[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   35.374434] random: sshd: uninitialized urandom read (32 bytes read)
[   35.659908] kauditd_printk_skb: 9 callbacks suppressed
[   35.659916] audit: type=1400 audit(1568413577.062:35): avc:  denied  { map } for  pid=6761 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
[   35.714771] random: sshd: uninitialized urandom read (32 bytes read)
[   36.223478] random: sshd: uninitialized urandom read (32 bytes read)
[  109.111198] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.0.211' (ECDSA) to the list of known hosts.
[  114.571877] random: sshd: uninitialized urandom read (32 bytes read)
[  114.690180] audit: type=1400 audit(1568413656.092:36): avc:  denied  { map } for  pid=6773 comm="syz-executor235" path="/root/syz-executor235445264" dev="sda1" ino=16482 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[  114.940920] IPVS: ftp: loaded support on port[0] = 21
[  115.756808] chnl_net:caif_netlink_parms(): no params data found
[  115.785578] bridge0: port 1(bridge_slave_0) entered blocking state
[  115.792244] bridge0: port 1(bridge_slave_0) entered disabled state
[  115.799249] device bridge_slave_0 entered promiscuous mode
[  115.806166] bridge0: port 2(bridge_slave_1) entered blocking state
[  115.812605] bridge0: port 2(bridge_slave_1) entered disabled state
[  115.819414] device bridge_slave_1 entered promiscuous mode
[  115.834149] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  115.842898] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  115.857887] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  115.865205] team0: Port device team_slave_0 added
[  115.870794] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  115.877795] team0: Port device team_slave_1 added
[  115.883108] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  115.890376] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  115.941774] device hsr_slave_0 entered promiscuous mode
[  116.020318] device hsr_slave_1 entered promiscuous mode
[  116.060511] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[  116.067369] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[  116.081000] bridge0: port 2(bridge_slave_1) entered blocking state
[  116.087417] bridge0: port 2(bridge_slave_1) entered forwarding state
[  116.094320] bridge0: port 1(bridge_slave_0) entered blocking state
[  116.100713] bridge0: port 1(bridge_slave_0) entered forwarding state
[  116.126802] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[  116.133471] 8021q: adding VLAN 0 to HW filter on device bond0
[  116.141827] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  116.149653] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  116.168204] bridge0: port 1(bridge_slave_0) entered disabled state
[  116.175467] bridge0: port 2(bridge_slave_1) entered disabled state
[  116.184979] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[  116.191335] 8021q: adding VLAN 0 to HW filter on device team0
[  116.199365] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  116.207303] bridge0: port 1(bridge_slave_0) entered blocking state
[  116.213680] bridge0: port 1(bridge_slave_0) entered forwarding state
[  116.232661] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  116.240387] bridge0: port 2(bridge_slave_1) entered blocking state
[  116.246733] bridge0: port 2(bridge_slave_1) entered forwarding state
[  116.253967] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  116.261685] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  116.269111] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  116.277400] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  116.286435] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  116.295487] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[  116.301616] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  116.313809] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
[  116.323862] 8021q: adding VLAN 0 to HW filter on device batadv0
[  221.370023] INFO: rcu_preempt self-detected stall on CPU
[  221.375520] 	1-...: (10499 ticks this GP) idle=052/140000000000001/0 softirq=9528/9528 fqs=32 
[  221.384259] 	 (t=10500 jiffies g=982 c=981 q=17)
[  221.389007] rcu_preempt kthread starved for 10435 jiffies! g982 c981 f0x0 RCU_GP_WAIT_FQS(3) ->state=0x402 ->cpu=0
[  221.399470] rcu_preempt     I29776     8      2 0x80000000
[  221.405088] Call Trace:
[  221.407666]  __schedule+0x7b8/0x1cd0
[  221.411363]  ? pci_mmcfg_check_reserved+0x150/0x150
[  221.416370]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  221.421456]  schedule+0x92/0x1c0
[  221.424804]  schedule_timeout+0x43e/0xe10
[  221.428937]  ? usleep_range+0x130/0x130
[  221.432905]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  221.438016]  ? prepare_to_swait+0xcc/0x100
[  221.442234]  ? call_timer_fn+0x670/0x670
[  221.446281]  rcu_gp_kthread+0xbf4/0x1ec0
[  221.450346]  ? force_qs_rnp+0x4d0/0x4d0
[  221.454326]  kthread+0x319/0x430
[  221.457672]  ? force_qs_rnp+0x4d0/0x4d0
[  221.461635]  ? kthread_create_on_node+0xd0/0xd0
[  221.466291]  ret_from_fork+0x24/0x30
[  221.470151] NMI backtrace for cpu 1
[  221.473945] CPU: 1 PID: 6777 Comm: kworker/1:3 Not tainted 4.14.143 #0
[  221.480598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  221.489958] Workqueue: ipv6_addrconf addrconf_dad_work
[  221.495239] Call Trace:
[  221.497801]  <IRQ>
[  221.499939]  dump_stack+0x138/0x197
[  221.503551]  nmi_cpu_backtrace.cold+0x57/0x94
[  221.508032]  ? irq_force_complete_move.cold+0x7d/0x7d
[  221.513221]  nmi_trigger_cpumask_backtrace+0x141/0x189
[  221.518484]  arch_trigger_cpumask_backtrace+0x14/0x20
[  221.523664]  rcu_dump_cpu_stacks+0x186/0x1d2
[  221.528069]  rcu_check_callbacks.cold+0x43d/0xd0a
[  221.532894]  ? rcu_lockdep_current_cpu_online+0xf2/0x140
[  221.538331]  update_process_times+0x31/0x70
[  221.542648]  tick_sched_handle+0x85/0x160
[  221.546778]  tick_sched_timer+0x43/0x130
[  221.550820]  __hrtimer_run_queues+0x270/0xbc0
[  221.555298]  ? tick_sched_do_timer+0xe0/0xe0
[  221.559689]  ? hrtimer_start_range_ns+0x10d0/0x10d0
[  221.564689]  hrtimer_interrupt+0x1d8/0x5d0
[  221.568915]  smp_apic_timer_interrupt+0x11c/0x5e0
[  221.573742]  apic_timer_interrupt+0x96/0xa0
[  221.578043]  </IRQ>
[  221.580262] RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x60
[  221.585610] RSP: 0018:ffff8880a8a6f548 EFLAGS: 00000212 ORIG_RAX: ffffffffffffff10
[  221.593310] RAX: ffff888081ae3d38 RBX: ffff888081ae3d38 RCX: 0000000000000000
[  221.600572] RDX: 0000000000000000 RSI: ffff888081ae3dd0 RDI: ffff888081ae3d40
[  221.607825] RBP: ffff8880a8a6f5a0 R08: 0000000000000000 R09: ffff888089be2fb8
[  221.615075] R10: ffff888089be2f98 R11: ffff888089be2600 R12: dffffc0000000000
[  221.622341] R13: ffff888081ae3b40 R14: ffff888081ae3dd0 R15: ffff888081ae3dc0
[  221.629616]  ? hhf_dequeue+0x75/0xa60
[  221.633406]  __qdisc_run+0x2b8/0xe00
[  221.637119]  __dev_queue_xmit+0x1571/0x25e0
[  221.641425]  ? trace_hardirqs_on+0x10/0x10
[  221.645645]  ? netdev_pick_tx+0x300/0x300
[  221.649784]  ? ip6_finish_output2+0x9ab/0x21b0
[  221.654349]  ? memcpy+0x46/0x50
[  221.657614]  dev_queue_xmit+0x18/0x20
[  221.661395]  ? dev_queue_xmit+0x18/0x20
[  221.665351]  neigh_resolve_output+0x4d8/0x870
[  221.669831]  ip6_finish_output2+0x9ab/0x21b0
[  221.674235]  ? ip6_forward_finish+0x480/0x480
[  221.678711]  ? lock_downgrade+0x6e0/0x6e0
[  221.682841]  ip6_finish_output+0x4f4/0xb50
[  221.687067]  ? ip6_finish_output+0x4f4/0xb50
[  221.691461]  ip6_output+0x20f/0x6d0
[  221.695080]  ? ip6_finish_output+0xb50/0xb50
[  221.699470]  ? __lock_is_held+0xb6/0x140
[  221.703510]  ? ip6_fragment+0x32c0/0x32c0
[  221.707644]  ndisc_send_skb+0xb56/0x11e0
[  221.711690]  ? ndisc_error_report+0x190/0x190
[  221.716186]  ndisc_send_ns+0x360/0x7e0
[  221.720084]  ? ndisc_netdev_event+0x3b0/0x3b0
[  221.724572]  ? trace_hardirqs_on_caller+0x400/0x590
[  221.729572]  ? addrconf_dad_work+0x97c/0xff0
[  221.733966]  ? trace_hardirqs_on+0xd/0x10
[  221.738198]  ? __local_bh_enable_ip+0x99/0x1a0
[  221.742765]  addrconf_dad_work+0xa40/0xff0
[  221.746984]  ? addrconf_dad_completed+0xa70/0xa70
[  221.751805]  ? rcu_lockdep_current_cpu_online+0xf2/0x140
[  221.757237]  process_one_work+0x863/0x1600
[  221.761457]  ? pwq_dec_nr_in_flight+0x2e0/0x2e0
[  221.766111]  worker_thread+0x5d9/0x1050
[  221.770101]  kthread+0x319/0x430
[  221.773459]  ? process_one_work+0x1600/0x1600
[  221.777953]  ? kthread_create_on_node+0xd0/0xd0
[  221.782628]  ret_from_fork+0x24/0x30
[  221.790031] INFO: rcu_sched detected stalls on CPUs/tasks:
[  221.795725] 	1-...: (10501 ticks this GP) idle=052/140000000000000/0 softirq=9528/9528 fqs=33 
[  221.804458] 	(detected by 0, t=10543 jiffies, g=688, c=687, q=0)
[  221.810605] Sending NMI from CPU 0 to CPUs 1:
[  221.815507] NMI backtrace for cpu 1
[  221.815511] CPU: 1 PID: 6777 Comm: kworker/1:3 Not tainted 4.14.143 #0
[  221.815514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  221.815517] Workqueue: ipv6_addrconf addrconf_dad_work
[  221.815521] task: ffff888089be2600 task.stack: ffff8880a8a68000
[  221.815523] RIP: 0010:hhf_dequeue+0x67/0xa60
[  221.815525] RSP: 0018:ffff8880a8a6f550 EFLAGS: 00000246
[  221.815529] RAX: ffff888081ae3dc0 RBX: ffff888081ae3d38 RCX: 0000000000000000
[  221.815532] RDX: 0000000000000000 RSI: ffff888081ae3dd0 RDI: ffff888081ae3d40
[  221.815535] RBP: ffff8880a8a6f5a0 R08: 0000000000000000 R09: ffff888089be2fb8
[  221.815538] R10: ffff888089be2f98 R11: ffff888089be2600 R12: dffffc0000000000
[  221.815540] R13: ffff888081ae3b40 R14: ffff888081ae3dc0 R15: ffff888081ae3dc0
[  221.815543] FS:  0000000000000000(0000) GS:ffff8880aef00000(0000) knlGS:0000000000000000
[  221.815546] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  221.815549] CR2: 00000000004c7368 CR3: 000000000766a000 CR4: 00000000001406e0
[  221.815551] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  221.815554] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  221.815556] Call Trace:
[  221.815558]  __qdisc_run+0x2b8/0xe00
[  221.815560]  __dev_queue_xmit+0x1571/0x25e0
[  221.815562]  ? trace_hardirqs_on+0x10/0x10
[  221.815563]  ? netdev_pick_tx+0x300/0x300
[  221.815566]  ? ip6_finish_output2+0x9ab/0x21b0
[  221.815567]  ? memcpy+0x46/0x50
[  221.815569]  dev_queue_xmit+0x18/0x20
[  221.815571]  ? dev_queue_xmit+0x18/0x20
[  221.815573]  neigh_resolve_output+0x4d8/0x870
[  221.815576]  ip6_finish_output2+0x9ab/0x21b0
[  221.815578]  ? ip6_forward_finish+0x480/0x480
[  221.815580]  ? lock_downgrade+0x6e0/0x6e0
[  221.815582]  ip6_finish_output+0x4f4/0xb50
[  221.815584]  ? ip6_finish_output+0x4f4/0xb50
[  221.815586]  ip6_output+0x20f/0x6d0
[  221.815587]  ? ip6_finish_output+0xb50/0xb50
[  221.815590]  ? __lock_is_held+0xb6/0x140
[  221.815592]  ? ip6_fragment+0x32c0/0x32c0
[  221.815594]  ndisc_send_skb+0xb56/0x11e0
[  221.815596]  ? ndisc_error_report+0x190/0x190
[  221.815598]  ndisc_send_ns+0x360/0x7e0
[  221.815600]  ? ndisc_netdev_event+0x3b0/0x3b0
[  221.815602]  ? trace_hardirqs_on_caller+0x400/0x590
[  221.815604]  ? addrconf_dad_work+0x97c/0xff0
[  221.815606]  ? trace_hardirqs_on+0xd/0x10
[  221.815608]  ? __local_bh_enable_ip+0x99/0x1a0
[  221.815610]  addrconf_dad_work+0xa40/0xff0
[  221.815612]  ? addrconf_dad_completed+0xa70/0xa70
[  221.815615]  ? rcu_lockdep_current_cpu_online+0xf2/0x140
[  221.815617]  process_one_work+0x863/0x1600
[  221.815619]  ? pwq_dec_nr_in_flight+0x2e0/0x2e0
[  221.815621]  worker_thread+0x5d9/0x1050
[  221.815622]  kthread+0x319/0x430
[  221.815624]  ? process_one_work+0x1600/0x1600
[  221.815627]  ? kthread_create_on_node+0xd0/0xd0
[  221.815628]  ret_from_fork+0x24/0x30
[  221.815630] Code: 02 00 00 48 89 45 d0 48 c1 e8 03 48 89 45 c0 e8 80 51 6d fc 48 8b 45 c8 80 38 00 0f 85 53 07 00 00 49 8b 85 80 02 00 00 4d 89 fe <49> 39 c7 0f 84 3e 04 00 00 e8 5b 51 6d fc 4c 89 f0 48 c1 e8 03 
[  221.816122] rcu_sched kthread starved for 10478 jiffies! g688 c687 f0x0 RCU_GP_WAIT_FQS(3) ->state=0x402 ->cpu=0
[  222.113481] rcu_sched       I29824     9      2 0x80000000
[  222.119111] Call Trace:
[  222.121698]  __schedule+0x7b8/0x1cd0
[  222.125407]  ? pci_mmcfg_check_reserved+0x150/0x150
[  222.130451]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  222.135548]  schedule+0x92/0x1c0
[  222.138902]  schedule_timeout+0x43e/0xe10
[  222.143041]  ? usleep_range+0x130/0x130
[  222.147005]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  222.152100]  ? prepare_to_swait+0xcc/0x100
[  222.156331]  ? call_timer_fn+0x670/0x670
[  222.160392]  rcu_gp_kthread+0xbf4/0x1ec0
[  222.164545]  ? force_qs_rnp+0x4d0/0x4d0
[  222.168513]  kthread+0x319/0x430
[  222.171869]  ? force_qs_rnp+0x4d0/0x4d0
[  222.175838]  ? kthread_create_on_node+0xd0/0xd0
[  222.180509]  ret_from_fork+0x24/0x30