INIT: Id "2" respawning too fast: disabled for 5 minutes INIT: Id "1" respawning too fast: disabled for 5 minutes INIT: Id "6" respawning too fast: disabled for 5 minutes INIT: Id "3" respawning too fast: disabled for 5 minutes INIT: Id "5" respawning too fast: disabled for 5 minutes [ 178.034084] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.68' (ECDSA) to the list of known hosts. [ 183.789744] random: sshd: uninitialized urandom read (32 bytes read) [ 183.881376] audit: type=1400 audit(1537664559.291:7): avc: denied { map } for pid=1832 comm="syz-execprog" path="/root/syz-execprog" dev="sda1" ino=16479 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 2018/09/23 01:02:39 parsed 1 programs [ 184.340739] audit: type=1400 audit(1537664559.751:8): avc: denied { map } for pid=1832 comm="syz-execprog" path="/sys/kernel/debug/kcov" dev="debugfs" ino=4999 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1 [ 184.872539] random: cc1: uninitialized urandom read (8 bytes read) 2018/09/23 01:02:41 executed programs: 0 [ 185.969560] audit: type=1400 audit(1537664561.371:9): avc: denied { map } for pid=1832 comm="syz-execprog" path="/root/syzkaller-shm629852769" dev="sda1" ino=16482 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1 2018/09/23 01:02:47 executed programs: 6 [ 194.790963] [ 194.792626] ====================================================== [ 194.798940] WARNING: possible circular locking dependency detected [ 194.805251] 4.14.71+ #8 Not tainted [ 194.808863] ------------------------------------------------------ [ 194.815154] syz-executor3/4760 is trying to acquire lock: [ 194.820671] (&sig->cred_guard_mutex){+.+.}, at: [] lock_trace+0x3f/0xc0 [ 194.829058] [ 194.829058] but task is already holding lock: [ 194.835002] (&p->lock){+.+.}, at: [] seq_read+0xd4/0x11d0 [ 194.842170] [ 194.842170] which lock already depends on the new lock. [ 194.842170] [ 194.850459] [ 194.850459] the existing dependency chain (in reverse order) is: [ 194.858050] [ 194.858050] -> #2 (&p->lock){+.+.}: [ 194.863136] __mutex_lock+0xf5/0x1480 [ 194.867437] seq_read+0xd4/0x11d0 [ 194.871388] proc_reg_read+0xef/0x170 [ 194.875717] do_iter_read+0x3cc/0x580 [ 194.880033] vfs_readv+0xe6/0x150 [ 194.883995] default_file_splice_read+0x495/0x860 [ 194.889339] do_splice_to+0x102/0x150 [ 194.893666] SyS_splice+0xf4d/0x12a0 [ 194.897898] do_syscall_64+0x19b/0x4b0 [ 194.902302] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 194.908000] [ 194.908000] -> #1 (&pipe->mutex/1){+.+.}: [ 194.913614] __mutex_lock+0xf5/0x1480 [ 194.917912] fifo_open+0x156/0x9d0 [ 194.921952] do_dentry_open+0x426/0xda0 [ 194.926425] vfs_open+0x11c/0x210 [ 194.930383] path_openat+0x4eb/0x23a0 [ 194.934683] do_filp_open+0x197/0x270 [ 194.938985] do_open_execat+0x10d/0x5b0 [ 194.943491] do_execveat_common.isra.14+0x6cb/0x1d60 [ 194.949096] SyS_execve+0x34/0x40 [ 194.953061] do_syscall_64+0x19b/0x4b0 [ 194.957468] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 194.963179] [ 194.963179] -> #0 (&sig->cred_guard_mutex){+.+.}: [ 194.969509] lock_acquire+0x10f/0x380 [ 194.973829] __mutex_lock+0xf5/0x1480 [ 194.978148] lock_trace+0x3f/0xc0 [ 194.982131] proc_pid_stack+0xcd/0x200 [ 194.986527] proc_single_show+0xf1/0x160 [ 194.991104] seq_read+0x4e0/0x11d0 [ 194.995158] do_iter_read+0x3cc/0x580 [ 194.999472] vfs_readv+0xe6/0x150 [ 195.003437] do_preadv+0x187/0x230 [ 195.007489] do_syscall_64+0x19b/0x4b0 [ 195.011875] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 195.017558] [ 195.017558] other info that might help us debug this: [ 195.017558] [ 195.025683] Chain exists of: [ 195.025683] &sig->cred_guard_mutex --> &pipe->mutex/1 --> &p->lock [ 195.025683] [ 195.036517] Possible unsafe locking scenario: [ 195.036517] [ 195.042568] CPU0 CPU1 [ 195.047222] ---- ---- [ 195.051878] lock(&p->lock); [ 195.054974] lock(&pipe->mutex/1); [ 195.061098] lock(&p->lock); [ 195.066696] lock(&sig->cred_guard_mutex); [ 195.070993] [ 195.070993] *** DEADLOCK *** [ 195.070993] [ 195.077025] 1 lock held by syz-executor3/4760: [ 195.081579] #0: (&p->lock){+.+.}, at: [] seq_read+0xd4/0x11d0 [ 195.089186] [ 195.089186] stack backtrace: [ 195.093666] CPU: 1 PID: 4760 Comm: syz-executor3 Not tainted 4.14.71+ #8 [ 195.100479] Call Trace: [ 195.103047] dump_stack+0xb9/0x11b [ 195.106570] print_circular_bug.isra.18.cold.43+0x2d3/0x40c [ 195.112257] ? save_trace+0xd6/0x250 [ 195.115948] __lock_acquire+0x2ff9/0x4320 [ 195.120073] ? __is_insn_slot_addr+0x112/0x1f0 [ 195.124633] ? trace_hardirqs_on+0x10/0x10 [ 195.128848] ? mark_held_locks+0xc2/0x130 [ 195.132976] ? trace_hardirqs_on_caller+0x381/0x520 [ 195.137974] ? _raw_spin_unlock_irqrestore+0x41/0x70 [ 195.143058] lock_acquire+0x10f/0x380 [ 195.146839] ? lock_trace+0x3f/0xc0 [ 195.150448] ? lock_trace+0x3f/0xc0 [ 195.154051] __mutex_lock+0xf5/0x1480 [ 195.157832] ? lock_trace+0x3f/0xc0 [ 195.161441] ? kasan_kmalloc.part.1+0xa9/0xd0 [ 195.165917] ? lock_trace+0x3f/0xc0 [ 195.169525] ? kasan_kmalloc.part.1+0x4f/0xd0 [ 195.174005] ? kvmalloc_node+0x42/0xd0 [ 195.177880] ? __ww_mutex_wakeup_for_backoff+0x240/0x240 [ 195.183308] ? trace_hardirqs_on+0x10/0x10 [ 195.187517] ? seq_read+0xd4/0x11d0 [ 195.191123] ? fs_reclaim_acquire+0x10/0x10 [ 195.195421] ? kasan_unpoison_shadow+0x30/0x40 [ 195.199981] ? kasan_kmalloc+0x76/0xc0 [ 195.203849] ? lock_trace+0x3f/0xc0 [ 195.207451] lock_trace+0x3f/0xc0 [ 195.210882] proc_pid_stack+0xcd/0x200 [ 195.214760] ? lock_trace+0xc0/0xc0 [ 195.218364] proc_single_show+0xf1/0x160 [ 195.222401] seq_read+0x4e0/0x11d0 [ 195.225921] ? seq_lseek+0x3d0/0x3d0 [ 195.229613] ? avc_policy_seqno+0x5/0x10 [ 195.233661] ? security_file_permission+0x88/0x1e0 [ 195.238572] do_iter_read+0x3cc/0x580 [ 195.242355] ? debug_check_no_obj_freed+0x150/0x77c [ 195.247347] vfs_readv+0xe6/0x150 [ 195.250778] ? compat_rw_copy_check_uvector+0x320/0x320 [ 195.256137] ? debug_check_no_obj_freed+0x2b2/0x77c [ 195.261133] ? __fget+0x204/0x3a0 [ 195.264564] ? lock_downgrade+0x560/0x560 [ 195.268704] ? lock_acquire+0x10f/0x380 [ 195.272666] ? check_preemption_disabled+0x34/0x160 [ 195.277668] ? __fget+0x22b/0x3a0 [ 195.281097] do_preadv+0x187/0x230 [ 195.284616] ? do_readv+0x240/0x240 [ 195.288217] ? _raw_spin_unlock_irq+0x24/0x50 [ 195.292691] ? do_syscall_64+0x43/0x4b0 [ 195.296640] ? SyS_writev+0x30/0x30 [ 195.300247] do_syscall_64+0x19b/0x4b0 [ 195.304110] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 195.309276] RIP: 0033:0x457679 [ 195.312446] RSP: 002b:00007ffbe3684c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 195.320130] RAX: ffffffffffffffda RBX: 00007ffbe36856d4 RCX: 0000000000457679 [ 195.327375] RDX: 0000000000000001 RSI: 00000000200023c0 RDI: 0000000000000006 [ 195.334622] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 195.341869] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 195.349123] R13: 00000000004d4878 R14: 00000000004c30ca R15: 0000000000000001 2018/09/23 01:02:52 executed programs: 202 2018/09/23 01:02:57 executed programs: 631