Warning: Permanently added '10.128.0.226' (ECDSA) to the list of known hosts. executing program [ 29.367255] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop0 [ 29.385006] BTRFS info (device loop0): using free space tree [ 29.391357] BTRFS info (device loop0): has skinny extents [ 29.443686] [ 29.445332] ====================================================== [ 29.451628] WARNING: possible circular locking dependency detected [ 29.457935] 4.14.302-syzkaller #0 Not tainted [ 29.462404] ------------------------------------------------------ [ 29.468715] syz-executor100/7968 is trying to acquire lock: [ 29.474401] ("%s-%s""btrfs", name){+.+.}, at: [] flush_workqueue+0xcb/0x1310 [ 29.483310] [ 29.483310] but task is already holding lock: [ 29.489253] (&fs_info->scrub_lock){+.+.}, at: [] btrfs_scrub_dev+0x506/0xcd0 [ 29.498070] [ 29.498070] which lock already depends on the new lock. [ 29.498070] [ 29.506357] [ 29.506357] the existing dependency chain (in reverse order) is: [ 29.513956] [ 29.513956] -> #3 (&fs_info->scrub_lock){+.+.}: [ 29.520085] __mutex_lock+0xc4/0x1310 [ 29.524380] btrfs_scrub_dev+0x1f3/0xcd0 [ 29.528934] btrfs_ioctl+0xba8/0x5b20 [ 29.533225] do_vfs_ioctl+0x75a/0xff0 [ 29.537521] SyS_ioctl+0x7f/0xb0 [ 29.541384] do_syscall_64+0x1d5/0x640 [ 29.545767] entry_SYSCALL_64_after_hwframe+0x5e/0xd3 [ 29.551446] [ 29.551446] -> #2 (&fs_devs->device_list_mutex){+.+.}: [ 29.558183] __mutex_lock+0xc4/0x1310 [ 29.562478] reada_start_machine_worker+0x1d2/0xa90 [ 29.567985] normal_work_helper+0x304/0x1330 [ 29.572975] process_one_work+0x793/0x14a0 [ 29.577790] worker_thread+0x5cc/0xff0 [ 29.582176] kthread+0x30d/0x420 [ 29.586034] ret_from_fork+0x24/0x30 [ 29.590237] [ 29.590237] -> #1 ((&work->normal_work)){+.+.}: [ 29.596368] process_one_work+0x736/0x14a0 [ 29.601097] worker_thread+0x5cc/0xff0 [ 29.605474] kthread+0x30d/0x420 [ 29.609334] ret_from_fork+0x24/0x30 [ 29.613535] [ 29.613535] -> #0 ("%s-%s""btrfs", name){+.+.}: [ 29.619746] lock_acquire+0x170/0x3f0 [ 29.624040] flush_workqueue+0xfa/0x1310 [ 29.628596] drain_workqueue+0x177/0x3e0 [ 29.633153] destroy_workqueue+0x71/0x710 [ 29.637794] btrfs_destroy_workqueue+0xf8/0x630 [ 29.642956] scrub_workers_put+0x90/0x1a0 [ 29.647595] btrfs_scrub_dev+0x536/0xcd0 [ 29.652165] btrfs_ioctl+0xba8/0x5b20 [ 29.656457] do_vfs_ioctl+0x75a/0xff0 [ 29.660754] SyS_ioctl+0x7f/0xb0 [ 29.664618] do_syscall_64+0x1d5/0x640 [ 29.668999] entry_SYSCALL_64_after_hwframe+0x5e/0xd3 [ 29.674684] [ 29.674684] other info that might help us debug this: [ 29.674684] [ 29.682817] Chain exists of: [ 29.682817] "%s-%s""btrfs", name --> &fs_devs->device_list_mutex --> &fs_info->scrub_lock [ 29.682817] [ 29.695623] Possible unsafe locking scenario: [ 29.695623] [ 29.701649] CPU0 CPU1 [ 29.706287] ---- ---- [ 29.710923] lock(&fs_info->scrub_lock); [ 29.715043] lock(&fs_devs->device_list_mutex); [ 29.722467] lock(&fs_info->scrub_lock); [ 29.729112] lock("%s-%s""btrfs", name); [ 29.733239] [ 29.733239] *** DEADLOCK *** [ 29.733239] [ 29.739270] 1 lock held by syz-executor100/7968: [ 29.743993] #0: (&fs_info->scrub_lock){+.+.}, at: [] btrfs_scrub_dev+0x506/0xcd0 [ 29.753248] [ 29.753248] stack backtrace: [ 29.757715] CPU: 0 PID: 7968 Comm: syz-executor100 Not tainted 4.14.302-syzkaller #0 [ 29.765565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 29.774892] Call Trace: [ 29.777457] dump_stack+0x1b2/0x281 [ 29.781058] print_circular_bug.constprop.0.cold+0x2d7/0x41e [ 29.786837] __lock_acquire+0x2e0e/0x3f20 [ 29.790960] ? trace_hardirqs_on+0x10/0x10 [ 29.795164] ? trace_hardirqs_on+0x10/0x10 [ 29.799372] ? __lock_acquire+0x5fc/0x3f20 [ 29.803593] lock_acquire+0x170/0x3f0 [ 29.807379] ? flush_workqueue+0xcb/0x1310 [ 29.811596] flush_workqueue+0xfa/0x1310 [ 29.815638] ? flush_workqueue+0xcb/0x1310 [ 29.819848] ? drain_workqueue+0xb4/0x3e0 [ 29.823969] ? lock_downgrade+0x740/0x740 [ 29.828088] ? check_flush_dependency+0x2a0/0x2a0 [ 29.832901] ? lock_acquire+0x170/0x3f0 [ 29.836849] drain_workqueue+0x177/0x3e0 [ 29.840885] destroy_workqueue+0x71/0x710 [ 29.845007] btrfs_destroy_workqueue+0xf8/0x630 [ 29.849649] scrub_workers_put+0x90/0x1a0 [ 29.853773] btrfs_scrub_dev+0x536/0xcd0 [ 29.857813] ? scrub_enumerate_chunks+0x10a0/0x10a0 [ 29.862806] ? __might_fault+0x177/0x1b0 [ 29.866840] ? _copy_from_user+0x96/0x100 [ 29.870961] btrfs_ioctl+0xba8/0x5b20 [ 29.874743] ? check_preemption_disabled+0x35/0x240 [ 29.879732] ? btrfs_ioctl_get_supported_features+0x40/0x40 [ 29.885414] ? kasan_slab_free+0xc3/0x1a0 [ 29.889535] ? kmem_cache_free+0x7c/0x2b0 [ 29.893656] ? putname+0xcd/0x110 [ 29.897082] ? do_sys_open+0x203/0x410 [ 29.900943] ? do_syscall_64+0x1d5/0x640 [ 29.904977] ? entry_SYSCALL_64_after_hwframe+0x5e/0xd3 [ 29.910312] ? path_lookupat+0x780/0x780 [ 29.914348] ? debug_check_no_obj_freed+0x2c0/0x680 [ 29.919338] ? lock_acquire+0x170/0x3f0 [ 29.923282] ? lock_downgrade+0x740/0x740 [ 29.927406] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 29.932482] ? debug_check_no_obj_freed+0x2c0/0x680 [ 29.937471] ? btrfs_ioctl_get_supported_features+0x40/0x40 [ 29.943161] do_vfs_ioctl+0x75a/0xff0 [ 29.946942] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 29.952539] ? ioctl_preallocate+0x1a0/0x1a0 [ 29.956935] ? kmem_cache_free+0x23a/0x2b0 [ 29.961145] ? putname+0xcd/0x110 [ 29.964749] ? do_sys_open+0x208/0x410 [ 29.968623] ? filp_open+0x60/0x60 [ 29.972154] ? security_file_ioctl+0x83/0xb0 [ 29.976542] SyS_ioctl+0x7f/0xb0 [ 29.979887] ? do_vfs_ioctl+0xff0/0xff0 [ 29.983837] do_syscall_64+0x1d5/0x640 [ 29.987722] entry_SYSCALL_64_after_hwframe+0x5e/0xd3 [ 29.992888] RIP: 0033:0x7f3243f808c