[ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.141' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 31.889157] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 31.897909] REISERFS (device loop0): using ordered data mode [ 31.903726] reiserfs: using flush barriers [ 31.910254] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 31.926471] REISERFS (device loop0): checking transaction log (loop0) [ 31.975559] REISERFS (device loop0): Using r5 hash to sort names [ 31.982201] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 31.998492] [ 32.000146] ====================================================== [ 32.006461] WARNING: possible circular locking dependency detected [ 32.012775] 4.14.300-syzkaller #0 Not tainted [ 32.017257] ------------------------------------------------------ [ 32.023579] syz-executor337/7978 is trying to acquire lock: [ 32.029265] (sb_writers#10){.+.+}, at: [] mnt_want_write_file+0xfd/0x3b0 [ 32.037755] [ 32.037755] but task is already holding lock: [ 32.043715] (&sbi->lock){+.+.}, at: [] reiserfs_write_lock+0x75/0xf0 [ 32.051848] [ 32.051848] which lock already depends on the new lock. [ 32.051848] [ 32.060145] [ 32.060145] the existing dependency chain (in reverse order) is: [ 32.067742] [ 32.067742] -> #2 (&sbi->lock){+.+.}: [ 32.073017] __mutex_lock+0xc4/0x1310 [ 32.077319] reiserfs_write_lock+0x75/0xf0 [ 32.082056] reiserfs_lookup+0x130/0x400 [ 32.086621] __lookup_hash+0x1bb/0x270 [ 32.091010] lookup_one_len+0x279/0x3a0 [ 32.095484] reiserfs_lookup_privroot+0x92/0x270 [ 32.100743] reiserfs_fill_super+0x1d12/0x2990 [ 32.105982] mount_bdev+0x2b3/0x360 [ 32.110131] mount_fs+0x92/0x2a0 [ 32.114013] vfs_kern_mount.part.0+0x5b/0x470 [ 32.119021] do_mount+0xe65/0x2a30 [ 32.123075] SyS_mount+0xa8/0x120 [ 32.127035] do_syscall_64+0x1d5/0x640 [ 32.131427] entry_SYSCALL_64_after_hwframe+0x5e/0xd3 [ 32.137122] [ 32.137122] -> #1 (&type->i_mutex_dir_key#7){+.+.}: [ 32.143650] down_write+0x34/0x90 [ 32.147608] path_openat+0xde2/0x2970 [ 32.151911] do_filp_open+0x179/0x3c0 [ 32.156224] do_sys_open+0x296/0x410 [ 32.160439] do_syscall_64+0x1d5/0x640 [ 32.164830] entry_SYSCALL_64_after_hwframe+0x5e/0xd3 [ 32.170546] [ 32.170546] -> #0 (sb_writers#10){.+.+}: [ 32.176253] lock_acquire+0x170/0x3f0 [ 32.180554] __sb_start_write+0x64/0x260 [ 32.185118] mnt_want_write_file+0xfd/0x3b0 [ 32.189943] reiserfs_ioctl+0x18e/0x8b0 [ 32.194416] do_vfs_ioctl+0x75a/0xff0 [ 32.198728] SyS_ioctl+0x7f/0xb0 [ 32.202596] do_syscall_64+0x1d5/0x640 [ 32.206984] entry_SYSCALL_64_after_hwframe+0x5e/0xd3 [ 32.212687] [ 32.212687] other info that might help us debug this: [ 32.212687] [ 32.220840] Chain exists of: [ 32.220840] sb_writers#10 --> &type->i_mutex_dir_key#7 --> &sbi->lock [ 32.220840] [ 32.231938] Possible unsafe locking scenario: [ 32.231938] [ 32.237975] CPU0 CPU1 [ 32.242618] ---- ---- [ 32.247264] lock(&sbi->lock); [ 32.250525] lock(&type->i_mutex_dir_key#7); [ 32.257519] lock(&sbi->lock); [ 32.263310] lock(sb_writers#10); [ 32.266831] [ 32.266831] *** DEADLOCK *** [ 32.266831] [ 32.272872] 1 lock held by syz-executor337/7978: [ 32.277602] #0: (&sbi->lock){+.+.}, at: [] reiserfs_write_lock+0x75/0xf0 [ 32.286170] [ 32.286170] stack backtrace: [ 32.290648] CPU: 0 PID: 7978 Comm: syz-executor337 Not tainted 4.14.300-syzkaller #0 [ 32.298506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 32.307838] Call Trace: [ 32.310408] dump_stack+0x1b2/0x281 [ 32.314017] print_circular_bug.constprop.0.cold+0x2d7/0x41e [ 32.319802] __lock_acquire+0x2e0e/0x3f20 [ 32.323935] ? lock_acquire+0x170/0x3f0 [ 32.327891] ? trace_hardirqs_on+0x10/0x10 [ 32.332104] ? reiserfs_write_lock+0x75/0xf0 [ 32.336497] ? __mutex_lock+0x360/0x1310 [ 32.340549] lock_acquire+0x170/0x3f0 [ 32.344346] ? mnt_want_write_file+0xfd/0x3b0 [ 32.348825] __sb_start_write+0x64/0x260 [ 32.352866] ? mnt_want_write_file+0xfd/0x3b0 [ 32.357353] mnt_want_write_file+0xfd/0x3b0 [ 32.361753] reiserfs_ioctl+0x18e/0x8b0 [ 32.365728] ? reiserfs_unpack+0x510/0x510 [ 32.369949] do_vfs_ioctl+0x75a/0xff0 [ 32.373743] ? ioctl_preallocate+0x1a0/