[....] Starting OpenBSD Secure Shell server: sshd[ 10.943821] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 27.642398] random: sshd: uninitialized urandom read (32 bytes read) [ 27.984792] audit: type=1400 audit(1568124587.240:6): avc: denied { map } for pid=1768 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 [ 28.027397] random: sshd: uninitialized urandom read (32 bytes read) [ 28.523317] random: sshd: uninitialized urandom read (32 bytes read) [ 28.682804] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.10.1' (ECDSA) to the list of known hosts. [ 34.134197] random: sshd: uninitialized urandom read (32 bytes read) [ 34.235682] audit: type=1400 audit(1568124593.490:7): avc: denied { map } for pid=1786 comm="syz-execprog" path="/root/syz-execprog" dev="sda1" ino=1426 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 2019/09/10 14:09:53 parsed 1 programs [ 34.298627] audit: type=1400 audit(1568124593.550:8): avc: denied { map } for pid=1786 comm="syz-execprog" path="/sys/kernel/debug/kcov" dev="debugfs" ino=5044 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1 [ 34.661542] random: cc1: uninitialized urandom read (8 bytes read) 2019/09/10 14:09:54 executed programs: 0 [ 35.406670] audit: type=1400 audit(1568124594.660:9): avc: denied { map } for pid=1786 comm="syz-execprog" path="/root/syzkaller-shm599018695" dev="sda1" ino=16482 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1 [ 36.870055] hrtimer: interrupt took 35266 ns 2019/09/10 14:09:59 executed programs: 72 [ 41.920149] ------------[ cut here ]------------ [ 41.924988] WARNING: CPU: 0 PID: 0 at net/ipv4/tcp_timer.c:429 tcp_retransmit_timer+0x1a66/0x2590 [ 41.934004] Kernel panic - not syncing: panic_on_warn set ... [ 41.934004] [ 41.941430] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 4.14.143+ #0 [ 41.947724] Call Trace: [ 41.950288] [ 41.952431] dump_stack+0xca/0x134 [ 41.955971] panic+0x1ea/0x3d3 [ 41.959159] ? add_taint.cold+0x16/0x16 [ 41.963254] ? tcp_retransmit_timer+0x1a66/0x2590 [ 41.968286] ? __probe_kernel_read+0x163/0x1c0 [ 41.972860] ? tcp_retransmit_timer+0x1a66/0x2590 [ 41.977684] __warn.cold+0x2f/0x3a [ 41.981210] ? tcp_retransmit_timer+0x1a66/0x2590 [ 41.986035] report_bug+0x20a/0x248 [ 41.989644] do_error_trap+0x1bf/0x2d0 [ 41.993513] ? math_error+0x2d0/0x2d0 [ 41.997301] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 42.002126] invalid_op+0x18/0x40 [ 42.005569] RIP: 0010:tcp_retransmit_timer+0x1a66/0x2590 [ 42.011008] RSP: 0018:ffff8881db807c78 EFLAGS: 00010206 [ 42.016473] RAX: ffffffffac230d40 RBX: ffff8881cec03b00 RCX: 0000000000000001 [ 42.023837] RDX: 0000000000000100 RSI: 0000000000000000 RDI: ffff8881c86cc0c8 [ 42.031288] RBP: ffff8881c86cb700 R08: ffff88821fffd01c R09: ffff88821fffd008 [ 42.038544] R10: ffff88821fffd017 R11: ffff88821fffd010 R12: ffff8881c86cbd9a [ 42.045795] R13: ffff8881c86cb730 R14: 0000000000000000 R15: ffff8881c86cbf0c [ 42.053079] ? tcp_retransmit_timer+0x1a66/0x2590 [ 42.057908] ? sched_clock+0x5/0x10 [ 42.061522] ? sched_clock_cpu+0x31/0x1c0 [ 42.065670] ? tcp_write_timer_handler+0x780/0x780 [ 42.070585] tcp_write_timer_handler+0x43d/0x780 [ 42.075422] tcp_write_timer+0xc9/0x170 [ 42.079393] call_timer_fn+0x15b/0x6a0 [ 42.083273] ? collect_expired_timers+0x280/0x280 [ 42.088108] ? check_preemption_disabled+0x35/0x1f0 [ 42.093108] ? _raw_spin_unlock_irq+0x24/0x50 [ 42.097586] ? tcp_write_timer_handler+0x780/0x780 [ 42.102491] expire_timers+0x227/0x4c0 [ 42.106360] run_timer_softirq+0x1eb/0x5d0 [ 42.110576] ? expire_timers+0x4c0/0x4c0 [ 42.114615] ? check_preemption_disabled+0x35/0x1f0 [ 42.119618] ? check_preemption_disabled+0x35/0x1f0 [ 42.124627] __do_softirq+0x234/0x9ec [ 42.128407] ? check_preemption_disabled+0x35/0x1f0 [ 42.133417] irq_exit+0x114/0x150 [ 42.136862] smp_apic_timer_interrupt+0x1a7/0x650 [ 42.141857] apic_timer_interrupt+0x8c/0xa0 [ 42.146163] [ 42.148377] RIP: 0010:native_safe_halt+0x13/0x20 [ 42.153105] RSP: 0018:ffffffffac207d48 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff10 [ 42.160799] RAX: 0000000000000000 RBX: ffffffffac62eba8 RCX: 0000000000000000 [ 42.168130] RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffffffffac23156c [ 42.175376] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 42.182623] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 42.189966] R13: 0000000000000000 R14: ffffffffac230d40 R15: dffffc0000000000 [ 42.197233] default_idle+0x61/0x3b0 [ 42.200936] do_idle+0x2e6/0x390 [ 42.204314] ? arch_cpu_idle_exit+0x40/0x40 [ 42.208641] cpu_startup_entry+0xc6/0xd0 [ 42.212696] ? cpu_in_idle+0x20/0x20 [ 42.216445] ? preempt_count_add+0xb8/0x180 [ 42.221029] ? trace_event_define_fields_x86_irq_vector+0x28/0x28 [ 42.227329] start_kernel+0x858/0x890 [ 42.231340] ? mem_encrypt_init+0x5/0x5 [ 42.235455] ? memcpy_orig+0x54/0x110 [ 42.239338] secondary_startup_64+0xa5/0xb0 [ 42.244372] Kernel Offset: 0x28e00000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff) [ 42.255484] Rebooting in 86400 seconds..