[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 19.888468] random: sshd: uninitialized urandom read (32 bytes read, 32 bits of entropy available) [?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 24.817029] random: sshd: uninitialized urandom read (32 bytes read, 38 bits of entropy available) [ 25.239665] random: sshd: uninitialized urandom read (32 bytes read, 38 bits of entropy available) [ 26.223508] random: sshd: uninitialized urandom read (32 bytes read, 115 bits of entropy available) [ 39.947770] random: sshd: uninitialized urandom read (32 bytes read, 125 bits of entropy available) Warning: Permanently added '10.128.0.53' (ECDSA) to the list of known hosts. [ 45.453172] random: sshd: uninitialized urandom read (32 bytes read, 127 bits of entropy available) 2018/04/13 07:19:13 parsed 1 programs 2018/04/13 07:19:13 executed programs: 0 [ 45.869916] IPVS: Creating netns size=2552 id=1 [ 50.506703] random: nonblocking pool is initialized 2018/04/13 07:19:18 executed programs: 21 2018/04/13 07:19:23 executed programs: 42 2018/04/13 07:19:28 executed programs: 63 2018/04/13 07:19:33 executed programs: 84 2018/04/13 07:19:38 executed programs: 105 2018/04/13 07:19:43 executed programs: 127 2018/04/13 07:19:49 executed programs: 148 [ 86.687970] [ 86.689651] ====================================================== [ 86.695939] [ INFO: possible circular locking dependency detected ] [ 86.702334] 4.4.125-g38f41ec #21 Not tainted [ 86.706715] ------------------------------------------------------- [ 86.713091] syz-executor0/5429 is trying to acquire lock: [ 86.718601] (&bdev->bd_mutex){+.+.+.}, at: [] blkdev_reread_part+0x1e/0x40 [ 86.727728] [ 86.727728] but task is already holding lock: [ 86.733669] (&lo->lo_ctl_mutex#2){+.+.+.}, at: [] lo_compat_ioctl+0x109/0x140 [ 86.743176] [ 86.743176] which lock already depends on the new lock. [ 86.743176] [ 86.751483] [ 86.751483] the existing dependency chain (in reverse order) is: [ 86.759084] -> #2 (&lo->lo_ctl_mutex#2){+.+.+.}: [ 86.764612] [] lock_acquire+0x15e/0x460 [ 86.770847] [] mutex_lock_nested+0xbb/0x850 [ 86.777429] [] lo_release+0x85/0x160 [ 86.783411] [] __blkdev_put+0x5f7/0x7e0 [ 86.789662] [] blkdev_put+0x85/0x550 [ 86.795638] [] blkdev_close+0x8b/0xb0 [ 86.801700] [] __fput+0x233/0x6d0 [ 86.807424] [] ____fput+0x15/0x20 [ 86.813135] [] task_work_run+0x104/0x180 [ 86.819456] [] exit_to_usermode_loop+0x13d/0x160 [ 86.826472] [] syscall_return_slowpath+0x1b5/0x1f0 [ 86.833668] [] int_ret_from_sys_call+0x25/0xa3 [ 86.840522] -> #1 (loop_index_mutex){+.+.+.}: [ 86.845643] [] lock_acquire+0x15e/0x460 [ 86.851877] [] mutex_lock_nested+0xbb/0x850 [ 86.858471] [] lo_open+0x1b/0xa0 [ 86.864102] [] __blkdev_get+0x2ac/0xdf0 [ 86.870336] [] blkdev_get+0x33d/0x940 [ 86.876397] [] blkdev_open+0x1a5/0x250 [ 86.882544] [] do_dentry_open+0x59b/0xba0 [ 86.888956] [] vfs_open+0x110/0x210 [ 86.894854] [] path_openat+0x923/0x3940 [ 86.901091] [] do_filp_open+0x197/0x290 [ 86.907338] [] do_sys_open+0x369/0x660 [ 86.913495] [] SyS_open+0x2d/0x40 [ 86.919209] [] entry_SYSCALL_64_fastpath+0x22/0x9e [ 86.926402] -> #0 (&bdev->bd_mutex){+.+.+.}: [ 86.931426] [] __lock_acquire+0x371f/0x4b50 [ 86.938013] [] lock_acquire+0x15e/0x460 [ 86.944252] [] mutex_lock_nested+0xbb/0x850 [ 86.950838] [] blkdev_reread_part+0x1e/0x40 [ 86.957424] [] loop_reread_partitions+0x78/0xe0 [ 86.964358] [] loop_set_status+0x995/0xfc0 [ 86.970862] [] loop_set_status_compat+0x9a/0x100 [ 86.977884] [] lo_compat_ioctl+0x114/0x140 [ 86.984381] [] compat_blkdev_ioctl+0x3d4/0x3b10 [ 86.991333] [] compat_SyS_ioctl+0x28a/0x2540 [ 86.998000] [] do_fast_syscall_32+0x321/0x8a0 [ 87.004758] [] sysenter_flags_fixed+0xd/0x17 [ 87.011430] [ 87.011430] other info that might help us debug this: [ 87.011430] [ 87.019558] Chain exists of: &bdev->bd_mutex --> loop_index_mutex --> &lo->lo_ctl_mutex#2 [ 87.029130] Possible unsafe locking scenario: [ 87.029130] [ 87.035158] CPU0 CPU1 [ 87.039794] ---- ---- [ 87.044430] lock(&lo->lo_ctl_mutex#2); [ 87.048824] lock(loop_index_mutex); [ 87.055363] lock(&lo->lo_ctl_mutex#2); [ 87.062272] lock(&bdev->bd_mutex); [ 87.066207] [ 87.066207] *** DEADLOCK *** [ 87.066207] [ 87.072241] 1 lock held by syz-executor0/5429: [ 87.076790] #0: (&lo->lo_ctl_mutex#2){+.+.+.}, at: [] lo_compat_ioctl+0x109/0x140 [ 87.086858] [ 87.086858] stack backtrace: [ 87.091325] CPU: 1 PID: 5429 Comm: syz-executor0 Not tainted 4.4.125-g38f41ec #21 [ 87.098915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 87.108242] 0000000000000000 16268a0da358aa29 ffff8801d6c8f5e8 ffffffff81d067bd [ 87.116244] ffffffff85188b10 ffffffff851880f0 ffffffff851b0fb0 ffff8801d7d5a108 [ 87.124235] ffff8801d7d59800 ffff8801d6c8f630 ffffffff81234081 ffff8801d7d5a108 [ 87.132218] Call Trace: [ 87.134784] [] dump_stack+0xc1/0x124 [ 87.140130] [] print_circular_bug+0x271/0x310 [ 87.146249] [] __lock_acquire+0x371f/0x4b50 [ 87.152192] [] ? save_stack_trace+0x26/0x50 [ 87.158148] [] ? save_stack+0x43/0xd0 [ 87.163587] [] ? kasan_slab_free+0x72/0xc0 [ 87.169445] [] ? kfree+0xfc/0x300 [ 87.174520] [] ? kobject_uevent_env+0x24f/0xb40 [ 87.180810] [] ? debug_check_no_locks_freed+0x2c0/0x2c0 [ 87.187801] [] ? __lock_acquire+0xb5f/0x4b50 [ 87.193828] [] ? __lock_is_held+0xa1/0xf0 [ 87.199594] [] lock_acquire+0x15e/0x460 [ 87.205187] [] ? blkdev_reread_part+0x1e/0x40 [ 87.211312] [] ? blkdev_reread_part+0x1e/0x40 [ 87.217431] [] mutex_lock_nested+0xbb/0x850 [ 87.223372] [] ? blkdev_reread_part+0x1e/0x40 [ 87.229487] [] ? __ww_mutex_lock+0x14f0/0x14f0 [ 87.235690] [] ? _raw_spin_unlock_irqrestore+0x5a/0x70 [ 87.242608] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 87.249419] [] blkdev_reread_part+0x1e/0x40 [ 87.255373] [] loop_reread_partitions+0x78/0xe0 [ 87.261663] [] loop_set_status+0x995/0xfc0 [ 87.267520] [] loop_set_status_compat+0x9a/0x100 [ 87.273897] [] ? loop_set_status+0xfc0/0xfc0 [ 87.279929] [] ? kmem_cache_free+0xc7/0x320 [ 87.285872] [] ? putname+0xee/0x130 [ 87.291121] [] lo_compat_ioctl+0x114/0x140 [ 87.296979] [] ? lo_ioctl+0x19c0/0x19c0 [ 87.302591] [] compat_blkdev_ioctl+0x3d4/0x3b10 [ 87.308899] [] ? __fget+0x213/0x3b0 [ 87.314158] [] ? cfq_dispatch_requests+0x2fa0/0x2fa0 [ 87.320882] [] ? __fget+0x23a/0x3b0 [ 87.326130] [] ? __fget+0x47/0x3b0 [ 87.331293] [] ? security_file_ioctl+0x89/0xb0 [ 87.337497] [] compat_SyS_ioctl+0x28a/0x2540 [ 87.343525] [] ? putname+0xee/0x130 [ 87.348772] [] ? cfq_dispatch_requests+0x2fa0/0x2fa0 [ 87.355504] [] ? compat_SyS_ppoll+0x420/0x420 [ 87.361620] [] ? kmem_cache_free+0x2a4/0x320 [ 87.367647] [] ? putname+0xf3/0x130 [ 87.372897] [] ? compat_SyS_futex+0x1f9/0x2a0 [ 87.379012] [] ? compat_SyS_get_robust_list+0x300/0x300 2018/04/13 07:19:55 executed programs: 170 [ 87.385995] [] ? do_fast_syscall_32+0xd7/0x8a0 [ 87.392197] [] ? compat_SyS_ppoll+0x420/0x420 [ 87.398326] [] do_fast_syscall_32+0x321/0x8a0 [ 87.404445] [] sysenter_flags_fixed+0xd/0x17 2018/04/13 07:20:00 executed programs: 191