Warning: Permanently added '10.128.0.43' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 33.451176] [ 33.452853] ====================================================== [ 33.459153] [ INFO: possible circular locking dependency detected ] [ 33.465532] 4.4.167+ #4 Not tainted [ 33.469129] ------------------------------------------------------- [ 33.475504] syz-executor445/2080 is trying to acquire lock: [ 33.481181] (&pipe->mutex/1){+.+.+.}, at: [] fifo_open+0x15c/0x9e0 [ 33.489729] [ 33.489729] but task is already holding lock: [ 33.495790] (&sig->cred_guard_mutex){+.+.+.}, at: [] prepare_bprm_creds+0x53/0x110 [ 33.505611] [ 33.505611] which lock already depends on the new lock. [ 33.505611] [ 33.513900] [ 33.513900] the existing dependency chain (in reverse order) is: [ 33.521491] -> #1 (&sig->cred_guard_mutex){+.+.+.}: [ 33.527125] [] lock_acquire+0x15e/0x450 [ 33.533365] [] mutex_lock_interruptible_nested+0xd2/0xcc0 [ 33.541172] [] proc_pid_attr_write+0x19e/0x290 [ 33.548031] [] __vfs_write+0x11c/0x3e0 [ 33.554183] [] __kernel_write+0x10a/0x350 [ 33.560600] [] write_pipe_buf+0x15d/0x1f0 [ 33.567010] [] __splice_from_pipe+0x364/0x790 [ 33.573771] [] splice_from_pipe+0xf9/0x170 [ 33.580270] [] default_file_splice_write+0x3c/0x80 [ 33.587473] [] SyS_splice+0xde1/0x1430 [ 33.593627] [] entry_SYSCALL_64_fastpath+0x1e/0x9a [ 33.600838] -> #0 (&pipe->mutex/1){+.+.+.}: [ 33.605913] [] __lock_acquire+0x3cd4/0x5530 [ 33.612496] [] lock_acquire+0x15e/0x450 [ 33.618775] [] mutex_lock_nested+0xc2/0xb60 [ 33.625367] [] fifo_open+0x15c/0x9e0 [ 33.631386] [] do_dentry_open+0x38d/0xbd0 [ 33.637874] [] vfs_open+0x12a/0x210 [ 33.643776] [] path_openat+0xc10/0x3f10 [ 33.650019] [] do_filp_open+0x197/0x270 [ 33.656254] [] do_open_execat+0x10f/0x6f0 [ 33.662665] [] do_execveat_common.isra.14+0x6a1/0x1f00 [ 33.670220] [] SyS_execve+0x42/0x50 [ 33.676163] [] return_from_execve+0x0/0x23 [ 33.682674] [ 33.682674] other info that might help us debug this: [ 33.682674] [ 33.690790] Possible unsafe locking scenario: [ 33.690790] [ 33.696821] CPU0 CPU1 [ 33.701460] ---- ---- [ 33.706099] lock(&sig->cred_guard_mutex); [ 33.710711] lock(&pipe->mutex/1); [ 33.717184] lock(&sig->cred_guard_mutex); [ 33.724230] lock(&pipe->mutex/1); [ 33.728182] [ 33.728182] *** DEADLOCK *** [ 33.728182] [ 33.734225] 1 lock held by syz-executor445/2080: [ 33.738949] #0: (&sig->cred_guard_mutex){+.+.+.}, at: [] prepare_bprm_creds+0x53/0x110 [ 33.749313] [ 33.749313] stack backtrace: [ 33.753786] CPU: 0 PID: 2080 Comm: syz-executor445 Not tainted 4.4.167+ #4 [ 33.760884] 0000000000000000 12e17367a93d6d0a ffff8801d42af4d0 ffffffff81aa62cd [ 33.768875] ffffffff83ab72b0 ffffffff83ab72b0 ffff8801d481af80 ffffffff83ab0860 [ 33.776877] ffff8801d481b868 ffff8801d42af520 ffffffff813a9559 ffff8801d481af80 [ 33.784868] Call Trace: [ 33.787432] [] dump_stack+0xc1/0x124 [ 33.792770] [] print_circular_bug.cold.31+0x2f6/0x435 [ 33.799690] [] __lock_acquire+0x3cd4/0x5530 [ 33.805644] [] ? trace_hardirqs_on+0x10/0x10 [ 33.812006] [] ? path_openat+0xc10/0x3f10 [ 33.817791] [] ? do_open_execat+0x10f/0x6f0 [ 33.823744] [] ? do_execveat_common.isra.14+0x6a1/0x1f00 [ 33.830824] [] lock_acquire+0x15e/0x450 [ 33.836426] [] ? fifo_open+0x15c/0x9e0 [ 33.841977] [] mutex_lock_nested+0xc2/0xb60 [ 33.847929] [] ? fifo_open+0x15c/0x9e0 [ 33.853447] [] ? check_preemption_disabled+0x3b/0x200 [ 33.860269] [] ? lockdep_init_map+0x110/0x1630 [ 33.866523] [] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 33.873257] [] ? mutex_trylock+0x4f0/0x4f0 [ 33.879385] [] ? fifo_open+0x24e/0x9e0 [ 33.884898] [] ? fifo_open+0x28d/0x9e0 [ 33.890411] [] fifo_open+0x15c/0x9e0 [ 33.895748] [] do_dentry_open+0x38d/0xbd0 [ 33.901518] [] ? __inode_permission2+0x9b/0x240 [ 33.907855] [] ? pipe_release+0x250/0x250 [ 33.913633] [] vfs_open+0x12a/0x210 [ 33.918883] [] ? may_open.isra.19+0x156/0x240 [ 33.925005] [] path_openat+0xc10/0x3f10 [ 33.930608] [] ? dump_trace+0x184/0x360 [ 33.936204] [] ? may_open.isra.19+0x240/0x240 [ 33.942336] [] ? kasan_kmalloc.part.1+0xc9/0xf0 [ 33.948630] [] ? save_stack_trace+0x26/0x50 [ 33.954580] [] ? kasan_kmalloc.part.1+0x62/0xf0 [ 33.960880] [] ? kasan_kmalloc+0xaf/0xc0 [ 33.966566] [] ? __kmalloc_track_caller+0xf1/0x2e0 [ 33.973121] [] ? kmemdup+0x24/0x50 [ 33.978286] [] ? selinux_cred_prepare+0x43/0xa0 [ 33.984581] [] ? security_prepare_creds+0x83/0xc0 [ 33.991060] [] ? prepare_creds+0x222/0x2a0 [ 33.996983] [] ? prepare_exec_creds+0x11/0xf0 [ 34.003110] [] ? prepare_bprm_creds+0x67/0x110 [ 34.009320] [] ? SyS_execve+0x42/0x50 [ 34.014747] [] ? stub_execve+0x5/0x5 [ 34.020086] [] ? save_stack_trace+0x26/0x50 [ 34.026034] [] ? kasan_kmalloc+0xaf/0xc0 [ 34.031719] [] ? kasan_slab_alloc+0x12/0x20 [ 34.037665] [] ? kmem_cache_alloc+0xdc/0x2c0 [ 34.043697] [] ? prepare_creds+0x28/0x2a0 [ 34.049473] [] ? prepare_exec_creds+0x11/0xf0 [ 34.055599] [] ? prepare_bprm_creds+0x67/0x110 [ 34.061920] [] ? do_execveat_common.isra.14+0x2d8/0x1f00 [ 34.068998] [] ? save_stack_trace+0x26/0x50 [ 34.074948] [] do_filp_open+0x197/0x270 [ 34.080593] [] ? user_path_mountpoint_at+0x70/0x70 [ 34.087159] [] ? trace_hardirqs_on+0x10/0x10 [ 34.093192] [] ? rcu_read_lock_sched_held+0x103/0x120 [ 34.100012] [] do_open_execat+0x10f/0x6f0 [ 34.105783] [] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 34.112509] [] ? setup_arg_pages+0x7a0/0x7a0 [ 34.118543] [] do_execveat_common.isra.14+0x6a1/0x1f00 [ 34.125441] [] ? do_execveat_common.isra.14+0x3db/0x1f00 [ 34.132520] [] ? prepare_bprm_creds+0x110/0x110 [ 34.138821] [] ? getname_flags+0x229/0x550 [ 34.144680] [] SyS_execve+0x42/0x50 [ 34.149929] [] stub_execve+0x5/0x5 [ 34.155097] [] ? tracesys+0x88/0x8d