Warning: Permanently added '10.128.1.89' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 43.120526][ T3503] loop0: detected capacity change from 0 to 8192 [ 43.130664][ T3503] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 43.140761][ T3503] REISERFS (device loop0): using ordered data mode [ 43.147501][ T3503] reiserfs: using flush barriers [ 43.155896][ T3503] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 43.172314][ T3503] REISERFS (device loop0): checking transaction log (loop0) [ 43.181748][ T3503] REISERFS (device loop0): Using tea hash to sort names [ 43.195955][ T3503] ======================================================= [ 43.195955][ T3503] WARNING: The mand mount option has been deprecated and [ 43.195955][ T3503] and is ignored by this kernel. Remove the mand [ 43.195955][ T3503] option from the mount to silence this warning. [ 43.195955][ T3503] ======================================================= [ 43.231235][ T3503] reiserfs: enabling write barrier flush mode [ 43.242530][ T3503] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 43.252299][ T3503] [ 43.254625][ T3503] ====================================================== [ 43.261622][ T3503] WARNING: possible circular locking dependency detected [ 43.268628][ T3503] 5.15.116-syzkaller #0 Not tainted [ 43.273825][ T3503] ------------------------------------------------------ [ 43.280985][ T3503] syz-executor903/3503 is trying to acquire lock: [ 43.287384][ T3503] ffff8880756d82e0 (&type->i_mutex_dir_key#6){+.+.}-{3:3}, at: path_openat+0x824/0x2f20 [ 43.297135][ T3503] [ 43.297135][ T3503] but task is already holding lock: [ 43.304477][ T3503] ffff888078e5a460 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write+0x3b/0x80 [ 43.313201][ T3503] [ 43.313201][ T3503] which lock already depends on the new lock. [ 43.313201][ T3503] [ 43.323591][ T3503] [ 43.323591][ T3503] the existing dependency chain (in reverse order) is: [ 43.332677][ T3503] [ 43.332677][ T3503] -> #2 (sb_writers#9){.+.+}-{0:0}: [ 43.340052][ T3503] lock_acquire+0x1db/0x4f0 [ 43.345076][ T3503] sb_start_write+0x4f/0x1c0 [ 43.350176][ T3503] mnt_want_write_file+0x5a/0x1f0 [ 43.355706][ T3503] reiserfs_ioctl+0x170/0x340 [ 43.360889][ T3503] __se_sys_ioctl+0xf1/0x160 [ 43.365974][ T3503] do_syscall_64+0x3d/0xb0 [ 43.370898][ T3503] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 43.377305][ T3503] [ 43.377305][ T3503] -> #1 (&sbi->lock){+.+.}-{3:3}: [ 43.384499][ T3503] lock_acquire+0x1db/0x4f0 [ 43.389519][ T3503] __mutex_lock_common+0x1da/0x25a0 [ 43.395239][ T3503] mutex_lock_nested+0x17/0x20 [ 43.400519][ T3503] reiserfs_write_lock+0x76/0xd0 [ 43.405956][ T3503] reiserfs_lookup+0x15c/0x4b0 [ 43.411225][ T3503] __lookup_slow+0x275/0x3d0 [ 43.416342][ T3503] lookup_one_len+0x187/0x2d0 [ 43.421526][ T3503] reiserfs_lookup_privroot+0x85/0x1e0 [ 43.427484][ T3503] reiserfs_fill_super+0x191e/0x2690 [ 43.433270][ T3503] mount_bdev+0x2c9/0x3f0 [ 43.438094][ T3503] legacy_get_tree+0xeb/0x180 [ 43.443373][ T3503] vfs_get_tree+0x88/0x270 [ 43.448305][ T3503] do_new_mount+0x28b/0xae0 [ 43.453317][ T3503] __se_sys_mount+0x2d5/0x3c0 [ 43.458500][ T3503] do_syscall_64+0x3d/0xb0 [ 43.463446][ T3503] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 43.469840][ T3503] [ 43.469840][ T3503] -> #0 (&type->i_mutex_dir_key#6){+.+.}-{3:3}: [ 43.478241][ T3503] validate_chain+0x1646/0x58b0 [ 43.483591][ T3503] __lock_acquire+0x1295/0x1ff0 [ 43.488943][ T3503] lock_acquire+0x1db/0x4f0 [ 43.493953][ T3503] down_write+0x97/0x170 [ 43.498737][ T3503] path_openat+0x824/0x2f20 [ 43.503744][ T3503] do_filp_open+0x21c/0x460 [ 43.508752][ T3503] do_sys_openat2+0x13b/0x500 [ 43.513929][ T3503] __x64_sys_openat+0x243/0x290 [ 43.519281][ T3503] do_syscall_64+0x3d/0xb0 [ 43.524290][ T3503] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 43.530677][ T3503] [ 43.530677][ T3503] other info that might help us debug this: [ 43.530677][ T3503] [ 43.540885][ T3503] Chain exists of: [ 43.540885][ T3503] &type->i_mutex_dir_key#6 --> &sbi->lock --> sb_writers#9 [ 43.540885][ T3503] [ 43.554266][ T3503] Possible unsafe locking scenario: [ 43.554266][ T3503] [ 43.561695][ T3503] CPU0 CPU1 [ 43.567036][ T3503] ---- ---- [ 43.572379][ T3503] lock(sb_writers#9); [ 43.576516][ T3503] lock(&sbi->lock); [ 43.582991][ T3503] lock(sb_writers#9); [ 43.589728][ T3503] lock(&type->i_mutex_dir_key#6); [ 43.594900][ T3503] [ 43.594900][ T3503] *** DEADLOCK *** [ 43.594900][ T3503] [ 43.603014][ T3503] 1 lock held by syz-executor903/3503: [ 43.608445][ T3503] #0: ffff888078e5a460 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write+0x3b/0x80 [ 43.617548][ T3503] [ 43.617548][ T3503] stack backtrace: [ 43.623405][ T3503] CPU: 0 PID: 3503 Comm: syz-executor903 Not tainted 5.15.116-syzkaller #0 [ 43.631963][ T3503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023 [ 43.641989][ T3503] Call Trace: [ 43.645245][ T3503] [ 43.648154][ T3503] dump_stack_lvl+0x1e3/0x2cb [ 43.652810][ T3503] ? io_uring_drop_tctx_refs+0x19d/0x19d [ 43.658423][ T3503] ? print_circular_bug+0x12b/0x1a0 [ 43.663592][ T3503] check_noncircular+0x2f8/0x3b0 [ 43.668505][ T3503] ? add_chain_block+0x850/0x850 [ 43.673499][ T3503] ? lockdep_lock+0x11f/0x2a0 [ 43.678148][ T3503] ? lockdep_unlock+0x166/0x300 [ 43.682975][ T3503] ? lockdep_lock+0x2a0/0x2a0 [ 43.687627][ T3503] validate_chain+0x1646/0x58b0 [ 43.692456][ T3503] ? reacquire_held_locks+0x660/0x660 [ 43.697799][ T3503] ? reacquire_held_locks+0x660/0x660 [ 43.703142][ T3503] ? stack_trace_save+0x113/0x1c0 [ 43.708144][ T3503] ? reacquire_held_locks+0x660/0x660 [ 43.713492][ T3503] ? stack_trace_snprint+0xe0/0xe0 [ 43.718576][ T3503] ? mark_lock+0x98/0x340 [ 43.722875][ T3503] ? __lock_acquire+0x1295/0x1ff0 [ 43.727876][ T3503] ? mark_lock+0x98/0x340 [ 43.732177][ T3503] __lock_acquire+0x1295/0x1ff0 [ 43.737006][ T3503] lock_acquire+0x1db/0x4f0 [ 43.741484][ T3503] ? path_openat+0x824/0x2f20 [ 43.746151][ T3503] ? read_lock_is_recursive+0x10/0x10 [ 43.751501][ T3503] ? __might_sleep+0xc0/0xc0 [ 43.756065][ T3503] ? rcu_read_lock_any_held+0xb3/0x160 [ 43.761499][ T3503] down_write+0x97/0x170 [ 43.765718][ T3503] ? path_openat+0x824/0x2f20 [ 43.770371][ T3503] ? down_read_killable+0x350/0x350 [ 43.775550][ T3503] ? __mnt_want_write+0x1e6/0x260 [ 43.780550][ T3503] path_openat+0x824/0x2f20 [ 43.785033][ T3503] ? mark_lock+0x98/0x340 [ 43.789355][ T3503] ? do_filp_open+0x460/0x460 [ 43.794009][ T3503] do_filp_open+0x21c/0x460 [ 43.798486][ T3503] ? vfs_tmpfile+0x2e0/0x2e0 [ 43.803052][ T3503] ? _raw_spin_unlock+0x24/0x40 [ 43.807924][ T3503] ? alloc_fd+0x594/0x630 [ 43.812235][ T3503] do_sys_openat2+0x13b/0x500 [ 43.816893][ T3503] ? read_lock_is_recursive+0x10/0x10 [ 43.822274][ T3503] ? do_sys_open+0x220/0x220 [ 43.826856][ T3503] ? do_raw_spin_unlock+0x137/0x8b0 [ 43.832036][ T3503] __x64_sys_openat+0x243/0x290 [ 43.836858][ T3503] ? __ia32_sys_open+0x270/0x270 [ 43.841775][ T3503] ? syscall_enter_from_user_mode+0x2e/0x230 [ 43.847736][ T3503] ? lockdep_hardirqs_on+0x94/0x130 [ 43.852912][ T3503] ? syscall_enter_from_user_mode+0x2e/0x230 [ 43.858864][ T3503] do_syscall_64+0x3d/0xb0 [ 43.863251][ T3503] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 43.869122][ T3503] RIP: 0033:0x7f8aa208c909 [ 43.873519][ T3503] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 43.893096][ T3503] RSP: 002b:00007fffad2dabc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 43.901479][ T3503] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f8aa208c909 [ 43.909424][ T3503] RDX: 000000000000275a RSI: 0000000020000280 RDI: 00000000ffffff9c [ 43.917370][ T3503] RBP: 00007f8aa204c1a0 R08: 00000000200000c0 R09: 0000