possible deadlock in lock

Kernel	Title	Repro	Cause bisect	Fix bisect	Count	Last	Reported	Patched	Status
linux-4.19	possible deadlock in lock_trace	syz		error	42	1319d	1825d	0/1	upstream: reported syz repro on 2019/04/28 18:16
linux-4.14	possible deadlock in lock_trace	C		error	146	1377d	1834d	0/1	upstream: reported C repro on 2019/04/19 09:51
android-49	possible deadlock in lock_trace	C			7424	1605d	1842d	0/3	public: reported C repro on 2019/04/12 00:00
upstream	possible deadlock in lock_trace (2) fs				3	1806d	1836d	0/26	auto-closed as invalid on 2019/10/25 08:41
upstream	possible deadlock in lock_trace fs	C			1847	1858d	2339d	0/26	closed as dup on 2017/12/12 21:59
upstream	possible deadlock in lock_trace (3) fs	syz	inconclusive	done	69	1485d	1620d	15/26	fixed on 2020/08/18 22:40
android-414	possible deadlock in lock_trace	syz			203	1850d	1842d	0/1	public: reported syz repro on 2019/04/12 00:01

====================================================== [ INFO: possible circular locking dependency detected ] 4.4.159+ #108 Not tainted ------------------------------------------------------- syz-executor122/2096 is trying to acquire lock: (&sig->cred_guard_mutex){+.+.+.}, at: [<ffffffff815e2cf4>] lock_trace+0x44/0xc0 fs/proc/base.c:448 but task is already holding lock: (&p->lock){+.+.+.}, at: [<ffffffff8150141d>] seq_read+0xdd/0x12b0 fs/seq_file.c:178 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: [<ffffffff81202efe>] lock_acquire+0x15e/0x450 kernel/locking/lockdep.c:3592 [<ffffffff826fa74b>] __mutex_lock_common kernel/locking/mutex.c:521 [inline] [<ffffffff826fa74b>] mutex_lock_nested+0xbb/0x8d0 kernel/locking/mutex.c:621 [<ffffffff8150141d>] seq_read+0xdd/0x12b0 fs/seq_file.c:178 [<ffffffff81491518>] do_loop_readv_writev+0x148/0x1e0 fs/read_write.c:680 [<ffffffff81493351>] do_readv_writev+0x581/0x6f0 fs/read_write.c:810 [<ffffffff81493538>] vfs_readv+0x78/0xb0 fs/read_write.c:834 [<ffffffff8152f6df>] kernel_readv fs/splice.c:586 [inline] [<ffffffff8152f6df>] default_file_splice_read+0x50f/0x8f0 fs/splice.c:662 [<ffffffff8152b5b7>] do_splice_to+0xf7/0x140 fs/splice.c:1154 [<ffffffff8152b842>] splice_direct_to_actor+0x242/0x830 fs/splice.c:1226 [<ffffffff8152bfd3>] do_splice_direct+0x1a3/0x270 fs/splice.c:1337 [<ffffffff81494774>] do_sendfile+0x4e4/0xb80 fs/read_write.c:1227 [<ffffffff81496763>] SYSC_sendfile64 fs/read_write.c:1282 [inline] [<ffffffff81496763>] SyS_sendfile64+0xc3/0x150 fs/read_write.c:1274 [<ffffffff82705ca1>] entry_SYSCALL_64_fastpath+0x1e/0x9a [<ffffffff81202efe>] lock_acquire+0x15e/0x450 kernel/locking/lockdep.c:3592 [<ffffffff81498e4e>] percpu_down_read include/linux/percpu-rwsem.h:26 [inline] [<ffffffff81498e4e>] __sb_start_write+0x1ae/0x310 fs/super.c:1221 [<ffffffff816bb0f7>] sb_start_write include/linux/fs.h:1515 [inline] [<ffffffff816bb0f7>] ext4_run_li_request fs/ext4/super.c:2674 [inline] [<ffffffff816bb0f7>] ext4_lazyinit_thread+0x1a7/0x750 fs/ext4/super.c:2773 [<ffffffff81134038>] kthread+0x268/0x300 kernel/kthread.c:211 [<ffffffff82706085>] ret_from_fork+0x55/0x80 arch/x86/entry/entry_64.S:510 [<ffffffff81202efe>] lock_acquire+0x15e/0x450 kernel/locking/lockdep.c:3592 [<ffffffff826fa74b>] __mutex_lock_common kernel/locking/mutex.c:521 [inline] [<ffffffff826fa74b>] mutex_lock_nested+0xbb/0x8d0 kernel/locking/mutex.c:621 [<ffffffff816c51f4>] ext4_register_li_request+0x304/0x7a0 fs/ext4/super.c:2961 [<ffffffff816c69f8>] ext4_remount+0x1368/0x1bb0 fs/ext4/super.c:4911 [<ffffffff8149c0f8>] do_remount_sb2+0x428/0x7d0 fs/super.c:771 [<ffffffff814fc03e>] do_remount fs/namespace.c:2335 [inline] [<ffffffff814fc03e>] do_mount+0x101e/0x2a10 fs/namespace.c:2848 [<ffffffff814fe581>] SYSC_mount fs/namespace.c:3051 [inline] [<ffffffff814fe581>] SyS_mount+0x191/0x1c0 fs/namespace.c:3029 [<ffffffff82705ca1>] entry_SYSCALL_64_fastpath+0x1e/0x9a [<ffffffff81202efe>] lock_acquire+0x15e/0x450 kernel/locking/lockdep.c:3592 [<ffffffff826fa74b>] __mutex_lock_common kernel/locking/mutex.c:521 [inline] [<ffffffff826fa74b>] mutex_lock_nested+0xbb/0x8d0 kernel/locking/mutex.c:621 [<ffffffff816c4f77>] ext4_register_li_request+0x87/0x7a0 fs/ext4/super.c:2934 [<ffffffff816c69f8>] ext4_remount+0x1368/0x1bb0 fs/ext4/super.c:4911 [<ffffffff8149c0f8>] do_remount_sb2+0x428/0x7d0 fs/super.c:771 [<ffffffff814fc03e>] do_remount fs/namespace.c:2335 [inline] [<ffffffff814fc03e>] do_mount+0x101e/0x2a10 fs/namespace.c:2848 [<ffffffff814fe581>] SYSC_mount fs/namespace.c:3051 [inline] [<ffffffff814fe581>] SyS_mount+0x191/0x1c0 fs/namespace.c:3029 [<ffffffff82705ca1>] entry_SYSCALL_64_fastpath+0x1e/0x9a [<ffffffff81202efe>] lock_acquire+0x15e/0x450 kernel/locking/lockdep.c:3592 [<ffffffff82700cc2>] down_read+0x42/0x60 kernel/locking/rwsem.c:22 [<ffffffff8149b811>] iterate_supers+0xe1/0x260 fs/super.c:537 [<ffffffff8199e134>] selinux_complete_init+0x2f/0x31 security/selinux/hooks.c:6154 [<ffffffff8198fd86>] security_load_policy+0x886/0x9b0 security/selinux/ss/services.c:2060 [<ffffffff81965cb1>] sel_write_load+0x191/0xfc0 security/selinux/selinuxfs.c:535 [<ffffffff81490dbc>] __vfs_write+0x11c/0x3e0 fs/read_write.c:489 [<ffffffff81492a6e>] vfs_write+0x17e/0x4e0 fs/read_write.c:538 [<ffffffff814950a9>] SYSC_write fs/read_write.c:585 [inline] [<ffffffff814950a9>] SyS_write+0xd9/0x1c0 fs/read_write.c:577 [<ffffffff82705ca1>] entry_SYSCALL_64_fastpath+0x1e/0x9a [<ffffffff81202efe>] lock_acquire+0x15e/0x450 kernel/locking/lockdep.c:3592 [<ffffffff826fa74b>] __mutex_lock_common kernel/locking/mutex.c:521 [inline] [<ffffffff826fa74b>] mutex_lock_nested+0xbb/0x8d0 kernel/locking/mutex.c:621 [<ffffffff81963797>] sel_commit_bools_write+0x87/0x250 security/selinux/selinuxfs.c:1142 [<ffffffff81490dbc>] __vfs_write+0x11c/0x3e0 fs/read_write.c:489 [<ffffffff8149118a>] __kernel_write+0x10a/0x350 fs/read_write.c:511 [<ffffffff8152c1fd>] write_pipe_buf+0x15d/0x1f0 fs/splice.c:1074 [<ffffffff8152d094>] splice_from_pipe_feed fs/splice.c:776 [inline] [<ffffffff8152d094>] __splice_from_pipe+0x364/0x790 fs/splice.c:901 [<ffffffff81530159>] splice_from_pipe+0xf9/0x170 fs/splice.c:936 [<ffffffff8153025c>] default_file_splice_write+0x3c/0x80 fs/splice.c:1086 [<ffffffff81531321>] do_splice_from fs/splice.c:1128 [inline] [<ffffffff81531321>] do_splice fs/splice.c:1404 [inline] [<ffffffff81531321>] SYSC_splice fs/splice.c:1707 [inline] [<ffffffff81531321>] SyS_splice+0xde1/0x1430 fs/splice.c:1690 [<ffffffff82705ca1>] entry_SYSCALL_64_fastpath+0x1e/0x9a [<ffffffff81202efe>] lock_acquire+0x15e/0x450 kernel/locking/lockdep.c:3592 [<ffffffff826fa74b>] __mutex_lock_common kernel/locking/mutex.c:521 [inline] [<ffffffff826fa74b>] mutex_lock_nested+0xbb/0x8d0 kernel/locking/mutex.c:621 [<ffffffff814acbac>] __pipe_lock fs/pipe.c:86 [inline] [<ffffffff814acbac>] fifo_open+0x15c/0x9e0 fs/pipe.c:896 [<ffffffff8148bbad>] do_dentry_open+0x38d/0xbd0 fs/open.c:749 [<ffffffff8148f31a>] vfs_open+0x12a/0x210 fs/open.c:862 [<ffffffff814beefc>] do_last fs/namei.c:3222 [inline] [<ffffffff814beefc>] path_openat+0x50c/0x39a0 fs/namei.c:3359 [<ffffffff814c6027>] do_filp_open+0x197/0x270 fs/namei.c:3393 [<ffffffff814a208f>] do_open_execat+0x10f/0x6f0 fs/exec.c:800 [<ffffffff814a7641>] do_execveat_common.isra.14+0x6a1/0x1f00 fs/exec.c:1573 [<ffffffff814a9812>] do_execve fs/exec.c:1679 [inline] [<ffffffff814a9812>] SYSC_execve fs/exec.c:1760 [inline] [<ffffffff814a9812>] SyS_execve+0x42/0x50 fs/exec.c:1755 [<ffffffff82705fb5>] return_from_execve+0x0/0x23 [<ffffffff811ff31c>] check_prev_add kernel/locking/lockdep.c:1853 [inline] [<ffffffff811ff31c>] check_prevs_add kernel/locking/lockdep.c:1958 [inline] [<ffffffff811ff31c>] validate_chain kernel/locking/lockdep.c:2144 [inline] [<ffffffff811ff31c>] __lock_acquire+0x3e6c/0x5f10 kernel/locking/lockdep.c:3213 [<ffffffff81202efe>] lock_acquire+0x15e/0x450 kernel/locking/lockdep.c:3592 [<ffffffff826fb8fc>] __mutex_lock_common kernel/locking/mutex.c:521 [inline] [<ffffffff826fb8fc>] mutex_lock_killable_nested+0xcc/0xa10 kernel/locking/mutex.c:641 [<ffffffff815e2cf4>] lock_trace+0x44/0xc0 fs/proc/base.c:448 [<ffffffff815e2fac>] proc_pid_personality+0x1c/0xc0 fs/proc/base.c:2835 [<ffffffff815db19d>] proc_single_show+0xfd/0x170 fs/proc/base.c:791 [<ffffffff815017f6>] seq_read+0x4b6/0x12b0 fs/seq_file.c:240 [<ffffffff81491518>] do_loop_readv_writev+0x148/0x1e0 fs/read_write.c:680 [<ffffffff81493351>] do_readv_writev+0x581/0x6f0 fs/read_write.c:810 [<ffffffff81493538>] vfs_readv+0x78/0xb0 fs/read_write.c:834 [<ffffffff8152f6df>] kernel_readv fs/splice.c:586 [inline] [<ffffffff8152f6df>] default_file_splice_read+0x50f/0x8f0 fs/splice.c:662 [<ffffffff8152b5b7>] do_splice_to+0xf7/0x140 fs/splice.c:1154 [<ffffffff8152b842>] splice_direct_to_actor+0x242/0x830 fs/splice.c:1226 [<ffffffff8152bfd3>] do_splice_direct+0x1a3/0x270 fs/splice.c:1337 [<ffffffff81494774>] do_sendfile+0x4e4/0xb80 fs/read_write.c:1227 [<ffffffff81496763>] SYSC_sendfile64 fs/read_write.c:1282 [inline] [<ffffffff81496763>] SyS_sendfile64+0xc3/0x150 fs/read_write.c:1274 [<ffffffff82705ca1>] entry_SYSCALL_64_fastpath+0x1e/0x9a other info that might help us debug this: Chain exists of: Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(&p->lock); lock(sb_writers#4); lock(&p->lock); lock(&sig->cred_guard_mutex); *** DEADLOCK *** 1 lock held by syz-executor122/2096: #0: (&p->lock){+.+.+.}, at: [<ffffffff8150141d>] seq_read+0xdd/0x12b0 fs/seq_file.c:178 stack backtrace: CPU: 1 PID: 2096 Comm: syz-executor122 Not tainted 4.4.159+ #108 0000000000000000 6addc59d46797ecf ffff8800b6666f28 ffffffff81a994bd ffffffff83ab46a0 ffffffff83ab04d0 ffffffff83aaeb80 ffff8801d54467e8 ffff8801d5445f00 ffff8800b6666f70 ffffffff813a84ea 0000000000000001 Call Trace: [<ffffffff81a994bd>] __dump_stack lib/dump_stack.c:15 [inline] [<ffffffff81a994bd>] dump_stack+0xc1/0x124 lib/dump_stack.c:51 [<ffffffff813a84ea>] print_circular_bug.cold.34+0x2f7/0x432 kernel/locking/lockdep.c:1226 [<ffffffff811ff31c>] check_prev_add kernel/locking/lockdep.c:1853 [inline] [<ffffffff811ff31c>] check_prevs_add kernel/locking/lockdep.c:1958 [inline] [<ffffffff811ff31c>] validate_chain kernel/locking/lockdep.c:2144 [inline] [<ffffffff811ff31c>] __lock_acquire+0x3e6c/0x5f10 kernel/locking/lockdep.c:3213 [<ffffffff81202efe>] lock_acquire+0x15e/0x450 kernel/locking/lockdep.c:3592 [<ffffffff826fb8fc>] __mutex_lock_common kernel/locking/mutex.c:521 [inline] [<ffffffff826fb8fc>] mutex_lock_killable_nested+0xcc/0xa10 kernel/locking/mutex.c:641 [<ffffffff815e2cf4>] lock_trace+0x44/0xc0 fs/proc/base.c:448 [<ffffffff815e2fac>] proc_pid_personality+0x1c/0xc0 fs/proc/base.c:2835 [<ffffffff815db19d>] proc_single_show+0xfd/0x170 fs/proc/base.c:791 [<ffffffff815017f6>] seq_read+0x4b6/0x12b0 fs/seq_file.c:240 [<ffffffff81491518>] do_loop_readv_writev+0x148/0x1e0 fs/read_write.c:680 [<ffffffff81493351>] do_readv_writev+0x581/0x6f0 fs/read_write.c:810 [<ffffffff81493538>] vfs_readv+0x78/0xb0 fs/read_write.c:834 [<ffffffff8152f6df>] kernel_readv fs/splice.c:586 [inline] [<ffffffff8152f6df>] default_file_splice_read+0x50f/0x8f0 fs/splice.c:662 [<ffffffff8152b5b7>] do_splice_to+0xf7/0x140 fs/splice.c:1154 [<ffffffff8152b842>] splice_direct_to_actor+0x242/0x830 fs/splice.c:1226 [<ffffffff8152bfd3>] do_splice_direct+0x1a3/0x270 fs/splice.c:1337 [<ffffffff81494774>] do_sendfile+0x4e4/0xb80 fs/read_write.c:1227 [<ffffffff81496763>] SYSC_sendfile64 fs/read_write.c:1282 [inline] [<ffffffff81496763>] SyS_sendfile64+0xc3/0x150 fs/read_write.c:1274 [<ffffffff82705ca1>] entry_SYSCALL_64_fastpath+0x1e/0x9a

Crashes (41):
Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	Manager
2018/10/09 19:22	https://android.googlesource.com/kernel/common android-4.4	ea3a6005d280	8b311eaf	.config	console log	report	syz	C	ci-android-44-kasan-gce
2018/09/28 09:08	https://android.googlesource.com/kernel/common android-4.4	85b352c44756	0c2fa87b	.config	console log	report	syz	C	ci-android-44-kasan-gce
2019/11/27 11:28	https://android.googlesource.com/kernel/common android-4.4	62872f952d6b	1048481f	.config	console log	report			ci-android-44-kasan-gce
2019/11/27 07:22	https://android.googlesource.com/kernel/common android-4.4	62872f952d6b	1048481f	.config	console log	report			ci-android-44-kasan-gce
2019/11/26 15:08	https://android.googlesource.com/kernel/common android-4.4	62872f952d6b	f746151a	.config	console log	report			ci-android-44-kasan-gce
2019/11/21 22:13	https://android.googlesource.com/kernel/common android-4.4	62872f952d6b	8098ea0f	.config	console log	report			ci-android-44-kasan-gce
2019/11/17 11:46	https://android.googlesource.com/kernel/common android-4.4	62872f952d6b	d5696d51	.config	console log	report			ci-android-44-kasan-gce
2019/11/16 10:40	https://android.googlesource.com/kernel/common android-4.4	62872f952d6b	cdac920b	.config	console log	report			ci-android-44-kasan-gce
2019/10/31 06:48	https://android.googlesource.com/kernel/common android-4.4	62872f952d6b	a41ca8fa	.config	console log	report			ci-android-44-kasan-gce
2019/10/24 03:43	https://android.googlesource.com/kernel/common android-4.4	62872f952d6b	b602d64b	.config	console log	report			ci-android-44-kasan-gce
2019/02/15 08:51	https://android.googlesource.com/kernel/common android-4.4	62872f952d6b	76dd003f	.config	console log	report			ci-android-44-kasan-gce
2018/12/08 19:11	https://android.googlesource.com/kernel/common android-4.4	0d71150b2638	60562a1d	.config	console log	report			ci-android-44-kasan-gce
2018/09/23 20:42	https://android.googlesource.com/kernel/common android-4.4	cb28adba1a09	28d9ac76	.config	console log	report			ci-android-44-kasan-gce
2019/11/25 03:01	https://android.googlesource.com/kernel/common android-4.4	62872f952d6b	598ca6c8	.config	console log	report			ci-android-44-kasan-gce-386
2019/11/16 19:22	https://android.googlesource.com/kernel/common android-4.4	62872f952d6b	d5696d51	.config	console log	report			ci-android-44-kasan-gce-386
2019/11/13 23:59	https://android.googlesource.com/kernel/common android-4.4	62872f952d6b	048f2d49	.config	console log	report			ci-android-44-kasan-gce-386
2019/11/02 23:31	https://android.googlesource.com/kernel/common android-4.4	62872f952d6b	a41ca8fa	.config	console log	report			ci-android-44-kasan-gce-386
2019/10/30 08:43	https://android.googlesource.com/kernel/common android-4.4	62872f952d6b	5ea87a66	.config	console log	report			ci-android-44-kasan-gce-386
2019/10/11 15:58	https://android.googlesource.com/kernel/common android-4.4	62872f952d6b	1a3bad90	.config	console log	report			ci-android-44-kasan-gce-386
2019/10/05 15:00	https://android.googlesource.com/kernel/common android-4.4	62872f952d6b	f3f7d9c8	.config	console log	report			ci-android-44-kasan-gce-386
2019/08/28 18:32	https://android.googlesource.com/kernel/common android-4.4	62872f952d6b	fd37b39e	.config	console log	report			ci-android-44-kasan-gce-386
2019/08/25 20:11	https://android.googlesource.com/kernel/common android-4.4	62872f952d6b	d21c5d9d	.config	console log	report			ci-android-44-kasan-gce-386
2019/08/25 12:37	https://android.googlesource.com/kernel/common android-4.4	62872f952d6b	d21c5d9d	.config	console log	report			ci-android-44-kasan-gce-386
2019/08/22 00:05	https://android.googlesource.com/kernel/common android-4.4	62872f952d6b	984250d5	.config	console log	report			ci-android-44-kasan-gce-386
2019/02/02 13:29	https://android.googlesource.com/kernel/common android-4.4	b3e9e81ee068	c198d5dd	.config	console log	report			ci-android-44-kasan-gce-386
2019/01/07 22:14	https://android.googlesource.com/kernel/common android-4.4	d08574b6f0ae	69d69aa9	.config	console log	report			ci-android-44-kasan-gce-386
2018/12/28 07:47	https://android.googlesource.com/kernel/common android-4.4	dfca92bab267	af317504	.config	console log	report			ci-android-44-kasan-gce-386
2018/12/22 16:18	https://android.googlesource.com/kernel/common android-4.4	dfca92bab267	e3bd7ab8	.config	console log	report			ci-android-44-kasan-gce-386
2018/12/16 23:23	https://android.googlesource.com/kernel/common android-4.4	b95a8c048a28	def91db3	.config	console log	report			ci-android-44-kasan-gce-386
2018/11/28 20:28	https://android.googlesource.com/kernel/common android-4.4	bc1cf2226ce5	4b6d14f2	.config	console log	report			ci-android-44-kasan-gce-386
2018/11/28 12:45	https://android.googlesource.com/kernel/common android-4.4	bc1cf2226ce5	4b6d14f2	.config	console log	report			ci-android-44-kasan-gce-386
2018/11/25 11:42	https://android.googlesource.com/kernel/common android-4.4	564ce1b48436	3d3ec907	.config	console log	report			ci-android-44-kasan-gce-386
2018/11/20 16:29	https://android.googlesource.com/kernel/common android-4.4	498bf61266f1	9bc2a903	.config	console log	report			ci-android-44-kasan-gce-386
2018/11/20 04:49	https://android.googlesource.com/kernel/common android-4.4	498bf61266f1	9bc2a903	.config	console log	report			ci-android-44-kasan-gce-386
2018/11/17 12:27	https://android.googlesource.com/kernel/common android-4.4	498bf61266f1	b08ee62a	.config	console log	report			ci-android-44-kasan-gce-386
2018/11/15 22:43	https://android.googlesource.com/kernel/common android-4.4	498bf61266f1	3a41052e	.config	console log	report			ci-android-44-kasan-gce-386
2018/11/12 21:12	https://android.googlesource.com/kernel/common android-4.4	0ca3fcabdc05	74dbb806	.config	console log	report			ci-android-44-kasan-gce-386
2018/11/01 11:43	https://android.googlesource.com/kernel/common android-4.4	c4b00eb70496	1f38e9ae	.config	console log	report			ci-android-44-kasan-gce-386
2018/11/01 01:13	https://android.googlesource.com/kernel/common android-4.4	c4b00eb70496	1f38e9ae	.config	console log	report			ci-android-44-kasan-gce-386
2018/10/15 21:01	https://android.googlesource.com/kernel/common android-4.4	8e7f196597f3	8cd30605	.config	console log	report			ci-android-44-kasan-gce-386
2018/10/13 16:48	https://android.googlesource.com/kernel/common android-4.4	8e7f196597f3	caf12900	.config	console log	report			ci-android-44-kasan-gce-386

Crashes (41):

Assets (help?)

2018/10/09 19:22

https://android.googlesource.com/kernel/common android-4.4