======================================================
WARNING: possible circular locking dependency detected
6.16.0-syzkaller-09014-gd6084bb815c4 #0 Not tainted
------------------------------------------------------
syz.0.0/5339 is trying to acquire lock:
ffff88804421d100 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5){+.+.}-{4:4}, at: inode_lock include/linux/fs.h:869 [inline]
ffff88804421d100 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5){+.+.}-{4:4}, at: __ocfs2_flush_truncate_log+0x33c/0x10e0 fs/ocfs2/alloc.c:6054

but task is already holding lock:
ffff888044223480 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#6){+.+.}-{4:4}, at: inode_lock include/linux/fs.h:869 [inline]
ffff888044223480 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#6){+.+.}-{4:4}, at: ocfs2_flush_truncate_log fs/ocfs2/alloc.c:6083 [inline]
ffff888044223480 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#6){+.+.}-{4:4}, at: ocfs2_try_to_free_truncate_log+0x197/0x360 fs/ocfs2/alloc.c:6143

which lock already depends on the new lock.


the existing dependency chain (in reverse order) is:

-> #1 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#6){+.+.}-{4:4}:
       lock_acquire+0x120/0x360 kernel/locking/lockdep.c:5868
       down_write+0x96/0x1f0 kernel/locking/rwsem.c:1575
       inode_lock include/linux/fs.h:869 [inline]
       ocfs2_move_extent fs/ocfs2/move_extents.c:640 [inline]
       __ocfs2_move_extents_range+0x1a68/0x3370 fs/ocfs2/move_extents.c:860
       ocfs2_move_extents+0x378/0x960 fs/ocfs2/move_extents.c:927
       ocfs2_ioctl_move_extents+0x53e/0x710 fs/ocfs2/move_extents.c:1053
       ocfs2_ioctl+0x191/0x750 fs/ocfs2/ioctl.c:946
       vfs_ioctl fs/ioctl.c:51 [inline]
       __do_sys_ioctl fs/ioctl.c:598 [inline]
       __se_sys_ioctl+0xf9/0x170 fs/ioctl.c:584
       do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
       do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94
       entry_SYSCALL_64_after_hwframe+0x77/0x7f

-> #0 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5){+.+.}-{4:4}:
       check_prev_add kernel/locking/lockdep.c:3165 [inline]
       check_prevs_add kernel/locking/lockdep.c:3284 [inline]
       validate_chain+0xb9b/0x2140 kernel/locking/lockdep.c:3908
       __lock_acquire+0xab9/0xd20 kernel/locking/lockdep.c:5237
       lock_acquire+0x120/0x360 kernel/locking/lockdep.c:5868
       down_write+0x96/0x1f0 kernel/locking/rwsem.c:1575
       inode_lock include/linux/fs.h:869 [inline]
       __ocfs2_flush_truncate_log+0x33c/0x10e0 fs/ocfs2/alloc.c:6054
       ocfs2_flush_truncate_log fs/ocfs2/alloc.c:6084 [inline]
       ocfs2_try_to_free_truncate_log+0x19f/0x360 fs/ocfs2/alloc.c:6143
       ocfs2_write_begin_nolock+0x3143/0x4340 fs/ocfs2/aops.c:1848
       ocfs2_write_begin+0x1bb/0x310 fs/ocfs2/aops.c:1883
       generic_perform_write+0x2c5/0x900 mm/filemap.c:4141
       ocfs2_file_write_iter+0x157a/0x1d10 fs/ocfs2/file.c:2469
       __kernel_write_iter+0x390/0x860 fs/read_write.c:619
       dump_emit_page fs/coredump.c:1296 [inline]
       dump_user_range+0x8a0/0xc90 fs/coredump.c:1370
       elf_core_dump+0x337b/0x3990 fs/binfmt_elf.c:2085
       coredump_write+0x1169/0x1900 fs/coredump.c:1049
       vfs_coredump+0x1a4b/0x2ab0 fs/coredump.c:1168
       get_signal+0x1109/0x1340 kernel/signal.c:3019
       arch_do_signal_or_restart+0x9a/0x750 arch/x86/kernel/signal.c:337
       exit_to_user_mode_loop kernel/entry/common.c:40 [inline]
       exit_to_user_mode_prepare include/linux/irq-entry-common.h:224 [inline]
       irqentry_exit_to_user_mode+0x81/0x120 kernel/entry/common.c:73
       exc_page_fault+0x9f/0xf0 arch/x86/mm/fault.c:1535
       asm_exc_page_fault+0x26/0x30 arch/x86/include/asm/idtentry.h:623

other info that might help us debug this:

 Possible unsafe locking scenario:

       CPU0                    CPU1
       ----                    ----
  lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#6);
                               lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5);
                               lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#6);
  lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5);

 *** DEADLOCK ***

4 locks held by syz.0.0/5339:
 #0: ffff8880334fc428 (sb_writers#12){.+.+}-{0:0}, at: vfs_coredump+0x1a4b/0x2ab0 fs/coredump.c:1168
 #1: ffff888044225100 (&sb->s_type->i_mutex_key#20){+.+.}-{4:4}, at: inode_lock include/linux/fs.h:869 [inline]
 #1: ffff888044225100 (&sb->s_type->i_mutex_key#20){+.+.}-{4:4}, at: ocfs2_file_write_iter+0x429/0x1d10 fs/ocfs2/file.c:2399
 #2: ffff888044224da0 (&oi->ip_alloc_sem){++++}-{4:4}, at: ocfs2_write_begin+0x198/0x310 fs/ocfs2/aops.c:1881
 #3: ffff888044223480 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#6){+.+.}-{4:4}, at: inode_lock include/linux/fs.h:869 [inline]
 #3: ffff888044223480 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#6){+.+.}-{4:4}, at: ocfs2_flush_truncate_log fs/ocfs2/alloc.c:6083 [inline]
 #3: ffff888044223480 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#6){+.+.}-{4:4}, at: ocfs2_try_to_free_truncate_log+0x197/0x360 fs/ocfs2/alloc.c:6143

stack backtrace:
CPU: 0 UID: 0 PID: 5339 Comm: syz.0.0 Not tainted 6.16.0-syzkaller-09014-gd6084bb815c4 #0 PREEMPT(full) 
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
Call Trace:
 <TASK>
 dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120
 print_circular_bug+0x2ee/0x310 kernel/locking/lockdep.c:2043
 check_noncircular+0x134/0x160 kernel/locking/lockdep.c:2175
 check_prev_add kernel/locking/lockdep.c:3165 [inline]
 check_prevs_add kernel/locking/lockdep.c:3284 [inline]
 validate_chain+0xb9b/0x2140 kernel/locking/lockdep.c:3908
 __lock_acquire+0xab9/0xd20 kernel/locking/lockdep.c:5237
 lock_acquire+0x120/0x360 kernel/locking/lockdep.c:5868
 down_write+0x96/0x1f0 kernel/locking/rwsem.c:1575
 inode_lock include/linux/fs.h:869 [inline]
 __ocfs2_flush_truncate_log+0x33c/0x10e0 fs/ocfs2/alloc.c:6054
 ocfs2_flush_truncate_log fs/ocfs2/alloc.c:6084 [inline]
 ocfs2_try_to_free_truncate_log+0x19f/0x360 fs/ocfs2/alloc.c:6143
 ocfs2_write_begin_nolock+0x3143/0x4340 fs/ocfs2/aops.c:1848
 ocfs2_write_begin+0x1bb/0x310 fs/ocfs2/aops.c:1883
 generic_perform_write+0x2c5/0x900 mm/filemap.c:4141
 ocfs2_file_write_iter+0x157a/0x1d10 fs/ocfs2/file.c:2469
 __kernel_write_iter+0x390/0x860 fs/read_write.c:619
 dump_emit_page fs/coredump.c:1296 [inline]
 dump_user_range+0x8a0/0xc90 fs/coredump.c:1370
 elf_core_dump+0x337b/0x3990 fs/binfmt_elf.c:2085
 coredump_write+0x1169/0x1900 fs/coredump.c:1049
 vfs_coredump+0x1a4b/0x2ab0 fs/coredump.c:1168
 get_signal+0x1109/0x1340 kernel/signal.c:3019
 arch_do_signal_or_restart+0x9a/0x750 arch/x86/kernel/signal.c:337
 exit_to_user_mode_loop kernel/entry/common.c:40 [inline]
 exit_to_user_mode_prepare include/linux/irq-entry-common.h:224 [inline]
 irqentry_exit_to_user_mode+0x81/0x120 kernel/entry/common.c:73
 exc_page_fault+0x9f/0xf0 arch/x86/mm/fault.c:1535
 asm_exc_page_fault+0x26/0x30 arch/x86/include/asm/idtentry.h:623
RIP: 0033:0x7ff8ad38eb71
Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
RSP: 002b:00000000fffffe10 EFLAGS: 00010217
RAX: 0000000000000000 RBX: 00007ff8ad5b6080 RCX: 00007ff8ad38eb69
RDX: 0000000000000000 RSI: 00000000fffffe10 RDI: 0000000000000000
RBP: 00007ff8ad411df1 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000000 R14: 00007ff8ad5b6080 R15: 00007ffe77a80778
 </TASK>