Warning: Permanently added '10.128.0.131' (ED25519) to the list of known hosts. executing program [ 53.516000][ T3486] loop0: detected capacity change from 0 to 4096 [ 53.571937][ T3486] [ 53.574316][ T3486] ====================================================== [ 53.581339][ T3486] WARNING: possible circular locking dependency detected [ 53.588346][ T3486] 5.15.126-syzkaller #0 Not tainted [ 53.593538][ T3486] ------------------------------------------------------ [ 53.600655][ T3486] syz-executor196/3486 is trying to acquire lock: [ 53.607092][ T3486] ffff88807e01b928 (&mm->mmap_lock){++++}-{3:3}, at: __might_fault+0x91/0x110 [ 53.616167][ T3486] [ 53.616167][ T3486] but task is already holding lock: [ 53.623540][ T3486] ffff888073f99f30 (&ni->file.run_lock#3){++++}-{3:3}, at: ni_fiemap+0x5da/0x1230 [ 53.633021][ T3486] [ 53.633021][ T3486] which lock already depends on the new lock. [ 53.633021][ T3486] [ 53.643558][ T3486] [ 53.643558][ T3486] the existing dependency chain (in reverse order) is: [ 53.652768][ T3486] [ 53.652768][ T3486] -> #1 (&ni->file.run_lock#3){++++}-{3:3}: [ 53.660943][ T3486] lock_acquire+0x1db/0x4f0 [ 53.665990][ T3486] down_read+0x45/0x2e0 [ 53.670781][ T3486] attr_data_get_block+0x26a/0x24e0 [ 53.676512][ T3486] ntfs_file_mmap+0x458/0x7e0 [ 53.681706][ T3486] mmap_region+0x10e7/0x1670 [ 53.686834][ T3486] do_mmap+0x78d/0xe00 [ 53.691411][ T3486] vm_mmap_pgoff+0x1ca/0x2d0 [ 53.696516][ T3486] ksys_mmap_pgoff+0x559/0x780 [ 53.701791][ T3486] do_syscall_64+0x3d/0xb0 [ 53.706720][ T3486] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 53.713220][ T3486] [ 53.713220][ T3486] -> #0 (&mm->mmap_lock){++++}-{3:3}: [ 53.720789][ T3486] validate_chain+0x1646/0x58b0 [ 53.726168][ T3486] __lock_acquire+0x1295/0x1ff0 [ 53.731541][ T3486] lock_acquire+0x1db/0x4f0 [ 53.736556][ T3486] __might_fault+0xb4/0x110 [ 53.741569][ T3486] _copy_to_user+0x28/0x130 [ 53.746608][ T3486] fiemap_fill_next_extent+0x231/0x410 [ 53.752576][ T3486] ni_fiemap+0xa5a/0x1230 [ 53.757411][ T3486] ntfs_fiemap+0x12e/0x170 [ 53.762333][ T3486] do_vfs_ioctl+0x1934/0x2b70 [ 53.767522][ T3486] __se_sys_ioctl+0x81/0x160 [ 53.772620][ T3486] do_syscall_64+0x3d/0xb0 [ 53.777549][ T3486] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 53.783962][ T3486] [ 53.783962][ T3486] other info that might help us debug this: [ 53.783962][ T3486] [ 53.794266][ T3486] Possible unsafe locking scenario: [ 53.794266][ T3486] [ 53.801705][ T3486] CPU0 CPU1 [ 53.807163][ T3486] ---- ---- [ 53.812529][ T3486] lock(&ni->file.run_lock#3); [ 53.817378][ T3486] lock(&mm->mmap_lock); [ 53.824225][ T3486] lock(&ni->file.run_lock#3); [ 53.831599][ T3486] lock(&mm->mmap_lock); [ 53.835923][ T3486] [ 53.835923][ T3486] *** DEADLOCK *** [ 53.835923][ T3486] [ 53.844050][ T3486] 2 locks held by syz-executor196/3486: [ 53.849580][ T3486] #0: ffff888073f99e80 (&ni->ni_lock/4){+.+.}-{3:3}, at: ntfs_fiemap+0xfb/0x170 [ 53.858712][ T3486] #1: ffff888073f99f30 (&ni->file.run_lock#3){++++}-{3:3}, at: ni_fiemap+0x5da/0x1230 [ 53.868574][ T3486] [ 53.868574][ T3486] stack backtrace: [ 53.874463][ T3486] CPU: 0 PID: 3486 Comm: syz-executor196 Not tainted 5.15.126-syzkaller #0 [ 53.883138][ T3486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023 [ 53.893292][ T3486] Call Trace: [ 53.896565][ T3486] [ 53.899482][ T3486] dump_stack_lvl+0x1e3/0x2cb [ 53.904170][ T3486] ? io_uring_drop_tctx_refs+0x19d/0x19d [ 53.909825][ T3486] ? print_circular_bug+0x12b/0x1a0 [ 53.915031][ T3486] check_noncircular+0x2f8/0x3b0 [ 53.919976][ T3486] ? add_chain_block+0x850/0x850 [ 53.924951][ T3486] ? lockdep_lock+0x11f/0x2a0 [ 53.929638][ T3486] ? mark_lock+0x98/0x340 [ 53.933978][ T3486] validate_chain+0x1646/0x58b0 [ 53.938831][ T3486] ? check_path+0x21/0x40 [ 53.943154][ T3486] ? print_irqtrace_events+0x210/0x210 [ 53.948618][ T3486] ? reacquire_held_locks+0x660/0x660 [ 53.953986][ T3486] ? validate_chain+0x112/0x58b0 [ 53.959021][ T3486] ? __might_sleep+0xc0/0xc0 [ 53.963633][ T3486] ? __getblk_gfp+0x52/0xaf0 [ 53.968225][ T3486] ? mark_lock+0x98/0x340 [ 53.972554][ T3486] __lock_acquire+0x1295/0x1ff0 [ 53.977409][ T3486] lock_acquire+0x1db/0x4f0 [ 53.981904][ T3486] ? __might_fault+0x91/0x110 [ 53.986574][ T3486] ? read_lock_is_recursive+0x10/0x10 [ 53.991962][ T3486] ? __might_sleep+0xc0/0xc0 [ 53.996644][ T3486] __might_fault+0xb4/0x110 [ 54.001273][ T3486] ? __might_fault+0x91/0x110 [ 54.005984][ T3486] _copy_to_user+0x28/0x130 [ 54.010521][ T3486] fiemap_fill_next_extent+0x231/0x410 [ 54.016030][ T3486] ? vfs_ioctl+0xc0/0xc0 [ 54.020300][ T3486] ? run_lookup_entry+0x3f6/0x560 [ 54.025345][ T3486] ni_fiemap+0xa5a/0x1230 [ 54.029686][ T3486] ? ni_parse_reparse+0x680/0x680 [ 54.034705][ T3486] ? __might_fault+0xb8/0x110 [ 54.039371][ T3486] ? fiemap_prep+0x1b0/0x240 [ 54.043961][ T3486] ntfs_fiemap+0x12e/0x170 [ 54.048391][ T3486] ? ntfs_file_open+0x210/0x210 [ 54.053333][ T3486] ? __might_fault+0xb4/0x110 [ 54.058018][ T3486] ? ntfs_file_open+0x210/0x210 [ 54.062910][ T3486] do_vfs_ioctl+0x1934/0x2b70 [ 54.067589][ T3486] ? __x64_compat_sys_ioctl+0x80/0x80 [ 54.072969][ T3486] ? __lock_acquire+0x1ff0/0x1ff0 [ 54.078017][ T3486] ? slab_free_freelist_hook+0xdd/0x160 [ 54.083588][ T3486] ? tomoyo_path_number_perm+0x648/0x810 [ 54.089396][ T3486] ? kfree+0xf1/0x270 [ 54.093376][ T3486] ? tomoyo_path_number_perm+0x6ab/0x810 [ 54.099086][ T3486] ? tomoyo_check_path_acl+0x1c0/0x1c0 [ 54.104546][ T3486] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 54.110534][ T3486] ? print_irqtrace_events+0x210/0x210 [ 54.116135][ T3486] ? vtime_user_exit+0x2d1/0x400 [ 54.121158][ T3486] ? bpf_lsm_file_ioctl+0x5/0x10 [ 54.126105][ T3486] ? security_file_ioctl+0x7d/0xa0 [ 54.131206][ T3486] __se_sys_ioctl+0x81/0x160 [ 54.135892][ T3486] do_syscall_64+0x3d/0xb0 [ 54.140305][ T3486] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 54.146192][ T3486] RIP: 0033:0x7f88db6f3c79 [ 54.150597][ T3486] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 54.170366][ T3486] RSP: 002b:00007ffe774759b8