[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   33.323791] random: sshd: uninitialized urandom read (32 bytes read)
[   33.672252] kauditd_printk_skb: 9 callbacks suppressed
[   33.672260] audit: type=1400 audit(1561903725.709:35): avc:  denied  { map } for  pid=6861 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
[   33.728058] random: sshd: uninitialized urandom read (32 bytes read)
[   34.272687] random: sshd: uninitialized urandom read (32 bytes read)
[   34.455081] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.0.110' (ECDSA) to the list of known hosts.
[   40.023923] random: sshd: uninitialized urandom read (32 bytes read)
[   40.202303] audit: type=1400 audit(1561903732.239:36): avc:  denied  { map } for  pid=6874 comm="syz-execprog" path="/root/syz-execprog" dev="sda1" ino=16482 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
2019/06/30 14:08:53 parsed 1 programs
[   41.019079] audit: type=1400 audit(1561903733.049:37): avc:  denied  { map } for  pid=6874 comm="syz-execprog" path="/sys/kernel/debug/kcov" dev="debugfs" ino=13775 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1
[   41.822721] random: cc1: uninitialized urandom read (8 bytes read)
2019/06/30 14:08:54 executed programs: 0
[   42.903929] audit: type=1400 audit(1561903734.939:38): avc:  denied  { map } for  pid=6874 comm="syz-execprog" path="/root/syzkaller-shm626971968" dev="sda1" ino=16486 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1
[   43.640298] IPVS: ftp: loaded support on port[0] = 21
[   43.955524] chnl_net:caif_netlink_parms(): no params data found
[   43.984014] bridge0: port 1(bridge_slave_0) entered blocking state
[   43.990726] bridge0: port 1(bridge_slave_0) entered disabled state
[   43.997793] device bridge_slave_0 entered promiscuous mode
[   44.005094] bridge0: port 2(bridge_slave_1) entered blocking state
[   44.011679] bridge0: port 2(bridge_slave_1) entered disabled state
[   44.018486] device bridge_slave_1 entered promiscuous mode
[   44.032025] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   44.040673] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   44.055442] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   44.063061] team0: Port device team_slave_0 added
[   44.068775] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   44.075886] team0: Port device team_slave_1 added
[   44.081471] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   44.088777] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   44.141818] device hsr_slave_0 entered promiscuous mode
[   44.180325] device hsr_slave_1 entered promiscuous mode
[   44.230560] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[   44.237641] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[   44.250660] bridge0: port 2(bridge_slave_1) entered blocking state
[   44.257080] bridge0: port 2(bridge_slave_1) entered forwarding state
[   44.263892] bridge0: port 1(bridge_slave_0) entered blocking state
[   44.270432] bridge0: port 1(bridge_slave_0) entered forwarding state
[   44.295381] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[   44.302168] 8021q: adding VLAN 0 to HW filter on device bond0
[   44.309906] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   44.318819] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   44.337866] bridge0: port 1(bridge_slave_0) entered disabled state
[   44.345091] bridge0: port 2(bridge_slave_1) entered disabled state
[   44.355073] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[   44.361416] 8021q: adding VLAN 0 to HW filter on device team0
[   44.369523] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   44.377522] bridge0: port 1(bridge_slave_0) entered blocking state
[   44.383905] bridge0: port 1(bridge_slave_0) entered forwarding state
[   44.401267] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   44.408841] bridge0: port 2(bridge_slave_1) entered blocking state
[   44.415467] bridge0: port 2(bridge_slave_1) entered forwarding state
[   44.422663] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   44.430755] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   44.438137] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   44.446025] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   44.454877] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   44.464357] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[   44.470790] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   44.482760] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
[   44.492905] 8021q: adding VLAN 0 to HW filter on device batadv0
[   44.950700] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   45.817878] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pig=6905 comm=syz-executor.0
[   45.830609] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pig=6905 comm=syz-executor.0
[   45.843015] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pig=6905 comm=syz-executor.0
[   45.855436] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pig=6905 comm=syz-executor.0
[   45.867971] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pig=6905 comm=syz-executor.0
[   45.880305] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pig=6905 comm=syz-executor.0
[   45.892708] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pig=6905 comm=syz-executor.0
[   45.905240] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pig=6905 comm=syz-executor.0
[   45.917699] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pig=6905 comm=syz-executor.0
[   45.930522] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pig=6905 comm=syz-executor.0
2019/06/30 14:09:00 executed programs: 5
[   48.785315] kasan: CONFIG_KASAN_INLINE enabled
[   48.790226] kasan: GPF could be caused by NULL-ptr deref or user memory access
[   48.797577] general protection fault: 0000 [#1] PREEMPT SMP KASAN
[   48.803786] Modules linked in:
[   48.806957] CPU: 0 PID: 6926 Comm: syz-executor.0 Not tainted 4.14.131 #25
[   48.813970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   48.823308] task: ffff88808e4f6200 task.stack: ffff888086f38000
[   48.829351] RIP: 0010:__smc_diag_dump.isra.0+0x342/0x17b0
[   48.834886] RSP: 0018:ffff888086f3f340 EFLAGS: 00010203
[   48.840229] RAX: dffffc0000000000 RBX: ffff8880861a0a80 RCX: 0000000000000001
[   48.847477] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000e
[   48.854744] RBP: ffff888086f3f518 R08: 0000000000000040 R09: ffff8880861a0ad0
[   48.861993] R10: ffff88808e4f6b20 R11: ffff88808e4f6200 R12: ffff888086f3f4f0
[   48.869241] R13: ffff8880a7f6cf90 R14: ffff88807f5520c0 R15: ffff88807f552510
[   48.876495] FS:  00007f78e6bf0700(0000) GS:ffff8880aee00000(0000) knlGS:0000000000000000
[   48.884716] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   48.890575] CR2: 0000000000000000 CR3: 0000000089cc5000 CR4: 00000000001406f0
[   48.897826] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   48.905075] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   48.912323] Call Trace:
[   48.914892]  ? smc_diag_handler_dump+0x200/0x200
[   48.919629]  ? rcu_lockdep_current_cpu_online+0xf2/0x140
[   48.925069]  ? __kmalloc_node_track_caller+0x3d/0x80
[   48.930164]  ? rcu_read_lock_sched_held+0x110/0x130
[   48.935159]  ? kmem_cache_alloc_node_trace+0x379/0x770
[   48.940413]  ? kasan_unpoison_shadow+0x35/0x50
[   48.944972]  ? kasan_kmalloc+0xce/0xf0
[   48.948840]  ? lock_acquire+0x16f/0x430
[   48.952792]  ? smc_diag_dump+0x8d/0x2a0
[   48.956750]  smc_diag_dump+0x1e5/0x2a0
[   48.960620]  netlink_dump+0x3fa/0xb10
[   48.964414]  __netlink_dump_start+0x4ff/0x750
[   48.968888]  smc_diag_handler_dump+0x1b7/0x200
[   48.973550]  ? smc_gid_be16_convert+0x2c0/0x2c0
[   48.978198]  ? __smc_diag_dump.isra.0+0x17b0/0x17b0
[   48.983198]  sock_diag_rcv_msg+0x29e/0x3a0
[   48.987409]  netlink_rcv_skb+0x14f/0x3c0
[   48.991451]  ? sock_diag_bind+0x90/0x90
[   48.995401]  ? netlink_ack+0x9a0/0x9a0
[   48.999268]  sock_diag_rcv+0x2b/0x40
[   49.002959]  netlink_unicast+0x45d/0x780
[   49.006996]  ? netlink_attachskb+0x6a0/0x6a0
[   49.011383]  ? security_netlink_send+0x81/0xb0
[   49.015940]  netlink_sendmsg+0x7c4/0xc60
[   49.019978]  ? netlink_unicast+0x780/0x780
[   49.024188]  ? security_socket_sendmsg+0x89/0xb0
[   49.028918]  ? netlink_unicast+0x780/0x780
[   49.033129]  sock_sendmsg+0xce/0x110
[   49.036820]  kernel_sendmsg+0x44/0x50
[   49.040601]  sock_no_sendpage+0x107/0x130
[   49.044727]  ? sock_kzfree_s+0x50/0x50
[   49.048597]  ? pipe_lock+0x63/0x80
[   49.052120]  kernel_sendpage+0x92/0xf0
[   49.055982]  ? sock_kzfree_s+0x50/0x50
[   49.059846]  sock_sendpage+0x8b/0xc0
[   49.063538]  ? kernel_sendpage+0xf0/0xf0
[   49.067577]  pipe_to_sendpage+0x242/0x340
[   49.071706]  ? direct_splice_actor+0x190/0x190
[   49.076267]  __splice_from_pipe+0x348/0x780
[   49.080584]  ? direct_splice_actor+0x190/0x190
[   49.085159]  ? direct_splice_actor+0x190/0x190
[   49.089718]  splice_from_pipe+0xf0/0x150
[   49.093756]  ? splice_shrink_spd+0xb0/0xb0
[   49.097972]  ? security_file_permission+0x89/0x1f0
[   49.102882]  generic_splice_sendpage+0x3c/0x50
[   49.107439]  ? splice_from_pipe+0x150/0x150
[   49.111736]  SyS_splice+0xd92/0x1430
[   49.115427]  ? put_timespec64+0xb4/0x100
[   49.119465]  ? compat_SyS_vmsplice+0x250/0x250
[   49.124112]  ? do_syscall_64+0x53/0x640
[   49.128073]  ? compat_SyS_vmsplice+0x250/0x250
[   49.132634]  do_syscall_64+0x1e8/0x640
[   49.136497]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   49.141330]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   49.146510] RIP: 0033:0x459519
[   49.149676] RSP: 002b:00007f78e6befc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113
[   49.157368] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000459519
[   49.164617] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000005
[   49.171876] RBP: 000000000075bf20 R08: 0000000080000001 R09: 0000000000000000
[   49.179129] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f78e6bf06d4
[   49.186375] R13: 00000000004c8a66 R14: 00000000004deb70 R15: 00000000ffffffff
[   49.193622] Code: 20 48 89 f9 48 c1 e9 03 80 3c 11 00 0f 85 b2 13 00 00 48 8b 50 20 48 b8 00 00 00 00 00 fc ff df 48 8d 7a 0e 48 89 f9 48 c1 e9 03 <0f> b6 0c 01 48 89 f8 83 e0 07 83 c0 01 38 c8 7c 08 84 c9 0f 85 
[   49.214206] RIP: __smc_diag_dump.isra.0+0x342/0x17b0 RSP: ffff888086f3f340
[   49.221444] ---[ end trace 67dbbfbcb961c26b ]---
[   49.226185] Kernel panic - not syncing: Fatal exception
[   49.232751] Kernel Offset: disabled
[   49.236380] Rebooting in 86400 seconds..