[....] Starting OpenBSD Secure Shell server: sshd[ 12.671331] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 48.643187] random: sshd: uninitialized urandom read (32 bytes read) [ 49.208947] audit: type=1400 audit(1554810521.965:6): avc: denied { map } for pid=1780 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 [ 49.296123] random: sshd: uninitialized urandom read (32 bytes read) [ 49.843233] random: sshd: uninitialized urandom read (32 bytes read) [ 50.087982] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.15.193' (ECDSA) to the list of known hosts. [ 55.752741] random: sshd: uninitialized urandom read (32 bytes read) [ 55.853717] audit: type=1400 audit(1554810528.615:7): avc: denied { map } for pid=1798 comm="syz-execprog" path="/root/syz-execprog" dev="sda1" ino=1426 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 2019/04/09 11:48:49 parsed 1 programs [ 56.857675] audit: type=1400 audit(1554810529.615:8): avc: denied { map } for pid=1798 comm="syz-execprog" path="/sys/kernel/debug/kcov" dev="debugfs" ino=5011 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1 [ 57.781754] random: cc1: uninitialized urandom read (8 bytes read) 2019/04/09 11:48:52 executed programs: 0 [ 60.015274] audit: type=1400 audit(1554810532.775:9): avc: denied { map } for pid=1798 comm="syz-execprog" path="/root/syzkaller-shm209576146" dev="sda1" ino=16482 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1 [ 62.025716] [ 62.028078] ====================================================== [ 62.034881] WARNING: possible circular locking dependency detected [ 62.041268] 4.14.111+ #51 Not tainted [ 62.045128] ------------------------------------------------------ [ 62.051508] syz-executor.0/1962 is trying to acquire lock: [ 62.057368] (&cpuctx_mutex/1){+.+.}, at: [< (ptrval)>] SyS_perf_event_open+0x11f1/0x2520 [ 62.066637] [ 62.066637] but task is already holding lock: [ 62.072696] (&cpuctx_mutex){+.+.}, at: [< (ptrval)>] SyS_perf_event_open+0x11e4/0x2520 [ 62.081782] [ 62.081782] which lock already depends on the new lock. [ 62.081782] [ 62.090349] [ 62.090349] the existing dependency chain (in reverse order) is: [ 62.098839] [ 62.098839] -> #2 (&cpuctx_mutex){+.+.}: [ 62.104528] [ 62.104528] -> #1 (pmus_lock){+.+.}: [ 62.110063] [ 62.110063] -> #0 (&cpuctx_mutex/1){+.+.}: [ 62.115803] [ 62.115803] other info that might help us debug this: [ 62.115803] [ 62.123936] Chain exists of: [ 62.123936] &cpuctx_mutex/1 --> pmus_lock --> &cpuctx_mutex [ 62.123936] [ 62.134152] Possible unsafe locking scenario: [ 62.134152] [ 62.140449] CPU0 CPU1 [ 62.145179] ---- ---- [ 62.150197] lock(&cpuctx_mutex); [ 62.153900] lock(pmus_lock); [ 62.159679] lock(&cpuctx_mutex); [ 62.165979] lock(&cpuctx_mutex/1); [ 62.169677] [ 62.169677] *** DEADLOCK *** [ 62.169677] [ 62.176146] 1 lock held by syz-executor.0/1962: [ 62.180787] #0: (&cpuctx_mutex){+.+.}, at: [< (ptrval)>] SyS_perf_event_open+0x11e4/0x2520 [ 62.189964] [ 62.189964] stack backtrace: [ 62.194444] CPU: 1 PID: 1962 Comm: syz-executor.0 Not tainted 4.14.111+ #51 [ 62.201520] Call Trace: [ 62.204217] dump_stack+0xb9/0x10e [ 62.207755] print_circular_bug.isra.0.cold+0x2dc/0x425 [ 62.213114] ? __lock_acquire+0x2d83/0x3fa0 [ 62.217424] ? kasan_kmalloc.part.0+0xa6/0xd0 [ 62.221912] ? trace_hardirqs_on+0x10/0x10 [ 62.226138] ? perf_trace_lock_acquire+0x4e0/0x4e0 [ 62.231054] ? lock_acquire+0x10f/0x380 [ 62.235098] ? SyS_perf_event_open+0x11f1/0x2520 [ 62.239833] ? SyS_perf_event_open+0x11f1/0x2520 [ 62.244579] ? __mutex_lock+0xf7/0x1430 [ 62.248533] ? SyS_perf_event_open+0x11f1/0x2520 [ 62.253279] ? __lockdep_init_map+0x100/0x4a0 [ 62.257768] ? SyS_perf_event_open+0x11f1/0x2520 [ 62.262693] ? debug_mutex_init+0x28/0x53 [ 62.267690] ? __ww_mutex_wakeup_for_backoff+0x210/0x210 [ 62.273135] ? alloc_file+0x28a/0x3b0 [ 62.277092] ? SyS_perf_event_open+0x118d/0x2520 [ 62.281827] ? lock_downgrade+0x5d0/0x5d0 [ 62.286138] ? lock_acquire+0x10f/0x380 [ 62.290180] ? SyS_perf_event_open+0x10ab/0x2520 [ 62.295090] ? check_preemption_disabled+0x35/0x1f0 [ 62.300087] ? SyS_perf_event_open+0x11f1/0x2520 [ 62.305341] ? SyS_perf_event_open+0x11f1/0x2520 [ 62.313210] ? perf_bp_event+0x1a0/0x1a0 [ 62.317361] ? nsecs_to_jiffies+0x30/0x30 [ 62.321608] ? do_clock_gettime+0xd0/0xd0 [ 62.325756] ? do_syscall_64+0x43/0x4b0 [ 62.330056] ? perf_bp_event+0x1a0/0x1a0 [ 62.334097] ? do_syscall_64+0x19b/0x4b0 [ 62.338140] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7