[[0;32m  OK  [0m] Reached target Login Prompts.
[[0;32m  OK  [0m] Reached target Multi-User System.
[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.0.128' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [  295.900717] audit: type=1400 audit(1597025995.386:8): avc:  denied  { execmem } for  pid=6349 comm="syz-executor905" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
[  295.955166] 
[  295.956856] ======================================================
[  295.963164] WARNING: possible circular locking dependency detected
[  295.969474] 4.14.193-syzkaller #0 Not tainted
[  295.973941] ------------------------------------------------------
[  295.980254] syz-executor905/6349 is trying to acquire lock:
[  295.985953]  (&sig->cred_guard_mutex){+.+.}, at: [<ffffffff81a6de5f>] proc_pid_stack+0x13f/0x2f0
[  295.994935] 
[  295.994935] but task is already holding lock:
[  296.000885]  (&p->lock){+.+.}, at: [<ffffffff8195115a>] seq_read+0xba/0x1120
[  296.008137] 
[  296.008137] which lock already depends on the new lock.
[  296.008137] 
[  296.016449] 
[  296.016449] the existing dependency chain (in reverse order) is:
[  296.024056] 
[  296.024056] -> #3 (&p->lock){+.+.}:
[  296.029189]        __mutex_lock+0xc4/0x1310
[  296.033494]        seq_read+0xba/0x1120
[  296.037451]        proc_reg_read+0xee/0x1a0
[  296.041782]        do_iter_read+0x3eb/0x5b0
[  296.046082]        vfs_readv+0xc8/0x120
[  296.050066]        default_file_splice_read+0x418/0x910
[  296.055422]        do_splice_to+0xfb/0x140
[  296.059646]        splice_direct_to_actor+0x207/0x730
[  296.064816]        do_splice_direct+0x164/0x210
[  296.069483]        do_sendfile+0x47f/0xb30
[  296.073712]        SyS_sendfile64+0xff/0x110
[  296.078101]        do_syscall_64+0x1d5/0x640
[  296.082487]        entry_SYSCALL_64_after_hwframe+0x46/0xbb
[  296.088170] 
[  296.088170] -> #2 (sb_writers#3){.+.+}:
[  296.093612]        __sb_start_write+0x19a/0x2e0
[  296.098275]        mnt_want_write+0x3a/0xb0
[  296.102626]        ovl_create_object+0x75/0x1d0
[  296.107312]        lookup_open+0x77a/0x1750
[  296.111626]        path_openat+0xe08/0x2970
[  296.115928]        do_filp_open+0x179/0x3c0
[  296.120223]        do_sys_open+0x296/0x410
[  296.124458]        do_syscall_64+0x1d5/0x640
[  296.128843]        entry_SYSCALL_64_after_hwframe+0x46/0xbb
[  296.134542] 
[  296.134542] -> #1 (&ovl_i_mutex_dir_key[depth]){++++}:
[  296.141286]        down_read+0x36/0x80
[  296.145180]        path_openat+0x149b/0x2970
[  296.149563]        do_filp_open+0x179/0x3c0
[  296.153859]        do_open_execat+0xd3/0x450
[  296.158263]        do_execveat_common+0x711/0x1f30
[  296.163182]        SyS_execve+0x3b/0x50
[  296.167138]        do_syscall_64+0x1d5/0x640
[  296.171537]        entry_SYSCALL_64_after_hwframe+0x46/0xbb
[  296.177235] 
[  296.177235] -> #0 (&sig->cred_guard_mutex){+.+.}:
[  296.183611]        lock_acquire+0x170/0x3f0
[  296.187928]        __mutex_lock+0xc4/0x1310
[  296.192237]        proc_pid_stack+0x13f/0x2f0
[  296.196707]        proc_single_show+0xe7/0x150
[  296.201283]        seq_read+0x4cf/0x1120
[  296.205362]        do_iter_read+0x3eb/0x5b0
[  296.209658]        vfs_readv+0xc8/0x120
[  296.213610]        SyS_preadv+0x15a/0x200
[  296.217746]        do_syscall_64+0x1d5/0x640
[  296.222127]        entry_SYSCALL_64_after_hwframe+0x46/0xbb
[  296.227808] 
[  296.227808] other info that might help us debug this:
[  296.227808] 
[  296.235928] Chain exists of:
[  296.235928]   &sig->cred_guard_mutex --> sb_writers#3 --> &p->lock
[  296.235928] 
[  296.246595]  Possible unsafe locking scenario:
[  296.246595] 
[  296.252633]        CPU0                    CPU1
[  296.257287]        ----                    ----
[  296.261945]   lock(&p->lock);
[  296.265026]                                lock(sb_writers#3);
[  296.270972]                                lock(&p->lock);
[  296.276570]   lock(&sig->cred_guard_mutex);
[  296.280865] 
[  296.280865]  *** DEADLOCK ***
[  296.280865] 
[  296.286913] 1 lock held by syz-executor905/6349:
[  296.291652]  #0:  (&p->lock){+.+.}, at: [<ffffffff8195115a>] seq_read+0xba/0x1120
[  296.299272] 
[  296.299272] stack backtrace:
[  296.303767] CPU: 0 PID: 6349 Comm: syz-executor905 Not tainted 4.14.193-syzkaller #0
[  296.311776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  296.321123] Call Trace:
[  296.323733]  dump_stack+0x1b2/0x283
[  296.327372]  print_circular_bug.constprop.0.cold+0x2d7/0x41e
[  296.333148]  __lock_acquire+0x2e0e/0x3f20
[  296.337275]  ? _raw_spin_unlock_irqrestore+0x66/0xe0
[  296.342388]  ? depot_save_stack+0x1d3/0x3e3
[  296.346686]  ? trace_hardirqs_on+0x10/0x10
[  296.350949]  ? kasan_kmalloc+0xeb/0x160
[  296.354900]  ? kmem_cache_alloc_trace+0x131/0x3d0
[  296.359713]  ? proc_pid_stack+0xd6/0x2f0
[  296.363743]  ? proc_single_show+0xe7/0x150
[  296.367953]  ? do_syscall_64+0x1d5/0x640
[  296.371988]  lock_acquire+0x170/0x3f0
[  296.375793]  ? proc_pid_stack+0x13f/0x2f0
[  296.379915]  ? proc_pid_stack+0x13f/0x2f0
[  296.384041]  __mutex_lock+0xc4/0x1310
[  296.387821]  ? proc_pid_stack+0x13f/0x2f0
[  296.392012]  ? cred_has_capability.isra.0+0xf5/0x1f0
[  296.397970]  ? check_nnp_nosuid.isra.0+0x270/0x270
[  296.402881]  ? proc_pid_stack+0x13f/0x2f0
[  296.407005]  ? __ww_mutex_wakeup_for_backoff+0x210/0x210
[  296.412444]  ? proc_pid_stack+0xd6/0x2f0
[  296.416529]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[  296.421998]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[  296.427018]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[  296.431855]  proc_pid_stack+0x13f/0x2f0
[  296.435814]  ? proc_map_files_get_link+0x110/0x110
[  296.440719]  ? lock_downgrade+0x740/0x740
[  296.444843]  proc_single_show+0xe7/0x150
[  296.448900]  seq_read+0x4cf/0x1120
[  296.452433]  ? seq_lseek+0x3d0/0x3d0
[  296.456175]  ? security_file_permission+0x82/0x1e0
[  296.461083]  ? rw_verify_area+0xe1/0x2a0
[  296.465167]  do_iter_read+0x3eb/0x5b0
[  296.468956]  vfs_readv+0xc8/0x120
[  296.472389]  ? compat_rw_copy_check_uvector+0x320/0x320
[  296.477744]  ? putname+0xcd/0x110
[  296.481317]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[  296.486860]  ? putname+0xcd/0x110
[  296.490292]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[  296.495300]  ? kmem_cache_free+0x23a/0x2b0
[  296.499526]  ? putname+0xcd/0x110
[  296.502966]  SyS_preadv+0x15a/0x200
[  296.506572]  ? SyS_writev+0x30/0x30
[  296.510175]  ? __fdget_raw+0x12b/0x1b0
[  296.514161]  ? do_syscall_64+0x4c/0x640
[  296.518109]  ? SyS_writev+0x30/0x30
[  296.521710]  do_syscall_64+0x1d5/0x640
[  296.525574]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[  296.530737] RIP: 0033:0x4405b9
[  296.533916] RSP: 002b:00007fffae48d538 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  296.541613] RAX: ffffffffffffffda RBX: 00007fffae48d540 RCX: 00000000004405b9
[  296.548861] RDX: 0000000000000375 RSI: 00000000200017c0 RDI: 0000000000000005
[  296.556106] RBP: 0