[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 31.893680] random: sshd: uninitialized urandom read (32 bytes read) [ 32.311602] kauditd_printk_skb: 9 callbacks suppressed [ 32.311610] audit: type=1400 audit(1567960574.147:35): avc: denied { map } for pid=6835 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 [ 32.359484] random: sshd: uninitialized urandom read (32 bytes read) [ 32.857532] random: sshd: uninitialized urandom read (32 bytes read) [ 93.711061] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.211' (ECDSA) to the list of known hosts. [ 99.394421] random: sshd: uninitialized urandom read (32 bytes read) [ 99.512125] audit: type=1400 audit(1567960641.347:36): avc: denied { map } for pid=6848 comm="syz-executor743" path="/root/syz-executor743204024" dev="sda1" ino=1426 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 99.740882] IPVS: ftp: loaded support on port[0] = 21 [ 100.565639] chnl_net:caif_netlink_parms(): no params data found [ 100.596410] bridge0: port 1(bridge_slave_0) entered blocking state [ 100.603200] bridge0: port 1(bridge_slave_0) entered disabled state [ 100.610420] device bridge_slave_0 entered promiscuous mode [ 100.617322] bridge0: port 2(bridge_slave_1) entered blocking state [ 100.624001] bridge0: port 2(bridge_slave_1) entered disabled state [ 100.631239] device bridge_slave_1 entered promiscuous mode [ 100.645235] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 100.654138] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 100.669160] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 100.676506] team0: Port device team_slave_0 added [ 100.681908] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 100.688872] team0: Port device team_slave_1 added [ 100.694222] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 100.705784] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 100.771888] device hsr_slave_0 entered promiscuous mode [ 100.810296] device hsr_slave_1 entered promiscuous mode [ 100.870554] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 100.877394] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 100.890764] bridge0: port 2(bridge_slave_1) entered blocking state [ 100.897150] bridge0: port 2(bridge_slave_1) entered forwarding state [ 100.904224] bridge0: port 1(bridge_slave_0) entered blocking state [ 100.910606] bridge0: port 1(bridge_slave_0) entered forwarding state [ 100.935384] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 100.942448] 8021q: adding VLAN 0 to HW filter on device bond0 [ 100.949996] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 100.957955] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 100.976116] bridge0: port 1(bridge_slave_0) entered disabled state [ 100.983094] bridge0: port 2(bridge_slave_1) entered disabled state [ 100.993113] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 100.999217] 8021q: adding VLAN 0 to HW filter on device team0 [ 101.007316] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 101.015296] bridge0: port 1(bridge_slave_0) entered blocking state [ 101.021662] bridge0: port 1(bridge_slave_0) entered forwarding state [ 101.030370] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 101.037905] bridge0: port 2(bridge_slave_1) entered blocking state [ 101.044277] bridge0: port 2(bridge_slave_1) entered forwarding state [ 101.057549] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 101.066544] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 101.076250] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 101.086414] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 101.097259] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 101.106053] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 101.112342] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 101.124546] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 101.134539] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 206.210034] INFO: rcu_preempt self-detected stall on CPU [ 206.215554] 0-...: (1 GPs behind) idle=b2e/140000000000001/0 softirq=9278/9279 fqs=20 [ 206.223671] (t=10500 jiffies g=1101 c=1100 q=11) [ 206.228590] rcu_preempt kthread starved for 10460 jiffies! g1101 c1100 f0x0 RCU_GP_WAIT_FQS(3) ->state=0x402 ->cpu=1 [ 206.239233] rcu_preempt I29824 8 2 0x80000000 [ 206.244848] Call Trace: [ 206.247430] __schedule+0x7b8/0x1cd0 [ 206.251127] ? pci_mmcfg_check_reserved+0x150/0x150 [ 206.256121] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 206.261267] schedule+0x92/0x1c0 [ 206.264622] schedule_timeout+0x43e/0xe10 [ 206.268761] ? usleep_range+0x130/0x130 [ 206.272726] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 206.277840] ? prepare_to_swait+0xcc/0x100 [ 206.282060] ? call_timer_fn+0x670/0x670 [ 206.286111] rcu_gp_kthread+0xbf4/0x1ec0 [ 206.290165] ? force_qs_rnp+0x4d0/0x4d0 [ 206.294137] kthread+0x319/0x430 [ 206.297485] ? force_qs_rnp+0x4d0/0x4d0 [ 206.301440] ? kthread_create_on_node+0xd0/0xd0 [ 206.306088] ret_from_fork+0x24/0x30 [ 206.310019] NMI backtrace for cpu 0 [ 206.316844] CPU: 0 PID: 6852 Comm: kworker/0:2 Not tainted 4.14.142 #0 [ 206.323487] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 206.332831] Workqueue: ipv6_addrconf addrconf_dad_work [ 206.338099] Call Trace: [ 206.340666] [ 206.342800] dump_stack+0x138/0x197 [ 206.346412] nmi_cpu_backtrace.cold+0x57/0x94 [ 206.350888] ? irq_force_complete_move.cold+0x7d/0x7d [ 206.356142] nmi_trigger_cpumask_backtrace+0x141/0x189 [ 206.361406] arch_trigger_cpumask_backtrace+0x14/0x20 [ 206.366580] rcu_dump_cpu_stacks+0x186/0x1d2 [ 206.370969] rcu_check_callbacks.cold+0x43d/0xd0a [ 206.375790] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 206.381226] update_process_times+0x31/0x70 [ 206.385529] tick_sched_handle+0x85/0x160 [ 206.389657] tick_sched_timer+0x43/0x130 [ 206.393714] __hrtimer_run_queues+0x270/0xbc0 [ 206.398190] ? tick_sched_do_timer+0xe0/0xe0 [ 206.402579] ? hrtimer_start_range_ns+0x10d0/0x10d0 [ 206.407578] hrtimer_interrupt+0x1d8/0x5d0 [ 206.411807] smp_apic_timer_interrupt+0x11c/0x5e0 [ 206.416630] apic_timer_interrupt+0x96/0xa0 [ 206.420948] [ 206.423170] RIP: 0010:hhf_dequeue+0x57a/0xa60 [ 206.427641] RSP: 0018:ffff8880a8b77010 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff10 [ 206.435332] RAX: 0000000000000000 RBX: ffff8880899a9d38 RCX: 0000000000000000 [ 206.442590] RDX: 0000000000000007 RSI: ffff8880899a9dd0 RDI: ffff8880899a9d38 [ 206.449844] RBP: ffff8880a8b77060 R08: 0000000000000000 R09: ffff8880a8a89048 [ 206.457094] R10: ffff8880a8a89028 R11: ffff8880a8a88640 R12: dffffc0000000000 [ 206.464357] R13: ffff8880899a9b40 R14: 0000000000000000 R15: ffff8880899a9dc0 [ 206.471637] __qdisc_run+0x2b8/0xe00 [ 206.475338] __dev_queue_xmit+0x1571/0x25e0 [ 206.479642] ? __lock_is_held+0xb6/0x140 [ 206.483684] ? check_preemption_disabled+0x3c/0x250 [ 206.488683] ? netdev_pick_tx+0x300/0x300 [ 206.492810] ? save_trace+0x290/0x290 [ 206.496588] ? br_nf_post_routing+0x27d/0xf00 [ 206.501073] ? br_forward_finish+0x1cc/0x320 [ 206.505474] ? find_held_lock+0x35/0x130 [ 206.509518] ? br_forward_finish+0x1cc/0x320 [ 206.513905] dev_queue_xmit+0x18/0x20 [ 206.517684] ? dev_queue_xmit+0x18/0x20 [ 206.521648] br_dev_queue_push_xmit+0x367/0x530 [ 206.526295] br_forward_finish+0xbc/0x320 [ 206.530425] ? br_dev_queue_push_xmit+0x530/0x530 [ 206.535246] ? br_fdb_add.cold+0x84/0x84 [ 206.539290] __br_forward+0x560/0x9c0 [ 206.543072] ? br_forward_finish+0x320/0x320 [ 206.547553] ? br_dev_queue_push_xmit+0x530/0x530 [ 206.552376] deliver_clone+0x61/0xc0 [ 206.556158] br_flood+0x3c8/0x530 [ 206.559596] br_dev_xmit+0x9a4/0xd40 [ 206.563300] ? check_preemption_disabled+0x3c/0x250 [ 206.568292] ? br_poll_controller+0x10/0x10 [ 206.572604] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 206.578036] dev_hard_start_xmit+0x18c/0x8b0 [ 206.582427] ? assoc_array_gc+0x1130/0x11d0 [ 206.586727] __dev_queue_xmit+0x1d95/0x25e0 [ 206.591031] ? trace_hardirqs_on+0x10/0x10 [ 206.595247] ? netdev_pick_tx+0x300/0x300 [ 206.599378] ? ip6_finish_output2+0x9ab/0x21b0 [ 206.603943] ? memcpy+0x46/0x50 [ 206.607200] dev_queue_xmit+0x18/0x20 [ 206.610979] ? dev_queue_xmit+0x18/0x20 [ 206.614933] neigh_resolve_output+0x4d8/0x870 [ 206.619409] ip6_finish_output2+0x9ab/0x21b0 [ 206.623799] ? ip6_forward_finish+0x480/0x480 [ 206.628274] ? lock_downgrade+0x6e0/0x6e0 [ 206.632406] ip6_finish_output+0x4f4/0xb50 [ 206.636617] ? ip6_finish_output+0x4f4/0xb50 [ 206.641006] ip6_output+0x20f/0x6d0 [ 206.644621] ? ip6_finish_output+0xb50/0xb50 [ 206.649006] ? __lock_is_held+0xb6/0x140 [ 206.653045] ? ip6_fragment+0x32c0/0x32c0 [ 206.657174] ndisc_send_skb+0xb56/0x11e0 [ 206.661227] ? ndisc_error_report+0x190/0x190 [ 206.665710] ndisc_send_ns+0x360/0x7e0 [ 206.669576] ? ndisc_netdev_event+0x3b0/0x3b0 [ 206.674051] ? trace_hardirqs_on_caller+0x400/0x590 [ 206.679043] ? addrconf_dad_work+0x97c/0xff0 [ 206.683430] ? trace_hardirqs_on+0xd/0x10 [ 206.687559] ? __local_bh_enable_ip+0x99/0x1a0 [ 206.692122] addrconf_dad_work+0xa40/0xff0 [ 206.696336] ? addrconf_dad_completed+0xa70/0xa70 [ 206.701157] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 206.706585] process_one_work+0x863/0x1600 [ 206.710802] ? pwq_dec_nr_in_flight+0x2e0/0x2e0 [ 206.715454] worker_thread+0x5d9/0x1050 [ 206.719416] kthread+0x319/0x430 [ 206.722760] ? process_one_work+0x1600/0x1600 [ 206.727240] ? kthread_create_on_node+0xd0/0xd0 [ 206.732672] ret_from_fork+0x24/0x30