IPv6: ADDRCONF(NETDEV_UP): bond4: link is not ready 8021q: adding VLAN 0 to HW filter on device bond4 bond0: Error: Device is in use and cannot be enslaved ====================================================== WARNING: possible circular locking dependency detected 4.19.211-syzkaller #0 Not tainted ------------------------------------------------------ syz-executor.5/8611 is trying to acquire lock: 0000000011017126 (&ovl_i_mutex_key[depth]){+.+.}, at: inode_lock include/linux/fs.h:748 [inline] 0000000011017126 (&ovl_i_mutex_key[depth]){+.+.}, at: ovl_write_iter+0x148/0xb40 fs/overlayfs/file.c:270 but task is already holding lock: 00000000884e30b9 (&pipe->mutex/1){+.+.}, at: pipe_lock_nested fs/pipe.c:77 [inline] 00000000884e30b9 (&pipe->mutex/1){+.+.}, at: pipe_lock+0x63/0x80 fs/pipe.c:85 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #2 (&pipe->mutex/1){+.+.}: pipe_lock_nested fs/pipe.c:77 [inline] pipe_lock+0x63/0x80 fs/pipe.c:85 iter_file_splice_write+0x183/0xbb0 fs/splice.c:700 do_splice_from fs/splice.c:852 [inline] do_splice fs/splice.c:1154 [inline] __do_sys_splice fs/splice.c:1428 [inline] __se_sys_splice+0xfe7/0x16d0 fs/splice.c:1408 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe -> #1 (sb_writers#3){.+.+}: sb_start_write include/linux/fs.h:1579 [inline] mnt_want_write+0x3a/0xb0 fs/namespace.c:360 ovl_link+0x73/0x2b0 fs/overlayfs/dir.c:676 vfs_link+0x7e6/0xc80 fs/namei.c:4243 do_linkat+0x52a/0x810 fs/namei.c:4311 __do_sys_link fs/namei.c:4340 [inline] __se_sys_link fs/namei.c:4338 [inline] __x64_sys_link+0x5d/0x80 fs/namei.c:4338 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe -> #0 (&ovl_i_mutex_key[depth]){+.+.}: down_write+0x34/0x90 kernel/locking/rwsem.c:70 inode_lock include/linux/fs.h:748 [inline] ovl_write_iter+0x148/0xb40 fs/overlayfs/file.c:270 call_write_iter include/linux/fs.h:1821 [inline] new_sync_write fs/read_write.c:474 [inline] __vfs_write+0x51b/0x770 fs/read_write.c:487 __kernel_write+0x109/0x370 fs/read_write.c:506 write_pipe_buf+0x153/0x1f0 fs/splice.c:798 splice_from_pipe_feed fs/splice.c:503 [inline] __splice_from_pipe+0x389/0x800 fs/splice.c:627 splice_from_pipe fs/splice.c:662 [inline] default_file_splice_write+0xd8/0x180 fs/splice.c:810 do_splice_from fs/splice.c:852 [inline] do_splice fs/splice.c:1154 [inline] __do_sys_splice fs/splice.c:1428 [inline] __se_sys_splice+0xfe7/0x16d0 fs/splice.c:1408 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe other info that might help us debug this: Chain exists of: &ovl_i_mutex_key[depth] --> sb_writers#3 --> &pipe->mutex/1 Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(&pipe->mutex/1); lock(sb_writers#3); lock(&pipe->mutex/1); lock(&ovl_i_mutex_key[depth]); *** DEADLOCK *** 2 locks held by syz-executor.5/8611: #0: 0000000066d4dc2c (sb_writers#24){.+.+}, at: file_start_write include/linux/fs.h:2779 [inline] #0: 0000000066d4dc2c (sb_writers#24){.+.+}, at: do_splice fs/splice.c:1153 [inline] #0: 0000000066d4dc2c (sb_writers#24){.+.+}, at: __do_sys_splice fs/splice.c:1428 [inline] #0: 0000000066d4dc2c (sb_writers#24){.+.+}, at: __se_sys_splice+0x11de/0x16d0 fs/splice.c:1408 #1: 00000000884e30b9 (&pipe->mutex/1){+.+.}, at: pipe_lock_nested fs/pipe.c:77 [inline] #1: 00000000884e30b9 (&pipe->mutex/1){+.+.}, at: pipe_lock+0x63/0x80 fs/pipe.c:85 stack backtrace: CPU: 0 PID: 8611 Comm: syz-executor.5 Not tainted 4.19.211-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1fc/0x2ef lib/dump_stack.c:118 print_circular_bug.constprop.0.cold+0x2d7/0x41e kernel/locking/lockdep.c:1222 check_prev_add kernel/locking/lockdep.c:1866 [inline] check_prevs_add kernel/locking/lockdep.c:1979 [inline] validate_chain kernel/locking/lockdep.c:2420 [inline] __lock_acquire+0x30c9/0x3ff0 kernel/locking/lockdep.c:3416 lock_acquire+0x170/0x3c0 kernel/locking/lockdep.c:3908 down_write+0x34/0x90 kernel/locking/rwsem.c:70 inode_lock include/linux/fs.h:748 [inline] ovl_write_iter+0x148/0xb40 fs/overlayfs/file.c:270 call_write_iter include/linux/fs.h:1821 [inline] new_sync_write fs/read_write.c:474 [inline] __vfs_write+0x51b/0x770 fs/read_write.c:487 __kernel_write+0x109/0x370 fs/read_write.c:506 write_pipe_buf+0x153/0x1f0 fs/splice.c:798 splice_from_pipe_feed fs/splice.c:503 [inline] __splice_from_pipe+0x389/0x800 fs/splice.c:627 splice_from_pipe fs/splice.c:662 [inline] default_file_splice_write+0xd8/0x180 fs/splice.c:810 do_splice_from fs/splice.c:852 [inline] do_splice fs/splice.c:1154 [inline] __do_sys_splice fs/splice.c:1428 [inline] __se_sys_splice+0xfe7/0x16d0 fs/splice.c:1408 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f015e4370f9 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f015c9a9168 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 RAX: ffffffffffffffda RBX: 00007f015e556f80 RCX: 00007f015e4370f9 RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000004 RBP: 00007f015e492ae9 R08: 0000000000000015 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007fff6afcdcaf R14: 00007f015c9a9300 R15: 0000000000022000 bond0: Error: Device is in use and cannot be enslaved bond0: Error: Device is in use and cannot be enslaved bond0: Error: Device is in use and cannot be enslaved bond0: Error: Device is in use and cannot be enslaved bond0: Error: Device is in use and cannot be enslaved new mount options do not match the existing superblock, will be ignored new mount options do not match the existing superblock, will be ignored new mount options do not match the existing superblock, will be ignored new mount options do not match the existing superblock, will be ignored new mount options do not match the existing superblock, will be ignored new mount options do not match the existing superblock, will be ignored new mount options do not match the existing superblock, will be ignored new mount options do not match the existing superblock, will be ignored new mount options do not match the existing superblock, will be ignored new mount options do not match the existing superblock, will be ignored new mount options do not match the existing superblock, will be ignored new mount options do not match the existing superblock, will be ignored new mount options do not match the existing superblock, will be ignored new mount options do not match the existing superblock, will be ignored new mount options do not match the existing superblock, will be ignored new mount options do not match the existing superblock, will be ignored new mount options do not match the existing superblock, will be ignored new mount options do not match the existing superblock, will be ignored new mount options do not match the existing superblock, will be ignored new mount options do not match the existing superblock, will be ignored new mount options do not match the existing superblock, will be ignored new mount options do not match the existing superblock, will be ignored new mount options do not match the existing superblock, will be ignored new mount options do not match the existing superblock, will be ignored netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. new mount options do not match the existing superblock, will be ignored new mount options do not match the existing superblock, will be ignored new mount options do not match the existing superblock, will be ignored new mount options do not match the existing superblock, will be ignored new mount options do not match the existing superblock, will be ignored new mount options do not match the existing superblock, will be ignored netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. audit: type=1804 audit(1677150029.858:10119): pid=8892 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir3179529150/syzkaller.qPI9kg/409/bus" dev="sda1" ino=14851 res=1 netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. audit: type=1804 audit(1677150030.488:10120): pid=9096 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir3179529150/syzkaller.qPI9kg/410/bus" dev="sda1" ino=14854 res=1 netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. audit: type=1804 audit(1677150030.778:10121): pid=9077 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir1482110714/syzkaller.WvSV21/486/bus" dev="sda1" ino=14854 res=1 netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. audit: type=1804 audit(1677150031.188:10122): pid=9424 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir3179529150/syzkaller.qPI9kg/411/bus" dev="sda1" ino=14840 res=1 EXT4-fs warning (device sda1): ext4_resize_begin:72: There are errors in the filesystem, so online resizing is not allowed audit: type=1804 audit(1677150031.828:10123): pid=9547 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir1482110714/syzkaller.WvSV21/487/bus" dev="sda1" ino=14848 res=1 EXT4-fs warning (device sda1): ext4_resize_begin:72: There are errors in the filesystem, so online resizing is not allowed audit: type=1804 audit(1677150032.398:10124): pid=9685 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir3179529150/syzkaller.qPI9kg/412/bus" dev="sda1" ino=14845 res=1 audit: type=1804 audit(1677150032.568:10125): pid=9650 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir90617319/syzkaller.nzMtjo/398/bus" dev="sda1" ino=14847 res=1 audit: type=1804 audit(1677150032.838:10126): pid=9670 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir1482110714/syzkaller.WvSV21/488/bus" dev="sda1" ino=14340 res=1