Warning: Permanently added '10.128.10.34' (ED25519) to the list of known hosts. 2025/07/15 10:02:16 ignoring optional flag "sandboxArg"="0" 2025/07/15 10:02:17 parsed 1 programs [ 69.281007][ T1925] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k 2025/07/15 10:02:22 executed programs: 0 [ 77.744492][ T3046] [ 77.746844][ T3046] ====================================================== [ 77.753847][ T3046] WARNING: possible circular locking dependency detected [ 77.760866][ T3046] 6.16.0-rc5-syzkaller #0 Not tainted [ 77.766224][ T3046] ------------------------------------------------------ [ 77.773226][ T3046] syz.3.68/3046 is trying to acquire lock: [ 77.779016][ T3046] ffff88810a3c5520 (&mm->mmap_lock){++++}-{4:4}, at: mmap_read_lock_killable+0x13/0x110 [ 77.788724][ T3046] [ 77.788724][ T3046] but task is already holding lock: [ 77.796070][ T3046] ffff88810878ad88 (vm_lock){++++}-{0:0}, at: get_next_vma+0xa6/0xe0 [ 77.804130][ T3046] [ 77.804130][ T3046] which lock already depends on the new lock. [ 77.804130][ T3046] [ 77.814523][ T3046] [ 77.814523][ T3046] the existing dependency chain (in reverse order) is: [ 77.823524][ T3046] [ 77.823524][ T3046] -> #1 (vm_lock){++++}-{0:0}: [ 77.830448][ T3046] __vma_enter_locked+0x75/0xf0 [ 77.835840][ T3046] __vma_start_write+0x13/0x70 [ 77.841135][ T3046] vma_expand+0x8a/0x210 [ 77.845891][ T3046] relocate_vma_down+0x27f/0x380 [ 77.851344][ T3046] setup_arg_pages+0x307/0x490 [ 77.856701][ T3046] load_elf_binary+0x38c/0xd50 [ 77.861979][ T3046] bprm_execve+0x38b/0x5e0 [ 77.866920][ T3046] kernel_execve+0x1c1/0x210 [ 77.872020][ T3046] try_to_run_init_process+0x9/0x40 [ 77.877723][ T3046] kernel_init+0x96/0x120 [ 77.882747][ T3046] ret_from_fork+0x152/0x240 [ 77.887835][ T3046] ret_from_fork_asm+0x1a/0x30 [ 77.893104][ T3046] [ 77.893104][ T3046] -> #0 (&mm->mmap_lock){++++}-{4:4}: [ 77.900629][ T3046] __lock_acquire+0x12e6/0x2100 [ 77.905979][ T3046] lock_acquire+0xe9/0x270 [ 77.910909][ T3046] down_read_killable+0x37/0x120 [ 77.916385][ T3046] mmap_read_lock_killable+0x13/0x110 [ 77.922341][ T3046] lock_next_vma+0x3af/0x600 [ 77.927439][ T3046] get_next_vma+0xa6/0xe0 [ 77.932265][ T3046] query_matching_vma+0xf9/0x1c0 [ 77.937701][ T3046] procfs_procmap_ioctl+0x282/0x6a0 [ 77.943404][ T3046] __se_sys_ioctl+0x6c/0xc0 [ 77.948406][ T3046] do_syscall_64+0xa6/0x2c0 [ 77.953410][ T3046] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 77.959808][ T3046] [ 77.959808][ T3046] other info that might help us debug this: [ 77.959808][ T3046] [ 77.970128][ T3046] Possible unsafe locking scenario: [ 77.970128][ T3046] [ 77.977582][ T3046] CPU0 CPU1 [ 77.982938][ T3046] ---- ---- [ 77.988299][ T3046] rlock(vm_lock); [ 77.992091][ T3046] lock(&mm->mmap_lock); [ 77.999033][ T3046] lock(vm_lock); [ 78.005254][ T3046] rlock(&mm->mmap_lock); [ 78.009666][ T3046] [ 78.009666][ T3046] *** DEADLOCK *** [ 78.009666][ T3046] [ 78.017795][ T3046] 1 lock held by syz.3.68/3046: [ 78.022626][ T3046] #0: ffff88810878ad88 (vm_lock){++++}-{0:0}, at: get_next_vma+0xa6/0xe0 [ 78.031114][ T3046] [ 78.031114][ T3046] stack backtrace: [ 78.036997][ T3046] CPU: 0 UID: 0 PID: 3046 Comm: syz.3.68 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(none) [ 78.037000][ T3046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 78.037002][ T3046] Call Trace: [ 78.037006][ T3046] [ 78.037008][ T3046] dump_stack_lvl+0xad/0x110 [ 78.037012][ T3046] print_circular_bug+0x29b/0x2b0 [ 78.037018][ T3046] check_noncircular+0x10e/0x130 [ 78.037023][ T3046] __lock_acquire+0x12e6/0x2100 [ 78.037028][ T3046] ? __lock_acquire+0x508/0x2100 [ 78.037031][ T3046] ? mmap_read_lock_killable+0x13/0x110 [ 78.037036][ T3046] lock_acquire+0xe9/0x270 [ 78.037039][ T3046] ? mmap_read_lock_killable+0x13/0x110 [ 78.037043][ T3046] ? get_next_vma+0xa6/0xe0 [ 78.037046][ T3046] ? lock_next_vma+0x393/0x600 [ 78.037048][ T3046] ? mmap_read_lock_killable+0x13/0x110 [ 78.037052][ T3046] down_read_killable+0x37/0x120 [ 78.037056][ T3046] ? mmap_read_lock_killable+0x13/0x110 [ 78.037059][ T3046] mmap_read_lock_killable+0x13/0x110 [ 78.037063][ T3046] lock_next_vma+0x3af/0x600 [ 78.037067][ T3046] get_next_vma+0xa6/0xe0 [ 78.037069][ T3046] ? query_matching_vma+0x36/0x1c0 [ 78.037072][ T3046] query_matching_vma+0xf9/0x1c0 [ 78.037075][ T3046] procfs_procmap_ioctl+0x282/0x6a0 [ 78.037082][ T3046] __se_sys_ioctl+0x6c/0xc0 [ 78.037086][ T3046] do_syscall_64+0xa6/0x2c0 [ 78.037090][ T3046] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 78.037092][ T3046] ? clear_bhb_loop+0x40/0x90 [ 78.037096][ T3046] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 78.037098][ T3046] RIP: 0033:0x7fa463d9e929 [ 78.037102][ T3046] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 78.037103][ T3046] RSP: 002b:00007fa46380f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 78.037107][ T3046] RAX: ffffffffffffffda RBX: 00007fa463fc5fa0 RCX: 00007fa463d9e929 [ 78.037109][ T3046] RDX: 0000200000000180 RSI: 00000000c0686611 RDI: 0000000000000003 [ 78.037110][ T3046] RBP: 00007fa463e20b39 R08: 0000000000000000 R09: 0000000000000000 [ 78.037111][ T3046] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 78.037113][ T3046] R13: 0000000000000000 R14: 00007fa463fc5fa0 R15: 00007fffd77369c8 [ 78.037117][ T3046]