Warning: Permanently added '10.128.10.11' (ECDSA) to the list of known hosts. executing program [ 61.450098][ T3542] [ 61.452446][ T3542] ====================================================== [ 61.459455][ T3542] WARNING: possible circular locking dependency detected [ 61.466462][ T3542] 6.1.34-syzkaller #0 Not tainted [ 61.471487][ T3542] ------------------------------------------------------ [ 61.478502][ T3542] syz-executor122/3542 is trying to acquire lock: [ 61.484902][ T3542] ffff888012b70400 (&sb->s_type->i_mutex_key#8){++++}-{3:3}, at: ext4_bmap+0x4b/0x410 [ 61.494482][ T3542] [ 61.494482][ T3542] but task is already holding lock: [ 61.501831][ T3542] ffff88814b7c43f8 (&journal->j_checkpoint_mutex){+.+.}-{3:3}, at: jbd2_journal_flush+0x323/0xc40 [ 61.512445][ T3542] [ 61.512445][ T3542] which lock already depends on the new lock. [ 61.512445][ T3542] [ 61.522919][ T3542] [ 61.522919][ T3542] the existing dependency chain (in reverse order) is: [ 61.531937][ T3542] [ 61.531937][ T3542] -> #3 (&journal->j_checkpoint_mutex){+.+.}-{3:3}: [ 61.540708][ T3542] lock_acquire+0x1f8/0x5a0 [ 61.545724][ T3542] __mutex_lock_common+0x1d4/0x2520 [ 61.551458][ T3542] mutex_lock_io_nested+0x43/0x60 [ 61.557002][ T3542] jbd2_journal_flush+0x29b/0xc40 [ 61.562546][ T3542] ext4_ioctl+0x39e0/0x5f70 [ 61.567579][ T3542] __se_sys_ioctl+0xf1/0x160 [ 61.572694][ T3542] do_syscall_64+0x3d/0xb0 [ 61.577639][ T3542] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 61.584067][ T3542] [ 61.584067][ T3542] -> #2 (&journal->j_barrier){+.+.}-{3:3}: [ 61.592328][ T3542] lock_acquire+0x1f8/0x5a0 [ 61.597378][ T3542] __mutex_lock_common+0x1d4/0x2520 [ 61.603104][ T3542] mutex_lock_nested+0x17/0x20 [ 61.608396][ T3542] jbd2_journal_lock_updates+0x2a8/0x370 [ 61.614563][ T3542] ext4_change_inode_journal_flag+0x1a8/0x6e0 [ 61.621164][ T3542] ext4_fileattr_set+0xe04/0x1770 [ 61.626709][ T3542] vfs_fileattr_set+0x8f3/0xd30 [ 61.632079][ T3542] do_vfs_ioctl+0x1cd1/0x2a90 [ 61.637279][ T3542] __se_sys_ioctl+0x81/0x160 [ 61.642391][ T3542] do_syscall_64+0x3d/0xb0 [ 61.647330][ T3542] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 61.653748][ T3542] [ 61.653748][ T3542] -> #1 (&sbi->s_writepages_rwsem){++++}-{0:0}: [ 61.662192][ T3542] lock_acquire+0x1f8/0x5a0 [ 61.667228][ T3542] percpu_down_write+0x50/0x2e0 [ 61.672617][ T3542] ext4_ind_migrate+0x254/0x760 [ 61.678019][ T3542] ext4_fileattr_set+0xe9b/0x1770 [ 61.683574][ T3542] vfs_fileattr_set+0x8f3/0xd30 [ 61.688961][ T3542] do_vfs_ioctl+0x1cd1/0x2a90 [ 61.694160][ T3542] __se_sys_ioctl+0x81/0x160 [ 61.699271][ T3542] do_syscall_64+0x3d/0xb0 [ 61.704235][ T3542] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 61.710672][ T3542] [ 61.710672][ T3542] -> #0 (&sb->s_type->i_mutex_key#8){++++}-{3:3}: [ 61.719293][ T3542] validate_chain+0x1667/0x58e0 [ 61.724684][ T3542] __lock_acquire+0x125b/0x1f80 [ 61.730085][ T3542] lock_acquire+0x1f8/0x5a0 [ 61.735136][ T3542] down_read+0x43/0x2e0 [ 61.739836][ T3542] ext4_bmap+0x4b/0x410 [ 61.744521][ T3542] bmap+0xa1/0xd0 [ 61.748692][ T3542] jbd2_journal_flush+0x5b5/0xc40 [ 61.754245][ T3542] ext4_ioctl+0x39e0/0x5f70 [ 61.759278][ T3542] __se_sys_ioctl+0xf1/0x160 [ 61.764396][ T3542] do_syscall_64+0x3d/0xb0 [ 61.769348][ T3542] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 61.775766][ T3542] [ 61.775766][ T3542] other info that might help us debug this: [ 61.775766][ T3542] [ 61.786008][ T3542] Chain exists of: [ 61.786008][ T3542] &sb->s_type->i_mutex_key#8 --> &journal->j_barrier --> &journal->j_checkpoint_mutex [ 61.786008][ T3542] [ 61.801509][ T3542] Possible unsafe locking scenario: [ 61.801509][ T3542] [ 61.808961][ T3542] CPU0 CPU1 [ 61.814411][ T3542] ---- ---- [ 61.819776][ T3542] lock(&journal->j_checkpoint_mutex); [ 61.825328][ T3542] lock(&journal->j_barrier); [ 61.832614][ T3542] lock(&journal->j_checkpoint_mutex); [ 61.840681][ T3542] lock(&sb->s_type->i_mutex_key#8); [ 61.846076][ T3542] [ 61.846076][ T3542] *** DEADLOCK *** [ 61.846076][ T3542] [ 61.854242][ T3542] 2 locks held by syz-executor122/3542: [ 61.859802][ T3542] #0: ffff88814b7c4170 (&journal->j_barrier){+.+.}-{3:3}, at: jbd2_journal_lock_updates+0x2a8/0x370 [ 61.870708][ T3542] #1: ffff88814b7c43f8 (&journal->j_checkpoint_mutex){+.+.}-{3:3}, at: jbd2_journal_flush+0x323/0xc40 [ 61.882231][ T3542] [ 61.882231][ T3542] stack backtrace: [ 61.888123][ T3542] CPU: 1 PID: 3542 Comm: syz-executor122 Not tainted 6.1.34-syzkaller #0 [ 61.896563][ T3542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 [ 61.906640][ T3542] Call Trace: [ 61.909946][ T3542] [ 61.912901][ T3542] dump_stack_lvl+0x1e3/0x2cb [ 61.917606][ T3542] ? nf_tcp_handle_invalid+0x642/0x642 [ 61.923084][ T3542] ? print_circular_bug+0x12b/0x1a0 [ 61.928295][ T3542] check_noncircular+0x2fa/0x3b0 [ 61.933239][ T3542] ? add_chain_block+0x850/0x850 [ 61.938194][ T3542] ? lockdep_lock+0x11f/0x2a0 [ 61.942976][ T3542] ? _find_first_zero_bit+0xd0/0x100 [ 61.948275][ T3542] validate_chain+0x1667/0x58e0 [ 61.953171][ T3542] ? reacquire_held_locks+0x660/0x660 [ 61.958565][ T3542] ? __schedule+0x1334/0x4330 [ 61.963261][ T3542] ? reacquire_held_locks+0x660/0x660 [ 61.968657][ T3542] ? mark_lock+0x9a/0x340 [ 61.973017][ T3542] ? release_firmware_map_entry+0x185/0x185 [ 61.978947][ T3542] ? mark_lock+0x9a/0x340 [ 61.983288][ T3542] __lock_acquire+0x125b/0x1f80 [ 61.988170][ T3542] lock_acquire+0x1f8/0x5a0 [ 61.992703][ T3542] ? ext4_bmap+0x4b/0x410 [ 61.997050][ T3542] ? read_lock_is_recursive+0x10/0x10 [ 62.002437][ T3542] ? __might_sleep+0xb0/0xb0 [ 62.007047][ T3542] ? jbd2_journal_flush+0x374/0xc40 [ 62.012269][ T3542] ? ext4_journalled_write_end+0xec0/0xec0 [ 62.018094][ T3542] down_read+0x43/0x2e0 [ 62.022274][ T3542] ? ext4_bmap+0x4b/0x410 [ 62.026609][ T3542] ? ext4_journalled_write_end+0xec0/0xec0 [ 62.032430][ T3542] ext4_bmap+0x4b/0x410 [ 62.036605][ T3542] ? ext4_journalled_write_end+0xec0/0xec0 [ 62.042429][ T3542] bmap+0xa1/0xd0 [ 62.046091][ T3542] jbd2_journal_flush+0x5b5/0xc40 [ 62.051153][ T3542] ? jbd2_journal_lock_updates+0x2a8/0x370 [ 62.056985][ T3542] ? __bpf_trace_jbd2_shrink_checkpoint_list+0x50/0x50 [ 62.063932][ T3542] ? bpf_lsm_capable+0x5/0x10 [ 62.068631][ T3542] ? security_capable+0x86/0xb0 [ 62.073512][ T3542] ext4_ioctl+0x39e0/0x5f70 [ 62.078031][ T3542] ? kasan_set_track+0x4b/0x70 [ 62.082820][ T3542] ? security_file_ioctl+0x6d/0xa0 [ 62.087954][ T3542] ? __se_sys_ioctl+0x47/0x160 [ 62.092728][ T3542] ? do_syscall_64+0x3d/0xb0 [ 62.097350][ T3542] ? ext4_fileattr_set+0x1770/0x1770 [ 62.102657][ T3542] ? do_vfs_ioctl+0x1ab2/0x2a90 [ 62.107531][ T3542] ? __x64_compat_sys_ioctl+0x80/0x80 [ 62.112915][ T3542] ? __lock_acquire+0x1f80/0x1f80 [ 62.117963][ T3542] ? lockdep_hardirqs_on+0x94/0x130 [ 62.123201][ T3542] ? __kmem_cache_free+0x25c/0x3c0 [ 62.128340][ T3542] ? tomoyo_path_number_perm+0x5f4/0x7b0 [ 62.134071][ T3542] ? tomoyo_path_number_perm+0x657/0x7b0 [ 62.139711][ T3542] ? print_irqtrace_events+0x210/0x210 [ 62.145177][ T3542] ? tomoyo_check_path_acl+0x1c0/0x1c0 [ 62.150729][ T3542] ? lockdep_hardirqs_on+0x94/0x130 [ 62.155941][ T3542] ? kmem_cache_free+0x292/0x510 [ 62.160885][ T3542] ? do_sys_openat2+0x42b/0x500 [ 62.165753][ T3542] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 62.171738][ T3542] ? print_irqtrace_events+0x210/0x210 [ 62.177202][ T3542] ? print_irqtrace_events+0x210/0x210 [ 62.182668][ T3542] ? bpf_lsm_file_ioctl+0x5/0x10 [ 62.187614][ T3542] ? security_file_ioctl+0x7d/0xa0 [ 62.192727][ T3542] ? ext4_fileattr_set+0x1770/0x1770 [ 62.198017][ T3542] __se_sys_ioctl+0xf1/0x160 [ 62.202609][ T3542] do_syscall_64+0x3d/0xb0 [ 62.207036][ T3542] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 62.212938][ T3542] RIP: 0033:0x7f918a2a6059 [ 62.217359][ T3542] Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 62.236970][ T3542] RSP: 002b:00007ffda445ac48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 62.245392][ T3542] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f918a2a6059 [