Warning: Permanently added '10.128.1.12' (ECDSA) to the list of known hosts. executing program [ 42.957953][ T3968] loop0: detected capacity change from 0 to 8192 [ 42.963282][ T3968] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 42.965673][ T3968] REISERFS (device loop0): using ordered data mode [ 42.967193][ T3968] reiserfs: using flush barriers [ 42.969396][ T3968] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 42.973429][ T3968] REISERFS (device loop0): checking transaction log (loop0) [ 42.977318][ T3968] REISERFS (device loop0): Using r5 hash to sort names [ 42.980582][ T3968] reiserfs: enabling write barrier flush mode [ 42.988159][ T3968] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 42.991192][ T3968] [ 42.991763][ T3968] ====================================================== [ 42.993462][ T3968] WARNING: possible circular locking dependency detected [ 42.995128][ T3968] 5.15.113-syzkaller #0 Not tainted [ 42.996432][ T3968] ------------------------------------------------------ [ 42.998129][ T3968] syz-executor262/3968 is trying to acquire lock: [ 42.999672][ T3968] ffff0000d9bf3090 (&sbi->lock){+.+.}-{3:3}, at: reiserfs_write_lock+0x7c/0xe8 [ 43.001951][ T3968] [ 43.001951][ T3968] but task is already holding lock: [ 43.003727][ T3968] ffff0000dbff82e0 (&type->i_mutex_dir_key#6/1){+.+.}-{3:3}, at: do_unlinkat+0x2cc/0x82c [ 43.006260][ T3968] [ 43.006260][ T3968] which lock already depends on the new lock. [ 43.006260][ T3968] [ 43.008865][ T3968] [ 43.008865][ T3968] the existing dependency chain (in reverse order) is: [ 43.011122][ T3968] [ 43.011122][ T3968] -> #2 (&type->i_mutex_dir_key#6/1){+.+.}-{3:3}: [ 43.013314][ T3968] down_write_nested+0x118/0x26c [ 43.014697][ T3968] do_unlinkat+0x2cc/0x82c [ 43.015876][ T3968] __arm64_sys_unlinkat+0xcc/0xfc [ 43.017315][ T3968] invoke_syscall+0x98/0x2b8 [ 43.018543][ T3968] el0_svc_common+0x138/0x258 [ 43.019834][ T3968] do_el0_svc+0x58/0x14c [ 43.021058][ T3968] el0_svc+0x7c/0x1f0 [ 43.022201][ T3968] el0t_64_sync_handler+0x84/0xe4 [ 43.023624][ T3968] el0t_64_sync+0x1a0/0x1a4 [ 43.024942][ T3968] [ 43.024942][ T3968] -> #1 (sb_writers#8){.+.+}-{0:0}: [ 43.026792][ T3968] sb_start_write+0xf0/0x3ac [ 43.028121][ T3968] mnt_want_write_file+0x64/0x1e8 [ 43.029476][ T3968] reiserfs_ioctl+0x188/0x4b8 [ 43.030780][ T3968] __arm64_sys_ioctl+0x14c/0x1c8 [ 43.032159][ T3968] invoke_syscall+0x98/0x2b8 [ 43.033400][ T3968] el0_svc_common+0x138/0x258 [ 43.034682][ T3968] do_el0_svc+0x58/0x14c [ 43.035853][ T3968] el0_svc+0x7c/0x1f0 [ 43.036959][ T3968] el0t_64_sync_handler+0x84/0xe4 [ 43.038343][ T3968] el0t_64_sync+0x1a0/0x1a4 [ 43.039521][ T3968] [ 43.039521][ T3968] -> #0 (&sbi->lock){+.+.}-{3:3}: [ 43.041340][ T3968] __lock_acquire+0x32cc/0x7620 [ 43.042653][ T3968] lock_acquire+0x240/0x77c [ 43.043920][ T3968] __mutex_lock_common+0x194/0x2154 [ 43.045343][ T3968] mutex_lock_nested+0xa4/0xf8 [ 43.046657][ T3968] reiserfs_write_lock+0x7c/0xe8 [ 43.048057][ T3968] reiserfs_lookup+0x130/0x3c4 [ 43.049324][ T3968] __lookup_hash+0x108/0x230 [ 43.050551][ T3968] do_unlinkat+0x2ec/0x82c [ 43.051748][ T3968] __arm64_sys_unlinkat+0xcc/0xfc [ 43.053111][ T3968] invoke_syscall+0x98/0x2b8 [ 43.054375][ T3968] el0_svc_common+0x138/0x258 [ 43.055765][ T3968] do_el0_svc+0x58/0x14c [ 43.056919][ T3968] el0_svc+0x7c/0x1f0 [ 43.058039][ T3968] el0t_64_sync_handler+0x84/0xe4 [ 43.059333][ T3968] el0t_64_sync+0x1a0/0x1a4 [ 43.060581][ T3968] [ 43.060581][ T3968] other info that might help us debug this: [ 43.060581][ T3968] [ 43.063062][ T3968] Chain exists of: [ 43.063062][ T3968] &sbi->lock --> sb_writers#8 --> &type->i_mutex_dir_key#6/1 [ 43.063062][ T3968] [ 43.066335][ T3968] Possible unsafe locking scenario: [ 43.066335][ T3968] [ 43.068010][ T3968] CPU0 CPU1 [ 43.069266][ T3968] ---- ---- [ 43.070563][ T3968] lock(&type->i_mutex_dir_key#6/1); [ 43.071895][ T3968] lock(sb_writers#8); [ 43.073538][ T3968] lock(&type->i_mutex_dir_key#6/1); [ 43.075539][ T3968] lock(&sbi->lock); [ 43.076503][ T3968] [ 43.076503][ T3968] *** DEADLOCK *** [ 43.076503][ T3968] [ 43.078529][ T3968] 2 locks held by syz-executor262/3968: [ 43.079880][ T3968] #0: ffff0000c8232460 (sb_writers#8){.+.+}-{0:0}, at: mnt_want_write+0x44/0x9c [ 43.082231][ T3968] #1: ffff0000dbff82e0 (&type->i_mutex_dir_key#6/1){+.+.}-{3:3}, at: do_unlinkat+0x2cc/0x82c [ 43.084845][ T3968] [ 43.084845][ T3968] stack backtrace: [ 43.086291][ T3968] CPU: 1 PID: 3968 Comm: syz-executor262 Not tainted 5.15.113-syzkaller #0 [ 43.088449][ T3968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023 [ 43.091130][ T3968] Call trace: [ 43.091976][ T3968] dump_backtrace+0x0/0x530 [ 43.093119][ T3968] show_stack+0x2c/0x3c [ 43.094175][ T3968] dump_stack_lvl+0x108/0x170 [ 43.095302][ T3968] dump_stack+0x1c/0x58 [ 43.096367][ T3968] print_circular_bug+0x150/0x1b8 [ 43.097701][ T3968] check_noncircular+0x2cc/0x378 [ 43.099007][ T3968] __lock_acquire+0x32cc/0x7620 [ 43.100284][ T3968] lock_acquire+0x240/0x77c [ 43.101473][ T3968] __mutex_lock_common+0x194/0x2154 [ 43.102808][ T3968] mutex_lock_nested+0xa4/0xf8 [ 43.104006][ T3968] reiserfs_write_lock+0x7c/0xe8 [ 43.105202][ T3968] reiserfs_lookup+0x130/0x3c4 [ 43.106405][ T3968] __lookup_hash+0x108/0x230 [ 43.107569][ T3968] do_unlinkat+0x2ec/0x82c [ 43.108612][ T3968] __arm64_sys_unlinkat+0xcc/0xfc [ 43.109866][ T3968] invoke_syscall+0x98/0x2b8 [ 43.110962][ T3968] el0_svc_common+0x138/0x258 [ 43.112112][ T3968] do_el0_svc+0x58/0x14c [ 43.113158][ T3968] el0_svc+0x7c/0x1f0 [ 43.114151][ T3968] el0t_64_sync_handler+0x84/0xe4 [ 43.115375][ T3968] el0t_64_sync+0x1a0/0x1a4