[....] Starting file context maintaining daemon: restorecond�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[....] Starting OpenBSD Secure Shell server: sshd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
Debian GNU/Linux 7 syzkaller ttyS0
syzkaller login: [ 31.678283] random: sshd: uninitialized urandom read (32 bytes read)
[ 31.924480] kauditd_printk_skb: 9 callbacks suppressed
[ 31.924489] audit: type=1400 audit(1566886785.089:35): avc: denied { map } for pid=6818 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
[ 31.966126] random: sshd: uninitialized urandom read (32 bytes read)
[ 32.475376] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.0.158' (ECDSA) to the list of known hosts.
[ 38.058755] urandom_read: 1 callbacks suppressed
[ 38.058761] random: sshd: uninitialized urandom read (32 bytes read)
[ 38.245965] audit: type=1400 audit(1566886791.409:36): avc: denied { map } for pid=6832 comm="syz-execprog" path="/root/syz-execprog" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
2019/08/27 06:19:52 parsed 1 programs
[ 39.093505] audit: type=1400 audit(1566886792.259:37): avc: denied { map } for pid=6832 comm="syz-execprog" path="/sys/kernel/debug/kcov" dev="debugfs" ino=13801 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1
[ 40.014947] random: cc1: uninitialized urandom read (8 bytes read)
2019/08/27 06:19:54 executed programs: 0
[ 40.940491] audit: type=1400 audit(1566886794.109:38): avc: denied { map } for pid=6832 comm="syz-execprog" path="/root/syzkaller-shm785111018" dev="sda1" ino=16484 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1
[ 41.210972] IPVS: ftp: loaded support on port[0] = 21
[ 41.995181] chnl_net:caif_netlink_parms(): no params data found
[ 42.023695] bridge0: port 1(bridge_slave_0) entered blocking state
[ 42.030457] bridge0: port 1(bridge_slave_0) entered disabled state
[ 42.037437] device bridge_slave_0 entered promiscuous mode
[ 42.044387] bridge0: port 2(bridge_slave_1) entered blocking state
[ 42.050827] bridge0: port 2(bridge_slave_1) entered disabled state
[ 42.057673] device bridge_slave_1 entered promiscuous mode
[ 42.072034] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 42.080848] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 42.096060] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[ 42.103368] team0: Port device team_slave_0 added
[ 42.109540] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[ 42.116676] team0: Port device team_slave_1 added
[ 42.122193] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[ 42.129270] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[ 42.182042] device hsr_slave_0 entered promiscuous mode
[ 42.220429] device hsr_slave_1 entered promiscuous mode
[ 42.270691] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[ 42.277545] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[ 42.289869] bridge0: port 2(bridge_slave_1) entered blocking state
[ 42.296284] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 42.303217] bridge0: port 1(bridge_slave_0) entered blocking state
[ 42.309545] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 42.335154] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[ 42.341419] 8021q: adding VLAN 0 to HW filter on device bond0
[ 42.348742] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[ 42.357358] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 42.365613] bridge0: port 1(bridge_slave_0) entered disabled state
[ 42.372754] bridge0: port 2(bridge_slave_1) entered disabled state
[ 42.381759] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[ 42.387811] 8021q: adding VLAN 0 to HW filter on device team0
[ 42.397048] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 42.404841] bridge0: port 1(bridge_slave_0) entered blocking state
[ 42.411187] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 42.419645] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 42.427589] bridge0: port 2(bridge_slave_1) entered blocking state
[ 42.433966] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 42.447494] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 42.455587] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 42.467846] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 42.477868] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 42.488697] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[ 42.495327] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 42.503161] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 42.510921] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 42.518350] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 42.530468] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
[ 42.539457] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 42.991412] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[ 43.698070] kasan: CONFIG_KASAN_INLINE enabled
[ 43.702974] kasan: GPF could be caused by NULL-ptr deref or user memory access
[ 43.710610] general protection fault: 0000 [#1] PREEMPT SMP KASAN
[ 43.716831] Modules linked in:
[ 43.720015] CPU: 0 PID: 6872 Comm: syz-executor.0 Not tainted 4.14.140 #36
[ 43.727007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 43.736336] task: ffff8880808f0400 task.stack: ffff888099c60000
[ 43.742376] RIP: 0010:__smc_diag_dump.isra.0+0x342/0x17b0
[ 43.747883] RSP: 0018:ffff888099c674f0 EFLAGS: 00010203
[ 43.753225] RAX: dffffc0000000000 RBX: ffff8880817c0cc0 RCX: 0000000000000001
[ 43.760476] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000e
[ 43.767728] RBP: ffff888099c676c8 R08: 0000000000000040 R09: ffff8880817c0d10
[ 43.774974] R10: ffff8880808f0cf8 R11: ffff8880808f0400 R12: ffff888099c676a0
[ 43.782221] R13: ffff8880964265d0 R14: ffff888096cfca40 R15: ffff888096cfce90
[ 43.789469] FS: 00007f8b882e4700(0000) GS:ffff8880aee00000(0000) knlGS:0000000000000000
[ 43.797930] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 43.803789] CR2: 00007ffc20b370c8 CR3: 000000008a982000 CR4: 00000000001406f0
[ 43.811036] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 43.818287] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 43.825552] Call Trace:
[ 43.828127] ? smc_diag_handler_dump+0x200/0x200
[ 43.832863] ? rcu_lockdep_current_cpu_online+0xf2/0x140
[ 43.838290] ? __kmalloc_node_track_caller+0x3d/0x80
[ 43.843374] ? rcu_read_lock_sched_held+0x110/0x130
[ 43.848368] ? kmem_cache_alloc_node_trace+0x379/0x770
[ 43.853624] ? kasan_unpoison_shadow+0x35/0x50
[ 43.858178] ? kasan_kmalloc+0xce/0xf0
[ 43.862040] ? lock_acquire+0x16f/0x430
[ 43.866006] ? smc_diag_dump+0x8d/0x2a0
[ 43.869961] smc_diag_dump+0x1e5/0x2a0
[ 43.873830] netlink_dump+0x3fa/0xb10
[ 43.877606] __netlink_dump_start+0x4ff/0x750
[ 43.882079] smc_diag_handler_dump+0x1b7/0x200
[ 43.886636] ? smc_gid_be16_convert+0x2c0/0x2c0
[ 43.891277] ? __smc_diag_dump.isra.0+0x17b0/0x17b0
[ 43.896275] sock_diag_rcv_msg+0x29e/0x3a0
[ 43.900489] netlink_rcv_skb+0x14f/0x3c0
[ 43.904539] ? sock_diag_bind+0x90/0x90
[ 43.908504] ? lock_downgrade+0x6e0/0x6e0
[ 43.912631] ? netlink_ack+0x9a0/0x9a0
[ 43.916497] sock_diag_rcv+0x2b/0x40
[ 43.920190] netlink_unicast+0x45d/0x640
[ 43.924235] ? netlink_attachskb+0x6a0/0x6a0
[ 43.928625] ? security_netlink_send+0x81/0xb0
[ 43.933183] netlink_sendmsg+0x7c4/0xc60
[ 43.937217] ? netlink_unicast+0x640/0x640
[ 43.941430] ? security_socket_sendmsg+0x89/0xb0
[ 43.946161] ? netlink_unicast+0x640/0x640
[ 43.950369] sock_sendmsg+0xce/0x110
[ 43.954055] ___sys_sendmsg+0x70a/0x840
[ 43.958003] ? copy_msghdr_from_user+0x3f0/0x3f0
[ 43.962736] ? __fget+0x210/0x370
[ 43.966166] ? find_held_lock+0x35/0x130
[ 43.970213] ? __fget+0x210/0x370
[ 43.973642] ? lock_downgrade+0x6e0/0x6e0
[ 43.977767] ? __fget+0x237/0x370
[ 43.981216] ? __fget_light+0x172/0x1f0
[ 43.985164] ? __fdget+0x1b/0x20
[ 43.988503] ? sockfd_lookup_light+0xb4/0x160
[ 43.992978] __sys_sendmsg+0xb9/0x140
[ 43.996761] ? SyS_shutdown+0x170/0x170
[ 44.000722] ? put_timespec64+0xb4/0x100
[ 44.004767] ? SyS_clock_gettime+0xf8/0x180
[ 44.009065] SyS_sendmsg+0x2d/0x50
[ 44.012594] ? __sys_sendmsg+0x140/0x140
[ 44.016633] do_syscall_64+0x1e8/0x640
[ 44.020495] ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 44.025331] entry_SYSCALL_64_after_hwframe+0x42/0xb7
[ 44.030498] RIP: 0033:0x459879
[ 44.033663] RSP: 002b:00007f8b882e3c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 44.041350] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459879
[ 44.048597] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000004
[ 44.055853] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[ 44.063100] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8b882e46d4
[ 44.070342] R13: 00000000004c773e R14: 00000000004dcf58 R15: 00000000ffffffff
[ 44.077597] Code: 20 48 89 f9 48 c1 e9 03 80 3c 11 00 0f 85 b2 13 00 00 48 8b 50 20 48 b8 00 00 00 00 00 fc ff df 48 8d 7a 0e 48 89 f9 48 c1 e9 03 <0f> b6 0c 01 48 89 f8 83 e0 07 83 c0 01 38 c8 7c 08 84 c9 0f 85
[ 44.096680] RIP: __smc_diag_dump.isra.0+0x342/0x17b0 RSP: ffff888099c674f0
[ 44.103713] ---[ end trace 4e2bc5fe2c097bb8 ]---
[ 44.108457] Kernel panic - not syncing: Fatal exception
[ 44.114999] Kernel Offset: disabled
[ 44.118621] Rebooting in 86400 seconds..