./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2204605907

<...>
Warning: Permanently added '10.128.1.119' (ED25519) to the list of known hosts.
execve("./syz-executor2204605907", ["./syz-executor2204605907"], 0x7fff705cbfd0 /* 10 vars */) = 0
brk(NULL)                               = 0x5555559ae000
brk(0x5555559aed00)                     = 0x5555559aed00
arch_prctl(ARCH_SET_FS, 0x5555559ae380) = 0
set_tid_address(0x5555559ae650)         = 5058
set_robust_list(0x5555559ae660, 24)     = 0
rseq(0x5555559aeca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor2204605907", 4096) = 28
getrandom("\x15\x75\xe0\x49\x72\xa4\x95\x2d", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x5555559aed00
brk(0x5555559cfd00)                     = 0x5555559cfd00
brk(0x5555559d0000)                     = 0x5555559d0000
mprotect(0x7f704f0f0000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
memfd_create("syzkaller", 0)            = 3
mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7046c20000
write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x04\x00\x00\x00\x8f\x24\x2d\x5f\x49\x6d\x50\x0b\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
munmap(0x7f7046c20000, 138412032)       = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 4
ioctl(4, LOOP_SET_FD, 3)                = 0
close(3)                                = 0
mkdir("./file2", 0777)                  = 0
mount("/dev/loop0", "./file2", "ntfs3", MS_POSIXACL|MS_LAZYTIME, "discard,nohidden,force,showmeta,sparse,iocharset=macceltic,iocharset=cp1250,gid=0x0000000000000000") = 0
openat(AT_FDCWD, "./file2", O_RDONLY|O_DIRECTORY) = 3
chdir("./file2")                        = 0
ioctl(4, LOOP_CLR_FD)                   = 0
[   56.376110][ T5058] loop0: detected capacity change from 0 to 4096
close(4)                                = 0
open("./bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME|FASYNC, 000) = 4
open("./bus", O_RDWR|O_CREAT|O_SYNC|O_DIRECT|O_NOATIME|0x3c, 000) = 5
mmap(0x20000000, 6291456, PROT_READ|PROT_WRITE|PROT_EXEC|PROT_SEM|PROT_GROWSUP|0x7ffff0, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0) = 0x20000000
ftruncate(4, 33587195)                  = 0
ioctl(4, FS_IOC_FIEMAP, {fm_start=0, fm_length=18446744073709548850, fm_flags=FIEMAP_FLAG_SYNC, fm_extent_count=6} => {fm_flags=FIEMAP_FLAG_SYNC, fm_mapped_extents=1, ...}) = 0
[   56.496050][ T5058] 
[   56.498433][ T5058] ======================================================
[   56.505517][ T5058] WARNING: possible circular locking dependency detected
[   56.512541][ T5058] 6.7.0-rc8-syzkaller #0 Not tainted
[   56.517819][ T5058] ------------------------------------------------------
[   56.524827][ T5058] syz-executor220/5058 is trying to acquire lock:
[   56.531230][ T5058] ffff888079f273e0 (mapping.invalidate_lock#3){.+.+}-{3:3}, at: filemap_fault+0x646/0x1670
[   56.541273][ T5058] 
[   56.541273][ T5058] but task is already holding lock:
[   56.548633][ T5058] ffff8880275f9658 (&vma->vm_lock->lock){++++}-{3:3}, at: lock_vma_under_rcu+0x2f6/0x6f0
[   56.558468][ T5058] 
[   56.558468][ T5058] which lock already depends on the new lock.
[   56.558468][ T5058] 
[   56.568952][ T5058] 
[   56.568952][ T5058] the existing dependency chain (in reverse order) is:
[   56.577949][ T5058] 
[   56.577949][ T5058] -> #3 (&vma->vm_lock->lock){++++}-{3:3}:
[   56.585944][ T5058]        lock_acquire+0x1e3/0x530
[   56.590952][ T5058]        down_write+0x3a/0x50
[   56.595662][ T5058]        vma_link+0x2c9/0x540
[   56.600324][ T5058]        insert_vm_struct+0x19f/0x260
[   56.605685][ T5058]        alloc_bprm+0x4d5/0x900
[   56.610554][ T5058]        kernel_execve+0x96/0xa20
[   56.615571][ T5058]        call_usermodehelper_exec_async+0x233/0x370
[   56.622146][ T5058]        ret_from_fork+0x48/0x80
[   56.627157][ T5058]        ret_from_fork_asm+0x11/0x20
[   56.632438][ T5058] 
[   56.632438][ T5058] -> #2 (&mm->mmap_lock){++++}-{3:3}:
[   56.640068][ T5058]        lock_acquire+0x1e3/0x530
[   56.645254][ T5058]        __might_fault+0xc1/0x120
[   56.650274][ T5058]        _copy_to_user+0x2a/0xa0
[   56.655197][ T5058]        fiemap_fill_next_extent+0x235/0x410
[   56.661188][ T5058]        ni_fiemap+0xa5e/0x1230
[   56.666050][ T5058]        ntfs_fiemap+0x132/0x180
[   56.670979][ T5058]        do_vfs_ioctl+0x19ea/0x2b40
[   56.676181][ T5058]        __se_sys_ioctl+0x81/0x170
[   56.681281][ T5058]        do_syscall_64+0x45/0x110
[   56.686297][ T5058]        entry_SYSCALL_64_after_hwframe+0x63/0x6b
[   56.692708][ T5058] 
[   56.692708][ T5058] -> #1 (&ni->file.run_lock#3){++++}-{3:3}:
[   56.700817][ T5058]        lock_acquire+0x1e3/0x530
[   56.705834][ T5058]        down_read+0xb1/0xa40
[   56.710496][ T5058]        attr_data_get_block+0x2e7/0x2da0
[   56.716205][ T5058]        ntfs_get_block_vbo+0x36a/0xd00
[   56.721741][ T5058]        do_mpage_readpage+0x90c/0x1f60
[   56.727278][ T5058]        mpage_read_folio+0x108/0x1d0
[   56.732641][ T5058]        filemap_read_folio+0x19c/0x780
[   56.738182][ T5058]        filemap_fault+0xea8/0x1670
[   56.743382][ T5058]        __do_fault+0x133/0x4e0
[   56.748221][ T5058]        handle_mm_fault+0x21e9/0x6680
[   56.753671][ T5058]        exc_page_fault+0x456/0x870
[   56.758872][ T5058]        asm_exc_page_fault+0x26/0x30
[   56.764235][ T5058] 
[   56.764235][ T5058] -> #0 (mapping.invalidate_lock#3){.+.+}-{3:3}:
[   56.772741][ T5058]        validate_chain+0x1909/0x5ab0
[   56.778105][ T5058]        __lock_acquire+0x1345/0x1fd0
[   56.783553][ T5058]        lock_acquire+0x1e3/0x530
[   56.789440][ T5058]        down_read+0xb1/0xa40
[   56.794111][ T5058]        filemap_fault+0x646/0x1670
[   56.799390][ T5058]        __do_fault+0x133/0x4e0
[   56.804230][ T5058]        handle_mm_fault+0x21e9/0x6680
[   56.809694][ T5058]        exc_page_fault+0x456/0x870
[   56.814905][ T5058]        asm_exc_page_fault+0x26/0x30
[   56.820278][ T5058] 
[   56.820278][ T5058] other info that might help us debug this:
[   56.820278][ T5058] 
[   56.830806][ T5058] Chain exists of:
[   56.830806][ T5058]   mapping.invalidate_lock#3 --> &mm->mmap_lock --> &vma->vm_lock->lock
[   56.830806][ T5058] 
[   56.844973][ T5058]  Possible unsafe locking scenario:
[   56.844973][ T5058] 
[   56.852403][ T5058]        CPU0                    CPU1
[   56.857751][ T5058]        ----                    ----
[   56.863114][ T5058]   rlock(&vma->vm_lock->lock);
[   56.867974][ T5058]                                lock(&mm->mmap_lock);
[   56.874812][ T5058]                                lock(&vma->vm_lock->lock);
[   56.882098][ T5058]   rlock(mapping.invalidate_lock#3);
[   56.887480][ T5058] 
[   56.887480][ T5058]  *** DEADLOCK ***
[   56.887480][ T5058] 
[   56.895617][ T5058] 1 lock held by syz-executor220/5058:
[   56.901146][ T5058]  #0: ffff8880275f9658 (&vma->vm_lock->lock){++++}-{3:3}, at: lock_vma_under_rcu+0x2f6/0x6f0
[   56.911405][ T5058] 
[   56.911405][ T5058] stack backtrace:
[   56.917276][ T5058] CPU: 1 PID: 5058 Comm: syz-executor220 Not tainted 6.7.0-rc8-syzkaller #0
[   56.925932][ T5058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023
[   56.935974][ T5058] Call Trace:
[   56.939239][ T5058]  <TASK>
[   56.942158][ T5058]  dump_stack_lvl+0x1e7/0x2d0
[   56.946943][ T5058]  ? nf_tcp_handle_invalid+0x650/0x650
[   56.952414][ T5058]  ? print_circular_bug+0x12b/0x1a0
[   56.957616][ T5058]  check_noncircular+0x366/0x490
[   56.962572][ T5058]  ? __lock_acquire+0x1345/0x1fd0
[   56.967608][ T5058]  ? print_deadlock_bug+0x610/0x610
[   56.972804][ T5058]  ? lockdep_lock+0x123/0x2b0
[   56.977475][ T5058]  ? load_balance+0x3409/0x8b70
[   56.982318][ T5058]  ? _find_first_zero_bit+0xd4/0x100
[   56.987600][ T5058]  validate_chain+0x1909/0x5ab0
[   56.992456][ T5058]  ? reacquire_held_locks+0x690/0x690
[   56.997827][ T5058]  ? validate_chain+0x11c/0x5ab0
[   57.002768][ T5058]  ? reacquire_held_locks+0x690/0x690
[   57.008135][ T5058]  ? mark_lock+0x9a/0x350
[   57.012455][ T5058]  __lock_acquire+0x1345/0x1fd0
[   57.017306][ T5058]  lock_acquire+0x1e3/0x530
[   57.021801][ T5058]  ? filemap_fault+0x646/0x1670
[   57.026648][ T5058]  ? read_lock_is_recursive+0x20/0x20
[   57.032027][ T5058]  ? filemap_get_entry+0x127/0x4d0
[   57.037133][ T5058]  ? __might_sleep+0xe0/0xe0
[   57.041716][ T5058]  down_read+0xb1/0xa40
[   57.045860][ T5058]  ? filemap_fault+0x646/0x1670
[   57.050698][ T5058]  ? filemap_get_entry+0x127/0x4d0
[   57.055798][ T5058]  ? page_cache_prev_miss+0x500/0x500
[   57.061163][ T5058]  ? __down_common+0x7b0/0x7b0
[   57.065916][ T5058]  ? reacquire_held_locks+0x690/0x690
[   57.071282][ T5058]  ? __filemap_get_folio+0x72d/0xbb0
[   57.076559][ T5058]  filemap_fault+0x646/0x1670
[   57.081234][ T5058]  ? mapping_seek_hole_data+0xf00/0xf00
[   57.086772][ T5058]  ? pte_offset_map_nolock+0x137/0x1e0
[   57.092243][ T5058]  __do_fault+0x133/0x4e0
[   57.096566][ T5058]  handle_mm_fault+0x21e9/0x6680
[   57.101507][ T5058]  ? handle_mm_fault+0x11d/0x6680
[   57.106529][ T5058]  ? numa_migrate_prep+0x260/0x260
[   57.111638][ T5058]  ? mtree_range_walk+0x6a0/0x7e0
[   57.116744][ T5058]  ? lock_vma_under_rcu+0x187/0x6f0
[   57.121933][ T5058]  ? __lock_acquire+0x1fd0/0x1fd0
[   57.126946][ T5058]  ? lock_vma_under_rcu+0x2f6/0x6f0
[   57.132224][ T5058]  ? lock_vma_under_rcu+0x5df/0x6f0
[   57.137411][ T5058]  ? lock_vma_under_rcu+0x187/0x6f0
[   57.142618][ T5058]  ? exc_page_fault+0x110/0x870
[   57.147458][ T5058]  exc_page_fault+0x456/0x870
[   57.152123][ T5058]  asm_exc_page_fault+0x26/0x30
[   57.156964][ T5058] RIP: 0033:0x7f704f02989f
[   57.161716][ T5058] Code: a7 c5 09 00 0f 11 04 25 89 00 00 20 48 8b 35 78 a8 0c 00 e8 53 42 03 00 b8 33 00 00 00 48 89 ee 31 d2 66 0f 6f 05 21 c5 09 00 <66> 89 04 25 44 f7 01 20 bf 10 10 00 20 48 b8 2e 2f 66 69 6c 65 32
[   57.181416][ T5058] RSP: 002b:00007fff6a612e00 EFLAGS: 00010246
[   57.187500][ T5058] RAX: 0000000000000033 RBX: 00007f704f0a6066 RCX: 00007f704f05daf9
memfd_create("syzkaller", 0)            = 6
mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7046c20000
write(6, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x04\x00\x00\x00\x8f\x24\x2d\x5f\x49\x6d\x50\x0b\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
munmap(0x7f7046c20000, 138412032)       = 0
[   57.195465][ T5058] RDX: 0000000000000000 RSI: 00007f704f0a604b RDI: 0000000000000004
[   57.203513][ T5058] RBP: 00007f704f0a604b R08: 0000000000000000 R09: 0000000000000000
[   57.211473][ T5058] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f704f0a6510
[   57.219433][ T5058] R13: 00007f704f0a6055 R14: 23f2bfc581b02e40 R15: ad9a13bd00000000
[   57.227403][ T5058]  </TASK>
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 7
ioctl(7, LOOP_SET_FD, 6)                = -1 EBUSY (Device or resource busy)
ioctl(7, LOOP_CLR_FD)                   = 0
ioctl(7, LOOP_SET_FD, 6)                = -1 EBUSY (Device or resource busy)
close(7)                                = 0
close(6)                                = 0
exit_group(0)                           = ?
+++ exited with 0 +++