Warning: Permanently added '10.128.1.13' (ED25519) to the list of known hosts. executing program [ 52.921030][ T3541] [ 52.923399][ T3541] ====================================================== [ 52.930417][ T3541] WARNING: possible circular locking dependency detected [ 52.937438][ T3541] 6.1.82-syzkaller #0 Not tainted [ 52.942467][ T3541] ------------------------------------------------------ [ 52.950349][ T3541] syz-executor239/3541 is trying to acquire lock: [ 52.956751][ T3541] ffff88814bd24170 (&journal->j_barrier){+.+.}-{3:3}, at: jbd2_journal_lock_updates+0x2b0/0x380 [ 52.967244][ T3541] [ 52.967244][ T3541] but task is already holding lock: [ 52.974621][ T3541] ffff88814bd22b98 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_change_inode_journal_flag+0x1a0/0x6e0 [ 52.986105][ T3541] [ 52.986105][ T3541] which lock already depends on the new lock. [ 52.986105][ T3541] [ 52.996812][ T3541] [ 52.996812][ T3541] the existing dependency chain (in reverse order) is: [ 53.005817][ T3541] [ 53.005817][ T3541] -> #4 (&sbi->s_writepages_rwsem){++++}-{0:0}: [ 53.014446][ T3541] lock_acquire+0x1f8/0x5a0 [ 53.019574][ T3541] percpu_down_write+0x50/0x2f0 [ 53.025495][ T3541] ext4_change_inode_journal_flag+0x1a0/0x6e0 [ 53.032117][ T3541] ext4_fileattr_set+0xe04/0x1770 [ 53.038064][ T3541] vfs_fileattr_set+0x8f3/0xd30 [ 53.043426][ T3541] do_vfs_ioctl+0x1cd1/0x2a90 [ 53.048640][ T3541] __se_sys_ioctl+0x81/0x160 [ 53.053910][ T3541] do_syscall_64+0x3d/0xb0 [ 53.059207][ T3541] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 53.065646][ T3541] [ 53.065646][ T3541] -> #3 (mapping.invalidate_lock){++++}-{3:3}: [ 53.074024][ T3541] lock_acquire+0x1f8/0x5a0 [ 53.079063][ T3541] down_write+0x36/0x60 [ 53.083836][ T3541] ext4_setattr+0xec7/0x1a00 [ 53.088998][ T3541] notify_change+0xce3/0xfc0 [ 53.094158][ T3541] do_truncate+0x21c/0x300 [ 53.099366][ T3541] do_sys_ftruncate+0x2e2/0x380 [ 53.104767][ T3541] do_syscall_64+0x3d/0xb0 [ 53.109790][ T3541] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 53.116197][ T3541] [ 53.116197][ T3541] -> #2 (&sb->s_type->i_mutex_key#8){++++}-{3:3}: [ 53.124887][ T3541] lock_acquire+0x1f8/0x5a0 [ 53.130109][ T3541] down_read+0xad/0xa30 [ 53.134783][ T3541] ext4_bmap+0x4b/0x410 [ 53.139469][ T3541] bmap+0xa1/0xd0 [ 53.143636][ T3541] jbd2_journal_flush+0x5b5/0xc40 [ 53.149471][ T3541] ext4_ioctl+0x3986/0x5f60 [ 53.154513][ T3541] __se_sys_ioctl+0xf1/0x160 [ 53.160685][ T3541] do_syscall_64+0x3d/0xb0 [ 53.165628][ T3541] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 53.175321][ T3541] [ 53.175321][ T3541] -> #1 (&journal->j_checkpoint_mutex){+.+.}-{3:3}: [ 53.184635][ T3541] lock_acquire+0x1f8/0x5a0 [ 53.190032][ T3541] mutex_lock_io_nested+0x134/0xab0 [ 53.196796][ T3541] jbd2_journal_flush+0x29b/0xc40 [ 53.203111][ T3541] ext4_ioctl+0x3986/0x5f60 [ 53.208158][ T3541] __se_sys_ioctl+0xf1/0x160 [ 53.213308][ T3541] do_syscall_64+0x3d/0xb0 [ 53.218445][ T3541] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 53.225060][ T3541] [ 53.225060][ T3541] -> #0 (&journal->j_barrier){+.+.}-{3:3}: [ 53.233248][ T3541] validate_chain+0x1661/0x5950 [ 53.238647][ T3541] __lock_acquire+0x125b/0x1f80 [ 53.244173][ T3541] lock_acquire+0x1f8/0x5a0 [ 53.250339][ T3541] __mutex_lock+0x132/0xd80 [ 53.255392][ T3541] jbd2_journal_lock_updates+0x2b0/0x380 [ 53.261531][ T3541] ext4_change_inode_journal_flag+0x1a8/0x6e0 [ 53.268128][ T3541] ext4_fileattr_set+0xe04/0x1770 [ 53.273769][ T3541] vfs_fileattr_set+0x8f3/0xd30 [ 53.279171][ T3541] do_vfs_ioctl+0x1cd1/0x2a90 [ 53.284397][ T3541] __se_sys_ioctl+0x81/0x160 [ 53.289519][ T3541] do_syscall_64+0x3d/0xb0 [ 53.295773][ T3541] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 53.302389][ T3541] [ 53.302389][ T3541] other info that might help us debug this: [ 53.302389][ T3541] [ 53.313079][ T3541] Chain exists of: [ 53.313079][ T3541] &journal->j_barrier --> mapping.invalidate_lock --> &sbi->s_writepages_rwsem [ 53.313079][ T3541] [ 53.327935][ T3541] Possible unsafe locking scenario: [ 53.327935][ T3541] [ 53.335470][ T3541] CPU0 CPU1 [ 53.341082][ T3541] ---- ---- [ 53.346447][ T3541] lock(&sbi->s_writepages_rwsem); [ 53.351661][ T3541] lock(mapping.invalidate_lock); [ 53.359564][ T3541] lock(&sbi->s_writepages_rwsem); [ 53.367394][ T3541] lock(&journal->j_barrier); [ 53.372202][ T3541] [ 53.372202][ T3541] *** DEADLOCK *** [ 53.372202][ T3541] [ 53.381034][ T3541] 4 locks held by syz-executor239/3541: [ 53.387443][ T3541] #0: ffff88814bd20460 (sb_writers#4){.+.+}-{0:0}, at: mnt_want_write_file+0x5a/0x1f0 [ 53.397996][ T3541] #1: ffff88807398de48 (&sb->s_type->i_mutex_key#8){++++}-{3:3}, at: vfs_fileattr_set+0x135/0xd30 [ 53.409407][ T3541] #2: ffff88807398dfe8 (mapping.invalidate_lock){++++}-{3:3}, at: ext4_change_inode_journal_flag+0x115/0x6e0 [ 53.422134][ T3541] #3: ffff88814bd22b98 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_change_inode_journal_flag+0x1a0/0x6e0 [ 53.434333][ T3541] [ 53.434333][ T3541] stack backtrace: [ 53.440489][ T3541] CPU: 1 PID: 3541 Comm: syz-executor239 Not tainted 6.1.82-syzkaller #0 [ 53.449008][ T3541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024 [ 53.459051][ T3541] Call Trace: [ 53.462503][ T3541] [ 53.465419][ T3541] dump_stack_lvl+0x1e3/0x2cb [ 53.470115][ T3541] ? nf_tcp_handle_invalid+0x642/0x642 [ 53.475589][ T3541] ? print_circular_bug+0x12b/0x1a0 [ 53.480798][ T3541] check_noncircular+0x2fa/0x3b0 [ 53.485830][ T3541] ? lockdep_lock+0x2a0/0x2a0 [ 53.490529][ T3541] ? add_chain_block+0x850/0x850 [ 53.495475][ T3541] ? lockdep_lock+0x11f/0x2a0 [ 53.500137][ T3541] ? validate_chain+0x112/0x5950 [ 53.505065][ T3541] ? _find_first_zero_bit+0xd0/0x100 [ 53.510357][ T3541] validate_chain+0x1661/0x5950 [ 53.515336][ T3541] ? lockdep_unlock+0x165/0x300 [ 53.520282][ T3541] ? reacquire_held_locks+0x660/0x660 [ 53.525659][ T3541] ? validate_chain+0x13ce/0x5950 [ 53.530858][ T3541] ? mark_lock+0x9a/0x340 [ 53.535701][ T3541] ? __lock_acquire+0x125b/0x1f80 [ 53.540733][ T3541] ? mark_lock+0x9a/0x340 [ 53.545057][ T3541] __lock_acquire+0x125b/0x1f80 [ 53.549899][ T3541] lock_acquire+0x1f8/0x5a0 [ 53.554391][ T3541] ? jbd2_journal_lock_updates+0x2b0/0x380 [ 53.560221][ T3541] ? read_lock_is_recursive+0x10/0x10 [ 53.565670][ T3541] ? __might_sleep+0xb0/0xb0 [ 53.570418][ T3541] ? do_raw_spin_unlock+0x137/0x8a0 [ 53.576052][ T3541] ? lockdep_hardirqs_on+0x94/0x130 [ 53.581237][ T3541] __mutex_lock+0x132/0xd80 [ 53.585998][ T3541] ? jbd2_journal_lock_updates+0x2b0/0x380 [ 53.591832][ T3541] ? jbd2_journal_lock_updates+0x29f/0x380 [ 53.597752][ T3541] ? jbd2_journal_lock_updates+0x2b0/0x380 [ 53.603741][ T3541] ? __lock_acquire+0x1f80/0x1f80 [ 53.608784][ T3541] ? mutex_lock_nested+0x10/0x10 [ 53.613739][ T3541] ? do_raw_read_unlock+0x70/0x70 [ 53.618950][ T3541] ? rcu_sync_enter+0x202/0x340 [ 53.623897][ T3541] jbd2_journal_lock_updates+0x2b0/0x380 [ 53.629611][ T3541] ? jbd2_journal_wait_updates+0x2d0/0x2d0 [ 53.635416][ T3541] ? rcu_is_watching+0x11/0xb0 [ 53.640179][ T3541] ? _find_next_bit+0x11b/0x120 [ 53.645159][ T3541] ? percpu_down_write+0x2b7/0x2f0 [ 53.650281][ T3541] ? rcu_is_watching+0x11/0xb0 [ 53.655068][ T3541] ext4_change_inode_journal_flag+0x1a8/0x6e0 [ 53.661410][ T3541] ext4_fileattr_set+0xe04/0x1770 [ 53.666461][ T3541] ? ext4_fileattr_get+0x200/0x200 [ 53.671570][ T3541] ? rwsem_write_trylock+0x166/0x210 [ 53.676848][ T3541] ? clear_nonspinnable+0x60/0x60 [ 53.681891][ T3541] ? memset+0x1f/0x40 [ 53.685884][ T3541] ? fileattr_fill_flags+0x1d0/0x300 [ 53.691201][ T3541] ? fscrypt_prepare_setflags+0x5d/0x220 [ 53.696838][ T3541] vfs_fileattr_set+0x8f3/0xd30 [ 53.701704][ T3541] ? copy_fsxattr_to_user+0x3a0/0x3a0 [ 53.707164][ T3541] do_vfs_ioctl+0x1cd1/0x2a90 [ 53.711836][ T3541] ? __x64_compat_sys_ioctl+0x80/0x80 [ 53.717205][ T3541] ? __lock_acquire+0x1f80/0x1f80 [ 53.722223][ T3541] ? lockdep_hardirqs_on+0x94/0x130 [ 53.727522][ T3541] ? __kmem_cache_free+0x25c/0x3c0 [ 53.732630][ T3541] ? tomoyo_path_number_perm+0x61b/0x7f0 [ 53.738289][ T3541] ? tomoyo_path_number_perm+0x68a/0x7f0 [ 53.744206][ T3541] ? tomoyo_path_number_perm+0x1f2/0x7f0 [ 53.749929][ T3541] ? tomoyo_check_path_acl+0x1c0/0x1c0 [ 53.755402][ T3541] ? lockdep_hardirqs_on+0x94/0x130 [ 53.760610][ T3541] ? kmem_cache_free+0x292/0x510 [ 53.765545][ T3541] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 53.771519][ T3541] ? print_irqtrace_events+0x210/0x210 [ 53.776966][ T3541] ? print_irqtrace_events+0x210/0x210 [ 53.782439][ T3541] ? bpf_lsm_file_ioctl+0x5/0x10 [ 53.787656][ T3541] ? security_file_ioctl+0x7d/0xa0 [ 53.793076][ T3541] __se_sys_ioctl+0x81/0x160 [ 53.797675][ T3541] do_syscall_64+0x3d/0xb0 [ 53.802103][ T3541] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 53.808051][ T3541] RIP: 0033:0x7fdffdbd4369 [ 53.812559][ T3541] Code: 48 83 c4 28 c3 e8 37 17 00 00 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 53.832257][ T3541] RSP: 002b:00007ffe446a1ee8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 53.840693][ T3541] RAX: ffffffffffffffda RBX: 0073746e6576652e RCX: 00007fdffdbd4369 [ 53.848658][ T3541] RDX: 0000000020000180 RSI: 0000000040086602 RDI: 0000000000000005 [ 53.856643][ T3541] RBP: 652e79726f6d656d R08: 00000000000ac5f8 R09: 00000000000ac5f8 [ 53.864610][ T3541] R10: 00000000000ac5f8 R11: 0000000000000246 R12: 0000000000000001 [ 53.872587][ T3541] R13: 00