INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.3' (ECDSA) to the list of known hosts. 2018/04/13 01:16:32 parsed 1 programs 2018/04/13 01:16:32 executed programs: 0 syzkaller login: [ 29.031971] IPVS: Creating netns size=2536 id=1 [ 29.165727] [ 29.167364] ====================================================== [ 29.173647] [ INFO: possible circular locking dependency detected ] [ 29.180023] 4.9.93-gf6bec4e #1 Not tainted [ 29.184225] ------------------------------------------------------- [ 29.190595] syz-executor0/3699 is trying to acquire lock: [ 29.196099] (&bdev->bd_mutex){+.+.+.}, at: [] blkdev_reread_part+0x1e/0x40 [ 29.205097] but task is already holding lock: [ 29.209732] (&lo->lo_ctl_mutex#2){+.+.+.}, at: [] lo_compat_ioctl+0x110/0x140 [ 29.219099] which lock already depends on the new lock. [ 29.219099] [ 29.226079] [ 29.226079] the existing dependency chain (in reverse order) is: [ 29.233666] -> #2 (&lo->lo_ctl_mutex#2){+.+.+.}: [ 29.239162] lock_acquire+0x130/0x3e0 [ 29.243454] mutex_lock_nested+0xc0/0x870 [ 29.248090] lo_release+0x85/0x160 [ 29.252122] __blkdev_put+0x636/0x840 [ 29.256414] blkdev_put+0x85/0x560 [ 29.260457] blkdev_close+0x8b/0xb0 [ 29.264576] __fput+0x263/0x700 [ 29.268348] ____fput+0x15/0x20 [ 29.272119] task_work_run+0x10c/0x180 [ 29.276499] exit_to_usermode_loop+0xfc/0x120 [ 29.281482] do_syscall_64+0x364/0x490 [ 29.285861] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 29.291452] -> #1 (loop_index_mutex){+.+.+.}: [ 29.297125] lock_acquire+0x130/0x3e0 [ 29.301418] mutex_lock_nested+0xc0/0x870 [ 29.306057] lo_open+0x1b/0xa0 [ 29.309739] __blkdev_get+0x263/0xd60 [ 29.314032] blkdev_get+0x2da/0x920 [ 29.318152] blkdev_open+0x1a5/0x250 [ 29.322356] do_dentry_open+0x703/0xc80 [ 29.326821] vfs_open+0x11c/0x210 [ 29.330764] path_openat+0x758/0x3590 [ 29.335056] do_filp_open+0x197/0x270 [ 29.339346] do_sys_open+0x310/0x5c0 [ 29.343550] SyS_open+0x2d/0x40 [ 29.347322] do_syscall_64+0x1a6/0x490 [ 29.351700] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 29.357298] -> #0 (&bdev->bd_mutex){+.+.+.}: [ 29.362333] __lock_acquire+0x301c/0x4080 [ 29.366973] lock_acquire+0x130/0x3e0 [ 29.371271] mutex_lock_nested+0xc0/0x870 [ 29.375911] blkdev_reread_part+0x1e/0x40 [ 29.380551] loop_reread_partitions+0x7c/0x90 [ 29.385535] loop_set_status+0x9c7/0xfc0 [ 29.390086] loop_set_status_compat+0x9a/0xf0 [ 29.395070] lo_compat_ioctl+0x11b/0x140 [ 29.399622] compat_blkdev_ioctl+0x3a5/0x3ad0 [ 29.404607] compat_SyS_ioctl+0x126/0x1fe0 [ 29.409333] do_fast_syscall_32+0x2f7/0x870 [ 29.414151] entry_SYSENTER_compat+0x90/0xa2 [ 29.419045] [ 29.419045] other info that might help us debug this: [ 29.419045] [ 29.427158] Chain exists of: &bdev->bd_mutex --> loop_index_mutex --> &lo->lo_ctl_mutex#2 [ 29.436739] Possible unsafe locking scenario: [ 29.436739] [ 29.442765] CPU0 CPU1 [ 29.447400] ---- ---- [ 29.452035] lock(&lo->lo_ctl_mutex#2); [ 29.456418] lock(loop_index_mutex); [ 29.462936] lock(&lo->lo_ctl_mutex#2); [ 29.469836] lock(&bdev->bd_mutex); [ 29.473750] [ 29.473750] *** DEADLOCK *** [ 29.473750] [ 29.479790] 1 lock held by syz-executor0/3699: [ 29.484338] #0: (&lo->lo_ctl_mutex#2){+.+.+.}, at: [] lo_compat_ioctl+0x110/0x140 [ 29.494258] [ 29.494258] stack backtrace: [ 29.498729] CPU: 0 PID: 3699 Comm: syz-executor0 Not tainted 4.9.93-gf6bec4e #1 [ 29.506141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 29.515467] ffff8801c43c7788 ffffffff81d9c299 ffffffff8538b670 ffffffff853b5970 [ 29.523450] ffffffff8538aaa0 ffff8801c1d568e0 ffff8801c1d56000 ffff8801c43c77d0 [ 29.531425] ffffffff814241ad 0000000000000001 00000000c1d56000 0000000000000001 [ 29.539412] Call Trace: [ 29.541975] [] dump_stack+0xc1/0x128 [ 29.547311] [] print_circular_bug.cold.51+0x1bd/0x27d [ 29.554147] [] __lock_acquire+0x301c/0x4080 [ 29.560090] [] ? save_stack_trace+0x16/0x20 [ 29.566033] [] ? save_stack+0x43/0xd0 [ 29.571458] [] ? kasan_slab_free+0x72/0xc0 [ 29.577313] [] ? debug_check_no_locks_freed+0x210/0x210 [ 29.584296] [] ? __lock_acquire+0x654/0x4080 [ 29.590324] [] ? __lock_is_held+0xa2/0xf0 [ 29.596093] [] lock_acquire+0x130/0x3e0 [ 29.601691] [] ? blkdev_reread_part+0x1e/0x40 [ 29.607808] [] ? blkdev_reread_part+0x1e/0x40 [ 29.613928] [] mutex_lock_nested+0xc0/0x870 [ 29.619871] [] ? blkdev_reread_part+0x1e/0x40 [ 29.625990] [] ? mutex_trylock+0x3e0/0x3e0 [ 29.631845] [] ? _raw_spin_unlock_irqrestore+0x5a/0x70 [ 29.638742] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 29.645562] [] blkdev_reread_part+0x1e/0x40 [ 29.651505] [] loop_reread_partitions+0x7c/0x90 [ 29.657793] [] loop_set_status+0x9c7/0xfc0 [ 29.663653] [] loop_set_status_compat+0x9a/0xf0 [ 29.669944] [] ? loop_set_status+0xfc0/0xfc0 [ 29.675973] [] lo_compat_ioctl+0x11b/0x140 [ 29.681834] [] ? lo_ioctl+0x1aa0/0x1aa0 [ 29.687429] [] compat_blkdev_ioctl+0x3a5/0x3ad0 [ 29.693716] [] ? debug_check_no_obj_freed+0x2ec/0x930 [ 29.700525] [] ? cfq_dispatch_requests+0x2ef0/0x2ef0 [ 29.707249] [] ? compat_SyS_futex+0x1e1/0x2f0 [ 29.713364] [] ? security_file_ioctl+0x8f/0xc0 [ 29.719570] [] compat_SyS_ioctl+0x126/0x1fe0 [ 29.725601] [] ? cfq_dispatch_requests+0x2ef0/0x2ef0 [ 29.732323] [] ? do_ioctl+0x60/0x60 [ 29.737573] [] do_fast_syscall_32+0x2f7/0x870 [ 29.743689] [] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 29.750333] [] entry_SYSENTER_compat+0x90/0xa2