[....] Starting enhanced syslogd: rsyslogd[ 12.201923] audit: type=1400 audit(1513106144.193:4): avc: denied { syslog } for pid=3170 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added 'ci-android-49-kasan-gce-386-3,10.128.15.237' (ECDSA) to the list of known hosts. executing program executing program syzkaller login: [ 31.010204] [ 31.011841] ====================================================== [ 31.018127] [ INFO: possible circular locking dependency detected ] [ 31.024499] 4.9.68-gfb66dc2 #3 Not tainted [ 31.028693] ------------------------------------------------------- [ 31.035061] syzkaller957935/3328 is trying to acquire lock: [ 31.040729] (&bdev->bd_mutex){+.+.+.}, at: [] blkdev_reread_part+0x1e/0x40 [ 31.049708] but task is already holding lock: [ 31.054343] (&lo->lo_ctl_mutex#2){+.+.+.}, at: [] lo_compat_ioctl+0x109/0x140 [ 31.063675] which lock already depends on the new lock. [ 31.063675] [ 31.070649] [ 31.070649] the existing dependency chain (in reverse order) is: [ 31.078230] -> #1 (&lo->lo_ctl_mutex#2){+.+.+.}: [ 31.083685] lock_acquire+0x12e/0x410 [ 31.087969] mutex_lock_nested+0xbb/0x870 [ 31.092601] lo_release+0x6b/0x140 [ 31.096631] __blkdev_put+0x5f7/0x7e0 [ 31.100923] blkdev_put+0x85/0x550 [ 31.104945] blkdev_close+0x8b/0xb0 [ 31.109055] __fput+0x28c/0x6e0 [ 31.112818] ____fput+0x15/0x20 [ 31.116580] task_work_run+0x115/0x190 [ 31.120950] exit_to_usermode_loop+0xfc/0x120 [ 31.125930] syscall_return_slowpath+0x1a0/0x1e0 [ 31.131168] entry_SYSCALL_64_fastpath+0xc4/0xc6 [ 31.136413] -> #0 (&bdev->bd_mutex){+.+.+.}: [ 31.141404] __lock_acquire+0x2bf9/0x3640 [ 31.146034] lock_acquire+0x12e/0x410 [ 31.150317] mutex_lock_nested+0xbb/0x870 [ 31.154948] blkdev_reread_part+0x1e/0x40 [ 31.159575] loop_reread_partitions+0x78/0xe0 [ 31.164553] loop_set_status+0x995/0xfc0 [ 31.169095] loop_set_status_compat+0x9a/0x100 [ 31.174158] lo_compat_ioctl+0x114/0x140 [ 31.178705] compat_blkdev_ioctl+0x3e3/0x3bc0 [ 31.183683] compat_SyS_ioctl+0x15f/0x2050 [ 31.188398] do_fast_syscall_32+0x2f7/0x890 [ 31.193201] entry_SYSENTER_compat+0x51/0x60 [ 31.198089] [ 31.198089] other info that might help us debug this: [ 31.198089] [ 31.206193] Possible unsafe locking scenario: [ 31.206193] [ 31.212209] CPU0 CPU1 [ 31.216837] ---- ---- [ 31.221463] lock(&lo->lo_ctl_mutex#2); [ 31.225816] lock(&bdev->bd_mutex); [ 31.232242] lock(&lo->lo_ctl_mutex#2); [ 31.239207] lock(&bdev->bd_mutex); [ 31.243106] [ 31.243106] *** DEADLOCK *** [ 31.243106] [ 31.249128] 1 lock held by syzkaller957935/3328: [ 31.253841] #0: (&lo->lo_ctl_mutex#2){+.+.+.}, at: [] lo_compat_ioctl+0x109/0x140 [ 31.263727] [ 31.263727] stack backtrace: [ 31.268186] CPU: 0 PID: 3328 Comm: syzkaller957935 Not tainted 4.9.68-gfb66dc2 #3 [ 31.275765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 31.285082] ffff8801d83ef768 ffffffff81d90889 ffffffff8536cf50 ffffffff8536cf50 [ 31.293022] ffffffff8539a190 ffff8801d5ebb8d8 ffff8801d5ebb000 ffff8801d83ef7b0 [ 31.300962] ffffffff81235c31 ffff8801d5ebb8d8 00000000d5ebb8b0 ffff8801d5ebb8d8 [ 31.308898] Call Trace: [ 31.311451] [] dump_stack+0xc1/0x128 [ 31.316781] [] print_circular_bug+0x271/0x310 [ 31.322903] [] __lock_acquire+0x2bf9/0x3640 [ 31.328925] [] ? save_stack+0xa3/0xd0 [ 31.334337] [] ? save_stack_trace+0x16/0x20 [ 31.340272] [] ? debug_check_no_locks_freed+0x2c0/0x2c0 [ 31.347246] [] ? __lock_acquire+0x629/0x3640 [ 31.353264] [] ? __lock_is_held+0xa1/0xf0 [ 31.359024] [] lock_acquire+0x12e/0x410 [ 31.364611] [] ? blkdev_reread_part+0x1e/0x40 [ 31.370719] [] ? blkdev_reread_part+0x1e/0x40 [ 31.376828] [] mutex_lock_nested+0xbb/0x870 [ 31.382760] [] ? blkdev_reread_part+0x1e/0x40 [ 31.388868] [] ? mutex_lock_killable_nested+0x960/0x960 [ 31.395847] [] ? __wake_up+0x1e/0x50 [ 31.401175] [] ? _raw_spin_unlock_irqrestore+0x5a/0x70 [ 31.408486] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 31.415292] [] blkdev_reread_part+0x1e/0x40 [ 31.421227] [] loop_reread_partitions+0x78/0xe0 [ 31.427506] [] loop_set_status+0x995/0xfc0 [ 31.433351] [] loop_set_status_compat+0x9a/0x100 [ 31.439722] [] ? loop_set_status+0xfc0/0xfc0 [ 31.445741] [] lo_compat_ioctl+0x114/0x140 [ 31.451587] [] ? lo_ioctl+0x1990/0x1990 [ 31.457174] [] compat_blkdev_ioctl+0x3e3/0x3bc0 [ 31.463456] [] ? cfq_dispatch_requests+0x2f40/0x2f40 [ 31.470172] [] ? __do_page_fault+0x5ec/0xd40 [ 31.476194] [] ? security_file_ioctl+0x89/0xb0 [ 31.482389] [] compat_SyS_ioctl+0x15f/0x2050 [ 31.488417] [] ? cfq_dispatch_requests+0x2f40/0x2f40 [ 31.495130] [] ? do_ioctl+0x60/0x60 [ 31.500372] [] do_fast_syscall_32+0x2f7/0x890 executing program executing program [ 31.506481] [] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 31.513112] [] entry_SYSENTER_compat+0x51/0x60 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program