syzbot

======================================================
WARNING: possible circular locking dependency detected
syzkaller #0 Not tainted
------------------------------------------------------
syz.0.705/6449 is trying to acquire lock:
ffff8880309726d8 (&mm->mmap_lock){++++}-{3:3}, at: __might_fault+0xa6/0x120 mm/memory.c:5850

but task is already holding lock:
ffff888058b19090 (&sbi->lock){+.+.}-{3:3}, at: reiserfs_write_lock+0x75/0xd0 fs/reiserfs/lock.c:27

which lock already depends on the new lock.


the existing dependency chain (in reverse order) is:

-> #1 (&sbi->lock){+.+.}-{3:3}:
       __mutex_lock_common kernel/locking/mutex.c:603 [inline]
       __mutex_lock+0x12d/0xaf0 kernel/locking/mutex.c:747
       reiserfs_write_lock+0x75/0xd0 fs/reiserfs/lock.c:27
       reiserfs_dirty_inode+0x10d/0x260 fs/reiserfs/super.c:704
       __mark_inode_dirty+0x2eb/0xe90 fs/fs-writeback.c:2449
       generic_update_time fs/inode.c:1946 [inline]
       inode_update_time fs/inode.c:1959 [inline]
       touch_atime+0x3b6/0x640 fs/inode.c:2031
       file_accessed include/linux/fs.h:2600 [inline]
       generic_file_mmap+0xbe/0x120 mm/filemap.c:3579
       call_mmap include/linux/fs.h:2270 [inline]
       mmap_file+0x5d/0xb0 mm/util.c:1109
       __mmap_region mm/mmap.c:2772 [inline]
       mmap_region+0xdda/0x1ca0 mm/mmap.c:2916
       do_mmap+0x964/0xfd0 mm/mmap.c:1436
       vm_mmap_pgoff+0x1c1/0x2d0 mm/util.c:520
       ksys_mmap_pgoff+0x516/0x6f0 mm/mmap.c:1482
       do_syscall_x64 arch/x86/entry/common.c:46 [inline]
       do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:76
       entry_SYSCALL_64_after_hwframe+0x68/0xd2

-> #0 (&mm->mmap_lock){++++}-{3:3}:
       check_prev_add kernel/locking/lockdep.c:3090 [inline]
       check_prevs_add kernel/locking/lockdep.c:3209 [inline]
       validate_chain kernel/locking/lockdep.c:3825 [inline]
       __lock_acquire+0x2d07/0x7d10 kernel/locking/lockdep.c:5049
       lock_acquire+0x1bb/0x4a0 kernel/locking/lockdep.c:5662
       __might_fault+0xc2/0x120 mm/memory.c:5850
       reiserfs_ioctl+0x13b/0x330 fs/reiserfs/ioctl.c:96
       vfs_ioctl fs/ioctl.c:51 [inline]
       __do_sys_ioctl fs/ioctl.c:870 [inline]
       __se_sys_ioctl+0xfa/0x170 fs/ioctl.c:856
       do_syscall_x64 arch/x86/entry/common.c:46 [inline]
       do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:76
       entry_SYSCALL_64_after_hwframe+0x68/0xd2

other info that might help us debug this:

 Possible unsafe locking scenario:

       CPU0                    CPU1
       ----                    ----
  lock(&sbi->lock);
                               lock(&mm->mmap_lock);
                               lock(&sbi->lock);
  lock(&mm->mmap_lock);

 *** DEADLOCK ***

1 lock held by syz.0.705/6449:
 #0: ffff888058b19090 (&sbi->lock){+.+.}-{3:3}, at: reiserfs_write_lock+0x75/0xd0 fs/reiserfs/lock.c:27

stack backtrace:
CPU: 0 PID: 6449 Comm: syz.0.705 Not tainted syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
Call Trace:
 <TASK>
 dump_stack_lvl+0x188/0x24e lib/dump_stack.c:106
 check_noncircular+0x296/0x330 kernel/locking/lockdep.c:2170
 check_prev_add kernel/locking/lockdep.c:3090 [inline]
 check_prevs_add kernel/locking/lockdep.c:3209 [inline]
 validate_chain kernel/locking/lockdep.c:3825 [inline]
 __lock_acquire+0x2d07/0x7d10 kernel/locking/lockdep.c:5049
 lock_acquire+0x1bb/0x4a0 kernel/locking/lockdep.c:5662
 __might_fault+0xc2/0x120 mm/memory.c:5850
 reiserfs_ioctl+0x13b/0x330 fs/reiserfs/ioctl.c:96
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:870 [inline]
 __se_sys_ioctl+0xfa/0x170 fs/ioctl.c:856
 do_syscall_x64 arch/x86/entry/common.c:46 [inline]
 do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:76
 entry_SYSCALL_64_after_hwframe+0x68/0xd2
RIP: 0033:0x7f82ae79c799
Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f82af5b1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00007f82aea15fa0 RCX: 00007f82ae79c799
RDX: 0000000000000000 RSI: 0000000080087601 RDI: 0000000000000005
RBP: 00007f82ae832bd9 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f82aea16038 R14: 00007f82aea15fa0 R15: 00007ffc10afee58
 </TASK>