syzbot

======================================================
WARNING: possible circular locking dependency detected
5.15.179-syzkaller #0 Not tainted
------------------------------------------------------
kworker/u4:3/467 is trying to acquire lock:
ffff888070a719c0 (&rl->lock){++++}-{3:3}, at: ntfs_read_block fs/ntfs/aops.c:248 [inline]
ffff888070a719c0 (&rl->lock){++++}-{3:3}, at: ntfs_readpage+0x123e/0x2210 fs/ntfs/aops.c:435

but task is already holding lock:
ffff888070a789d0 (&ni->mrec_lock){+.+.}-{3:3}, at: map_mft_record+0x4a/0x850 fs/ntfs/mft.c:154

which lock already depends on the new lock.


the existing dependency chain (in reverse order) is:

-> #1 (&ni->mrec_lock){+.+.}-{3:3}:
       lock_acquire+0x1db/0x4f0 kernel/locking/lockdep.c:5623
       __mutex_lock_common+0x1da/0x25a0 kernel/locking/mutex.c:596
       __mutex_lock kernel/locking/mutex.c:729 [inline]
       mutex_lock_nested+0x17/0x20 kernel/locking/mutex.c:743
       map_mft_record+0x4a/0x850 fs/ntfs/mft.c:154
       ntfs_map_runlist_nolock+0x44b/0x1770 fs/ntfs/attrib.c:91
       ntfs_prepare_pages_for_non_resident_write fs/ntfs/file.c:886 [inline]
       ntfs_perform_write+0x2506/0x8280 fs/ntfs/file.c:1848
       ntfs_file_write_iter+0x15a6/0x1fa0 fs/ntfs/file.c:1921
       do_iter_readv_writev+0x594/0x7a0 fs/read_write.c:-1
       do_iter_write+0x1e6/0x760 fs/read_write.c:855
       vfs_writev fs/read_write.c:928 [inline]
       do_pwritev+0x219/0x360 fs/read_write.c:1025
       do_syscall_x64 arch/x86/entry/common.c:50 [inline]
       do_syscall_64+0x3b/0xb0 arch/x86/entry/common.c:80
       entry_SYSCALL_64_after_hwframe+0x66/0xd0

-> #0 (&rl->lock){++++}-{3:3}:
       check_prev_add kernel/locking/lockdep.c:3053 [inline]
       check_prevs_add kernel/locking/lockdep.c:3172 [inline]
       validate_chain+0x1649/0x5930 kernel/locking/lockdep.c:3788
       __lock_acquire+0x1295/0x1ff0 kernel/locking/lockdep.c:5012
       lock_acquire+0x1db/0x4f0 kernel/locking/lockdep.c:5623
       down_read+0x45/0x2e0 kernel/locking/rwsem.c:1498
       ntfs_read_block fs/ntfs/aops.c:248 [inline]
       ntfs_readpage+0x123e/0x2210 fs/ntfs/aops.c:435
       do_read_cache_page+0x752/0x1040 mm/filemap.c:-1
       read_mapping_page include/linux/pagemap.h:515 [inline]
       ntfs_map_page+0x25/0x390 fs/ntfs/aops.h:75
       ntfs_sync_mft_mirror+0x253/0x19e0 fs/ntfs/mft.c:480
       write_mft_record_nolock+0x1164/0x16c0 fs/ntfs/mft.c:787
       write_mft_record fs/ntfs/mft.h:95 [inline]
       __ntfs_write_inode+0x7b4/0xdd0 fs/ntfs/inode.c:3050
       write_inode fs/fs-writeback.c:1495 [inline]
       __writeback_single_inode+0x644/0xe30 fs/fs-writeback.c:1705
       writeback_sb_inodes+0xbce/0x1a40 fs/fs-writeback.c:1930
       __writeback_inodes_wb+0x114/0x400 fs/fs-writeback.c:2001
       wb_writeback+0x465/0xc50 fs/fs-writeback.c:2106
       wb_check_background_flush fs/fs-writeback.c:2172 [inline]
       wb_do_writeback fs/fs-writeback.c:2260 [inline]
       wb_workfn+0xd07/0x1130 fs/fs-writeback.c:2288
       process_one_work+0x8a1/0x10c0 kernel/workqueue.c:2310
       worker_thread+0xaca/0x1280 kernel/workqueue.c:2457
       kthread+0x3f6/0x4f0 kernel/kthread.c:334
       ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:287

other info that might help us debug this:

 Possible unsafe locking scenario:

       CPU0                    CPU1
       ----                    ----
  lock(&ni->mrec_lock);
                               lock(&rl->lock);
                               lock(&ni->mrec_lock);
  lock(&rl->lock);

 *** DEADLOCK ***

4 locks held by kworker/u4:3/467:
 #0: ffff888142d98938 ((wq_completion)writeback){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0 kernel/workqueue.c:2283
 #1: ffffc90002fdfd20 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0 kernel/workqueue.c:2285
 #2: ffff88802c1540e0 (&type->s_umount_key#65){.+.+}-{3:3}, at: trylock_super+0x1b/0xf0 fs/super.c:418
 #3: ffff888070a789d0 (&ni->mrec_lock){+.+.}-{3:3}, at: map_mft_record+0x4a/0x850 fs/ntfs/mft.c:154

stack backtrace:
CPU: 0 PID: 467 Comm: kworker/u4:3 Not tainted 5.15.179-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
Workqueue: writeback wb_workfn (flush-7:2)
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x1e3/0x2d0 lib/dump_stack.c:106
 check_noncircular+0x2f8/0x3b0 kernel/locking/lockdep.c:2133
 check_prev_add kernel/locking/lockdep.c:3053 [inline]
 check_prevs_add kernel/locking/lockdep.c:3172 [inline]
 validate_chain+0x1649/0x5930 kernel/locking/lockdep.c:3788
 __lock_acquire+0x1295/0x1ff0 kernel/locking/lockdep.c:5012
 lock_acquire+0x1db/0x4f0 kernel/locking/lockdep.c:5623
 down_read+0x45/0x2e0 kernel/locking/rwsem.c:1498
 ntfs_read_block fs/ntfs/aops.c:248 [inline]
 ntfs_readpage+0x123e/0x2210 fs/ntfs/aops.c:435
 do_read_cache_page+0x752/0x1040 mm/filemap.c:-1
 read_mapping_page include/linux/pagemap.h:515 [inline]
 ntfs_map_page+0x25/0x390 fs/ntfs/aops.h:75
 ntfs_sync_mft_mirror+0x253/0x19e0 fs/ntfs/mft.c:480
 write_mft_record_nolock+0x1164/0x16c0 fs/ntfs/mft.c:787
 write_mft_record fs/ntfs/mft.h:95 [inline]
 __ntfs_write_inode+0x7b4/0xdd0 fs/ntfs/inode.c:3050
 write_inode fs/fs-writeback.c:1495 [inline]
 __writeback_single_inode+0x644/0xe30 fs/fs-writeback.c:1705
 writeback_sb_inodes+0xbce/0x1a40 fs/fs-writeback.c:1930
 __writeback_inodes_wb+0x114/0x400 fs/fs-writeback.c:2001
 wb_writeback+0x465/0xc50 fs/fs-writeback.c:2106
 wb_check_background_flush fs/fs-writeback.c:2172 [inline]
 wb_do_writeback fs/fs-writeback.c:2260 [inline]
 wb_workfn+0xd07/0x1130 fs/fs-writeback.c:2288
 process_one_work+0x8a1/0x10c0 kernel/workqueue.c:2310
 worker_thread+0xaca/0x1280 kernel/workqueue.c:2457
 kthread+0x3f6/0x4f0 kernel/kthread.c:334
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:287
 </TASK>