[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 19.032937] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 22.094675] random: sshd: uninitialized urandom read (32 bytes read) [ 22.561190] random: sshd: uninitialized urandom read (32 bytes read) [ 23.429189] random: sshd: uninitialized urandom read (32 bytes read) [ 824.715601] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.46' (ECDSA) to the list of known hosts. [ 830.126732] random: sshd: uninitialized urandom read (32 bytes read) 2018/07/29 12:23:39 parsed 1 programs [ 831.328121] random: cc1: uninitialized urandom read (8 bytes read) 2018/07/29 12:23:41 executed programs: 0 [ 832.477526] IPVS: ftp: loaded support on port[0] = 21 [ 832.696248] bridge0: port 1(bridge_slave_0) entered blocking state [ 832.702769] bridge0: port 1(bridge_slave_0) entered disabled state [ 832.710555] device bridge_slave_0 entered promiscuous mode [ 832.729137] bridge0: port 2(bridge_slave_1) entered blocking state [ 832.735657] bridge0: port 2(bridge_slave_1) entered disabled state [ 832.742812] device bridge_slave_1 entered promiscuous mode [ 832.759175] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 832.775145] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 832.820672] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 832.838811] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 832.909496] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 832.916908] team0: Port device team_slave_0 added [ 832.932086] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 832.939466] team0: Port device team_slave_1 added [ 832.955316] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 832.972701] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 832.990512] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 833.007980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 833.136583] bridge0: port 2(bridge_slave_1) entered blocking state [ 833.143116] bridge0: port 2(bridge_slave_1) entered forwarding state [ 833.150094] bridge0: port 1(bridge_slave_0) entered blocking state [ 833.156478] bridge0: port 1(bridge_slave_0) entered forwarding state [ 833.606758] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 833.612900] 8021q: adding VLAN 0 to HW filter on device bond0 [ 833.660501] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 833.696958] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 833.713648] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 833.720058] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 833.727332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 833.766635] 8021q: adding VLAN 0 to HW filter on device team0 2018/07/29 12:23:46 executed programs: 41 2018/07/29 12:23:51 executed programs: 94 2018/07/29 12:23:56 executed programs: 151 2018/07/29 12:24:01 executed programs: 207 2018/07/29 12:24:06 executed programs: 263 2018/07/29 12:24:11 executed programs: 317 2018/07/29 12:24:16 executed programs: 372 2018/07/29 12:24:21 executed programs: 428 2018/07/29 12:24:26 executed programs: 484 2018/07/29 12:24:31 executed programs: 540 2018/07/29 12:24:36 executed programs: 598 2018/07/29 12:24:41 executed programs: 654 2018/07/29 12:24:46 executed programs: 712 2018/07/29 12:24:51 executed programs: 768 2018/07/29 12:24:56 executed programs: 824 2018/07/29 12:25:02 executed programs: 880 2018/07/29 12:25:07 executed programs: 935 2018/07/29 12:25:12 executed programs: 991 2018/07/29 12:25:17 executed programs: 1044 2018/07/29 12:25:22 executed programs: 1102 2018/07/29 12:25:27 executed programs: 1156 2018/07/29 12:25:32 executed programs: 1213 2018/07/29 12:25:37 executed programs: 1270 2018/07/29 12:25:42 executed programs: 1325 2018/07/29 12:25:47 executed programs: 1381 2018/07/29 12:25:52 executed programs: 1438 2018/07/29 12:25:57 executed programs: 1495 2018/07/29 12:26:02 executed programs: 1551 2018/07/29 12:26:07 executed programs: 1607 2018/07/29 12:26:12 executed programs: 1663 2018/07/29 12:26:17 executed programs: 1718 2018/07/29 12:26:22 executed programs: 1774 [ 994.046214] random: crng init done 2018/07/29 12:26:27 executed programs: 1830 2018/07/29 12:26:32 executed programs: 1884 2018/07/29 12:26:37 executed programs: 1940 2018/07/29 12:26:42 executed programs: 1995 2018/07/29 12:26:47 executed programs: 2050 2018/07/29 12:26:52 executed programs: 2105 2018/07/29 12:26:58 executed programs: 2159 2018/07/29 12:27:03 executed programs: 2216 2018/07/29 12:27:08 executed programs: 2270 2018/07/29 12:27:13 executed programs: 2325 2018/07/29 12:27:18 executed programs: 2381 2018/07/29 12:27:23 executed programs: 2438 2018/07/29 12:27:28 executed programs: 2494 2018/07/29 12:27:33 executed programs: 2548 2018/07/29 12:27:38 executed programs: 2605 2018/07/29 12:27:43 executed programs: 2662 2018/07/29 12:27:48 executed programs: 2718 2018/07/29 12:27:53 executed programs: 2773 2018/07/29 12:27:58 executed programs: 2828 2018/07/29 12:28:03 executed programs: 2884 2018/07/29 12:28:08 executed programs: 2938 2018/07/29 12:28:13 executed programs: 2994 2018/07/29 12:28:18 executed programs: 3049 2018/07/29 12:28:23 executed programs: 3103 2018/07/29 12:28:28 executed programs: 3157 2018/07/29 12:28:33 executed programs: 3212 2018/07/29 12:28:39 executed programs: 3270 2018/07/29 12:28:44 executed programs: 3326 2018/07/29 12:28:49 executed programs: 3380 2018/07/29 12:28:54 executed programs: 3433 2018/07/29 12:28:59 executed programs: 3489 2018/07/29 12:29:04 executed programs: 3544 2018/07/29 12:29:09 executed programs: 3600 2018/07/29 12:29:14 executed programs: 3656 2018/07/29 12:29:19 executed programs: 3711 2018/07/29 12:29:24 executed programs: 3769 [ 1180.633445] ------------[ cut here ]------------ [ 1180.638380] kernel BUG at net/ipv4/ip_output.c:775! [ 1180.643530] invalid opcode: 0000 [#1] SMP KASAN [ 1180.648208] CPU: 0 PID: 19991 Comm: syz-executor0 Not tainted 4.18.0-rc6+ #167 [ 1180.655549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1180.665013] RIP: 0010:ip_do_fragment+0x2436/0x2aa0 [ 1180.669928] Code: 8b 8d 70 fe ff ff e9 99 e8 ff ff 4c 89 ef e8 c1 77 40 fc e9 7b e9 ff ff 4c 89 f7 e8 b4 77 40 fc e9 f3 e5 ff ff e8 ea 9b 02 fc <0f> 0b 4c 89 e7 e8 a0 77 40 fc e9 b7 e8 ff ff 4c 89 f7 89 8d 70 fe [ 1180.689685] RSP: 0018:ffff8801d0286880 EFLAGS: 00010293 [ 1180.695052] RAX: ffff8801b3a64780 RBX: ffff8801d972d5c0 RCX: ffffffff85796616 [ 1180.702303] RDX: 0000000000000000 RSI: ffffffff85797c66 RDI: 0000000000000005 [ 1180.709567] RBP: ffff8801d0286a58 R08: ffff8801b3a64780 R09: ffffed00354f0032 [ 1180.716819] R10: ffffed00354f0034 R11: ffff8801aa7801a3 R12: ffff8801d972d684 [ 1180.724167] R13: 00000000fffffff2 R14: ffff8801d972d690 R15: dffffc0000000000 [ 1180.731439] FS: 00007f2b29944700(0000) GS:ffff8801db000000(0000) knlGS:0000000000000000 [ 1180.739652] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1180.745525] CR2: 0000000000728000 CR3: 00000001c5a2b000 CR4: 00000000001406f0 [ 1180.752792] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1180.760053] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1180.767317] Call Trace: [ 1180.769962] ? trace_hardirqs_on+0xd/0x10 [ 1180.774120] ? ip_copy_metadata+0xb30/0xb30 [ 1180.778444] ? ip_finish_output2+0x1860/0x1860 [ 1180.783017] ? graph_lock+0x170/0x170 [ 1180.786815] ? graph_lock+0x170/0x170 [ 1180.790683] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1180.796237] ? ipv4_mtu+0x37d/0x590 [ 1180.799858] ? __build_flow_key.constprop.53+0x5f0/0x5f0 [ 1180.805310] ? find_held_lock+0x36/0x1c0 [ 1180.809366] ip_fragment.constprop.49+0x179/0x240 [ 1180.814210] ip_finish_output+0x6e4/0xfa0 [ 1180.818354] ? ip_fragment.constprop.49+0x240/0x240 [ 1180.823409] ? kasan_check_read+0x11/0x20 [ 1180.827587] ? rcu_is_watching+0x8c/0x150 [ 1180.831718] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 1180.836232] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1180.841311] ? nf_hook_slow+0x11e/0x1c0 [ 1180.845275] ip_output+0x223/0x880 [ 1180.848795] ? __ip_local_out+0x5e3/0xb50 [ 1180.853037] ? ip_mc_output+0x15d0/0x15d0 [ 1180.857872] ? rcu_is_watching+0x8c/0x150 [ 1180.862023] ? ip_fragment.constprop.49+0x240/0x240 [ 1180.867102] ? __bpf_redirect+0x563/0xa80 [ 1180.871247] ? __ip_select_ident+0x170/0x2a0 [ 1180.875657] ? ip_idents_reserve+0x310/0x310 [ 1180.880050] ip_local_out+0xc5/0x1b0 [ 1180.883813] iptunnel_xmit+0x53b/0x800 [ 1180.887772] ip_tunnel_xmit+0x1598/0x3af1 [ 1180.891918] ? quarantine_put+0x10d/0x1b0 [ 1180.896056] ? ip_md_tunnel_xmit+0x1670/0x1670 [ 1180.900634] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 1180.906175] ? kasan_check_write+0x14/0x20 [ 1180.910463] ? pskb_expand_head+0x6b3/0x10e0 [ 1180.914901] ? __pskb_copy_fclone+0xeb0/0xeb0 [ 1180.919391] ? print_usage_bug+0xc0/0xc0 [ 1180.923459] ? trace_hardirqs_on+0x10/0x10 [ 1180.927728] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1180.932578] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1180.938122] __gre_xmit+0x5b7/0x950 [ 1180.941761] ipgre_xmit+0x3e8/0xb50 [ 1180.945401] ? gre_tap_xmit+0x590/0x590 [ 1180.949364] ? __lock_is_held+0xb5/0x140 [ 1180.953450] dev_hard_start_xmit+0x26c/0xc30 [ 1180.957858] ? dev_direct_xmit+0x6b0/0x6b0 [ 1180.962087] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1180.967610] ? netif_skb_features+0x690/0xb70 [ 1180.972135] ? validate_xmit_xfrm+0x1ef/0xdc0 [ 1180.976628] ? lock_acquire+0x1e4/0x540 [ 1180.980598] ? validate_xmit_skb+0x80c/0xf30 [ 1180.985001] ? netif_skb_features+0xb70/0xb70 [ 1180.989514] __dev_queue_xmit+0x29c2/0x38e0 [ 1180.993833] ? skb_ensure_writable+0x3dd/0x640 [ 1180.998415] ? bpf_clone_redirect+0x14a/0x490 [ 1181.002901] ? bpf_prog_bebbfe2050753572+0xe5c/0x1000 [ 1181.008086] ? netdev_pick_tx+0x2d0/0x2d0 [ 1181.012305] ? kernel_text_address+0x79/0xf0 [ 1181.016705] ? __lock_is_held+0xb5/0x140 [ 1181.020752] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1181.025763] ? skb_release_data+0x1c4/0x880 [ 1181.030082] ? kmem_cache_alloc_node_trace+0x34e/0x770 [ 1181.035354] ? kasan_unpoison_shadow+0x35/0x50 [ 1181.039929] ? skb_tx_error+0x2f0/0x2f0 [ 1181.043892] ? kasan_kmalloc+0xc4/0xe0 [ 1181.047777] ? __kmalloc_node_track_caller+0x47/0x70 [ 1181.052879] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 1181.058410] ? kasan_check_write+0x14/0x20 [ 1181.062629] ? pskb_expand_head+0x6b3/0x10e0 [ 1181.067042] ? __pskb_copy_fclone+0xeb0/0xeb0 [ 1181.071522] ? memcpy+0x45/0x50 [ 1181.074873] ? __copy_skb_header+0x32f/0x550 [ 1181.079441] ? sock_spd_release+0x2e0/0x2e0 [ 1181.083754] ? __lock_is_held+0xb5/0x140 [ 1181.087802] ? kasan_check_write+0x14/0x20 [ 1181.092028] ? __skb_clone+0x6c7/0xa00 [ 1181.095911] ? __copy_skb_header+0x550/0x550 [ 1181.100306] ? skb_ensure_writable+0x15e/0x640 [ 1181.104870] dev_queue_xmit+0x17/0x20 [ 1181.108663] ? dev_queue_xmit+0x17/0x20 [ 1181.112622] __bpf_redirect+0x563/0xa80 [ 1181.116580] bpf_clone_redirect+0x2f6/0x490 [ 1181.120887] bpf_prog_bebbfe2050753572+0xe5c/0x1000 [ 1181.125890] ? lock_downgrade+0x8f0/0x8f0 [ 1181.130045] ? find_held_lock+0x36/0x1c0 [ 1181.134442] ? lock_acquire+0x1e4/0x540 [ 1181.138424] ? bpf_test_run+0x1f3/0x3b0 [ 1181.142436] ? lock_downgrade+0x8f0/0x8f0 [ 1181.146592] ? kasan_check_read+0x11/0x20 [ 1181.150733] ? rcu_is_watching+0x8c/0x150 [ 1181.154876] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 1181.159285] ? bpf_test_run+0xaf/0x3b0 [ 1181.163175] ? bpf_prog_test_run_skb+0x62f/0xb40 [ 1181.167916] ? bpf_test_finish.isra.8+0x1f0/0x1f0 [ 1181.172747] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1181.178341] ? fput+0x130/0x1a0 [ 1181.181651] ? __bpf_prog_get+0x9b/0x290 [ 1181.185702] ? bpf_test_finish.isra.8+0x1f0/0x1f0 [ 1181.190700] ? bpf_prog_test_run+0x130/0x1a0 [ 1181.195092] ? __x64_sys_bpf+0x3d8/0x510 [ 1181.199141] ? bpf_prog_get+0x20/0x20 [ 1181.202937] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1181.208478] ? do_syscall_64+0x9a/0x820 [ 1181.212443] ? do_syscall_64+0x1b9/0x820 [ 1181.216540] ? finish_task_switch+0x1d3/0x870 [ 1181.221030] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1181.226053] ? syscall_return_slowpath+0x31d/0x5e0 [ 1181.231076] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1181.236439] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1181.241279] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1181.246645] Modules linked in: [ 1181.249823] Dumping ftrace buffer: [ 1181.253340] (ftrace buffer empty) [ 1181.257070] ---[ end trace 8efde2b6612ed290 ]--- [ 1181.261850] RIP: 0010:ip_do_fragment+0x2436/0x2aa0 [ 1181.267146] Code: 8b 8d 70 fe ff ff e9 99 e8 ff ff 4c 89 ef e8 c1 77 40 fc e9 7b e9 ff ff 4c 89 f7 e8 b4 77 40 fc e9 f3 e5 ff ff e8 ea 9b 02 fc <0f> 0b 4c 89 e7 e8 a0 77 40 fc e9 b7 e8 ff ff 4c 89 f7 89 8d 70 fe [ 1181.286406] RSP: 0018:ffff8801d0286880 EFLAGS: 00010293 [ 1181.291791] RAX: ffff8801b3a64780 RBX: ffff8801d972d5c0 RCX: ffffffff85796616 [ 1181.299079] RDX: 0000000000000000 RSI: ffffffff85797c66 RDI: 0000000000000005 [ 1181.306361] RBP: ffff8801d0286a58 R08: ffff8801b3a64780 R09: ffffed00354f0032 [ 1181.313646] R10: ffffed00354f0034 R11: ffff8801aa7801a3 R12: ffff8801d972d684 [ 1181.320932] R13: 00000000fffffff2 R14: ffff8801d972d690 R15: dffffc0000000000 [ 1181.328208] FS: 00007f2b29944700(0000) GS:ffff8801db000000(0000) knlGS:0000000000000000 [ 1181.336450] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1181.342337] CR2: 0000000000728000 CR3: 00000001c5a2b000 CR4: 00000000001406f0 [ 1181.349615] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1181.356893] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1181.364274] Kernel panic - not syncing: Fatal exception in interrupt [ 1181.371263] Dumping ftrace buffer: [ 1181.374800] (ftrace buffer empty) [ 1181.378496] Kernel Offset: disabled [ 1181.382105] Rebooting in 86400 seconds..