[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   33.290437] random: sshd: uninitialized urandom read (32 bytes read)
[   33.552648] kauditd_printk_skb: 9 callbacks suppressed
[   33.552655] audit: type=1400 audit(1568200427.031:35): avc:  denied  { map } for  pid=6746 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
[   33.601477] random: sshd: uninitialized urandom read (32 bytes read)
[   34.122076] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.1.5' (ECDSA) to the list of known hosts.
[   39.915144] urandom_read: 1 callbacks suppressed
[   39.915148] random: sshd: uninitialized urandom read (32 bytes read)
executing program
[   40.028173] audit: type=1400 audit(1568200433.501:36): avc:  denied  { map } for  pid=6759 comm="syz-executor058" path="/root/syz-executor058405568" dev="sda1" ino=16482 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[   40.032763] 
[   40.055295] audit: type=1400 audit(1568200433.501:37): avc:  denied  { create } for  pid=6759 comm="syz-executor058" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
[   40.056228] =============================
[   40.080313] audit: type=1400 audit(1568200433.511:38): avc:  denied  { write } for  pid=6759 comm="syz-executor058" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
[   40.080329] audit: type=1400 audit(1568200433.511:39): avc:  denied  { read } for  pid=6759 comm="syz-executor058" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
[   40.132261] WARNING: suspicious RCU usage
[   40.136396] 4.14.143 #0 Not tainted
[   40.139998] -----------------------------
[   40.144732] net/tipc/bearer.c:177 suspicious rcu_dereference_protected() usage!
[   40.152645] 
[   40.152645] other info that might help us debug this:
[   40.152645] 
[   40.160826] 
[   40.160826] rcu_scheduler_active = 2, debug_locks = 1
[   40.167477] 2 locks held by syz-executor058/6759:
[   40.172438]  #0:  (cb_lock){++++}, at: [<ffffffff84f531ea>] genl_rcv+0x1a/0x40
[   40.179811]  #1:  (genl_mutex){+.+.}, at: [<ffffffff84f56a39>] genl_rcv_msg+0x119/0x150
[   40.188045] 
[   40.188045] stack backtrace:
[   40.192599] CPU: 1 PID: 6759 Comm: syz-executor058 Not tainted 4.14.143 #0
[   40.199595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   40.208928] Call Trace:
[   40.211495]  dump_stack+0x138/0x197
[   40.215102]  lockdep_rcu_suspicious+0x153/0x15d
[   40.219745]  tipc_bearer_find+0x20a/0x300
[   40.223869]  tipc_nl_compat_link_set+0x433/0xbf0
[   40.228600]  tipc_nl_compat_doit+0x1a2/0x550
[   40.233000]  ? security_capable+0x8e/0xc0
[   40.237123]  ? tipc_nl_compat_link_stat_dump+0x2080/0x2080
[   40.242723]  ? ns_capable_common+0x12c/0x160
[   40.247108]  ? ns_capable+0x23/0x30
[   40.250723]  ? __netlink_ns_capable+0xe2/0x130
[   40.255284]  tipc_nl_compat_recv+0x9ec/0xb20
[   40.259693]  ? is_bpf_text_address+0xa6/0x120
[   40.264163]  ? tipc_nl_compat_doit+0x550/0x550
[   40.268718]  ? tipc_nl_node_dump+0xc90/0xc90
[   40.273099]  ? tipc_nl_compat_bearer_enable+0x570/0x570
[   40.278440]  ? lock_acquire+0x16f/0x430
[   40.282387]  ? genl_rcv_msg+0x119/0x150
[   40.286337]  ? genl_rcv_msg+0x119/0x150
[   40.290287]  genl_family_rcv_msg+0x614/0xc30
[   40.294673]  ? genl_unregister_family+0x6a0/0x6a0
[   40.299498]  genl_rcv_msg+0xb4/0x150
[   40.303187]  netlink_rcv_skb+0x14f/0x3c0
[   40.307243]  ? genl_family_rcv_msg+0xc30/0xc30
[   40.311801]  ? netlink_ack+0x9a0/0x9a0
[   40.315664]  ? genl_rcv+0x1a/0x40
[   40.319097]  genl_rcv+0x29/0x40
[   40.322351]  netlink_unicast+0x45d/0x640
[   40.326386]  ? netlink_attachskb+0x6a0/0x6a0
[   40.330771]  ? security_netlink_send+0x81/0xb0
[   40.335329]  netlink_sendmsg+0x7c4/0xc60
[   40.339369]  ? netlink_unicast+0x640/0x640
[   40.343579]  ? security_socket_sendmsg+0x89/0xb0
[   40.348309]  ? netlink_unicast+0x640/0x640
[   40.352527]  sock_sendmsg+0xce/0x110
[   40.356216]  ___sys_sendmsg+0x70a/0x840
[   40.360166]  ? copy_msghdr_from_user+0x3f0/0x3f0
[   40.364901]  ? __lock_acquire+0x5f7/0x4620
[   40.369111]  ? save_trace+0x290/0x290
[   40.372893]  ? trace_hardirqs_on+0x10/0x10
[   40.377103]  ? save_trace+0x290/0x290
[   40.380878]  ? lock_downgrade+0x6e0/0x6e0
[   40.385015]  ? task_work_run+0xf0/0x190
[   40.388965]  ? __fget_light+0x172/0x1f0
[   40.392916]  ? __fdget+0x1b/0x20
[   40.396255]  ? sockfd_lookup_light+0xb4/0x160
[   40.400726]  __sys_sendmsg+0xb9/0x140
[   40.404503]  ? SyS_shutdown+0x170/0x170
[   40.408453]  ? trace_hardirqs_on_caller+0x400/0x590
[   40.413452]  SyS_sendmsg+0x2d/0x50
[   40.416967]  ? __sys_sendmsg+0x140/0x140
[   40.421003]  do_syscall_64+0x1e8/0x640
[   40.424864]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   40.429686]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   40.434851] RIP: 0033:0x4441b9
[   40.438016] RSP: 002b:00007fff265aed98 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   40.445720] RAX: ffffffffffffffda RBX: 00000000004002e0 RCX: 00000000004441b9
[   40.452973] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000003
[   40.460218] RBP: 00000000006ce018 R08: 0000000000000000 R09: 00000000004002e0
[   40.467463] R10: 0000000000001800 R11: 0000000000000246 R12: 0000000000401e60
[   40.474752] R13: 0000000000401ef0 R14: 0000000000000000 R15