[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 21.290893] random: sshd: uninitialized urandom read (32 bytes read, 32 bits of entropy available) [?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 24.478700] random: sshd: uninitialized urandom read (32 bytes read, 36 bits of entropy available) [ 24.754240] random: sshd: uninitialized urandom read (32 bytes read, 36 bits of entropy available) [ 25.859121] random: sshd: uninitialized urandom read (32 bytes read, 120 bits of entropy available) [ 26.023486] random: sshd: uninitialized urandom read (32 bytes read, 124 bits of entropy available) Warning: Permanently added '10.128.0.2' (ECDSA) to the list of known hosts. [ 31.573788] random: sshd: uninitialized urandom read (32 bytes read, 128 bits of entropy available) 2018/04/13 02:57:10 parsed 1 programs 2018/04/13 02:57:10 executed programs: 0 [ 32.027753] IPVS: Creating netns size=2552 id=1 [ 32.120098] [ 32.121759] ====================================================== [ 32.128053] [ INFO: possible circular locking dependency detected ] [ 32.134453] 4.4.125-g38f41ec #21 Not tainted [ 32.138842] ------------------------------------------------------- [ 32.145222] syz-executor0/3724 is trying to acquire lock: [ 32.150730] (&bdev->bd_mutex){+.+.+.}, at: [] blkdev_reread_part+0x1e/0x40 [ 32.159854] [ 32.159854] but task is already holding lock: [ 32.165795] (&lo->lo_ctl_mutex#2){+.+.+.}, at: [] lo_compat_ioctl+0x109/0x140 [ 32.175288] [ 32.175288] which lock already depends on the new lock. [ 32.175288] [ 32.183577] [ 32.183577] the existing dependency chain (in reverse order) is: [ 32.191178] -> #2 (&lo->lo_ctl_mutex#2){+.+.+.}: [ 32.196699] [] lock_acquire+0x15e/0x460 [ 32.202945] [] mutex_lock_nested+0xbb/0x850 [ 32.209531] [] lo_release+0x85/0x160 [ 32.215513] [] __blkdev_put+0x5f7/0x7e0 [ 32.221759] [] blkdev_put+0x85/0x550 [ 32.227740] [] blkdev_close+0x8b/0xb0 [ 32.233830] [] __fput+0x233/0x6d0 [ 32.239560] [] ____fput+0x15/0x20 [ 32.245273] [] task_work_run+0x104/0x180 [ 32.251600] [] exit_to_usermode_loop+0x13d/0x160 [ 32.258618] [] syscall_return_slowpath+0x1b5/0x1f0 [ 32.265810] [] int_ret_from_sys_call+0x25/0xa3 [ 32.272693] -> #1 (loop_index_mutex){+.+.+.}: [ 32.277843] [] lock_acquire+0x15e/0x460 [ 32.284081] [] mutex_lock_nested+0xbb/0x850 [ 32.290699] [] lo_open+0x1b/0xa0 [ 32.296329] [] __blkdev_get+0x2ac/0xdf0 [ 32.302567] [] blkdev_get+0x33d/0x940 [ 32.308628] [] blkdev_open+0x1a5/0x250 [ 32.314793] [] do_dentry_open+0x59b/0xba0 [ 32.321219] [] vfs_open+0x110/0x210 [ 32.327113] [] path_openat+0x923/0x3940 [ 32.333352] [] do_filp_open+0x197/0x290 [ 32.339597] [] do_sys_open+0x369/0x660 [ 32.345749] [] SyS_open+0x2d/0x40 [ 32.351460] [] entry_SYSCALL_64_fastpath+0x22/0x9e [ 32.358670] -> #0 (&bdev->bd_mutex){+.+.+.}: [ 32.363695] [] __lock_acquire+0x371f/0x4b50 [ 32.370284] [] lock_acquire+0x15e/0x460 [ 32.376520] [] mutex_lock_nested+0xbb/0x850 [ 32.383111] [] blkdev_reread_part+0x1e/0x40 [ 32.389703] [] loop_reread_partitions+0x78/0xe0 [ 32.396651] [] loop_set_status+0x995/0xfc0 [ 32.403146] [] loop_set_status_compat+0x9a/0x100 [ 32.410171] [] lo_compat_ioctl+0x114/0x140 [ 32.416674] [] compat_blkdev_ioctl+0x3d4/0x3b10 [ 32.423605] [] compat_SyS_ioctl+0x28a/0x2540 [ 32.430279] [] do_fast_syscall_32+0x321/0x8a0 [ 32.437036] [] sysenter_flags_fixed+0xd/0x17 [ 32.443717] [ 32.443717] other info that might help us debug this: [ 32.443717] [ 32.451840] Chain exists of: &bdev->bd_mutex --> loop_index_mutex --> &lo->lo_ctl_mutex#2 [ 32.461423] Possible unsafe locking scenario: [ 32.461423] [ 32.467459] CPU0 CPU1 [ 32.472099] ---- ---- [ 32.476735] lock(&lo->lo_ctl_mutex#2); [ 32.481127] lock(loop_index_mutex); [ 32.487654] lock(&lo->lo_ctl_mutex#2); [ 32.494574] lock(&bdev->bd_mutex); [ 32.498508] [ 32.498508] *** DEADLOCK *** [ 32.498508] [ 32.504539] 1 lock held by syz-executor0/3724: [ 32.509090] #0: (&lo->lo_ctl_mutex#2){+.+.+.}, at: [] lo_compat_ioctl+0x109/0x140 [ 32.519151] [ 32.519151] stack backtrace: [ 32.523623] CPU: 0 PID: 3724 Comm: syz-executor0 Not tainted 4.4.125-g38f41ec #21 [ 32.531228] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 32.540564] 0000000000000000 8708ecb45e1de033 ffff8800af5a75e8 ffffffff81d067bd [ 32.548549] ffffffff85188b10 ffffffff851880f0 ffffffff851b1160 ffff8801cb353908 [ 32.556531] ffff8801cb353000 ffff8800af5a7630 ffffffff81234081 ffff8801cb353908 [ 32.564521] Call Trace: [ 32.567095] [] dump_stack+0xc1/0x124 [ 32.572432] [] print_circular_bug+0x271/0x310 [ 32.578553] [] __lock_acquire+0x371f/0x4b50 [ 32.584496] [] ? save_stack_trace+0x26/0x50 [ 32.590451] [] ? save_stack+0x43/0xd0 [ 32.595883] [] ? kasan_slab_free+0x72/0xc0 [ 32.601742] [] ? kfree+0xfc/0x300 [ 32.606817] [] ? kobject_uevent_env+0x24f/0xb40 [ 32.613111] [] ? debug_check_no_locks_freed+0x2c0/0x2c0 [ 32.620107] [] ? __lock_acquire+0xb5f/0x4b50 [ 32.626138] [] ? __lock_is_held+0xa1/0xf0 [ 32.631909] [] lock_acquire+0x15e/0x460 [ 32.637516] [] ? blkdev_reread_part+0x1e/0x40 [ 32.643633] [] ? blkdev_reread_part+0x1e/0x40 [ 32.649752] [] mutex_lock_nested+0xbb/0x850 [ 32.655702] [] ? blkdev_reread_part+0x1e/0x40 [ 32.661823] [] ? __ww_mutex_lock+0x14f0/0x14f0 [ 32.668031] [] ? _raw_spin_unlock_irqrestore+0x5a/0x70 [ 32.674930] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 32.681742] [] blkdev_reread_part+0x1e/0x40 [ 32.687690] [] loop_reread_partitions+0x78/0xe0 [ 32.694006] [] loop_set_status+0x995/0xfc0 [ 32.699954] [] loop_set_status_compat+0x9a/0x100 [ 32.706331] [] ? loop_set_status+0xfc0/0xfc0 [ 32.712367] [] lo_compat_ioctl+0x114/0x140 [ 32.718225] [] ? lo_ioctl+0x19c0/0x19c0 [ 32.723829] [] compat_blkdev_ioctl+0x3d4/0x3b10 [ 32.730119] [] ? cfq_dispatch_requests+0x2fa0/0x2fa0 [ 32.736850] [] ? exit_robust_list+0x240/0x240 [ 32.742967] [] ? security_file_ioctl+0x89/0xb0 [ 32.749175] [] compat_SyS_ioctl+0x28a/0x2540 [ 32.755218] [] ? do_huge_pmd_anonymous_page+0x3dd/0xa10 [ 32.762226] [] ? cfq_dispatch_requests+0x2fa0/0x2fa0 [ 32.768956] [] ? compat_SyS_ppoll+0x420/0x420 [ 32.775075] [] ? handle_mm_fault+0x3f2/0x3190 [ 32.781204] [] ? debug_check_no_obj_freed+0x2d2/0x9b0 [ 32.788022] [] ? compat_SyS_futex+0x1f9/0x2a0 [ 32.794139] [] ? compat_SyS_get_robust_list+0x300/0x300 [ 32.801129] [] ? __do_page_fault+0x380/0xa00 [ 32.807163] [] ? do_fast_syscall_32+0xd7/0x8a0 [ 32.813374] [] ? compat_SyS_ppoll+0x420/0x420 [ 32.819496] [] do_fa