Warning: Permanently added '10.128.15.215' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 33.461203] [ 33.462857] ====================================================== [ 33.469144] [ INFO: possible circular locking dependency detected ] [ 33.475522] 4.4.174+ #17 Not tainted [ 33.479219] ------------------------------------------------------- [ 33.485594] syz-executor296/2068 is trying to acquire lock: [ 33.491275] (&pipe->mutex/1){+.+.+.}, at: [] fifo_open+0x15d/0xa00 [ 33.499867] [ 33.499867] but task is already holding lock: [ 33.505814] (&sig->cred_guard_mutex){+.+.+.}, at: [] prepare_bprm_creds+0x55/0x120 [ 33.515652] [ 33.515652] which lock already depends on the new lock. [ 33.515652] [ 33.523970] [ 33.523970] the existing dependency chain (in reverse order) is: [ 33.531564] -> #1 (&sig->cred_guard_mutex){+.+.+.}: [ 33.537237] [] lock_acquire+0x15e/0x450 [ 33.543492] [] mutex_lock_interruptible_nested+0xd2/0xce0 [ 33.551292] [] proc_pid_attr_write+0x1a8/0x2a0 [ 33.558142] [] __vfs_write+0x116/0x3d0 [ 33.564291] [] __kernel_write+0x112/0x370 [ 33.570730] [] write_pipe_buf+0x15d/0x1f0 [ 33.577144] [] __splice_from_pipe+0x37e/0x7a0 [ 33.583905] [] splice_from_pipe+0x108/0x170 [ 33.590522] [] default_file_splice_write+0x3c/0x80 [ 33.597731] [] SyS_splice+0xd71/0x13a0 [ 33.603880] [] do_fast_syscall_32+0x32d/0xa90 [ 33.610643] [] sysenter_flags_fixed+0xd/0x1a [ 33.617314] -> #0 (&pipe->mutex/1){+.+.+.}: [ 33.622389] [] __lock_acquire+0x37d6/0x4f50 [ 33.628983] [] lock_acquire+0x15e/0x450 [ 33.635237] [] mutex_lock_nested+0xc1/0xb80 [ 33.641841] [] fifo_open+0x15d/0xa00 [ 33.647834] [] do_dentry_open+0x38f/0xbd0 [ 33.654246] [] vfs_open+0x10b/0x210 [ 33.660137] [] path_openat+0x136f/0x4470 [ 33.666464] [] do_filp_open+0x1a1/0x270 [ 33.672700] [] do_open_execat+0x10c/0x6e0 [ 33.679111] [] do_execveat_common.isra.0+0x6f6/0x1e90 [ 33.686577] [] compat_SyS_execve+0x48/0x60 [ 33.693073] [] do_fast_syscall_32+0x32d/0xa90 [ 33.699864] [] sysenter_flags_fixed+0xd/0x1a [ 33.706549] [ 33.706549] other info that might help us debug this: [ 33.706549] [ 33.714749] Possible unsafe locking scenario: [ 33.714749] [ 33.720778] CPU0 CPU1 [ 33.725415] ---- ---- [ 33.730052] lock(&sig->cred_guard_mutex); [ 33.734578] lock(&pipe->mutex/1); [ 33.741055] lock(&sig->cred_guard_mutex); [ 33.748106] lock(&pipe->mutex/1); [ 33.752074] [ 33.752074] *** DEADLOCK *** [ 33.752074] [ 33.758105] 1 lock held by syz-executor296/2068: [ 33.762831] #0: (&sig->cred_guard_mutex){+.+.+.}, at: [] prepare_bprm_creds+0x55/0x120 [ 33.773211] [ 33.773211] stack backtrace: [ 33.777693] CPU: 0 PID: 2068 Comm: syz-executor296 Not tainted 4.4.174+ #17 [ 33.784762] 0000000000000000 3f0da9f7067059ba ffff8801d41974c0 ffffffff81aad1a1 [ 33.792745] ffffffff84057a80 ffff8801d5f88000 ffffffff83abd100 ffffffff83ab66b0 [ 33.800856] ffffffff83abd100 ffff8801d4197510 ffffffff813abcda ffff8801d41975f0 [ 33.808833] Call Trace: [ 33.811395] [] dump_stack+0xc1/0x120 [ 33.816735] [] print_circular_bug.cold+0x2f7/0x44e [ 33.823287] [] __lock_acquire+0x37d6/0x4f50 [ 33.829232] [] ? trace_hardirqs_on+0x10/0x10 [ 33.835262] [] ? do_filp_open+0x1a1/0x270 [ 33.841043] [] ? do_execveat_common.isra.0+0x6f6/0x1e90 [ 33.848038] [] ? compat_SyS_execve+0x48/0x60 [ 33.854070] [] ? do_fast_syscall_32+0x32d/0xa90 [ 33.860359] [] ? sysenter_flags_fixed+0xd/0x1a [ 33.866564] [] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 33.873289] [] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 33.880012] [] lock_acquire+0x15e/0x450 [ 33.885610] [] ? fifo_open+0x15d/0xa00 [ 33.891122] [] ? fifo_open+0x15d/0xa00 [ 33.896629] [] mutex_lock_nested+0xc1/0xb80 [ 33.902573] [] ? fifo_open+0x15d/0xa00 [ 33.908082] [] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 33.914811] [] ? mutex_trylock+0x500/0x500 [ 33.920684] [] ? fifo_open+0x24d/0xa00 [ 33.926210] [] ? fifo_open+0x28c/0xa00 [ 33.931719] [] fifo_open+0x15d/0xa00 [ 33.937053] [] do_dentry_open+0x38f/0xbd0 [ 33.942830] [] ? __inode_permission2+0x9e/0x250 [ 33.949119] [] ? pipe_release+0x250/0x250 [ 33.954907] [] vfs_open+0x10b/0x210 [ 33.960156] [] ? may_open.isra.0+0xe7/0x210 [ 33.966098] [] path_openat+0x136f/0x4470 [ 33.971784] [] ? depot_save_stack+0x1c3/0x5f0 [ 33.977906] [] ? may_open.isra.0+0x210/0x210 [ 33.983935] [] ? kmemdup+0x27/0x60 [ 33.989097] [] ? selinux_cred_prepare+0x43/0xa0 [ 33.995391] [] ? security_prepare_creds+0x83/0xc0 [ 34.001860] [] ? prepare_creds+0x228/0x2b0 [ 34.007717] [] ? prepare_exec_creds+0x12/0xf0 [ 34.013842] [] ? do_execveat_common.isra.0+0x2d6/0x1e90 [ 34.020831] [] ? do_fast_syscall_32+0x32d/0xa90 [ 34.027125] [] ? kasan_kmalloc+0xb7/0xd0 [ 34.032813] [] ? kasan_slab_alloc+0xf/0x20 [ 34.038674] [] ? kmem_cache_alloc+0xdc/0x2c0 [ 34.044706] [] ? prepare_creds+0x28/0x2b0 [ 34.050474] [] ? prepare_exec_creds+0x12/0xf0 [ 34.056593] [] do_filp_open+0x1a1/0x270 [ 34.062189] [] ? save_stack_trace+0x26/0x50 [ 34.068135] [] ? user_path_mountpoint_at+0x50/0x50 [ 34.074688] [] ? compat_SyS_execve+0x48/0x60 [ 34.080720] [] ? do_fast_syscall_32+0x32d/0xa90 [ 34.087011] [] ? sysenter_flags_fixed+0xd/0x1a [ 34.093216] [] ? __lock_acquire+0xa4f/0x4f50 [ 34.099245] [] ? trace_hardirqs_on+0x10/0x10 [ 34.105288] [] ? rcu_read_lock_sched_held+0x10b/0x130 [ 34.112099] [] do_open_execat+0x10c/0x6e0 [ 34.117869] [] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 34.124594] [] ? setup_arg_pages+0x7b0/0x7b0 [ 34.130622] [] ? do_execveat_common.isra.0+0x6b8/0x1e90 [ 34.137626] [] do_execveat_common.isra.0+0x6f6/0x1e90 [ 34.144438] [] ? do_execveat_common.isra.0+0x422/0x1e90 [ 34.151422] [] ? __check_object_size+0x222/0x332 [ 34.157799] [] ? strncpy_from_user+0xd1/0x230 [ 34.163956] [] ? prepare_bprm_creds+0x120/0x120 [ 34.170248] [] ? getname_flags+0x232/0x550 [ 34.176105] [] compat_SyS_execve+0x48/0x60 [ 34.181961] [] ? SyS_execveat+0x70/0x70 [ 34.187559] [] do_fast_syscall_32+0x32d/0xa90 [ 34.193675] [] sysenter_flags_fixed+0xd/0x1a