INIT: Id "6" respawning too fast: disabled for 5 minutes INIT: Id "2" respawning too fast: disabled for 5 minutes INIT: Id "4" respawning too fast: disabled for 5 minutes INIT: Id "5" respawning too fast: disabled for 5 minutes INIT: Id "3" respawning too fast: disabled for 5 minutes [ 191.588514] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.115' (ECDSA) to the list of known hosts. [ 197.207892] random: sshd: uninitialized urandom read (32 bytes read) [ 197.298612] audit: type=1400 audit(1544559375.746:7): avc: denied { map } for pid=1823 comm="syz-execprog" path="/root/syz-execprog" dev="sda1" ino=1426 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 2018/12/11 20:16:16 parsed 1 programs [ 197.914308] audit: type=1400 audit(1544559376.366:8): avc: denied { map } for pid=1823 comm="syz-execprog" path="/sys/kernel/debug/kcov" dev="debugfs" ino=4999 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1 [ 198.437315] random: cc1: uninitialized urandom read (8 bytes read) 2018/12/11 20:16:18 executed programs: 0 [ 200.052768] audit: type=1400 audit(1544559378.506:9): avc: denied { map } for pid=1823 comm="syz-execprog" path="/root/syzkaller-shm361482467" dev="sda1" ino=16482 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1 2018/12/11 20:16:25 executed programs: 6 2018/12/11 20:16:30 executed programs: 333 2018/12/11 20:16:35 executed programs: 737 2018/12/11 20:16:40 executed programs: 1125 2018/12/11 20:16:45 executed programs: 1508 2018/12/11 20:16:50 executed programs: 1875 2018/12/11 20:16:55 executed programs: 2252 2018/12/11 20:17:00 executed programs: 2631 [ 243.089207] audit: type=1400 audit(1544559421.536:10): avc: denied { map } for pid=12639 comm="sh" path="/bin/dash" dev="sda1" ino=1473 scontext=system_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 2018/12/11 20:17:05 executed programs: 2992 [ 247.819280] [ 247.820960] ====================================================== [ 247.827272] WARNING: possible circular locking dependency detected [ 247.833590] 4.14.87+ #21 Not tainted [ 247.837383] ------------------------------------------------------ [ 247.843719] syz-executor5/13648 is trying to acquire lock: [ 247.849333] (&p->lock){+.+.}, at: [] seq_read+0xd4/0x11d0 [ 247.856532] [ 247.856532] but task is already holding lock: [ 247.862495] (&pipe->mutex/1){+.+.}, at: [] pipe_lock+0x58/0x70 [ 247.870129] [ 247.870129] which lock already depends on the new lock. [ 247.870129] [ 247.878451] [ 247.878451] the existing dependency chain (in reverse order) is: [ 247.886532] [ 247.886532] -> #2 (&pipe->mutex/1){+.+.}: [ 247.892170] __mutex_lock+0xf5/0x1480 [ 247.896501] fifo_open+0x156/0x9d0 [ 247.900569] do_dentry_open+0x426/0xda0 [ 247.905069] vfs_open+0x11c/0x210 [ 247.909042] path_openat+0x5f9/0x2930 [ 247.913364] do_filp_open+0x197/0x270 [ 247.917704] do_open_execat+0x10d/0x5b0 [ 247.922195] do_execveat_common.isra.14+0x6cb/0x1d60 [ 247.927805] SyS_execve+0x34/0x40 [ 247.931766] do_syscall_64+0x19b/0x4b0 [ 247.936217] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 247.941915] [ 247.941915] -> #1 (&sig->cred_guard_mutex){+.+.}: [ 247.948239] __mutex_lock+0xf5/0x1480 [ 247.952697] do_io_accounting+0x1d7/0x770 [ 247.957350] proc_single_show+0xf1/0x160 [ 247.961944] traverse+0x32b/0x8a0 [ 247.965920] seq_read+0xc94/0x11d0 [ 247.969975] do_iter_read+0x3cc/0x580 [ 247.974280] vfs_readv+0xe6/0x150 [ 247.978233] do_preadv+0x187/0x230 [ 247.982578] do_syscall_64+0x19b/0x4b0 [ 247.986977] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 247.992695] [ 247.992695] -> #0 (&p->lock){+.+.}: [ 247.997787] lock_acquire+0x10f/0x380 [ 248.002089] __mutex_lock+0xf5/0x1480 [ 248.006402] seq_read+0xd4/0x11d0 [ 248.010358] proc_reg_read+0xef/0x170 [ 248.014753] do_iter_read+0x3cc/0x580 [ 248.019053] vfs_readv+0xe6/0x150 [ 248.023199] default_file_splice_read+0x495/0x860 [ 248.028686] do_splice_to+0x102/0x150 [ 248.032994] SyS_splice+0xf4d/0x12a0 [ 248.037215] do_syscall_64+0x19b/0x4b0 [ 248.041606] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 248.047296] [ 248.047296] other info that might help us debug this: [ 248.047296] [ 248.055427] Chain exists of: [ 248.055427] &p->lock --> &sig->cred_guard_mutex --> &pipe->mutex/1 [ 248.055427] [ 248.066251] Possible unsafe locking scenario: [ 248.066251] [ 248.072287] CPU0 CPU1 [ 248.076934] ---- ---- [ 248.081876] lock(&pipe->mutex/1); [ 248.085486] lock(&sig->cred_guard_mutex); [ 248.092504] lock(&pipe->mutex/1); [ 248.098637] lock(&p->lock); [ 248.101723] [ 248.101723] *** DEADLOCK *** [ 248.101723] [ 248.107769] 1 lock held by syz-executor5/13648: [ 248.112431] #0: (&pipe->mutex/1){+.+.}, at: [] pipe_lock+0x58/0x70 [ 248.120481] [ 248.120481] stack backtrace: [ 248.124964] CPU: 0 PID: 13648 Comm: syz-executor5 Not tainted 4.14.87+ #21 [ 248.131993] Call Trace: [ 248.134616] dump_stack+0xb9/0x11b [ 248.138186] print_circular_bug.isra.18.cold.43+0x2d3/0x40c [ 248.143886] ? save_trace+0xd6/0x250 [ 248.147618] __lock_acquire+0x2ff9/0x4320 [ 248.151755] ? trace_hardirqs_on+0x10/0x10 [ 248.155971] ? __read_once_size_nocheck.constprop.4+0x10/0x10 [ 248.161839] ? __lock_acquire+0x619/0x4320 [ 248.166054] ? __lock_acquire+0x619/0x4320 [ 248.170312] ? __lock_acquire+0x619/0x4320 [ 248.174537] lock_acquire+0x10f/0x380 [ 248.178321] ? seq_read+0xd4/0x11d0 [ 248.181932] ? seq_read+0xd4/0x11d0 [ 248.185550] __mutex_lock+0xf5/0x1480 [ 248.189333] ? seq_read+0xd4/0x11d0 [ 248.192942] ? unwind_next_frame+0xea9/0x1930 [ 248.197768] ? seq_read+0xd4/0x11d0 [ 248.201392] ? __ww_mutex_wakeup_for_backoff+0x240/0x240 [ 248.206875] ? __is_insn_slot_addr+0x112/0x1f0 [ 248.211447] ? lock_downgrade+0x560/0x560 [ 248.215575] ? lock_acquire+0x10f/0x380 [ 248.219530] ? mark_held_locks+0xc2/0x130 [ 248.223788] ? get_page_from_freelist+0x756/0x1ea0 [ 248.228708] ? kasan_unpoison_shadow+0x30/0x40 [ 248.233274] ? seq_read+0xd4/0x11d0 [ 248.236885] seq_read+0xd4/0x11d0 [ 248.240323] ? __fsnotify_parent+0xb1/0x300 [ 248.244627] ? seq_lseek+0x3d0/0x3d0 [ 248.248323] ? __inode_security_revalidate+0xd5/0x120 [ 248.253498] ? avc_policy_seqno+0x5/0x10 [ 248.257546] ? seq_lseek+0x3d0/0x3d0 [ 248.261242] proc_reg_read+0xef/0x170 [ 248.265068] ? rw_verify_area+0xdd/0x280 [ 248.269115] do_iter_read+0x3cc/0x580 [ 248.272906] vfs_readv+0xe6/0x150 [ 248.276342] ? compat_rw_copy_check_uvector+0x320/0x320 [ 248.281704] ? kasan_unpoison_shadow+0x30/0x40 [ 248.286269] ? kasan_kmalloc+0x76/0xc0 [ 248.290142] ? iov_iter_get_pages_alloc+0x2c8/0xe40 [ 248.295142] ? iov_iter_get_pages+0xc80/0xc80 [ 248.299656] ? wake_up_q+0xed/0x150 [ 248.303270] default_file_splice_read+0x495/0x860 [ 248.308467] ? trace_hardirqs_on+0x10/0x10 [ 248.312687] ? do_splice_direct+0x220/0x220 [ 248.316990] ? __lock_acquire+0x619/0x4320 [ 248.321212] ? fsnotify+0x773/0x1200 [ 248.324910] ? lock_acquire+0x10f/0x380 [ 248.328870] ? __fsnotify_parent+0xb1/0x300 [ 248.333176] ? __fsnotify_update_child_dentry_flags.part.0+0x2e0/0x2e0 [ 248.339828] ? __inode_security_revalidate+0xd5/0x120 [ 248.345103] ? avc_policy_seqno+0x5/0x10 [ 248.349151] ? security_file_permission+0x88/0x1e0 [ 248.354073] ? do_splice_direct+0x220/0x220 [ 248.358437] do_splice_to+0x102/0x150 [ 248.362225] SyS_splice+0xf4d/0x12a0 [ 248.365933] ? do_clock_gettime+0x30/0xb0 [ 248.370071] ? compat_SyS_vmsplice+0x150/0x150 [ 248.374641] ? do_clock_gettime+0xb0/0xb0 [ 248.378772] ? do_syscall_64+0x43/0x4b0 [ 248.382730] ? compat_SyS_vmsplice+0x150/0x150 [ 248.387295] do_syscall_64+0x19b/0x4b0 [ 248.391186] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 248.396374] RIP: 0033:0x457679 [ 248.399552] RSP: 002b:00007f8521c75c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 248.407249] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457679 [ 248.414888] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000006 [ 248.422183] RBP: 000000000072bfa0 R08: 0000000000000802 R09: 0000000000000000 [ 248.429459] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8521c766d4 [ 248.436715] R13: 00000000004c5acc R14: 00000000004d9760 R15: 00000000ffffffff 2018/12/11 20:17:10 executed programs: 3360 2018/12/11 20:17:15 executed programs: 3824