[ 33.074921] audit: type=1800 audit(1585640242.932:33): pid=7132 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="startpar" name="rc.local" dev="sda1" ino=2465 res=0 [ 33.101837] audit: type=1800 audit(1585640242.932:34): pid=7132 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="startpar" name="rmnologin" dev="sda1" ino=2456 res=0 Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 37.680078] random: sshd: uninitialized urandom read (32 bytes read) [ 37.955632] audit: type=1400 audit(1585640247.812:35): avc: denied { map } for pid=7307 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 [ 37.996545] random: sshd: uninitialized urandom read (32 bytes read) [ 38.713006] random: sshd: uninitialized urandom read (32 bytes read) [ 38.904006] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.150' (ECDSA) to the list of known hosts. [ 44.588834] random: sshd: uninitialized urandom read (32 bytes read) executing program [ 44.700833] audit: type=1400 audit(1585640254.562:36): avc: denied { map } for pid=7319 comm="syz-executor881" path="/root/syz-executor881312531" dev="sda1" ino=16484 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 44.706000] [ 44.727231] audit: type=1400 audit(1585640254.562:37): avc: denied { create } for pid=7319 comm="syz-executor881" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 44.728871] ============================= [ 44.753318] audit: type=1400 audit(1585640254.562:38): avc: denied { write } for pid=7319 comm="syz-executor881" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 44.759526] WARNING: suspicious RCU usage [ 44.781386] audit: type=1400 audit(1585640254.562:39): avc: denied { read } for pid=7319 comm="syz-executor881" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 44.785150] 4.14.174-syzkaller #0 Not tainted [ 44.813857] ----------------------------- [ 44.818002] net/tipc/bearer.c:177 suspicious rcu_dereference_protected() usage! [ 44.825618] [ 44.825618] other info that might help us debug this: [ 44.825618] [ 44.833884] [ 44.833884] rcu_scheduler_active = 2, debug_locks = 1 [ 44.840830] 2 locks held by syz-executor881/7319: [ 44.845656] #0: (cb_lock){++++}, at: [] genl_rcv+0x15/0x40 [ 44.853063] #1: (genl_mutex){+.+.}, at: [] genl_rcv_msg+0x112/0x140 [ 44.861408] [ 44.861408] stack backtrace: [ 44.865905] CPU: 1 PID: 7319 Comm: syz-executor881 Not tainted 4.14.174-syzkaller #0 [ 44.873813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 44.883204] Call Trace: [ 44.885783] dump_stack+0x13e/0x194 [ 44.889430] tipc_bearer_find+0x1ff/0x2f0 [ 44.893607] tipc_nl_compat_link_set+0x41f/0xbc0 [ 44.898353] tipc_nl_compat_doit+0x18d/0x510 [ 44.902746] ? tipc_nl_compat_link_stat_dump+0x1c40/0x1c40 [ 44.908368] ? cap_capable+0x1c4/0x230 [ 44.912236] ? security_capable+0x88/0xb0 [ 44.916380] ? ns_capable_common+0x127/0x150 [ 44.920789] tipc_nl_compat_recv+0x95c/0xa10 [ 44.925201] ? tipc_nl_compat_doit+0x510/0x510 [ 44.929768] ? tipc_nl_node_dump+0xc60/0xc60 [ 44.934164] ? tipc_nl_compat_bearer_enable+0x560/0x560 [ 44.939515] ? lock_acquire+0x170/0x3f0 [ 44.943494] ? genl_rcv_msg+0x112/0x140 [ 44.947447] genl_family_rcv_msg+0x57c/0xb30 [ 44.951835] ? mark_lock+0x475/0x10b0 [ 44.955612] ? genl_unregister_family+0x640/0x640 [ 44.960447] ? mutex_trylock+0x1a0/0x1a0 [ 44.964496] genl_rcv_msg+0xaf/0x140 [ 44.968197] netlink_rcv_skb+0x127/0x370 [ 44.972250] ? genl_family_rcv_msg+0xb30/0xb30 [ 44.976813] ? netlink_ack+0x980/0x980 [ 44.980678] ? lock_acquire+0x170/0x3f0 [ 44.984633] genl_rcv+0x24/0x40 [ 44.987889] netlink_unicast+0x437/0x620 [ 44.991933] ? netlink_attachskb+0x600/0x600 [ 44.996335] netlink_sendmsg+0x733/0xbe0 [ 45.000374] ? netlink_unicast+0x620/0x620 [ 45.004585] ? SYSC_sendto+0x2b0/0x2b0 [ 45.008467] ? security_socket_sendmsg+0x83/0xb0 [ 45.013213] ? netlink_unicast+0x620/0x620 [ 45.017427] sock_sendmsg+0xc5/0x100 [ 45.021119] ___sys_sendmsg+0x70a/0x840 [ 45.025105] ? copy_msghdr_from_user+0x380/0x380 [ 45.029847] ? lock_downgrade+0x6e0/0x6e0 [ 45.034030] ? __lock_acquire+0x5f7/0x4620 [ 45.038251] ? trace_hardirqs_on+0x10/0x10 [ 45.042468] ? trace_hardirqs_on+0x10/0x10 [ 45.046682] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 45.052113] ? save_trace+0x290/0x290 [ 45.055979] ? find_held_lock+0x2d/0x110 [ 45.060058] ? __fget_light+0x16a/0x1f0 [ 45.064011] ? sockfd_lookup_light+0xb2/0x160 [ 45.068482] __sys_sendmsg+0xa3/0x120 [ 45.072261] ? SyS_shutdown+0x160/0x160 [ 45.076226] ? _raw_spin_unlock_irq+0x24/0x80 [ 45.080705] SyS_sendmsg+0x27/0x40 [ 45.084224] ? __sys_sendmsg+0x120/0x120 [ 45.088276] do_syscall_64+0x1d5/0x640 [ 45.092145] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 45.097314] RIP: 0033:0x444149 [ 45.100481] RSP: 002b