[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 18.880372] random: sshd: uninitialized urandom read (32 bytes read, 32 bits of entropy available) [?25l[?1c7[ ok 8[?25h[?0c. [ 19.167487] random: sshd: uninitialized urandom read (32 bytes read, 32 bits of entropy available) [ 19.379289] random: sshd: uninitialized urandom read (32 bytes read, 34 bits of entropy available) Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 20.345124] random: sshd: uninitialized urandom read (32 bytes read, 112 bits of entropy available) [ 20.489619] random: sshd: uninitialized urandom read (32 bytes read, 114 bits of entropy available) Warning: Permanently added '10.128.0.23' (ECDSA) to the list of known hosts. [ 25.965514] random: sshd: uninitialized urandom read (32 bytes read, 118 bits of entropy available) 2018/04/14 17:59:59 parsed 1 programs 2018/04/14 17:59:59 executed programs: 0 [ 26.391384] IPVS: Creating netns size=2552 id=1 [ 26.508359] [ 26.510530] ====================================================== [ 26.516820] [ INFO: possible circular locking dependency detected ] [ 26.523197] 4.4.125-g38f41ec #21 Not tainted [ 26.527570] ------------------------------------------------------- [ 26.533945] syz-executor0/3756 is trying to acquire lock: [ 26.539455] (&bdev->bd_mutex){+.+.+.}, at: [] blkdev_reread_part+0x1e/0x40 [ 26.548560] [ 26.548560] but task is already holding lock: [ 26.554505] (&lo->lo_ctl_mutex#2){+.+.+.}, at: [] lo_compat_ioctl+0x109/0x140 [ 26.563982] [ 26.563982] which lock already depends on the new lock. [ 26.563982] [ 26.572265] [ 26.572265] the existing dependency chain (in reverse order) is: [ 26.579851] -> #2 (&lo->lo_ctl_mutex#2){+.+.+.}: [ 26.585323] [] lock_acquire+0x15e/0x460 [ 26.591551] [] mutex_lock_nested+0xbb/0x850 [ 26.598134] [] lo_release+0x85/0x160 [ 26.604104] [] __blkdev_put+0x5f7/0x7e0 [ 26.610351] [] blkdev_put+0x85/0x550 [ 26.616318] [] blkdev_close+0x8b/0xb0 [ 26.622371] [] __fput+0x233/0x6d0 [ 26.628081] [] ____fput+0x15/0x20 [ 26.633788] [] task_work_run+0x104/0x180 [ 26.640104] [] exit_to_usermode_loop+0x13d/0x160 [ 26.647116] [] syscall_return_slowpath+0x1b5/0x1f0 [ 26.654305] [] int_ret_from_sys_call+0x25/0xa3 [ 26.661143] -> #1 (loop_index_mutex){+.+.+.}: [ 26.666251] [] lock_acquire+0x15e/0x460 [ 26.672488] [] mutex_lock_nested+0xbb/0x850 [ 26.679064] [] lo_open+0x1b/0xa0 [ 26.684684] [] __blkdev_get+0x2ac/0xdf0 [ 26.690916] [] blkdev_get+0x33d/0x940 [ 26.696979] [] blkdev_open+0x1a5/0x250 [ 26.703122] [] do_dentry_open+0x59b/0xba0 [ 26.709524] [] vfs_open+0x110/0x210 [ 26.715407] [] path_openat+0x923/0x3940 [ 26.721636] [] do_filp_open+0x197/0x290 [ 26.727864] [] do_sys_open+0x369/0x660 [ 26.734008] [] SyS_open+0x2d/0x40 [ 26.739716] [] entry_SYSCALL_64_fastpath+0x22/0x9e [ 26.746910] -> #0 (&bdev->bd_mutex){+.+.+.}: [ 26.751939] [] __lock_acquire+0x371f/0x4b50 [ 26.758515] [] lock_acquire+0x15e/0x460 [ 26.764744] [] mutex_lock_nested+0xbb/0x850 [ 26.771319] [] blkdev_reread_part+0x1e/0x40 [ 26.777894] [] loop_reread_partitions+0x78/0xe0 [ 26.784818] [] loop_set_status+0x995/0xfc0 [ 26.791308] [] loop_set_status_compat+0x9a/0x100 [ 26.798318] [] lo_compat_ioctl+0x114/0x140 [ 26.804807] [] compat_blkdev_ioctl+0x3d4/0x3b10 [ 26.811734] [] compat_SyS_ioctl+0x28a/0x2540 [ 26.818401] [] do_fast_syscall_32+0x321/0x8a0 [ 26.825158] [] sysenter_flags_fixed+0xd/0x17 [ 26.831820] [ 26.831820] other info that might help us debug this: [ 26.831820] [ 26.839930] Chain exists of: &bdev->bd_mutex --> loop_index_mutex --> &lo->lo_ctl_mutex#2 [ 26.849473] Possible unsafe locking scenario: [ 26.849473] [ 26.855499] CPU0 CPU1 [ 26.860133] ---- ---- [ 26.864814] lock(&lo->lo_ctl_mutex#2); [ 26.869261] lock(loop_index_mutex); [ 26.875785] lock(&lo->lo_ctl_mutex#2); [ 26.882686] lock(&bdev->bd_mutex); [ 26.886601] [ 26.886601] *** DEADLOCK *** [ 26.886601] [ 26.892628] 1 lock held by syz-executor0/3756: [ 26.897176] #0: (&lo->lo_ctl_mutex#2){+.+.+.}, at: [] lo_compat_ioctl+0x109/0x140 [ 26.907203] [ 26.907203] stack backtrace: [ 26.911671] CPU: 0 PID: 3756 Comm: syz-executor0 Not tainted 4.4.125-g38f41ec #21 [ 26.919258] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 26.928581] 0000000000000000 5667ab0ba2368292 ffff8801d46775e8 ffffffff81d067bd [ 26.936559] ffffffff85188b10 ffffffff851880f0 ffffffff851b0fb0 ffff8800ad63d108 [ 26.944520] ffff8800ad63c800 ffff8801d4677630 ffffffff81234081 ffff8800ad63d108 [ 26.952484] Call Trace: [ 26.955049] [] dump_stack+0xc1/0x124 [ 26.960386] [] print_circular_bug+0x271/0x310 [ 26.966502] [] __lock_acquire+0x371f/0x4b50 [ 26.972443] [] ? save_stack_trace+0x26/0x50 [ 26.978391] [] ? save_stack+0x43/0xd0 [ 26.983812] [] ? kasan_slab_free+0x72/0xc0 [ 26.989666] [] ? kfree+0xfc/0x300 [ 26.994738] [] ? kobject_uevent_env+0x24f/0xb40 [ 27.001031] [] ? debug_check_no_locks_freed+0x2c0/0x2c0 [ 27.008012] [] ? __lock_acquire+0xb5f/0x4b50 [ 27.014040] [] ? __lock_is_held+0xa1/0xf0 [ 27.019808] [] lock_acquire+0x15e/0x460 [ 27.025403] [] ? blkdev_reread_part+0x1e/0x40 [ 27.031515] [] ? blkdev_reread_part+0x1e/0x40 [ 27.037634] [] mutex_lock_nested+0xbb/0x850 [ 27.043574] [] ? blkdev_reread_part+0x1e/0x40 [ 27.049687] [] ? __ww_mutex_lock+0x14f0/0x14f0 [ 27.055891] [] ? _raw_spin_unlock_irqrestore+0x5a/0x70 [ 27.062794] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 27.069604] [] blkdev_reread_part+0x1e/0x40 [ 27.075548] [] loop_reread_partitions+0x78/0xe0 [ 27.081836] [] loop_set_status+0x995/0xfc0 [ 27.087696] [] loop_set_status_compat+0x9a/0x100 [ 27.094074] [] ? loop_set_status+0xfc0/0xfc0 [ 27.100103] [] lo_compat_ioctl+0x114/0x140 [ 27.105957] [] ? lo_ioctl+0x19c0/0x19c0 [ 27.111548] [] compat_blkdev_ioctl+0x3d4/0x3b10 [ 27.117835] [] ? cfq_dispatch_requests+0x2fa0/0x2fa0 [ 27.124556] [] ? exit_robust_list+0x240/0x240 [ 27.130671] [] ? SyS_memfd_create+0x258/0x2e0 [ 27.136784] [] ? sysenter_flags_fixed+0xd/0x17 [ 27.142985] [] ? security_file_ioctl+0x89/0xb0 [ 27.149187] [] compat_SyS_ioctl+0x28a/0x2540 [ 27.155215] [] ? _raw_spin_unlock_irqrestore+0x5a/0x70 [ 27.162107] [] ? cfq_dispatch_requests+0x2fa0/0x2fa0 [ 27.168828] [] ? compat_SyS_ppoll+0x420/0x420 [ 27.174943] [] ? _raw_spin_unlock_irqrestore+0x45/0x70 [ 27.181836] [] ? debug_check_no_obj_freed+0x2d2/0x9b0 [ 27.188647] [] ? compat_SyS_futex+0x1f9/0x2a0 [ 27.194759] [] ? compat_SyS_get_robust_list+0x300/0x300 [ 27.201752] [] ? SyS_memfd_create+0x258/0x2e0 [ 27.207864] [] ? kas