[   34.983464][   T26] audit: type=1800 audit(1552756323.021:26): pid=7532 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   35.004142][   T26] audit: type=1800 audit(1552756323.021:27): pid=7532 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[   35.028929][   T26] audit: type=1800 audit(1552756323.021:28): pid=7532 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   35.846369][   T26] audit: type=1800 audit(1552756323.921:29): pid=7532 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.10.54' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   63.216167][ T7686] 
[   63.218647][ T7686] ======================================================
[   63.225669][ T7686] WARNING: possible circular locking dependency detected
[   63.232803][ T7686] 5.0.0+ #25 Not tainted
[   63.237021][ T7686] ------------------------------------------------------
[   63.244022][ T7686] syz-executor454/7686 is trying to acquire lock:
[   63.250707][ T7686] 00000000fe9c1462 (&pipe->mutex/1){+.+.}, at: fifo_open+0x159/0xb00
[   63.258774][ T7686] 
[   63.258774][ T7686] but task is already holding lock:
[   63.266328][ T7686] 00000000eef43d58 (&sig->cred_guard_mutex){+.+.}, at: __do_execve_file.isra.0+0x376/0x23f0
[   63.276434][ T7686] 
[   63.276434][ T7686] which lock already depends on the new lock.
[   63.276434][ T7686] 
[   63.287467][ T7686] 
[   63.287467][ T7686] the existing dependency chain (in reverse order) is:
[   63.296613][ T7686] 
[   63.296613][ T7686] -> #1 (&sig->cred_guard_mutex){+.+.}:
[   63.304763][ T7686]        lock_acquire+0x16f/0x3f0
[   63.309781][ T7686]        __mutex_lock+0xf7/0x1310
[   63.314814][ T7686]        mutex_lock_interruptible_nested+0x16/0x20
[   63.321304][ T7686]        proc_pid_attr_write+0x200/0x580
[   63.326917][ T7686]        __vfs_write+0x8d/0x110
[   63.331902][ T7686]        __kernel_write+0x110/0x3b0
[   63.337098][ T7686]        write_pipe_buf+0x15d/0x1f0
[   63.342791][ T7686]        __splice_from_pipe+0x395/0x7d0
[   63.348314][ T7686]        splice_from_pipe+0x108/0x170
[   63.353664][ T7686]        default_file_splice_write+0x3c/0x90
[   63.359626][ T7686]        do_splice+0x70a/0x13c0
[   63.364448][ T7686]        __x64_sys_splice+0x2c6/0x330
[   63.369905][ T7686]        do_syscall_64+0x103/0x610
[   63.375019][ T7686]        entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   63.381414][ T7686] 
[   63.381414][ T7686] -> #0 (&pipe->mutex/1){+.+.}:
[   63.388644][ T7686]        __lock_acquire+0x239c/0x3fb0
[   63.394111][ T7686]        lock_acquire+0x16f/0x3f0
[   63.399115][ T7686]        __mutex_lock+0xf7/0x1310
[   63.404115][ T7686]        mutex_lock_nested+0x16/0x20
[   63.409450][ T7686]        fifo_open+0x159/0xb00
[   63.414299][ T7686]        do_dentry_open+0x488/0x1160
[   63.419587][ T7686]        vfs_open+0xa0/0xd0
[   63.424346][ T7686]        path_openat+0x10e9/0x46e0
[   63.429436][ T7686]        do_filp_open+0x1a1/0x280
[   63.434448][ T7686]        do_open_execat+0x137/0x690
[   63.439624][ T7686]        __do_execve_file.isra.0+0x178d/0x23f0
[   63.445756][ T7686]        __x64_sys_execve+0x8f/0xc0
[   63.451127][ T7686]        do_syscall_64+0x103/0x610
[   63.456228][ T7686]        entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   63.462831][ T7686] 
[   63.462831][ T7686] other info that might help us debug this:
[   63.462831][ T7686] 
[   63.473570][ T7686]  Possible unsafe locking scenario:
[   63.473570][ T7686] 
[   63.481078][ T7686]        CPU0                    CPU1
[   63.486529][ T7686]        ----                    ----
[   63.491887][ T7686]   lock(&sig->cred_guard_mutex);
[   63.496892][ T7686]                                lock(&pipe->mutex/1);
[   63.503833][ T7686]                                lock(&sig->cred_guard_mutex);
[   63.511407][ T7686]   lock(&pipe->mutex/1);
[   63.515727][ T7686] 
[   63.515727][ T7686]  *** DEADLOCK ***
[   63.515727][ T7686] 
[   63.524012][ T7686] 1 lock held by syz-executor454/7686:
[   63.529463][ T7686]  #0: 00000000eef43d58 (&sig->cred_guard_mutex){+.+.}, at: __do_execve_file.isra.0+0x376/0x23f0
[   63.539961][ T7686] 
[   63.539961][ T7686] stack backtrace:
[   63.546033][ T7686] CPU: 0 PID: 7686 Comm: syz-executor454 Not tainted 5.0.0+ #25
[   63.554102][ T7686] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   63.564154][ T7686] Call Trace:
[   63.567444][ T7686]  dump_stack+0x172/0x1f0
[   63.571782][ T7686]  print_circular_bug.isra.0.cold+0x1cc/0x28f
[   63.577862][ T7686]  check_prev_add.constprop.0+0xf11/0x23c0
[   63.583683][ T7686]  ? depot_save_stack+0x1de/0x460
[   63.589062][ T7686]  ? check_usage+0x570/0x570
[   63.593792][ T7686]  ? mark_held_locks+0xa4/0xf0
[   63.599406][ T7686]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[   63.605223][ T7686]  ? graph_lock+0x7b/0x200
[   63.609640][ T7686]  ? __lockdep_reset_lock+0x450/0x450
[   63.615020][ T7686]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   63.621272][ T7686]  __lock_acquire+0x239c/0x3fb0
[   63.626124][ T7686]  ? save_stack+0xa9/0xd0
[   63.630728][ T7686]  ? mark_held_locks+0xf0/0xf0
[   63.635515][ T7686]  lock_acquire+0x16f/0x3f0
[   63.640010][ T7686]  ? fifo_open+0x159/0xb00
[   63.644517][ T7686]  ? fifo_open+0x159/0xb00
[   63.649257][ T7686]  __mutex_lock+0xf7/0x1310
[   63.654109][ T7686]  ? fifo_open+0x159/0xb00
[   63.658523][ T7686]  ? fifo_open+0x159/0xb00
[   63.662942][ T7686]  ? fifo_open+0x2b5/0xb00
[   63.667778][ T7686]  ? mutex_trylock+0x1e0/0x1e0
[   63.672652][ T7686]  ? fifo_open+0x2b5/0xb00
[   63.677087][ T7686]  ? kasan_check_write+0x14/0x20
[   63.682012][ T7686]  ? lock_downgrade+0x880/0x880
[   63.687128][ T7686]  mutex_lock_nested+0x16/0x20
[   63.692143][ T7686]  ? mutex_lock_nested+0x16/0x20
[   63.697475][ T7686]  fifo_open+0x159/0xb00
[   63.701828][ T7686]  do_dentry_open+0x488/0x1160
[   63.706691][ T7686]  ? pipe_release+0x280/0x280
[   63.711372][ T7686]  ? chown_common+0x5c0/0x5c0
[   63.716145][ T7686]  ? inode_permission+0xb4/0x570
[   63.721088][ T7686]  vfs_open+0xa0/0xd0
[   63.725166][ T7686]  path_openat+0x10e9/0x46e0
[   63.729790][ T7686]  ? path_lookupat.isra.0+0x8d0/0x8d0
[   63.735164][ T7686]  ? __kmalloc+0x15c/0x740
[   63.739564][ T7686]  ? prepare_creds+0x2f5/0x3f0
[   63.744430][ T7686]  ? prepare_exec_creds+0x12/0xf0
[   63.749497][ T7686]  ? __do_execve_file.isra.0+0x393/0x23f0
[   63.755327][ T7686]  ? do_syscall_64+0x103/0x610
[   63.760081][ T7686]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   63.766271][ T7686]  ? __lock_acquire+0x548/0x3fb0
[   63.771193][ T7686]  ? prepare_exec_creds+0x12/0xf0
[   63.776210][ T7686]  ? __do_execve_file.isra.0+0x393/0x23f0
[   63.782109][ T7686]  ? __x64_sys_execve+0x8f/0xc0
[   63.786958][ T7686]  do_filp_open+0x1a1/0x280
[   63.791462][ T7686]  ? may_open_dev+0x100/0x100
[   63.796151][ T7686]  ? __lock_acquire+0x548/0x3fb0
[   63.801087][ T7686]  do_open_execat+0x137/0x690
[   63.805750][ T7686]  ? unregister_binfmt+0x170/0x170
[   63.810906][ T7686]  ? lock_downgrade+0x880/0x880
[   63.815885][ T7686]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   63.822122][ T7686]  ? kasan_check_read+0x11/0x20
[   63.826977][ T7686]  ? do_raw_spin_unlock+0x57/0x270
[   63.832080][ T7686]  __do_execve_file.isra.0+0x178d/0x23f0
[   63.837921][ T7686]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[   63.843652][ T7686]  ? __check_object_size+0x3d/0x42f
[   63.848841][ T7686]  ? copy_strings_kernel+0x110/0x110
[   63.854116][ T7686]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   63.860374][ T7686]  ? getname_flags+0x277/0x5b0
[   63.865132][ T7686]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   63.871454][ T7686]  __x64_sys_execve+0x8f/0xc0
[   63.876229][ T7686]  do_syscall_64+0x103/0x610
[   63.880839][ T7686]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   63.887151][ T7686] RIP: 0033:0x440289
[   63.891265][ T7686] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   63.910909][ T7686] RSP: 002b:00007ffd8ff1af68 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[   63.919629][ T7686] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440289
[   63.927592][ T7686] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000180
[   63.935872][ T7686] RBP: 00000000006ca018 R08: 0000000000000000 R09: 0000000000000000
[   63.943834][ T7686] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401b10
[   63.951781][ T7686] R13: 0000000000401ba0 R14: 0000000000000000 R15: 0000000000000000