======================================================
WARNING: possible circular locking dependency detected
6.6.0-gd2f51b3516da #1 Not tainted
------------------------------------------------------
syz-executor325/10412 is trying to acquire lock:
ffff8880468d8ad8 (&dmxdev->mutex){+.+.}-{3:3}, at: dvb_dmxdev_filter_free linux/drivers/media/dvb-core/dmxdev.c:833 [inline]
ffff8880468d8ad8 (&dmxdev->mutex){+.+.}-{3:3}, at: dvb_demux_release+0x8a/0x600 linux/drivers/media/dvb-core/dmxdev.c:1246

but task is already holding lock:
ffffc9000a5aa4c0 (&ctx->mutex){+.+.}-{3:3}, at: _dmxdev_lock+0x40/0x90 linux/drivers/media/dvb-core/dvb_vb2.c:110

which lock already depends on the new lock.


the existing dependency chain (in reverse order) is:

-> #1 (&ctx->mutex){+.+.}-{3:3}:
       __lock_release linux/kernel/locking/lockdep.c:5467 [inline]
       lock_release+0x3c0/0x870 linux/kernel/locking/lockdep.c:5773
       __mutex_unlock_slowpath+0x9e/0x600 linux/kernel/locking/mutex.c:907
       dvb_demux_do_ioctl+0x3ab/0x1630 linux/drivers/media/dvb-core/dmxdev.c:1171
       dvb_usercopy+0xc2/0x280 linux/drivers/media/dvb-core/dvbdev.c:986
       dvb_demux_ioctl+0x31/0x40 linux/drivers/media/dvb-core/dmxdev.c:1185
       vfs_ioctl linux/fs/ioctl.c:51 [inline]
       __do_sys_ioctl linux/fs/ioctl.c:871 [inline]
       __se_sys_ioctl linux/fs/ioctl.c:857 [inline]
       __x64_sys_ioctl+0x1a2/0x210 linux/fs/ioctl.c:857
       do_syscall_x64 linux/arch/x86/entry/common.c:51 [inline]
       do_syscall_64+0x40/0x110 linux/arch/x86/entry/common.c:82
       entry_SYSCALL_64_after_hwframe+0x63/0x6b

-> #0 (&dmxdev->mutex){+.+.}-{3:3}:
       check_prev_add linux/kernel/locking/lockdep.c:3134 [inline]
       check_prevs_add linux/kernel/locking/lockdep.c:3253 [inline]
       validate_chain linux/kernel/locking/lockdep.c:3868 [inline]
       __lock_acquire+0x24a1/0x3b40 linux/kernel/locking/lockdep.c:5136
       lock_acquire linux/kernel/locking/lockdep.c:5753 [inline]
       lock_acquire+0x219/0x650 linux/kernel/locking/lockdep.c:5718
       __mutex_lock_common linux/kernel/locking/mutex.c:603 [inline]
       __mutex_lock+0x14c/0x940 linux/kernel/locking/mutex.c:747
       dvb_dmxdev_filter_free linux/drivers/media/dvb-core/dmxdev.c:833 [inline]
       dvb_demux_release+0x8a/0x600 linux/drivers/media/dvb-core/dmxdev.c:1246
       __fput+0x287/0xbf0 linux/fs/file_table.c:394
       task_work_run+0x16d/0x260 linux/kernel/task_work.c:180
       exit_task_work linux/./include/linux/task_work.h:38 [inline]
       do_exit+0xc38/0x2c00 linux/kernel/exit.c:871
       do_group_exit+0xd9/0x2b0 linux/kernel/exit.c:1021
       get_signal+0x244a/0x2640 linux/kernel/signal.c:2904
       arch_do_signal_or_restart+0x86/0x7e0 linux/arch/x86/kernel/signal.c:309
       exit_to_user_mode_loop linux/kernel/entry/common.c:168 [inline]
       exit_to_user_mode_prepare+0x150/0x250 linux/kernel/entry/common.c:204
       __syscall_exit_to_user_mode_work linux/kernel/entry/common.c:285 [inline]
       syscall_exit_to_user_mode+0x1b/0x50 linux/kernel/entry/common.c:296
       do_syscall_64+0x4d/0x110 linux/arch/x86/entry/common.c:88
       entry_SYSCALL_64_after_hwframe+0x63/0x6b

other info that might help us debug this:

 Possible unsafe locking scenario:

       CPU0                    CPU1
       ----                    ----
  lock(&ctx->mutex);
                               lock(&dmxdev->mutex);
                               lock(&ctx->mutex);
  lock(&dmxdev->mutex);

 *** DEADLOCK ***

1 lock held by syz-executor325/10412:
 #0: ffffc9000a5aa4c0 (&ctx->mutex){+.+.}-{3:3}, at: _dmxdev_lock+0x40/0x90 linux/drivers/media/dvb-core/dvb_vb2.c:110

stack backtrace:
CPU: 0 PID: 10412 Comm: syz-executor325 Not tainted 6.6.0-gd2f51b3516da #1
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014
Call Trace:
 <TASK>
 __dump_stack linux/lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x204/0x380 linux/lib/dump_stack.c:106
 check_noncircular+0x2f4/0x3e0 linux/kernel/locking/lockdep.c:2187
 check_prev_add linux/kernel/locking/lockdep.c:3134 [inline]
 check_prevs_add linux/kernel/locking/lockdep.c:3253 [inline]
 validate_chain linux/kernel/locking/lockdep.c:3868 [inline]
 __lock_acquire+0x24a1/0x3b40 linux/kernel/locking/lockdep.c:5136
 lock_acquire linux/kernel/locking/lockdep.c:5753 [inline]
 lock_acquire+0x219/0x650 linux/kernel/locking/lockdep.c:5718
 __mutex_lock_common linux/kernel/locking/mutex.c:603 [inline]
 __mutex_lock+0x14c/0x940 linux/kernel/locking/mutex.c:747
 dvb_dmxdev_filter_free linux/drivers/media/dvb-core/dmxdev.c:833 [inline]
 dvb_demux_release+0x8a/0x600 linux/drivers/media/dvb-core/dmxdev.c:1246
 __fput+0x287/0xbf0 linux/fs/file_table.c:394
 task_work_run+0x16d/0x260 linux/kernel/task_work.c:180
 exit_task_work linux/./include/linux/task_work.h:38 [inline]
 do_exit+0xc38/0x2c00 linux/kernel/exit.c:871
 do_group_exit+0xd9/0x2b0 linux/kernel/exit.c:1021
 get_signal+0x244a/0x2640 linux/kernel/signal.c:2904
 arch_do_signal_or_restart+0x86/0x7e0 linux/arch/x86/kernel/signal.c:309
 exit_to_user_mode_loop linux/kernel/entry/common.c:168 [inline]
 exit_to_user_mode_prepare+0x150/0x250 linux/kernel/entry/common.c:204
 __syscall_exit_to_user_mode_work linux/kernel/entry/common.c:285 [inline]
 syscall_exit_to_user_mode+0x1b/0x50 linux/kernel/entry/common.c:296
 do_syscall_64+0x4d/0x110 linux/arch/x86/entry/common.c:88
 entry_SYSCALL_64_after_hwframe+0x63/0x6b
RIP: 0033:0x7f873f55d20d
Code: Unable to access opcode bytes at 0x7f873f55d1e3.
RSP: 002b:00007ffc56cb8d08 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: fffffffffffffe00 RBX: 00007ffc56cb8f68 RCX: 00007f873f55d20d
RDX: 0000000020002800 RSI: 00000000c0186f40 RDI: 0000000000000003
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
R13: 431bde82d7b634db R14: 00007f873f5da4f0 R15: 0000000000000001
 </TASK>