[ INFO: possible circular locking dependency detected ] 4.9.141+ #1 Not tainted ------------------------------------------------------- syz-executor.0/15017 is trying to acquire lock: (&sig->cred_guard_mutex){+.+.+.}, at: [] mm_access+0x51/0x140 kernel/fork.c:1028 but task is already holding lock: (&sb->s_type->i_mutex_key){++++++}, at: [] inode_lock_shared include/linux/fs.h:776 [inline] (&sb->s_type->i_mutex_key){++++++}, at: [] lookup_slow+0x154/0x470 fs/namei.c:1645 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #1 (&sb->s_type->i_mutex_key){++++++}: lock_acquire+0x130/0x3e0 kernel/locking/lockdep.c:3756 down_read+0x44/0xb0 kernel/locking/rwsem.c:22 inode_lock_shared include/linux/fs.h:776 [inline] do_last fs/namei.c:3314 [inline] path_openat+0x1309/0x2790 fs/namei.c:3534 do_filp_open+0x197/0x270 fs/namei.c:3568 do_open_execat+0x10f/0x640 fs/exec.c:844 open_exec+0x43/0x60 fs/exec.c:876 load_script+0x5a4/0x740 fs/binfmt_script.c:100 search_binary_handler+0x14f/0x6f0 fs/exec.c:1621 exec_binprm fs/exec.c:1663 [inline] do_execveat_common.isra.14+0x1139/0x1ed0 fs/exec.c:1785 do_execveat fs/exec.c:1840 [inline] SYSC_execveat fs/exec.c:1921 [inline] SyS_execveat+0x55/0x70 fs/exec.c:1913 do_syscall_64+0x19f/0x550 arch/x86/entry/common.c:285 entry_SYSCALL_64_after_swapgs+0x5d/0xdb -> #0 (&sig->cred_guard_mutex){+.+.+.}: check_prev_add kernel/locking/lockdep.c:1828 [inline] check_prevs_add kernel/locking/lockdep.c:1938 [inline] validate_chain kernel/locking/lockdep.c:2265 [inline] __lock_acquire+0x3189/0x4a10 kernel/locking/lockdep.c:3345 lock_acquire+0x130/0x3e0 kernel/locking/lockdep.c:3756 __mutex_lock_common kernel/locking/mutex.c:521 [inline] mutex_lock_killable_nested+0xcc/0x9f0 kernel/locking/mutex.c:641 mm_access+0x51/0x140 kernel/fork.c:1028 map_files_d_revalidate+0xf6/0x6e0 fs/proc/base.c:1933 d_revalidate fs/namei.c:789 [inline] lookup_slow+0x361/0x470 fs/namei.c:1656 walk_component+0x822/0xcf0 fs/namei.c:1784 lookup_last fs/namei.c:2266 [inline] path_lookupat.isra.10+0x186/0x410 fs/namei.c:2283 filename_lookup.part.18+0x177/0x370 fs/namei.c:2317 filename_lookup fs/namei.c:2310 [inline] user_path_at_empty+0x53/0x70 fs/namei.c:2578 user_path_at include/linux/namei.h:55 [inline] SYSC_quotactl fs/quota/quota.c:862 [inline] SyS_quotactl+0x7c4/0x1250 fs/quota/quota.c:834 do_syscall_64+0x19f/0x550 arch/x86/entry/common.c:285 entry_SYSCALL_64_after_swapgs+0x5d/0xdb other info that might help us debug this: Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(&sb->s_type->i_mutex_key); lock(&sig->cred_guard_mutex); lock(&sb->s_type->i_mutex_key); lock(&sig->cred_guard_mutex); *** DEADLOCK *** 1 lock held by syz-executor.0/15017: #0: (&sb->s_type->i_mutex_key){++++++}, at: [] inode_lock_shared include/linux/fs.h:776 [inline] #0: (&sb->s_type->i_mutex_key){++++++}, at: [] lookup_slow+0x154/0x470 fs/namei.c:1645 stack backtrace: CPU: 1 PID: 15017 Comm: syz-executor.0 Not tainted 4.9.141+ #1 ffff8801d2637388 ffffffff81b42e79 ffffffff83ca2fd0 ffffffff83c73360 ffffffff83ca2fd0 ffff8801cc63d010 ffff8801cc63c740 ffff8801d26373d0 ffffffff813fee40 0000000000000001 00000000cc63cff0 0000000000000001 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] print_circular_bug.cold.36+0x2f7/0x432 kernel/locking/lockdep.c:1202 [] check_prev_add kernel/locking/lockdep.c:1828 [inline] [] check_prevs_add kernel/locking/lockdep.c:1938 [inline] [] validate_chain kernel/locking/lockdep.c:2265 [inline] [] __lock_acquire+0x3189/0x4a10 kernel/locking/lockdep.c:3345 [] lock_acquire+0x130/0x3e0 kernel/locking/lockdep.c:3756 [] __mutex_lock_common kernel/locking/mutex.c:521 [inline] [] mutex_lock_killable_nested+0xcc/0x9f0 kernel/locking/mutex.c:641 [] mm_access+0x51/0x140 kernel/fork.c:1028 [] map_files_d_revalidate+0xf6/0x6e0 fs/proc/base.c:1933 [] d_revalidate fs/namei.c:789 [inline] [] lookup_slow+0x361/0x470 fs/namei.c:1656 [] walk_component+0x822/0xcf0 fs/namei.c:1784 [] lookup_last fs/namei.c:2266 [inline] [] path_lookupat.isra.10+0x186/0x410 fs/namei.c:2283 [] filename_lookup.part.18+0x177/0x370 fs/namei.c:2317 [] filename_lookup fs/namei.c:2310 [inline] [] user_path_at_empty+0x53/0x70 fs/namei.c:2578 [] user_path_at include/linux/namei.h:55 [inline] [] SYSC_quotactl fs/quota/quota.c:862 [inline] [] SyS_quotactl+0x7c4/0x1250 fs/quota/quota.c:834 [] do_syscall_64+0x19f/0x550 arch/x86/entry/common.c:285 [] entry_SYSCALL_64_after_swapgs+0x5d/0xdb SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=15035 comm=syz-executor.1 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=16563 sclass=netlink_route_socket pig=15035 comm=syz-executor.1 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=15035 comm=syz-executor.1 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=15035 comm=syz-executor.1 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=15035 comm=syz-executor.1 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=15035 comm=syz-executor.1 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=15035 comm=syz-executor.1 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=15035 comm=syz-executor.1 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=15035 comm=syz-executor.1 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=15035 comm=syz-executor.1 tc_dump_action: action bad kind netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. audit_printk_skb: 2103 callbacks suppressed audit: type=1400 audit(1574318424.743:23220): avc: denied { net_admin } for pid=15190 comm="syz-executor.4" capability=12 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 audit: type=1400 audit(1574318424.783:23221): avc: denied { net_admin } for pid=15191 comm="syz-executor.3" capability=12 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 audit: type=1400 audit(1574318424.783:23222): avc: denied { net_admin } for pid=15190 comm="syz-executor.4" capability=12 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 audit: type=1400 audit(1574318424.783:23223): avc: denied { net_admin } for pid=15190 comm="syz-executor.4" capability=12 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 audit: type=1400 audit(1574318424.843:23224): avc: denied { net_admin } for pid=15190 comm="syz-executor.4" capability=12 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 audit: type=1400 audit(1574318424.843:23225): avc: denied { sys_admin } for pid=2090 comm="syz-executor.4" capability=21 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 audit: type=1400 audit(1574318424.843:23226): avc: denied { sys_admin } for pid=2090 comm="syz-executor.4" capability=21 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 audit: type=1400 audit(1574318424.843:23227): avc: denied { sys_admin } for pid=2090 comm="syz-executor.4" capability=21 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 audit: type=1400 audit(1574318424.843:23228): avc: denied { sys_admin } for pid=2090 comm="syz-executor.4" capability=21 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 audit: type=1400 audit(1574318424.843:23229): avc: denied { net_admin } for pid=2090 comm="syz-executor.4" capability=12 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 selinux_nlmsg_perm: 310 callbacks suppressed SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=15255 comm=syz-executor.1 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=16563 sclass=netlink_route_socket pig=15255 comm=syz-executor.1 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=15255 comm=syz-executor.1 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=15255 comm=syz-executor.1 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=15255 comm=syz-executor.1 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=15255 comm=syz-executor.1 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=15255 comm=syz-executor.1 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=15255 comm=syz-executor.1 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=15255 comm=syz-executor.1 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=15255 comm=syz-executor.1 audit_printk_skb: 4152 callbacks suppressed audit: type=1400 audit(1574318429.753:24616): avc: denied { net_admin } for pid=2090 comm="syz-executor.4" capability=12 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 audit: type=1400 audit(1574318429.743:24614): avc: denied { net_admin } for pid=2087 comm="syz-executor.2" capability=12 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 audit: type=1400 audit(1574318429.743:24615): avc: denied { net_admin } for pid=2089 comm="syz-executor.0" capability=12 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 audit: type=1400 audit(1574318429.753:24617): avc: denied { net_admin } for pid=2087 comm="syz-executor.2" capability=12 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 audit: type=1400 audit(1574318429.753:24618): avc: denied { net_admin } for pid=2089 comm="syz-executor.0" capability=12 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 audit: type=1400 audit(1574318429.763:24619): avc: denied { net_admin } for pid=2087 comm="syz-executor.2" capability=12 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 audit: type=1400 audit(1574318429.763:24620): avc: denied { net_admin } for pid=2089 comm="syz-executor.0" capability=12 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 audit: type=1400 audit(1574318429.763:24621): avc: denied { net_admin } for pid=2087 comm="syz-executor.2" capability=12 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 audit: type=1400 audit(1574318429.763:24623): avc: denied { net_admin } for pid=2087 comm="syz-executor.2" capability=12 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 audit: type=1400 audit(1574318429.763:24622): avc: denied { net_admin } for pid=2089 comm="syz-executor.0" capability=12 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1