[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.
         Starting Load/Save RF Kill Switch Status...
[[0;32m  OK  [0m] Started Load/Save RF Kill Switch Status.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.0.221' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   71.620879][ T8474] 
[   71.623213][ T8474] ======================================================
[   71.630307][ T8474] WARNING: possible circular locking dependency detected
[   71.637380][ T8474] 5.13.0-syzkaller #0 Not tainted
[   71.642372][ T8474] ------------------------------------------------------
[   71.649360][ T8474] syz-executor683/8474 is trying to acquire lock:
[   71.655747][ T8474] ffff88801eaded18 (&disk->open_mutex){+.+.}-{3:3}, at: del_gendisk+0x8b/0x770
[   71.664696][ T8474] 
[   71.664696][ T8474] but task is already holding lock:
[   71.672037][ T8474] ffffffff8cc7cb68 (nbd_index_mutex){+.+.}-{3:3}, at: refcount_dec_and_mutex_lock+0x50/0x140
[   71.682187][ T8474] 
[   71.682187][ T8474] which lock already depends on the new lock.
[   71.682187][ T8474] 
[   71.692564][ T8474] 
[   71.692564][ T8474] the existing dependency chain (in reverse order) is:
[   71.701548][ T8474] 
[   71.701548][ T8474] -> #1 (nbd_index_mutex){+.+.}-{3:3}:
[   71.709159][ T8474]        __mutex_lock+0x12a/0x10a0
[   71.714257][ T8474]        nbd_open+0x7d/0x8a0
[   71.718833][ T8474]        blkdev_get_whole+0xa1/0x420
[   71.724107][ T8474]        blkdev_get_by_dev.part.0+0x30c/0xdd0
[   71.730154][ T8474]        blkdev_open+0x295/0x300
[   71.735070][ T8474]        do_dentry_open+0x4c8/0x11c0
[   71.740338][ T8474]        path_openat+0x1c0e/0x27e0
[   71.745450][ T8474]        do_filp_open+0x190/0x3d0
[   71.750448][ T8474]        do_sys_openat2+0x16d/0x420
[   71.755619][ T8474]        __x64_sys_open+0x119/0x1c0
[   71.760790][ T8474]        do_syscall_64+0x35/0xb0
[   71.765698][ T8474]        entry_SYSCALL_64_after_hwframe+0x44/0xae
[   71.772087][ T8474] 
[   71.772087][ T8474] -> #0 (&disk->open_mutex){+.+.}-{3:3}:
[   71.779879][ T8474]        __lock_acquire+0x2a07/0x54a0
[   71.785251][ T8474]        lock_acquire+0x1ab/0x510
[   71.790261][ T8474]        __mutex_lock+0x12a/0x10a0
[   71.795347][ T8474]        del_gendisk+0x8b/0x770
[   71.800332][ T8474]        nbd_put.part.0+0x82/0x160
[   71.805422][ T8474]        nbd_genl_connect+0x1214/0x1660
[   71.810940][ T8474]        genl_family_rcv_msg_doit+0x228/0x320
[   71.816980][ T8474]        genl_rcv_msg+0x328/0x580
[   71.821992][ T8474]        netlink_rcv_skb+0x153/0x420
[   71.827248][ T8474]        genl_rcv+0x24/0x40
[   71.833203][ T8474]        netlink_unicast+0x533/0x7d0
[   71.838463][ T8474]        netlink_sendmsg+0x85b/0xda0
[   71.843738][ T8474]        sock_sendmsg+0xcf/0x120
[   71.848653][ T8474]        ____sys_sendmsg+0x6e8/0x810
[   71.853914][ T8474]        ___sys_sendmsg+0xf3/0x170
[   71.859000][ T8474]        __sys_sendmsg+0xe5/0x1b0
[   71.864000][ T8474]        do_syscall_64+0x35/0xb0
[   71.868915][ T8474]        entry_SYSCALL_64_after_hwframe+0x44/0xae
[   71.875327][ T8474] 
[   71.875327][ T8474] other info that might help us debug this:
[   71.875327][ T8474] 
[   71.885531][ T8474]  Possible unsafe locking scenario:
[   71.885531][ T8474] 
[   71.892950][ T8474]        CPU0                    CPU1
[   71.898285][ T8474]        ----                    ----
[   71.903623][ T8474]   lock(nbd_index_mutex);
[   71.908011][ T8474]                                lock(&disk->open_mutex);
[   71.915102][ T8474]                                lock(nbd_index_mutex);
[   71.922009][ T8474]   lock(&disk->open_mutex);
[   71.926569][ T8474] 
[   71.926569][ T8474]  *** DEADLOCK ***
[   71.926569][ T8474] 
[   71.934685][ T8474] 3 locks held by syz-executor683/8474:
[   71.940199][ T8474]  #0: ffffffff8d94a490 (cb_lock){++++}-{3:3}, at: genl_rcv+0x15/0x40
[   71.948348][ T8474]  #1: ffffffff8d94a548 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x3e0/0x580
[   71.957277][ T8474]  #2: ffffffff8cc7cb68 (nbd_index_mutex){+.+.}-{3:3}, at: refcount_dec_and_mutex_lock+0x50/0x140
[   71.967856][ T8474] 
[   71.967856][ T8474] stack backtrace:
[   71.973714][ T8474] CPU: 0 PID: 8474 Comm: syz-executor683 Not tainted 5.13.0-syzkaller #0
[   71.982112][ T8474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   71.992151][ T8474] Call Trace:
[   71.995419][ T8474]  dump_stack_lvl+0xcd/0x134
[   71.999990][ T8474]  check_noncircular+0x25f/0x2e0
[   72.004916][ T8474]  ? print_circular_bug+0x1e0/0x1e0
[   72.010105][ T8474]  ? kmem_cache_free+0x8e/0x5a0
[   72.014944][ T8474]  ? lockdep_lock+0xc6/0x200
[   72.019511][ T8474]  ? call_rcu_zapped+0xb0/0xb0
[   72.024254][ T8474]  __lock_acquire+0x2a07/0x54a0
[   72.029083][ T8474]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   72.035036][ T8474]  ? mark_held_locks+0x9f/0xe0
[   72.039778][ T8474]  lock_acquire+0x1ab/0x510
[   72.044267][ T8474]  ? del_gendisk+0x8b/0x770
[   72.048746][ T8474]  ? lock_release+0x720/0x720
[   72.053397][ T8474]  ? lockdep_hardirqs_on+0x79/0x100
[   72.058574][ T8474]  __mutex_lock+0x12a/0x10a0
[   72.063139][ T8474]  ? del_gendisk+0x8b/0x770
[   72.067620][ T8474]  ? lock_downgrade+0x6e0/0x6e0
[   72.072462][ T8474]  ? del_gendisk+0x8b/0x770
[   72.076941][ T8474]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[   72.083158][ T8474]  ? mutex_lock_io_nested+0xf00/0xf00
[   72.088505][ T8474]  ? kobj_kset_leave+0x12/0x200
[   72.093334][ T8474]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   72.099552][ T8474]  ? kobject_put+0xb9/0x540
[   72.104038][ T8474]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[   72.109732][ T8474]  ? kfree_const+0x35/0x60
[   72.114129][ T8474]  del_gendisk+0x8b/0x770
[   72.118434][ T8474]  ? nbd_config_put+0x5e8/0x8e0
[   72.123259][ T8474]  nbd_put.part.0+0x82/0x160
[   72.127825][ T8474]  nbd_genl_connect+0x1214/0x1660
[   72.132826][ T8474]  ? nbd_start_device+0xd50/0xd50
[   72.137830][ T8474]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   72.144046][ T8474]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290
[   72.151392][ T8474]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290
[   72.158652][ T8474]  genl_family_rcv_msg_doit+0x228/0x320
[   72.164175][ T8474]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290
[   72.171536][ T8474]  ? genl_op_from_small+0x23/0x3c0
[   72.176620][ T8474]  ? genl_get_cmd+0x3cf/0x480
[   72.181273][ T8474]  genl_rcv_msg+0x328/0x580
[   72.185751][ T8474]  ? genl_get_cmd+0x480/0x480
[   72.190398][ T8474]  ? nbd_start_device+0xd50/0xd50
[   72.195395][ T8474]  ? lock_release+0x720/0x720
[   72.200046][ T8474]  netlink_rcv_skb+0x153/0x420
[   72.204788][ T8474]  ? genl_get_cmd+0x480/0x480
[   72.209437][ T8474]  ? netlink_ack+0xa60/0xa60
[   72.213998][ T8474]  genl_rcv+0x24/0x40
[   72.217955][ T8474]  netlink_unicast+0x533/0x7d0
[   72.222695][ T8474]  ? netlink_attachskb+0x890/0x890
[   72.227781][ T8474]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   72.234018][ T8474]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   72.240233][ T8474]  ? __phys_addr_symbol+0x2c/0x70
[   72.245230][ T8474]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[   72.250921][ T8474]  ? __check_object_size+0x16e/0x3f0
[   72.256192][ T8474]  netlink_sendmsg+0x85b/0xda0
[   72.260948][ T8474]  ? netlink_unicast+0x7d0/0x7d0
[   72.265861][ T8474]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   72.272077][ T8474]  ? netlink_unicast+0x7d0/0x7d0
[   72.276994][ T8474]  sock_sendmsg+0xcf/0x120
[   72.281387][ T8474]  ____sys_sendmsg+0x6e8/0x810
[   72.286140][ T8474]  ? kernel_sendmsg+0x50/0x50
[   72.290792][ T8474]  ? do_recvmmsg+0x6d0/0x6d0
[   72.295354][ T8474]  ? lock_chain_count+0x20/0x20
[   72.300177][ T8474]  ? netlink_recvmsg+0x826/0xeb0
[   72.305098][ T8474]  ___sys_sendmsg+0xf3/0x170
[   72.309659][ T8474]  ? sendmsg_copy_msghdr+0x160/0x160
[   72.314917][ T8474]  ? __lock_acquire+0x162f/0x54a0
[   72.319918][ T8474]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   72.325873][ T8474]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   72.331829][ T8474]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   72.338043][ T8474]  ? __fget_light+0x215/0x280
[   72.342697][ T8474]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   72.348913][ T8474]  __sys_sendmsg+0xe5/0x1b0
[   72.353403][ T8474]  ? __sys_sendmsg_sock+0x30/0x30
[   72.358402][ T8474]  ? syscall_enter_from_user_mode+0x21/0x70
[   72.364275][ T8474]  do_syscall_64+0x35/0xb0
[   72.368664][ T8474]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   72.374534][ T8474] RIP: 0033:0x43fa89
[   72.378404][ T8474] Code: 28 c3 e8 5a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   72.397996][ T8474] RSP: 002b:00007ffd1c7429d8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   72.406384][ T8474] RAX: ffffffffffffffda RBX: 00000000004004a0 RCX: 000000000043fa89
[   72.414330][ T8474] RDX: 0000000000000000 RSI: 0000000020001880 RDI: 0000000000000004
[   72.422272][ T8474] RBP: 00000000004034f0 R08: 0000000000000004 R09: 00000000004004a0
[   72.430216][ T8474] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000403580
[   72.438171][ T8474] R13: 0000000000000000 R14: 00000000004ad018 R15: 00000000004004a0
[   72.458055][ T8474] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
[   72.469786][ T8474] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[   72.478197][ T8474] CPU: 1 PID: 8474 Comm: syz-executor683 Not tainted 5.13.0-syzkaller #0
[   72.486615][ T8474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   72.496668][ T8474] RIP: 0010:blk_mq_run_hw_queues+0x32b/0x4a0
[   72.502656][ T8474] Code: ea 48 c1 ea 03 80 3c 02 00 0f 85 51 01 00 00 48 8b 45 00 89 db 48 8d 1c 98 48 b8 00 00 00 00 00 fc ff df 48 89 da 48 c1 ea 03 <0f> b6 14 02 48 89 d8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 ed
[   72.522252][ T8474] RSP: 0018:ffffc9000176f3b0 EFLAGS: 00010247
[   72.528294][ T8474] RAX: dffffc0000000000 RBX: 0000000000000004 RCX: 0000000000000000
[   72.536240][ T8474] RDX: 0000000000000000 RSI: ffffffff83be8009 RDI: ffff8881466689d0
[   72.544185][ T8474] RBP: ffff888146660000 R08: 0000000000000000 R09: ffff888146668947
[   72.552132][ T8474] R10: ffffffff83be7e41 R11: 0000000000000000 R12: ffff888146668000
[   72.560083][ T8474] R13: ffff88801dd2d4b0 R14: ffff8880287d8608 R15: 0000000000000001
[   72.568034][ T8474] FS:  0000000001fe1300(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000
[   72.576950][ T8474] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   72.583526][ T8474] CR2: 00005592e6f25928 CR3: 0000000017d40000 CR4: 00000000001506e0
[   72.591480][ T8474] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   72.599431][ T8474] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   72.607385][ T8474] Call Trace:
[   72.610658][ T8474]  blk_freeze_queue_start+0xc4/0xe0
[   72.615854][ T8474]  blk_set_queue_dying+0x24/0x80
[   72.620780][ T8474]  blk_cleanup_queue+0x7b/0x1e0
[   72.625627][ T8474]  blk_cleanup_disk+0x33/0x80
[   72.630292][ T8474]  nbd_put.part.0+0x92/0x160
[   72.634869][ T8474]  nbd_genl_connect+0x1214/0x1660
[   72.639874][ T8474]  ? nbd_start_device+0xd50/0xd50
[   72.644883][ T8474]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   72.651113][ T8474]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290
[   72.658474][ T8474]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290
[   72.665745][ T8474]  genl_family_rcv_msg_doit+0x228/0x320
[   72.671275][ T8474]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290
[   72.678718][ T8474]  ? genl_op_from_small+0x23/0x3c0
[   72.683816][ T8474]  ? genl_get_cmd+0x3cf/0x480
[   72.688479][ T8474]  genl_rcv_msg+0x328/0x580
[   72.692964][ T8474]  ? genl_get_cmd+0x480/0x480
[   72.697622][ T8474]  ? nbd_start_device+0xd50/0xd50
[   72.702628][ T8474]  ? lock_release+0x720/0x720
[   72.707373][ T8474]  netlink_rcv_skb+0x153/0x420
[   72.712120][ T8474]  ? genl_get_cmd+0x480/0x480
[   72.716777][ T8474]  ? netlink_ack+0xa60/0xa60
[   72.721346][ T8474]  genl_rcv+0x24/0x40
[   72.725304][ T8474]  netlink_unicast+0x533/0x7d0
[   72.730068][ T8474]  ? netlink_attachskb+0x890/0x890
[   72.735161][ T8474]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   72.741381][ T8474]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   72.747686][ T8474]  ? __phys_addr_symbol+0x2c/0x70
[   72.752690][ T8474]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[   72.758401][ T8474]  ? __check_object_size+0x16e/0x3f0
[   72.763676][ T8474]  netlink_sendmsg+0x85b/0xda0
[   72.768447][ T8474]  ? netlink_unicast+0x7d0/0x7d0
[   72.773366][ T8474]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   72.779587][ T8474]  ? netlink_unicast+0x7d0/0x7d0
[   72.784505][ T8474]  sock_sendmsg+0xcf/0x120
[   72.788905][ T8474]  ____sys_sendmsg+0x6e8/0x810
[   72.793653][ T8474]  ? kernel_sendmsg+0x50/0x50
[   72.798319][ T8474]  ? do_recvmmsg+0x6d0/0x6d0
[   72.802896][ T8474]  ? lock_chain_count+0x20/0x20
[   72.807739][ T8474]  ? netlink_recvmsg+0x826/0xeb0
[   72.812675][ T8474]  ___sys_sendmsg+0xf3/0x170
[   72.817256][ T8474]  ? sendmsg_copy_msghdr+0x160/0x160
[   72.822523][ T8474]  ? __lock_acquire+0x162f/0x54a0
[   72.827532][ T8474]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   72.833512][ T8474]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   72.839478][ T8474]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   72.845708][ T8474]  ? __fget_light+0x215/0x280
[   72.850376][ T8474]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   72.856604][ T8474]  __sys_sendmsg+0xe5/0x1b0
[   72.861096][ T8474]  ? __sys_sendmsg_sock+0x30/0x30
[   72.866104][ T8474]  ? syscall_enter_from_user_mode+0x21/0x70
[   72.871978][ T8474]  do_syscall_64+0x35/0xb0
[   72.876371][ T8474]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   72.882252][ T8474] RIP: 0033:0x43fa89
[   72.886123][ T8474] Code: 28 c3 e8 5a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   72.905709][ T8474] RSP: 002b:00007ffd1c7429d8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   72.914100][ T8474] RAX: ffffffffffffffda RBX: 00000000004004a0 RCX: 000000000043fa89
[   72.922057][ T8474] RDX: 0000000000000000 RSI: 0000000020001880 RDI: 0000000000000004
[   72.930007][ T8474] RBP: 00000000004034f0 R08: 0000000000000004 R09: 00000000004004a0
[   72.937957][ T8474] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000403580
[   72.945909][ T8474] R13: 0000000000000000 R14: 00000000004ad018 R15: 00000000004004a0
[   72.953962][ T8474] Modules linked in:
[   72.960157][ T8474] ---[ end trace 0a7a6e1a9f6d9ac5 ]---
[   72.965623][ T8474] RIP: 0010:blk_mq_run_hw_queues+0x32b/0x4a0
[   72.971920][ T8474] Code: ea 48 c1 ea 03 80 3c 02 00 0f 85 51 01 00 00 48 8b 45 00 89 db 48 8d 1c 98 48 b8 00 00 00 00 00 fc ff df 48 89 da 48 c1 ea 03 <0f> b6 14 02 48 89 d8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 ed
[   72.991726][ T8474] RSP: 0018:ffffc9000176f3b0 EFLAGS: 00010247
[   72.997799][ T8474] RAX: dffffc0000000000 RBX: 0000000000000004 RCX: 0000000000000000
[   73.006167][ T8474] RDX: 0000000000000000 RSI: ffffffff83be8009 RDI: ffff8881466689d0
[   73.014240][ T8474] RBP: ffff888146660000 R08: 0000000000000000 R09: ffff888146668947
[   73.022596][ T8474] R10: ffffffff83be7e41 R11: 0000000000000000 R12: ffff888146668000
[   73.030621][ T8474] R13: ffff88801dd2d4b0 R14: ffff8880287d8608 R15: 0000000000000001
[   73.038580][ T8474] FS:  0000000001fe1300(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000
[   73.047804][ T8474] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   73.054436][ T8474] CR2: 00007f6dd6e33000 CR3: 0000000017d40000 CR4: 00000000001506f0
[   73.062471][ T8474] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   73.070465][ T8474] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   73.078436][ T8474] Kernel panic - not syncing: Fatal exception
[   73.085771][ T8474] Kernel Offset: disabled
[   73.090078][ T8474] Rebooting in 86400 seconds..