Warning: Permanently added '10.128.0.67' (ECDSA) to the list of known hosts. executing program [ 39.504576][ T3961] loop0: detected capacity change from 0 to 8192 [ 39.509534][ T3961] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 39.511612][ T3961] REISERFS (device loop0): using ordered data mode [ 39.513023][ T3961] reiserfs: using flush barriers [ 39.514977][ T3961] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 39.518643][ T3961] REISERFS (device loop0): checking transaction log (loop0) [ 39.567220][ T3961] REISERFS (device loop0): Using r5 hash to sort names [ 39.568764][ T3961] REISERFS (device loop0): using 3.5.x disk format [ 39.570681][ T3961] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 39.575078][ T3961] [ 39.575570][ T3961] ====================================================== [ 39.577017][ T3961] WARNING: possible circular locking dependency detected [ 39.578458][ T3961] 5.15.110-syzkaller #0 Not tainted [ 39.579472][ T3961] ------------------------------------------------------ [ 39.580985][ T3961] syz-executor865/3961 is trying to acquire lock: [ 39.582411][ T3961] ffff0000c887e460 (sb_writers#8){.+.+}-{0:0}, at: mnt_want_write_file+0x64/0x1e8 [ 39.584380][ T3961] [ 39.584380][ T3961] but task is already holding lock: [ 39.586015][ T3961] ffff0000c1ec6090 (&sbi->lock){+.+.}-{3:3}, at: reiserfs_write_lock+0x7c/0xe8 [ 39.588002][ T3961] [ 39.588002][ T3961] which lock already depends on the new lock. [ 39.588002][ T3961] [ 39.590120][ T3961] [ 39.590120][ T3961] the existing dependency chain (in reverse order) is: [ 39.592068][ T3961] [ 39.592068][ T3961] -> #2 (&sbi->lock){+.+.}-{3:3}: [ 39.593602][ T3961] __mutex_lock_common+0x194/0x2154 [ 39.594804][ T3961] mutex_lock_nested+0xa4/0xf8 [ 39.595919][ T3961] reiserfs_write_lock+0x7c/0xe8 [ 39.597088][ T3961] reiserfs_lookup+0x130/0x3c4 [ 39.598211][ T3961] __lookup_slow+0x250/0x388 [ 39.599296][ T3961] lookup_one_len+0x178/0x28c [ 39.600365][ T3961] reiserfs_lookup_privroot+0x8c/0x204 [ 39.601605][ T3961] reiserfs_fill_super+0x1aec/0x1e8c [ 39.602877][ T3961] mount_bdev+0x26c/0x368 [ 39.603871][ T3961] get_super_block+0x44/0x58 [ 39.604905][ T3961] legacy_get_tree+0xd4/0x16c [ 39.606078][ T3961] vfs_get_tree+0x90/0x274 [ 39.607139][ T3961] do_new_mount+0x25c/0x8c8 [ 39.608166][ T3961] path_mount+0x590/0x104c [ 39.609231][ T3961] __arm64_sys_mount+0x510/0x5e0 [ 39.610368][ T3961] invoke_syscall+0x98/0x2b8 [ 39.611375][ T3961] el0_svc_common+0x138/0x258 [ 39.612420][ T3961] do_el0_svc+0x58/0x14c [ 39.613471][ T3961] el0_svc+0x7c/0x1f0 [ 39.614430][ T3961] el0t_64_sync_handler+0x84/0xe4 [ 39.615619][ T3961] el0t_64_sync+0x1a0/0x1a4 [ 39.616642][ T3961] [ 39.616642][ T3961] -> #1 (&type->i_mutex_dir_key#6){+.+.}-{3:3}: [ 39.618344][ T3961] down_write+0x110/0x260 [ 39.619297][ T3961] path_openat+0x63c/0x26f0 [ 39.620268][ T3961] do_filp_open+0x1a8/0x3b4 [ 39.621321][ T3961] do_sys_openat2+0x128/0x3d8 [ 39.622430][ T3961] __arm64_sys_openat+0x1f0/0x240 [ 39.623669][ T3961] invoke_syscall+0x98/0x2b8 [ 39.624801][ T3961] el0_svc_common+0x138/0x258 [ 39.625907][ T3961] do_el0_svc+0x58/0x14c [ 39.626947][ T3961] el0_svc+0x7c/0x1f0 [ 39.627848][ T3961] el0t_64_sync_handler+0x84/0xe4 [ 39.628937][ T3961] el0t_64_sync+0x1a0/0x1a4 [ 39.629985][ T3961] [ 39.629985][ T3961] -> #0 (sb_writers#8){.+.+}-{0:0}: [ 39.631501][ T3961] __lock_acquire+0x32cc/0x7620 [ 39.632594][ T3961] lock_acquire+0x240/0x77c [ 39.633629][ T3961] sb_start_write+0xf0/0x3ac [ 39.634759][ T3961] mnt_want_write_file+0x64/0x1e8 [ 39.635956][ T3961] reiserfs_ioctl+0x188/0x4b8 [ 39.637045][ T3961] __arm64_sys_ioctl+0x14c/0x1c8 [ 39.638232][ T3961] invoke_syscall+0x98/0x2b8 [ 39.639286][ T3961] el0_svc_common+0x138/0x258 [ 39.640338][ T3961] do_el0_svc+0x58/0x14c [ 39.641361][ T3961] el0_svc+0x7c/0x1f0 [ 39.642307][ T3961] el0t_64_sync_handler+0x84/0xe4 [ 39.643398][ T3961] el0t_64_sync+0x1a0/0x1a4 [ 39.644430][ T3961] [ 39.644430][ T3961] other info that might help us debug this: [ 39.644430][ T3961] [ 39.646536][ T3961] Chain exists of: [ 39.646536][ T3961] sb_writers#8 --> &type->i_mutex_dir_key#6 --> &sbi->lock [ 39.646536][ T3961] [ 39.649292][ T3961] Possible unsafe locking scenario: [ 39.649292][ T3961] [ 39.650932][ T3961] CPU0 CPU1 [ 39.652049][ T3961] ---- ---- [ 39.653182][ T3961] lock(&sbi->lock); [ 39.654041][ T3961] lock(&type->i_mutex_dir_key#6); [ 39.655824][ T3961] lock(&sbi->lock); [ 39.657112][ T3961] lock(sb_writers#8); [ 39.657947][ T3961] [ 39.657947][ T3961] *** DEADLOCK *** [ 39.657947][ T3961] [ 39.659653][ T3961] 1 lock held by syz-executor865/3961: [ 39.660809][ T3961] #0: ffff0000c1ec6090 (&sbi->lock){+.+.}-{3:3}, at: reiserfs_write_lock+0x7c/0xe8 [ 39.662778][ T3961] [ 39.662778][ T3961] stack backtrace: [ 39.664041][ T3961] CPU: 1 PID: 3961 Comm: syz-executor865 Not tainted 5.15.110-syzkaller #0 [ 39.665828][ T3961] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/14/2023 [ 39.668012][ T3961] Call trace: [ 39.668672][ T3961] dump_backtrace+0x0/0x530 [ 39.669610][ T3961] show_stack+0x2c/0x3c [ 39.670473][ T3961] dump_stack_lvl+0x108/0x170 [ 39.671449][ T3961] dump_stack+0x1c/0x58 [ 39.672277][ T3961] print_circular_bug+0x150/0x1b8 [ 39.673316][ T3961] check_noncircular+0x2cc/0x378 [ 39.674314][ T3961] __lock_acquire+0x32cc/0x7620 [ 39.675304][ T3961] lock_acquire+0x240/0x77c [ 39.676266][ T3961] sb_start_write+0xf0/0x3ac [ 39.677223][ T3961] mnt_want_write_file+0x64/0x1e8 [ 39.678229][ T3961] reiserfs_ioctl+0x188/0x4b8 [ 39.679256][ T3961] __arm64_sys_ioctl+0x14c/0x1c8 [ 39.680334][ T3961] invoke_syscall+0x98/0x2b8 [ 39.681309][ T3961] el0_svc_common+0x138/0x258 [ 39.682261][ T3961] do_el0_svc+0x58/0x14c [ 39.683102][ T3961] el0_svc+0x7c/0x1f0 [ 39.683918][ T3961] el0t_64_sync_handler+0x84/0xe4 [ 39.684911][ T3961] el0t_64_sync+0x1a0/0x1a4