program:
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000600)={0x0, <r0=>0x0})
r1 = syz_open_procfs(r0, &(0x7f0000000680)='net/snmp\x00')
fchdir(r1) (async, rerun: 32)
syz_read_part_table(0x5c7, &(0x7f0000000000)="$eJzs3LFrLFUUB+DfzM7MboqwsbTKNoKdhWgXEpUogoUW1v4Lkk4QsotiKq1srZU0QQQLsbEJgq2txM5SxEYLvTKzs5uNvC7h8R58X5F759w751yyZ8u74al2+GWbZNJPV7fRpq6rzXz+T7J675Vkuhie2zHeb3j38vTwnZ1s1axKfq+TOsn5GHz2653EWeSrH/pXv2/y6eUbF599/mGXZZY3pSRfJMukTMfNJenGQv/z15DrEQs8Zs+nSQ7GDpqNH1bVz3rLHIzTFzZdNlnHB90n965/dXS9Ou4npaqaJHtdnttZPhmqNePT5HahzR+rtPVi3apDZw6Ot/29Y5qUUtrtuevhW9AMaW6b8MUffz3PqmuH9r3Y/AvGZv5lL3k/yWKzu75zHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnhCzcXyp/1PKM7OkSpr+6ZtXz5b9WG/2vtY168nfpZTSPEj9q6Pr+Ucfn9X5oFTjif7cLk6nd+ony7TD2CT1v3mIE5TpejxeD90YXqQa6taTlDLvI5OMtZN8+3KSt7bvAgAAAAAAAAAAAAAAAAAAwH2dvv5m93adjFfZm811+5JZUq1v2H/383Z7KeUkpbuTYi/JTzepkvyWUrU7S10y3x+v8FfrIss+yf7sYX49gPv6LwAA//+mB0vW") (rerun: 32)

[   68.851187][ T4670] Bluetooth: hci0: command tx timeout
[   68.925019][ T5323] loop0: detected capacity change from 0 to 2048
[   68.954041][ T5302]  loop0: p1 < > p3 < > p4 < >
[   68.956087][ T5302] loop0: partition table partially beyond EOD, truncated
[   68.964020][ T5302] loop0: p3 start 4284289 is beyond EOD, truncated
[   69.079216][ T5323]  loop0: p1 < > p3 < > p4 < >
[   69.082584][ T5323] loop0: partition table partially beyond EOD, truncated
[   69.088382][ T5323] loop0: p3 start 4284289 is beyond EOD, truncated
[   69.200767][ T4729]  loop0: p1 < > p3 < > p4 < >
[   69.204262][ T4729] loop0: partition table partially beyond EOD, truncated
[   69.210161][ T4729] loop0: p3 start 4284289 is beyond EOD, truncated
[   69.394384][ T5304] 
[   69.395494][ T5304] ======================================================
[   69.398746][ T5304] WARNING: possible circular locking dependency detected
[   69.401884][ T5304] 6.15.0-rc3-syzkaller-00001-g9d7a0577c9db #0 Not tainted
[   69.404278][ T5304] ------------------------------------------------------
[   69.406713][ T5304] udevd/5304 is trying to acquire lock:
[   69.408822][ T5304] ffff88804d8f1d28 (kn->active#5){++++}-{0:0}, at: __kernfs_remove+0x336/0x570
[   69.412211][ T5304] 
[   69.412211][ T5304] but task is already holding lock:
[   69.415073][ T5304] ffff888032e60358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_release+0x17e/0x700
[   69.418722][ T5304] 
[   69.418722][ T5304] which lock already depends on the new lock.
[   69.418722][ T5304] 
[   69.422848][ T5304] 
[   69.422848][ T5304] the existing dependency chain (in reverse order) is:
[   69.426301][ T5304] 
[   69.426301][ T5304] -> #2 (&disk->open_mutex){+.+.}-{4:4}:
[   69.429430][ T5304]        lock_acquire+0x116/0x2f0
[   69.431448][ T5304]        __mutex_lock+0x1a5/0x10c0
[   69.433671][ T5304]        bdev_open+0xf7/0xcd0
[   69.435535][ T5304]        bdev_file_open_by_dev+0x1b2/0x230
[   69.437673][ T5304]        disk_scan_partitions+0x1be/0x2b0
[   69.440045][ T5304]        add_disk_fwnode+0xd26/0x1020
[   69.442250][ T5304]        pmem_attach_disk+0xd42/0x1020
[   69.444527][ T5304]        nvdimm_bus_probe+0x147/0x4e0
[   69.446588][ T5304]        really_probe+0x2b9/0xad0
[   69.448530][ T5304]        __driver_probe_device+0x1a2/0x390
[   69.450713][ T5304]        driver_probe_device+0x50/0x430
[   69.452808][ T5304]        __driver_attach+0x45f/0x710
[   69.454966][ T5304]        bus_for_each_dev+0x23e/0x2b0
[   69.457156][ T5304]        bus_add_driver+0x346/0x670
[   69.459249][ T5304]        driver_register+0x23a/0x320
[   69.461325][ T5304]        do_one_initcall+0x24a/0x940
[   69.463262][ T5304]        do_initcall_level+0x157/0x210
[   69.465308][ T5304]        do_initcalls+0x71/0xd0
[   69.467115][ T5304]        kernel_init_freeable+0x432/0x5d0
[   69.469387][ T5304]        kernel_init+0x1d/0x2b0
[   69.471295][ T5304]        ret_from_fork+0x4b/0x80
[   69.473308][ T5304]        ret_from_fork_asm+0x1a/0x30
[   69.475543][ T5304] 
[   69.475543][ T5304] -> #1 (&nvdimm_namespace_key){+.+.}-{4:4}:
[   69.478767][ T5304]        lock_acquire+0x116/0x2f0
[   69.480789][ T5304]        __mutex_lock+0x1a5/0x10c0
[   69.482798][ T5304]        uevent_show+0x17d/0x340
[   69.484739][ T5304]        dev_attr_show+0x55/0xc0
[   69.486694][ T5304]        sysfs_kf_seq_show+0x32b/0x4a0
[   69.488835][ T5304]        seq_read_iter+0x461/0xda0
[   69.490837][ T5304]        vfs_read+0x9a0/0xb90
[   69.492706][ T5304]        ksys_read+0x19d/0x2d0
[   69.494598][ T5304]        do_syscall_64+0xf3/0x210
[   69.496540][ T5304]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.498976][ T5304] 
[   69.498976][ T5304] -> #0 (kn->active#5){++++}-{0:0}:
[   69.501780][ T5304]        validate_chain+0xa69/0x24e0
[   69.504025][ T5304]        __lock_acquire+0xad5/0xd80
[   69.506156][ T5304]        lock_acquire+0x116/0x2f0
[   69.508171][ T5304]        kernfs_drain+0x275/0x5e0
[   69.510149][ T5304]        __kernfs_remove+0x336/0x570
[   69.512175][ T5304]        kernfs_remove_by_name_ns+0xad/0x130
[   69.514321][ T5304]        device_del+0x56c/0x9b0
[   69.516133][ T5304]        drop_partition+0x11b/0x180
[   69.518356][ T5304]        bdev_disk_changed+0x2ca/0x14e0
[   69.520460][ T5304]        lo_release+0x540/0x850
[   69.522294][ T5304]        bdev_release+0x5dd/0x700
[   69.524314][ T5304]        blkdev_release+0x15/0x20
[   69.526326][ T5304]        __fput+0x3e9/0x9f0
[   69.528194][ T5304]        fput_close_sync+0x1ef/0x270
[   69.530349][ T5304]        __x64_sys_close+0x7f/0x110
[   69.532516][ T5304]        do_syscall_64+0xf3/0x210
[   69.534585][ T5304]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.537163][ T5304] 
[   69.537163][ T5304] other info that might help us debug this:
[   69.537163][ T5304] 
[   69.540879][ T5304] Chain exists of:
[   69.540879][ T5304]   kn->active#5 --> &nvdimm_namespace_key --> &disk->open_mutex
[   69.540879][ T5304] 
[   69.545972][ T5304]  Possible unsafe locking scenario:
[   69.545972][ T5304] 
[   69.548918][ T5304]        CPU0                    CPU1
[   69.551076][ T5304]        ----                    ----
[   69.553247][ T5304]   lock(&disk->open_mutex);
[   69.555036][ T5304]                                lock(&nvdimm_namespace_key);
[   69.557913][ T5304]                                lock(&disk->open_mutex);
[   69.560473][ T5304]   lock(kn->active#5);
[   69.561938][ T5304] 
[   69.561938][ T5304]  *** DEADLOCK ***
[   69.561938][ T5304] 
[   69.565357][ T5304] 1 lock held by udevd/5304:
[   69.567467][ T5304]  #0: ffff888032e60358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_release+0x17e/0x700
[   69.570880][ T5304] 
[   69.570880][ T5304] stack backtrace:
[   69.573187][ T5304] CPU: 0 UID: 0 PID: 5304 Comm: udevd Not tainted 6.15.0-rc3-syzkaller-00001-g9d7a0577c9db #0 PREEMPT(full) 
[   69.573201][ T5304] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   69.573217][ T5304] Call Trace:
[   69.573225][ T5304]  <TASK>
[   69.573231][ T5304]  dump_stack_lvl+0x241/0x360
[   69.573251][ T5304]  ? __pfx_dump_stack_lvl+0x10/0x10
[   69.573266][ T5304]  ? __pfx__printk+0x10/0x10
[   69.573279][ T5304]  ? print_lock+0x171/0x1a0
[   69.573295][ T5304]  print_circular_bug+0x2e1/0x300
[   69.573307][ T5304]  check_noncircular+0x142/0x160
[   69.573320][ T5304]  validate_chain+0xa69/0x24e0
[   69.573334][ T5304]  ? lockdep_unlock+0x8d/0x120
[   69.573348][ T5304]  __lock_acquire+0xad5/0xd80
[   69.573362][ T5304]  ? up_write+0x1ab/0x590
[   69.573372][ T5304]  lock_acquire+0x116/0x2f0
[   69.573385][ T5304]  ? __kernfs_remove+0x336/0x570
[   69.573399][ T5304]  kernfs_drain+0x275/0x5e0
[   69.573409][ T5304]  ? __kernfs_remove+0x336/0x570
[   69.573421][ T5304]  ? __pfx_kernfs_drain+0x10/0x10
[   69.573434][ T5304]  __kernfs_remove+0x336/0x570
[   69.573446][ T5304]  kernfs_remove_by_name_ns+0xad/0x130
[   69.573458][ T5304]  device_del+0x56c/0x9b0
[   69.573473][ T5304]  ? __pfx_device_del+0x10/0x10
[   69.573484][ T5304]  ? kobject_put+0x446/0x480
[   69.573497][ T5304]  drop_partition+0x11b/0x180
[   69.573513][ T5304]  bdev_disk_changed+0x2ca/0x14e0
[   69.573523][ T5304]  ? kobject_uevent_env+0x54d/0x8e0
[   69.573538][ T5304]  ? __pfx_bdev_disk_changed+0x10/0x10
[   69.573547][ T5304]  ? kobject_uevent_env+0x54d/0x8e0
[   69.573561][ T5304]  lo_release+0x540/0x850
[   69.573574][ T5304]  ? __pfx_lo_release+0x10/0x10
[   69.573589][ T5304]  ? do_raw_spin_unlock+0x58/0x8b0
[   69.573602][ T5304]  ? __pfx_lo_release+0x10/0x10
[   69.573613][ T5304]  bdev_release+0x5dd/0x700
[   69.573628][ T5304]  blkdev_release+0x15/0x20
[   69.573641][ T5304]  ? __pfx_blkdev_release+0x10/0x10
[   69.573654][ T5304]  __fput+0x3e9/0x9f0
[   69.573668][ T5304]  fput_close_sync+0x1ef/0x270
[   69.573681][ T5304]  ? __pfx_fput_close_sync+0x10/0x10
[   69.573691][ T5304]  ? do_raw_spin_unlock+0x58/0x8b0
[   69.573703][ T5304]  ? filp_flush+0x116/0x190
[   69.573715][ T5304]  __x64_sys_close+0x7f/0x110
[   69.573727][ T5304]  do_syscall_64+0xf3/0x210
[   69.573739][ T5304]  ? clear_bhb_loop+0x45/0xa0
[   69.573751][ T5304]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.573762][ T5304] RIP: 0033:0x7fa4ee9170a8
[   69.573775][ T5304] Code: 48 8b 05 83 9d 0d 00 64 c7 00 16 00 00 00 83 c8 ff 48 83 c4 20 5b c3 64 8b 04 25 18 00 00 00 85 c0 75 20 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 76 5b 48 8b 15 51 9d 0d 00 f7 d8 64 89 02 48 83
[   69.573783][ T5304] RSP: 002b:00007ffce0561978 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[   69.573795][ T5304] RAX: ffffffffffffffda RBX: 00007fa4eecac0e0 RCX: 00007fa4ee9170a8
[   69.573802][ T5304] RDX: 000055f1886db1f4 RSI: 00007ffce0561178 RDI: 0000000000000008
[   69.573808][ T5304] RBP: 000055f4d7205110 R08: 0000000000000006 R09: a91b90da843e6560
[   69.573815][ T5304] R10: 000000000000010f R11: 0000000000000246 R12: 0000000000000002
[   69.573820][ T5304] R13: 000055f4d7204fc0 R14: 0000000000000008 R15: 000055f4d7204910
[   69.573831][ T5304]  </TASK>
[   69.698978][ T5323] loop0: detected capacity change from 0 to 2048
[   69.721431][ T5302]  loop0: p1 < > p3 < > p4 < >
[   69.723394][ T5302] loop0: partition table partially beyond EOD, truncated
[   69.727178][ T5302] loop0: p3 start 4284289 is beyond EOD, truncated