[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [ 10.671095] random: crng init done [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.53' (ECDSA) to the list of known hosts. 2018/09/22 18:23:29 parsed 1 programs 2018/09/22 18:23:31 executed programs: 0 syzkaller login: [ 84.015825] audit: type=1400 audit(1537640615.891:5): avc: denied { associate } for pid=2100 comm="syz-executor1" name="syz1" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1 2018/09/22 18:23:36 executed programs: 30 2018/09/22 18:23:41 executed programs: 480 2018/09/22 18:23:46 executed programs: 915 2018/09/22 18:23:51 executed programs: 1386 2018/09/22 18:23:56 executed programs: 1824 2018/09/22 18:24:01 executed programs: 2281 INIT: Id "6" respawning too fast: disabled for 5 minutes INIT: Id "2" respawning too fast: disabled for 5 minutes INIT: Id "3" respawning too fast: disabled for 5 minutes INIT: Id "4" respawning too fast: disabled for 5 minutes INIT: Id "5" respawning too fast: disabled for 5 minutes INIT: Id "1" respawning too fast: disabled for 5 minutes 2018/09/22 18:24:06 executed programs: 2740 2018/09/22 18:24:11 executed programs: 3210 2018/09/22 18:24:16 executed programs: 3656 2018/09/22 18:24:21 executed programs: 4107 [ 133.102135] [ 133.103799] ====================================================== [ 133.110097] [ INFO: possible circular locking dependency detected ] [ 133.116483] 4.9.128+ #93 Not tainted [ 133.120178] ------------------------------------------------------- [ 133.126556] syz-executor5/17914 is trying to acquire lock: [ 133.132155] (&sig->cred_guard_mutex){+.+.+.}, at: [] do_io_accounting+0x1fb/0x7e0 [ 133.141790] but task is already holding lock: [ 133.146438] (&p->lock){+.+.+.}, at: [] seq_read+0xdd/0x12d0 [ 133.154144] which lock already depends on the new lock. [ 133.154144] [ 133.161148] [ 133.161148] the existing dependency chain (in reverse order) is: [ 133.168755] -> #2 (&p->lock){+.+.+.}: [ 133.173260] lock_acquire+0x130/0x3e0 [ 133.177575] mutex_lock_nested+0xc0/0x870 [ 133.182222] seq_read+0xdd/0x12d0 [ 133.186172] proc_reg_read+0xfd/0x180 [ 133.190484] do_loop_readv_writev.part.1+0xd5/0x280 [ 133.196010] do_readv_writev+0x56e/0x7b0 [ 133.200582] vfs_readv+0x84/0xc0 [ 133.204459] default_file_splice_read+0x44b/0x7e0 [ 133.209825] do_splice_to+0x10c/0x170 [ 133.214132] SyS_splice+0x10d2/0x14d0 [ 133.218552] do_syscall_64+0x19f/0x480 [ 133.222952] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 133.228556] -> #1 (&pipe->mutex/1){+.+.+.}: [ 133.233643] lock_acquire+0x130/0x3e0 [ 133.237939] mutex_lock_nested+0xc0/0x870 [ 133.242582] fifo_open+0x15c/0x9e0 [ 133.246625] do_dentry_open+0x3ef/0xc90 [ 133.251109] vfs_open+0x11c/0x210 [ 133.255077] path_openat+0x542/0x2790 [ 133.259386] do_filp_open+0x197/0x270 [ 133.263692] do_open_execat+0x10f/0x640 [ 133.268170] do_execveat_common.isra.15+0x687/0x1f80 [ 133.273778] SyS_execve+0x42/0x50 [ 133.277738] do_syscall_64+0x19f/0x480 [ 133.282126] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 133.287719] -> #0 (&sig->cred_guard_mutex){+.+.+.}: [ 133.293367] __lock_acquire+0x3189/0x4a10 [ 133.298010] lock_acquire+0x130/0x3e0 [ 133.302314] mutex_lock_killable_nested+0xcc/0x960 [ 133.307750] do_io_accounting+0x1fb/0x7e0 [ 133.312400] proc_tgid_io_accounting+0x22/0x30 [ 133.317490] proc_single_show+0xfd/0x170 [ 133.322059] seq_read+0x4b6/0x12d0 [ 133.326093] __vfs_read+0x115/0x560 [ 133.330214] vfs_read+0x124/0x390 [ 133.334203] SyS_pread64+0x145/0x170 [ 133.338411] do_syscall_64+0x19f/0x480 [ 133.342795] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 133.348387] [ 133.348387] other info that might help us debug this: [ 133.348387] [ 133.356500] Chain exists of: &sig->cred_guard_mutex --> &pipe->mutex/1 --> &p->lock [ 133.365649] Possible unsafe locking scenario: [ 133.365649] [ 133.371677] CPU0 CPU1 [ 133.376315] ---- ---- [ 133.381095] lock(&p->lock); [ 133.384490] lock(&pipe->mutex/1); [ 133.390975] lock(&p->lock); [ 133.396816] lock(&sig->cred_guard_mutex); [ 133.401347] [ 133.401347] *** DEADLOCK *** [ 133.401347] [ 133.407379] 1 lock held by syz-executor5/17914: [ 133.412033] #0: (&p->lock){+.+.+.}, at: [] seq_read+0xdd/0x12d0 [ 133.420287] [ 133.420287] stack backtrace: [ 133.424760] CPU: 0 PID: 17914 Comm: syz-executor5 Not tainted 4.9.128+ #93 [ 133.431745] ffff8801ceba7648 ffffffff81af2469 ffffffff83aa85f0 ffffffff83aa3340 [ 133.439745] ffffffff83aa1330 ffff8801d41a3850 ffff8801d41a2f80 ffff8801ceba7690 [ 133.447731] ffffffff813e79ed 0000000000000001 00000000d41a3830 0000000000000001 [ 133.455718] Call Trace: [ 133.458285] [] dump_stack+0xc1/0x128 [ 133.463649] [] print_circular_bug.cold.36+0x2f7/0x432 [ 133.470468] [] __lock_acquire+0x3189/0x4a10 [ 133.476428] [] ? check_preemption_disabled+0x3b/0x170 [ 133.483239] [] ? trace_hardirqs_on+0x10/0x10 [ 133.489274] [] ? _raw_spin_unlock_irqrestore+0x5a/0x70 [ 133.496183] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 133.503005] [] lock_acquire+0x130/0x3e0 [ 133.508605] [] ? do_io_accounting+0x1fb/0x7e0 [ 133.514729] [] mutex_lock_killable_nested+0xcc/0x960 [ 133.521456] [] ? do_io_accounting+0x1fb/0x7e0 [ 133.527583] [] ? do_io_accounting+0x1fb/0x7e0 [ 133.533703] [] ? _mutex_lock_nest_lock+0x870/0x870 [ 133.540255] [] ? trace_hardirqs_on+0x10/0x10 [ 133.546292] [] do_io_accounting+0x1fb/0x7e0 [ 133.552239] [] ? proc_uid_map_open+0x30/0x30 [ 133.558271] [] ? check_preemption_disabled+0x3b/0x170 [ 133.565086] [] ? get_pid_task+0x9b/0x140 [ 133.570776] [] proc_tgid_io_accounting+0x22/0x30 [ 133.577162] [] proc_single_show+0xfd/0x170 [ 133.583021] [] seq_read+0x4b6/0x12d0 [ 133.588357] [] ? seq_lseek+0x3c0/0x3c0 [ 133.593871] [] ? trace_hardirqs_on+0x10/0x10 [ 133.599903] [] ? fsnotify+0x114/0x1100 [ 133.605419] [] ? _raw_spin_unlock_irqrestore+0x45/0x70 [ 133.612327] [] __vfs_read+0x115/0x560 [ 133.617753] [] ? seq_lseek+0x3c0/0x3c0 [ 133.623262] [] ? clone_verify_area+0x220/0x220 [ 133.629481] [] ? __fsnotify_inode_delete+0x30/0x30 [ 133.636038] [] ? __fsnotify_update_child_dentry_flags.part.0+0x300/0x300 [ 133.644503] [] ? avc_policy_seqno+0x9/0x20 [ 133.650393] [] ? selinux_file_permission+0x82/0x470 [ 133.657034] [] ? security_file_permission+0x8f/0x1e0 [ 133.663759] [] ? rw_verify_area+0xe5/0x2a0 [ 133.669617] [] vfs_read+0x124/0x390 [ 133.674868] [] SyS_pread64+0x145/0x170 [ 133.680376] [] ? SyS_write+0x1c0/0x1c0 [ 133.685885] [] ? do_syscall_64+0x48/0x480 [ 133.691654] [] ? SyS_write+0x1c0/0x1c0 [ 133.697163] [] do_syscall_64+0x19f/0x480 [ 133.702871] [] entry_SYSCALL_64_after_swapgs+0x5d/0xdb 2018/09/22 18:24:26 executed programs: 4516 2018/09/22 18:24:31 executed programs: 5065