Warning: Permanently added '10.128.10.63' (ECDSA) to the list of known hosts. [ 49.252832] random: sshd: uninitialized urandom read (32 bytes read) [ 49.432546] audit: type=1400 audit(1560685623.041:36): avc: denied { map } for pid=7028 comm="syz-execprog" path="/root/syz-execprog" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 2019/06/16 11:47:03 parsed 1 programs [ 50.235205] audit: type=1400 audit(1560685623.841:37): avc: denied { map } for pid=7028 comm="syz-execprog" path="/sys/kernel/debug/kcov" dev="debugfs" ino=13821 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1 [ 50.921966] random: cc1: uninitialized urandom read (8 bytes read) 2019/06/16 11:47:05 executed programs: 0 [ 51.983903] audit: type=1400 audit(1560685625.591:38): avc: denied { map } for pid=7028 comm="syz-execprog" path="/root/syzkaller-shm176301785" dev="sda1" ino=16484 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1 [ 52.770186] IPVS: ftp: loaded support on port[0] = 21 [ 53.089648] chnl_net:caif_netlink_parms(): no params data found [ 53.119567] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.126452] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.133521] device bridge_slave_0 entered promiscuous mode [ 53.140639] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.147026] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.154453] device bridge_slave_1 entered promiscuous mode [ 53.168286] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 53.177466] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 53.195532] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 53.202828] team0: Port device team_slave_0 added [ 53.208160] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 53.215345] team0: Port device team_slave_1 added [ 53.220683] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 53.227932] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 53.282223] device hsr_slave_0 entered promiscuous mode [ 53.320650] device hsr_slave_1 entered promiscuous mode [ 53.370505] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 53.377372] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 53.390328] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.396708] bridge0: port 2(bridge_slave_1) entered forwarding state [ 53.403582] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.409922] bridge0: port 1(bridge_slave_0) entered forwarding state [ 53.436554] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 53.443710] 8021q: adding VLAN 0 to HW filter on device bond0 [ 53.452517] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 53.462255] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 53.480813] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.487725] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.497718] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 53.504021] 8021q: adding VLAN 0 to HW filter on device team0 [ 53.512391] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 53.519963] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.526397] bridge0: port 1(bridge_slave_0) entered forwarding state [ 53.535152] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 53.543190] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.549522] bridge0: port 2(bridge_slave_1) entered forwarding state [ 53.570545] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 53.578193] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 53.586434] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 53.593905] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 53.601831] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 53.609392] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 53.615560] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 53.627338] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 53.636638] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 54.080698] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 54.681963] [ 54.683652] ====================================================== [ 54.689954] WARNING: possible circular locking dependency detected [ 54.696258] 4.14.126 #20 Not tainted [ 54.699953] ------------------------------------------------------ [ 54.706254] syz-executor.0/7059 is trying to acquire lock: [ 54.711867] (pmus_lock){+.+.}, at: [] perf_swevent_init+0x12e/0x490 [ 54.719934] [ 54.719934] but task is already holding lock: [ 54.725891] (&cpuctx_mutex/1){+.+.}, at: [] perf_event_ctx_lock_nested+0x150/0x2c0 [ 54.735251] [ 54.735251] which lock already depends on the new lock. [ 54.735251] [ 54.743554] [ 54.743554] the existing dependency chain (in reverse order) is: [ 54.751162] [ 54.751162] -> #2 (&cpuctx_mutex/1){+.+.}: [ 54.756888] lock_acquire+0x16f/0x430 [ 54.761200] __mutex_lock+0xe8/0x1470 [ 54.765507] mutex_lock_nested+0x16/0x20 [ 54.770075] SYSC_perf_event_open+0x121f/0x24b0 [ 54.775250] SyS_perf_event_open+0x34/0x40 [ 54.779994] do_syscall_64+0x1e8/0x640 [ 54.784394] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 54.790083] [ 54.790083] -> #1 (&cpuctx_mutex){+.+.}: [ 54.795623] lock_acquire+0x16f/0x430 [ 54.799930] __mutex_lock+0xe8/0x1470 [ 54.804236] mutex_lock_nested+0x16/0x20 [ 54.808838] perf_event_init_cpu+0xc2/0x170 [ 54.813678] perf_event_init+0x2d8/0x31a [ 54.818247] start_kernel+0x3b6/0x6fd [ 54.822557] x86_64_start_reservations+0x29/0x2b [ 54.827820] x86_64_start_kernel+0x77/0x7b [ 54.832649] secondary_startup_64+0xa5/0xb0 [ 54.837476] [ 54.837476] -> #0 (pmus_lock){+.+.}: [ 54.842671] __lock_acquire+0x2c89/0x45e0 [ 54.847324] lock_acquire+0x16f/0x430 [ 54.851631] __mutex_lock+0xe8/0x1470 [ 54.855940] mutex_lock_nested+0x16/0x20 [ 54.860539] perf_swevent_init+0x12e/0x490 [ 54.865280] perf_try_init_event+0xe6/0x200 [ 54.870129] perf_event_alloc.part.0+0xd48/0x2530 [ 54.875482] SYSC_perf_event_open+0xa2d/0x24b0 [ 54.880569] SyS_perf_event_open+0x34/0x40 [ 54.885317] do_syscall_64+0x1e8/0x640 [ 54.889715] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 54.895409] [ 54.895409] other info that might help us debug this: [ 54.895409] [ 54.903538] Chain exists of: [ 54.903538] pmus_lock --> &cpuctx_mutex --> &cpuctx_mutex/1 [ 54.903538] [ 54.913770] Possible unsafe locking scenario: [ 54.913770] [ 54.919812] CPU0 CPU1 [ 54.924460] ---- ---- [ 54.929106] lock(&cpuctx_mutex/1); [ 54.932810] lock(&cpuctx_mutex); [ 54.938852] lock(&cpuctx_mutex/1); [ 54.945087] lock(pmus_lock); [ 54.948265] [ 54.948265] *** DEADLOCK *** [ 54.948265] [ 54.954311] 2 locks held by syz-executor.0/7059: [ 54.959047] #0: (&pmus_srcu){....}, at: [] perf_event_alloc.part.0+0xba8/0x2530 [ 54.968234] #1: (&cpuctx_mutex/1){+.+.}, at: [] perf_event_ctx_lock_nested+0x150/0x2c0 [ 54.978028] [ 54.978028] stack backtrace: [ 54.988334] CPU: 0 PID: 7059 Comm: syz-executor.0 Not tainted 4.14.126 #20 [ 54.995327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 55.004665] Call Trace: [ 55.007249] dump_stack+0x138/0x19c [ 55.010879] print_circular_bug.isra.0.cold+0x1cc/0x28f [ 55.016231] __lock_acquire+0x2c89/0x45e0 [ 55.020366] ? __lock_acquire+0x5f9/0x45e0 [ 55.024592] ? trace_hardirqs_on+0x10/0x10 [ 55.028815] ? depot_save_stack+0x11c/0x410 [ 55.033134] lock_acquire+0x16f/0x430 [ 55.036923] ? perf_swevent_init+0x12e/0x490 [ 55.041318] ? perf_swevent_init+0x12e/0x490 [ 55.045717] __mutex_lock+0xe8/0x1470 [ 55.049533] ? perf_swevent_init+0x12e/0x490 [ 55.053928] ? __mutex_lock+0x36a/0x1470 [ 55.057975] ? trace_hardirqs_on+0x10/0x10 [ 55.062199] ? perf_try_init_event+0xf2/0x200 [ 55.066683] ? perf_swevent_init+0x12e/0x490 [ 55.071077] ? perf_event_ctx_lock_nested+0x150/0x2c0 [ 55.076255] ? perf_try_init_event+0xf2/0x200 [ 55.080741] ? mutex_trylock+0x1c0/0x1c0 [ 55.084787] ? mutex_trylock+0x1c0/0x1c0 [ 55.089001] ? find_held_lock+0x35/0x130 [ 55.093051] ? perf_event_ctx_lock_nested+0x119/0x2c0 [ 55.098234] mutex_lock_nested+0x16/0x20 [ 55.102280] ? mutex_lock_nested+0x16/0x20 [ 55.106535] perf_swevent_init+0x12e/0x490 [ 55.110761] ? perf_event_ctx_lock_nested+0x248/0x2c0 [ 55.115972] perf_try_init_event+0xe6/0x200 [ 55.120295] perf_event_alloc.part.0+0xd48/0x2530 [ 55.125132] SYSC_perf_event_open+0xa2d/0x24b0 [ 55.129707] ? perf_event_set_output+0x460/0x460 [ 55.134459] ? SyS_clock_gettime+0xf8/0x180 [ 55.138771] SyS_perf_event_open+0x34/0x40 [ 55.142996] ? perf_bp_event+0x170/0x170 [ 55.147049] do_syscall_64+0x1e8/0x640 [ 55.150921] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 55.155760] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 55.160937] RIP: 0033:0x4592c9 [ 55.164119] RSP: 002b:00007fe7f0ff1c78 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 55.171812] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000004592c9 [ 55.179068] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000200 [ 55.186328] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 55.193586] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fe7f0ff26d4 [ 55.200864] R13: 00000000004c5f2a R14: 00000000004da8c8 R15: 00000000ffffffff