[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 20.232973] random: sshd: uninitialized urandom read (32 bytes read, 32 bits of entropy available) [?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 25.222368] random: sshd: uninitialized urandom read (32 bytes read, 37 bits of entropy available) [ 25.586742] random: sshd: uninitialized urandom read (32 bytes read, 38 bits of entropy available) [ 26.531286] random: sshd: uninitialized urandom read (32 bytes read, 114 bits of entropy available) [ 35.247958] random: sshd: uninitialized urandom read (32 bytes read, 122 bits of entropy available) Warning: Permanently added '10.128.0.47' (ECDSA) to the list of known hosts. [ 40.677370] random: sshd: uninitialized urandom read (32 bytes read, 128 bits of entropy available) executing program executing program [ 40.766703] kasan: CONFIG_KASAN_INLINE enabled [ 40.771468] kasan: GPF could be caused by NULL-ptr deref or user memory accessgeneral protection fault: 0000 [#1] PREEMPT SMP KASAN [ 40.784279] Dumping ftrace buffer: [ 40.787785] (ftrace buffer empty) [ 40.791464] Modules linked in: [ 40.794745] CPU: 0 PID: 3798 Comm: syzkaller895299 Not tainted 4.4.118-g5f7f76a #24 [ 40.797160] kasan: CONFIG_KASAN_INLINE enabled [ 40.807051] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 40.807051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 40.823698] task: ffff8801c6918000 task.stack: ffff8800aa730000 [ 40.829721] RIP: 0010:[] [] __free_pages+0x21/0x90 [ 40.837952] RSP: 0018:ffff8800aa7379f0 EFLAGS: 00010a07 [ 40.843366] RAX: dffffc0000000000 RBX: dead4ead00000000 RCX: ffffffff825b855b [ 40.850604] RDX: 1bd5a9d5a0000003 RSI: 0000000000000001 RDI: dead4ead0000001c [ 40.857841] RBP: ffff8800aa737a00 R08: 0000000000000001 R09: 0000000000000000 [ 40.865077] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000004 [ 40.872315] R13: 0000000000000020 R14: ffff8801c4ff2100 R15: dffffc0000000000 [ 40.879553] FS: 00007f9a28fbd700(0000) GS:ffff8801db200000(0000) knlGS:0000000000000000 [ 40.887744] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 40.893594] CR2: 0000000020ef0fe0 CR3: 00000001ca896000 CR4: 0000000000160670 [ 40.900832] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 40.908068] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 40.915304] Stack: [ 40.917418] 0000000000000000 ffff8801c4ff2258 ffff8800aa737a60 ffffffff825b8581 [ 40.925394] ffff8801c4ff2270 ffffed00389fe44b ffffed00389fe44e ffff8801c4ff2268 [ 40.933365] dead4ead00000000 ffff8801c4ff2240 0000000000000000 0000000000000000 [ 40.941333] Call Trace: [ 40.943891] [] sg_remove_scat.isra.17+0x1c1/0x2d0 [ 40.950436] [] sg_finish_rem_req+0x2b5/0x340 [ 40.956459] [] sg_new_read.isra.18+0x39/0x3c0 [ 40.962577] [] ? sg_get_rq_mark+0x142/0x190 [ 40.968513] [] sg_read+0x8bc/0x1490 [ 40.973760] [] ? __check_object_size+0x154/0x35b [ 40.980131] [] ? sg_proc_seq_show_debug+0xda0/0xda0 [ 40.986766] [] ? fsnotify+0xee0/0xee0 [ 40.992184] [] ? avc_policy_seqno+0x9/0x20 [ 40.998034] [] do_loop_readv_writev+0x141/0x1e0 [ 41.004320] [] ? security_file_permission+0x89/0x1e0 [ 41.011041] [] ? sg_proc_seq_show_debug+0xda0/0xda0 [ 41.017681] [] ? sg_proc_seq_show_debug+0xda0/0xda0 [ 41.024312] [] do_readv_writev+0x5dd/0x6e0 [ 41.030163] [] ? vfs_write+0x530/0x530 [ 41.035667] [] ? __fget+0x213/0x3b0 [ 41.040911] [] ? __fget+0x23a/0x3b0 [ 41.046172] [] ? __fget+0x47/0x3b0 [ 41.051330] [] vfs_readv+0x78/0xb0 [ 41.056485] [] SyS_readv+0xd9/0x240 [ 41.061729] [] ? rw_copy_check_uvector+0x2b0/0x2b0 [ 41.068274] [] ? lockdep_sys_exit_thunk+0x12/0x14 [ 41.074734] [] entry_SYSCALL_64_fastpath+0x1c/0x98 [ 41.081275] Code: c6 a0 0c 00 e9 78 fd ff ff 90 48 b8 00 00 00 00 00 fc ff df 55 48 89 e5 53 48 89 fb 48 83 c7 1c 48 89 fa 48 83 ec 08 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 49 [ 41.107842] RIP [] __free_pages+0x21/0x90 [ 41.113724] RSP [ 41.117333] general protection fault: 0000 [#2] [ 41.117672] ---[ end trace b8259e49677b1b86 ]--- [ 41.117674] Kernel panic - not syncing: Fatal exception [ 41.131953] PREEMPT SMP KASAN [ 41.135667] Dumping ftrace buffer: [ 41.139184] (ftrace buffer empty) [ 41.142863] Modules linked in: [ 41.146142] CPU: 1 PID: 3799 Comm: syzkaller895299 Tainted: G D 4.4.118-g5f7f76a #24 [ 41.155120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 41.164444] task: ffff8800aa6e8000 task.stack: ffff8800aa6b8000 [ 41.170468] RIP: 0010:[] [] __free_pages+0x21/0x90 [ 41.178698] RSP: 0018:ffff8800aa6bf9f0 EFLAGS: 00010a07 [ 41.184116] RAX: dffffc0000000000 RBX: dead4ead00000000 RCX: ffffffff825b855b [ 41.191357] RDX: 1bd5a9d5a0000003 RSI: 0000000000000001 RDI: dead4ead0000001c [ 41.198594] RBP: ffff8800aa6bfa00 R08: 0000000000000000 R09: 0000000000000000 [ 41.205831] R10: 0000000000000000 R11: 1ffff100154d7f1e R12: 0000000000000004 [ 41.213070] R13: 0000000000000020 R14: ffff8801cfe7c200 R15: dffffc0000000000 [ 41.220308] FS: 00007f9a28f9c700(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000 [ 41.228500] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 41.234347] CR2: 00007f9a28f9be78 CR3: 00000001ca896000 CR4: 0000000000160670 [ 41.241585] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 41.248823] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 41.256058] Stack: [ 41.258174] 0000000000000000 ffff8801cfe7c358 ffff8800aa6bfa60 ffffffff825b8581 [ 41.266139] ffff8801cfe7c370 ffffed0039fcf86b ffffed0039fcf86e ffff8801cfe7c368 [ 41.274097] dead4ead00000000 ffff8801cfe7c340 0000000000000000 0000000000000000 [ 41.282060] Call Trace: [ 41.284622] [] sg_remove_scat.isra.17+0x1c1/0x2d0 [ 41.291080] [] sg_finish_rem_req+0x2b5/0x340 [ 41.297104] [] sg_new_read.isra.18+0x39/0x3c0 [ 41.303214] [] ? sg_get_rq_mark+0x142/0x190 [ 41.309167] [] sg_read+0x8bc/0x1490 [ 41.314412] [] ? __check_object_size+0x154/0x35b [ 41.320786] [] ? sg_proc_seq_show_debug+0xda0/0xda0 [ 41.327428] [] ? fsnotify+0xee0/0xee0 [ 41.332847] [] ? avc_policy_seqno+0x9/0x20 [ 41.338717] [] do_loop_readv_writev+0x141/0x1e0 [ 41.345005] [] ? security_file_permission+0x89/0x1e0 [ 41.351727] [] ? sg_proc_seq_show_debug+0xda0/0xda0 [ 41.358362] [] ? sg_proc_seq_show_debug+0xda0/0xda0 [ 41.364993] [] do_readv_writev+0x5dd/0x6e0 [ 41.370844] [] ? vfs_write+0x530/0x530 [ 41.376347] [] ? __fget+0x47/0x3b0 [ 41.381505] [] ? __fget+0x213/0x3b0 [ 41.386749] [] ? __fget+0x23a/0x3b0 [ 41.391991] [] ? __fget+0x47/0x3b0 [ 41.397148] [] vfs_readv+0x78/0xb0 [ 41.402306] [] SyS_readv+0xd9/0x240 [ 41.407552] [] ? rw_copy_check_uvector+0x2b0/0x2b0 [ 41.414098] [] ? finish_task_switch+0x1e7/0x4e0 [ 41.420386] [] ? lockdep_sys_exit_thunk+0x12/0x14 [ 41.426847] [] entry_SYSCALL_64_fastpath+0x1c/0x98 [ 41.433388] Code: c6 a0 0c 00 e9 78 fd ff ff 90 48 b8 00 00 00 00 00 fc ff df 55 48 89 e5 53 48 89 fb 48 83 c7 1c 48 89 fa 48 83 ec 08 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 49 [ 41.459964] RIP [] __free_pages+0x21/0x90 [ 41.465842] RSP [ 41.469825] Dumping ftrace buffer: [ 41.473358] (ftrace buffer empty) [ 41.477043] Kernel Offset: disabled [ 41.480639] Rebooting in 86400 seconds..