syzbot

 sign-in | mailing list | source | docs
🐞 Open [693]
🐞 Fixed [72]
🐞 Invalid [866]
Missing Backports [109]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

possible deadlock in mnt_want_write_file

Status: upstream: reported C repro on 2023/03/10 19:40
Bug presence: origin:upstream
Labels: missing-backport
[Documentation on labels]
Reported-by: syzbot+05d77323dd63604b4769@syzkaller.appspotmail.com
First crash: 795d, last: 10d
Fix commit to backport (bisect log) :
tree: upstream
commit fb6f20ecb121cef4d7946f834a6ee867c4e21b4a
Author: Jan Kara <jack@suse.cz>
Date: Thu Oct 17 10:28:23 2024 +0000

  reiserfs: The last commit

  
Bug presence (3)
Date Name Commit Repro Result
2024/12/30 linux-5.15.y (ToT) 91786f140358 C [report] possible deadlock in mnt_want_write_file
2023/09/21 upstream (ToT) 42dc814987c1 C [report] possible deadlock in mnt_want_write_file
2024/12/30 upstream (ToT) fc033cf25e61 C Didn't crash
Similar bugs (4)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-4.14 possible deadlock in mnt_want_write_file reiserfs C 41 805d 949d 0/1 upstream: reported C repro on 2022/10/07 22:29
linux-4.19 possible deadlock in mnt_want_write_file reiserfs C 81 801d 933d 0/1 upstream: reported C repro on 2022/10/23 23:32
upstream possible deadlock in mnt_want_write_file reiserfs C error done 1675 470d 922d 0/28 auto-obsoleted due to no activity on 2024/04/09 17:30
linux-6.1 possible deadlock in mnt_want_write_file origin:upstream missing-backport C done 541 1d09h 792d 0/3 upstream: reported C repro on 2023/03/14 17:49
Last patch testing requests (7)
Created Duration User Patch Repo Result
2024/12/07 11:37 17m retest repro linux-5.15.y report log
2024/11/11 09:30 10m retest repro linux-5.15.y report log
2024/11/11 09:30 1h54m retest repro linux-5.15.y report log
2024/10/19 14:40 13m retest repro linux-5.15.y report log
2024/10/19 14:40 14m retest repro linux-5.15.y report log
2024/10/19 14:40 1h12m retest repro linux-5.15.y report log
2024/10/19 14:40 15m retest repro linux-5.15.y report log
Fix bisection attempts (1)
Created Duration User Patch Repo Result
2025/01/19 06:40 6h13m fix candidate upstream OK (1) job log

Sample crash report:
REISERFS (device loop0): Using r5 hash to sort names
REISERFS (device loop0): using 3.5.x disk format
REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
======================================================
WARNING: possible circular locking dependency detected
5.15.180-syzkaller #0 Not tainted
------------------------------------------------------
syz-executor258/4163 is trying to acquire lock:
ffff888026d40460 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write_file+0x5c/0x200 fs/namespace.c:421

but task is already holding lock:
ffff88814138b090 (&sbi->lock){+.+.}-{3:3}, at: reiserfs_write_lock+0x75/0xd0 fs/reiserfs/lock.c:27

which lock already depends on the new lock.


the existing dependency chain (in reverse order) is:

-> #2 (&sbi->lock){+.+.}-{3:3}:
       __mutex_lock_common+0x1eb/0x2390 kernel/locking/mutex.c:596
       __mutex_lock kernel/locking/mutex.c:729 [inline]
       mutex_lock_nested+0x17/0x20 kernel/locking/mutex.c:743
       reiserfs_write_lock+0x75/0xd0 fs/reiserfs/lock.c:27
       reiserfs_lookup+0x137/0x420 fs/reiserfs/namei.c:364
       __lookup_slow+0x27d/0x3d0 fs/namei.c:1663
       lookup_one_len+0x18e/0x2c0 fs/namei.c:2718
       reiserfs_lookup_privroot+0x85/0x1e0 fs/reiserfs/xattr.c:980
       reiserfs_fill_super+0x1f65/0x23e0 fs/reiserfs/super.c:2178
       mount_bdev+0x287/0x3c0 fs/super.c:1400
       legacy_get_tree+0xe6/0x180 fs/fs_context.c:611
       vfs_get_tree+0x88/0x270 fs/super.c:1530
       do_new_mount+0x24a/0xa40 fs/namespace.c:3012
       do_mount fs/namespace.c:3355 [inline]
       __do_sys_mount fs/namespace.c:3563 [inline]
       __se_sys_mount+0x2d6/0x3c0 fs/namespace.c:3540
       do_syscall_x64 arch/x86/entry/common.c:50 [inline]
       do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
       entry_SYSCALL_64_after_hwframe+0x66/0xd0

-> #1 (&type->i_mutex_dir_key#6){+.+.}-{3:3}:
       down_write+0x38/0x60 kernel/locking/rwsem.c:1551
       inode_lock include/linux/fs.h:787 [inline]
       open_last_lookups fs/namei.c:3529 [inline]
       path_openat+0x7f3/0x2f30 fs/namei.c:3739
       do_filp_open+0x1b3/0x3e0 fs/namei.c:3769
       do_sys_openat2+0x142/0x4a0 fs/open.c:1253
       do_sys_open fs/open.c:1269 [inline]
       __do_sys_creat fs/open.c:1345 [inline]
       __se_sys_creat fs/open.c:1339 [inline]
       __x64_sys_creat+0x8c/0xb0 fs/open.c:1339
       do_syscall_x64 arch/x86/entry/common.c:50 [inline]
       do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
       entry_SYSCALL_64_after_hwframe+0x66/0xd0

-> #0 (sb_writers#9){.+.+}-{0:0}:
       check_prev_add kernel/locking/lockdep.c:3053 [inline]
       check_prevs_add kernel/locking/lockdep.c:3172 [inline]
       validate_chain kernel/locking/lockdep.c:3788 [inline]
       __lock_acquire+0x2c33/0x7c60 kernel/locking/lockdep.c:5012
       lock_acquire+0x197/0x3f0 kernel/locking/lockdep.c:5623
       percpu_down_read include/linux/percpu-rwsem.h:51 [inline]
       __sb_start_write include/linux/fs.h:1811 [inline]
       sb_start_write+0x4f/0x1c0 include/linux/fs.h:1881
       mnt_want_write_file+0x5c/0x200 fs/namespace.c:421
       reiserfs_ioctl+0x10a/0x330 fs/reiserfs/ioctl.c:103
       vfs_ioctl fs/ioctl.c:51 [inline]
       __do_sys_ioctl fs/ioctl.c:874 [inline]
       __se_sys_ioctl+0xfa/0x170 fs/ioctl.c:860
       do_syscall_x64 arch/x86/entry/common.c:50 [inline]
       do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
       entry_SYSCALL_64_after_hwframe+0x66/0xd0

other info that might help us debug this:

Chain exists of:
  sb_writers#9 --> &type->i_mutex_dir_key#6 --> &sbi->lock

 Possible unsafe locking scenario:

       CPU0                    CPU1
       ----                    ----
  lock(&sbi->lock);
                               lock(&type->i_mutex_dir_key#6);
                               lock(&sbi->lock);
  lock(sb_writers#9);

 *** DEADLOCK ***

1 lock held by syz-executor258/4163:
 #0: ffff88814138b090 (&sbi->lock){+.+.}-{3:3}, at: reiserfs_write_lock+0x75/0xd0 fs/reiserfs/lock.c:27

stack backtrace:
CPU: 0 PID: 4163 Comm: syz-executor258 Not tainted 5.15.180-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
Call Trace:
 <TASK>
 dump_stack_lvl+0x168/0x230 lib/dump_stack.c:106
 check_noncircular+0x274/0x310 kernel/locking/lockdep.c:2133
 check_prev_add kernel/locking/lockdep.c:3053 [inline]
 check_prevs_add kernel/locking/lockdep.c:3172 [inline]
 validate_chain kernel/locking/lockdep.c:3788 [inline]
 __lock_acquire+0x2c33/0x7c60 kernel/locking/lockdep.c:5012
 lock_acquire+0x197/0x3f0 kernel/locking/lockdep.c:5623
 percpu_down_read include/linux/percpu-rwsem.h:51 [inline]
 __sb_start_write include/linux/fs.h:1811 [inline]
 sb_start_write+0x4f/0x1c0 include/linux/fs.h:1881
 mnt_want_write_file+0x5c/0x200 fs/namespace.c:421
 reiserfs_ioctl+0x10a/0x330 fs/reiserfs/ioctl.c:103
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl+0xfa/0x170 fs/ioctl.c:860
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x66/0xd0
RIP: 0033:0x7f0d05807679
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffd1cc2d018 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00007ffd1cc2d1e8 RCX: 00007f0d05807679
RDX: 0000000000000000 RSI: 0000000040087602 RDI: 0000000000000004
RBP: 00007f0d0587b610 R08: 0000000000000000 R09: 00007ffd1cc2d1e8
R10: 0000000000001112 R11: 0000000000000246 R12: 0000000000000001
R13: 00007ffd1cc2d1d8 R14: 0000000000000001 R15: 0000000000000001

Crashes (625):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/04/29 12:38 linux-5.15.y f7347f400572 aeb6ec69 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan possible deadlock in mnt_want_write_file
2025/03/31 19:46 linux-5.15.y 0c935c049b5c d3999433 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan possible deadlock in mnt_want_write_file
2025/03/16 05:20 linux-5.15.y 0c935c049b5c e2826670 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan possible deadlock in mnt_want_write_file
2023/09/20 22:19 linux-5.15.y 35ecaa3632bf 0b6a67ac .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan possible deadlock in mnt_want_write_file
2023/05/29 07:25 linux-5.15.y 1fe619a7d252 cf184559 .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan possible deadlock in mnt_want_write_file
2024/11/22 07:21 linux-5.15.y 0a51d2d4527b 4b25d554 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2024/07/28 21:35 linux-5.15.y 7e89efd3ae1c 46eb10b7 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2024/04/05 05:37 linux-5.15.y 9465fef4ae35 0ee3535e .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2024/01/31 05:59 linux-5.15.y 6139f2a02fe0 7f400fcb .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2024/01/04 04:58 linux-5.15.y d93fa2c78854 28c42cff .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2023/05/05 02:21 linux-5.15.y 8a7f2a5c5aa1 518a39a6 .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/04/30 19:32 linux-5.15.y f7347f400572 85a5a23f .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in mnt_want_write_file
2025/04/29 15:44 linux-5.15.y f7347f400572 aeb6ec69 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in mnt_want_write_file
2025/04/26 20:26 linux-5.15.y f7347f400572 c6b4fb39 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in mnt_want_write_file
2025/04/25 15:58 linux-5.15.y f7347f400572 e3715315 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in mnt_want_write_file
2025/04/14 23:30 linux-5.15.y f7347f400572 0bd6db41 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in mnt_want_write_file
2025/03/31 09:05 linux-5.15.y 0c935c049b5c d3999433 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in mnt_want_write_file
2025/03/27 19:57 linux-5.15.y 0c935c049b5c 6c09fb82 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in mnt_want_write_file
2025/03/27 15:27 linux-5.15.y 0c935c049b5c 6c09fb82 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in mnt_want_write_file
2025/03/26 17:26 linux-5.15.y 0c935c049b5c 20510e88 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in mnt_want_write_file
2025/03/26 03:21 linux-5.15.y 0c935c049b5c 89d30d73 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in mnt_want_write_file
2025/03/23 23:59 linux-5.15.y 0c935c049b5c 875573af .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in mnt_want_write_file
2025/03/23 04:43 linux-5.15.y 0c935c049b5c 4e8d3850 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in mnt_want_write_file
2025/03/22 18:40 linux-5.15.y 0c935c049b5c c6512ef7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in mnt_want_write_file
2025/03/21 21:15 linux-5.15.y 0c935c049b5c c6512ef7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in mnt_want_write_file
2025/03/20 05:45 linux-5.15.y 0c935c049b5c 9209bc22 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in mnt_want_write_file
2025/03/19 16:48 linux-5.15.y 0c935c049b5c e20d7b13 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in mnt_want_write_file
2025/03/19 04:02 linux-5.15.y 0c935c049b5c 8d0a2921 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in mnt_want_write_file
2025/03/18 09:02 linux-5.15.y 0c935c049b5c ce3352cd .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in mnt_want_write_file
2025/02/02 22:43 linux-5.15.y c16c81c81336 568559e4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in mnt_want_write_file
2025/05/04 10:55 linux-5.15.y 16fdf2c7111b b0714e37 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/05/03 15:15 linux-5.15.y 16fdf2c7111b b0714e37 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/04/28 03:45 linux-5.15.y f7347f400572 c6b4fb39 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/04/25 23:14 linux-5.15.y f7347f400572 c6b4fb39 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/04/25 19:16 linux-5.15.y f7347f400572 c6b4fb39 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/04/25 05:42 linux-5.15.y f7347f400572 e3715315 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/04/25 01:31 linux-5.15.y f7347f400572 9882047a .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/04/23 14:44 linux-5.15.y f7347f400572 53a8b9bd .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/04/22 13:43 linux-5.15.y f7347f400572 2a20f901 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/04/21 17:22 linux-5.15.y f7347f400572 2a20f901 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/04/12 13:36 linux-5.15.y f7347f400572 0bd6db41 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/04/06 13:33 linux-5.15.y 0c935c049b5c 1c65791e .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/04/01 10:43 linux-5.15.y 0c935c049b5c 36d76a97 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/03/30 13:59 linux-5.15.y 0c935c049b5c d3999433 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/03/18 15:08 linux-5.15.y 0c935c049b5c 22a6c2b1 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/03/05 05:25 linux-5.15.y c16c81c81336 c3901742 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/02/26 12:30 linux-5.15.y c16c81c81336 d34966d1 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/02/23 08:39 linux-5.15.y c16c81c81336 d34966d1 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/02/09 21:15 linux-5.15.y c16c81c81336 ef44b750 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/02/09 03:14 linux-5.15.y c16c81c81336 ef44b750 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/02/08 13:16 linux-5.15.y c16c81c81336 ef44b750 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/02/01 08:07 linux-5.15.y 003148680b79 aa47157c .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/01/28 22:02 linux-5.15.y 003148680b79 f5427d7c .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/01/24 06:38 linux-5.15.y 003148680b79 521b0ce3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/01/24 03:10 linux-5.15.y 003148680b79 521b0ce3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/01/21 14:41 linux-5.15.y 4735586da88e 6e87cfa2 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/01/15 17:48 linux-5.15.y 4735586da88e 7315a7cf .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2023/03/10 19:40 linux-5.15.y abddfcf701a5 5205ef30 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in mnt_want_write_file
* Struck through repros no longer work on HEAD.