[ 32.714052] audit: type=1800 audit(1563905275.329:33): pid=6799 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="startpar" name="rc.local" dev="sda1" ino=2465 res=0 [ 32.740989] audit: type=1800 audit(1563905275.329:34): pid=6799 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="startpar" name="rmnologin" dev="sda1" ino=2456 res=0 Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 37.795767] random: sshd: uninitialized urandom read (32 bytes read) [ 37.975195] audit: type=1400 audit(1563905280.589:35): avc: denied { map } for pid=6971 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 [ 38.016725] random: sshd: uninitialized urandom read (32 bytes read) [ 38.571290] random: sshd: uninitialized urandom read (32 bytes read) [ 44.706253] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.15.219' (ECDSA) to the list of known hosts. [ 50.294469] random: sshd: uninitialized urandom read (32 bytes read) executing program [ 50.425546] audit: type=1400 audit(1563905293.039:36): avc: denied { map } for pid=6983 comm="syz-executor251" path="/root/syz-executor251618322" dev="sda1" ino=16483 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 50.429121] [ 50.452126] audit: type=1400 audit(1563905293.039:37): avc: denied { create } for pid=6983 comm="syz-executor251" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 50.452144] audit: type=1400 audit(1563905293.039:38): avc: denied { write } for pid=6983 comm="syz-executor251" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 50.454489] ============================= [ 50.478425] audit: type=1400 audit(1563905293.039:39): avc: denied { read } for pid=6983 comm="syz-executor251" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 50.502460] WARNING: suspicious RCU usage [ 50.534534] 4.14.134 #29 Not tainted [ 50.538460] ----------------------------- [ 50.543526] net/tipc/bearer.c:177 suspicious rcu_dereference_protected() usage! [ 50.551281] [ 50.551281] other info that might help us debug this: [ 50.551281] [ 50.559531] [ 50.559531] rcu_scheduler_active = 2, debug_locks = 1 [ 50.566312] 2 locks held by syz-executor251/6983: [ 50.571465] #0: (cb_lock){++++}, at: [] genl_rcv+0x1a/0x40 [ 50.579028] #1: (genl_mutex){+.+.}, at: [] genl_rcv_msg+0x119/0x150 [ 50.587888] [ 50.587888] stack backtrace: [ 50.592657] CPU: 1 PID: 6983 Comm: syz-executor251 Not tainted 4.14.134 #29 [ 50.599800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 50.609156] Call Trace: [ 50.611763] dump_stack+0x138/0x19c [ 50.615707] lockdep_rcu_suspicious+0x153/0x15d [ 50.620475] tipc_bearer_find+0x20a/0x300 [ 50.624700] tipc_nl_compat_link_set+0x433/0xbf0 [ 50.629527] tipc_nl_compat_doit+0x16b/0x510 [ 50.634299] ? security_capable+0x8e/0xc0 [ 50.638839] ? tipc_nl_compat_link_stat_dump+0x2080/0x2080 [ 50.644480] ? ns_capable_common+0x12c/0x160 [ 50.649198] ? ns_capable+0x23/0x30 [ 50.652830] ? __netlink_ns_capable+0xe2/0x130 [ 50.657565] tipc_nl_compat_recv+0x9b8/0xaf0 [ 50.662149] ? __lock_is_held+0xb6/0x140 [ 50.666206] ? tipc_nl_compat_doit+0x510/0x510 [ 50.670908] ? tipc_nl_node_dump+0xc90/0xc90 [ 50.675351] ? tipc_nl_compat_bearer_enable+0x570/0x570 [ 50.680771] ? genl_rcv_msg+0x119/0x150 [ 50.684742] ? genl_rcv_msg+0x119/0x150 [ 50.688856] genl_family_rcv_msg+0x614/0xc30 [ 50.693435] ? genl_rcv+0x40/0x40 [ 50.697070] ? __lock_acquire+0x5f9/0x45e0 [ 50.701591] ? __lock_acquire+0x5f9/0x45e0 [ 50.706074] genl_rcv_msg+0xb4/0x150 [ 50.709819] netlink_rcv_skb+0x14f/0x3c0 [ 50.713874] ? genl_family_rcv_msg+0xc30/0xc30 [ 50.719119] ? netlink_ack+0x9a0/0x9a0 [ 50.722997] ? genl_rcv+0x1a/0x40 [ 50.726972] genl_rcv+0x29/0x40 [ 50.730417] netlink_unicast+0x45d/0x780 [ 50.735193] ? netlink_attachskb+0x6a0/0x6a0 [ 50.739609] ? security_netlink_send+0x81/0xb0 [ 50.744266] netlink_sendmsg+0x7c4/0xc60 [ 50.748549] ? netlink_unicast+0x780/0x780 [ 50.753145] ? security_socket_sendmsg+0x89/0xb0 [ 50.758145] ? netlink_unicast+0x780/0x780 [ 50.762752] sock_sendmsg+0xce/0x110 [ 50.766474] ___sys_sendmsg+0x70a/0x840 [ 50.770443] ? copy_msghdr_from_user+0x3f0/0x3f0 [ 50.775195] ? __lock_acquire+0x5f9/0x45e0 [ 50.779916] ? save_trace+0x290/0x290 [ 50.783716] ? trace_hardirqs_on+0x10/0x10 [ 50.788117] ? save_trace+0x290/0x290 [ 50.791999] ? lock_downgrade+0x6e0/0x6e0 [ 50.796550] ? task_work_run+0xf0/0x190 [ 50.800562] ? __fget_light+0x172/0x1f0 [ 50.804710] ? __fdget+0x1b/0x20 [ 50.808242] ? sockfd_lookup_light+0xb4/0x160 [ 50.812721] __sys_sendmsg+0xb9/0x140 [ 50.816521] ? SyS_shutdown+0x170/0x170 [ 50.820495] ? trace_hardirqs_on_caller+0x400/0x590 [ 50.825515] SyS_sendmsg+0x2d/0x50 [ 50.829144] ? __sys_sendmsg+0x140/0x140 [ 50.833261] do_syscall_64+0x1e8/0x640 [ 50.837566] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 50.842982] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 50.848250] RIP: 0033:0x444229 [ 50.851605] RSP: 002b:00007ffd0830f698 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 50.859316] RAX: ffffffffffffffda RBX: 00000000004002e0 RCX: 0000000000444229 [ 50.866704] RDX: 0000000000000000 RSI: 0000000020000380 RDI: 0000000000000003 [ 50.874008] RBP: 00000000006ce018 R08: