[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.100' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 28.068062] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 28.076606] REISERFS (device loop0): using ordered data mode [ 28.082650] reiserfs: using flush barriers [ 28.087766] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 28.103534] REISERFS (device loop0): checking transaction log (loop0) [ 28.111645] REISERFS (device loop0): Using rupasov hash to sort names [ 28.119163] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 28.275110] [ 28.276739] ====================================================== [ 28.283040] WARNING: possible circular locking dependency detected [ 28.289340] 4.14.299-syzkaller #0 Not tainted [ 28.293807] ------------------------------------------------------ [ 28.300095] syz-executor380/7974 is trying to acquire lock: [ 28.305773] (&journal->j_mutex){+.+.}, at: [] do_journal_begin_r+0x26b/0xde0 [ 28.314590] [ 28.314590] but task is already holding lock: [ 28.320531] (sb_writers#10){.+.+}, at: [] mnt_want_write_file+0xfd/0x3b0 [ 28.328998] [ 28.328998] which lock already depends on the new lock. [ 28.328998] [ 28.337283] [ 28.337283] the existing dependency chain (in reverse order) is: [ 28.344870] [ 28.344870] -> #2 (sb_writers#10){.+.+}: [ 28.350387] __sb_start_write+0x64/0x260 [ 28.354939] mnt_want_write_file+0xfd/0x3b0 [ 28.359751] reiserfs_ioctl+0x18e/0x8b0 [ 28.364217] do_vfs_ioctl+0x75a/0xff0 [ 28.368513] SyS_ioctl+0x7f/0xb0 [ 28.372371] do_syscall_64+0x1d5/0x640 [ 28.376752] entry_SYSCALL_64_after_hwframe+0x5e/0xd3 [ 28.382432] [ 28.382432] -> #1 (&sbi->lock){+.+.}: [ 28.387686] __mutex_lock+0xc4/0x1310 [ 28.391985] reiserfs_write_lock_nested+0x59/0xd0 [ 28.397321] do_journal_begin_r+0x276/0xde0 [ 28.402134] journal_begin+0x162/0x3d0 [ 28.406513] reiserfs_fill_super+0x18f4/0x2990 [ 28.411585] mount_bdev+0x2b3/0x360 [ 28.415705] mount_fs+0x92/0x2a0 [ 28.419564] vfs_kern_mount.part.0+0x5b/0x470 [ 28.424551] do_mount+0xe65/0x2a30 [ 28.428584] SyS_mount+0xa8/0x120 [ 28.432529] do_syscall_64+0x1d5/0x640 [ 28.436911] entry_SYSCALL_64_after_hwframe+0x5e/0xd3 [ 28.442590] [ 28.442590] -> #0 (&journal->j_mutex){+.+.}: [ 28.448452] lock_acquire+0x170/0x3f0 [ 28.452745] __mutex_lock+0xc4/0x1310 [ 28.457038] do_journal_begin_r+0x26b/0xde0 [ 28.461867] journal_begin+0x162/0x3d0 [ 28.466254] reiserfs_dirty_inode+0xd9/0x200 [ 28.471170] __mark_inode_dirty+0x11e/0xf40 [ 28.475997] reiserfs_ioctl+0x6f6/0x8b0 [ 28.480470] do_vfs_ioctl+0x75a/0xff0 [ 28.484764] SyS_ioctl+0x7f/0xb0 [ 28.488625] do_syscall_64+0x1d5/0x640 [ 28.493006] entry_SYSCALL_64_after_hwframe+0x5e/0xd3 [ 28.498683] [ 28.498683] other info that might help us debug this: [ 28.498683] [ 28.506792] Chain exists of: [ 28.506792] &journal->j_mutex --> &sbi->lock --> sb_writers#10 [ 28.506792] [ 28.517255] Possible unsafe locking scenario: [ 28.517255] [ 28.523280] CPU0 CPU1 [ 28.527917] ---- ---- [ 28.532553] lock(sb_writers#10); [ 28.536067] lock(&sbi->lock); [ 28.541833] lock(sb_writers#10); [ 28.547859] lock(&journal->j_mutex); [ 28.551717] [ 28.551717] *** DEADLOCK *** [ 28.551717] [ 28.557747] 1 lock held by syz-executor380/7974: [ 28.562469] #0: (sb_writers#10){.+.+}, at: [] mnt_want_write_file+0xfd/0x3b0 [ 28.571370] [ 28.571370] stack backtrace: [ 28.575838] CPU: 1 PID: 7974 Comm: syz-executor380 Not tainted 4.14.299-syzkaller #0 [ 28.583686] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 28.593010] Call Trace: [ 28.595574] dump_stack+0x1b2/0x281 [ 28.599176] print_circular_bug.constprop.0.cold+0x2d7/0x41e [ 28.604949] __lock_acquire+0x2e0e/0x3f20 [ 28.609068] ? trace_hardirqs_on+0x10/0x10 [ 28.613274] ? __read_once_size_nocheck.constprop.0+0x10/0x10 [ 28.619128] ? unwind_next_frame+0xe54/0x17d0 [ 28.623595] ? unwind_next_frame+0xe54/0x17d0 [ 28.628063] ? deref_stack_reg+0x124/0x1a0 [ 28.632271] lock_acquire+0x170/0x3f0 [ 28.636044] ? do_journal_begin_r+0x26b/0xde0 [ 28.640509] ? do_journal_begin_r+0x26b/0xde0 [ 28.644976] __mutex_lock+0xc4/0x1310 [ 28.648746] ? do_journal_begin_r+0x26b/0xde0 [ 28.653213] ? do_journal_begin_r+0x26b/0xde0 [ 28.657679] ? __ww_mutex_wakeup_for_backoff+0x210/0x210 [ 28.663098] ? __mutex_unlock_slowpath+0x75/0x770 [ 28.667911] ? wait_for_completion_io+0x10/0x10 [ 28.672549] ? __lock_acquire+0x2190/0x3f20 [ 28.676843] do_journal_begin_r+0x26b/0xde0 [ 28.681137] ? do_journal_end+0x4310/0x4310 [ 28.685431] ? trace_hardirqs_on+0x10/0x10 [ 28.689638] ? reiserfs_write_lock+0x75/0xf0 [ 28.694018] ? __mutex_lock+0x360/0x1310 [ 28.698051] journal_begin+0x162/0x3d0 [ 28.701910] reiserfs_dirty_inode+0xd9/0x200 [ 28.706293] ? reiserfs_unfreeze+0xa0/0xa0 [ 28.710499] ? mark_held_locks+0xa6/0xf0 [ 28.714533] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 28.719953] ? reiserfs_unfreeze+0xa0/0xa0 [ 28.724161] __mark_inode_dirty+0x11e/0xf40 [ 28.728455] reiserfs_ioctl+0x6f6/0x8b0 [ 28.732399] ? reiserfs_unpack+0x510/0x510 [ 28.736607] do_vfs_ioctl+0x75a/0xff0 [ 28.740379] ? lock_acquire+0x170/0x3f0 [ 28.744328] ? ioctl_preallocate+0x1a0/0x1a0 [ 28.748708] ? _atomic_dec_and_lock+0x61/0xb0 [ 28.753175] ? iput+0xad/0x7e0 [ 28.756338] ? sys_sync+0xe5/0x130 [ 28.759849] ? security_file_ioctl+0x83/0xb0 [ 28.764228] SyS_ioctl+0x7f/0xb0 [ 28.767566] ? do_vfs_ioctl+0xff0/0xff0 [ 28.771511] do_syscall_64+0x1d5/0x640 [ 28.775372] entry_S