INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.3' (ECDSA) to the list of known hosts. 2018/04/14 03:13:54 parsed 1 programs 2018/04/14 03:13:54 executed programs: 0 syzkaller login: [ 26.012735] IPVS: Creating netns size=2536 id=1 [ 26.144254] [ 26.145907] ====================================================== [ 26.152194] [ INFO: possible circular locking dependency detected ] [ 26.158573] 4.9.93-gcb02358 #1 Not tainted [ 26.162776] ------------------------------------------------------- [ 26.169327] syz-executor0/3682 is trying to acquire lock: [ 26.174831] (&bdev->bd_mutex){+.+.+.}, at: [] blkdev_reread_part+0x1e/0x40 [ 26.183833] but task is already holding lock: [ 26.188477] (&lo->lo_ctl_mutex#2){+.+.+.}, at: [] lo_compat_ioctl+0x110/0x140 [ 26.197978] which lock already depends on the new lock. [ 26.197978] [ 26.204967] [ 26.204967] the existing dependency chain (in reverse order) is: [ 26.212569] -> #2 (&lo->lo_ctl_mutex#2){+.+.+.}: [ 26.218098] lock_acquire+0x130/0x3e0 [ 26.222935] mutex_lock_nested+0xc0/0x870 [ 26.227576] lo_release+0x85/0x160 [ 26.231611] __blkdev_put+0x636/0x840 [ 26.235916] blkdev_put+0x85/0x560 [ 26.239948] blkdev_close+0x8b/0xb0 [ 26.244067] __fput+0x263/0x700 [ 26.247838] ____fput+0x15/0x20 [ 26.251614] task_work_run+0x10c/0x180 [ 26.255995] exit_to_usermode_loop+0xfc/0x120 [ 26.260990] do_syscall_64+0x364/0x490 [ 26.265374] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 26.270984] -> #1 (loop_index_mutex){+.+.+.}: [ 26.276117] lock_acquire+0x130/0x3e0 [ 26.280415] mutex_lock_nested+0xc0/0x870 [ 26.285061] lo_open+0x1b/0xa0 [ 26.288750] __blkdev_get+0x263/0xd60 [ 26.293047] blkdev_get+0x2da/0x920 [ 26.297177] blkdev_open+0x1a5/0x250 [ 26.301572] do_dentry_open+0x703/0xc80 [ 26.306043] vfs_open+0x11c/0x210 [ 26.309995] path_openat+0x758/0x3590 [ 26.314293] do_filp_open+0x197/0x270 [ 26.318590] do_sys_open+0x30d/0x5c0 [ 26.322810] SyS_open+0x2d/0x40 [ 26.326593] do_syscall_64+0x1a6/0x490 [ 26.331063] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 26.336656] -> #0 (&bdev->bd_mutex){+.+.+.}: [ 26.341710] __lock_acquire+0x3019/0x4070 [ 26.346363] lock_acquire+0x130/0x3e0 [ 26.350684] mutex_lock_nested+0xc0/0x870 [ 26.355347] blkdev_reread_part+0x1e/0x40 [ 26.359999] loop_reread_partitions+0x7c/0x90 [ 26.364992] loop_set_status+0x9c7/0xfc0 [ 26.369635] loop_set_status_compat+0x9a/0xf0 [ 26.374995] lo_compat_ioctl+0x11b/0x140 [ 26.379550] compat_blkdev_ioctl+0x3a5/0x3ad0 [ 26.384538] compat_SyS_ioctl+0x126/0x1fe0 [ 26.389271] do_fast_syscall_32+0x2f7/0x870 [ 26.394088] entry_SYSENTER_compat+0x90/0xa2 [ 26.399072] [ 26.399072] other info that might help us debug this: [ 26.399072] [ 26.407206] Chain exists of: &bdev->bd_mutex --> loop_index_mutex --> &lo->lo_ctl_mutex#2 [ 26.416794] Possible unsafe locking scenario: [ 26.416794] [ 26.422823] CPU0 CPU1 [ 26.427463] ---- ---- [ 26.432102] lock(&lo->lo_ctl_mutex#2); [ 26.436491] lock(loop_index_mutex); [ 26.443024] lock(&lo->lo_ctl_mutex#2); [ 26.449926] lock(&bdev->bd_mutex); [ 26.453868] [ 26.453868] *** DEADLOCK *** [ 26.453868] [ 26.459913] 1 lock held by syz-executor0/3682: [ 26.464483] #0: (&lo->lo_ctl_mutex#2){+.+.+.}, at: [] lo_compat_ioctl+0x110/0x140 [ 26.478869] [ 26.478869] stack backtrace: [ 26.483343] CPU: 0 PID: 3682 Comm: syz-executor0 Not tainted 4.9.93-gcb02358 #1 [ 26.490758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 26.500097] ffff8801c0c17788 ffffffff81d9aa29 ffffffff8538b670 ffffffff853b5cd0 [ 26.508192] ffffffff8538aaa0 ffff8801c18f50e0 ffff8801c18f4800 ffff8801c0c177d0 [ 26.516191] ffffffff8142399d 0000000000000001 00000000c18f4800 0000000000000001 [ 26.524191] Call Trace: [ 26.526759] [] dump_stack+0xc1/0x128 [ 26.532105] [] print_circular_bug.cold.51+0x1bd/0x27d [ 26.540325] [] __lock_acquire+0x3019/0x4070 [ 26.546448] [] ? save_stack_trace+0x16/0x20 [ 26.552398] [] ? save_stack+0x43/0xd0 [ 26.557824] [] ? kasan_slab_free+0x72/0xc0 [ 26.563688] [] ? debug_check_no_locks_freed+0x210/0x210 [ 26.570854] [] ? __lock_acquire+0x654/0x4070 [ 26.576885] [] ? __lock_is_held+0xa2/0xf0 [ 26.582656] [] lock_acquire+0x130/0x3e0 [ 26.588257] [] ? blkdev_reread_part+0x1e/0x40 [ 26.594382] [] ? blkdev_reread_part+0x1e/0x40 [ 26.600514] [] mutex_lock_nested+0xc0/0x870 [ 26.606457] [] ? blkdev_reread_part+0x1e/0x40 [ 26.612576] [] ? mutex_trylock+0x3e0/0x3e0 [ 26.618438] [] ? _raw_spin_unlock_irqrestore+0x5a/0x70 [ 26.625338] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 26.632148] [] blkdev_reread_part+0x1e/0x40 [ 26.638093] [] loop_reread_partitions+0x7c/0x90 [ 26.644383] [] loop_set_status+0x9c7/0xfc0 [ 26.650249] [] loop_set_status_compat+0x9a/0xf0 [ 26.656539] [] ? loop_set_status+0xfc0/0xfc0 [ 26.662568] [] lo_compat_ioctl+0x11b/0x140 [ 26.668541] [] ? lo_ioctl+0x1aa0/0x1aa0 [ 26.674140] [] compat_blkdev_ioctl+0x3a5/0x3ad0 [ 26.680434] [] ? debug_check_no_obj_freed+0x2ec/0x930 [ 26.687247] [] ? cfq_dispatch_requests+0x2ef0/0x2ef0 [ 26.693984] [