[[0;32m  OK  [0m] Started Getty on tty2.
[[0;32m  OK  [0m] Started Serial Getty on ttyS0.
[[0;32m  OK  [0m] Started Getty on tty1.
[[0;32m  OK  [0m] Started OpenBSD Secure Shell server.
[[0;32m  OK  [0m] Started getty on tty2-tty6 if dbus and logind are not available.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.1.62' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   71.604060][ T8439] netlink: 4 bytes leftover after parsing attributes in process `syz-executor974'.
[   71.621981][ T8439] 
[   71.624329][ T8439] ======================================================
[   71.631322][ T8439] WARNING: possible circular locking dependency detected
[   71.638313][ T8439] 5.14.0-rc6-syzkaller #0 Not tainted
[   71.643656][ T8439] ------------------------------------------------------
[   71.650651][ T8439] syz-executor974/8439 is trying to acquire lock:
[   71.657059][ T8439] ffff88801df94518 (&disk->open_mutex){+.+.}-{3:3}, at: del_gendisk+0x8b/0x770
[   71.666029][ T8439] 
[   71.666029][ T8439] but task is already holding lock:
[   71.673370][ T8439] ffffffff8c4893e8 (nbd_index_mutex){+.+.}-{3:3}, at: refcount_dec_and_mutex_lock+0x50/0x140
[   71.683523][ T8439] 
[   71.683523][ T8439] which lock already depends on the new lock.
[   71.683523][ T8439] 
[   71.693916][ T8439] 
[   71.693916][ T8439] the existing dependency chain (in reverse order) is:
[   71.702906][ T8439] 
[   71.702906][ T8439] -> #1 (nbd_index_mutex){+.+.}-{3:3}:
[   71.710523][ T8439]        __mutex_lock+0x12a/0x10a0
[   71.715713][ T8439]        nbd_open+0x7d/0x8a0
[   71.720282][ T8439]        blkdev_get_whole+0xa1/0x420
[   71.725544][ T8439]        blkdev_get_by_dev.part.0+0x30c/0xdd0
[   71.731588][ T8439]        blkdev_open+0x295/0x300
[   71.736499][ T8439]        do_dentry_open+0x4c8/0x11d0
[   71.741764][ T8439]        path_openat+0x1c23/0x27f0
[   71.746852][ T8439]        do_filp_open+0x1aa/0x400
[   71.751853][ T8439]        do_sys_openat2+0x16d/0x420
[   71.757038][ T8439]        __x64_sys_open+0x119/0x1c0
[   71.762217][ T8439]        do_syscall_64+0x35/0xb0
[   71.767145][ T8439]        entry_SYSCALL_64_after_hwframe+0x44/0xae
[   71.773538][ T8439] 
[   71.773538][ T8439] -> #0 (&disk->open_mutex){+.+.}-{3:3}:
[   71.781327][ T8439]        __lock_acquire+0x2a07/0x54a0
[   71.786684][ T8439]        lock_acquire+0x1ab/0x510
[   71.791744][ T8439]        __mutex_lock+0x12a/0x10a0
[   71.796842][ T8439]        del_gendisk+0x8b/0x770
[   71.802093][ T8439]        nbd_put.part.0+0x82/0x160
[   71.807224][ T8439]        nbd_genl_connect+0x1383/0x1820
[   71.812750][ T8439]        genl_family_rcv_msg_doit+0x228/0x320
[   71.818799][ T8439]        genl_rcv_msg+0x328/0x580
[   71.823809][ T8439]        netlink_rcv_skb+0x153/0x420
[   71.829196][ T8439]        genl_rcv+0x24/0x40
[   71.833686][ T8439]        netlink_unicast+0x533/0x7d0
[   71.839040][ T8439]        netlink_sendmsg+0x86d/0xdb0
[   71.844357][ T8439]        sock_sendmsg+0xcf/0x120
[   71.849279][ T8439]        ____sys_sendmsg+0x6e8/0x810
[   71.854551][ T8439]        ___sys_sendmsg+0xf3/0x170
[   71.859670][ T8439]        __sys_sendmsg+0xe5/0x1b0
[   71.864676][ T8439]        do_syscall_64+0x35/0xb0
[   71.869613][ T8439]        entry_SYSCALL_64_after_hwframe+0x44/0xae
[   71.876010][ T8439] 
[   71.876010][ T8439] other info that might help us debug this:
[   71.876010][ T8439] 
[   71.886212][ T8439]  Possible unsafe locking scenario:
[   71.886212][ T8439] 
[   71.893642][ T8439]        CPU0                    CPU1
[   71.898982][ T8439]        ----                    ----
[   71.904321][ T8439]   lock(nbd_index_mutex);
[   71.908715][ T8439]                                lock(&disk->open_mutex);
[   71.915799][ T8439]                                lock(nbd_index_mutex);
[   71.922706][ T8439]   lock(&disk->open_mutex);
[   71.927267][ T8439] 
[   71.927267][ T8439]  *** DEADLOCK ***
[   71.927267][ T8439] 
[   71.935385][ T8439] 3 locks held by syz-executor974/8439:
[   71.940902][ T8439]  #0: ffffffff8d15f910 (cb_lock){++++}-{3:3}, at: genl_rcv+0x15/0x40
[   71.949057][ T8439]  #1: ffffffff8d15f9c8 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x3e0/0x580
[   71.957993][ T8439]  #2: ffffffff8c4893e8 (nbd_index_mutex){+.+.}-{3:3}, at: refcount_dec_and_mutex_lock+0x50/0x140
[   71.970148][ T8439] 
[   71.970148][ T8439] stack backtrace:
[   71.976011][ T8439] CPU: 1 PID: 8439 Comm: syz-executor974 Not tainted 5.14.0-rc6-syzkaller #0
[   71.984788][ T8439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   71.994906][ T8439] Call Trace:
[   71.998165][ T8439]  dump_stack_lvl+0xcd/0x134
[   72.002743][ T8439]  check_noncircular+0x25f/0x2e0
[   72.007660][ T8439]  ? print_circular_bug+0x1e0/0x1e0
[   72.012837][ T8439]  ? kmem_cache_free+0x8a/0x5b0
[   72.017668][ T8439]  ? lockdep_lock+0xc6/0x200
[   72.022237][ T8439]  ? call_rcu_zapped+0xb0/0xb0
[   72.026985][ T8439]  ? __kobject_del+0xea/0x200
[   72.031643][ T8439]  __lock_acquire+0x2a07/0x54a0
[   72.036487][ T8439]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   72.042450][ T8439]  lock_acquire+0x1ab/0x510
[   72.046932][ T8439]  ? del_gendisk+0x8b/0x770
[   72.051417][ T8439]  ? lock_release+0x720/0x720
[   72.056070][ T8439]  ? lockdep_hardirqs_on+0x79/0x100
[   72.061267][ T8439]  __mutex_lock+0x12a/0x10a0
[   72.065849][ T8439]  ? del_gendisk+0x8b/0x770
[   72.070334][ T8439]  ? lock_downgrade+0x6e0/0x6e0
[   72.075174][ T8439]  ? del_gendisk+0x8b/0x770
[   72.079668][ T8439]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[   72.085888][ T8439]  ? mutex_lock_io_nested+0xf00/0xf00
[   72.091260][ T8439]  ? kobj_kset_leave+0x12/0x200
[   72.096092][ T8439]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   72.102316][ T8439]  ? kobject_put+0xb9/0x540
[   72.106800][ T8439]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[   72.112507][ T8439]  ? kfree_const+0x35/0x60
[   72.116908][ T8439]  del_gendisk+0x8b/0x770
[   72.121220][ T8439]  ? nbd_config_put+0x61b/0xa00
[   72.126118][ T8439]  nbd_put.part.0+0x82/0x160
[   72.130687][ T8439]  nbd_genl_connect+0x1383/0x1820
[   72.135692][ T8439]  ? nbd_start_device+0xd50/0xd50
[   72.140713][ T8439]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   72.146935][ T8439]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290
[   72.154290][ T8439]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290
[   72.161554][ T8439]  genl_family_rcv_msg_doit+0x228/0x320
[   72.167082][ T8439]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290
[   72.174439][ T8439]  ? genl_op_from_small+0x23/0x3c0
[   72.179528][ T8439]  ? genl_get_cmd+0x3cf/0x480
[   72.184187][ T8439]  genl_rcv_msg+0x328/0x580
[   72.188675][ T8439]  ? genl_get_cmd+0x480/0x480
[   72.193332][ T8439]  ? nbd_start_device+0xd50/0xd50
[   72.198337][ T8439]  ? lock_release+0x720/0x720
[   72.202992][ T8439]  netlink_rcv_skb+0x153/0x420
[   72.207740][ T8439]  ? genl_get_cmd+0x480/0x480
[   72.212396][ T8439]  ? netlink_ack+0xa60/0xa60
[   72.216969][ T8439]  ? _copy_from_iter+0x12b/0x1320
[   72.221980][ T8439]  genl_rcv+0x24/0x40
[   72.225944][ T8439]  netlink_unicast+0x533/0x7d0
[   72.230688][ T8439]  ? netlink_attachskb+0x890/0x890
[   72.235777][ T8439]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   72.241997][ T8439]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   72.248218][ T8439]  ? __phys_addr_symbol+0x2c/0x70
[   72.253235][ T8439]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[   72.258932][ T8439]  ? __check_object_size+0x16e/0x3f0
[   72.264208][ T8439]  netlink_sendmsg+0x86d/0xdb0
[   72.268955][ T8439]  ? netlink_unicast+0x7d0/0x7d0
[   72.273872][ T8439]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   72.280093][ T8439]  ? netlink_unicast+0x7d0/0x7d0
[   72.285008][ T8439]  sock_sendmsg+0xcf/0x120
[   72.289406][ T8439]  ____sys_sendmsg+0x6e8/0x810
[   72.294178][ T8439]  ? kernel_sendmsg+0x50/0x50
[   72.298834][ T8439]  ? do_recvmmsg+0x6d0/0x6d0
[   72.303407][ T8439]  ? lock_chain_count+0x20/0x20
[   72.308241][ T8439]  ? netlink_recvmsg+0x826/0xea0
[   72.313171][ T8439]  ___sys_sendmsg+0xf3/0x170
[   72.317741][ T8439]  ? sendmsg_copy_msghdr+0x160/0x160
[   72.323024][ T8439]  ? __lock_acquire+0x162f/0x54a0
[   72.328029][ T8439]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   72.334000][ T8439]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   72.339973][ T8439]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   72.346200][ T8439]  ? __fget_light+0x215/0x280
[   72.350859][ T8439]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   72.357080][ T8439]  __sys_sendmsg+0xe5/0x1b0
[   72.361564][ T8439]  ? __sys_sendmsg_sock+0x30/0x30
[   72.366580][ T8439]  ? syscall_enter_from_user_mode+0x21/0x70
[   72.372558][ T8439]  do_syscall_64+0x35/0xb0
[   72.376985][ T8439]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   72.382897][ T8439] RIP: 0033:0x43fa59
[   72.386779][ T8439] Code: 28 c3 e8 5a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   72.406368][ T8439] RSP: 002b:00007fff4056ff08 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   72.414759][ T8439] RAX: ffffffffffffffda RBX: 00000000004004a0 RCX: 000000000043fa59
[   72.422712][ T8439] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003
[   72.430668][ T8439] RBP: 00000000004034c0 R08: 000000000000000c R09: 00000000004004a0
[   72.438616][ T8439] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000403550
[   72.446572][ T8439] R13: 0000000000000000 R14: 00000000004ad018 R15: 00000000004004a0