INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.35' (ECDSA) to the list of known hosts. 2018/04/14 15:44:55 parsed 1 programs 2018/04/14 15:44:55 executed programs: 0 syzkaller login: [ 24.841459] IPVS: Creating netns size=2536 id=1 [ 24.971371] [ 24.973040] ====================================================== [ 24.979327] [ INFO: possible circular locking dependency detected ] [ 24.985703] 4.9.93-g2ba4887 #2 Not tainted [ 24.989906] ------------------------------------------------------- [ 24.996281] syz-executor0/3780 is trying to acquire lock: [ 25.001787] (&bdev->bd_mutex){+.+.+.}, at: [] blkdev_reread_part+0x1e/0x40 [ 25.010833] but task is already holding lock: [ 25.015470] (&lo->lo_ctl_mutex#2){+.+.+.}, at: [] lo_compat_ioctl+0x110/0x140 [ 25.024846] which lock already depends on the new lock. [ 25.024846] [ 25.031829] [ 25.031829] the existing dependency chain (in reverse order) is: [ 25.039432] -> #2 (&lo->lo_ctl_mutex#2){+.+.+.}: [ 25.044949] lock_acquire+0x130/0x3e0 [ 25.049243] mutex_lock_nested+0xc0/0x870 [ 25.053884] lo_release+0x85/0x160 [ 25.057916] __blkdev_put+0x636/0x840 [ 25.062311] blkdev_put+0x85/0x560 [ 25.066342] blkdev_close+0x8b/0xb0 [ 25.070462] __fput+0x263/0x700 [ 25.074235] ____fput+0x15/0x20 [ 25.078007] task_work_run+0x10c/0x180 [ 25.082386] exit_to_usermode_loop+0xfc/0x120 [ 25.087374] do_syscall_64+0x364/0x490 [ 25.091756] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 25.097360] -> #1 (loop_index_mutex){+.+.+.}: [ 25.102487] lock_acquire+0x130/0x3e0 [ 25.106781] mutex_lock_nested+0xc0/0x870 [ 25.111430] lo_open+0x1b/0xa0 [ 25.115117] __blkdev_get+0x263/0xd60 [ 25.119416] blkdev_get+0x2da/0x920 [ 25.123536] blkdev_open+0x1a5/0x250 [ 25.127745] do_dentry_open+0x703/0xc80 [ 25.132210] vfs_open+0x11c/0x210 [ 25.136163] path_openat+0x758/0x3590 [ 25.140455] do_filp_open+0x197/0x270 [ 25.144748] do_sys_open+0x30d/0x5c0 [ 25.148951] SyS_open+0x2d/0x40 [ 25.152723] do_syscall_64+0x1a6/0x490 [ 25.157102] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 25.162693] -> #0 (&bdev->bd_mutex){+.+.+.}: [ 25.167727] __lock_acquire+0x3019/0x4070 [ 25.172367] lock_acquire+0x130/0x3e0 [ 25.176663] mutex_lock_nested+0xc0/0x870 [ 25.181305] blkdev_reread_part+0x1e/0x40 [ 25.185944] loop_reread_partitions+0x7c/0x90 [ 25.190930] loop_set_status+0x9c7/0xfc0 [ 25.195492] loop_set_status_compat+0x9a/0xf0 [ 25.200483] lo_compat_ioctl+0x11b/0x140 [ 25.205042] compat_blkdev_ioctl+0x3a5/0x3ad0 [ 25.210029] compat_SyS_ioctl+0x126/0x1fe0 [ 25.214755] do_fast_syscall_32+0x2f7/0x870 [ 25.219569] entry_SYSENTER_compat+0x90/0xa2 [ 25.224467] [ 25.224467] other info that might help us debug this: [ 25.224467] [ 25.232580] Chain exists of: &bdev->bd_mutex --> loop_index_mutex --> &lo->lo_ctl_mutex#2 [ 25.242147] Possible unsafe locking scenario: [ 25.242147] [ 25.248176] CPU0 CPU1 [ 25.252815] ---- ---- [ 25.257453] lock(&lo->lo_ctl_mutex#2); [ 25.261842] lock(loop_index_mutex); [ 25.268368] lock(&lo->lo_ctl_mutex#2); [ 25.275270] lock(&bdev->bd_mutex); [ 25.279192] [ 25.279192] *** DEADLOCK *** [ 25.279192] [ 25.285223] 1 lock held by syz-executor0/3780: [ 25.289771] #0: (&lo->lo_ctl_mutex#2){+.+.+.}, at: [] lo_compat_ioctl+0x110/0x140 [ 25.299891] [ 25.299891] stack backtrace: [ 25.304372] CPU: 0 PID: 3780 Comm: syz-executor0 Not tainted 4.9.93-g2ba4887 #2 [ 25.311792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 25.321116] ffff8801d9617788 ffffffff81d9aa29 ffffffff8538b670 ffffffff853b5970 [ 25.329098] ffffffff8538aaa0 ffff8801b93250e0 ffff8801b9324800 ffff8801d96177d0 [ 25.337076] ffffffff8142399d 0000000000000001 00000000b9324800 0000000000000001 [ 25.345063] Call Trace: [ 25.347626] [] dump_stack+0xc1/0x128 [ 25.352963] [] print_circular_bug.cold.51+0x1bd/0x27d [ 25.359775] [] __lock_acquire+0x3019/0x4070 [ 25.365717] [] ? save_stack_trace+0x16/0x20 [ 25.371673] [] ? save_stack+0x43/0xd0 [ 25.377095] [] ? kasan_slab_free+0x72/0xc0 [ 25.382950] [] ? debug_check_no_locks_freed+0x210/0x210 [ 25.389933] [] ? __lock_acquire+0x654/0x4070 [ 25.395963] [] ? __lock_is_held+0xa2/0xf0 [ 25.401732] [] lock_acquire+0x130/0x3e0 [ 25.407329] [] ? blkdev_reread_part+0x1e/0x40 [ 25.413444] [] ? blkdev_reread_part+0x1e/0x40 [ 25.419562] [] mutex_lock_nested+0xc0/0x870 [ 25.425505] [] ? blkdev_reread_part+0x1e/0x40 [ 25.431621] [] ? mutex_trylock+0x3e0/0x3e0 [ 25.437479] [] ? _raw_spin_unlock_irqrestore+0x5a/0x70 [ 25.444381] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 25.451191] [] blkdev_reread_part+0x1e/0x40 [ 25.457136] [] loop_reread_partitions+0x7c/0x90 [ 25.463440] [] loop_set_status+0x9c7/0xfc0 [ 25.469308] [] loop_set_status_compat+0x9a/0xf0 [ 25.475600] [] ? loop_set_status+0xfc0/0xfc0 [ 25.481639] [] lo_compat_ioctl+0x11b/0x140 [ 25.487498] [] ? lo_ioctl+0x1aa0/0x1aa0 [ 25.493092] [] compat_blkdev_ioctl+0x3a5/0x3ad0 [ 25.499382] [] ? debug_check_no_obj_freed+0x2ec/0x930 [ 25.506191] [] ? cfq_dispatch_requests+0x2ef0/0x2ef0 [ 25.512916] [] ? compat_SyS_futex+0x1e1/0x2f0 [ 25.519033] [] ? security_file_ioct