[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   32.702407] random: sshd: uninitialized urandom read (32 bytes read)
[   33.113072] audit: type=1400 audit(1550407529.021:6): avc:  denied  { map } for  pid=1766 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
[   33.154530] random: sshd: uninitialized urandom read (32 bytes read)
[   33.644891] random: sshd: uninitialized urandom read (32 bytes read)
[   33.794544] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.15.197' (ECDSA) to the list of known hosts.
[   39.420189] random: sshd: uninitialized urandom read (32 bytes read)
executing program
[   39.507835] audit: type=1400 audit(1550407535.411:7): avc:  denied  { map } for  pid=1784 comm="syz-executor813" path="/root/syz-executor813874553" dev="sda1" ino=16482 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[   39.551145] audit: type=1400 audit(1550407535.461:8): avc:  denied  { create } for  pid=1784 comm="syz-executor813" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_iscsi_socket permissive=1
[   39.590299] 
[   39.591928] ======================================================
[   39.598216] WARNING: possible circular locking dependency detected
[   39.604501] 4.14.101+ #14 Not tainted
[   39.608268] ------------------------------------------------------
[   39.614554] syz-executor813/1784 is trying to acquire lock:
[   39.620241]  (pmus_lock){+.+.}, at: [<ffffffff9e9e5793>] perf_swevent_init+0x123/0x4e0
[   39.628275] 
[   39.628275] but task is already holding lock:
[   39.634215]  (&cpuctx_mutex/1){+.+.}, at: [<ffffffff9e9e8b2d>] perf_event_ctx_lock_nested+0x14d/0x2c0
[   39.643552] 
[   39.643552] which lock already depends on the new lock.
[   39.643552] 
[   39.651837] 
[   39.651837] the existing dependency chain (in reverse order) is:
[   39.659425] 
[   39.659425] -> #2 (&cpuctx_mutex/1){+.+.}:
[   39.665110] 
[   39.665110] -> #1 (&cpuctx_mutex){+.+.}:
[   39.670622] 
[   39.670622] -> #0 (pmus_lock){+.+.}:
[   39.675785] 
[   39.675785] other info that might help us debug this:
[   39.675785] 
[   39.683899] Chain exists of:
[   39.683899]   pmus_lock --> &cpuctx_mutex --> &cpuctx_mutex/1
[   39.683899] 
[   39.694125]  Possible unsafe locking scenario:
[   39.694125] 
[   39.700151]        CPU0                    CPU1
[   39.704785]        ----                    ----
[   39.709418]   lock(&cpuctx_mutex/1);
[   39.713101]                                lock(&cpuctx_mutex);
[   39.719129]                                lock(&cpuctx_mutex/1);
[   39.725330]   lock(pmus_lock);
[   39.728490] 
[   39.728490]  *** DEADLOCK ***
[   39.728490] 
[   39.734519] 2 locks held by syz-executor813/1784:
[   39.739330]  #0:  (&pmus_srcu){....}, at: [<ffffffff9e9f123d>] perf_event_alloc.part.0+0xadd/0x1e70
[   39.748492]  #1:  (&cpuctx_mutex/1){+.+.}, at: [<ffffffff9e9e8b2d>] perf_event_ctx_lock_nested+0x14d/0x2c0
[   39.758260] 
[   39.758260] stack backtrace:
[   39.762729] CPU: 0 PID: 1784 Comm: syz-executor813 Not tainted 4.14.101+ #14
[   39.769882] Call Trace:
[   39.772445]  dump_stack+0xb9/0x10e
[   39.775962]  print_circular_bug.isra.0.cold+0x2dc/0x425
[   39.781299]  ? __lock_acquire+0x2d83/0x3fa0
[   39.785593]  ? __lock_acquire+0x56a/0x3fa0
[   39.789798]  ? trace_hardirqs_on+0x10/0x10
[   39.794010]  ? perf_trace_run_bpf_submit+0x113/0x170
[   39.799083]  ? lock_acquire+0x10f/0x380
[   39.803046]  ? perf_swevent_init+0x123/0x4e0
[   39.807439]  ? perf_swevent_init+0x123/0x4e0
[   39.811822]  ? __mutex_lock+0xf7/0x1430
[   39.815770]  ? perf_swevent_init+0x123/0x4e0
[   39.820148]  ? __mutex_lock+0x6aa/0x1430
[   39.824177]  ? perf_swevent_init+0x123/0x4e0
[   39.828556]  ? perf_event_ctx_lock_nested+0x14d/0x2c0
[   39.833720]  ? perf_try_init_event+0xf1/0x200
[   39.838184]  ? __ww_mutex_wakeup_for_backoff+0x210/0x210
[   39.843768]  ? __ww_mutex_wakeup_for_backoff+0x210/0x210
[   39.849220]  ? perf_event_ctx_lock_nested+0x117/0x2c0
[   39.854385]  ? lock_downgrade+0x5d0/0x5d0
[   39.858503]  ? lock_acquire+0x10f/0x380
[   39.862447]  ? perf_event_ctx_lock_nested+0x39/0x2c0
[   39.867521]  ? perf_swevent_init+0x123/0x4e0
[   39.871900]  ? perf_swevent_init+0x123/0x4e0
[   39.876289]  ? perf_event_ctx_lock_nested+0x14d/0x2c0
[   39.881446]  ? perf_event_ctx_lock_nested+0x247/0x2c0
[   39.886635]  ? perf_try_init_event+0xe5/0x200
[   39.891117]  ? perf_event_alloc.part.0+0xcc5/0x1e70
[   39.896106]  ? SyS_perf_event_open+0x6eb/0x2520
[   39.900751]  ? perf_bp_event+0x1a0/0x1a0
[   39.904786]  ? do_sys_open+0x255/0x590
[   39.908658