[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Update UTMP about System Runlevel Changes. [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.107' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 27.631161] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 27.641222] REISERFS (device loop0): using ordered data mode [ 27.647959] reiserfs: using flush barriers [ 27.653646] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 27.669684] REISERFS (device loop0): checking transaction log (loop0) [ 27.677882] REISERFS (device loop0): Using rupasov hash to sort names [ 27.685368] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 27.694785] [ 27.696408] ====================================================== [ 27.702808] WARNING: possible circular locking dependency detected [ 27.709116] 4.14.299-syzkaller #0 Not tainted [ 27.713594] ------------------------------------------------------ [ 27.720119] syz-executor382/7960 is trying to acquire lock: [ 27.725888] (&journal->j_mutex){+.+.}, at: [] do_journal_begin_r+0x26b/0xde0 [ 27.734718] [ 27.734718] but task is already holding lock: [ 27.740921] (sb_writers#10){.+.+}, at: [] mnt_want_write_file+0xfd/0x3b0 [ 27.749393] [ 27.749393] which lock already depends on the new lock. [ 27.749393] [ 27.757680] [ 27.757680] the existing dependency chain (in reverse order) is: [ 27.765272] [ 27.765272] -> #2 (sb_writers#10){.+.+}: [ 27.770815] __sb_start_write+0x64/0x260 [ 27.775373] mnt_want_write_file+0xfd/0x3b0 [ 27.780281] reiserfs_ioctl+0x18e/0x8b0 [ 27.784746] do_vfs_ioctl+0x75a/0xff0 [ 27.789038] SyS_ioctl+0x7f/0xb0 [ 27.796197] do_syscall_64+0x1d5/0x640 [ 27.800663] entry_SYSCALL_64_after_hwframe+0x5e/0xd3 [ 27.806346] [ 27.806346] -> #1 (&sbi->lock){+.+.}: [ 27.811603] __mutex_lock+0xc4/0x1310 [ 27.815911] reiserfs_write_lock_nested+0x59/0xd0 [ 27.821246] do_journal_begin_r+0x276/0xde0 [ 27.826424] journal_begin+0x162/0x3d0 [ 27.830810] reiserfs_fill_super+0x18f4/0x2990 [ 27.835898] mount_bdev+0x2b3/0x360 [ 27.840033] mount_fs+0x92/0x2a0 [ 27.844005] vfs_kern_mount.part.0+0x5b/0x470 [ 27.849173] do_mount+0xe65/0x2a30 [ 27.853239] SyS_mount+0xa8/0x120 [ 27.857277] do_syscall_64+0x1d5/0x640 [ 27.861755] entry_SYSCALL_64_after_hwframe+0x5e/0xd3 [ 27.867438] [ 27.867438] -> #0 (&journal->j_mutex){+.+.}: [ 27.873310] lock_acquire+0x170/0x3f0 [ 27.877611] __mutex_lock+0xc4/0x1310 [ 27.881932] do_journal_begin_r+0x26b/0xde0 [ 27.886744] journal_begin+0x162/0x3d0 [ 27.891126] reiserfs_dirty_inode+0xd9/0x200 [ 27.896034] __mark_inode_dirty+0x11e/0xf40 [ 27.900847] reiserfs_ioctl+0x6f6/0x8b0 [ 27.905313] do_vfs_ioctl+0x75a/0xff0 [ 27.909606] SyS_ioctl+0x7f/0xb0 [ 27.913563] do_syscall_64+0x1d5/0x640 [ 27.917977] entry_SYSCALL_64_after_hwframe+0x5e/0xd3 [ 27.923750] [ 27.923750] other info that might help us debug this: [ 27.923750] [ 27.932037] Chain exists of: [ 27.932037] &journal->j_mutex --> &sbi->lock --> sb_writers#10 [ 27.932037] [ 27.942502] Possible unsafe locking scenario: [ 27.942502] [ 27.948561] CPU0 CPU1 [ 27.953319] ---- ---- [ 27.957974] lock(sb_writers#10); [ 27.961584] lock(&sbi->lock); [ 27.967463] lock(sb_writers#10); [ 27.973508] lock(&journal->j_mutex); [ 27.977385] [ 27.977385] *** DEADLOCK *** [ 27.977385] [ 27.983420] 1 lock held by syz-executor382/7960: [ 27.988356] #0: (sb_writers#10){.+.+}, at: [] mnt_want_write_file+0xfd/0x3b0 [ 27.997800] [ 27.997800] stack backtrace: [ 28.002358] CPU: 1 PID: 7960 Comm: syz-executor382 Not tainted 4.14.299-syzkaller #0 [ 28.010533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 28.019884] Call Trace: [ 28.022456] dump_stack+0x1b2/0x281 [ 28.026071] print_circular_bug.constprop.0.cold+0x2d7/0x41e [ 28.031930] __lock_acquire+0x2e0e/0x3f20 [ 28.036195] ? trace_hardirqs_on+0x10/0x10 [ 28.040434] ? __read_once_size_nocheck.constprop.0+0x10/0x10 [ 28.046291] ? unwind_next_frame+0xe54/0x17d0 [ 28.050778] ? unwind_next_frame+0xe54/0x17d0 [ 28.055248] ? deref_stack_reg+0x124/0x1a0 [ 28.059457] lock_acquire+0x170/0x3f0 [ 28.063230] ? do_journal_begin_r+0x26b/0xde0 [ 28.067699] ? do_journal_begin_r+0x26b/0xde0 [ 28.072169] __mutex_lock+0xc4/0x1310 [ 28.075958] ? do_journal_begin_r+0x26b/0xde0 [ 28.080950] ? do_journal_begin_r+0x26b/0xde0 [ 28.085806] ? __ww_mutex_wakeup_for_backoff+0x210/0x210 [ 28.091250] ? __mutex_unlock_slowpath+0x75/0x770 [ 28.096173] ? wait_for_completion_io+0x10/0x10 [ 28.100828] ? __lock_acquire+0x2190/0x3f20 [ 28.105219] do_journal_begin_r+0x26b/0xde0 [ 28.109598] ? do_journal_end+0x4310/0x4310 [ 28.114048] ? trace_hardirqs_on+0x10/0x10 [ 28.118624] ? reiserfs_write_lock+0x75/0xf0 [ 28.123016] ? __mutex_lock+0x360/0x1310 [ 28.127184] journal_begin+0x162/0x3d0 [ 28.131483] reiserfs_dirty_inode+0xd9/0x200 [ 28.136557] ? reiserfs_unfreeze+0xa0/0xa0 [ 28.140764] ? mark_held_locks+0xa6/0xf0 [ 28.144821] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 28.150257] ? reiserfs_unfreeze+0xa0/0xa0 [ 28.154476] __mark_inode_dirty+0x11e/0xf40 [ 28.159152] reiserfs_ioctl+0x6f6/0x8b0 [ 28.163184] ? reiserfs_unpack+0x510/0x510 [ 28.167408] do_vfs_ioctl+0x75a/0xff0 [ 28.171184] ? getname_flags+0x2a2/0x550 [ 28.175449] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 28.180533] ? ioctl_preallocat