[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 22.283262] random: sshd: uninitialized urandom read (32 bytes read, 36 bits of entropy available) [?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 25.595289] random: sshd: uninitialized urandom read (32 bytes read, 40 bits of entropy available) [ 26.178809] random: sshd: uninitialized urandom read (32 bytes read, 40 bits of entropy available) [ 27.170499] random: sshd: uninitialized urandom read (32 bytes read, 118 bits of entropy available) [ 27.351195] random: sshd: uninitialized urandom read (32 bytes read, 122 bits of entropy available) Warning: Permanently added '10.128.0.2' (ECDSA) to the list of known hosts. [ 32.781123] random: nonblocking pool is initialized executing program executing program [ 32.899574] IPVS: Creating netns size=2552 id=1 executing program executing program executing program [ 32.922801] kasan: CONFIG_KASAN_INLINE enabled [ 32.927213] kasan: GPF could be caused by NULL-ptr deref or user memory accessgeneral protection fault: 0000 [#1] [ 32.936689] IPVS: Creating netns size=2552 id=2 [ 32.942632] PREEMPT SMP KASAN [ 32.946379] Dumping ftrace buffer: [ 32.949895] (ftrace buffer empty) [ 32.953587] Modules linked in: [ 32.956884] CPU: 0 PID: 3813 Comm: syzkaller369542 Not tainted 4.4.120-gd63fdf6 #28 [ 32.962620] kasan: CONFIG_KASAN_INLINE enabled [ 32.969200] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 32.969200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 32.985848] task: ffff8800ab089800 task.stack: ffff8800aa548000 [ 32.991881] RIP: 0010:[] [] __free_pages+0x21/0x90 [ 33.000119] RSP: 0018:ffff8800aa54f9f0 EFLAGS: 00010a07 [ 33.005535] RAX: dffffc0000000000 RBX: dead4ead00000000 RCX: ffffffff825b85eb [ 33.012775] RDX: 1bd5a9d5a0000003 RSI: 0000000000000006 RDI: dead4ead0000001c [ 33.020015] RBP: ffff8800aa54fa00 R08: 0000000048000000 R09: 0000000000001e30 [ 33.027253] R10: 0000000000002100 R11: 1ffff100154a9f1c R12: 0000000000000004 [ 33.034492] R13: 0000000000000020 R14: ffff8801c4dd2100 R15: dffffc0000000000 [ 33.041740] FS: 00007f4180e69700(0000) GS:ffff8801db200000(0000) knlGS:0000000000000000 [ 33.049936] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 33.055789] CR2: 0000000020e94000 CR3: 00000000aea22000 CR4: 0000000000160670 [ 33.063031] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 33.070270] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 33.077597] Stack: [ 33.079714] 0000000000000246 ffff8801c4dd2258 ffff8800aa54fa60 ffffffff825b8611 [ 33.087693] ffff8801c4dd2270 ffffed00389ba44b ffffed00389ba44e ffff8801c4dd2268 [ 33.095660] dead4ead00000000 ffff8801c4dd2240 0000000000000000 0000000000000000 [ 33.103627] Call Trace: [ 33.106186] [] sg_remove_scat.isra.17+0x1c1/0x2d0 [ 33.112646] [] sg_finish_rem_req+0x2b5/0x340 [ 33.118689] [] sg_new_read.isra.18+0x17d/0x3c0 [ 33.124888] [] sg_read+0x8bc/0x1490 [ 33.130134] [] ? __check_object_size+0x154/0x35b [ 33.136510] [] ? sg_proc_seq_show_debug+0xda0/0xda0 [ 33.143145] [] ? fsnotify+0xee0/0xee0 [ 33.148569] [] ? avc_policy_seqno+0x9/0x20 [ 33.154422] [] do_loop_readv_writev+0x141/0x1e0 [ 33.160711] [] ? security_file_permission+0x89/0x1e0 [ 33.167433] [] ? sg_proc_seq_show_debug+0xda0/0xda0 [ 33.174068] [] ? sg_proc_seq_show_debug+0xda0/0xda0 [ 33.180701] [] do_readv_writev+0x5dd/0x6e0 [ 33.186552] [] ? vfs_write+0x530/0x530 [ 33.192060] [] ? sg_ioctl+0x29f0/0x29f0 [ 33.197655] [] ? __vfs_write+0x10b/0x450 [ 33.203333] [] ? quarantine_put+0xab/0x180 [ 33.209184] [] ? __fget+0x213/0x3b0 [ 33.214429] [] ? __fget+0x23a/0x3b0 [ 33.219687] [] ? __fget+0x47/0x3b0 [ 33.224850] [] vfs_readv+0x78/0xb0 [ 33.230008] [] SyS_readv+0xd9/0x240 [ 33.235253] [] ? rw_copy_check_uvector+0x2b0/0x2b0 [ 33.241800] [] ? lockdep_sys_exit_thunk+0x12/0x14 [ 33.248260] [] entry_SYSCALL_64_fastpath+0x1c/0x98 [ 33.254804] Code: c6 a0 0c 00 e9 78 fd ff ff 90 48 b8 00 00 00 00 00 fc ff df 55 48 89 e5 53 48 89 fb 48 83 c7 1c 48 89 fa 48 83 ec 08 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 49 [ 33.281416] RIP [] __free_pages+0x21/0x90 [ 33.287301] RSP [ 33.290903] general protection fault: 0000 [#2] [ 33.292133] ---[ end trace 3e926b0cf78aca20 ]--- [ 33.292137] Kernel panic - not syncing: Fatal exception [ 33.305609] PREEMPT SMP KASAN [ 33.309358] Dumping ftrace buffer: [ 33.312868] (ftrace buffer empty) [ 33.316549] Modules linked in: [ 33.319838] CPU: 1 PID: 3818 Comm: syzkaller369542 Tainted: G D 4.4.120-gd63fdf6 #28 [ 33.328818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 33.338149] task: ffff8800aba4e000 task.stack: ffff8801c53d8000 [ 33.344174] RIP: 0010:[] [] __free_pages+0x21/0x90 [ 33.352412] RSP: 0018:ffff8801c53df9f0 EFLAGS: 00010a07 [ 33.357836] RAX: dffffc0000000000 RBX: dead4ead00000000 RCX: ffffffff825b85eb [ 33.365076] RDX: 1bd5a9d5a0000003 RSI: 0000000000000006 RDI: dead4ead0000001c [ 33.372319] RBP: ffff8801c53dfa00 R08: 0000000048000000 R09: 0000000000001e30 [ 33.379559] R10: 0000000000002100 R11: 1ffff10038a7bf1c R12: 0000000000000004 [ 33.386807] R13: 0000000000000020 R14: ffff8800bac60000 R15: dffffc0000000000 [ 33.394052] FS: 00007f4180e69700(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000 [ 33.402249] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 33.408107] CR2: 0000000020e94000 CR3: 00000000b366a000 CR4: 0000000000160670 [ 33.415349] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 33.422589] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 33.429828] Stack: [ 33.431953] 0000000000000246 ffff8800bac60158 ffff8801c53dfa60 ffffffff825b8611 [ 33.439941] ffff8800bac60170 ffffed001758c02b ffffed001758c02e ffff8800bac60168 [ 33.447933] dead4ead00000000 ffff8800bac60140 0000000000000000 0000000000000000 [ 33.455921] Call Trace: [ 33.458486] [] sg_remove_scat.isra.17+0x1c1/0x2d0 [ 33.464953] [] sg_finish_rem_req+0x2b5/0x340 [ 33.470985] [] sg_new_read.isra.18+0x17d/0x3c0 [ 33.477187] [] sg_read+0x8bc/0x1490 [ 33.482440] [] ? __check_object_size+0x154/0x35b [ 33.488817] [] ? sg_proc_seq_show_debug+0xda0/0xda0 [ 33.495456] [] ? fsnotify+0xee0/0xee0 [ 33.500880] [] ? avc_policy_seqno+0x9/0x20 [ 33.506738] [] do_loop_readv_writev+0x141/0x1e0 [ 33.513031] [] ? security_file_permission+0x89/0x1e0 [ 33.519756] [] ? sg_proc_seq_show_debug+0xda0/0xda0 [ 33.526392] [] ? sg_proc_seq_show_debug+0xda0/0xda0 [ 33.533030] [] do_readv_writev+0x5dd/0x6e0 [ 33.538885] [] ? vfs_write+0x530/0x530 [ 33.544395] [] ? sg_ioctl+0x29f0/0x29f0 [ 33.549990] [] ? __vfs_write+0x10b/0x450 [ 33.555674] [] ? __fget+0x47/0x3b0 [ 33.560835] [] ? avc_policy_seqno+0x9/0x20 [ 33.566689] [] ? __fget+0x213/0x3b0 [ 33.571937] [] ? __fget+0x23a/0x3b0 [ 33.577183] [] ? __fget+0x47/0x3b0 [ 33.582344] [] vfs_readv+0x78/0xb0 [ 33.587504] [] SyS_readv+0xd9/0x240 [ 33.592750] [] ? rw_copy_check_uvector+0x2b0/0x2b0 [ 33.599301] [] ? lockdep_sys_exit_thunk+0x12/0x14 [ 33.605765] [] entry_SYSCALL_64_fastpath+0x1c/0x98 [ 33.612310] Code: c6 a0 0c 00 e9 78 fd ff ff 90 48 b8 00 00 00 00 00 fc ff df 55 48 89 e5 53 48 89 fb 48 83 c7 1c 48 89 fa 48 83 ec 08 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 49 [ 33.639072] RIP [] __free_pages+0x21/0x90 [ 33.644959] RSP [ 33.649026] Dumping ftrace buffer: [ 33.652545] (ftrace buffer empty) [ 33.656223] Kernel Offset: disabled [ 33.659814] Rebooting in 86400 seconds..