./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1905769658

<...>
forked to background, child pid 3184
no interfaces have a carrier
[   22.914317][ T3185] 8021q: adding VLAN 0 to HW filter on device bond0
[   22.924184][ T3185] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK

syzkaller
Warning: Permanently added '10.128.0.66' (ECDSA) to the list of known hosts.
execve("./syz-executor1905769658", ["./syz-executor1905769658"], 0x7ffc9d2001d0 /* 10 vars */) = 0
brk(NULL)                               = 0x555555c62000
brk(0x555555c62c40)                     = 0x555555c62c40
arch_prctl(ARCH_SET_FS, 0x555555c62300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor1905769658", 4096) = 28
brk(0x555555c83c40)                     = 0x555555c83c40
brk(0x555555c84000)                     = 0x555555c84000
mprotect(0x7f9b3c7bb000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
openat(AT_FDCWD, ".log", O_RDONLY|O_CREAT|O_LARGEFILE, 000) = 3
ioctl(3, _IOC(_IOC_WRITE, 0x66, 0x2b, 0x4), 0x200000c0) = 0
open("./file0", O_WRONLY|O_CREAT|O_EXCL|O_NOCTTY|O_TRUNC|O_SYNC|O_DIRECT|O_NOFOLLOW|FASYNC, 000) = 4
syzkaller login: [   45.449710][ T3605] 
[   45.452187][ T3605] ======================================================
[   45.459196][ T3605] WARNING: possible circular locking dependency detected
[   45.466274][ T3605] 6.0.0-rc6-syzkaller-00309-g1a61b828566f #0 Not tainted
[   45.473272][ T3605] ------------------------------------------------------
[   45.480267][ T3605] syz-executor190/3605 is trying to acquire lock:
[   45.486659][ T3605] ffff88814acce170 (&journal->j_barrier){+.+.}-{3:3}, at: jbd2_journal_lock_updates+0x15e/0x310
[   45.497278][ T3605] 
[   45.497278][ T3605] but task is already holding lock:
[   45.504643][ T3605] ffff88814acccbd8 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_change_inode_journal_flag+0x178/0x530
[   45.515934][ T3605] 
[   45.515934][ T3605] which lock already depends on the new lock.
[   45.515934][ T3605] 
[   45.526324][ T3605] 
[   45.526324][ T3605] the existing dependency chain (in reverse order) is:
[   45.535329][ T3605] 
[   45.535329][ T3605] -> #4 (&sbi->s_writepages_rwsem){++++}-{0:0}:
[   45.544115][ T3605]        percpu_down_write+0x4d/0x440
[   45.549495][ T3605]        ext4_change_inode_journal_flag+0x178/0x530
[   45.556078][ T3605]        ext4_fileattr_set+0xddf/0x1930
[   45.561613][ T3605]        vfs_fileattr_set+0x7f5/0xbe0
[   45.566975][ T3605]        do_vfs_ioctl+0xe62/0x15c0
[   45.572357][ T3605]        __x64_sys_ioctl+0x108/0x200
[   45.577644][ T3605]        do_syscall_64+0x35/0xb0
[   45.582575][ T3605]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   45.588979][ T3605] 
[   45.588979][ T3605] -> #3 (mapping.invalidate_lock){++++}-{3:3}:
[   45.597304][ T3605]        down_write+0x90/0x150
[   45.602059][ T3605]        ext4_setattr+0xd9e/0x2c50
[   45.607160][ T3605]        notify_change+0xcd0/0x1440
[   45.612371][ T3605]        do_truncate+0x13c/0x200
[   45.617299][ T3605]        do_sys_ftruncate+0x536/0x730
[   45.622663][ T3605]        do_syscall_64+0x35/0xb0
[   45.627599][ T3605]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   45.634029][ T3605] 
[   45.634029][ T3605] -> #2 (&sb->s_type->i_mutex_key#8){++++}-{3:3}:
[   45.642909][ T3605]        down_read+0x98/0x450
[   45.647596][ T3605]        ext4_bmap+0x4e/0x460
[   45.652355][ T3605]        bmap+0xaa/0x120
[   45.656591][ T3605]        jbd2_journal_bmap+0xa8/0x180
[   45.661958][ T3605]        jbd2_journal_flush+0x84f/0xc00
[   45.667493][ T3605]        __ext4_ioctl+0x28fd/0x4ab0
[   45.672769][ T3605]        __x64_sys_ioctl+0x193/0x200
[   45.678047][ T3605]        do_syscall_64+0x35/0xb0
[   45.682986][ T3605]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   45.689401][ T3605] 
[   45.689401][ T3605] -> #1 (&journal->j_checkpoint_mutex){+.+.}-{3:3}:
[   45.698368][ T3605]        mutex_lock_io_nested+0x13f/0x1190
[   45.704265][ T3605]        jbd2_journal_flush+0x19a/0xc00
[   45.709804][ T3605]        __ext4_ioctl+0x28fd/0x4ab0
[   45.715015][ T3605]        __x64_sys_ioctl+0x193/0x200
[   45.720302][ T3605]        do_syscall_64+0x35/0xb0
[   45.725231][ T3605]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   45.731640][ T3605] 
[   45.731640][ T3605] -> #0 (&journal->j_barrier){+.+.}-{3:3}:
[   45.739652][ T3605]        __lock_acquire+0x2a43/0x56d0
[   45.745019][ T3605]        lock_acquire+0x1ab/0x570
[   45.750031][ T3605]        __mutex_lock+0x12f/0x1350
[   45.755654][ T3605]        jbd2_journal_lock_updates+0x15e/0x310
[   45.761969][ T3605]        ext4_change_inode_journal_flag+0x180/0x530
[   45.768547][ T3605]        ext4_fileattr_set+0xddf/0x1930
[   45.774086][ T3605]        vfs_fileattr_set+0x7f5/0xbe0
[   45.779448][ T3605]        do_vfs_ioctl+0xe62/0x15c0
[   45.784547][ T3605]        __x64_sys_ioctl+0x108/0x200
[   45.789822][ T3605]        do_syscall_64+0x35/0xb0
[   45.794749][ T3605]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   45.801174][ T3605] 
[   45.801174][ T3605] other info that might help us debug this:
[   45.801174][ T3605] 
[   45.811564][ T3605] Chain exists of:
[   45.811564][ T3605]   &journal->j_barrier --> mapping.invalidate_lock --> &sbi->s_writepages_rwsem
[   45.811564][ T3605] 
[   45.826415][ T3605]  Possible unsafe locking scenario:
[   45.826415][ T3605] 
[   45.833869][ T3605]        CPU0                    CPU1
[   45.839223][ T3605]        ----                    ----
[   45.844657][ T3605]   lock(&sbi->s_writepages_rwsem);
[   45.849841][ T3605]                                lock(mapping.invalidate_lock);
[   45.857456][ T3605]                                lock(&sbi->s_writepages_rwsem);
[   45.865156][ T3605]   lock(&journal->j_barrier);
[   45.869908][ T3605] 
[   45.869908][ T3605]  *** DEADLOCK ***
[   45.869908][ T3605] 
[   45.878033][ T3605] 4 locks held by syz-executor190/3605:
[   45.883558][ T3605]  #0: ffff88814acca460 (sb_writers#4){.+.+}-{0:0}, at: do_vfs_ioctl+0xe27/0x15c0
[   45.892781][ T3605]  #1: ffff88807419a218 (&sb->s_type->i_mutex_key#8){++++}-{3:3}, at: vfs_fileattr_set+0x148/0xbe0
[   45.903471][ T3605]  #2: ffff88807419a3b8 (mapping.invalidate_lock){++++}-{3:3}, at: ext4_change_inode_journal_flag+0x11f/0x530
[   45.915288][ T3605]  #3: ffff88814acccbd8 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_change_inode_journal_flag+0x178/0x530
[   45.927116][ T3605] 
[   45.927116][ T3605] stack backtrace:
[   45.932987][ T3605] CPU: 1 PID: 3605 Comm: syz-executor190 Not tainted 6.0.0-rc6-syzkaller-00309-g1a61b828566f #0
[   45.943385][ T3605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022
[   45.953431][ T3605] Call Trace:
[   45.956698][ T3605]  <TASK>
[   45.959616][ T3605]  dump_stack_lvl+0xcd/0x134
[   45.964201][ T3605]  check_noncircular+0x25f/0x2e0
[   45.969131][ T3605]  ? print_circular_bug+0x1e0/0x1e0
[   45.974316][ T3605]  ? is_bpf_text_address+0x99/0x170
[   45.979508][ T3605]  ? __kernel_text_address+0x9/0x30
[   45.984697][ T3605]  ? unwind_get_return_address+0x51/0x90
[   45.990323][ T3605]  ? write_profile+0x4a0/0x4a0
[   45.995080][ T3605]  ? arch_stack_walk+0x93/0xe0
[   45.999838][ T3605]  __lock_acquire+0x2a43/0x56d0
[   46.004857][ T3605]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   46.010832][ T3605]  lock_acquire+0x1ab/0x570
[   46.015346][ T3605]  ? jbd2_journal_lock_updates+0x15e/0x310
[   46.021148][ T3605]  ? lock_release+0x780/0x780
[   46.025818][ T3605]  ? find_held_lock+0x2d/0x110
[   46.030571][ T3605]  __mutex_lock+0x12f/0x1350
[   46.035153][ T3605]  ? jbd2_journal_lock_updates+0x15e/0x310
[   46.040953][ T3605]  ? jbd2_journal_lock_updates+0x15e/0x310
[   46.046748][ T3605]  ? mutex_lock_io_nested+0x1190/0x1190
[   46.052281][ T3605]  ? jbd2_journal_lock_updates+0x150/0x310
[   46.058075][ T3605]  ? lock_downgrade+0x6e0/0x6e0
[   46.062913][ T3605]  ? do_raw_read_unlock+0x70/0x70
[   46.067925][ T3605]  ? rcu_sync_enter+0x150/0x2e0
[   46.072764][ T3605]  jbd2_journal_lock_updates+0x15e/0x310
[   46.078388][ T3605]  ? jbd2_journal_wait_updates+0x240/0x240
[   46.084193][ T3605]  ext4_change_inode_journal_flag+0x180/0x530
[   46.090258][ T3605]  ext4_fileattr_set+0xddf/0x1930
[   46.095278][ T3605]  ? ext4_fileattr_get+0x280/0x280
[   46.100383][ T3605]  ? down_write+0xde/0x150
[   46.104788][ T3605]  ? memset+0x20/0x40
[   46.108761][ T3605]  ? fileattr_fill_flags+0x27b/0x320
[   46.114037][ T3605]  vfs_fileattr_set+0x7f5/0xbe0
[   46.119224][ T3605]  ? ioctl_file_clone+0x100/0x100
[   46.124237][ T3605]  ? memset+0x20/0x40
[   46.128209][ T3605]  do_vfs_ioctl+0xe62/0x15c0
[   46.132789][ T3605]  ? vfs_fileattr_set+0xbe0/0xbe0
[   46.137805][ T3605]  ? find_held_lock+0x2d/0x110
[   46.142562][ T3605]  ? name_to_dev_t+0x880/0x990
[   46.147318][ T3605]  ? lock_downgrade+0x6e0/0x6e0
[   46.152164][ T3605]  ? _raw_spin_unlock_irq+0x1f/0x40
[   46.157356][ T3605]  ? bpf_lsm_file_ioctl+0x5/0x10
[   46.162283][ T3605]  __x64_sys_ioctl+0x108/0x200
[   46.167040][ T3605]  do_syscall_64+0x35/0xb0
[   46.171446][ T3605]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   46.177327][ T3605] RIP: 0033:0x7f9b3c74ebe9
[   46.181728][ T3605] Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
ioctl(4, FS_IOC_SETFLAGS, [FS_JOURNAL_DATA_FL]) = 0
exit_group(0)                           = ?
+++ exited with 0 +++
[   46.201412][ T36