Warning: Permanently added '10.128.0.2' (ED25519) to the list of known hosts. executing program [ 72.614036][ T4164] loop0: detected capacity change from 0 to 32768 [ 72.655925][ T4164] ======================================================= [ 72.655925][ T4164] WARNING: The mand mount option has been deprecated and [ 72.655925][ T4164] and is ignored by this kernel. Remove the mand [ 72.655925][ T4164] option from the mount to silence this warning. [ 72.655925][ T4164] ======================================================= executing program [ 72.725109][ T4164] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 72.738997][ T4168] syz-executor774[4168]: segfault at 0 ip 0000000000000000 sp 00000000200000c8 error 14 [ 72.749920][ T4168] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6. [ 72.789396][ T4168] [ 72.791758][ T4168] ====================================================== [ 72.798770][ T4168] WARNING: possible circular locking dependency detected [ 72.805981][ T4168] 5.15.171-syzkaller #0 Not tainted [ 72.811358][ T4168] ------------------------------------------------------ [ 72.818428][ T4168] syz-executor774/4168 is trying to acquire lock: [ 72.824858][ T4168] ffff888070a98660 (&oi->ip_alloc_sem){+.+.}-{3:3}, at: ocfs2_try_remove_refcount_tree+0xb2/0x330 [ 72.835542][ T4168] [ 72.835542][ T4168] but task is already holding lock: [ 72.842927][ T4168] ffff888070a986f8 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_try_remove_refcount_tree+0xa1/0x330 [ 72.853584][ T4168] [ 72.853584][ T4168] which lock already depends on the new lock. [ 72.853584][ T4168] [ 72.864090][ T4168] [ 72.864090][ T4168] the existing dependency chain (in reverse order) is: [ 72.873308][ T4168] [ 72.873308][ T4168] -> #4 (&oi->ip_xattr_sem){++++}-{3:3}: [ 72.881166][ T4168] lock_acquire+0x1db/0x4f0 [ 72.886322][ T4168] down_read+0x45/0x2e0 [ 72.891045][ T4168] ocfs2_init_acl+0x398/0x930 [ 72.896275][ T4168] ocfs2_mknod+0x1e8f/0x2cd0 [ 72.901416][ T4168] ocfs2_create+0x194/0x430 [ 72.906473][ T4168] path_openat+0x130a/0x2f20 [ 72.911602][ T4168] do_filp_open+0x21c/0x460 [ 72.916656][ T4168] filp_open+0x25d/0x2c0 [ 72.921435][ T4168] do_coredump+0x2549/0x31e0 [ 72.926572][ T4168] get_signal+0xc06/0x14e0 [ 72.931611][ T4168] arch_do_signal_or_restart+0xc3/0x1890 [ 72.937880][ T4168] exit_to_user_mode_loop+0x97/0x130 [ 72.943921][ T4168] exit_to_user_mode_prepare+0xb1/0x140 [ 72.950541][ T4168] irqentry_exit_to_user_mode+0x5/0x30 [ 72.956555][ T4168] exc_page_fault+0x342/0x700 [ 72.961773][ T4168] asm_exc_page_fault+0x22/0x30 [ 72.967412][ T4168] [ 72.967412][ T4168] -> #3 (jbd2_handle){.+.+}-{0:0}: [ 72.974866][ T4168] lock_acquire+0x1db/0x4f0 [ 72.980148][ T4168] start_this_handle+0x12e1/0x1570 [ 72.986478][ T4168] jbd2__journal_start+0x2d1/0x5c0 [ 72.992639][ T4168] jbd2_journal_start+0x25/0x30 [ 72.998521][ T4168] ocfs2_start_trans+0x3c2/0x6f0 [ 73.004013][ T4168] ocfs2_mknod+0x15bb/0x2cd0 [ 73.009314][ T4168] ocfs2_create+0x194/0x430 [ 73.014596][ T4168] path_openat+0x130a/0x2f20 [ 73.015334][ T4170] syz-executor774[4170]: segfault at 0 ip 0000000000000000 sp 00000000200000c8 error 14 [ 73.019764][ T4168] do_filp_open+0x21c/0x460 [ 73.019787][ T4168] filp_open+0x25d/0x2c0 executing program [ 73.039373][ T4168] do_coredump+0x2549/0x31e0 [ 73.044551][ T4168] get_signal+0xc06/0x14e0 [ 73.044874][ T4170] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6. [ 73.049557][ T4168] arch_do_signal_or_restart+0xc3/0x1890 [ 73.063957][ T4168] exit_to_user_mode_loop+0x97/0x130 [ 73.069875][ T4168] exit_to_user_mode_prepare+0xb1/0x140 [ 73.076060][ T4168] irqentry_exit_to_user_mode+0x5/0x30 [ 73.082075][ T4168] exc_page_fault+0x342/0x700 [ 73.087296][ T4168] asm_exc_page_fault+0x22/0x30 [ 73.092698][ T4168] [ 73.092698][ T4168] -> #2 (&journal->j_trans_barrier){.+.+}-{3:3}: [ 73.101238][ T4168] lock_acquire+0x1db/0x4f0 [ 73.106319][ T4168] down_read+0x45/0x2e0 [ 73.111037][ T4168] ocfs2_start_trans+0x3b7/0x6f0 [ 73.116509][ T4168] ocfs2_mknod+0x15bb/0x2cd0 [ 73.121729][ T4168] ocfs2_create+0x194/0x430 [ 73.126766][ T4168] path_openat+0x130a/0x2f20 [ 73.132070][ T4168] do_filp_open+0x21c/0x460 [ 73.137109][ T4168] filp_open+0x25d/0x2c0 [ 73.141890][ T4168] do_coredump+0x2549/0x31e0 [ 73.147027][ T4168] get_signal+0xc06/0x14e0 [ 73.151979][ T4168] arch_do_signal_or_restart+0xc3/0x1890 [ 73.158162][ T4168] exit_to_user_mode_loop+0x97/0x130 [ 73.164219][ T4168] exit_to_user_mode_prepare+0xb1/0x140 [ 73.170324][ T4168] irqentry_exit_to_user_mode+0x5/0x30 [ 73.176372][ T4168] exc_page_fault+0x342/0x700 [ 73.181631][ T4168] asm_exc_page_fault+0x22/0x30 [ 73.187039][ T4168] [ 73.187039][ T4168] -> #1 (sb_internal#2){.+.+}-{0:0}: [ 73.194541][ T4168] lock_acquire+0x1db/0x4f0 [ 73.199704][ T4168] ocfs2_start_trans+0x2b2/0x6f0 [ 73.205194][ T4168] ocfs2_truncate_file+0x661/0x14f0 [ 73.211279][ T4168] ocfs2_setattr+0x165e/0x1c70 [ 73.216612][ T4168] notify_change+0xc6d/0xf50 [ 73.221829][ T4168] do_truncate+0x21c/0x300 [ 73.226792][ T4168] do_coredump+0x2d8e/0x31e0 [ 73.231921][ T4168] get_signal+0xc06/0x14e0 [ 73.236876][ T4168] arch_do_signal_or_restart+0xc3/0x1890 [ 73.243147][ T4168] exit_to_user_mode_loop+0x97/0x130 [ 73.248970][ T4168] exit_to_user_mode_prepare+0xb1/0x140 [ 73.255146][ T4168] irqentry_exit_to_user_mode+0x5/0x30 [ 73.261155][ T4168] exc_page_fault+0x342/0x700 [ 73.266373][ T4168] asm_exc_page_fault+0x22/0x30 [ 73.271875][ T4168] [ 73.271875][ T4168] -> #0 (&oi->ip_alloc_sem){+.+.}-{3:3}: [ 73.279723][ T4168] validate_chain+0x1649/0x5930 [ 73.285114][ T4168] __lock_acquire+0x1295/0x1ff0 [ 73.290542][ T4168] lock_acquire+0x1db/0x4f0 [ 73.295579][ T4168] down_write+0x38/0x60 [ 73.300270][ T4168] ocfs2_try_remove_refcount_tree+0xb2/0x330 [ 73.306796][ T4168] ocfs2_truncate_file+0xe3c/0x14f0 [ 73.312569][ T4168] ocfs2_setattr+0x165e/0x1c70 [ 73.317895][ T4168] notify_change+0xc6d/0xf50 [ 73.323019][ T4168] do_truncate+0x21c/0x300 [ 73.327967][ T4168] do_coredump+0x2d8e/0x31e0 [ 73.333086][ T4168] get_signal+0xc06/0x14e0 executing program [ 73.337753][ T4172] syz-executor774[4172]: segfault at 0 ip 0000000000000000 sp 00000000200000c8 error 14 [ 73.338215][ T4168] arch_do_signal_or_restart+0xc3/0x1890 [ 73.354622][ T4168] exit_to_user_mode_loop+0x97/0x130 [ 73.360449][ T4168] exit_to_user_mode_prepare+0xb1/0x140 [ 73.365466][ T4172] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6. [ 73.366532][ T4168] irqentry_exit_to_user_mode+0x5/0x30 [ 73.380308][ T4168] exc_page_fault+0x342/0x700 [ 73.385536][ T4168] asm_exc_page_fault+0x22/0x30 [ 73.390925][ T4168] [ 73.390925][ T4168] other info that might help us debug this: [ 73.390925][ T4168] [ 73.401154][ T4168] Chain exists of: [ 73.401154][ T4168] &oi->ip_alloc_sem --> jbd2_handle --> &oi->ip_xattr_sem [ 73.401154][ T4168] [ 73.414305][ T4168] Possible unsafe locking scenario: [ 73.414305][ T4168] [ 73.421818][ T4168] CPU0 CPU1 [ 73.427362][ T4168] ---- ---- [ 73.432842][ T4168] lock(&oi->ip_xattr_sem); [ 73.437497][ T4168] lock(jbd2_handle); [ 73.444110][ T4168] lock(&oi->ip_xattr_sem); [ 73.451240][ T4168] lock(&oi->ip_alloc_sem); [ 73.455840][ T4168] [ 73.455840][ T4168] *** DEADLOCK *** [ 73.455840][ T4168] [ 73.464070][ T4168] 2 locks held by syz-executor774/4168: [ 73.469627][ T4168] #0: ffff888070a989c8 (&sb->s_type->i_mutex_key#17){+.+.}-{3:3}, at: do_truncate+0x208/0x300 [ 73.480016][ T4168] #1: ffff888070a986f8 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_try_remove_refcount_tree+0xa1/0x330 [ 73.491107][ T4168] [ 73.491107][ T4168] stack backtrace: [ 73.497023][ T4168] CPU: 0 PID: 4168 Comm: syz-executor774 Not tainted 5.15.171-syzkaller #0 [ 73.505888][ T4168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 73.516129][ T4168] Call Trace: [ 73.519422][ T4168] [ 73.522360][ T4168] dump_stack_lvl+0x1e3/0x2d0 [ 73.527056][ T4168] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 73.532708][ T4168] ? print_circular_bug+0x12b/0x1a0 [ 73.537923][ T4168] check_noncircular+0x2f8/0x3b0 [ 73.542880][ T4168] ? add_chain_block+0x850/0x850 [ 73.547834][ T4168] ? lockdep_lock+0x11f/0x2a0 [ 73.552529][ T4168] validate_chain+0x1649/0x5930 [ 73.557402][ T4168] ? stack_trace_save+0x113/0x1c0 [ 73.562474][ T4168] ? reacquire_held_locks+0x660/0x660 [ 73.567877][ T4168] ? stack_trace_snprint+0xe0/0xe0 [ 73.573014][ T4168] ? lockdep_unlock+0x166/0x300 [ 73.577884][ T4168] ? mark_lock+0x98/0x340 [ 73.582348][ T4168] __lock_acquire+0x1295/0x1ff0 [ 73.587244][ T4168] lock_acquire+0x1db/0x4f0 [ 73.591779][ T4168] ? ocfs2_try_remove_refcount_tree+0xb2/0x330 [ 73.597974][ T4168] ? read_lock_is_recursive+0x10/0x10 [ 73.603382][ T4168] ? __might_sleep+0xc0/0xc0 [ 73.608076][ T4168] ? rwsem_write_trylock+0x166/0x210 [ 73.613381][ T4168] ? clear_nonspinnable+0x60/0x60 [ 73.618422][ T4168] down_write+0x38/0x60 [ 73.622595][ T4168] ? ocfs2_try_remove_refcount_tree+0xb2/0x330 [ 73.628843][ T4168] ocfs2_try_remove_refcount_tree+0xb2/0x330 [ 73.634857][ T4168] ? ocfs2_remove_refcount_tree+0x1000/0x1000 [ 73.640959][ T4168] ? ocfs2_truncate_file+0xa07/0x14f0 [ 73.646452][ T4168] ocfs2_truncate_file+0xe3c/0x14f0 [ 73.651668][ T4168] ? ocfs2_inode_lock_tracker+0x455/0x750 [ 73.653140][ T4174] syz-executor774[4174]: segfault at 0 ip 0000000000000000 sp 00000000200000c8 error 14 [ 73.657411][ T4168] ? ocfs2_simple_size_update+0x4d0/0x4d0 [ 73.657441][ T4168] ? do_raw_spin_unlock+0x137/0x8b0 [ 73.674577][ T4174] [ 73.678249][ T4168] ? memset+0x1f/0x40 [ 73.684558][ T4168] ? _raw_spin_unlock+0x24/0x40 executing program [ 73.689527][ T4168] ? ocfs2_inode_lock_tracker+0x455/0x750 [ 73.695278][ T4168] ? ocfs2_inode_lock_atime+0x5a0/0x5a0 [ 73.700844][ T4168] ? ocfs2_rw_lock+0x13a/0x250 [ 73.701025][ T4174] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6. [ 73.705619][ T4168] ? ocfs2_create_new_inode_locks+0x6d0/0x6d0 [ 73.705646][ T4168] ? jbd2_journal_begin_ordered_truncate+0xbc/0x150 [ 73.726075][ T4168] ocfs2_setattr+0x165e/0x1c70 [ 73.730868][ T4168] ? ocfs2_extend_allocation+0x1ba0/0x1ba0 [ 73.736809][ T4168] ? seqcount_lockdep_reader_access+0x1d3/0x220 [ 73.743074][ T4168] ? ktime_get_coarse_real_ts64+0x107/0x120 [ 73.749065][ T4168] ? current_time+0x1ba/0x300 [ 73.753763][ T4168] ? atime_needs_update+0x7b0/0x7b0 [ 73.758977][ T4168] ? evm_inode_setattr+0xf7/0x5b0 [ 73.764009][ T4168] ? rwsem_write_trylock+0x166/0x210 [ 73.769306][ T4168] ? bpf_lsm_inode_setattr+0x5/0x10 [ 73.774516][ T4168] ? security_inode_setattr+0xce/0x120 [ 73.779995][ T4168] ? ocfs2_extend_allocation+0x1ba0/0x1ba0 [ 73.785818][ T4168] notify_change+0xc6d/0xf50 [ 73.790427][ T4168] do_truncate+0x21c/0x300 [ 73.794852][ T4168] ? rcu_lock_release+0x20/0x20 [ 73.799708][ T4168] ? slab_post_alloc_hook+0x73/0x380 [ 73.805011][ T4168] ? kmem_cache_alloc+0x128/0x280 [ 73.810044][ T4168] ? getname_kernel+0x13c/0x2d0 [ 73.814999][ T4168] do_coredump+0x2d8e/0x31e0 [ 73.819605][ T4168] ? ____kasan_slab_free+0xd8/0x120 [ 73.824846][ T4168] ? slab_free_freelist_hook+0xdd/0x160 [ 73.830505][ T4168] ? nfs_ssc_unregister+0x30/0x30 [ 73.835560][ T4168] ? get_signal+0x8ac/0x14e0 [ 73.840184][ T4168] ? do_raw_spin_unlock+0x137/0x8b0 [ 73.845411][ T4168] ? _raw_spin_unlock_irq+0x1f/0x40 [ 73.850626][ T4168] ? lockdep_hardirqs_on+0x94/0x130 [ 73.855838][ T4168] get_signal+0xc06/0x14e0 [ 73.860278][ T4168] arch_do_signal_or_restart+0xc3/0x1890 [ 73.865928][ T4168] ? force_sig_fault+0x127/0x1d0 [ 73.870880][ T4168] ? force_sig_fault_to_task+0x1c0/0x1c0 [ 73.876528][ T4168] ? get_sigframe_size+0x10/0x10 [ 73.881514][ T4168] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 73.887508][ T4168] ? up_read+0x20/0x20 [ 73.891592][ T4168] ? exit_to_user_mode_loop+0x39/0x130 [ 73.897064][ T4168] exit_to_user_mode_loop+0x97/0x130 [ 73.902458][ T4168] exit_to_user_mode_prepare+0xb1/0x140 [ 73.908023][ T4168] irqentry_exit_to_user_mode+0x5/0x30 [ 73.913502][ T4168] exc_page_fault+0x342/0x700 [ 73.918188][ T4168] asm_exc_page_fault+0x22/0x30 [ 73.923228][ T4168] RIP: 0033:0x0 [ 73.926700][ T4168] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6. [ 73.934503][ T4168] RSP: 002b:00000000200000c8 EFLAGS: 00010217 [ 73.940579][ T4168] RAX: 0000000000000000 RBX: 0000000000000003 RCX: 00007fbbfb39b089 [ 73.948562][ T4168] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000004000000 [ 73.956542][ T4168] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000555500000000 [ 73.964703][ T4168] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000000f4240 [ 73.973683][ T4168] R13: 00007fbbfb3ed99c R14: 00007fbbfb3e40e2 R15: 00007ffd1b83a220 [ 73.981687][ T4168] executing program [ 73.982478][ T4176] syz-executor774[4176]: segfault at 0 ip 0000000000000000 sp 00000000200000c8 error 14 [ 73.995906][ T4176] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6. [ 74.079083][ T4168] syz-executor774 (4168) used greatest stack depth: 17296 bytes left executing program [ 74.192339][ T4178] syz-executor774[4178]: segfault at 0 ip 0000000000000000 sp 00000000200000c8 error 14 [ 74.202379][ T4178] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6. executing program [ 74.368466][ T4180] syz-executor774[4180]: segfault at 0 ip 0000000000000000 sp 00000000200000c8 error 14 [ 74.378442][ T4180] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6. executing program [ 74.546034][ T4182] syz-executor774[4182]: segfault at 0 ip 0000000000000000 sp 00000000200000c8 error 14 [ 74.555964][ T4182] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6. executing program [ 74.719694][ T4184] syz-executor774[4184]: segfault at 0 ip 0000000000000000 sp 00000000200000c8 error 14 [ 74.729738][ T4184] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6. executing program [ 74.895542][ T4186] syz-executor774[4186]: segfault at 0 ip 0000000000000000 sp 00000000200000c8 error 14 [ 74.905453][ T4186] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6. executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 77.889857][ T4222] show_signal_msg: 17 callbacks suppressed [ 77.889877][ T4222] syz-executor774[4222]: segfault at 0 ip 0000000000000000 sp 00000000200000c8 error 14 [ 77.920964][ T4222] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6. executing program [ 78.070800][ T4224] syz-executor774[4224]: segfault at 0 ip 0000000000000000 sp 00000000200000c8 error 14 [ 78.081315][ T4224] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6. executing program [ 78.249850][ T4226] syz-executor774[4226]: segfault at 0 ip 0000000000000000 sp 00000000200000c8 error 14 [ 78.259954][ T4226] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6. executing program [ 78.430621][ T4228] syz-executor774[4228]: segfault at 0 ip 0000000000000000 sp 00000000200000c8 error 14 [ 78.454092][ T4228] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6. executing program [ 78.606259][ T4230] syz-executor774[4230]: segfault at 0 ip 0000000000000000 sp 00000000200000c8 error 14 [ 78.616191][ T4230] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6. executing program [ 78.782037][ T4232] syz-executor774[4232]: segfault at 0 ip 0000000000000000 sp 00000000200000c8 error 14 [ 78.792487][ T4232] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6. executing program [ 78.970782][ T4234] syz-executor774[4234]: segfault at 0 ip 0000000000000000 sp 00000000200000c8 error 14 [ 78.982227][ T4234] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6. executing program [ 79.182237][ T4236] syz-executor774[4236]: segfault at 0 ip 0000000000000000 sp 00000000200000c8 error 14 [ 79.193025][ T4236] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6. executing program [ 79.368457][ T4238] syz-executor774[4238]: segfault at 0 ip 0000000000000000 sp 00000000200000c8 error 14 [ 79.379028][ T4238] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6. executing program [ 79.547270][ T4240] syz-executor774[4240]: segfault at 0 ip 0000000000000000 sp 00000000200000c8 error 14 [ 79.557508][ T4240] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6. executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program