[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 19.430871] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 22.773462] random: sshd: uninitialized urandom read (32 bytes read) [ 23.017501] random: sshd: uninitialized urandom read (32 bytes read) [ 23.749680] random: sshd: uninitialized urandom read (32 bytes read) [ 25.060855] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.10.4' (ECDSA) to the list of known hosts. [ 30.482402] random: sshd: uninitialized urandom read (32 bytes read) 2018/04/27 08:29:17 parsed 1 programs 2018/04/27 08:29:17 executed programs: 0 [ 30.932889] IPVS: ftp: loaded support on port[0] = 21 [ 31.105320] [ 31.107003] ====================================================== [ 31.113308] WARNING: possible circular locking dependency detected [ 31.119621] 4.17.0-rc2+ #44 Not tainted [ 31.123581] ------------------------------------------------------ [ 31.129872] syz-executor0/4512 is trying to acquire lock: [ 31.135381] (ptrval) (&bdev->bd_mutex){+.+.}, at: blkdev_reread_part+0x1e/0x40 [ 31.143428] [ 31.143428] but task is already holding lock: [ 31.149374] (ptrval) (&lo->lo_ctl_mutex#2){+.+.}, at: lo_compat_ioctl+0x12a/0x170 [ 31.157686] [ 31.157686] which lock already depends on the new lock. [ 31.157686] [ 31.165987] [ 31.165987] the existing dependency chain (in reverse order) is: [ 31.173583] [ 31.173583] -> #2 (&lo->lo_ctl_mutex#2){+.+.}: [ 31.179638] __mutex_lock+0x16d/0x17f0 [ 31.184034] mutex_lock_nested+0x16/0x20 [ 31.188595] lo_release+0xa3/0x1f0 [ 31.192634] __blkdev_put+0x4f6/0x830 [ 31.196932] blkdev_put+0x98/0x540 [ 31.200970] blkdev_close+0x8b/0xb0 [ 31.205095] __fput+0x34d/0x890 [ 31.208870] ____fput+0x15/0x20 [ 31.212648] task_work_run+0x1e4/0x290 [ 31.217037] exit_to_usermode_loop+0x2bd/0x310 [ 31.222116] do_syscall_64+0x6ac/0x800 [ 31.226503] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 31.232195] [ 31.232195] -> #1 (loop_index_mutex){+.+.}: [ 31.237981] __mutex_lock+0x16d/0x17f0 [ 31.242367] mutex_lock_nested+0x16/0x20 [ 31.246928] lo_open+0x1b/0xb0 [ 31.250619] __blkdev_get+0x358/0x13a0 [ 31.255006] blkdev_get+0xb9/0xb30 [ 31.259055] blkdev_open+0x1fb/0x280 [ 31.263266] do_dentry_open+0x7ef/0xf10 [ 31.267736] vfs_open+0x139/0x230 [ 31.271690] path_openat+0x1676/0x4e20 [ 31.276083] do_filp_open+0x249/0x350 [ 31.280379] do_sys_open+0x56f/0x740 [ 31.284592] __x64_sys_open+0x7e/0xc0 [ 31.288900] do_syscall_64+0x1b1/0x800 [ 31.293286] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 31.298969] [ 31.298969] -> #0 (&bdev->bd_mutex){+.+.}: [ 31.304668] lock_acquire+0x1dc/0x520 [ 31.308972] __mutex_lock+0x16d/0x17f0 [ 31.313356] mutex_lock_nested+0x16/0x20 [ 31.317917] blkdev_reread_part+0x1e/0x40 [ 31.322563] loop_reread_partitions+0x159/0x180 [ 31.327726] loop_set_status+0xb95/0x1010 [ 31.332370] loop_set_status_compat+0xa4/0xf0 [ 31.337362] lo_compat_ioctl+0x14b/0x170 [ 31.341923] compat_blkdev_ioctl+0x3c2/0x1b20 [ 31.346919] __ia32_compat_sys_ioctl+0x221/0x640 [ 31.352174] do_fast_syscall_32+0x345/0xf9b [ 31.356994] entry_SYSENTER_compat+0x70/0x7f [ 31.361922] [ 31.361922] other info that might help us debug this: [ 31.361922] [ 31.370048] Chain exists of: [ 31.370048] &bdev->bd_mutex --> loop_index_mutex --> &lo->lo_ctl_mutex#2 [ 31.370048] [ 31.381391] Possible unsafe locking scenario: [ 31.381391] [ 31.387423] CPU0 CPU1 [ 31.392064] ---- ---- [ 31.396702] lock(&lo->lo_ctl_mutex#2); [ 31.400741] lock(loop_index_mutex); [ 31.407035] lock(&lo->lo_ctl_mutex#2); [ 31.413595] lock(&bdev->bd_mutex); [ 31.417283] [ 31.417283] *** DEADLOCK *** [ 31.417283] [ 31.423322] 1 lock held by syz-executor0/4512: [ 31.427877] #0: (ptrval) (&lo->lo_ctl_mutex#2){+.+.}, at: lo_compat_ioctl+0x12a/0x170 [ 31.436621] [ 31.436621] stack backtrace: [ 31.441101] CPU: 0 PID: 4512 Comm: syz-executor0 Not tainted 4.17.0-rc2+ #44 [ 31.448260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 31.457587] Call Trace: [ 31.460160] dump_stack+0x1b9/0x294 [ 31.463765] ? dump_stack_print_info.cold.2+0x52/0x52 [ 31.468938] ? print_lock+0xd1/0xd6 [ 31.472542] ? vprintk_func+0x81/0xe7 [ 31.476322] print_circular_bug.isra.36.cold.54+0x1bd/0x27d [ 31.482026] ? save_trace+0xe0/0x290 [ 31.485720] __lock_acquire+0x343e/0x5140 [ 31.489848] ? debug_check_no_locks_freed+0x310/0x310 [ 31.495038] ? __lock_acquire+0x7f5/0x5140 [ 31.499254] ? debug_check_no_locks_freed+0x310/0x310 [ 31.504505] ? noop_count+0x40/0x40 [ 31.508114] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 31.513629] ? bpf_prog_kallsyms_find+0xd6/0x4a0 [ 31.518362] ? __bpf_trace_bpf_map_next_key+0x40/0x40 [ 31.523529] ? is_bpf_text_address+0xae/0x170 [ 31.528002] ? lock_downgrade+0x8e0/0x8e0 [ 31.532134] ? print_usage_bug+0xc0/0xc0 [ 31.536173] ? print_usage_bug+0xc0/0xc0 [ 31.540213] ? kasan_check_read+0x11/0x20 [ 31.544337] ? graph_lock+0x170/0x170 [ 31.548119] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 31.553288] lock_acquire+0x1dc/0x520 [ 31.557070] ? blkdev_reread_part+0x1e/0x40 [ 31.561371] ? lock_release+0xa10/0xa10 [ 31.565335] ? check_same_owner+0x320/0x320 [ 31.569633] ? debug_check_no_locks_freed+0x310/0x310 [ 31.574804] ? rcu_note_context_switch+0x710/0x710 [ 31.579722] ? __might_sleep+0x95/0x190 [ 31.583680] ? blkdev_reread_part+0x1e/0x40 [ 31.587984] __mutex_lock+0x16d/0x17f0 [ 31.591850] ? blkdev_reread_part+0x1e/0x40 [ 31.596149] ? blkdev_reread_part+0x1e/0x40 [ 31.600449] ? debug_check_no_locks_freed+0x310/0x310 [ 31.605619] ? mutex_trylock+0x2a0/0x2a0 [ 31.609661] ? kasan_check_write+0x14/0x20 [ 31.613875] ? do_raw_spin_lock+0xc1/0x200 [ 31.618088] ? graph_lock+0x170/0x170 [ 31.621870] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 31.626951] ? graph_lock+0x170/0x170 [ 31.630730] ? graph_lock+0x170/0x170 [ 31.634509] ? save_stack+0xa9/0xd0 [ 31.638114] ? save_stack+0x43/0xd0 [ 31.641716] ? __lock_is_held+0xb5/0x140 [ 31.645770] ? print_usage_bug+0xc0/0xc0 [ 31.649812] ? lock_downgrade+0x8e0/0x8e0 [ 31.653939] ? mark_held_locks+0xc9/0x160 [ 31.658065] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 31.662638] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 31.667729] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 31.672720] ? trace_hardirqs_on+0xd/0x10 [ 31.676847] ? __wake_up_common_lock+0x1c2/0x300 [ 31.681584] mutex_lock_nested+0x16/0x20 [ 31.685633] ? mutex_lock_nested+0x16/0x20 [ 31.689855] blkdev_reread_part+0x1e/0x40 [ 31.693993] loop_reread_partitions+0x159/0x180 [ 31.698658] ? __loop_update_dio+0x6a0/0x6a0 [ 31.703051] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 31.708566] loop_set_status+0xb95/0x1010 [ 31.712696] loop_set_status_compat+0xa4/0xf0 [ 31.717170] ? loop_set_status+0x1010/0x1010 [ 31.721560] lo_compat_ioctl+0x14b/0x170 [ 31.725597] ? lo_ioctl+0x2130/0x2130 [ 31.729379] compat_blkdev_ioctl+0x3c2/0x1b20 [ 31.733853] ? bfq_create_group_hierarchy+0x120/0x120 [ 31.739031] ? __x32_compat_sys_get_robust_list+0x430/0x430 [ 31.744728] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 31.749896] ? bfq_create_group_hierarchy+0x120/0x120 [ 31.755083] __ia32_compat_sys_ioctl+0x221/0x640 [ 31.759822] do_fast_syscall_32+0x345/0xf9b [ 31.764124] ? do_int80_syscall_32+0x880/0x880 [ 31.768686] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 31.773425] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 31.778941] ? syscall_return_slowpath+0x30f/0x5c0 [ 31.783850] ? sysret32_from_system_call+0x5/0x46 [ 31.788671] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 31.793503] entry_SYSENTER_compat+0x70/0x7f [ 31.797890] RIP: 0023:0xf7f9ecb9 [ 31.801229] RSP: 002b:00000000ff901cdc EFLAGS: 00000282 ORIG_RAX: 0000000000000036 [ 31.808915] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000004c02 [ 31.816163] RDX: 0000000020000200 RSI: 0000000000000000 RDI: 0000000000000000 [ 31.823409] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 31.830656] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 31.837903] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/04/27 08:29:22 executed programs: 234 2018/04/27 08:29:27 executed programs: 518