restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 25.133836] random: sshd: uninitialized urandom read (32 bytes read) [ 25.483834] audit: type=1400 audit(1553261598.362:6): avc: denied { map } for pid=1767 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 [ 25.531581] random: sshd: uninitialized urandom read (32 bytes read) [ 26.032000] random: sshd: uninitialized urandom read (32 bytes read) [ 26.182852] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.204' (ECDSA) to the list of known hosts. [ 31.717175] random: sshd: uninitialized urandom read (32 bytes read) executing program [ 31.809035] audit: type=1400 audit(1553261604.682:7): avc: denied { map } for pid=1779 comm="syz-executor600" path="/root/syz-executor600393421" dev="sda1" ino=16482 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 31.837413] [ 31.839099] ====================================================== [ 31.845398] WARNING: possible circular locking dependency detected [ 31.851830] 4.14.107+ #33 Not tainted [ 31.855606] ------------------------------------------------------ [ 31.861899] syz-executor600/1779 is trying to acquire lock: [ 31.867588] (&cpuctx_mutex/1){+.+.}, at: [] SyS_perf_event_open+0x11f1/0x2520 [ 31.876500] [ 31.876500] but task is already holding lock: [ 31.882449] (&cpuctx_mutex){+.+.}, at: [] SyS_perf_event_open+0x11e4/0x2520 [ 31.891189] [ 31.891189] which lock already depends on the new lock. [ 31.891189] [ 31.899484] [ 31.899484] the existing dependency chain (in reverse order) is: [ 31.907079] [ 31.907079] -> #2 (&cpuctx_mutex){+.+.}: [ 31.912598] [ 31.912598] -> #1 (pmus_lock){+.+.}: [ 31.917772] [ 31.917772] -> #0 (&cpuctx_mutex/1){+.+.}: [ 31.923464] [ 31.923464] other info that might help us debug this: [ 31.923464] [ 31.931660] Chain exists of: [ 31.931660] &cpuctx_mutex/1 --> pmus_lock --> &cpuctx_mutex [ 31.931660] [ 31.941875] Possible unsafe locking scenario: [ 31.941875] [ 31.947908] CPU0 CPU1 [ 31.952650] ---- ---- [ 31.957291] lock(&cpuctx_mutex); [ 31.960805] lock(pmus_lock); [ 31.966493] lock(&cpuctx_mutex); [ 31.972524] lock(&cpuctx_mutex/1); [ 31.976216] [ 31.976216] *** DEADLOCK *** [ 31.976216] [ 31.982290] 1 lock held by syz-executor600/1779: [ 31.987025] #0: (&cpuctx_mutex){+.+.}, at: [] SyS_perf_event_open+0x11e4/0x2520 [ 31.996209] [ 31.996209] stack backtrace: [ 32.000684] CPU: 0 PID: 1779 Comm: syz-executor600 Not tainted 4.14.107+ #33 [ 32.007856] Call Trace: [ 32.010427] dump_stack+0xb9/0x10e [ 32.013946] print_circular_bug.isra.0.cold+0x2dc/0x425 [ 32.019295] ? __lock_acquire+0x2d83/0x3fa0 [ 32.023597] ? kasan_kmalloc.part.0+0xa6/0xd0 [ 32.028074] ? trace_hardirqs_on+0x10/0x10 [ 32.032326] ? perf_trace_lock_acquire+0x4e0/0x4e0 [ 32.037243] ? lock_acquire+0x10f/0x380 [ 32.041228] ? SyS_perf_event_open+0x11f1/0x2520 [ 32.046065] ? SyS_perf_event_open+0x11f1/0x2520 [ 32.050801] ? __mutex_lock+0xf7/0x1430 [ 32.054762] ? SyS_perf_event_open+0x11f1/0x2520 [ 32.059520] ? __lockdep_init_map+0x100/0x4a0 [ 32.059529] ? SyS_perf_event_open+0x11f1/0x2520 [ 32.059537] ? debug_mutex_init+0x28/0x53 [ 32.059545] ? __ww_mutex_wakeup_for_backoff+0x210/0x210 [ 32.059552] ? alloc_file+0x28a/0x3b0 [ 32.059561] ? SyS_perf_event_open+0x118d/0x2520 [ 32.059568] ? lock_downgrade+0x5d0/0x5d0 [ 32.059574] ? lock_acquire+0x10f/0x380 [ 32.059581] ? SyS_perf_event_open+0x10ab/0x2520 [ 32.059592] ? check_preemption_disabled+0x35/0x1f0 [ 32.059600] ? SyS_perf_event_open+