Warning: Permanently added '10.128.0.129' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 41.587822] [ 41.589489] ====================================================== [ 41.595869] [ INFO: possible circular locking dependency detected ] [ 41.602250] 4.4.166+ #1 Not tainted [ 41.605853] ------------------------------------------------------- [ 41.612228] syz-executor779/2077 is trying to acquire lock: [ 41.617909] (&pipe->mutex/1){+.+.+.}, at: [] fifo_open+0x15c/0x9e0 [ 41.626481] [ 41.626481] but task is already holding lock: [ 41.632425] (&sig->cred_guard_mutex){+.+.+.}, at: [] prepare_bprm_creds+0x53/0x110 [ 41.642259] [ 41.642259] which lock already depends on the new lock. [ 41.642259] [ 41.650550] [ 41.650550] the existing dependency chain (in reverse order) is: [ 41.658144] -> #1 (&sig->cred_guard_mutex){+.+.+.}: [ 41.663804] [] lock_acquire+0x15e/0x450 [ 41.670046] [] mutex_lock_interruptible_nested+0xd2/0xcc0 [ 41.677846] [] proc_pid_attr_write+0x19e/0x290 [ 41.684692] [] __vfs_write+0x11c/0x3e0 [ 41.690853] [] __kernel_write+0x10a/0x350 [ 41.697274] [] write_pipe_buf+0x15d/0x1f0 [ 41.703691] [] __splice_from_pipe+0x364/0x790 [ 41.710462] [] splice_from_pipe+0xf9/0x170 [ 41.716972] [] default_file_splice_write+0x3c/0x80 [ 41.724165] [] SyS_splice+0xde1/0x1430 [ 41.730321] [] do_fast_syscall_32+0x31e/0xa80 [ 41.737215] [] sysenter_flags_fixed+0xd/0x1a [ 41.743891] -> #0 (&pipe->mutex/1){+.+.+.}: [ 41.748970] [] __lock_acquire+0x3cd4/0x5530 [ 41.755552] [] lock_acquire+0x15e/0x450 [ 41.761884] [] mutex_lock_nested+0xc2/0xb60 [ 41.768471] [] fifo_open+0x15c/0x9e0 [ 41.774467] [] do_dentry_open+0x38d/0xbd0 [ 41.780881] [] vfs_open+0x12a/0x210 [ 41.786769] [] path_openat+0xc10/0x3f10 [ 41.793009] [] do_filp_open+0x197/0x270 [ 41.799259] [] do_open_execat+0x10f/0x6f0 [ 41.805677] [] do_execveat_common.isra.14+0x6a1/0x1f00 [ 41.813227] [] compat_SyS_execve+0x48/0x60 [ 41.819737] [] do_fast_syscall_32+0x31e/0xa80 [ 41.826502] [] sysenter_flags_fixed+0xd/0x1a [ 41.833203] [ 41.833203] other info that might help us debug this: [ 41.833203] [ 41.841320] Possible unsafe locking scenario: [ 41.841320] [ 41.847361] CPU0 CPU1 [ 41.852001] ---- ---- [ 41.856637] lock(&sig->cred_guard_mutex); [ 41.861168] lock(&pipe->mutex/1); [ 41.867668] lock(&sig->cred_guard_mutex); [ 41.874771] lock(&pipe->mutex/1); [ 41.878745] [ 41.878745] *** DEADLOCK *** [ 41.878745] [ 41.884782] 1 lock held by syz-executor779/2077: [ 41.889506] #0: (&sig->cred_guard_mutex){+.+.+.}, at: [] prepare_bprm_creds+0x53/0x110 [ 41.899888] [ 41.899888] stack backtrace: [ 41.904359] CPU: 0 PID: 2077 Comm: syz-executor779 Not tainted 4.4.166+ #1 [ 41.911349] 0000000000000000 64d2e73aaa937b1b ffff8801d3e5f460 ffffffff81aa62ad [ 41.919342] ffffffff83ab7100 ffffffff83ab7100 ffff8800ba2d2f80 ffffffff83ab0350 [ 41.927336] ffff8800ba2d3868 ffff8801d3e5f4b0 ffffffff813a9549 ffff8800ba2d2f80 [ 41.935354] Call Trace: [ 41.937915] [] dump_stack+0xc1/0x124 [ 41.943253] [] print_circular_bug.cold.31+0x2f6/0x435 [ 41.950072] [] __lock_acquire+0x3cd4/0x5530 [ 41.956020] [] ? trace_hardirqs_on+0x10/0x10 [ 41.962055] [] ? path_openat+0xc10/0x3f10 [ 41.967823] [] ? do_open_execat+0x10f/0x6f0 [ 41.973765] [] ? do_execveat_common.isra.14+0x6a1/0x1f00 [ 41.980839] [] lock_acquire+0x15e/0x450 [ 41.986434] [] ? fifo_open+0x15c/0x9e0 [ 41.991945] [] mutex_lock_nested+0xc2/0xb60 [ 41.997889] [] ? fifo_open+0x15c/0x9e0 [ 42.003409] [] ? check_preemption_disabled+0x3b/0x200 [ 42.010227] [] ? lockdep_init_map+0x110/0x1630 [ 42.016438] [] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 42.023170] [] ? mutex_trylock+0x4f0/0x4f0 [ 42.029042] [] ? fifo_open+0x24e/0x9e0 [ 42.034550] [] ? fifo_open+0x28d/0x9e0 [ 42.040082] [] fifo_open+0x15c/0x9e0 [ 42.045423] [] do_dentry_open+0x38d/0xbd0 [ 42.051210] [] ? __inode_permission2+0x9b/0x240 [ 42.057502] [] ? pipe_release+0x250/0x250 [ 42.063285] [] vfs_open+0x12a/0x210 [ 42.068543] [] ? may_open.isra.19+0x156/0x240 [ 42.074666] [] path_openat+0xc10/0x3f10 [ 42.080269] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 42.087089] [] ? may_open.isra.19+0x240/0x240 [ 42.093215] [] ? kasan_kmalloc.part.1+0xc9/0xf0 [ 42.099510] [] ? save_stack_trace+0x26/0x50 [ 42.105457] [] ? kasan_kmalloc.part.1+0x62/0xf0 [ 42.111750] [] ? kasan_kmalloc+0xaf/0xc0 [ 42.117434] [] ? __kmalloc_track_caller+0xf1/0x2e0 [ 42.123987] [] ? kmemdup+0x24/0x50 [ 42.129156] [] ? selinux_cred_prepare+0x43/0xa0 [ 42.135449] [] ? security_prepare_creds+0x83/0xc0 [ 42.141914] [] ? prepare_creds+0x222/0x2a0 [ 42.147769] [] ? prepare_exec_creds+0x11/0xf0 [ 42.153897] [] ? prepare_bprm_creds+0x67/0x110 [ 42.160105] [] ? compat_SyS_execve+0x48/0x60 [ 42.166140] [] ? do_fast_syscall_32+0x31e/0xa80 [ 42.172445] [] ? sysenter_flags_fixed+0xd/0x1a [ 42.178653] [] ? save_stack_trace+0x26/0x50 [ 42.184601] [] ? kasan_kmalloc+0xaf/0xc0 [ 42.190288] [] ? kasan_slab_alloc+0x12/0x20 [ 42.196235] [] ? kmem_cache_alloc+0xdc/0x2c0 [ 42.202267] [] ? prepare_creds+0x28/0x2a0 [ 42.208056] [] ? prepare_exec_creds+0x11/0xf0 [ 42.214175] [] ? prepare_bprm_creds+0x67/0x110 [ 42.220383] [] ? do_execveat_common.isra.14+0x2d8/0x1f00 [ 42.227464] [] ? sysenter_flags_fixed+0xd/0x1a [ 42.233677] [] ? save_stack_trace+0x26/0x50 [ 42.239800] [] do_filp_open+0x197/0x270 [ 42.245401] [] ? user_path_mountpoint_at+0x70/0x70 [ 42.251954] [] ? trace_hardirqs_on+0x10/0x10 [ 42.257986] [] ? rcu_read_lock_sched_held+0x103/0x120 [ 42.264800] [] do_open_execat+0x10f/0x6f0 [ 42.270569] [] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 42.277300] [] ? setup_arg_pages+0x7a0/0x7a0 [ 42.283333] [] do_execveat_common.isra.14+0x6a1/0x1f00 [ 42.290234] [] ? do_execveat_common.isra.14+0x3db/0x1f00 [ 42.297386] [] ? prepare_bprm_creds+0x110/0x110 [ 42.303691] [] ? getname_flags+0x229/0x550 [ 42.309551] [] compat_SyS_execve+0x48/0x60 [ 42.315412] [] ? SyS_execveat+0x70/0x70 [ 42.321013] [] do_fast_syscall_32+0x31e/0xa80 [ 42.327140] [] sysenter_flags_fixed+0xd/0x1a