warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow
======================================================
WARNING: possible circular locking dependency detected
6.1.101-syzkaller-00106-gc18e82d3ee44 #0 Not tainted
------------------------------------------------------
syz.3.1186/8356 is trying to acquire lock:
ffff888028478400 (&sb->s_type->i_mutex_key
#8){++++}-{3:3}, at: inode_lock_shared include/linux/fs.h:768 [inline]
#8){++++}-{3:3}, at: ext4_bmap+0x4b/0x410 fs/ext4/inode.c:3176
but task is already holding lock:
ffff88814be923f8 (&journal->j_checkpoint_mutex){+.+.}-{3:3}, at: jbd2_journal_flush+0x323/0xc40 fs/jbd2/journal.c:2478
which lock already depends on the new lock.
the existing dependency chain (in reverse order) is:
-> #4 (&journal->j_checkpoint_mutex){+.+.}-{3:3}:
lock_acquire+0x1f8/0x5a0 kernel/locking/lockdep.c:5662
__mutex_lock_common kernel/locking/mutex.c:603 [inline]
mutex_lock_io_nested+0x134/0xab0 kernel/locking/mutex.c:833
jbd2_journal_flush+0x29b/0xc40 fs/jbd2/journal.c:2468
ext4_ioctl_checkpoint fs/ext4/ioctl.c:1086 [inline]
__ext4_ioctl fs/ext4/ioctl.c:1594 [inline]
ext4_ioctl+0x3986/0x5f60 fs/ext4/ioctl.c:1614
vfs_ioctl fs/ioctl.c:51 [inline]
__do_sys_ioctl fs/ioctl.c:870 [inline]
__se_sys_ioctl+0xf1/0x160 fs/ioctl.c:856
do_syscall_x64 arch/x86/entry/common.c:51 [inline]
do_syscall_64+0x3b/0xb0 arch/x86/entry/common.c:81
entry_SYSCALL_64_after_hwframe+0x68/0xd2
-> #3 (&journal->j_barrier){+.+.}-{3:3}:
lock_acquire+0x1f8/0x5a0 kernel/locking/lockdep.c:5662
__mutex_lock_common kernel/locking/mutex.c:603 [inline]
__mutex_lock+0x132/0xd80 kernel/locking/mutex.c:747
jbd2_journal_lock_updates+0x2b0/0x380 fs/jbd2/transaction.c:904
ext4_change_inode_journal_flag+0x1a8/0x6e0 fs/ext4/inode.c:6120
ext4_ioctl_setflags fs/ext4/ioctl.c:688 [inline]
ext4_fileattr_set+0xe04/0x1770 fs/ext4/ioctl.c:1008
vfs_fileattr_set+0x8f3/0xd30 fs/ioctl.c:696
ioctl_setflags fs/ioctl.c:728 [inline]
do_vfs_ioctl+0x1cd1/0x2a90 fs/ioctl.c:839
__do_sys_ioctl fs/ioctl.c:868 [inline]
__se_sys_ioctl+0x81/0x160 fs/ioctl.c:856
do_syscall_x64 arch/x86/entry/common.c:51 [inline]
do_syscall_64+0x3b/0xb0 arch/x86/entry/common.c:81
entry_SYSCALL_64_after_hwframe+0x68/0xd2
-> #2 (&sbi->s_writepages_rwsem){++++}-{0:0}:
lock_acquire+0x1f8/0x5a0 kernel/locking/lockdep.c:5662
percpu_down_read+0x44/0x1a0 include/linux/percpu-rwsem.h:51
ext4_writepages+0x1e5/0x3de0 fs/ext4/inode.c:2703
do_writepages+0x3a2/0x670 mm/page-writeback.c:2491
filemap_fdatawrite_wbc+0x121/0x180 mm/filemap.c:388
__filemap_fdatawrite_range mm/filemap.c:421 [inline]
filemap_write_and_wait_range+0x1a4/0x290 mm/filemap.c:674
filemap_write_and_wait include/linux/pagemap.h:60 [inline]
ext4_change_inode_journal_flag+0x143/0x6e0 fs/ext4/inode.c:6112
ext4_ioctl_setflags fs/ext4/ioctl.c:688 [inline]
ext4_fileattr_set+0xe04/0x1770 fs/ext4/ioctl.c:1008
vfs_fileattr_set+0x8f3/0xd30 fs/ioctl.c:696
ioctl_setflags fs/ioctl.c:728 [inline]
do_vfs_ioctl+0x1cd1/0x2a90 fs/ioctl.c:839
__do_sys_ioctl fs/ioctl.c:868 [inline]
__se_sys_ioctl+0x81/0x160 fs/ioctl.c:856
do_syscall_x64 arch/x86/entry/common.c:51 [inline]
do_syscall_64+0x3b/0xb0 arch/x86/entry/common.c:81
entry_SYSCALL_64_after_hwframe+0x68/0xd2
-> #1 (mapping.invalidate_lock){++++}-{3:3}:
lock_acquire+0x1f8/0x5a0 kernel/locking/lockdep.c:5662
down_write+0x36/0x60 kernel/locking/rwsem.c:1573
filemap_invalidate_lock include/linux/fs.h:803 [inline]
ext4_setattr+0xec7/0x1a00 fs/ext4/inode.c:5507
notify_change+0xce3/0xfc0 fs/attr.c:499
do_truncate+0x21c/0x300 fs/open.c:65
do_sys_ftruncate+0x2e2/0x380 fs/open.c:193
do_syscall_x64 arch/x86/entry/common.c:51 [inline]
do_syscall_64+0x3b/0xb0 arch/x86/entry/common.c:81
entry_SYSCALL_64_after_hwframe+0x68/0xd2
-> #0 (&sb->s_type->i_mutex_key#8){++++}-{3:3}:
check_prev_add kernel/locking/lockdep.c:3090 [inline]
check_prevs_add kernel/locking/lockdep.c:3209 [inline]
validate_chain+0x1661/0x5950 kernel/locking/lockdep.c:3825
__lock_acquire+0x125b/0x1f80 kernel/locking/lockdep.c:5049
lock_acquire+0x1f8/0x5a0 kernel/locking/lockdep.c:5662
down_read+0xad/0xa30 kernel/locking/rwsem.c:1520
inode_lock_shared include/linux/fs.h:768 [inline]
ext4_bmap+0x4b/0x410 fs/ext4/inode.c:3176
bmap+0xa1/0xd0 fs/inode.c:1842
jbd2_journal_bmap fs/jbd2/journal.c:977 [inline]
__jbd2_journal_erase fs/jbd2/journal.c:1794 [inline]
jbd2_journal_flush+0x5b5/0xc40 fs/jbd2/journal.c:2496
ext4_ioctl_checkpoint fs/ext4/ioctl.c:1086 [inline]
__ext4_ioctl fs/ext4/ioctl.c:1594 [inline]
ext4_ioctl+0x3986/0x5f60 fs/ext4/ioctl.c:1614
vfs_ioctl fs/ioctl.c:51 [inline]
__do_sys_ioctl fs/ioctl.c:870 [inline]
__se_sys_ioctl+0xf1/0x160 fs/ioctl.c:856
do_syscall_x64 arch/x86/entry/common.c:51 [inline]
do_syscall_64+0x3b/0xb0 arch/x86/entry/common.c:81
entry_SYSCALL_64_after_hwframe+0x68/0xd2
other info that might help us debug this:
Chain exists of:
&sb->s_type->i_mutex_key#8 --> &journal->j_barrier --> &journal->j_checkpoint_mutex
Possible unsafe locking scenario:
CPU0 CPU1
---- ----
lock(&journal->j_checkpoint_mutex);
lock(&journal->j_barrier);
lock(&journal->j_checkpoint_mutex);
lock(&sb->s_type->i_mutex_key#8);
*** DEADLOCK ***
2 locks held by syz.3.1186/8356:
#0: ffff88814be92170 (&journal->j_barrier){+.+.}-{3:3}, at: jbd2_journal_lock_updates+0x2b0/0x380 fs/jbd2/transaction.c:904
#1: ffff88814be923f8 (&journal->j_checkpoint_mutex){+.+.}-{3:3}, at: jbd2_journal_flush+0x323/0xc40 fs/jbd2/journal.c:2478
stack backtrace:
CPU: 1 PID: 8356 Comm: syz.3.1186 Not tainted 6.1.101-syzkaller-00106-gc18e82d3ee44 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
Call Trace:
<TASK>
__dump_stack lib/dump_stack.c:88 [inline]
dump_stack_lvl+0x1e3/0x2cb lib/dump_stack.c:106
check_noncircular+0x2fa/0x3b0 kernel/locking/lockdep.c:2170
check_prev_add kernel/locking/lockdep.c:3090 [inline]
check_prevs_add kernel/locking/lockdep.c:3209 [inline]
validate_chain+0x1661/0x5950 kernel/locking/lockdep.c:3825
__lock_acquire+0x125b/0x1f80 kernel/locking/lockdep.c:5049
lock_acquire+0x1f8/0x5a0 kernel/locking/lockdep.c:5662
down_read+0xad/0xa30 kernel/locking/rwsem.c:1520
inode_lock_shared include/linux/fs.h:768 [inline]
ext4_bmap+0x4b/0x410 fs/ext4/inode.c:3176
bmap+0xa1/0xd0 fs/inode.c:1842
jbd2_journal_bmap fs/jbd2/journal.c:977 [inline]
__jbd2_journal_erase fs/jbd2/journal.c:1794 [inline]
jbd2_journal_flush+0x5b5/0xc40 fs/jbd2/journal.c:2496
ext4_ioctl_checkpoint fs/ext4/ioctl.c:1086 [inline]
__ext4_ioctl fs/ext4/ioctl.c:1594 [inline]
ext4_ioctl+0x3986/0x5f60 fs/ext4/ioctl.c:1614
vfs_ioctl fs/ioctl.c:51 [inline]
__do_sys_ioctl fs/ioctl.c:870 [inline]
__se_sys_ioctl+0xf1/0x160 fs/ioctl.c:856
do_syscall_x64 arch/x86/entry/common.c:51 [inline]
do_syscall_64+0x3b/0xb0 arch/x86/entry/common.c:81
entry_SYSCALL_64_after_hwframe+0x68/0xd2
RIP: 0033:0x7f6c9f775f19
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f6ca0614048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00007f6c9f906038 RCX: 00007f6c9f775f19
RDX: 0000000020000180 RSI: 000000004004662b RDI: 0000000000000005
RBP: 00007f6c9f7e4e68 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 000000000000006e R14: 00007f6c9f906038 R15: 00007ffd1e9cb318
</TASK>