[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 32.528048] random: sshd: uninitialized urandom read (32 bytes read) [ 32.795688] kauditd_printk_skb: 9 callbacks suppressed [ 32.795695] audit: type=1400 audit(1561974786.352:35): avc: denied { map } for pid=6712 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 [ 32.849649] random: sshd: uninitialized urandom read (32 bytes read) [ 33.382384] random: sshd: uninitialized urandom read (32 bytes read) [ 557.279139] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.212' (ECDSA) to the list of known hosts. [ 562.752175] random: sshd: uninitialized urandom read (32 bytes read) executing program executing program executing program executing program executing program executing program [ 562.869563] audit: type=1400 audit(1561975316.422:36): avc: denied { map } for pid=6725 comm="syz-executor284" path="/root/syz-executor284011338" dev="sda1" ino=2233 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 562.901758] kobject_add_internal failed for hci1 (error: -2 parent: bluetooth) executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 562.917484] Bluetooth: Can't register HCI device executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 564.387277] kobject_add_internal failed for hci3 (error: -2 parent: bluetooth) [ 564.395741] Bluetooth: Can't register HCI device executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 564.539142] ------------[ cut here ]------------ [ 564.544151] WARNING: CPU: 1 PID: 7264 at fs/kernfs/dir.c:494 kernfs_get+0x58/0x70 [ 564.544157] Kernel panic - not syncing: panic_on_warn set ... [ 564.544157] [ 564.544163] CPU: 1 PID: 7264 Comm: syz-executor284 Not tainted 4.14.131 #25 [ 564.544165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 564.544180] Call Trace: [ 564.552554] kobject: 'hci3' (ffff8880817d6c68): kobject_add_internal: parent: 'bluetooth', set: 'devices' [ 564.559387] dump_stack+0x138/0x19c [ 564.559461] panic+0x1f2/0x426 [ 564.566567] kobject: 'hci2' (ffff888081006c28): kobject_add_internal: parent: 'bluetooth', set: 'devices' [ 564.575990] ? add_taint.cold+0x16/0x16 [ 564.575997] ? kernfs_get+0x58/0x70 [ 564.576003] ? kernfs_get+0x58/0x70 [ 564.576006] __warn.cold+0x2f/0x36 [ 564.576046] ? ist_end_non_atomic+0x10/0x10 [ 564.576053] ? kernfs_get+0x58/0x70 [ 564.578758] kobject: 'hci3' (ffff8880817d6c68): kobject_uevent_env [ 564.588906] report_bug+0x216/0x254 [ 564.588914] do_error_trap+0x1bb/0x310 [ 564.588919] ? math_error+0x360/0x360 [ 564.588961] ? save_trace+0x290/0x290 [ 564.588969] ? __fprop_inc_percpu_max+0x1e0/0x1e0 [ 564.593055] kobject: 'hci2' (ffff888081006c28): kobject_uevent_env [ 564.595944] ? __kernfs_new_node+0x141/0x420 [ 564.595972] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 564.595979] do_invalid_op+0x1b/0x20 [ 564.605735] kobject: 'hci3' (ffff8880817d6c68): fill_kobj_path: path = '/devices/virtual/bluetooth/hci3' [ 564.609652] invalid_op+0x1b/0x40 [ 564.609659] RIP: 0010:kernfs_get+0x58/0x70 [ 564.613363] kobject: 'hci2' (ffff888081006c28): fill_kobj_path: path = '/devices/virtual/bluetooth/hci2' [ 564.617012] RSP: 0018:ffff88809779f978 EFLAGS: 00010297 [ 564.617018] RAX: ffff88808176a080 RBX: ffff888085b6e0e0 RCX: 0000000000000000 [ 564.617020] RDX: 0000000000000000 RSI: 0000000000000002 RDI: ffff888085b6e0e0 [ 564.617023] RBP: ffff88809779f980 R08: ffff88808176a080 R09: 0000000000000001 [ 564.617040] R10: 0000000000000000 R11: ffff88808176a080 R12: ffff8880990b3b60 [ 564.621515] kobject: 'rfkill524' (ffff8880966769e8): kobject_add_internal: parent: 'hci2', set: 'devices' [ 564.625219] R13: ffff8880a1b40440 R14: 0000000000000001 R15: 00000000000041ed [ 564.625233] ? kernfs_get+0x58/0x70 [ 564.625238] kernfs_new_node+0x95/0xf0 [ 564.625245] kernfs_create_dir_ns+0x41/0x140 [ 564.625277] sysfs_create_dir_ns+0xbe/0x1d0 [ 564.629193] kobject: 'rfkill524' (ffff8880966769e8): kobject_uevent_env [ 564.635527] kobject_add_internal.part.0.cold+0x114/0x5ae [ 564.635543] kobject_add+0x11f/0x180 [ 564.635547] ? kset_create_and_add+0x180/0x180 [ 564.635555] ? mutex_unlock+0xd/0x10 [ 564.635603] device_add+0x383/0x1490 [ 564.639297] kobject: 'rfkill524' (ffff8880966769e8): fill_kobj_path: path = '/devices/virtual/bluetooth/hci2/rfkill524' [ 564.643293] ? device_initialize+0x430/0x430 [ 564.643300] ? device_private_init+0x190/0x190 [ 564.643336] hci_register_dev+0x2d9/0x810 [ 564.643356] ? hci_init_sysfs+0x7c/0xa0 [ 564.653606] kobject: 'rfkill525' (ffff888084daeee8): kobject_add_internal: parent: 'hci3', set: 'devices' [ 564.655945] __vhci_create_device+0x2a6/0x560 [ 564.655954] vhci_write+0x2a1/0x437 [ 564.663100] kobject: 'rfkill524' (ffff8880966769e8): kobject_uevent_env [ 564.666899] __vfs_write+0x4a7/0x6b0 [ 564.666907] ? kernel_read+0x120/0x120 [ 564.672070] kobject: 'rfkill525' (ffff888084daeee8): kobject_uevent_env [ 564.675596] ? rw_verify_area+0xea/0x2b0 [ 564.675603] vfs_write+0x198/0x500 [ 564.675609] SyS_write+0xfd/0x230 [ 564.675615] ? SyS_read+0x230/0x230 [ 564.685299] kobject: 'rfkill524' (ffff8880966769e8): fill_kobj_path: path = '/devices/virtual/bluetooth/hci2/rfkill524' [ 564.688920] ? do_syscall_64+0x53/0x640 [ 564.688927] ? SyS_read+0x230/0x230 [ 564.688932] do_syscall_64+0x1e8/0x640 [ 564.688936] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 564.688944] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 564.693467] kobject: 'rfkill525' (ffff888084daeee8): fill_kobj_path: path = '/devices/virtual/bluetooth/hci3/rfkill525' [ 564.703055] RIP: 0033:0x441279 [ 564.703058] RSP: 002b:00007ffff1c67cc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 564.703063] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441279 [ 564.703066] RDX: 0000000000000002 RSI: 0000000020000000 RDI: 0000000000000003 [ 564.703068] RBP: 0000000000089d20 R08: 00000000004002c8 R09: 00000000004002c8 [ 564.703071] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000401ff0 [ 564.703073] R13: 0000000000402080 R14: 0000000000000000 R15: 0000000000000000 [ 564.709697] Kernel Offset: disabled [ 564.997439] Rebooting in 86400 seconds..