Warning: Permanently added '10.128.10.49' (ECDSA) to the list of known hosts. executing program [ 41.008770] [ 41.010414] ====================================================== [ 41.016820] [ INFO: possible circular locking dependency detected ] [ 41.023207] 4.9.141+ #1 Not tainted [ 41.026805] ------------------------------------------------------- [ 41.033182] syz-executor246/2065 is trying to acquire lock: [ 41.038867] (&p->lock){+.+.+.}, at: [] seq_read+0xdd/0x12d0 [ 41.046640] but task is already holding lock: [ 41.051283] (&pipe->mutex/1){+.+.+.}, at: [] pipe_lock+0x5e/0x70 [ 41.059549] which lock already depends on the new lock. [ 41.059549] [ 41.066539] [ 41.066539] the existing dependency chain (in reverse order) is: [ 41.074137] -> #2 (&pipe->mutex/1){+.+.+.}: [ 41.079243] lock_acquire+0x130/0x3e0 [ 41.083552] mutex_lock_nested+0xc0/0x900 [ 41.088208] fifo_open+0x15c/0x9e0 [ 41.092245] do_dentry_open+0x3ef/0xc90 [ 41.096727] vfs_open+0x11c/0x210 [ 41.100681] path_openat+0x542/0x2790 [ 41.105089] do_filp_open+0x197/0x270 [ 41.109389] do_open_execat+0x10f/0x640 [ 41.113862] do_execveat_common.isra.14+0x687/0x1ed0 [ 41.119469] SyS_execve+0x42/0x50 [ 41.123424] do_syscall_64+0x19f/0x550 [ 41.127809] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 41.133407] -> #1 (&sig->cred_guard_mutex){+.+.+.}: [ 41.139118] lock_acquire+0x130/0x3e0 [ 41.143416] mutex_lock_killable_nested+0xcc/0x9f0 [ 41.148937] lock_trace+0x44/0xc0 [ 41.152983] proc_pid_syscall+0xa9/0x260 [ 41.157555] proc_single_show+0xfd/0x170 [ 41.162134] seq_read+0x4b6/0x12d0 [ 41.166174] do_loop_readv_writev.part.1+0xd5/0x280 [ 41.171686] do_readv_writev+0x56e/0x7b0 [ 41.176246] vfs_readv+0x84/0xc0 [ 41.180114] default_file_splice_read+0x451/0x7f0 [ 41.185455] do_splice_to+0x10c/0x170 [ 41.189751] splice_direct_to_actor+0x23f/0x7e0 [ 41.194920] do_splice_direct+0x1a3/0x270 [ 41.199564] do_sendfile+0x4f0/0xc30 [ 41.203778] SyS_sendfile64+0x144/0x160 [ 41.208252] do_syscall_64+0x19f/0x550 [ 41.212640] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 41.218254] -> #0 (&p->lock){+.+.+.}: [ 41.222730] __lock_acquire+0x3189/0x4a10 [ 41.227385] lock_acquire+0x130/0x3e0 [ 41.231685] mutex_lock_nested+0xc0/0x900 [ 41.236330] seq_read+0xdd/0x12d0 [ 41.240280] proc_reg_read+0xfd/0x180 [ 41.244588] do_loop_readv_writev.part.1+0xd5/0x280 [ 41.250103] do_readv_writev+0x56e/0x7b0 [ 41.254660] vfs_readv+0x84/0xc0 [ 41.258524] default_file_splice_read+0x451/0x7f0 [ 41.263864] do_splice_to+0x10c/0x170 [ 41.268172] SyS_splice+0x10d2/0x14d0 [ 41.272469] do_syscall_64+0x19f/0x550 [ 41.276851] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 41.282446] [ 41.282446] other info that might help us debug this: [ 41.282446] [ 41.290561] Chain exists of: &p->lock --> &sig->cred_guard_mutex --> &pipe->mutex/1 [ 41.299647] Possible unsafe locking scenario: [ 41.299647] [ 41.305679] CPU0 CPU1 [ 41.310319] ---- ---- [ 41.314960] lock(&pipe->mutex/1); [ 41.318981] lock(&sig->cred_guard_mutex); [ 41.326051] lock(&pipe->mutex/1); [ 41.332534] lock(&p->lock); [ 41.335854] [ 41.335854] *** DEADLOCK *** [ 41.335854] [ 41.341890] 1 lock held by syz-executor246/2065: [ 41.346618] #0: (&pipe->mutex/1){+.+.+.}, at: [] pipe_lock+0x5e/0x70 [ 41.355443] [ 41.355443] stack backtrace: [ 41.359919] CPU: 1 PID: 2065 Comm: syz-executor246 Not tainted 4.9.141+ #1 [ 41.366908] ffff8801ce997278 ffffffff81b42e79 ffffffff83ca2c70 ffffffff83ca9f30 [ 41.374908] ffffffff83ca4920 ffff8801d27c5010 ffff8801d27c4740 ffff8801ce9972c0 [ 41.382937] ffffffff813fee40 0000000000000001 00000000d27c4ff0 0000000000000001 [ 41.390935] Call Trace: [ 41.393591] [] dump_stack+0xc1/0x128 [ 41.398931] [] print_circular_bug.cold.36+0x2f7/0x432 [ 41.405745] [] __lock_acquire+0x3189/0x4a10 [ 41.411692] [] ? trace_hardirqs_on+0x10/0x10 [ 41.417725] [] lock_acquire+0x130/0x3e0 [ 41.423322] [] ? seq_read+0xdd/0x12d0 [ 41.428749] [] ? seq_read+0xdd/0x12d0 [ 41.434174] [] mutex_lock_nested+0xc0/0x900 [ 41.440125] [] ? seq_read+0xdd/0x12d0 [ 41.445553] [] ? mutex_trylock+0x3e0/0x3e0 [ 41.451414] [] ? mark_held_locks+0xc7/0x130 [ 41.457622] [] ? get_page_from_freelist+0xda3/0x1d80 [ 41.464350] [] ? kasan_unpoison_shadow+0x35/0x50 [ 41.470730] [] seq_read+0xdd/0x12d0 [ 41.475990] [] ? fsnotify+0x114/0x1100 [ 41.481502] [] ? seq_lseek+0x3c0/0x3c0 [ 41.487019] [] ? __fsnotify_inode_delete+0x30/0x30 [ 41.493572] [] proc_reg_read+0xfd/0x180 [ 41.499174] [] ? seq_lseek+0x3c0/0x3c0 [ 41.504688] [] do_loop_readv_writev.part.1+0xd5/0x280 [ 41.511504] [] do_readv_writev+0x56e/0x7b0 [ 41.517363] [] ? vfs_write+0x520/0x520 [ 41.522879] [] ? kasan_unpoison_shadow+0x35/0x50 [ 41.529260] [] ? push_pipe+0x3e2/0x770 [ 41.534776] [] ? iov_iter_get_pages_alloc+0x2be/0xee0 [ 41.541603] [] vfs_readv+0x84/0xc0 [ 41.546918] [] default_file_splice_read+0x451/0x7f0 [ 41.553578] [] ? do_splice_direct+0x270/0x270 [ 41.559814] [] ? trace_hardirqs_on+0x10/0x10 [ 41.565847] [] ? kasan_slab_free+0xac/0x190 [ 41.571885] [] ? kmem_cache_free+0xbe/0x310 [ 41.577832] [] ? trace_hardirqs_on+0x10/0x10 [ 41.583865] [] ? __fsnotify_inode_delete+0x30/0x30 [ 41.590438] [] ? __fsnotify_update_child_dentry_flags.part.0+0x300/0x300 [ 41.605770] [] ? avc_policy_seqno+0x9/0x20 [ 41.611631] [] ? selinux_file_permission+0x82/0x470 [ 41.618272] [] ? security_file_permission+0x8f/0x1e0 [ 41.625011] [] ? rw_verify_area+0xe5/0x2a0 [ 41.630871] [] ? do_splice_direct+0x270/0x270 [ 41.637009] [] do_splice_to+0x10c/0x170 [ 41.642623] [] SyS_splice+0x10d2/0x14d0 [ 41.648231] [] ? SyS_futex+0x26c/0x370 [ 41.653748] [] ? compat_SyS_vmsplice+0x160/0x160 [ 41.660130] [] ? do_syscall_64+0x48/0x550 [ 41.665906] [] ? compat_SyS_vmsplice+0x160/0x160 [ 41.672289] [] do_syscall_64+0x19f/0x550 [ 41.677987] [] entry_SYSCALL_64_after_swapgs+0x5d/0xdb