[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 20.500572] random: sshd: uninitialized urandom read (32 bytes read, 32 bits of entropy available) [?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 24.435419] random: sshd: uninitialized urandom read (32 bytes read, 36 bits of entropy available) [ 24.824372] random: sshd: uninitialized urandom read (32 bytes read, 37 bits of entropy available) [ 25.834796] random: sshd: uninitialized urandom read (32 bytes read, 123 bits of entropy available) [ 25.981262] random: sshd: uninitialized urandom read (32 bytes read, 127 bits of entropy available) [ 30.432685] random: nonblocking pool is initialized Warning: Permanently added '10.128.0.56' (ECDSA) to the list of known hosts. 2018/04/13 18:16:41 parsed 1 programs 2018/04/13 18:16:41 executed programs: 0 [ 31.866109] IPVS: Creating netns size=2552 id=1 [ 32.005998] [ 32.007641] ====================================================== [ 32.013929] [ INFO: possible circular locking dependency detected ] [ 32.020317] 4.4.125-g38f41ec #21 Not tainted [ 32.024695] ------------------------------------------------------- [ 32.031073] syz-executor0/3780 is trying to acquire lock: [ 32.036584] (&bdev->bd_mutex){+.+.+.}, at: [] blkdev_reread_part+0x1e/0x40 [ 32.045711] [ 32.045711] but task is already holding lock: [ 32.051654] (&lo->lo_ctl_mutex#2){+.+.+.}, at: [] lo_compat_ioctl+0x109/0x140 [ 32.061147] [ 32.061147] which lock already depends on the new lock. [ 32.061147] [ 32.069439] [ 32.069439] the existing dependency chain (in reverse order) is: [ 32.077030] -> #2 (&lo->lo_ctl_mutex#2){+.+.+.}: [ 32.082544] [] lock_acquire+0x15e/0x460 [ 32.088791] [] mutex_lock_nested+0xbb/0x850 [ 32.095375] [] lo_release+0x85/0x160 [ 32.101346] [] __blkdev_put+0x5f7/0x7e0 [ 32.107580] [] blkdev_put+0x85/0x550 [ 32.113549] [] blkdev_close+0x8b/0xb0 [ 32.119607] [] __fput+0x233/0x6d0 [ 32.125326] [] ____fput+0x15/0x20 [ 32.131055] [] task_work_run+0x104/0x180 [ 32.137377] [] exit_to_usermode_loop+0x13d/0x160 [ 32.144400] [] syscall_return_slowpath+0x1b5/0x1f0 [ 32.151605] [] int_ret_from_sys_call+0x25/0xa3 [ 32.158447] -> #1 (loop_index_mutex){+.+.+.}: [ 32.163560] [] lock_acquire+0x15e/0x460 [ 32.169793] [] mutex_lock_nested+0xbb/0x850 [ 32.176380] [] lo_open+0x1b/0xa0 [ 32.182005] [] __blkdev_get+0x2ac/0xdf0 [ 32.188239] [] blkdev_get+0x33d/0x940 [ 32.194302] [] blkdev_open+0x1a5/0x250 [ 32.200450] [] do_dentry_open+0x59b/0xba0 [ 32.206866] [] vfs_open+0x110/0x210 [ 32.212753] [] path_openat+0x923/0x3940 [ 32.218988] [] do_filp_open+0x197/0x290 [ 32.225225] [] do_sys_open+0x369/0x660 [ 32.231467] [] SyS_open+0x2d/0x40 [ 32.237181] [] entry_SYSCALL_64_fastpath+0x22/0x9e [ 32.244389] -> #0 (&bdev->bd_mutex){+.+.+.}: [ 32.249414] [] __lock_acquire+0x371f/0x4b50 [ 32.255999] [] lock_acquire+0x15e/0x460 [ 32.262246] [] mutex_lock_nested+0xbb/0x850 [ 32.268833] [] blkdev_reread_part+0x1e/0x40 [ 32.275414] [] loop_reread_partitions+0x78/0xe0 [ 32.282342] [] loop_set_status+0x995/0xfc0 [ 32.288839] [] loop_set_status_compat+0x9a/0x100 [ 32.295851] [] lo_compat_ioctl+0x114/0x140 [ 32.302360] [] compat_blkdev_ioctl+0x3d4/0x3b10 [ 32.309290] [] compat_SyS_ioctl+0x28a/0x2540 [ 32.315966] [] do_fast_syscall_32+0x321/0x8a0 [ 32.322723] [] sysenter_flags_fixed+0xd/0x17 [ 32.329392] [ 32.329392] other info that might help us debug this: [ 32.329392] [ 32.337516] Chain exists of: &bdev->bd_mutex --> loop_index_mutex --> &lo->lo_ctl_mutex#2 [ 32.347078] Possible unsafe locking scenario: [ 32.347078] [ 32.353106] CPU0 CPU1 [ 32.357852] ---- ---- [ 32.362489] lock(&lo->lo_ctl_mutex#2); [ 32.366919] lock(loop_index_mutex); [ 32.373442] lock(&lo->lo_ctl_mutex#2); [ 32.380355] lock(&bdev->bd_mutex); [ 32.384283] [ 32.384283] *** DEADLOCK *** [ 32.384283] [ 32.390321] 1 lock held by syz-executor0/3780: [ 32.394869] #0: (&lo->lo_ctl_mutex#2){+.+.+.}, at: [] lo_compat_ioctl+0x109/0x140 [ 32.405702] [ 32.405702] stack backtrace: [ 32.410171] CPU: 0 PID: 3780 Comm: syz-executor0 Not tainted 4.4.125-g38f41ec #21 [ 32.417758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 32.427171] 0000000000000000 f14c62a8e82f40b3 ffff8801d344f5e8 ffffffff81d067bd [ 32.435257] ffffffff85188b10 ffffffff851880f0 ffffffff851b0fb0 ffff8801c8193908 [ 32.443275] ffff8801c8193000 ffff8801d344f630 ffffffff81234081 ffff8801c8193908 [ 32.451251] Call Trace: [ 32.453807] [] dump_stack+0xc1/0x124 [ 32.459145] [] print_circular_bug+0x271/0x310 [ 32.465355] [] __lock_acquire+0x371f/0x4b50 [ 32.471298] [] ? save_stack_trace+0x26/0x50 [ 32.477239] [] ? save_stack+0x43/0xd0 [ 32.482665] [] ? kasan_slab_free+0x72/0xc0 [ 32.488518] [] ? kfree+0xfc/0x300 [ 32.493591] [] ? kobject_uevent_env+0x24f/0xb40 [ 32.499878] [] ? debug_check_no_locks_freed+0x2c0/0x2c0 [ 32.506862] [] ? __lock_acquire+0xb5f/0x4b50 [ 32.512891] [] ? __lock_is_held+0xa1/0xf0 [ 32.518659] [] lock_acquire+0x15e/0x460 [ 32.524256] [] ? blkdev_reread_part+0x1e/0x40 [ 32.530373] [] ? blkdev_reread_part+0x1e/0x40 [ 32.536491] [] mutex_lock_nested+0xbb/0x850 [ 32.542434] [] ? blkdev_reread_part+0x1e/0x40 [ 32.548549] [] ? __ww_mutex_lock+0x14f0/0x14f0 [ 32.554752] [] ? _raw_spin_unlock_irqrestore+0x5a/0x70 [ 32.561645] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 32.568455] [] blkdev_reread_part+0x1e/0x40 [ 32.574395] [] loop_reread_partitions+0x78/0xe0 [ 32.580684] [] loop_set_status+0x995/0xfc0 [ 32.586538] [] loop_set_status_compat+0x9a/0x100 [ 32.592914] [] ? loop_set_status+0xfc0/0xfc0 [ 32.598945] [] lo_compat_ioctl+0x114/0x140 [ 32.604798] [] ? lo_ioctl+0x19c0/0x19c0 [ 32.610403] [] compat_blkdev_ioctl+0x3d4/0x3b10 [ 32.616693] [] ? cfq_dispatch_requests+0x2fa0/0x2fa0 [ 32.623426] [] ? exit_robust_list+0x240/0x240 [ 32.629543] [] ? SyS_memfd_create+0x258/0x2e0 [ 32.635666] [] ? sysenter_flags_fixed+0xd/0x17 [ 32.641870] [] ? security_file_ioctl+0x89/0xb0 [ 32.648073] [] compat_SyS_ioctl+0x28a/0x2540 [ 32.654111] [] ? _raw_spin_unlock_irqrestore+0x5a/0x70 [ 32.661009] [] ? cfq_dispatch_requests+0x2fa0/0x2fa0 [ 32.667750] [] ? compat_SyS_ppoll+0x420/0x420 [ 32.673873] [] ? _raw_spin_unlock_irqrestore+0x45/0x70 [ 32.680781] [] ? debug_check_no_obj_freed+0x2d2/0x9b0 [ 32.687597] [] ? compat_SyS_futex+0x1f9/0x2a0 [ 32.693712] [] ? compat_SyS_get_robust_list+0x300/0x300 [ 32.700696] [] ? SyS_memfd_create+0x258/0x2e0 [ 32.706811] [] ? kasan_slab_free+0x88/0xc0 [ 32.712679] [] ? kfree+0xfc/0x300 [ 32.717755] [] ? do_fast_syscall_32+0xd7/0x8a0 [ 32.723968] [] ? compat_SyS_ppoll+0x420/0x420 [ 32.730082] [] do_fast_syscall_32+0x321/0x8a0 [ 32.736205] [] sysenter_flags_fixed+0xd/0x17