[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   33.375025] random: sshd: uninitialized urandom read (32 bytes read)
[   33.628337] kauditd_printk_skb: 9 callbacks suppressed
[   33.628345] audit: type=1400 audit(1575832081.794:35): avc:  denied  { map } for  pid=6918 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
[   33.686007] random: sshd: uninitialized urandom read (32 bytes read)
[   34.222251] random: sshd: uninitialized urandom read (32 bytes read)
[   34.406027] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.0.41' (ECDSA) to the list of known hosts.
[   39.888854] random: sshd: uninitialized urandom read (32 bytes read)
[   40.078159] audit: type=1400 audit(1575832088.244:36): avc:  denied  { map } for  pid=6931 comm="syz-execprog" path="/root/syz-execprog" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
2019/12/08 19:08:08 parsed 1 programs
[   40.543080] random: cc1: uninitialized urandom read (8 bytes read)
2019/12/08 19:08:09 executed programs: 0
[   41.179697] audit: type=1400 audit(1575832089.344:37): avc:  denied  { map } for  pid=6931 comm="syz-execprog" path="/sys/kernel/debug/kcov" dev="debugfs" ino=15709 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1
[   41.224327] audit: type=1400 audit(1575832089.394:38): avc:  denied  { map } for  pid=6931 comm="syz-execprog" path="/root/syzkaller-shm378303361" dev="sda1" ino=16484 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1
[   41.530938] IPVS: ftp: loaded support on port[0] = 21
[   42.418030] chnl_net:caif_netlink_parms(): no params data found
[   42.453252] bridge0: port 1(bridge_slave_0) entered blocking state
[   42.460891] bridge0: port 1(bridge_slave_0) entered disabled state
[   42.468270] device bridge_slave_0 entered promiscuous mode
[   42.475821] bridge0: port 2(bridge_slave_1) entered blocking state
[   42.482581] bridge0: port 2(bridge_slave_1) entered disabled state
[   42.489550] device bridge_slave_1 entered promiscuous mode
[   42.504900] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   42.514269] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   42.530257] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   42.537722] team0: Port device team_slave_0 added
[   42.543462] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   42.550760] team0: Port device team_slave_1 added
[   42.556295] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[   42.564044] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[   42.622346] device hsr_slave_0 entered promiscuous mode
[   42.660517] device hsr_slave_1 entered promiscuous mode
[   42.701027] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[   42.708205] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[   42.722935] bridge0: port 2(bridge_slave_1) entered blocking state
[   42.729393] bridge0: port 2(bridge_slave_1) entered forwarding state
[   42.736628] bridge0: port 1(bridge_slave_0) entered blocking state
[   42.742995] bridge0: port 1(bridge_slave_0) entered forwarding state
[   42.771608] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[   42.777701] 8021q: adding VLAN 0 to HW filter on device bond0
[   42.786543] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   42.795716] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   42.814873] bridge0: port 1(bridge_slave_0) entered disabled state
[   42.822517] bridge0: port 2(bridge_slave_1) entered disabled state
[   42.832730] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[   42.839028] 8021q: adding VLAN 0 to HW filter on device team0
[   42.847642] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   42.855605] bridge0: port 1(bridge_slave_0) entered blocking state
[   42.862111] bridge0: port 1(bridge_slave_0) entered forwarding state
[   42.872238] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   42.879756] bridge0: port 2(bridge_slave_1) entered blocking state
[   42.886133] bridge0: port 2(bridge_slave_1) entered forwarding state
[   42.901024] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   42.908737] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   42.918172] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   42.930392] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   42.940724] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   42.951601] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[   42.957943] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   42.965703] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   42.973307] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   42.985529] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready
[   42.993349] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   43.000640] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   43.010655] 8021q: adding VLAN 0 to HW filter on device batadv0
[   43.420422] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   43.928164] sp0: Synchronizing with TNC
[   43.934484] sp0: Found TNC
[   44.035588] sp0: Synchronizing with TNC
[   44.052138] sp0: Found TNC
[   44.167675] sp0: Synchronizing with TNC
[   44.192483] sp0: Found TNC
[   44.293262] sp0: Synchronizing with TNC
[   44.309237] sp0: Found TNC
[   44.469992] sp0: Synchronizing with TNC
[   44.499333] sp0: Found TNC
[   44.620717] sp0: Synchronizing with TNC
[   44.642698] sp0: Found TNC
[   44.806946] sp0: Synchronizing with TNC
[   44.832365] sp0: Found TNC
[   44.921469] sp0: Synchronizing with TNC
[   44.954947] sp0: Found TNC
[   45.081048] sp0: Synchronizing with TNC
[   45.085992] sp0: Found TNC
[   45.201547] sp0: Synchronizing with TNC
[   45.237483] sp0: Found TNC
[   45.391130] sp0: Synchronizing with TNC
[   45.416784] sp0: Found TNC
[   45.519485] sp0: Synchronizing with TNC
[   45.543942] sp0: Found TNC
[   45.765604] sp0: Synchronizing with TNC
[   45.783445] sp0: Found TNC
[   45.914442] sp0: Synchronizing with TNC
[   45.945443] sp0: Found TNC
[   46.106725] sp0: Synchronizing with TNC
[   46.132642] sp0: Found TNC
[   46.259928] sp0: Synchronizing with TNC
[   46.291203] sp0: Found TNC
2019/12/08 19:08:14 executed programs: 8
[   46.404721] sp0: Synchronizing with TNC
[   46.431955] sp0: Found TNC
[   46.552871] sp0: Synchronizing with TNC
[   46.581444] sp0: Found TNC
[   46.751748] sp0: Synchronizing with TNC
[   46.778768] sp0: Found TNC
[   46.892151] sp0: Synchronizing with TNC
[   46.917893] sp0: Found TNC
[   47.081615] sp0: Synchronizing with TNC
[   47.112106] sp0: Found TNC
[   47.184489] sp0: Synchronizing with TNC
[   47.213464] sp0: Found TNC
[   47.391539] sp0: Synchronizing with TNC
[   47.421547] sp0: Found TNC
[   47.503051] sp0: Synchronizing with TNC
[   47.537156] sp0: Found TNC
[   47.707812] sp0: Synchronizing with TNC
[   47.732148] sp0: Found TNC
[   47.914154] sp0: Synchronizing with TNC
[   47.939188] sp0: Found TNC
[   48.064916] sp0: Synchronizing with TNC
[   48.091039] sp0: Found TNC
[   48.262115] sp0: Synchronizing with TNC
[   48.299950] sp0: Found TNC
[   48.407281] sp0: Synchronizing with TNC
[   48.430307] sp0: Found TNC
[   48.575233] sp0: Synchronizing with TNC
[   48.595052] sp0: Found TNC
[   48.657729] sp0: Synchronizing with TNC
[   48.677731] sp0: Found TNC
[   48.843157] sp0: Synchronizing with TNC
[   48.869155] sp0: Found TNC
[   49.063621] sp0: Synchronizing with TNC
[   49.108369] sp0: Found TNC
[   49.314189] sp0: Synchronizing with TNC
[   49.330996] sp0: Found TNC
[   49.447439] sp0: Synchronizing with TNC
[   49.464150] sp0: Found TNC
[   49.623800] sp0: Synchronizing with TNC
[   49.636162] sp0: Found TNC
[   49.771177] sp0: Synchronizing with TNC
[   49.783097] sp0: Found TNC
[   49.917430] sp0: Synchronizing with TNC
[   49.931077] sp0: Found TNC
[   49.973867] sp0: Synchronizing with TNC
[   50.002107] sp0: Found TNC
[   50.149816] sp0: Synchronizing with TNC
[   50.181080] sp0: Found TNC
[   50.271292] sp0: Synchronizing with TNC
[   50.276243] sp0: Found TNC
[   50.546835] sp0: Synchronizing with TNC
[   50.573218] sp0: Found TNC
[   50.728302] sp0: Synchronizing with TNC
[   50.842335] sp0: Synchronizing with TNC
[   50.871723] sp0: Found TNC
[   51.012585] sp0: Synchronizing with TNC
[   51.056485] sp0: Found TNC
[   51.222255] sp0: Synchronizing with TNC
[   51.241690] sp0: Found TNC
[   51.357988] sp0: Synchronizing with TNC
[   51.381918] sp0: Found TNC
2019/12/08 19:08:19 executed programs: 25
[   51.578456] sp0: Synchronizing with TNC
[   51.600521] sp0: Found TNC
[   51.630836] ------------[ cut here ]------------
[   51.635632] kernel BUG at kernel/time/timer.c:1089!
[   51.671253] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[   51.676656] Modules linked in:
[   51.679853] CPU: 0 PID: 2201 Comm: kworker/u4:3 Not tainted 4.14.158-syzkaller #0
[   51.687472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   51.696834] Workqueue: events_unbound flush_to_ldisc
[   51.701938] task: ffff8880a400a480 task.stack: ffff8880a4018000
[   51.708002] RIP: 0010:add_timer+0x689/0xae0
[   51.712319] RSP: 0018:ffff8880a401fb38 EFLAGS: 00010297
[   51.718284] RAX: ffff8880a400a480 RBX: ffff8880a401fba8 RCX: 0000000000000000
[   51.725556] RDX: 0000000000000000 RSI: ffff8880a400ad78 RDI: ffff8880a506f388
[   51.732826] RBP: ffff8880a401fbd0 R08: ffff8880a400a480 R09: ffff8880a400ad98
[   51.740270] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8880a506f380
[   51.747540] R13: dffffc0000000000 R14: ffff8880876e8f4b R15: ffff8880a506f380
[   51.754812] FS:  0000000000000000(0000) GS:ffff8880aec00000(0000) knlGS:0000000000000000
[   51.763384] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   51.769259] CR2: 000000000250a728 CR3: 000000009111e000 CR4: 00000000001406f0
[   51.776530] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   51.783800] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   51.791677] Call Trace:
[   51.794270]  ? _raw_spin_unlock_irqrestore+0xbd/0xe0
[   51.800339]  ? mod_timer+0xeb0/0xeb0
[   51.804052]  ? pty_write+0x6b/0x1d0
[   51.807705]  sixpack_receive_buf+0xc9a/0x1170
[   51.812228]  ? decode_data.part.0+0x270/0x270
[   51.816822]  tty_ldisc_receive_buf+0x14d/0x1a0
[   51.821389]  tty_port_default_receive_buf+0x73/0xa0
[   51.826691]  flush_to_ldisc+0x1ec/0x400
[   51.830672]  process_one_work+0x863/0x1600
[   51.834901]  ? pwq_dec_nr_in_flight+0x2e0/0x2e0
[   51.839563]  worker_thread+0x5d9/0x1050
[   51.843731]  kthread+0x319/0x430
[   51.848089]  ? process_one_work+0x1600/0x1600
[   51.852951]  ? kthread_create_on_node+0xd0/0xd0
[   51.857613]  ret_from_fork+0x24/0x30
[   51.862279] Code: 84 8a 00 00 00 e8 c8 10 0d 00 65 ff 0d 61 af b1 7e 0f 85 3c fd ff ff e8 b6 10 0d 00 e8 05 04 b0 ff e9 2d fd ff ff e8 a7 10 0d 00 <0f> 0b e8 a0 10 0d 00 49 c7 c5 80 4a 02 00 e8 14 b3 ba 01 48 ba 
[   51.881391] RIP: add_timer+0x689/0xae0 RSP: ffff8880a401fb38
[   51.889203] ---[ end trace fc61a135649e23c6 ]---
[   51.894529] Kernel panic - not syncing: Fatal exception
[   51.901450] Kernel Offset: disabled
[   51.905118] Rebooting in 86400 seconds..