[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 18.237978] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. [ 19.342311] random: sshd: uninitialized urandom read (32 bytes read) Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 19.667582] random: sshd: uninitialized urandom read (32 bytes read) [ 20.608560] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.10.41' (ECDSA) to the list of known hosts. [ 26.075074] random: sshd: uninitialized urandom read (32 bytes read) 2018/06/01 07:23:09 fuzzer started 2018/06/01 07:23:10 connecting to host at 10.128.0.26:45093 2018/06/01 07:23:10 checking config... [ 48.250749] can: request_module (can-proto-0) failed. [ 48.259654] can: request_module (can-proto-0) failed. 2018/06/01 07:23:33 enabled syscalls: 1736 2018/06/01 07:23:33 testing simple program... [ 49.841593] IPVS: ftp: loaded support on port[0] = 21 [ 50.024812] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.031269] bridge0: port 1(bridge_slave_0) entered disabled state [ 50.038633] device bridge_slave_0 entered promiscuous mode [ 50.053825] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.060175] bridge0: port 2(bridge_slave_1) entered disabled state [ 50.067285] device bridge_slave_1 entered promiscuous mode [ 50.082283] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 50.097215] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 50.135224] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 50.152777] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 50.208870] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 50.216082] team0: Port device team_slave_0 added [ 50.229950] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 50.236957] team0: Port device team_slave_1 added [ 50.250716] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 50.266912] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 50.281789] kasan: CONFIG_KASAN_INLINE enabled [ 50.286451] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 50.293829] general protection fault: 0000 [#1] SMP KASAN [ 50.299356] Dumping ftrace buffer: [ 50.302869] (ftrace buffer empty) [ 50.306554] Modules linked in: [ 50.309727] CPU: 0 PID: 4569 Comm: ip Not tainted 4.17.0-rc6+ #71 [ 50.315931] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 50.325279] RIP: 0010:rtnl_newlink+0x695/0x1d80 [ 50.329923] RSP: 0018:ffff8801b3d26f10 EFLAGS: 00010206 [ 50.335262] RAX: 0000000000000011 RBX: dffffc0000000000 RCX: 0000000000000000 [ 50.342507] RDX: 0000000000000000 RSI: ffffffff85e73c57 RDI: 0000000000000088 [ 50.349754] RBP: ffff8801b3d27618 R08: ffffed00367a4e08 R09: ffffed00367a4e0e [ 50.357002] R10: ffffed00367a4e07 R11: ffff8801b3d2703f R12: ffff8801b3d275f0 [ 50.364255] R13: 0000000000000000 R14: 0000000000000000 R15: ffff8801b3d27390 [ 50.371509] FS: 00007f728b875700(0000) GS:ffff8801dae00000(0000) knlGS:0000000000000000 [ 50.379722] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 50.385581] CR2: 000000000063f210 CR3: 00000001b416b000 CR4: 00000000001406f0 [ 50.392830] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 50.400079] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 50.407328] Call Trace: [ 50.409917] ? rtnl_link_unregister+0x370/0x370 [ 50.414580] ? print_usage_bug+0xc0/0xc0 [ 50.418627] ? print_usage_bug+0xc0/0xc0 [ 50.422670] ? print_usage_bug+0xc0/0xc0 [ 50.426710] ? lock_acquire+0x1dc/0x520 [ 50.430689] ? rtnetlink_rcv_msg+0x40a/0xc10 [ 50.435087] ? graph_lock+0x170/0x170 [ 50.438898] ? lock_release+0xa10/0xa10 [ 50.442855] ? check_same_owner+0x320/0x320 [ 50.447165] ? rcu_note_context_switch+0x710/0x710 [ 50.452075] ? __lock_acquire+0x7f5/0x5140 [ 50.456298] ? __might_sleep+0x95/0x190 [ 50.460267] ? kasan_check_write+0x14/0x20 [ 50.464489] ? __mutex_lock+0x7d9/0x17f0 [ 50.468533] ? rtnetlink_rcv_msg+0x40a/0xc10 [ 50.472923] ? debug_check_no_locks_freed+0x310/0x310 [ 50.478103] ? lock_downgrade+0x8e0/0x8e0 [ 50.482235] ? mutex_trylock+0x2a0/0x2a0 [ 50.486282] ? kasan_check_read+0x11/0x20 [ 50.490435] ? rcu_is_watching+0x85/0x140 [ 50.494562] ? __lock_acquire+0x7f5/0x5140 [ 50.498784] ? graph_lock+0x170/0x170 [ 50.502584] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 50.508105] ? rtnl_get_link+0x164/0x350 [ 50.512147] ? rtnl_dump_all+0x5e0/0x5e0 [ 50.516196] ? rcu_is_watching+0x85/0x140 [ 50.520334] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 50.525502] ? __netlink_ns_capable+0x100/0x130 [ 50.530147] ? rtnl_link_unregister+0x370/0x370 [ 50.534795] rtnetlink_rcv_msg+0x466/0xc10 [ 50.539018] ? rtnetlink_put_metrics+0x690/0x690 [ 50.543763] netlink_rcv_skb+0x172/0x440 [ 50.547803] ? rtnetlink_put_metrics+0x690/0x690 [ 50.552537] ? netlink_ack+0xbc0/0xbc0 [ 50.556412] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 50.561596] ? netlink_skb_destructor+0x210/0x210 [ 50.566416] rtnetlink_rcv+0x1c/0x20 [ 50.570109] netlink_unicast+0x58b/0x740 [ 50.574148] ? netlink_attachskb+0x970/0x970 [ 50.578534] ? import_iovec+0x24b/0x420 [ 50.582496] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 50.587499] ? security_netlink_send+0x88/0xb0 [ 50.592058] netlink_sendmsg+0x9f0/0xfa0 [ 50.596105] ? netlink_unicast+0x740/0x740 [ 50.600330] ? security_socket_sendmsg+0x94/0xc0 [ 50.605066] ? netlink_unicast+0x740/0x740 [ 50.609284] sock_sendmsg+0xd5/0x120 [ 50.612978] ___sys_sendmsg+0x805/0x940 [ 50.616942] ? __handle_mm_fault+0x93a/0x4310 [ 50.621416] ? copy_msghdr_from_user+0x560/0x560 [ 50.626152] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 50.630883] ? graph_lock+0x170/0x170 [ 50.634674] ? find_held_lock+0x36/0x1c0 [ 50.638723] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 50.644264] ? __fget_light+0x2ef/0x430 [ 50.648235] ? fget_raw+0x20/0x20 [ 50.651676] ? find_held_lock+0x36/0x1c0 [ 50.655729] ? lock_downgrade+0x8e0/0x8e0 [ 50.659856] ? handle_mm_fault+0x8c0/0xc70 [ 50.664083] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 50.669600] ? sockfd_lookup_light+0xc5/0x160 [ 50.674088] __sys_sendmsg+0x115/0x270 [ 50.677969] ? __ia32_sys_shutdown+0x80/0x80 [ 50.682375] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 50.687901] ? __do_page_fault+0x441/0xe40 [ 50.692129] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 50.696957] __x64_sys_sendmsg+0x78/0xb0 [ 50.700999] do_syscall_64+0x1b1/0x800 [ 50.704886] ? syscall_return_slowpath+0x5c0/0x5c0 [ 50.709795] ? syscall_return_slowpath+0x30f/0x5c0 [ 50.714705] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 50.720229] ? retint_user+0x18/0x18 [ 50.723933] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 50.728758] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 50.733933] RIP: 0033:0x7f728af96320 [ 50.737630] RSP: 002b:00007ffee2683548 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 50.745315] RAX: ffffffffffffffda RBX: 00007ffee2687640 RCX: 00007f728af96320 [ 50.752561] RDX: 0000000000000000 RSI: 00007ffee2683580 RDI: 0000000000000003 [ 50.759814] RBP: 00007ffee2683580 R08: 0000000000000000 R09: 0000000000000000 [ 50.767062] R10: 0000000000000000 R11: 0000000000000246 R12: 000000005b10f478 [ 50.774308] R13: 0000000000000000 R14: 00000000006395c0 R15: 00007ffee2687e10 [ 50.781554] Code: 88 95 0a 00 00 e8 1c ff 91 fb 48 83 bd 80 f9 ff ff 00 0f 84 fb 03 00 00 e8 09 ff 91 fb 49 8d bd 88 00 00 00 48 89 f8 48 c1 e8 03 <0f> b6 04 18 84 c0 74 08 3c 03 0f 8e 90 14 00 00 45 8b b5 88 00 [ 50.800690] RIP: rtnl_newlink+0x695/0x1d80 RSP: ffff8801b3d26f10 [ 50.807198] ---[ end trace 97357f95df2d5c3a ]--- [ 50.811969] Kernel panic - not syncing: Fatal exception [ 50.817775] Dumping ftrace buffer: [ 50.821291] (ftrace buffer empty) [ 50.824975] Kernel Offset: disabled [ 50.828576] Rebooting in 86400 seconds..