Warning: Permanently added '10.128.0.49' (ED25519) to the list of known hosts. executing program [ 54.532407][ T4165] loop0: detected capacity change from 0 to 32768 [ 54.633191][ T4165] (syz-executor999,4165,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 54.648493][ T4165] (syz-executor999,4165,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 54.669887][ T4165] JBD2: Ignoring recovery information on journal [ 54.693938][ T4165] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 54.707495][ T1203] ocfs2: Finishing quota recovery on device (7,0) for slot 0 [ 54.744511][ T4165] [ 54.746863][ T4165] ====================================================== [ 54.753860][ T4165] WARNING: possible circular locking dependency detected [ 54.760859][ T4165] 5.15.178-syzkaller #0 Not tainted [ 54.766036][ T4165] ------------------------------------------------------ [ 54.773121][ T4165] syz-executor999/4165 is trying to acquire lock: [ 54.779508][ T4165] ffff88807789d138 ((wq_completion)ocfs2_wq){+.+.}-{0:0}, at: flush_workqueue+0x154/0x1610 [ 54.789505][ T4165] [ 54.789505][ T4165] but task is already holding lock: [ 54.796845][ T4165] ffff88802b1ca0e0 (&type->s_umount_key#50){++++}-{3:3}, at: deactivate_super+0xa9/0xe0 [ 54.806571][ T4165] [ 54.806571][ T4165] which lock already depends on the new lock. [ 54.806571][ T4165] [ 54.816949][ T4165] [ 54.816949][ T4165] the existing dependency chain (in reverse order) is: [ 54.825939][ T4165] [ 54.825939][ T4165] -> #2 (&type->s_umount_key#50){++++}-{3:3}: [ 54.834178][ T4165] lock_acquire+0x1db/0x4f0 [ 54.839187][ T4165] down_read+0x45/0x2e0 [ 54.843861][ T4165] ocfs2_finish_quota_recovery+0x15a/0x2260 [ 54.850260][ T4165] ocfs2_complete_recovery+0x173c/0x24a0 [ 54.856396][ T4165] process_one_work+0x8a1/0x10c0 [ 54.861838][ T4165] worker_thread+0xaca/0x1280 [ 54.867015][ T4165] kthread+0x3f6/0x4f0 [ 54.871598][ T4165] ret_from_fork+0x1f/0x30 [ 54.876516][ T4165] [ 54.876516][ T4165] -> #1 ((work_completion)(&journal->j_recovery_work)){+.+.}-{0:0}: [ 54.886652][ T4165] lock_acquire+0x1db/0x4f0 [ 54.891761][ T4165] process_one_work+0x7f1/0x10c0 [ 54.897202][ T4165] worker_thread+0xaca/0x1280 [ 54.902403][ T4165] kthread+0x3f6/0x4f0 [ 54.906979][ T4165] ret_from_fork+0x1f/0x30 [ 54.911896][ T4165] [ 54.911896][ T4165] -> #0 ((wq_completion)ocfs2_wq){+.+.}-{0:0}: [ 54.920211][ T4165] validate_chain+0x1649/0x5930 [ 54.925562][ T4165] __lock_acquire+0x1295/0x1ff0 [ 54.930995][ T4165] lock_acquire+0x1db/0x4f0 [ 54.935994][ T4165] flush_workqueue+0x170/0x1610 [ 54.941343][ T4165] ocfs2_shutdown_local_alloc+0x105/0xa90 [ 54.947565][ T4165] ocfs2_dismount_volume+0x1db/0x8b0 [ 54.953366][ T4165] generic_shutdown_super+0x130/0x310 [ 54.959339][ T4165] kill_block_super+0x7a/0xe0 [ 54.964513][ T4165] deactivate_locked_super+0xa0/0x110 [ 54.970411][ T4165] cleanup_mnt+0x44e/0x500 [ 54.975330][ T4165] task_work_run+0x129/0x1a0 [ 54.980443][ T4165] do_exit+0x6a3/0x2480 [ 54.985190][ T4165] do_group_exit+0x144/0x310 [ 54.990399][ T4165] __x64_sys_exit_group+0x3b/0x40 [ 54.995923][ T4165] do_syscall_64+0x3b/0xb0 [ 55.000841][ T4165] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 55.007237][ T4165] [ 55.007237][ T4165] other info that might help us debug this: [ 55.007237][ T4165] [ 55.017455][ T4165] Chain exists of: [ 55.017455][ T4165] (wq_completion)ocfs2_wq --> (work_completion)(&journal->j_recovery_work) --> &type->s_umount_key#50 [ 55.017455][ T4165] [ 55.034289][ T4165] Possible unsafe locking scenario: [ 55.034289][ T4165] [ 55.041734][ T4165] CPU0 CPU1 [ 55.047080][ T4165] ---- ---- [ 55.052418][ T4165] lock(&type->s_umount_key#50); [ 55.057425][ T4165] lock((work_completion)(&journal->j_recovery_work)); [ 55.066855][ T4165] lock(&type->s_umount_key#50); [ 55.074381][ T4165] lock((wq_completion)ocfs2_wq); [ 55.079468][ T4165] [ 55.079468][ T4165] *** DEADLOCK *** [ 55.079468][ T4165] [ 55.087589][ T4165] 1 lock held by syz-executor999/4165: [ 55.093020][ T4165] #0: ffff88802b1ca0e0 (&type->s_umount_key#50){++++}-{3:3}, at: deactivate_super+0xa9/0xe0 [ 55.103175][ T4165] [ 55.103175][ T4165] stack backtrace: [ 55.109053][ T4165] CPU: 1 PID: 4165 Comm: syz-executor999 Not tainted 5.15.178-syzkaller #0 [ 55.117613][ T4165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 55.127741][ T4165] Call Trace: [ 55.131020][ T4165] [ 55.134058][ T4165] dump_stack_lvl+0x1e3/0x2d0 [ 55.138739][ T4165] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 55.144375][ T4165] ? print_circular_bug+0x12b/0x1a0 [ 55.149573][ T4165] check_noncircular+0x2f8/0x3b0 [ 55.154499][ T4165] ? add_chain_block+0x850/0x850 [ 55.159425][ T4165] ? lockdep_lock+0x11f/0x2a0 [ 55.164106][ T4165] validate_chain+0x1649/0x5930 [ 55.168948][ T4165] ? reacquire_held_locks+0x660/0x660 [ 55.174317][ T4165] ? read_lock_is_recursive+0x10/0x10 [ 55.179671][ T4165] ? debug_object_assert_init+0x2bf/0x420 [ 55.185371][ T4165] ? do_raw_spin_lock+0x14a/0x370 [ 55.190376][ T4165] ? __lock_acquire+0x1ff0/0x1ff0 [ 55.195405][ T4165] ? do_raw_spin_unlock+0x137/0x8b0 [ 55.200602][ T4165] ? mark_lock+0x98/0x340 [ 55.204927][ T4165] __lock_acquire+0x1295/0x1ff0 [ 55.209779][ T4165] lock_acquire+0x1db/0x4f0 [ 55.214304][ T4165] ? flush_workqueue+0x154/0x1610 [ 55.219332][ T4165] ? read_lock_is_recursive+0x10/0x10 [ 55.224697][ T4165] ? lockdep_softirqs_off+0x420/0x420 [ 55.230076][ T4165] ? del_timer+0x183/0x310 [ 55.234484][ T4165] ? __init_swait_queue_head+0xaa/0x140 [ 55.240014][ T4165] flush_workqueue+0x170/0x1610 [ 55.244849][ T4165] ? flush_workqueue+0x154/0x1610 [ 55.249859][ T4165] ? print_irqtrace_events+0x210/0x210 [ 55.255297][ T4165] ? flush_work+0x20/0x20 [ 55.259609][ T4165] ? rcu_work_rcufn+0x140/0x140 [ 55.264464][ T4165] ? print_irqtrace_events+0x210/0x210 [ 55.269902][ T4165] ocfs2_shutdown_local_alloc+0x105/0xa90 [ 55.275611][ T4165] ? __cancel_work_timer+0x5e8/0x6a0 [ 55.280876][ T4165] ? ocfs2_local_alloc_count_bits+0x230/0x230 [ 55.286948][ T4165] ? cancel_work_sync+0x20/0x20 [ 55.291778][ T4165] ? do_raw_spin_unlock+0x137/0x8b0 [ 55.296953][ T4165] ? _atomic_dec_and_lock+0x96/0x130 [ 55.302218][ T4165] ? iput+0x371/0x8b0 [ 55.306178][ T4165] ? ocfs2_disable_quotas+0x1b8/0x210 [ 55.311530][ T4165] ocfs2_dismount_volume+0x1db/0x8b0 [ 55.316812][ T4165] ? ocfs2_enable_quotas+0x440/0x440 [ 55.322085][ T4165] ? ocfs2_put_super+0x74/0x1d0 [ 55.326941][ T4165] ? ocfs2_put_super+0x86/0x1d0 [ 55.331808][ T4165] ? ocfs2_init_global_system_inodes+0x701/0x720 [ 55.338128][ T4165] ? ocfs2_free_inode+0x20/0x20 [ 55.342972][ T4165] generic_shutdown_super+0x130/0x310 [ 55.348325][ T4165] kill_block_super+0x7a/0xe0 [ 55.352985][ T4165] deactivate_locked_super+0xa0/0x110 [ 55.358338][ T4165] cleanup_mnt+0x44e/0x500 [ 55.362737][ T4165] ? lockdep_hardirqs_on+0x94/0x130 [ 55.367920][ T4165] task_work_run+0x129/0x1a0 [ 55.372501][ T4165] do_exit+0x6a3/0x2480 [ 55.376641][ T4165] ? put_task_struct+0x80/0x80 [ 55.381384][ T4165] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 55.387346][ T4165] ? vtime_user_exit+0x2d1/0x400 [ 55.392276][ T4165] do_group_exit+0x144/0x310 [ 55.396852][ T4165] __x64_sys_exit_group+0x3b/0x40 [ 55.401872][ T4165] do_syscall_64+0x3b/0xb0 [ 55.406287][ T4165] ? clear_bhb_loop+0x15/0x70 [ 55.410950][ T4165] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 55.416834][ T4165] RIP: 0033:0x7f5a3fb5eab9 [ 55.421235][ T4165] Code: Unable to access opcode bytes at RIP 0x7f5a3fb5ea8f. [ 55.428575][ T4165] RSP: 002b:00007ffd07f00668 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 55.436964][ T4165] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f5a3fb5eab9 [ 55.444914][ T4165] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001 [ 55.452862][ T4165] RBP: 00007f5a3fbda2b0 R08: ffffffffffffffb8 R09: 0000000000004701 [ 55.460901][ T4165] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5a3fbda2b0 [ 55.468853][ T4165] R13: 0000000000000000 R14: 00007f5a3fbdc080 R15: 00007f5a3fb256e0 [ 55.476807][ T4165]