Warning: Permanently added '10.128.0.244' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 34.344627] audit: type=1400 audit(1594378134.228:8): avc: denied { execmem } for pid=6334 comm="syz-executor417" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 34.346138] [ 34.366146] ====================================================== [ 34.372438] WARNING: possible circular locking dependency detected [ 34.378729] 4.14.184-syzkaller #0 Not tainted [ 34.383192] ------------------------------------------------------ [ 34.389489] syz-executor417/6334 is trying to acquire lock: [ 34.395193] (&bdev->bd_mutex){+.+.}, at: [] blkdev_reread_part+0x1b/0x40 [ 34.403663] [ 34.403663] but task is already holding lock: [ 34.409602] (&nbd->config_lock){+.+.}, at: [] nbd_ioctl+0x11f/0xa30 [ 34.417648] [ 34.417648] which lock already depends on the new lock. [ 34.417648] [ 34.425934] [ 34.425934] the existing dependency chain (in reverse order) is: [ 34.433525] [ 34.433525] -> #2 (&nbd->config_lock){+.+.}: [ 34.439407] __mutex_lock+0xe8/0x1430 [ 34.443702] nbd_open+0x1bf/0x380 [ 34.447649] __blkdev_get+0x307/0x10c0 [ 34.452044] blkdev_get+0x84/0x8a0 [ 34.456081] blkdev_open+0x1cc/0x250 [ 34.460301] do_dentry_open+0x44b/0xec0 [ 34.464770] vfs_open+0x105/0x220 [ 34.468719] path_openat+0xb68/0x2aa0 [ 34.473025] do_filp_open+0x18e/0x250 [ 34.477332] do_sys_open+0x292/0x3e0 [ 34.481546] do_syscall_64+0x1d5/0x640 [ 34.485941] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 34.491621] [ 34.491621] -> #1 (nbd_index_mutex){+.+.}: [ 34.497313] __mutex_lock+0xe8/0x1430 [ 34.501623] nbd_open+0x24/0x380 [ 34.505482] __blkdev_get+0x307/0x10c0 [ 34.509859] blkdev_get+0x84/0x8a0 [ 34.513891] blkdev_open+0x1cc/0x250 [ 34.518099] do_dentry_open+0x44b/0xec0 [ 34.522565] vfs_open+0x105/0x220 [ 34.526523] path_openat+0xb68/0x2aa0 [ 34.530815] do_filp_open+0x18e/0x250 [ 34.535107] do_sys_open+0x292/0x3e0 [ 34.539314] do_syscall_64+0x1d5/0x640 [ 34.543709] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 34.549388] [ 34.549388] -> #0 (&bdev->bd_mutex){+.+.}: [ 34.555085] lock_acquire+0x170/0x3f0 [ 34.559381] __mutex_lock+0xe8/0x1430 [ 34.563674] blkdev_reread_part+0x1b/0x40 [ 34.568315] nbd_ioctl+0x79e/0xa30 [ 34.572349] blkdev_ioctl+0x91d/0x17c0 [ 34.576728] block_ioctl+0xd9/0x120 [ 34.580864] do_vfs_ioctl+0x75a/0xfe0 [ 34.585156] SyS_ioctl+0x7f/0xb0 [ 34.589014] do_syscall_64+0x1d5/0x640 [ 34.593409] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 34.599098] [ 34.599098] other info that might help us debug this: [ 34.599098] [ 34.607214] Chain exists of: [ 34.607214] &bdev->bd_mutex --> nbd_index_mutex --> &nbd->config_lock [ 34.607214] [ 34.618295] Possible unsafe locking scenario: [ 34.618295] [ 34.624368] CPU0 CPU1 [ 34.629025] ---- ---- [ 34.633678] lock(&nbd->config_lock); [ 34.637586] lock(nbd_index_mutex); [ 34.643821] lock(&nbd->config_lock); [ 34.650199] lock(&bdev->bd_mutex); [ 34.653885] [ 34.653885] *** DEADLOCK *** [ 34.653885] [ 34.659933] 1 lock held by syz-executor417/6334: [ 34.664656] #0: (&nbd->config_lock){+.+.}, at: [] nbd_ioctl+0x11f/0xa30 [ 34.673130] [ 34.673130] stack backtrace: [ 34.677617] CPU: 1 PID: 6334 Comm: syz-executor417 Not tainted 4.14.184-syzkaller #0 [ 34.685468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 34.694805] Call Trace: [ 34.697373] dump_stack+0x1b2/0x283 [ 34.700990] print_circular_bug.isra.0.cold+0x2dc/0x425 [ 34.706337] __lock_acquire+0x3057/0x42a0 [ 34.710464] ? trace_hardirqs_on+0x10/0x10 [ 34.714670] ? add_lock_to_list.isra.0+0x17d/0x330 [ 34.719575] ? save_trace+0xd6/0x290 [ 34.723262] lock_acquire+0x170/0x3f0 [ 34.727038] ? blkdev_reread_part+0x1b/0x40 [ 34.731339] ? blkdev_reread_part+0x1b/0x40 [ 34.735634] __mutex_lock+0xe8/0x1430 [ 34.739421] ? blkdev_reread_part+0x1b/0x40 [ 34.743727] ? nbd_ioctl+0x11f/0xa30 [ 34.747423] ? blkdev_reread_part+0x1b/0x40 [ 34.751775] ? nbd_ioctl+0x11f/0xa30 [ 34.755462] ? __ww_mutex_wakeup_for_backoff+0x210/0x210 [ 34.760897] ? lock_downgrade+0x6e0/0x6e0 [ 34.765015] ? nbd_ioctl+0x783/0xa30 [ 34.768711] ? lock_downgrade+0x6e0/0x6e0 [ 34.772834] ? blkdev_reread_part+0x1b/0x40 [ 34.777125] blkdev_reread_part+0x1b/0x40 [ 34.781306] nbd_ioctl+0x79e/0xa30 [ 34.784826] ? kasan_slab_free+0xaf/0x190 [ 34.788943] ? kmem_cache_free+0x7c/0x2b0 [ 34.793063] ? nbd_release+0x110/0x110 [ 34.796922] ? entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 34.802260] ? path_mountpoint+0x960/0x960 [ 34.806481] ? trace_hardirqs_on+0x10/0x10 [ 34.810708] ? debug_check_no_obj_freed+0x27c/0x5fd [ 34.815979] ? nbd_release+0x110/0x110 [ 34.819852] blkdev_ioctl+0x91d/0x17c0 [ 34.823783] ? blkpg_ioctl+0x8d0/0x8d0 [ 34.827648] block_ioctl+0xd9/0x120 [ 34.831268] ? blkdev_fallocate+0x3a0/0x3a0 [ 34.835562] do_vfs_ioctl+0x75a/0xfe0 [ 34.839339] ? selinux_parse_skb.constprop.0+0x16c0/0x16c0 [ 34.844935] ? ioctl_preallocate+0x1a0/0x1a0 [ 34.849316] ? rcu_read_lock_sched_held+0x10a/0x130 [ 34.854303] ? kmem_cache_free+0x23a/0x2b0 [ 34.858508] ? putname+0xcd/0x110 [ 34.861934] ? security_file_ioctl+0x76/0xb0 [ 34.866310] ? security_file_ioctl+0x83/0xb0 [ 34.870687] SyS_ioctl+0x7f/0xb0 [ 34.874034] ? do_vfs_ioctl+0xfe0/0xfe0 [ 34.877980] do_syscall_64+0x1d5/0x640 [ 34.881843] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 34.887002] RIP: 0033:0x443ec9 [ 34.890172] RSP: 002b:00007ffc28167898 EFLAGS: 00000246 ORIG_RAX: 00000000000