Warning: Permanently added '10.128.1.52' (ECDSA) to the list of known hosts. executing program [ 56.045753][ T8376] [ 56.048224][ T8376] ====================================================== [ 56.055585][ T8376] WARNING: possible circular locking dependency detected [ 56.062577][ T8376] 5.12.0-rc4-syzkaller #0 Not tainted [ 56.067919][ T8376] ------------------------------------------------------ [ 56.074910][ T8376] syz-executor873/8376 is trying to acquire lock: [ 56.081309][ T8376] ffffffff8ca4aea8 (brd_devices_mutex){+.+.}-{3:3}, at: brd_probe+0x31/0x250 [ 56.090091][ T8376] [ 56.090091][ T8376] but task is already holding lock: [ 56.097532][ T8376] ffffffff8c7c7788 (major_names_lock){+.+.}-{3:3}, at: blk_request_module+0x25/0x1d0 [ 56.106987][ T8376] [ 56.106987][ T8376] which lock already depends on the new lock. [ 56.106987][ T8376] [ 56.117733][ T8376] [ 56.117733][ T8376] the existing dependency chain (in reverse order) is: [ 56.126728][ T8376] [ 56.126728][ T8376] -> #3 (major_names_lock){+.+.}-{3:3}: [ 56.134870][ T8376] __mutex_lock+0x139/0x1120 [ 56.140000][ T8376] __register_blkdev+0x2b/0x3e0 [ 56.145351][ T8376] register_mtd_blktrans+0x85/0x3c0 [ 56.151054][ T8376] do_one_initcall+0x103/0x650 [ 56.156320][ T8376] kernel_init_freeable+0x63e/0x6c2 [ 56.162035][ T8376] kernel_init+0xd/0x1b8 [ 56.166780][ T8376] ret_from_fork+0x1f/0x30 [ 56.171813][ T8376] [ 56.171813][ T8376] -> #2 (mtd_table_mutex){+.+.}-{3:3}: [ 56.179713][ T8376] __mutex_lock+0x139/0x1120 [ 56.185061][ T8376] blktrans_open+0x69/0x600 [ 56.190079][ T8376] __blkdev_get+0x135/0xa30 [ 56.195087][ T8376] blkdev_get_by_dev+0x26c/0x600 [ 56.200531][ T8376] blkdev_open+0x154/0x2b0 [ 56.205467][ T8376] do_dentry_open+0x4b9/0x11b0 [ 56.211010][ T8376] path_openat+0x1c0e/0x27e0 [ 56.216127][ T8376] do_filp_open+0x17e/0x3c0 [ 56.221233][ T8376] do_sys_openat2+0x16d/0x420 [ 56.226488][ T8376] __x64_sys_open+0x119/0x1c0 [ 56.231821][ T8376] do_syscall_64+0x2d/0x70 [ 56.236739][ T8376] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 56.243290][ T8376] [ 56.243290][ T8376] -> #1 (&bdev->bd_mutex){+.+.}-{3:3}: [ 56.250908][ T8376] __mutex_lock+0x139/0x1120 [ 56.255998][ T8376] blkdev_get_by_dev+0x261/0x600 [ 56.261444][ T8376] __device_add_disk+0x809/0x12c0 [ 56.266968][ T8376] brd_init+0x2e6/0x4ac [ 56.271629][ T8376] do_one_initcall+0x103/0x650 [ 56.276892][ T8376] kernel_init_freeable+0x63e/0x6c2 [ 56.282589][ T8376] kernel_init+0xd/0x1b8 [ 56.287331][ T8376] ret_from_fork+0x1f/0x30 [ 56.292245][ T8376] [ 56.292245][ T8376] -> #0 (brd_devices_mutex){+.+.}-{3:3}: [ 56.300050][ T8376] __lock_acquire+0x2b14/0x54c0 [ 56.305405][ T8376] lock_acquire+0x1ab/0x740 [ 56.310409][ T8376] __mutex_lock+0x139/0x1120 [ 56.315493][ T8376] brd_probe+0x31/0x250 [ 56.320148][ T8376] blk_request_module+0x111/0x1d0 [ 56.325685][ T8376] blkdev_get_no_open+0x225/0x2b0 [ 56.331225][ T8376] blkdev_get_by_dev+0x1f9/0x600 [ 56.336663][ T8376] blkdev_open+0x154/0x2b0 [ 56.341665][ T8376] do_dentry_open+0x4b9/0x11b0 [ 56.346926][ T8376] path_openat+0x1c0e/0x27e0 [ 56.352030][ T8376] do_filp_open+0x17e/0x3c0 [ 56.357030][ T8376] do_sys_openat2+0x16d/0x420 [ 56.362237][ T8376] __x64_sys_openat+0x13f/0x1f0 [ 56.367584][ T8376] do_syscall_64+0x2d/0x70 [ 56.372500][ T8376] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 56.378890][ T8376] [ 56.378890][ T8376] other info that might help us debug this: [ 56.378890][ T8376] [ 56.389099][ T8376] Chain exists of: [ 56.389099][ T8376] brd_devices_mutex --> mtd_table_mutex --> major_names_lock [ 56.389099][ T8376] [ 56.402365][ T8376] Possible unsafe locking scenario: [ 56.402365][ T8376] [ 56.409798][ T8376] CPU0 CPU1 [ 56.415145][ T8376] ---- ---- [ 56.420486][ T8376] lock(major_names_lock); [ 56.424979][ T8376] lock(mtd_table_mutex); [ 56.431978][ T8376] lock(major_names_lock); [ 56.438975][ T8376] lock(brd_devices_mutex); [ 56.443556][ T8376] [ 56.443556][ T8376] *** DEADLOCK *** [ 56.443556][ T8376] [ 56.451674][ T8376] 1 lock held by syz-executor873/8376: [ 56.457106][ T8376] #0: ffffffff8c7c7788 (major_names_lock){+.+.}-{3:3}, at: blk_request_module+0x25/0x1d0 [ 56.467003][ T8376] [ 56.467003][ T8376] stack backtrace: [ 56.472951][ T8376] CPU: 0 PID: 8376 Comm: syz-executor873 Not tainted 5.12.0-rc4-syzkaller #0 [ 56.481687][ T8376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 56.491720][ T8376] Call Trace: [ 56.494981][ T8376] dump_stack+0x141/0x1d7 [ 56.499295][ T8376] check_noncircular+0x25f/0x2e0 [ 56.504231][ T8376] ? print_circular_bug+0x480/0x480 [ 56.509410][ T8376] ? lock_chain_count+0x20/0x20 [ 56.514415][ T8376] ? kasan_save_stack+0x32/0x40 [ 56.519245][ T8376] ? kasan_save_stack+0x1b/0x40 [ 56.524261][ T8376] ? kasan_set_track+0x1c/0x30 [ 56.529018][ T8376] ? kasan_set_free_info+0x20/0x30 [ 56.534120][ T8376] ? __kasan_slab_free+0xf5/0x130 [ 56.539155][ T8376] ? lockdep_lock+0xc6/0x200 [ 56.543729][ T8376] ? call_rcu_zapped+0xb0/0xb0 [ 56.548647][ T8376] ? do_syscall_64+0x2d/0x70 [ 56.553224][ T8376] __lock_acquire+0x2b14/0x54c0 [ 56.558060][ T8376] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 56.564041][ T8376] lock_acquire+0x1ab/0x740 [ 56.568527][ T8376] ? brd_probe+0x31/0x250 [ 56.572839][ T8376] ? lock_release+0x720/0x720 [ 56.577496][ T8376] __mutex_lock+0x139/0x1120 [ 56.582065][ T8376] ? brd_probe+0x31/0x250 [ 56.586387][ T8376] ? brd_probe+0x31/0x250 [ 56.590712][ T8376] ? mutex_lock_io_nested+0xf70/0xf70 [ 56.596061][ T8376] ? mutex_lock_io_nested+0xf70/0xf70 [ 56.601409][ T8376] ? find_held_lock+0x2d/0x110 [ 56.606150][ T8376] ? __up_read+0x1a1/0x7b0 [ 56.610544][ T8376] ? _down_write_nest_lock+0x150/0x150 [ 56.615980][ T8376] ? brd_lookup_page+0x1c0/0x1c0 [ 56.620898][ T8376] brd_probe+0x31/0x250 [ 56.625035][ T8376] ? brd_lookup_page+0x1c0/0x1c0 [ 56.629954][ T8376] blk_request_module+0x111/0x1d0 [ 56.634956][ T8376] blkdev_get_no_open+0x225/0x2b0 [ 56.639963][ T8376] blkdev_get_by_dev+0x1f9/0x600 [ 56.644883][ T8376] blkdev_open+0x154/0x2b0 [ 56.649288][ T8376] do_dentry_open+0x4b9/0x11b0 [ 56.654136][ T8376] ? blkdev_get_by_dev+0x600/0x600 [ 56.659287][ T8376] ? may_open+0x1f6/0x420 [ 56.663596][ T8376] path_openat+0x1c0e/0x27e0 [ 56.668163][ T8376] ? path_lookupat+0x830/0x830 [ 56.672907][ T8376] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 56.678867][ T8376] do_filp_open+0x17e/0x3c0 [ 56.683347][ T8376] ? may_open_dev+0xf0/0xf0 [ 56.687830][ T8376] ? do_raw_spin_lock+0x120/0x2b0 [ 56.692923][ T8376] ? rwlock_bug.part.0+0x90/0x90 [ 56.697853][ T8376] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 56.704163][ T8376] ? _raw_spin_unlock+0x24/0x40 [ 56.709001][ T8376] ? alloc_fd+0x2bc/0x640 [ 56.713325][ T8376] do_sys_openat2+0x16d/0x420 [ 56.717988][ T8376] ? build_open_flags+0x6f0/0x6f0 [ 56.723033][ T8376] ? __context_tracking_exit+0xb8/0xe0 [ 56.728499][ T8376] ? lock_downgrade+0x6e0/0x6e0 [ 56.733342][ T8376] __x64_sys_openat+0x13f/0x1f0 [ 56.738278][ T8376] ? __ia32_sys_open+0x1c0/0x1c0 [ 56.743469][ T8376] ? syscall_enter_from_user_mode+0x27/0x70 [ 56.749388][ T8376] do_syscall_64+0x2d/0x70 [ 56.753815][ T8376] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 56.759715][ T8376] RIP: 0033:0x445399 [ 56.763599][ T8376] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 81 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 56.783197][ T8376] RSP: 002b:00007f5c99e882f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 56.791606][ T8376] RAX: ffffffffffffffda RBX: 00000000004cc4f0 RCX: 00000000004453