warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow
======================================================
WARNING: possible circular locking dependency detected
6.0.0-rc2-next-20220825 #1 Not tainted
------------------------------------------------------
syz-executor.4/106844 is trying to acquire lock:
ffff888008248400 (&sb->s_type->i_mutex_key#6){++++}-{3:3}, at: ext4_bmap+0x4e/0x470

but task is already holding lock:
ffff88800ff183f8 (&journal->j_checkpoint_mutex){+.+.}-{3:3}, at: jbd2_journal_flush+0x48b/0xc00

which lock already depends on the new lock.


the existing dependency chain (in reverse order) is:

-> #3 (&journal->j_checkpoint_mutex){+.+.}-{3:3}:
       mutex_lock_io_nested+0x148/0x1310
       jbd2_journal_flush+0x19a/0xc00
       ext4_ioctl_group_add+0x2b3/0x580
       __ext4_ioctl+0x6c7/0x4090
       __x64_sys_ioctl+0x19a/0x210
       do_syscall_64+0x3b/0x90
       entry_SYSCALL_64_after_hwframe+0x63/0xcd

-> #2 (&journal->j_barrier){+.+.}-{3:3}:
       __mutex_lock+0x136/0x14d0
       jbd2_journal_lock_updates+0x15e/0x310
       ext4_change_inode_journal_flag+0x17f/0x530
       ext4_fileattr_set+0x140d/0x18a0
       vfs_fileattr_set+0x77c/0xb80
       do_vfs_ioctl+0xfc2/0x1610
       __x64_sys_ioctl+0x10c/0x210
       do_syscall_64+0x3b/0x90
       entry_SYSCALL_64_after_hwframe+0x63/0xcd

-> #1 (&sbi->s_writepages_rwsem){++++}-{0:0}:
       percpu_down_write+0x4d/0x3d0
       ext4_ind_migrate+0x237/0x830
       ext4_fileattr_set+0x1434/0x18a0
       vfs_fileattr_set+0x77c/0xb80
       do_vfs_ioctl+0xfc2/0x1610
       __x64_sys_ioctl+0x10c/0x210
       do_syscall_64+0x3b/0x90
       entry_SYSCALL_64_after_hwframe+0x63/0xcd

-> #0 (&sb->s_type->i_mutex_key#6){++++}-{3:3}:
       __lock_acquire+0x2a02/0x5e70
       lock_acquire+0x1a2/0x530
       down_read+0x98/0x450
       ext4_bmap+0x4e/0x470
       bmap+0xac/0x120
       jbd2_journal_bmap+0xa8/0x180
       jbd2_journal_flush+0x853/0xc00
       __ext4_ioctl+0x9e9/0x4090
       __x64_sys_ioctl+0x19a/0x210
       do_syscall_64+0x3b/0x90
       entry_SYSCALL_64_after_hwframe+0x63/0xcd

other info that might help us debug this:

Chain exists of:
  &sb->s_type->i_mutex_key#6 --> &journal->j_barrier --> &journal->j_checkpoint_mutex

 Possible unsafe locking scenario:

       CPU0                    CPU1
       ----                    ----
  lock(&journal->j_checkpoint_mutex);
                               lock(&journal->j_barrier);
                               lock(&journal->j_checkpoint_mutex);
  lock(&sb->s_type->i_mutex_key#6);

 *** DEADLOCK ***

2 locks held by syz-executor.4/106844:
 #0: ffff88800ff18170 (&journal->j_barrier){+.+.}-{3:3}, at: jbd2_journal_lock_updates+0x15e/0x310
 #1: ffff88800ff183f8 (&journal->j_checkpoint_mutex){+.+.}-{3:3}, at: jbd2_journal_flush+0x48b/0xc00

stack backtrace:
CPU: 1 PID: 106844 Comm: syz-executor.4 Not tainted 6.0.0-rc2-next-20220825 #1
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
Call Trace:
 <TASK>
 dump_stack_lvl+0x8b/0xb3
 check_noncircular+0x263/0x2e0
 __lock_acquire+0x2a02/0x5e70
 lock_acquire+0x1a2/0x530
 down_read+0x98/0x450
 ext4_bmap+0x4e/0x470
 bmap+0xac/0x120
 jbd2_journal_bmap+0xa8/0x180
 jbd2_journal_flush+0x853/0xc00
 __ext4_ioctl+0x9e9/0x4090
 __x64_sys_ioctl+0x19a/0x210
 do_syscall_64+0x3b/0x90
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7fdb2c59ab19
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fdb29b10188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00007fdb2c6adf60 RCX: 00007fdb2c59ab19
RDX: 0000000020000340 RSI: 000000004004662b RDI: 0000000000000004
RBP: 00007fdb2c5f4f6d R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffe5291ab9f R14: 00007fdb29b10300 R15: 0000000000022000
 </TASK>
warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow
SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=107477 comm=syz-executor.6
ieee80211 phy18: Selected rate control algorithm 'minstrel_ht'
warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow
SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=107699 comm=syz-executor.7
SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=107705 comm=syz-executor.6
SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=107811 comm=syz-executor.6
SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=107816 comm=syz-executor.7
warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow
SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=107866 comm=syz-executor.7
SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=107895 comm=syz-executor.6
Process accounting resumed
Process accounting resumed
Process accounting resumed
Process accounting resumed
Process accounting resumed
Process accounting resumed
Process accounting resumed
Process accounting resumed
Process accounting resumed
Process accounting resumed
Process accounting resumed
Process accounting resumed
Process accounting resumed
capability: warning: `syz-executor.5' uses 32-bit capabilities (legacy support in use)