syzbot

 sign-in | mailing list | source | docs
🐞 Open [819]
🐞 Fixed [75]
🐞 Invalid [980]
Missing Backports [121]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

possible deadlock in mnt_want_write_file

Status: upstream: reported C repro on 2023/03/10 19:40
Bug presence: origin:upstream
Labels: missing-backport
[Documentation on labels]
Reported-by: syzbot+05d77323dd63604b4769@syzkaller.appspotmail.com
First crash: 906d, last: 2d06h
Fix commit to backport (bisect log) :
tree: upstream
commit fb6f20ecb121cef4d7946f834a6ee867c4e21b4a
Author: Jan Kara <jack@suse.cz>
Date: Thu Oct 17 10:28:23 2024 +0000

  reiserfs: The last commit

  
Bug presence (3)
Date Name Commit Repro Result
2024/12/30 linux-5.15.y (ToT) 91786f140358 C [report] possible deadlock in mnt_want_write_file
2023/09/21 upstream (ToT) 42dc814987c1 C [report] possible deadlock in mnt_want_write_file
2024/12/30 upstream (ToT) fc033cf25e61 C Didn't crash
Similar bugs (4)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-4.14 possible deadlock in mnt_want_write_file reiserfs 4 C 41 916d 1060d 0/1 upstream: reported C repro on 2022/10/07 22:29
linux-4.19 possible deadlock in mnt_want_write_file reiserfs 4 C 81 911d 1044d 0/1 upstream: reported C repro on 2022/10/23 23:32
upstream possible deadlock in mnt_want_write_file fs 4 C error done 1675 580d 1033d 0/29 auto-obsoleted due to no activity on 2024/04/09 17:30
linux-6.1 possible deadlock in mnt_want_write_file origin:upstream missing-backport 4 C done 587 5h10m 902d 0/3 upstream: reported C repro on 2023/03/14 17:49
Last patch testing requests (10)
Created Duration User Patch Repo Result
2025/08/17 21:25 11m retest repro linux-5.15.y report log
2025/08/17 21:25 12m retest repro linux-5.15.y report log
2025/08/17 21:25 30m retest repro linux-5.15.y report log
2025/08/17 21:25 27m retest repro linux-5.15.y report log
2025/08/17 21:25 12m retest repro linux-5.15.y report log
2025/05/21 07:20 9m retest repro linux-5.15.y report log
2025/05/21 07:20 9m retest repro linux-5.15.y report log
2025/05/21 07:20 10m retest repro linux-5.15.y report log
2025/05/21 07:20 11m retest repro linux-5.15.y report log
2025/05/21 07:20 9m retest repro linux-5.15.y report log
Fix bisection attempts (1)
Created Duration User Patch Repo Result
2025/01/19 06:40 6h13m fix candidate upstream OK (1) job log

Sample crash report:
REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
REISERFS (device loop0): checking transaction log (loop0)
REISERFS (device loop0): Using r5 hash to sort names
REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
======================================================
WARNING: possible circular locking dependency detected
syzkaller #0 Not tainted
------------------------------------------------------
syz.0.17/4314 is trying to acquire lock:
ffff8880770c4460 (sb_writers#13){.+.+}-{0:0}, at: mnt_want_write_file+0x5c/0x200 fs/namespace.c:421

but task is already holding lock:
ffff888078540090 (&sbi->lock){+.+.}-{3:3}, at: reiserfs_write_lock+0x75/0xd0 fs/reiserfs/lock.c:27

which lock already depends on the new lock.


the existing dependency chain (in reverse order) is:

-> #2 (&sbi->lock){+.+.}-{3:3}:
       __mutex_lock_common+0x1eb/0x2390 kernel/locking/mutex.c:596
       __mutex_lock kernel/locking/mutex.c:729 [inline]
       mutex_lock_nested+0x17/0x20 kernel/locking/mutex.c:743
       reiserfs_write_lock+0x75/0xd0 fs/reiserfs/lock.c:27
       reiserfs_lookup+0x137/0x420 fs/reiserfs/namei.c:364
       __lookup_slow+0x27d/0x3d0 fs/namei.c:1663
       lookup_one_len+0x18e/0x2c0 fs/namei.c:2718
       reiserfs_lookup_privroot+0x85/0x1e0 fs/reiserfs/xattr.c:980
       reiserfs_fill_super+0x1f65/0x23e0 fs/reiserfs/super.c:2178
       mount_bdev+0x287/0x3c0 fs/super.c:1400
       legacy_get_tree+0xe6/0x180 fs/fs_context.c:611
       vfs_get_tree+0x88/0x270 fs/super.c:1530
       do_new_mount+0x24a/0xa40 fs/namespace.c:3025
       do_mount fs/namespace.c:3368 [inline]
       __do_sys_mount fs/namespace.c:3576 [inline]
       __se_sys_mount+0x2d6/0x3c0 fs/namespace.c:3553
       do_syscall_x64 arch/x86/entry/common.c:50 [inline]
       do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
       entry_SYSCALL_64_after_hwframe+0x66/0xd0

-> #1 (&type->i_mutex_dir_key#8){+.+.}-{3:3}:
       down_write+0x38/0x60 kernel/locking/rwsem.c:1551
       inode_lock include/linux/fs.h:787 [inline]
       open_last_lookups fs/namei.c:3529 [inline]
       path_openat+0x7f3/0x2f30 fs/namei.c:3739
       do_filp_open+0x1b3/0x3e0 fs/namei.c:3769
       do_sys_openat2+0x142/0x4a0 fs/open.c:1253
       do_sys_open fs/open.c:1269 [inline]
       __do_sys_openat fs/open.c:1285 [inline]
       __se_sys_openat fs/open.c:1280 [inline]
       __x64_sys_openat+0x135/0x160 fs/open.c:1280
       do_syscall_x64 arch/x86/entry/common.c:50 [inline]
       do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
       entry_SYSCALL_64_after_hwframe+0x66/0xd0

-> #0 (sb_writers#13){.+.+}-{0:0}:
       check_prev_add kernel/locking/lockdep.c:3053 [inline]
       check_prevs_add kernel/locking/lockdep.c:3172 [inline]
       validate_chain kernel/locking/lockdep.c:3788 [inline]
       __lock_acquire+0x2c33/0x7c60 kernel/locking/lockdep.c:5012
       lock_acquire+0x197/0x3f0 kernel/locking/lockdep.c:5623
       percpu_down_read include/linux/percpu-rwsem.h:51 [inline]
       __sb_start_write include/linux/fs.h:1811 [inline]
       sb_start_write+0x4f/0x1c0 include/linux/fs.h:1881
       mnt_want_write_file+0x5c/0x200 fs/namespace.c:421
       reiserfs_ioctl+0x10a/0x330 fs/reiserfs/ioctl.c:103
       vfs_ioctl fs/ioctl.c:51 [inline]
       __do_sys_ioctl fs/ioctl.c:874 [inline]
       __se_sys_ioctl+0xfa/0x170 fs/ioctl.c:860
       do_syscall_x64 arch/x86/entry/common.c:50 [inline]
       do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
       entry_SYSCALL_64_after_hwframe+0x66/0xd0

other info that might help us debug this:

Chain exists of:
  sb_writers#13 --> &type->i_mutex_dir_key#8 --> &sbi->lock

 Possible unsafe locking scenario:

       CPU0                    CPU1
       ----                    ----
  lock(&sbi->lock);
                               lock(&type->i_mutex_dir_key#8);
                               lock(&sbi->lock);
  lock(sb_writers#13);

 *** DEADLOCK ***

1 lock held by syz.0.17/4314:
 #0: ffff888078540090 (&sbi->lock){+.+.}-{3:3}, at: reiserfs_write_lock+0x75/0xd0 fs/reiserfs/lock.c:27

stack backtrace:
CPU: 1 PID: 4314 Comm: syz.0.17 Not tainted syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
Call Trace:
 <TASK>
 dump_stack_lvl+0x168/0x230 lib/dump_stack.c:106
 check_noncircular+0x274/0x310 kernel/locking/lockdep.c:2133
 check_prev_add kernel/locking/lockdep.c:3053 [inline]
 check_prevs_add kernel/locking/lockdep.c:3172 [inline]
 validate_chain kernel/locking/lockdep.c:3788 [inline]
 __lock_acquire+0x2c33/0x7c60 kernel/locking/lockdep.c:5012
 lock_acquire+0x197/0x3f0 kernel/locking/lockdep.c:5623
 percpu_down_read include/linux/percpu-rwsem.h:51 [inline]
 __sb_start_write include/linux/fs.h:1811 [inline]
 sb_start_write+0x4f/0x1c0 include/linux/fs.h:1881
 mnt_want_write_file+0x5c/0x200 fs/namespace.c:421
 reiserfs_ioctl+0x10a/0x330 fs/reiserfs/ioctl.c:103
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl+0xfa/0x170 fs/ioctl.c:860
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x66/0xd0
RIP: 0033:0x7f5b51b7ebe9
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffdc96c5ae8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00007f5b51db5fa0 RCX: 00007f5b51b7ebe9
RDX: 0000000000000000 RSI: 0000000040087602 RDI: 0000000000000004
RBP: 00007f5b51c01e19 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f5b51db5fa0 R14: 00007f5b51db5fa0 R15: 0000000000000003
 </TASK>

Crashes (661):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/08/31 06:31 linux-5.15.y 01879f56bdde 807a3b61 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan possible deadlock in mnt_want_write_file
2025/04/29 12:38 linux-5.15.y f7347f400572 aeb6ec69 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan possible deadlock in mnt_want_write_file
2025/03/31 19:46 linux-5.15.y 0c935c049b5c d3999433 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan possible deadlock in mnt_want_write_file
2025/03/16 05:20 linux-5.15.y 0c935c049b5c e2826670 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan possible deadlock in mnt_want_write_file
2023/09/20 22:19 linux-5.15.y 35ecaa3632bf 0b6a67ac .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan possible deadlock in mnt_want_write_file
2023/05/29 07:25 linux-5.15.y 1fe619a7d252 cf184559 .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan possible deadlock in mnt_want_write_file
2024/11/22 07:21 linux-5.15.y 0a51d2d4527b 4b25d554 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2024/07/28 21:35 linux-5.15.y 7e89efd3ae1c 46eb10b7 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2024/04/05 05:37 linux-5.15.y 9465fef4ae35 0ee3535e .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2024/01/31 05:59 linux-5.15.y 6139f2a02fe0 7f400fcb .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2024/01/04 04:58 linux-5.15.y d93fa2c78854 28c42cff .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2023/05/05 02:21 linux-5.15.y 8a7f2a5c5aa1 518a39a6 .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/08/31 06:10 linux-5.15.y 01879f56bdde 807a3b61 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in mnt_want_write_file
2025/07/31 10:07 linux-5.15.y c79648372d02 f8f2b4da .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in mnt_want_write_file
2025/07/13 20:58 linux-5.15.y 2f693b607545 3cda49cf .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in mnt_want_write_file
2025/07/06 08:09 linux-5.15.y 3dea0e7f549e 4f67c4ae .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in mnt_want_write_file
2025/06/22 17:52 linux-5.15.y 1c700860e8bc d6cdfb8a .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in mnt_want_write_file
2025/06/08 16:14 linux-5.15.y 1c700860e8bc 4826c28e .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in mnt_want_write_file
2025/05/26 01:22 linux-5.15.y 98f47d0e9b8c 2d4582d0 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in mnt_want_write_file
2025/04/30 19:32 linux-5.15.y f7347f400572 85a5a23f .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in mnt_want_write_file
2025/04/29 15:44 linux-5.15.y f7347f400572 aeb6ec69 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in mnt_want_write_file
2025/04/26 20:26 linux-5.15.y f7347f400572 c6b4fb39 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in mnt_want_write_file
2025/04/25 15:58 linux-5.15.y f7347f400572 e3715315 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in mnt_want_write_file
2025/04/14 23:30 linux-5.15.y f7347f400572 0bd6db41 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in mnt_want_write_file
2025/08/02 23:42 linux-5.15.y c79648372d02 7368264b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/08/01 11:54 linux-5.15.y c79648372d02 40127d41 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/07/31 21:18 linux-5.15.y c79648372d02 0c075d67 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/07/31 17:06 linux-5.15.y c79648372d02 0c075d67 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/07/29 15:12 linux-5.15.y c79648372d02 c4a95487 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/07/27 08:34 linux-5.15.y c79648372d02 fb8f743d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/07/16 06:06 linux-5.15.y 89950c454265 03fcfc4b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/07/06 23:43 linux-5.15.y 3dea0e7f549e 4f67c4ae .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/06/29 08:42 linux-5.15.y 3dea0e7f549e fc9d8ee5 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/06/26 00:50 linux-5.15.y 1c700860e8bc 26d77996 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/06/10 23:00 linux-5.15.y 1c700860e8bc 5d7e17ca .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/06/10 22:58 linux-5.15.y 1c700860e8bc 5d7e17ca .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/06/10 20:12 linux-5.15.y 1c700860e8bc 5d7e17ca .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/06/09 18:38 linux-5.15.y 1c700860e8bc 4826c28e .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/06/08 14:21 linux-5.15.y 1c700860e8bc 4826c28e .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/06/01 17:03 linux-5.15.y 98f47d0e9b8c 3d2f584d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/05/28 05:41 linux-5.15.y 98f47d0e9b8c 874a1386 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/05/04 10:55 linux-5.15.y 16fdf2c7111b b0714e37 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/05/03 15:15 linux-5.15.y 16fdf2c7111b b0714e37 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/04/28 03:45 linux-5.15.y f7347f400572 c6b4fb39 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/04/25 23:14 linux-5.15.y f7347f400572 c6b4fb39 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/04/25 19:16 linux-5.15.y f7347f400572 c6b4fb39 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/04/25 05:42 linux-5.15.y f7347f400572 e3715315 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/04/25 01:31 linux-5.15.y f7347f400572 9882047a .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/04/23 14:44 linux-5.15.y f7347f400572 53a8b9bd .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/04/22 13:43 linux-5.15.y f7347f400572 2a20f901 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/04/21 17:22 linux-5.15.y f7347f400572 2a20f901 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/04/12 13:36 linux-5.15.y f7347f400572 0bd6db41 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/04/06 13:33 linux-5.15.y 0c935c049b5c 1c65791e .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2025/04/01 10:43 linux-5.15.y 0c935c049b5c 36d76a97 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 possible deadlock in mnt_want_write_file
2023/03/10 19:40 linux-5.15.y abddfcf701a5 5205ef30 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan possible deadlock in mnt_want_write_file
* Struck through repros no longer work on HEAD.