./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1092147654 <...> Warning: Permanently added '10.128.0.37' (ED25519) to the list of known hosts. execve("./syz-executor1092147654", ["./syz-executor1092147654"], 0x7ffec5f44350 /* 10 vars */) = 0 brk(NULL) = 0x5555573b1000 brk(0x5555573b1d00) = 0x5555573b1d00 arch_prctl(ARCH_SET_FS, 0x5555573b1380) = 0 set_tid_address(0x5555573b1650) = 5070 set_robust_list(0x5555573b1660, 24) = 0 rseq(0x5555573b1ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor1092147654", 4096) = 28 getrandom("\x8e\xc3\xc5\xdd\xfa\x23\xdf\xb9", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x5555573b1d00 brk(0x5555573d2d00) = 0x5555573d2d00 brk(0x5555573d3000) = 0x5555573d3000 mprotect(0x7f015342c000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 pipe2([3, 4], 0) = 0 write(4, "\x15\x00\x00\x00\x65\xff\xff\xff\xff\x00\x00\x08\x00\x39\x50\x32\x30\x30\x30\x2e\x4c", 21) = 21 pipe2([5, 6], O_EXCL) = 0 [ 69.672399][ T5070] [ 69.674764][ T5070] ============================================ [ 69.680903][ T5070] WARNING: possible recursive locking detected [ 69.687062][ T5070] 6.7.0-rc3-syzkaller-00298-g1b8af6552cb7 #0 Not tainted [ 69.694062][ T5070] -------------------------------------------- [ 69.700188][ T5070] syz-executor109/5070 is trying to acquire lock: [ 69.706574][ T5070] ffff88807a678c68 (&pipe->mutex/1){+.+.}-{3:3}, at: pipe_write+0x13a/0x1bc0 [ 69.715374][ T5070] [ 69.715374][ T5070] but task is already holding lock: [ 69.722723][ T5070] ffff88807a678868 (&pipe->mutex/1){+.+.}-{3:3}, at: pipe_lock+0x67/0x80 [ 69.731155][ T5070] [ 69.731155][ T5070] other info that might help us debug this: [ 69.739190][ T5070] Possible unsafe locking scenario: [ 69.739190][ T5070] [ 69.746640][ T5070] CPU0 [ 69.749914][ T5070] ---- [ 69.753186][ T5070] lock(&pipe->mutex/1); [ 69.757518][ T5070] lock(&pipe->mutex/1); [ 69.761833][ T5070] [ 69.761833][ T5070] *** DEADLOCK *** [ 69.761833][ T5070] [ 69.769967][ T5070] May be due to missing lock nesting notation [ 69.769967][ T5070] [ 69.778274][ T5070] 1 lock held by syz-executor109/5070: [ 69.783706][ T5070] #0: ffff88807a678868 (&pipe->mutex/1){+.+.}-{3:3}, at: pipe_lock+0x67/0x80 [ 69.792561][ T5070] [ 69.792561][ T5070] stack backtrace: [ 69.798423][ T5070] CPU: 1 PID: 5070 Comm: syz-executor109 Not tainted 6.7.0-rc3-syzkaller-00298-g1b8af6552cb7 #0 [ 69.808854][ T5070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 69.818891][ T5070] Call Trace: [ 69.822156][ T5070] [ 69.825088][ T5070] dump_stack_lvl+0xd9/0x1b0 [ 69.829703][ T5070] __lock_acquire+0x20f8/0x3b20 [ 69.834586][ T5070] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 69.840561][ T5070] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 69.846545][ T5070] ? mark_lock+0xb5/0xc50 [ 69.850861][ T5070] lock_acquire+0x1ae/0x520 [ 69.855355][ T5070] ? pipe_write+0x13a/0x1bc0 [ 69.859943][ T5070] ? lock_sync+0x190/0x190 [ 69.864348][ T5070] ? preempt_count_sub+0x160/0x160 [ 69.869443][ T5070] __mutex_lock+0x175/0x9d0 [ 69.873945][ T5070] ? pipe_write+0x13a/0x1bc0 [ 69.878518][ T5070] ? lock_acquire+0x1ae/0x520 [ 69.883183][ T5070] ? pipe_write+0x13a/0x1bc0 [ 69.887758][ T5070] ? mutex_trylock+0x130/0x130 [ 69.892520][ T5070] ? aa_file_perm+0x4e8/0x1000 [ 69.897279][ T5070] ? reacquire_held_locks+0x4c0/0x4c0 [ 69.902649][ T5070] ? pipe_write+0x13a/0x1bc0 [ 69.907221][ T5070] pipe_write+0x13a/0x1bc0 [ 69.911624][ T5070] ? aa_file_perm+0x4f2/0x1000 [ 69.916378][ T5070] ? do_proc_dopipe_max_size_conv+0x1b0/0x1b0 [ 69.922427][ T5070] ? lock_acquire+0x1ae/0x520 [ 69.927094][ T5070] ? aa_path_link+0x320/0x320 [ 69.931761][ T5070] ? __mutex_trylock_common+0xeb/0x250 [ 69.937205][ T5070] do_iter_readv_writev+0x21e/0x3c0 [ 69.942408][ T5070] ? generic_copy_file_range+0x1d0/0x1d0 [ 69.948025][ T5070] ? bpf_lsm_file_permission+0x9/0x10 [ 69.953382][ T5070] ? security_file_permission+0x94/0x100 [ 69.958999][ T5070] do_iter_write+0x17f/0x7f0 [ 69.963575][ T5070] vfs_iter_write+0x7a/0xb0 [ 69.968072][ T5070] iter_file_splice_write+0x698/0xc00 [ 69.973447][ T5070] ? splice_from_pipe_next+0x5d0/0x5d0 [ 69.978889][ T5070] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 69.984866][ T5070] ? bpf_lsm_file_permission+0x9/0x10 [ 69.990310][ T5070] ? security_file_permission+0x94/0x100 [ 69.995929][ T5070] ? splice_from_pipe_next+0x5d0/0x5d0 [ 70.001382][ T5070] do_splice+0x127f/0x1f80 [ 70.005804][ T5070] ? spin_bug+0x1d0/0x1d0 [ 70.010115][ T5070] ? cgroup_update_frozen+0x144/0x6b0 [ 70.017647][ T5070] ? splice_file_to_pipe+0x120/0x120 [ 70.022919][ T5070] ? direct_file_splice_eof+0xb0/0xb0 [ 70.028276][ T5070] __do_splice+0x323/0x360 [ 70.032678][ T5070] ? do_splice+0x1f80/0x1f80 [ 70.037256][ T5070] ? _raw_spin_unlock_irq+0x23/0x50 [ 70.042439][ T5070] ? lockdep_hardirqs_on+0x7d/0x110 [ 70.047627][ T5070] __x64_sys_splice+0x1ce/0x260 [ 70.052465][ T5070] do_syscall_64+0x40/0x110 [ 70.056954][ T5070] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 70.062838][ T5070] RIP: 0033:0x7f01533b9329 [ 70.067254][ T5070] Code: 48 83 c4 28 c3 e8 37 17 00 00 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 70.086852][ T5070] RSP: 002b:00007fff628fd298 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 70.095252][ T5070] RAX: ffffffffffffffda RBX: 00007fff628fd478 RCX: 00007f01533b9329 [ 70.103209][ T5070] RDX: 0000000000000006 RSI: 0000000000000000 RDI: 0000000000000003 [ 70.111169][ T5070] RBP: 00007f015342c610 R08: 0000000000000005 R09: 0000000000000000 splice(3, NULL, 6, NULL, 5, 0) = -1 EXDEV (Invalid cross-device link) exit_group(0) = ? +++ exited with 0 +++ [ 70.119124][ T5070] R10: 0000000000000000 R11: 00000000000