[[0;32m  OK  [0m] Reached target Login Prompts.
[[0;32m  OK  [0m] Reached target Multi-User System.
[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.0.35' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   78.456386][ T8486] netlink: 4 bytes leftover after parsing attributes in process `syz-executor246'.
[   78.467368][ T8486] netlink: 4 bytes leftover after parsing attributes in process `syz-executor246'.
[   78.478582][ T8486] nbd: socks must be embedded in a SOCK_ITEM attr
[   78.487138][ T8486] 
[   78.489784][ T8486] ======================================================
[   78.496892][ T8486] WARNING: possible circular locking dependency detected
[   78.503899][ T8486] 5.13.0-syzkaller #0 Not tainted
[   78.509014][ T8486] ------------------------------------------------------
[   78.516143][ T8486] syz-executor246/8486 is trying to acquire lock:
[   78.522655][ T8486] ffff88801edfed18 (&disk->open_mutex){+.+.}-{3:3}, at: del_gendisk+0x8b/0x770
[   78.532222][ T8486] 
[   78.532222][ T8486] but task is already holding lock:
[   78.540041][ T8486] ffffffff8cc7cb68 (nbd_index_mutex){+.+.}-{3:3}, at: refcount_dec_and_mutex_lock+0x50/0x140
[   78.550622][ T8486] 
[   78.550622][ T8486] which lock already depends on the new lock.
[   78.550622][ T8486] 
[   78.561292][ T8486] 
[   78.561292][ T8486] the existing dependency chain (in reverse order) is:
[   78.570600][ T8486] 
[   78.570600][ T8486] -> #1 (nbd_index_mutex){+.+.}-{3:3}:
[   78.578944][ T8486]        __mutex_lock+0x12a/0x10a0
[   78.584425][ T8486]        nbd_open+0x7d/0x8a0
[   78.589442][ T8486]        blkdev_get_whole+0xa1/0x420
[   78.595706][ T8486]        blkdev_get_by_dev.part.0+0x30c/0xdd0
[   78.601784][ T8486]        blkdev_open+0x295/0x300
[   78.606926][ T8486]        do_dentry_open+0x4c8/0x11c0
[   78.612300][ T8486]        path_openat+0x1c0e/0x27e0
[   78.617485][ T8486]        do_filp_open+0x190/0x3d0
[   78.622757][ T8486]        do_sys_openat2+0x16d/0x420
[   78.628028][ T8486]        __x64_sys_open+0x119/0x1c0
[   78.633299][ T8486]        do_syscall_64+0x35/0xb0
[   78.638217][ T8486]        entry_SYSCALL_64_after_hwframe+0x44/0xae
[   78.644709][ T8486] 
[   78.644709][ T8486] -> #0 (&disk->open_mutex){+.+.}-{3:3}:
[   78.652999][ T8486]        __lock_acquire+0x2a07/0x54a0
[   78.658688][ T8486]        lock_acquire+0x1ab/0x510
[   78.663930][ T8486]        __mutex_lock+0x12a/0x10a0
[   78.669039][ T8486]        del_gendisk+0x8b/0x770
[   78.673922][ T8486]        nbd_put.part.0+0x82/0x160
[   78.679074][ T8486]        nbd_genl_connect+0x1214/0x1660
[   78.684739][ T8486]        genl_family_rcv_msg_doit+0x228/0x320
[   78.690969][ T8486]        genl_rcv_msg+0x328/0x580
[   78.695979][ T8486]        netlink_rcv_skb+0x153/0x420
[   78.701249][ T8486]        genl_rcv+0x24/0x40
[   78.705776][ T8486]        netlink_unicast+0x533/0x7d0
[   78.711557][ T8486]        netlink_sendmsg+0x85b/0xda0
[   78.717379][ T8486]        sock_sendmsg+0xcf/0x120
[   78.722422][ T8486]        ____sys_sendmsg+0x6e8/0x810
[   78.727712][ T8486]        ___sys_sendmsg+0xf3/0x170
[   78.732972][ T8486]        __sys_sendmsg+0xe5/0x1b0
[   78.738014][ T8486]        do_syscall_64+0x35/0xb0
[   78.743035][ T8486]        entry_SYSCALL_64_after_hwframe+0x44/0xae
[   78.749542][ T8486] 
[   78.749542][ T8486] other info that might help us debug this:
[   78.749542][ T8486] 
[   78.760094][ T8486]  Possible unsafe locking scenario:
[   78.760094][ T8486] 
[   78.767540][ T8486]        CPU0                    CPU1
[   78.773083][ T8486]        ----                    ----
[   78.778607][ T8486]   lock(nbd_index_mutex);
[   78.783108][ T8486]                                lock(&disk->open_mutex);
[   78.790282][ T8486]                                lock(nbd_index_mutex);
[   78.797642][ T8486]   lock(&disk->open_mutex);
[   78.802474][ T8486] 
[   78.802474][ T8486]  *** DEADLOCK ***
[   78.802474][ T8486] 
[   78.810680][ T8486] 3 locks held by syz-executor246/8486:
[   78.816582][ T8486]  #0: ffffffff8d94a490 (cb_lock){++++}-{3:3}, at: genl_rcv+0x15/0x40
[   78.825232][ T8486]  #1: ffffffff8d94a548 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x3e0/0x580
[   78.834680][ T8486]  #2: ffffffff8cc7cb68 (nbd_index_mutex){+.+.}-{3:3}, at: refcount_dec_and_mutex_lock+0x50/0x140
[   78.845704][ T8486] 
[   78.845704][ T8486] stack backtrace:
[   78.852069][ T8486] CPU: 0 PID: 8486 Comm: syz-executor246 Not tainted 5.13.0-syzkaller #0
[   78.860708][ T8486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   78.871075][ T8486] Call Trace:
[   78.874375][ T8486]  dump_stack_lvl+0xcd/0x134
[   78.878979][ T8486]  check_noncircular+0x25f/0x2e0
[   78.883951][ T8486]  ? print_circular_bug+0x1e0/0x1e0
[   78.890953][ T8486]  ? kmem_cache_free+0x8e/0x5a0
[   78.896282][ T8486]  ? lockdep_lock+0xc6/0x200
[   78.900985][ T8486]  ? call_rcu_zapped+0xb0/0xb0
[   78.905944][ T8486]  __lock_acquire+0x2a07/0x54a0
[   78.910916][ T8486]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   78.919273][ T8486]  ? mark_held_locks+0x9f/0xe0
[   78.924047][ T8486]  lock_acquire+0x1ab/0x510
[   78.928551][ T8486]  ? del_gendisk+0x8b/0x770
[   78.933056][ T8486]  ? lock_release+0x720/0x720
[   78.937719][ T8486]  ? lockdep_hardirqs_on+0x79/0x100
[   78.942909][ T8486]  __mutex_lock+0x12a/0x10a0
[   78.947485][ T8486]  ? del_gendisk+0x8b/0x770
[   78.951973][ T8486]  ? lock_downgrade+0x6e0/0x6e0
[   78.956805][ T8486]  ? del_gendisk+0x8b/0x770
[   78.961920][ T8486]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[   78.968280][ T8486]  ? mutex_lock_io_nested+0xf00/0xf00
[   78.973830][ T8486]  ? kobj_kset_leave+0x12/0x200
[   78.978761][ T8486]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   78.985091][ T8486]  ? kobject_put+0xb9/0x540
[   78.989709][ T8486]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[   78.995650][ T8486]  ? kfree_const+0x35/0x60
[   79.000180][ T8486]  del_gendisk+0x8b/0x770
[   79.005423][ T8486]  ? nbd_config_put+0x5e8/0x8e0
[   79.010461][ T8486]  nbd_put.part.0+0x82/0x160
[   79.015063][ T8486]  nbd_genl_connect+0x1214/0x1660
[   79.020522][ T8486]  ? nbd_start_device+0xd50/0xd50
[   79.025547][ T8486]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   79.032214][ T8486]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290
[   79.039945][ T8486]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290
[   79.047863][ T8486]  genl_family_rcv_msg_doit+0x228/0x320
[   79.054133][ T8486]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290
[   79.061998][ T8486]  ? genl_op_from_small+0x23/0x3c0
[   79.067111][ T8486]  ? genl_get_cmd+0x3cf/0x480
[   79.071869][ T8486]  genl_rcv_msg+0x328/0x580
[   79.076539][ T8486]  ? genl_get_cmd+0x480/0x480
[   79.081306][ T8486]  ? nbd_start_device+0xd50/0xd50
[   79.086578][ T8486]  ? lock_release+0x720/0x720
[   79.091731][ T8486]  netlink_rcv_skb+0x153/0x420
[   79.096675][ T8486]  ? genl_get_cmd+0x480/0x480
[   79.101375][ T8486]  ? netlink_ack+0xa60/0xa60
[   79.106713][ T8486]  genl_rcv+0x24/0x40
[   79.110817][ T8486]  netlink_unicast+0x533/0x7d0
[   79.115687][ T8486]  ? netlink_attachskb+0x890/0x890
[   79.120904][ T8486]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   79.127380][ T8486]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   79.133843][ T8486]  ? __phys_addr_symbol+0x2c/0x70
[   79.138966][ T8486]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[   79.145021][ T8486]  ? __check_object_size+0x16e/0x3f0
[   79.150595][ T8486]  netlink_sendmsg+0x85b/0xda0
[   79.155462][ T8486]  ? netlink_unicast+0x7d0/0x7d0
[   79.160556][ T8486]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   79.167289][ T8486]  ? netlink_unicast+0x7d0/0x7d0
[   79.172877][ T8486]  sock_sendmsg+0xcf/0x120
[   79.177310][ T8486]  ____sys_sendmsg+0x6e8/0x810
[   79.182125][ T8486]  ? kernel_sendmsg+0x50/0x50
[   79.187283][ T8486]  ? do_recvmmsg+0x6d0/0x6d0
[   79.192165][ T8486]  ? lock_chain_count+0x20/0x20
[   79.197194][ T8486]  ? netlink_recvmsg+0x826/0xeb0
[   79.202667][ T8486]  ___sys_sendmsg+0xf3/0x170
[   79.207258][ T8486]  ? sendmsg_copy_msghdr+0x160/0x160
[   79.212812][ T8486]  ? __lock_acquire+0x162f/0x54a0
[   79.218002][ T8486]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   79.224203][ T8486]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   79.230195][ T8486]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   79.236502][ T8486]  ? __fget_light+0x215/0x280
[   79.241340][ T8486]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   79.247905][ T8486]  __sys_sendmsg+0xe5/0x1b0
[   79.252736][ T8486]  ? __sys_sendmsg_sock+0x30/0x30
[   79.257945][ T8486]  ? syscall_enter_from_user_mode+0x21/0x70
[   79.264645][ T8486]  do_syscall_64+0x35/0xb0
[   79.269277][ T8486]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   79.275895][ T8486] RIP: 0033:0x43fa29
[   79.280002][ T8486] Code: 28 c3 e8 5a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   79.299736][ T8486] RSP: 002b:00007ffec50338c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   79.308310][ T8486] RAX: ffffffffffffffda RBX: 00000000004004a0 RCX: 000000000043fa29
[   79.316387][ T8486] RDX: 0000000000000000 RSI: 0000000020000b40 RDI: 0000000000000003
[   79.324361][ T8486] RBP: 0000000000403490 R08: 0000000000000000 R09: 00000000004004a0
[   79.332317][ T8486] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000403520
[   79.340274][ T8486] R13: 0000000000000000 R14: 00000000004ad018 R15: 00000000004004a0
[   79.364384][ T8486] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
[   79.376148][ T8486] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[   79.385092][ T8486] CPU: 1 PID: 8486 Comm: syz-executor246 Not tainted 5.13.0-syzkaller #0
[   79.393633][ T8486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   79.403960][ T8486] RIP: 0010:blk_mq_run_hw_queues+0x32b/0x4a0
[   79.409962][ T8486] Code: ea 48 c1 ea 03 80 3c 02 00 0f 85 51 01 00 00 48 8b 45 00 89 db 48 8d 1c 98 48 b8 00 00 00 00 00 fc ff df 48 89 da 48 c1 ea 03 <0f> b6 14 02 48 89 d8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 ed
[   79.430277][ T8486] RSP: 0018:ffffc90003b073b0 EFLAGS: 00010247
[   79.437144][ T8486] RAX: dffffc0000000000 RBX: 0000000000000004 RCX: 0000000000000000
[   79.445664][ T8486] RDX: 0000000000000000 RSI: ffffffff83be8009 RDI: ffff888146046e00
[   79.454016][ T8486] RBP: ffff88801f280000 R08: 0000000000000000 R09: ffff888146046d77
[   79.462551][ T8486] R10: ffffffff83be7e41 R11: 0000000000000000 R12: ffff888146046430
[   79.470805][ T8486] R13: ffff88801f0fa640 R14: ffff888018c9cc08 R15: 0000000000000001
[   79.478883][ T8486] FS:  0000000000d2a300(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000
[   79.488315][ T8486] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   79.495367][ T8486] CR2: 00007f0078bf5000 CR3: 000000002a607000 CR4: 00000000001506e0
[   79.503348][ T8486] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   79.511592][ T8486] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   79.519729][ T8486] Call Trace:
[   79.523002][ T8486]  blk_freeze_queue_start+0xc4/0xe0
[   79.528285][ T8486]  blk_set_queue_dying+0x24/0x80
[   79.533325][ T8486]  blk_cleanup_queue+0x7b/0x1e0
[   79.538175][ T8486]  blk_cleanup_disk+0x33/0x80
[   79.542870][ T8486]  nbd_put.part.0+0x92/0x160
[   79.547485][ T8486]  nbd_genl_connect+0x1214/0x1660
[   79.552528][ T8486]  ? nbd_start_device+0xd50/0xd50
[   79.557546][ T8486]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   79.564146][ T8486]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b7/0x290
[   79.571513][ T8486]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x290
[   79.578826][ T8486]  genl_family_rcv_msg_doit+0x228/0x320
[   79.584365][ T8486]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x290/0x290
[   79.591733][ T8486]  ? genl_op_from_small+0x23/0x3c0
[   79.596922][ T8486]  ? genl_get_cmd+0x3cf/0x480
[   79.601868][ T8486]  genl_rcv_msg+0x328/0x580
[   79.606382][ T8486]  ? genl_get_cmd+0x480/0x480
[   79.611049][ T8486]  ? nbd_start_device+0xd50/0xd50
[   79.616211][ T8486]  ? lock_release+0x720/0x720
[   79.621085][ T8486]  netlink_rcv_skb+0x153/0x420
[   79.625841][ T8486]  ? genl_get_cmd+0x480/0x480
[   79.630516][ T8486]  ? netlink_ack+0xa60/0xa60
[   79.635098][ T8486]  genl_rcv+0x24/0x40
[   79.639244][ T8486]  netlink_unicast+0x533/0x7d0
[   79.644260][ T8486]  ? netlink_attachskb+0x890/0x890
[   79.649732][ T8486]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   79.656139][ T8486]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   79.662470][ T8486]  ? __phys_addr_symbol+0x2c/0x70
[   79.667487][ T8486]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[   79.673367][ T8486]  ? __check_object_size+0x16e/0x3f0
[   79.678747][ T8486]  netlink_sendmsg+0x85b/0xda0
[   79.683612][ T8486]  ? netlink_unicast+0x7d0/0x7d0
[   79.688631][ T8486]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   79.694865][ T8486]  ? netlink_unicast+0x7d0/0x7d0
[   79.700171][ T8486]  sock_sendmsg+0xcf/0x120
[   79.704843][ T8486]  ____sys_sendmsg+0x6e8/0x810
[   79.709600][ T8486]  ? kernel_sendmsg+0x50/0x50
[   79.714284][ T8486]  ? do_recvmmsg+0x6d0/0x6d0
[   79.718999][ T8486]  ? lock_chain_count+0x20/0x20
[   79.723855][ T8486]  ? netlink_recvmsg+0x826/0xeb0
[   79.728790][ T8486]  ___sys_sendmsg+0xf3/0x170
[   79.733370][ T8486]  ? sendmsg_copy_msghdr+0x160/0x160
[   79.738768][ T8486]  ? __lock_acquire+0x162f/0x54a0
[   79.743872][ T8486]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   79.749945][ T8486]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   79.756211][ T8486]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   79.762442][ T8486]  ? __fget_light+0x215/0x280
[   79.767107][ T8486]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   79.773601][ T8486]  __sys_sendmsg+0xe5/0x1b0
[   79.778194][ T8486]  ? __sys_sendmsg_sock+0x30/0x30
[   79.783682][ T8486]  ? syscall_enter_from_user_mode+0x21/0x70
[   79.789668][ T8486]  do_syscall_64+0x35/0xb0
[   79.794599][ T8486]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   79.800602][ T8486] RIP: 0033:0x43fa29
[   79.804835][ T8486] Code: 28 c3 e8 5a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   79.825511][ T8486] RSP: 002b:00007ffec50338c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   79.833915][ T8486] RAX: ffffffffffffffda RBX: 00000000004004a0 RCX: 000000000043fa29
[   79.842147][ T8486] RDX: 0000000000000000 RSI: 0000000020000b40 RDI: 0000000000000003
[   79.850103][ T8486] RBP: 0000000000403490 R08: 0000000000000000 R09: 00000000004004a0
[   79.858342][ T8486] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000403520
[   79.867353][ T8486] R13: 0000000000000000 R14: 00000000004ad018 R15: 00000000004004a0
[   79.875345][ T8486] Modules linked in:
[   79.882393][ T8486] ---[ end trace 8be05dc327ff2215 ]---
[   79.888540][ T8486] RIP: 0010:blk_mq_run_hw_queues+0x32b/0x4a0
[   79.894989][ T8486] Code: ea 48 c1 ea 03 80 3c 02 00 0f 85 51 01 00 00 48 8b 45 00 89 db 48 8d 1c 98 48 b8 00 00 00 00 00 fc ff df 48 89 da 48 c1 ea 03 <0f> b6 14 02 48 89 d8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 ed
[   79.895015][ T8486] RSP: 0018:ffffc90003b073b0 EFLAGS: 00010247
[   79.895033][ T8486] RAX: dffffc0000000000 RBX: 0000000000000004 RCX: 0000000000000000
[   79.895049][ T8486] RDX: 0000000000000000 RSI: ffffffff83be8009 RDI: ffff888146046e00
[   79.895063][ T8486] RBP: ffff88801f280000 R08: 0000000000000000 R09: ffff888146046d77
[   79.895078][ T8486] R10: ffffffff83be7e41 R11: 0000000000000000 R12: ffff888146046430
[   79.895093][ T8486] R13: ffff88801f0fa640 R14: ffff888018c9cc08 R15: 0000000000000001
[   79.895109][ T8486] FS:  0000000000d2a300(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000
[   79.895132][ T8486] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   79.978927][ T8486] CR2: 00007f011403e0a8 CR3: 000000002a607000 CR4: 00000000001506e0
[   79.988603][ T8486] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   79.997713][ T8486] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   80.006045][ T8486] Kernel panic - not syncing: Fatal exception
[   80.013936][ T8486] Kernel Offset: disabled
[   80.018268][ T8486] Rebooting in 86400 seconds..