syzbot

======================================================
WARNING: possible circular locking dependency detected
6.7.0-rc2-syzkaller-00095-gd3fa86b1a7b4 #0 Not tainted
------------------------------------------------------
syz-executor519/6156 is trying to acquire lock:
ffff8880720ca7a0 (&mm->mmap_lock){++++}-{3:3}, at: __might_fault mm/memory.c:5955 [inline]
ffff8880720ca7a0 (&mm->mmap_lock){++++}-{3:3}, at: __might_fault+0xe6/0x1a0 mm/memory.c:5948

but task is already holding lock:
ffff88807ac66090 (&sbi->lock){+.+.}-{3:3}, at: reiserfs_write_lock+0x79/0x100 fs/reiserfs/lock.c:27

which lock already depends on the new lock.


the existing dependency chain (in reverse order) is:

-> #1 (&sbi->lock){+.+.}-{3:3}:
       __mutex_lock_common kernel/locking/mutex.c:603 [inline]
       __mutex_lock+0x175/0x9d0 kernel/locking/mutex.c:747
       reiserfs_write_lock+0x79/0x100 fs/reiserfs/lock.c:27
       reiserfs_dirty_inode+0xe6/0x270 fs/reiserfs/super.c:704
       __mark_inode_dirty+0x1e0/0xd60 fs/fs-writeback.c:2452
       generic_update_time+0xcf/0xf0 fs/inode.c:1941
       inode_update_time fs/inode.c:1954 [inline]
       touch_atime+0x4eb/0x5d0 fs/inode.c:2026
       file_accessed include/linux/fs.h:2360 [inline]
       generic_file_mmap+0x120/0x160 mm/filemap.c:3611
       call_mmap include/linux/fs.h:2025 [inline]
       mmap_region+0x5e3/0x2830 mm/mmap.c:2851
       do_mmap+0x893/0xef0 mm/mmap.c:1379
       vm_mmap_pgoff+0x1a8/0x3c0 mm/util.c:556
       ksys_mmap_pgoff+0x422/0x5b0 mm/mmap.c:1425
       __do_sys_mmap arch/x86/kernel/sys_x86_64.c:93 [inline]
       __se_sys_mmap arch/x86/kernel/sys_x86_64.c:86 [inline]
       __x64_sys_mmap+0x125/0x190 arch/x86/kernel/sys_x86_64.c:86
       do_syscall_x64 arch/x86/entry/common.c:51 [inline]
       do_syscall_64+0x40/0x110 arch/x86/entry/common.c:82
       entry_SYSCALL_64_after_hwframe+0x63/0x6b

-> #0 (&mm->mmap_lock){++++}-{3:3}:
       check_prev_add kernel/locking/lockdep.c:3134 [inline]
       check_prevs_add kernel/locking/lockdep.c:3253 [inline]
       validate_chain kernel/locking/lockdep.c:3868 [inline]
       __lock_acquire+0x2464/0x3b10 kernel/locking/lockdep.c:5136
       lock_acquire kernel/locking/lockdep.c:5753 [inline]
       lock_acquire+0x1ae/0x520 kernel/locking/lockdep.c:5718
       __might_fault mm/memory.c:5955 [inline]
       __might_fault+0x11f/0x1a0 mm/memory.c:5948
       reiserfs_ioctl+0x1c4/0x2e0 fs/reiserfs/ioctl.c:96
       vfs_ioctl fs/ioctl.c:51 [inline]
       __do_sys_ioctl fs/ioctl.c:871 [inline]
       __se_sys_ioctl fs/ioctl.c:857 [inline]
       __x64_sys_ioctl+0x18f/0x210 fs/ioctl.c:857
       do_syscall_x64 arch/x86/entry/common.c:51 [inline]
       do_syscall_64+0x40/0x110 arch/x86/entry/common.c:82
       entry_SYSCALL_64_after_hwframe+0x63/0x6b

other info that might help us debug this:

 Possible unsafe locking scenario:

       CPU0                    CPU1
       ----                    ----
  lock(&sbi->lock);
                               lock(&mm->mmap_lock);
                               lock(&sbi->lock);
  rlock(&mm->mmap_lock);

 *** DEADLOCK ***

1 lock held by syz-executor519/6156:
 #0: ffff88807ac66090 (&sbi->lock){+.+.}-{3:3}, at: reiserfs_write_lock+0x79/0x100 fs/reiserfs/lock.c:27

stack backtrace:
CPU: 1 PID: 6156 Comm: syz-executor519 Not tainted 6.7.0-rc2-syzkaller-00095-gd3fa86b1a7b4 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0xd9/0x1b0 lib/dump_stack.c:106
 check_noncircular+0x317/0x400 kernel/locking/lockdep.c:2187
 check_prev_add kernel/locking/lockdep.c:3134 [inline]
 check_prevs_add kernel/locking/lockdep.c:3253 [inline]
 validate_chain kernel/locking/lockdep.c:3868 [inline]
 __lock_acquire+0x2464/0x3b10 kernel/locking/lockdep.c:5136
 lock_acquire kernel/locking/lockdep.c:5753 [inline]
 lock_acquire+0x1ae/0x520 kernel/locking/lockdep.c:5718
 __might_fault mm/memory.c:5955 [inline]
 __might_fault+0x11f/0x1a0 mm/memory.c:5948
 reiserfs_ioctl+0x1c4/0x2e0 fs/reiserfs/ioctl.c:96
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:871 [inline]
 __se_sys_ioctl fs/ioctl.c:857 [inline]
 __x64_sys_ioctl+0x18f/0x210 fs/ioctl.c:857
 do_syscall_x64 arch/x86/entry/common.c:51 [inline]
 do_syscall_64+0x40/0x110 arch/x86/entry/common.c:82
 entry_SYSCALL_64_after_hwframe+0x63/0x6b
RIP: 0033:0x7f46a684bc09
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f46a6808218 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00007f46a68d46c8 RCX: 00007f46a684bc09
RDX: 0000000000000000 RSI: 0000000080087601 RDI: 0000000000000005
RBP: 00007f46a68d46c0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007f46a68a11b8
R13: 00007f46a68a00c0 R14: 0030656c69662f2e R15: 7366726573696572
 </TASK>