======================================================
[ INFO: possible circular locking dependency detected ]
4.4.174+ #17 Not tainted
-------------------------------------------------------
syz-executor.0/6554 is trying to acquire lock:
 (&bdev->bd_mutex){+.+.+.}, at: [<ffffffff81a7920f>] blkdev_reread_part+0x1f/0x40 block/ioctl.c:189

but task is already holding lock:
 (loop_ctl_mutex#2){+.+.+.}, at: [<ffffffff81d48065>] lo_compat_ioctl+0x105/0x140 drivers/block/loop.c:1599

which lock already depends on the new lock.


the existing dependency chain (in reverse order) is:

       [<ffffffff81205f6e>] lock_acquire+0x15e/0x450 kernel/locking/lockdep.c:3592
       [<ffffffff8270c191>] __mutex_lock_common kernel/locking/mutex.c:521 [inline]
       [<ffffffff8270c191>] mutex_lock_nested+0xc1/0xb80 kernel/locking/mutex.c:621
       [<ffffffff81d48124>] __lo_release drivers/block/loop.c:1653 [inline]
       [<ffffffff81d48124>] lo_release+0x84/0x1b0 drivers/block/loop.c:1676
       [<ffffffff8154e4e1>] __blkdev_put+0x461/0x840 fs/block_dev.c:1535
       [<ffffffff8154f738>] blkdev_put+0x88/0x560 fs/block_dev.c:1600
       [<ffffffff8154fc9b>] blkdev_close+0x8b/0xb0 fs/block_dev.c:1607
       [<ffffffff8149c8c6>] __fput+0x246/0x710 fs/file_table.c:208
       [<ffffffff8149ce16>] ____fput+0x16/0x20 fs/file_table.c:244
       [<ffffffff8112f352>] task_work_run+0x202/0x2b0 kernel/task_work.c:115
       [<ffffffff81003dca>] tracehook_notify_resume include/linux/tracehook.h:191 [inline]
       [<ffffffff81003dca>] exit_to_usermode_loop+0x14a/0x170 arch/x86/entry/common.c:188
       [<ffffffff8100569b>] prepare_exit_to_usermode arch/x86/entry/common.c:221 [inline]
       [<ffffffff8100569b>] syscall_return_slowpath+0x25b/0x2e0 arch/x86/entry/common.c:286
       [<ffffffff82718ce1>] int_ret_from_sys_call+0x25/0xa3

       [<ffffffff81205f6e>] lock_acquire+0x15e/0x450 kernel/locking/lockdep.c:3592
       [<ffffffff8270c191>] __mutex_lock_common kernel/locking/mutex.c:521 [inline]
       [<ffffffff8270c191>] mutex_lock_nested+0xc1/0xb80 kernel/locking/mutex.c:621
       [<ffffffff81d3d70d>] lo_open+0x1d/0xb0 drivers/block/loop.c:1633
       [<ffffffff8154eb6e>] __blkdev_get+0x2ae/0xdf0 fs/block_dev.c:1213
       [<ffffffff81551938>] blkdev_get+0x2e8/0x920 fs/block_dev.c:1353
       [<ffffffff8155219a>] blkdev_open+0x1aa/0x250 fs/block_dev.c:1508
       [<ffffffff8149154f>] do_dentry_open+0x38f/0xbd0 fs/open.c:749
       [<ffffffff81494d3b>] vfs_open+0x10b/0x210 fs/open.c:862
       [<ffffffff814c5ddf>] do_last fs/namei.c:3269 [inline]
       [<ffffffff814c5ddf>] path_openat+0x136f/0x4470 fs/namei.c:3406
       [<ffffffff814ccab1>] do_filp_open+0x1a1/0x270 fs/namei.c:3440
       [<ffffffff81495668>] do_sys_open+0x2f8/0x600 fs/open.c:1038
       [<ffffffff8149599d>] SYSC_open fs/open.c:1056 [inline]
       [<ffffffff8149599d>] SyS_open+0x2d/0x40 fs/open.c:1051
       [<ffffffff82718ba1>] entry_SYSCALL_64_fastpath+0x1e/0x9a

       [<ffffffff81202d86>] check_prev_add kernel/locking/lockdep.c:1853 [inline]
       [<ffffffff81202d86>] check_prevs_add kernel/locking/lockdep.c:1958 [inline]
       [<ffffffff81202d86>] validate_chain kernel/locking/lockdep.c:2144 [inline]
       [<ffffffff81202d86>] __lock_acquire+0x37d6/0x4f50 kernel/locking/lockdep.c:3213
       [<ffffffff81205f6e>] lock_acquire+0x15e/0x450 kernel/locking/lockdep.c:3592
       [<ffffffff8270c191>] __mutex_lock_common kernel/locking/mutex.c:521 [inline]
       [<ffffffff8270c191>] mutex_lock_nested+0xc1/0xb80 kernel/locking/mutex.c:621
       [<ffffffff81a7920f>] blkdev_reread_part+0x1f/0x40 block/ioctl.c:189
       [<ffffffff81d3ed4c>] loop_reread_partitions+0x7c/0x90 drivers/block/loop.c:649
       [<ffffffff81d3f962>] loop_set_status+0xc02/0x1260 drivers/block/loop.c:1208
       [<ffffffff81d40072>] loop_set_status_compat+0xb2/0x110 drivers/block/loop.c:1572
       [<ffffffff81d48070>] lo_compat_ioctl+0x110/0x140 drivers/block/loop.c:1600
       [<ffffffff81aa7200>] compat_blkdev_ioctl+0xca0/0x344f block/compat_ioctl.c:751
       [<ffffffff8159b2c3>] C_SYSC_ioctl fs/compat_ioctl.c:1592 [inline]
       [<ffffffff8159b2c3>] compat_SyS_ioctl+0x403/0x2210 fs/compat_ioctl.c:1544
       [<ffffffff8100603d>] do_syscall_32_irqs_on arch/x86/entry/common.c:330 [inline]
       [<ffffffff8100603d>] do_fast_syscall_32+0x32d/0xa90 arch/x86/entry/common.c:397
       [<ffffffff8271a350>] sysenter_flags_fixed+0xd/0x1a

other info that might help us debug this:

Chain exists of:
 Possible unsafe locking scenario:

       CPU0                    CPU1
       ----                    ----
  lock(loop_ctl_mutex#2);
                               lock(loop_index_mutex);
                               lock(loop_ctl_mutex#2);
  lock(&bdev->bd_mutex);

 *** DEADLOCK ***

1 lock held by syz-executor.0/6554:
 #0:  (loop_ctl_mutex#2){+.+.+.}, at: [<ffffffff81d48065>] lo_compat_ioctl+0x105/0x140 drivers/block/loop.c:1599

stack backtrace:
CPU: 1 PID: 6554 Comm: syz-executor.0 Not tainted 4.4.174+ #17
 0000000000000000 1c22f93661c0b269 ffff8800a5c775e0 ffffffff81aad1a1
 ffffffff84057a80 ffff8800a03097c0 ffffffff83aa0b10 ffffffff83ac6580
 ffffffff83aa16e0 ffff8800a5c77630 ffffffff813abcda ffffffff83e1a780
Call Trace:
 [<ffffffff81aad1a1>] __dump_stack lib/dump_stack.c:15 [inline]
 [<ffffffff81aad1a1>] dump_stack+0xc1/0x120 lib/dump_stack.c:51
 [<ffffffff813abcda>] print_circular_bug.cold+0x2f7/0x44e kernel/locking/lockdep.c:1226
 [<ffffffff81202d86>] check_prev_add kernel/locking/lockdep.c:1853 [inline]
 [<ffffffff81202d86>] check_prevs_add kernel/locking/lockdep.c:1958 [inline]
 [<ffffffff81202d86>] validate_chain kernel/locking/lockdep.c:2144 [inline]
 [<ffffffff81202d86>] __lock_acquire+0x37d6/0x4f50 kernel/locking/lockdep.c:3213
 [<ffffffff81205f6e>] lock_acquire+0x15e/0x450 kernel/locking/lockdep.c:3592
 [<ffffffff8270c191>] __mutex_lock_common kernel/locking/mutex.c:521 [inline]
 [<ffffffff8270c191>] mutex_lock_nested+0xc1/0xb80 kernel/locking/mutex.c:621
 [<ffffffff81a7920f>] blkdev_reread_part+0x1f/0x40 block/ioctl.c:189
 [<ffffffff81d3ed4c>] loop_reread_partitions+0x7c/0x90 drivers/block/loop.c:649
 [<ffffffff81d3f962>] loop_set_status+0xc02/0x1260 drivers/block/loop.c:1208
 [<ffffffff81d40072>] loop_set_status_compat+0xb2/0x110 drivers/block/loop.c:1572
 [<ffffffff81d48070>] lo_compat_ioctl+0x110/0x140 drivers/block/loop.c:1600
 [<ffffffff81aa7200>] compat_blkdev_ioctl+0xca0/0x344f block/compat_ioctl.c:751
 [<ffffffff8159b2c3>] C_SYSC_ioctl fs/compat_ioctl.c:1592 [inline]
 [<ffffffff8159b2c3>] compat_SyS_ioctl+0x403/0x2210 fs/compat_ioctl.c:1544
 [<ffffffff8100603d>] do_syscall_32_irqs_on arch/x86/entry/common.c:330 [inline]
 [<ffffffff8100603d>] do_fast_syscall_32+0x32d/0xa90 arch/x86/entry/common.c:397
 [<ffffffff8271a350>] sysenter_flags_fixed+0xd/0x1a
loop_reread_partitions: partition scan of loop0 (
ñy§rZ³²èï>¥iÛj¦î$^¡g/¼ }÷ó€éI­×oòzy#
¸„«`‰¡Þ‡£RnVÊAIn) failed (rc=-13)
device lo entered promiscuous mode
device lo left promiscuous mode
device lo entered promiscuous mode
device lo left promiscuous mode
device lo entered promiscuous mode
device lo left promiscuous mode
device lo entered promiscuous mode
device lo left promiscuous mode
device lo entered promiscuous mode
device lo left promiscuous mode
device lo entered promiscuous mode
device lo left promiscuous mode
input: syz1 as /devices/virtual/input/input290
input: syz1 as /devices/virtual/input/input291
input: syz1 as /devices/virtual/input/input292
input: syz1 as /devices/virtual/input/input293
input: syz1 as /devices/virtual/input/input294
input: syz1 as /devices/virtual/input/input295
uinput: write device info first
input: syz1 as /devices/virtual/input/input297
input: syz1 as /devices/virtual/input/input298
input: syz1 as /devices/virtual/input/input299
input: syz1 as /devices/virtual/input/input300
input: syz1 as /devices/virtual/input/input302
input: syz1 as /devices/virtual/input/input301
uinput: write device info first
input: syz1 as /devices/virtual/input/input304
input: syz1 as /devices/virtual/input/input305
input: syz1 as /devices/virtual/input/input306
input: syz1 as /devices/virtual/input/input307
input: syz1 as /devices/virtual/input/input308
input: syz1 as /devices/virtual/input/input309
input: syz1 as /devices/virtual/input/input310
input: syz1 as /devices/virtual/input/input311
input: syz1 as /devices/virtual/input/input312
input: syz1 as /devices/virtual/input/input313
input: syz1 as /devices/virtual/input/input314
input: syz1 as /devices/virtual/input/input316
input: syz1 as /devices/virtual/input/input317
input: syz1 as /devices/virtual/input/input318
input: syz1 as /devices/virtual/input/input320
input: syz1 as /devices/virtual/input/input321
input: syz1 as /devices/virtual/input/input322
input: syz1 as /devices/virtual/input/input324
input: syz1 as /devices/virtual/input/input323
input: syz1 as /devices/virtual/input/input325
input: syz1 as /devices/virtual/input/input326
input: syz1 as /devices/virtual/input/input327
input: syz1 as /devices/virtual/input/input328
input: syz1 as /devices/virtual/input/input329
input: syz1 as /devices/virtual/input/input330
input: syz1 as /devices/virtual/input/input331
input: syz1 as /devices/virtual/input/input332
input: syz1 as /devices/virtual/input/input334
input: syz1 as /devices/virtual/input/input333
input: syz1 as /devices/virtual/input/input335
input: syz1 as /devices/virtual/input/input336
input: syz1 as /devices/virtual/input/input337
input: syz1 as /devices/virtual/input/input339
input: syz1 as /devices/virtual/input/input340
input: syz1 as /devices/virtual/input/input341
input: syz1 as /devices/virtual/input/input342
input: syz1 as /devices/virtual/input/input343
input: syz1 as /devices/virtual/input/input344
input: syz1 as /devices/virtual/input/input345
input: syz1 as /devices/virtual/input/input346
input: syz1 as /devices/virtual/input/input347
input: syz1 as /devices/virtual/input/input348