Warning: Permanently added '10.128.1.89' (ED25519) to the list of known hosts. executing program [ 45.498010][ T3960] loop0: detected capacity change from 0 to 63271 [ 45.597241][ T3960] F2FS-fs (loop0): Mismatch start address, segment0(512) cp_blkaddr(605) [ 45.599592][ T3960] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 45.603724][ T3960] F2FS-fs (loop0): invalid crc value [ 45.608770][ T3960] F2FS-fs (loop0): Found nat_bits in checkpoint [ 45.624803][ T3960] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 45.626887][ T3960] F2FS-fs (loop0): Mounted with checkpoint version = 753bd00b [ 45.677628][ T3960] [ 45.678247][ T3960] ====================================================== [ 45.680117][ T3960] WARNING: possible circular locking dependency detected [ 45.681944][ T3960] 5.15.152-syzkaller #0 Not tainted [ 45.683313][ T3960] ------------------------------------------------------ [ 45.685154][ T3960] syz-executor289/3960 is trying to acquire lock: [ 45.686885][ T3960] ffff0000c8ee8138 ((wq_completion)loop0){+.+.}-{0:0}, at: flush_workqueue+0x120/0x11c4 [ 45.689594][ T3960] [ 45.689594][ T3960] but task is already holding lock: [ 45.691634][ T3960] ffff0000cb78a468 (&lo->lo_mutex){+.+.}-{3:3}, at: __loop_clr_fd+0xa8/0x9b8 [ 45.693959][ T3960] [ 45.693959][ T3960] which lock already depends on the new lock. [ 45.693959][ T3960] [ 45.696643][ T3960] [ 45.696643][ T3960] the existing dependency chain (in reverse order) is: [ 45.699072][ T3960] [ 45.699072][ T3960] -> #7 (&lo->lo_mutex){+.+.}-{3:3}: [ 45.701072][ T3960] __mutex_lock_common+0x194/0x2154 [ 45.702607][ T3960] mutex_lock_killable_nested+0xa4/0xf8 [ 45.704206][ T3960] lo_open+0x6c/0x14c [ 45.705419][ T3960] blkdev_get_whole+0x94/0x344 [ 45.706874][ T3960] blkdev_get_by_dev+0x238/0x89c [ 45.708288][ T3960] blkdev_open+0x10c/0x274 [ 45.709588][ T3960] do_dentry_open+0x780/0xed8 [ 45.710937][ T3960] vfs_open+0x7c/0x90 [ 45.712113][ T3960] path_openat+0x1f28/0x26f0 [ 45.713492][ T3960] do_filp_open+0x1a8/0x3b4 [ 45.714783][ T3960] do_sys_openat2+0x128/0x3d8 [ 45.716168][ T3960] __arm64_sys_openat+0x1f0/0x240 [ 45.717635][ T3960] invoke_syscall+0x98/0x2b8 [ 45.718997][ T3960] el0_svc_common+0x138/0x258 [ 45.720346][ T3960] do_el0_svc+0x58/0x14c [ 45.721681][ T3960] el0_svc+0x7c/0x1f0 [ 45.722884][ T3960] el0t_64_sync_handler+0x84/0xe4 [ 45.724369][ T3960] el0t_64_sync+0x1a0/0x1a4 [ 45.725771][ T3960] [ 45.725771][ T3960] -> #6 (&disk->open_mutex){+.+.}-{3:3}: [ 45.727905][ T3960] __mutex_lock_common+0x194/0x2154 [ 45.729304][ T3960] mutex_lock_nested+0xa4/0xf8 [ 45.730559][ T3960] blkdev_get_by_dev+0x12c/0x89c [ 45.731807][ T3960] swsusp_check+0xb8/0x2dc [ 45.733115][ T3960] software_resume+0xe8/0x410 [ 45.734545][ T3960] resume_store+0xe4/0x12c [ 45.735940][ T3960] kobj_attr_store+0x6c/0x90 [ 45.737267][ T3960] sysfs_kf_write+0x200/0x280 [ 45.738697][ T3960] kernfs_fop_write_iter+0x334/0x48c [ 45.740172][ T3960] vfs_write+0x87c/0xb3c [ 45.741462][ T3960] ksys_write+0x15c/0x26c [ 45.742727][ T3960] __arm64_sys_write+0x7c/0x90 [ 45.744171][ T3960] invoke_syscall+0x98/0x2b8 [ 45.745532][ T3960] el0_svc_common+0x138/0x258 [ 45.746927][ T3960] do_el0_svc+0x58/0x14c [ 45.748170][ T3960] el0_svc+0x7c/0x1f0 [ 45.749392][ T3960] el0t_64_sync_handler+0x84/0xe4 [ 45.750819][ T3960] el0t_64_sync+0x1a0/0x1a4 [ 45.752240][ T3960] [ 45.752240][ T3960] -> #5 (system_transition_mutex/1){+.+.}-{3:3}: [ 45.754554][ T3960] __mutex_lock_common+0x194/0x2154 [ 45.756074][ T3960] mutex_lock_nested+0xa4/0xf8 [ 45.757501][ T3960] software_resume+0x9c/0x410 [ 45.758837][ T3960] resume_store+0xe4/0x12c [ 45.760105][ T3960] kobj_attr_store+0x6c/0x90 [ 45.761492][ T3960] sysfs_kf_write+0x200/0x280 [ 45.762919][ T3960] kernfs_fop_write_iter+0x334/0x48c [ 45.764517][ T3960] vfs_write+0x87c/0xb3c [ 45.765756][ T3960] ksys_write+0x15c/0x26c [ 45.767057][ T3960] __arm64_sys_write+0x7c/0x90 [ 45.768453][ T3960] invoke_syscall+0x98/0x2b8 [ 45.769809][ T3960] el0_svc_common+0x138/0x258 [ 45.771204][ T3960] do_el0_svc+0x58/0x14c [ 45.772533][ T3960] el0_svc+0x7c/0x1f0 [ 45.773712][ T3960] el0t_64_sync_handler+0x84/0xe4 [ 45.775238][ T3960] el0t_64_sync+0x1a0/0x1a4 [ 45.776618][ T3960] [ 45.776618][ T3960] -> #4 (&of->mutex){+.+.}-{3:3}: [ 45.778575][ T3960] __mutex_lock_common+0x194/0x2154 [ 45.780103][ T3960] mutex_lock_nested+0xa4/0xf8 [ 45.781485][ T3960] kernfs_seq_start+0x58/0x3a0 [ 45.782892][ T3960] seq_read_iter+0x378/0xc44 [ 45.784219][ T3960] kernfs_fop_read_iter+0x140/0x50c [ 45.785706][ T3960] vfs_read+0x86c/0xb10 [ 45.786971][ T3960] ksys_read+0x15c/0x26c [ 45.788290][ T3960] __arm64_sys_read+0x7c/0x90 [ 45.789660][ T3960] invoke_syscall+0x98/0x2b8 [ 45.791071][ T3960] el0_svc_common+0x138/0x258 [ 45.792477][ T3960] do_el0_svc+0x58/0x14c [ 45.793784][ T3960] el0_svc+0x7c/0x1f0 [ 45.794990][ T3960] el0t_64_sync_handler+0x84/0xe4 [ 45.796424][ T3960] el0t_64_sync+0x1a0/0x1a4 [ 45.797804][ T3960] [ 45.797804][ T3960] -> #3 (&p->lock){+.+.}-{3:3}: [ 45.799695][ T3960] __mutex_lock_common+0x194/0x2154 [ 45.801254][ T3960] mutex_lock_nested+0xa4/0xf8 [ 45.802787][ T3960] seq_read_iter+0xac/0xc44 [ 45.804140][ T3960] proc_reg_read_iter+0x1a0/0x2e8 [ 45.805629][ T3960] generic_file_splice_read+0x3a0/0x60c [ 45.807051][ T3960] splice_direct_to_actor+0x354/0x9a0 [ 45.808494][ T3960] do_splice_direct+0x1f4/0x334 [ 45.809898][ T3960] do_sendfile+0x4bc/0xc70 [ 45.811169][ T3960] __arm64_sys_sendfile64+0x160/0x408 [ 45.812800][ T3960] invoke_syscall+0x98/0x2b8 [ 45.814154][ T3960] el0_svc_common+0x138/0x258 [ 45.815557][ T3960] do_el0_svc+0x58/0x14c [ 45.816793][ T3960] el0_svc+0x7c/0x1f0 [ 45.817984][ T3960] el0t_64_sync_handler+0x84/0xe4 [ 45.819513][ T3960] el0t_64_sync+0x1a0/0x1a4 [ 45.820883][ T3960] [ 45.820883][ T3960] -> #2 (sb_writers#5){.+.+}-{0:0}: [ 45.822872][ T3960] lo_write_bvec+0x21c/0xb4c [ 45.824190][ T3960] loop_process_work+0x1f24/0x2798 [ 45.825724][ T3960] loop_rootcg_workfn+0x28/0x38 [ 45.827129][ T3960] process_one_work+0x790/0x11b8 [ 45.828567][ T3960] worker_thread+0x910/0x1034 [ 45.829985][ T3960] kthread+0x37c/0x45c [ 45.831274][ T3960] ret_from_fork+0x10/0x20 [ 45.832618][ T3960] [ 45.832618][ T3960] -> #1 ((work_completion)(&lo->rootcg_work)){+.+.}-{0:0}: [ 45.835145][ T3960] process_one_work+0x6d4/0x11b8 [ 45.836684][ T3960] worker_thread+0x910/0x1034 [ 45.838077][ T3960] kthread+0x37c/0x45c [ 45.839331][ T3960] ret_from_fork+0x10/0x20 [ 45.840674][ T3960] [ 45.840674][ T3960] -> #0 ((wq_completion)loop0){+.+.}-{0:0}: [ 45.842860][ T3960] __lock_acquire+0x32d4/0x7638 [ 45.844262][ T3960] lock_acquire+0x240/0x77c [ 45.845658][ T3960] flush_workqueue+0x14c/0x11c4 [ 45.847063][ T3960] drain_workqueue+0xb8/0x32c [ 45.848448][ T3960] destroy_workqueue+0x80/0xa34 [ 45.849898][ T3960] __loop_clr_fd+0x1c0/0x9b8 [ 45.851278][ T3960] lo_release+0x178/0x210 [ 45.852606][ T3960] blkdev_put+0x488/0x6b0 [ 45.853879][ T3960] kill_block_super+0x98/0xdc [ 45.855244][ T3960] kill_f2fs_super+0x268/0x338 [ 45.856708][ T3960] deactivate_locked_super+0xb8/0x13c [ 45.858228][ T3960] deactivate_super+0x108/0x128 [ 45.859712][ T3960] cleanup_mnt+0x3c0/0x474 [ 45.860984][ T3960] __cleanup_mnt+0x20/0x30 [ 45.862240][ T3960] task_work_run+0x130/0x1e4 [ 45.863650][ T3960] do_exit+0x670/0x20bc [ 45.864913][ T3960] do_group_exit+0x110/0x268 [ 45.866293][ T3960] __wake_up_parent+0x0/0x60 [ 45.867624][ T3960] invoke_syscall+0x98/0x2b8 [ 45.868987][ T3960] el0_svc_common+0x138/0x258 [ 45.870446][ T3960] do_el0_svc+0x58/0x14c [ 45.871733][ T3960] el0_svc+0x7c/0x1f0 [ 45.872948][ T3960] el0t_64_sync_handler+0x84/0xe4 [ 45.874421][ T3960] el0t_64_sync+0x1a0/0x1a4 [ 45.875712][ T3960] [ 45.875712][ T3960] other info that might help us debug this: [ 45.875712][ T3960] [ 45.878388][ T3960] Chain exists of: [ 45.878388][ T3960] (wq_completion)loop0 --> &disk->open_mutex --> &lo->lo_mutex [ 45.878388][ T3960] [ 45.882141][ T3960] Possible unsafe locking scenario: [ 45.882141][ T3960] [ 45.884135][ T3960] CPU0 CPU1 [ 45.885572][ T3960] ---- ---- [ 45.887017][ T3960] lock(&lo->lo_mutex); [ 45.888231][ T3960] lock(&disk->open_mutex); [ 45.890141][ T3960] lock(&lo->lo_mutex); [ 45.891980][ T3960] lock((wq_completion)loop0); [ 45.893241][ T3960] [ 45.893241][ T3960] *** DEADLOCK *** [ 45.893241][ T3960] [ 45.895495][ T3960] 2 locks held by syz-executor289/3960: [ 45.897032][ T3960] #0: ffff0000cb76f118 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_put+0xe0/0x6b0 [ 45.899538][ T3960] #1: ffff0000cb78a468 (&lo->lo_mutex){+.+.}-{3:3}, at: __loop_clr_fd+0xa8/0x9b8 [ 45.902044][ T3960] [ 45.902044][ T3960] stack backtrace: [ 45.903590][ T3960] CPU: 1 PID: 3960 Comm: syz-executor289 Not tainted 5.15.152-syzkaller #0 [ 45.905899][ T3960] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 45.908635][ T3960] Call trace: [ 45.909527][ T3960] dump_backtrace+0x0/0x530 [ 45.910722][ T3960] show_stack+0x2c/0x3c [ 45.911807][ T3960] dump_stack_lvl+0x108/0x170 [ 45.913034][ T3960] dump_stack+0x1c/0x58 [ 45.914136][ T3960] print_circular_bug+0x150/0x1b8 [ 45.915445][ T3960] check_noncircular+0x2cc/0x378 [ 45.916815][ T3960] __lock_acquire+0x32d4/0x7638 [ 45.918110][ T3960] lock_acquire+0x240/0x77c [ 45.919272][ T3960] flush_workqueue+0x14c/0x11c4 [ 45.920620][ T3960] drain_workqueue+0xb8/0x32c [ 45.921893][ T3960] destroy_workqueue+0x80/0xa34 [ 45.923256][ T3960] __loop_clr_fd+0x1c0/0x9b8 [ 45.924467][ T3960] lo_release+0x178/0x210 [ 45.925638][ T3960] blkdev_put+0x488/0x6b0 [ 45.926810][ T3960] kill_block_super+0x98/0xdc [ 45.928041][ T3960] kill_f2fs_super+0x268/0x338 [ 45.929321][ T3960] deactivate_locked_super+0xb8/0x13c [ 45.930765][ T3960] deactivate_super+0x108/0x128 [ 45.932074][ T3960] cleanup_mnt+0x3c0/0x474 [ 45.933245][ T3960] __cleanup_mnt+0x20/0x30 [ 45.934480][ T3960] task_work_run+0x130/0x1e4 [ 45.935712][ T3960] do_exit+0x670/0x20bc [ 45.936794][ T3960] do_group_exit+0x110/0x268 [ 45.938022][ T3960] __wake_up_parent+0x0/0x60 [ 45.939217][ T3960] invoke_syscall+0x98/0x2b8 [ 45.940426][ T3960] el0_svc_common+0x138/0x258 [ 45.941687][ T3960] do_el0_svc+0x58/0x14c [ 45.942849][ T3960] el0_svc+0x7c/0x1f0 [ 45.943919][ T3960] el0t_64_sync_handler+0x84/0xe4 [ 45.945248][ T3960] el0t_64_sync+0x1a0/0x1a4