INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.13' (ECDSA) to the list of known hosts. 2018/04/13 17:42:08 parsed 1 programs 2018/04/13 17:42:08 executed programs: 0 syzkaller login: [ 26.239688] IPVS: Creating netns size=2536 id=1 [ 26.374452] [ 26.376117] ====================================================== [ 26.382400] [ INFO: possible circular locking dependency detected ] [ 26.388773] 4.9.93-gcb02358 #2 Not tainted [ 26.393007] ------------------------------------------------------- [ 26.399389] syz-executor0/3781 is trying to acquire lock: [ 26.404893] (&bdev->bd_mutex){+.+.+.}, at: [] blkdev_reread_part+0x1e/0x40 [ 26.413893] but task is already holding lock: [ 26.418530] (&lo->lo_ctl_mutex#2){+.+.+.}, at: [] lo_compat_ioctl+0x110/0x140 [ 26.427899] which lock already depends on the new lock. [ 26.427899] [ 26.434881] [ 26.434881] the existing dependency chain (in reverse order) is: [ 26.442472] -> #2 (&lo->lo_ctl_mutex#2){+.+.+.}: [ 26.447966] lock_acquire+0x130/0x3e0 [ 26.452259] mutex_lock_nested+0xc0/0x870 [ 26.456898] lo_release+0x85/0x160 [ 26.460931] __blkdev_put+0x636/0x840 [ 26.465221] blkdev_put+0x85/0x560 [ 26.469249] blkdev_close+0x8b/0xb0 [ 26.473378] __fput+0x263/0x700 [ 26.477147] ____fput+0x15/0x20 [ 26.480920] task_work_run+0x10c/0x180 [ 26.485307] exit_to_usermode_loop+0xfc/0x120 [ 26.490294] do_syscall_64+0x364/0x490 [ 26.494674] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 26.500280] -> #1 (loop_index_mutex){+.+.+.}: [ 26.505395] lock_acquire+0x130/0x3e0 [ 26.509687] mutex_lock_nested+0xc0/0x870 [ 26.514337] lo_open+0x1b/0xa0 [ 26.518021] __blkdev_get+0x263/0xd60 [ 26.522313] blkdev_get+0x2da/0x920 [ 26.526431] blkdev_open+0x1a5/0x250 [ 26.530635] do_dentry_open+0x703/0xc80 [ 26.535097] vfs_open+0x11c/0x210 [ 26.539041] path_openat+0x758/0x3590 [ 26.543338] do_filp_open+0x197/0x270 [ 26.547628] do_sys_open+0x310/0x5c0 [ 26.551833] SyS_open+0x2d/0x40 [ 26.555614] do_syscall_64+0x1a6/0x490 [ 26.559992] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 26.565584] -> #0 (&bdev->bd_mutex){+.+.+.}: [ 26.570625] __lock_acquire+0x301c/0x4080 [ 26.575262] lock_acquire+0x130/0x3e0 [ 26.579554] mutex_lock_nested+0xc0/0x870 [ 26.584203] blkdev_reread_part+0x1e/0x40 [ 26.588847] loop_reread_partitions+0x7c/0x90 [ 26.593833] loop_set_status+0x9c7/0xfc0 [ 26.598386] loop_set_status_compat+0x9a/0xf0 [ 26.603373] lo_compat_ioctl+0x11b/0x140 [ 26.607925] compat_blkdev_ioctl+0x3a5/0x3ad0 [ 26.612911] compat_SyS_ioctl+0x126/0x1fe0 [ 26.617637] do_fast_syscall_32+0x2f7/0x870 [ 26.622451] entry_SYSENTER_compat+0x90/0xa2 [ 26.627355] [ 26.627355] other info that might help us debug this: [ 26.627355] [ 26.635471] Chain exists of: &bdev->bd_mutex --> loop_index_mutex --> &lo->lo_ctl_mutex#2 [ 26.645046] Possible unsafe locking scenario: [ 26.645046] [ 26.651074] CPU0 CPU1 [ 26.655709] ---- ---- [ 26.660345] lock(&lo->lo_ctl_mutex#2); [ 26.664733] lock(loop_index_mutex); [ 26.671261] lock(&lo->lo_ctl_mutex#2); [ 26.678161] lock(&bdev->bd_mutex); [ 26.682080] [ 26.682080] *** DEADLOCK *** [ 26.682080] [ 26.688108] 1 lock held by syz-executor0/3781: [ 26.692664] #0: (&lo->lo_ctl_mutex#2){+.+.+.}, at: [] lo_compat_ioctl+0x110/0x140 [ 26.702584] [ 26.702584] stack backtrace: [ 26.707051] CPU: 1 PID: 3781 Comm: syz-executor0 Not tainted 4.9.93-gcb02358 #2 [ 26.714466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 26.723791] ffff8801d9067788 ffffffff81d9c249 ffffffff8538b670 ffffffff853b5610 [ 26.731772] ffffffff8538aaa0 ffff8801b7ae08e0 ffff8801b7ae0000 ffff8801d90677d0 [ 26.739765] ffffffff814241ad 0000000000000001 00000000b7ae0000 0000000000000001 [ 26.747743] Call Trace: [ 26.750304] [] dump_stack+0xc1/0x128 [ 26.755643] [] print_circular_bug.cold.51+0x1bd/0x27d [ 26.762455] [] __lock_acquire+0x301c/0x4080 [ 26.768398] [] ? save_stack_trace+0x16/0x20 [ 26.774350] [] ? save_stack+0x43/0xd0 [ 26.779771] [] ? kasan_slab_free+0x72/0xc0 [ 26.785627] [] ? debug_check_no_locks_freed+0x210/0x210 [ 26.792608] [] ? __lock_acquire+0x654/0x4080 [ 26.798636] [] ? __lock_is_held+0xa2/0xf0 [ 26.804402] [] lock_acquire+0x130/0x3e0 [ 26.809996] [] ? blkdev_reread_part+0x1e/0x40 [ 26.816121] [] ? blkdev_reread_part+0x1e/0x40 [ 26.822238] [] mutex_lock_nested+0xc0/0x870 [ 26.828179] [] ? blkdev_reread_part+0x1e/0x40 [ 26.834294] [] ? mutex_trylock+0x3e0/0x3e0 [ 26.840160] [] ? _raw_spin_unlock_irqrestore+0x5a/0x70 [ 26.847057] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 26.853866] [] blkdev_reread_part+0x1e/0x40 [ 26.859808] [] loop_reread_partitions+0x7c/0x90 [ 26.866094] [] loop_set_status+0x9c7/0xfc0 [ 26.871948] [] loop_set_status_compat+0x9a/0xf0 [ 26.878237] [] ? loop_set_status+0xfc0/0xfc0 [ 26.884265] [] lo_compat_ioctl+0x11b/0x140 [ 26.890119] [] ? lo_ioctl+0x1aa0/0x1aa0 [ 26.895712] [] compat_blkdev_ioctl+0x3a5/0x3ad0 [ 26.902001] [] ? debug_check_no_obj_freed+0x2ec/0x930 [ 26.908812] [] ? cfq_dispatch_requests+0x2ef0/0x2ef0 [ 26.915535] [] ? compat_SyS_futex+0x1e1/0x2f0 [ 26.921652] [] ? security_file_ioctl+0x8