[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   19.849540] random: sshd: uninitialized urandom read (32 bytes read)
[   20.122785] audit: type=1400 audit(1536372531.594:6): avc:  denied  { map } for  pid=1758 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
[   20.170904] random: sshd: uninitialized urandom read (32 bytes read)
[   20.665964] random: sshd: uninitialized urandom read (32 bytes read)
[   34.578092] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.0.7' (ECDSA) to the list of known hosts.
[   40.106587] random: sshd: uninitialized urandom read (32 bytes read)
[   40.211753] audit: type=1400 audit(1536372551.684:7): avc:  denied  { map } for  pid=1782 comm="syz-executor020" path="/root/syz-executor020758680" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[   40.222575] ------------[ cut here ]------------
[   40.222596] WARNING: CPU: 0 PID: 1782 at mm/page_alloc.c:3889 __alloc_pages_nodemask+0x1662/0x2300
[   40.222600] Kernel panic - not syncing: panic_on_warn set ...
[   40.222600] 
[   40.222608] CPU: 0 PID: 1782 Comm: syz-executor020 Not tainted 4.14.68+ #4
[   40.222611] Call Trace:
[   40.222622]  dump_stack+0xb9/0x11b
[   40.222631]  ? __alloc_pages_nodemask+0x15e0/0x2300
[   40.222639]  panic+0x1bf/0x3a4
[   40.222647]  ? add_taint.cold.4+0x16/0x16
[   40.222659]  ? __probe_kernel_read+0x163/0x1c0
[   40.222672]  ? __alloc_pages_nodemask+0x1662/0x2300
[   40.222680]  __warn.cold.7+0x148/0x185
[   40.222688]  ? __alloc_pages_nodemask+0x1662/0x2300
[   40.222697]  report_bug+0x1f7/0x26c
[   40.222710]  do_error_trap+0x1ba/0x2c0
[   40.222718]  ? math_error+0x2d0/0x2d0
[   40.222727]  ? __is_insn_slot_addr+0x112/0x1f0
[   40.222738]  ? lock_downgrade+0x560/0x560
[   40.222743]  ? lock_acquire+0x10f/0x380
[   40.222750]  ? __free_insn_slot+0x490/0x490
[   40.222760]  ? check_preemption_disabled+0x34/0x160
[   40.222772]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   40.222788]  invalid_op+0x18/0x40
[   40.222795] RIP: 0010:__alloc_pages_nodemask+0x1662/0x2300
[   40.222799] RSP: 0018:ffff8801d218f1a0 EFLAGS: 00010246
[   40.222805] RAX: 00000000ffff9a87 RBX: 0000000000000000 RCX: ffffffffa421e890
[   40.222818] RDX: 1ffffffff47c1200 RSI: 0000000000000001 RDI: 00000000014040c0
[   40.222823] RBP: ffff8801d0c25e00 R08: 0000000000000001 R09: 00000000000a7caa
[   40.222827] R10: ffff8801d0c26680 R11: 0000000000000000 R12: 00000000014040c0
[   40.222831] R13: 0000000000000000 R14: 00000000014040c0 R15: ffff8801d218f3b0
[   40.222858]  ? kasan_kmalloc.part.1+0xa9/0xd0
[   40.222871]  ? common_read+0x1c3/0x370
[   40.222879]  ? security_load_policy+0x25a/0x980
[   40.222885]  ? __vfs_write+0xf4/0x5c0
[   40.222890]  ? vfs_write+0x17f/0x4d0
[   40.222896]  ? do_syscall_64+0x19b/0x4b0
[   40.222902]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   40.222909]  ? security_load_policy+0x25a/0x980
[   40.222918]  ? sel_write_load+0x1ff/0x1000
[   40.222923]  ? __vfs_write+0xf4/0x5c0
[   40.222931]  ? gfp_pfmemalloc_allowed+0x150/0x150
[   40.222937]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   40.222951]  ? kasan_slab_free+0x119/0x190
[   40.222959]  ? kasan_slab_free+0xac/0x190
[   40.222965]  ? kfree+0xf5/0x310
[   40.222970]  ? policydb_read+0x85b/0x2380
[   40.222983]  ? fs_reclaim_acquire+0x10/0x10
[   40.222995]  ? kasan_unpoison_shadow+0x30/0x40
[   40.223003]  ? kasan_kmalloc+0x76/0xc0
[   40.223016]  kmalloc_order+0x1f/0x60
[   40.223025]  kmalloc_order_trace+0x18/0x160
[   40.223035]  str_read+0x32/0x150
[   40.223045]  common_read+0x265/0x370
[   40.223055]  ? class_read+0x8d0/0x8d0
[   40.223061]  ? ebitmap_cpy+0x260/0x260
[   40.223074]  ? class_read+0x8d0/0x8d0
[   40.223083]  policydb_read+0xcdd/0x2380
[   40.223104]  ? kmem_cache_alloc_trace+0x138/0x300
[   40.223110]  ? security_load_policy+0x128/0x980
[   40.223116]  ? sel_write_load+0x1ff/0x1000
[   40.223121]  ? __vfs_write+0xf4/0x5c0
[   40.223126]  ? vfs_write+0x17f/0x4d0
[   40.223131]  ? SyS_write+0xc2/0x1a0
[   40.223136]  ? do_syscall_64+0x19b/0x4b0
[   40.223150]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   40.223173]  ? string_to_av_perm+0x80/0x80
[   40.223181]  ? trace_hardirqs_on+0x10/0x10
[   40.223189]  ? lock_downgrade+0x560/0x560
[   40.223217]  ? fs_reclaim_acquire+0x10/0x10
[   40.223245]  ? kasan_unpoison_shadow+0x30/0x40
[   40.223253]  ? kasan_kmalloc+0x76/0xc0
[   40.223266]  ? security_load_policy+0x128/0x980
[   40.223277]  security_load_policy+0x25a/0x980
[   40.223289]  ? security_get_bools+0x660/0x660
[   40.223303]  ? rcu_read_lock_sched_held+0x102/0x120
[   40.223311]  ? __alloc_pages_nodemask+0x6ab/0x2300
[   40.223321]  ? __lock_acquire+0x619/0x4320
[   40.223330]  ? alloc_vmap_area.isra.8+0x4e5/0x7f0
[   40.223338]  ? lock_downgrade+0x560/0x560
[   40.223344]  ? lock_acquire+0x10f/0x380
[   40.223350]  ? alloc_vmap_area.isra.8+0x16e/0x7f0
[   40.223366]  ? trace_hardirqs_on+0x10/0x10
[   40.223373]  ? alloc_vmap_area.isra.8+0x687/0x7f0
[   40.223379]  ? vmap_page_range_noflush+0x53b/0x780
[   40.223399]  ? alloc_vmap_area.isra.8+0x7f0/0x7f0
[   40.223416]  ? __might_fault+0x104/0x1b0
[   40.223425]  ? lock_downgrade+0x560/0x560
[   40.223430]  ? lock_acquire+0x10f/0x380
[   40.223436]  ? __might_fault+0xd4/0x1b0
[   40.223452]  ? __might_fault+0x177/0x1b0
[   40.223465]  sel_write_load+0x1ff/0x1000
[   40.223484]  ? sel_read_bool+0x240/0x240
[   40.223489]  ? __lock_acquire+0x619/0x4320
[   40.223513]  ? kasan_slab_free+0xac/0x190
[   40.223522]  ? kmem_cache_free+0x12d/0x350
[   40.223529]  ? putname+0xcf/0x100
[   40.223552]  ? do_sys_open+0x2bb/0x580
[   40.223557]  ? do_syscall_64+0x19b/0x4b0
[   40.223563]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   40.223578]  ? trace_hardirqs_on+0x10/0x10
[   40.223583]  ? lock_acquire+0x10f/0x380
[   40.223591]  ? debug_check_no_obj_freed+0x150/0x77c
[   40.223599]  ? _raw_spin_unlock_irqrestore+0x54/0x70
[   40.223609]  __vfs_write+0xf4/0x5c0
[   40.223616]  ? sel_read_bool+0x240/0x240
[   40.223623]  ? kernel_read+0x110/0x110
[   40.223653]  ? rcu_read_lock_sched_held+0x102/0x120
[   40.223679]  vfs_write+0x17f/0x4d0
[   40.223690]  SyS_write+0xc2/0x1a0
[   40.223697]  ? SyS_read+0x1a0/0x1a0
[   40.223708]  ? do_syscall_64+0x43/0x4b0
[   40.223729]  ? SyS_read+0x1a0/0x1a0
[   40.223737]  do_syscall_64+0x19b/0x4b0
[   40.223750]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   40.223755] RIP: 0033:0x440049
[   40.223758] RSP: 002b:00007ffd7070cba8 EFLAGS: 00000213 ORIG_RAX: 0000000000000001
[   40.223765] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440049
[   40.223768] RDX: 0000000000000163 RSI: 0000000020000380 RDI: 0000000000000003
[   40.223772] RBP: 00000000006ca018 R08: 0000000000000000 R09: 00000000004002c8
[   40.223776] R10: 0000000000000000 R11: 0000000000000213 R12: 00000000004018d0
[   40.223780] R13: 0000000000401960 R14: 0000000000000000 R15: 0000000000000000
[   40.238253] Dumping ftrace buffer:
[   40.238345]    (ftrace buffer empty)
[   40.238350] Kernel Offset: 0x20a00000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff)
[   40.813339] Rebooting in 86400 seconds..