[ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.172' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 89.767529][ T37] audit: type=1400 audit(1623094791.195:8): avc: denied { execmem } for pid=8448 comm="syz-executor631" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 89.771945][ T8448] [ 89.790543][ T8448] ====================================================== [ 89.797558][ T8448] WARNING: possible circular locking dependency detected [ 89.804585][ T8448] 5.13.0-rc5-syzkaller #0 Not tainted [ 89.809950][ T8448] ------------------------------------------------------ [ 89.816994][ T8448] syz-executor631/8448 is trying to acquire lock: [ 89.823425][ T8448] ffff88801b58c0e0 (&bdev->bd_mutex){+.+.}-{3:3}, at: del_gendisk+0x24b/0xa00 [ 89.832338][ T8448] [ 89.832338][ T8448] but task is already holding lock: [ 89.839738][ T8448] ffffffff8ca6c628 (loop_ctl_mutex){+.+.}-{3:3}, at: loop_control_ioctl+0x7b/0x4f0 [ 89.849048][ T8448] [ 89.849048][ T8448] which lock already depends on the new lock. [ 89.849048][ T8448] [ 89.859477][ T8448] [ 89.859477][ T8448] the existing dependency chain (in reverse order) is: [ 89.868487][ T8448] [ 89.868487][ T8448] -> #1 (loop_ctl_mutex){+.+.}-{3:3}: [ 89.876041][ T8448] __mutex_lock+0x139/0x10c0 [ 89.881182][ T8448] lo_open+0x1a/0x130 [ 89.885713][ T8448] __blkdev_get+0x182/0xa30 [ 89.890768][ T8448] blkdev_get_by_dev+0x200/0x660 [ 89.896234][ T8448] blkdev_open+0x154/0x2b0 [ 89.901165][ T8448] do_dentry_open+0x4b9/0x11b0 [ 89.906445][ T8448] path_openat+0x1c0e/0x27e0 [ 89.911577][ T8448] do_filp_open+0x190/0x3d0 [ 89.916593][ T8448] do_sys_openat2+0x16d/0x420 [ 89.921789][ T8448] __x64_sys_open+0x119/0x1c0 [ 89.926982][ T8448] do_syscall_64+0x3a/0xb0 [ 89.931910][ T8448] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 89.938319][ T8448] [ 89.938319][ T8448] -> #0 (&bdev->bd_mutex){+.+.}-{3:3}: [ 89.945967][ T8448] __lock_acquire+0x2a17/0x5230 [ 89.951355][ T8448] lock_acquire+0x1ab/0x740 [ 89.956397][ T8448] __mutex_lock+0x139/0x10c0 [ 89.961538][ T8448] del_gendisk+0x24b/0xa00 [ 89.966467][ T8448] loop_control_ioctl+0x40d/0x4f0 [ 89.972147][ T8448] __x64_sys_ioctl+0x193/0x200 [ 89.977457][ T8448] do_syscall_64+0x3a/0xb0 [ 89.982407][ T8448] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 89.988853][ T8448] [ 89.988853][ T8448] other info that might help us debug this: [ 89.988853][ T8448] [ 89.999504][ T8448] Possible unsafe locking scenario: [ 89.999504][ T8448] [ 90.006938][ T8448] CPU0 CPU1 [ 90.012301][ T8448] ---- ---- [ 90.017646][ T8448] lock(loop_ctl_mutex); [ 90.021955][ T8448] lock(&bdev->bd_mutex); [ 90.028875][ T8448] lock(loop_ctl_mutex); [ 90.035710][ T8448] lock(&bdev->bd_mutex); [ 90.040110][ T8448] [ 90.040110][ T8448] *** DEADLOCK *** [ 90.040110][ T8448] [ 90.048471][ T8448] 1 lock held by syz-executor631/8448: [ 90.053929][ T8448] #0: ffffffff8ca6c628 (loop_ctl_mutex){+.+.}-{3:3}, at: loop_control_ioctl+0x7b/0x4f0 [ 90.063674][ T8448] [ 90.063674][ T8448] stack backtrace: [ 90.069567][ T8448] CPU: 0 PID: 8448 Comm: syz-executor631 Not tainted 5.13.0-rc5-syzkaller #0 [ 90.078333][ T8448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 90.088382][ T8448] Call Trace: [ 90.091662][ T8448] dump_stack+0x141/0x1d7 [ 90.096060][ T8448] check_noncircular+0x25f/0x2e0 [ 90.101238][ T8448] ? kasan_save_stack+0x32/0x40 [ 90.106096][ T8448] ? print_circular_bug+0x1e0/0x1e0 [ 90.111306][ T8448] ? __kasan_slab_free+0xcd/0x100 [ 90.116334][ T8448] ? kernfs_put.part.0+0x2c4/0x540 [ 90.121473][ T8448] ? kernfs_put+0x42/0x50 [ 90.125789][ T8448] ? __kernfs_remove+0x703/0xa90 [ 90.130765][ T8448] ? kernfs_remove_by_name_ns+0x51/0xb0 [ 90.136311][ T8448] ? sysfs_remove_files+0x87/0xf0 [ 90.141331][ T8448] ? lockdep_lock+0xc6/0x200 [ 90.145913][ T8448] ? call_rcu_zapped+0xb0/0xb0 [ 90.150664][ T8448] ? find_held_lock+0x2d/0x110 [ 90.155418][ T8448] __lock_acquire+0x2a17/0x5230 [ 90.160258][ T8448] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 90.166231][ T8448] lock_acquire+0x1ab/0x740 [ 90.170758][ T8448] ? del_gendisk+0x24b/0xa00 [ 90.175355][ T8448] ? lock_release+0x720/0x720 [ 90.180025][ T8448] ? find_held_lock+0x2d/0x110 [ 90.184777][ T8448] __mutex_lock+0x139/0x10c0 [ 90.189360][ T8448] ? del_gendisk+0x24b/0xa00 [ 90.193938][ T8448] ? mutex_lock_io_nested+0xf20/0xf20 [ 90.199308][ T8448] ? del_gendisk+0x24b/0xa00 [ 90.203887][ T8448] ? __mutex_unlock_slowpath+0xe2/0x610 [ 90.209428][ T8448] ? mutex_lock_io_nested+0xf20/0xf20 [ 90.214792][ T8448] ? wait_for_completion_io+0x270/0x270 [ 90.220344][ T8448] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 90.226578][ T8448] ? kernfs_remove_by_name_ns+0x62/0xb0 [ 90.232148][ T8448] ? sysfs_remove_files+0x87/0xf0 [ 90.237162][ T8448] del_gendisk+0x24b/0xa00 [ 90.241568][ T8448] loop_control_ioctl+0x40d/0x4f0 [ 90.246587][ T8448] ? loop_lookup+0x1d0/0x1d0 [ 90.251169][ T8448] ? security_file_ioctl+0x5c/0xb0 [ 90.256278][ T8448] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 90.262518][ T8448] ? loop_lookup+0x1d0/0x1d0 [ 90.267140][ T8448] __x64_sys_ioctl+0x193/0x200 [ 90.271918][ T8448] do_syscall_64+0x3a/0xb0 [ 90.276351][ T8448] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 90.282264][ T8448] RIP: 0033:0x43ee49 [ 90.286241][ T8448] Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 90.306054][ T8448] RSP: 002b:00007fff0e3b1c28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 90.314749][ T8448] RAX: ffffffffffffffda RBX: 0000000000