syzbot

======================================================
[ INFO: possible circular locking dependency detected ]
4.9.75-g06fe41f #16 Not tainted
-------------------------------------------------------
syzkaller027926/3332 is trying to acquire lock:
 (&bdev->bd_mutex){+.+.+.}, at: [<ffffffff81d34f1e>] blkdev_reread_part+0x1e/0x40 block/ioctl.c:189
but task is already holding lock:
 (&lo->lo_ctl_mutex#2){+.+...}, at: [<ffffffff824b6769>] lo_compat_ioctl+0x109/0x140 drivers/block/loop.c:1515
which lock already depends on the new lock.


the existing dependency chain (in reverse order) is:

       lock_acquire+0x12e/0x410 kernel/locking/lockdep.c:3756
       __mutex_lock_common kernel/locking/mutex.c:521 [inline]
       mutex_lock_nested+0xbb/0x870 kernel/locking/mutex.c:621
       lo_release+0x6b/0x140 drivers/block/loop.c:1569
       __blkdev_put+0x5f7/0x7e0 fs/block_dev.c:1598
       blkdev_put+0x85/0x550 fs/block_dev.c:1663
       blkdev_close+0x8b/0xb0 fs/block_dev.c:1670
       __fput+0x28c/0x6e0 fs/file_table.c:208
       ____fput+0x15/0x20 fs/file_table.c:244
       task_work_run+0x115/0x190 kernel/task_work.c:116
       tracehook_notify_resume include/linux/tracehook.h:191 [inline]
       exit_to_usermode_loop+0xfc/0x120 arch/x86/entry/common.c:160
       prepare_exit_to_usermode arch/x86/entry/common.c:190 [inline]
       syscall_return_slowpath+0x1a0/0x1e0 arch/x86/entry/common.c:259
       entry_SYSCALL_64_fastpath+0xe0/0xe2

       check_prev_add kernel/locking/lockdep.c:1828 [inline]
       check_prevs_add kernel/locking/lockdep.c:1938 [inline]
       validate_chain kernel/locking/lockdep.c:2265 [inline]
       __lock_acquire+0x2bf9/0x3640 kernel/locking/lockdep.c:3345
       lock_acquire+0x12e/0x410 kernel/locking/lockdep.c:3756
       __mutex_lock_common kernel/locking/mutex.c:521 [inline]
       mutex_lock_nested+0xbb/0x870 kernel/locking/mutex.c:621
       blkdev_reread_part+0x1e/0x40 block/ioctl.c:189
       loop_reread_partitions+0x78/0xe0 drivers/block/loop.c:634
       loop_set_status+0x995/0xfc0 drivers/block/loop.c:1164
       loop_set_status_compat+0x9a/0x100 drivers/block/loop.c:1488
       lo_compat_ioctl+0x114/0x140 drivers/block/loop.c:1516
       compat_blkdev_ioctl+0x3e3/0x3bc0 block/compat_ioctl.c:751
       C_SYSC_ioctl fs/compat_ioctl.c:1602 [inline]
       compat_SyS_ioctl+0x15f/0x2050 fs/compat_ioctl.c:1549
       do_syscall_32_irqs_on arch/x86/entry/common.c:322 [inline]
       do_fast_syscall_32+0x2f7/0x890 arch/x86/entry/common.c:384
       entry_SYSENTER_compat+0x74/0x83 arch/x86/entry/entry_64_compat.S:127

other info that might help us debug this:

 Possible unsafe locking scenario:

       CPU0                    CPU1
       ----                    ----
  lock(&lo->lo_ctl_mutex#2);
                               lock(&bdev->bd_mutex);
                               lock(&lo->lo_ctl_mutex#2);
  lock(&bdev->bd_mutex);

 *** DEADLOCK ***

1 lock held by syzkaller027926/3332:
 #0:  (&lo->lo_ctl_mutex#2){+.+...}, at: [<ffffffff824b6769>] lo_compat_ioctl+0x109/0x140 drivers/block/loop.c:1515

stack backtrace:
CPU: 1 PID: 3332 Comm: syzkaller027926 Not tainted 4.9.75-g06fe41f #16
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 ffff8801caa97768 ffffffff81d93049 ffffffff85385970 ffffffff85385970
 ffffffff853b2850 ffff8801c980b8d8 ffff8801c980b000 ffff8801caa977b0
 ffffffff81237431 ffff8801c980b8d8 00000000c980b8b0 ffff8801c980b8d8
Call Trace:
 [<ffffffff81d93049>] __dump_stack lib/dump_stack.c:15 [inline]
 [<ffffffff81d93049>] dump_stack+0xc1/0x128 lib/dump_stack.c:51
 [<ffffffff81237431>] print_circular_bug+0x271/0x310 kernel/locking/lockdep.c:1202
 [<ffffffff8123d869>] check_prev_add kernel/locking/lockdep.c:1828 [inline]
 [<ffffffff8123d869>] check_prevs_add kernel/locking/lockdep.c:1938 [inline]
 [<ffffffff8123d869>] validate_chain kernel/locking/lockdep.c:2265 [inline]
 [<ffffffff8123d869>] __lock_acquire+0x2bf9/0x3640 kernel/locking/lockdep.c:3345
 [<ffffffff8123ecee>] lock_acquire+0x12e/0x410 kernel/locking/lockdep.c:3756
 [<ffffffff838a6cdb>] __mutex_lock_common kernel/locking/mutex.c:521 [inline]
 [<ffffffff838a6cdb>] mutex_lock_nested+0xbb/0x870 kernel/locking/mutex.c:621
 [<ffffffff81d34f1e>] blkdev_reread_part+0x1e/0x40 block/ioctl.c:189
 [<ffffffff824b12f8>] loop_reread_partitions+0x78/0xe0 drivers/block/loop.c:634
 [<ffffffff824b1cf5>] loop_set_status+0x995/0xfc0 drivers/block/loop.c:1164
 [<ffffffff824b23ba>] loop_set_status_compat+0x9a/0x100 drivers/block/loop.c:1488
 [<ffffffff824b6774>] lo_compat_ioctl+0x114/0x140 drivers/block/loop.c:1516
 [<ffffffff81d86e13>] compat_blkdev_ioctl+0x3e3/0x3bc0 block/compat_ioctl.c:751
 [<ffffffff8167b72f>] C_SYSC_ioctl fs/compat_ioctl.c:1602 [inline]
 [<ffffffff8167b72f>] compat_SyS_ioctl+0x15f/0x2050 fs/compat_ioctl.c:1549
 [<ffffffff81006fc7>] do_syscall_32_irqs_on arch/x86/entry/common.c:322 [inline]
 [<ffffffff81006fc7>] do_fast_syscall_32+0x2f7/0x890 arch/x86/entry/common.c:384
 [<ffffffff838b2334>] entry_SYSENTER_compat+0x74/0x83 arch/x86/entry/entry_64_compat.S:127