INIT: Entering runlevel: 2

[info] Using makefile-style concurrent boot in runlevel 2.
[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added 'ci-upstream-mmots-kasan-gce-2,10.128.0.31' (ECDSA) to the list of known hosts.
2017/12/02 08:08:05 parsed 1 programs
2017/12/02 08:08:05 executed programs: 0
syzkaller login: [   54.433446] binder: 3116:3117 transaction failed 29189/-22, size 0-0 line 2832
[   54.464678] 
[   54.466332] ======================================================
[   54.472612] WARNING: possible circular locking dependency detected
[   54.478891] 4.15.0-rc1-mm1+ #29 Not tainted
[   54.483172] ------------------------------------------------------
[   54.489449] syz-executor0/3121 is trying to acquire lock:
[   54.494945]  (&p->lock){+.+.}, at: [<00000000a7751419>] seq_read+0xd5/0x13d0
[   54.502106] 
[   54.502106] but task is already holding lock:
[   54.508038]  (sb_writers){.+.+}, at: [<00000000048429cb>] do_sendfile+0xaec/0xe90
[   54.517102] 
[   54.517102] which lock already depends on the new lock.
[   54.517102] 
[   54.525378] 
[   54.525378] the existing dependency chain (in reverse order) is:
[   54.532958] 
[   54.532958] -> #3 (sb_writers){.+.+}:
[   54.538208]        devtmpfsd+0x224/0x4b0
[   54.542229] 
[   54.542229] -> #2 ((completion)&req.done){+.+.}:
[   54.548443]        lock_acquire+0x1d5/0x580
[   54.552733]        wait_for_completion+0xcb/0x7b0
[   54.557538]        devtmpfs_create_node+0x32b/0x4a0
[   54.562522]        device_add+0x120f/0x1640
[   54.566807]        device_create_groups_vargs+0x1f3/0x250
[   54.572306]        device_create+0xda/0x110
[   54.576593]        vcs_make_sysfs+0x35/0x60
[   54.580877]        vc_allocate+0x4b7/0x6b0
[   54.585075]        con_install+0x52/0x440
[   54.589190]        tty_init_dev+0xf6/0x4a0
[   54.593397]        tty_open+0x608/0xab0
[   54.597335]        chrdev_open+0x257/0x730
[   54.601536]        do_dentry_open+0x682/0xd70
[   54.605996]        vfs_open+0x107/0x230
[   54.609936]        path_openat+0x1157/0x3530
[   54.614306]        do_filp_open+0x25b/0x3b0
[   54.618594]        do_sys_open+0x502/0x6d0
[   54.622792]        SyS_open+0x2d/0x40
[   54.626560]        entry_SYSCALL_64_fastpath+0x1f/0x96
[   54.631796] 
[   54.631796] -> #1 (console_lock){+.+.}:
[   54.637217]        lock_acquire+0x1d5/0x580
[   54.641502]        console_lock+0x4b/0x80
[   54.645611]        c_start+0x18/0xf0
[   54.649288]        seq_read+0x2f3/0x13d0
[   54.653314]        proc_reg_read+0xef/0x170
[   54.657596]        __vfs_read+0xef/0xa00
[   54.661621]        vfs_read+0x124/0x360
[   54.665565]        SyS_read+0xef/0x220
[   54.669432]        entry_SYSCALL_64_fastpath+0x1f/0x96
[   54.674668] 
[   54.674668] -> #0 (&p->lock){+.+.}:
[   54.679739]        __lock_acquire+0x3498/0x47f0
[   54.684370]        lock_acquire+0x1d5/0x580
[   54.688656]        __mutex_lock+0x16f/0x1a80
[   54.693026]        mutex_lock_nested+0x16/0x20
[   54.698178]        seq_read+0xd5/0x13d0
[   54.702114]        proc_reg_read+0xef/0x170
[   54.706395]        do_iter_read+0x3db/0x5b0
[   54.710692]        vfs_readv+0x121/0x1c0
[   54.714719]        default_file_splice_read+0x508/0xae0
[   54.720045]        do_splice_to+0x110/0x170
[   54.724331]        splice_direct_to_actor+0x242/0x820
[   54.729483]        do_splice_direct+0x2a7/0x3d0
[   54.734114]        do_sendfile+0x5d5/0xe90
[   54.738310]        SyS_sendfile64+0xbd/0x160
[   54.742679]        entry_SYSCALL_64_fastpath+0x1f/0x96
[   54.747913] 
[   54.747913] other info that might help us debug this:
[   54.747913] 
[   54.756017] Chain exists of:
[   54.756017]   &p->lock --> (completion)&req.done --> sb_writers
[   54.756017] 
[   54.766383]  Possible unsafe locking scenario:
[   54.766383] 
[   54.772405]        CPU0                    CPU1
[   54.777032]        ----                    ----
[   54.781659]   lock(sb_writers);
[   54.784901]                                lock((completion)&req.done);
[   54.791615]                                lock(sb_writers);
[   54.797372]   lock(&p->lock);
[   54.800438] 
[   54.800438]  *** DEADLOCK ***
[   54.800438] 
[   54.806461] 1 lock held by syz-executor0/3121:
[   54.811002]  #0:  (sb_writers){.+.+}, at: [<00000000048429cb>] do_sendfile+0xaec/0xe90
[   54.819024] 
[   54.819024] stack backtrace:
[   54.823486] CPU: 0 PID: 3121 Comm: syz-executor0 Not tainted 4.15.0-rc1-mm1+ #29
[   54.830978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   54.840294] Call Trace:
[   54.842848]  dump_stack+0x194/0x257
[   54.846439]  ? arch_local_irq_restore+0x53/0x53
[   54.851073]  print_circular_bug+0x42d/0x610
[   54.855358]  ? save_stack_trace+0x1a/0x20
[   54.859472]  check_prev_add+0x666/0x15f0
[   54.863494]  ? __lock_acquire+0x6e9/0x47f0
[   54.867692]  ? copy_trace+0x150/0x150
[   54.871455]  ? check_usage+0xb60/0xb60
[   54.875308]  ? print_usage_bug+0x3f0/0x3f0
[   54.879514]  __lock_acquire+0x3498/0x47f0
[   54.883632]  ? __lock_acquire+0x3498/0x47f0
[   54.887920]  ? debug_check_no_locks_freed+0x3d0/0x3d0
[   54.893080]  ? print_usage_bug+0x3f0/0x3f0
[   54.897278]  ? __lock_acquire+0x6e9/0x47f0
[   54.901480]  ? perf_trace_lock_acquire+0xe3/0x980
[   54.906287]  ? print_usage_bug+0x3f0/0x3f0
[   54.910487]  ? debug_check_no_locks_freed+0x3d0/0x3d0
[   54.915642]  ? check_noncircular+0x20/0x20
[   54.919841]  ? debug_check_no_locks_freed+0x3d0/0x3d0
[   54.924996]  ? dequeue_task_fair+0xac0/0x3090
[   54.929455]  lock_acquire+0x1d5/0x580
[   54.933218]  ? seq_read+0xd5/0x13d0
[   54.936809]  ? lock_release+0xda0/0xda0
[   54.940746]  ? debug_check_no_locks_freed+0x3d0/0x3d0
[   54.945899]  ? rcu_note_context_switch+0x710/0x710
[   54.950793]  ? __might_sleep+0x95/0x190
[   54.954730]  ? seq_read+0xd5/0x13d0
[   54.958323]  __mutex_lock+0x16f/0x1a80
[   54.962172]  ? seq_read+0xd5/0x13d0
[   54.965763]  ? __free_insn_slot+0x5c0/0x5c0
[   54.970051]  ? seq_read+0xd5/0x13d0
[   54.973642]  ? perf_trace_lock_acquire+0xe3/0x980
[   54.978445]  ? find_held_lock+0x39/0x1d0
[   54.982470]  ? mutex_lock_io_nested+0x1900/0x1900
[   54.987277]  ? check_noncircular+0x20/0x20
[   54.991475]  ? perf_trace_lock+0x900/0x900
[   54.995681]  ? lock_downgrade+0x980/0x980
[   54.999793]  ? __bpf_address_lookup+0x2b0/0x2b0
[   55.004424]  ? check_noncircular+0x20/0x20
[   55.008622]  ? lock_release+0xda0/0xda0
[   55.012562]  ? find_held_lock+0x39/0x1d0
[   55.016589]  ? check_noncircular+0x20/0x20
[   55.020789]  ? __lock_is_held+0xbc/0x140
[   55.024817]  ? check_noncircular+0x20/0x20
[   55.029015]  ? __lock_is_held+0xbc/0x140
[   55.033043]  ? rcu_read_lock_sched_held+0x108/0x120
[   55.038026]  ? __lock_is_held+0xbc/0x140
[   55.042051]  ? seq_lseek+0x3c0/0x3c0
[   55.045727]  mutex_lock_nested+0x16/0x20
[   55.049750]  ? mutex_lock_nested+0x16/0x20
[   55.053945]  seq_read+0xd5/0x13d0
[   55.057364]  ? fsnotify+0x7b3/0x1140
[   55.061041]  ? seq_lseek+0x3c0/0x3c0
[   55.064716]  ? fsnotify_first_mark+0x2b0/0x2b0
[   55.069267]  ? avc_policy_seqno+0x9/0x20
[   55.073293]  ? selinux_file_permission+0x82/0x460
[   55.078099]  ? seq_lseek+0x3c0/0x3c0
[   55.081778]  proc_reg_read+0xef/0x170
[   55.085545]  do_iter_read+0x3db/0x5b0
[   55.089312]  ? dup_iter+0x260/0x260
[   55.092903]  vfs_readv+0x121/0x1c0
[   55.096406]  ? compat_rw_copy_check_uvector+0x2e0/0x2e0
[   55.101734]  ? refill_pi_state_cache.part.7+0x2f0/0x2f0
[   55.107066]  ? futex_wake+0x680/0x680
[   55.110829]  ? print_usage_bug+0x3f0/0x3f0
[   55.115029]  default_file_splice_read+0x508/0xae0
[   55.119832]  ? default_file_splice_read+0x508/0xae0
[   55.124809]  ? perf_trace_lock_acquire+0xe3/0x980
[   55.129614]  ? do_splice_direct+0x3d0/0x3d0
[   55.133898]  ? __lock_acquire+0x6e9/0x47f0
[   55.138095]  ? print_usage_bug+0x3f0/0x3f0
[   55.142291]  ? futex_wake+0x2ca/0x680
[   55.146056]  ? __lock_is_held+0xbc/0x140
[   55.150084]  ? trace_event_raw_event_sched_switch+0x800/0x800
[   55.155930]  ? fsnotify+0x7b3/0x1140
[   55.159608]  ? fsnotify_first_mark+0x2b0/0x2b0
[   55.164157]  ? avc_policy_seqno+0x9/0x20
[   55.168182]  ? selinux_file_permission+0x82/0x460
[   55.172986]  ? security_file_permission+0x89/0x1f0
[   55.177877]  ? do_splice_direct+0x3d0/0x3d0
[   55.182161]  do_splice_to+0x110/0x170
[   55.185924]  ? do_splice_to+0x110/0x170
[   55.189876]  splice_direct_to_actor+0x242/0x820
[   55.194512]  ? _cond_resched+0x14/0x30
[   55.198362]  ? generic_pipe_buf_nosteal+0x10/0x10
[   55.203524]  ? do_splice_to+0x170/0x170
[   55.207461]  ? security_file_permission+0x89/0x1f0
[   55.212355]  ? rw_verify_area+0xe5/0x2b0
[   55.216378]  do_splice_direct+0x2a7/0x3d0
[   55.220749]  ? splice_direct_to_actor+0x820/0x820
[   55.225557]  ? rcu_sync_lockdep_assert+0x6d/0xb0
[   55.230287]  ? __sb_start_write+0x203/0x290
[   55.234572]  do_sendfile+0x5d5/0xe90
[   55.238256]  ? do_compat_pwritev64+0x100/0x100
[   55.242799]  ? __might_sleep+0x95/0x190
[   55.246738]  ? kasan_check_write+0x14/0x20
[   55.250935]  ? _copy_from_user+0x99/0x110
[   55.255046]  SyS_sendfile64+0xbd/0x160
[   55.258897]  ? SyS_sendfile+0x1a0/0x1a0
[   55.262835]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   55.267813]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   55.272534]  entry_SYSCALL_64_fastpath+0x1f/0x96
[   55.277253] RIP: 0033:0x4529d9
[   55.280406] RSP: 002b:00007fce2efc6c58 EFLAGS: 00000212 ORIG_RAX: 0000000000000028
[   55.288076] RAX: ffffffffffffffda RBX: 00000000007580d8 RCX: 00000000004529d9
[   55.295308] RDX: 00000000203e1000 RSI: 000000000000000e RDI: 000000000000000d
[   55.302885] RBP: 000000000000044a R08: 0000000000000000 R09: 0000000000000000
[   55.310118] R10: 00000000000003fe R11: 0000000000000212 R12: 00000000006f3790
[   55.317351]