[ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.20' (ECDSA) to the list of known hosts. syzkaller login: [ 59.960844][ T8414] [ 59.963420][ T8414] ====================================================== [ 59.970932][ T8414] WARNING: possible circular locking dependency detected [ 59.978336][ T8414] 5.13.0-rc4-syzkaller #0 Not tainted [ 59.983703][ T8414] ------------------------------------------------------ [ 59.990809][ T8414] syz-executor944/8414 is trying to acquire lock: [ 59.997329][ T8414] ffff8881455445a0 (&bdev->bd_mutex){+.+.}-{3:3}, at: del_gendisk+0x2ab/0x860 [ 60.006398][ T8414] [ 60.006398][ T8414] but task is already holding lock: [ 60.013762][ T8414] ffffffff8d6714a8 (loop_ctl_mutex){+.+.}-{3:3}, at: loop_control_ioctl+0x9b/0x770 [ 60.023146][ T8414] [ 60.023146][ T8414] which lock already depends on the new lock. [ 60.023146][ T8414] [ 60.033571][ T8414] [ 60.033571][ T8414] the existing dependency chain (in reverse order) is: [ 60.042681][ T8414] [ 60.042681][ T8414] -> #1 (loop_ctl_mutex){+.+.}-{3:3}: [ 60.050328][ T8414] lock_acquire+0x17f/0x720 [ 60.055752][ T8414] __mutex_lock_common+0x1bf/0x3100 [ 60.061812][ T8414] mutex_lock_killable_nested+0x1a/0x20 [ 60.067936][ T8414] lo_open+0x1c/0x100 [ 60.072656][ T8414] __blkdev_get+0x293/0xa50 [ 60.077916][ T8414] blkdev_get_by_dev+0xf9/0x640 [ 60.083615][ T8414] blkdev_open+0x132/0x2c0 [ 60.088776][ T8414] do_dentry_open+0x7cb/0x1010 [ 60.094066][ T8414] path_openat+0x28e6/0x39b0 [ 60.099315][ T8414] do_filp_open+0x221/0x460 [ 60.104405][ T8414] do_sys_openat2+0x124/0x460 [ 60.109858][ T8414] __x64_sys_open+0x221/0x270 [ 60.115038][ T8414] do_syscall_64+0x3f/0xb0 [ 60.120465][ T8414] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 60.126885][ T8414] [ 60.126885][ T8414] -> #0 (&bdev->bd_mutex){+.+.}-{3:3}: [ 60.135564][ T8414] check_prevs_add+0x4f9/0x5b60 [ 60.141024][ T8414] __lock_acquire+0x4307/0x6040 [ 60.146478][ T8414] lock_acquire+0x17f/0x720 [ 60.151595][ T8414] __mutex_lock_common+0x1bf/0x3100 [ 60.157567][ T8414] mutex_lock_nested+0x1a/0x20 [ 60.162962][ T8414] del_gendisk+0x2ab/0x860 [ 60.167886][ T8414] loop_control_ioctl+0x647/0x770 [ 60.173425][ T8414] __se_sys_ioctl+0xfb/0x170 [ 60.178712][ T8414] do_syscall_64+0x3f/0xb0 [ 60.183996][ T8414] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 60.190509][ T8414] [ 60.190509][ T8414] other info that might help us debug this: [ 60.190509][ T8414] [ 60.200832][ T8414] Possible unsafe locking scenario: [ 60.200832][ T8414] [ 60.208366][ T8414] CPU0 CPU1 [ 60.213765][ T8414] ---- ---- [ 60.219544][ T8414] lock(loop_ctl_mutex); [ 60.223860][ T8414] lock(&bdev->bd_mutex); [ 60.230959][ T8414] lock(loop_ctl_mutex); [ 60.237875][ T8414] lock(&bdev->bd_mutex); [ 60.242281][ T8414] [ 60.242281][ T8414] *** DEADLOCK *** [ 60.242281][ T8414] [ 60.250615][ T8414] 1 lock held by syz-executor944/8414: [ 60.256063][ T8414] #0: ffffffff8d6714a8 (loop_ctl_mutex){+.+.}-{3:3}, at: loop_control_ioctl+0x9b/0x770 [ 60.265806][ T8414] [ 60.265806][ T8414] stack backtrace: [ 60.271916][ T8414] CPU: 0 PID: 8414 Comm: syz-executor944 Not tainted 5.13.0-rc4-syzkaller #0 [ 60.281224][ T8414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 60.291444][ T8414] Call Trace: [ 60.294853][ T8414] dump_stack+0x202/0x31e [ 60.299269][ T8414] ? show_regs_print_info+0x12/0x12 [ 60.304455][ T8414] ? log_buf_vmcoreinfo_setup+0x498/0x498 [ 60.310164][ T8414] ? save_trace+0x5a/0x9f0 [ 60.314605][ T8414] print_circular_bug+0xb17/0xdc0 [ 60.319735][ T8414] ? hlock_conflict+0x1f0/0x1f0 [ 60.324664][ T8414] ? __bfs+0x369/0x700 [ 60.328834][ T8414] ? check_path+0x40/0x40 [ 60.333160][ T8414] ? noop_count+0x30/0x30 [ 60.337489][ T8414] ? stack_trace_save+0x1e0/0x1e0 [ 60.342599][ T8414] ? save_trace+0x5a/0x9f0 [ 60.347015][ T8414] check_noncircular+0x2cc/0x390 [ 60.352184][ T8414] ? add_chain_block+0x850/0x850 [ 60.357680][ T8414] ? stack_trace_save+0x104/0x1e0 [ 60.363171][ T8414] check_prevs_add+0x4f9/0x5b60 [ 60.368029][ T8414] ? add_lock_to_list+0x1c7/0x2d0 [ 60.373279][ T8414] ? reacquire_held_locks+0x5f0/0x5f0 [ 60.378643][ T8414] ? lock_release+0x81/0x7b0 [ 60.383231][ T8414] ? __lock_acquire+0x13b0/0x6040 [ 60.388338][ T8414] ? __rcu_read_lock+0x60/0x60 [ 60.393102][ T8414] ? trace_lock_acquire+0x180/0x180 [ 60.398311][ T8414] ? __bfs+0x700/0x700 [ 60.402389][ T8414] ? arch_stack_walk+0x98/0xe0 [ 60.407149][ T8414] ? __bfs+0x700/0x700 [ 60.411225][ T8414] ? stack_trace_save+0x104/0x1e0 [ 60.416293][ T8414] ? stack_trace_snprint+0xe0/0xe0 [ 60.421502][ T8414] ? mark_lock+0x199/0x1eb0 [ 60.426173][ T8414] ? __bfs+0x700/0x700 [ 60.430301][ T8414] ? rcu_lock_release+0x5/0x20 [ 60.435074][ T8414] ? stack_trace_save+0x1e0/0x1e0 [ 60.440291][ T8414] ? rcu_read_lock_sched_held+0x87/0x110 [ 60.445922][ T8414] ? __bpf_trace_rcu_stall_warning+0x10/0x10 [ 60.451919][ T8414] ? lockdep_lock+0x102/0x2c0 [ 60.456681][ T8414] ? lockdep_count_forward_deps+0x240/0x240 [ 60.462803][ T8414] __lock_acquire+0x4307/0x6040 [ 60.467704][ T8414] ? is_bpf_text_address+0x253/0x270 [ 60.473017][ T8414] ? arch_stack_walk+0x98/0xe0 [ 60.477780][ T8414] ? trace_lock_acquire+0x180/0x180 [ 60.482970][ T8414] ? stack_trace_save+0x104/0x1e0 [ 60.487990][ T8414] ? __bfs+0x700/0x700 [ 60.492278][ T8414] ? kmem_cache_free+0x85/0x170 [ 60.497455][ T8414] ? kasan_set_track+0x54/0x70 [ 60.502441][ T8414] ? kasan_set_track+0x3d/0x70 [ 60.507255][ T8414] ? kasan_set_free_info+0x1f/0x40 [ 60.512479][ T8414] ? ____kasan_slab_free+0x109/0x150 [ 60.517846][ T8414] ? slab_free_freelist_hook+0x1d8/0x290 [ 60.523468][ T8414] ? kmem_cache_free+0x85/0x170 [ 60.528316][ T8414] ? kernfs_put+0x340/0x490 [ 60.532801][ T8414] ? __kernfs_remove+0xd40/0x1020 [ 60.537822][ T8414] ? kernfs_remove_by_name_ns+0x4d/0x90 [ 60.543465][ T8414] ? sysfs_remove_files+0x99/0xf0 [ 60.548481][ T8414] ? del_gendisk+0x289/0x860 [ 60.553071][ T8414] ? loop_control_ioctl+0x647/0x770 [ 60.558461][ T8414] ? rcu_read_lock_sched_held+0x87/0x110 [ 60.564198][ T8414] ? __bpf_trace_rcu_stall_warning+0x10/0x10 [ 60.570365][ T8414] ? _raw_spin_unlock_irqrestore+0x8b/0x120 [ 60.576372][ T8414] ? lockdep_hardirqs_on+0x8d/0x130 [ 60.581581][ T8414] lock_acquire+0x17f/0x720 [ 60.586181][ T8414] ? del_gendisk+0x2ab/0x860 [ 60.590774][ T8414] ? read_lock_is_recursive+0x10/0x10 [ 60.596138][ T8414] ? rcu_read_lock_sched_held+0x87/0x110 [ 60.601777][ T8414] ? __might_sleep+0x100/0x100 [ 60.606547][ T8414] __mutex_lock_common+0x1bf/0x3100 [ 60.611772][ T8414] ? del_gendisk+0x2ab/0x860 [ 60.616358][ T8414] ? __kernfs_remove+0xf32/0x1020 [ 60.621779][ T8414] ? del_gendisk+0x2ab/0x860 [ 60.626733][ T8414] ? __mutex_unlock_slowpath+0x17b/0x5a0 [ 60.632554][ T8414] ? mutex_lock_io_nested+0x60/0x60 [ 60.637752][ T8414] ? mutex_unlock+0x10/0x10 [ 60.642254][ T8414] ? kernfs_find_ns+0x456/0x4d0 [ 60.647263][ T8414] ? kernfs_remove_by_name_ns+0x86/0x90 [ 60.652903][ T8414] mutex_lock_nested+0x1a/0x20 [ 60.657924][ T8414] del_gendisk+0x2ab/0x860 [ 60.662342][ T8414] loop_control_ioctl+0x647/0x770 [ 60.667630][ T8414] ? xor_init+0x60/0x60 [ 60.671773][ T8414] ? print_irqtrace_events+0x220/0x220 [ 60.677388][ T8414] ? vtime_user_exit+0x2b2/0x3e0 [ 60.682325][ T8414] ? bpf_lsm_file_ioctl+0x5/0x10 [ 60.687279][ T8414] ? security_file_ioctl+0x9d/0xb0 [ 60.692393][ T8414] ? xor_init+0x60/0x60 [ 60.696534][ T8414] __se_sys_ioctl+0xfb/0x170 [ 60.701210][ T8414] do_syscall_64+0x3f/0xb0 [ 60.705704][ T8414] entry_SYSCALL_64_after_hwframe+0x44/0xae executing program [ 60.711594][ T8414] RIP: 0033:0x43ee49 [ 60.715486][ T8414] Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 60.735094][ T8414] RSP: 002b:00007ffc99f1b188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 60.743772][ T8414] RAX: ffffffffffffffda RBX: 0000000000400488 RCX: 000000000043ee49 [ 60.751858][ T8414] RDX: 0000000000000000 RSI: 0000000000004c81 RDI: 0000000000000003 [ 60.759837][ T8414] RBP: 0000000000402e30 R08: 0000000000000000 R09: 0000000000400488 [ 60.767797][ T8414] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000402ec0 [ 60.775756][ T8414] R13: 0000000000000000 R14: 00000000004ac018 R15: 0000000000400488