[ OK ] Started Getty on tty4. [ OK ] Started Getty on tty3. [ OK ] Started Getty on tty2. [ OK ] Started Getty on tty1. [ OK ] Started Serial Getty on ttyS0. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.68' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 67.034818][ T6558] [ 67.037167][ T6558] ====================================================== [ 67.044176][ T6558] WARNING: possible circular locking dependency detected [ 67.051187][ T6558] 5.14.0-rc7-next-20210824-syzkaller #0 Not tainted [ 67.057855][ T6558] ------------------------------------------------------ [ 67.064862][ T6558] syz-executor325/6558 is trying to acquire lock: [ 67.071300][ T6558] ffff888013f90230 (&mddev->open_mutex){+.+.}-{3:3}, at: md_open+0xfd/0x2e0 [ 67.080030][ T6558] [ 67.080030][ T6558] but task is already holding lock: [ 67.087543][ T6558] ffff888077ce3118 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_get_by_dev.part.0+0x9b/0xb60 [ 67.097796][ T6558] [ 67.097796][ T6558] which lock already depends on the new lock. [ 67.097796][ T6558] [ 67.108265][ T6558] [ 67.108265][ T6558] the existing dependency chain (in reverse order) is: [ 67.117263][ T6558] [ 67.117263][ T6558] -> #1 (&disk->open_mutex){+.+.}-{3:3}: [ 67.125061][ T6558] __mutex_lock+0x131/0x12f0 [ 67.130168][ T6558] bd_register_pending_holders+0x2c/0x470 [ 67.136406][ T6558] device_add_disk+0x75e/0xfd0 [ 67.141708][ T6558] md_alloc+0x91d/0x1150 [ 67.146453][ T6558] md_probe+0x69/0x70 [ 67.150945][ T6558] blk_request_module+0x111/0x1d0 [ 67.156470][ T6558] blkdev_get_no_open+0x178/0x1e0 [ 67.162084][ T6558] blkdev_get_by_dev.part.0+0x22/0xb60 [ 67.168040][ T6558] blkdev_get_by_dev+0x6b/0x80 [ 67.173570][ T6558] swsusp_check+0x4d/0x270 [ 67.178503][ T6558] software_resume.part.0+0x102/0x1f0 [ 67.184474][ T6558] resume_store+0x161/0x190 [ 67.189493][ T6558] kobj_attr_store+0x50/0x80 [ 67.194583][ T6558] sysfs_kf_write+0x110/0x160 [ 67.199768][ T6558] kernfs_fop_write_iter+0x342/0x500 [ 67.205553][ T6558] new_sync_write+0x429/0x660 [ 67.210730][ T6558] vfs_write+0x7cf/0xae0 [ 67.215487][ T6558] ksys_write+0x12d/0x250 [ 67.220321][ T6558] do_syscall_64+0x35/0xb0 [ 67.225240][ T6558] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 67.231641][ T6558] [ 67.231641][ T6558] -> #0 (&mddev->open_mutex){+.+.}-{3:3}: [ 67.239535][ T6558] __lock_acquire+0x2a07/0x54a0 [ 67.244893][ T6558] lock_acquire+0x1ab/0x510 [ 67.249894][ T6558] __mutex_lock+0x131/0x12f0 [ 67.254989][ T6558] md_open+0xfd/0x2e0 [ 67.259472][ T6558] blkdev_get_whole+0x99/0x2a0 [ 67.264925][ T6558] blkdev_get_by_dev.part.0+0x354/0xb60 [ 67.271000][ T6558] blkdev_get_by_dev+0x6b/0x80 [ 67.276292][ T6558] swsusp_check+0x4d/0x270 [ 67.281216][ T6558] software_resume.part.0+0x102/0x1f0 [ 67.287109][ T6558] resume_store+0x161/0x190 [ 67.292451][ T6558] kobj_attr_store+0x50/0x80 [ 67.297554][ T6558] sysfs_kf_write+0x110/0x160 [ 67.302739][ T6558] kernfs_fop_write_iter+0x342/0x500 [ 67.308527][ T6558] new_sync_write+0x429/0x660 [ 67.313792][ T6558] vfs_write+0x7cf/0xae0 [ 67.318561][ T6558] ksys_write+0x12d/0x250 [ 67.323404][ T6558] do_syscall_64+0x35/0xb0 [ 67.328337][ T6558] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 67.334826][ T6558] [ 67.334826][ T6558] other info that might help us debug this: [ 67.334826][ T6558] [ 67.345027][ T6558] Possible unsafe locking scenario: [ 67.345027][ T6558] [ 67.352454][ T6558] CPU0 CPU1 [ 67.357795][ T6558] ---- ---- [ 67.363222][ T6558] lock(&disk->open_mutex); [ 67.367793][ T6558] lock(&mddev->open_mutex); [ 67.374973][ T6558] lock(&disk->open_mutex); [ 67.382078][ T6558] lock(&mddev->open_mutex); [ 67.386751][ T6558] [ 67.386751][ T6558] *** DEADLOCK *** [ 67.386751][ T6558] [ 67.394873][ T6558] 5 locks held by syz-executor325/6558: [ 67.400396][ T6558] #0: ffff88807f6bc460 (sb_writers#6){.+.+}-{0:0}, at: ksys_write+0x12d/0x250 [ 67.409343][ T6558] #1: ffff88801a6a3488 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x287/0x500 [ 67.419435][ T6558] #2: ffff8881441a6830 (kn->active#90){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ab/0x500 [ 67.429424][ T6558] #3: ffffffff8b84fc68 (system_transition_mutex/1){+.+.}-{3:3}, at: software_resume.part.0+0x19/0x1f0 [ 67.440612][ T6558] #4: ffff888077ce3118 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_get_by_dev.part.0+0x9b/0xb60 [ 67.451125][ T6558] [ 67.451125][ T6558] stack backtrace: [ 67.456994][ T6558] CPU: 1 PID: 6558 Comm: syz-executor325 Not tainted 5.14.0-rc7-next-20210824-syzkaller #0 [ 67.466953][ T6558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 67.477248][ T6558] Call Trace: [ 67.480601][ T6558] dump_stack_lvl+0xcd/0x134 [ 67.485268][ T6558] check_noncircular+0x25f/0x2e0 [ 67.490188][ T6558] ? print_circular_bug+0x1e0/0x1e0 [ 67.495367][ T6558] ? is_bpf_text_address+0x99/0x170 [ 67.500576][ T6558] ? kernel_text_address+0xbd/0xf0 [ 67.505710][ T6558] ? lockdep_lock+0xc6/0x200 [ 67.510383][ T6558] ? call_rcu_zapped+0xb0/0xb0 [ 67.515126][ T6558] __lock_acquire+0x2a07/0x54a0 [ 67.520179][ T6558] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 67.526163][ T6558] lock_acquire+0x1ab/0x510 [ 67.530678][ T6558] ? md_open+0xfd/0x2e0 [ 67.534828][ T6558] ? lock_release+0x720/0x720 [ 67.539507][ T6558] __mutex_lock+0x131/0x12f0 [ 67.544181][ T6558] ? md_open+0xfd/0x2e0 [ 67.548334][ T6558] ? md_open+0xfd/0x2e0 [ 67.552479][ T6558] ? mutex_lock_io_nested+0x1150/0x1150 [ 67.558011][ T6558] ? lock_downgrade+0x6e0/0x6e0 [ 67.562844][ T6558] ? do_raw_spin_lock+0x120/0x2b0 [ 67.567864][ T6558] ? rwlock_bug.part.0+0x90/0x90 [ 67.573222][ T6558] ? mutex_lock_io_nested+0x1150/0x1150 [ 67.578861][ T6558] ? do_raw_spin_unlock+0x171/0x230 [ 67.584054][ T6558] md_open+0xfd/0x2e0 [ 67.588039][ T6558] ? rdev_size_store+0xb60/0xb60 [ 67.593054][ T6558] blkdev_get_whole+0x99/0x2a0 [ 67.597802][ T6558] blkdev_get_by_dev.part.0+0x354/0xb60 [ 67.603336][ T6558] ? devcgroup_check_permission+0x1bb/0x410 [ 67.609299][ T6558] ? sysfs_file_ops+0x1c0/0x1c0 [ 67.614215][ T6558] blkdev_get_by_dev+0x6b/0x80 [ 67.618960][ T6558] swsusp_check+0x4d/0x270 [ 67.623447][ T6558] software_resume.part.0+0x102/0x1f0 [ 67.628810][ T6558] resume_store+0x161/0x190 [ 67.633304][ T6558] ? software_resume+0x80/0x80 [ 67.638048][ T6558] kobj_attr_store+0x50/0x80 [ 67.642648][ T6558] ? kobj_attr_show+0x70/0x70 [ 67.647580][ T6558] sysfs_kf_write+0x110/0x160 [ 67.652237][ T6558] kernfs_fop_write_iter+0x342/0x500 [ 67.657500][ T6558] new_sync_write+0x429/0x660 [ 67.662169][ T6558] ? new_sync_read+0x6e0/0x6e0 [ 67.666913][ T6558] ? lock_release+0x720/0x720 [ 67.671571][ T6558] vfs_write+0x7cf/0xae0 [ 67.675794][ T6558] ksys_write+0x12d/0x250 [ 67.680201][ T6558] ? __ia32_sys_read+0xb0/0xb0 [ 67.684943][ T6558] ? syscall_enter_from_user_mode+0x21/0x70 [ 67.690827][ T6558] do_syscall_64+0x35/0xb0 [ 67.695227][ T6558] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 67.701104][ T6558] RIP: 0033:0x43f0e9 [ 67.704979][ T6558] Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 67.724650][ T6558] RSP: 002b:00007ffd59408358 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 67.733040][ T6558] RAX: ffffffffffffffda RBX: 0000000000400488 RCX: 000000000043f0e9 [ 67.741076][ T6558] RDX: 000000000000fdef RSI: 0000000020000000 RDI: 0000000000000003 [ 67.749112][ T6558] RBP: 0000000000402e40 R08: 0000000000000012 R09: 0000000000400488 [ 67.757237][ T6558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000402ed0 [ 67.765288][ T6558] R13: 0000000000000000 R14: 00000000004ad018 R15: 0000000000400488 [