[[0;32m  OK  [0m] Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch.
[[0;32m  OK  [0m] Started Getty on tty6.
[[0;32m  OK  [0m] Started Getty on tty5.
[[0;32m  OK  [0m] Started Getty on tty4.
[[0;32m  OK  [0m] Started Getty on tty3.
[[0;32m  OK  [0m] Started Getty on tty2.
[[0;32m  OK  [0m] Started Getty on tty1.
[[0;32m  OK  [0m] Started Serial Getty on ttyS0.
[[0;32m  OK  [0m] Reached target Login Prompts.
[[0;32m  OK  [0m] Reached target Multi-User System.
[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
         Starting Load/Save RF Kill Switch Status...
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.
[[0;32m  OK  [0m] Started Load/Save RF Kill Switch Status.
Warning: Permanently added '10.128.1.31' (ECDSA) to the list of known hosts.
executing program
[   85.336838][   T37] audit: type=1400 audit(1622522702.073:8): avc:  denied  { execmem } for  pid=8425 comm="syz-executor735" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1

Debian GNU/Linux 9 syzkaller ttyS0

syzkaller login: [   85.426266][ T8429] 
[   85.428749][ T8429] ======================================================
[   85.436162][ T8429] WARNING: possible circular locking dependency detected
[   85.443815][ T8429] 5.13.0-rc4-syzkaller #0 Not tainted
[   85.449182][ T8429] ------------------------------------------------------
[   85.456308][ T8429] syz-executor735/8429 is trying to acquire lock:
[   85.463063][ T8429] ffffffff8ca6ab28 (brd_devices_mutex){+.+.}-{3:3}, at: brd_probe+0x31/0x250
[   85.471872][ T8429] 
[   85.471872][ T8429] but task is already holding lock:
[   85.479575][ T8429] ffffffff8c7dea28 (major_names_lock){+.+.}-{3:3}, at: blk_request_module+0x25/0x1d0
[   85.489993][ T8429] 
[   85.489993][ T8429] which lock already depends on the new lock.
[   85.489993][ T8429] 
[   85.501061][ T8429] 
[   85.501061][ T8429] the existing dependency chain (in reverse order) is:
[   85.511358][ T8429] 
[   85.511358][ T8429] -> #3 (major_names_lock){+.+.}-{3:3}:
[   85.519608][ T8429]        __mutex_lock+0x139/0x10c0
[   85.524827][ T8429]        __register_blkdev+0x2b/0x3e0
[   85.530349][ T8429]        register_mtd_blktrans+0x85/0x3c0
[   85.537315][ T8429]        do_one_initcall+0x103/0x650
[   85.543194][ T8429]        kernel_init_freeable+0x643/0x6cc
[   85.549318][ T8429]        kernel_init+0xd/0x1b8
[   85.554801][ T8429]        ret_from_fork+0x1f/0x30
[   85.560068][ T8429] 
[   85.560068][ T8429] -> #2 (mtd_table_mutex){+.+.}-{3:3}:
[   85.568206][ T8429]        __mutex_lock+0x139/0x10c0
[   85.573506][ T8429]        blktrans_open+0x69/0x600
[   85.578531][ T8429]        __blkdev_get+0x182/0xa30
[   85.584114][ T8429]        blkdev_get_by_dev+0x200/0x660
[   85.589657][ T8429]        blkdev_open+0x154/0x2b0
[   85.595032][ T8429]        do_dentry_open+0x4b9/0x11b0
[   85.601230][ T8429]        path_openat+0x1c0e/0x27e0
[   85.607039][ T8429]        do_filp_open+0x190/0x3d0
[   85.612245][ T8429]        do_sys_openat2+0x16d/0x420
[   85.617639][ T8429]        __x64_sys_open+0x119/0x1c0
[   85.623309][ T8429]        do_syscall_64+0x3a/0xb0
[   85.628424][ T8429]        entry_SYSCALL_64_after_hwframe+0x44/0xae
[   85.634926][ T8429] 
[   85.634926][ T8429] -> #1 (&bdev->bd_mutex){+.+.}-{3:3}:
[   85.643265][ T8429]        __mutex_lock+0x139/0x10c0
[   85.648797][ T8429]        blkdev_get_by_dev+0x1f6/0x660
[   85.654383][ T8429]        __device_add_disk+0x7f2/0x1230
[   85.660151][ T8429]        brd_init+0x307/0x4cd
[   85.664829][ T8429]        do_one_initcall+0x103/0x650
[   85.670295][ T8429]        kernel_init_freeable+0x643/0x6cc
[   85.676034][ T8429]        kernel_init+0xd/0x1b8
[   85.680968][ T8429]        ret_from_fork+0x1f/0x30
[   85.686041][ T8429] 
[   85.686041][ T8429] -> #0 (brd_devices_mutex){+.+.}-{3:3}:
[   85.694314][ T8429]        __lock_acquire+0x2a17/0x5230
[   85.699879][ T8429]        lock_acquire+0x1ab/0x740
[   85.706297][ T8429]        __mutex_lock+0x139/0x10c0
[   85.712352][ T8429]        brd_probe+0x31/0x250
[   85.717561][ T8429]        blk_request_module+0x111/0x1d0
[   85.723413][ T8429]        blkdev_get_no_open+0x1d8/0x250
[   85.728960][ T8429]        blkdev_get_by_dev+0x76/0x660
[   85.734754][ T8429]        blkdev_open+0x154/0x2b0
[   85.740101][ T8429]        do_dentry_open+0x4b9/0x11b0
[   85.746024][ T8429]        path_openat+0x1c0e/0x27e0
[   85.751537][ T8429]        do_filp_open+0x190/0x3d0
[   85.756575][ T8429]        do_sys_openat2+0x16d/0x420
[   85.762761][ T8429]        __x64_sys_openat+0x13f/0x1f0
[   85.768701][ T8429]        do_syscall_64+0x3a/0xb0
[   85.773815][ T8429]        entry_SYSCALL_64_after_hwframe+0x44/0xae
[   85.781432][ T8429] 
[   85.781432][ T8429] other info that might help us debug this:
[   85.781432][ T8429] 
[   85.792818][ T8429] Chain exists of:
[   85.792818][ T8429]   brd_devices_mutex --> mtd_table_mutex --> major_names_lock
[   85.792818][ T8429] 
[   85.808072][ T8429]  Possible unsafe locking scenario:
[   85.808072][ T8429] 
[   85.816068][ T8429]        CPU0                    CPU1
[   85.821666][ T8429]        ----                    ----
[   85.827040][ T8429]   lock(major_names_lock);
[   85.831734][ T8429]                                lock(mtd_table_mutex);
[   85.839035][ T8429]                                lock(major_names_lock);
[   85.846267][ T8429]   lock(brd_devices_mutex);
[   85.850961][ T8429] 
[   85.850961][ T8429]  *** DEADLOCK ***
[   85.850961][ T8429] 
[   85.859177][ T8429] 1 lock held by syz-executor735/8429:
[   85.864622][ T8429]  #0: ffffffff8c7dea28 (major_names_lock){+.+.}-{3:3}, at: blk_request_module+0x25/0x1d0
[   85.874653][ T8429] 
[   85.874653][ T8429] stack backtrace:
[   85.880550][ T8429] CPU: 0 PID: 8429 Comm: syz-executor735 Not tainted 5.13.0-rc4-syzkaller #0
[   85.889409][ T8429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   85.899768][ T8429] Call Trace:
[   85.903317][ T8429]  dump_stack+0x141/0x1d7
[   85.907656][ T8429]  check_noncircular+0x25f/0x2e0
[   85.912588][ T8429]  ? print_circular_bug+0x1e0/0x1e0
[   85.917956][ T8429]  ? lock_chain_count+0x20/0x20
[   85.922842][ T8429]  ? lockdep_lock+0xc6/0x200
[   85.927446][ T8429]  ? call_rcu_zapped+0xb0/0xb0
[   85.932216][ T8429]  __lock_acquire+0x2a17/0x5230
[   85.937056][ T8429]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   85.943136][ T8429]  lock_acquire+0x1ab/0x740
[   85.947890][ T8429]  ? brd_probe+0x31/0x250
[   85.952223][ T8429]  ? lock_release+0x720/0x720
[   85.957101][ T8429]  __mutex_lock+0x139/0x10c0
[   85.961945][ T8429]  ? brd_probe+0x31/0x250
[   85.966361][ T8429]  ? brd_probe+0x31/0x250
[   85.970689][ T8429]  ? blk_request_module+0x25/0x1d0
[   85.975787][ T8429]  ? mutex_lock_io_nested+0xf20/0xf20
[   85.981150][ T8429]  ? find_held_lock+0x2d/0x110
[   85.985915][ T8429]  ? mutex_lock_io_nested+0xf20/0xf20
[   85.991286][ T8429]  ? ilookup+0xb3/0x230
[   85.995430][ T8429]  ? lock_downgrade+0x6e0/0x6e0
[   86.000272][ T8429]  ? do_raw_spin_lock+0x120/0x2b0
[   86.005388][ T8429]  ? rwlock_bug.part.0+0x90/0x90
[   86.010464][ T8429]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   86.016799][ T8429]  ? brd_lookup_page+0x1c0/0x1c0
[   86.023110][ T8429]  brd_probe+0x31/0x250
[   86.027285][ T8429]  ? brd_lookup_page+0x1c0/0x1c0
[   86.032232][ T8429]  blk_request_module+0x111/0x1d0
[   86.037367][ T8429]  blkdev_get_no_open+0x1d8/0x250
[   86.042600][ T8429]  blkdev_get_by_dev+0x76/0x660
[   86.047976][ T8429]  blkdev_open+0x154/0x2b0
[   86.052404][ T8429]  do_dentry_open+0x4b9/0x11b0
[   86.057261][ T8429]  ? blkdev_get_by_dev+0x660/0x660
[   86.062465][ T8429]  ? may_open+0x1f6/0x420
[   86.066906][ T8429]  path_openat+0x1c0e/0x27e0
[   86.071588][ T8429]  ? path_lookupat+0x850/0x850
[   86.077357][ T8429]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   86.083352][ T8429]  do_filp_open+0x190/0x3d0
[   86.087870][ T8429]  ? may_open_dev+0xf0/0xf0
[   86.092361][ T8429]  ? do_raw_spin_lock+0x120/0x2b0
[   86.097401][ T8429]  ? rwlock_bug.part.0+0x90/0x90
[   86.102415][ T8429]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   86.108818][ T8429]  ? _find_next_bit+0x1e3/0x260
[   86.113653][ T8429]  ? _raw_spin_unlock+0x24/0x40
[   86.118526][ T8429]  ? alloc_fd+0x2e6/0x660
[   86.122949][ T8429]  do_sys_openat2+0x16d/0x420
[   86.127631][ T8429]  ? build_open_flags+0x6f0/0x6f0
[   86.132840][ T8429]  ? __context_tracking_exit+0xb8/0xe0
[   86.138487][ T8429]  ? lock_downgrade+0x6e0/0x6e0
[   86.143351][ T8429]  __x64_sys_openat+0x13f/0x1f0
[   86.148309][ T8429]  ? __ia32_sys_open+0x1c0/0x1c0
[   86.153463][ T8429]  ? syscall_enter_from_user_mode+0x27/0x70
[   86.159454][ T8429]  do_syscall_64+0x3a/0xb0
[   86.163980][ T8429]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   86.169881][ T8429] RIP: 0033:0x445359
[   86.173774][ T8429] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 81 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   86.194209][ T8429] RSP: 002b:00007f56726152f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   86.203759][ T8429] RAX: ffffffffffffffda RBX: 00000000004cc4f0 RCX: 0000000000445359
[   86.212266][ T8429] RDX: 0000000000000000 RSI: 0000000020002040 RDI: 00000000ffffff9c
[   86.220776][ T8429] RBP: 000000000049c034 R08: 00007f5672615700 R09: 0000000000000000
[   8