======================================================
WARNING: possible circular locking dependency detected
6.5.0-rc1-syzkaller-00020-g005abf9e5e0d #0 Not tainted
------------------------------------------------------
syz-executor.1/5176 is trying to acquire lock:
ffff888064216888 (&fi->i_xattr_sem){.+.+}-{3:3}, at: f2fs_getxattr+0xb1e/0x12c0

but task is already holding lock:
ffff88806421a668 (&fi->i_sem){+.+.}-{3:3}, at: f2fs_do_tmpfile+0x22/0x1d0

which lock already depends on the new lock.


the existing dependency chain (in reverse order) is:

-> #1 (&fi->i_sem){+.+.}-{3:3}:
       down_write+0x93/0x200
       f2fs_add_inline_entry+0x2c0/0x6a0
       f2fs_add_dentry+0xa6/0x230
       f2fs_do_add_link+0x182/0x270
       f2fs_create+0x3b3/0x650
       lookup_open.isra.0+0x1049/0x1360
       path_openat+0x931/0x2990
       do_filp_open+0x1cb/0x410
       do_sys_openat2+0x15c/0x1c0
       __x64_sys_openat+0x175/0x210
       do_syscall_64+0x38/0xb0
       entry_SYSCALL_64_after_hwframe+0x63/0xcd

-> #0 (&fi->i_xattr_sem){.+.+}-{3:3}:
       __lock_acquire+0x2e3d/0x5de0
       lock_acquire+0x1ae/0x510
       down_read+0x9c/0x470
       f2fs_getxattr+0xb1e/0x12c0
       __f2fs_get_acl+0x5a/0x900
       f2fs_init_acl+0x15c/0xb30
       f2fs_init_inode_metadata+0x159/0x1250
       f2fs_do_tmpfile+0x31/0x1d0
       __f2fs_tmpfile+0x1e6/0x460
       f2fs_ioc_start_atomic_write+0xc8e/0x1270
       __f2fs_ioctl+0x3bf4/0xa0a0
       f2fs_ioctl+0x192/0x220
       __x64_sys_ioctl+0x18f/0x210
       do_syscall_64+0x38/0xb0
       entry_SYSCALL_64_after_hwframe+0x63/0xcd

other info that might help us debug this:

 Possible unsafe locking scenario:

       CPU0                    CPU1
       ----                    ----
  lock(&fi->i_sem);
                               lock(&fi->i_xattr_sem);
                               lock(&fi->i_sem);
  rlock(&fi->i_xattr_sem);

 *** DEADLOCK ***

5 locks held by syz-executor.1/5176:
 #0: ffff88807b292410 (sb_writers#12){.+.+}-{0:0}, at: f2fs_ioc_start_atomic_write+0x1b1/0x1270
 #1: ffff888064218250 (&sb->s_type->i_mutex_key#19){+.+.}-{3:3}, at: f2fs_ioc_start_atomic_write+0x1f2/0x1270
 #2: ffff888064218830 (&fi->i_gc_rwsem[WRITE]){+.+.}-{3:3}, at: f2fs_ioc_start_atomic_write+0x2ee/0x1270
 #3: ffff88807c1843b0 (&sbi->cp_rwsem){.+.+}-{3:3}, at: __f2fs_tmpfile+0x1bb/0x460
 #4: ffff88806421a668 (&fi->i_sem){+.+.}-{3:3}, at: f2fs_do_tmpfile+0x22/0x1d0

stack backtrace:
CPU: 0 PID: 5176 Comm: syz-executor.1 Not tainted 6.5.0-rc1-syzkaller-00020-g005abf9e5e0d #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
Call Trace:
 <TASK>
 dump_stack_lvl+0xd9/0x1b0
 check_noncircular+0x2f7/0x3d0
 __lock_acquire+0x2e3d/0x5de0
 lock_acquire+0x1ae/0x510
 down_read+0x9c/0x470
 f2fs_getxattr+0xb1e/0x12c0
 __f2fs_get_acl+0x5a/0x900
 f2fs_init_acl+0x15c/0xb30
 f2fs_init_inode_metadata+0x159/0x1250
 f2fs_do_tmpfile+0x31/0x1d0
 __f2fs_tmpfile+0x1e6/0x460
 f2fs_ioc_start_atomic_write+0xc8e/0x1270
 __f2fs_ioctl+0x3bf4/0xa0a0
 f2fs_ioctl+0x192/0x220
 __x64_sys_ioctl+0x18f/0x210
 do_syscall_64+0x38/0xb0
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7fa24d67cbe9
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fa24e46f0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00007fa24d79bf80 RCX: 00007fa24d67cbe9
RDX: 0000000000000000 RSI: 000000000000f501 RDI: 0000000000000004
RBP: 00007fa24d6c847a R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 000000000000000b R14: 00007fa24d79bf80 R15: 00007fffd8a88ac8
 </TASK>
