Warning: Permanently added '10.128.0.222' (ED25519) to the list of known hosts. executing program syzkaller login: [ 61.997859][ T3542] loop0: detected capacity change from 0 to 4096 [ 62.014496][ T3542] ======================================================= [ 62.014496][ T3542] WARNING: The mand mount option has been deprecated and [ 62.014496][ T3542] and is ignored by this kernel. Remove the mand [ 62.014496][ T3542] option from the mount to silence this warning. [ 62.014496][ T3542] ======================================================= [ 62.122408][ T3542] [ 62.124757][ T3542] ====================================================== [ 62.131781][ T3542] WARNING: possible circular locking dependency detected [ 62.138798][ T3542] 6.1.90-syzkaller #0 Not tainted [ 62.143820][ T3542] ------------------------------------------------------ [ 62.150900][ T3542] syz-executor317/3542 is trying to acquire lock: [ 62.157299][ T3542] ffff88801f349f58 (&mm->mmap_lock){++++}-{3:3}, at: __might_fault+0xa1/0x110 [ 62.166253][ T3542] [ 62.166253][ T3542] but task is already holding lock: [ 62.173605][ T3542] ffff8880710ae920 (&indx->run_lock){.+.+}-{3:3}, at: ni_fiemap+0x36f/0x1230 [ 62.182393][ T3542] [ 62.182393][ T3542] which lock already depends on the new lock. [ 62.182393][ T3542] [ 62.192776][ T3542] [ 62.192776][ T3542] the existing dependency chain (in reverse order) is: [ 62.201779][ T3542] [ 62.201779][ T3542] -> #3 (&indx->run_lock){.+.+}-{3:3}: [ 62.209409][ T3542] lock_acquire+0x1f8/0x5a0 [ 62.214425][ T3542] down_read+0xad/0xa30 [ 62.219098][ T3542] indx_read+0x2a1/0xc40 [ 62.223848][ T3542] indx_find+0x467/0xb60 [ 62.228597][ T3542] dir_search_u+0x1b3/0x390 [ 62.233609][ T3542] ntfs_lookup+0x102/0x1f0 [ 62.238532][ T3542] path_openat+0x10fb/0x2e60 [ 62.243629][ T3542] do_filp_open+0x230/0x480 [ 62.248650][ T3542] do_sys_openat2+0x13b/0x500 [ 62.253842][ T3542] __x64_sys_creat+0x11f/0x160 [ 62.259118][ T3542] do_syscall_64+0x3b/0xb0 [ 62.264132][ T3542] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 62.270552][ T3542] [ 62.270552][ T3542] -> #2 (&ni->ni_lock/4){+.+.}-{3:3}: [ 62.278098][ T3542] lock_acquire+0x1f8/0x5a0 [ 62.283129][ T3542] __mutex_lock+0x132/0xd80 [ 62.288156][ T3542] attr_data_get_block+0x429/0x2520 [ 62.293881][ T3542] ntfs_get_block_vbo+0x373/0xe60 [ 62.299419][ T3542] do_mpage_readpage+0x8d2/0x2040 [ 62.305388][ T3542] mpage_readahead+0x450/0x920 [ 62.310658][ T3542] read_pages+0x17f/0x830 [ 62.315498][ T3542] page_cache_ra_unbounded+0x182/0x7b0 [ 62.321483][ T3542] do_sync_mmap_readahead+0x7ae/0x980 [ 62.327359][ T3542] filemap_fault+0x813/0x17e0 [ 62.332543][ T3542] __do_fault+0x136/0x4f0 [ 62.337391][ T3542] handle_mm_fault+0x3412/0x5340 [ 62.342838][ T3542] exc_page_fault+0x26f/0x660 [ 62.348029][ T3542] asm_exc_page_fault+0x22/0x30 [ 62.353395][ T3542] fault_in_readable+0x166/0x340 [ 62.358837][ T3542] fault_in_iov_iter_readable+0xdb/0x270 [ 62.364984][ T3542] generic_perform_write+0x207/0x5e0 [ 62.370775][ T3542] __generic_file_write_iter+0x176/0x400 [ 62.376917][ T3542] ntfs_file_write_iter+0x5fa/0x6d0 [ 62.382626][ T3542] vfs_write+0x7ae/0xba0 [ 62.387380][ T3542] ksys_write+0x19c/0x2c0 [ 62.392223][ T3542] do_syscall_64+0x3b/0xb0 [ 62.397184][ T3542] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 62.403591][ T3542] [ 62.403591][ T3542] -> #1 (mapping.invalidate_lock#3){.+.+}-{3:3}: [ 62.412114][ T3542] lock_acquire+0x1f8/0x5a0 [ 62.417127][ T3542] down_read+0xad/0xa30 [ 62.421787][ T3542] filemap_fault+0x640/0x17e0 [ 62.426968][ T3542] __do_fault+0x136/0x4f0 [ 62.431818][ T3542] handle_mm_fault+0x3412/0x5340 [ 62.437277][ T3542] exc_page_fault+0x26f/0x660 [ 62.442463][ T3542] asm_exc_page_fault+0x22/0x30 [ 62.447825][ T3542] fault_in_readable+0x1c8/0x340 [ 62.453361][ T3542] fault_in_iov_iter_readable+0xdb/0x270 [ 62.459518][ T3542] generic_perform_write+0x207/0x5e0 [ 62.465328][ T3542] __generic_file_write_iter+0x176/0x400 [ 62.471474][ T3542] ntfs_file_write_iter+0x5fa/0x6d0 [ 62.477184][ T3542] vfs_write+0x7ae/0xba0 [ 62.481931][ T3542] ksys_write+0x19c/0x2c0 [ 62.486767][ T3542] do_syscall_64+0x3b/0xb0 [ 62.491696][ T3542] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 62.498100][ T3542] [ 62.498100][ T3542] -> #0 (&mm->mmap_lock){++++}-{3:3}: [ 62.505644][ T3542] validate_chain+0x1661/0x5950 [ 62.511012][ T3542] __lock_acquire+0x125b/0x1f80 [ 62.516373][ T3542] lock_acquire+0x1f8/0x5a0 [ 62.521386][ T3542] __might_fault+0xbd/0x110 [ 62.526397][ T3542] _copy_to_user+0x26/0x130 [ 62.531412][ T3542] fiemap_fill_next_extent+0x231/0x410 [ 62.537386][ T3542] ni_fiemap+0xa5a/0x1230 [ 62.542228][ T3542] ntfs_fiemap+0x12e/0x170 [ 62.547160][ T3542] do_vfs_ioctl+0x18e9/0x2a90 [ 62.552343][ T3542] __se_sys_ioctl+0x81/0x160 [ 62.557444][ T3542] do_syscall_64+0x3b/0xb0 [ 62.562371][ T3542] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 62.568777][ T3542] [ 62.568777][ T3542] other info that might help us debug this: [ 62.568777][ T3542] [ 62.578988][ T3542] Chain exists of: [ 62.578988][ T3542] &mm->mmap_lock --> &ni->ni_lock/4 --> &indx->run_lock [ 62.578988][ T3542] [ 62.591841][ T3542] Possible unsafe locking scenario: [ 62.591841][ T3542] [ 62.599303][ T3542] CPU0 CPU1 [ 62.604652][ T3542] ---- ---- [ 62.610010][ T3542] lock(&indx->run_lock); [ 62.614413][ T3542] lock(&ni->ni_lock/4); [ 62.621250][ T3542] lock(&indx->run_lock); [ 62.628170][ T3542] lock(&mm->mmap_lock); [ 62.632486][ T3542] [ 62.632486][ T3542] *** DEADLOCK *** [ 62.632486][ T3542] [ 62.640612][ T3542] 2 locks held by syz-executor317/3542: [ 62.646141][ T3542] #0: ffff8880710ae840 (&ni->ni_lock/4){+.+.}-{3:3}, at: ntfs_fiemap+0xfb/0x170 [ 62.655278][ T3542] #1: ffff8880710ae920 (&indx->run_lock){.+.+}-{3:3}, at: ni_fiemap+0x36f/0x1230 [ 62.664490][ T3542] [ 62.664490][ T3542] stack backtrace: [ 62.670361][ T3542] CPU: 0 PID: 3542 Comm: syz-executor317 Not tainted 6.1.90-syzkaller #0 [ 62.678758][ T3542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 62.688800][ T3542] Call Trace: [ 62.692079][ T3542] [ 62.695038][ T3542] dump_stack_lvl+0x1e3/0x2cb [ 62.699722][ T3542] ? nf_tcp_handle_invalid+0x642/0x642 [ 62.705181][ T3542] ? print_circular_bug+0x12b/0x1a0 [ 62.710365][ T3542] check_noncircular+0x2fa/0x3b0 [ 62.715293][ T3542] ? add_chain_block+0x850/0x850 [ 62.720221][ T3542] ? lockdep_lock+0x11f/0x2a0 [ 62.724890][ T3542] ? lockdep_unlock+0x165/0x300 [ 62.729733][ T3542] ? lockdep_lock+0x2a0/0x2a0 [ 62.734400][ T3542] ? _find_first_zero_bit+0xd0/0x100 [ 62.739685][ T3542] validate_chain+0x1661/0x5950 [ 62.744538][ T3542] ? reacquire_held_locks+0x660/0x660 [ 62.749902][ T3542] ? lockdep_unlock+0x165/0x300 [ 62.754743][ T3542] ? reacquire_held_locks+0x660/0x660 [ 62.760110][ T3542] ? _find_first_zero_bit+0xd0/0x100 [ 62.765392][ T3542] ? mark_lock+0x9a/0x340 [ 62.769716][ T3542] __lock_acquire+0x125b/0x1f80 [ 62.774562][ T3542] lock_acquire+0x1f8/0x5a0 [ 62.779053][ T3542] ? __might_fault+0xa1/0x110 [ 62.783722][ T3542] ? read_lock_is_recursive+0x10/0x10 [ 62.789086][ T3542] ? __might_sleep+0xb0/0xb0 [ 62.793662][ T3542] ? mark_lock+0x9a/0x340 [ 62.797982][ T3542] ? __might_sleep+0xb0/0xb0 [ 62.802562][ T3542] ? __lock_acquire+0x125b/0x1f80 [ 62.807580][ T3542] ? __might_fault+0xa1/0x110 [ 62.812262][ T3542] __might_fault+0xbd/0x110 [ 62.816765][ T3542] ? __might_fault+0xa1/0x110 [ 62.821428][ T3542] _copy_to_user+0x26/0x130 [ 62.825925][ T3542] fiemap_fill_next_extent+0x231/0x410 [ 62.831390][ T3542] ? vfs_ioctl+0xc0/0xc0 [ 62.835626][ T3542] ? run_lookup_entry+0x3f6/0x560 [ 62.840652][ T3542] ni_fiemap+0xa5a/0x1230 [ 62.844978][ T3542] ? ni_parse_reparse+0x680/0x680 [ 62.849996][ T3542] ? fiemap_prep+0x19a/0x240 [ 62.854586][ T3542] ntfs_fiemap+0x12e/0x170 [ 62.858994][ T3542] ? ntfs_file_open+0x200/0x200 [ 62.863920][ T3542] ? __might_fault+0xbd/0x110 [ 62.868588][ T3542] ? ntfs_file_open+0x200/0x200 [ 62.873428][ T3542] do_vfs_ioctl+0x18e9/0x2a90 [ 62.878096][ T3542] ? __x64_compat_sys_ioctl+0x80/0x80 [ 62.883455][ T3542] ? __lock_acquire+0x1f80/0x1f80 [ 62.888469][ T3542] ? lockdep_hardirqs_on+0x94/0x130 [ 62.893657][ T3542] ? __kmem_cache_free+0x25c/0x3c0 [ 62.898756][ T3542] ? tomoyo_path_number_perm+0x61b/0x7f0 [ 62.904376][ T3542] ? tomoyo_path_number_perm+0x68a/0x7f0 [ 62.910000][ T3542] ? tomoyo_path_number_perm+0x1f2/0x7f0 [ 62.915618][ T3542] ? tomoyo_check_path_acl+0x1c0/0x1c0 [ 62.921069][ T3542] ? lockdep_hardirqs_on+0x94/0x130 [ 62.926254][ T3542] ? kmem_cache_free+0x292/0x510 [ 62.931185][ T3542] ? do_sys_openat2+0x42b/0x500 [ 62.936032][ T3542] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 62.942003][ T3542] ? print_irqtrace_events+0x210/0x210 [ 62.947453][ T3542] ? print_irqtrace_events+0x210/0x210 [ 62.952903][ T3542] ? bpf_lsm_file_ioctl+0x5/0x10 [ 62.957826][ T3542] ? security_file_ioctl+0x7d/0xa0 [ 62.962922][ T3542] __se_sys_ioctl+0x81/0x160 [ 62.967508][ T3542] do_syscall_64+0x3b/0xb0 [ 62.971913][ T3542] ? clear_bhb_loop+0x45/0xa0 [ 62.976584][ T3542] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 62.982470][ T3542] RIP: 0033:0x7f28e321a739 [ 62.986873][ T3542] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 63.006464][ T3542] RSP: 002b:00007ffc6f8f9428 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 63.014864][ T3542] RAX: ffffffffffffffda RBX: 00007ffc6f8f9430 RCX: 00007f28e321a739 [ 63.022822][ T3542] RDX: 0000000020000140 R