Warning: Permanently added '10.128.1.98' (ED25519) to the list of known hosts.
executing program
[   65.557954][ T4161] loop0: detected capacity change from 0 to 32768
[   65.672411][ T4161] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz-executor302 (4161)
[   65.693436][ T4161] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[   65.702738][ T4161] BTRFS info (device loop0): setting nodatacow, compression disabled
[   65.711147][ T4161] BTRFS info (device loop0): force clearing of disk cache
[   65.718273][ T4161] BTRFS info (device loop0): setting datacow
[   65.724690][ T4161] BTRFS info (device loop0): doing ref verification
[   65.731536][ T4161] BTRFS info (device loop0): disabling free space tree
[   65.738412][ T4161] BTRFS info (device loop0): trying to use backup root at mount time
[   65.747064][ T4161] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[   65.756831][ T4161] BTRFS info (device loop0): use zstd compression, level 3
[   65.764105][ T4161] BTRFS info (device loop0): force zstd compression, level 3
[   65.771774][ T4161] BTRFS info (device loop0): has skinny extents
[   65.801341][ T4161] BTRFS info (device loop0): clearing free space tree
[   65.808500][ T4161] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   65.819614][ T4161] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   65.844573][ T4161] 
[   65.846921][ T4161] ======================================================
[   65.853931][ T4161] WARNING: possible circular locking dependency detected
[   65.860944][ T4161] 5.15.173-syzkaller #0 Not tainted
[   65.866135][ T4161] ------------------------------------------------------
[   65.873154][ T4161] syz-executor302/4161 is trying to acquire lock:
[   65.879646][ T4161] ffff88802a33c650 (sb_internal#2){.+.+}-{0:0}, at: btrfs_dirty_inode+0xcc/0x1c0
[   65.888810][ T4161] 
[   65.888810][ T4161] but task is already holding lock:
[   65.896173][ T4161] ffff888071218610 (&type->i_mutex_dir_key#6){++++}-{3:3}, at: chown_common+0x499/0x890
[   65.905923][ T4161] 
[   65.905923][ T4161] which lock already depends on the new lock.
[   65.905923][ T4161] 
[   65.916317][ T4161] 
[   65.916317][ T4161] the existing dependency chain (in reverse order) is:
[   65.925346][ T4161] 
[   65.925346][ T4161] -> #3 (&type->i_mutex_dir_key#6){++++}-{3:3}:
[   65.933749][ T4161]        lock_acquire+0x1db/0x4f0
[   65.938750][ T4161]        down_read+0x45/0x2e0
[   65.943409][ T4161]        lookup_slow+0x45/0x70
[   65.948159][ T4161]        walk_component+0x48c/0x610
[   65.953330][ T4161]        path_lookupat+0x16f/0x450
[   65.958415][ T4161]        filename_lookup+0x230/0x5c0
[   65.963690][ T4161]        kern_path+0x37/0x180
[   65.968340][ T4161]        lookup_bdev+0xc1/0x280
[   65.973167][ T4161]        btrfs_free_stale_devices+0x71f/0xb00
[   65.979205][ T4161]        btrfs_forget_devices+0x52/0x80
[   65.984719][ T4161]        btrfs_control_ioctl+0x108/0x210
[   65.990326][ T4161]        __se_sys_ioctl+0xf1/0x160
[   65.995410][ T4161]        do_syscall_64+0x3b/0xb0
[   66.000321][ T4161]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   66.006712][ T4161] 
[   66.006712][ T4161] -> #2 (&fs_devs->device_list_mutex){+.+.}-{3:3}:
[   66.015368][ T4161]        lock_acquire+0x1db/0x4f0
[   66.020393][ T4161]        __mutex_lock_common+0x1da/0x25a0
[   66.026088][ T4161]        mutex_lock_nested+0x17/0x20
[   66.031345][ T4161]        btrfs_run_dev_stats+0xeb/0xfd0
[   66.036864][ T4161]        commit_cowonly_roots+0x1cb/0x9d0
[   66.042553][ T4161]        btrfs_commit_transaction+0x13af/0x3800
[   66.048767][ T4161]        btrfs_clear_free_space_tree+0x755/0xbd0
[   66.055066][ T4161]        btrfs_start_pre_rw_mount+0x2b0/0x680
[   66.061106][ T4161]        open_ctree+0x2dcf/0x3500
[   66.066109][ T4161]        btrfs_fill_super+0x1c7/0x2d0
[   66.071457][ T4161]        btrfs_mount_root+0x803/0x930
[   66.076802][ T4161]        legacy_get_tree+0xeb/0x180
[   66.081970][ T4161]        vfs_get_tree+0x88/0x270
[   66.086879][ T4161]        vfs_kern_mount+0xb8/0x150
[   66.091965][ T4161]        btrfs_mount+0x395/0xb40
[   66.096892][ T4161]        legacy_get_tree+0xeb/0x180
[   66.102062][ T4161]        vfs_get_tree+0x88/0x270
[   66.106969][ T4161]        do_new_mount+0x2ba/0xb40
[   66.111966][ T4161]        __se_sys_mount+0x2d5/0x3c0
[   66.117145][ T4161]        do_syscall_64+0x3b/0xb0
[   66.122053][ T4161]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   66.128441][ T4161] 
[   66.128441][ T4161] -> #1 (&fs_info->tree_log_mutex){+.+.}-{3:3}:
[   66.136833][ T4161]        reacquire_held_locks+0x3a2/0x660
[   66.142528][ T4161]        lock_release+0x369/0x9a0
[   66.147526][ T4161]        __mutex_unlock_slowpath+0xde/0x750
[   66.153398][ T4161]        btrfs_commit_transaction+0x1e34/0x3800
[   66.159612][ T4161]        btrfs_clear_free_space_tree+0x755/0xbd0
[   66.165912][ T4161]        btrfs_start_pre_rw_mount+0x2b0/0x680
[   66.171951][ T4161]        open_ctree+0x2dcf/0x3500
[   66.176947][ T4161]        btrfs_fill_super+0x1c7/0x2d0
[   66.182290][ T4161]        btrfs_mount_root+0x803/0x930
[   66.187632][ T4161]        legacy_get_tree+0xeb/0x180
[   66.192820][ T4161]        vfs_get_tree+0x88/0x270
[   66.197728][ T4161]        vfs_kern_mount+0xb8/0x150
[   66.202823][ T4161]        btrfs_mount+0x395/0xb40
[   66.207733][ T4161]        legacy_get_tree+0xeb/0x180
[   66.212902][ T4161]        vfs_get_tree+0x88/0x270
[   66.217810][ T4161]        do_new_mount+0x2ba/0xb40
[   66.222807][ T4161]        __se_sys_mount+0x2d5/0x3c0
[   66.227974][ T4161]        do_syscall_64+0x3b/0xb0
[   66.232887][ T4161]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   66.239294][ T4161] 
[   66.239294][ T4161] -> #0 (sb_internal#2){.+.+}-{0:0}:
[   66.246823][ T4161]        validate_chain+0x1649/0x5930
[   66.252171][ T4161]        __lock_acquire+0x1295/0x1ff0
[   66.257515][ T4161]        lock_acquire+0x1db/0x4f0
[   66.262508][ T4161]        start_transaction+0x5a8/0x11a0
[   66.268027][ T4161]        btrfs_dirty_inode+0xcc/0x1c0
[   66.273369][ T4161]        btrfs_setattr+0x2d0/0xf70
[   66.278454][ T4161]        notify_change+0xc6d/0xf50
[   66.283538][ T4161]        chown_common+0x592/0x890
[   66.288534][ T4161]        do_fchownat+0x169/0x240
[   66.293440][ T4161]        __x64_sys_lchown+0x81/0x90
[   66.298630][ T4161]        do_syscall_64+0x3b/0xb0
[   66.303540][ T4161]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   66.309928][ T4161] 
[   66.309928][ T4161] other info that might help us debug this:
[   66.309928][ T4161] 
[   66.320149][ T4161] Chain exists of:
[   66.320149][ T4161]   sb_internal#2 --> &fs_devs->device_list_mutex --> &type->i_mutex_dir_key#6
[   66.320149][ T4161] 
[   66.334802][ T4161]  Possible unsafe locking scenario:
[   66.334802][ T4161] 
[   66.342224][ T4161]        CPU0                    CPU1
[   66.347560][ T4161]        ----                    ----
[   66.352897][ T4161]   lock(&type->i_mutex_dir_key#6);
[   66.358069][ T4161]                                lock(&fs_devs->device_list_mutex);
[   66.366019][ T4161]                                lock(&type->i_mutex_dir_key#6);
[   66.373709][ T4161]   lock(sb_internal#2);
[   66.377924][ T4161] 
[   66.377924][ T4161]  *** DEADLOCK ***
[   66.377924][ T4161] 
[   66.386035][ T4161] 2 locks held by syz-executor302/4161:
[   66.391547][ T4161]  #0: ffff88802a33c460 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write+0x3b/0x80
[   66.400649][ T4161]  #1: ffff888071218610 (&type->i_mutex_dir_key#6){++++}-{3:3}, at: chown_common+0x499/0x890
[   66.410791][ T4161] 
[   66.410791][ T4161] stack backtrace:
[   66.416662][ T4161] CPU: 1 PID: 4161 Comm: syz-executor302 Not tainted 5.15.173-syzkaller #0
[   66.425306][ T4161] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   66.435338][ T4161] Call Trace:
[   66.438596][ T4161]  <TASK>
[   66.441504][ T4161]  dump_stack_lvl+0x1e3/0x2d0
[   66.446163][ T4161]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[   66.451769][ T4161]  ? print_circular_bug+0x12b/0x1a0
[   66.456943][ T4161]  check_noncircular+0x2f8/0x3b0
[   66.461853][ T4161]  ? add_chain_block+0x850/0x850
[   66.466763][ T4161]  ? lockdep_lock+0x11f/0x2a0
[   66.471417][ T4161]  validate_chain+0x1649/0x5930
[   66.476242][ T4161]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[   66.482196][ T4161]  ? lockdep_hardirqs_on+0x94/0x130
[   66.487366][ T4161]  ? reacquire_held_locks+0x660/0x660
[   66.492708][ T4161]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[   66.498584][ T4161]  ? _raw_spin_unlock+0x40/0x40
[   66.503409][ T4161]  ? stack_trace_save+0x113/0x1c0
[   66.508406][ T4161]  ? stack_trace_snprint+0xe0/0xe0
[   66.513489][ T4161]  ? stack_depot_save+0x3db/0x440
[   66.518489][ T4161]  ? __kasan_slab_alloc+0xa5/0xc0
[   66.523483][ T4161]  ? __kasan_slab_alloc+0x8e/0xc0
[   66.528479][ T4161]  ? slab_post_alloc_hook+0x53/0x380
[   66.533734][ T4161]  ? start_transaction+0x49f/0x11a0
[   66.538907][ T4161]  ? mark_lock+0x98/0x340
[   66.543207][ T4161]  ? do_syscall_64+0x3b/0xb0
[   66.547771][ T4161]  __lock_acquire+0x1295/0x1ff0
[   66.552599][ T4161]  lock_acquire+0x1db/0x4f0
[   66.557072][ T4161]  ? btrfs_dirty_inode+0xcc/0x1c0
[   66.562068][ T4161]  ? read_lock_is_recursive+0x10/0x10
[   66.567414][ T4161]  ? __might_sleep+0xc0/0xc0
[   66.571979][ T4161]  ? slab_post_alloc_hook+0x73/0x380
[   66.577236][ T4161]  ? start_transaction+0x49f/0x11a0
[   66.582405][ T4161]  ? rcu_is_watching+0x11/0xa0
[   66.587140][ T4161]  ? start_transaction+0x49f/0x11a0
[   66.592307][ T4161]  ? kmem_cache_alloc+0x128/0x280
[   66.597302][ T4161]  start_transaction+0x5a8/0x11a0
[   66.602300][ T4161]  ? btrfs_dirty_inode+0xcc/0x1c0
[   66.607297][ T4161]  ? setattr_copy+0x17e/0x3b0
[   66.611946][ T4161]  btrfs_dirty_inode+0xcc/0x1c0
[   66.616771][ T4161]  btrfs_setattr+0x2d0/0xf70
[   66.621336][ T4161]  ? from_kgid+0x1a3/0x730
[   66.625727][ T4161]  ? btrfs_permission+0x1a0/0x1a0
[   66.630723][ T4161]  ? common_perm_cond+0x31b/0x3f0
[   66.635717][ T4161]  ? evm_inode_setattr+0xf7/0x5b0
[   66.640715][ T4161]  ? bpf_lsm_inode_setattr+0x5/0x10
[   66.645889][ T4161]  ? security_inode_setattr+0xce/0x120
[   66.651320][ T4161]  ? btrfs_permission+0x1a0/0x1a0
[   66.656320][ T4161]  notify_change+0xc6d/0xf50
[   66.660884][ T4161]  ? bpf_lsm_path_chown+0x5/0x10
[   66.665793][ T4161]  chown_common+0x592/0x890
[   66.670271][ T4161]  ? __ia32_sys_chmod+0x180/0x180
[   66.675267][ T4161]  ? rcu_read_lock_any_held+0xb3/0x160
[   66.680699][ T4161]  ? __mnt_want_write+0x1e6/0x260
[   66.685701][ T4161]  do_fchownat+0x169/0x240
[   66.690120][ T4161]  ? chown_common+0x890/0x890
[   66.694770][ T4161]  ? syscall_enter_from_user_mode+0x2e/0x240
[   66.700721][ T4161]  ? lockdep_hardirqs_on+0x94/0x130
[   66.705897][ T4161]  __x64_sys_lchown+0x81/0x90
[   66.710547][ T4161]  do_syscall_64+0x3b/0xb0
[   66.714936][ T4161]  ? clear_bhb_loop+0x15/0x70
[   66.719588][ T4161]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   66.725453][ T4161] RIP: 0033:0x7fc70478cb39
[   66.729852][ T4161] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   66.749428][ T4161] RSP: 002b:00007ffcf58a9ee8 EFLAGS: 00000246 ORIG_RA