======================================================
WARNING: possible circular locking dependency detected
6.11.0-syzkaller-04557-g2f27fce67173 #0 Not tainted
------------------------------------------------------
kworker/u8:8/2989 is trying to acquire lock:
ffff88805be9a128 (&wnd->rw_lock/1){+.+.}-{3:3}, at: ntfs_mark_rec_free+0x3f/0x2b0 fs/ntfs3/fsntfs.c:742

but task is already holding lock:
ffff88807818bbc0 (&ni->ni_lock#2){+.+.}-{3:3}, at: ni_trylock fs/ntfs3/ntfs_fs.h:1129 [inline]
ffff88807818bbc0 (&ni->ni_lock#2){+.+.}-{3:3}, at: ni_write_inode+0x1bc/0x1010 fs/ntfs3/frecord.c:3333

which lock already depends on the new lock.


the existing dependency chain (in reverse order) is:

-> #1 (&ni->ni_lock#2){+.+.}-{3:3}:
       lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5822
       __mutex_lock_common kernel/locking/mutex.c:608 [inline]
       __mutex_lock+0x136/0xd70 kernel/locking/mutex.c:752
       ntfs_set_state+0x1ff/0x6c0 fs/ntfs3/fsntfs.c:947
       ntfs_mark_rec_free+0x166/0x2b0 fs/ntfs3/fsntfs.c:748
       ni_delete_all+0x8ad/0x9a0 fs/ntfs3/frecord.c:1639
       ni_clear+0x28e/0x4b0 fs/ntfs3/frecord.c:106
       evict+0x4e8/0x9b0 fs/inode.c:731
       __dentry_kill+0x20d/0x630 fs/dcache.c:615
       dput+0x19f/0x2b0 fs/dcache.c:857
       do_renameat2+0xda1/0x13f0 fs/namei.c:5172
       __do_sys_rename fs/namei.c:5217 [inline]
       __se_sys_rename fs/namei.c:5215 [inline]
       __x64_sys_rename+0x82/0x90 fs/namei.c:5215
       do_syscall_x64 arch/x86/entry/common.c:52 [inline]
       do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
       entry_SYSCALL_64_after_hwframe+0x77/0x7f

-> #0 (&wnd->rw_lock/1){+.+.}-{3:3}:
       check_prev_add kernel/locking/lockdep.c:3158 [inline]
       check_prevs_add kernel/locking/lockdep.c:3277 [inline]
       validate_chain+0x18ef/0x5920 kernel/locking/lockdep.c:3901
       __lock_acquire+0x1384/0x2050 kernel/locking/lockdep.c:5199
       lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5822
       down_write_nested+0xa2/0x220 kernel/locking/rwsem.c:1695
       ntfs_mark_rec_free+0x3f/0x2b0 fs/ntfs3/fsntfs.c:742
       ni_write_inode+0xb8a/0x1010 fs/ntfs3/frecord.c:3433
       write_inode fs/fs-writeback.c:1503 [inline]
       __writeback_single_inode+0x711/0x10d0 fs/fs-writeback.c:1723
       writeback_sb_inodes+0x812/0x1370 fs/fs-writeback.c:1954
       wb_writeback+0x41b/0xbd0 fs/fs-writeback.c:2134
       wb_do_writeback fs/fs-writeback.c:2281 [inline]
       wb_workfn+0x410/0x1090 fs/fs-writeback.c:2321
       process_one_work kernel/workqueue.c:3231 [inline]
       process_scheduled_works+0xa2c/0x1830 kernel/workqueue.c:3312
       worker_thread+0x870/0xd30 kernel/workqueue.c:3393
       kthread+0x2f0/0x390 kernel/kthread.c:389
       ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147
       ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244

other info that might help us debug this:

 Possible unsafe locking scenario:

       CPU0                    CPU1
       ----                    ----
  lock(&ni->ni_lock#2);
                               lock(&wnd->rw_lock/1);
                               lock(&ni->ni_lock#2);
  lock(&wnd->rw_lock/1);

 *** DEADLOCK ***

3 locks held by kworker/u8:8/2989:
 #0: ffff88801ea9e148 ((wq_completion)writeback){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3206 [inline]
 #0: ffff88801ea9e148 ((wq_completion)writeback){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 kernel/workqueue.c:3312
 #1: ffffc90009cdfd00 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3207 [inline]
 #1: ffffc90009cdfd00 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 kernel/workqueue.c:3312
 #2: ffff88807818bbc0 (&ni->ni_lock#2){+.+.}-{3:3}, at: ni_trylock fs/ntfs3/ntfs_fs.h:1129 [inline]
 #2: ffff88807818bbc0 (&ni->ni_lock#2){+.+.}-{3:3}, at: ni_write_inode+0x1bc/0x1010 fs/ntfs3/frecord.c:3333

stack backtrace:
CPU: 0 UID: 0 PID: 2989 Comm: kworker/u8:8 Not tainted 6.11.0-syzkaller-04557-g2f27fce67173 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
Workqueue: writeback wb_workfn (flush-7:3)
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:93 [inline]
 dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119
 print_circular_bug+0x13a/0x1b0 kernel/locking/lockdep.c:2074
 check_noncircular+0x36a/0x4a0 kernel/locking/lockdep.c:2203
 check_prev_add kernel/locking/lockdep.c:3158 [inline]
 check_prevs_add kernel/locking/lockdep.c:3277 [inline]
 validate_chain+0x18ef/0x5920 kernel/locking/lockdep.c:3901
 __lock_acquire+0x1384/0x2050 kernel/locking/lockdep.c:5199
 lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5822
 down_write_nested+0xa2/0x220 kernel/locking/rwsem.c:1695
 ntfs_mark_rec_free+0x3f/0x2b0 fs/ntfs3/fsntfs.c:742
 ni_write_inode+0xb8a/0x1010 fs/ntfs3/frecord.c:3433
 write_inode fs/fs-writeback.c:1503 [inline]
 __writeback_single_inode+0x711/0x10d0 fs/fs-writeback.c:1723
 writeback_sb_inodes+0x812/0x1370 fs/fs-writeback.c:1954
 wb_writeback+0x41b/0xbd0 fs/fs-writeback.c:2134
 wb_do_writeback fs/fs-writeback.c:2281 [inline]
 wb_workfn+0x410/0x1090 fs/fs-writeback.c:2321
 process_one_work kernel/workqueue.c:3231 [inline]
 process_scheduled_works+0xa2c/0x1830 kernel/workqueue.c:3312
 worker_thread+0x870/0xd30 kernel/workqueue.c:3393
 kthread+0x2f0/0x390 kernel/kthread.c:389
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>