Warning: Permanently added '10.128.0.44' (ECDSA) to the list of known hosts. [ 42.547141] random: sshd: uninitialized urandom read (32 bytes read) [ 42.640341] audit: type=1400 audit(1553322823.499:7): avc: denied { map } for pid=1802 comm="syz-execprog" path="/root/syz-execprog" dev="sda1" ino=1426 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 2019/03/23 06:33:44 parsed 1 programs [ 43.495715] audit: type=1400 audit(1553322824.349:8): avc: denied { map } for pid=1802 comm="syz-execprog" path="/sys/kernel/debug/kcov" dev="debugfs" ino=5005 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1 [ 44.191760] random: cc1: uninitialized urandom read (8 bytes read) 2019/03/23 06:33:46 executed programs: 0 [ 45.653903] audit: type=1400 audit(1553322826.509:9): avc: denied { map } for pid=1802 comm="syz-execprog" path="/root/syzkaller-shm925405876" dev="sda1" ino=16482 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1 [ 49.278758] Can't find any breakpoint slot [ 49.279263] ------------[ cut here ]------------ [ 49.288261] WARNING: CPU: 0 PID: 2746 at arch/x86/kernel/hw_breakpoint.c:121 arch_install_hw_breakpoint.cold+0x13/0x1f [ 49.299086] Kernel panic - not syncing: panic_on_warn set ... [ 49.299086] [ 49.306531] CPU: 0 PID: 2746 Comm: syz-executor.2 Not tainted 4.14.107+ #34 [ 49.313617] Call Trace: [ 49.316204] dump_stack+0xb9/0x10e [ 49.319738] panic+0x1d9/0x3c2 [ 49.322930] ? add_taint.cold+0x16/0x16 [ 49.326892] ? arch_install_hw_breakpoint.cold+0x13/0x1f [ 49.332332] ? __probe_kernel_read+0x163/0x1c0 [ 49.336903] ? arch_install_hw_breakpoint.cold+0x13/0x1f [ 49.342349] __warn.cold+0x2f/0x3b [ 49.345965] ? arch_install_hw_breakpoint.cold+0x13/0x1f [ 49.351402] ? report_bug+0x20a/0x248 [ 49.355193] ? do_error_trap+0x1bf/0x2d0 [ 49.359236] ? math_error+0x2d0/0x2d0 [ 49.363033] ? vprintk_emit+0x11a/0x330 [ 49.366995] ? vprintk_emit+0xd5/0x330 [ 49.370870] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 49.375712] ? invalid_op+0x18/0x40 [ 49.379339] ? arch_install_hw_breakpoint.cold+0x13/0x1f [ 49.384775] ? arch_install_hw_breakpoint.cold+0x13/0x1f [ 49.390214] ? event_sched_in.isra.0+0x28d/0x8e0 [ 49.394955] ? group_sched_in+0x10e/0x440 [ 49.399105] ? ctx_sched_in.isra.0+0x4d9/0xa80 [ 49.403682] ? perf_event_sched_in.isra.0+0x58/0x80 [ 49.408715] ? __perf_event_task_sched_in+0x340/0x420 [ 49.413904] ? perf_sched_cb_inc+0x240/0x240 [ 49.418311] ? __switch_to+0x82f/0x1070 [ 49.422272] ? __switch_to_asm+0x34/0x70 [ 49.426324] ? finish_task_switch+0x21a/0x620 [ 49.430807] ? __switch_to_asm+0x34/0x70 [ 49.437640] ? __switch_to_asm+0x40/0x70 [ 49.441794] ? __schedule+0x924/0x1f30 [ 49.445673] ? __sched_text_start+0x8/0x8 [ 49.449813] ? lock_downgrade+0x5d0/0x5d0 [ 49.453944] ? ptrace_stop+0x211/0x920 [ 49.457820] ? schedule+0x92/0x1c0 [ 49.461344] ? ptrace_stop+0x403/0x920 [ 49.465218] ? get_signal+0x1282/0x1a90 [ 49.469197] ? lock_downgrade+0x5d0/0x5d0 [ 49.473332] ? do_signal+0x96/0x15c0 [ 49.477033] ? do_send_specific+0xd6/0x1b0 [ 49.481254] ? setup_sigcontext+0x810/0x810 [ 49.485566] ? check_preemption_disabled+0x35/0x1f0 [ 49.490568] ? do_send_specific+0xfd/0x1b0 [ 49.494794] ? SyS_rt_tgsigqueueinfo+0xa4/0x100 [ 49.499457] ? compat_SyS_rt_sigqueueinfo+0x100/0x100 [ 49.504643] ? exit_to_usermode_loop+0xcd/0x160 [ 49.509317] ? exit_to_usermode_loop+0x11d/0x160 [ 49.514061] ? do_syscall_64+0x372/0x4b0 [ 49.518111] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 49.523463] [ 49.523466] ====================================================== [ 49.523469] WARNING: possible circular locking dependency detected [ 49.523470] 4.14.107+ #34 Not tainted [ 49.523473] ------------------------------------------------------ [ 49.523476] syz-executor.2/2746 is trying to acquire lock: [ 49.523477] ((console_sem).lock){-...}, at: [] down_trylock+0xe/0x60 [ 49.523484] [ 49.523487] but task is already holding lock: [ 49.523488] (&ctx->lock){....}, at: [] __perf_event_task_sched_in+0x2a5/0x420 [ 49.523495] [ 49.523497] which lock already depends on the new lock. [ 49.523498] [ 49.523500] [ 49.523502] the existing dependency chain (in reverse order) is: [ 49.523503] [ 49.523505] -> #3 (&ctx->lock){....}: [ 49.523511] [ 49.523512] -> #2 (&rq->lock){-.-.}: [ 49.523518] [ 49.523519] -> #1 (&p->pi_lock){-.-.}: [ 49.523525] [ 49.523527] -> #0 ((console_sem).lock){-...}: [ 49.523533] [ 49.523535] other info that might help us debug this: [ 49.523536] [ 49.523538] Chain exists of: [ 49.523539] (console_sem).lock --> &rq->lock --> &ctx->lock [ 49.523548] [ 49.523550] Possible unsafe locking scenario: [ 49.523551] [ 49.523553] CPU0 CPU1 [ 49.523555] ---- ---- [ 49.523557] lock(&ctx->lock); [ 49.523561] lock(&rq->lock); [ 49.523566] lock(&ctx->lock); [ 49.523570] lock((console_sem).lock); [ 49.523574] [ 49.523576] *** DEADLOCK *** [ 49.523577] [ 49.523579] 2 locks held by syz-executor.2/2746: [ 49.523580] #0: (&cpuctx_lock){....}, at: [] __perf_event_task_sched_in+0x294/0x420 [ 49.523588] #1: (&ctx->lock){....}, at: [] __perf_event_task_sched_in+0x2a5/0x420 [ 49.523596] [ 49.523597] stack backtrace: [ 49.523600] CPU: 0 PID: 2746 Comm: syz-executor.2 Not tainted 4.14.107+ #34 [ 49.523602] Call Trace: [ 49.523604] dump_stack+0xb9/0x10e [ 49.523606] print_circular_bug.isra.0.cold+0x2dc/0x425 [ 49.523608] ? __lock_acquire+0x2d83/0x3fa0 [ 49.523610] ? add_lock_to_list.isra.0+0x17f/0x300 [ 49.523612] ? trace_hardirqs_on+0x10/0x10 [ 49.523615] ? format_decode+0x1e1/0x8f0 [ 49.523617] ? trace_hardirqs_on+0x10/0x10 [ 49.523619] ? perf_log_itrace_start+0x15e/0x330 [ 49.523621] ? perf_log_throttle+0x320/0x320 [ 49.523623] ? lock_acquire+0x10f/0x380 [ 49.523625] ? down_trylock+0xe/0x60 [ 49.523627] ? vprintk_emit+0xa4/0x330 [ 49.523629] ? _raw_spin_lock_irqsave+0x42/0x60 [ 49.523631] ? down_trylock+0xe/0x60 [ 49.523633] ? down_trylock+0xe/0x60 [ 49.523635] ? vprintk_emit+0x11a/0x330 [ 49.523637] ? __down_trylock_console_sem+0x33/0xd0 [ 49.523639] ? console_trylock+0x14/0x70 [ 49.523641] ? vprintk_emit+0x11a/0x330 [ 49.523643] ? vprintk_func+0x58/0x152 [ 49.523645] ? printk+0xba/0xed [ 49.523647] ? show_regs_print_info+0x5b/0x5b [ 49.523649] ? arch_install_hw_breakpoint.cold+0x13/0x1f [ 49.523651] ? event_sched_in.isra.0+0x28d/0x8e0 [ 49.523654] ? group_sched_in+0x10e/0x440 [ 49.523656] ? ctx_sched_in.isra.0+0x4d9/0xa80 [ 49.523658] ? perf_event_sched_in.isra.0+0x58/0x80 [ 49.523660] ? __perf_event_task_sched_in+0x340/0x420 [ 49.523662] ? perf_sched_cb_inc+0x240/0x240 [ 49.523664] ? __switch_to+0x82f/0x1070 [ 49.523666] ? __switch_to_asm+0x34/0x70 [ 49.523668] ? finish_task_switch+0x21a/0x620 [ 49.523670] ? __switch_to_asm+0x34/0x70 [ 49.523673] ? __switch_to_asm+0x40/0x70 [ 49.523675] ? __schedule+0x924/0x1f30 [ 49.523677] ? __sched_text_start+0x8/0x8 [ 49.523679] ? lock_downgrade+0x5d0/0x5d0 [ 49.523681] ? ptrace_stop+0x211/0x920 [ 49.523683] ? schedule+0x92/0x1c0 [ 49.523685] ? ptrace_stop+0x403/0x920 [ 49.523687] ? get_signal+0x1282/0x1a90 [ 49.523689] ? lock_downgrade+0x5d0/0x5d0 [ 49.523691] ? do_signal+0x96/0x15c0 [ 49.523703] ? do_send_specific+0xd6/0x1b0 [ 49.523705] ? setup_sigcontext+0x810/0x810 [ 49.523707] ? check_preemption_disabled+0x35/0x1f0 [ 49.523709] ? do_send_specific+0xfd/0x1b0 [ 49.523712] ? SyS_rt_tgsigqueueinfo+0xa4/0x100 [ 49.523714] ? compat_SyS_rt_sigqueueinfo+0x100/0x100 [ 49.523716] ? exit_to_usermode_loop+0xcd/0x160 [ 49.523719] ? exit_to_usermode_loop+0x11d/0x160 [ 49.523721] ? do_syscall_64+0x372/0x4b0 [ 49.523723] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 49.524057] Kernel Offset: 0x27a00000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff) [ 49.952835] Rebooting in 86400 seconds..