io_time[WRITE] 0 fragmentation 0 bp_start 8 incorrectly set at freespace:0:27:0 (free 0, genbits 0 should be 0), fixing ============================================ WARNING: possible recursive locking detected 6.12.0-rc6-next-20241108-syzkaller #0 Not tainted -------------------------------------------- syz.6.473/8919 is trying to acquire lock: ffff88806809dc38 (&wp->lock){+.+.}-{4:4}, at: bch2_trans_mutex_lock_norelock fs/bcachefs/alloc_foreground.c:43 [inline] ffff88806809dc38 (&wp->lock){+.+.}-{4:4}, at: writepoint_find fs/bcachefs/alloc_foreground.c:1249 [inline] ffff88806809dc38 (&wp->lock){+.+.}-{4:4}, at: bch2_alloc_sectors_start_trans+0x956/0x2030 fs/bcachefs/alloc_foreground.c:1355 but task is already holding lock: ffff88806809dc38 (&wp->lock){+.+.}-{4:4}, at: bch2_trans_mutex_lock_norelock fs/bcachefs/alloc_foreground.c:41 [inline] ffff88806809dc38 (&wp->lock){+.+.}-{4:4}, at: writepoint_find fs/bcachefs/alloc_foreground.c:1249 [inline] ffff88806809dc38 (&wp->lock){+.+.}-{4:4}, at: bch2_alloc_sectors_start_trans+0x2e8/0x2030 fs/bcachefs/alloc_foreground.c:1355 other info that might help us debug this: Possible unsafe locking scenario: CPU0 ---- lock(&wp->lock); lock(&wp->lock); *** DEADLOCK *** May be due to missing lock nesting notation 7 locks held by syz.6.473/8919: #0: ffff888068080278 (&c->state_lock){+.+.}-{4:4}, at: bch2_fs_start+0x45/0x610 fs/bcachefs/super.c:1006 #1: ffff8880680cb128 (&j->reclaim_lock){+.+.}-{4:4}, at: journal_flush_done+0x79/0x260 fs/bcachefs/journal_reclaim.c:819 #2: ffff888068084750 (&wb->flushing.lock){+.+.}-{4:4}, at: btree_write_buffer_flush_seq+0x1a39/0x1bc0 fs/bcachefs/btree_write_buffer.c:509 #3: ffff8880680843a8 (&c->btree_trans_barrier){.+.+}-{0:0}, at: srcu_lock_acquire include/linux/srcu.h:158 [inline] #3: ffff8880680843a8 (&c->btree_trans_barrier){.+.+}-{0:0}, at: srcu_read_lock include/linux/srcu.h:255 [inline] #3: ffff8880680843a8 (&c->btree_trans_barrier){.+.+}-{0:0}, at: bch2_trans_srcu_lock+0x9a/0x1a0 fs/bcachefs/btree_iter.c:3195 #4: ffff8880680a6710 (&c->gc_lock){++++}-{4:4}, at: bch2_btree_update_start+0x682/0x14e0 fs/bcachefs/btree_update_interior.c:1191 #5: ffff88806809dc38 (&wp->lock){+.+.}-{4:4}, at: bch2_trans_mutex_lock_norelock fs/bcachefs/alloc_foreground.c:41 [inline] #5: ffff88806809dc38 (&wp->lock){+.+.}-{4:4}, at: writepoint_find fs/bcachefs/alloc_foreground.c:1249 [inline] #5: ffff88806809dc38 (&wp->lock){+.+.}-{4:4}, at: bch2_alloc_sectors_start_trans+0x2e8/0x2030 fs/bcachefs/alloc_foreground.c:1355 #6: ffff8880680a6710 (&c->gc_lock){++++}-{4:4}, at: bch2_btree_update_start+0x682/0x14e0 fs/bcachefs/btree_update_interior.c:1191 stack backtrace: CPU: 0 UID: 0 PID: 8919 Comm: syz.6.473 Not tainted 6.12.0-rc6-next-20241108-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 Call Trace: __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120 print_deadlock_bug+0x483/0x620 kernel/locking/lockdep.c:3037 check_deadlock kernel/locking/lockdep.c:3089 [inline] validate_chain+0x15e2/0x5920 kernel/locking/lockdep.c:3891 __lock_acquire+0x1397/0x2100 kernel/locking/lockdep.c:5226 lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5849 __mutex_lock_common kernel/locking/mutex.c:585 [inline] __mutex_lock+0x1ac/0xee0 kernel/locking/mutex.c:735 bch2_trans_mutex_lock_norelock fs/bcachefs/alloc_foreground.c:43 [inline] writepoint_find fs/bcachefs/alloc_foreground.c:1249 [inline] bch2_alloc_sectors_start_trans+0x956/0x2030 fs/bcachefs/alloc_foreground.c:1355 __bch2_btree_node_alloc fs/bcachefs/btree_update_interior.c:333 [inline] bch2_btree_reserve_get+0x612/0x1890 fs/bcachefs/btree_update_interior.c:543 bch2_btree_update_start+0xe56/0x14e0 fs/bcachefs/btree_update_interior.c:1241 bch2_btree_split_leaf+0x121/0x880 fs/bcachefs/btree_update_interior.c:1857 bch2_trans_commit_error+0x212/0x1390 fs/bcachefs/btree_trans_commit.c:918 __bch2_trans_commit+0x8069/0x9610 fs/bcachefs/btree_trans_commit.c:1099 bch2_trans_commit fs/bcachefs/btree_update.h:182 [inline] bch2_check_discard_freespace_key+0xba7/0x1120 fs/bcachefs/alloc_background.c:1393 try_alloc_bucket fs/bcachefs/alloc_foreground.c:287 [inline] bch2_bucket_alloc_freelist fs/bcachefs/alloc_foreground.c:463 [inline] bch2_bucket_alloc_trans+0x1526/0x31a0 fs/bcachefs/alloc_foreground.c:590 bch2_bucket_alloc_set_trans+0x517/0xd30 fs/bcachefs/alloc_foreground.c:750 __open_bucket_add_buckets+0x13d0/0x1ec0 fs/bcachefs/alloc_foreground.c:999 open_bucket_add_buckets+0x33a/0x410 fs/bcachefs/alloc_foreground.c:1043 bch2_alloc_sectors_start_trans+0xce9/0x2030 __bch2_btree_node_alloc fs/bcachefs/btree_update_interior.c:333 [inline] bch2_btree_reserve_get+0x612/0x1890 fs/bcachefs/btree_update_interior.c:543 bch2_btree_update_start+0xe56/0x14e0 fs/bcachefs/btree_update_interior.c:1241 bch2_btree_split_leaf+0x121/0x880 fs/bcachefs/btree_update_interior.c:1857 bch2_trans_commit_error+0x212/0x1390 fs/bcachefs/btree_trans_commit.c:918 __bch2_trans_commit+0x8069/0x9610 fs/bcachefs/btree_trans_commit.c:1099 wb_flush_one fs/bcachefs/btree_write_buffer.c:183 [inline] bch2_btree_write_buffer_flush_locked+0x2b23/0x5a40 fs/bcachefs/btree_write_buffer.c:375 btree_write_buffer_flush_seq+0x1a43/0x1bc0 fs/bcachefs/btree_write_buffer.c:510 bch2_btree_write_buffer_journal_flush+0x4e/0x80 fs/bcachefs/btree_write_buffer.c:525 journal_flush_pins+0x5f7/0xb20 fs/bcachefs/journal_reclaim.c:565 journal_flush_done+0x8e/0x260 fs/bcachefs/journal_reclaim.c:821 bch2_journal_flush_pins+0x225/0x3a0 fs/bcachefs/journal_reclaim.c:854 bch2_journal_flush_all_pins fs/bcachefs/journal_reclaim.h:76 [inline] bch2_journal_replay+0x2744/0x2a70 fs/bcachefs/recovery.c:422 bch2_run_recovery_pass+0xf0/0x1e0 fs/bcachefs/recovery_passes.c:216 bch2_run_recovery_passes+0x290/0x9f0 fs/bcachefs/recovery_passes.c:286 bch2_fs_recovery+0x25cc/0x39b0 fs/bcachefs/recovery.c:893 bch2_fs_start+0x37c/0x610 fs/bcachefs/super.c:1037 bch2_fs_get_tree+0xd68/0x1710 fs/bcachefs/fs.c:2184 vfs_get_tree+0x90/0x2b0 fs/super.c:1814 do_new_mount+0x2be/0xb40 fs/namespace.c:3507 do_mount fs/namespace.c:3847 [inline] __do_sys_mount fs/namespace.c:4057 [inline] __se_sys_mount+0x2d6/0x3c0 fs/namespace.c:4034 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f83fd57feba Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f83fe2b0e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 RAX: ffffffffffffffda RBX: 00007f83fe2b0ef0 RCX: 00007f83fd57feba RDX: 00000000200058c0 RSI: 0000000020005900 RDI: 00007f83fe2b0eb0 RBP: 00000000200058c0 R08: 00007f83fe2b0ef0 R09: 0000000001000000 R10: 0000000001000000 R11: 0000000000000246 R12: 0000000020005900 R13: 00007f83fe2b0eb0 R14: 000000000000598f R15: 00000000200001c0