./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3198041867

<...>
Warning: Permanently added '10.128.0.112' (ED25519) to the list of known hosts.
execve("./syz-executor3198041867", ["./syz-executor3198041867"], 0x7ffd809a8bb0 /* 10 vars */) = 0
brk(NULL)                               = 0x555575909000
brk(0x555575909d00)                     = 0x555575909d00
arch_prctl(ARCH_SET_FS, 0x555575909380) = 0
set_tid_address(0x555575909650)         = 5224
set_robust_list(0x555575909660, 24)     = 0
rseq(0x555575909ca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor3198041867", 4096) = 28
getrandom("\xf1\x15\x22\x70\xe2\xd4\x55\xea", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x555575909d00
brk(0x55557592ad00)                     = 0x55557592ad00
brk(0x55557592b000)                     = 0x55557592b000
mprotect(0x7fb69bdcc000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
write(1, "executing program\n", 18executing program
)     = 18
memfd_create("syzkaller", 0)            = 3
mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fb693800000
write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x04\x00\x00\x00\x8f\x24\x2d\x5f\x49\x6d\x50\x0b\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
munmap(0x7fb693800000, 138412032)       = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 4
ioctl(4, LOOP_SET_FD, 3)                = 0
close(3)                                = 0
close(4)                                = 0
mkdir("./file0", 0777)                  = 0
[   87.263669][ T5224] loop0: detected capacity change from 0 to 4096
[   87.304584][ T5224] =======================================================
[   87.304584][ T5224] WARNING: The mand mount option has been deprecated and
[   87.304584][ T5224]          and is ignored by this kernel. Remove the mand
[   87.304584][ T5224]          option from the mount to silence this warning.
[   87.304584][ T5224] =======================================================
mount("/dev/loop0", "./file0", "ntfs3", MS_MANDLOCK|MS_REC|MS_SILENT|MS_LAZYTIME, "dmask=00000000000000000000011,sparse,sparse,gid=0x0000000000000000,fmask=00000000000000000000000,noh"...) = 0
openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
chdir("./file0")                        = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = -1 EBUSY (Device or resource busy)
open("./bus", O_RDWR|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000) = 4
open("./bus", O_RDWR|O_SYNC|0x3c)       = 5
ftruncate(5, 2150145)                   = 0
ioctl(4, FS_IOC_FIEMAP, {fm_start=0, fm_length=6, fm_flags=0, fm_extent_count=74} => {fm_flags=0, fm_mapped_extents=0, ...}) = 0
[   87.471732][   T29] audit: type=1800 audit(1726223552.654:2): pid=5224 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor319" name="bus" dev="loop0" ino=33 res=0 errno=0
[   87.499277][ T5224] 
[   87.501655][ T5224] ======================================================
[   87.508683][ T5224] WARNING: possible circular locking dependency detected
[   87.515718][ T5224] 6.11.0-rc7-syzkaller-00093-gfdf042df0463 #0 Not tainted
[   87.522835][ T5224] ------------------------------------------------------
[   87.529867][ T5224] syz-executor319/5224 is trying to acquire lock:
[   87.536295][ T5224] ffff888075c6ef28 (&ni->ni_lock/4){+.+.}-{3:3}, at: attr_data_get_block+0x463/0x2ff0
[   87.545964][ T5224] 
[   87.545964][ T5224] but task is already holding lock:
[   87.553696][ T5224] ffff88801a874418 (&mm->mmap_lock){++++}-{3:3}, at: vm_mmap_pgoff+0x17c/0x3d0
[   87.562783][ T5224] 
[   87.562783][ T5224] which lock already depends on the new lock.
[   87.562783][ T5224] 
[   87.573397][ T5224] 
[   87.573397][ T5224] the existing dependency chain (in reverse order) is:
[   87.582433][ T5224] 
[   87.582433][ T5224] -> #1 (&mm->mmap_lock){++++}-{3:3}:
[   87.590053][ T5224]        lock_acquire+0x1ed/0x550
[   87.595222][ T5224]        __might_fault+0xc6/0x120
[   87.600259][ T5224]        _copy_to_user+0x2a/0xb0
[   87.605293][ T5224]        ni_fiemap+0x5b4/0x1910
[   87.610154][ T5224]        ntfs_fiemap+0x132/0x180
[   87.615132][ T5224]        do_vfs_ioctl+0x1c07/0x2e50
[   87.620430][ T5224]        __se_sys_ioctl+0x81/0x170
[   87.625546][ T5224]        do_syscall_64+0xf3/0x230
[   87.630601][ T5224]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.637028][ T5224] 
[   87.637028][ T5224] -> #0 (&ni->ni_lock/4){+.+.}-{3:3}:
[   87.644615][ T5224]        validate_chain+0x18e0/0x5900
[   87.650081][ T5224]        __lock_acquire+0x137a/0x2040
[   87.655549][ T5224]        lock_acquire+0x1ed/0x550
[   87.660608][ T5224]        __mutex_lock+0x136/0xd70
[   87.665654][ T5224]        attr_data_get_block+0x463/0x2ff0
[   87.671401][ T5224]        ntfs_file_mmap+0x4f5/0x850
[   87.676730][ T5224]        mmap_region+0xe8f/0x2090
[   87.681852][ T5224]        do_mmap+0x8f9/0x1010
[   87.686555][ T5224]        vm_mmap_pgoff+0x1dd/0x3d0
[   87.691696][ T5224]        ksys_mmap_pgoff+0x4f1/0x720
[   87.697086][ T5224]        do_syscall_64+0xf3/0x230
[   87.702126][ T5224]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.708583][ T5224] 
[   87.708583][ T5224] other info that might help us debug this:
[   87.708583][ T5224] 
[   87.718820][ T5224]  Possible unsafe locking scenario:
[   87.718820][ T5224] 
[   87.726279][ T5224]        CPU0                    CPU1
[   87.731642][ T5224]        ----                    ----
[   87.737015][ T5224]   lock(&mm->mmap_lock);
[   87.741360][ T5224]                                lock(&ni->ni_lock/4);
[   87.748235][ T5224]                                lock(&mm->mmap_lock);
[   87.755117][ T5224]   lock(&ni->ni_lock/4);
[   87.759462][ T5224] 
[   87.759462][ T5224]  *** DEADLOCK ***
[   87.759462][ T5224] 
[   87.767626][ T5224] 1 lock held by syz-executor319/5224:
[   87.773085][ T5224]  #0: ffff88801a874418 (&mm->mmap_lock){++++}-{3:3}, at: vm_mmap_pgoff+0x17c/0x3d0
[   87.782513][ T5224] 
[   87.782513][ T5224] stack backtrace:
[   87.788410][ T5224] CPU: 1 UID: 0 PID: 5224 Comm: syz-executor319 Not tainted 6.11.0-rc7-syzkaller-00093-gfdf042df0463 #0
[   87.799524][ T5224] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[   87.809591][ T5224] Call Trace:
[   87.812874][ T5224]  <TASK>
[   87.815819][ T5224]  dump_stack_lvl+0x241/0x360
[   87.820524][ T5224]  ? __pfx_dump_stack_lvl+0x10/0x10
[   87.825739][ T5224]  ? print_circular_bug+0x130/0x1a0
[   87.830956][ T5224]  check_noncircular+0x36a/0x4a0
[   87.835945][ T5224]  ? __pfx_check_noncircular+0x10/0x10
[   87.841436][ T5224]  ? lockdep_lock+0x123/0x2b0
[   87.846131][ T5224]  validate_chain+0x18e0/0x5900
[   87.851003][ T5224]  ? __pfx_validate_chain+0x10/0x10
[   87.856219][ T5224]  ? __pfx_validate_chain+0x10/0x10
[   87.861441][ T5224]  ? deref_stack_reg+0x1c7/0x260
[   87.866410][ T5224]  ? look_up_lock_class+0x77/0x160
[   87.871538][ T5224]  ? register_lock_class+0x102/0x980
[   87.876937][ T5224]  ? __pfx_register_lock_class+0x10/0x10
[   87.882587][ T5224]  ? mark_lock+0x9a/0x350
[   87.886933][ T5224]  __lock_acquire+0x137a/0x2040
[   87.891807][ T5224]  lock_acquire+0x1ed/0x550
[   87.896353][ T5224]  ? attr_data_get_block+0x463/0x2ff0
[   87.901832][ T5224]  ? __pfx_lock_acquire+0x10/0x10
[   87.907212][ T5224]  ? __pfx_lock_acquire+0x10/0x10
[   87.912454][ T5224]  ? __pfx___might_resched+0x10/0x10
[   87.917762][ T5224]  ? __pfx_lock_release+0x10/0x10
[   87.923051][ T5224]  __mutex_lock+0x136/0xd70
[   87.927569][ T5224]  ? attr_data_get_block+0x463/0x2ff0
[   87.932965][ T5224]  ? attr_data_get_block+0x355/0x2ff0
[   87.938379][ T5224]  ? attr_data_get_block+0x463/0x2ff0
[   87.943768][ T5224]  ? __pfx___mutex_lock+0x10/0x10
[   87.948872][ T5224]  ? __up_read+0x2c2/0x6b0
[   87.953333][ T5224]  ? __pfx___up_read+0x10/0x10
[   87.958108][ T5224]  ? run_lookup_entry+0x41a/0x560
[   87.963150][ T5224]  attr_data_get_block+0x463/0x2ff0
[   87.968564][ T5224]  ? __pfx_validate_mm+0x10/0x10
[   87.973510][ T5224]  ? __pfx_stack_trace_save+0x10/0x10
[   87.978899][ T5224]  ? kasan_save_track+0x51/0x80
[   87.983758][ T5224]  ? kmem_cache_alloc_noprof+0x135/0x2a0
[   87.989546][ T5224]  ? vm_area_alloc+0x10e/0x1d0
[   87.994356][ T5224]  ? __pfx_attr_data_get_block+0x10/0x10
[   88.000046][ T5224]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.006141][ T5224]  ? __asan_memset+0x23/0x50
[   88.010745][ T5224]  ? lockdep_init_map_type+0xa1/0x910
[   88.016335][ T5224]  ntfs_file_mmap+0x4f5/0x850
[   88.021024][ T5224]  ? __pfx_lockdep_init_map_type+0x10/0x10
[   88.026853][ T5224]  ? __pfx_ntfs_file_mmap+0x10/0x10
[   88.032061][ T5224]  ? __mas_set_range+0x133/0x3c0
[   88.037037][ T5224]  mmap_region+0xe8f/0x2090
[   88.041567][ T5224]  ? mark_lock+0x9a/0x350
[   88.045966][ T5224]  ? __pfx_mmap_region+0x10/0x10
[   88.051034][ T5224]  ? thp_get_unmapped_area_vmflags+0x1bf/0x380
[   88.057215][ T5224]  ? cap_mmap_addr+0x163/0x2c0
[   88.062001][ T5224]  ? bpf_lsm_capable+0x9/0x10
[   88.066700][ T5224]  ? security_capable+0x90/0xb0
[   88.071582][ T5224]  do_mmap+0x8f9/0x1010
[   88.075765][ T5224]  ? __pfx_do_mmap+0x10/0x10
[   88.080364][ T5224]  ? __pfx_down_write_killable+0x10/0x10
[   88.086008][ T5224]  ? __pfx_ima_file_mmap+0x10/0x10
[   88.091159][ T5224]  ? security_mmap_file+0x178/0x1a0
[   88.096374][ T5224]  vm_mmap_pgoff+0x1dd/0x3d0
[   88.101187][ T5224]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[   88.106314][ T5224]  ? __fget_files+0x29/0x470
[   88.110921][ T5224]  ? __fget_files+0x3f6/0x470
[   88.115708][ T5224]  ksys_mmap_pgoff+0x4f1/0x720
[   88.120599][ T5224]  ? __x64_sys_mmap+0x7f/0x140
[   88.125554][ T5224]  do_syscall_64+0xf3/0x230
[   88.130074][ T5224]  ? clear_bhb_loop+0x35/0x90
[   88.134783][ T5224]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.140727][ T5224] RIP: 0033:0x7fb69bd39a39
[   88.145265][ T5224] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   88.165936][ T5224] RSP: 002b:00007ffca66800d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[   88.174472][ T5224] RAX: ffffffffffffffda RBX: 00007ffca66802b8 RCX: 00007fb69bd39a39
[   88.182477][ T5224] RDX: 00000000017ffff7 RSI: 0000000000600000 RDI: 0000000020000000
[   88.190488][ T5224] RBP: 00007fb69bdcc610 R08: 0000000000000005 R09: 0000000000000000
[   88.198493][ T5224] R10: 0000000004002011 R11: 0000000000000246 R12: 0000000000000001
[   88.206496][ T5224] R13: 00007ffca66802a8 R14: 0000000000000001 R15: 0000000000000001
[   88.214487][ T5224]  </TASK>
mmap(0x20000000, 6291456, PROT_READ|PROT_WRITE|PROT_EXEC|PROT_GROWSDOWN|0x7ffff0, MAP_SHARED|MAP_FIXED|MAP_LOCKED|1<<MAP_HUGE_SHIFT, 5, 0) = -1 ENOSPC (No space left on device)
exit_group(0)                           = ?
+++ exited with 0 +++