUID 00:04:8e:2a:3c:04:ae:1e:09:29:3f:0a:36:6a:00:10:eb:de no interfaces have a carrier [ 37.919797][ T3839] 8021q: adding VLAN 0 to HW filter on device bond0 [ 37.932884][ T3839] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.0.245' (ED25519) to the list of known hosts. executing program syzkaller login: [ 61.336537][ T4164] loop0: detected capacity change from 0 to 32768 [ 61.379077][ T4164] ======================================================= [ 61.379077][ T4164] WARNING: The mand mount option has been deprecated and [ 61.379077][ T4164] and is ignored by this kernel. Remove the mand [ 61.379077][ T4164] option from the mount to silence this warning. [ 61.379077][ T4164] ======================================================= [ 61.445862][ T4164] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode. [ 61.468249][ T4164] [ 61.470587][ T4164] ====================================================== [ 61.477605][ T4164] WARNING: possible circular locking dependency detected [ 61.484635][ T4164] 5.15.175-syzkaller #0 Not tainted [ 61.489814][ T4164] ------------------------------------------------------ [ 61.496814][ T4164] syz-executor230/4164 is trying to acquire lock: [ 61.503216][ T4164] ffff88806fd90660 (&oi->ip_alloc_sem){+.+.}-{3:3}, at: ocfs2_try_remove_refcount_tree+0xb2/0x330 [ 61.513830][ T4164] [ 61.513830][ T4164] but task is already holding lock: [ 61.521182][ T4164] ffff88806fd906f8 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_try_remove_refcount_tree+0xa1/0x330 [ 61.531784][ T4164] [ 61.531784][ T4164] which lock already depends on the new lock. [ 61.531784][ T4164] [ 61.542193][ T4164] [ 61.542193][ T4164] the existing dependency chain (in reverse order) is: [ 61.551200][ T4164] [ 61.551200][ T4164] -> #4 (&oi->ip_xattr_sem){++++}-{3:3}: [ 61.559006][ T4164] lock_acquire+0x1db/0x4f0 [ 61.564027][ T4164] down_read+0x45/0x2e0 [ 61.568707][ T4164] ocfs2_init_acl+0x398/0x930 [ 61.573894][ T4164] ocfs2_mknod+0x1e8f/0x2cd0 [ 61.579007][ T4164] ocfs2_create+0x194/0x430 [ 61.584026][ T4164] path_openat+0x130a/0x2f20 [ 61.589135][ T4164] do_filp_open+0x21c/0x460 [ 61.594149][ T4164] do_sys_openat2+0x13b/0x4f0 [ 61.599335][ T4164] __x64_sys_openat+0x243/0x290 [ 61.604717][ T4164] do_syscall_64+0x3b/0xb0 [ 61.609642][ T4164] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 61.616046][ T4164] [ 61.616046][ T4164] -> #3 (jbd2_handle){.+.+}-{0:0}: [ 61.623417][ T4164] lock_acquire+0x1db/0x4f0 [ 61.628434][ T4164] start_this_handle+0x12e1/0x1570 [ 61.634059][ T4164] jbd2__journal_start+0x2d1/0x5c0 [ 61.639680][ T4164] jbd2_journal_start+0x25/0x30 [ 61.645137][ T4164] ocfs2_start_trans+0x3c2/0x6f0 [ 61.650603][ T4164] ocfs2_mknod+0x15bb/0x2cd0 [ 61.655711][ T4164] ocfs2_create+0x194/0x430 [ 61.660726][ T4164] path_openat+0x130a/0x2f20 [ 61.665826][ T4164] do_filp_open+0x21c/0x460 [ 61.670839][ T4164] do_sys_openat2+0x13b/0x4f0 [ 61.676029][ T4164] __x64_sys_openat+0x243/0x290 [ 61.681390][ T4164] do_syscall_64+0x3b/0xb0 [ 61.686313][ T4164] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 61.692731][ T4164] [ 61.692731][ T4164] -> #2 (&journal->j_trans_barrier){.+.+}-{3:3}: [ 61.701232][ T4164] lock_acquire+0x1db/0x4f0 [ 61.706245][ T4164] down_read+0x45/0x2e0 [ 61.710905][ T4164] ocfs2_start_trans+0x3b7/0x6f0 [ 61.716453][ T4164] ocfs2_mknod+0x15bb/0x2cd0 [ 61.721577][ T4164] ocfs2_create+0x194/0x430 [ 61.726590][ T4164] path_openat+0x130a/0x2f20 [ 61.731686][ T4164] do_filp_open+0x21c/0x460 [ 61.736699][ T4164] do_sys_openat2+0x13b/0x4f0 [ 61.741920][ T4164] __x64_sys_openat+0x243/0x290 [ 61.747287][ T4164] do_syscall_64+0x3b/0xb0 [ 61.752397][ T4164] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 61.758829][ T4164] [ 61.758829][ T4164] -> #1 (sb_internal#2){.+.+}-{0:0}: [ 61.766315][ T4164] lock_acquire+0x1db/0x4f0 [ 61.771361][ T4164] ocfs2_start_trans+0x2b2/0x6f0 [ 61.776815][ T4164] ocfs2_truncate_file+0x661/0x14f0 [ 61.782628][ T4164] ocfs2_setattr+0x16dd/0x1ce0 [ 61.787923][ T4164] notify_change+0xc6d/0xf50 [ 61.793033][ T4164] do_truncate+0x21c/0x300 [ 61.797975][ T4164] path_openat+0x28a3/0x2f20 [ 61.803089][ T4164] do_filp_open+0x21c/0x460 [ 61.808103][ T4164] do_sys_openat2+0x13b/0x4f0 [ 61.813293][ T4164] __x64_sys_openat+0x243/0x290 [ 61.818655][ T4164] do_syscall_64+0x3b/0xb0 [ 61.823584][ T4164] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 61.829995][ T4164] [ 61.829995][ T4164] -> #0 (&oi->ip_alloc_sem){+.+.}-{3:3}: [ 61.837804][ T4164] validate_chain+0x1649/0x5930 [ 61.843182][ T4164] __lock_acquire+0x1295/0x1ff0 [ 61.848553][ T4164] lock_acquire+0x1db/0x4f0 [ 61.853566][ T4164] down_write+0x38/0x60 [ 61.858234][ T4164] ocfs2_try_remove_refcount_tree+0xb2/0x330 [ 61.864723][ T4164] ocfs2_truncate_file+0xe3c/0x14f0 [ 61.870433][ T4164] ocfs2_setattr+0x16dd/0x1ce0 [ 61.875728][ T4164] notify_change+0xc6d/0xf50 [ 61.880831][ T4164] do_truncate+0x21c/0x300 [ 61.885757][ T4164] path_openat+0x28a3/0x2f20 [ 61.890858][ T4164] do_filp_open+0x21c/0x460 [ 61.895887][ T4164] do_sys_openat2+0x13b/0x4f0 [ 61.901074][ T4164] __x64_sys_openat+0x243/0x290 [ 61.906440][ T4164] do_syscall_64+0x3b/0xb0 [ 61.911381][ T4164] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 61.917787][ T4164] [ 61.917787][ T4164] other info that might help us debug this: [ 61.917787][ T4164] [ 61.928003][ T4164] Chain exists of: [ 61.928003][ T4164] &oi->ip_alloc_sem --> jbd2_handle --> &oi->ip_xattr_sem [ 61.928003][ T4164] [ 61.941023][ T4164] Possible unsafe locking scenario: [ 61.941023][ T4164] [ 61.948459][ T4164] CPU0 CPU1 [ 61.953809][ T4164] ---- ---- [ 61.959185][ T4164] lock(&oi->ip_xattr_sem); [ 61.963765][ T4164] lock(jbd2_handle); [ 61.970360][ T4164] lock(&oi->ip_xattr_sem); [ 61.977456][ T4164] lock(&oi->ip_alloc_sem); [ 61.982035][ T4164] [ 61.982035][ T4164] *** DEADLOCK *** [ 61.982035][ T4164] [ 61.990160][ T4164] 3 locks held by syz-executor230/4164: [ 61.995689][ T4164] #0: ffff88802be14460 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write+0x3b/0x80 [ 62.004824][ T4164] #1: ffff88806fd909c8 (&sb->s_type->i_mutex_key#15){+.+.}-{3:3}, at: do_truncate+0x208/0x300 [ 62.015171][ T4164] #2: ffff88806fd906f8 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_try_remove_refcount_tree+0xa1/0x330 [ 62.026210][ T4164] [ 62.026210][ T4164] stack backtrace: [ 62.032105][ T4164] CPU: 1 PID: 4164 Comm: syz-executor230 Not tainted 5.15.175-syzkaller #0 [ 62.040678][ T4164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 62.050730][ T4164] Call Trace: [ 62.054000][ T4164] [ 62.056923][ T4164] dump_stack_lvl+0x1e3/0x2d0 [ 62.061594][ T4164] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 62.067222][ T4164] ? print_circular_bug+0x12b/0x1a0 [ 62.072416][ T4164] check_noncircular+0x2f8/0x3b0 [ 62.077365][ T4164] ? add_chain_block+0x850/0x850 [ 62.082295][ T4164] ? lockdep_lock+0x11f/0x2a0 [ 62.086989][ T4164] validate_chain+0x1649/0x5930 [ 62.091839][ T4164] ? stack_trace_save+0x113/0x1c0 [ 62.096892][ T4164] ? reacquire_held_locks+0x660/0x660 [ 62.102257][ T4164] ? stack_trace_snprint+0xe0/0xe0 [ 62.107368][ T4164] ? lockdep_unlock+0x166/0x300 [ 62.112212][ T4164] ? mark_lock+0x98/0x340 [ 62.116590][ T4164] __lock_acquire+0x1295/0x1ff0 [ 62.121513][ T4164] lock_acquire+0x1db/0x4f0 [ 62.126028][ T4164] ? ocfs2_try_remove_refcount_tree+0xb2/0x330 [ 62.132228][ T4164] ? read_lock_is_recursive+0x10/0x10 [ 62.137628][ T4164] ? __might_sleep+0xc0/0xc0 [ 62.142218][ T4164] ? rwsem_write_trylock+0x166/0x210 [ 62.147500][ T4164] ? clear_nonspinnable+0x60/0x60 [ 62.152527][ T4164] down_write+0x38/0x60 [ 62.156689][ T4164] ? ocfs2_try_remove_refcount_tree+0xb2/0x330 [ 62.162840][ T4164] ocfs2_try_remove_refcount_tree+0xb2/0x330 [ 62.168815][ T4164] ? ocfs2_remove_refcount_tree+0x1000/0x1000 [ 62.175059][ T4164] ? ocfs2_truncate_file+0xa07/0x14f0 [ 62.180423][ T4164] ocfs2_truncate_file+0xe3c/0x14f0 [ 62.185616][ T4164] ? ocfs2_inode_lock_tracker+0x455/0x750 [ 62.191329][ T4164] ? ocfs2_simple_size_update+0x4d0/0x4d0 [ 62.197041][ T4164] ? do_raw_spin_unlock+0x137/0x8b0 [ 62.202232][ T4164] ? memset+0x1f/0x40 [ 62.206199][ T4164] ? _raw_spin_unlock+0x24/0x40 [ 62.211039][ T4164] ? ocfs2_inode_lock_tracker+0x455/0x750 [ 62.216749][ T4164] ? ocfs2_inode_lock_atime+0x5a0/0x5a0 [ 62.222284][ T4164] ? ocfs2_rw_lock+0x13a/0x250 [ 62.227035][ T4164] ? ocfs2_create_new_inode_locks+0x6d0/0x6d0 [ 62.233092][ T4164] ? inode_newsize_ok+0x115/0x1b0 [ 62.238106][ T4164] ocfs2_setattr+0x16dd/0x1ce0 [ 62.242866][ T4164] ? ocfs2_extend_allocation+0x1ba0/0x1ba0 [ 62.248661][ T4164] ? seqcount_lockdep_reader_access+0x1d3/0x220 [ 62.254896][ T4164] ? ktime_get_coarse_real_ts64+0x107/0x120 [ 62.260785][ T4164] ? current_time+0x1ba/0x300 [ 62.265477][ T4164] ? atime_needs_update+0x7b0/0x7b0 [ 62.270665][ T4164] ? evm_inode_setattr+0xf7/0x5b0 [ 62.275685][ T4164] ? rwsem_write_trylock+0x166/0x210 [ 62.280978][ T4164] ? bpf_lsm_inode_setattr+0x5/0x10 [ 62.286169][ T4164] ? security_inode_setattr+0xce/0x120 [ 62.291703][ T4164] ? ocfs2_extend_allocation+0x1ba0/0x1ba0 [ 62.297507][ T4164] notify_change+0xc6d/0xf50 [ 62.302104][ T4164] do_truncate+0x21c/0x300 [ 62.306528][ T4164] ? rcu_lock_release+0x20/0x20 [ 62.311397][ T4164] ? ima_bprm_check+0x2b0/0x2b0 [ 62.316248][ T4164] ? bpf_lsm_path_truncate+0x5/0x10 [ 62.321459][ T4164] path_openat+0x28a3/0x2f20 [ 62.326061][ T4164] ? do_filp_open+0x460/0x460 [ 62.330747][ T4164] do_filp_open+0x21c/0x460 [ 62.335237][ T4164] ? vfs_tmpfile+0x2e0/0x2e0 [ 62.339849][ T4164] ? _raw_spin_unlock+0x24/0x40 [ 62.344696][ T4164] ? alloc_fd+0x598/0x630 [ 62.349017][ T4164] do_sys_openat2+0x13b/0x4f0 [ 62.353687][ T4164] ? do_sys_open+0x220/0x220 [ 62.358283][ T4164] __x64_sys_openat+0x243/0x290 [ 62.363148][ T4164] ? __ia32_sys_open+0x270/0x270 [ 62.368073][ T4164] ? syscall_enter_from_user_mode+0x2e/0x240 [ 62.374058][ T4164] ? lockdep_hardirqs_on+0x94/0x130 [ 62.379245][ T4164] ? syscall_enter_from_user_mode+0x2e/0x240 [ 62.385216][ T4164] do_syscall_64+0x3b/0xb0 [ 62.389631][ T4164] ? clear_bhb_loop+0x15/0x70 [ 62.394310][ T4164] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 62.400200][ T4164] RIP: 0033:0x7f11505c0e59 [ 62.404610][ T4164] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 62.424287][ T4164] RSP: 002b:00007ffcd2d92d78 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 62.432712][ T4164] RAX: ffffffffffffffda RBX: 0073746e6576652e RCX: 00007f11505c0e59 [ 62.440678][ T4164] RDX: 000000000000275a RSI: 00000000200001c0 RDI: 00000000ffffff9c executing program [ 62.448657][ T4164] RBP: 652e79726f6d656d R08: 00005555650634c0 R09: 00005555650634c0 [ 62.456634][ T4164] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffcd2d92da0 [ 62.464604][ T4164] R13: 00007ffcd2d92fc8 R14: 431bde82d7b634db R15: 00007f115060a03b [ 62.472663][ T4164] executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program