[ 32.276598] audit: type=1800 audit(1555001837.416:33): pid=6828 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="startpar" name="rc.local" dev="sda1" ino=2465 res=0 [ 32.304282] audit: type=1800 audit(1555001837.416:34): pid=6828 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="startpar" name="rmnologin" dev="sda1" ino=2456 res=0 Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 55.088428] random: sshd: uninitialized urandom read (32 bytes read) [ 55.619817] audit: type=1400 audit(1555001860.756:35): avc: denied { map } for pid=7001 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 [ 55.674136] random: sshd: uninitialized urandom read (32 bytes read) [ 56.283366] random: sshd: uninitialized urandom read (32 bytes read) [ 56.471812] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.43' (ECDSA) to the list of known hosts. [ 62.057499] random: sshd: uninitialized urandom read (32 bytes read) executing program [ 62.172992] audit: type=1400 audit(1555001867.316:36): avc: denied { map } for pid=7013 comm="syz-executor124" path="/root/syz-executor124783039" dev="sda1" ino=16484 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 62.178440] [ 62.200549] audit: type=1400 audit(1555001867.316:37): avc: denied { create } for pid=7013 comm="syz-executor124" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 62.201318] ============================= [ 62.225914] audit: type=1400 audit(1555001867.316:38): avc: denied { write } for pid=7013 comm="syz-executor124" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 62.230202] WARNING: suspicious RCU usage [ 62.253806] audit: type=1400 audit(1555001867.316:39): avc: denied { read } for pid=7013 comm="syz-executor124" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 62.257618] 4.14.111 #1 Not tainted [ 62.285241] ----------------------------- [ 62.289364] net/tipc/bearer.c:177 suspicious rcu_dereference_protected() usage! [ 62.296905] [ 62.296905] other info that might help us debug this: [ 62.296905] [ 62.305152] [ 62.305152] rcu_scheduler_active = 2, debug_locks = 1 [ 62.312027] 2 locks held by syz-executor124/7013: [ 62.316869] #0: (cb_lock){++++}, at: [] genl_rcv+0x1a/0x40 [ 62.324412] #1: (genl_mutex){+.+.}, at: [] genl_rcv_msg+0x119/0x150 [ 62.332645] [ 62.332645] stack backtrace: [ 62.337195] CPU: 1 PID: 7013 Comm: syz-executor124 Not tainted 4.14.111 #1 [ 62.344196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 62.353578] Call Trace: [ 62.356223] dump_stack+0x138/0x19c [ 62.359847] lockdep_rcu_suspicious+0x153/0x15d [ 62.364673] tipc_bearer_find+0x20a/0x300 [ 62.368807] tipc_nl_compat_link_set+0x421/0xbe0 [ 62.373549] tipc_nl_compat_doit+0x170/0x520 [ 62.378045] ? tipc_nl_compat_link_stat_dump+0x2060/0x2060 [ 62.383657] ? ns_capable_common+0x12c/0x160 [ 62.388046] ? ns_capable+0x23/0x30 [ 62.391760] ? __netlink_ns_capable+0xe2/0x130 [ 62.396447] tipc_nl_compat_recv+0x9be/0xaf0 [ 62.400835] ? __lock_is_held+0xb6/0x140 [ 62.404880] ? tipc_nl_compat_doit+0x520/0x520 [ 62.409502] ? tipc_nl_node_dump+0xc90/0xc90 [ 62.413986] ? tipc_nl_compat_bearer_enable+0x550/0x550 [ 62.419339] ? genl_rcv_msg+0x119/0x150 [ 62.423305] ? genl_rcv_msg+0x119/0x150 [ 62.427379] genl_family_rcv_msg+0x61c/0xc40 [ 62.431812] ? genl_rcv+0x40/0x40 [ 62.435258] ? __lock_acquire+0x5f9/0x45e0 [ 62.439481] ? __lock_acquire+0x5f9/0x45e0 [ 62.443777] genl_rcv_msg+0xb4/0x150 [ 62.447583] netlink_rcv_skb+0x152/0x3c0 [ 62.451674] ? genl_family_rcv_msg+0xc40/0xc40 [ 62.456255] ? netlink_ack+0x9a0/0x9a0 [ 62.460135] ? genl_rcv+0x1a/0x40 [ 62.463581] genl_rcv+0x29/0x40 [ 62.466941] netlink_unicast+0x466/0x780 [ 62.470996] ? netlink_attachskb+0x6a0/0x6a0 [ 62.475402] ? security_netlink_send+0x87/0xb0 [ 62.480013] netlink_sendmsg+0x7c4/0xc60 [ 62.484073] ? netlink_unicast+0x780/0x780 [ 62.488433] ? security_socket_sendmsg+0x8f/0xc0 [ 62.493173] ? netlink_unicast+0x780/0x780 [ 62.497562] sock_sendmsg+0xd0/0x110 [ 62.501309] ___sys_sendmsg+0x70c/0x850 [ 62.505267] ? copy_msghdr_from_user+0x3f0/0x3f0 [ 62.510130] ? __lock_acquire+0x5f9/0x45e0 [ 62.514411] ? save_trace+0x290/0x290 [ 62.518201] ? trace_hardirqs_on+0x10/0x10 [ 62.522416] ? save_trace+0x290/0x290 [ 62.526200] ? lock_downgrade+0x6e0/0x6e0 [ 62.530330] ? task_work_run+0xf0/0x190 [ 62.534351] ? __fget_light+0x172/0x1f0 [ 62.538353] ? __fdget+0x1b/0x20 [ 62.541710] ? sockfd_lookup_light+0xb4/0x160 [ 62.546185] __sys_sendmsg+0xb9/0x140 [ 62.550013] ? SyS_shutdown+0x180/0x180 [ 62.553976] ? trace_hardirqs_on_caller+0x400/0x590 [ 62.558988] SyS_sendmsg+0x2d/0x50 [ 62.562532] ? __sys_sendmsg+0x140/0x140 [ 62.566585] do_syscall_64+0x1eb/0x630 [ 62.570449] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 62.575275] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 62.580468] RIP: 0033:0x444229 [ 62.583681] RSP: 002b:00007ffe46c41c48 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 62.591658] RAX: ffffffffffffffda RBX: 00000000004002e0 RCX: 0000000000444229 [ 62.598955] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003 [ 62.606211] RBP: 00000000006ce018 R08: 0000000000000000 R09: 00000000004002e0 [ 62.613479] R10: 0000000000001800 R11: 0000000000000246 R12: 0000000000401ed0 [ 62.620739] R13: 0000000000401f60 R14: 0000000