[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 32.362873] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. [ 32.666011] random: sshd: uninitialized urandom read (32 bytes read) [ 32.974784] random: sshd: uninitialized urandom read (32 bytes read) Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 34.597425] random: sshd: uninitialized urandom read (32 bytes read) [ 34.771055] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.234' (ECDSA) to the list of known hosts. [ 40.476217] random: sshd: uninitialized urandom read (32 bytes read) [ 40.591381] kauditd_printk_skb: 10 callbacks suppressed [ 40.591388] audit: type=1400 audit(1571814515.259:36): avc: denied { map } for pid=6955 comm="syz-executor706" path="/root/syz-executor706321614" dev="sda1" ino=16482 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 40.891142] IPVS: ftp: loaded support on port[0] = 21 executing program [ 41.687132] BUG: sleeping function called from invalid context at kernel/workqueue.c:2816 [ 41.695674] in_atomic(): 1, irqs_disabled(): 0, pid: 6959, name: syz-executor706 [ 41.703217] 2 locks held by syz-executor706/6959: [ 41.708110] #0: (rtnl_mutex){+.+.}, at: [] rtnetlink_rcv_msg+0x33a/0xb70 [ 41.716729] #1: (&qdisc_rx_lock){+...}, at: [] red_change+0x32e/0x1030 [ 41.725185] Preemption disabled at: [ 41.725195] [] red_change+0x32e/0x1030 [ 41.734459] CPU: 0 PID: 6959 Comm: syz-executor706 Not tainted 4.14.150 #0 [ 41.741465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 41.750797] Call Trace: [ 41.753366] dump_stack+0x138/0x197 [ 41.756974] ? red_change+0x32e/0x1030 [ 41.760843] ___might_sleep.cold+0x1bd/0x1f6 [ 41.765229] __might_sleep+0x93/0xb0 [ 41.768928] flush_work+0xdb/0x730 [ 41.772446] ? kasan_slab_free+0x75/0xc0 [ 41.776481] ? kfree+0xcc/0x270 [ 41.779740] ? fifo_create_dflt+0x84/0xd0 [ 41.783863] ? insert_work+0x320/0x320 [ 41.787726] ? netlink_rcv_skb+0x14f/0x3c0 [ 41.792008] ? __lock_acquire+0x5f7/0x4620 [ 41.796264] ? do_syscall_64+0x1e8/0x640 [ 41.800308] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 41.805656] ? mark_held_locks+0xb1/0x100 [ 41.809790] ? __cancel_work_timer+0x166/0x480 [ 41.814357] __cancel_work_timer+0x2f0/0x480 [ 41.818748] ? cancel_delayed_work+0x20/0x20 [ 41.823144] ? __hrtimer_run_queues+0xbc0/0xbc0 [ 41.827789] ? save_trace+0x290/0x290 [ 41.831567] ? mark_held_locks+0xb1/0x100 [ 41.835691] ? quarantine_put+0xfa/0x1a0 [ 41.839733] ? htb_destroy_class.isra.0+0xf0/0xf0 [ 41.844557] cancel_work_sync+0x18/0x20 [ 41.848518] htb_destroy+0x26/0x420 [ 41.852485] ? htb_destroy_class.isra.0+0xf0/0xf0 [ 41.857305] qdisc_destroy+0x157/0x320 [ 41.861170] red_change+0x4d4/0x1030 [ 41.865394] ? red_graft+0x240/0x240 [ 41.869099] ? nla_strcmp+0xb9/0x100 [ 41.872811] ? lockdep_rtnl_is_held+0x1a/0x30 [ 41.877292] ? red_graft+0x240/0x240 [ 41.880998] tc_modify_qdisc+0xc5a/0x1270 [ 41.885126] ? qdisc_create+0xe60/0xe60 [ 41.889357] ? rtnetlink_rcv_msg+0x305/0xb70 [ 41.893746] ? qdisc_create+0xe60/0xe60 [ 41.897698] rtnetlink_rcv_msg+0x3eb/0xb70 [ 41.901926] ? rtnl_bridge_getlink+0x7a0/0x7a0 [ 41.906485] ? netlink_deliver_tap+0x93/0x8f0 [ 41.910968] netlink_rcv_skb+0x14f/0x3c0 [ 41.915005] ? rtnl_bridge_getlink+0x7a0/0x7a0 [ 41.919564] ? lock_downgrade+0x740/0x740 [ 41.923689] ? netlink_ack+0x9a0/0x9a0 [ 41.927553] ? netlink_deliver_tap+0xba/0x8f0 [ 41.932029] rtnetlink_rcv+0x1d/0x30 [ 41.935720] netlink_unicast+0x45d/0x640 [ 41.939755] ? netlink_attachskb+0x6a0/0x6a0 [ 41.944147] ? security_netlink_send+0x81/0xb0 [ 41.948706] netlink_sendmsg+0x7c4/0xc60 [ 41.952747] ? netlink_unicast+0x640/0x640 [ 41.956969] ? security_socket_sendmsg+0x89/0xb0 [ 41.961701] ? netlink_unicast+0x640/0x640 [ 41.965921] sock_sendmsg+0xce/0x110 [ 41.969613] ___sys_sendmsg+0x70a/0x840 [ 41.973562] ? copy_msghdr_from_user+0x3f0/0x3f0 [ 41.978305] ? __fget+0x210/0x370 [ 41.981747] ? find_held_lock+0x35/0x130 [ 41.985795] ? __fget+0x210/0x370 [ 41.989227] ? lock_downgrade+0x740/0x740 [ 41.993353] ? __fget+0x237/0x370 [ 41.996784] ? __fget_light+0x172/0x1f0 [ 42.000736] ? __fdget+0x1b/0x20 [ 42.004087] ? sockfd_lookup_light+0xb4/0x160 [ 42.008562] __sys_sendmsg+0xb9/0x140 [ 42.012339] ? SyS_shutdown+0x170/0x170 [ 42.016307] SyS_sendmsg+0x2d/0x50 [ 42.019834] ? __sys_sendmsg+0x140/0x140 [ 42.023874] do_syscall_64+0x1e8/0x640 [ 42.027738] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 42.032572] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 42.037737] RIP: 0033:0x4463a9 [ 42.040904] RSP: 002b:00007fe3e79fcd98 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 42.048591] RAX: ffffffffffffffda RBX: 00000000006dbc68 RCX: 00000000004463a9 [ 42.055846] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000004 [ 42.063092] RBP: 00000000006dbc60 R08: 00007fe3e79fd700 R09: 0000000000000000 [ 42.070351] R10: 00007fe3e79fd700 R11: 0000000000000246 R12: 00000000006dbc6c [ 42.077598] R13: 0000000000000000 R14: 0000000000000000 R15: 0507002400000148