Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.41' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 27.176717] [ 27.178356] ====================================================== [ 27.184650] WARNING: possible circular locking dependency detected [ 27.190946] 4.14.290-syzkaller #0 Not tainted [ 27.195431] ------------------------------------------------------ [ 27.201720] syz-executor101/7986 is trying to acquire lock: [ 27.207405] (&bdev->bd_mutex){+.+.}, at: [] blkdev_reread_part+0x1b/0x40 [ 27.215898] [ 27.215898] but task is already holding lock: [ 27.221842] (&nbd->config_lock){+.+.}, at: [] nbd_ioctl+0x11f/0xac0 [ 27.229891] [ 27.229891] which lock already depends on the new lock. [ 27.229891] [ 27.238188] [ 27.238188] the existing dependency chain (in reverse order) is: [ 27.246103] [ 27.246103] -> #2 (&nbd->config_lock){+.+.}: [ 27.251978] __mutex_lock+0xc4/0x1310 [ 27.256275] nbd_open+0x1ac/0x370 [ 27.260228] __blkdev_get+0x306/0x1090 [ 27.264608] blkdev_get+0x88/0x890 [ 27.268648] blkdev_open+0x1cc/0x250 [ 27.272856] do_dentry_open+0x44b/0xec0 [ 27.277324] vfs_open+0x105/0x220 [ 27.281298] path_openat+0x628/0x2970 [ 27.285593] do_filp_open+0x179/0x3c0 [ 27.289893] do_sys_open+0x296/0x410 [ 27.294107] do_syscall_64+0x1d5/0x640 [ 27.298492] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 27.304176] [ 27.304176] -> #1 (nbd_index_mutex){+.+.}: [ 27.309872] __mutex_lock+0xc4/0x1310 [ 27.314175] nbd_open+0x1e/0x370 [ 27.318037] __blkdev_get+0x306/0x1090 [ 27.322428] blkdev_get+0x88/0x890 [ 27.326466] blkdev_open+0x1cc/0x250 [ 27.330674] do_dentry_open+0x44b/0xec0 [ 27.335145] vfs_open+0x105/0x220 [ 27.339097] path_openat+0x628/0x2970 [ 27.343393] do_filp_open+0x179/0x3c0 [ 27.347702] do_sys_open+0x296/0x410 [ 27.351934] do_syscall_64+0x1d5/0x640 [ 27.356317] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 27.361997] [ 27.361997] -> #0 (&bdev->bd_mutex){+.+.}: [ 27.367688] lock_acquire+0x170/0x3f0 [ 27.372000] __mutex_lock+0xc4/0x1310 [ 27.376303] blkdev_reread_part+0x1b/0x40 [ 27.380949] nbd_ioctl+0x802/0xac0 [ 27.385075] blkdev_ioctl+0x540/0x1830 [ 27.389459] block_ioctl+0xd9/0x120 [ 27.393581] do_vfs_ioctl+0x75a/0xff0 [ 27.397878] SyS_ioctl+0x7f/0xb0 [ 27.401829] do_syscall_64+0x1d5/0x640 [ 27.406229] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 27.411921] [ 27.411921] other info that might help us debug this: [ 27.411921] [ 27.420040] Chain exists of: [ 27.420040] &bdev->bd_mutex --> nbd_index_mutex --> &nbd->config_lock [ 27.420040] [ 27.431114] Possible unsafe locking scenario: [ 27.431114] [ 27.437159] CPU0 CPU1 [ 27.441800] ---- ---- [ 27.447566] lock(&nbd->config_lock); [ 27.451515] lock(nbd_index_mutex); [ 27.457807] lock(&nbd->config_lock); [ 27.464186] lock(&bdev->bd_mutex); [ 27.467875] [ 27.467875] *** DEADLOCK *** [ 27.467875] [ 27.473908] 1 lock held by syz-executor101/7986: [ 27.478641] #0: (&nbd->config_lock){+.+.}, at: [] nbd_ioctl+0x11f/0xac0 [ 27.487374] [ 27.487374] stack backtrace: [ 27.491844] CPU: 1 PID: 7986 Comm: syz-executor101 Not tainted 4.14.290-syzkaller #0 [ 27.499798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 27.509138] Call Trace: [ 27.511715] dump_stack+0x1b2/0x281 [ 27.515321] print_circular_bug.constprop.0.cold+0x2d7/0x41e [ 27.521195] __lock_acquire+0x2e0e/0x3f20 [ 27.525327] ? trace_hardirqs_on+0x10/0x10 [ 27.529536] ? add_lock_to_list.constprop.0+0x17d/0x330 [ 27.534875] ? save_trace+0xd6/0x290 [ 27.538568] lock_acquire+0x170/0x3f0 [ 27.542360] ? blkdev_reread_part+0x1b/0x40 [ 27.546655] ? blkdev_reread_part+0x1b/0x40 [ 27.550954] __mutex_lock+0xc4/0x1310 [ 27.554730] ? blkdev_reread_part+0x1b/0x40 [ 27.559463] ? __get_super.part.0+0xbb/0x390 [ 27.563855] ? blkdev_reread_part+0x1b/0x40 [ 27.568153] ? __ww_mutex_wakeup_for_backoff+0x210/0x210 [ 27.573582] ? lock_downgrade+0x740/0x740 [ 27.577706] ? nbd_ioctl+0x7e7/0xac0 [ 27.581395] ? lock_downgrade+0x740/0x740 [ 27.585517] blkdev_reread_part+0x1b/0x40 [ 27.589647] nbd_ioctl+0x802/0xac0 [ 27.593169] ? kasan_slab_free+0xc3/0x1a0 [ 27.597292] ? nbd_disconnect_and_put+0x140/0x140 [ 27.602110] ? do_syscall_64+0x1d5/0x640 [ 27.606145] ? entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 27.611481] ? path_lookupat+0x780/0x780 [ 27.615522] ? debug_check_no_obj_freed+0x2c0/0x680 [ 27.620515] ? nbd_disconnect_and_put+0x140/0x140 [ 27.625333] blkdev_ioctl+0x540/0x1830 [ 27.629197] ? blkpg_ioctl+0x8d0/0x8d0 [ 27.633062] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 27.638141] ? debug_check_no_obj_freed+0x2c0/0x680 [ 27.643134] block_ioctl+0xd9/0x120 [ 27.646737] ? blkdev_fallocate+0x3a0/0x3a0 [ 27.651035] do_vfs_ioctl+0x75a/0xff0 [ 27.654814] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 27.660242] ? ioctl_preallocate+0x1a0/0x1a0 [ 27.664628] ? kmem_cache_free+0x23a/0x2b0 [ 27.668837] ? putname+0xcd/0x110 [ 27.672265] ? do_sys_open+0x208/0x410 [ 27.676127] ? filp_open+0x60/0x60 [ 27.679643] ? security_file_ioctl+0x83/0xb0 [ 27.684025] SyS_ioctl+0x7f/0xb0 [ 27.687367] ? do_vfs_ioctl+0xff0/0xff0 [ 27.691316] do_syscall_64+0x1d5/0x640 [ 27.695181] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 27.700346] RIP: 0033:0x7fe73ad5b5d9 [ 27.704045] RSP: 002b:00007ffecdcfb398 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 27.711737] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe73ad5b5d9 [ 27.718985] RDX: 0000000000000000 RSI: 000000000000ab04 RDI: 0000000000000003 [ 27.726234] RBP: 00007fe73ad1b1