possible deadlock in ntfs_read

Date	Name	Commit	Repro	Result
2025/11/06	linux-6.6.y (ToT)	0a805b6ea8cd	C	[report] possible deadlock in ntfs_read_folio
2025/11/06	upstream (ToT)	a1388fcb52fc	C	Didn't crash

Date

Name

Commit

Repro

Result

2025/11/06

linux-6.6.y (ToT)

0a805b6ea8cd

[report] possible deadlock in ntfs_read_folio

2025/11/06

upstream (ToT)

a1388fcb52fc

Didn't crash

Kernel	Title	Rank 🛈	Repro	Cause bisect	Fix bisect	Count	Last	Reported	Patched	Status
linux-6.1	possible deadlock in ntfs_read_folio origin:upstream missing-backport	4	C		unreliable	229	4d20h	1012d	0/3	upstream: reported C repro on 2023/03/14 17:51
upstream	possible deadlock in ntfs_read_folio ntfs3	4	C	inconclusive	done	5565	2d08h	1176d	0/29	upstream: reported C repro on 2022/10/01 13:48

Created	Duration	User	Patch	Repo	Result
2025/12/08 17:05	1h48m	bisect fix		linux-6.6.y	OK (0) job log log

Created

Duration

User

Patch

Repo

Result

2025/12/08 17:05

1h48m

bisect fix

linux-6.6.y

OK (0) job log log

====================================================== WARNING: possible circular locking dependency detected syzkaller #0 Not tainted ------------------------------------------------------ kworker/u4:12/3512 is trying to acquire lock: ffff88805a1f4b40 (&rl->lock){++++}-{3:3}, at: ntfs_read_block fs/ntfs/aops.c:248 [inline] ffff88805a1f4b40 (&rl->lock){++++}-{3:3}, at: ntfs_read_folio+0x144d/0x2980 fs/ntfs/aops.c:436 but task is already holding lock: ffff88805a1f7510 (&ni->mrec_lock){+.+.}-{3:3}, at: map_mft_record+0x50/0x650 fs/ntfs/mft.c:154 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #1 (&ni->mrec_lock){+.+.}-{3:3}: __mutex_lock_common kernel/locking/mutex.c:603 [inline] __mutex_lock+0x129/0xcc0 kernel/locking/mutex.c:747 map_mft_record+0x50/0x650 fs/ntfs/mft.c:154 ntfs_truncate+0x28a/0x28a0 fs/ntfs/inode.c:2383 ntfs_truncate_vfs fs/ntfs/inode.c:2863 [inline] ntfs_setattr+0x34a/0x430 fs/ntfs/inode.c:2915 notify_change+0xb0d/0xe10 fs/attr.c:499 do_truncate+0x19b/0x220 fs/open.c:66 vfs_truncate+0x266/0x300 fs/open.c:112 do_sys_truncate+0xe0/0x1a0 fs/open.c:135 do_syscall_x64 arch/x86/entry/common.c:51 [inline] do_syscall_64+0x55/0xb0 arch/x86/entry/common.c:81 entry_SYSCALL_64_after_hwframe+0x68/0xd2 -> #0 (&rl->lock){++++}-{3:3}: check_prev_add kernel/locking/lockdep.c:3134 [inline] check_prevs_add kernel/locking/lockdep.c:3253 [inline] validate_chain kernel/locking/lockdep.c:3869 [inline] __lock_acquire+0x2ddb/0x7c80 kernel/locking/lockdep.c:5137 lock_acquire+0x197/0x410 kernel/locking/lockdep.c:5754 down_read+0x46/0x2e0 kernel/locking/rwsem.c:1520 ntfs_read_block fs/ntfs/aops.c:248 [inline] ntfs_read_folio+0x144d/0x2980 fs/ntfs/aops.c:436 filemap_read_folio+0x167/0x760 mm/filemap.c:2420 do_read_cache_folio+0x470/0x7e0 mm/filemap.c:3804 do_read_cache_page+0x32/0x250 mm/filemap.c:3870 read_mapping_page include/linux/pagemap.h:892 [inline] ntfs_map_page fs/ntfs/aops.h:75 [inline] ntfs_sync_mft_mirror+0x236/0x1aa0 fs/ntfs/mft.c:480 write_mft_record_nolock+0x116f/0x18c0 fs/ntfs/mft.c:787 write_mft_record+0x136/0x300 fs/ntfs/mft.h:95 __ntfs_write_inode+0x731/0xc00 fs/ntfs/inode.c:3051 write_inode fs/fs-writeback.c:1483 [inline] __writeback_single_inode+0x705/0xee0 fs/fs-writeback.c:1700 writeback_sb_inodes+0x77c/0xef0 fs/fs-writeback.c:1926 wb_writeback+0x450/0xba0 fs/fs-writeback.c:2105 wb_do_writeback fs/fs-writeback.c:2252 [inline] wb_workfn+0x3ff/0xe20 fs/fs-writeback.c:2292 process_one_work kernel/workqueue.c:2634 [inline] process_scheduled_works+0xa45/0x15b0 kernel/workqueue.c:2711 worker_thread+0xa55/0xfc0 kernel/workqueue.c:2792 kthread+0x2fa/0x390 kernel/kthread.c:388 ret_from_fork+0x48/0x80 arch/x86/kernel/process.c:152 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:293 other info that might help us debug this: Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(&ni->mrec_lock); lock(&rl->lock); lock(&ni->mrec_lock); rlock(&rl->lock); *** DEADLOCK *** 3 locks held by kworker/u4:12/3512: #0: ffff88801a27e938 ((wq_completion)writeback){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:2609 [inline] #0: ffff88801a27e938 ((wq_completion)writeback){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0 kernel/workqueue.c:2711 #1: ffffc9000d3cfd00 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:2609 [inline] #1: ffffc9000d3cfd00 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0 kernel/workqueue.c:2711 #2: ffff88805a1f7510 (&ni->mrec_lock){+.+.}-{3:3}, at: map_mft_record+0x50/0x650 fs/ntfs/mft.c:154 stack backtrace: CPU: 1 PID: 3512 Comm: kworker/u4:12 Not tainted syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 Workqueue: writeback wb_workfn (flush-7:3) Call Trace: <TASK> dump_stack_lvl+0x16c/0x230 lib/dump_stack.c:106 check_noncircular+0x2bd/0x3c0 kernel/locking/lockdep.c:2187 check_prev_add kernel/locking/lockdep.c:3134 [inline] check_prevs_add kernel/locking/lockdep.c:3253 [inline] validate_chain kernel/locking/lockdep.c:3869 [inline] __lock_acquire+0x2ddb/0x7c80 kernel/locking/lockdep.c:5137 lock_acquire+0x197/0x410 kernel/locking/lockdep.c:5754 down_read+0x46/0x2e0 kernel/locking/rwsem.c:1520 ntfs_read_block fs/ntfs/aops.c:248 [inline] ntfs_read_folio+0x144d/0x2980 fs/ntfs/aops.c:436 filemap_read_folio+0x167/0x760 mm/filemap.c:2420 do_read_cache_folio+0x470/0x7e0 mm/filemap.c:3804 do_read_cache_page+0x32/0x250 mm/filemap.c:3870 read_mapping_page include/linux/pagemap.h:892 [inline] ntfs_map_page fs/ntfs/aops.h:75 [inline] ntfs_sync_mft_mirror+0x236/0x1aa0 fs/ntfs/mft.c:480 write_mft_record_nolock+0x116f/0x18c0 fs/ntfs/mft.c:787 write_mft_record+0x136/0x300 fs/ntfs/mft.h:95 __ntfs_write_inode+0x731/0xc00 fs/ntfs/inode.c:3051 write_inode fs/fs-writeback.c:1483 [inline] __writeback_single_inode+0x705/0xee0 fs/fs-writeback.c:1700 writeback_sb_inodes+0x77c/0xef0 fs/fs-writeback.c:1926 wb_writeback+0x450/0xba0 fs/fs-writeback.c:2105 wb_do_writeback fs/fs-writeback.c:2252 [inline] wb_workfn+0x3ff/0xe20 fs/fs-writeback.c:2292 process_one_work kernel/workqueue.c:2634 [inline] process_scheduled_works+0xa45/0x15b0 kernel/workqueue.c:2711 worker_thread+0xa55/0xfc0 kernel/workqueue.c:2792 kthread+0x2fa/0x390 kernel/kthread.c:388 ret_from_fork+0x48/0x80 arch/x86/kernel/process.c:152 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:293 </TASK>

Crashes (8):
Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	VM info	Assets (help?)	Manager	Title
2025/12/14 23:00	linux-6.6.y	5fa4793a2d2d	d6526ea3	.config	console log	report	syz / log	C		[disk image] [vmlinux] [kernel image] [mounted in repro]	ci2-linux-6-6-kasan	possible deadlock in ntfs_read_folio
2025/11/04 16:41	linux-6.6.y	0a805b6ea8cd	686bf657	.config	console log	report	syz / log	C		[disk image] [vmlinux] [kernel image] [mounted in repro]	ci2-linux-6-6-kasan	possible deadlock in ntfs_read_folio
2025/12/18 14:34	linux-6.6.y	5fa4793a2d2d	d6526ea3	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-6-6-kasan	possible deadlock in ntfs_read_folio
2025/11/04 05:08	linux-6.6.y	0a805b6ea8cd	686bf657	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-6-6-kasan	possible deadlock in ntfs_read_folio
2025/11/04 05:06	linux-6.6.y	0a805b6ea8cd	686bf657	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-6-6-kasan	possible deadlock in ntfs_read_folio
2025/11/03 21:35	linux-6.6.y	0a805b6ea8cd	686bf657	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-6-6-kasan	possible deadlock in ntfs_read_folio
2025/09/18 11:34	linux-6.6.y	60a9e718726f	e2beed91	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-6-6-kasan	possible deadlock in ntfs_read_folio
2025/08/29 12:48	linux-6.6.y	cc1a1c5b404a	3e1beec6	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-6-6-kasan	possible deadlock in ntfs_read_folio

Crashes (8):

Assets (help?)