warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow
======================================================
WARNING: possible circular locking dependency detected
6.2.0-rc1-syzkaller #0 Tainted: G W
------------------------------------------------------
syz-executor.0/10835 is trying to acquire lock:
ff600000114c8400 (&sb->s_type->i_mutex_key#8){++++}-{3:3}, at: inode_lock_shared include/linux/fs.h:766 [inline]
ff600000114c8400 (&sb->s_type->i_mutex_key#8){++++}-{3:3}, at: ext4_bmap+0x40/0x250 fs/ext4/inode.c:3243
but task is already holding lock:
ff600000124da3f8 (&journal->j_checkpoint_mutex){+.+.}-{3:3}, at: jbd2_journal_flush+0x376/0x800 fs/jbd2/journal.c:2474
which lock already depends on the new lock.
the existing dependency chain (in reverse order) is:
-> #3 (&journal->j_checkpoint_mutex){+.+.}-{3:3}:
lock_acquire.part.0+0x1d0/0x424 kernel/locking/lockdep.c:5668
lock_acquire+0x54/0x6a kernel/locking/lockdep.c:5641
__mutex_lock_common kernel/locking/mutex.c:603 [inline]
mutex_lock_io_nested+0x120/0xa4e kernel/locking/mutex.c:833
jbd2_journal_flush+0x158/0x800 fs/jbd2/journal.c:2464
ext4_ioctl_checkpoint fs/ext4/ioctl.c:1082 [inline]
__ext4_ioctl+0x2542/0x3330 fs/ext4/ioctl.c:1590
ext4_ioctl+0x26/0x34 fs/ext4/ioctl.c:1610
vfs_ioctl fs/ioctl.c:51 [inline]
__do_sys_ioctl fs/ioctl.c:870 [inline]
sys_ioctl+0x112/0x14c fs/ioctl.c:856
ret_from_syscall+0x0/0x2
-> #2 (&journal->j_barrier){+.+.}-{3:3}:
lock_acquire.part.0+0x1d0/0x424 kernel/locking/lockdep.c:5668
lock_acquire+0x54/0x6a kernel/locking/lockdep.c:5641
__mutex_lock_common kernel/locking/mutex.c:603 [inline]
__mutex_lock+0x114/0xb42 kernel/locking/mutex.c:747
mutex_lock_nested+0x14/0x1c kernel/locking/mutex.c:799
jbd2_journal_lock_updates+0x154/0x28a fs/jbd2/transaction.c:904
ext4_change_inode_journal_flag+0x114/0x342 fs/ext4/inode.c:6158
ext4_ioctl_setflags fs/ext4/ioctl.c:687 [inline]
ext4_fileattr_set+0xe60/0xfda fs/ext4/ioctl.c:1004
vfs_fileattr_set+0x480/0x616 fs/ioctl.c:696
ioctl_fssetxattr fs/ioctl.c:758 [inline]
do_vfs_ioctl+0x854/0x151c fs/ioctl.c:845
__do_sys_ioctl fs/ioctl.c:868 [inline]
sys_ioctl+0xc4/0x14c fs/ioctl.c:856
ret_from_syscall+0x0/0x2
-> #1 (&sbi->s_writepages_rwsem){++++}-{0:0}:
lock_acquire.part.0+0x1d0/0x424 kernel/locking/lockdep.c:5668
lock_acquire+0x54/0x6a kernel/locking/lockdep.c:5641
percpu_down_read include/linux/percpu-rwsem.h:51 [inline]
ext4_writepages+0x15e/0x3ce fs/ext4/inode.c:2964
do_writepages+0x16e/0x452 mm/page-writeback.c:2581
filemap_fdatawrite_wbc mm/filemap.c:388 [inline]
filemap_fdatawrite_wbc+0xea/0x10e mm/filemap.c:378
__filemap_fdatawrite_range+0xe4/0x11e mm/filemap.c:421
filemap_write_and_wait_range mm/filemap.c:674 [inline]
filemap_write_and_wait_range+0x9a/0xf0 mm/filemap.c:665
__iomap_dio_rw+0x3fc/0x12c8 fs/iomap/direct-io.c:572
iomap_dio_rw+0x3e/0x9c fs/iomap/direct-io.c:689
ext4_dio_read_iter fs/ext4/file.c:94 [inline]
ext4_file_read_iter+0x200/0x2ba fs/ext4/file.c:145
call_read_iter include/linux/fs.h:2180 [inline]
generic_file_splice_read+0x114/0x2aa fs/splice.c:309
do_splice_to+0xea/0x140 fs/splice.c:793
splice_direct_to_actor+0x19a/0x464 fs/splice.c:865
do_splice_direct+0x14c/0x1ca fs/splice.c:974
do_sendfile+0x73c/0x832 fs/read_write.c:1255
__do_sys_sendfile64 fs/read_write.c:1323 [inline]
sys_sendfile64+0x21e/0x234 fs/read_write.c:1309
ret_from_syscall+0x0/0x2
-> #0 (&sb->s_type->i_mutex_key#8){++++}-{3:3}:
check_noncircular+0x1de/0x1fe kernel/locking/lockdep.c:2177
check_prev_add kernel/locking/lockdep.c:3097 [inline]
check_prevs_add kernel/locking/lockdep.c:3216 [inline]
validate_chain kernel/locking/lockdep.c:3831 [inline]
__lock_acquire+0x198a/0x347a kernel/locking/lockdep.c:5055
lock_acquire.part.0+0x1d0/0x424 kernel/locking/lockdep.c:5668
lock_acquire+0x54/0x6a kernel/locking/lockdep.c:5641
down_read+0x3c/0x54 kernel/locking/rwsem.c:1509
inode_lock_shared include/linux/fs.h:766 [inline]
ext4_bmap+0x40/0x250 fs/ext4/inode.c:3243
bmap+0x5a/0x84 fs/inode.c:1798
jbd2_journal_bmap+0xb4/0x18c fs/jbd2/journal.c:977
__jbd2_journal_erase fs/jbd2/journal.c:1789 [inline]
jbd2_journal_flush+0x5f6/0x800 fs/jbd2/journal.c:2492
ext4_ioctl_checkpoint fs/ext4/ioctl.c:1082 [inline]
__ext4_ioctl+0x2542/0x3330 fs/ext4/ioctl.c:1590
ext4_ioctl+0x26/0x34 fs/ext4/ioctl.c:1610
vfs_ioctl fs/ioctl.c:51 [inline]
__do_sys_ioctl fs/ioctl.c:870 [inline]
sys_ioctl+0x112/0x14c fs/ioctl.c:856
ret_from_syscall+0x0/0x2
other info that might help us debug this:
Chain exists of:
&sb->s_type->i_mutex_key#8 --> &journal->j_barrier --> &journal->j_checkpoint_mutex
Possible unsafe locking scenario:
CPU0 CPU1
---- ----
lock(&journal->j_checkpoint_mutex);
lock(&journal->j_barrier);
lock(&journal->j_checkpoint_mutex);
lock(&sb->s_type->i_mutex_key#8);
*** DEADLOCK ***
2 locks held by syz-executor.0/10835:
#0: ff600000124da170 (&journal->j_barrier){+.+.}-{3:3}, at: jbd2_journal_lock_updates+0x154/0x28a fs/jbd2/transaction.c:904
#1: ff600000124da3f8 (&journal->j_checkpoint_mutex){+.+.}-{3:3}, at: jbd2_journal_flush+0x376/0x800 fs/jbd2/journal.c:2474
stack backtrace:
CPU: 0 PID: 10835 Comm: syz-executor.0 Tainted: G W 6.2.0-rc1-syzkaller #0
Hardware name: riscv-virtio,qemu (DT)
Call Trace:
[<ffffffff8000b9ea>] dump_backtrace+0x2e/0x3c arch/riscv/kernel/stacktrace.c:121
[<ffffffff83402b96>] show_stack+0x34/0x40 arch/riscv/kernel/stacktrace.c:127
[<ffffffff83442726>] __dump_stack lib/dump_stack.c:88 [inline]
[<ffffffff83442726>] dump_stack_lvl+0xe0/0x14c lib/dump_stack.c:106
[<ffffffff834427ae>] dump_stack+0x1c/0x24 lib/dump_stack.c:113
[<ffffffff8012199a>] print_circular_bug+0x370/0x3fa kernel/locking/lockdep.c:2055
[<ffffffff80121c02>] check_noncircular+0x1de/0x1fe kernel/locking/lockdep.c:2177
[<ffffffff80125e68>] check_prev_add kernel/locking/lockdep.c:3097 [inline]
[<ffffffff80125e68>] check_prevs_add kernel/locking/lockdep.c:3216 [inline]
[<ffffffff80125e68>] validate_chain kernel/locking/lockdep.c:3831 [inline]
[<ffffffff80125e68>] __lock_acquire+0x198a/0x347a kernel/locking/lockdep.c:5055
[<ffffffff80128932>] lock_acquire.part.0+0x1d0/0x424 kernel/locking/lockdep.c:5668
[<ffffffff80128bda>] lock_acquire+0x54/0x6a kernel/locking/lockdep.c:5641
[<ffffffff8344e1a0>] down_read+0x3c/0x54 kernel/locking/rwsem.c:1509
[<ffffffff80776d76>] inode_lock_shared include/linux/fs.h:766 [inline]
[<ffffffff80776d76>] ext4_bmap+0x40/0x250 fs/ext4/inode.c:3243
[<ffffffff8058d3dc>] bmap+0x5a/0x84 fs/inode.c:1798
[<ffffffff8085a58c>] jbd2_journal_bmap+0xb4/0x18c fs/jbd2/journal.c:977
[<ffffffff8085af26>] __jbd2_journal_erase fs/jbd2/journal.c:1789 [inline]
[<ffffffff8085af26>] jbd2_journal_flush+0x5f6/0x800 fs/jbd2/journal.c:2492
[<ffffffff80798fd2>] ext4_ioctl_checkpoint fs/ext4/ioctl.c:1082 [inline]
[<ffffffff80798fd2>] __ext4_ioctl+0x2542/0x3330 fs/ext4/ioctl.c:1590
[<ffffffff8079af08>] ext4_ioctl+0x26/0x34 fs/ext4/ioctl.c:1610
[<ffffffff8057afa2>] vfs_ioctl fs/ioctl.c:51 [inline]
[<ffffffff8057afa2>] __do_sys_ioctl fs/ioctl.c:870 [inline]
[<ffffffff8057afa2>] sys_ioctl+0x112/0x14c fs/ioctl.c:856
[<ffffffff80005ff6>] ret_from_syscall+0x0/0x2