[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 21.541761] random: sshd: uninitialized urandom read (32 bytes read, 34 bits of entropy available) [?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 25.929354] random: sshd: uninitialized urandom read (32 bytes read, 38 bits of entropy available) [ 26.304219] random: sshd: uninitialized urandom read (32 bytes read, 40 bits of entropy available) [ 27.269811] random: sshd: uninitialized urandom read (32 bytes read, 109 bits of entropy available) [ 27.444215] random: sshd: uninitialized urandom read (32 bytes read, 112 bits of entropy available) Warning: Permanently added '10.128.0.43' (ECDSA) to the list of known hosts. [ 33.061811] random: sshd: uninitialized urandom read (32 bytes read, 121 bits of entropy available) executing program executing program [ 33.185040] IPVS: Creating netns size=2552 id=1 [ 33.206340] kasan: CONFIG_KASAN_INLINE enabled [ 33.210754] kasan: GPF could be caused by NULL-ptr deref or user memory accessgeneral protection fault: 0000 [#1] PREEMPT SMP KASAN [ 33.223598] Dumping ftrace buffer: [ 33.227102] (ftrace buffer empty) [ 33.230787] Modules linked in:[ 33.231630] IPVS: Creating netns size=2552 id=2 [ 33.238416] [ 33.240326] CPU: 0 PID: 3815 Comm: syzkaller026148 Not tainted 4.4.120-gd63fdf6 #28 [ 33.248095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 33.255309] kasan: CONFIG_KASAN_INLINE enabled [ 33.261975] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 33.261975] task: ffff8800bbbfb000 task.stack: ffff8800aa100000 [ 33.275325] RIP: 0010:[] [] __free_pages+0x21/0x90 [ 33.283558] RSP: 0018:ffff8800aa1079f0 EFLAGS: 00010a07 [ 33.288973] RAX: dffffc0000000000 RBX: dead4ead00000000 RCX: ffffffff825b85eb [ 33.296216] RDX: 1bd5a9d5a0000003 RSI: 0000000000000006 RDI: dead4ead0000001c [ 33.303457] RBP: ffff8800aa107a00 R08: 0000000048000000 R09: 0000000000001e30 [ 33.310694] R10: 0000000000002100 R11: 1ffff10015420f1c R12: 0000000000000004 [ 33.317931] R13: 0000000000000020 R14: ffff8801d4a38000 R15: dffffc0000000000 [ 33.325170] FS: 00007f540584a700(0000) GS:ffff8801db200000(0000) knlGS:0000000000000000 [ 33.333366] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 33.339217] CR2: 0000000020e94000 CR3: 00000000b0b3c000 CR4: 0000000000160670 [ 33.346457] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 33.353696] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 33.360934] Stack: [ 33.363049] 0000000000000246 ffff8801d4a38158 ffff8800aa107a60 ffffffff825b8611 [ 33.371015] ffff8801d4a38170 ffffed003a94702b ffffed003a94702e ffff8801d4a38168 [ 33.378983] dead4ead00000000 ffff8801d4a38140 0000000000000000 0000000000000000 [ 33.386949] Call Trace: [ 33.389508] [] sg_remove_scat.isra.17+0x1c1/0x2d0 [ 33.395966] [] sg_finish_rem_req+0x2b5/0x340 [ 33.401995] [] sg_new_read.isra.18+0x17d/0x3c0 [ 33.408195] [] sg_read+0x8bc/0x1490 [ 33.413443] [] ? __check_object_size+0x154/0x35b [ 33.419815] [] ? sg_proc_seq_show_debug+0xda0/0xda0 [ 33.426451] [] ? fsnotify+0xee0/0xee0 [ 33.431872] [] ? avc_policy_seqno+0x9/0x20 [ 33.437725] [] do_loop_readv_writev+0x141/0x1e0 [ 33.444009] [] ? security_file_permission+0x89/0x1e0 [ 33.450728] [] ? sg_proc_seq_show_debug+0xda0/0xda0 [ 33.457364] [] ? sg_proc_seq_show_debug+0xda0/0xda0 [ 33.463997] [] do_readv_writev+0x5dd/0x6e0 [ 33.469846] [] ? vfs_write+0x530/0x530 [ 33.475351] [] ? sg_ioctl+0x29f0/0x29f0 [ 33.480941] [] ? __vfs_write+0x10b/0x450 [ 33.486623] [] ? quarantine_put+0xab/0x180 [ 33.492478] [] ? __fget+0x213/0x3b0 [ 33.497723] [] ? __fget+0x23a/0x3b0 [ 33.502964] [] ? __fget+0x47/0x3b0 [ 33.508123] [] vfs_readv+0x78/0xb0 [ 33.513281] [] SyS_readv+0xd9/0x240 [ 33.518526] [] ? rw_copy_check_uvector+0x2b0/0x2b0 [ 33.525075] [] ? lockdep_sys_exit_thunk+0x12/0x14 [ 33.531538] [] entry_SYSCALL_64_fastpath+0x1c/0x98 executing program [ 33.538081] Code: c6 a0 0c 00 e9 78 fd ff ff 90 48 b8 00 00 00 00 00 fc ff df 55 48 89 e5 53 48 89 fb 48 83 c7 1c 48 89 fa 48 83 ec 08 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 49 [ 33.564680] RIP [] __free_pages+0x21/0x90 [ 33.570565] RSP [ 33.574164] general protection fault: 0000 [#2] [ 33.574619] ---[ end trace 46ea325c5f2dfd0b ]--- [ 33.574624] Kernel panic - not syncing: Fatal exception [ 33.588774] PREEMPT SMP KASAN [ 33.592498] Dumping ftrace buffer: [ 33.596006] (ftrace buffer empty) [ 33.599686] Modules linked in: [ 33.602967] CPU: 1 PID: 3819 Comm: syzkaller026148 Tainted: G D 4.4.120-gd63fdf6 #28 [ 33.611945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 33.621270] task: ffff8801c4dcc800 task.stack: ffff8801c53e0000 [ 33.627296] RIP: 0010:[] [] __free_pages+0x21/0x90 [ 33.635532] RSP: 0018:ffff8801c53e79f0 EFLAGS: 00010a07 [ 33.640949] RAX: dffffc0000000000 RBX: dead4ead00000000 RCX: ffffffff825b85eb [ 33.648188] RDX: 1bd5a9d5a0000003 RSI: 0000000000000006 RDI: dead4ead0000001c [ 33.655426] RBP: ffff8801c53e7a00 R08: 0000000048000000 R09: 0000000000001e30 [ 33.662666] R10: 0000000000002100 R11: 1ffff10038a7cf1c R12: 0000000000000004 [ 33.669905] R13: 0000000000000020 R14: ffff8801c531a100 R15: dffffc0000000000 [ 33.677147] FS: 00007f540584a700(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000 [ 33.685345] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 33.691200] CR2: 000000002085dff0 CR3: 00000000b1fe2000 CR4: 0000000000160670 [ 33.698445] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 33.705687] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 33.712925] Stack: [ 33.715042] 0000000000000246 ffff8801c531a258 ffff8801c53e7a60 ffffffff825b8611 [ 33.723020] ffff8801c531a270 ffffed0038a6344b ffffed0038a6344e ffff8801c531a268 [ 33.730997] dead4ead00000000 ffff8801c531a240 0000000000000000 0000000000000000 [ 33.738976] Call Trace: [ 33.741536] [] sg_remove_scat.isra.17+0x1c1/0x2d0 [ 33.747999] [] sg_finish_rem_req+0x2b5/0x340 [ 33.754026] [] sg_new_read.isra.18+0x17d/0x3c0 [ 33.760231] [] sg_read+0x8bc/0x1490 [ 33.765479] [] ? __check_object_size+0x154/0x35b [ 33.771853] [] ? sg_proc_seq_show_debug+0xda0/0xda0 [ 33.778487] [] ? fsnotify+0xee0/0xee0 [ 33.783909] [] ? avc_policy_seqno+0x9/0x20 [ 33.789765] [] do_loop_readv_writev+0x141/0x1e0 [ 33.796053] [] ? security_file_permission+0x89/0x1e0 [ 33.802778] [] ? sg_proc_seq_show_debug+0xda0/0xda0 [ 33.809415] [] ? sg_proc_seq_show_debug+0xda0/0xda0 [ 33.816051] [] do_readv_writev+0x5dd/0x6e0 [ 33.821908] [] ? vfs_write+0x530/0x530 [ 33.827418] [] ? _raw_spin_unlock+0x2c/0x50 [ 33.833362] [] ? do_huge_pmd_anonymous_page+0x3dd/0xa10 [ 33.840345] [] ? __fget+0x47/0x3b0 [ 33.845505] [] ? avc_policy_seqno+0x9/0x20 [ 33.851363] [] ? __fget+0x213/0x3b0 [ 33.856610] [] ? __fget+0x23a/0x3b0 [ 33.861859] [] ? __fget+0x47/0x3b0 [ 33.867017] [] vfs_readv+0x78/0xb0 [ 33.872175] [] SyS_readv+0xd9/0x240 [ 33.877424] [] ? rw_copy_check_uvector+0x2b0/0x2b0 [ 33.883972] [] ? trace_hardirqs_on_thunk+0x17/0x19 [ 33.890521] [] entry_SYSCALL_64_fastpath+0x1c/0x98 [ 33.897067] Code: c6 a0 0c 00 e9 78 fd ff ff 90 48 b8 00 00 00 00 00 fc ff df 55 48 89 e5 53 48 89 fb 48 83 c7 1c 48 89 fa 48 83 ec 08 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 49 [ 33.923871] RIP [] __free_pages+0x21/0x90 [ 33.929794] RSP [ 33.933816] Dumping ftrace buffer: [ 33.937332] (ftrace buffer empty) [ 33.941008] Kernel Offset: disabled [ 33.944601] Rebooting in 86400 seconds..