DUID 00:04:19:c0:d1:0e:d7:c0:27:6c:e7:df:2b:fb:70:54:6d:6b forked to background, child pid 3214 [ 35.908468][ T3215] 8021q: adding VLAN 0 to HW filter on device bond0 [ 35.918249][ T3215] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.1.191' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 61.493255][ T3545] loop0: detected capacity change from 0 to 4096 [ 61.541640][ T3545] [ 61.544020][ T3545] ====================================================== [ 61.551060][ T3545] WARNING: possible circular locking dependency detected [ 61.558179][ T3545] 6.1.34-syzkaller #0 Not tainted [ 61.563196][ T3545] ------------------------------------------------------ [ 61.570305][ T3545] syz-executor371/3545 is trying to acquire lock: [ 61.576808][ T3545] ffff88807e4b5b58 (&mm->mmap_lock#2){++++}-{3:3}, at: __might_fault+0x8f/0x110 [ 61.585874][ T3545] [ 61.585874][ T3545] but task is already holding lock: [ 61.593251][ T3545] ffff88807333a5e0 (&ni->ni_lock/4){+.+.}-{3:3}, at: ntfs_fiemap+0xfb/0x170 [ 61.601957][ T3545] [ 61.601957][ T3545] which lock already depends on the new lock. [ 61.601957][ T3545] [ 61.612352][ T3545] [ 61.612352][ T3545] the existing dependency chain (in reverse order) is: [ 61.621352][ T3545] [ 61.621352][ T3545] -> #1 (&ni->ni_lock/4){+.+.}-{3:3}: [ 61.628908][ T3545] lock_acquire+0x1f8/0x5a0 [ 61.633926][ T3545] __mutex_lock_common+0x1d4/0x2520 [ 61.639655][ T3545] mutex_lock_nested+0x17/0x20 [ 61.644940][ T3545] attr_data_get_block+0x429/0x2520 [ 61.650664][ T3545] ntfs_file_mmap+0x452/0x7e0 [ 61.655864][ T3545] mmap_region+0xf96/0x1fa0 [ 61.660900][ T3545] do_mmap+0x8c5/0xf60 [ 61.665541][ T3545] vm_mmap_pgoff+0x1ca/0x2d0 [ 61.671106][ T3545] ksys_mmap_pgoff+0x4f5/0x6d0 [ 61.676413][ T3545] do_syscall_64+0x3d/0xb0 [ 61.681364][ T3545] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 61.687799][ T3545] [ 61.687799][ T3545] -> #0 (&mm->mmap_lock#2){++++}-{3:3}: [ 61.695533][ T3545] validate_chain+0x1667/0x58e0 [ 61.700918][ T3545] __lock_acquire+0x125b/0x1f80 [ 61.706297][ T3545] lock_acquire+0x1f8/0x5a0 [ 61.711353][ T3545] __might_fault+0xb2/0x110 [ 61.716383][ T3545] _copy_to_user+0x26/0x130 [ 61.721427][ T3545] fiemap_fill_next_extent+0x231/0x410 [ 61.727403][ T3545] ni_fiemap+0x1007/0x1230 [ 61.732339][ T3545] ntfs_fiemap+0x12e/0x170 [ 61.737277][ T3545] do_vfs_ioctl+0x18e9/0x2a90 [ 61.742466][ T3545] __se_sys_ioctl+0x81/0x160 [ 61.747569][ T3545] do_syscall_64+0x3d/0xb0 [ 61.752513][ T3545] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 61.758927][ T3545] [ 61.758927][ T3545] other info that might help us debug this: [ 61.758927][ T3545] [ 61.769146][ T3545] Possible unsafe locking scenario: [ 61.769146][ T3545] [ 61.776603][ T3545] CPU0 CPU1 [ 61.781993][ T3545] ---- ---- [ 61.787353][ T3545] lock(&ni->ni_lock/4); [ 61.791688][ T3545] lock(&mm->mmap_lock#2); [ 61.798709][ T3545] lock(&ni->ni_lock/4); [ 61.805557][ T3545] lock(&mm->mmap_lock#2); [ 61.810066][ T3545] [ 61.810066][ T3545] *** DEADLOCK *** [ 61.810066][ T3545] [ 61.818198][ T3545] 1 lock held by syz-executor371/3545: [ 61.823647][ T3545] #0: ffff88807333a5e0 (&ni->ni_lock/4){+.+.}-{3:3}, at: ntfs_fiemap+0xfb/0x170 [ 61.832792][ T3545] [ 61.832792][ T3545] stack backtrace: [ 61.838665][ T3545] CPU: 0 PID: 3545 Comm: syz-executor371 Not tainted 6.1.34-syzkaller #0 [ 61.847067][ T3545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 [ 61.857118][ T3545] Call Trace: [ 61.860392][ T3545] [ 61.863404][ T3545] dump_stack_lvl+0x1e3/0x2cb [ 61.868086][ T3545] ? nf_tcp_handle_invalid+0x642/0x642 [ 61.873547][ T3545] ? print_circular_bug+0x12b/0x1a0 [ 61.878754][ T3545] check_noncircular+0x2fa/0x3b0 [ 61.883716][ T3545] ? add_chain_block+0x850/0x850 [ 61.888647][ T3545] ? lockdep_lock+0x11f/0x2a0 [ 61.893329][ T3545] ? stack_trace_save+0x1c0/0x1c0 [ 61.898693][ T3545] ? kernel_text_address+0x9f/0xd0 [ 61.903803][ T3545] ? _find_first_zero_bit+0xd0/0x100 [ 61.909088][ T3545] validate_chain+0x1667/0x58e0 [ 61.913945][ T3545] ? lockdep_unlock+0x165/0x300 [ 61.918813][ T3545] ? reacquire_held_locks+0x660/0x660 [ 61.924267][ T3545] ? __lock_acquire+0x125b/0x1f80 [ 61.929289][ T3545] ? reacquire_held_locks+0x660/0x660 [ 61.934657][ T3545] ? _find_first_zero_bit+0xd0/0x100 [ 61.939942][ T3545] ? validate_chain+0x13d1/0x58e0 [ 61.944971][ T3545] ? mark_lock+0x9a/0x340 [ 61.949295][ T3545] __lock_acquire+0x125b/0x1f80 [ 61.954149][ T3545] lock_acquire+0x1f8/0x5a0 [ 61.958647][ T3545] ? __might_fault+0x8f/0x110 [ 61.963327][ T3545] ? read_lock_is_recursive+0x10/0x10 [ 61.968695][ T3545] ? mark_lock+0x9a/0x340 [ 61.973108][ T3545] ? __might_sleep+0xb0/0xb0 [ 61.977704][ T3545] ? __lock_acquire+0x125b/0x1f80 [ 61.982757][ T3545] __might_fault+0xb2/0x110 [ 61.987259][ T3545] ? __might_fault+0x8f/0x110 [ 61.991935][ T3545] _copy_to_user+0x26/0x130 [ 61.996448][ T3545] fiemap_fill_next_extent+0x231/0x410 [ 62.001906][ T3545] ? vfs_ioctl+0xc0/0xc0 [ 62.006155][ T3545] ? rcu_is_watching+0x11/0xb0 [ 62.010933][ T3545] ni_fiemap+0x1007/0x1230 [ 62.015364][ T3545] ? filemap_write_and_wait_range+0x1d9/0x290 [ 62.021438][ T3545] ? xas_next_entry+0x3d0/0x3d0 [ 62.026306][ T3545] ? ni_parse_reparse+0x680/0x680 [ 62.031349][ T3545] ? fiemap_prep+0x1b0/0x240 [ 62.035935][ T3545] ntfs_fiemap+0x12e/0x170 [ 62.040359][ T3545] ? ntfs_file_open+0x200/0x200 [ 62.045261][ T3545] ? __might_fault+0xb2/0x110 [ 62.049942][ T3545] ? ntfs_file_open+0x200/0x200 [ 62.055232][ T3545] do_vfs_ioctl+0x18e9/0x2a90 [ 62.059916][ T3545] ? __x64_compat_sys_ioctl+0x80/0x80 [ 62.065284][ T3545] ? __lock_acquire+0x1f80/0x1f80 [ 62.070302][ T3545] ? lockdep_hardirqs_on+0x94/0x130 [ 62.075529][ T3545] ? __kmem_cache_free+0x25c/0x3c0 [ 62.080666][ T3545] ? tomoyo_path_number_perm+0x5f4/0x7b0 [ 62.086349][ T3545] ? tomoyo_path_number_perm+0x657/0x7b0 [ 62.091995][ T3545] ? tomoyo_check_path_acl+0x1c0/0x1c0 [ 62.097469][ T3545] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 62.103475][ T3545] ? print_irqtrace_events+0x210/0x210 [ 62.108931][ T3545] ? bpf_lsm_file_ioctl+0x5/0x10 [ 62.113874][ T3545] ? security_file_ioctl+0x7d/0xa0 [ 62.118984][ T3545] __se_sys_ioctl+0x81/0x160 [ 62.123568][ T3545] do_syscall_64+0x3d/0xb0 [ 62.128007][ T3545] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 62.133907][ T3545] RIP: 0033:0x7f92fbdbad69 [ 62.138317][ T3545] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 62.157918][ T3545] RSP: 002b:00007ffe613a5bc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 62.166337][ T3545] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f92fbdbad69 [ 62.174317][ T3545] RDX: 0000000020000400 RSI: 00000000c020660b RDI: 0000000000000007 [ 62.182283][ T3545] RBP: 00007f92fbd7a370 R08: 0000000000000000 R09: 0000000000000000 [ 62.190258][ T3545] R10: 0000000000000000 R11: 0