[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.16' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 29.756038] [ 29.757778] ====================================================== [ 29.764070] WARNING: possible circular locking dependency detected [ 29.770373] 4.14.236-syzkaller #0 Not tainted [ 29.774838] ------------------------------------------------------ [ 29.781129] syz-executor071/7979 is trying to acquire lock: [ 29.786897] (&bdev->bd_mutex){+.+.}, at: [] blkdev_reread_part+0x1b/0x40 [ 29.795446] [ 29.795446] but task is already holding lock: [ 29.801453] (&nbd->config_lock){+.+.}, at: [] nbd_ioctl+0x11f/0xa80 [ 29.809494] [ 29.809494] which lock already depends on the new lock. [ 29.809494] [ 29.818025] [ 29.818025] the existing dependency chain (in reverse order) is: [ 29.825679] [ 29.825679] -> #2 (&nbd->config_lock){+.+.}: [ 29.831554] __mutex_lock+0xc4/0x1310 [ 29.835858] nbd_open+0x1b4/0x380 [ 29.839807] __blkdev_get+0x306/0x1090 [ 29.844230] blkdev_get+0x88/0x890 [ 29.848264] blkdev_open+0x1cc/0x250 [ 29.852474] do_dentry_open+0x44b/0xec0 [ 29.856941] vfs_open+0x105/0x220 [ 29.861109] path_openat+0x628/0x2970 [ 29.865407] do_filp_open+0x179/0x3c0 [ 29.869703] do_sys_open+0x296/0x410 [ 29.873914] do_syscall_64+0x1d5/0x640 [ 29.878559] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 29.884245] [ 29.884245] -> #1 (nbd_index_mutex){+.+.}: [ 29.890081] __mutex_lock+0xc4/0x1310 [ 29.894380] nbd_open+0x22/0x380 [ 29.898245] __blkdev_get+0x306/0x1090 [ 29.902674] blkdev_get+0x88/0x890 [ 29.906709] blkdev_open+0x1cc/0x250 [ 29.910938] do_dentry_open+0x44b/0xec0 [ 29.915409] vfs_open+0x105/0x220 [ 29.919361] path_openat+0x628/0x2970 [ 29.923808] do_filp_open+0x179/0x3c0 [ 29.928197] do_sys_open+0x296/0x410 [ 29.932430] do_syscall_64+0x1d5/0x640 [ 29.936815] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 29.942500] [ 29.942500] -> #0 (&bdev->bd_mutex){+.+.}: [ 29.948207] lock_acquire+0x170/0x3f0 [ 29.952514] __mutex_lock+0xc4/0x1310 [ 29.956811] blkdev_reread_part+0x1b/0x40 [ 29.961571] nbd_ioctl+0x7cb/0xa80 [ 29.965660] blkdev_ioctl+0x540/0x1830 [ 29.970046] block_ioctl+0xd9/0x120 [ 29.974172] do_vfs_ioctl+0x75a/0xff0 [ 29.978468] SyS_ioctl+0x7f/0xb0 [ 29.982385] do_syscall_64+0x1d5/0x640 [ 29.986769] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 29.993018] [ 29.993018] other info that might help us debug this: [ 29.993018] [ 30.001134] Chain exists of: [ 30.001134] &bdev->bd_mutex --> nbd_index_mutex --> &nbd->config_lock [ 30.001134] [ 30.012210] Possible unsafe locking scenario: [ 30.012210] [ 30.018258] CPU0 CPU1 [ 30.022899] ---- ---- [ 30.027540] lock(&nbd->config_lock); [ 30.031401] lock(nbd_index_mutex); [ 30.037620] lock(&nbd->config_lock); [ 30.044012] lock(&bdev->bd_mutex); [ 30.047713] [ 30.047713] *** DEADLOCK *** [ 30.047713] [ 30.053750] 1 lock held by syz-executor071/7979: [ 30.058479] #0: (&nbd->config_lock){+.+.}, at: [] nbd_ioctl+0x11f/0xa80 [ 30.066951] [ 30.066951] stack backtrace: [ 30.071424] CPU: 1 PID: 7979 Comm: syz-executor071 Not tainted 4.14.236-syzkaller #0 [ 30.079288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 30.088616] Call Trace: [ 30.091204] dump_stack+0x1b2/0x281 [ 30.094808] print_circular_bug.constprop.0.cold+0x2d7/0x41e [ 30.100600] __lock_acquire+0x2e0e/0x3f20 [ 30.104723] ? trace_hardirqs_on+0x10/0x10 [ 30.108936] ? add_lock_to_list.constprop.0+0x17d/0x330 [ 30.114376] ? save_trace+0xd6/0x290 [ 30.118070] lock_acquire+0x170/0x3f0 [ 30.121851] ? blkdev_reread_part+0x1b/0x40 [ 30.126150] ? blkdev_reread_part+0x1b/0x40 [ 30.130455] __mutex_lock+0xc4/0x1310 [ 30.134235] ? blkdev_reread_part+0x1b/0x40 [ 30.138610] ? __mutex_lock+0x360/0x1310 [ 30.142706] ? __get_super.part.0+0xbb/0x390 [ 30.147111] ? blkdev_reread_part+0x1b/0x40 [ 30.151426] ? __ww_mutex_wakeup_for_backoff+0x210/0x210 [ 30.156853] ? lock_downgrade+0x740/0x740 [ 30.161047] ? nbd_ioctl+0x7b0/0xa80 [ 30.164736] ? lock_downgrade+0x740/0x740 [ 30.168916] blkdev_reread_part+0x1b/0x40 [ 30.173042] nbd_ioctl+0x7cb/0xa80 [ 30.176558] ? kasan_slab_free+0xc3/0x1a0 [ 30.180685] ? nbd_disconnect_and_put+0x140/0x140 [ 30.185520] ? do_syscall_64+0x1d5/0x640 [ 30.189558] ? entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 30.195009] ? path_lookupat+0x780/0x780 [ 30.199252] ? debug_check_no_obj_freed+0x2c0/0x680 [ 30.204258] ? nbd_disconnect_and_put+0x140/0x140 [ 30.209075] blkdev_ioctl+0x540/0x1830 [ 30.212938] ? blkpg_ioctl+0x8d0/0x8d0 [ 30.216798] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 30.221876] ? debug_check_no_obj_freed+0x2c0/0x680 [ 30.226902] block_ioctl+0xd9/0x120 [ 30.230524] ? blkdev_fallocate+0x3a0/0x3a0 [ 30.234819] do_vfs_ioctl+0x75a/0xff0 [ 30.238595] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 30.244019] ? ioctl_preallocate+0x1a0/0x1a0 [ 30.248398] ? kmem_cache_free+0x23a/0x2b0 [ 30.252607] ? putname+0xcd/0x110 [ 30.256033] ? do_sys_open+0x208/0x410 [ 30.259896] ? filp_open+0x60/0x60 [ 30.263415] ? security_file_ioctl+0x83/0xb0 [ 30.267798] SyS_ioctl+0x7f/0xb0 [ 30.271149] ? do_vfs_ioctl+0xff0/0xff0 [ 30.275101] do_syscall_64+0x1d5/0x640 [ 30.279067] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 30.284232] RIP: 0033:0x443439 [ 30.287484] RSP: 002b:00007fffe7f82ba8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 30.295185] RAX: ffffffffffffffda RBX: 00000000004004a0 RCX: 0000000000443439 [ 30.302452] RDX: 0000000000000000 RSI: 000000000000ab04 RDI: 0000