[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 16.488578] random: sshd: uninitialized urandom read (32 bytes read, 34 bits of entropy available) [?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 20.329661] random: sshd: uninitialized urandom read (32 bytes read, 38 bits of entropy available) [ 20.614911] random: sshd: uninitialized urandom read (32 bytes read, 39 bits of entropy available) [ 21.442579] random: sshd: uninitialized urandom read (32 bytes read, 95 bits of entropy available) [ 21.616069] random: sshd: uninitialized urandom read (32 bytes read, 101 bits of entropy available) Warning: Permanently added '10.128.15.226' (ECDSA) to the list of known hosts. [ 26.997155] random: sshd: uninitialized urandom read (32 bytes read, 105 bits of entropy available) executing program [ 27.122357] [ 27.124005] ====================================================== [ 27.130284] [ INFO: possible circular locking dependency detected ] [ 27.136651] 4.4.107-g610c835 #4 Not tainted [ 27.140931] ------------------------------------------------------- [ 27.147298] syzkaller011742/3320 is trying to acquire lock: [ 27.152966] (&bdev->bd_mutex){+.+.+.}, at: [] blkdev_reread_part+0x1e/0x40 [ 27.162045] [ 27.162045] but task is already holding lock: [ 27.167976] (&lo->lo_ctl_mutex#2){+.+...}, at: [] lo_compat_ioctl+0x109/0x140 [ 27.177417] [ 27.177417] which lock already depends on the new lock. [ 27.177417] [ 27.185700] [ 27.185700] the existing dependency chain (in reverse order) is: [ 27.193281] -> #1 (&lo->lo_ctl_mutex#2){+.+...}: [ 27.198725] [] lock_acquire+0x15e/0x460 [ 27.204947] [] mutex_lock_nested+0xbb/0x850 [ 27.211516] [] lo_release+0x6b/0x140 [ 27.217473] [] __blkdev_put+0x5f7/0x7e0 [ 27.223693] [] blkdev_put+0x85/0x550 [ 27.229649] [] blkdev_close+0x8b/0xb0 [ 27.235693] [] __fput+0x233/0x6d0 [ 27.241391] [] ____fput+0x15/0x20 [ 27.247102] [] task_work_run+0x104/0x180 [ 27.253417] [] exit_to_usermode_loop+0x145/0x170 [ 27.260414] [] syscall_return_slowpath+0x1b5/0x1f0 [ 27.267585] [] int_ret_from_sys_call+0x25/0x9f [ 27.274412] -> #0 (&bdev->bd_mutex){+.+.+.}: [ 27.279420] [] __lock_acquire+0x371f/0x4b50 [ 27.285986] [] lock_acquire+0x15e/0x460 [ 27.292223] [] mutex_lock_nested+0xbb/0x850 [ 27.299101] [] blkdev_reread_part+0x1e/0x40 [ 27.305678] [] loop_reread_partitions+0x78/0xe0 [ 27.312589] [] loop_set_status+0x995/0xfc0 [ 27.319067] [] loop_set_status_compat+0x9a/0x100 [ 27.326064] [] lo_compat_ioctl+0x114/0x140 [ 27.332540] [] compat_blkdev_ioctl+0x3d4/0x3b10 [ 27.339456] [] compat_SyS_ioctl+0x28a/0x2540 [ 27.346112] [] do_fast_syscall_32+0x314/0x890 [ 27.352855] [] sysenter_flags_fixed+0xd/0x17 [ 27.359510] [ 27.359510] other info that might help us debug this: [ 27.359510] [ 27.367614] Possible unsafe locking scenario: [ 27.367614] [ 27.373632] CPU0 CPU1 [ 27.378260] ---- ---- [ 27.382886] lock(&lo->lo_ctl_mutex#2); [ 27.387244] lock(&bdev->bd_mutex); [ 27.393660] lock(&lo->lo_ctl_mutex#2); [ 27.400543] lock(&bdev->bd_mutex); [ 27.404440] [ 27.404440] *** DEADLOCK *** [ 27.404440] [ 27.410462] 1 lock held by syzkaller011742/3320: [ 27.415179] #0: (&lo->lo_ctl_mutex#2){+.+...}, at: [] lo_compat_ioctl+0x109/0x140 [ 27.425173] [ 27.425173] stack backtrace: [ 27.429634] CPU: 0 PID: 3320 Comm: syzkaller011742 Not tainted 4.4.107-g610c835 #4 [ 27.437302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 27.447141] 0000000000000000 e7a73432b014e966 ffff8801d256f5e8 ffffffff81d0457d [ 27.455097] ffffffff85178be0 ffffffff85178be0 ffffffff851a4680 ffff8800b521e798 [ 27.463039] ffff8800b521df00 ffff8801d256f630 ffffffff812309f1 ffff8800b521e798 [ 27.470988] Call Trace: [ 27.473540] [] dump_stack+0xc1/0x124 [ 27.478868] [] print_circular_bug+0x271/0x310 [ 27.484974] [] __lock_acquire+0x371f/0x4b50 [ 27.490908] [] ? debug_check_no_locks_freed+0x2c0/0x2c0 [ 27.497885] [] ? debug_check_no_locks_freed+0x2c0/0x2c0 [ 27.504861] [] ? __lock_acquire+0xb5f/0x4b50 [ 27.510884] [] ? __lock_is_held+0xa1/0xf0 [ 27.516660] [] lock_acquire+0x15e/0x460 [ 27.522277] [] ? blkdev_reread_part+0x1e/0x40 [ 27.528385] [] ? blkdev_reread_part+0x1e/0x40 [ 27.534497] [] mutex_lock_nested+0xbb/0x850 [ 27.540429] [] ? blkdev_reread_part+0x1e/0x40 [ 27.546537] [] ? __ww_mutex_lock+0x14f0/0x14f0 [ 27.552732] [] ? _raw_spin_unlock_irqrestore+0x5a/0x70 [ 27.559628] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 27.566431] [] blkdev_reread_part+0x1e/0x40 [ 27.572368] [] loop_reread_partitions+0x78/0xe0 [ 27.578646] [] loop_set_status+0x995/0xfc0 [ 27.584494] [] loop_set_status_compat+0x9a/0x100 [ 27.590861] [] ? loop_set_status+0xfc0/0xfc0 [ 27.596885] [] ? putname+0xee/0x130 [ 27.602127] [] lo_compat_ioctl+0x114/0x140 [ 27.607978] [] ? lo_ioctl+0x19c0/0x19c0 [ 27.613564] [] compat_blkdev_ioctl+0x3d4/0x3b10 [ 27.619846] [] ? debug_check_no_obj_freed+0x166/0x9b0 [ 27.626649] [] ? cfq_dispatch_requests+0x2fa0/0x2fa0 [ 27.633370] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 27.640178] [] ? security_file_ioctl+0x89/0xb0 [ 27.646378] [] compat_SyS_ioctl+0x28a/0x2540 [ 27.652402] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 27.659209] [] ? cfq_dispatch_requests+0x2fa0/0x2fa0 [ 27.665927] [] ? compat_SyS_ppoll+0x420/0x420 [ 27.672035] [] ? putname+0xee/0x130 [ 27.677277] [] ? rcu_read_lock_sched_held+0x103/0x120 [ 27.684083] [] ? kmem_cache_free+0x2a4/0x320 [ 27.690106] [] ? putname+0xf3/0x130 [ 27.695349] [] ? do_sys_open+0x23f/0x4b0 [ 27.701030] [] ? filp_open+0x70/0x70 [ 27.706363] [] ? __do_page_fault+0x380/0xa00 [ 27.712390] [] ? do_fast_syscall_32+0xd7/0x890 [ 27.718593] [] ? compat_SyS_ppoll+0x420/0x420 [ 2