[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 19.915399] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. [ 20.883444] random: sshd: uninitialized urandom read (32 bytes read) Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 21.388637] random: sshd: uninitialized urandom read (32 bytes read) [ 22.205757] random: sshd: uninitialized urandom read (32 bytes read) [ 22.363602] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.10.29' (ECDSA) to the list of known hosts. [ 28.004964] random: sshd: uninitialized urandom read (32 bytes read) executing program [ 28.096082] BUG: unable to handle kernel NULL pointer dereference at 0000000000000000 [ 28.104083] PGD 1afa4f067 P4D 1afa4f067 PUD 1ad9cd067 PMD 0 [ 28.109874] Oops: 0010 [#1] SMP KASAN [ 28.113652] CPU: 1 PID: 4561 Comm: syz-executor884 Not tainted 4.17.0+ #117 [ 28.120728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 28.130062] RIP: 0010: (null) [ 28.133923] Code: Bad RIP value. [ 28.137277] RSP: 0018:ffff8801d92af540 EFLAGS: 00010246 [ 28.142619] RAX: 0000000000000000 RBX: ffff8801ae0ab800 RCX: 1ffffffff10ea8e5 [ 28.149871] RDX: ffff8801d92afa60 RSI: ffff8801d4f94480 RDI: ffff8801d9080cc0 [ 28.157120] RBP: ffff8801d92af6b0 R08: 0000000000000001 R09: 0000000000000000 [ 28.164385] R10: 0000000000000000 R11: 0000000000000000 R12: 1ffff1003b255ead [ 28.171645] R13: ffff8801d92afa60 R14: ffff8801ae0ab812 R15: ffff8801ae0abc58 [ 28.178896] FS: 0000000000000000(0000) GS:ffff8801daf00000(0063) knlGS:00000000094f1840 [ 28.187099] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 28.192961] CR2: ffffffffffffffd6 CR3: 00000001adb02000 CR4: 00000000001406e0 [ 28.200211] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 28.207459] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 28.214719] Call Trace: [ 28.217289] ? smc_poll+0x211/0xdd0 [ 28.220899] ? lru_cache_add+0x22c/0x450 [ 28.224953] ? __smc_connect+0xa90/0xa90 [ 28.229000] ? kvm_clock_read+0x25/0x30 [ 28.232967] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 28.238486] ? ktime_get_ts64+0x39d/0x510 [ 28.242624] ? do_gettimeofday+0x170/0x170 [ 28.246842] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 28.252358] ? __fget_light+0x2ef/0x430 [ 28.256314] sock_poll+0x1d1/0x710 [ 28.259844] ? __smc_connect+0xa90/0xa90 [ 28.263885] ? sock_get_poll_head+0x460/0x460 [ 28.268359] ? sock_get_poll_head+0x460/0x460 [ 28.272836] vfs_poll+0x77/0x2a0 [ 28.276184] do_sys_poll+0x6fd/0x1100 [ 28.279966] ? _raw_spin_unlock+0x22/0x30 [ 28.284096] ? compat_core_sys_select+0xae0/0xae0 [ 28.288919] ? find_held_lock+0x36/0x1c0 [ 28.292979] ? debug_mutex_init+0x1c/0x60 [ 28.297105] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 28.302200] ? graph_lock+0x170/0x170 [ 28.305996] ? graph_lock+0x170/0x170 [ 28.309794] ? poll_initwait+0x180/0x180 [ 28.313841] ? pvclock_read_flags+0x160/0x160 [ 28.318319] ? ktime_get_ts64+0x405/0x510 [ 28.322454] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 28.327453] ? timespec64_add_safe+0x1f4/0x2d0 [ 28.332022] ? nsec_to_clock_t+0x30/0x30 [ 28.336081] ? do_gettimeofday+0x170/0x170 [ 28.340306] ? handle_mm_fault+0x55a/0xc70 [ 28.344522] ? poll_select_set_timeout+0x14f/0x220 [ 28.349430] ? do_restart_poll+0x2d0/0x2d0 [ 28.353644] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 28.359162] ? __do_page_fault+0x441/0xe40 [ 28.363383] __ia32_sys_poll+0x189/0x510 [ 28.367426] ? __x64_sys_poll+0x510/0x510 [ 28.371561] ? do_fast_syscall_32+0x148/0xf9b [ 28.376040] do_fast_syscall_32+0x345/0xf9b [ 28.380341] ? do_int80_syscall_32+0x880/0x880 [ 28.384900] ? do_syscall_64+0x48f/0x800 [ 28.388946] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 28.393785] ? syscall_return_slowpath+0x5c0/0x5c0 [ 28.398702] ? syscall_return_slowpath+0x30f/0x5c0 [ 28.403621] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 28.409138] ? retint_user+0x18/0x18 [ 28.412845] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 28.417673] entry_SYSENTER_compat+0x70/0x7f [ 28.422063] RIP: 0023:0xf7f65cb9 [ 28.425404] Code: 55 08 8b 88 64 cd ff ff 8b 98 68 cd ff ff 89 c8 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 1c 24 c3 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 28.444653] RSP: 002b:00000000ffb9258c EFLAGS: 00000213 ORIG_RAX: 00000000000000a8 [ 28.452701] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 0000000000000112 [ 28.459950] RDX: 0000000000000003 RSI: 0000000000000032 RDI: 00000000ffffffff [ 28.467196] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 28.474448] R10: 0000000000000000 R11: 0000000000000207 R12: 0000000000000000 [ 28.481696] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 28.488951] Modules linked in: [ 28.492129] Dumping ftrace buffer: [ 28.495643] (ftrace buffer empty) [ 28.499330] CR2: 0000000000000000 [ 28.502861] ---[ end trace 6c4a58e1ad62bb0e ]--- [ 28.507637] RIP: 0010: (null) [ 28.511538] Code: Bad RIP value. [ 28.514931] RSP: 0018:ffff8801d92af540 EFLAGS: 00010246 [ 28.520297] RAX: 0000000000000000 RBX: ffff8801ae0ab800 RCX: 1ffffffff10ea8e5 [ 28.527580] RDX: ffff8801d92afa60 RSI: ffff8801d4f94480 RDI: ffff8801d9080cc0 [ 28.534852] RBP: ffff8801d92af6b0 R08: 0000000000000001 R09: 0000000000000000 [ 28.542120] R10: 0000000000000000 R11: 0000000000000000 R12: 1ffff1003b255ead [ 28.549393] R13: ffff8801d92afa60 R14: ffff8801ae0ab812 R15: ffff8801ae0abc58 [ 28.556672] FS: 0000000000000000(0000) GS:ffff8801daf00000(0063) knlGS:00000000094f1840 [ 28.565160] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 28.571055] CR2: ffffffffffffffd6 CR3: 00000001adb02000 CR4: 00000000001406e0 [ 28.578335] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 28.585611] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 28.592884] Kernel panic - not syncing: Fatal exception [ 28.598842] Dumping ftrace buffer: [ 28.602370] (ftrace buffer empty) [ 28.606054] Kernel Offset: disabled [ 28.609655] Rebooting in 86400 seconds..