./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor653957570

<...>
Warning: Permanently added '10.128.0.127' (ECDSA) to the list of known hosts.
execve("./syz-executor653957570", ["./syz-executor653957570"], 0x7ffc2d8d3690 /* 10 vars */) = 0
brk(NULL)                               = 0x55555734f000
brk(0x55555734fc40)                     = 0x55555734fc40
arch_prctl(ARCH_SET_FS, 0x55555734f300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor653957570", 4096) = 27
brk(0x555557370c40)                     = 0x555557370c40
brk(0x555557371000)                     = 0x555557371000
mprotect(0x7f3f66e31000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
openat(AT_FDCWD, "blkio.bfq.io_merged", O_WRONLY|O_CREAT|O_EXCL|O_TRUNC|O_APPEND|FASYNC|0x20, 000) = 3
ioctl(3, FS_IOC_SETFLAGS, [FS_SECRM_FL|FS_UNRM_FL|FS_SYNC_FL|FS_APPEND_FL|FS_NOATIME_FL|FS_DIRTY_FL|FS_ENCRYPT_FL|FS_JOURNAL_DATA_FL|FS_NOTAIL_FL]) = 0
openat(AT_FDCWD, "memory.events", O_WRONLY|O_CREAT|O_EXCL|O_TRUNC|O_APPEND|FASYNC|0x20, 000) = 4
openat(AT_FDCWD, "memory.events", O_RDWR|__O_SYNC) = 5
syzkaller login: [   49.963866][ T3613] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow
[   49.975087][ T3613] 
[   49.986705][ T3613] ======================================================
[   49.993728][ T3613] WARNING: possible circular locking dependency detected
[   50.000729][ T3613] 5.19.0-syzkaller-14037-gd24433c0f4a3 #0 Not tainted
[   50.007475][ T3613] ------------------------------------------------------
[   50.014476][ T3613] syz-executor653/3613 is trying to acquire lock:
[   50.020877][ T3613] ffff88801eb08400 (&sb->s_type->i_mutex_key#8){++++}-{3:3}, at: ext4_bmap+0x4e/0x460
[   50.030476][ T3613] 
[   50.030476][ T3613] but task is already holding lock:
[   50.037865][ T3613] ffff88814b4383f8 (&journal->j_checkpoint_mutex){+.+.}-{3:3}, at: jbd2_journal_flush+0x487/0xc00
[   50.048502][ T3613] 
[   50.048502][ T3613] which lock already depends on the new lock.
[   50.048502][ T3613] 
[   50.058914][ T3613] 
[   50.058914][ T3613] the existing dependency chain (in reverse order) is:
[   50.067929][ T3613] 
[   50.067929][ T3613] -> #3 (&journal->j_checkpoint_mutex){+.+.}-{3:3}:
[   50.076704][ T3613]        mutex_lock_io_nested+0x13f/0x1190
[   50.082552][ T3613]        jbd2_journal_flush+0x19a/0xc00
[   50.088111][ T3613]        __ext4_ioctl+0x28fd/0x4ab0
[   50.093313][ T3613]        __x64_sys_ioctl+0x193/0x200
[   50.098604][ T3613]        do_syscall_64+0x35/0xb0
[   50.103545][ T3613]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   50.109986][ T3613] 
[   50.109986][ T3613] -> #2 (&journal->j_barrier){+.+.}-{3:3}:
[   50.117985][ T3613]        __mutex_lock+0x12f/0x1350
[   50.123103][ T3613]        jbd2_journal_lock_updates+0x15e/0x310
[   50.129268][ T3613]        ext4_change_inode_journal_flag+0x180/0x530
[   50.135870][ T3613]        ext4_fileattr_set+0xddf/0x1930
[   50.141435][ T3613]        vfs_fileattr_set+0x7f5/0xbe0
[   50.146834][ T3613]        do_vfs_ioctl+0xe62/0x15c0
[   50.151949][ T3613]        __x64_sys_ioctl+0x108/0x200
[   50.157375][ T3613]        do_syscall_64+0x35/0xb0
[   50.162337][ T3613]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   50.168783][ T3613] 
[   50.168783][ T3613] -> #1 (&sbi->s_writepages_rwsem){++++}-{0:0}:
[   50.177245][ T3613]        percpu_down_write+0x4d/0x440
[   50.182637][ T3613]        ext4_ind_migrate+0x237/0x840
[   50.188010][ T3613]        ext4_fileattr_set+0x14b8/0x1930
[   50.193649][ T3613]        vfs_fileattr_set+0x7f5/0xbe0
[   50.199027][ T3613]        do_vfs_ioctl+0xe62/0x15c0
[   50.204139][ T3613]        __x64_sys_ioctl+0x108/0x200
[   50.209427][ T3613]        do_syscall_64+0x35/0xb0
[   50.214383][ T3613]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   50.220805][ T3613] 
[   50.220805][ T3613] -> #0 (&sb->s_type->i_mutex_key#8){++++}-{3:3}:
[   50.229423][ T3613]        __lock_acquire+0x2a43/0x56d0
[   50.234805][ T3613]        lock_acquire+0x1ab/0x570
[   50.239839][ T3613]        down_read+0x98/0x450
[   50.244532][ T3613]        ext4_bmap+0x4e/0x460
[   50.249211][ T3613]        bmap+0xaa/0x120
[   50.253472][ T3613]        jbd2_journal_bmap+0xa8/0x180
[   50.258852][ T3613]        jbd2_journal_flush+0x84f/0xc00
[   50.264408][ T3613]        __ext4_ioctl+0x28fd/0x4ab0
[   50.269702][ T3613]        __x64_sys_ioctl+0x193/0x200
[   50.274990][ T3613]        do_syscall_64+0x35/0xb0
[   50.279932][ T3613]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   50.286353][ T3613] 
[   50.286353][ T3613] other info that might help us debug this:
[   50.286353][ T3613] 
[   50.296590][ T3613] Chain exists of:
[   50.296590][ T3613]   &sb->s_type->i_mutex_key#8 --> &journal->j_barrier --> &journal->j_checkpoint_mutex
[   50.296590][ T3613] 
[   50.312100][ T3613]  Possible unsafe locking scenario:
[   50.312100][ T3613] 
[   50.319552][ T3613]        CPU0                    CPU1
[   50.324938][ T3613]        ----                    ----
[   50.330319][ T3613]   lock(&journal->j_checkpoint_mutex);
[   50.335890][ T3613]                                lock(&journal->j_barrier);
[   50.343192][ T3613]                                lock(&journal->j_checkpoint_mutex);
[   50.351262][ T3613]   lock(&sb->s_type->i_mutex_key#8);
[   50.356648][ T3613] 
[   50.356648][ T3613]  *** DEADLOCK ***
[   50.356648][ T3613] 
[   50.364813][ T3613] 2 locks held by syz-executor653/3613:
[   50.370364][ T3613]  #0: ffff88814b438170 (&journal->j_barrier){+.+.}-{3:3}, at: jbd2_journal_lock_updates+0x15e/0x310
[   50.381272][ T3613]  #1: ffff88814b4383f8 (&journal->j_checkpoint_mutex){+.+.}-{3:3}, at: jbd2_journal_flush+0x487/0xc00
[   50.392359][ T3613] 
[   50.392359][ T3613] stack backtrace:
[   50.398249][ T3613] CPU: 1 PID: 3613 Comm: syz-executor653 Not tainted 5.19.0-syzkaller-14037-gd24433c0f4a3 #0
[   50.408403][ T3613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022
[   50.418469][ T3613] Call Trace:
[   50.421762][ T3613]  <TASK>
[   50.424720][ T3613]  dump_stack_lvl+0xcd/0x134
[   50.429360][ T3613]  check_noncircular+0x25f/0x2e0
[   50.434309][ T3613]  ? print_circular_bug+0x1e0/0x1e0
[   50.439518][ T3613]  ? lock_downgrade+0x6e0/0x6e0
[   50.444381][ T3613]  ? mark_held_locks+0x9f/0xe0
[   50.449152][ T3613]  ? finish_task_switch.isra.0+0x2b5/0xc70
[   50.454969][ T3613]  ? finish_task_switch.isra.0+0x2b5/0xc70
[   50.460784][ T3613]  __lock_acquire+0x2a43/0x56d0
[   50.465647][ T3613]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   50.471632][ T3613]  ? find_held_lock+0x2d/0x110
[   50.476406][ T3613]  lock_acquire+0x1ab/0x570
[   50.480916][ T3613]  ? ext4_bmap+0x4e/0x460
[   50.485257][ T3613]  ? lock_release+0x780/0x780
[   50.489946][ T3613]  down_read+0x98/0x450
[   50.494115][ T3613]  ? ext4_bmap+0x4e/0x460
[   50.498452][ T3613]  ? rwsem_down_read_slowpath+0xb10/0xb10
[   50.504190][ T3613]  ? find_held_lock+0x2d/0x110
[   50.508962][ T3613]  ext4_bmap+0x4e/0x460
[   50.513128][ T3613]  ? ext4_readahead+0x140/0x140
[   50.517985][ T3613]  bmap+0xaa/0x120
[   50.521717][ T3613]  ? do_raw_read_unlock+0x70/0x70
[   50.526751][ T3613]  jbd2_journal_bmap+0xa8/0x180
[   50.531623][ T3613]  ? jbd2_log_start_commit+0x40/0x40
[   50.536920][ T3613]  ? _raw_write_unlock+0x24/0x40
[   50.541876][ T3613]  ? jbd2_mark_journal_empty+0x307/0x3f0
[   50.547522][ T3613]  jbd2_journal_flush+0x84f/0xc00
[   50.552588][ T3613]  ? jbd2_fc_get_buf+0x310/0x310
[   50.557541][ T3613]  ? lockdep_hardirqs_on+0x79/0x100
[   50.562752][ T3613]  ? _raw_spin_unlock_irqrestore+0x3d/0x70
[   50.568565][ T3613]  ? ___ratelimit+0x222/0x4b0
[   50.573248][ T3613]  ? __ext4_ioctl.cold+0x5/0x7e
[   50.578115][ T3613]  __ext4_ioctl+0x28fd/0x4ab0
[   50.582804][ T3613]  ? tomoyo_path_number_perm+0x24e/0x590
[   50.588451][ T3613]  ? tomoyo_execute_permission+0x4a0/0x4a0
[   50.594268][ T3613]  ? ext4_reset_inode_seed+0x440/0x440
[   50.599747][ T3613]  ? __sanitizer_cov_trace_switch+0x50/0x90
[   50.605662][ T3613]  ? do_vfs_ioctl+0x132/0x15c0
[   50.610439][ T3613]  ? vfs_fileattr_set+0xbe0/0xbe0
[   50.615480][ T3613]  ? find_held_lock+0x2d/0x110
[   50.620260][ T3613]  ? calibrate_delay+0xe72/0x1120
[   50.625297][ T3613]  ? lock_downgrade+0x6e0/0x6e0
[   50.630175][ T3613]  ? _raw_spin_unlock_irq+0x1f/0x40
[   50.635380][ T3613]  ? bpf_lsm_file_ioctl+0x5/0x10
[   50.640329][ T3613]  ? ext4_fileattr_set+0x1930/0x1930
[   50.645649][ T3613]  __x64_sys_ioctl+0x193/0x200
[   50.650421][ T3613]  do_syscall_64+0x35/0xb0
[   50.654853][ T3613]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   50.660774][ T3613] RIP: 0033:0x7f3f66dc4bc9
[   50.665225][ T3613] Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   50.684857][ T3613] RSP: 002b:00007fff6f7de338 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   50.693301][ T3613] RAX: ffffffffffffffda RBX: 652e79726f6d656d RCX: 00007f3f66dc4bc9
[   50.701284][ T3613] RDX: 00000000200005c0 RSI: 000000004004662b RDI: 0000000000000005
[   50.709278][ T3613] RBP: 00007f3f66d88d70 R08: 0000000000000000 R09: 0000000000000000
[   50.717267][ T3613] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3f66d88e00
ioctl(5, _IOC(_IOC_WRITE, 0x66, 0x2b, 0x4), 0x200005c0) = 0
exit_group(0)                           = ?
+++ exited with 0 +++
[   50.725240][ T3613] R13: 00000000