Warning: Permanently added '10.128.0.128' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 67.691666][ T8491] [ 67.694032][ T8491] ====================================================== [ 67.701034][ T8491] WARNING: possible circular locking dependency detected [ 67.708079][ T8491] 5.10.0-rc3-next-20201116-syzkaller #0 Not tainted [ 67.714647][ T8491] ------------------------------------------------------ [ 67.721689][ T8491] syz-executor541/8491 is trying to acquire lock: [ 67.728084][ T8491] ffffffff8bd213a8 (brd_devices_mutex){+.+.}-{3:3}, at: brd_probe+0x31/0x250 [ 67.736848][ T8491] [ 67.736848][ T8491] but task is already holding lock: [ 67.744215][ T8491] ffffffff8bac3508 (major_names_lock){+.+.}-{3:3}, at: get_gendisk+0x3c8/0x6a0 [ 67.753180][ T8491] [ 67.753180][ T8491] which lock already depends on the new lock. [ 67.753180][ T8491] [ 67.763576][ T8491] [ 67.763576][ T8491] the existing dependency chain (in reverse order) is: [ 67.772580][ T8491] [ 67.772580][ T8491] -> #3 (major_names_lock){+.+.}-{3:3}: [ 67.780306][ T8491] __mutex_lock+0x134/0x1110 [ 67.785403][ T8491] __register_blkdev+0x2b/0x390 [ 67.790757][ T8491] register_mtd_blktrans+0x85/0x3c0 [ 67.796461][ T8491] do_one_initcall+0x103/0x650 [ 67.801734][ T8491] kernel_init_freeable+0x600/0x684 [ 67.807436][ T8491] kernel_init+0xd/0x1b8 [ 67.812217][ T8491] ret_from_fork+0x1f/0x30 [ 67.817142][ T8491] [ 67.817142][ T8491] -> #2 (mtd_table_mutex){+.+.}-{3:3}: [ 67.824777][ T8491] __mutex_lock+0x134/0x1110 [ 67.829870][ T8491] blktrans_open+0x69/0x600 [ 67.834877][ T8491] __blkdev_get+0x80f/0x1870 [ 67.840004][ T8491] blkdev_get+0xd1/0x240 [ 67.844747][ T8491] blkdev_open+0x21d/0x2b0 [ 67.849719][ T8491] do_dentry_open+0x4b9/0x11b0 [ 67.854987][ T8491] path_openat+0x1b9a/0x2730 [ 67.860085][ T8491] do_filp_open+0x17e/0x3c0 [ 67.865094][ T8491] do_sys_openat2+0x16d/0x420 [ 67.870295][ T8491] __x64_sys_open+0x119/0x1c0 [ 67.875475][ T8491] do_syscall_64+0x2d/0x70 [ 67.880397][ T8491] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 67.886790][ T8491] [ 67.886790][ T8491] -> #1 (&bdev->bd_mutex){+.+.}-{3:3}: [ 67.894441][ T8491] __mutex_lock+0x134/0x1110 [ 67.899541][ T8491] __blkdev_get+0x457/0x1870 [ 67.904645][ T8491] blkdev_get+0xd1/0x240 [ 67.909405][ T8491] blkdev_get_by_dev+0x3b/0x70 [ 67.914671][ T8491] __device_add_disk+0xe02/0x1250 [ 67.920239][ T8491] brd_init+0x2af/0x475 [ 67.924902][ T8491] do_one_initcall+0x103/0x650 [ 67.930169][ T8491] kernel_init_freeable+0x600/0x684 [ 67.935871][ T8491] kernel_init+0xd/0x1b8 [ 67.940624][ T8491] ret_from_fork+0x1f/0x30 [ 67.945624][ T8491] [ 67.945624][ T8491] -> #0 (brd_devices_mutex){+.+.}-{3:3}: [ 67.953433][ T8491] __lock_acquire+0x2ca6/0x5c00 [ 67.958791][ T8491] lock_acquire+0x2a3/0x8c0 [ 67.963856][ T8491] __mutex_lock+0x134/0x1110 [ 67.968951][ T8491] brd_probe+0x31/0x250 [ 67.973624][ T8491] get_gendisk+0x4c3/0x6a0 [ 67.978558][ T8491] __blkdev_get+0x344/0x1870 [ 67.983649][ T8491] blkdev_get+0xd1/0x240 [ 67.988390][ T8491] blkdev_open+0x21d/0x2b0 [ 67.993310][ T8491] do_dentry_open+0x4b9/0x11b0 [ 67.998591][ T8491] path_openat+0x1b9a/0x2730 [ 68.003686][ T8491] do_filp_open+0x17e/0x3c0 [ 68.008698][ T8491] do_sys_openat2+0x16d/0x420 [ 68.013883][ T8491] __x64_sys_openat+0x13f/0x1f0 [ 68.019242][ T8491] do_syscall_64+0x2d/0x70 [ 68.024170][ T8491] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 68.030563][ T8491] [ 68.030563][ T8491] other info that might help us debug this: [ 68.030563][ T8491] [ 68.040807][ T8491] Chain exists of: [ 68.040807][ T8491] brd_devices_mutex --> mtd_table_mutex --> major_names_lock [ 68.040807][ T8491] [ 68.054079][ T8491] Possible unsafe locking scenario: [ 68.054079][ T8491] [ 68.061517][ T8491] CPU0 CPU1 [ 68.066870][ T8491] ---- ---- [ 68.072221][ T8491] lock(major_names_lock); [ 68.076717][ T8491] lock(mtd_table_mutex); [ 68.083637][ T8491] lock(major_names_lock); [ 68.090646][ T8491] lock(brd_devices_mutex); [ 68.095221][ T8491] [ 68.095221][ T8491] *** DEADLOCK *** [ 68.095221][ T8491] [ 68.103356][ T8491] 1 lock held by syz-executor541/8491: [ 68.108794][ T8491] #0: ffffffff8bac3508 (major_names_lock){+.+.}-{3:3}, at: get_gendisk+0x3c8/0x6a0 [ 68.118169][ T8491] [ 68.118169][ T8491] stack backtrace: [ 68.124064][ T8491] CPU: 0 PID: 8491 Comm: syz-executor541 Not tainted 5.10.0-rc3-next-20201116-syzkaller #0 [ 68.134107][ T8491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 68.144148][ T8491] Call Trace: [ 68.147436][ T8491] dump_stack+0x107/0x163 [ 68.151759][ T8491] check_noncircular+0x25f/0x2e0 [ 68.156691][ T8491] ? is_bpf_text_address+0xa9/0x160 [ 68.161880][ T8491] ? print_circular_bug+0x360/0x360 [ 68.167065][ T8491] ? lock_chain_count+0x20/0x20 [ 68.171897][ T8491] ? unwind_next_frame+0xe3b/0x1f90 [ 68.177080][ T8491] ? lockdep_lock+0xea/0x200 [ 68.181651][ T8491] ? call_rcu_zapped+0xb0/0xb0 [ 68.186397][ T8491] ? find_held_lock+0x2d/0x110 [ 68.191140][ T8491] __lock_acquire+0x2ca6/0x5c00 [ 68.196002][ T8491] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 68.201983][ T8491] lock_acquire+0x2a3/0x8c0 [ 68.206470][ T8491] ? brd_probe+0x31/0x250 [ 68.210792][ T8491] ? lock_release+0x710/0x710 [ 68.215452][ T8491] __mutex_lock+0x134/0x1110 [ 68.220026][ T8491] ? brd_probe+0x31/0x250 [ 68.224338][ T8491] ? brd_probe+0x31/0x250 [ 68.228650][ T8491] ? mutex_lock_io_nested+0xf60/0xf60 [ 68.234025][ T8491] ? mutex_lock_io_nested+0xf60/0xf60 [ 68.239388][ T8491] ? __mutex_unlock_slowpath+0xe2/0x610 [ 68.244927][ T8491] ? __xa_clear_mark+0x110/0x110 [ 68.249847][ T8491] ? wait_for_completion_io+0x260/0x260 [ 68.255407][ T8491] brd_probe+0x31/0x250 [ 68.259564][ T8491] get_gendisk+0x4c3/0x6a0 [ 68.264055][ T8491] ? brd_lookup_page+0x1c0/0x1c0 [ 68.268991][ T8491] __blkdev_get+0x344/0x1870 [ 68.273636][ T8491] ? devcgroup_check_permission+0x17e/0x420 [ 68.279536][ T8491] ? freeze_bdev+0x250/0x250 [ 68.284119][ T8491] ? devcgroup_check_permission+0x1a8/0x420 [ 68.290009][ T8491] blkdev_get+0xd1/0x240 [ 68.294250][ T8491] blkdev_open+0x21d/0x2b0 [ 68.298664][ T8491] do_dentry_open+0x4b9/0x11b0 [ 68.303412][ T8491] ? blkdev_get_by_dev+0x70/0x70 [ 68.308331][ T8491] ? may_open+0x1e4/0x400 [ 68.312642][ T8491] path_openat+0x1b9a/0x2730 [ 68.317225][ T8491] ? path_lookupat+0x830/0x830 [ 68.321974][ T8491] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 68.327939][ T8491] do_filp_open+0x17e/0x3c0 [ 68.332422][ T8491] ? may_open_dev+0xf0/0xf0 [ 68.336907][ T8491] ? do_raw_spin_lock+0x120/0x2b0 [ 68.341925][ T8491] ? rwlock_bug.part.0+0x90/0x90 [ 68.346848][ T8491] ? _raw_spin_unlock+0x24/0x40 [ 68.351693][ T8491] ? __alloc_fd+0x28d/0x600 [ 68.356176][ T8491] do_sys_openat2+0x16d/0x420 [ 68.360835][ T8491] ? build_open_flags+0x650/0x650 [ 68.365856][ T8491] ? find_held_lock+0x2d/0x110 [ 68.370606][ T8491] __x64_sys_openat+0x13f/0x1f0 [ 68.375440][ T8491] ? __ia32_sys_open+0x1c0/0x1c0 [ 68.380363][ T8491] ? syscall_enter_from_user_mode+0x1d/0x50 [ 68.386239][ T8491] do_syscall_64+0x2d/0x70 [ 68.390640][ T8491] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 68.396514][ T8491] RIP: 0033:0x445ec9 [ 68.400390][ T8491] Code: e8 fc b8 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 0b 12 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 68.419980][ T8491] RSP: 002b:00007f6bca748d98 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 68.428389][ T8491] RAX: ffffffffffffffda RBX: 00000000006ddc38 RCX: 0000000000445ec9 [ 68.436368][ T8491] RDX: 0000000000000000 RSI: 0000000020002040 RDI: 00000000ffffff9c [ 68.4