./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1837867909

<...>
Warning: Permanently added '10.128.0.29' (ECDSA) to the list of known hosts.
execve("./syz-executor1837867909", ["./syz-executor1837867909"], 0x7ffc6dac2e20 /* 10 vars */) = 0
brk(NULL)                               = 0x5555563f4000
brk(0x5555563f4c40)                     = 0x5555563f4c40
arch_prctl(ARCH_SET_FS, 0x5555563f4300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor1837867909", 4096) = 28
brk(0x555556415c40)                     = 0x555556415c40
brk(0x555556416000)                     = 0x555556416000
mprotect(0x7f1c3ba42000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
openat(AT_FDCWD, ".log", O_RDONLY|O_CREAT|O_LARGEFILE, 000) = 3
ioctl(3, _IOC(_IOC_WRITE, 0x66, 0x2b, 0x4), 0x200000c0) = 0
open("./file0", O_WRONLY|O_CREAT|O_EXCL|O_NOCTTY|O_TRUNC|O_SYNC|O_DIRECT|O_NOFOLLOW|FASYNC, 000) = 4
[   54.832443][ T3630] 
[   54.834787][ T3630] ======================================================
[   54.841781][ T3630] WARNING: possible circular locking dependency detected
[   54.848776][ T3630] 6.1.0-rc6-syzkaller-00251-g0b1dcc2cf55a #0 Not tainted
[   54.855778][ T3630] ------------------------------------------------------
[   54.862785][ T3630] syz-executor183/3630 is trying to acquire lock:
[   54.869182][ T3630] ffff88814b858170 (&journal->j_barrier){+.+.}-{3:3}, at: jbd2_journal_lock_updates+0x2ad/0x380
[   54.879626][ T3630] 
[   54.879626][ T3630] but task is already holding lock:
[   54.886983][ T3630] ffff88814b856b98 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_change_inode_journal_flag+0x1a0/0x6e0
[   54.898290][ T3630] 
[   54.898290][ T3630] which lock already depends on the new lock.
[   54.898290][ T3630] 
[   54.908675][ T3630] 
[   54.908675][ T3630] the existing dependency chain (in reverse order) is:
[   54.917673][ T3630] 
[   54.917673][ T3630] -> #4 (&sbi->s_writepages_rwsem){++++}-{0:0}:
[   54.926092][ T3630]        lock_acquire+0x1a7/0x400
[   54.931115][ T3630]        percpu_down_write+0x50/0x300
[   54.936490][ T3630]        ext4_change_inode_journal_flag+0x1a0/0x6e0
[   54.943072][ T3630]        ext4_fileattr_set+0xdef/0x1810
[   54.948606][ T3630]        vfs_fileattr_set+0x8be/0xd20
[   54.953968][ T3630]        do_vfs_ioctl+0x1daf/0x2a70
[   54.959157][ T3630]        __se_sys_ioctl+0x83/0x170
[   54.964254][ T3630]        do_syscall_64+0x2b/0x70
[   54.969180][ T3630]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   54.975582][ T3630] 
[   54.975582][ T3630] -> #3 (mapping.invalidate_lock){++++}-{3:3}:
[   54.983909][ T3630]        lock_acquire+0x1a7/0x400
[   54.988923][ T3630]        down_write+0x9c/0x270
[   54.993683][ T3630]        ext4_setattr+0xe6c/0x18d0
[   54.998784][ T3630]        notify_change+0xe38/0x10f0
[   55.003967][ T3630]        do_truncate+0x214/0x300
[   55.008891][ T3630]        do_sys_ftruncate+0x2eb/0x380
[   55.014247][ T3630]        do_syscall_64+0x2b/0x70
[   55.019171][ T3630]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   55.025569][ T3630] 
[   55.025569][ T3630] -> #2 (&sb->s_type->i_mutex_key#7){++++}-{3:3}:
[   55.034161][ T3630]        lock_acquire+0x1a7/0x400
[   55.039175][ T3630]        down_read+0x39/0x50
[   55.043752][ T3630]        ext4_bmap+0x55/0x410
[   55.048437][ T3630]        bmap+0xa1/0xd0
[   55.052591][ T3630]        jbd2_journal_flush+0x5d0/0xca0
[   55.058141][ T3630]        ext4_ioctl+0x3797/0x55d0
[   55.063160][ T3630]        __se_sys_ioctl+0xfb/0x170
[   55.068264][ T3630]        do_syscall_64+0x2b/0x70
[   55.073199][ T3630]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   55.079617][ T3630] 
[   55.079617][ T3630] -> #1 (&journal->j_checkpoint_mutex){+.+.}-{3:3}:
[   55.088385][ T3630]        lock_acquire+0x1a7/0x400
[   55.093411][ T3630]        __mutex_lock_common+0x1de/0x26c0
[   55.099124][ T3630]        mutex_lock_io_nested+0x43/0x60
[   55.104663][ T3630]        jbd2_journal_flush+0x2a6/0xca0
[   55.110202][ T3630]        ext4_ioctl+0x3797/0x55d0
[   55.115218][ T3630]        __se_sys_ioctl+0xfb/0x170
[   55.120319][ T3630]        do_syscall_64+0x2b/0x70
[   55.125246][ T3630]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   55.131649][ T3630] 
[   55.131649][ T3630] -> #0 (&journal->j_barrier){+.+.}-{3:3}:
[   55.139626][ T3630]        validate_chain+0x184a/0x6470
[   55.144986][ T3630]        __lock_acquire+0x1292/0x1f60
[   55.150344][ T3630]        lock_acquire+0x1a7/0x400
[   55.155354][ T3630]        __mutex_lock_common+0x1de/0x26c0
[   55.161062][ T3630]        mutex_lock_nested+0x17/0x20
[   55.166333][ T3630]        jbd2_journal_lock_updates+0x2ad/0x380
[   55.172473][ T3630]        ext4_change_inode_journal_flag+0x1a8/0x6e0
[   55.179051][ T3630]        ext4_fileattr_set+0xdef/0x1810
[   55.184582][ T3630]        vfs_fileattr_set+0x8be/0xd20
[   55.189942][ T3630]        do_vfs_ioctl+0x1daf/0x2a70
[   55.195127][ T3630]        __se_sys_ioctl+0x83/0x170
[   55.200226][ T3630]        do_syscall_64+0x2b/0x70
[   55.205150][ T3630]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   55.211552][ T3630] 
[   55.211552][ T3630] other info that might help us debug this:
[   55.211552][ T3630] 
[   55.221760][ T3630] Chain exists of:
[   55.221760][ T3630]   &journal->j_barrier --> mapping.invalidate_lock --> &sbi->s_writepages_rwsem
[   55.221760][ T3630] 
[   55.236600][ T3630]  Possible unsafe locking scenario:
[   55.236600][ T3630] 
[   55.244033][ T3630]        CPU0                    CPU1
[   55.249397][ T3630]        ----                    ----
[   55.254743][ T3630]   lock(&sbi->s_writepages_rwsem);
[   55.259939][ T3630]                                lock(mapping.invalidate_lock);
[   55.267562][ T3630]                                lock(&sbi->s_writepages_rwsem);
[   55.275265][ T3630]   lock(&journal->j_barrier);
[   55.280019][ T3630] 
[   55.280019][ T3630]  *** DEADLOCK ***
[   55.280019][ T3630] 
[   55.288143][ T3630] 4 locks held by syz-executor183/3630:
[   55.293672][ T3630]  #0: ffff88814b854460 (sb_writers#4){.+.+}-{0:0}, at: mnt_want_write_file+0x5a/0x1f0
[   55.303332][ T3630]  #1: ffff888077347258 (&sb->s_type->i_mutex_key#7){++++}-{3:3}, at: vfs_fileattr_set+0x135/0xd20
[   55.314039][ T3630]  #2: ffff8880773473f8 (mapping.invalidate_lock){++++}-{3:3}, at: ext4_change_inode_journal_flag+0x115/0x6e0
[   55.325698][ T3630]  #3: ffff88814b856b98 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_change_inode_journal_flag+0x1a0/0x6e0
[   55.337447][ T3630] 
[   55.337447][ T3630] stack backtrace:
[   55.343330][ T3630] CPU: 1 PID: 3630 Comm: syz-executor183 Not tainted 6.1.0-rc6-syzkaller-00251-g0b1dcc2cf55a #0
[   55.353733][ T3630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[   55.363781][ T3630] Call Trace:
[   55.367054][ T3630]  <TASK>
[   55.369978][ T3630]  dump_stack_lvl+0x1e3/0x2cb
[   55.374661][ T3630]  ? nf_tcp_handle_invalid+0x62e/0x62e
[   55.380139][ T3630]  ? print_circular_bug+0x13e/0x1c0
[   55.385333][ T3630]  check_noncircular+0x2f9/0x3b0
[   55.390265][ T3630]  ? add_chain_block+0x850/0x850
[   55.395196][ T3630]  ? lockdep_lock+0x11d/0x2a0
[   55.399864][ T3630]  ? validate_chain+0x126/0x6470
[   55.404792][ T3630]  ? _find_first_zero_bit+0xe8/0x110
[   55.410068][ T3630]  validate_chain+0x184a/0x6470
[   55.414918][ T3630]  ? lockdep_unlock+0x163/0x300
[   55.419760][ T3630]  ? reacquire_held_locks+0x680/0x680
[   55.425124][ T3630]  ? validate_chain+0x1426/0x6470
[   55.430150][ T3630]  ? mark_lock+0x9a/0x350
[   55.434470][ T3630]  ? mark_lock+0x9a/0x350
[   55.438788][ T3630]  __lock_acquire+0x1292/0x1f60
[   55.443636][ T3630]  lock_acquire+0x1a7/0x400
[   55.448132][ T3630]  ? jbd2_journal_lock_updates+0x2ad/0x380
[   55.453932][ T3630]  ? read_lock_is_recursive+0x10/0x10
[   55.459293][ T3630]  ? __might_sleep+0xc0/0xc0
[   55.463873][ T3630]  ? jbd2_journal_lock_updates+0x29c/0x380
[   55.469672][ T3630]  ? rcu_read_lock_sched_held+0x89/0x130
[   55.475305][ T3630]  ? __bpf_trace_rcu_stall_warning+0x10/0x10
[   55.481273][ T3630]  ? do_raw_spin_unlock+0x134/0x8a0
[   55.486463][ T3630]  __mutex_lock_common+0x1de/0x26c0
[   55.491653][ T3630]  ? jbd2_journal_lock_updates+0x2ad/0x380
[   55.497448][ T3630]  ? jbd2_journal_lock_updates+0x2ad/0x380
[   55.503242][ T3630]  ? jbd2_journal_lock_updates+0x29c/0x380
[   55.509034][ T3630]  ? jbd2_journal_wait_updates+0x26b/0x2d0
[   55.514826][ T3630]  ? mutex_lock_io_nested+0x60/0x60
[   55.520019][ T3630]  ? do_raw_read_unlock+0x70/0x70
[   55.525037][ T3630]  mutex_lock_nested+0x17/0x20
[   55.529796][ T3630]  jbd2_journal_lock_updates+0x2ad/0x380
[   55.535419][ T3630]  ? jbd2_journal_wait_updates+0x2d0/0x2d0
[   55.541222][ T3630]  ? rcu_read_lock_sched_held+0x89/0x130
[   55.546843][ T3630]  ? __bpf_trace_rcu_stall_warning+0x10/0x10
[   55.552812][ T3630]  ? percpu_down_write+0x2c6/0x300
[   55.557920][ T3630]  ext4_change_inode_journal_flag+0x1a8/0x6e0
[   55.563990][ T3630]  ext4_fileattr_set+0xdef/0x1810
[   55.569010][ T3630]  ? ext4_fileattr_get+0x200/0x200
[   55.574114][ T3630]  ? down_write+0x1a5/0x270
[   55.578608][ T3630]  ? memset+0x1f/0x40
[   55.582579][ T3630]  ? fileattr_fill_flags+0x1c4/0x2f0
[   55.587853][ T3630]  ? fscrypt_prepare_setflags+0x5c/0x220
[   55.593482][ T3630]  vfs_fileattr_set+0x8be/0xd20
[   55.598332][ T3630]  ? copy_fsxattr_to_user+0x390/0x390
[   55.603690][ T3630]  ? rcu_read_lock_sched_held+0x89/0x130
[   55.609319][ T3630]  do_vfs_ioctl+0x1daf/0x2a70
[   55.613987][ T3630]  ? __x64_compat_sys_ioctl+0x80/0x80
[   55.619349][ T3630]  ? rcu_lock_release+0x5/0x20
[   55.624101][ T3630]  ? __lock_acquire+0x1f60/0x1f60
[   55.629117][ T3630]  ? slab_free_freelist_hook+0x12e/0x1a0
[   55.634741][ T3630]  ? tomoyo_path_number_perm+0x5bf/0x790
[   55.640367][ T3630]  ? __kmem_cache_free+0x71/0x110
[   55.645383][ T3630]  ? tomoyo_path_number_perm+0x628/0x790
[   55.651002][ T3630]  ? __rwlock_init+0x140/0x140
[   55.655760][ T3630]  ? smack_log+0x11f/0x530
[   55.660163][ T3630]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[   55.665609][ T3630]  ? smk_access+0x490/0x490
[   55.670105][ T3630]  ? smk_tskacc+0x304/0x370
[   55.674599][ T3630]  ? smack_file_ioctl+0x298/0x3a0
[   55.679618][ T3630]  ? smack_file_alloc_security+0xd0/0xd0
[   55.685244][ T3630]  ? print_irqtrace_events+0x220/0x220
[   55.690690][ T3630]  ? lockdep_hardirqs_on_prepare+0x448/0x7b0
[   55.696660][ T3630]  ? bpf_lsm_file_ioctl+0x5/0x10
[   55.701584][ T3630]  ? security_file_ioctl+0x9d/0xb0
[   55.706683][ T3630]  __se_sys_ioctl+0x83/0x170
[   55.711267][ T3630]  do_syscall_64+0x2b/0x70
[   55.715673][ T3630]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   55.721560][ T3630] RIP: 0033:0x7f1c3b9d5be9
[   55.725966][ T3630] Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   55.745556][ T3630] RSP: 002b:00007ffdde126dc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   55.753957][ T3630] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f1c3b9d5be9
[   55.761915][ T3630] RDX: 0000000020000080 RSI: 0000000040086602 RDI: 0000000000000004
[   55.769880][ T3630] RBP: 00007f1c3b999d90 R08: 0000000000000000 R09: 0000000000000000
[   55.777838][ T3630] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1c3b999e20
ioctl(4, FS_IOC_SETFLAGS, [FS_JOURNAL_DATA_FL]) = 0
exit_group(0)                           = ?
+++ exited with 0 +++
[   55.785