Warning: Permanently added '10.128.0.70' (ED25519) to the list of known hosts. executing program [ 59.061405][ T4164] loop0: detected capacity change from 0 to 32768 [ 59.165295][ T4164] (syz-executor185,4164,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 59.180991][ T4164] (syz-executor185,4164,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 59.207636][ T4164] JBD2: Ignoring recovery information on journal [ 59.235855][ T4164] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 59.250006][ T144] ocfs2: Finishing quota recovery on device (7,0) for slot 0 [ 59.291382][ T4164] [ 59.293754][ T4164] ====================================================== [ 59.300762][ T4164] WARNING: possible circular locking dependency detected [ 59.307773][ T4164] 5.15.178-syzkaller #0 Not tainted [ 59.312960][ T4164] ------------------------------------------------------ [ 59.319987][ T4164] syz-executor185/4164 is trying to acquire lock: [ 59.326386][ T4164] ffff8880793b3938 ((wq_completion)ocfs2_wq){+.+.}-{0:0}, at: flush_workqueue+0x154/0x1610 [ 59.336585][ T4164] [ 59.336585][ T4164] but task is already holding lock: [ 59.343935][ T4164] ffff88802b2600e0 (&type->s_umount_key#46){++++}-{3:3}, at: deactivate_super+0xa9/0xe0 [ 59.353679][ T4164] [ 59.353679][ T4164] which lock already depends on the new lock. [ 59.353679][ T4164] [ 59.364179][ T4164] [ 59.364179][ T4164] the existing dependency chain (in reverse order) is: [ 59.373192][ T4164] [ 59.373192][ T4164] -> #2 (&type->s_umount_key#46){++++}-{3:3}: [ 59.381446][ T4164] lock_acquire+0x1db/0x4f0 [ 59.386467][ T4164] down_read+0x45/0x2e0 [ 59.391167][ T4164] ocfs2_finish_quota_recovery+0x15a/0x2260 [ 59.397596][ T4164] ocfs2_complete_recovery+0x173c/0x24a0 [ 59.403770][ T4164] process_one_work+0x8a1/0x10c0 [ 59.409234][ T4164] worker_thread+0xaca/0x1280 [ 59.414535][ T4164] kthread+0x3f6/0x4f0 [ 59.419118][ T4164] ret_from_fork+0x1f/0x30 [ 59.424050][ T4164] [ 59.424050][ T4164] -> #1 ((work_completion)(&journal->j_recovery_work)){+.+.}-{0:0}: [ 59.434221][ T4164] lock_acquire+0x1db/0x4f0 [ 59.439241][ T4164] process_one_work+0x7f1/0x10c0 [ 59.444709][ T4164] worker_thread+0xaca/0x1280 [ 59.449903][ T4164] kthread+0x3f6/0x4f0 [ 59.454490][ T4164] ret_from_fork+0x1f/0x30 [ 59.459431][ T4164] [ 59.459431][ T4164] -> #0 ((wq_completion)ocfs2_wq){+.+.}-{0:0}: [ 59.467777][ T4164] validate_chain+0x1649/0x5930 [ 59.473156][ T4164] __lock_acquire+0x1295/0x1ff0 [ 59.478525][ T4164] lock_acquire+0x1db/0x4f0 [ 59.483542][ T4164] flush_workqueue+0x170/0x1610 [ 59.488908][ T4164] ocfs2_shutdown_local_alloc+0x105/0xa90 [ 59.495164][ T4164] ocfs2_dismount_volume+0x1db/0x8b0 [ 59.500983][ T4164] generic_shutdown_super+0x130/0x310 [ 59.506882][ T4164] kill_block_super+0x7a/0xe0 [ 59.512094][ T4164] deactivate_locked_super+0xa0/0x110 [ 59.517992][ T4164] cleanup_mnt+0x44e/0x500 [ 59.522939][ T4164] task_work_run+0x129/0x1a0 [ 59.528066][ T4164] do_exit+0x6a3/0x2480 [ 59.532774][ T4164] do_group_exit+0x144/0x310 [ 59.537882][ T4164] __x64_sys_exit_group+0x3b/0x40 [ 59.543424][ T4164] do_syscall_64+0x3b/0xb0 [ 59.548353][ T4164] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 59.554851][ T4164] [ 59.554851][ T4164] other info that might help us debug this: [ 59.554851][ T4164] [ 59.565157][ T4164] Chain exists of: [ 59.565157][ T4164] (wq_completion)ocfs2_wq --> (work_completion)(&journal->j_recovery_work) --> &type->s_umount_key#46 [ 59.565157][ T4164] [ 59.582099][ T4164] Possible unsafe locking scenario: [ 59.582099][ T4164] [ 59.589535][ T4164] CPU0 CPU1 [ 59.594887][ T4164] ---- ---- [ 59.600239][ T4164] lock(&type->s_umount_key#46); [ 59.605261][ T4164] lock((work_completion)(&journal->j_recovery_work)); [ 59.614711][ T4164] lock(&type->s_umount_key#46); [ 59.622254][ T4164] lock((wq_completion)ocfs2_wq); [ 59.627359][ T4164] [ 59.627359][ T4164] *** DEADLOCK *** [ 59.627359][ T4164] [ 59.635492][ T4164] 1 lock held by syz-executor185/4164: [ 59.640937][ T4164] #0: ffff88802b2600e0 (&type->s_umount_key#46){++++}-{3:3}, at: deactivate_super+0xa9/0xe0 [ 59.651136][ T4164] [ 59.651136][ T4164] stack backtrace: [ 59.657033][ T4164] CPU: 0 PID: 4164 Comm: syz-executor185 Not tainted 5.15.178-syzkaller #0 [ 59.665626][ T4164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 59.675700][ T4164] Call Trace: [ 59.678979][ T4164] [ 59.681905][ T4164] dump_stack_lvl+0x1e3/0x2d0 [ 59.686604][ T4164] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 59.692248][ T4164] ? print_circular_bug+0x12b/0x1a0 [ 59.697453][ T4164] check_noncircular+0x2f8/0x3b0 [ 59.702406][ T4164] ? add_chain_block+0x850/0x850 [ 59.707365][ T4164] ? queued_spin_lock_slowpath+0x42/0x50 [ 59.713003][ T4164] ? lockdep_lock+0x1a7/0x2a0 [ 59.717686][ T4164] validate_chain+0x1649/0x5930 [ 59.722545][ T4164] ? reacquire_held_locks+0x660/0x660 [ 59.727915][ T4164] ? read_lock_is_recursive+0x10/0x10 [ 59.733298][ T4164] ? debug_object_assert_init+0x2bf/0x420 [ 59.739037][ T4164] ? do_raw_spin_lock+0x14a/0x370 [ 59.744060][ T4164] ? __lock_acquire+0x1ff0/0x1ff0 [ 59.749082][ T4164] ? do_raw_spin_unlock+0x137/0x8b0 [ 59.754298][ T4164] ? mark_lock+0x98/0x340 [ 59.758621][ T4164] __lock_acquire+0x1295/0x1ff0 [ 59.763472][ T4164] lock_acquire+0x1db/0x4f0 [ 59.767970][ T4164] ? flush_workqueue+0x154/0x1610 [ 59.772994][ T4164] ? read_lock_is_recursive+0x10/0x10 [ 59.778362][ T4164] ? lockdep_softirqs_off+0x420/0x420 [ 59.783822][ T4164] ? del_timer+0x183/0x310 [ 59.788241][ T4164] ? __init_swait_queue_head+0xaa/0x140 [ 59.793799][ T4164] flush_workqueue+0x170/0x1610 [ 59.798659][ T4164] ? flush_workqueue+0x154/0x1610 [ 59.803692][ T4164] ? print_irqtrace_events+0x210/0x210 [ 59.809161][ T4164] ? flush_work+0x20/0x20 [ 59.813504][ T4164] ? rcu_work_rcufn+0x140/0x140 [ 59.818365][ T4164] ? print_irqtrace_events+0x210/0x210 [ 59.823835][ T4164] ocfs2_shutdown_local_alloc+0x105/0xa90 [ 59.829581][ T4164] ? __cancel_work_timer+0x5e8/0x6a0 [ 59.834880][ T4164] ? ocfs2_local_alloc_count_bits+0x230/0x230 [ 59.840951][ T4164] ? cancel_work_sync+0x20/0x20 [ 59.845803][ T4164] ? do_raw_spin_unlock+0x137/0x8b0 [ 59.851012][ T4164] ? _atomic_dec_and_lock+0x96/0x130 [ 59.856298][ T4164] ? iput+0x371/0x8b0 [ 59.860273][ T4164] ? ocfs2_disable_quotas+0x1b8/0x210 [ 59.865726][ T4164] ocfs2_dismount_volume+0x1db/0x8b0 [ 59.871015][ T4164] ? ocfs2_enable_quotas+0x440/0x440 [ 59.876295][ T4164] ? clear_inode+0x150/0x150 [ 59.880875][ T4164] ? ocfs2_init_global_system_inodes+0x701/0x720 [ 59.887197][ T4164] ? ocfs2_init_global_system_inodes+0x701/0x720 [ 59.893517][ T4164] ? ocfs2_free_inode+0x20/0x20 [ 59.898366][ T4164] generic_shutdown_super+0x130/0x310 [ 59.903730][ T4164] kill_block_super+0x7a/0xe0 [ 59.908400][ T4164] deactivate_locked_super+0xa0/0x110 [ 59.913763][ T4164] cleanup_mnt+0x44e/0x500 [ 59.918174][ T4164] ? lockdep_hardirqs_on+0x94/0x130 [ 59.923367][ T4164] task_work_run+0x129/0x1a0 [ 59.927955][ T4164] do_exit+0x6a3/0x2480 [ 59.932114][ T4164] ? put_task_struct+0x80/0x80 [ 59.936889][ T4164] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 59.942876][ T4164] ? vtime_user_exit+0x2d1/0x400 [ 59.947819][ T4164] do_group_exit+0x144/0x310 [ 59.952418][ T4164] __x64_sys_exit_group+0x3b/0x40 [ 59.957442][ T4164] do_syscall_64+0x3b/0xb0 [ 59.961851][ T4164] ? clear_bhb_loop+0x15/0x70 [ 59.966524][ T4164] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 59.972415][ T4164] RIP: 0033:0x7f881464ec09 [ 59.976821][ T4164] Code: Unable to access opcode bytes at RIP 0x7f881464ebdf. [ 59.984174][ T4164] RSP: 002b:00007ffefaaca898 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 59.992581][ T4164] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f881464ec09 [ 60.000546][ T4164] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001 [ 60.008508][ T4164] RBP: 00007f88146cf2b0 R08: ffffffffffffffb8 R09: 0000000000004701 [ 60.016474][ T4164] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f88146cf2b0 [ 60.024456][ T4164] R13: 0000000000000000 R14: 00007f88146d0020 R15: 00007f881461d130 [ 60.032431][ T4164] [ 60.043814][ T4164] ocfs2: Unmounting device (7,0) on (node local)