[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   33.639672] random: sshd: uninitialized urandom read (32 bytes read)
[   33.854004] audit: type=1400 audit(1536544703.984:6): avc:  denied  { map } for  pid=5471 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
[   33.910482] random: sshd: uninitialized urandom read (32 bytes read)
[   34.510803] random: sshd: uninitialized urandom read (32 bytes read)
[   43.174462] random: sshd: uninitialized urandom read (32 bytes read)
[   43.362890] sshd (5480) used greatest stack depth: 16872 bytes left
Warning: Permanently added '10.128.0.63' (ECDSA) to the list of known hosts.
[   48.990236] random: sshd: uninitialized urandom read (32 bytes read)
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[   49.121512] audit: type=1400 audit(1536544719.254:7): avc:  denied  { map } for  pid=5485 comm="syz-executor154" path="/root/syz-executor154126270" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[   49.182885] kobject_add_internal failed for hci1 (error: -2 parent: bluetooth)
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[   49.225944] Bluetooth: Can't register HCI device
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[   49.682314] WARNING: CPU: 0 PID: 5659 at fs/kernfs/dir.c:494 kernfs_get.part.8+0x131/0x160
[   49.690744] Kernel panic - not syncing: panic_on_warn set ...
[   49.690744] 
[   49.690760] CPU: 0 PID: 5659 Comm: syz-executor154 Not tainted 4.19.0-rc2+ #9
[   49.690767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   49.690772] Call Trace:
[   49.690792]  dump_stack+0x1c4/0x2b4
[   49.690810]  ? dump_stack_print_info.cold.2+0x52/0x52
[   49.690842]  panic+0x238/0x4e7
[   49.690856]  ? add_taint.cold.5+0x16/0x16
[   49.690874]  ? __warn.cold.8+0x148/0x1ba
[   49.690887]  ? __warn.cold.8+0x117/0x1ba
[   49.690904]  ? kernfs_get.part.8+0x131/0x160
[   49.690918]  __warn.cold.8+0x163/0x1ba
[   49.690933]  ? rcu_bh_qs+0xc0/0xc0
[   49.690947]  ? kernfs_get.part.8+0x131/0x160
[   49.690966]  report_bug+0x254/0x2d0
[   49.690985]  do_error_trap+0x1fc/0x4d0
[   49.691002]  ? math_error+0x3f0/0x3f0
[   49.691015]  ? __kernfs_new_node+0x697/0x8d0
[   49.691030]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   49.691046]  ? trace_hardirqs_on_caller+0x310/0x310
[   49.691073]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[   49.691097]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   49.691117]  do_invalid_op+0x1b/0x20
[   49.691131]  invalid_op+0x14/0x20
[   49.691145] RIP: 0010:kernfs_get.part.8+0x131/0x160
[   49.691160] Code: 44 05 00 00 00 00 00 48 8b 45 d0 65 48 33 04 25 28 00 00 00 75 2f 48 83 c4 60 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 df 1c 87 ff <0f> 0b eb b1 4c 89 e7 e8 d3 83 ca ff eb 81 48 89 df e8 29 83 ca ff
[   49.691168] RSP: 0018:ffff8801d892f500 EFLAGS: 00010293
[   49.691195] RAX: ffff8801c5f56640 RBX: ffff8801c541b8c0 RCX: ffffffff81f7b391
[   49.712153] kobject: 'bluetooth' (00000000076788a3): kobject_add_internal: parent: 'virtual', set: '(null)'
[   49.715176] RDX: 0000000000000000 RSI: ffffffff81f7b3e1 RDI: 0000000000000005
[   49.715186] RBP: ffff8801d892f588 R08: ffff8801c5f56640 R09: ffffed0038a83718
[   49.715196] R10: ffffed0038a83718 R11: ffff8801c541b8c3 R12: 1ffff1003b125ea4
[   49.715205] R13: 1ffff1003b125ea0 R14: 0000000000000000 R15: ffff8801d892f560
[   49.715235]  ? kernfs_get.part.8+0xe1/0x160
[   49.715249]  ? kernfs_get.part.8+0x131/0x160
[   49.715268]  ? kernfs_unlink_sibling+0x170/0x170
[   49.715291]  kernfs_new_node+0xb4/0x120
[   49.715307]  kernfs_create_dir_ns+0x4d/0x160
[   49.715325]  sysfs_create_dir_ns+0x19b/0x340
[   49.715343]  ? sysfs_create_mount_point+0xa0/0xa0
[   49.718602] kobject: 'hci1' (000000003c3c3740): kobject_add_internal: parent: 'bluetooth', set: 'devices'
[   49.721597]  ? do_raw_spin_trylock+0x1c0/0x1c0
[   49.721619]  ? do_raw_spin_lock+0xc1/0x200
[   49.721637]  ? class_dir_child_ns_type+0xd/0x60
[   49.721662]  kobject_add_internal+0x440/0xb60
[   49.727847] kobject: 'hci3' (00000000e8906dbf): kobject_add_internal: parent: 'bluetooth', set: 'devices'
[   49.730023]  ? kobj_ns_type_registered+0x60/0x60
[   49.730042]  ? lock_downgrade+0x900/0x900
[   49.730072]  ? refcount_add_not_zero_checked+0x330/0x330
[   49.730098]  ? kasan_check_read+0x11/0x20
[   49.734546] kobject: 'hci3' (00000000e8906dbf): kobject_uevent_env
[   49.738286]  kobject_add+0x13f/0x1b0
[   49.738301]  ? kset_create_and_add+0x190/0x190
[   49.738325]  ? mutex_unlock+0xd/0x10
[   49.738341]  ? device_add+0x31f/0x17f0
[   49.738363]  device_add+0x3e2/0x17f0
[   49.738380]  ? kfree_const+0x5e/0x70
[   49.738400]  ? get_device_parent.isra.27+0x5a0/0x5a0
[   49.743890] kobject: 'hci2' (000000009e3c3103): kobject_add_internal: parent: 'bluetooth', set: 'devices'
[   49.746843]  ? dev_set_name+0xad/0xe0
[   49.746860]  ? device_initialize+0x5f0/0x5f0
[   49.746890]  hci_register_dev+0x3e6/0xb80
[   49.746910]  ? hci_conn_params_free+0x880/0x880
[   49.746935]  ? graph_lock+0x170/0x170
[   49.751148] kobject: 'hci2' (000000009e3c3103): kobject_uevent_env
[   49.754371]  ? iov_iter_advance+0x1460/0x1460
[   49.754396]  __vhci_create_device+0x2c1/0x580
[   49.754416]  vhci_write+0x2de/0x470
[   49.754438]  __vfs_write+0x6b8/0x9f0
[   49.759622] kobject: 'hci3' (00000000e8906dbf): fill_kobj_path: path = '/devices/virtual/bluetooth/hci3'
[   49.762471]  ? kernel_read+0x120/0x120
[   49.762487]  ? __might_sleep+0x95/0x190
[   49.762508]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[   49.762525]  ? __inode_security_revalidate+0xd9/0x120
[   49.762544]  ? selinux_file_permission+0x90/0x540
[   49.767160] kobject: 'hci1' (000000003c3c3740): kobject_uevent_env
[   49.770222]  ? rw_verify_area+0x118/0x360
[   49.770242]  vfs_write+0x1fc/0x560
[   49.770277]  ksys_write+0x101/0x260
[   49.770297]  ? __ia32_sys_read+0xb0/0xb0
[   49.775299] kobject: 'hci1' (000000003c3c3740): fill_kobj_path: path = '/devices/virtual/bluetooth/hci1'
[   49.779535]  ? __bpf_trace_preemptirq_template+0x30/0x30
[   49.779559]  __x64_sys_write+0x73/0xb0
[   49.779585]  do_syscall_64+0x1b9/0x820
[   49.779605]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[   49.785447] kobject: 'hci6': free name
[   49.789391]  ? syscall_return_slowpath+0x5e0/0x5e0
[   49.789407]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   49.789425]  ? trace_hardirqs_on_caller+0x310/0x310
[   49.789442]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[   49.789461]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   49.794514] kobject: 'rfkill160' (000000007e905e9b): kobject_add_internal: parent: 'hci3', set: 'devices'
[   49.797994]  ? prepare_exit_to_usermode+0x291/0x3b0
[   49.798015]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   49.798040]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   49.798052] RIP: 0033:0x440e49
[   49.798078] Code: e8 ac e8 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 0b 0a fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   49.798087] RSP: 002b:00007ffce43766e8 EFLAGS: 00000213 ORIG_RAX: 0000000000000001
[   49.798107] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440e49
[   49.798115] RDX: 0000000000000002 RSI: 00000000200000c0 RDI: 0000000000000003
[   49.804966] kobject: 'hci2' (000000009e3c3103): fill_kobj_path: path = '/devices/virtual/bluetooth/hci2'
[   49.806620] RBP: 0000000000000000 R08: 00000000004002c8 R09: 00000000004002c8
[   49.806630] R10: 000000000075f880 R11: 0000000000000213 R12: 000000000000c1e3
[   49.806638] R13: 0000000000401d70 R14: 0000000000000000 R15: 0000000000000000
[   49.825907] Dumping ftrace buffer:
[   49.826027]    (ftrace buffer empty)
[   49.826637] Kernel Offset: disabled
[   50.276053] Rebooting in 86400 seconds..