[   28.748110] random: sshd: uninitialized urandom read (32 bytes read)
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

[   30.050643] random: sshd: uninitialized urandom read (32 bytes read)
syzkaller login: [   30.290924] random: sshd: uninitialized urandom read (32 bytes read)
[   30.806919] random: sshd: uninitialized urandom read (32 bytes read)
[  229.523516] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.10.21' (ECDSA) to the list of known hosts.
[  235.063545] random: sshd: uninitialized urandom read (32 bytes read)
[  235.184334] kauditd_printk_skb: 10 callbacks suppressed
[  235.184343] audit: type=1400 audit(1568369558.141:36): avc:  denied  { map } for  pid=6857 comm="syz-executor883" path="/root/syz-executor883525764" dev="sda1" ino=1426 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[  235.441089] IPVS: ftp: loaded support on port[0] = 21
[  236.239558] chnl_net:caif_netlink_parms(): no params data found
[  236.272510] bridge0: port 1(bridge_slave_0) entered blocking state
[  236.279159] bridge0: port 1(bridge_slave_0) entered disabled state
[  236.286708] device bridge_slave_0 entered promiscuous mode
[  236.293774] bridge0: port 2(bridge_slave_1) entered blocking state
[  236.300226] bridge0: port 2(bridge_slave_1) entered disabled state
[  236.307033] device bridge_slave_1 entered promiscuous mode
[  236.321443] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  236.329997] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  236.345982] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  236.353383] team0: Port device team_slave_0 added
[  236.358723] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  236.365881] team0: Port device team_slave_1 added
[  236.371154] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  236.378319] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  236.432240] device hsr_slave_0 entered promiscuous mode
[  236.500309] device hsr_slave_1 entered promiscuous mode
[  236.580505] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[  236.587418] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[  236.601811] bridge0: port 2(bridge_slave_1) entered blocking state
[  236.608213] bridge0: port 2(bridge_slave_1) entered forwarding state
[  236.615114] bridge0: port 1(bridge_slave_0) entered blocking state
[  236.621525] bridge0: port 1(bridge_slave_0) entered forwarding state
[  236.647347] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[  236.655036] 8021q: adding VLAN 0 to HW filter on device bond0
[  236.662965] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  236.671713] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  236.689832] bridge0: port 1(bridge_slave_0) entered disabled state
[  236.696909] bridge0: port 2(bridge_slave_1) entered disabled state
[  236.706327] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[  236.712702] 8021q: adding VLAN 0 to HW filter on device team0
[  236.720842] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  236.728370] bridge0: port 1(bridge_slave_0) entered blocking state
[  236.734752] bridge0: port 1(bridge_slave_0) entered forwarding state
[  236.743862] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  236.752022] bridge0: port 2(bridge_slave_1) entered blocking state
[  236.758351] bridge0: port 2(bridge_slave_1) entered forwarding state
[  236.776353] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  236.786608] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  236.798460] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[  236.805974] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  236.813748] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  236.821666] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  236.829147] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  236.837292] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
executing program
executing program
executing program
executing program
[  236.844069] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  236.856163] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
[  236.865347] 8021q: adding VLAN 0 to HW filter on device batadv0
[  341.890025] INFO: rcu_preempt self-detected stall on CPU
[  341.895543] 	1-...: (10499 ticks this GP) idle=33e/140000000000001/0 softirq=10144/10144 fqs=38 
[  341.904441] 	 (t=10500 jiffies g=1026 c=1025 q=208)
[  341.909447] rcu_preempt kthread starved for 10422 jiffies! g1026 c1025 f0x0 RCU_GP_WAIT_FQS(3) ->state=0x402 ->cpu=0
[  341.920086] rcu_preempt     I29776     8      2 0x80000000
[  341.925818] Call Trace:
[  341.928544]  __schedule+0x7b8/0x1cd0
[  341.932245]  ? pci_mmcfg_check_reserved+0x150/0x150
[  341.937240]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  341.942329]  schedule+0x92/0x1c0
[  341.945678]  schedule_timeout+0x43e/0xe10
[  341.949804]  ? usleep_range+0x130/0x130
[  341.953759]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  341.958891]  ? prepare_to_swait+0xcc/0x100
[  341.963109]  ? call_timer_fn+0x670/0x670
[  341.967178]  rcu_gp_kthread+0xbf4/0x1ec0
[  341.971232]  ? force_qs_rnp+0x4d0/0x4d0
[  341.975193]  kthread+0x319/0x430
[  341.978626]  ? force_qs_rnp+0x4d0/0x4d0
[  341.982591]  ? kthread_create_on_node+0xd0/0xd0
[  341.987241]  ret_from_fork+0x24/0x30
[  341.991124] NMI backtrace for cpu 1
[  341.994908] CPU: 1 PID: 18 Comm: kworker/1:0 Not tainted 4.14.143 #0
[  342.001380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  342.010776] Workqueue: ipv6_addrconf addrconf_dad_work
[  342.016032] Call Trace:
[  342.018595]  <IRQ>
[  342.020782]  dump_stack+0x138/0x197
[  342.024393]  nmi_cpu_backtrace.cold+0x57/0x94
[  342.028869]  ? irq_force_complete_move.cold+0x7d/0x7d
[  342.034213]  nmi_trigger_cpumask_backtrace+0x141/0x189
[  342.039489]  arch_trigger_cpumask_backtrace+0x14/0x20
[  342.044659]  rcu_dump_cpu_stacks+0x186/0x1d2
[  342.049063]  rcu_check_callbacks.cold+0x43d/0xd0a
[  342.053887]  ? rcu_lockdep_current_cpu_online+0xf2/0x140
[  342.059325]  update_process_times+0x31/0x70
[  342.063629]  tick_sched_handle+0x85/0x160
[  342.067783]  tick_sched_timer+0x43/0x130
[  342.072607]  __hrtimer_run_queues+0x270/0xbc0
[  342.078050]  ? tick_sched_do_timer+0xe0/0xe0
[  342.082465]  ? hrtimer_start_range_ns+0x10d0/0x10d0
[  342.087470]  hrtimer_interrupt+0x1d8/0x5d0
[  342.091734]  smp_apic_timer_interrupt+0x11c/0x5e0
[  342.096575]  apic_timer_interrupt+0x96/0xa0
[  342.100889]  </IRQ>
[  342.103141] RIP: 0010:hhf_dequeue+0x605/0xa60
[  342.107805] RSP: 0018:ffff8880a9d6f010 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff10
[  342.115494] RAX: 1ffff11012badc53 RBX: ffff888095d6e1f8 RCX: 0000000000000000
[  342.122759] RDX: 0000000000000000 RSI: ffff888095d6e290 RDI: ffff888095d6e298
[  342.130027] RBP: ffff8880a9d6f060 R08: 0000000000000000 R09: ffff8880a9d5eec8
[  342.137888] R10: ffff8880a9d5eea8 R11: ffff8880a9d5e4c0 R12: dffffc0000000000
[  342.145138] R13: ffff888095d6e000 R14: ffff888095d6e290 R15: ffff888095d6e280
[  342.152921]  __qdisc_run+0x2b8/0xe00
[  342.156654]  __dev_queue_xmit+0x1571/0x25e0
[  342.160958]  ? __lock_is_held+0xb6/0x140
[  342.165016]  ? check_preemption_disabled+0x3c/0x250
[  342.170042]  ? netdev_pick_tx+0x300/0x300
[  342.174487]  ? save_trace+0x290/0x290
[  342.178346]  ? br_nf_post_routing+0x27d/0xf00
[  342.182851]  ? br_forward_finish+0x1cc/0x320
[  342.187243]  ? find_held_lock+0x35/0x130
[  342.191291]  ? br_forward_finish+0x1cc/0x320
[  342.195689]  dev_queue_xmit+0x18/0x20
[  342.199467]  ? dev_queue_xmit+0x18/0x20
[  342.203424]  br_dev_queue_push_xmit+0x367/0x530
[  342.208073]  br_forward_finish+0xbc/0x320
[  342.212469]  ? br_dev_queue_push_xmit+0x530/0x530
[  342.217295]  ? br_fdb_add.cold+0x84/0x84
[  342.221337]  __br_forward+0x560/0x9c0
[  342.225119]  ? br_forward_finish+0x320/0x320
[  342.229517]  ? br_dev_queue_push_xmit+0x530/0x530
[  342.234519]  deliver_clone+0x61/0xc0
[  342.238211]  br_flood+0x3c8/0x530
[  342.241650]  br_dev_xmit+0x9a4/0xd40
[  342.245345]  ? check_preemption_disabled+0x3c/0x250
[  342.250352]  ? br_poll_controller+0x10/0x10
[  342.254676]  ? rcu_lockdep_current_cpu_online+0xf2/0x140
[  342.260128]  dev_hard_start_xmit+0x18c/0x8b0
[  342.264621]  ? assoc_array_gc+0x11b0/0x11d0
[  342.268934]  __dev_queue_xmit+0x1d95/0x25e0
[  342.273263]  ? trace_hardirqs_on+0x10/0x10
[  342.277492]  ? netdev_pick_tx+0x300/0x300
[  342.281659]  ? ip6_finish_output2+0x9ab/0x21b0
[  342.286360]  ? memcpy+0x46/0x50
[  342.289652]  dev_queue_xmit+0x18/0x20
[  342.293440]  ? dev_queue_xmit+0x18/0x20
[  342.297471]  neigh_resolve_output+0x4d8/0x870
[  342.301961]  ip6_finish_output2+0x9ab/0x21b0
[  342.306368]  ? ip6_forward_finish+0x480/0x480
[  342.310846]  ? lock_downgrade+0x6e0/0x6e0
[  342.314977]  ip6_finish_output+0x4f4/0xb50
[  342.319191]  ? ip6_finish_output+0x4f4/0xb50
[  342.323591]  ip6_output+0x20f/0x6d0
[  342.327286]  ? ip6_finish_output+0xb50/0xb50
[  342.331677]  ? __lock_is_held+0xb6/0x140
[  342.335727]  ? ip6_fragment+0x32c0/0x32c0
[  342.339922]  ndisc_send_skb+0xb56/0x11e0
[  342.343970]  ? ndisc_error_report+0x190/0x190
[  342.348470]  ndisc_send_ns+0x360/0x7e0
[  342.352339]  ? ndisc_netdev_event+0x3b0/0x3b0
[  342.356820]  ? trace_hardirqs_on_caller+0x400/0x590
[  342.361832]  ? addrconf_dad_work+0x97c/0xff0
[  342.366220]  ? trace_hardirqs_on+0xd/0x10
[  342.370348]  ? __local_bh_enable_ip+0x99/0x1a0
[  342.374911]  addrconf_dad_work+0xa40/0xff0
[  342.379130]  ? addrconf_dad_completed+0xa70/0xa70
[  342.383953]  ? rcu_lockdep_current_cpu_online+0xf2/0x140
[  342.389386]  process_one_work+0x863/0x1600
[  342.394302]  ? pwq_dec_nr_in_flight+0x2e0/0x2e0
[  342.398978]  worker_thread+0x5d9/0x1050
[  342.402941]  kthread+0x319/0x430
[  342.406288]  ? process_one_work+0x1600/0x1600
[  342.410764]  ? kthread_create_on_node+0xd0/0xd0
[  342.415422]  ret_from_fork+0x24/0x30
[  342.420031] INFO: rcu_sched detected stalls on CPUs/tasks:
[  342.425691] 	1-...: (1 GPs behind) idle=33e/140000000000000/0 softirq=10143/10144 fqs=38 
[  342.433987] 	(detected by 0, t=10553 jiffies, g=696, c=695, q=9)
[  342.440128] Sending NMI from CPU 0 to CPUs 1:
[  342.445368] NMI backtrace for cpu 1
[  342.445372] CPU: 1 PID: 18 Comm: kworker/1:0 Not tainted 4.14.143 #0
[  342.445376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  342.445378] Workqueue: ipv6_addrconf addrconf_dad_work
[  342.445382] task: ffff8880a9d5e4c0 task.stack: ffff8880a9d68000
[  342.445385] RIP: 0010:__list_add_valid+0x2b/0xa0
[  342.445387] RSP: 0018:ffff8880a9d6efe8 EFLAGS: 00000246
[  342.445391] RAX: dffffc0000000000 RBX: ffff888095d6e1f8 RCX: 0000000000000000
[  342.445394] RDX: 1ffff11012badc53 RSI: ffff888095d6e290 RDI: ffff888095d6e298
[  342.445397] RBP: ffff8880a9d6f000 R08: 0000000000000000 R09: ffff8880a9d5eec8
[  342.445400] R10: ffff8880a9d5eea8 R11: ffff8880a9d5e4c0 R12: ffff888095d6e290
[  342.445403] R13: ffff888095d6e1f8 R14: ffff888095d6e290 R15: ffff888095d6e280
[  342.445406] FS:  0000000000000000(0000) GS:ffff8880aef00000(0000) knlGS:0000000000000000
[  342.445408] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  342.445411] CR2: 00000000006dab10 CR3: 000000000766a000 CR4: 00000000001406e0
[  342.445414] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  342.445417] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  342.445418] Call Trace:
[  342.445420]  hhf_dequeue+0x61b/0xa60
[  342.445422]  __qdisc_run+0x2b8/0xe00
[  342.445424]  __dev_queue_xmit+0x1571/0x25e0
[  342.445426]  ? __lock_is_held+0xb6/0x140
[  342.445428]  ? check_preemption_disabled+0x3c/0x250
[  342.445430]  ? netdev_pick_tx+0x300/0x300
[  342.445433]  ? save_trace+0x290/0x290
[  342.445435]  ? br_nf_post_routing+0x27d/0xf00
[  342.445437]  ? br_forward_finish+0x1cc/0x320
[  342.445439]  ? find_held_lock+0x35/0x130
[  342.445442]  ? br_forward_finish+0x1cc/0x320
[  342.445444]  dev_queue_xmit+0x18/0x20
[  342.445446]  ? dev_queue_xmit+0x18/0x20
[  342.445448]  br_dev_queue_push_xmit+0x367/0x530
[  342.445450]  br_forward_finish+0xbc/0x320
[  342.445453]  ? br_dev_queue_push_xmit+0x530/0x530
[  342.445455]  ? br_fdb_add.cold+0x84/0x84
[  342.445457]  __br_forward+0x560/0x9c0
[  342.445459]  ? br_forward_finish+0x320/0x320
[  342.445461]  ? br_dev_queue_push_xmit+0x530/0x530
[  342.445463]  deliver_clone+0x61/0xc0
[  342.445465]  br_flood+0x3c8/0x530
[  342.445467]  br_dev_xmit+0x9a4/0xd40
[  342.445469]  ? check_preemption_disabled+0x3c/0x250
[  342.445471]  ? br_poll_controller+0x10/0x10
[  342.445473]  ? rcu_lockdep_current_cpu_online+0xf2/0x140
[  342.445476]  dev_hard_start_xmit+0x18c/0x8b0
[  342.445478]  ? assoc_array_gc+0x11b0/0x11d0
[  342.445480]  __dev_queue_xmit+0x1d95/0x25e0
[  342.445482]  ? trace_hardirqs_on+0x10/0x10
[  342.445484]  ? netdev_pick_tx+0x300/0x300
[  342.445486]  ? ip6_finish_output2+0x9ab/0x21b0
[  342.445488]  ? memcpy+0x46/0x50
[  342.445489]  dev_queue_xmit+0x18/0x20
[  342.445491]  ? dev_queue_xmit+0x18/0x20
[  342.445493]  neigh_resolve_output+0x4d8/0x870
[  342.445495]  ip6_finish_output2+0x9ab/0x21b0
[  342.445497]  ? ip6_forward_finish+0x480/0x480
[  342.445499]  ? lock_downgrade+0x6e0/0x6e0
[  342.445502]  ip6_finish_output+0x4f4/0xb50
[  342.445504]  ? ip6_finish_output+0x4f4/0xb50
[  342.445505]  ip6_output+0x20f/0x6d0
[  342.445507]  ? ip6_finish_output+0xb50/0xb50
[  342.445509]  ? __lock_is_held+0xb6/0x140
[  342.445511]  ? ip6_fragment+0x32c0/0x32c0
[  342.445513]  ndisc_send_skb+0xb56/0x11e0
[  342.445515]  ? ndisc_error_report+0x190/0x190
[  342.445517]  ndisc_send_ns+0x360/0x7e0
[  342.445520]  ? ndisc_netdev_event+0x3b0/0x3b0
[  342.445522]  ? trace_hardirqs_on_caller+0x400/0x590
[  342.445524]  ? addrconf_dad_work+0x97c/0xff0
[  342.445526]  ? trace_hardirqs_on+0xd/0x10
[  342.445528]  ? __local_bh_enable_ip+0x99/0x1a0
[  342.445530]  addrconf_dad_work+0xa40/0xff0
[  342.445532]  ? addrconf_dad_completed+0xa70/0xa70
[  342.445534]  ? rcu_lockdep_current_cpu_online+0xf2/0x140
[  342.445536]  process_one_work+0x863/0x1600
[  342.445539]  ? pwq_dec_nr_in_flight+0x2e0/0x2e0
[  342.445541]  worker_thread+0x5d9/0x1050
[  342.445542]  kthread+0x319/0x430
[  342.445544]  ? process_one_work+0x1600/0x1600
[  342.445547]  ? kthread_create_on_node+0xd0/0xd0
[  342.445549]  ret_from_fork+0x24/0x30
[  342.445550] Code: 48 b8 00 00 00 00 00 fc ff df 55 48 89 e5 41 55 49 89 fd 48 8d 7a 08 41 54 49 89 d4 48 89 fa 48 83 ec 08 48 c1 ea 03 80 3c 02 00 <75> 52 49 8b 54 24 08 48 39 f2 0f 85 5a 01 00 00 48 b8 00 00 00 
[  342.445758] rcu_sched kthread starved for 10477 jiffies! g696 c695 f0x0 RCU_GP_WAIT_FQS(3) ->state=0x402 ->cpu=0
[  342.860085] rcu_sched       I29824     9      2 0x80000000
[  342.865715] Call Trace:
[  342.868316]  __schedule+0x7b8/0x1cd0
[  342.872027]  ? pci_mmcfg_check_reserved+0x150/0x150
[  342.877031]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  342.882136]  schedule+0x92/0x1c0
[  342.885491]  schedule_timeout+0x43e/0xe10
[  342.889632]  ? usleep_range+0x130/0x130
[  342.893767]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  342.898861]  ? prepare_to_swait+0xcc/0x100
[  342.903087]  ? call_timer_fn+0x670/0x670
[  342.907144]  rcu_gp_kthread+0xbf4/0x1ec0
[  342.911212]  ? force_qs_rnp+0x4d0/0x4d0
[  342.915179]  kthread+0x319/0x430
[  342.918530]  ? force_qs_rnp+0x4d0/0x4d0
[  342.922489]  ? kthread_create_on_node+0xd0/0xd0
[  342.927160]  ret_from_fork+0x24/0x30