OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.60' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 27.094325] [ 27.095946] ====================================================== [ 27.102230] WARNING: possible circular locking dependency detected [ 27.108560] 4.14.243-syzkaller #0 Not tainted [ 27.113021] ------------------------------------------------------ [ 27.119306] syz-executor696/7967 is trying to acquire lock: [ 27.124985] (&bdev->bd_mutex){+.+.}, at: [] blkdev_reread_part+0x1b/0x40 [ 27.133465] [ 27.133465] but task is already holding lock: [ 27.139404] (&nbd->config_lock){+.+.}, at: [] nbd_ioctl+0x11f/0xa80 [ 27.147440] [ 27.147440] which lock already depends on the new lock. [ 27.147440] [ 27.155724] [ 27.155724] the existing dependency chain (in reverse order) is: [ 27.163313] [ 27.163313] -> #2 (&nbd->config_lock){+.+.}: [ 27.169180] __mutex_lock+0xc4/0x1310 [ 27.173472] nbd_open+0x1b4/0x380 [ 27.177416] __blkdev_get+0x306/0x1090 [ 27.181791] blkdev_get+0x88/0x890 [ 27.185822] blkdev_open+0x1cc/0x250 [ 27.190028] do_dentry_open+0x44b/0xec0 [ 27.194520] vfs_open+0x105/0x220 [ 27.198466] path_openat+0x628/0x2970 [ 27.202759] do_filp_open+0x179/0x3c0 [ 27.207050] do_sys_open+0x296/0x410 [ 27.211253] do_syscall_64+0x1d5/0x640 [ 27.215634] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 27.221314] [ 27.221314] -> #1 (nbd_index_mutex){+.+.}: [ 27.227003] __mutex_lock+0xc4/0x1310 [ 27.231300] nbd_open+0x22/0x380 [ 27.235159] __blkdev_get+0x306/0x1090 [ 27.239537] blkdev_get+0x88/0x890 [ 27.243567] blkdev_open+0x1cc/0x250 [ 27.247772] do_dentry_open+0x44b/0xec0 [ 27.252234] vfs_open+0x105/0x220 [ 27.256180] path_openat+0x628/0x2970 [ 27.260468] do_filp_open+0x179/0x3c0 [ 27.264763] do_sys_open+0x296/0x410 [ 27.268970] do_syscall_64+0x1d5/0x640 [ 27.273348] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 27.279026] [ 27.279026] -> #0 (&bdev->bd_mutex){+.+.}: [ 27.284751] lock_acquire+0x170/0x3f0 [ 27.289044] __mutex_lock+0xc4/0x1310 [ 27.293338] blkdev_reread_part+0x1b/0x40 [ 27.298018] nbd_ioctl+0x7cb/0xa80 [ 27.302048] blkdev_ioctl+0x540/0x1830 [ 27.306425] block_ioctl+0xd9/0x120 [ 27.310542] do_vfs_ioctl+0x75a/0xff0 [ 27.314833] SyS_ioctl+0x7f/0xb0 [ 27.318691] do_syscall_64+0x1d5/0x640 [ 27.323069] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 27.328746] [ 27.328746] other info that might help us debug this: [ 27.328746] [ 27.336854] Chain exists of: [ 27.336854] &bdev->bd_mutex --> nbd_index_mutex --> &nbd->config_lock [ 27.336854] [ 27.347932] Possible unsafe locking scenario: [ 27.347932] [ 27.353957] CPU0 CPU1 [ 27.358592] ---- ---- [ 27.363243] lock(&nbd->config_lock); [ 27.367101] lock(nbd_index_mutex); [ 27.373300] lock(&nbd->config_lock); [ 27.379685] lock(&bdev->bd_mutex); [ 27.383369] [ 27.383369] *** DEADLOCK *** [ 27.383369] [ 27.389412] 1 lock held by syz-executor696/7967: [ 27.394136] #0: (&nbd->config_lock){+.+.}, at: [] nbd_ioctl+0x11f/0xa80 [ 27.402605] [ 27.402605] stack backtrace: [ 27.407076] CPU: 0 PID: 7967 Comm: syz-executor696 Not tainted 4.14.243-syzkaller #0 [ 27.414921] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 27.424260] Call Trace: [ 27.426823] dump_stack+0x1b2/0x281 [ 27.430425] print_circular_bug.constprop.0.cold+0x2d7/0x41e [ 27.436196] __lock_acquire+0x2e0e/0x3f20 [ 27.440318] ? trace_hardirqs_on+0x10/0x10 [ 27.444525] ? add_lock_to_list.constprop.0+0x17d/0x330 [ 27.449858] ? save_trace+0xd6/0x290 [ 27.453543] lock_acquire+0x170/0x3f0 [ 27.457327] ? blkdev_reread_part+0x1b/0x40 [ 27.461618] ? blkdev_reread_part+0x1b/0x40 [ 27.465910] __mutex_lock+0xc4/0x1310 [ 27.469682] ? blkdev_reread_part+0x1b/0x40 [ 27.473975] ? __mutex_lock+0x360/0x1310 [ 27.478008] ? __get_super.part.0+0xbb/0x390 [ 27.482386] ? blkdev_reread_part+0x1b/0x40 [ 27.486677] ? __ww_mutex_wakeup_for_backoff+0x210/0x210 [ 27.492097] ? lock_downgrade+0x740/0x740 [ 27.496218] ? nbd_ioctl+0x7b0/0xa80 [ 27.499903] ? lock_downgrade+0x740/0x740 [ 27.504020] blkdev_reread_part+0x1b/0x40 [ 27.508147] nbd_ioctl+0x7cb/0xa80 [ 27.511663] ? kasan_slab_free+0xc3/0x1a0 [ 27.515979] ? nbd_disconnect_and_put+0x140/0x140 [ 27.520794] ? do_syscall_64+0x1d5/0x640 [ 27.524949] ? entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 27.530286] ? path_lookupat+0x780/0x780 [ 27.534326] ? debug_check_no_obj_freed+0x2c0/0x680 [ 27.539320] ? nbd_disconnect_and_put+0x140/0x140 [ 27.544133] blkdev_ioctl+0x540/0x1830 [ 27.547993] ? blkpg_ioctl+0x8d0/0x8d0 [ 27.551853] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 27.556927] ? debug_check_no_obj_freed+0x2c0/0x680 [ 27.561915] block_ioctl+0xd9/0x120 [ 27.565512] ? blkdev_fallocate+0x3a0/0x3a0 [ 27.569808] do_vfs_ioctl+0x75a/0xff0 [ 27.573591] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 27.579012] ? ioctl_preallocate+0x1a0/0x1a0 [ 27.583391] ? kmem_cache_free+0x23a/0x2b0 [ 27.587598] ? putname+0xcd/0x110 [ 27.591021] ? do_sys_open+0x208/0x410 [ 27.594884] ? filp_open+0x60/0x60 [ 27.598394] ? security_file_ioctl+0x83/0xb0 [ 27.602772] SyS_ioctl+0x7f/0xb0 [ 27.606106] ? do_vfs_ioctl+0xff0/0xff0 [ 27.610054] do_syscall_64+0x1d5/0x640 [ 27.613956] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 27.619136] RIP: 0033:0x443439 [ 27.622332] RSP: 002b:00007ffd42edb3d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 27.630009] RAX: ffffffffffffffda RBX: 00000000004004a0 RCX: 0000000000443439 [ 27.637251] RDX: 0000000000000000 RSI: 000000000000ab04 RDI: 0000000000000003 [ 27.644491] RBP: 00000000