mon: restorecond[ 31.338790] audit: type=1800 audit(1566750135.262:34): pid=6795 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="startpar" name="rmnologin" dev="sda1" ino=2456 res=0 [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 33.068529] random: sshd: uninitialized urandom read (32 bytes read) [ 33.344639] audit: type=1400 audit(1566750137.302:35): avc: denied { map } for pid=6968 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 [ 33.385777] random: sshd: uninitialized urandom read (32 bytes read) [ 33.897482] random: sshd: uninitialized urandom read (32 bytes read) [ 34.633349] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.166' (ECDSA) to the list of known hosts. [ 40.159436] random: sshd: uninitialized urandom read (32 bytes read) [ 40.271879] audit: type=1400 audit(1566750144.232:36): avc: denied { map } for pid=6981 comm="syz-executor814" path="/root/syz-executor814952537" dev="sda1" ino=16483 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 40.309890] kobject_add_internal failed for hci1 (error: -2 parent: bluetooth) [ 40.326104] Bluetooth: Can't register HCI device [ 40.606866] kobject_add_internal failed for hci1 (error: -2 parent: bluetooth) [ 40.606998] kobject_add_internal failed for hci3 (error: -2 parent: bluetooth) [ 40.615048] kobject_add_internal failed for hci4 (error: -2 parent: bluetooth) [ 40.630533] Bluetooth: Can't register HCI device [ 40.636589] Bluetooth: Can't register HCI device [ 40.675285] Bluetooth: Can't register HCI device [ 41.274183] kobject_add_internal failed for hci4 (error: -2 parent: bluetooth) [ 41.302332] kobject_add_internal failed for hci3 (error: -2 parent: bluetooth) [ 41.314778] Bluetooth: Can't register HCI device [ 41.325415] Bluetooth: Can't register HCI device [ 41.332186] kobject_add_internal failed for hci1 (error: -2 parent: bluetooth) [ 41.359993] Bluetooth: Can't register HCI device [ 42.475282] kobject_add_internal failed for hci3 (error: -2 parent: bluetooth) [ 42.500447] Bluetooth: Can't register HCI device [ 42.824030] kobject_add_internal failed for hci5 (error: -2 parent: bluetooth) [ 42.851713] Bluetooth: Can't register HCI device [ 43.004738] kobject_add_internal failed for hci6 (error: -2 parent: bluetooth) [ 43.013169] kobject_add_internal failed for hci5 (error: -2 parent: bluetooth) [ 43.028730] Bluetooth: Can't register HCI device [ 43.038191] Bluetooth: Can't register HCI device [ 45.011467] kobject_add_internal failed for hci1 (error: -2 parent: bluetooth) [ 45.041006] Bluetooth: Can't register HCI device [ 45.233308] kobject_add_internal failed for hci4 (error: -2 parent: bluetooth) [ 45.255678] Bluetooth: Can't register HCI device [ 45.336723] kobject_add_internal failed for hci2 (error: -2 parent: bluetooth) [ 45.356017] Bluetooth: Can't register HCI device [ 45.766482] kobject_add_internal failed for hci1 (error: -2 parent: bluetooth) [ 45.778980] Bluetooth: Can't register HCI device [ 46.871281] kobject_add_internal failed for hci2 (error: -2 parent: bluetooth) [ 46.884231] Bluetooth: Can't register HCI device [ 46.899050] kobject_add_internal failed for hci3 (error: -2 parent: bluetooth) [ 46.919327] Bluetooth: Can't register HCI device [ 46.986354] kobject_add_internal failed for hci4 (error: -2 parent: bluetooth) [ 46.999024] Bluetooth: Can't register HCI device [ 47.011695] kobject_add_internal failed for hci5 (error: -2 parent: bluetooth) [ 47.011717] kobject_add_internal failed for hci4 (error: -2 parent: bluetooth) [ 47.021327] Bluetooth: Can't register HCI device [ 47.064727] Bluetooth: Can't register HCI device [ 47.504164] kobject_add_internal failed for hci1 (error: -2 parent: bluetooth) [ 47.534835] Bluetooth: Can't register HCI device [ 50.274970] kobject_add_internal failed for hci1 (error: -2 parent: bluetooth) [ 50.307983] Bluetooth: Can't register HCI device [ 51.407841] refcount_t: increment on 0; use-after-free. [ 51.425590] ------------[ cut here ]------------ [ 51.430713] WARNING: CPU: 0 PID: 9581 at lib/refcount.c:153 refcount_inc.cold+0x18/0x1f [ 51.438852] Kernel panic - not syncing: panic_on_warn set ... [ 51.438852] [ 51.446351] CPU: 0 PID: 9581 Comm: syz-executor814 Not tainted 4.14.140 #36 [ 51.453485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 51.462843] Call Trace: [ 51.465533] dump_stack+0x138/0x197 [ 51.469515] panic+0x1f2/0x426 [ 51.472712] ? add_taint.cold+0x16/0x16 [ 51.476694] ? refcount_inc.cold+0x18/0x1f [ 51.480948] ? refcount_inc.cold+0x18/0x1f [ 51.485186] __warn.cold+0x2f/0x36 [ 51.488731] ? ist_end_non_atomic+0x10/0x10 [ 51.493159] ? refcount_inc.cold+0x18/0x1f [ 51.497437] report_bug+0x216/0x254 [ 51.501071] do_error_trap+0x1bb/0x310 [ 51.504981] ? math_error+0x360/0x360 [ 51.508795] ? vprintk_emit+0x171/0x600 [ 51.512782] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 51.517631] do_invalid_op+0x1b/0x20 [ 51.521349] invalid_op+0x1b/0x40 [ 51.524810] RIP: 0010:refcount_inc.cold+0x18/0x1f [ 51.529644] RSP: 0018:ffff8880987df9c0 EFLAGS: 00010286 [ 51.535015] RAX: 000000000000002b RBX: ffffffff86fac5a0 RCX: 0000000000000000 [ 51.542341] RDX: 0000000000000000 RSI: ffffffff866d0ee0 RDI: ffffed10130fbf2e [ 51.549618] RBP: ffff8880987df9c8 R08: 000000000000002b R09: ffff888094ee4a48 [ 51.556889] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88821a9a5e38 [ 51.564160] R13: 0000000000000000 R14: ffff88821a9a5e00 R15: ffff88809af13aa0 [ 51.571459] kobject_get+0x5b/0x70 [ 51.575018] kobject_add_internal.part.0+0xfc/0x340 [ 51.580076] ? kfree_const+0x40/0x50 [ 51.583796] kobject_add+0x11f/0x180 [ 51.587517] ? kset_create_and_add+0x180/0x180 [ 51.592216] ? get_device_parent.isra.0+0x34e/0x560 [ 51.597237] ? kmem_cache_alloc_trace+0x623/0x790 [ 51.602082] ? lock_downgrade+0x6e0/0x6e0 [ 51.606245] get_device_parent.isra.0+0x415/0x560 [ 51.611105] device_add+0x2d3/0x1490 [ 51.614824] ? device_initialize+0x430/0x430 [ 51.619235] ? device_private_init+0x190/0x190 [ 51.623827] hci_register_dev+0x2d9/0x810 [ 51.627977] ? hci_init_sysfs+0x7c/0xa0 [ 51.631963] __vhci_create_device+0x2a6/0x560 [ 51.636468] vhci_write+0x2a1/0x437 [ 51.640107] __vfs_write+0x4a7/0x6b0 [ 51.643826] ? kernel_read+0x120/0x120 [ 51.647896] ? rw_verify_area+0xea/0x2b0 [ 51.652056] vfs_write+0x198/0x500 [ 51.655603] SyS_write+0xfd/0x230 [ 51.659061] ? SyS_read+0x230/0x230 [ 51.662699] ? do_syscall_64+0x53/0x640 [ 51.666675] ? SyS_read+0x230/0x230 [ 51.670308] do_syscall_64+0x1e8/0x640 [ 51.674228] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 51.679221] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 51.684418] RIP: 0033:0x441259 [ 51.687608] RSP: 002b:00007ffe2a2c4178 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 51.695436] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441259 [ 51.702713] RDX: 0000000000000002 RSI: 0000000020000000 RDI: 0000000000000003 [ 51.710016] RBP: 000000000000c8ae R08: 00000000004002c8 R09: 00000000004002c8 [ 51.717300] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000401fd0 [ 51.724579] R13: 0000000000402060 R14: 0000000000000000 R15: 0000000000000000 [ 51.733751] Kernel Offset: disabled [ 51.737440] Rebooting in 86400 seconds..