[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 12.853950] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 20.784035] random: sshd: uninitialized urandom read (32 bytes read) [ 21.000751] random: sshd: uninitialized urandom read (32 bytes read) [ 21.426584] random: sshd: uninitialized urandom read (32 bytes read) [ 36.348806] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.15.203' (ECDSA) to the list of known hosts. [ 41.849827] random: sshd: uninitialized urandom read (32 bytes read) executing program [ 41.971824] usercopy: kernel memory exposure attempt detected from ffff8801c01ffff2 (mm_struct) (57692 bytes) [ 41.981963] ------------[ cut here ]------------ [ 41.986706] kernel BUG at mm/usercopy.c:72! [ 41.992840] invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI [ 41.998721] Dumping ftrace buffer: [ 42.002248] (ftrace buffer empty) [ 42.005959] Modules linked in: [ 42.009125] CPU: 1 PID: 1967 Comm: syz-executor898 Not tainted 4.14.67+ #1 [ 42.016196] task: ffff8801c0088000 task.stack: ffff8801c02d0000 [ 42.022343] RIP: 0010:__check_object_size+0x311/0x3a2 [ 42.027525] RSP: 0018:ffff8801c02d7b58 EFLAGS: 00010282 [ 42.032869] RAX: 0000000000000061 RBX: 000000000000e15c RCX: 0000000000000000 [ 42.040116] RDX: 0000000000000000 RSI: ffffffff9ca69c00 RDI: ffffffff9e5ce3a0 [ 42.047403] RBP: ffff8801c01ffff2 R08: 0000000000000001 R09: 0000000000000000 [ 42.054677] R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff9cabfbe0 [ 42.062032] R13: 0000000000000001 R14: ffffffff9cabfba0 R15: ffffea0007007e00 [ 42.069278] FS: 0000000001d2a880(0000) GS:ffff8801dbb00000(0000) knlGS:0000000000000000 [ 42.077478] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 42.083332] CR2: 000055957da85470 CR3: 00000001c44de003 CR4: 00000000001606a0 [ 42.090575] Call Trace: [ 42.093156] bpf_test_finish.isra.0+0xba/0x190 [ 42.097728] ? bpf_test_run+0x350/0x350 [ 42.101678] ? kvm_clock_read+0x1f/0x30 [ 42.105624] ? ktime_get+0x17f/0x1c0 [ 42.109312] ? bpf_test_run+0x280/0x350 [ 42.113263] bpf_prog_test_run_skb+0x4d0/0x8c0 [ 42.117820] ? bpf_test_init.isra.1+0xc0/0xc0 [ 42.122292] ? __fget_light+0x163/0x1f0 [ 42.126241] ? bpf_prog_add+0x42/0xa0 [ 42.130023] ? bpf_test_init.isra.1+0xc0/0xc0 [ 42.134498] SyS_bpf+0x79d/0x3640 [ 42.137925] ? bpf_prog_get+0x20/0x20 [ 42.141701] ? __do_page_fault+0x485/0xb60 [ 42.145912] ? lock_downgrade+0x560/0x560 [ 42.150044] ? up_read+0x17/0x30 [ 42.153388] ? __do_page_fault+0x64c/0xb60 [ 42.157599] ? do_syscall_64+0x43/0x4b0 [ 42.161552] ? bpf_prog_get+0x20/0x20 [ 42.165322] do_syscall_64+0x19b/0x4b0 [ 42.169188] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 42.174348] RIP: 0033:0x440259 [ 42.177597] RSP: 002b:00007fffaf77e3e8 EFLAGS: 00000213 ORIG_RAX: 0000000000000141 [ 42.185280] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440259 [ 42.192523] RDX: 0000000000000028 RSI: 00000000200001c0 RDI: 000000000000000a [ 42.199775] RBP: 00000000006ca018 R08: 0000000000000000 R09: 00000000004002c8 [ 42.207071] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000000401ae0 [ 42.214327] R13: 0000000000401b70 R14: 0000000000000000 R15: 0000000000000000 [ 42.221581] Code: fb ab 9c 4c 0f 45 e2 e8 be d6 db ff 48 8b 04 24 49 89 d9 48 89 e9 4c 89 f2 4c 89 e6 48 c7 c7 20 fc ab 9c 49 89 c0 e8 5a 1b cd ff <0f> 0b 4c 89 ff e8 55 cf fd ff e9 09 fe ff ff 4c 89 ff e8 48 cf [ 42.240656] RIP: __check_object_size+0x311/0x3a2 RSP: ffff8801c02d7b58 [ 42.247416] ---[ end trace a8a7bbaf3c5ad891 ]--- [ 42.252263] Kernel panic - not syncing: Fatal exception [ 42.257912] Dumping ftrace buffer: [ 42.261434] (ftrace buffer empty) [ 42.265121] Kernel Offset: 0x19c00000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff) [ 42.276011] Rebooting in 86400 seconds..