[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 9.896407] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 16.470119] random: crng init done Warning: Permanently added '10.128.0.52' (ECDSA) to the list of known hosts. executing program [ 28.281355] [ 28.282987] ====================================================== [ 28.289277] [ INFO: possible circular locking dependency detected ] [ 28.295711] 4.9.128+ #45 Not tainted [ 28.299469] ------------------------------------------------------- [ 28.305850] syz-executor196/2055 is trying to acquire lock: [ 28.311532] (&p->lock){+.+.+.}, at: [] seq_read+0xdd/0x12d0 [ 28.319230] but task is already holding lock: [ 28.323867] (&pipe->mutex/1){+.+.+.}, at: [] pipe_lock+0x5e/0x70 [ 28.332113] which lock already depends on the new lock. [ 28.332113] [ 28.339098] [ 28.339098] the existing dependency chain (in reverse order) is: [ 28.346692] -> #2 (&pipe->mutex/1){+.+.+.}: [ 28.351767] lock_acquire+0x130/0x3e0 [ 28.356061] mutex_lock_nested+0xc0/0x870 [ 28.360703] fifo_open+0x15c/0x9e0 [ 28.364856] do_dentry_open+0x3ef/0xc90 [ 28.369330] vfs_open+0x11c/0x210 [ 28.373281] path_openat+0x542/0x2790 [ 28.377574] do_filp_open+0x197/0x270 [ 28.381870] do_open_execat+0x10f/0x640 [ 28.386340] do_execveat_common.isra.15+0x687/0x1f80 [ 28.391938] compat_SyS_execve+0x48/0x60 [ 28.396494] do_fast_syscall_32+0x2f1/0x860 [ 28.401315] entry_SYSENTER_compat+0x90/0xa2 [ 28.406212] -> #1 (&sig->cred_guard_mutex){+.+.+.}: [ 28.411858] lock_acquire+0x130/0x3e0 [ 28.416152] mutex_lock_killable_nested+0xcc/0x960 [ 28.421576] lock_trace+0x44/0xc0 [ 28.425524] proc_pid_personality+0x1c/0xc0 [ 28.430337] proc_single_show+0xfd/0x170 [ 28.434891] traverse+0x363/0x920 [ 28.438838] seq_read+0xd1b/0x12d0 [ 28.442871] do_loop_readv_writev.part.1+0xd5/0x280 [ 28.448379] do_readv_writev+0x56e/0x7b0 [ 28.452932] vfs_readv+0x84/0xc0 [ 28.456792] default_file_splice_read+0x44b/0x7e0 [ 28.462123] do_splice_to+0x10c/0x170 [ 28.466424] splice_direct_to_actor+0x23f/0x7e0 [ 28.471590] do_splice_direct+0x1a3/0x270 [ 28.476231] do_sendfile+0x4f0/0xc30 [ 28.480435] compat_SyS_sendfile+0xd1/0x160 [ 28.485253] do_fast_syscall_32+0x2f1/0x860 [ 28.490069] entry_SYSENTER_compat+0x90/0xa2 [ 28.494970] -> #0 (&p->lock){+.+.+.}: [ 28.499396] __lock_acquire+0x3189/0x4a10 [ 28.504042] lock_acquire+0x130/0x3e0 [ 28.508341] mutex_lock_nested+0xc0/0x870 [ 28.512984] seq_read+0xdd/0x12d0 [ 28.516930] proc_reg_read+0xfd/0x180 [ 28.521223] do_loop_readv_writev.part.1+0xd5/0x280 [ 28.526731] do_readv_writev+0x56e/0x7b0 [ 28.531284] vfs_readv+0x84/0xc0 [ 28.535141] default_file_splice_read+0x44b/0x7e0 [ 28.540474] do_splice_to+0x10c/0x170 [ 28.544767] SyS_splice+0x10d2/0x14d0 [ 28.549061] do_fast_syscall_32+0x2f1/0x860 [ 28.553873] entry_SYSENTER_compat+0x90/0xa2 [ 28.558772] [ 28.558772] other info that might help us debug this: [ 28.558772] [ 28.566885] Chain exists of: &p->lock --> &sig->cred_guard_mutex --> &pipe->mutex/1 [ 28.575919] Possible unsafe locking scenario: [ 28.575919] [ 28.581953] CPU0 CPU1 [ 28.586594] ---- ---- [ 28.591232] lock(&pipe->mutex/1); [ 28.595185] lock(&sig->cred_guard_mutex); [ 28.602233] lock(&pipe->mutex/1); [ 28.608708] lock(&p->lock); [ 28.612018] [ 28.612018] *** DEADLOCK *** [ 28.612018] [ 28.618049] 1 lock held by syz-executor196/2055: [ 28.622819] #0: (&pipe->mutex/1){+.+.+.}, at: [] pipe_lock+0x5e/0x70 [ 28.631634] [ 28.631634] stack backtrace: [ 28.636107] CPU: 0 PID: 2055 Comm: syz-executor196 Not tainted 4.9.128+ #45 [ 28.643179] ffff8801ce73f268 ffffffff81af2469 ffffffff83aa1330 ffffffff83aa7f30 [ 28.651174] ffffffff83aa2c80 ffff8801d1403850 ffff8801d1402f80 ffff8801ce73f2b0 [ 28.659152] ffffffff813e79ed 0000000000000001 00000000d1403830 0000000000000001 [ 28.667143] Call Trace: [ 28.669711] [] dump_stack+0xc1/0x128 [ 28.675048] [] print_circular_bug.cold.36+0x2f7/0x432 [ 28.681866] [] __lock_acquire+0x3189/0x4a10 [ 28.687816] [] ? unwind_next_frame+0x7d/0xd0 [ 28.693846] [] ? trace_hardirqs_on+0x10/0x10 [ 28.699941] [] lock_acquire+0x130/0x3e0 [ 28.705549] [] ? seq_read+0xdd/0x12d0 [ 28.710997] [] ? seq_read+0xdd/0x12d0 [ 28.716421] [] mutex_lock_nested+0xc0/0x870 [ 28.722365] [] ? seq_read+0xdd/0x12d0 [ 28.727787] [] ? mutex_trylock+0x3e0/0x3e0 [ 28.733651] [] ? mark_held_locks+0xc7/0x130 [ 28.739598] [] ? get_page_from_freelist+0xae0/0x18e0 [ 28.746323] [] seq_read+0xdd/0x12d0 [ 28.751573] [] ? fsnotify+0x114/0x1100 [ 28.757081] [] ? seq_lseek+0x3c0/0x3c0 [ 28.762592] [] ? __fsnotify_inode_delete+0x30/0x30 [ 28.769144] [] proc_reg_read+0xfd/0x180 [ 28.774736] [] ? seq_lseek+0x3c0/0x3c0 [ 28.780253] [] do_loop_readv_writev.part.1+0xd5/0x280 [ 28.787065] [] do_readv_writev+0x56e/0x7b0 [ 28.792920] [] ? vfs_write+0x520/0x520 [ 28.798431] [] ? kasan_unpoison_shadow+0x35/0x50 [ 28.804810] [] ? push_pipe+0x3e2/0x770 [ 28.810320] [] ? iov_iter_get_pages_alloc+0x2be/0xee0 [ 28.817138] [] vfs_readv+0x84/0xc0 [ 28.822306] [] default_file_splice_read+0x44b/0x7e0 [ 28.828948] [] ? do_splice_direct+0x270/0x270 [ 28.835064] [] ? trace_hardirqs_on+0x10/0x10 [ 28.841100] [] ? trace_hardirqs_on+0x10/0x10 [ 28.847137] [] ? __fsnotify_inode_delete+0x30/0x30 [ 28.853690] [] ? __fsnotify_update_child_dentry_flags.part.0+0x300/0x300 [ 28.862152] [] ? avc_policy_seqno+0x9/0x20 [ 28.868011] [] ? selinux_file_permission+0x82/0x470 [ 28.874662] [] ? security_file_permission+0x8f/0x1e0 [ 28.881388] [] ? rw_verify_area+0xe5/0x2a0 [ 28.887247] [] ? do_splice_direct+0x270/0x270 [ 28.893362] [] do_splice_to+0x10c/0x170 [ 28.898959] [] SyS_splice+0x10d2/0x14d0 [ 28.904558] [] ? compat_SyS_futex+0x1e1/0x2f0 [ 28.910675] [] ? compat_SyS_vmsplice+0x160/0x160 [ 28.917055] [] ? do_fast_syscall_32+0xcf/0x860 [ 28.923266] [] ? compat_SyS_vmsplice+0x160/0x160 [ 28.929645] [] do_fast_syscall_3