====================================================== WARNING: possible circular locking dependency detected 4.19.64 #38 Not tainted ------------------------------------------------------ syz-executor.4/9485 is trying to acquire lock: 00000000aba9b6ea (&p->lock){+.+.}, at: seq_read+0x71/0x1110 fs/seq_file.c:161 but task is already holding lock: 00000000d0fce81a (&sig->cred_guard_mutex){+.+.}, at: prepare_bprm_creds+0x55/0x120 fs/exec.c:1404 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #1 (&sig->cred_guard_mutex){+.+.}: __mutex_lock_common kernel/locking/mutex.c:925 [inline] __mutex_lock+0xf7/0x1300 kernel/locking/mutex.c:1072 mutex_lock_killable_nested+0x16/0x20 kernel/locking/mutex.c:1102 lock_trace+0x4a/0xe0 fs/proc/base.c:402 proc_pid_syscall+0x98/0x250 fs/proc/base.c:635 proc_single_show+0xf0/0x180 fs/proc/base.c:755 seq_read+0x4ca/0x1110 fs/seq_file.c:229 do_loop_readv_writev fs/read_write.c:701 [inline] do_loop_readv_writev fs/read_write.c:688 [inline] do_iter_read+0x490/0x640 fs/read_write.c:925 vfs_readv+0xf0/0x160 fs/read_write.c:987 kernel_readv fs/splice.c:362 [inline] default_file_splice_read+0x478/0x890 fs/splice.c:417 do_splice_to+0x127/0x180 fs/splice.c:881 splice_direct_to_actor+0x256/0x890 fs/splice.c:953 do_splice_direct+0x1da/0x2a0 fs/splice.c:1062 do_sendfile+0x597/0xce0 fs/read_write.c:1447 __do_sys_sendfile64 fs/read_write.c:1508 [inline] __se_sys_sendfile64 fs/read_write.c:1494 [inline] __x64_sys_sendfile64+0x1dd/0x220 fs/read_write.c:1494 do_syscall_64+0xfd/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe -> #0 (&p->lock){+.+.}: lock_acquire+0x16f/0x3f0 kernel/locking/lockdep.c:3900 __mutex_lock_common kernel/locking/mutex.c:925 [inline] __mutex_lock+0xf7/0x1300 kernel/locking/mutex.c:1072 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:1087 seq_read+0x71/0x1110 fs/seq_file.c:161 __vfs_read+0x114/0x800 fs/read_write.c:416 vfs_read+0x194/0x3d0 fs/read_write.c:452 kernel_read+0xab/0x120 fs/read_write.c:431 prepare_binprm+0x6a2/0x940 fs/exec.c:1581 __do_execve_file.isra.0+0xf58/0x2150 fs/exec.c:1800 do_execveat_common fs/exec.c:1866 [inline] do_execveat fs/exec.c:1894 [inline] __do_sys_execveat fs/exec.c:1975 [inline] __se_sys_execveat fs/exec.c:1967 [inline] __x64_sys_execveat+0xed/0x130 fs/exec.c:1967 do_syscall_64+0xfd/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe other info that might help us debug this: Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(&sig->cred_guard_mutex); lock(&p->lock); lock(&sig->cred_guard_mutex); lock(&p->lock); *** DEADLOCK *** 1 lock held by syz-executor.4/9485: #0: 00000000d0fce81a (&sig->cred_guard_mutex){+.+.}, at: prepare_bprm_creds+0x55/0x120 fs/exec.c:1404 stack backtrace: CPU: 0 PID: 9485 Comm: syz-executor.4 Not tainted 4.19.64 #38 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x172/0x1f0 lib/dump_stack.c:113 print_circular_bug.isra.0.cold+0x1cc/0x28f kernel/locking/lockdep.c:1221 check_prev_add kernel/locking/lockdep.c:1861 [inline] check_prevs_add kernel/locking/lockdep.c:1974 [inline] validate_chain kernel/locking/lockdep.c:2415 [inline] __lock_acquire+0x2e19/0x49c0 kernel/locking/lockdep.c:3411 lock_acquire+0x16f/0x3f0 kernel/locking/lockdep.c:3900 __mutex_lock_common kernel/locking/mutex.c:925 [inline] __mutex_lock+0xf7/0x1300 kernel/locking/mutex.c:1072 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:1087 seq_read+0x71/0x1110 fs/seq_file.c:161 __vfs_read+0x114/0x800 fs/read_write.c:416 vfs_read+0x194/0x3d0 fs/read_write.c:452 kernel_read+0xab/0x120 fs/read_write.c:431 prepare_binprm+0x6a2/0x940 fs/exec.c:1581 __do_execve_file.isra.0+0xf58/0x2150 fs/exec.c:1800 do_execveat_common fs/exec.c:1866 [inline] do_execveat fs/exec.c:1894 [inline] __do_sys_execveat fs/exec.c:1975 [inline] __se_sys_execveat fs/exec.c:1967 [inline] __x64_sys_execveat+0xed/0x130 fs/exec.c:1967 do_syscall_64+0xfd/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x459829 Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007f295d52ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000459829 RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003 RBP: 000000000075bf20 R08: 0000000000001000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00007f295d52f6d4 R13: 00000000004bff30 R14: 00000000004d1de8 R15: 00000000ffffffff kobject: 'loop5' (00000000b1843b20): kobject_uevent_env kobject: 'loop5' (00000000b1843b20): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop1' (000000003c1ea05f): kobject_uevent_env kobject: 'loop1' (000000003c1ea05f): fill_kobj_path: path = '/devices/virtual/block/loop1' kobject: 'loop4' (00000000d0d7805e): kobject_uevent_env kobject: 'loop4' (00000000d0d7805e): fill_kobj_path: path = '/devices/virtual/block/loop4' kobject: 'loop0' (00000000fdc5fd16): kobject_uevent_env kobject: 'loop0' (00000000fdc5fd16): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop4' (00000000d0d7805e): kobject_uevent_env kobject: 'loop4' (00000000d0d7805e): fill_kobj_path: path = '/devices/virtual/block/loop4' kobject: 'loop5' (00000000b1843b20): kobject_uevent_env bond0: Error: Device is in use and cannot be enslaved kobject: 'loop5' (00000000b1843b20): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop1' (000000003c1ea05f): kobject_uevent_env kobject: 'loop1' (000000003c1ea05f): fill_kobj_path: path = '/devices/virtual/block/loop1' kobject: 'loop5' (00000000b1843b20): kobject_uevent_env kobject: 'loop5' (00000000b1843b20): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop4' (00000000d0d7805e): kobject_uevent_env kobject: 'loop4' (00000000d0d7805e): fill_kobj_path: path = '/devices/virtual/block/loop4' kobject: 'loop5' (00000000b1843b20): kobject_uevent_env kobject: 'loop5' (00000000b1843b20): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop1' (000000003c1ea05f): kobject_uevent_env kobject: 'loop1' (000000003c1ea05f): fill_kobj_path: path = '/devices/virtual/block/loop1' kobject: 'loop0' (00000000fdc5fd16): kobject_uevent_env kobject: 'loop0' (00000000fdc5fd16): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop4' (00000000d0d7805e): kobject_uevent_env kobject: 'loop4' (00000000d0d7805e): fill_kobj_path: path = '/devices/virtual/block/loop4' kobject: 'loop5' (00000000b1843b20): kobject_uevent_env kobject: 'loop5' (00000000b1843b20): fill_kobj_path: path = '/devices/virtual/block/loop5' bond0: Error: Device is in use and cannot be enslaved kobject: 'loop5' (00000000b1843b20): kobject_uevent_env kobject: 'loop5' (00000000b1843b20): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop1' (000000003c1ea05f): kobject_uevent_env kobject: 'loop1' (000000003c1ea05f): fill_kobj_path: path = '/devices/virtual/block/loop1' kobject: 'loop0' (00000000fdc5fd16): kobject_uevent_env kobject: 'loop0' (00000000fdc5fd16): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop5' (00000000b1843b20): kobject_uevent_env kobject: 'loop5' (00000000b1843b20): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop5' (00000000b1843b20): kobject_uevent_env kobject: 'loop5' (00000000b1843b20): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop1' (000000003c1ea05f): kobject_uevent_env kobject: 'loop1' (000000003c1ea05f): fill_kobj_path: path = '/devices/virtual/block/loop1' kobject: 'loop5' (00000000b1843b20): kobject_uevent_env kobject: 'loop5' (00000000b1843b20): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop1' (000000003c1ea05f): kobject_uevent_env kobject: 'loop1' (000000003c1ea05f): fill_kobj_path: path = '/devices/virtual/block/loop1' kobject: 'loop0' (00000000fdc5fd16): kobject_uevent_env kobject: 'loop0' (00000000fdc5fd16): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop4' (00000000d0d7805e): kobject_uevent_env kobject: 'loop4' (00000000d0d7805e): fill_kobj_path: path = '/devices/virtual/block/loop4' bond0: Error: Device is in use and cannot be enslaved kobject: 'loop5' (00000000b1843b20): kobject_uevent_env kobject: 'loop5' (00000000b1843b20): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop4' (00000000d0d7805e): kobject_uevent_env SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=10379 comm=syz-executor.4 kobject: 'loop4' (00000000d0d7805e): fill_kobj_path: path = '/devices/virtual/block/loop4' kobject: 'loop5' (00000000b1843b20): kobject_uevent_env kobject: 'loop5' (00000000b1843b20): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop1' (000000003c1ea05f): kobject_uevent_env kobject: 'loop1' (000000003c1ea05f): fill_kobj_path: path = '/devices/virtual/block/loop1' kobject: 'loop4' (00000000d0d7805e): kobject_uevent_env kobject: 'loop4' (00000000d0d7805e): fill_kobj_path: path = '/devices/virtual/block/loop4' kobject: 'loop0' (00000000fdc5fd16): kobject_uevent_env kobject: 'loop0' (00000000fdc5fd16): fill_kobj_path: path = '/devices/virtual/block/loop0' bond0: Error: Device is in use and cannot be enslaved SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=10395 comm=syz-executor.4 kobject: 'loop5' (00000000b1843b20): kobject_uevent_env kobject: 'loop5' (00000000b1843b20): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop4' (00000000d0d7805e): kobject_uevent_env kobject: 'loop4' (00000000d0d7805e): fill_kobj_path: path = '/devices/virtual/block/loop4' SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=10516 comm=syz-executor.4 bond0: Error: Device is in use and cannot be enslaved kobject: 'loop1' (000000003c1ea05f): kobject_uevent_env kobject: 'loop1' (000000003c1ea05f): fill_kobj_path: path = '/devices/virtual/block/loop1' kobject: 'loop5' (00000000b1843b20): kobject_uevent_env kobject: 'loop5' (00000000b1843b20): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop5' (00000000b1843b20): kobject_uevent_env kobject: 'loop5' (00000000b1843b20): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop4' (00000000d0d7805e): kobject_uevent_env kobject: 'loop4' (00000000d0d7805e): fill_kobj_path: path = '/devices/virtual/block/loop4' kobject: 'loop0' (00000000fdc5fd16): kobject_uevent_env kobject: 'loop0' (00000000fdc5fd16): fill_kobj_path: path = '/devices/virtual/block/loop0' SELinux: unrecognized netlink message: protocol=0 nlmsg_type=43 sclass=netlink_route_socket pig=10638 comm=syz-executor.1 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=10640 comm=syz-executor.4 bond0: Error: Device is in use and cannot be enslaved kobject: 'loop5' (00000000b1843b20): kobject_uevent_env kobject: 'loop5' (00000000b1843b20): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop4' (00000000d0d7805e): kobject_uevent_env kobject: 'loop4' (00000000d0d7805e): fill_kobj_path: path = '/devices/virtual/block/loop4' kobject: 'loop5' (00000000b1843b20): kobject_uevent_env kobject: 'loop5' (00000000b1843b20): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop1' (000000003c1ea05f): kobject_uevent_env kobject: 'loop1' (000000003c1ea05f): fill_kobj_path: path = '/devices/virtual/block/loop1' kobject: 'loop0' (00000000fdc5fd16): kobject_uevent_env kobject: 'loop0' (00000000fdc5fd16): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop5' (00000000b1843b20): kobject_uevent_env kobject: 'loop5' (00000000b1843b20): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop1' (000000003c1ea05f): kobject_uevent_env kobject: 'loop1' (000000003c1ea05f): fill_kobj_path: path = '/devices/virtual/block/loop1' kobject: 'loop1' (000000003c1ea05f): kobject_uevent_env kobject: 'loop1' (000000003c1ea05f): fill_kobj_path: path = '/devices/virtual/block/loop1' kobject: 'loop0' (00000000fdc5fd16): kobject_uevent_env kobject: 'loop0' (00000000fdc5fd16): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop4' (00000000d0d7805e): kobject_uevent_env kobject: 'loop4' (00000000d0d7805e): fill_kobj_path: path = '/devices/virtual/block/loop4' kobject: 'loop5' (00000000b1843b20): kobject_uevent_env kobject: 'loop5' (00000000b1843b20): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop1' (000000003c1ea05f): kobject_uevent_env kobject: 'loop1' (000000003c1ea05f): fill_kobj_path: path = '/devices/virtual/block/loop1' kobject: 'loop5' (00000000b1843b20): kobject_uevent_env kobject: 'loop5' (00000000b1843b20): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop0' (00000000fdc5fd16): kobject_uevent_env kobject: 'loop0' (00000000fdc5fd16): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop4' (00000000d0d7805e): kobject_uevent_env kobject: 'loop4' (00000000d0d7805e): fill_kobj_path: path = '/devices/virtual/block/loop4' kobject: 'loop1' (000000003c1ea05f): kobject_uevent_env kobject: 'loop1' (000000003c1ea05f): fill_kobj_path: path = '/devices/virtual/block/loop1' kobject: 'loop5' (00000000b1843b20): kobject_uevent_env kobject: 'loop5' (00000000b1843b20): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop1' (000000003c1ea05f): kobject_uevent_env kobject: 'loop1' (000000003c1ea05f): fill_kobj_path: path = '/devices/virtual/block/loop1' kobject: 'loop0' (00000000fdc5fd16): kobject_uevent_env kobject: 'loop0' (00000000fdc5fd16): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop4' (00000000d0d7805e): kobject_uevent_env kobject: 'loop4' (00000000d0d7805e): fill_kobj_path: path = '/devices/virtual/block/loop4' kobject: 'loop1' (000000003c1ea05f): kobject_uevent_env kobject: 'loop1' (000000003c1ea05f): fill_kobj_path: path = '/devices/virtual/block/loop1' kobject: 'loop5' (00000000b1843b20): kobject_uevent_env kobject: 'loop5' (00000000b1843b20): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop4' (00000000d0d7805e): kobject_uevent_env kobject: 'loop4' (00000000d0d7805e): fill_kobj_path: path = '/devices/virtual/block/loop4' kobject: 'loop5' (00000000b1843b20): kobject_uevent_env kobject: 'loop5' (00000000b1843b20): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop1' (000000003c1ea05f): kobject_uevent_env kobject: 'loop1' (000000003c1ea05f): fill_kobj_path: path = '/devices/virtual/block/loop1' kobject: 'loop5' (00000000b1843b20): kobject_uevent_env kobject: 'loop5' (00000000b1843b20): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop4' (00000000d0d7805e): kobject_uevent_env kobject: 'loop4' (00000000d0d7805e): fill_kobj_path: path = '/devices/virtual/block/loop4' SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=11013 comm=syz-executor.4 kobject: 'loop0' (00000000fdc5fd16): kobject_uevent_env kobject: 'loop0' (00000000fdc5fd16): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop4' (00000000d0d7805e): kobject_uevent_env kobject: 'loop4' (00000000d0d7805e): fill_kobj_path: path = '/devices/virtual/block/loop4' kobject: 'loop1' (000000003c1ea05f): kobject_uevent_env kobject: 'loop1' (000000003c1ea05f): fill_kobj_path: path = '/devices/virtual/block/loop1' SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=11027 comm=syz-executor.4 kobject: 'loop5' (00000000b1843b20): kobject_uevent_env kobject: 'loop5' (00000000b1843b20): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop4' (00000000d0d7805e): kobject_uevent_env kobject: 'loop4' (00000000d0d7805e): fill_kobj_path: path = '/devices/virtual/block/loop4' kobject: 'loop0' (00000000fdc5fd16): kobject_uevent_env kobject: 'loop0' (00000000fdc5fd16): fill_kobj_path: path = '/devices/virtual/block/loop0'