Warning: Permanently added '10.128.0.33' (ECDSA) to the list of known hosts. 2018/11/19 00:08:55 parsed 1 programs 2018/11/19 00:08:58 executed programs: 0 2018/11/19 00:09:06 executed programs: 6 syzkaller login: [ 47.787874] [ 47.789633] ====================================================== [ 47.795920] [ INFO: possible circular locking dependency detected ] [ 47.802390] 4.4.163+ #12 Not tainted [ 47.806080] ------------------------------------------------------- [ 47.812457] syz-executor1/5152 is trying to acquire lock: [ 47.817961] (&p->lock){+.+.+.}, at: [] seq_read+0xdd/0x12b0 [ 47.825830] [ 47.825830] but task is already holding lock: [ 47.831793] (sb_writers#4){.+.+.+}, at: [] do_sendfile+0x89a/0xb80 [ 47.840360] [ 47.840360] which lock already depends on the new lock. [ 47.840360] [ 47.848653] [ 47.848653] the existing dependency chain (in reverse order) is: [ 47.856256] -> #7 (sb_writers#4){.+.+.+}: [ 47.861182] [] lock_acquire+0x15e/0x450 [ 47.867425] [] __sb_start_write+0x1ae/0x310 [ 47.874025] [] ext4_lazyinit_thread+0x1a7/0x750 [ 47.880962] [] kthread+0x268/0x300 [ 47.886818] [] ret_from_fork+0x55/0x80 [ 47.892974] -> #6 (&eli->li_list_mtx){+.+...}: [ 47.898201] [] lock_acquire+0x15e/0x450 [ 47.904442] [] mutex_lock_nested+0xbb/0x8d0 [ 47.911040] [] ext4_register_li_request+0x304/0x7a0 [ 47.918325] [] ext4_remount+0x1368/0x1bb0 [ 47.924738] [] do_remount_sb2+0x428/0x7d0 [ 47.931152] [] do_mount+0x101e/0x2a10 [ 47.937226] [] SyS_mount+0x191/0x1c0 [ 47.943212] [] entry_SYSCALL_64_fastpath+0x1e/0x9a [ 47.950411] -> #5 (&ext4_li_mtx){+.+.+.}: [ 47.955199] [] lock_acquire+0x15e/0x450 [ 47.961444] [] mutex_lock_nested+0xbb/0x8d0 [ 47.968033] [] ext4_register_li_request+0x87/0x7a0 [ 47.975228] [] ext4_remount+0x1368/0x1bb0 [ 47.981648] [] do_remount_sb2+0x428/0x7d0 [ 47.988059] [] do_mount+0x101e/0x2a10 [ 47.994124] [] SyS_mount+0x191/0x1c0 [ 48.000108] [] entry_SYSCALL_64_fastpath+0x1e/0x9a [ 48.007308] -> #4 (&type->s_umount_key#34){++++++}: [ 48.013121] [] lock_acquire+0x15e/0x450 [ 48.019361] [] down_read+0x42/0x60 [ 48.025166] [] iterate_supers+0xe1/0x260 [ 48.031493] [] selinux_complete_init+0x2f/0x31 [ 48.038349] [] security_load_policy+0x886/0x9b0 [ 48.045286] [] sel_write_load+0x191/0xfc0 [ 48.051699] [] __vfs_write+0x11c/0x3e0 [ 48.057855] [] vfs_write+0x17e/0x4e0 [ 48.063833] [] SyS_write+0xd9/0x1c0 [ 48.069726] [] entry_SYSCALL_64_fastpath+0x1e/0x9a [ 48.076926] -> #3 (sel_mutex){+.+.+.}: [ 48.081469] [] lock_acquire+0x15e/0x450 [ 48.087720] [] mutex_lock_nested+0xbb/0x8d0 [ 48.094313] [] sel_commit_bools_write+0x87/0x250 [ 48.101341] [] __vfs_write+0x11c/0x3e0 [ 48.107494] [] __kernel_write+0x10a/0x350 [ 48.113909] [] write_pipe_buf+0x15d/0x1f0 [ 48.120360] [] __splice_from_pipe+0x364/0x790 [ 48.127124] [] splice_from_pipe+0xf9/0x170 [ 48.133627] [] default_file_splice_write+0x3c/0x80 [ 48.140822] [] SyS_splice+0xde1/0x1430 [ 48.146974] [] do_fast_syscall_32+0x31e/0xa80 [ 48.153762] [] sysenter_flags_fixed+0xd/0x1a [ 48.160440] -> #2 (&pipe->mutex/1){+.+.+.}: [ 48.165521] [] lock_acquire+0x15e/0x450 [ 48.171762] [] mutex_lock_nested+0xbb/0x8d0 [ 48.178394] [] fifo_open+0x15c/0x9e0 [ 48.184371] [] do_dentry_open+0x38d/0xbd0 [ 48.190786] [] vfs_open+0x12a/0x210 [ 48.196686] [] path_openat+0x50c/0x39a0 [ 48.202930] [] do_filp_open+0x197/0x270 [ 48.209178] [] do_open_execat+0x10f/0x6f0 [ 48.215593] [] do_execveat_common.isra.14+0x6a1/0x1f00 [ 48.223134] [] compat_SyS_execve+0x48/0x60 [ 48.229656] [] do_fast_syscall_32+0x31e/0xa80 [ 48.236421] [] sysenter_flags_fixed+0xd/0x1a [ 48.243098] -> #1 (&sig->cred_guard_mutex){+.+.+.}: [ 48.248769] [] lock_acquire+0x15e/0x450 [ 48.255012] [] mutex_lock_killable_nested+0xcc/0xa10 [ 48.262391] [] mm_access+0x51/0x140 [ 48.268288] [] proc_pid_auxv+0x29/0xd0 [ 48.274441] [] proc_single_show+0xfd/0x170 [ 48.281195] [] traverse+0x363/0x920 [ 48.287086] [] seq_read+0xd05/0x12b0 [ 48.293065] [] do_loop_readv_writev+0x148/0x1e0 [ 48.300006] [] do_readv_writev+0x581/0x6f0 [ 48.306539] [] vfs_readv+0x78/0xb0 [ 48.312346] [] default_file_splice_read+0x50f/0x8f0 [ 48.319637] [] do_splice_to+0xf7/0x140 [ 48.325796] [] splice_direct_to_actor+0x242/0x830 [ 48.332905] [] do_splice_direct+0x1a3/0x270 [ 48.339501] [] do_sendfile+0x4e4/0xb80 [ 48.345651] [] compat_SyS_sendfile+0xd1/0x160 [ 48.352412] [] do_fast_syscall_32+0x31e/0xa80 [ 48.359176] [] sysenter_flags_fixed+0xd/0x1a [ 48.365854] -> #0 (&p->lock){+.+.+.}: [ 48.370295] [] __lock_acquire+0x3e6c/0x5f10 [ 48.376887] [] lock_acquire+0x15e/0x450 [ 48.383129] [] mutex_lock_nested+0xbb/0x8d0 [ 48.389720] [] seq_read+0xdd/0x12b0 [ 48.395619] [] proc_reg_read+0xfd/0x180 [ 48.401863] [] do_loop_readv_writev+0x148/0x1e0 [ 48.409151] [] do_readv_writev+0x581/0x6f0 [ 48.415678] [] vfs_readv+0x78/0xb0 [ 48.421484] [] default_file_splice_read+0x50f/0x8f0 [ 48.428768] [] do_splice_to+0xf7/0x140 [ 48.434923] [] splice_direct_to_actor+0x242/0x830 [ 48.442042] [] do_splice_direct+0x1a3/0x270 [ 48.448639] [] do_sendfile+0x4e4/0xb80 [ 48.454809] [] compat_SyS_sendfile+0xd1/0x160 [ 48.461576] [] do_fast_syscall_32+0x31e/0xa80 [ 48.468341] [] sysenter_flags_fixed+0xd/0x1a [ 48.475018] [ 48.475018] other info that might help us debug this: [ 48.475018] [ 48.483133] Chain exists of: &p->lock --> &eli->li_list_mtx --> sb_writers#4 [ 48.491604] Possible unsafe locking scenario: [ 48.491604] [ 48.497636] CPU0 CPU1 [ 48.502276] ---- ---- [ 48.506915] lock(sb_writers#4); [ 48.510722] lock(&eli->li_list_mtx); [ 48.517717] lock(sb_writers#4); [ 48.524024] lock(&p->lock); [ 48.527346] [ 48.527346] *** DEADLOCK *** [ 48.527346] [ 48.533377] 1 lock held by syz-executor1/5152: [ 48.537930] #0: (sb_writers#4){.+.+.+}, at: [] do_sendfile+0x89a/0xb80 [ 48.547134] [ 48.547134] stack backtrace: [ 48.551607] CPU: 1 PID: 5152 Comm: syz-executor1 Not tainted 4.4.163+ #12 [ 48.558505] 0000000000000000 1ff88598afe545b8 ffff8801d5da6ef8 ffffffff81aa556d [ 48.566505] ffffffff83abfe90 ffffffff83ab4190 ffffffff83aafe10 ffff8800b81bb868 [ 48.574511] ffff8800b81baf80 ffff8801d5da6f40 ffffffff813a8827 0000000000000001 [ 48.582507] Call Trace: [ 48.585080] [] dump_stack+0xc1/0x124 [ 48.590419] [] print_circular_bug.cold.34+0x2f7/0x432 [ 48.597249] [] __lock_acquire+0x3e6c/0x5f10 [ 48.603216] [] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 48.609954] [] ? trace_hardirqs_on+0x10/0x10 [ 48.616011] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 48.622854] [] ? _raw_spin_unlock_irqrestore+0x45/0x70 [ 48.629755] [] ? depot_save_stack+0x1c3/0x5eb [ 48.635874] [] lock_acquire+0x15e/0x450 [ 48.641763] [] ? seq_read+0xdd/0x12b0 [ 48.647186] [] ? seq_read+0xdd/0x12b0 [ 48.652614] [] mutex_lock_nested+0xbb/0x8d0 [ 48.658578] [] ? seq_read+0xdd/0x12b0 [ 48.664006] [] ? mutex_trylock+0x3e0/0x3e0 [ 48.669863] [] ? mark_held_locks+0xc7/0x130 [ 48.675805] [] seq_read+0xdd/0x12b0 [ 48.681057] [] ? check_preemption_disabled+0x3b/0x200 [ 48.687869] [] ? fsnotify+0x866/0x10c0 [ 48.693380] [] ? kasan_kmalloc+0xaf/0xc0 [ 48.699061] [] ? seq_lseek+0x3c0/0x3c0 [ 48.704571] [] ? __check_object_size+0x217/0x327 [ 48.710967] [] ? __fsnotify_inode_delete+0x30/0x30 [ 48.717518] [] ? __fsnotify_update_child_dentry_flags.part.0+0x300/0x300 [ 48.725982] [] proc_reg_read+0xfd/0x180 [ 48.731581] [] ? seq_lseek+0x3c0/0x3c0 [ 48.737101] [] do_loop_readv_writev+0x148/0x1e0 [ 48.743398] [] ? security_file_permission+0x8f/0x1e0 [ 48.750464] [] ? proc_reg_write+0x180/0x180 [ 48.756406] [] ? proc_reg_write+0x180/0x180 [ 48.762351] [] do_readv_writev+0x581/0x6f0 [ 48.768208] [] ? vfs_write+0x4e0/0x4e0 [ 48.773719] [] ? __alloc_pages_direct_compact+0x220/0x220 [ 48.780895] [] vfs_readv+0x78/0xb0 [ 48.786071] [] default_file_splice_read+0x50f/0x8f0 [ 48.792710] [] ? generic_file_splice_read+0x1c0/0x1c0 [ 48.799521] [] ? is_module_text_address+0x2a/0x50 [ 48.806023] [] ? __kernel_text_address+0x6b/0xa0 [ 48.812406] [] ? print_context_stack+0x4e/0xe0 [ 48.818625] [] ? page_cache_pipe_buf_release+0x70/0x70 [ 48.825528] [] ? dump_trace+0x184/0x360 [ 48.831125] [] ? save_stack_trace+0x26/0x50 [ 48.837072] [] ? kasan_kmalloc.part.1+0x62/0xf0 [ 48.843361] [] ? kasan_kmalloc+0xaf/0xc0 [ 48.849045] [] ? __kmalloc+0x13d/0x330 [ 48.854554] [] ? alloc_pipe_info+0x340/0x410 [ 48.860892] [] ? splice_direct_to_actor+0x661/0x830 [ 48.867532] [] ? do_splice_direct+0x1a3/0x270 [ 48.873737] [] ? do_sendfile+0x4e4/0xb80 [ 48.879423] [] ? compat_SyS_sendfile+0xd1/0x160 [ 48.885734] [] ? do_fast_syscall_32+0x31e/0xa80 [ 48.892026] [] ? sysenter_flags_fixed+0xd/0x1a [ 48.898234] [] ? futex_wait_queue_me+0x3ce/0x5b0 [ 48.904624] [] ? mark_wake_futex+0x120/0x120 [ 48.910674] [] ? check_preemption_disabled+0x3b/0x200 [ 48.917574] [] ? fsnotify+0x866/0x10c0 [ 48.923087] [] ? drop_futex_key_refs.isra.2+0x5e/0xf0 [ 48.929898] [] ? rw_verify_area+0x100/0x2f0 [ 48.935846] [] ? generic_file_splice_read+0x1c0/0x1c0 [ 48.942660] [] do_splice_to+0xf7/0x140 [ 48.948169] [] splice_direct_to_actor+0x242/0x830 [ 48.954633] [] ? pipe_to_sendpage+0x330/0x330 [ 48.960750] [] ? do_splice_to+0x140/0x140 [ 48.966552] [] ? security_file_permission+0x8f/0x1e0 [ 48.973276] [] ? rw_verify_area+0x100/0x2f0 [ 48.979579] [] do_splice_direct+0x1a3/0x270 [ 48.985526] [] ? splice_direct_to_actor+0x830/0x830 [ 48.992185] [] ? rcu_sync_lockdep_assert+0x73/0xb0 [ 48.998737] [] ? __sb_start_write+0x14f/0x310 [ 49.004854] [] do_sendfile+0x4e4/0xb80 [ 49.010361] [] ? __compat_sys_pwritev64+0x170/0x170 [ 49.016998] [] ? __might_fault+0x114/0x1d0 [ 49.022855] [] compat_SyS_sendfile+0xd1/0x160 [ 49.028990] [] ? SyS_sendfile64+0x150/0x150 [ 49.034956] [] ? do_fast_syscall_32+0xdb/0xa80 [ 49.041163] [] ? SyS_sendfile64+0x150/0x150 [ 49.047106] [] do_fast_syscall_32+0x31e/0xa80 [ 49.053225] [] sysenter_flags_fixed+0xd/0x1a 2018/11/19 00:09:11 executed programs: 174