R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 R13: 00007ffdab749a5f R14: 00007fead6a2c300 R15: 0000000000022000 ============================================ WARNING: possible recursive locking detected 6.19.0-rc5-next-20260116 #1 Not tainted -------------------------------------------- syz-executor.4/5344 is trying to acquire lock: ffffffff85f24e30 (namespace_sem){++++}-{4:4}, at: put_mnt_ns+0xa9/0x170 but task is already holding lock: ffffffff85f24e30 (namespace_sem){++++}-{4:4}, at: lock_mount_exact+0x7c/0x5e0 other info that might help us debug this: Possible unsafe locking scenario: CPU0 ---- lock(namespace_sem); lock(namespace_sem); *** DEADLOCK *** May be due to missing lock nesting notation 2 locks held by syz-executor.4/5344: #0: ffff888009448148 (&sb->s_type->i_mutex_key){++++}-{4:4}, at: lock_mount_exact+0x70/0x5e0 #1: ffffffff85f24e30 (namespace_sem){++++}-{4:4}, at: lock_mount_exact+0x7c/0x5e0 stack backtrace: CPU: 0 UID: 0 PID: 5344 Comm: syz-executor.4 Not tainted 6.19.0-rc5-next-20260116 #1 PREEMPT(lazy) Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 Call Trace: dump_stack_lvl+0xca/0x120 print_deadlock_bug+0x283/0x3c0 check_deadlock+0x134/0x230 __lock_acquire+0x10d5/0x2250 lock_acquire+0x15e/0x2d0 down_write+0x91/0x1f0 put_mnt_ns+0xa9/0x170 path_from_stashed+0x4b3/0x660 open_namespace_file+0x8d/0x140 vfs_open_tree+0x4b2/0x1410 __x64_sys_open_tree+0xa8/0x190 do_syscall_64+0xbf/0x420 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fead94b6b19 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007fead6a2c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001ac RAX: ffffffffffffffda RBX: 00007fead95c9f60 RCX: 00007fead94b6b19 RDX: 0000000000088102 RSI: 0000000020000200 RDI: ffffffffffffff9c RBP: 00007fead6a2c1d0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 R13: 00007ffdab749a5f R14: 00007fead6a2c300 R15: 0000000000022000 netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. netlink: 6 bytes leftover after parsing attributes in process `syz-executor.2'.