[....] Starting periodic command scheduler: cron�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[ 19.030795] random: sshd: uninitialized urandom read (32 bytes read)
�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[ 19.430007] random: sshd: uninitialized urandom read (32 bytes read)
[ 19.607149] random: sshd: uninitialized urandom read (32 bytes read)
Debian GNU/Linux 7 syzkaller ttyS0
syzkaller login: [ 20.301474] random: sshd: uninitialized urandom read (32 bytes read)
[ 20.456987] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.0.23' (ECDSA) to the list of known hosts.
[ 25.927920] random: sshd: uninitialized urandom read (32 bytes read)
executing program
[ 26.015282]
[ 26.016928] ======================================================
[ 26.023217] WARNING: possible circular locking dependency detected
[ 26.029508] 4.17.0-rc2+ #24 Not tainted
[ 26.033451] ------------------------------------------------------
[ 26.039741] syz-executor358/4519 is trying to acquire lock:
[ 26.045421] (ptrval) (sk_lock-AF_INET){+.+.}, at: tcp_mmap+0x1c7/0x14f0
[ 26.052853]
[ 26.052853] but task is already holding lock:
[ 26.058799] (ptrval) (&mm->mmap_sem){++++}, at: vm_mmap_pgoff+0x1a1/0x2a0
[ 26.066401]
[ 26.066401] which lock already depends on the new lock.
[ 26.066401]
[ 26.074691]
[ 26.074691] the existing dependency chain (in reverse order) is:
[ 26.082285]
[ 26.082285] -> #1 (&mm->mmap_sem){++++}:
[ 26.087813] __might_fault+0x155/0x1e0
[ 26.092205] _copy_from_iter_full+0x2fd/0xd10
[ 26.097199] tcp_sendmsg_locked+0x2f98/0x3e10
[ 26.102189] tcp_sendmsg+0x2f/0x50
[ 26.106227] inet_sendmsg+0x19f/0x690
[ 26.110528] sock_sendmsg+0xd5/0x120
[ 26.114737] sock_write_iter+0x35a/0x5a0
[ 26.119298] __vfs_write+0x64d/0x960
[ 26.123529] vfs_write+0x1f8/0x560
[ 26.127572] ksys_write+0xf9/0x250
[ 26.131607] __x64_sys_write+0x73/0xb0
[ 26.135997] do_syscall_64+0x1b1/0x800
[ 26.140383] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 26.146064]
[ 26.146064] -> #0 (sk_lock-AF_INET){+.+.}:
[ 26.151762] lock_acquire+0x1dc/0x520
[ 26.156061] lock_sock_nested+0xd0/0x120
[ 26.160623] tcp_mmap+0x1c7/0x14f0
[ 26.164658] sock_mmap+0x8e/0xc0
[ 26.168533] mmap_region+0xd13/0x1820
[ 26.172841] do_mmap+0xc79/0x11d0
[ 26.176791] vm_mmap_pgoff+0x1fb/0x2a0
[ 26.181172] ksys_mmap_pgoff+0x4c9/0x640
[ 26.185728] __x64_sys_mmap+0xe9/0x1b0
[ 26.190112] do_syscall_64+0x1b1/0x800
[ 26.194496] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 26.200177]
[ 26.200177] other info that might help us debug this:
[ 26.200177]
[ 26.208292] Possible unsafe locking scenario:
[ 26.208292]
[ 26.214322] CPU0 CPU1
[ 26.218960] ---- ----
[ 26.223598] lock(&mm->mmap_sem);
[ 26.227111] lock(sk_lock-AF_INET);
[ 26.233322] lock(&mm->mmap_sem);
[ 26.239352] lock(sk_lock-AF_INET);
[ 26.243040]
[ 26.243040] *** DEADLOCK ***
[ 26.243040]
[ 26.249083] 1 lock held by syz-executor358/4519:
[ 26.253808] #0: (ptrval) (&mm->mmap_sem){++++}, at: vm_mmap_pgoff+0x1a1/0x2a0
[ 26.261853]
[ 26.261853] stack backtrace:
[ 26.266329] CPU: 1 PID: 4519 Comm: syz-executor358 Not tainted 4.17.0-rc2+ #24
[ 26.273668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 26.283169] Call Trace:
[ 26.285733] dump_stack+0x1b9/0x294
[ 26.289344] ? dump_stack_print_info.cold.2+0x52/0x52
[ 26.294509] ? print_lock+0xd1/0xd6
[ 26.298114] ? vprintk_func+0x81/0xe7
[ 26.301911] print_circular_bug.isra.36.cold.54+0x1bd/0x27d
[ 26.307596] ? save_trace+0xe0/0x290
[ 26.311286] __lock_acquire+0x343e/0x5140
[ 26.315410] ? debug_check_no_locks_freed+0x310/0x310
[ 26.320578] ? find_held_lock+0x36/0x1c0
[ 26.324620] ? kasan_check_read+0x11/0x20
[ 26.328745] ? graph_lock+0x170/0x170
[ 26.332522] ? kernel_text_address+0x79/0xf0
[ 26.336906] ? __unwind_start+0x166/0x330
[ 26.341033] ? __save_stack_trace+0x7e/0xd0
[ 26.345330] lock_acquire+0x1dc/0x520
[ 26.349116] ? tcp_mmap+0x1c7/0x14f0
[ 26.352807] ? lock_release+0xa10/0xa10
[ 26.356766] ? kasan_check_read+0x11/0x20
[ 26.360890] ? do_raw_spin_unlock+0x9e/0x2e0
[ 26.365276] ? do_raw_spin_trylock+0x1b0/0x1b0
[ 26.369837] ? kasan_check_write+0x14/0x20
[ 26.374053] ? do_raw_spin_lock+0xc1/0x200
[ 26.378264] lock_sock_nested+0xd0/0x120
[ 26.382308] ? tcp_mmap+0x1c7/0x14f0
[ 26.385999] tcp_mmap+0x1c7/0x14f0
[ 26.389520] ? __lock_is_held+0xb5/0x140
[ 26.393558] ? tcp_splice_read+0xfc0/0xfc0
[ 26.397769] ? rcu_read_lock_sched_held+0x108/0x120
[ 26.402760] ? kmem_cache_alloc+0x5fa/0x760
[ 26.407064] sock_mmap+0x8e/0xc0
[ 26.410410] mmap_region+0xd13/0x1820
[ 26.414185] ? __x64_sys_brk+0x790/0x790
[ 26.418235] ? arch_get_unmapped_area+0x750/0x750
[ 26.423069] ? lock_acquire+0x1dc/0x520
[ 26.427035] ? vm_mmap_pgoff+0x1a1/0x2a0
[ 26.431087] ? cap_mmap_addr+0x52/0x130
[ 26.435055] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 26.440582] ? security_mmap_addr+0x80/0xa0
[ 26.444900] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 26.450416] ? get_unmapped_area+0x292/0x3b0
[ 26.454802] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 26.460314] do_mmap+0xc79/0x11d0
[ 26.463752] ? mmap_region+0x1820/0x1820
[ 26.467790] ? vm_mmap_pgoff+0x1a1/0x2a0
[ 26.471843] ? down_read_killable+0x1f0/0x1f0
[ 26.476313] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 26.481827] ? security_mmap_file+0x166/0x1b0
[ 26.486301] vm_mmap_pgoff+0x1fb/0x2a0
[ 26.490165] ? vma_is_stack_for_current+0xd0/0xd0
[ 26.494984] ? sock_release+0x1b0/0x1b0
[ 26.498935] ? get_unused_fd_flags+0x121/0x190
[ 26.503490] ? __alloc_fd+0x700/0x700
[ 26.507266] ksys_mmap_pgoff+0x4c9/0x640
[ 26.511305] ? find_mergeable_anon_vma+0xd0/0xd0
[ 26.516037] ? move_addr_to_kernel+0x70/0x70
[ 26.520426] ? __ia32_sys_fallocate+0xf0/0xf0
[ 26.524897] __x64_sys_mmap+0xe9/0x1b0
[ 26.528761] ? trace_hardirqs_on_caller+0x421/0x5c0
[ 26.533756] do_syscall_64+0x1b1/0x800
[ 26.537623] ? syscall_return_slowpath+0x5c0/0x5c0
[ 26.542533] ? syscall_return_slowpath+0x30f/0x5c0
[ 26.547448] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[ 26.552793] ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 26.557621] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 26.562785] RIP: 0033:0x43fcb9
[ 26.565951] RSP: