Warning: Permanently added '10.128.0.116' (ED25519) to the list of known hosts. [ 40.523926][ T6536] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 40.525505][ T6536] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 40.526898][ T6536] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 40.528426][ T6536] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 40.529825][ T6536] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 executing program [ 40.734010][ T6124] block nbd0: Receive control failed (result -107) [ 40.734145][ T6536] block nbd0: Receive control failed (result -107) [ 40.771488][ T6533] nbd0: detected capacity change from 0 to 32 [ 40.772766][ T6535] [ 40.773149][ T6535] ====================================================== [ 40.774309][ T6535] WARNING: possible circular locking dependency detected [ 40.775368][ T6535] syzkaller #0 Not tainted [ 40.776101][ T6535] ------------------------------------------------------ [ 40.777218][ T6535] udevd/6535 is trying to acquire lock: [ 40.777984][ T6535] ffff0000dae8ce70 (&nsock->tx_lock){+.+.}-{4:4}, at: nbd_queue_rq+0x20c/0xc48 [ 40.779402][ T6535] [ 40.779402][ T6535] but task is already holding lock: [ 40.780614][ T6535] ffff0000df30e178 (&cmd->lock){+.+.}-{4:4}, at: nbd_queue_rq+0xb4/0xc48 [ 40.782053][ T6535] [ 40.782053][ T6535] which lock already depends on the new lock. [ 40.782053][ T6535] [ 40.783657][ T6535] [ 40.783657][ T6535] the existing dependency chain (in reverse order) is: [ 40.785062][ T6535] [ 40.785062][ T6535] -> #6 (&cmd->lock){+.+.}-{4:4}: [ 40.786131][ T6535] __mutex_lock_common+0x1d0/0x2678 [ 40.786962][ T6535] mutex_lock_nested+0x2c/0x38 [ 40.787773][ T6535] nbd_queue_rq+0xb4/0xc48 [ 40.788554][ T6535] blk_mq_dispatch_rq_list+0x890/0x1548 [ 40.789519][ T6535] __blk_mq_sched_dispatch_requests+0xa7c/0x10e4 [ 40.790599][ T6535] blk_mq_sched_dispatch_requests+0xa4/0x154 [ 40.791612][ T6535] blk_mq_run_hw_queue+0x2d0/0x4a4 [ 40.792525][ T6535] blk_mq_dispatch_list+0xa00/0xaf8 [ 40.793438][ T6535] blk_mq_flush_plug_list+0x3a4/0x488 [ 40.794344][ T6535] __blk_flush_plug+0x330/0x408 [ 40.795105][ T6535] __submit_bio+0x3f4/0x4d8 [ 40.795915][ T6535] submit_bio_noacct_nocheck+0x390/0xaac [ 40.796966][ T6535] submit_bio_noacct+0xc94/0x177c [ 40.797858][ T6535] submit_bio+0x3b4/0x550 [ 40.798671][ T6535] submit_bh_wbc+0x3ec/0x4bc [ 40.799526][ T6535] block_read_full_folio+0x734/0x824 [ 40.800471][ T6535] blkdev_read_folio+0x28/0x38 [ 40.801362][ T6535] filemap_read_folio+0xec/0x2f8 [ 40.802156][ T6535] do_read_cache_folio+0x364/0x5bc [ 40.803017][ T6535] read_cache_folio+0x68/0x88 [ 40.803871][ T6535] read_part_sector+0xcc/0x6fc [ 40.804732][ T6535] adfspart_check_ICS+0xa0/0x83c [ 40.805586][ T6535] bdev_disk_changed+0x674/0x11fc [ 40.806463][ T6535] blkdev_get_whole+0x2b0/0x4a4 [ 40.807337][ T6535] bdev_open+0x3b0/0xc20 [ 40.808108][ T6535] blkdev_open+0x364/0x4e8 [ 40.808862][ T6535] do_dentry_open+0x7a4/0x10bc [ 40.809670][ T6535] vfs_open+0x44/0x2d4 [ 40.810328][ T6535] path_openat+0x2424/0x2c40 [ 40.811100][ T6535] do_filp_open+0x18c/0x36c [ 40.811865][ T6535] do_sys_openat2+0x11c/0x1b4 [ 40.812622][ T6535] __arm64_sys_openat+0x120/0x158 [ 40.813397][ T6535] invoke_syscall+0x98/0x2b8 [ 40.814143][ T6535] el0_svc_common+0x130/0x23c [ 40.814867][ T6535] do_el0_svc+0x48/0x58 [ 40.815528][ T6535] el0_svc+0x5c/0x254 [ 40.816135][ T6535] el0t_64_sync_handler+0x84/0x12c [ 40.816931][ T6535] el0t_64_sync+0x198/0x19c [ 40.817697][ T6535] [ 40.817697][ T6535] -> #5 (set->srcu){.+.+}-{0:0}: [ 40.818731][ T6535] srcu_lock_sync+0x2c/0x38 [ 40.819485][ T6535] __synchronize_srcu+0xa0/0x348 [ 40.820336][ T6535] synchronize_srcu+0x2cc/0x338 [ 40.821096][ T6535] blk_mq_quiesce_queue+0x118/0x16c [ 40.821998][ T6535] elevator_switch+0x12c/0x410 [ 40.822783][ T6535] elevator_change+0x264/0x3cc [ 40.823593][ T6535] elevator_set_default+0x138/0x21c [ 40.824422][ T6535] blk_register_queue+0x2b4/0x338 [ 40.825319][ T6535] __add_disk+0x560/0xb90 [ 40.826011][ T6535] add_disk_fwnode+0xdc/0x438 [ 40.826753][ T6535] device_add_disk+0x38/0x4c [ 40.827495][ T6535] nbd_dev_add+0x560/0x820 [ 40.828181][ T6535] nbd_init+0x15c/0x174 [ 40.828888][ T6535] do_one_initcall+0x250/0x990 [ 40.829644][ T6535] do_initcall_level+0x128/0x1c4 [ 40.830525][ T6535] do_initcalls+0x70/0xd0 [ 40.831218][ T6535] do_basic_setup+0x78/0x8c [ 40.831955][ T6535] kernel_init_freeable+0x268/0x39c [ 40.832844][ T6535] kernel_init+0x24/0x1dc [ 40.833545][ T6535] ret_from_fork+0x10/0x20 [ 40.834268][ T6535] [ 40.834268][ T6535] -> #4 (&q->elevator_lock){+.+.}-{4:4}: [ 40.835435][ T6535] __mutex_lock_common+0x1d0/0x2678 [ 40.836300][ T6535] mutex_lock_nested+0x2c/0x38 [ 40.837096][ T6535] elevator_change+0x16c/0x3cc [ 40.837873][ T6535] elevator_set_none+0x48/0xac [ 40.838647][ T6535] blk_mq_update_nr_hw_queues+0x4c8/0x15f4 [ 40.839547][ T6535] nbd_start_device+0x158/0xa48 [ 40.840323][ T6535] nbd_genl_connect+0xf88/0x158c [ 40.841092][ T6535] genl_family_rcv_msg_doit+0x1d8/0x2bc [ 40.841932][ T6535] genl_rcv_msg+0x450/0x624 [ 40.842648][ T6535] netlink_rcv_skb+0x220/0x3fc [ 40.843466][ T6535] genl_rcv+0x38/0x50 [ 40.844112][ T6535] netlink_unicast+0x694/0x8c4 [ 40.844901][ T6535] netlink_sendmsg+0x648/0x930 [ 40.845726][ T6535] ____sys_sendmsg+0x490/0x7b8 [ 40.846473][ T6535] ___sys_sendmsg+0x204/0x278 [ 40.847273][ T6535] __arm64_sys_sendmsg+0x184/0x238 [ 40.848109][ T6535] invoke_syscall+0x98/0x2b8 [ 40.848841][ T6535] el0_svc_common+0x130/0x23c [ 40.849599][ T6535] do_el0_svc+0x48/0x58 [ 40.850260][ T6535] el0_svc+0x5c/0x254 [ 40.850983][ T6535] el0t_64_sync_handler+0x84/0x12c [ 40.851868][ T6535] el0t_64_sync+0x198/0x19c [ 40.852745][ T6535] [ 40.852745][ T6535] -> #3 (&q->q_usage_counter(io)#33){++++}-{0:0}: [ 40.854022][ T6535] blk_alloc_queue+0x48c/0x54c [ 40.854757][ T6535] __blk_mq_alloc_disk+0x124/0x304 [ 40.855564][ T6535] nbd_dev_add+0x398/0x820 [ 40.856257][ T6535] nbd_init+0x15c/0x174 [ 40.857014][ T6535] do_one_initcall+0x250/0x990 [ 40.857782][ T6535] do_initcall_level+0x128/0x1c4 [ 40.858638][ T6535] do_initcalls+0x70/0xd0 [ 40.859318][ T6535] do_basic_setup+0x78/0x8c [ 40.860023][ T6535] kernel_init_freeable+0x268/0x39c [ 40.860864][ T6535] kernel_init+0x24/0x1dc [ 40.861644][ T6535] ret_from_fork+0x10/0x20 [ 40.862494][ T6535] [ 40.862494][ T6535] -> #2 (fs_reclaim){+.+.}-{0:0}: [ 40.863572][ T6535] fs_reclaim_acquire+0x8c/0x118 [ 40.864418][ T6535] __kmalloc_cache_noprof+0x58/0x3fc [ 40.865352][ T6535] virtio_transport_do_socket_init+0x60/0x2b8 [ 40.866394][ T6535] vsock_assign_transport+0x514/0x65c [ 40.867340][ T6535] vsock_connect+0x4a8/0xb94 [ 40.868185][ T6535] __sys_connect+0x2a0/0x3ac [ 40.868986][ T6535] __arm64_sys_connect+0x7c/0x94 [ 40.869846][ T6535] invoke_syscall+0x98/0x2b8 [ 40.870636][ T6535] el0_svc_common+0x130/0x23c [ 40.871473][ T6535] do_el0_svc+0x48/0x58 [ 40.872220][ T6535] el0_svc+0x5c/0x254 [ 40.872953][ T6535] el0t_64_sync_handler+0x84/0x12c [ 40.873852][ T6535] el0t_64_sync+0x198/0x19c [ 40.874651][ T6535] [ 40.874651][ T6535] -> #1 (sk_lock-AF_VSOCK){+.+.}-{0:0}: [ 40.875925][ T6535] lock_sock_nested+0x58/0x118 [ 40.876796][ T6535] vsock_shutdown+0x70/0x280 [ 40.877640][ T6535] kernel_sock_shutdown+0x6c/0x80 [ 40.878447][ T6535] nbd_mark_nsock_dead+0x2a4/0x534 [ 40.879345][ T6535] recv_work+0x1cf8/0x2044 [ 40.880121][ T6535] process_one_work+0x7e8/0x155c [ 40.881029][ T6535] worker_thread+0x958/0xed8 [ 40.881885][ T6535] kthread+0x5fc/0x75c [ 40.882596][ T6535] ret_from_fork+0x10/0x20 [ 40.883360][ T6535] [ 40.883360][ T6535] -> #0 (&nsock->tx_lock){+.+.}-{4:4}: [ 40.884534][ T6535] __lock_acquire+0x1774/0x30a4 [ 40.885340][ T6535] lock_acquire+0x14c/0x2e0 [ 40.886137][ T6535] __mutex_lock_common+0x1d0/0x2678 [ 40.887013][ T6535] mutex_lock_nested+0x2c/0x38 [ 40.887816][ T6535] nbd_queue_rq+0x20c/0xc48 [ 40.888612][ T6535] blk_mq_dispatch_rq_list+0x890/0x1548 [ 40.889490][ T6535] __blk_mq_sched_dispatch_requests+0xa7c/0x10e4 [ 40.890540][ T6535] blk_mq_sched_dispatch_requests+0xa4/0x154 [ 40.891573][ T6535] blk_mq_run_hw_queue+0x2d0/0x4a4 [ 40.892444][ T6535] blk_mq_dispatch_list+0xa00/0xaf8 [ 40.893260][ T6535] blk_mq_flush_plug_list+0x3a4/0x488 [ 40.894062][ T6535] __blk_flush_plug+0x330/0x408 [ 40.894843][ T6535] __submit_bio+0x3f4/0x4d8 [ 40.895566][ T6535] submit_bio_noacct_nocheck+0x390/0xaac [ 40.896452][ T6535] submit_bio_noacct+0xc94/0x177c [ 40.897237][ T6535] submit_bio+0x3b4/0x550 [ 40.897957][ T6535] submit_bh_wbc+0x3ec/0x4bc [ 40.898720][ T6535] block_read_full_folio+0x734/0x824 [ 40.899515][ T6535] blkdev_read_folio+0x28/0x38 [ 40.900360][ T6535] filemap_read_folio+0xec/0x2f8 [ 40.901165][ T6535] do_read_cache_folio+0x364/0x5bc [ 40.901980][ T6535] read_cache_folio+0x68/0x88 [ 40.902715][ T6535] read_part_sector+0xcc/0x6fc [ 40.903424][ T6535] adfspart_check_ICS+0xa0/0x83c [ 40.904339][ T6535] bdev_disk_changed+0x674/0x11fc [ 40.905232][ T6535] blkdev_get_whole+0x2b0/0x4a4 [ 40.906142][ T6535] bdev_open+0x3b0/0xc20 [ 40.906855][ T6535] blkdev_open+0x364/0x4e8 [ 40.907576][ T6535] do_dentry_open+0x7a4/0x10bc [ 40.908340][ T6535] vfs_open+0x44/0x2d4 [ 40.909056][ T6535] path_openat+0x2424/0x2c40 [ 40.909782][ T6535] do_filp_open+0x18c/0x36c [ 40.910471][ T6535] do_sys_openat2+0x11c/0x1b4 [ 40.911288][ T6535] __arm64_sys_openat+0x120/0x158 [ 40.912127][ T6535] invoke_syscall+0x98/0x2b8 [ 40.912887][ T6535] el0_svc_common+0x130/0x23c [ 40.913653][ T6535] do_el0_svc+0x48/0x58 [ 40.914376][ T6535] el0_svc+0x5c/0x254 [ 40.915128][ T6535] el0t_64_sync_handler+0x84/0x12c [ 40.916102][ T6535] el0t_64_sync+0x198/0x19c [ 40.916910][ T6535] [ 40.916910][ T6535] other info that might help us debug this: [ 40.916910][ T6535] [ 40.918574][ T6535] Chain exists of: [ 40.918574][ T6535] &nsock->tx_lock --> set->srcu --> &cmd->lock [ 40.918574][ T6535] [ 40.920576][ T6535] Possible unsafe locking scenario: [ 40.920576][ T6535] [ 40.921769][ T6535] CPU0 CPU1 [ 40.922619][ T6535] ---- ---- [ 40.923438][ T6535] lock(&cmd->lock); [ 40.924038][ T6535] lock(set->srcu); [ 40.924998][ T6535] lock(&cmd->lock); [ 40.925989][ T6535] lock(&nsock->tx_lock); [ 40.926625][ T6535] [ 40.926625][ T6535] *** DEADLOCK *** [ 40.926625][ T6535] [ 40.927808][ T6535] 3 locks held by udevd/6535: [ 40.928508][ T6535] #0: ffff0000ca5b8358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xcc/0xc20 [ 40.929948][ T6535] #1: ffff0000ca5d6010 (set->srcu){.+.+}-{0:0}, at: srcu_lock_acquire+0x18/0x54 [ 40.931322][ T6535] #2: ffff0000df30e178 (&cmd->lock){+.+.}-{4:4}, at: nbd_queue_rq+0xb4/0xc48 [ 40.932719][ T6535] [ 40.932719][ T6535] stack backtrace: [ 40.933593][ T6535] CPU: 0 UID: 0 PID: 6535 Comm: udevd Not tainted syzkaller #0 PREEMPT [ 40.934842][ T6535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 40.936325][ T6535] Call trace: [ 40.936781][ T6535] show_stack+0x2c/0x3c (C) [ 40.937414][ T6535] __dump_stack+0x30/0x40 [ 40.938077][ T6535] dump_stack_lvl+0xd8/0x12c [ 40.938796][ T6535] dump_stack+0x1c/0x28 [ 40.939473][ T6535] print_circular_bug+0x324/0x32c [ 40.940314][ T6535] check_noncircular+0x154/0x174 [ 40.941095][ T6535] __lock_acquire+0x1774/0x30a4 [ 40.941894][ T6535] lock_acquire+0x14c/0x2e0 [ 40.942580][ T6535] __mutex_lock_common+0x1d0/0x2678 [ 40.943400][ T6535] mutex_lock_nested+0x2c/0x38 [ 40.944170][ T6535] nbd_queue_rq+0x20c/0xc48 [ 40.944961][ T6535] blk_mq_dispatch_rq_list+0x890/0x1548 [ 40.945899][ T6535] __blk_mq_sched_dispatch_requests+0xa7c/0x10e4 [ 40.946937][ T6535] blk_mq_sched_dispatch_requests+0xa4/0x154 [ 40.947917][ T6535] blk_mq_run_hw_queue+0x2d0/0x4a4 [ 40.948752][ T6535] blk_mq_dispatch_list+0xa00/0xaf8 [ 40.949517][ T6535] blk_mq_flush_plug_list+0x3a4/0x488 [ 40.950402][ T6535] __blk_flush_plug+0x330/0x408 [ 40.951228][ T6535] __submit_bio+0x3f4/0x4d8 [ 40.951994][ T6535] submit_bio_noacct_nocheck+0x390/0xaac [ 40.952874][ T6535] submit_bio_noacct+0xc94/0x177c [ 40.953641][ T6535] submit_bio+0x3b4/0x550 [ 40.954371][ T6535] submit_bh_wbc+0x3ec/0x4bc [ 40.955150][ T6535] block_read_full_folio+0x734/0x824 [ 40.956037][ T6535] blkdev_read_folio+0x28/0x38 [ 40.956870][ T6535] filemap_read_folio+0xec/0x2f8 [ 40.957717][ T6535] do_read_cache_folio+0x364/0x5bc [ 40.958587][ T6535] read_cache_folio+0x68/0x88 [ 40.959358][ T6535] read_part_sector+0xcc/0x6fc [ 40.960129][ T6535] adfspart_check_ICS+0xa0/0x83c [ 40.960918][ T6535] bdev_disk_changed+0x674/0x11fc [ 40.961680][ T6535] blkdev_get_whole+0x2b0/0x4a4 [ 40.962471][ T6535] bdev_open+0x3b0/0xc20 [ 40.963110][ T6535] blkdev_open+0x364/0x4e8 [ 40.963776][ T6535] do_dentry_open+0x7a4/0x10bc [ 40.964506][ T6535] vfs_open+0x44/0x2d4 [ 40.965125][ T6535] path_openat+0x2424/0x2c40 [ 40.965870][ T6535] do_filp_open+0x18c/0x36c [ 40.966616][ T6535] do_sys_openat2+0x11c/0x1b4 [ 40.967364][ T6535] __arm64_sys_openat+0x120/0x158 [ 40.968179][ T6535] invoke_syscall+0x98/0x2b8 [ 40.968943][ T6535] el0_svc_common+0x130/0x23c [ 40.969727][ T6535] do_el0_svc+0x48/0x58 [ 40.970407][ T6535] el0_svc+0x5c/0x254 [ 40.971056][ T6535] el0t_64_sync_handler+0x84/0x12c [ 40.971812][ T6535] el0t_64_sync+0x198/0x19c [ 40.973429][ T6535] block nbd0: Dead connection, failed to find a fallback [ 40.973456][ T6535] block nbd0: shutting down sockets [ 40.973470][ T6535] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 40.973491][ T6535] Buffer I/O error on dev nbd0, logical block 0, async page read [ 40.973564][ T6535] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 40.973576][ T6535] Buffer I/O error on dev nbd0, logical block 0, async page read [ 40.973611][ T6535] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 40.973618][ T6535] Buffer I/O error on dev nbd0, logical block 0, async page read [ 40.973647][ T6535] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 40.973654][ T6535] Buffer I/O error on dev nbd0, logical block 0, async page read [ 40.973686][ T6535] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 40.973693][ T6535] Buffer I/O error on dev nbd0, logical block 0, async page read [ 40.973723][ T6535] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 40.973730][ T6535] Buffer I/O error on dev nbd0, logical block 0, async page read [ 40.973760][ T6535] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 40.973766][ T6535] Buffer I/O error on dev nbd0, logical block 0, async page read [ 40.973792][ T6535] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 40.973798][ T6535] Buffer I/O error on dev nbd0, logical block 0, async page read [ 40.973814][ T6535] ldm_validate_partition_table(): Disk read failed. [ 40.973828][ T6535] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 40.973835][ T6535] Buffer I/O error on dev nbd0, logical block 0, async page read [ 40.973859][ T6535] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 40.973866][ T6535] Buffer I/O error on dev nbd0, logical block 0, async page read [ 40.973925][ T6535] Dev nbd0: unable to read RDB block 0 [ 40.974047][ T6535] nbd0: unable to read partition table [ 41.005268][ T6535] ldm_validate_partition_table(): Disk read failed. [ 41.005368][ T6535] Dev nbd0: unable to read RDB block 0 [ 41.005462][ T6535] nbd0: unable to read partition table