[ OK ] Started Getty on tty2. [ OK ] Started Serial Getty on ttyS0. [ OK ] Started Getty on tty1. [ OK ] Started getty on tty2-tty6 if dbus and logind are not available. [ OK ] Started OpenBSD Secure Shell server. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.47' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 139.234635][ T8440] [ 139.236985][ T8440] ====================================================== [ 139.243981][ T8440] WARNING: possible circular locking dependency detected [ 139.251064][ T8440] 5.12.0-rc6-next-20210409-syzkaller #0 Not tainted [ 139.257617][ T8440] ------------------------------------------------------ [ 139.264601][ T8440] syz-executor104/8440 is trying to acquire lock: [ 139.270999][ T8440] ffff888016e9dca0 (&bdev->bd_mutex){+.+.}-{3:3}, at: del_gendisk+0x250/0x9e0 [ 139.279871][ T8440] [ 139.279871][ T8440] but task is already holding lock: [ 139.287203][ T8440] ffffffff8c7d9430 (bdev_lookup_sem){++++}-{3:3}, at: del_gendisk+0x222/0x9e0 [ 139.296047][ T8440] [ 139.296047][ T8440] which lock already depends on the new lock. [ 139.296047][ T8440] [ 139.306418][ T8440] [ 139.306418][ T8440] the existing dependency chain (in reverse order) is: [ 139.315402][ T8440] [ 139.315402][ T8440] -> #2 (bdev_lookup_sem){++++}-{3:3}: [ 139.323030][ T8440] down_write+0x92/0x150 [ 139.327791][ T8440] del_gendisk+0x222/0x9e0 [ 139.332702][ T8440] loop_control_ioctl+0x40d/0x4f0 [ 139.338228][ T8440] __x64_sys_ioctl+0x193/0x200 [ 139.343491][ T8440] do_syscall_64+0x2d/0x70 [ 139.348434][ T8440] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 139.354829][ T8440] [ 139.354829][ T8440] -> #1 (loop_ctl_mutex){+.+.}-{3:3}: [ 139.362379][ T8440] __mutex_lock+0x139/0x1120 [ 139.367489][ T8440] lo_open+0x1a/0x130 [ 139.371993][ T8440] __blkdev_get+0x135/0xa30 [ 139.376998][ T8440] blkdev_get_by_dev+0x26c/0x600 [ 139.382437][ T8440] blkdev_open+0x154/0x2b0 [ 139.387350][ T8440] do_dentry_open+0x4b9/0x11b0 [ 139.392614][ T8440] path_openat+0x1c09/0x27d0 [ 139.397706][ T8440] do_filp_open+0x190/0x3d0 [ 139.402723][ T8440] do_sys_openat2+0x16d/0x420 [ 139.407937][ T8440] __x64_sys_open+0x119/0x1c0 [ 139.413121][ T8440] do_syscall_64+0x2d/0x70 [ 139.418045][ T8440] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 139.424439][ T8440] [ 139.424439][ T8440] -> #0 (&bdev->bd_mutex){+.+.}-{3:3}: [ 139.432058][ T8440] __lock_acquire+0x2a17/0x5230 [ 139.437410][ T8440] lock_acquire+0x1ab/0x740 [ 139.442416][ T8440] __mutex_lock+0x139/0x1120 [ 139.447507][ T8440] del_gendisk+0x250/0x9e0 [ 139.452445][ T8440] loop_control_ioctl+0x40d/0x4f0 [ 139.457977][ T8440] __x64_sys_ioctl+0x193/0x200 [ 139.463261][ T8440] do_syscall_64+0x2d/0x70 [ 139.468197][ T8440] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 139.474593][ T8440] [ 139.474593][ T8440] other info that might help us debug this: [ 139.474593][ T8440] [ 139.484797][ T8440] Chain exists of: [ 139.484797][ T8440] &bdev->bd_mutex --> loop_ctl_mutex --> bdev_lookup_sem [ 139.484797][ T8440] [ 139.497728][ T8440] Possible unsafe locking scenario: [ 139.497728][ T8440] [ 139.505151][ T8440] CPU0 CPU1 [ 139.510490][ T8440] ---- ---- [ 139.515828][ T8440] lock(bdev_lookup_sem); [ 139.520226][ T8440] lock(loop_ctl_mutex); [ 139.527055][ T8440] lock(bdev_lookup_sem); [ 139.533964][ T8440] lock(&bdev->bd_mutex); [ 139.538360][ T8440] [ 139.538360][ T8440] *** DEADLOCK *** [ 139.538360][ T8440] [ 139.546476][ T8440] 2 locks held by syz-executor104/8440: [ 139.551993][ T8440] #0: ffffffff8ca5f148 (loop_ctl_mutex){+.+.}-{3:3}, at: loop_control_ioctl+0x7b/0x4f0 [ 139.561716][ T8440] #1: ffffffff8c7d9430 (bdev_lookup_sem){++++}-{3:3}, at: del_gendisk+0x222/0x9e0 [ 139.570998][ T8440] [ 139.570998][ T8440] stack backtrace: [ 139.576863][ T8440] CPU: 1 PID: 8440 Comm: syz-executor104 Not tainted 5.12.0-rc6-next-20210409-syzkaller #0 [ 139.586814][ T8440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 139.596859][ T8440] Call Trace: [ 139.600133][ T8440] dump_stack+0x141/0x1d7 [ 139.604457][ T8440] check_noncircular+0x25f/0x2e0 [ 139.609376][ T8440] ? kernel_text_address+0xbd/0xf0 [ 139.614468][ T8440] ? print_circular_bug+0x1e0/0x1e0 [ 139.619660][ T8440] ? create_prof_cpu_mask+0x20/0x20 [ 139.624839][ T8440] ? arch_stack_walk+0x93/0xe0 [ 139.629599][ T8440] ? lockdep_lock+0xc6/0x200 [ 139.634168][ T8440] ? call_rcu_zapped+0xb0/0xb0 [ 139.638915][ T8440] __lock_acquire+0x2a17/0x5230 [ 139.643751][ T8440] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 139.649734][ T8440] lock_acquire+0x1ab/0x740 [ 139.654230][ T8440] ? del_gendisk+0x250/0x9e0 [ 139.658800][ T8440] ? lock_release+0x720/0x720 [ 139.663459][ T8440] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 139.669429][ T8440] __mutex_lock+0x139/0x1120 [ 139.673999][ T8440] ? del_gendisk+0x250/0x9e0 [ 139.678579][ T8440] ? del_gendisk+0x250/0x9e0 [ 139.683245][ T8440] ? mutex_lock_io_nested+0xf70/0xf70 [ 139.688615][ T8440] ? down_write+0xe0/0x150 [ 139.693033][ T8440] ? down_write_killable+0x170/0x170 [ 139.698308][ T8440] ? sysfs_remove_files+0x87/0xf0 [ 139.703321][ T8440] del_gendisk+0x250/0x9e0 [ 139.707725][ T8440] loop_control_ioctl+0x40d/0x4f0 [ 139.712736][ T8440] ? loop_lookup+0x1d0/0x1d0 [ 139.717334][ T8440] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 139.723571][ T8440] ? loop_lookup+0x1d0/0x1d0 [ 139.728152][ T8440] __x64_sys_ioctl+0x193/0x200 [ 139.732907][ T8440] do_syscall_64+0x2d/0x70 [ 139.737316][ T8440] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 139.743195][ T8440] RIP: 0033:0x43ee49 [ 139.747085][ T8440] Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 139.766669][ T8440] RSP: 002b:00007fff4d86c238 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 139.775059][ T8440] RAX: ffffffffffffffda RBX: 0000000000400488 RCX: 000000000043ee49 [ 139.783013][ T8440] RDX: 0000000000000002 RSI: 0000000000004c81 RDI: 0000000000000003 [ 139.790969][ T8440] RBP: 0000000000402e30 R08: 0000000000000000 R09: 0000000000400488 [ 139.798920][ T8440] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000402ec0 [ 139.806868][ T8440] R13: 0000000000000000 R14: 00000000004ac018 R15: 0000000000400488