======================================================
WARNING: possible circular locking dependency detected
5.11.0-rc3-next-20210115-syzkaller #0 Not tainted
------------------------------------------------------
syz-executor.5/17742 is trying to acquire lock:
ffffffff8be1baa8 (brd_devices_mutex){+.+.}-{3:3}, at: brd_probe+0x31/0x240 drivers/block/brd.c:434

but task is already holding lock:
ffffffff8bb95448 (major_names_lock){+.+.}-{3:3}, at: blk_request_module+0x25/0x1d0 block/genhd.c:898

which lock already depends on the new lock.


the existing dependency chain (in reverse order) is:

-> #3 (major_names_lock){+.+.}-{3:3}:
       __mutex_lock_common kernel/locking/mutex.c:956 [inline]
       __mutex_lock+0x134/0x1110 kernel/locking/mutex.c:1103
       __register_blkdev+0x2b/0x3e0 block/genhd.c:433
       register_mtd_blktrans+0x85/0x3c0 drivers/mtd/mtd_blkdevs.c:534
       do_one_initcall+0x103/0x650 init/main.c:1220
       do_initcall_level init/main.c:1293 [inline]
       do_initcalls init/main.c:1309 [inline]
       do_basic_setup init/main.c:1329 [inline]
       kernel_init_freeable+0x605/0x689 init/main.c:1530
       kernel_init+0xd/0x1b8 init/main.c:1418
       ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296

-> #2 (mtd_table_mutex){+.+.}-{3:3}:
       __mutex_lock_common kernel/locking/mutex.c:956 [inline]
       __mutex_lock+0x134/0x1110 kernel/locking/mutex.c:1103
       blktrans_open+0x69/0x600 drivers/mtd/mtd_blkdevs.c:212
       __blkdev_get+0x12a/0xc10 fs/block_dev.c:1285
       blkdev_get_by_dev fs/block_dev.c:1437 [inline]
       blkdev_get_by_dev+0x260/0x5e0 fs/block_dev.c:1405
       blkdev_open+0x154/0x2b0 fs/block_dev.c:1534
       do_dentry_open+0x4b9/0x11b0 fs/open.c:817
       do_open fs/namei.c:3254 [inline]
       path_openat+0x1b8e/0x2720 fs/namei.c:3369
       do_filp_open+0x17e/0x3c0 fs/namei.c:3396
       do_sys_openat2+0x16d/0x420 fs/open.c:1178
       do_sys_open fs/open.c:1194 [inline]
       __do_sys_open fs/open.c:1202 [inline]
       __se_sys_open fs/open.c:1198 [inline]
       __x64_sys_open+0x119/0x1c0 fs/open.c:1198
       do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
       entry_SYSCALL_64_after_hwframe+0x44/0xa9

-> #1 (&bdev->bd_mutex){+.+.}-{3:3}:
       __mutex_lock_common kernel/locking/mutex.c:956 [inline]
       __mutex_lock+0x134/0x1110 kernel/locking/mutex.c:1103
       blkdev_get_by_dev fs/block_dev.c:1436 [inline]
       blkdev_get_by_dev+0x255/0x5e0 fs/block_dev.c:1405
       disk_scan_partitions block/genhd.c:614 [inline]
       register_disk block/genhd.c:665 [inline]
       __device_add_disk+0xdfb/0x12b0 block/genhd.c:752
       add_disk include/linux/genhd.h:241 [inline]
       brd_init+0x2e0/0x4a6 drivers/block/brd.c:518
       do_one_initcall+0x103/0x650 init/main.c:1220
       do_initcall_level init/main.c:1293 [inline]
       do_initcalls init/main.c:1309 [inline]
       do_basic_setup init/main.c:1329 [inline]
       kernel_init_freeable+0x605/0x689 init/main.c:1530
       kernel_init+0xd/0x1b8 init/main.c:1418
       ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296

-> #0 (brd_devices_mutex){+.+.}-{3:3}:
       check_prev_add kernel/locking/lockdep.c:2868 [inline]
       check_prevs_add kernel/locking/lockdep.c:2993 [inline]
       validate_chain kernel/locking/lockdep.c:3608 [inline]
       __lock_acquire+0x2b26/0x54f0 kernel/locking/lockdep.c:4832
       lock_acquire kernel/locking/lockdep.c:5442 [inline]
       lock_acquire+0x1a8/0x720 kernel/locking/lockdep.c:5407
       __mutex_lock_common kernel/locking/mutex.c:956 [inline]
       __mutex_lock+0x134/0x1110 kernel/locking/mutex.c:1103
       brd_probe+0x31/0x240 drivers/block/brd.c:434
       blk_request_module+0x111/0x1d0 block/genhd.c:901
       blkdev_get_no_open+0x213/0x2a0 fs/block_dev.c:1351
       blkdev_get_by_dev fs/block_dev.c:1423 [inline]
       blkdev_get_by_dev+0x1ed/0x5e0 fs/block_dev.c:1405
       blkdev_open+0x154/0x2b0 fs/block_dev.c:1534
       do_dentry_open+0x4b9/0x11b0 fs/open.c:817
       do_open fs/namei.c:3254 [inline]
       path_openat+0x1b8e/0x2720 fs/namei.c:3369
       do_filp_open+0x17e/0x3c0 fs/namei.c:3396
       do_sys_openat2+0x16d/0x420 fs/open.c:1178
       do_sys_open fs/open.c:1194 [inline]
       __do_sys_openat fs/open.c:1210 [inline]
       __se_sys_openat fs/open.c:1205 [inline]
       __x64_sys_openat+0x13f/0x1f0 fs/open.c:1205
       do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
       entry_SYSCALL_64_after_hwframe+0x44/0xa9

other info that might help us debug this:

Chain exists of:
  brd_devices_mutex --> mtd_table_mutex --> major_names_lock

 Possible unsafe locking scenario:

       CPU0                    CPU1
       ----                    ----
  lock(major_names_lock);
                               lock(mtd_table_mutex);
                               lock(major_names_lock);
  lock(brd_devices_mutex);

 *** DEADLOCK ***

1 lock held by syz-executor.5/17742:
 #0: ffffffff8bb95448 (major_names_lock){+.+.}-{3:3}, at: blk_request_module+0x25/0x1d0 block/genhd.c:898

stack backtrace:
CPU: 0 PID: 17742 Comm: syz-executor.5 Not tainted 5.11.0-rc3-next-20210115-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:79 [inline]
 dump_stack+0x107/0x163 lib/dump_stack.c:120
 check_noncircular+0x25f/0x2e0 kernel/locking/lockdep.c:2117
 check_prev_add kernel/locking/lockdep.c:2868 [inline]
 check_prevs_add kernel/locking/lockdep.c:2993 [inline]
 validate_chain kernel/locking/lockdep.c:3608 [inline]
 __lock_acquire+0x2b26/0x54f0 kernel/locking/lockdep.c:4832
 lock_acquire kernel/locking/lockdep.c:5442 [inline]
 lock_acquire+0x1a8/0x720 kernel/locking/lockdep.c:5407
 __mutex_lock_common kernel/locking/mutex.c:956 [inline]
 __mutex_lock+0x134/0x1110 kernel/locking/mutex.c:1103
 brd_probe+0x31/0x240 drivers/block/brd.c:434
 blk_request_module+0x111/0x1d0 block/genhd.c:901
 blkdev_get_no_open+0x213/0x2a0 fs/block_dev.c:1351
 blkdev_get_by_dev fs/block_dev.c:1423 [inline]
 blkdev_get_by_dev+0x1ed/0x5e0 fs/block_dev.c:1405
 blkdev_open+0x154/0x2b0 fs/block_dev.c:1534
 do_dentry_open+0x4b9/0x11b0 fs/open.c:817
 do_open fs/namei.c:3254 [inline]
 path_openat+0x1b8e/0x2720 fs/namei.c:3369
 do_filp_open+0x17e/0x3c0 fs/namei.c:3396
 do_sys_openat2+0x16d/0x420 fs/open.c:1178
 do_sys_open fs/open.c:1194 [inline]
 __do_sys_openat fs/open.c:1210 [inline]
 __se_sys_openat fs/open.c:1205 [inline]
 __x64_sys_openat+0x13f/0x1f0 fs/open.c:1205
 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
 entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x45e219
Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007f63d66e8c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000045e219
RDX: 0000000000006002 RSI: 0000000020002040 RDI: ffffffffffffff9c
RBP: 000000000119c070 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000119c034
R13: 00007ffc4059b69f R14: 00007f63d66e99c0 R15: 000000000119c034