Warning: Permanently added '10.128.1.109' (ED25519) to the list of known hosts. executing program [ 41.806559][ T3966] loop0: detected capacity change from 0 to 8192 [ 41.917125][ T3966] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 41.919734][ T3966] REISERFS (device loop0): using ordered data mode [ 41.921494][ T3966] reiserfs: using flush barriers [ 41.923766][ T3966] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 41.928781][ T3966] REISERFS (device loop0): checking transaction log (loop0) [ 41.932809][ T3966] REISERFS (device loop0): Using r5 hash to sort names [ 41.935431][ T3966] REISERFS (device loop0): using 3.5.x disk format [ 41.938718][ T3966] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 41.943460][ T3966] [ 41.944096][ T3966] ====================================================== [ 41.945919][ T3966] WARNING: possible circular locking dependency detected [ 41.947663][ T3966] 5.15.153-syzkaller #0 Not tainted [ 41.949045][ T3966] ------------------------------------------------------ [ 41.950974][ T3966] syz-executor394/3966 is trying to acquire lock: [ 41.952674][ T3966] ffff0000c8e2a460 (sb_writers#8){.+.+}-{0:0}, at: mnt_want_write_file+0x64/0x1e8 [ 41.955152][ T3966] [ 41.955152][ T3966] but task is already holding lock: [ 41.957146][ T3966] ffff0000d50cb090 (&sbi->lock){+.+.}-{3:3}, at: reiserfs_write_lock+0x7c/0xe8 [ 41.959470][ T3966] [ 41.959470][ T3966] which lock already depends on the new lock. [ 41.959470][ T3966] [ 41.962623][ T3966] [ 41.962623][ T3966] the existing dependency chain (in reverse order) is: [ 41.965081][ T3966] [ 41.965081][ T3966] -> #2 (&sbi->lock){+.+.}-{3:3}: [ 41.967076][ T3966] __mutex_lock_common+0x194/0x2154 [ 41.968619][ T3966] mutex_lock_nested+0xa4/0xf8 [ 41.970006][ T3966] reiserfs_write_lock+0x7c/0xe8 [ 41.971683][ T3966] reiserfs_lookup+0x130/0x3c4 [ 41.973068][ T3966] __lookup_slow+0x250/0x388 [ 41.974411][ T3966] lookup_one_len+0x178/0x28c [ 41.975827][ T3966] reiserfs_lookup_privroot+0x8c/0x204 [ 41.977411][ T3966] reiserfs_fill_super+0x1aec/0x1e8c [ 41.978942][ T3966] mount_bdev+0x274/0x370 [ 41.980496][ T3966] get_super_block+0x44/0x58 [ 41.981598][ T3966] legacy_get_tree+0xd4/0x16c [ 41.982997][ T3966] vfs_get_tree+0x90/0x274 [ 41.984287][ T3966] do_new_mount+0x278/0x8fc [ 41.985587][ T3966] path_mount+0x594/0x101c [ 41.986899][ T3966] __arm64_sys_mount+0x510/0x5e0 [ 41.988224][ T3966] invoke_syscall+0x98/0x2b8 [ 41.989544][ T3966] el0_svc_common+0x138/0x258 [ 41.991255][ T3966] do_el0_svc+0x58/0x14c [ 41.992714][ T3966] el0_svc+0x7c/0x1f0 [ 41.993851][ T3966] el0t_64_sync_handler+0x84/0xe4 [ 41.995212][ T3966] el0t_64_sync+0x1a0/0x1a4 [ 41.996498][ T3966] [ 41.996498][ T3966] -> #1 (&type->i_mutex_dir_key#6){+.+.}-{3:3}: [ 41.998767][ T3966] down_write+0x110/0x260 [ 42.000030][ T3966] path_openat+0x63c/0x26f0 [ 42.001344][ T3966] do_filp_open+0x1a8/0x3b4 [ 42.002665][ T3966] do_sys_openat2+0x128/0x3d8 [ 42.004068][ T3966] __arm64_sys_openat+0x1f0/0x240 [ 42.005551][ T3966] invoke_syscall+0x98/0x2b8 [ 42.006890][ T3966] el0_svc_common+0x138/0x258 [ 42.008204][ T3966] do_el0_svc+0x58/0x14c [ 42.009550][ T3966] el0_svc+0x7c/0x1f0 [ 42.010738][ T3966] el0t_64_sync_handler+0x84/0xe4 [ 42.012222][ T3966] el0t_64_sync+0x1a0/0x1a4 [ 42.013549][ T3966] [ 42.013549][ T3966] -> #0 (sb_writers#8){.+.+}-{0:0}: [ 42.015484][ T3966] __lock_acquire+0x32d4/0x7638 [ 42.016971][ T3966] lock_acquire+0x240/0x77c [ 42.018278][ T3966] sb_start_write+0xf0/0x3ac [ 42.019601][ T3966] mnt_want_write_file+0x64/0x1e8 [ 42.021094][ T3966] reiserfs_ioctl+0x188/0x4b8 [ 42.022423][ T3966] __arm64_sys_ioctl+0x14c/0x1c8 [ 42.023854][ T3966] invoke_syscall+0x98/0x2b8 [ 42.025137][ T3966] el0_svc_common+0x138/0x258 [ 42.026455][ T3966] do_el0_svc+0x58/0x14c [ 42.027715][ T3966] el0_svc+0x7c/0x1f0 [ 42.028916][ T3966] el0t_64_sync_handler+0x84/0xe4 [ 42.030447][ T3966] el0t_64_sync+0x1a0/0x1a4 [ 42.031794][ T3966] [ 42.031794][ T3966] other info that might help us debug this: [ 42.031794][ T3966] [ 42.034507][ T3966] Chain exists of: [ 42.034507][ T3966] sb_writers#8 --> &type->i_mutex_dir_key#6 --> &sbi->lock [ 42.034507][ T3966] [ 42.037936][ T3966] Possible unsafe locking scenario: [ 42.037936][ T3966] [ 42.039872][ T3966] CPU0 CPU1 [ 42.041330][ T3966] ---- ---- [ 42.042775][ T3966] lock(&sbi->lock); [ 42.043818][ T3966] lock(&type->i_mutex_dir_key#6); [ 42.045876][ T3966] lock(&sbi->lock); [ 42.047563][ T3966] lock(sb_writers#8); [ 42.048694][ T3966] [ 42.048694][ T3966] *** DEADLOCK *** [ 42.048694][ T3966] [ 42.050834][ T3966] 1 lock held by syz-executor394/3966: [ 42.052192][ T3966] #0: ffff0000d50cb090 (&sbi->lock){+.+.}-{3:3}, at: reiserfs_write_lock+0x7c/0xe8 [ 42.054709][ T3966] [ 42.054709][ T3966] stack backtrace: [ 42.056220][ T3966] CPU: 1 PID: 3966 Comm: syz-executor394 Not tainted 5.15.153-syzkaller #0 [ 42.058521][ T3966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 42.061236][ T3966] Call trace: [ 42.062100][ T3966] dump_backtrace+0x0/0x530 [ 42.063295][ T3966] show_stack+0x2c/0x3c [ 42.064381][ T3966] dump_stack_lvl+0x108/0x170 [ 42.065619][ T3966] dump_stack+0x1c/0x58 [ 42.066734][ T3966] print_circular_bug+0x150/0x1b8 [ 42.068068][ T3966] check_noncircular+0x2cc/0x378 [ 42.069449][ T3966] __lock_acquire+0x32d4/0x7638 [ 42.070695][ T3966] lock_acquire+0x240/0x77c [ 42.071841][ T3966] sb_start_write+0xf0/0x3ac [ 42.073044][ T3966] mnt_want_write_file+0x64/0x1e8 [ 42.074369][ T3966] reiserfs_ioctl+0x188/0x4b8 [ 42.075655][ T3966] __arm64_sys_ioctl+0x14c/0x1c8 [ 42.076939][ T3966] invoke_syscall+0x98/0x2b8 [ 42.078142][ T3966] el0_svc_common+0x138/0x258 [ 42.079408][ T3966] do_el0_svc+0x58/0x14c [ 42.080556][ T3966] el0_svc+0x7c/0x1f0 [ 42.081585][ T3966] el0t_64_sync_handler+0x84/0xe4 [ 42.082941][ T3966] el0t_64_sync+0x1a0/0x1a4