Warning: Permanently added '10.128.1.86' (ECDSA) to the list of known hosts.
syzkaller login: [   51.323737][   T48] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   51.331812][   T48] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   51.339435][   T48] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   51.347885][   T48] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   51.355590][   T48] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   51.363259][   T48] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
executing program
[   51.414848][ T5064] 
[   51.417204][ T5064] ======================================================
[   51.424206][ T5064] WARNING: possible circular locking dependency detected
[   51.431209][ T5064] 6.2.0-syzkaller-12944-ge492250d5252 #0 Not tainted
[   51.437885][ T5064] ------------------------------------------------------
[   51.444883][ T5064] syz-executor653/5064 is trying to acquire lock:
[   51.451278][ T5064] ffff88814b4ea990 (jbd2_handle){++++}-{0:0}, at: jbd2_log_wait_commit+0x153/0x4a0
[   51.460589][ T5064] 
[   51.460589][ T5064] but task is already holding lock:
[   51.467939][ T5064] ffff88807419a218 (&type->i_mutex_dir_key#3/4){+.+.}-{3:3}, at: ext4_rename2+0x2633/0x4410
[   51.478021][ T5064] 
[   51.478021][ T5064] which lock already depends on the new lock.
[   51.478021][ T5064] 
[   51.488404][ T5064] 
[   51.488404][ T5064] the existing dependency chain (in reverse order) is:
[   51.497400][ T5064] 
[   51.497400][ T5064] -> #1 (&type->i_mutex_dir_key#3/4){+.+.}-{3:3}:
[   51.505991][ T5064]        lock_acquire+0x23e/0x630
[   51.511004][ T5064]        down_write_nested+0x3d/0x50
[   51.516280][ T5064]        ext4_rename2+0x2633/0x4410
[   51.521467][ T5064]        vfs_rename+0xb1b/0xfa0
[   51.526305][ T5064]        do_renameat2+0xb9b/0x13c0
[   51.531403][ T5064]        __x64_sys_renameat2+0xd2/0xe0
[   51.536853][ T5064]        do_syscall_64+0x41/0xc0
[   51.541798][ T5064]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   51.548208][ T5064] 
[   51.548208][ T5064] -> #0 (jbd2_handle){++++}-{0:0}:
[   51.555507][ T5064]        validate_chain+0x166b/0x58e0
[   51.560869][ T5064]        __lock_acquire+0x125b/0x1f80
[   51.566228][ T5064]        lock_acquire+0x23e/0x630
[   51.571242][ T5064]        jbd2_log_wait_commit+0x173/0x4a0
[   51.576948][ T5064]        jbd2_journal_stop+0x95b/0xf50
[   51.582393][ T5064]        __ext4_journal_stop+0xfc/0x1a0
[   51.587941][ T5064]        ext4_rename2+0x3c93/0x4410
[   51.593134][ T5064]        vfs_rename+0xb1b/0xfa0
[   51.597975][ T5064]        do_renameat2+0xb9b/0x13c0
[   51.603089][ T5064]        __x64_sys_renameat2+0xd2/0xe0
[   51.608534][ T5064]        do_syscall_64+0x41/0xc0
[   51.613463][ T5064]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   51.619866][ T5064] 
[   51.619866][ T5064] other info that might help us debug this:
[   51.619866][ T5064] 
[   51.630091][ T5064]  Possible unsafe locking scenario:
[   51.630091][ T5064] 
[   51.637522][ T5064]        CPU0                    CPU1
[   51.642878][ T5064]        ----                    ----
[   51.648228][ T5064]   lock(&type->i_mutex_dir_key#3/4);
[   51.653599][ T5064]                                lock(jbd2_handle);
[   51.660173][ T5064]                                lock(&type->i_mutex_dir_key#3/4);
[   51.668061][ T5064]   lock(jbd2_handle);
[   51.672116][ T5064] 
[   51.672116][ T5064]  *** DEADLOCK ***
[   51.672116][ T5064] 
[   51.680244][ T5064] 5 locks held by syz-executor653/5064:
[   51.685773][ T5064]  #0: ffff88814b4e6460 (sb_writers#4){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90
[   51.694916][ T5064]  #1: ffff88814b4e6748 (&type->s_vfs_rename_key){+.+.}-{3:3}, at: lock_rename+0x58/0x1a0
[   51.704832][ T5064]  #2: ffff888074198400 (&type->i_mutex_dir_key#3/1){+.+.}-{3:3}, at: lock_rename+0x13e/0x1a0
[   51.715104][ T5064]  #3: ffff888074199810 (&type->i_mutex_dir_key#3/2){+.+.}-{3:3}, at: lock_rename+0x172/0x1a0
[   51.725364][ T5064]  #4: ffff88807419a218 (&type->i_mutex_dir_key#3/4){+.+.}-{3:3}, at: ext4_rename2+0x2633/0x4410
[   51.735883][ T5064] 
[   51.735883][ T5064] stack backtrace:
[   51.741770][ T5064] CPU: 0 PID: 5064 Comm: syz-executor653 Not tainted 6.2.0-syzkaller-12944-ge492250d5252 #0
[   51.751819][ T5064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/16/2023
[   51.761862][ T5064] Call Trace:
[   51.765137][ T5064]  <TASK>
[   51.768060][ T5064]  dump_stack_lvl+0x1e7/0x2d0
[   51.772731][ T5064]  ? nf_tcp_handle_invalid+0x650/0x650
[   51.778186][ T5064]  ? print_circular_bug+0x12b/0x1a0
[   51.783376][ T5064]  check_noncircular+0x2fe/0x3b0
[   51.788319][ T5064]  ? deref_stack_reg+0x17c/0x210
[   51.793245][ T5064]  ? add_chain_block+0x850/0x850
[   51.798171][ T5064]  ? lockdep_lock+0x123/0x2b0
[   51.802835][ T5064]  ? unwind_next_frame+0x1ae8/0x22b0
[   51.808130][ T5064]  ? stack_trace_save+0x1c0/0x1c0
[   51.813146][ T5064]  ? _find_first_zero_bit+0xd4/0x100
[   51.818425][ T5064]  validate_chain+0x166b/0x58e0
[   51.823267][ T5064]  ? kernel_text_address+0xa3/0xe0
[   51.828368][ T5064]  ? unwind_get_return_address+0x4d/0x90
[   51.833992][ T5064]  ? stack_trace_save+0x117/0x1c0
[   51.839004][ T5064]  ? reacquire_held_locks+0x660/0x660
[   51.844469][ T5064]  ? stack_trace_snprint+0xf0/0xf0
[   51.849569][ T5064]  ? lockdep_lock+0x123/0x2b0
[   51.854235][ T5064]  ? lockdep_unlock+0x169/0x300
[   51.859071][ T5064]  ? lockdep_lock+0x2b0/0x2b0
[   51.863752][ T5064]  ? mark_lock+0x29d/0x340
[   51.868172][ T5064]  __lock_acquire+0x125b/0x1f80
[   51.873031][ T5064]  lock_acquire+0x23e/0x630
[   51.877530][ T5064]  ? jbd2_log_wait_commit+0x153/0x4a0
[   51.882898][ T5064]  ? read_lock_is_recursive+0x20/0x20
[   51.888261][ T5064]  ? __lock_acquire+0x1f80/0x1f80
[   51.893277][ T5064]  ? stop_this_handle+0x3be/0x5f0
[   51.898292][ T5064]  jbd2_log_wait_commit+0x173/0x4a0
[   51.903476][ T5064]  ? jbd2_log_wait_commit+0x153/0x4a0
[   51.908840][ T5064]  ? jbd2_journal_clear_err+0xc0/0xc0
[   51.914198][ T5064]  ? stop_this_handle+0x3d8/0x5f0
[   51.919232][ T5064]  jbd2_journal_stop+0x95b/0xf50
[   51.924163][ T5064]  ? jbd2_journal_start_reserved+0x300/0x300
[   51.930131][ T5064]  ? current_time+0x1be/0x300
[   51.934800][ T5064]  __ext4_journal_stop+0xfc/0x1a0
[   51.939829][ T5064]  ext4_rename2+0x3c93/0x4410
[   51.944535][ T5064]  ? ext4_mknod+0x570/0x570
[   51.949034][ T5064]  ? mark_lock+0x9a/0x340
[   51.953373][ T5064]  ? vfs_rename+0x5c7/0xfa0
[   51.957875][ T5064]  ? __lock_acquire+0x1f80/0x1f80
[   51.962897][ T5064]  ? do_raw_spin_unlock+0x13b/0x8b0
[   51.968090][ T5064]  ? ext4_mknod+0x570/0x570
[   51.972586][ T5064]  vfs_rename+0xb1b/0xfa0
[   51.976916][ T5064]  ? __ia32_sys_link+0x90/0x90
[   51.981676][ T5064]  ? security_path_rename+0x183/0x210
[   51.987038][ T5064]  do_renameat2+0xb9b/0x13c0
[   51.991630][ T5064]  ? fsnotify_move+0x4f0/0x4f0
[   51.996401][ T5064]  ? __phys_addr_symbol+0x2f/0x70
[   52.001422][ T5064]  ? getname_flags+0x1f0/0x4e0
[   52.006192][ T5064]  __x64_sys_renameat2+0xd2/0xe0
[   52.011553][ T5064]  do_syscall_64+0x41/0xc0
[   52.015964][ T5064]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   52.021850][ T5064] RIP: 0033:0x7f84b22acff9
[   52.026257][ T5064] Code: ae 01 00 85 c0 b8 00 00 00 00 48 0f 44 c3 5b c3 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   52.045882][ T5064] RSP: 002b:00007fff86cdc2a8 EFLAGS: 00000246 ORIG_RAX: 000000000000013c
[   52.054297][ T5064] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f84b22acff9
[   52.062269][ T5064] RDX: 0000000000000004 RSI: 00000000200