Warning: Permanently added '10.128.1.133' (ED25519) to the list of known hosts. executing program syzkaller login: [ 42.012153][ T3967] loop0: detected capacity change from 0 to 8192 [ 42.112849][ T3967] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 42.115393][ T3967] REISERFS (device loop0): using ordered data mode [ 42.116841][ T3967] reiserfs: using flush barriers [ 42.119100][ T3967] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 42.123297][ T3967] REISERFS (device loop0): checking transaction log (loop0) [ 42.127121][ T3967] REISERFS (device loop0): Using r5 hash to sort names [ 42.130503][ T3967] reiserfs: enabling write barrier flush mode [ 42.137129][ T3967] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 42.141168][ T3967] [ 42.141680][ T3967] ====================================================== [ 42.143197][ T3967] WARNING: possible circular locking dependency detected [ 42.144815][ T3967] 5.15.148-syzkaller #0 Not tainted [ 42.146168][ T3967] ------------------------------------------------------ [ 42.147819][ T3967] syz-executor195/3967 is trying to acquire lock: [ 42.149349][ T3967] ffff0000c8bf8460 (sb_writers#8){.+.+}-{0:0}, at: mnt_want_write_file+0x64/0x1e8 [ 42.151453][ T3967] [ 42.151453][ T3967] but task is already holding lock: [ 42.153082][ T3967] ffff0000c8278090 (&sbi->lock){+.+.}-{3:3}, at: reiserfs_write_lock+0x7c/0xe8 [ 42.155184][ T3967] [ 42.155184][ T3967] which lock already depends on the new lock. [ 42.155184][ T3967] [ 42.157645][ T3967] [ 42.157645][ T3967] the existing dependency chain (in reverse order) is: [ 42.159796][ T3967] [ 42.159796][ T3967] -> #2 (&sbi->lock){+.+.}-{3:3}: [ 42.161459][ T3967] __mutex_lock_common+0x194/0x2154 [ 42.162742][ T3967] mutex_lock_nested+0xa4/0xf8 [ 42.163952][ T3967] reiserfs_write_lock+0x7c/0xe8 [ 42.165212][ T3967] reiserfs_lookup+0x130/0x3c4 [ 42.166470][ T3967] __lookup_slow+0x250/0x388 [ 42.167668][ T3967] lookup_one_len+0x178/0x28c [ 42.168839][ T3967] reiserfs_lookup_privroot+0x8c/0x204 [ 42.170141][ T3967] reiserfs_fill_super+0x1494/0x1e8c [ 42.171450][ T3967] mount_bdev+0x274/0x370 [ 42.172620][ T3967] get_super_block+0x44/0x58 [ 42.173786][ T3967] legacy_get_tree+0xd4/0x16c [ 42.174978][ T3967] vfs_get_tree+0x90/0x274 [ 42.176089][ T3967] do_new_mount+0x278/0x8fc [ 42.177187][ T3967] path_mount+0x594/0x101c [ 42.178346][ T3967] __arm64_sys_mount+0x510/0x5e0 [ 42.179652][ T3967] invoke_syscall+0x98/0x2b8 [ 42.180797][ T3967] el0_svc_common+0x138/0x258 [ 42.181980][ T3967] do_el0_svc+0x58/0x14c [ 42.183042][ T3967] el0_svc+0x7c/0x1f0 [ 42.184109][ T3967] el0t_64_sync_handler+0x84/0xe4 [ 42.185461][ T3967] el0t_64_sync+0x1a0/0x1a4 [ 42.186649][ T3967] [ 42.186649][ T3967] -> #1 (&type->i_mutex_dir_key#6){+.+.}-{3:3}: [ 42.188618][ T3967] down_write+0x110/0x260 [ 42.189743][ T3967] chmod_common+0x17c/0x418 [ 42.190876][ T3967] __arm64_sys_fchmod+0xe0/0x150 [ 42.192114][ T3967] invoke_syscall+0x98/0x2b8 [ 42.193242][ T3967] el0_svc_common+0x138/0x258 [ 42.194389][ T3967] do_el0_svc+0x58/0x14c [ 42.195461][ T3967] el0_svc+0x7c/0x1f0 [ 42.196507][ T3967] el0t_64_sync_handler+0x84/0xe4 [ 42.197633][ T3967] el0t_64_sync+0x1a0/0x1a4 [ 42.198555][ T3967] [ 42.198555][ T3967] -> #0 (sb_writers#8){.+.+}-{0:0}: [ 42.200235][ T3967] __lock_acquire+0x32d4/0x7638 [ 42.201530][ T3967] lock_acquire+0x240/0x77c [ 42.202715][ T3967] sb_start_write+0xf0/0x3ac [ 42.203871][ T3967] mnt_want_write_file+0x64/0x1e8 [ 42.205174][ T3967] reiserfs_ioctl+0x188/0x4b8 [ 42.206379][ T3967] __arm64_sys_ioctl+0x14c/0x1c8 [ 42.207668][ T3967] invoke_syscall+0x98/0x2b8 [ 42.208818][ T3967] el0_svc_common+0x138/0x258 [ 42.210014][ T3967] do_el0_svc+0x58/0x14c [ 42.211089][ T3967] el0_svc+0x7c/0x1f0 [ 42.212094][ T3967] el0t_64_sync_handler+0x84/0xe4 [ 42.213352][ T3967] el0t_64_sync+0x1a0/0x1a4 [ 42.214513][ T3967] [ 42.214513][ T3967] other info that might help us debug this: [ 42.214513][ T3967] [ 42.216840][ T3967] Chain exists of: [ 42.216840][ T3967] sb_writers#8 --> &type->i_mutex_dir_key#6 --> &sbi->lock [ 42.216840][ T3967] [ 42.219979][ T3967] Possible unsafe locking scenario: [ 42.219979][ T3967] [ 42.221738][ T3967] CPU0 CPU1 [ 42.223014][ T3967] ---- ---- [ 42.224185][ T3967] lock(&sbi->lock); [ 42.225108][ T3967] lock(&type->i_mutex_dir_key#6); [ 42.226720][ T3967] lock(&sbi->lock); [ 42.228192][ T3967] lock(sb_writers#8); [ 42.229161][ T3967] [ 42.229161][ T3967] *** DEADLOCK *** [ 42.229161][ T3967] [ 42.231135][ T3967] 1 lock held by syz-executor195/3967: [ 42.232489][ T3967] #0: ffff0000c8278090 (&sbi->lock){+.+.}-{3:3}, at: reiserfs_write_lock+0x7c/0xe8 [ 42.234653][ T3967] [ 42.234653][ T3967] stack backtrace: [ 42.236023][ T3967] CPU: 0 PID: 3967 Comm: syz-executor195 Not tainted 5.15.148-syzkaller #0 [ 42.237996][ T3967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 42.240226][ T3967] Call trace: [ 42.240999][ T3967] dump_backtrace+0x0/0x530 [ 42.242020][ T3967] show_stack+0x2c/0x3c [ 42.243038][ T3967] dump_stack_lvl+0x108/0x170 [ 42.244090][ T3967] dump_stack+0x1c/0x58 [ 42.245029][ T3967] print_circular_bug+0x150/0x1b8 [ 42.246154][ T3967] check_noncircular+0x2cc/0x378 [ 42.247273][ T3967] __lock_acquire+0x32d4/0x7638 [ 42.248378][ T3967] lock_acquire+0x240/0x77c [ 42.249405][ T3967] sb_start_write+0xf0/0x3ac [ 42.250455][ T3967] mnt_want_write_file+0x64/0x1e8 [ 42.251648][ T3967] reiserfs_ioctl+0x188/0x4b8 [ 42.252699][ T3967] __arm64_sys_ioctl+0x14c/0x1c8 [ 42.253839][ T3967] invoke_syscall+0x98/0x2b8 [ 42.254879][ T3967] el0_svc_common+0x138/0x258 [ 42.255989][ T3967] do_el0_svc+0x58/0x14c [ 42.256896][ T3967] el0_svc+0x7c/0x1f0 [ 42.257933][ T3967] el0t_64_sync_handler+0x84/0xe4 [ 42.259155][ T3967] el0t_64_sync+0x1a0/0x1a4