Warning: Permanently added '10.128.1.13' (ED25519) to the list of known hosts. executing program [ 45.203319][ T4017] loop0: detected capacity change from 0 to 32768 [ 45.265867][ T4017] ======================================================= [ 45.265867][ T4017] WARNING: The mand mount option has been deprecated and [ 45.265867][ T4017] and is ignored by this kernel. Remove the mand [ 45.265867][ T4017] option from the mount to silence this warning. [ 45.265867][ T4017] ======================================================= [ 45.311278][ T4017] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 45.320252][ T4017] [ 45.320869][ T4017] ====================================================== [ 45.322878][ T4017] WARNING: possible circular locking dependency detected [ 45.324749][ T4017] 5.15.180-syzkaller #0 Not tainted [ 45.326145][ T4017] ------------------------------------------------------ [ 45.328002][ T4017] syz-executor857/4017 is trying to acquire lock: [ 45.329765][ T4017] ffff0000de71bf60 (&oi->ip_alloc_sem){+.+.}-{3:3}, at: ocfs2_try_remove_refcount_tree+0xb4/0x2d8 [ 45.332813][ T4017] [ 45.332813][ T4017] but task is already holding lock: [ 45.334854][ T4017] ffff0000de71bff8 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_try_remove_refcount_tree+0xa8/0x2d8 [ 45.337740][ T4017] [ 45.337740][ T4017] which lock already depends on the new lock. [ 45.337740][ T4017] [ 45.340583][ T4017] [ 45.340583][ T4017] the existing dependency chain (in reverse order) is: [ 45.342966][ T4017] [ 45.342966][ T4017] -> #4 (&oi->ip_xattr_sem){++++}-{3:3}: [ 45.345023][ T4017] down_read+0xc0/0x390 [ 45.346320][ T4017] ocfs2_init_acl+0x260/0x604 [ 45.347692][ T4017] ocfs2_mknod+0x114c/0x1e88 [ 45.349070][ T4017] ocfs2_create+0x180/0x468 [ 45.350434][ T4017] path_openat+0x1144/0x26e4 [ 45.351799][ T4017] do_filp_open+0x164/0x330 [ 45.353179][ T4017] do_sys_openat2+0x128/0x3d8 [ 45.354563][ T4017] __arm64_sys_openat+0x120/0x154 [ 45.356100][ T4017] invoke_syscall+0x98/0x2b8 [ 45.357449][ T4017] el0_svc_common+0x138/0x258 [ 45.358880][ T4017] do_el0_svc+0x58/0x14c [ 45.360100][ T4017] el0_svc+0x78/0x1e0 [ 45.361264][ T4017] el0t_64_sync_handler+0xcc/0xe4 [ 45.362828][ T4017] el0t_64_sync+0x1a0/0x1a4 [ 45.364251][ T4017] [ 45.364251][ T4017] -> #3 (jbd2_handle){++++}-{0:0}: [ 45.366217][ T4017] start_this_handle+0xef4/0x11a4 [ 45.367656][ T4017] jbd2__journal_start+0x28c/0x744 [ 45.369217][ T4017] jbd2_journal_start+0x3c/0x4c [ 45.370725][ T4017] ocfs2_start_trans+0x43c/0x794 [ 45.372199][ T4017] ocfs2_mknod+0xc60/0x1e88 [ 45.373502][ T4017] ocfs2_create+0x180/0x468 [ 45.374886][ T4017] path_openat+0x1144/0x26e4 [ 45.376346][ T4017] do_filp_open+0x164/0x330 [ 45.377677][ T4017] do_sys_openat2+0x128/0x3d8 [ 45.379041][ T4017] __arm64_sys_openat+0x120/0x154 [ 45.380525][ T4017] invoke_syscall+0x98/0x2b8 [ 45.381859][ T4017] el0_svc_common+0x138/0x258 [ 45.383282][ T4017] do_el0_svc+0x58/0x14c [ 45.384547][ T4017] el0_svc+0x78/0x1e0 [ 45.385803][ T4017] el0t_64_sync_handler+0xcc/0xe4 [ 45.387274][ T4017] el0t_64_sync+0x1a0/0x1a4 [ 45.388607][ T4017] [ 45.388607][ T4017] -> #2 (&journal->j_trans_barrier){.+.+}-{3:3}: [ 45.390855][ T4017] down_read+0xc0/0x390 [ 45.392037][ T4017] ocfs2_start_trans+0x430/0x794 [ 45.393573][ T4017] ocfs2_mknod+0xc60/0x1e88 [ 45.394908][ T4017] ocfs2_create+0x180/0x468 [ 45.396317][ T4017] path_openat+0x1144/0x26e4 [ 45.397735][ T4017] do_filp_open+0x164/0x330 [ 45.399082][ T4017] do_sys_openat2+0x128/0x3d8 [ 45.400542][ T4017] __arm64_sys_openat+0x120/0x154 [ 45.402027][ T4017] invoke_syscall+0x98/0x2b8 [ 45.403433][ T4017] el0_svc_common+0x138/0x258 [ 45.404888][ T4017] do_el0_svc+0x58/0x14c [ 45.406143][ T4017] el0_svc+0x78/0x1e0 [ 45.407369][ T4017] el0t_64_sync_handler+0xcc/0xe4 [ 45.408817][ T4017] el0t_64_sync+0x1a0/0x1a4 [ 45.410155][ T4017] [ 45.410155][ T4017] -> #1 (sb_internal#2){.+.+}-{0:0}: [ 45.412177][ T4017] ocfs2_start_trans+0x2c4/0x794 [ 45.413686][ T4017] ocfs2_truncate_file+0x5b0/0x1374 [ 45.415239][ T4017] ocfs2_setattr+0x10ac/0x16c4 [ 45.416627][ T4017] notify_change+0xa08/0xcd8 [ 45.418003][ T4017] do_truncate+0x178/0x1f0 [ 45.419304][ T4017] path_openat+0x211c/0x26e4 [ 45.420655][ T4017] do_filp_open+0x164/0x330 [ 45.422089][ T4017] do_sys_openat2+0x128/0x3d8 [ 45.423514][ T4017] __arm64_sys_openat+0x120/0x154 [ 45.425012][ T4017] invoke_syscall+0x98/0x2b8 [ 45.426339][ T4017] el0_svc_common+0x138/0x258 [ 45.427756][ T4017] do_el0_svc+0x58/0x14c [ 45.428997][ T4017] el0_svc+0x78/0x1e0 [ 45.430145][ T4017] el0t_64_sync_handler+0xcc/0xe4 [ 45.431609][ T4017] el0t_64_sync+0x1a0/0x1a4 [ 45.432944][ T4017] [ 45.432944][ T4017] -> #0 (&oi->ip_alloc_sem){+.+.}-{3:3}: [ 45.435032][ T4017] __lock_acquire+0x2928/0x651c [ 45.436557][ T4017] lock_acquire+0x1f4/0x620 [ 45.437855][ T4017] down_write+0xbc/0x12c [ 45.439097][ T4017] ocfs2_try_remove_refcount_tree+0xb4/0x2d8 [ 45.440936][ T4017] ocfs2_truncate_file+0xca8/0x1374 [ 45.442460][ T4017] ocfs2_setattr+0x10ac/0x16c4 [ 45.443847][ T4017] notify_change+0xa08/0xcd8 [ 45.445258][ T4017] do_truncate+0x178/0x1f0 [ 45.446556][ T4017] path_openat+0x211c/0x26e4 [ 45.447912][ T4017] do_filp_open+0x164/0x330 [ 45.449214][ T4017] do_sys_openat2+0x128/0x3d8 [ 45.450597][ T4017] __arm64_sys_openat+0x120/0x154 [ 45.452061][ T4017] invoke_syscall+0x98/0x2b8 [ 45.453434][ T4017] el0_svc_common+0x138/0x258 [ 45.454751][ T4017] do_el0_svc+0x58/0x14c [ 45.455983][ T4017] el0_svc+0x78/0x1e0 [ 45.457247][ T4017] el0t_64_sync_handler+0xcc/0xe4 [ 45.458635][ T4017] el0t_64_sync+0x1a0/0x1a4 [ 45.460010][ T4017] [ 45.460010][ T4017] other info that might help us debug this: [ 45.460010][ T4017] [ 45.462769][ T4017] Chain exists of: [ 45.462769][ T4017] &oi->ip_alloc_sem --> jbd2_handle --> &oi->ip_xattr_sem [ 45.462769][ T4017] [ 45.466299][ T4017] Possible unsafe locking scenario: [ 45.466299][ T4017] [ 45.468471][ T4017] CPU0 CPU1 [ 45.469893][ T4017] ---- ---- [ 45.471302][ T4017] lock(&oi->ip_xattr_sem); [ 45.472492][ T4017] lock(jbd2_handle); [ 45.474226][ T4017] lock(&oi->ip_xattr_sem); [ 45.476129][ T4017] lock(&oi->ip_alloc_sem); [ 45.477380][ T4017] [ 45.477380][ T4017] *** DEADLOCK *** [ 45.477380][ T4017] [ 45.479601][ T4017] 3 locks held by syz-executor857/4017: [ 45.481103][ T4017] #0: ffff0000cb010460 (sb_writers#8){.+.+}-{0:0}, at: mnt_want_write+0x44/0x9c [ 45.483676][ T4017] #1: ffff0000de71c2c8 (&sb->s_type->i_mutex_key#17){+.+.}-{3:3}, at: do_truncate+0x164/0x1f0 [ 45.486505][ T4017] #2: ffff0000de71bff8 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_try_remove_refcount_tree+0xa8/0x2d8 [ 45.489537][ T4017] [ 45.489537][ T4017] stack backtrace: [ 45.491085][ T4017] CPU: 0 PID: 4017 Comm: syz-executor857 Not tainted 5.15.180-syzkaller #0 [ 45.493457][ T4017] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 45.496224][ T4017] Call trace: [ 45.497155][ T4017] dump_backtrace+0x0/0x43c [ 45.498345][ T4017] show_stack+0x2c/0x3c [ 45.499456][ T4017] __dump_stack+0x30/0x40 [ 45.500609][ T4017] dump_stack_lvl+0xf8/0x160 [ 45.501840][ T4017] dump_stack+0x1c/0x5c [ 45.502913][ T4017] print_circular_bug+0x148/0x1b0 [ 45.504287][ T4017] check_noncircular+0x240/0x2d4 [ 45.505602][ T4017] __lock_acquire+0x2928/0x651c [ 45.506969][ T4017] lock_acquire+0x1f4/0x620 [ 45.508256][ T4017] down_write+0xbc/0x12c [ 45.509377][ T4017] ocfs2_try_remove_refcount_tree+0xb4/0x2d8 [ 45.510912][ T4017] ocfs2_truncate_file+0xca8/0x1374 [ 45.512246][ T4017] ocfs2_setattr+0x10ac/0x16c4 [ 45.513583][ T4017] notify_change+0xa08/0xcd8 [ 45.514822][ T4017] do_truncate+0x178/0x1f0 [ 45.516048][ T4017] path_openat+0x211c/0x26e4 [ 45.517265][ T4017] do_filp_open+0x164/0x330 [ 45.518539][ T4017] do_sys_openat2+0x128/0x3d8 [ 45.519774][ T4017] __arm64_sys_openat+0x120/0x154 [ 45.521199][ T4017] invoke_syscall+0x98/0x2b8 [ 45.522436][ T4017] el0_svc_common+0x138/0x258 [ 45.523716][ T4017] do_el0_svc+0x58/0x14c [ 45.524890][ T4017] el0_svc+0x78/0x1e0 [ 45.525987][ T4017] el0t_64_sync_handler+0xcc/0xe4 [ 45.527332][ T4017] el0t_64_sync+0x1a0/0x1a4