[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   32.675999] random: sshd: uninitialized urandom read (32 bytes read)
[   32.988250] kauditd_printk_skb: 10 callbacks suppressed
[   32.988257] audit: type=1400 audit(1565212426.160:35): avc:  denied  { map } for  pid=6957 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
[   33.044450] random: sshd: uninitialized urandom read (32 bytes read)
[   33.555669] random: sshd: uninitialized urandom read (32 bytes read)
[   33.735131] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.1.25' (ECDSA) to the list of known hosts.
[   39.255342] random: sshd: uninitialized urandom read (32 bytes read)
executing program
[   39.371075] audit: type=1400 audit(1565212432.550:36): avc:  denied  { map } for  pid=6970 comm="syz-executor061" path="/root/syz-executor061692848" dev="sda1" ino=16483 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[   39.375922] 
[   39.398425] audit: type=1400 audit(1565212432.550:37): avc:  denied  { create } for  pid=6970 comm="syz-executor061" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
[   39.399325] =============================
[   39.423598] audit: type=1400 audit(1565212432.550:38): avc:  denied  { write } for  pid=6970 comm="syz-executor061" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
[   39.428369] WARNING: suspicious RCU usage
[   39.452041] audit: type=1400 audit(1565212432.550:39): avc:  denied  { read } for  pid=6970 comm="syz-executor061" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
[   39.480434] 4.14.137 #33 Not tainted
[   39.484137] -----------------------------
[   39.488279] net/tipc/bearer.c:177 suspicious rcu_dereference_protected() usage!
[   39.496298] 
[   39.496298] other info that might help us debug this:
[   39.496298] 
[   39.504521] 
[   39.504521] rcu_scheduler_active = 2, debug_locks = 1
[   39.511532] 2 locks held by syz-executor061/6970:
[   39.516354]  #0:  (cb_lock){++++}, at: [<ffffffff84f4e92a>] genl_rcv+0x1a/0x40
[   39.523814]  #1:  (genl_mutex){+.+.}, at: [<ffffffff84f4f699>] genl_rcv_msg+0x119/0x150
[   39.532031] 
[   39.532031] stack backtrace:
[   39.536527] CPU: 0 PID: 6970 Comm: syz-executor061 Not tainted 4.14.137 #33
[   39.543609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   39.552962] Call Trace:
[   39.555616]  dump_stack+0x138/0x19c
[   39.559226]  lockdep_rcu_suspicious+0x153/0x15d
[   39.563880]  tipc_bearer_find+0x20a/0x300
[   39.568008]  tipc_nl_compat_link_set+0x433/0xbf0
[   39.572741]  tipc_nl_compat_doit+0x16b/0x510
[   39.577144]  ? security_capable+0x8e/0xc0
[   39.581280]  ? tipc_nl_compat_link_stat_dump+0x2080/0x2080
[   39.586908]  ? ns_capable_common+0x12c/0x160
[   39.591298]  ? ns_capable+0x23/0x30
[   39.594903]  ? __netlink_ns_capable+0xe2/0x130
[   39.599479]  tipc_nl_compat_recv+0x9b8/0xaf0
[   39.603954]  ? __lock_is_held+0xb6/0x140
[   39.608016]  ? tipc_nl_compat_doit+0x510/0x510
[   39.612610]  ? tipc_nl_node_dump+0xc90/0xc90
[   39.616998]  ? tipc_nl_compat_bearer_enable+0x570/0x570
[   39.622431]  ? genl_rcv_msg+0x119/0x150
[   39.626386]  ? genl_rcv_msg+0x119/0x150
[   39.630343]  genl_family_rcv_msg+0x614/0xc30
[   39.635109]  ? genl_rcv+0x40/0x40
[   39.638564]  genl_rcv_msg+0xb4/0x150
[   39.642285]  netlink_rcv_skb+0x14f/0x3c0
[   39.646341]  ? genl_family_rcv_msg+0xc30/0xc30
[   39.650922]  ? netlink_ack+0x9a0/0x9a0
[   39.654790]  ? genl_rcv+0x1a/0x40
[   39.658421]  genl_rcv+0x29/0x40
[   39.661687]  netlink_unicast+0x45d/0x640
[   39.665731]  ? netlink_attachskb+0x6a0/0x6a0
[   39.670119]  ? security_netlink_send+0x81/0xb0
[   39.674694]  netlink_sendmsg+0x7c4/0xc60
[   39.678752]  ? netlink_unicast+0x640/0x640
[   39.682982]  ? security_socket_sendmsg+0x89/0xb0
[   39.687729]  ? netlink_unicast+0x640/0x640
[   39.691960]  sock_sendmsg+0xce/0x110
[   39.695656]  ___sys_sendmsg+0x70a/0x840
[   39.699611]  ? copy_msghdr_from_user+0x3f0/0x3f0
[   39.704348]  ? __lock_acquire+0x5f7/0x4620
[   39.708577]  ? save_trace+0x290/0x290
[   39.712362]  ? trace_hardirqs_on+0x10/0x10
[   39.716607]  ? save_trace+0x290/0x290
[   39.720405]  ? lock_downgrade+0x6e0/0x6e0
[   39.724558]  ? task_work_run+0xf0/0x190
[   39.728523]  ? __fget_light+0x172/0x1f0
[   39.732489]  ? __fdget+0x1b/0x20
[   39.735837]  ? sockfd_lookup_light+0xb4/0x160
[   39.740315]  __sys_sendmsg+0xb9/0x140
[   39.744096]  ? SyS_shutdown+0x170/0x170
[   39.748061]  ? trace_hardirqs_on_caller+0x400/0x590
[   39.753076]  SyS_sendmsg+0x2d/0x50
[   39.756609]  ? __sys_sendmsg+0x140/0x140
[   39.760656]  do_syscall_64+0x1e8/0x640
[   39.764535]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   39.769365]  entry_SYSCALL_64_after_hw