Warning: Permanently added '10.128.0.45' (ECDSA) to the list of known hosts. executing program [ 78.084541][ T26] audit: type=1400 audit(1571440732.638:42): avc: denied { map } for pid=9523 comm="syz-executor280" path="/root/syz-executor280315123" dev="sda1" ino=16484 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 78.120160][ T9524] IPVS: ftp: loaded support on port[0] = 21 [ 78.151707][ T26] audit: type=1400 audit(1571440732.708:43): avc: denied { map } for pid=9524 comm="syz-executor280" path="/dev/usbmon0" dev="devtmpfs" ino=6064 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:usbmon_device_t:s0 tclass=chr_file permissive=1 [ 78.199594][ T9526] [ 78.201990][ T9526] ====================================================== [ 78.208986][ T9526] WARNING: possible circular locking dependency detected [ 78.215986][ T9526] 5.4.0-rc3+ #0 Not tainted [ 78.220460][ T9526] ------------------------------------------------------ [ 78.227452][ T9526] syz-executor280/9526 is trying to acquire lock: [ 78.234019][ T9526] ffff8880989d0118 (&mm->mmap_sem#2){++++}, at: __might_fault+0xfb/0x1e0 [ 78.242422][ T9526] [ 78.242422][ T9526] but task is already holding lock: [ 78.249876][ T9526] ffff888095968500 (&rp->fetch_lock){+.+.}, at: mon_bin_get_event+0x3c/0x450 [ 78.258652][ T9526] [ 78.258652][ T9526] which lock already depends on the new lock. [ 78.258652][ T9526] [ 78.269029][ T9526] [ 78.269029][ T9526] the existing dependency chain (in reverse order) is: [ 78.278029][ T9526] [ 78.278029][ T9526] -> #1 (&rp->fetch_lock){+.+.}: [ 78.285495][ T9526] __mutex_lock+0x156/0x13c0 [ 78.290771][ T9526] mutex_lock_nested+0x16/0x20 [ 78.296031][ T9526] mon_bin_vma_fault+0x73/0x2d0 [ 78.301392][ T9526] __do_fault+0x111/0x540 [ 78.307000][ T9526] __handle_mm_fault+0x2dd0/0x4040 [ 78.312622][ T9526] handle_mm_fault+0x3b7/0xaa0 [ 78.317909][ T9526] __get_user_pages+0x7d4/0x1b30 [ 78.323363][ T9526] populate_vma_page_range+0x20d/0x2a0 [ 78.329317][ T9526] __mm_populate+0x204/0x380 [ 78.334409][ T9526] vm_mmap_pgoff+0x213/0x230 [ 78.339504][ T9526] ksys_mmap_pgoff+0x4aa/0x630 [ 78.344954][ T9526] __x64_sys_mmap+0xe9/0x1b0 [ 78.350041][ T9526] do_syscall_64+0xfa/0x760 [ 78.355054][ T9526] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 78.361450][ T9526] [ 78.361450][ T9526] -> #0 (&mm->mmap_sem#2){++++}: [ 78.368556][ T9526] __lock_acquire+0x2596/0x4a00 [ 78.373913][ T9526] lock_acquire+0x190/0x410 [ 78.378924][ T9526] __might_fault+0x15e/0x1e0 [ 78.384010][ T9526] _copy_to_user+0x30/0x160 [ 78.389011][ T9526] mon_bin_get_event+0x117/0x450 [ 78.394448][ T9526] mon_bin_ioctl+0xacf/0xc80 [ 78.399536][ T9526] do_vfs_ioctl+0xdb6/0x13e0 [ 78.404662][ T9526] ksys_ioctl+0xab/0xd0 [ 78.409335][ T9526] __x64_sys_ioctl+0x73/0xb0 [ 78.414431][ T9526] do_syscall_64+0xfa/0x760 [ 78.419445][ T9526] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 78.425828][ T9526] [ 78.425828][ T9526] other info that might help us debug this: [ 78.425828][ T9526] [ 78.436030][ T9526] Possible unsafe locking scenario: [ 78.436030][ T9526] [ 78.443453][ T9526] CPU0 CPU1 [ 78.448793][ T9526] ---- ---- [ 78.454152][ T9526] lock(&rp->fetch_lock); [ 78.458541][ T9526] lock(&mm->mmap_sem#2); [ 78.465447][ T9526] lock(&rp->fetch_lock); [ 78.472348][ T9526] lock(&mm->mmap_sem#2); [ 78.476736][ T9526] [ 78.476736][ T9526] *** DEADLOCK *** [ 78.476736][ T9526] [ 78.484856][ T9526] 1 lock held by syz-executor280/9526: [ 78.490280][ T9526] #0: ffff888095968500 (&rp->fetch_lock){+.+.}, at: mon_bin_get_event+0x3c/0x450 [ 78.499461][ T9526] [ 78.499461][ T9526] stack backtrace: [ 78.505331][ T9526] CPU: 1 PID: 9526 Comm: syz-executor280 Not tainted 5.4.0-rc3+ #0 [ 78.513190][ T9526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 78.523218][ T9526] Call Trace: [ 78.526588][ T9526] dump_stack+0x172/0x1f0 [ 78.530899][ T9526] print_circular_bug.isra.0.cold+0x163/0x172 [ 78.537070][ T9526] check_noncircular+0x32e/0x3e0 [ 78.541993][ T9526] ? print_circular_bug.isra.0+0x230/0x230 [ 78.547779][ T9526] ? alloc_list_entry+0xc0/0xc0 [ 78.552622][ T9526] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 78.559403][ T9526] ? find_first_zero_bit+0x9a/0xc0 [ 78.564497][ T9526] __lock_acquire+0x2596/0x4a00 [ 78.569367][ T9526] ? mark_held_locks+0xf0/0xf0 [ 78.574107][ T9526] lock_acquire+0x190/0x410 [ 78.578586][ T9526] ? __might_fault+0xfb/0x1e0 [ 78.583239][ T9526] __might_fault+0x15e/0x1e0 [ 78.587912][ T9526] ? __might_fault+0xfb/0x1e0 [ 78.592597][ T9526] _copy_to_user+0x30/0x160 [ 78.597089][ T9526] mon_bin_get_event+0x117/0x450 [ 78.602016][ T9526] mon_bin_ioctl+0xacf/0xc80 [ 78.606608][ T9526] ? mon_bin_get_event+0x450/0x450 [ 78.611727][ T9526] ? mon_bin_get_event+0x450/0x450 [ 78.616830][ T9526] do_vfs_ioctl+0xdb6/0x13e0 [ 78.621410][ T9526] ? ioctl_preallocate+0x210/0x210 [ 78.627309][ T9526] ? selinux_file_mprotect+0x620/0x620 [ 78.632777][ T9526] ? __fget+0x384/0x560 [ 78.636913][ T9526] ? ksys_dup3+0x3e0/0x3e0 [ 78.641306][ T9526] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 78.646826][ T9526] ? tomoyo_file_ioctl+0x23/0x30 [ 78.651742][ T9526] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 78.657972][ T9526] ? security_file_ioctl+0x8d/0xc0 [ 78.663059][ T9526] ksys_ioctl+0xab/0xd0 [ 78.667410][ T9526] __x64_sys_ioctl+0x73/0xb0 [ 78.672081][ T9526] do_syscall_64+0xfa/0x760 [ 78.676917][ T9526] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 78.682787][ T9526] RIP: 0033:0x44a0a9 [ 78.686662][ T9526] Code: e8 4c bc 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb d2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 78.706244][ T9526] RSP: 002b:00007f4125b8cce8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 78.714650][ T9526] RAX: ffffffffffffffda RBX: 00000000006dbc38 RCX: 000000000044a0a9 [ 78.722600][ T9526] RDX: 00000000200000c0 RSI: 0000000040189206 RDI: 0000000000000003 [ 78.730548][ T9526] RBP: 00000000006dbc30 R08: 00007f4125b8d700 R09: 0000000000000000 [ 78.738495][ T9526] R10: 00007f4125b8d700 R11: 0000000000000246 R12: 00000000006dbc3c [ 78.746458][ T9526] R13: 00007ffe639a894f R14: 00007f4125b8d9c0 R15: 000000000000002d