[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.107' (ECDSA) to the list of known hosts. syzkaller login: [ 33.537265] IPVS: ftp: loaded support on port[0] = 21 executing program [ 33.616736] ntfs: volume version 3.1. [ 33.721332] syz-executor171 (8076): drop_caches: 1 [ 33.767381] syz-executor171 (8076): drop_caches: 1 [ 33.776810] [ 33.778437] ====================================================== [ 33.784777] WARNING: possible circular locking dependency detected [ 33.791077] 4.19.211-syzkaller #0 Not tainted [ 33.795546] ------------------------------------------------------ [ 33.801841] kworker/u4:2/106 is trying to acquire lock: [ 33.807176] 00000000fa5c28e8 (&rl->lock){++++}, at: ntfs_readpage+0x1909/0x21b0 [ 33.814624] [ 33.814624] but task is already holding lock: [ 33.820572] 000000000c7b2067 (&ni->mrec_lock){+.+.}, at: map_mft_record+0x3c/0xc70 [ 33.828262] [ 33.828262] which lock already depends on the new lock. [ 33.828262] [ 33.836550] [ 33.836550] the existing dependency chain (in reverse order) is: [ 33.844144] [ 33.844144] -> #1 (&ni->mrec_lock){+.+.}: [ 33.849756] map_mft_record+0x3c/0xc70 [ 33.854144] ntfs_map_runlist_nolock+0xbe5/0x17f0 [ 33.859488] ntfs_map_runlist+0x77/0xa0 [ 33.863969] ntfs_readpage+0x195b/0x21b0 [ 33.868529] read_pages.isra.0+0x329/0x5d0 [ 33.873263] __do_page_cache_readahead+0x5c6/0x6c0 [ 33.878689] ondemand_readahead.isra.0+0x575/0xd40 [ 33.884113] page_cache_sync_readahead+0x275/0x520 [ 33.889538] generic_file_read_iter+0x1497/0x2b60 [ 33.894877] __vfs_read+0x518/0x750 [ 33.899023] integrity_kernel_read+0x147/0x1f0 [ 33.904111] ima_calc_file_hash+0x4b2/0x8a0 [ 33.908940] ima_collect_measurement+0x4c4/0x570 [ 33.914194] process_measurement+0xddd/0x1440 [ 33.919186] ima_file_check+0xb9/0x100 [ 33.923594] path_openat+0x7e4/0x2df0 [ 33.927911] do_filp_open+0x18c/0x3f0 [ 33.932211] do_sys_open+0x3b3/0x520 [ 33.936430] do_syscall_64+0xf9/0x620 [ 33.940747] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 33.946428] [ 33.946428] -> #0 (&rl->lock){++++}: [ 33.951602] down_read+0x36/0x80 [ 33.955486] ntfs_readpage+0x1909/0x21b0 [ 33.960060] do_read_cache_page+0x533/0x1170 [ 33.964968] ntfs_sync_mft_mirror+0x24f/0x1d00 [ 33.970045] write_mft_record_nolock+0x13d2/0x16c0 [ 33.975487] __ntfs_write_inode+0x609/0xe10 [ 33.980309] __writeback_single_inode+0x733/0x11d0 [ 33.985739] writeback_sb_inodes+0x537/0xef0 [ 33.990645] wb_writeback+0x28d/0xcc0 [ 33.994943] wb_workfn+0x29b/0x1250 [ 33.999066] process_one_work+0x864/0x1570 [ 34.003793] worker_thread+0x64c/0x1130 [ 34.008304] kthread+0x33f/0x460 [ 34.012167] ret_from_fork+0x24/0x30 [ 34.016375] [ 34.016375] other info that might help us debug this: [ 34.016375] [ 34.024489] Possible unsafe locking scenario: [ 34.024489] [ 34.030524] CPU0 CPU1 [ 34.035162] ---- ---- [ 34.039809] lock(&ni->mrec_lock); [ 34.043411] lock(&rl->lock); [ 34.049096] lock(&ni->mrec_lock); [ 34.055219] lock(&rl->lock); [ 34.058395] [ 34.058395] *** DEADLOCK *** [ 34.058395] [ 34.064433] 3 locks held by kworker/u4:2/106: [ 34.068900] #0: 000000006769d5a0 ((wq_completion)"writeback"){+.+.}, at: process_one_work+0x767/0x1570 [ 34.078419] #1: 00000000442a2f0b ((work_completion)(&(&wb->dwork)->work)){+.+.}, at: process_one_work+0x79c/0x1570 [ 34.088977] #2: 000000000c7b2067 (&ni->mrec_lock){+.+.}, at: map_mft_record+0x3c/0xc70 [ 34.097102] [ 34.097102] stack backtrace: [ 34.101576] CPU: 1 PID: 106 Comm: kworker/u4:2 Not tainted 4.19.211-syzkaller #0 [ 34.109085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 34.118424] Workqueue: writeback wb_workfn (flush-7:0) [ 34.123678] Call Trace: [ 34.126249] dump_stack+0x1fc/0x2ef [ 34.129866] print_circular_bug.constprop.0.cold+0x2d7/0x41e [ 34.135657] __lock_acquire+0x30c9/0x3ff0 [ 34.139786] ? mark_held_locks+0xf0/0xf0 [ 34.143829] ? get_mem_cgroup_from_page+0x7a/0x3b0 [ 34.148740] ? check_preemption_disabled+0x41/0x280 [ 34.153738] ? alloc_buffer_head+0x20/0x130 [ 34.158042] ? ntfs_readpage+0xe0b/0x21b0 [ 34.162171] lock_acquire+0x170/0x3c0 [ 34.165952] ? ntfs_readpage+0x1909/0x21b0 [ 34.170166] down_read+0x36/0x80 [ 34.173683] ? ntfs_readpage+0x1909/0x21b0 [ 34.177890] ntfs_readpage+0x1909/0x21b0 [ 34.181946] ? ntfs_end_buffer_async_read+0x1210/0x1210 [ 34.187285] ? add_to_page_cache_lru+0x259/0x680 [ 34.192017] ? add_to_page_cache_locked+0x40/0x40 [ 34.196835] do_read_cache_page+0x533/0x1170 [ 34.201220] ? ntfs_end_buffer_async_read+0x1210/0x1210 [ 34.206559] ntfs_sync_mft_mirror+0x24f/0x1d00 [ 34.211120] ? submit_bio+0xb1/0x430 [ 34.214808] ? generic_make_request+0xdf0/0xdf0 [ 34.219452] ? ntfs_mft_bitmap_extend_allocation_nolock+0x2600/0x2600 [ 34.226023] ? guard_bio_eod+0x2a0/0x650 [ 34.230076] ? submit_bh_wbc+0x5a7/0x760 [ 34.234127] write_mft_record_nolock+0x13d2/0x16c0 [ 34.239041] ? ntfs_sync_mft_mirror+0x1d00/0x1d00 [ 34.243861] ? debug_check_no_obj_freed+0x201/0x490 [ 34.248856] ? check_preemption_disabled+0x41/0x280 [ 34.253851] __ntfs_write_inode+0x609/0xe10 [ 34.258151] __writeback_single_inode+0x733/0x11d0 [ 34.263077] writeback_sb_inodes+0x537/0xef0 [ 34.267477] ? wbc_detach_inode+0x840/0x840 [ 34.271776] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 34.276768] ? queue_io+0x448/0x590 [ 34.280372] wb_writeback+0x28d/0xcc0 [ 34.284165] ? writeback_inodes_wb.constprop.0+0x1d0/0x1d0 [ 34.289767] wb_workfn+0x29b/0x1250 [ 34.293381] ? inode_wait_for_writeback+0x30/0x30 [ 34.298203] ? check_preemption_disabled+0x41/0x280 [ 34.303198] process_one_work+0x864/0x1570 [ 34.307413] ? pwq_dec_nr_in_flight+0x2d0/0x2d0 [ 34.312075] worker_thread+0x64c/0x1130 [ 34.316042] ? process_one_work+0x1570/0x15