Warning: Permanently added '10.128.0.128' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 39.902931] [ 39.904685] ====================================================== [ 39.910977] [ INFO: possible circular locking dependency detected ] [ 39.917519] 4.4.174+ #17 Not tainted [ 39.921202] ------------------------------------------------------- [ 39.927618] syz-executor083/2080 is trying to acquire lock: [ 39.933299] (&pipe->mutex/1){+.+.+.}, at: [] fifo_open+0x15d/0xa00 [ 39.941880] [ 39.941880] but task is already holding lock: [ 39.947815] (&sig->cred_guard_mutex){+.+.+.}, at: [] prepare_bprm_creds+0x55/0x120 [ 39.957617] [ 39.957617] which lock already depends on the new lock. [ 39.957617] [ 39.965897] [ 39.965897] the existing dependency chain (in reverse order) is: [ 39.973481] -> #1 (&sig->cred_guard_mutex){+.+.+.}: [ 39.979097] [] lock_acquire+0x15e/0x450 [ 39.985452] [] mutex_lock_interruptible_nested+0xd2/0xce0 [ 39.993257] [] proc_pid_attr_write+0x1a8/0x2a0 [ 40.000106] [] __vfs_write+0x116/0x3d0 [ 40.006262] [] __kernel_write+0x112/0x370 [ 40.012663] [] write_pipe_buf+0x15d/0x1f0 [ 40.019160] [] __splice_from_pipe+0x37e/0x7a0 [ 40.025914] [] splice_from_pipe+0x108/0x170 [ 40.032489] [] default_file_splice_write+0x3c/0x80 [ 40.039775] [] SyS_splice+0xd71/0x13a0 [ 40.046166] [] do_fast_syscall_32+0x32d/0xa90 [ 40.052923] [] sysenter_flags_fixed+0xd/0x1a [ 40.059597] -> #0 (&pipe->mutex/1){+.+.+.}: [ 40.064673] [] __lock_acquire+0x37d6/0x4f50 [ 40.071267] [] lock_acquire+0x15e/0x450 [ 40.077494] [] mutex_lock_nested+0xc1/0xb80 [ 40.084076] [] fifo_open+0x15d/0xa00 [ 40.090055] [] do_dentry_open+0x38f/0xbd0 [ 40.096473] [] vfs_open+0x10b/0x210 [ 40.102353] [] path_openat+0x136f/0x4470 [ 40.108680] [] do_filp_open+0x1a1/0x270 [ 40.114926] [] do_open_execat+0x10c/0x6e0 [ 40.121325] [] do_execveat_common.isra.0+0x6f6/0x1e90 [ 40.128777] [] compat_SyS_execve+0x48/0x60 [ 40.135264] [] do_fast_syscall_32+0x32d/0xa90 [ 40.142020] [] sysenter_flags_fixed+0xd/0x1a [ 40.148684] [ 40.148684] other info that might help us debug this: [ 40.148684] [ 40.156793] Possible unsafe locking scenario: [ 40.156793] [ 40.162817] CPU0 CPU1 [ 40.167457] ---- ---- [ 40.172100] lock(&sig->cred_guard_mutex); [ 40.176646] lock(&pipe->mutex/1); [ 40.183113] lock(&sig->cred_guard_mutex); [ 40.190155] lock(&pipe->mutex/1); [ 40.194103] [ 40.194103] *** DEADLOCK *** [ 40.194103] [ 40.200133] 1 lock held by syz-executor083/2080: [ 40.204856] #0: (&sig->cred_guard_mutex){+.+.+.}, at: [] prepare_bprm_creds+0x55/0x120 [ 40.215231] [ 40.215231] stack backtrace: [ 40.219719] CPU: 1 PID: 2080 Comm: syz-executor083 Not tainted 4.4.174+ #17 [ 40.226786] 0000000000000000 5304b91ef5fd3352 ffff8801d38774c0 ffffffff81aad1a1 [ 40.234777] ffffffff84057a80 ffff8800b7232f80 ffffffff83abd460 ffffffff83ab66b0 [ 40.242864] ffffffff83abd460 ffff8801d3877510 ffffffff813abcda ffff8801d38775f0 [ 40.250843] Call Trace: [ 40.253403] [] dump_stack+0xc1/0x120 [ 40.258739] [] print_circular_bug.cold+0x2f7/0x44e [ 40.265287] [] __lock_acquire+0x37d6/0x4f50 [ 40.271242] [] ? trace_hardirqs_on+0x10/0x10 [ 40.277299] [] ? do_filp_open+0x1a1/0x270 [ 40.283088] [] ? do_execveat_common.isra.0+0x6f6/0x1e90 [ 40.290165] [] ? compat_SyS_execve+0x48/0x60 [ 40.296206] [] ? do_fast_syscall_32+0x32d/0xa90 [ 40.302500] [] ? sysenter_flags_fixed+0xd/0x1a [ 40.308708] [] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 40.315434] [] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 40.322156] [] lock_acquire+0x15e/0x450 [ 40.327757] [] ? fifo_open+0x15d/0xa00 [ 40.333475] [] ? fifo_open+0x15d/0xa00 [ 40.338993] [] mutex_lock_nested+0xc1/0xb80 [ 40.344964] [] ? fifo_open+0x15d/0xa00 [ 40.350483] [] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 40.357297] [] ? mutex_trylock+0x500/0x500 [ 40.363236] [] ? fifo_open+0x24d/0xa00 [ 40.368745] [] ? fifo_open+0x28c/0xa00 [ 40.374247] [] fifo_open+0x15d/0xa00 [ 40.379665] [] do_dentry_open+0x38f/0xbd0 [ 40.385436] [] ? __inode_permission2+0x9e/0x250 [ 40.391720] [] ? pipe_release+0x250/0x250 [ 40.397487] [] vfs_open+0x10b/0x210 [ 40.402835] [] ? may_open.isra.0+0xe7/0x210 [ 40.408782] [] path_openat+0x136f/0x4470 [ 40.416918] [] ? depot_save_stack+0x1c3/0x5f0 [ 40.423034] [] ? may_open.isra.0+0x210/0x210 [ 40.429063] [] ? kmemdup+0x27/0x60 [ 40.434373] [] ? selinux_cred_prepare+0x43/0xa0 [ 40.440781] [] ? security_prepare_creds+0x83/0xc0 [ 40.447251] [] ? prepare_creds+0x228/0x2b0 [ 40.453114] [] ? prepare_exec_creds+0x12/0xf0 [ 40.459232] [] ? do_execveat_common.isra.0+0x2d6/0x1e90 [ 40.466217] [] ? do_fast_syscall_32+0x32d/0xa90 [ 40.472503] [] ? kasan_kmalloc+0xb7/0xd0 [ 40.478183] [] ? kasan_slab_alloc+0xf/0x20 [ 40.484035] [] ? kmem_cache_alloc+0xdc/0x2c0 [ 40.490061] [] ? prepare_creds+0x28/0x2b0 [ 40.495936] [] ? prepare_exec_creds+0x12/0xf0 [ 40.502056] [] do_filp_open+0x1a1/0x270 [ 40.507652] [] ? save_stack_trace+0x26/0x50 [ 40.513590] [] ? user_path_mountpoint_at+0x50/0x50 [ 40.520138] [] ? compat_SyS_execve+0x48/0x60 [ 40.526173] [] ? do_fast_syscall_32+0x32d/0xa90 [ 40.532461] [] ? sysenter_flags_fixed+0xd/0x1a [ 40.538663] [] ? __lock_acquire+0xa4f/0x4f50 [ 40.544688] [] ? trace_hardirqs_on+0x10/0x10 [ 40.550715] [] ? rcu_read_lock_sched_held+0x10b/0x130 [ 40.557527] [] do_open_execat+0x10c/0x6e0 [ 40.563308] [] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 40.570034] [] ? setup_arg_pages+0x7b0/0x7b0 [ 40.576082] [] ? do_execveat_common.isra.0+0x6b8/0x1e90 [ 40.583067] [] do_execveat_common.isra.0+0x6f6/0x1e90 [ 40.590030] [] ? do_execveat_common.isra.0+0x422/0x1e90 [ 40.597012] [] ? __check_object_size+0x222/0x332 [ 40.603387] [] ? strncpy_from_user+0xd1/0x230 [ 40.609502] [] ? prepare_bprm_creds+0x120/0x120 [ 40.615791] [] ? getname_flags+0x232/0x550 [ 40.621665] [] compat_SyS_execve+0x48/0x60 [ 40.627520] [] ? SyS_execveat+0x70/0x70 [ 40.633115] [] do_fast_syscall_32+0x32d/0xa90 [ 40.639231] [] sysenter_flags_fixed+0xd/0x1a