warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'. ====================================================== WARNING: possible circular locking dependency detected 6.2.0-rc3-next-20230112 #1 Not tainted ------------------------------------------------------ syz-executor.6/8484 is trying to acquire lock: ffff88800c178400 (&sb->s_type->i_mutex_key#6){++++}-{3:3}, at: ext4_bmap+0x52/0x470 but task is already holding lock: ffff88800ff703f8 (&journal->j_checkpoint_mutex){+.+.}-{3:3}, at: jbd2_journal_flush+0x48f/0xc10 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #3 (&journal->j_checkpoint_mutex){+.+.}-{3:3}: mutex_lock_io_nested+0x14c/0x1330 jbd2_journal_flush+0x19e/0xc10 __ext4_ioctl+0x9e3/0x43e0 __x64_sys_ioctl+0x19e/0x210 do_syscall_64+0x3f/0x90 entry_SYSCALL_64_after_hwframe+0x72/0xdc -> #2 (&journal->j_barrier){+.+.}-{3:3}: __mutex_lock+0x136/0x14e0 jbd2_journal_lock_updates+0x162/0x310 ext4_change_inode_journal_flag+0x187/0x550 ext4_fileattr_set+0x14fa/0x19f0 vfs_fileattr_set+0x7a2/0xbd0 do_vfs_ioctl+0xfa6/0x15d0 __x64_sys_ioctl+0x110/0x210 do_syscall_64+0x3f/0x90 entry_SYSCALL_64_after_hwframe+0x72/0xdc -> #1 (&sbi->s_writepages_rwsem){++++}-{0:0}: percpu_down_write+0x51/0x350 ext4_ind_migrate+0x23b/0x840 ext4_fileattr_set+0x1521/0x19f0 vfs_fileattr_set+0x7a2/0xbd0 do_vfs_ioctl+0xfa6/0x15d0 __x64_sys_ioctl+0x110/0x210 do_syscall_64+0x3f/0x90 entry_SYSCALL_64_after_hwframe+0x72/0xdc -> #0 (&sb->s_type->i_mutex_key#6){++++}-{3:3}: __lock_acquire+0x2999/0x5e00 lock_acquire.part.0+0x11e/0x340 down_read+0x9c/0x450 ext4_bmap+0x52/0x470 bmap+0xb0/0x130 jbd2_journal_bmap+0xac/0x190 jbd2_journal_flush+0x860/0xc10 __ext4_ioctl+0x9e3/0x43e0 __x64_sys_ioctl+0x19e/0x210 do_syscall_64+0x3f/0x90 entry_SYSCALL_64_after_hwframe+0x72/0xdc other info that might help us debug this: Chain exists of: &sb->s_type->i_mutex_key#6 --> &journal->j_barrier --> &journal->j_checkpoint_mutex Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(&journal->j_checkpoint_mutex); lock(&journal->j_barrier); lock(&journal->j_checkpoint_mutex); lock(&sb->s_type->i_mutex_key#6); *** DEADLOCK *** 2 locks held by syz-executor.6/8484: #0: ffff88800ff70170 (&journal->j_barrier){+.+.}-{3:3}, at: jbd2_journal_lock_updates+0x162/0x310 #1: ffff88800ff703f8 (&journal->j_checkpoint_mutex){+.+.}-{3:3}, at: jbd2_journal_flush+0x48f/0xc10 stack backtrace: CPU: 1 PID: 8484 Comm: syz-executor.6 Not tainted 6.2.0-rc3-next-20230112 #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 Call Trace: dump_stack_lvl+0x8f/0xb7 check_noncircular+0x263/0x2e0 __lock_acquire+0x2999/0x5e00 lock_acquire.part.0+0x11e/0x340 down_read+0x9c/0x450 ext4_bmap+0x52/0x470 bmap+0xb0/0x130 jbd2_journal_bmap+0xac/0x190 jbd2_journal_flush+0x860/0xc10 __ext4_ioctl+0x9e3/0x43e0 __x64_sys_ioctl+0x19e/0x210 do_syscall_64+0x3f/0x90 entry_SYSCALL_64_after_hwframe+0x72/0xdc RIP: 0033:0x7f8bef4a4b19 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f8beca1a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00007f8bef5b7f60 RCX: 00007f8bef4a4b19 RDX: 0000000020000080 RSI: 000000004004662b RDI: 0000000000000003 RBP: 00007f8bef4fef6d R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffd40ad36ef R14: 00007f8beca1a300 R15: 0000000000022000 warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow Bluetooth: hci6: command 0x2016 tx timeout Bluetooth: hci2: command 0x2016 tx timeout netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'. warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'. warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'. warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow ext4_ioctl_checkpoint: 1 callbacks suppressed warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow process 'syz-executor.6' launched './file1' with NULL argv: empty string added loop6: detected capacity change from 0 to 63 ext4: Unknown parameter 'smackfstransmute' warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow loop6: detected capacity change from 0 to 63 ext4: Unknown parameter 'smackfstransmute' loop5: detected capacity change from 0 to 63 ext4: Unknown parameter 'smackfstransmute' loop6: detected capacity change from 0 to 63 ext4: Unknown parameter 'smackfstransmute' loop7: detected capacity change from 0 to 63 ext4: Unknown parameter 'smackfstransmute' loop5: detected capacity change from 0 to 63 ext4: Unknown parameter 'smackfstransmute' loop7: detected capacity change from 0 to 63 ext4: Unknown parameter 'smackfstransmute' loop6: detected capacity change from 0 to 63 ext4: Unknown parameter 'smackfstransmute' loop5: detected capacity change from 0 to 63 ext4: Unknown parameter 'smackfstransmute' loop6: detected capacity change from 0 to 63 ext4: Unknown parameter 'smackfstransmute' device lo left promiscuous mode loop7: detected capacity change from 0 to 63 ext4: Unknown parameter 'smackfstransmute' device lo entered promiscuous mode device lo left promiscuous mode device lo entered promiscuous mode device lo left promiscuous mode device lo entered promiscuous mode device lo entered promiscuous mode device lo left promiscuous mode device lo entered promiscuous mode device lo left promiscuous mode device lo entered promiscuous mode