[....] Starting enhanced syslogd: rsyslogd[ 10.451453] audit: type=1400 audit(1514308278.991:4): avc: denied { syslog } for pid=3167 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added 'ci-android-49-kasan-gce-386-3,10.128.0.44' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 18.933829] [ 18.934137] ====================================================== [ 18.934965] [ INFO: possible circular locking dependency detected ] [ 18.935807] 4.9.71-g2506378 #9 Not tainted [ 18.936367] ------------------------------------------------------- [ 18.937220] syzkaller685600/3315 is trying to acquire lock: [ 18.937969] (&bdev->bd_mutex){+.+.+.}, at: [] blkdev_reread_part+0x1e/0x40 [ 18.939210] but task is already holding lock: [ 18.939824] (&lo->lo_ctl_mutex#2){+.+.+.}, at: [] lo_compat_ioctl+0x109/0x140 [ 18.941131] which lock already depends on the new lock. [ 18.941131] [ 18.942047] [ 18.942047] the existing dependency chain (in reverse order) is: [ 18.943044] -> #1 (&lo->lo_ctl_mutex#2){+.+.+.}: [ 18.943877] lock_acquire+0x12e/0x410 [ 18.944452] mutex_lock_nested+0xbb/0x870 [ 18.945087] lo_release+0x6b/0x140 [ 18.945628] __blkdev_put+0x5f7/0x7e0 [ 18.946201] blkdev_put+0x85/0x550 [ 18.946742] blkdev_close+0x8b/0xb0 [ 18.947294] __fput+0x28c/0x6e0 [ 18.947799] ____fput+0x15/0x20 [ 18.948306] task_work_run+0x115/0x190 [ 18.948890] exit_to_usermode_loop+0xfc/0x120 [ 18.949551] syscall_return_slowpath+0x1a0/0x1e0 [ 18.950245] entry_SYSCALL_64_fastpath+0xc4/0xc6 [ 18.950956] -> #0 (&bdev->bd_mutex){+.+.+.}: [ 18.951701] __lock_acquire+0x2bf9/0x3640 [ 18.952318] lock_acquire+0x12e/0x410 [ 18.952891] mutex_lock_nested+0xbb/0x870 [ 18.953512] blkdev_reread_part+0x1e/0x40 [ 18.954136] loop_reread_partitions+0x78/0xe0 [ 18.959114] loop_set_status+0x995/0xfc0 [ 18.963658] loop_set_status_compat+0x9a/0x100 [ 18.968720] lo_compat_ioctl+0x114/0x140 [ 18.973264] compat_blkdev_ioctl+0x3e3/0x3bc0 [ 18.978242] compat_SyS_ioctl+0x15f/0x2050 [ 18.982960] do_fast_syscall_32+0x2f7/0x890 [ 18.987766] entry_SYSENTER_compat+0x51/0x60 [ 18.992658] [ 18.992658] other info that might help us debug this: [ 18.992658] [ 19.000762] Possible unsafe locking scenario: [ 19.000762] [ 19.006779] CPU0 CPU1 [ 19.011407] ---- ---- [ 19.016038] lock(&lo->lo_ctl_mutex#2); [ 19.020397] lock(&bdev->bd_mutex); [ 19.026810] lock(&lo->lo_ctl_mutex#2); [ 19.033682] lock(&bdev->bd_mutex); [ 19.038185] [ 19.038185] *** DEADLOCK *** [ 19.038185] [ 19.044552] 1 lock held by syzkaller685600/3315: [ 19.049272] #0: (&lo->lo_ctl_mutex#2){+.+.+.}, at: [] lo_compat_ioctl+0x109/0x140 [ 19.059154] [ 19.059154] stack backtrace: [ 19.063612] CPU: 0 PID: 3315 Comm: syzkaller685600 Not tainted 4.9.71-g2506378 #9 [ 19.071194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 19.080512] ffff8801c95e7768 ffffffff81d922b9 ffffffff8537a610 ffffffff8537a610 [ 19.088455] ffffffff853a7a00 ffff8801ccbcb8d8 ffff8801ccbcb000 ffff8801c95e77b0 [ 19.096734] ffffffff812367e1 ffff8801ccbcb8d8 00000000ccbcb8b0 ffff8801ccbcb8d8 [ 19.104679] Call Trace: [ 19.107232] [] dump_stack+0xc1/0x128 [ 19.112558] [] print_circular_bug+0x271/0x310 [ 19.118666] [] __lock_acquire+0x2bf9/0x3640 [ 19.124604] [] ? save_stack+0xa3/0xd0 [ 19.130019] [] ? save_stack_trace+0x16/0x20 [ 19.135957] [] ? debug_check_no_locks_freed+0x2c0/0x2c0 [ 19.142933] [] ? __lock_acquire+0x629/0x3640 [ 19.148954] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 19.155758] [] ? __lock_is_held+0xa1/0xf0 [ 19.161518] [] lock_acquire+0x12e/0x410 [ 19.167105] [] ? blkdev_reread_part+0x1e/0x40 [ 19.173210] [] ? blkdev_reread_part+0x1e/0x40 [ 19.179321] [] mutex_lock_nested+0xbb/0x870 [ 19.185256] [] ? blkdev_reread_part+0x1e/0x40 [ 19.191364] [] ? mutex_lock_killable_nested+0x960/0x960 [ 19.198339] [] ? __wake_up+0x1e/0x50 [ 19.203665] [] ? _raw_spin_unlock_irqrestore+0x5a/0x70 [ 19.210553] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 19.217354] [] blkdev_reread_part+0x1e/0x40 [ 19.223287] [] loop_reread_partitions+0x78/0xe0 [ 19.229565] [] loop_set_status+0x995/0xfc0 [ 19.235413] [] loop_set_status_compat+0x9a/0x100 [ 19.241779] [] ? loop_set_status+0xfc0/0xfc0 [ 19.247798] [] lo_compat_ioctl+0x114/0x140 [ 19.253644] [] ? lo_ioctl+0x1990/0x1990 [ 19.259233] [] compat_blkdev_ioctl+0x3e3/0x3bc0 [ 19.265514] [] ? assoc_array_insert+0x882/0x2ed0 [ 19.271880] [] ? cfq_dispatch_requests+0x2f40/0x2f40 [ 19.278596] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 19.285397] [] ? trace_hardirqs_on+0xd/0x10 [ 19.291330] [] ? security_file_ioctl+0x89/0xb0 [ 19.297526] [] compat_SyS_ioctl+0x15f/0x2050 [ 19.303546] [] ? kfree+0x103/0x300 [ 19.308697] [] ? cfq_dispatch_requests+0x2f40/0x2f40 [ 19.315412] [] ? do_ioctl+0x60/0x60 [ 19.320650] [] do_fast_syscall_32+0x2f7/0x890 [ 19.326755] [] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 19.333391] [