[[0;32m  OK  [0m] Started Getty on tty5.
[[0;32m  OK  [0m] Started Getty on tty4.
[[0;32m  OK  [0m] Started Getty on tty3.
[[0;32m  OK  [0m] Reached target Login Prompts.
[[0;32m  OK  [0m] Reached target Multi-User System.
[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.
         Starting Load/Save RF Kill Switch Status...
[[0;32m  OK  [0m] Started Load/Save RF Kill Switch Status.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.0.49' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   29.462592] 
[   29.464280] ======================================================
[   29.470569] WARNING: possible circular locking dependency detected
[   29.476859] 4.14.232-syzkaller #0 Not tainted
[   29.481323] ------------------------------------------------------
[   29.487612] syz-executor674/7965 is trying to acquire lock:
[   29.493292]  (&sig->cred_guard_mutex){+.+.}, at: [<ffffffff81a0709f>] proc_pid_stack+0x13f/0x2f0
[   29.502193] 
[   29.502193] but task is already holding lock:
[   29.508133]  (&p->lock){+.+.}, at: [<ffffffff818e979a>] seq_read+0xba/0x1120
[   29.515296] 
[   29.515296] which lock already depends on the new lock.
[   29.515296] 
[   29.523584] 
[   29.523584] the existing dependency chain (in reverse order) is:
[   29.531213] 
[   29.531213] -> #3 (&p->lock){+.+.}:
[   29.536298]        __mutex_lock+0xc4/0x1310
[   29.540593]        seq_read+0xba/0x1120
[   29.544539]        proc_reg_read+0xee/0x1a0
[   29.548833]        do_iter_read+0x3eb/0x5b0
[   29.553128]        vfs_readv+0xc8/0x120
[   29.557090]        default_file_splice_read+0x418/0x910
[   29.562424]        do_splice_to+0xfb/0x140
[   29.566631]        splice_direct_to_actor+0x207/0x730
[   29.571791]        do_splice_direct+0x164/0x210
[   29.576431]        do_sendfile+0x47f/0xb30
[   29.580638]        SyS_sendfile64+0xff/0x110
[   29.585017]        do_syscall_64+0x1d5/0x640
[   29.589396]        entry_SYSCALL_64_after_hwframe+0x46/0xbb
[   29.595077] 
[   29.595077] -> #2 (sb_writers#3){.+.+}:
[   29.600506]        __sb_start_write+0x64/0x260
[   29.605059]        mnt_want_write+0x3a/0xb0
[   29.609353]        ovl_create_object+0x75/0x1d0
[   29.614006]        lookup_open+0x77a/0x1750
[   29.618296]        path_openat+0xe08/0x2970
[   29.622593]        do_filp_open+0x179/0x3c0
[   29.626886]        do_sys_open+0x296/0x410
[   29.631093]        do_syscall_64+0x1d5/0x640
[   29.635474]        entry_SYSCALL_64_after_hwframe+0x46/0xbb
[   29.641177] 
[   29.641177] -> #1 (&ovl_i_mutex_dir_key[depth]){++++}:
[   29.647910]        down_read+0x36/0x80
[   29.651784]        path_openat+0x149b/0x2970
[   29.656180]        do_filp_open+0x179/0x3c0
[   29.660471]        do_open_execat+0xd3/0x450
[   29.664851]        do_execveat_common+0x711/0x1f30
[   29.669750]        SyS_execve+0x3b/0x50
[   29.673707]        do_syscall_64+0x1d5/0x640
[   29.678101]        entry_SYSCALL_64_after_hwframe+0x46/0xbb
[   29.683785] 
[   29.683785] -> #0 (&sig->cred_guard_mutex){+.+.}:
[   29.690087]        lock_acquire+0x170/0x3f0
[   29.694416]        __mutex_lock+0xc4/0x1310
[   29.698712]        proc_pid_stack+0x13f/0x2f0
[   29.703180]        proc_single_show+0xe7/0x150
[   29.707754]        seq_read+0x4cf/0x1120
[   29.711785]        do_iter_read+0x3eb/0x5b0
[   29.716075]        vfs_readv+0xc8/0x120
[   29.720018]        SyS_preadv+0x15a/0x200
[   29.724136]        do_syscall_64+0x1d5/0x640
[   29.728533]        entry_SYSCALL_64_after_hwframe+0x46/0xbb
[   29.734212] 
[   29.734212] other info that might help us debug this:
[   29.734212] 
[   29.742321] Chain exists of:
[   29.742321]   &sig->cred_guard_mutex --> sb_writers#3 --> &p->lock
[   29.742321] 
[   29.752966]  Possible unsafe locking scenario:
[   29.752966] 
[   29.759061]        CPU0                    CPU1
[   29.763741]        ----                    ----
[   29.768403]   lock(&p->lock);
[   29.771483]                                lock(sb_writers#3);
[   29.777550]                                lock(&p->lock);
[   29.783145]   lock(&sig->cred_guard_mutex);
[   29.787437] 
[   29.787437]  *** DEADLOCK ***
[   29.787437] 
[   29.793468] 1 lock held by syz-executor674/7965:
[   29.798209]  #0:  (&p->lock){+.+.}, at: [<ffffffff818e979a>] seq_read+0xba/0x1120
[   29.805811] 
[   29.805811] stack backtrace:
[   29.810291] CPU: 0 PID: 7965 Comm: syz-executor674 Not tainted 4.14.232-syzkaller #0
[   29.818146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   29.827474] Call Trace:
[   29.830042]  dump_stack+0x1b2/0x281
[   29.833657]  print_circular_bug.constprop.0.cold+0x2d7/0x41e
[   29.839433]  __lock_acquire+0x2e0e/0x3f20
[   29.843570]  ? _raw_spin_unlock_irqrestore+0x66/0xe0
[   29.848654]  ? depot_save_stack+0x1d3/0x3f0
[   29.852993]  ? trace_hardirqs_on+0x10/0x10
[   29.857212]  ? kasan_kmalloc+0xeb/0x160
[   29.861162]  ? kmem_cache_alloc_trace+0x131/0x3d0
[   29.865979]  ? proc_pid_stack+0xd6/0x2f0
[   29.870014]  ? proc_single_show+0xe7/0x150
[   29.874222]  ? do_syscall_64+0x1d5/0x640
[   29.878256]  ? depot_save_stack+0x1d3/0x3f0
[   29.882552]  lock_acquire+0x170/0x3f0
[   29.886338]  ? proc_pid_stack+0x13f/0x2f0
[   29.890458]  ? proc_pid_stack+0x13f/0x2f0
[   29.894612]  __mutex_lock+0xc4/0x1310
[   29.898398]  ? proc_pid_stack+0x13f/0x2f0
[   29.902578]  ? proc_pid_stack+0x13f/0x2f0
[   29.906744]  ? __ww_mutex_wakeup_for_backoff+0x210/0x210
[   29.912276]  ? proc_pid_stack+0xd6/0x2f0
[   29.916316]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[   29.921743]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[   29.926737]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[   29.931555]  proc_pid_stack+0x13f/0x2f0
[   29.935506]  ? proc_map_files_get_link+0x110/0x110
[   29.940409]  ? lock_downgrade+0x740/0x740
[   29.944532]  proc_single_show+0xe7/0x150
[   29.948568]  seq_read+0x4cf/0x1120
[   29.952103]  ? seq_lseek+0x3d0/0x3d0
[   29.955791]  ? security_file_permission+0x82/0x1e0
[   29.960690]  ? rw_verify_area+0xe1/0x2a0
[   29.964741]  do_iter_read+0x3eb/0x5b0
[   29.968563]  vfs_readv+0xc8/0x120
[   29.971988]  ? compat_rw_copy_check_uvector+0x320/0x320
[   29.977325]  ? putname+0xcd/0x110
[   29.980766]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[   29.986202]  ? putname+0xcd/0x110
[   29.989625]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[   29.994613]  ? kmem_cache_free+0x23a/0x2b0
[   29.998818]  ? putname+0xcd/0x110
[   30.002239]  SyS_preadv+0x15a/0x200
[   30.005846]  ? SyS_writev+0x30/0x30
[   30.009546]  ? SyS_sendfile+0x130/0x130
[   30.013535]  ? do_syscall_64+0x4c/0x640
[   30.017484]  ? SyS_writev+0x30/0x30
[   30.021084]  do_syscall_64+0x1d5/0x640
[   30.024948]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[   30.030117] RIP: 0033:0x43f2d9
[   30.033280] RSP: 002b:00007ffe39a93218 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[   30.040979] RAX: ffffffffffffffda RBX: 0000000000400488 RCX: 000000000043f2d9
[   30.048226] RDX: 0000000000000375 RSI: 00000000200017c0 RDI: 0000000000000005
[   30.055516] RBP: 00007ffe39a93220 R08: 0000000000000000 R09: 65732f636f72702f
[   30.062799] R10: 000000000