Warning: Permanently added '10.128.0.55' (ED25519) to the list of known hosts. executing program [ 42.474509][ T3502] [ 42.476836][ T3502] ====================================================== [ 42.483909][ T3502] WARNING: possible circular locking dependency detected [ 42.490896][ T3502] 5.15.146-syzkaller #0 Not tainted [ 42.496062][ T3502] ------------------------------------------------------ [ 42.503048][ T3502] syz-executor261/3502 is trying to acquire lock: [ 42.509428][ T3502] ffff888024dc4170 (&journal->j_barrier){+.+.}-{3:3}, at: jbd2_journal_lock_updates+0x2aa/0x370 [ 42.519952][ T3502] [ 42.519952][ T3502] but task is already holding lock: [ 42.527296][ T3502] ffff888024dc2bd8 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_change_inode_journal_flag+0x1a0/0x6e0 [ 42.538602][ T3502] [ 42.538602][ T3502] which lock already depends on the new lock. [ 42.538602][ T3502] [ 42.548978][ T3502] [ 42.548978][ T3502] the existing dependency chain (in reverse order) is: [ 42.557976][ T3502] [ 42.557976][ T3502] -> #4 (&sbi->s_writepages_rwsem){++++}-{0:0}: [ 42.566370][ T3502] lock_acquire+0x1db/0x4f0 [ 42.571367][ T3502] percpu_down_write+0x52/0x2d0 [ 42.576713][ T3502] ext4_change_inode_journal_flag+0x1a0/0x6e0 [ 42.583291][ T3502] ext4_fileattr_set+0xdf4/0x1750 [ 42.588806][ T3502] vfs_fileattr_set+0x8f3/0xd30 [ 42.594147][ T3502] do_vfs_ioctl+0x1d85/0x2b70 [ 42.599403][ T3502] __se_sys_ioctl+0x81/0x160 [ 42.604485][ T3502] do_syscall_64+0x3d/0xb0 [ 42.609396][ T3502] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 42.615782][ T3502] [ 42.615782][ T3502] -> #3 (mapping.invalidate_lock){++++}-{3:3}: [ 42.624084][ T3502] lock_acquire+0x1db/0x4f0 [ 42.629087][ T3502] down_write+0x97/0x170 [ 42.633833][ T3502] ext4_setattr+0xd6c/0x1990 [ 42.638915][ T3502] notify_change+0xc6d/0xf50 [ 42.643997][ T3502] do_truncate+0x21c/0x300 [ 42.648909][ T3502] do_sys_ftruncate+0x2eb/0x390 [ 42.654262][ T3502] do_syscall_64+0x3d/0xb0 [ 42.659174][ T3502] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 42.665556][ T3502] [ 42.665556][ T3502] -> #2 (&sb->s_type->i_mutex_key#9){++++}-{3:3}: [ 42.674124][ T3502] lock_acquire+0x1db/0x4f0 [ 42.679119][ T3502] down_read+0x45/0x2e0 [ 42.683766][ T3502] ext4_bmap+0x4b/0x410 [ 42.688414][ T3502] bmap+0xa1/0xd0 [ 42.692538][ T3502] jbd2_journal_flush+0x7a2/0xc90 [ 42.698056][ T3502] ext4_ioctl+0x3249/0x5b80 [ 42.703052][ T3502] __se_sys_ioctl+0xf1/0x160 [ 42.708136][ T3502] do_syscall_64+0x3d/0xb0 [ 42.713045][ T3502] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 42.719517][ T3502] [ 42.719517][ T3502] -> #1 (&journal->j_checkpoint_mutex){+.+.}-{3:3}: [ 42.728256][ T3502] lock_acquire+0x1db/0x4f0 [ 42.733255][ T3502] __mutex_lock_common+0x1da/0x25a0 [ 42.738947][ T3502] mutex_lock_io_nested+0x45/0x60 [ 42.744462][ T3502] jbd2_journal_flush+0x290/0xc90 [ 42.749978][ T3502] ext4_ioctl+0x3249/0x5b80 [ 42.754972][ T3502] __se_sys_ioctl+0xf1/0x160 [ 42.760055][ T3502] do_syscall_64+0x3d/0xb0 [ 42.764977][ T3502] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 42.771361][ T3502] [ 42.771361][ T3502] -> #0 (&journal->j_barrier){+.+.}-{3:3}: [ 42.779317][ T3502] validate_chain+0x1649/0x5930 [ 42.784660][ T3502] __lock_acquire+0x1295/0x1ff0 [ 42.790001][ T3502] lock_acquire+0x1db/0x4f0 [ 42.795004][ T3502] __mutex_lock_common+0x1da/0x25a0 [ 42.800693][ T3502] mutex_lock_nested+0x17/0x20 [ 42.805946][ T3502] jbd2_journal_lock_updates+0x2aa/0x370 [ 42.812072][ T3502] ext4_change_inode_journal_flag+0x1a8/0x6e0 [ 42.818631][ T3502] ext4_fileattr_set+0xdf4/0x1750 [ 42.824145][ T3502] vfs_fileattr_set+0x8f3/0xd30 [ 42.829486][ T3502] do_vfs_ioctl+0x1d85/0x2b70 [ 42.834654][ T3502] __se_sys_ioctl+0x81/0x160 [ 42.839743][ T3502] do_syscall_64+0x3d/0xb0 [ 42.844650][ T3502] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 42.851050][ T3502] [ 42.851050][ T3502] other info that might help us debug this: [ 42.851050][ T3502] [ 42.861269][ T3502] Chain exists of: [ 42.861269][ T3502] &journal->j_barrier --> mapping.invalidate_lock --> &sbi->s_writepages_rwsem [ 42.861269][ T3502] [ 42.876088][ T3502] Possible unsafe locking scenario: [ 42.876088][ T3502] [ 42.883508][ T3502] CPU0 CPU1 [ 42.888844][ T3502] ---- ---- [ 42.894178][ T3502] lock(&sbi->s_writepages_rwsem); [ 42.899348][ T3502] lock(mapping.invalidate_lock); [ 42.906946][ T3502] lock(&sbi->s_writepages_rwsem); [ 42.914629][ T3502] lock(&journal->j_barrier); [ 42.919361][ T3502] [ 42.919361][ T3502] *** DEADLOCK *** [ 42.919361][ T3502] [ 42.927474][ T3502] 4 locks held by syz-executor261/3502: [ 42.932986][ T3502] #0: ffff888024dc0460 (sb_writers#5){.+.+}-{0:0}, at: mnt_want_write_file+0x5a/0x1f0 [ 42.942713][ T3502] #1: ffff888074a93fc0 (&sb->s_type->i_mutex_key#9){++++}-{3:3}, at: vfs_fileattr_set+0x135/0xd30 [ 42.953397][ T3502] #2: ffff888074a94160 (mapping.invalidate_lock){++++}-{3:3}, at: ext4_change_inode_journal_flag+0x115/0x6e0 [ 42.965014][ T3502] #3: ffff888024dc2bd8 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_change_inode_journal_flag+0x1a0/0x6e0 [ 42.976714][ T3502] [ 42.976714][ T3502] stack backtrace: [ 42.982573][ T3502] CPU: 1 PID: 3502 Comm: syz-executor261 Not tainted 5.15.146-syzkaller #0 [ 42.991130][ T3502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 43.001156][ T3502] Call Trace: [ 43.004414][ T3502] [ 43.007320][ T3502] dump_stack_lvl+0x1e3/0x2cb [ 43.011972][ T3502] ? io_uring_drop_tctx_refs+0x19d/0x19d [ 43.017580][ T3502] ? print_circular_bug+0x12b/0x1a0 [ 43.022839][ T3502] check_noncircular+0x2f8/0x3b0 [ 43.027759][ T3502] ? add_chain_block+0x850/0x850 [ 43.032669][ T3502] ? lockdep_lock+0x11f/0x2a0 [ 43.037497][ T3502] ? validate_chain+0x112/0x5930 [ 43.042408][ T3502] validate_chain+0x1649/0x5930 [ 43.047336][ T3502] ? reacquire_held_locks+0x660/0x660 [ 43.052699][ T3502] ? lockdep_unlock+0x166/0x300 [ 43.057582][ T3502] ? lockdep_lock+0x2a0/0x2a0 [ 43.062247][ T3502] ? lockdep_unlock+0x166/0x300 [ 43.067076][ T3502] ? reacquire_held_locks+0x660/0x660 [ 43.072429][ T3502] ? validate_chain+0x13bd/0x5930 [ 43.077435][ T3502] ? mark_lock+0x98/0x340 [ 43.081747][ T3502] ? mark_lock+0x98/0x340 [ 43.086093][ T3502] __lock_acquire+0x1295/0x1ff0 [ 43.090949][ T3502] lock_acquire+0x1db/0x4f0 [ 43.095445][ T3502] ? jbd2_journal_lock_updates+0x2aa/0x370 [ 43.101321][ T3502] ? read_lock_is_recursive+0x10/0x10 [ 43.106753][ T3502] ? __might_sleep+0xc0/0xc0 [ 43.111333][ T3502] ? print_irqtrace_events+0x210/0x210 [ 43.116781][ T3502] ? lockdep_hardirqs_off+0x70/0x100 [ 43.122044][ T3502] ? do_raw_spin_unlock+0x137/0x8b0 [ 43.127227][ T3502] __mutex_lock_common+0x1da/0x25a0 [ 43.132416][ T3502] ? jbd2_journal_lock_updates+0x2aa/0x370 [ 43.138201][ T3502] ? jbd2_journal_lock_updates+0x2aa/0x370 [ 43.143985][ T3502] ? jbd2_journal_lock_updates+0x299/0x370 [ 43.149778][ T3502] ? jbd2_journal_wait_updates+0x268/0x2d0 [ 43.155572][ T3502] ? mutex_lock_io_nested+0x60/0x60 [ 43.160777][ T3502] ? do_raw_read_unlock+0x70/0x70 [ 43.165779][ T3502] ? rcu_sync_func+0xaa/0x210 [ 43.170439][ T3502] mutex_lock_nested+0x17/0x20 [ 43.175207][ T3502] jbd2_journal_lock_updates+0x2aa/0x370 [ 43.180824][ T3502] ? jbd2_journal_wait_updates+0x2d0/0x2d0 [ 43.186609][ T3502] ? down_write+0x10e/0x170 [ 43.191097][ T3502] ? cpumask_next+0xc3/0xf0 [ 43.195581][ T3502] ? percpu_down_write+0x1ea/0x2d0 [ 43.200672][ T3502] ext4_change_inode_journal_flag+0x1a8/0x6e0 [ 43.206719][ T3502] ext4_fileattr_set+0xdf4/0x1750 [ 43.211720][ T3502] ? ext4_fileattr_get+0x200/0x200 [ 43.216811][ T3502] ? memset+0x1f/0x40 [ 43.220767][ T3502] ? fileattr_fill_flags+0x1d0/0x300 [ 43.226023][ T3502] ? fscrypt_prepare_setflags+0x5d/0x220 [ 43.231629][ T3502] vfs_fileattr_set+0x8f3/0xd30 [ 43.236478][ T3502] ? copy_fsxattr_to_user+0x3a0/0x3a0 [ 43.241833][ T3502] do_vfs_ioctl+0x1d85/0x2b70 [ 43.246497][ T3502] ? __x64_compat_sys_ioctl+0x80/0x80 [ 43.251843][ T3502] ? __lock_acquire+0x1ff0/0x1ff0 [ 43.256844][ T3502] ? slab_free_freelist_hook+0xdd/0x160 [ 43.262368][ T3502] ? tomoyo_path_number_perm+0x648/0x810 [ 43.267974][ T3502] ? kfree+0xf1/0x270 [ 43.271931][ T3502] ? tomoyo_path_number_perm+0x6ab/0x810 [ 43.277539][ T3502] ? tomoyo_check_path_acl+0x1c0/0x1c0 [ 43.282976][ T3502] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 43.288930][ T3502] ? print_irqtrace_events+0x210/0x210 [ 43.294362][ T3502] ? vtime_user_exit+0x2d1/0x400 [ 43.299273][ T3502] ? bpf_lsm_file_ioctl+0x5/0x10 [ 43.304185][ T3502] ? security_file_ioctl+0x7d/0xa0 [ 43.309271][ T3502] __se_sys_ioctl+0x81/0x160 [ 43.313836][ T3502] do_syscall_64+0x3d/0xb0 [ 43.318228][ T3502] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 43.324093][ T3502] RIP: 0033:0x7fb234289369 [ 43.328483][ T3502] Code: 48 83 c4 28 c3 e8 37 17 00 00 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 43.348061][ T3502] RSP: 002b:00007ffde4a0c308 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 43.356452][ T3502] RAX: ffffffffffffffda RBX: 00007ffde4a0c4d8 RCX: 00007fb234289369 [ 43.364415][ T3502] RDX: 0000000020000180 RSI: 0000000040086602 RDI: 0000000000000004 [ 43.372360][ T3502] RBP: 00007fb2342fc610 R08: 00007ffde4a0c4d8 R09