./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3390383211

<...>
forked to background, child pid 3181
no interfaces have a carrier
[   23.060259][ T3182] 8021q: adding VLAN 0 to HW filter on device bond0
[   23.073984][ T3182] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK

syzkaller
Warning: Permanently added '10.128.0.143' (ECDSA) to the list of known hosts.
execve("./syz-executor3390383211", ["./syz-executor3390383211"], 0x7fffd4db9bf0 /* 10 vars */) = 0
brk(NULL)                               = 0x55555606a000
brk(0x55555606ac40)                     = 0x55555606ac40
arch_prctl(ARCH_SET_FS, 0x55555606a300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor3390383211", 4096) = 28
brk(0x55555608bc40)                     = 0x55555608bc40
brk(0x55555608c000)                     = 0x55555608c000
mprotect(0x7fbad2066000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
creat("./file0", 000)                   = 3
ioctl(3, FS_IOC_SETFLAGS, [FS_JOURNAL_DATA_FL]) = 0
openat(AT_FDCWD, "cgroup.controllers", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
syzkaller login: [   42.913995][ T3603] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow
[   42.942712][ T3603] 
[   42.954410][ T3603] ======================================================
[   42.961459][ T3603] WARNING: possible circular locking dependency detected
[   42.968469][ T3603] 6.0.0-rc1-syzkaller-00399-g15b3f48a4339 #0 Not tainted
[   42.975494][ T3603] ------------------------------------------------------
[   42.982708][ T3603] syz-executor339/3603 is trying to acquire lock:
[   42.989101][ T3603] ffff88801e2d0400 (&sb->s_type->i_mutex_key#8){++++}-{3:3}, at: ext4_bmap+0x4e/0x460
[   42.998695][ T3603] 
[   42.998695][ T3603] but task is already holding lock:
[   43.006126][ T3603] ffff88814b1583f8 (&journal->j_checkpoint_mutex){+.+.}-{3:3}, at: jbd2_journal_flush+0x487/0xc00
[   43.016720][ T3603] 
[   43.016720][ T3603] which lock already depends on the new lock.
[   43.016720][ T3603] 
[   43.027105][ T3603] 
[   43.027105][ T3603] the existing dependency chain (in reverse order) is:
[   43.036121][ T3603] 
[   43.036121][ T3603] -> #3 (&journal->j_checkpoint_mutex){+.+.}-{3:3}:
[   43.044968][ T3603]        mutex_lock_io_nested+0x13f/0x1190
[   43.050790][ T3603]        jbd2_journal_flush+0x19a/0xc00
[   43.056319][ T3603]        __ext4_ioctl+0x28fd/0x4ab0
[   43.061507][ T3603]        __x64_sys_ioctl+0x193/0x200
[   43.066794][ T3603]        do_syscall_64+0x35/0xb0
[   43.071714][ T3603]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   43.078375][ T3603] 
[   43.078375][ T3603] -> #2 (&journal->j_barrier){+.+.}-{3:3}:
[   43.086348][ T3603]        __mutex_lock+0x12f/0x1350
[   43.091447][ T3603]        jbd2_journal_lock_updates+0x15e/0x310
[   43.097584][ T3603]        ext4_change_inode_journal_flag+0x180/0x530
[   43.104175][ T3603]        ext4_fileattr_set+0xddf/0x1930
[   43.109711][ T3603]        vfs_fileattr_set+0x7f5/0xbe0
[   43.115079][ T3603]        do_vfs_ioctl+0xe62/0x15c0
[   43.120167][ T3603]        __x64_sys_ioctl+0x108/0x200
[   43.125523][ T3603]        do_syscall_64+0x35/0xb0
[   43.130440][ T3603]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   43.136862][ T3603] 
[   43.136862][ T3603] -> #1 (&sbi->s_writepages_rwsem){++++}-{0:0}:
[   43.145270][ T3603]        percpu_down_write+0x4d/0x440
[   43.150651][ T3603]        ext4_ind_migrate+0x237/0x840
[   43.156022][ T3603]        ext4_fileattr_set+0x14b8/0x1930
[   43.161643][ T3603]        vfs_fileattr_set+0x7f5/0xbe0
[   43.167031][ T3603]        do_vfs_ioctl+0xe62/0x15c0
[   43.172148][ T3603]        __x64_sys_ioctl+0x108/0x200
[   43.177434][ T3603]        do_syscall_64+0x35/0xb0
[   43.182373][ T3603]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   43.188777][ T3603] 
[   43.188777][ T3603] -> #0 (&sb->s_type->i_mutex_key#8){++++}-{3:3}:
[   43.197366][ T3603]        __lock_acquire+0x2a43/0x56d0
[   43.202963][ T3603]        lock_acquire+0x1ab/0x570
[   43.207970][ T3603]        down_read+0x98/0x450
[   43.212720][ T3603]        ext4_bmap+0x4e/0x460
[   43.217565][ T3603]        bmap+0xaa/0x120
[   43.221819][ T3603]        jbd2_journal_bmap+0xa8/0x180
[   43.227201][ T3603]        jbd2_journal_flush+0x84f/0xc00
[   43.232744][ T3603]        __ext4_ioctl+0x28fd/0x4ab0
[   43.237996][ T3603]        __x64_sys_ioctl+0x193/0x200
[   43.243275][ T3603]        do_syscall_64+0x35/0xb0
[   43.248194][ T3603]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   43.254700][ T3603] 
[   43.254700][ T3603] other info that might help us debug this:
[   43.254700][ T3603] 
[   43.264920][ T3603] Chain exists of:
[   43.264920][ T3603]   &sb->s_type->i_mutex_key#8 --> &journal->j_barrier --> &journal->j_checkpoint_mutex
[   43.264920][ T3603] 
[   43.280459][ T3603]  Possible unsafe locking scenario:
[   43.280459][ T3603] 
[   43.287891][ T3603]        CPU0                    CPU1
[   43.293240][ T3603]        ----                    ----
[   43.298607][ T3603]   lock(&journal->j_checkpoint_mutex);
[   43.304221][ T3603]                                lock(&journal->j_barrier);
[   43.311658][ T3603]                                lock(&journal->j_checkpoint_mutex);
[   43.319743][ T3603]   lock(&sb->s_type->i_mutex_key#8);
[   43.325122][ T3603] 
[   43.325122][ T3603]  *** DEADLOCK ***
[   43.325122][ T3603] 
[   43.333253][ T3603] 2 locks held by syz-executor339/3603:
[   43.339060][ T3603]  #0: ffff88814b158170 (&journal->j_barrier){+.+.}-{3:3}, at: jbd2_journal_lock_updates+0x15e/0x310
[   43.349943][ T3603]  #1: ffff88814b1583f8 (&journal->j_checkpoint_mutex){+.+.}-{3:3}, at: jbd2_journal_flush+0x487/0xc00
[   43.361079][ T3603] 
[   43.361079][ T3603] stack backtrace:
[   43.366954][ T3603] CPU: 1 PID: 3603 Comm: syz-executor339 Not tainted 6.0.0-rc1-syzkaller-00399-g15b3f48a4339 #0
[   43.377701][ T3603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022
[   43.387739][ T3603] Call Trace:
[   43.390998][ T3603]  <TASK>
[   43.393913][ T3603]  dump_stack_lvl+0xcd/0x134
[   43.398589][ T3603]  check_noncircular+0x25f/0x2e0
[   43.403534][ T3603]  ? print_circular_bug+0x1e0/0x1e0
[   43.408720][ T3603]  ? lock_downgrade+0x6e0/0x6e0
[   43.413819][ T3603]  ? mark_held_locks+0x9f/0xe0
[   43.418589][ T3603]  ? finish_task_switch.isra.0+0x2b5/0xc70
[   43.424477][ T3603]  ? finish_task_switch.isra.0+0x2b5/0xc70
[   43.430284][ T3603]  __lock_acquire+0x2a43/0x56d0
[   43.435135][ T3603]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   43.441201][ T3603]  ? find_held_lock+0x2d/0x110
[   43.446052][ T3603]  lock_acquire+0x1ab/0x570
[   43.450639][ T3603]  ? ext4_bmap+0x4e/0x460
[   43.454962][ T3603]  ? lock_release+0x780/0x780
[   43.459631][ T3603]  down_read+0x98/0x450
[   43.463862][ T3603]  ? ext4_bmap+0x4e/0x460
[   43.468178][ T3603]  ? rwsem_down_read_slowpath+0xb10/0xb10
[   43.473914][ T3603]  ? find_held_lock+0x2d/0x110
[   43.478783][ T3603]  ext4_bmap+0x4e/0x460
[   43.482950][ T3603]  ? ext4_readahead+0x140/0x140
[   43.487812][ T3603]  bmap+0xaa/0x120
[   43.491519][ T3603]  ? do_raw_read_unlock+0x70/0x70
[   43.496533][ T3603]  jbd2_journal_bmap+0xa8/0x180
[   43.501380][ T3603]  ? jbd2_log_start_commit+0x40/0x40
[   43.506662][ T3603]  ? _raw_write_unlock+0x24/0x40
[   43.511599][ T3603]  ? jbd2_mark_journal_empty+0x307/0x3f0
[   43.517246][ T3603]  jbd2_journal_flush+0x84f/0xc00
[   43.522255][ T3603]  ? jbd2_fc_get_buf+0x310/0x310
[   43.527202][ T3603]  ? lockdep_hardirqs_on+0x79/0x100
[   43.532398][ T3603]  ? _raw_spin_unlock_irqrestore+0x3d/0x70
[   43.538198][ T3603]  ? ___ratelimit+0x222/0x4b0
[   43.542862][ T3603]  ? __ext4_ioctl.cold+0x5/0x7e
[   43.547702][ T3603]  __ext4_ioctl+0x28fd/0x4ab0
[   43.552452][ T3603]  ? tomoyo_path_number_perm+0x24e/0x590
[   43.558159][ T3603]  ? tomoyo_execute_permission+0x4a0/0x4a0
[   43.564055][ T3603]  ? ext4_reset_inode_seed+0x440/0x440
[   43.569516][ T3603]  ? __sanitizer_cov_trace_switch+0x50/0x90
[   43.575398][ T3603]  ? do_vfs_ioctl+0x132/0x15c0
[   43.580149][ T3603]  ? vfs_fileattr_set+0xbe0/0xbe0
[   43.585163][ T3603]  ? find_held_lock+0x2d/0x110
[   43.589912][ T3603]  ? calibrate_delay+0xe72/0x1120
[   43.594923][ T3603]  ? lock_downgrade+0x6e0/0x6e0
[   43.599761][ T3603]  ? _raw_spin_unlock_irq+0x1f/0x40
[   43.605028][ T3603]  ? bpf_lsm_file_ioctl+0x5/0x10
[   43.609951][ T3603]  ? ext4_fileattr_set+0x1930/0x1930
[   43.615225][ T3603]  __x64_sys_ioctl+0x193/0x200
[   43.619977][ T3603]  do_syscall_64+0x35/0xb0
[   43.624467][ T3603]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   43.630351][ T3603] RIP: 0033:0x7fbad1ff9b69
[   43.634755][ T3603] Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   43.654631][ T3603] RSP: 002b:00007ffc0cef7d38 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   43.663133][ T3603] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fbad1ff9b69
[   43.671096][ T3603] RDX: 0000000020000000 RSI: 000000004004662b RDI: 0000000000000004
[   43.679226][ T3603] RBP: 00007fbad1fbdd10 R08: 0000000000000000 R09: 0000000000000000
[   43.687181][ T3603] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbad1fbdda0
ioctl(4, _IOC(_IOC_WRITE, 0x66, 0x2b, 0x4), 0x20000000) = 0
exit_group(0)                           = ?
+++ exited with 0 +++
[   43.69