program: syz_mount_image$exfat(&(0x7f00000003c0), &(0x7f0000000240)='./file0\x00', 0x3000050, &(0x7f0000000600)=ANY=[], 0x2, 0x14fe, &(0x7f0000003680)="$eJzs3Au0ztXWMPA511p/NklPkvuaa/55kssiSXJJSCRJkiS5JSRJkoTEJrckJCH3JPeQ3GIn9/st9yQ5kiQJCUnWN3Q6n/e8nfftnO+c7/V9Z8/fGGvsNff/mfNZa889nv9ljL2/7Ti4av1qlesyM/xT8M9fUgEgBQD6AcA1ABABQKlspbIBDoNMGlP/uTcR/1oPTbvSKxBXkvQ/fZP+p2/S//RN+p++Sf/TN+l/+ib9T9+k/0KkZ1un575WRvod/3PP/0Ge//8/R87//0YOFxvz5fpi13f6B1Kk/+mb9D99k/6nb9L/9E36n75J///NRQCV/pvD0v/0TfovRHp2pZ8/y7iy40r//gkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESB/OhcsMAPxlfqXXJYQQQgghhBBCiH+dkPFKr0AIIYQQQgghhBD/9yEo0GAgggyQEVIgE2SGqyALXA1Z4RpIwLWQDa6D7HA95ICckAtyQx7IC/nAAoEDhhjyQwFIwg1QEG6EQlAYikBR8FAMisNNUAJuhpJwC5SCW6E03AZloCyUg/JwO1SAO6AiVILKcCdUgbugKlSDu6E63AM14F6oCfdBLbgfasMDUAcehLrwENSDh6E+PAIN4FFoCI2gMTSBpv9H+S9CV3gJukF3SIUe0BNehl7QG/pAX+gHr0B/eBUGwGswEAbBYHgdhsAbMBTehGEwHEbAWzASRsFoGANjYRyMh7dhArwDE+FdmASTYQpMhWkwHWbAezATZsFseB/mwAcwF+bBfFgAC+FDWASLIQ0+giXwMSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVPYBtshx2wE3bBbtgDn8Je+Az2weewH774B/PP/qf8TggIqFChQYMZMAOmYApmxsyYBbNgVsyKCUxgNsyG2TE75sAcmAtzYR7Mg/kwHxISMjLmx/yYxCQWxIJYCAthESyCHj0Wx+JYAm/GklgSS2EpLI2lsQyWxbJYHstjBayAFbEiVsbKWAWrYFWsinfj3XgP1sAaWBNrYi2shbWxNtbBOlgX62I9rIf1sT42wAbYEBtiY2yMTbEpNsNm2BybY0tsia2wFbbG1tgG22BbbIvtsB22x/bYATtgR+yInbAzdsYX8UV8CV/C7lhF9cCe2BN7YS/sg32xL76C/fFVfBVfw4E4CAfj6/g6voFD8QwOw+E4AkdgBTUKR+MYZDUOx+N4nIATcCJOxEk4GSfjVJyG03EGzsCZOAtn4fs4Bz/AD3AezsMFuBAX4iJcjGmYhkvwLC7FZbgcV+BKXIUrcQ2uxTW4HjfgetyEm3ALbsFP8BPcjttxJ+7E3bgbP8VP8TP8DAfiftyPB/AAHsSDeAgP4WE8jEfwCB7Fo3gMj+FxPI4n8CSewpN4Gk/jGTyL5/AcnsfzeAGfz/N1vd2F1w0EdYlRRmVQGVSKSlGZVWaVRWVRWVVWlVAJlU1lU9lVdpVD5VC5VC6VR+VR+VQ+RYoUq1jlV/lVUiVVQVVQFVKFVBFVRHnlVXFVXJVQJVRJVVKVUreq0uo2VUaVVS18eVVeVVAtfUVVSVVWlVUVdZeqqqqpaqq6qq5qqBqqpqqpaqlaqrZ6QNVRPbAPPqQudaa+GoQN1GBsqBqpxqqJegMfU83UUGyuWqiW6gk1HIdha9XMt1FPq7ZqNLZTz6ox+JzqoMZhR/WC6qQ6qy7qRdVVNffdMvz2EaimYi/VW/VRfdVMvEtd6lhV9ZoaqAapwep1tQDfUEPVm2qYGq5GqLfUSDVKjVZj1Fg1To1Xb6sJ6h01Ub2rJqnJaoqaqqap6WqGek/NVLPUbPW+mqM+UHPVPDVfLVAL1YdqkVqs0tRHaon6WC1Vy9RytUKtVKvUarVGrVXr1Hq1QW1Um9RmtUVtVZ+obWq72qF2ql1qt9qjPlV71Wdqn/pc7VdfqAPqT+qg+lIdUl+pw+prdUR9o46qb9Ux9Z06rr5XJ9RJdUr9oE6rH9UZdVadUz+p8+pndUH9oi6qoECjVlproyOdQWfUKTqTzqyv0ln01TqrvkYn9LU6m75OZ9fX6xw6p86lc+s8Oq/Op60m7TTrWOfXBXRS36AL6ht1IV1YF9FFtdfFdHF9ky6hb9Yl9S26lL5Vl9a36TK6rC6ny+vbdQV9h66oK+nK+k5dRd+lq+pq+m5dXd+ja+h7dU19n66l79e19QO6jn5Q19UP6Xr6YV1fP6Ib6Ed1Q91IN9ZNdFP9mG6mH9fNdQvdUj+hW+kndWv9lG6jn9Zt9TO6nX5Wt9fP6Q76ed1Rv6A76c66i/5FX9RBd9PddaruoXvql3Uv3Vv30X11P/2K7q9f1QP0a3qgHqQH69f1EP2GHqrf1MP0cD1Cv6VH6lF6tB6jx+pxerx+W0/Q7+iJ+l09SU/WU/RUPU1P131+qzT778h/52/kD/j13bforfoTvU1v1zv0Tr1L79Z79B69V+/V+/Q+vV/v1wf0AX1QH9SH9CF9WB/WR/QRfVQf1cf0MX1cH9cn9En9k/5Bn9Y/6jP6rD6rf9Ln9Xl94befARg0ymhjTGQymIwmxWQymc1VJou52mQ115iEudZkM9eZ7OZ6k8PkNLlMbpPH5DX5jDVknGETm/ymgEmaG0xBc6MpZAqbIqao8aaYKW5u+qfz/2h9TU1T08w0M81Nc9PStDStTCvT2rQ2bUwb09a0Ne1MO9PetDcdTAfT0XQ0nUwn08V0MV1NV9PNdDOpJtX0NC+bXqa36WP6mn7mFdPf9DcDzAAz0Aw0g81gM8QMMUPNUDPMDDMjzAgz0ow0o81oM9aMNePNeDPBTDATzUQzyUwyU8wUM81MMzPMDDPTzDSzzWwzx8wxc81cM9/MNwvNQrPILDJpJs0sMUvMUrPMLDMrzAqzyqwya8was86sMxvMBrPJbDJLzVaz1Wwz28wOs8PsMrvMHrPH7DV7zT6zz+w3+80Bc8AcNAfNIXPIHDaHzRFzxBw1R80xc8wcN8fNCXPCnDKnzGlz2pwxZ8w5c86cN+fNBXPBXDQXL132RSpSkYlMlCHKEKVEKVHmKHOUJcoSZY2yRokoEWWLskXZo+ujHFHOKFeUO8oT5Y1SwUYUuYijOMofFYiS0Q1RwejGqFBUOCoSFY18VCwqHt0UlYhujkpGt0Sloluj0tFtUZmobFQuKh/dHlWI7ogqRpWiytGdUZXorqhqVC26O6oe3RPViO6Nakb3RbWi+6Pa0QNRnejBqG70UFQvejiqHz0SNYgejRpGjaLGUZOo6b+0fghncj7uu9nuNtX2sD3ty7aX7W372L62n33F9rev2gH2NTvQDrKD7et2iH3DDrVv2mF2uB1h37Ij7Sg72o6xY+04O96+bSfYd+xE+66dZCfbKXaqnWan2xn2PTvTzrKz7ft2jv3AzrXz7Hy7wC60H9pFdrFNsx/ZJfZju9Qus8vtCrvSrrKr7Rq71q6z6+0Gu9FuspvtFrvVfmK32e12h91pd9nddo/91O61n9l99nO7335hD9g/2YP2S3vIfmUP26/tEfuNPWq/tcfsd/a4/d6esCftKfuDPW1/tGfsWXvO/mTP25/tBfuLvWjDpYv7S6d3MmQoA2WgFEqhzJSZslAWykpZKUEJykbZKDtlpxyUg3JRLspDeSgf5aNLmJjyU35KUpIKUkEqRIWoCBUhT56KU3EqQSWoJJWkUlSKSlNpKkNlqByVo9vpdrqD7qBKVInupDvpLrqLqlE1qk7VqQbVoJpUk2pRLapNtakO1aG6VJfqUT2qT/WpATWghtSQGlNjakpNqRk1o+bUnFpSS2pFrag1taY21IbaUltqR+2oPbWnDtSBOlJH6kSdqAt1oa7UlbpRN0qlVOpJPakX9aI+1If6UT/qT/1pAA2ggTSQBtNgGkJDaCgNpWE0nEbQWzSSRtFoGkNjaRyNp/E0gSbQRJpIk2gSTaEpNI2m0QyaQTNpJs2m2TSH5tBcmkvzaT4tpIW0iBZRGqXRElpCS2kpLafltJJW0mpaTWtpLa2n9bSRNtJm2kxbaStto220g3bQLtpFe2gP7aW9tI/20X7aTwfoAB2kg3SIDtFhOkxH6AgdpaN0jI7RcTpOJ+gEnaJTdJpO0xk6Q+foHJ2nn+kC/UIXKVCKU5DZXeWyuKtdVneNS3GZ3KU4AoBLcS6X2+VxeV0+Z10Ol/OvYnLOFXKFXRFX1HlXzBV3N/0uLuPKunKuvLvdVXB3uIq/i6u7e1wNd6+r6e5z1dzdfxXXcve72u4RV8c96uq6Rq6ea+Lqu0dcA/eoa+gaucauiWvlnnSt3VOujXvatXXP/C5e5Ba7tW6dW+82uL3uM3fO/eSOum/defez6+a6u37uFdffveoGuNfcQDfod/EI95Yb6Ua50W6MG+vG/S6e4qa6aW66m+HeczPdrN/FC92Hbo5Lc3PdPDffLfg1vrSmNPeRW+I+dkvdMrfcrXAr3Sq32q3532td4Ta5zW6L2+M+ddvcdrfD7XS73O5f40v72Oc+d/vdF+6I+8YddF+6Q+6YO+y+/jW+tL9j7jt33H3vTriT7pT7wZ12P7oz7uyv+7+09x/cL+6iCw4YWbFmwxFn4Iycwpk4M1/FWfhqzsrXcIKv5Wx8HWfn6zkH5+RcnJvzcF7Ox5aJHTPHnJ8LcJJv4IJ8IxfiwlyEi7LnYlycb+ISfDOX5Fu4FN/Kpfk2LsNluRyX59u5At/BFbkSV+Y7uUoIXJWr8d1cne/hGnwv1+T7uBbfz7X5Aa7DD3Jdfojr8cNcnx/hBvwoN+RG3JibcFN+jJvx49ycW3BLfoJb8ZPcmp/iNvw0t+VnuB0/y+35Oe7Az3NHfoE7cWfuwi9yV36Ju3F3TuUe3JNf5l7cm/twX+7Hr3B/fpUH8Gs8kAfxYH6dh/AbPJTf5GE8nEfwWzySR/FoHsNjeRyP57d5Ar/DE/ldnsSTeQpP5Wk8nWfwezyTZ/Fsfp/n8Ac8l+fxfF7AC/lDXsSLOY0/4iX8MS/lZbycV/BKXsWreQ2v5XW8njfwRt7Em3kLb+VPeBtv5x28k3fxbt7Dn/Je/oz38ee8n7/gA/wnPshf8iH+ig/z13yEv+Gj/C0f4+/4OH/PJ/gkn+If+DT/yGf4LJ/jn/g8/8wX+Be+yIEhxljFOjZxFGeIM8YpcaY4c3xVnCW+Os4aXxMn4mvjbPF1cfb4+jhHnDPOFeeO88R543yxjSl2McdxnD8uECfjG+KC8Y1xobhwXCQuGvu4WFw8vikuEd8cl4xviUvFt8al49viMnHZ+JH7yse3xxXiO+KKcaW4cnxnXCW+K64aV4vvjqvH98Q14nvjmvF9ccn4/rh2/EBcJ34wrhs/FNeLH47rx4/EDeJH44Zxo7hx3CRuGj8WN4sfj5vHLeKW8RNxq/jJuHX8VNwmfjpuGz/zh8dT4x5xz/jl+OU4hHv1/OSC5MLkh8lFycXJtORHySXJj5NLk8uSy5MrkiuTq5Krk2uSa5PrkuuTG5Ibk5uSm5NbkiFUywgevfLaGx/5DD6jT/GZfGZ/lc/ir/ZZ/TU+4a/12fx1Pru/3ufwOX0un9vn8Xl9Pm89eefZxz6/L+CT/gZf0N/oC/nCvogv6r0v5ov7Jr6pb+qb+cd9c9/Ct/RP+Cf8k/5J/5R/yj/t2/pnfDv/rG/vn/Md/PP+ef+C7+Q7+y7+Rd/Vv+S7+e4+1af6nr6n7+V7+T6+j+/n+/n+vr8f4Af4gX6gH+wH+yF+iB/qh/phfpgf4Uf4kX6kH+1H+7F+rB/vx/sJfoKf6Cf6SX6Sn+Kn+Gl+mp/hZ/iZfqaf7Wf7OYXm+Ll+rp/v5/uFfqFf5Bf5NJ/ml/glfqlf6pf75X6lX+lX+9V+rV/r1/v1fqPf6Df7zX6r3+q3+W1+h9/hd/ldfo/f4/f6vX6f3+f3+/3+gD/gD/qD/pD/yh/2X/sj/ht/1H/rj/nv/HH/vT/hT/pT/gd/2v/oz/iz/pz/yZ/3P/sL/hd/0Qc/PvF2YkLincTExLuJSYnJiSmJqYlpiemJGYn3EjMTsxKzE+8n5iQ+SMxNzEvMTyxILEx8mFiUWJxIS3yUWJL4OLE0sSyxPLEisTKxKhFC3m1xyB8KhGS4IRQMN4ZCoXAoEooGH4qF4uGmUCLcHEqGW0KpcGsoHW4LZULZUC48GhqGRqFxaBKahsdCs/B4aB5ahJbhidAqPBlah6dCm/B0aBueCe3Cs6F9eC50CM+HjuGF0Cl0Dl3Ci6FreCl0C91DaugReoaXQ6/QO/QJfUO/8EroH14NA8JrYWAYFAaH18OQ8EYYGt4Mw8LwMCK8FUaGUWF0GBPGhnFhfHg7TAjvhInh3TApTA5TwtQwLUwPM8J7YWaYFWaH98Oc8EGYG+aF+WFBWBg+DIvC4pAWPgpLwsdhaVgWlocVYWVYFVaHNWFtWBfWhw1hY9gUNoctYWv4JGwL28OOsDPsCrvDnvBp2Bs+C/vC52F/+CIcCH8KB8OX4VD4KhwOX4cj4ZtwNHwbjoXvwvHwfTgRToZT4YdwOvwYzoSz4Vz4KZwPP4cL4ZdwUf5mTQghhBDi76L/4HiPv/G9DACgfpv3BICrt+c+/J9rbszx53lvladVAgCe7t7xob+MKlVSU1N/e+1SDVGBeQCQ+Ov6f4mXQUt4EtpACyjxN9fXW3U+z39QP3krQOb/kJMCl+PL9W/+L+o/9sSIRaXjc9n+m/rzAAoVuJyTCS7Hl+uX/C/q52z2B+vP9OV4gOb/IScLXI4v1y8Oj8Mz0OavXimEEEIIIYQQQvxZb1Wu/R/dP1+6P89jLudkhMvxH92fCyGEEEIIIYQQ4sp7rnOXpx5r06ZF+79vgr89F/jHsmQiE5n8fza50p9MQgghhBBCiH+1yxf9V3olQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCFE+vU/8e/ErvQehRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiCvtfwUAAP//luw5aQ==") chdir(0x0) creat(&(0x7f0000000300)='./bus\x00', 0x0) mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0) r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x400, 0x0, 0x0, 0x1, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x4]}) creat(&(0x7f0000000000)='./file0\x00', 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x0) [ 94.491682][ T45] Bluetooth: hci0: command tx timeout [ 94.521174][ T10] cfg80211: failed to load regulatory.db [ 94.687261][ T5329] loop0: detected capacity change from 0 to 256 [ 94.736524][ T5329] ======================================================= [ 94.736524][ T5329] WARNING: The mand mount option has been deprecated and [ 94.736524][ T5329] and is ignored by this kernel. Remove the mand [ 94.736524][ T5329] option from the mount to silence this warning. [ 94.736524][ T5329] ======================================================= [ 94.816347][ T5329] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 94.824796][ T5329] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 94.853626][ T5329] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 94.902322][ T5329] loop0: detected capacity change from 256 to 0 [ 94.907074][ T5329] [ 94.908350][ T5329] ====================================================== [ 94.911355][ T5329] WARNING: possible circular locking dependency detected [ 94.914366][ T5329] 6.16.0-rc1-syzkaller-00182-g18531f4d1c8c #0 Not tainted [ 94.917950][ T5329] ------------------------------------------------------ [ 94.921617][ T5329] syz.0.0/5329 is trying to acquire lock: [ 94.923999][ T5329] ffffffff8f87a3a8 (uevent_sock_mutex){+.+.}-{4:4}, at: kobject_uevent_net_broadcast+0x27e/0x560 [ 94.929423][ T5329] [ 94.929423][ T5329] but task is already holding lock: [ 94.932565][ T5329] ffff888034701e00 (&q->q_usage_counter(io)#17){++++}-{0:0}, at: loop_set_status+0x227/0xaf0 [ 94.937655][ T5329] [ 94.937655][ T5329] which lock already depends on the new lock. [ 94.937655][ T5329] [ 94.942686][ T5329] [ 94.942686][ T5329] the existing dependency chain (in reverse order) is: [ 94.946778][ T5329] [ 94.946778][ T5329] -> #2 (&q->q_usage_counter(io)#17){++++}-{0:0}: [ 94.951022][ T5329] lock_acquire+0x120/0x360 [ 94.953530][ T5329] blk_alloc_queue+0x538/0x620 [ 94.955911][ T5329] __blk_mq_alloc_disk+0x162/0x340 [ 94.958451][ T5329] loop_add+0x41b/0xad0 [ 94.960492][ T5329] loop_init+0x173/0x230 [ 94.962979][ T5329] do_one_initcall+0x233/0x820 [ 94.965660][ T5329] do_initcall_level+0x137/0x1f0 [ 94.968190][ T5329] do_initcalls+0x69/0xd0 [ 94.970446][ T5329] kernel_init_freeable+0x3d9/0x570 [ 94.973038][ T5329] kernel_init+0x1d/0x1d0 [ 94.975379][ T5329] ret_from_fork+0x3fc/0x770 [ 94.977719][ T5329] ret_from_fork_asm+0x1a/0x30 [ 94.980359][ T5329] [ 94.980359][ T5329] -> #1 (fs_reclaim){+.+.}-{0:0}: [ 94.983853][ T5329] lock_acquire+0x120/0x360 [ 94.986411][ T5329] fs_reclaim_acquire+0x72/0x100 [ 94.988882][ T5329] kmem_cache_alloc_node_noprof+0x47/0x3c0 [ 94.991519][ T5329] __alloc_skb+0x112/0x2d0 [ 94.993781][ T5329] alloc_uevent_skb+0x7d/0x230 [ 94.996255][ T5329] kobject_uevent_net_broadcast+0x2fa/0x560 [ 94.998818][ T5329] kobject_uevent_env+0x55b/0x8c0 [ 95.001403][ T5329] kobject_synth_uevent+0x527/0xb00 [ 95.004197][ T5329] bus_uevent_store+0x115/0x170 [ 95.006746][ T5329] kernfs_fop_write_iter+0x378/0x4f0 [ 95.009623][ T5329] vfs_write+0x548/0xa90 [ 95.011764][ T5329] ksys_write+0x145/0x250 [ 95.013878][ T5329] do_syscall_64+0xfa/0x3b0 [ 95.016255][ T5329] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 95.019896][ T5329] [ 95.019896][ T5329] -> #0 (uevent_sock_mutex){+.+.}-{4:4}: [ 95.023402][ T5329] validate_chain+0xb9b/0x2140 [ 95.025793][ T5329] __lock_acquire+0xab9/0xd20 [ 95.028078][ T5329] lock_acquire+0x120/0x360 [ 95.030353][ T5329] __mutex_lock+0x182/0xe80 [ 95.032887][ T5329] kobject_uevent_net_broadcast+0x27e/0x560 [ 95.036212][ T5329] kobject_uevent_env+0x55b/0x8c0 [ 95.038383][ T5329] loop_set_status+0x4d3/0xaf0 [ 95.040664][ T5329] lo_ioctl+0xa5e/0x2410 [ 95.042794][ T5329] blkdev_ioctl+0x5a8/0x6d0 [ 95.045348][ T5329] __se_sys_ioctl+0xf9/0x170 [ 95.048284][ T5329] do_syscall_64+0xfa/0x3b0 [ 95.050654][ T5329] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 95.053383][ T5329] [ 95.053383][ T5329] other info that might help us debug this: [ 95.053383][ T5329] [ 95.057868][ T5329] Chain exists of: [ 95.057868][ T5329] uevent_sock_mutex --> fs_reclaim --> &q->q_usage_counter(io)#17 [ 95.057868][ T5329] [ 95.064706][ T5329] Possible unsafe locking scenario: [ 95.064706][ T5329] [ 95.068033][ T5329] CPU0 CPU1 [ 95.070443][ T5329] ---- ---- [ 95.072937][ T5329] lock(&q->q_usage_counter(io)#17); [ 95.075739][ T5329] lock(fs_reclaim); [ 95.079190][ T5329] lock(&q->q_usage_counter(io)#17); [ 95.082765][ T5329] lock(uevent_sock_mutex); [ 95.084763][ T5329] [ 95.084763][ T5329] *** DEADLOCK *** [ 95.084763][ T5329] [ 95.088562][ T5329] 3 locks held by syz.0.0/5329: [ 95.090867][ T5329] #0: ffff888030fa9400 (&lo->lo_mutex){+.+.}-{4:4}, at: loop_set_status+0x2c/0xaf0 [ 95.095204][ T5329] #1: ffff888034701e00 (&q->q_usage_counter(io)#17){++++}-{0:0}, at: loop_set_status+0x227/0xaf0 [ 95.100065][ T5329] #2: ffff888034701e38 (&q->q_usage_counter(queue)#20){+.+.}-{0:0}, at: loop_set_status+0x227/0xaf0 [ 95.105324][ T5329] [ 95.105324][ T5329] stack backtrace: [ 95.107962][ T5329] CPU: 0 UID: 0 PID: 5329 Comm: syz.0.0 Not tainted 6.16.0-rc1-syzkaller-00182-g18531f4d1c8c #0 PREEMPT(full) [ 95.107983][ T5329] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 95.107993][ T5329] Call Trace: [ 95.108003][ T5329] [ 95.108012][ T5329] dump_stack_lvl+0x189/0x250 [ 95.108042][ T5329] ? __pfx_dump_stack_lvl+0x10/0x10 [ 95.108064][ T5329] ? __pfx__printk+0x10/0x10 [ 95.108075][ T5329] ? print_lock_name+0xde/0x100 [ 95.108084][ T5329] print_circular_bug+0x2ee/0x310 [ 95.108097][ T5329] check_noncircular+0x134/0x160 [ 95.108109][ T5329] validate_chain+0xb9b/0x2140 [ 95.108123][ T5329] __lock_acquire+0xab9/0xd20 [ 95.108138][ T5329] ? kobject_uevent_net_broadcast+0x27e/0x560 [ 95.108152][ T5329] lock_acquire+0x120/0x360 [ 95.108166][ T5329] ? kobject_uevent_net_broadcast+0x27e/0x560 [ 95.108181][ T5329] __mutex_lock+0x182/0xe80 [ 95.108191][ T5329] ? kobject_uevent_net_broadcast+0x27e/0x560 [ 95.108203][ T5329] ? vsnprintf+0xe11/0xf00 [ 95.108215][ T5329] ? kobject_uevent_net_broadcast+0x27e/0x560 [ 95.108227][ T5329] ? __pfx___mutex_lock+0x10/0x10 [ 95.108234][ T5329] ? add_uevent_var+0x278/0x450 [ 95.108244][ T5329] ? kobject_uevent_env+0x50a/0x8c0 [ 95.108273][ T5329] ? __pfx_add_uevent_var+0x10/0x10 [ 95.108284][ T5329] kobject_uevent_net_broadcast+0x27e/0x560 [ 95.108301][ T5329] kobject_uevent_env+0x55b/0x8c0 [ 95.108314][ T5329] loop_set_status+0x4d3/0xaf0 [ 95.108343][ T5329] lo_ioctl+0xa5e/0x2410 [ 95.108359][ T5329] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 95.108382][ T5329] ? __pfx_lo_ioctl+0x10/0x10 [ 95.108397][ T5329] ? kasan_save_track+0x4f/0x80 [ 95.108415][ T5329] ? kasan_save_track+0x3e/0x80 [ 95.108425][ T5329] ? kasan_save_free_info+0x46/0x50 [ 95.108435][ T5329] ? __kasan_slab_free+0x62/0x70 [ 95.108444][ T5329] ? kfree+0x18e/0x440 [ 95.108459][ T5329] ? tomoyo_check_open_permission+0x2c2/0x3b0 [ 95.108472][ T5329] ? do_dentry_open+0x35e/0x1970 [ 95.108485][ T5329] ? vfs_open+0x3b/0x340 [ 95.108501][ T5329] ? path_openat+0x2ee5/0x3830 [ 95.108525][ T5329] ? __lock_acquire+0xab9/0xd20 [ 95.108540][ T5329] ? __lock_acquire+0xab9/0xd20 [ 95.108554][ T5329] ? __lock_acquire+0xab9/0xd20 [ 95.108571][ T5329] ? __lock_acquire+0xab9/0xd20 [ 95.108587][ T5329] ? is_bpf_text_address+0x26/0x2b0 [ 95.108613][ T5329] ? is_bpf_text_address+0x292/0x2b0 [ 95.108629][ T5329] ? is_bpf_text_address+0x26/0x2b0 [ 95.108645][ T5329] ? kernel_text_address+0xa5/0xe0 [ 95.108658][ T5329] ? __kernel_text_address+0xd/0x40 [ 95.108666][ T5329] ? unwind_get_return_address+0x4d/0x90 [ 95.108681][ T5329] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 95.108691][ T5329] ? arch_stack_walk+0xfc/0x150 [ 95.108702][ T5329] ? stack_trace_save+0x9c/0xe0 [ 95.108710][ T5329] ? stack_depot_save_flags+0x40/0x900 [ 95.108722][ T5329] ? kasan_save_track+0x4f/0x80 [ 95.108732][ T5329] ? kasan_save_track+0x3e/0x80 [ 95.108742][ T5329] ? kasan_save_free_info+0x46/0x50 [ 95.108750][ T5329] ? __kasan_slab_free+0x62/0x70 [ 95.108756][ T5329] ? kfree+0x18e/0x440 [ 95.108765][ T5329] ? tomoyo_path_number_perm+0x47a/0x5a0 [ 95.108773][ T5329] ? security_file_ioctl+0xcb/0x2d0 [ 95.108781][ T5329] ? __se_sys_ioctl+0x47/0x170 [ 95.108790][ T5329] ? do_syscall_64+0xfa/0x3b0 [ 95.108797][ T5329] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 95.108808][ T5329] ? do_vfs_ioctl+0xf37/0x1990 [ 95.108818][ T5329] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 95.108833][ T5329] ? kasan_quarantine_put+0xdd/0x220 [ 95.108851][ T5329] ? blkdev_common_ioctl+0xfc3/0x2450 [ 95.108865][ T5329] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 95.108877][ T5329] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 95.108888][ T5329] ? __pfx_blkdev_common_ioctl+0x10/0x10 [ 95.108901][ T5329] ? tomoyo_path_number_perm+0x4e2/0x5a0 [ 95.108914][ T5329] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 95.108923][ T5329] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 95.108933][ T5329] ? __lock_acquire+0xab9/0xd20 [ 95.108945][ T5329] ? __pfx_lo_ioctl+0x10/0x10 [ 95.108953][ T5329] blkdev_ioctl+0x5a8/0x6d0 [ 95.108964][ T5329] ? __pfx_blkdev_ioctl+0x10/0x10 [ 95.108974][ T5329] ? __fget_files+0x2a/0x420 [ 95.108982][ T5329] ? bpf_lsm_file_ioctl+0x9/0x20 [ 95.108992][ T5329] ? __pfx_blkdev_ioctl+0x10/0x10 [ 95.109002][ T5329] __se_sys_ioctl+0xf9/0x170 [ 95.109013][ T5329] do_syscall_64+0xfa/0x3b0 [ 95.109019][ T5329] ? lockdep_hardirqs_on+0x9c/0x150 [ 95.109036][ T5329] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 95.109043][ T5329] ? clear_bhb_loop+0x60/0xb0 [ 95.109050][ T5329] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 95.109061][ T5329] RIP: 0033:0x7fa9cd38e929 [ 95.109073][ T5329] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 95.109082][ T5329] RSP: 002b:00007fa9ce22a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 95.109101][ T5329] RAX: ffffffffffffffda RBX: 00007fa9cd5b5fa0 RCX: 00007fa9cd38e929 [ 95.109110][ T5329] RDX: 00002000000000c0 RSI: 0000000000004c04 RDI: 0000000000000005 [ 95.109118][ T5329] RBP: 00007fa9cd410b39 R08: 0000000000000000 R09: 0000000000000000 [ 95.109124][ T5329] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 95.109130][ T5329] R13: 0000000000000000 R14: 00007fa9cd5b5fa0 R15: 00007ffefdfc8a18 [ 95.109140][ T5329] [ 95.351656][ T5330] syz.0.0: attempt to access beyond end of device [ 95.351656][ T5330] loop0: rw=524288, sector=160, nr_sectors = 1 limit=0 [ 95.358101][ T5330] syz.0.0: attempt to access beyond end of device [ 95.358101][ T5330] loop0: rw=524288, sector=161, nr_sectors = 1 limit=0 [ 95.376097][ T5330] syz.0.0: attempt to access beyond end of device [ 95.376097][ T5330] loop0: rw=524288, sector=162, nr_sectors = 1 limit=0 [ 95.382735][ T5330] syz.0.0: attempt to access beyond end of device [ 95.382735][ T5330] loop0: rw=524288, sector=163, nr_sectors = 1 limit=0 [ 95.389448][ T5330] syz.0.0: attempt to access beyond end of device [ 95.389448][ T5330] loop0: rw=524288, sector=164, nr_sectors = 1 limit=0 [ 95.396266][ T5330] syz.0.0: attempt to access beyond end of device [ 95.396266][ T5330] loop0: rw=524288, sector=165, nr_sectors = 1 limit=0 [ 95.405623][ T5330] syz.0.0: attempt to access beyond end of device [ 95.405623][ T5330] loop0: rw=524288, sector=166, nr_sectors = 1 limit=0 [ 95.412013][ T5330] syz.0.0: attempt to access beyond end of device [ 95.412013][ T5330] loop0: rw=524288, sector=167, nr_sectors = 1 limit=0 [ 95.418302][ T5330] syz.0.0: attempt to access beyond end of device [ 95.418302][ T5330] loop0: rw=0, sector=160, nr_sectors = 1 limit=0 [ 95.425481][ T5329] syz.0.0: attempt to access beyond end of device [ 95.425481][ T5329] loop0: rw=524288, sector=160, nr_sectors = 1 limit=0