======================================================
WARNING: possible circular locking dependency detected
5.18.0-rc7-syzkaller-00164-g6c3f5bec9b40 #0 Not tainted
------------------------------------------------------
udevd/4708 is trying to acquire lock:
ffff888075cf2138 ((wq_completion)loop4){+.+.}-{0:0}, at: flush_workqueue+0x170/0x16a0 kernel/workqueue.c:2809

but task is already holding lock:
ffff88801c2bb118 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_put+0xf8/0x790 block/bdev.c:905

which lock already depends on the new lock.


the existing dependency chain (in reverse order) is:

-> #6 (&disk->open_mutex){+.+.}-{3:3}:
       lock_acquire+0x1a7/0x400 kernel/locking/lockdep.c:5641
       __mutex_lock_common+0x1de/0x26e0 kernel/locking/mutex.c:600
       __mutex_lock kernel/locking/mutex.c:733 [inline]
       mutex_lock_nested+0x17/0x20 kernel/locking/mutex.c:785
       blkdev_get_by_dev+0xfd/0xa30 block/bdev.c:807
       swsusp_check+0xb0/0x400 kernel/power/swap.c:1524
       software_resume+0xc8/0x3c0 kernel/power/hibernate.c:980
       resume_store+0xdc/0x120 kernel/power/hibernate.c:1182
       kernfs_fop_write_iter+0x3ac/0x500 fs/kernfs/file.c:291
       call_write_iter include/linux/fs.h:2050 [inline]
       new_sync_write fs/read_write.c:504 [inline]
       vfs_write+0xa22/0xd40 fs/read_write.c:591
       ksys_write+0x19b/0x2c0 fs/read_write.c:644
       do_syscall_x64 arch/x86/entry/common.c:50 [inline]
       do_syscall_64+0x2b/0x70 arch/x86/entry/common.c:80
       entry_SYSCALL_64_after_hwframe+0x44/0xae

-> #5 (system_transition_mutex/1){+.+.}-{3:3}:
       lock_acquire+0x1a7/0x400 kernel/locking/lockdep.c:5641
       __mutex_lock_common+0x1de/0x26e0 kernel/locking/mutex.c:600
       __mutex_lock kernel/locking/mutex.c:733 [inline]
       mutex_lock_nested+0x17/0x20 kernel/locking/mutex.c:785
       software_resume+0x7a/0x3c0 kernel/power/hibernate.c:935
       resume_store+0xdc/0x120 kernel/power/hibernate.c:1182
       kernfs_fop_write_iter+0x3ac/0x500 fs/kernfs/file.c:291
       call_write_iter include/linux/fs.h:2050 [inline]
       new_sync_write fs/read_write.c:504 [inline]
       vfs_write+0xa22/0xd40 fs/read_write.c:591
       ksys_write+0x19b/0x2c0 fs/read_write.c:644
       do_syscall_x64 arch/x86/entry/common.c:50 [inline]
       do_syscall_64+0x2b/0x70 arch/x86/entry/common.c:80
       entry_SYSCALL_64_after_hwframe+0x44/0xae

-> #4 (&of->mutex){+.+.}-{3:3}:
       lock_acquire+0x1a7/0x400 kernel/locking/lockdep.c:5641
       __mutex_lock_common+0x1de/0x26e0 kernel/locking/mutex.c:600
       __mutex_lock kernel/locking/mutex.c:733 [inline]
       mutex_lock_nested+0x17/0x20 kernel/locking/mutex.c:785
       kernfs_seq_start+0x4f/0x3a0 fs/kernfs/file.c:112
       seq_read_iter+0x3cd/0xd30 fs/seq_file.c:225
       call_read_iter include/linux/fs.h:2044 [inline]
       new_sync_read fs/read_write.c:401 [inline]
       vfs_read+0xa01/0xd10 fs/read_write.c:482
       ksys_read+0x19b/0x2c0 fs/read_write.c:620
       do_syscall_x64 arch/x86/entry/common.c:50 [inline]
       do_syscall_64+0x2b/0x70 arch/x86/entry/common.c:80
       entry_SYSCALL_64_after_hwframe+0x44/0xae

-> #3 (&p->lock){+.+.}-{3:3}:
       lock_acquire+0x1a7/0x400 kernel/locking/lockdep.c:5641
       __mutex_lock_common+0x1de/0x26e0 kernel/locking/mutex.c:600
       __mutex_lock kernel/locking/mutex.c:733 [inline]
       mutex_lock_nested+0x17/0x20 kernel/locking/mutex.c:785
       seq_read_iter+0xad/0xd30 fs/seq_file.c:182
       call_read_iter include/linux/fs.h:2044 [inline]
       generic_file_splice_read+0x3c0/0x660 fs/splice.c:311
       do_splice_to fs/splice.c:796 [inline]
       splice_direct_to_actor+0x450/0xc20 fs/splice.c:870
       do_splice_direct+0x2a0/0x3f0 fs/splice.c:979
       do_sendfile+0x623/0xf90 fs/read_write.c:1246
       __do_sys_sendfile64 fs/read_write.c:1311 [inline]
       __se_sys_sendfile64+0x178/0x1e0 fs/read_write.c:1297
       do_syscall_x64 arch/x86/entry/common.c:50 [inline]
       do_syscall_64+0x2b/0x70 arch/x86/entry/common.c:80
       entry_SYSCALL_64_after_hwframe+0x44/0xae

-> #2 (sb_writers#5){.+.+}-{0:0}:
       lock_acquire+0x1a7/0x400 kernel/locking/lockdep.c:5641
       percpu_down_read include/linux/percpu-rwsem.h:51 [inline]
       __sb_start_write include/linux/fs.h:1698 [inline]
       sb_start_write include/linux/fs.h:1768 [inline]
       file_start_write include/linux/fs.h:2785 [inline]
       lo_write_bvec drivers/block/loop.c:244 [inline]
       lo_write_simple drivers/block/loop.c:267 [inline]
       do_req_filebacked drivers/block/loop.c:494 [inline]
       loop_handle_cmd drivers/block/loop.c:1870 [inline]
       loop_process_work+0x16a0/0x22f0 drivers/block/loop.c:1910
       process_one_work+0x81c/0xd10 kernel/workqueue.c:2289
       worker_thread+0xb14/0x1330 kernel/workqueue.c:2436
       kthread+0x266/0x300 kernel/kthread.c:376
       ret_from_fork+0x1f/0x30

-> #1 ((work_completion)(&lo->rootcg_work)){+.+.}-{0:0}:
       lock_acquire+0x1a7/0x400 kernel/locking/lockdep.c:5641
       process_one_work+0x7f1/0xd10 kernel/workqueue.c:2265
       worker_thread+0xb14/0x1330 kernel/workqueue.c:2436
       kthread+0x266/0x300 kernel/kthread.c:376
       ret_from_fork+0x1f/0x30

-> #0 ((wq_completion)loop4){+.+.}-{0:0}:
       check_prev_add kernel/locking/lockdep.c:3065 [inline]
       check_prevs_add kernel/locking/lockdep.c:3188 [inline]
       validate_chain+0x185c/0x65c0 kernel/locking/lockdep.c:3803
       __lock_acquire+0x129a/0x1f80 kernel/locking/lockdep.c:5029
       lock_acquire+0x1a7/0x400 kernel/locking/lockdep.c:5641
       flush_workqueue+0x18c/0x16a0 kernel/workqueue.c:2809
       drain_workqueue+0xc3/0x3a0 kernel/workqueue.c:2974
       destroy_workqueue+0x7d/0xed0 kernel/workqueue.c:4411
       __loop_clr_fd+0x1bc/0x930 drivers/block/loop.c:1123
       blkdev_put+0x5a1/0x790
       blkdev_close+0x55/0x80 block/fops.c:512
       __fput+0x3b9/0x820 fs/file_table.c:317
       task_work_run+0x146/0x1c0 kernel/task_work.c:164
       resume_user_mode_work include/linux/resume_user_mode.h:49 [inline]
       exit_to_user_mode_loop+0x134/0x160 kernel/entry/common.c:169
       exit_to_user_mode_prepare+0xad/0x110 kernel/entry/common.c:201
       __syscall_exit_to_user_mode_work kernel/entry/common.c:283 [inline]
       syscall_exit_to_user_mode+0x2e/0x70 kernel/entry/common.c:294
       entry_SYSCALL_64_after_hwframe+0x44/0xae

other info that might help us debug this:

Chain exists of:
  (wq_completion)loop4 --> system_transition_mutex/1 --> &disk->open_mutex

 Possible unsafe locking scenario:

       CPU0                    CPU1
       ----                    ----
  lock(&disk->open_mutex);
                               lock(system_transition_mutex/1);
                               lock(&disk->open_mutex);
  lock((wq_completion)loop4);

 *** DEADLOCK ***

1 lock held by udevd/4708:
 #0: ffff88801c2bb118 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_put+0xf8/0x790 block/bdev.c:905

stack backtrace:
CPU: 1 PID: 4708 Comm: udevd Not tainted 5.18.0-rc7-syzkaller-00164-g6c3f5bec9b40 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x1e3/0x2cb lib/dump_stack.c:106
 check_noncircular+0x2f7/0x3b0 kernel/locking/lockdep.c:2145
 check_prev_add kernel/locking/lockdep.c:3065 [inline]
 check_prevs_add kernel/locking/lockdep.c:3188 [inline]
 validate_chain+0x185c/0x65c0 kernel/locking/lockdep.c:3803
 __lock_acquire+0x129a/0x1f80 kernel/locking/lockdep.c:5029
 lock_acquire+0x1a7/0x400 kernel/locking/lockdep.c:5641
 flush_workqueue+0x18c/0x16a0 kernel/workqueue.c:2809
 drain_workqueue+0xc3/0x3a0 kernel/workqueue.c:2974
 destroy_workqueue+0x7d/0xed0 kernel/workqueue.c:4411
 __loop_clr_fd+0x1bc/0x930 drivers/block/loop.c:1123
 blkdev_put+0x5a1/0x790
 blkdev_close+0x55/0x80 block/fops.c:512
 __fput+0x3b9/0x820 fs/file_table.c:317
 task_work_run+0x146/0x1c0 kernel/task_work.c:164
 resume_user_mode_work include/linux/resume_user_mode.h:49 [inline]
 exit_to_user_mode_loop+0x134/0x160 kernel/entry/common.c:169
 exit_to_user_mode_prepare+0xad/0x110 kernel/entry/common.c:201
 __syscall_exit_to_user_mode_work kernel/entry/common.c:283 [inline]
 syscall_exit_to_user_mode+0x2e/0x70 kernel/entry/common.c:294
 entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x7eff87125fc3
Code: 48 ff ff ff b8 ff ff ff ff e9 3e ff ff ff 66 0f 1f 84 00 00 00 00 00 64 8b 04 25 18 00 00 00 85 c0 75 14 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8
RSP: 002b:00007ffe9f9c1258 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
RAX: 0000000000000000 RBX: 00007eff875cc6a8 RCX: 00007eff87125fc3
RDX: 000000000000001c RSI: 00007ffe9f9c0a58 RDI: 0000000000000008
RBP: 000055b11cdafc10 R08: 0000000000000007 R09: 000055b11cda6340
R10: 000000000158f23a R11: 0000000000000246 R12: 0000000000000002
R13: 000055b11cd84b70 R14: 0000000000000008 R15: 000055b11cd7b910
 </TASK>
BTRFS: device fsid 43710d19-c345-4339-9143-01e5730e13f9 devid 1 transid 7 /dev/loop2 scanned by udevd (4708)