[ 35.610905] audit: type=1800 audit(1582333673.124:33): pid=7204 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="startpar" name="rc.local" dev="sda1" ino=2465 res=0 [ 35.639233] audit: type=1800 audit(1582333673.124:34): pid=7204 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="startpar" name="rmnologin" dev="sda1" ino=2456 res=0 Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 39.170662] random: sshd: uninitialized urandom read (32 bytes read) [ 39.553822] audit: type=1400 audit(1582333677.064:35): avc: denied { map } for pid=7377 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 [ 39.623908] random: sshd: uninitialized urandom read (32 bytes read) [ 40.346330] random: sshd: uninitialized urandom read (32 bytes read) [ 40.537758] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.162' (ECDSA) to the list of known hosts. [ 46.104152] random: sshd: uninitialized urandom read (32 bytes read) executing program [ 46.225045] audit: type=1400 audit(1582333683.734:36): avc: denied { map } for pid=7389 comm="syz-executor635" path="/root/syz-executor635529135" dev="sda1" ino=16483 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 46.230307] [ 46.252480] audit: type=1400 audit(1582333683.734:37): avc: denied { create } for pid=7389 comm="syz-executor635" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 46.254697] ============================= [ 46.278966] audit: type=1400 audit(1582333683.734:38): avc: denied { write } for pid=7389 comm="syz-executor635" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 46.283637] WARNING: suspicious RCU usage [ 46.308113] audit: type=1400 audit(1582333683.734:39): avc: denied { read } for pid=7389 comm="syz-executor635" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 46.312390] 4.14.171-syzkaller #0 Not tainted [ 46.342241] ----------------------------- [ 46.346563] net/tipc/bearer.c:177 suspicious rcu_dereference_protected() usage! [ 46.354098] [ 46.354098] other info that might help us debug this: [ 46.354098] [ 46.362685] [ 46.362685] rcu_scheduler_active = 2, debug_locks = 1 [ 46.369363] 2 locks held by syz-executor635/7389: [ 46.374329] #0: (cb_lock){++++}, at: [] genl_rcv+0x1a/0x40 [ 46.385369] #1: (genl_mutex){+.+.}, at: [] genl_rcv_msg+0x119/0x150 [ 46.394630] [ 46.394630] stack backtrace: [ 46.399296] CPU: 0 PID: 7389 Comm: syz-executor635 Not tainted 4.14.171-syzkaller #0 [ 46.407266] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 46.417147] Call Trace: [ 46.419828] dump_stack+0x142/0x197 [ 46.424267] lockdep_rcu_suspicious+0x153/0x15d [ 46.428972] tipc_bearer_find+0x20a/0x300 [ 46.433394] tipc_nl_compat_link_set+0x433/0xbf0 [ 46.440168] tipc_nl_compat_doit+0x1a2/0x550 [ 46.444711] ? security_capable+0x8e/0xc0 [ 46.448860] ? tipc_nl_compat_link_stat_dump+0x2080/0x2080 [ 46.454474] ? ns_capable_common+0x12c/0x160 [ 46.459368] ? ns_capable+0x23/0x30 [ 46.463080] ? __netlink_ns_capable+0xe2/0x130 [ 46.467694] tipc_nl_compat_recv+0x9ec/0xb20 [ 46.472108] ? is_bpf_text_address+0xa6/0x120 [ 46.476782] ? tipc_nl_compat_doit+0x550/0x550 [ 46.481519] ? tipc_nl_node_dump+0xcb0/0xcb0 [ 46.486794] ? tipc_nl_compat_bearer_enable+0x570/0x570 [ 46.492235] ? lock_acquire+0x16f/0x430 [ 46.496216] ? genl_rcv_msg+0x119/0x150 [ 46.500197] ? genl_rcv_msg+0x119/0x150 [ 46.504325] genl_family_rcv_msg+0x614/0xc30 [ 46.508732] ? genl_unregister_family+0x6a0/0x6a0 [ 46.513659] genl_rcv_msg+0xb4/0x150 [ 46.517383] netlink_rcv_skb+0x14f/0x3c0 [ 46.521474] ? genl_family_rcv_msg+0xc30/0xc30 [ 46.526167] ? netlink_ack+0x9a0/0x9a0 [ 46.530063] ? genl_rcv+0x1a/0x40 [ 46.533516] genl_rcv+0x29/0x40 [ 46.536788] netlink_unicast+0x44d/0x650 [ 46.540857] ? netlink_attachskb+0x6a0/0x6a0 [ 46.545258] ? security_netlink_send+0x81/0xb0 [ 46.549848] netlink_sendmsg+0x7c4/0xc60 [ 46.553910] ? netlink_unicast+0x650/0x650 [ 46.558165] ? security_socket_sendmsg+0x89/0xb0 [ 46.562908] ? netlink_unicast+0x650/0x650 [ 46.567736] sock_sendmsg+0xce/0x110 [ 46.571545] ___sys_sendmsg+0x70a/0x840 [ 46.575579] ? copy_msghdr_from_user+0x3f0/0x3f0 [ 46.580363] ? __lock_acquire+0x5f7/0x4620 [ 46.584650] ? save_trace+0x290/0x290 [ 46.588450] ? trace_hardirqs_on+0x10/0x10 [ 46.592725] ? save_trace+0x290/0x290 [ 46.596522] ? lock_downgrade+0x740/0x740 [ 46.600689] ? task_work_run+0xf0/0x190 [ 46.605057] ? __fget_light+0x172/0x1f0 [ 46.609034] ? __fdget+0x1b/0x20 [ 46.612398] ? sockfd_lookup_light+0xb4/0x160 [ 46.616884] __sys_sendmsg+0xb9/0x140 [ 46.620686] ? SyS_shutdown+0x170/0x170 [ 46.624652] ? trace_hardirqs_on_caller+0x400/0x590 [ 46.629688] SyS_sendmsg+0x2d/0x50 [ 46.633356] ? __sys_sendmsg+0x140/0x140 [ 46.637419] do_syscall_64+0x1e8/0x640 [ 46.641802] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 46.646645] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 46.651980] RIP: 0033:0x444229 [ 46.655165] RSP: 002b:00007ffedc36bf78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 46.663152] RAX: ffffffffffffffda RBX: 00000000004002e0 RCX: 0000000000444229 [ 46.670447] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000003 [ 46.678266] RBP: 000