Warning: Permanently added '10.128.1.4' (ED25519) to the list of known hosts. executing program [ 53.348689][ T3499] [ 53.351035][ T3499] ====================================================== [ 53.358094][ T3499] WARNING: possible circular locking dependency detected [ 53.365104][ T3499] 5.15.146-syzkaller #0 Not tainted [ 53.370310][ T3499] ------------------------------------------------------ [ 53.377315][ T3499] syz-executor908/3499 is trying to acquire lock: [ 53.383712][ T3499] ffff88814b152170 (&journal->j_barrier){+.+.}-{3:3}, at: jbd2_journal_lock_updates+0x2aa/0x370 [ 53.394284][ T3499] [ 53.394284][ T3499] but task is already holding lock: [ 53.401638][ T3499] ffff88814b150bd8 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_change_inode_journal_flag+0x1a0/0x6e0 [ 53.412937][ T3499] [ 53.412937][ T3499] which lock already depends on the new lock. [ 53.412937][ T3499] [ 53.423322][ T3499] [ 53.423322][ T3499] the existing dependency chain (in reverse order) is: [ 53.432334][ T3499] [ 53.432334][ T3499] -> #4 (&sbi->s_writepages_rwsem){++++}-{0:0}: [ 53.440744][ T3499] lock_acquire+0x1db/0x4f0 [ 53.445768][ T3499] percpu_down_write+0x52/0x2d0 [ 53.451128][ T3499] ext4_change_inode_journal_flag+0x1a0/0x6e0 [ 53.458230][ T3499] ext4_fileattr_set+0xdf4/0x1750 [ 53.463783][ T3499] vfs_fileattr_set+0x8f3/0xd30 [ 53.469146][ T3499] do_vfs_ioctl+0x1d85/0x2b70 [ 53.474330][ T3499] __se_sys_ioctl+0x81/0x160 [ 53.479429][ T3499] do_syscall_64+0x3d/0xb0 [ 53.484358][ T3499] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 53.490767][ T3499] [ 53.490767][ T3499] -> #3 (mapping.invalidate_lock){++++}-{3:3}: [ 53.499210][ T3499] lock_acquire+0x1db/0x4f0 [ 53.504592][ T3499] down_write+0x97/0x170 [ 53.509539][ T3499] ext4_setattr+0xd6c/0x1990 [ 53.514734][ T3499] notify_change+0xc6d/0xf50 [ 53.520039][ T3499] do_truncate+0x21c/0x300 [ 53.524980][ T3499] do_sys_ftruncate+0x2eb/0x390 [ 53.530343][ T3499] do_syscall_64+0x3d/0xb0 [ 53.535272][ T3499] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 53.541851][ T3499] [ 53.541851][ T3499] -> #2 (&sb->s_type->i_mutex_key#9){++++}-{3:3}: [ 53.550440][ T3499] lock_acquire+0x1db/0x4f0 [ 53.555536][ T3499] down_read+0x45/0x2e0 [ 53.560200][ T3499] ext4_bmap+0x4b/0x410 [ 53.564951][ T3499] bmap+0xa1/0xd0 [ 53.569093][ T3499] jbd2_journal_flush+0x7a2/0xc90 [ 53.574626][ T3499] ext4_ioctl+0x3249/0x5b80 [ 53.579646][ T3499] __se_sys_ioctl+0xf1/0x160 [ 53.584778][ T3499] do_syscall_64+0x3d/0xb0 [ 53.589709][ T3499] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 53.596297][ T3499] [ 53.596297][ T3499] -> #1 (&journal->j_checkpoint_mutex){+.+.}-{3:3}: [ 53.605175][ T3499] lock_acquire+0x1db/0x4f0 [ 53.610311][ T3499] __mutex_lock_common+0x1da/0x25a0 [ 53.616125][ T3499] mutex_lock_io_nested+0x45/0x60 [ 53.621678][ T3499] jbd2_journal_flush+0x290/0xc90 [ 53.627241][ T3499] ext4_ioctl+0x3249/0x5b80 [ 53.632261][ T3499] __se_sys_ioctl+0xf1/0x160 [ 53.638667][ T3499] do_syscall_64+0x3d/0xb0 [ 53.643610][ T3499] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 53.650293][ T3499] [ 53.650293][ T3499] -> #0 (&journal->j_barrier){+.+.}-{3:3}: [ 53.658288][ T3499] validate_chain+0x1649/0x5930 [ 53.663668][ T3499] __lock_acquire+0x1295/0x1ff0 [ 53.669157][ T3499] lock_acquire+0x1db/0x4f0 [ 53.674207][ T3499] __mutex_lock_common+0x1da/0x25a0 [ 53.680034][ T3499] mutex_lock_nested+0x17/0x20 [ 53.685315][ T3499] jbd2_journal_lock_updates+0x2aa/0x370 [ 53.691570][ T3499] ext4_change_inode_journal_flag+0x1a8/0x6e0 [ 53.698655][ T3499] ext4_fileattr_set+0xdf4/0x1750 [ 53.704226][ T3499] vfs_fileattr_set+0x8f3/0xd30 [ 53.709602][ T3499] do_vfs_ioctl+0x1d85/0x2b70 [ 53.714797][ T3499] __se_sys_ioctl+0x81/0x160 [ 53.719936][ T3499] do_syscall_64+0x3d/0xb0 [ 53.724877][ T3499] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 53.731380][ T3499] [ 53.731380][ T3499] other info that might help us debug this: [ 53.731380][ T3499] [ 53.741854][ T3499] Chain exists of: [ 53.741854][ T3499] &journal->j_barrier --> mapping.invalidate_lock --> &sbi->s_writepages_rwsem [ 53.741854][ T3499] [ 53.757084][ T3499] Possible unsafe locking scenario: [ 53.757084][ T3499] [ 53.764984][ T3499] CPU0 CPU1 [ 53.770393][ T3499] ---- ---- [ 53.775752][ T3499] lock(&sbi->s_writepages_rwsem); [ 53.781031][ T3499] lock(mapping.invalidate_lock); [ 53.788652][ T3499] lock(&sbi->s_writepages_rwsem); [ 53.796521][ T3499] lock(&journal->j_barrier); [ 53.801291][ T3499] [ 53.801291][ T3499] *** DEADLOCK *** [ 53.801291][ T3499] [ 53.809449][ T3499] 4 locks held by syz-executor908/3499: [ 53.815124][ T3499] #0: ffff88814b14e460 (sb_writers#5){.+.+}-{0:0}, at: mnt_want_write_file+0x5a/0x1f0 [ 53.824792][ T3499] #1: ffff8880751d17e0 (&sb->s_type->i_mutex_key#9){++++}-{3:3}, at: vfs_fileattr_set+0x135/0xd30 [ 53.835493][ T3499] #2: ffff8880751d1980 (mapping.invalidate_lock){++++}-{3:3}, at: ext4_change_inode_journal_flag+0x115/0x6e0 [ 53.847149][ T3499] #3: ffff88814b150bd8 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_change_inode_journal_flag+0x1a0/0x6e0 [ 53.858882][ T3499] [ 53.858882][ T3499] stack backtrace: [ 53.864772][ T3499] CPU: 1 PID: 3499 Comm: syz-executor908 Not tainted 5.15.146-syzkaller #0 [ 53.873519][ T3499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 53.883562][ T3499] Call Trace: [ 53.886903][ T3499] [ 53.889849][ T3499] dump_stack_lvl+0x1e3/0x2cb [ 53.894540][ T3499] ? io_uring_drop_tctx_refs+0x19d/0x19d [ 53.900272][ T3499] ? print_circular_bug+0x12b/0x1a0 [ 53.905473][ T3499] check_noncircular+0x2f8/0x3b0 [ 53.910411][ T3499] ? add_chain_block+0x850/0x850 [ 53.915337][ T3499] ? lockdep_lock+0x11f/0x2a0 [ 53.920009][ T3499] ? validate_chain+0x112/0x5930 [ 53.924938][ T3499] validate_chain+0x1649/0x5930 [ 53.929791][ T3499] ? reacquire_held_locks+0x660/0x660 [ 53.935177][ T3499] ? lockdep_unlock+0x166/0x300 [ 53.940054][ T3499] ? lockdep_lock+0x2a0/0x2a0 [ 53.944740][ T3499] ? reacquire_held_locks+0x660/0x660 [ 53.950110][ T3499] ? validate_chain+0x13bd/0x5930 [ 53.955127][ T3499] ? mark_lock+0x98/0x340 [ 53.959447][ T3499] ? mark_lock+0x98/0x340 [ 53.963800][ T3499] __lock_acquire+0x1295/0x1ff0 [ 53.968653][ T3499] lock_acquire+0x1db/0x4f0 [ 53.973145][ T3499] ? jbd2_journal_lock_updates+0x2aa/0x370 [ 53.978947][ T3499] ? read_lock_is_recursive+0x10/0x10 [ 53.984404][ T3499] ? __might_sleep+0xc0/0xc0 [ 53.989631][ T3499] ? print_irqtrace_events+0x210/0x210 [ 53.995093][ T3499] ? lockdep_hardirqs_off+0x70/0x100 [ 54.000376][ T3499] ? do_raw_spin_unlock+0x137/0x8b0 [ 54.005674][ T3499] __mutex_lock_common+0x1da/0x25a0 [ 54.011046][ T3499] ? jbd2_journal_lock_updates+0x2aa/0x370 [ 54.016900][ T3499] ? jbd2_journal_lock_updates+0x2aa/0x370 [ 54.022721][ T3499] ? jbd2_journal_lock_updates+0x299/0x370 [ 54.028539][ T3499] ? jbd2_journal_wait_updates+0x268/0x2d0 [ 54.034440][ T3499] ? mutex_lock_io_nested+0x60/0x60 [ 54.039772][ T3499] ? do_raw_read_unlock+0x70/0x70 [ 54.044801][ T3499] ? rcu_sync_func+0xaa/0x210 [ 54.049484][ T3499] mutex_lock_nested+0x17/0x20 [ 54.054258][ T3499] jbd2_journal_lock_updates+0x2aa/0x370 [ 54.059902][ T3499] ? jbd2_journal_wait_updates+0x2d0/0x2d0 [ 54.065728][ T3499] ? down_write+0x10e/0x170 [ 54.070222][ T3499] ? cpumask_next+0xc3/0xf0 [ 54.074719][ T3499] ? percpu_down_write+0x1ea/0x2d0 [ 54.079825][ T3499] ext4_change_inode_journal_flag+0x1a8/0x6e0 [ 54.085892][ T3499] ext4_fileattr_set+0xdf4/0x1750 [ 54.090935][ T3499] ? ext4_fileattr_get+0x200/0x200 [ 54.096127][ T3499] ? memset+0x1f/0x40 [ 54.100159][ T3499] ? fileattr_fill_flags+0x1d0/0x300 [ 54.105446][ T3499] ? fscrypt_prepare_setflags+0x5d/0x220 [ 54.111075][ T3499] vfs_fileattr_set+0x8f3/0xd30 [ 54.116257][ T3499] ? copy_fsxattr_to_user+0x3a0/0x3a0 [ 54.121639][ T3499] do_vfs_ioctl+0x1d85/0x2b70 [ 54.126317][ T3499] ? __x64_compat_sys_ioctl+0x80/0x80 [ 54.132382][ T3499] ? __lock_acquire+0x1ff0/0x1ff0 [ 54.137398][ T3499] ? slab_free_freelist_hook+0xdd/0x160 [ 54.142931][ T3499] ? tomoyo_path_number_perm+0x648/0x810 [ 54.148553][ T3499] ? kfree+0xf1/0x270 [ 54.152524][ T3499] ? tomoyo_path_number_perm+0x6ab/0x810 [ 54.158165][ T3499] ? tomoyo_check_path_acl+0x1c0/0x1c0 [ 54.163756][ T3499] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 54.169833][ T3499] ? print_irqtrace_events+0x210/0x210 [ 54.175401][ T3499] ? vtime_user_exit+0x2d1/0x400 [ 54.180341][ T3499] ? bpf_lsm_file_ioctl+0x5/0x10 [ 54.185367][ T3499] ? security_file_ioctl+0x7d/0xa0 [ 54.190474][ T3499] __se_sys_ioctl+0x81/0x160 [ 54.195057][ T3499] do_syscall_64+0x3d/0xb0 [ 54.199489][ T3499] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 54.205378][ T3499] RIP: 0033:0x7f844a925369 [ 54.209795][ T3499] Code: 48 83 c4 28 c3 e8 37 17 00 00 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 54.229477][ T3499] RSP: 002b:00007ffeaa8a2b98 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 54.238178][ T3499] RAX: ffffffffffffffda RBX: 0073746e6576652e RCX: 00007f844a925369 [ 54.246139][ T3499] RDX: 0000000020000000 RSI: 0000000040086602 RDI: 00