./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1922037614
<...>
Warning: Permanently added '10.128.0.217' (ED25519) to the list of known hosts.
execve("./syz-executor1922037614", ["./syz-executor1922037614"], 0x7ffc13b0bae0 /* 10 vars */) = 0
brk(NULL) = 0x555587880000
brk(0x555587880d00) = 0x555587880d00
arch_prctl(ARCH_SET_FS, 0x555587880380) = 0
set_tid_address(0x555587880650) = 5827
set_robust_list(0x555587880660, 24) = 0
rseq(0x555587880ca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor1922037614", 4096) = 28
getrandom("\xfc\x7f\xee\x95\x96\x0f\xec\x2c", 8, GRND_NONBLOCK) = 8
brk(NULL) = 0x555587880d00
brk(0x5555878a1d00) = 0x5555878a1d00
brk(0x5555878a2000) = 0x5555878a2000
mprotect(0x7f90c7b7a000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
write(1, "executing program\n", 18executing program
) = 18
memfd_create("syzkaller", 0) = 3
mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f90bf600000
write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x08\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x51\x49\x92\x54\x8e\xa5\x9a\x39\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
munmap(0x7f90bf600000, 138412032) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
ioctl(4, LOOP_SET_FD, 3) = 0
close(3) = 0
close(4) = 0
mkdir("./file0", 0777) = 0
[ 75.859541][ T5827] loop0: detected capacity change from 0 to 4096
mount("/dev/loop0", "./file0", "ntfs3", 0, "") = 0
openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
chdir("./file0") = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", S_IFREG|000) = 0
creat("./file0", 016115) = 4
[ 75.919620][ T5827] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[ 75.930418][ T5827] ntfs3(loop0): Failed to load $Extend (-22).
[ 75.936589][ T5827] ntfs3(loop0): Failed to initialize $Extend.
[ 75.977448][ T5827]
[ 75.979815][ T5827] ============================================
[ 75.985971][ T5827] WARNING: possible recursive locking detected
[ 75.992119][ T5827] 6.13.0-syzkaller-00918-g95ec54a420b8 #0 Not tainted
[ 75.998869][ T5827] --------------------------------------------
[ 76.005002][ T5827] syz-executor192/5827 is trying to acquire lock:
[ 76.011399][ T5827] ffff8880770b1e60 (&ni->ni_lock#2/5){+.+.}-{4:4}, at: mi_read+0x2e1/0x5a0
[ 76.020051][ T5827]
[ 76.020051][ T5827] but task is already holding lock:
[ 76.027414][ T5827] ffff8880770b3468 (&ni->ni_lock#2/5){+.+.}-{4:4}, at: ntfs_rename+0x74a/0xd10
[ 76.036399][ T5827]
[ 76.036399][ T5827] other info that might help us debug this:
[ 76.044453][ T5827] Possible unsafe locking scenario:
[ 76.044453][ T5827]
[ 76.051901][ T5827] CPU0
[ 76.055175][ T5827] ----
[ 76.058453][ T5827] lock(&ni->ni_lock#2/5);
[ 76.062973][ T5827] lock(&ni->ni_lock#2/5);
[ 76.067492][ T5827]
[ 76.067492][ T5827] *** DEADLOCK ***
[ 76.067492][ T5827]
[ 76.075630][ T5827] May be due to missing lock nesting notation
[ 76.075630][ T5827]
[ 76.083943][ T5827] 6 locks held by syz-executor192/5827:
[ 76.089500][ T5827] #0: ffff88807c650420 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90
[ 76.098663][ T5827] #1: ffff8880771120f8 (&type->i_mutex_dir_key#6/1){+.+.}-{4:4}, at: do_renameat2+0x62c/0x13f0
[ 76.109145][ T5827] #2: ffff8880770b3700 (&sb->s_type->i_mutex_key#14/4){+.+.}-{4:4}, at: vfs_rename+0x6a2/0xf00
[ 76.119621][ T5827] #3: ffff888077111e60 (&ni->ni_lock#2/6){+.+.}-{4:4}, at: ntfs_rename+0x72f/0xd10
[ 76.129045][ T5827] #4: ffff8880770b3468 (&ni->ni_lock#2/5){+.+.}-{4:4}, at: ntfs_rename+0x74a/0xd10
[ 76.138492][ T5827] #5: ffff88804b5c8128 (&wnd->rw_lock/1){+.+.}-{4:4}, at: ntfs_look_free_mft+0x1e5/0x10c0
[ 76.148522][ T5827]
[ 76.148522][ T5827] stack backtrace:
[ 76.154431][ T5827] CPU: 1 UID: 0 PID: 5827 Comm: syz-executor192 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0
[ 76.165191][ T5827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 76.175253][ T5827] Call Trace:
[ 76.178535][ T5827] <TASK>
[ 76.181466][ T5827] dump_stack_lvl+0x241/0x360
[ 76.186153][ T5827] ? __pfx_dump_stack_lvl+0x10/0x10
[ 76.191365][ T5827] ? __pfx__printk+0x10/0x10
[ 76.195963][ T5827] ? lockdep_unlock+0x16a/0x300
[ 76.200818][ T5827] print_deadlock_bug+0x483/0x620
[ 76.205851][ T5827] validate_chain+0x15e2/0x5920
[ 76.210716][ T5827] ? __pfx_validate_chain+0x10/0x10
[ 76.215920][ T5827] ? __pfx_validate_chain+0x10/0x10
[ 76.221129][ T5827] ? look_up_lock_class+0x77/0x170
[ 76.226264][ T5827] ? register_lock_class+0x102/0x980
[ 76.231555][ T5827] ? __pfx_register_lock_class+0x10/0x10
[ 76.237196][ T5827] ? mark_lock+0x9a/0x360
[ 76.241531][ T5827] __lock_acquire+0x1397/0x2100
[ 76.246396][ T5827] lock_acquire+0x1ed/0x550
[ 76.250902][ T5827] ? mi_read+0x2e1/0x5a0
[ 76.255153][ T5827] ? __pfx_lock_acquire+0x10/0x10
[ 76.260187][ T5827] ? __pfx___might_resched+0x10/0x10
[ 76.265470][ T5827] ? ntfs_read_run_nb+0x35c/0xf70
[ 76.270503][ T5827] ? ni_ins_attr_ext+0x369/0xbe0
[ 76.275440][ T5827] __mutex_lock+0x1ac/0xee0
[ 76.279966][ T5827] ? mi_read+0x2e1/0x5a0
[ 76.284246][ T5827] ? mi_read+0x2e1/0x5a0
[ 76.288504][ T5827] ? __pfx___mutex_lock+0x10/0x10
[ 76.293536][ T5827] ? __up_read+0x2c2/0x6b0
[ 76.297964][ T5827] ? __pfx___up_read+0x10/0x10
[ 76.302743][ T5827] mi_read+0x2e1/0x5a0
[ 76.306816][ T5827] mi_format_new+0x1ab/0x5d0
[ 76.311414][ T5827] ni_add_subrecord+0xe2/0x430
[ 76.316187][ T5827] ntfs_look_free_mft+0x878/0x10c0
[ 76.321309][ T5827] ? __pfx_ntfs_look_free_mft+0x10/0x10
[ 76.326862][ T5827] ? rcu_is_watching+0x15/0xb0
[ 76.331638][ T5827] ? mi_enum_attr+0x1ea/0xa30
[ 76.336319][ T5827] ni_create_attr_list+0x9bd/0x1480
[ 76.341539][ T5827] ? __pfx_ni_create_attr_list+0x10/0x10
[ 76.347281][ T5827] ? register_lock_class+0x102/0x980
[ 76.352569][ T5827] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 76.358553][ T5827] ? mark_lock+0x9a/0x360
[ 76.362887][ T5827] ni_ins_attr_ext+0x369/0xbe0
[ 76.367656][ T5827] ? ni_find_attr+0x390/0x8d0
[ 76.372343][ T5827] ? __pfx_ni_ins_attr_ext+0x10/0x10
[ 76.377631][ T5827] ? __pfx_ni_find_attr+0x10/0x10
[ 76.382669][ T5827] ni_add_name+0x809/0xe90
[ 76.387092][ T5827] ? __pfx_ni_add_name+0x10/0x10
[ 76.392033][ T5827] ? __mutex_lock+0x37f/0xee0
[ 76.396714][ T5827] ? ntfs_nls_to_utf16+0x87e/0xc60
[ 76.401831][ T5827] ? ntfs_rename+0x74a/0xd10
[ 76.406425][ T5827] ni_rename+0xc2/0x1e0
[ 76.410585][ T5827] ? __pfx_ni_rename+0x10/0x10
[ 76.415348][ T5827] ? __pfx_ntfs_nls_to_utf16+0x10/0x10
[ 76.420817][ T5827] ? fill_name_de+0x135/0x340
[ 76.425511][ T5827] ntfs_rename+0x7c1/0xd10
[ 76.429957][ T5827] ? __pfx_ntfs_rename+0x10/0x10
[ 76.434902][ T5827] ? do_raw_spin_unlock+0x13c/0x8b0
[ 76.440112][ T5827] ? __pfx_ntfs_rename+0x10/0x10
[ 76.445140][ T5827] vfs_rename+0xbdb/0xf00
[ 76.449485][ T5827] ? __pfx_vfs_rename+0x10/0x10
[ 76.454344][ T5827] ? bpf_lsm_path_rename+0x9/0x10
[ 76.459374][ T5827] do_renameat2+0xd94/0x13f0
[ 76.463995][ T5827] ? __pfx_do_renameat2+0x10/0x10
[ 76.469032][ T5827] ? __virt_addr_valid+0x183/0x530
[ 76.474147][ T5827] ? __virt_addr_valid+0x45f/0x530
[ 76.479260][ T5827] ? __phys_addr_symbol+0x2f/0x70
[ 76.484293][ T5827] ? strncpy_from_user+0x146/0x270
[ 76.489436][ T5827] ? getname_flags+0x1e3/0x540
[ 76.494202][ T5827] __x64_sys_rename+0x82/0x90
[ 76.498902][ T5827] do_syscall_64+0xf3/0x230
[ 76.503407][ T5827] ? clear_bhb_loop+0x35/0x90
[ 76.508092][ T5827] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 76.514016][ T5827] RIP: 0033:0x7f90c7ae77b9
[ 76.518437][ T5827] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 76.538058][ T5827] RSP: 002b:00007ffec9028eb8 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
[ 76.546497][ T5827] RAX: ffffffffffffffda RBX: 0030656c69662f2e RCX: 00007f90c7ae77b9
[ 76.554493][ T5827] RDX: 00007f90c7ae77b9 RSI: 0000000020000480 RDI: 0000000020000340
[ 76.562465][ T5827] RBP: 00007f90c7b7a610 R08: 0000000000000000 R09: 0000000000000000
[ 76.570437][ T5827] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
rename("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = -1 ENOMEM (Cannot allocate memory)
exit_group(0) = ?
+++ exited with 0 +++
[ 76.578416][ T58