Warning: Permanently added '10.128.0.202' (ECDSA) to the list of known hosts. executing program [ 35.749150][ T4314] [ 35.749698][ T4314] ====================================================== [ 35.751272][ T4314] WARNING: possible circular locking dependency detected [ 35.752844][ T4314] 6.1.15-syzkaller #0 Not tainted [ 35.754036][ T4314] ------------------------------------------------------ [ 35.755682][ T4314] syz-executor142/4314 is trying to acquire lock: [ 35.757218][ T4314] ffff0000c0548400 (&sb->s_type->i_mutex_key#9){++++}-{3:3}, at: ext4_bmap+0x58/0x35c [ 35.759491][ T4314] [ 35.759491][ T4314] but task is already holding lock: [ 35.761218][ T4314] ffff0000d5e1c3f8 (&journal->j_checkpoint_mutex){+.+.}-{3:3}, at: jbd2_journal_flush+0x28c/0xa60 [ 35.763764][ T4314] [ 35.763764][ T4314] which lock already depends on the new lock. [ 35.763764][ T4314] [ 35.766220][ T4314] [ 35.766220][ T4314] the existing dependency chain (in reverse order) is: [ 35.768303][ T4314] [ 35.768303][ T4314] -> #3 (&journal->j_checkpoint_mutex){+.+.}-{3:3}: [ 35.770394][ T4314] __mutex_lock_common+0x190/0x21a0 [ 35.771708][ T4314] mutex_lock_io_nested+0x6c/0x88 [ 35.773003][ T4314] jbd2_journal_flush+0x210/0xa60 [ 35.774329][ T4314] ext4_ioctl+0x38b8/0x6ef0 [ 35.775567][ T4314] __arm64_sys_ioctl+0x14c/0x1c8 [ 35.776823][ T4314] invoke_syscall+0x98/0x2c0 [ 35.778006][ T4314] el0_svc_common+0x138/0x258 [ 35.779244][ T4314] do_el0_svc+0x64/0x218 [ 35.780365][ T4314] el0_svc+0x58/0x168 [ 35.781359][ T4314] el0t_64_sync_handler+0x84/0xf0 [ 35.782585][ T4314] el0t_64_sync+0x18c/0x190 [ 35.783663][ T4314] [ 35.783663][ T4314] -> #2 (&journal->j_barrier){+.+.}-{3:3}: [ 35.785501][ T4314] __mutex_lock_common+0x190/0x21a0 [ 35.786938][ T4314] mutex_lock_nested+0x38/0x44 [ 35.788213][ T4314] jbd2_journal_lock_updates+0x260/0x324 [ 35.789691][ T4314] ext4_change_inode_journal_flag+0x15c/0x614 [ 35.791236][ T4314] ext4_fileattr_set+0xb58/0x12c8 [ 35.792564][ T4314] vfs_fileattr_set+0x708/0xad0 [ 35.793825][ T4314] do_vfs_ioctl+0x14cc/0x26f8 [ 35.795008][ T4314] __arm64_sys_ioctl+0xe4/0x1c8 [ 35.796230][ T4314] invoke_syscall+0x98/0x2c0 [ 35.797433][ T4314] el0_svc_common+0x138/0x258 [ 35.798624][ T4314] do_el0_svc+0x64/0x218 [ 35.799783][ T4314] el0_svc+0x58/0x168 [ 35.800797][ T4314] el0t_64_sync_handler+0x84/0xf0 [ 35.802077][ T4314] el0t_64_sync+0x18c/0x190 [ 35.803234][ T4314] [ 35.803234][ T4314] -> #1 (&sbi->s_writepages_rwsem){++++}-{0:0}: [ 35.805175][ T4314] percpu_down_write+0x78/0x320 [ 35.806425][ T4314] ext4_ind_migrate+0x174/0x6e0 [ 35.807699][ T4314] ext4_fileattr_set+0xbcc/0x12c8 [ 35.809012][ T4314] vfs_fileattr_set+0x708/0xad0 [ 35.810318][ T4314] do_vfs_ioctl+0x14cc/0x26f8 [ 35.811557][ T4314] __arm64_sys_ioctl+0xe4/0x1c8 [ 35.812884][ T4314] invoke_syscall+0x98/0x2c0 [ 35.814090][ T4314] el0_svc_common+0x138/0x258 [ 35.815319][ T4314] do_el0_svc+0x64/0x218 [ 35.816388][ T4314] el0_svc+0x58/0x168 [ 35.817404][ T4314] el0t_64_sync_handler+0x84/0xf0 [ 35.818604][ T4314] el0t_64_sync+0x18c/0x190 [ 35.819761][ T4314] [ 35.819761][ T4314] -> #0 (&sb->s_type->i_mutex_key#9){++++}-{3:3}: [ 35.821785][ T4314] __lock_acquire+0x3338/0x764c [ 35.823110][ T4314] lock_acquire+0x2f8/0x8dc [ 35.824278][ T4314] down_read+0x5c/0x78 [ 35.825340][ T4314] ext4_bmap+0x58/0x35c [ 35.826338][ T4314] bmap+0xa8/0xe8 [ 35.827280][ T4314] jbd2_journal_flush+0x4c0/0xa60 [ 35.828457][ T4314] ext4_ioctl+0x38b8/0x6ef0 [ 35.829616][ T4314] __arm64_sys_ioctl+0x14c/0x1c8 [ 35.830835][ T4314] invoke_syscall+0x98/0x2c0 [ 35.831996][ T4314] el0_svc_common+0x138/0x258 [ 35.833200][ T4314] do_el0_svc+0x64/0x218 [ 35.834321][ T4314] el0_svc+0x58/0x168 [ 35.835406][ T4314] el0t_64_sync_handler+0x84/0xf0 [ 35.836759][ T4314] el0t_64_sync+0x18c/0x190 [ 35.837921][ T4314] [ 35.837921][ T4314] other info that might help us debug this: [ 35.837921][ T4314] [ 35.840302][ T4314] Chain exists of: [ 35.840302][ T4314] &sb->s_type->i_mutex_key#9 --> &journal->j_barrier --> &journal->j_checkpoint_mutex [ 35.840302][ T4314] [ 35.843854][ T4314] Possible unsafe locking scenario: [ 35.843854][ T4314] [ 35.845591][ T4314] CPU0 CPU1 [ 35.846863][ T4314] ---- ---- [ 35.847994][ T4314] lock(&journal->j_checkpoint_mutex); [ 35.849298][ T4314] lock(&journal->j_barrier); [ 35.850920][ T4314] lock(&journal->j_checkpoint_mutex); [ 35.852794][ T4314] lock(&sb->s_type->i_mutex_key#9); [ 35.854115][ T4314] [ 35.854115][ T4314] *** DEADLOCK *** [ 35.854115][ T4314] [ 35.855945][ T4314] 2 locks held by syz-executor142/4314: [ 35.857294][ T4314] #0: ffff0000d5e1c170 (&journal->j_barrier){+.+.}-{3:3}, at: jbd2_journal_lock_updates+0x260/0x324 [ 35.859829][ T4314] #1: ffff0000d5e1c3f8 (&journal->j_checkpoint_mutex){+.+.}-{3:3}, at: jbd2_journal_flush+0x28c/0xa60 [ 35.862397][ T4314] [ 35.862397][ T4314] stack backtrace: [ 35.863817][ T4314] CPU: 0 PID: 4314 Comm: syz-executor142 Not tainted 6.1.15-syzkaller #0 [ 35.865814][ T4314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023 [ 35.868034][ T4314] Call trace: [ 35.868752][ T4314] dump_backtrace+0x1c8/0x1f4 [ 35.869876][ T4314] show_stack+0x2c/0x3c [ 35.870803][ T4314] dump_stack_lvl+0x108/0x170 [ 35.871967][ T4314] dump_stack+0x1c/0x58 [ 35.872910][ T4314] print_circular_bug+0x150/0x1b8 [ 35.874062][ T4314] check_noncircular+0x2cc/0x378 [ 35.875232][ T4314] __lock_acquire+0x3338/0x764c [ 35.876498][ T4314] lock_acquire+0x2f8/0x8dc [ 35.877573][ T4314] down_read+0x5c/0x78 [ 35.878568][ T4314] ext4_bmap+0x58/0x35c [ 35.879562][ T4314] bmap+0xa8/0xe8 [ 35.880425][ T4314] jbd2_journal_flush+0x4c0/0xa60 [ 35.881851][ T4314] ext4_ioctl+0x38b8/0x6ef0 [ 35.882944][ T4314] __arm64_sys_ioctl+0x14c/0x1c8 [ 35.884286][ T4314] invoke_syscall+0x98/0x2c0 [ 35.885377][ T4314] el0_svc_common+0x138/0x258 [ 35.886500][ T4314] do_el0_svc+0x64/0x218 [ 35.887414][ T4314] el0_svc+0x58/0x168 [ 35.888324][ T4314] el0t_64_sync_handler+0x84/0xf0 [ 35.889521][ T4314] el0t_64_sync+0x18c/0x190