./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3289119669

<...>
Warning: Permanently added '10.128.1.183' (ED25519) to the list of known hosts.
execve("./syz-executor3289119669", ["./syz-executor3289119669"], 0x7ffebb20ecf0 /* 10 vars */) = 0
brk(NULL)                               = 0x555591b7c000
brk(0x555591b7cd00)                     = 0x555591b7cd00
arch_prctl(ARCH_SET_FS, 0x555591b7c380) = 0
set_tid_address(0x555591b7c650)         = 5839
set_robust_list(0x555591b7c660, 24)     = 0
rseq(0x555591b7cca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor3289119669", 4096) = 28
getrandom("\x89\xa4\x2f\x6f\xc9\xb1\xa6\x53", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x555591b7cd00
brk(0x555591b9dd00)                     = 0x555591b9dd00
brk(0x555591b9e000)                     = 0x555591b9e000
mprotect(0x7f8915bcb000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
unshare(CLONE_NEWPID)                   = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5840 attached
 <unfinished ...>
[pid  5840] set_robust_list(0x555591b7c660, 24 <unfinished ...>
[pid  5839] <... clone resumed>, child_tidptr=0x555591b7c650) = 5840
[pid  5840] <... set_robust_list resumed>) = 0
[pid  5840] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5840] getppid()                   = 0
[pid  5840] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0
[pid  5840] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0
[pid  5840] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0
[pid  5840] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0
[pid  5840] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0
[pid  5840] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0
[pid  5840] unshare(CLONE_NEWNS)        = 0
[pid  5840] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0
[pid  5840] unshare(CLONE_NEWIPC)       = 0
[pid  5840] unshare(CLONE_NEWCGROUP)    = 0
[pid  5840] unshare(CLONE_NEWUTS)       = 0
[pid  5840] unshare(CLONE_SYSVSEM)      = 0
[pid  5840] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3
[pid  5840] write(3, "16777216", 8)     = 8
[pid  5840] close(3)                    = 0
[pid  5840] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3
[pid  5840] write(3, "536870912", 9)    = 9
[pid  5840] close(3)                    = 0
[pid  5840] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3
[pid  5840] write(3, "1024", 4)         = 4
[pid  5840] close(3)                    = 0
[pid  5840] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3
[pid  5840] write(3, "8192", 4)         = 4
[pid  5840] close(3)                    = 0
[pid  5840] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3
[pid  5840] write(3, "1024", 4)         = 4
[pid  5840] close(3)                    = 0
[pid  5840] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3
[pid  5840] write(3, "1024", 4)         = 4
[pid  5840] close(3)                    = 0
[pid  5840] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3
[pid  5840] write(3, "1024 1048576 500 1024", 21) = 21
[pid  5840] close(3)                    = 0
[pid  5840] getpid()                    = 1
[pid  5840] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  5840] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  5840] unshare(CLONE_NEWNET)       = 0
[pid  5840] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC) = 3
[pid  5840] write(3, "0 65535", 7)      = 7
[pid  5840] close(3)                    = 0
[pid  5840] openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC) = 3
[pid  5840] write(3, "100000", 6)       = 6
[pid  5840] close(3)                    = 0
[pid  5840] mkdir("./syz-tmp", 0777)    = 0
[pid  5840] mount("", "./syz-tmp", "tmpfs", 0, NULL) = 0
[pid  5840] mkdir("./syz-tmp/newroot", 0777) = 0
[pid  5840] mkdir("./syz-tmp/newroot/dev", 0700) = 0
[pid  5840] mount("/dev", "./syz-tmp/newroot/dev", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0
[pid  5840] mkdir("./syz-tmp/newroot/proc", 0700) = 0
[pid  5840] mount("syz-proc", "./syz-tmp/newroot/proc", "proc", 0, NULL) = 0
[pid  5840] mkdir("./syz-tmp/newroot/selinux", 0700) = 0
[pid  5840] mount("/selinux", "./syz-tmp/newroot/selinux", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = -1 ENOENT (No such file or directory)
[pid  5840] mount("/sys/fs/selinux", "./syz-tmp/newroot/selinux", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = -1 ENOENT (No such file or directory)
[pid  5840] mkdir("./syz-tmp/newroot/sys", 0700) = 0
[pid  5840] mount("/sys", "./syz-tmp/newroot/sys", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0
[pid  5840] mount("/sys/kernel/debug", "./syz-tmp/newroot/sys/kernel/debug", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0
[pid  5840] mount("/sys/fs/smackfs", "./syz-tmp/newroot/sys/fs/smackfs", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0
[pid  5840] mount("/proc/sys/fs/binfmt_misc", "./syz-tmp/newroot/proc/sys/fs/binfmt_misc", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0
[pid  5840] mkdir("./syz-tmp/pivot", 0777) = 0
[pid  5840] pivot_root("./syz-tmp", "./syz-tmp/pivot") = 0
[pid  5840] chdir("/")                  = 0
[pid  5840] umount2("./pivot", MNT_DETACH) = 0
[pid  5840] chroot("./newroot")         = 0
[pid  5840] chdir("/")                  = 0
[pid  5840] mkdir("/dev/binderfs", 0777) = 0
[pid  5840] mount("binder", "/dev/binderfs", "binder", 0, NULL) = 0
[pid  5840] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5840] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy)
[pid  5840] write(1, "executing program\n", 18executing program
) = 18
[pid  5840] memfd_create("syzkaller", 0) = 3
[pid  5840] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f890d600000
[pid  5840] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216
[pid  5840] munmap(0x7f890d600000, 138412032) = 0
[pid  5840] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5840] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5840] close(3)                    = 0
[pid  5840] close(4)                    = 0
[pid  5840] mkdir("./file1", 0777)      = 0
[   65.492080][ T5840] loop0: detected capacity change from 0 to 32768
[   65.529373][ T5840] =======================================================
[   65.529373][ T5840] WARNING: The mand mount option has been deprecated and
[   65.529373][ T5840]          and is ignored by this kernel. Remove the mand
[   65.529373][ T5840]          option from the mount to silence this warning.
[   65.529373][ T5840] =======================================================
[pid  5840] mount("/dev/loop0", "./file1", "ocfs2", MS_MANDLOCK|MS_DIRSYNC|MS_NODIRATIME, "acl,heartbeat=none,errors=remount-ro,coherency=full,coherency=full,localflocks,intr,noacl,") = 0
[pid  5840] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid  5840] chdir("./file1")            = 0
[pid  5840] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[   65.587159][ T5840] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[pid  5840] mkdirat(AT_FDCWD, "./file0", 000) = 0
[pid  5840] mkdir("./bus", 000)         = 0
[pid  5840] mkdirat(AT_FDCWD, "./file1", 000) = 0
[   65.658687][ T5840] overlayfs: upper fs does not support tmpfile.
[   65.667958][ T5840] overlayfs: upper fs does not support RENAME_WHITEOUT.
[   65.676299][ T5840] 
[   65.678662][ T5840] ======================================================
[   65.685672][ T5840] WARNING: possible circular locking dependency detected
[   65.692689][ T5840] 6.12.0-syzkaller-10689-g7af08b57bcb9 #0 Not tainted
[   65.699429][ T5840] ------------------------------------------------------
[   65.706423][ T5840] syz-executor328/5840 is trying to acquire lock:
[   65.712826][ T5840] ffff8880793c9800 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5){+.+.}-{4:4}, at: ocfs2_reserve_local_alloc_bits+0x132/0x2840
[   65.726326][ T5840] 
[   65.726326][ T5840] but task is already holding lock:
[   65.733679][ T5840] ffff88807286bff8 (&oi->ip_xattr_sem){+.+.}-{4:4}, at: ocfs2_xattr_set+0x633/0x1930
[   65.743141][ T5840] 
[   65.743141][ T5840] which lock already depends on the new lock.
[   65.743141][ T5840] 
[   65.753524][ T5840] 
[   65.753524][ T5840] the existing dependency chain (in reverse order) is:
[   65.762515][ T5840] 
[   65.762515][ T5840] -> #4 (&oi->ip_xattr_sem){+.+.}-{4:4}:
[   65.770315][ T5840]        lock_acquire+0x1ed/0x550
[   65.775327][ T5840]        down_write+0x99/0x220
[   65.780092][ T5840]        ocfs2_xattr_set_handle+0x539/0xa10
[   65.785978][ T5840]        ocfs2_init_security_set+0xbd/0xd0
[   65.791773][ T5840]        ocfs2_mknod+0x1ccf/0x2b30
[   65.796963][ T5840]        ocfs2_mkdir+0x1ab/0x470
[   65.801891][ T5840]        vfs_mkdir+0x2f9/0x4f0
[   65.806731][ T5840]        do_mkdirat+0x264/0x3a0
[   65.811597][ T5840]        __x64_sys_mkdirat+0x87/0xa0
[   65.816890][ T5840]        do_syscall_64+0xf3/0x230
[   65.821920][ T5840]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   65.828348][ T5840] 
[   65.828348][ T5840] -> #3 (jbd2_handle){.+.+}-{0:0}:
[   65.835734][ T5840]        lock_acquire+0x1ed/0x550
[   65.840755][ T5840]        start_this_handle+0x1eb4/0x2110
[   65.846376][ T5840]        jbd2__journal_start+0x2da/0x5d0
[   65.852008][ T5840]        jbd2_journal_start+0x29/0x40
[   65.857375][ T5840]        ocfs2_start_trans+0x3c9/0x700
[   65.862825][ T5840]        ocfs2_reserve_suballoc_bits+0x9f6/0x4e70
[   65.869239][ T5840]        ocfs2_reserve_new_metadata_blocks+0x41c/0x9c0
[   65.876108][ T5840]        ocfs2_mknod+0x143a/0x2b30
[   65.881244][ T5840]        ocfs2_mkdir+0x1ab/0x470
[   65.886201][ T5840]        vfs_mkdir+0x2f9/0x4f0
[   65.890973][ T5840]        do_mkdirat+0x264/0x3a0
[   65.895819][ T5840]        __x64_sys_mkdirat+0x87/0xa0
[   65.901141][ T5840]        do_syscall_64+0xf3/0x230
[   65.906173][ T5840]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   65.912591][ T5840] 
[   65.912591][ T5840] -> #2 (&journal->j_trans_barrier){.+.+}-{4:4}:
[   65.921101][ T5840]        lock_acquire+0x1ed/0x550
[   65.926118][ T5840]        down_read+0xb1/0xa40
[   65.930786][ T5840]        ocfs2_start_trans+0x3be/0x700
[   65.936233][ T5840]        ocfs2_reserve_suballoc_bits+0x9f6/0x4e70
[   65.942634][ T5840]        ocfs2_reserve_new_metadata_blocks+0x41c/0x9c0
[   65.949503][ T5840]        ocfs2_mknod+0x143a/0x2b30
[   65.954615][ T5840]        ocfs2_mkdir+0x1ab/0x470
[   65.959556][ T5840]        vfs_mkdir+0x2f9/0x4f0
[   65.964310][ T5840]        do_mkdirat+0x264/0x3a0
[   65.969167][ T5840]        __x64_sys_mkdirat+0x87/0xa0
[   65.974448][ T5840]        do_syscall_64+0xf3/0x230
[   65.979549][ T5840]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   65.985968][ T5840] 
[   65.985968][ T5840] -> #1 (sb_internal#2){.+.+}-{0:0}:
[   65.993451][ T5840]        lock_acquire+0x1ed/0x550
[   65.998908][ T5840]        ocfs2_start_trans+0x2b9/0x700
[   66.004363][ T5840]        ocfs2_mknod+0x150c/0x2b30
[   66.009468][ T5840]        ocfs2_mkdir+0x1ab/0x470
[   66.014400][ T5840]        vfs_mkdir+0x2f9/0x4f0
[   66.019155][ T5840]        do_mkdirat+0x264/0x3a0
[   66.024000][ T5840]        __x64_sys_mkdirat+0x87/0xa0
[   66.029281][ T5840]        do_syscall_64+0xf3/0x230
[   66.034295][ T5840]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.040697][ T5840] 
[   66.040697][ T5840] -> #0 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5){+.+.}-{4:4}:
[   66.051205][ T5840]        validate_chain+0x18ef/0x5920
[   66.056580][ T5840]        __lock_acquire+0x1397/0x2100
[   66.061940][ T5840]        lock_acquire+0x1ed/0x550
[   66.066948][ T5840]        down_write+0x99/0x220
[   66.071712][ T5840]        ocfs2_reserve_local_alloc_bits+0x132/0x2840
[   66.078378][ T5840]        ocfs2_reserve_clusters_with_limit+0x1b8/0xb60
[   66.085253][ T5840]        ocfs2_init_xattr_set_ctxt+0x420/0x8e0
[   66.091401][ T5840]        ocfs2_xattr_set+0xf4e/0x1930
[   66.096763][ T5840]        __vfs_setxattr+0x468/0x4a0
[   66.101953][ T5840]        __vfs_setxattr_noperm+0x12e/0x660
[   66.107750][ T5840]        vfs_setxattr+0x221/0x430
[   66.112763][ T5840]        ovl_get_workdir+0xd90/0x1920
[   66.118121][ T5840]        ovl_fill_super+0x12a8/0x3560
[   66.123480][ T5840]        get_tree_nodev+0xb7/0x140
[   66.128588][ T5840]        vfs_get_tree+0x90/0x2b0
[   66.133609][ T5840]        do_new_mount+0x2be/0xb40
[   66.138653][ T5840]        __se_sys_mount+0x2d6/0x3c0
[   66.143860][ T5840]        do_syscall_64+0xf3/0x230
[   66.148892][ T5840]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.155327][ T5840] 
[   66.155327][ T5840] other info that might help us debug this:
[   66.155327][ T5840] 
[   66.165657][ T5840] Chain exists of:
[   66.165657][ T5840]   &ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5 --> jbd2_handle --> &oi->ip_xattr_sem
[   66.165657][ T5840] 
[   66.181407][ T5840]  Possible unsafe locking scenario:
[   66.181407][ T5840] 
[   66.188844][ T5840]        CPU0                    CPU1
[   66.194210][ T5840]        ----                    ----
[   66.199564][ T5840]   lock(&oi->ip_xattr_sem);
[   66.204158][ T5840]                                lock(jbd2_handle);
[   66.210734][ T5840]                                lock(&oi->ip_xattr_sem);
[   66.217837][ T5840]   lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5);
[   66.225206][ T5840] 
[   66.225206][ T5840]  *** DEADLOCK ***
[   66.225206][ T5840] 
[   66.233338][ T5840] 4 locks held by syz-executor328/5840:
[   66.238873][ T5840]  #0: ffff8880358680e0 (&type->s_umount_key#45/1){+.+.}-{4:4}, at: alloc_super+0x221/0x9d0
[   66.248984][ T5840]  #1: ffff88802a210420 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90
[   66.258138][ T5840]  #2: ffff88807286c2c0 (&sb->s_type->i_mutex_key#19){++++}-{4:4}, at: vfs_setxattr+0x1e1/0x430
[   66.268579][ T5840]  #3: ffff88807286bff8 (&oi->ip_xattr_sem){+.+.}-{4:4}, at: ocfs2_xattr_set+0x633/0x1930
[   66.278497][ T5840] 
[   66.278497][ T5840] stack backtrace:
[   66.284395][ T5840] CPU: 0 UID: 0 PID: 5840 Comm: syz-executor328 Not tainted 6.12.0-syzkaller-10689-g7af08b57bcb9 #0
[   66.295149][ T5840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   66.305221][ T5840] Call Trace:
[   66.309014][ T5840]  <TASK>
[   66.311940][ T5840]  dump_stack_lvl+0x241/0x360
[   66.316620][ T5840]  ? __pfx_dump_stack_lvl+0x10/0x10
[   66.321811][ T5840]  ? __pfx__printk+0x10/0x10
[   66.326398][ T5840]  print_circular_bug+0x13a/0x1b0
[   66.331420][ T5840]  check_noncircular+0x36a/0x4a0
[   66.336376][ T5840]  ? __pfx_check_noncircular+0x10/0x10
[   66.341832][ T5840]  ? lockdep_lock+0x123/0x2b0
[   66.346542][ T5840]  validate_chain+0x18ef/0x5920
[   66.351407][ T5840]  ? __pfx_validate_chain+0x10/0x10
[   66.356616][ T5840]  ? __pfx_validate_chain+0x10/0x10
[   66.361814][ T5840]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   66.367788][ T5840]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   66.374114][ T5840]  ? ocfs2_get_system_file_inode+0x1d4/0x7b0
[   66.380089][ T5840]  ? __pfx_lock_release+0x10/0x10
[   66.385105][ T5840]  ? mark_lock+0x9a/0x360
[   66.389426][ T5840]  __lock_acquire+0x1397/0x2100
[   66.394271][ T5840]  lock_acquire+0x1ed/0x550
[   66.398762][ T5840]  ? ocfs2_reserve_local_alloc_bits+0x132/0x2840
[   66.405085][ T5840]  ? __pfx_lock_acquire+0x10/0x10
[   66.410102][ T5840]  ? __pfx___might_resched+0x10/0x10
[   66.415384][ T5840]  ? __pfx_ocfs2_get_system_file_inode+0x10/0x10
[   66.421704][ T5840]  ? __pfx_validate_chain+0x10/0x10
[   66.426896][ T5840]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   66.432874][ T5840]  down_write+0x99/0x220
[   66.437109][ T5840]  ? ocfs2_reserve_local_alloc_bits+0x132/0x2840
[   66.443431][ T5840]  ? __pfx_down_write+0x10/0x10
[   66.448363][ T5840]  ocfs2_reserve_local_alloc_bits+0x132/0x2840
[   66.454530][ T5840]  ? mark_lock+0x9a/0x360
[   66.458852][ T5840]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   66.464827][ T5840]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   66.471148][ T5840]  ? lockdep_hardirqs_on+0x99/0x150
[   66.476345][ T5840]  ? __pfx_ocfs2_reserve_local_alloc_bits+0x10/0x10
[   66.483021][ T5840]  ? __pfx_lock_acquire+0x10/0x10
[   66.488041][ T5840]  ? ocfs2_alloc_should_use_local+0x155/0x320
[   66.494127][ T5840]  ? __pfx_lock_release+0x10/0x10
[   66.499155][ T5840]  ? do_raw_spin_lock+0x14f/0x370
[   66.504183][ T5840]  ? do_raw_spin_unlock+0x13c/0x8b0
[   66.509379][ T5840]  ? _raw_spin_unlock+0x28/0x50
[   66.514223][ T5840]  ? ocfs2_alloc_should_use_local+0x155/0x320
[   66.520290][ T5840]  ocfs2_reserve_clusters_with_limit+0x1b8/0xb60
[   66.526612][ T5840]  ? __pfx_ocfs2_reserve_clusters_with_limit+0x10/0x10
[   66.533450][ T5840]  ? __pfx_ocfs2_calc_xattr_set_need+0x10/0x10
[   66.539603][ T5840]  ? ocfs2_xattr_set+0xf00/0x1930
[   66.544620][ T5840]  ocfs2_init_xattr_set_ctxt+0x420/0x8e0
[   66.550353][ T5840]  ? __pfx_ocfs2_init_xattr_set_ctxt+0x10/0x10
[   66.556511][ T5840]  ? up_write+0x1a9/0x590
[   66.560837][ T5840]  ? __pfx_ocfs2_truncate_log_needs_flush+0x10/0x10
[   66.567417][ T5840]  ? __pfx_up_write+0x10/0x10
[   66.572088][ T5840]  ? __kmalloc_cache_noprof+0x243/0x390
[   66.577713][ T5840]  ? ocfs2_xattr_set+0x4d5/0x1930
[   66.582734][ T5840]  ocfs2_xattr_set+0xf4e/0x1930
[   66.587583][ T5840]  ? __pfx_ocfs2_xattr_set+0x10/0x10
[   66.592948][ T5840]  ? _prb_read_valid+0xa39/0xac0
[   66.597887][ T5840]  ? mark_lock+0x9a/0x360
[   66.602303][ T5840]  ? smk_tskacc+0x300/0x370
[   66.606803][ T5840]  ? posix_xattr_acl+0xa9/0xd0
[   66.611565][ T5840]  ? evm_protect_xattr+0x4be/0xb30
[   66.616674][ T5840]  ? __pfx_ocfs2_xattr_trusted_set+0x10/0x10
[   66.622737][ T5840]  __vfs_setxattr+0x468/0x4a0
[   66.627412][ T5840]  __vfs_setxattr_noperm+0x12e/0x660
[   66.632692][ T5840]  vfs_setxattr+0x221/0x430
[   66.637210][ T5840]  ? __pfx_vfs_setxattr+0x10/0x10
[   66.642241][ T5840]  ? _raw_spin_unlock+0x28/0x50
[   66.647108][ T5840]  ? dput+0x37/0x2b0
[   66.650996][ T5840]  ovl_get_workdir+0xd90/0x1920
[   66.655842][ T5840]  ? __pfx_ovl_get_workdir+0x10/0x10
[   66.661149][ T5840]  ? ovl_inuse_trylock+0xab/0xf0
[   66.666076][ T5840]  ? do_raw_spin_lock+0x14f/0x370
[   66.671102][ T5840]  ? _raw_spin_unlock+0x28/0x50
[   66.675949][ T5840]  ? ovl_inuse_trylock+0xab/0xf0
[   66.680937][ T5840]  ovl_fill_super+0x12a8/0x3560
[   66.685805][ T5840]  ? __pfx___mutex_trylock_common+0x10/0x10
[   66.691709][ T5840]  ? shrinker_register+0x118/0x230
[   66.696817][ T5840]  ? __pfx_lock_release+0x10/0x10
[   66.701848][ T5840]  ? __pfx_ovl_fill_super+0x10/0x10
[   66.707037][ T5840]  ? __pfx_lockdep_init_map_type+0x10/0x10
[   66.712837][ T5840]  ? __pfx___mutex_lock+0x10/0x10
[   66.717858][ T5840]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   66.723842][ T5840]  ? sget_fc+0x909/0x9c0
[   66.728080][ T5840]  ? __pfx_set_anon_super_fc+0x10/0x10
[   66.733533][ T5840]  ? __pfx_ovl_fill_super+0x10/0x10
[   66.738745][ T5840]  get_tree_nodev+0xb7/0x140
[   66.743336][ T5840]  vfs_get_tree+0x90/0x2b0
[   66.747780][ T5840]  do_new_mount+0x2be/0xb40
[   66.752329][ T5840]  ? __pfx_do_new_mount+0x10/0x10
[   66.757383][ T5840]  __se_sys_mount+0x2d6/0x3c0
[   66.762057][ T5840]  ? __pfx___se_sys_mount+0x10/0x10
[   66.767248][ T5840]  ? do_syscall_64+0x100/0x230
[   66.772002][ T5840]  ? __x64_sys_mount+0x20/0xc0
[   66.776758][ T5840]  do_syscall_64+0xf3/0x230
[   66.781260][ T5840]  ? clear_bhb_loop+0x35/0x90
[   66.785932][ T5840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.791838][ T5840] RIP: 0033:0x7f8915b52c19
[   66.796257][ T5840] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   66.815856][ T5840] RSP: 002b:00007ffebb6bdc08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   66.824262][ T5840] RAX: ffffffffffffffda RBX: 0031656c69662f2e RCX: 00007f8915b52c19
[   66.832250][ T5840] RDX: 0000000020000080 RSI: 00000000200000c0 RDI: 0000000000000000
[   66.840302][ T5840] RBP: 00007f8915b9c144 R08: 0000000020000000 R09: 0000000000000006
[   66.848263][ T5840] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8915ba58bc
[pid  5840] mount(NULL, "./bus", "overlay", 0, "workdir=./bus,lowerdir=./file0,upperdir=./file1,") = -1 EINVAL (Invalid argument)
[pid  5840] exit_group(1)               = ?
[pid  5840] +++ exited with 1 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5840, si_uid=0, si_status=1, si_utime=2 /* 0.02 s */, si_stime=26 /* 0.26 s */} ---
exit_group(0)                           = ?
+++ exited with 0 +++
[   66.856278][ T5840] R13: 00007f8915b9c0c9 R14: 0000000000000001 R15: 0000000000000001