Warning: Permanently added '10.128.0.144' (ECDSA) to the list of known hosts. executing program [ 42.650429][ T4053] [ 42.650922][ T4053] ====================================================== [ 42.652459][ T4053] WARNING: possible circular locking dependency detected [ 42.654177][ T4053] 5.15.98-syzkaller #0 Not tainted [ 42.655402][ T4053] ------------------------------------------------------ [ 42.657048][ T4053] syz-executor189/4053 is trying to acquire lock: [ 42.658580][ T4053] ffff0000ccb403f0 (&sb->s_type->i_mutex_key#9){++++}-{3:3}, at: ext4_bmap+0x58/0x36c [ 42.660981][ T4053] [ 42.660981][ T4053] but task is already holding lock: [ 42.662716][ T4053] ffff0000d3b903f8 (&journal->j_checkpoint_mutex){+.+.}-{3:3}, at: jbd2_journal_flush+0x28c/0xaa0 [ 42.665350][ T4053] [ 42.665350][ T4053] which lock already depends on the new lock. [ 42.665350][ T4053] [ 42.667760][ T4053] [ 42.667760][ T4053] the existing dependency chain (in reverse order) is: [ 42.669869][ T4053] [ 42.669869][ T4053] -> #3 (&journal->j_checkpoint_mutex){+.+.}-{3:3}: [ 42.672009][ T4053] __mutex_lock_common+0x194/0x2154 [ 42.673330][ T4053] mutex_lock_io_nested+0xcc/0x12c [ 42.674657][ T4053] jbd2_journal_flush+0x210/0xaa0 [ 42.675898][ T4053] ext4_ioctl+0x3448/0x675c [ 42.677046][ T4053] __arm64_sys_ioctl+0x14c/0x1c8 [ 42.678360][ T4053] invoke_syscall+0x98/0x2b8 [ 42.679600][ T4053] el0_svc_common+0x138/0x258 [ 42.680873][ T4053] do_el0_svc+0x58/0x14c [ 42.681984][ T4053] el0_svc+0x7c/0x1f0 [ 42.682996][ T4053] el0t_64_sync_handler+0x84/0xe4 [ 42.684400][ T4053] el0t_64_sync+0x1a0/0x1a4 [ 42.685597][ T4053] [ 42.685597][ T4053] -> #2 (&journal->j_barrier){+.+.}-{3:3}: [ 42.687468][ T4053] __mutex_lock_common+0x194/0x2154 [ 42.688822][ T4053] mutex_lock_nested+0xa4/0xf8 [ 42.690078][ T4053] jbd2_journal_lock_updates+0x3f0/0x4b4 [ 42.691611][ T4053] ext4_change_inode_journal_flag+0x15c/0x648 [ 42.693276][ T4053] ext4_fileattr_set+0xb7c/0x12e0 [ 42.694533][ T4053] vfs_fileattr_set+0x708/0xad0 [ 42.695750][ T4053] do_vfs_ioctl+0x1634/0x2a38 [ 42.696997][ T4053] __arm64_sys_ioctl+0xe4/0x1c8 [ 42.698288][ T4053] invoke_syscall+0x98/0x2b8 [ 42.699478][ T4053] el0_svc_common+0x138/0x258 [ 42.700778][ T4053] do_el0_svc+0x58/0x14c [ 42.701895][ T4053] el0_svc+0x7c/0x1f0 [ 42.702978][ T4053] el0t_64_sync_handler+0x84/0xe4 [ 42.704387][ T4053] el0t_64_sync+0x1a0/0x1a4 [ 42.705545][ T4053] [ 42.705545][ T4053] -> #1 (&sbi->s_writepages_rwsem){++++}-{0:0}: [ 42.707536][ T4053] percpu_down_write+0xd8/0x3b0 [ 42.708833][ T4053] ext4_ind_migrate+0x170/0x58c [ 42.710079][ T4053] ext4_fileattr_set+0xbf0/0x12e0 [ 42.711357][ T4053] vfs_fileattr_set+0x708/0xad0 [ 42.712584][ T4053] do_vfs_ioctl+0x1634/0x2a38 [ 42.713808][ T4053] __arm64_sys_ioctl+0xe4/0x1c8 [ 42.714994][ T4053] invoke_syscall+0x98/0x2b8 [ 42.716226][ T4053] el0_svc_common+0x138/0x258 [ 42.717554][ T4053] do_el0_svc+0x58/0x14c [ 42.718691][ T4053] el0_svc+0x7c/0x1f0 [ 42.719835][ T4053] el0t_64_sync_handler+0x84/0xe4 [ 42.721306][ T4053] el0t_64_sync+0x1a0/0x1a4 [ 42.722556][ T4053] [ 42.722556][ T4053] -> #0 (&sb->s_type->i_mutex_key#9){++++}-{3:3}: [ 42.724572][ T4053] __lock_acquire+0x32cc/0x7620 [ 42.725834][ T4053] lock_acquire+0x2b8/0x894 [ 42.727037][ T4053] down_read+0xbc/0x11c [ 42.728153][ T4053] ext4_bmap+0x58/0x36c [ 42.729287][ T4053] bmap+0xa8/0xe8 [ 42.730302][ T4053] jbd2_journal_flush+0x63c/0xaa0 [ 42.731702][ T4053] ext4_ioctl+0x3448/0x675c [ 42.732883][ T4053] __arm64_sys_ioctl+0x14c/0x1c8 [ 42.734257][ T4053] invoke_syscall+0x98/0x2b8 [ 42.735464][ T4053] el0_svc_common+0x138/0x258 [ 42.736602][ T4053] do_el0_svc+0x58/0x14c [ 42.737712][ T4053] el0_svc+0x7c/0x1f0 [ 42.738761][ T4053] el0t_64_sync_handler+0x84/0xe4 [ 42.740162][ T4053] el0t_64_sync+0x1a0/0x1a4 [ 42.741399][ T4053] [ 42.741399][ T4053] other info that might help us debug this: [ 42.741399][ T4053] [ 42.743679][ T4053] Chain exists of: [ 42.743679][ T4053] &sb->s_type->i_mutex_key#9 --> &journal->j_barrier --> &journal->j_checkpoint_mutex [ 42.743679][ T4053] [ 42.747269][ T4053] Possible unsafe locking scenario: [ 42.747269][ T4053] [ 42.748962][ T4053] CPU0 CPU1 [ 42.750198][ T4053] ---- ---- [ 42.751595][ T4053] lock(&journal->j_checkpoint_mutex); [ 42.752966][ T4053] lock(&journal->j_barrier); [ 42.754663][ T4053] lock(&journal->j_checkpoint_mutex); [ 42.756516][ T4053] lock(&sb->s_type->i_mutex_key#9); [ 42.757768][ T4053] [ 42.757768][ T4053] *** DEADLOCK *** [ 42.757768][ T4053] [ 42.759921][ T4053] 2 locks held by syz-executor189/4053: [ 42.761282][ T4053] #0: ffff0000d3b90170 (&journal->j_barrier){+.+.}-{3:3}, at: jbd2_journal_lock_updates+0x3f0/0x4b4 [ 42.763854][ T4053] #1: ffff0000d3b903f8 (&journal->j_checkpoint_mutex){+.+.}-{3:3}, at: jbd2_journal_flush+0x28c/0xaa0 [ 42.766393][ T4053] [ 42.766393][ T4053] stack backtrace: [ 42.767881][ T4053] CPU: 0 PID: 4053 Comm: syz-executor189 Not tainted 5.15.98-syzkaller #0 [ 42.769904][ T4053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023 [ 42.772279][ T4053] Call trace: [ 42.773011][ T4053] dump_backtrace+0x0/0x530 [ 42.774087][ T4053] show_stack+0x2c/0x3c [ 42.775105][ T4053] dump_stack_lvl+0x108/0x170 [ 42.776237][ T4053] dump_stack+0x1c/0x58 [ 42.777159][ T4053] print_circular_bug+0x150/0x1b8 [ 42.778337][ T4053] check_noncircular+0x2cc/0x378 [ 42.779611][ T4053] __lock_acquire+0x32cc/0x7620 [ 42.780787][ T4053] lock_acquire+0x2b8/0x894 [ 42.781848][ T4053] down_read+0xbc/0x11c [ 42.782857][ T4053] ext4_bmap+0x58/0x36c [ 42.783805][ T4053] bmap+0xa8/0xe8 [ 42.784624][ T4053] jbd2_journal_flush+0x63c/0xaa0 [ 42.785817][ T4053] ext4_ioctl+0x3448/0x675c [ 42.787023][ T4053] __arm64_sys_ioctl+0x14c/0x1c8 [ 42.788224][ T4053] invoke_syscall+0x98/0x2b8 [ 42.789290][ T4053] el0_svc_common+0x138/0x258 [ 42.790398][ T4053] do_el0_svc+0x58/0x14c [ 42.791480][ T4053] el0_svc+0x7c/0x1f0 [ 42.792404][ T4053] el0t_64_sync_handler+0x84/0xe4 [ 42.793586][ T4053] el0t_64_sync+0x1a0/0x1a4