INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.41' (ECDSA) to the list of known hosts. 2018/04/14 11:13:49 parsed 1 programs 2018/04/14 11:13:49 executed programs: 0 syzkaller login: [ 25.921839] IPVS: Creating netns size=2536 id=1 [ 25.953567] IPVS: Creating netns size=2536 id=2 [ 25.975059] IPVS: Creating netns size=2536 id=3 [ 25.996771] IPVS: Creating netns size=2536 id=4 [ 26.018038] IPVS: Creating netns size=2536 id=5 [ 26.050079] IPVS: Creating netns size=2536 id=6 [ 26.075395] IPVS: Creating netns size=2536 id=7 [ 26.098161] IPVS: Creating netns size=2536 id=8 [ 26.219047] [ 26.220713] ====================================================== [ 26.227021] [ INFO: possible circular locking dependency detected ] [ 26.233397] 4.9.93-g2ba4887 #2 Not tainted [ 26.237602] ------------------------------------------------------- [ 26.243986] syz-executor1/3821 is trying to acquire lock: [ 26.249492] (&bdev->bd_mutex){+.+.+.}, at: [] blkdev_reread_part+0x1e/0x40 [ 26.258499] but task is already holding lock: [ 26.263137] (&lo->lo_ctl_mutex#2){+.+.+.}, at: [] lo_compat_ioctl+0x110/0x140 [ 26.272514] which lock already depends on the new lock. [ 26.272514] [ 26.279502] [ 26.279502] the existing dependency chain (in reverse order) is: [ 26.287103] -> #2 (&lo->lo_ctl_mutex#2){+.+.+.}: [ 26.292631] lock_acquire+0x130/0x3e0 [ 26.296926] mutex_lock_nested+0xc0/0x870 [ 26.301567] lo_release+0x85/0x160 [ 26.305600] __blkdev_put+0x636/0x840 [ 26.309892] blkdev_put+0x85/0x560 [ 26.313923] blkdev_close+0x8b/0xb0 [ 26.318051] __fput+0x263/0x700 [ 26.321823] ____fput+0x15/0x20 [ 26.325597] task_work_run+0x10c/0x180 [ 26.329977] exit_to_usermode_loop+0xfc/0x120 [ 26.334962] do_syscall_64+0x364/0x490 [ 26.339341] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 26.344934] -> #1 (loop_index_mutex){+.+.+.}: [ 26.350071] lock_acquire+0x130/0x3e0 [ 26.354373] mutex_lock_nested+0xc0/0x870 [ 26.359013] lo_open+0x1b/0xa0 [ 26.362697] __blkdev_get+0x263/0xd60 [ 26.366998] blkdev_get+0x2da/0x920 [ 26.371122] blkdev_open+0x1a5/0x250 [ 26.375327] do_dentry_open+0x703/0xc80 [ 26.379794] vfs_open+0x11c/0x210 [ 26.383739] path_openat+0x758/0x3590 [ 26.388052] do_filp_open+0x197/0x270 [ 26.392345] do_sys_open+0x30d/0x5c0 [ 26.396550] SyS_open+0x2d/0x40 [ 26.400325] do_syscall_64+0x1a6/0x490 [ 26.404713] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 26.410305] -> #0 (&bdev->bd_mutex){+.+.+.}: [ 26.415351] __lock_acquire+0x3019/0x4070 [ 26.419990] lock_acquire+0x130/0x3e0 [ 26.424284] mutex_lock_nested+0xc0/0x870 [ 26.428926] blkdev_reread_part+0x1e/0x40 [ 26.433566] loop_reread_partitions+0x7c/0x90 [ 26.438554] loop_set_status+0x9c7/0xfc0 [ 26.443109] loop_set_status_compat+0x9a/0xf0 [ 26.448098] lo_compat_ioctl+0x11b/0x140 [ 26.452655] compat_blkdev_ioctl+0x3a5/0x3ad0 [ 26.457654] compat_SyS_ioctl+0x126/0x1fe0 [ 26.462382] do_fast_syscall_32+0x2f7/0x870 [ 26.467197] entry_SYSENTER_compat+0x90/0xa2 [ 26.472095] [ 26.472095] other info that might help us debug this: [ 26.472095] [ 26.480210] Chain exists of: &bdev->bd_mutex --> loop_index_mutex --> &lo->lo_ctl_mutex#2 [ 26.489813] Possible unsafe locking scenario: [ 26.489813] [ 26.495846] CPU0 CPU1 [ 26.500489] ---- ---- [ 26.505126] lock(&lo->lo_ctl_mutex#2); [ 26.509523] lock(loop_index_mutex); [ 26.516068] lock(&lo->lo_ctl_mutex#2); [ 26.522990] lock(&bdev->bd_mutex); [ 26.526920] [ 26.526920] *** DEADLOCK *** [ 26.526920] [ 26.532954] 1 lock held by syz-executor1/3821: [ 26.537510] #0: (&lo->lo_ctl_mutex#2){+.+.+.}, at: [] lo_compat_ioctl+0x110/0x140 [ 26.547472] [ 26.547472] stack backtrace: [ 26.551943] CPU: 0 PID: 3821 Comm: syz-executor1 Not tainted 4.9.93-g2ba4887 #2 [ 26.559363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 26.568692] ffff8801d9227788 ffffffff81d9aa29 ffffffff8538b670 ffffffff853b61e0 [ 26.576675] ffffffff8538aaa0 ffff8801d92aa0e0 ffff8801d92a9800 ffff8801d92277d0 [ 26.584661] ffffffff8142399d 0000000000000001 00000000d92a9800 0000000000000001 [ 26.592648] Call Trace: [ 26.595216] [] dump_stack+0xc1/0x128 [ 26.600562] [] print_circular_bug.cold.51+0x1bd/0x27d [ 26.607379] [] __lock_acquire+0x3019/0x4070 [ 26.613322] [] ? save_stack_trace+0x16/0x20 [ 26.619267] [] ? save_stack+0x43/0xd0 [ 26.624689] [] ? kasan_slab_free+0x72/0xc0 [ 26.630548] [] ? debug_check_no_locks_freed+0x210/0x210 [ 26.637538] [] ? __lock_acquire+0x654/0x4070 [ 26.643575] [] ? __lock_is_held+0xa2/0xf0 [ 26.649346] [] lock_acquire+0x130/0x3e0 [ 26.654945] [] ? blkdev_reread_part+0x1e/0x40 [ 26.661065] [] ? blkdev_reread_part+0x1e/0x40 [ 26.667184] [] mutex_lock_nested+0xc0/0x870 [ 26.673302] [] ? blkdev_reread_part+0x1e/0x40 [ 26.679818] [] ? mutex_trylock+0x3e0/0x3e0 [ 26.685680] [] ? _raw_spin_unlock_irqrestore+0x5a/0x70 [ 26.692586] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 26.699400] [] blkdev_reread_part+0x1e/0x40 [ 26.705354] [] loop_reread_partitions+0x7c/0x90 [ 26.711647] [] loop_set_status+0x9c7/0xfc0 [ 26.717504] [] loop_set_status_compat+0x9a/0xf0 [ 26.723796] [] ? loop_set_status+0xfc0/0xfc0 [ 26.729836] [] lo_compat_ioctl+0x11b/0x140 [ 26.735694] [] ? lo_ioctl+0x1aa0/0x1aa0 [ 26.741297] [] compat_blkdev_ioctl+0x3a5/0x3ad0 [ 26.747602] [] ? cfq_dispatch_requests+0x2ef0/0x2ef0 [ 26.754334] [] ? compat_SyS_futex+0x1e1/0x2f0 [ 26.760460] [] ? security_file_ioctl+0x8f/0xc0 [ 26.766665] [] compat_SyS_ioctl+0x126/0x1fe0 [ 26.772699] [] ? cfq_dispatch_requests+0x2ef0/0x2ef0 [ 26.779433] [] ? do_ioctl+0x60/0x60 [ 26.784703] [] do_fast_syscall_32+0x2f7/0x870 [ 26.790838] [] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 26.797480] [] entry_SYSENTER_compat+0x90/0xa2 2018/04/14 11:13:54 executed programs: 40 2018/04/14 11:13:59 executed programs: 79