WARNING: The mand mount option has been deprecated and
         and is ignored by this kernel. Remove the mand
         option from the mount to silence this warning.
=======================================================
ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
======================================================
WARNING: possible circular locking dependency detected
5.15.179-syzkaller #0 Not tainted
------------------------------------------------------
syz-executor195/4163 is trying to acquire lock:
ffff888071a606f8 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_init_acl+0x398/0x930 fs/ocfs2/acl.c:365

but task is already holding lock:
ffff88802ad24990 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x12b9/0x1570 fs/jbd2/transaction.c:462

which lock already depends on the new lock.


the existing dependency chain (in reverse order) is:

-> #4 (jbd2_handle){++++}-{0:0}:
       lock_acquire+0x1db/0x4f0 kernel/locking/lockdep.c:5623
       start_this_handle+0x12e1/0x1570 fs/jbd2/transaction.c:464
       jbd2__journal_start+0x2d1/0x5c0 fs/jbd2/transaction.c:521
       jbd2_journal_start+0x25/0x30 fs/jbd2/transaction.c:560
       ocfs2_start_trans+0x3c2/0x6f0 fs/ocfs2/journal.c:354
       ocfs2_block_group_alloc fs/ocfs2/suballoc.c:681 [inline]
       ocfs2_reserve_suballoc_bits+0x9ec/0x4c70 fs/ocfs2/suballoc.c:828
       ocfs2_reserve_new_metadata_blocks+0x418/0x9b0 fs/ocfs2/suballoc.c:978
       ocfs2_init_xattr_set_ctxt+0x38f/0x8c0 fs/ocfs2/xattr.c:3281
       ocfs2_xattr_set+0xf46/0x1930 fs/ocfs2/xattr.c:3638
       ocfs2_set_acl+0x4cb/0x570 fs/ocfs2/acl.c:254
       ocfs2_iop_set_acl+0x252/0x3c0 fs/ocfs2/acl.c:285
       set_posix_acl fs/posix_acl.c:947 [inline]
       posix_acl_xattr_set+0x33b/0x3a0 fs/posix_acl.c:966
       __vfs_setxattr+0x3e7/0x420 fs/xattr.c:182
       __vfs_setxattr_noperm+0x12a/0x5e0 fs/xattr.c:216
       vfs_setxattr+0x21d/0x420 fs/xattr.c:303
       do_setxattr fs/xattr.c:588 [inline]
       setxattr+0x27e/0x2e0 fs/xattr.c:611
       __do_sys_fsetxattr fs/xattr.c:667 [inline]
       __se_sys_fsetxattr+0x194/0x210 fs/xattr.c:656
       do_syscall_x64 arch/x86/entry/common.c:50 [inline]
       do_syscall_64+0x3b/0xb0 arch/x86/entry/common.c:80
       entry_SYSCALL_64_after_hwframe+0x66/0xd0

-> #3 (&journal->j_trans_barrier){.+.+}-{3:3}:
       lock_acquire+0x1db/0x4f0 kernel/locking/lockdep.c:5623
       down_read+0x45/0x2e0 kernel/locking/rwsem.c:1498
       ocfs2_start_trans+0x3b7/0x6f0 fs/ocfs2/journal.c:352
       ocfs2_block_group_alloc fs/ocfs2/suballoc.c:681 [inline]
       ocfs2_reserve_suballoc_bits+0x9ec/0x4c70 fs/ocfs2/suballoc.c:828
       ocfs2_reserve_new_metadata_blocks+0x418/0x9b0 fs/ocfs2/suballoc.c:978
       ocfs2_init_xattr_set_ctxt+0x38f/0x8c0 fs/ocfs2/xattr.c:3281
       ocfs2_xattr_set+0xf46/0x1930 fs/ocfs2/xattr.c:3638
       ocfs2_set_acl+0x4cb/0x570 fs/ocfs2/acl.c:254
       ocfs2_iop_set_acl+0x252/0x3c0 fs/ocfs2/acl.c:285
       set_posix_acl fs/posix_acl.c:947 [inline]
       posix_acl_xattr_set+0x33b/0x3a0 fs/posix_acl.c:966
       __vfs_setxattr+0x3e7/0x420 fs/xattr.c:182
       __vfs_setxattr_noperm+0x12a/0x5e0 fs/xattr.c:216
       vfs_setxattr+0x21d/0x420 fs/xattr.c:303
       do_setxattr fs/xattr.c:588 [inline]
       setxattr+0x27e/0x2e0 fs/xattr.c:611
       __do_sys_fsetxattr fs/xattr.c:667 [inline]
       __se_sys_fsetxattr+0x194/0x210 fs/xattr.c:656
       do_syscall_x64 arch/x86/entry/common.c:50 [inline]
       do_syscall_64+0x3b/0xb0 arch/x86/entry/common.c:80
       entry_SYSCALL_64_after_hwframe+0x66/0xd0

-> #2 (sb_internal#2){.+.+}-{0:0}:
       lock_acquire+0x1db/0x4f0 kernel/locking/lockdep.c:5623
       percpu_down_read include/linux/percpu-rwsem.h:51 [inline]
       __sb_start_write include/linux/fs.h:1811 [inline]
       sb_start_intwrite include/linux/fs.h:1928 [inline]
       ocfs2_start_trans+0x2b2/0x6f0 fs/ocfs2/journal.c:350
       ocfs2_xattr_set+0x118a/0x1930 fs/ocfs2/xattr.c:3647
       ocfs2_set_acl+0x4cb/0x570 fs/ocfs2/acl.c:254
       ocfs2_iop_set_acl+0x252/0x3c0 fs/ocfs2/acl.c:285
       set_posix_acl fs/posix_acl.c:947 [inline]
       posix_acl_xattr_set+0x33b/0x3a0 fs/posix_acl.c:966
       __vfs_setxattr+0x3e7/0x420 fs/xattr.c:182
       __vfs_setxattr_noperm+0x12a/0x5e0 fs/xattr.c:216
       vfs_setxattr+0x21d/0x420 fs/xattr.c:303
       do_setxattr fs/xattr.c:588 [inline]
       setxattr+0x27e/0x2e0 fs/xattr.c:611
       __do_sys_fsetxattr fs/xattr.c:667 [inline]
       __se_sys_fsetxattr+0x194/0x210 fs/xattr.c:656
       do_syscall_x64 arch/x86/entry/common.c:50 [inline]
       do_syscall_64+0x3b/0xb0 arch/x86/entry/common.c:80
       entry_SYSCALL_64_after_hwframe+0x66/0xd0

-> #1 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#3){+.+.}-{3:3}:
       lock_acquire+0x1db/0x4f0 kernel/locking/lockdep.c:5623
       down_write+0x38/0x60 kernel/locking/rwsem.c:1551
       inode_lock include/linux/fs.h:787 [inline]
       ocfs2_reserve_suballoc_bits+0x18e/0x4c70 fs/ocfs2/suballoc.c:782
       ocfs2_reserve_new_metadata_blocks+0x418/0x9b0 fs/ocfs2/suballoc.c:978
       ocfs2_init_xattr_set_ctxt+0x38f/0x8c0 fs/ocfs2/xattr.c:3281
       ocfs2_xattr_set+0xf46/0x1930 fs/ocfs2/xattr.c:3638
       ocfs2_set_acl+0x4cb/0x570 fs/ocfs2/acl.c:254
       ocfs2_iop_set_acl+0x252/0x3c0 fs/ocfs2/acl.c:285
       set_posix_acl fs/posix_acl.c:947 [inline]
       posix_acl_xattr_set+0x33b/0x3a0 fs/posix_acl.c:966
       __vfs_setxattr+0x3e7/0x420 fs/xattr.c:182
       __vfs_setxattr_noperm+0x12a/0x5e0 fs/xattr.c:216
       vfs_setxattr+0x21d/0x420 fs/xattr.c:303
       do_setxattr fs/xattr.c:588 [inline]
       setxattr+0x27e/0x2e0 fs/xattr.c:611
       __do_sys_fsetxattr fs/xattr.c:667 [inline]
       __se_sys_fsetxattr+0x194/0x210 fs/xattr.c:656
       do_syscall_x64 arch/x86/entry/common.c:50 [inline]
       do_syscall_64+0x3b/0xb0 arch/x86/entry/common.c:80
       entry_SYSCALL_64_after_hwframe+0x66/0xd0

-> #0 (&oi->ip_xattr_sem){++++}-{3:3}:
       check_prev_add kernel/locking/lockdep.c:3053 [inline]
       check_prevs_add kernel/locking/lockdep.c:3172 [inline]
       validate_chain+0x1649/0x5930 kernel/locking/lockdep.c:3788
       __lock_acquire+0x1295/0x1ff0 kernel/locking/lockdep.c:5012
       lock_acquire+0x1db/0x4f0 kernel/locking/lockdep.c:5623
       down_read+0x45/0x2e0 kernel/locking/rwsem.c:1498
       ocfs2_init_acl+0x398/0x930 fs/ocfs2/acl.c:365
       ocfs2_mknod+0x1e8f/0x2cd0 fs/ocfs2/namei.c:410
       ocfs2_mkdir+0x194/0x430 fs/ocfs2/namei.c:657
       vfs_mkdir+0x3b6/0x590 fs/namei.c:4065
       do_mkdirat+0x260/0x520 fs/namei.c:4090
       __do_sys_mkdir fs/namei.c:4110 [inline]
       __se_sys_mkdir fs/namei.c:4108 [inline]
       __x64_sys_mkdir+0x6a/0x80 fs/namei.c:4108
       do_syscall_x64 arch/x86/entry/common.c:50 [inline]
       do_syscall_64+0x3b/0xb0 arch/x86/entry/common.c:80
       entry_SYSCALL_64_after_hwframe+0x66/0xd0

other info that might help us debug this:

Chain exists of:
  &oi->ip_xattr_sem --> &journal->j_trans_barrier --> jbd2_handle

 Possible unsafe locking scenario:

       CPU0                    CPU1
       ----                    ----
  lock(jbd2_handle);
                               lock(&journal->j_trans_barrier);
                               lock(jbd2_handle);
  lock(&oi->ip_xattr_sem);

 *** DEADLOCK ***

8 locks held by syz-executor195/4163:
 #0: ffff88802ad22460 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write+0x3b/0x80 fs/namespace.c:377
 #1: ffff888071a609c8 (&type->i_mutex_dir_key#6/1){+.+.}-{3:3}, at: inode_lock_nested include/linux/fs.h:822 [inline]
 #1: ffff888071a609c8 (&type->i_mutex_dir_key#6/1){+.+.}-{3:3}, at: filename_create+0x25c/0x530 fs/namei.c:3835
 #2: ffff888071a689c8 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5){+.+.}-{3:3}, at: inode_lock include/linux/fs.h:787 [inline]
 #2: ffff888071a689c8 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5){+.+.}-{3:3}, at: ocfs2_reserve_suballoc_bits+0x18e/0x4c70 fs/ocfs2/suballoc.c:782
 #3: ffff888071a66d88 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#3){+.+.}-{3:3}, at: inode_lock include/linux/fs.h:787 [inline]
 #3: ffff888071a66d88 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#3){+.+.}-{3:3}, at: ocfs2_reserve_suballoc_bits+0x18e/0x4c70 fs/ocfs2/suballoc.c:782
 #4: ffff888071a6a648 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#6){+.+.}-{3:3}, at: inode_lock include/linux/fs.h:787 [inline]
 #4: ffff888071a6a648 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#6){+.+.}-{3:3}, at: ocfs2_reserve_local_alloc_bits+0x12e/0x27a0 fs/ocfs2/localalloc.c:635
 #5: ffff88802ad22650 (sb_internal#2){.+.+}-{0:0}, at: ocfs2_mknod+0x15bb/0x2cd0 fs/ocfs2/namei.c:361
 #6: ffff8880249a9ce8 (&journal->j_trans_barrier){.+.+}-{3:3}, at: ocfs2_start_trans+0x3b7/0x6f0 fs/ocfs2/journal.c:352
 #7: ffff88802ad24990 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x12b9/0x1570 fs/jbd2/transaction.c:462

stack backtrace:
CPU: 1 PID: 4163 Comm: syz-executor195 Not tainted 5.15.179-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x1e3/0x2d0 lib/dump_stack.c:106
 check_noncircular+0x2f8/0x3b0 kernel/locking/lockdep.c:2133
 check_prev_add kernel/locking/lockdep.c:3053 [inline]
 check_prevs_add kernel/locking/lockdep.c:3172 [inline]
 validate_chain+0x1649/0x5930 kernel/locking/lockdep.c:3788
 __lock_acquire+0x1295/0x1ff0 kernel/locking/lockdep.c:5012
 lock_acquire+0x1db/0x4f0 kernel/locking/lockdep.c:5623
 down_read+0x45/0x2e0 kernel/locking/rwsem.c:1498
 ocfs2_init_acl+0x398/0x930 fs/ocfs2/acl.c:365
 ocfs2_mknod+0x1e8f/0x2cd0 fs/ocfs2/namei.c:410
 ocfs2_mkdir+0x194/0x430 fs/ocfs2/namei.c:657
 vfs_mkdir+0x3b6/0x590 fs/namei.c:4065
 do_mkdirat+0x260/0x520 fs/namei.c:4090
 __do_sys_mkdir fs/namei.c:4110 [inline]
 __se_sys_mkdir fs/namei.c:4108 [inline]
 __x64_sys_mkdir+0x6a/0x80 fs/namei.c:4108
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x3b/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x66/0xd0
RIP: 0033:0x7ff847943817
Code: ff ff 77 07 31 c0 c3 0f 1f 40 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fffcd6432d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007ff847943817
RDX: 0000000000010084 RSI: 00000000000001ff RDI: 0000200000000040
RBP: 0000200000000040 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000024 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fffcd643370 R14: 0000000000000000 R15: 0000000000000000
 </TASK>
syz-executor195[4163]: segfault at 0 ip 00007ff84793fb5e sp 00007fffcd6432d8 error 4 in syz-executor1955629879[7ff847910000+7d000]
Code: fd d7 c9 0f bc d1 c5 fe 7f 27 c5 fe 7f 6f 20 c5 fe 7f 77 40 c5 fe 7f 7f 60 49 83 c0 1f 49 29 d0 48 8d 7c 17 61 e9 d2 04 00 00 <c5> fe 6f 1e c5 fe 6f 56 20 c5 fd 74 cb c5 fd d7 d1 49 83 f8 21 0f
syz-executor195 (4163) used greatest stack depth: 18392 bytes left
----------------
Code disassembly (best guess):
   0:	fd                   	std
   1:	d7                   	xlat   %ds:(%rbx)
   2:	c9                   	leave
   3:	0f bc d1             	bsf    %ecx,%edx
   6:	c5 fe 7f 27          	vmovdqu %ymm4,(%rdi)
   a:	c5 fe 7f 6f 20       	vmovdqu %ymm5,0x20(%rdi)
   f:	c5 fe 7f 77 40       	vmovdqu %ymm6,0x40(%rdi)
  14:	c5 fe 7f 7f 60       	vmovdqu %ymm7,0x60(%rdi)
  19:	49 83 c0 1f          	add    $0x1f,%r8
  1d:	49 29 d0             	sub    %rdx,%r8
  20:	48 8d 7c 17 61       	lea    0x61(%rdi,%rdx,1),%rdi
  25:	e9 d2 04 00 00       	jmp    0x4fc
* 2a:	c5 fe 6f 1e          	vmovdqu (%rsi),%ymm3 <-- trapping instruction
  2e:	c5 fe 6f 56 20       	vmovdqu 0x20(%rsi),%ymm2
  33:	c5 fd 74 cb          	vpcmpeqb %ymm3,%ymm0,%ymm1
  37:	c5 fd d7 d1          	vpmovmskb %ymm1,%edx
  3b:	49 83 f8 21          	cmp    $0x21,%r8
  3f:	0f                   	.byte 0xf