[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[   34.294654] random: sshd: uninitialized urandom read (32 bytes read)
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   36.020230] random: sshd: uninitialized urandom read (32 bytes read)
[   36.456820] random: sshd: uninitialized urandom read (32 bytes read)
[   37.917792] random: sshd: uninitialized urandom read (32 bytes read)
[  114.514121] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.10.58' (ECDSA) to the list of known hosts.
[  120.069957] random: sshd: uninitialized urandom read (32 bytes read)
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[  120.714954] WARNING: CPU: 0 PID: 4641 at net/core/stream.c:206 sk_stream_kill_queues+0x944/0x970
[  120.723961] Kernel panic - not syncing: panic_on_warn set ...
[  120.723961] 
[  120.731341] CPU: 0 PID: 4641 Comm: syz-executor294 Not tainted 4.18.0-rc5+ #29
[  120.738697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  120.745815] WARNING: CPU: 1 PID: 4562 at net/core/stream.c:206 sk_stream_kill_queues+0x944/0x970
[  120.748061] Call Trace:
[  120.756996] Modules linked in:
[  120.759604]  dump_stack+0x185/0x1e0
[  120.762771] CPU: 1 PID: 4562 Comm: syz-executor294 Not tainted 4.18.0-rc5+ #29
[  120.766386]  panic+0x3d0/0x9b0
[  120.773728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  120.773768] RIP: 0010:sk_stream_kill_queues+0x944/0x970
[  120.776956]  __warn+0x40f/0x580
[  120.786311] Code: 
[  120.791687]  ? sk_stream_kill_queues+0x944/0x970
[  120.794931] 5e 
[  120.797107]  report_bug+0x72a/0x880
[  120.801804] 41 5f 
[  120.803784]  ? sk_stream_kill_queues+0x944/0x970
[  120.807346] 5d c3 
[  120.809559]  ? sk_stream_kill_queues+0x944/0x970
[  120.814247] 8b 3a 
[  120.816435]  do_error_trap+0x1fe/0x710
[  120.821133] e8 ba 
[  120.823324]  ? kfree+0xd8/0x2ac0
[  120.827164] 28 
[  120.829330]  ? rcu_segcblist_enqueue+0x189/0x2d0
[  120.832643] c1 f9 
[  120.834563]  do_invalid_op+0x46/0x50
[  120.839284] 45 85 
[  120.841510]  invalid_op+0x14/0x20
[  120.845177] f6 74 
[  120.847362] RIP: 0010:sk_stream_kill_queues+0x944/0x970
[  120.850780] b4 
[  120.853339] Code: 
[  120.858676] e8 30 
[  120.860566] 5e 
[  120.862688] 74 65 
[  120.864829] 41 5f 
[  120.866723] f9 
[  120.868856] 5d 
[  120.870981] 0f 0b 
[  120.872861] c3 8b 
[  120.874745] eb b0 
[  120.876902] 3a 
[  120.879033] 8b 3a 
[  120.881184] e8 ba 
[  120.883124] e8 
[  120.885248] 28 c1 
[  120.887392] a5 28 
[  120.889273] f9 45 
[  120.891415] c1 f9 
[  120.893573] 85 f6 
[  120.895719] 85 db 
[  120.897863] 74 b4 
[  120.900016] 74 
[  120.902151] e8 30 
[  120.904308] cc 
[  120.906190] 74 65 
[  120.908348] e8 
[  120.910229] f9 
[  120.912372] 1c 
[  120.914240] 0f 0b 
[  120.916133] 74 65 
[  120.918024] eb 
[  120.920149] f9 <0f> 
[  120.922293] b0 8b 
[  120.924174] 0b eb 
[  120.926496] 3a 
[  120.928618] c8 8b 
[  120.930761] e8 a5 
[  120.932664] 7d 
[  120.934787] 28 c1 
[  120.936931] d4 e8 
[  120.938823] f9 
[  120.940954] 90 
[  120.943079] 85 db 
[  120.944969] 28 
[  120.946843] 74 
[  120.948968] c1 f9 
[  120.950861] cc 
[  120.952733] e9 
[  120.954858] e8 1c 
[  120.956750] 6d 
[  120.958613] 74 65 
[  120.960754] ff ff 
[  120.962634] f9 <0f> 
[  120.964776] ff 48 
[  120.966934] 0b 
[  120.969244] 89 
[  120.971378] eb c8 
[  120.973258] fb 8b 
[  120.975140] 8b 7d 
[  120.977293] 7d 
[  120.979430] d4 e8 
[  120.983465] 90 
[  120.985601] RSP: 0018:ffff88019a88f440 EFLAGS: 00010293
[  120.985621] 28 
[  120.992839] c1 f9 
[  120.994742] RAX: ffffffff8802b0e4 RBX: 0000000000000fe3 RCX: ffff8801a47a0000
[  120.994758] e9 
[  120.996900] RDX: 0000000000000000 RSI: aaaaaaaaaaaab000 RDI: ffffea0009b4f120
[  121.005188] 6d ff 
[  121.007095] RBP: ffff88019a88f4c0 R08: 0000000000000000 R09: 0000000000000002
[  121.014353] ff 
[  121.016500] R10: 000000008010000e R11: ffffffff88a86c60 R12: 0000000000000000
[  121.023758] ff 
[  121.025639] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000fe3
[  121.032885] 48 89 
[  121.034805] FS:  00007f23a8798700(0000) GS:ffff88021fd00000(0000) knlGS:0000000000000000
[  121.042058] fb 
[  121.044203] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  121.052412] 8b 
[  121.054306] CR2: 00007f7b32a741c4 CR3: 00000001b71e0000 CR4: 00000000001406e0
[  121.060159] 7d 
[  121.062067] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  121.069332] RSP: 0018:ffff8801bbecf4a0 EFLAGS: 00010293
[  121.071215] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  121.083831] Call Trace:
[  121.091100] RAX: ffffffff8802b0e4 RBX: 0000000000000fe3 RCX: ffff8801a2ac1d80
[  121.093717]  ? tcp_v4_inbound_md5_hash+0xca0/0xca0
[  121.100952] RDX: 0000000000000000 RSI: aaaaaaaaaaaab000 RDI: ffffea0009b4f0c0
[  121.105894]  inet_csk_destroy_sock+0x2b1/0x5f0
[  121.113141] RBP: ffff8801bbecf520 R08: 0000000000000000 R09: 0000000000000002
[  121.117717]  tcp_close+0xe47/0x1920
[  121.124978] R10: 0000000000100010 R11: ffffffff88a86c60 R12: 0000000000000000
[  121.128604]  ? ip_mc_drop_socket+0x6ac/0x6f0
[  121.135876] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000fe3
[  121.140301]  ? tcp_check_oom+0x540/0x540
[  121.147557]  ? tcp_v4_inbound_md5_hash+0xca0/0xca0
[  121.151618]  inet_release+0x256/0x2d0
[  121.156544]  ? sk_stream_kill_queues+0x944/0x970
[  121.160354]  ? inet_listen+0x4d0/0x4d0
[  121.165102]  ? tcp_v4_inbound_md5_hash+0xca0/0xca0
[  121.168997]  sock_close+0x11e/0x360
[  121.173923]  inet_csk_destroy_sock+0x2b1/0x5f0
[  121.177540]  __fput+0x458/0xa30
[  121.182143]  tcp_close+0xe47/0x1920
[  121.185404]  ? fput+0x300/0x300
[  121.189026]  ? ip_mc_drop_socket+0x6ac/0x6f0
[  121.192276]  ____fput+0x37/0x40
[  121.196694]  ? tcp_check_oom+0x540/0x540
[  121.199948]  task_work_run+0x22e/0x2b0
[  121.204016]  inet_release+0x256/0x2d0
[  121.207911]  do_exit+0x110e/0x3930
[  121.211687]  ? inet_listen+0x4d0/0x4d0
[  121.215206]  do_group_exit+0x1a0/0x360
[  121.219101]  sock_close+0x11e/0x360
[  121.222962]  get_signal+0x15c3/0x2190
[  121.226579]  __fput+0x458/0xa30
[  121.230392]  ? __msan_poison_alloca+0x183/0x220
[  121.233657]  ? fput+0x300/0x300
[  121.238336]  ? prepare_exit_to_usermode+0x297/0x430
[  121.241589]  ____fput+0x37/0x40
[  121.246625]  ? do_signal+0xae/0x2060
[  121.249878]  task_work_run+0x22e/0x2b0
[  121.253599]  ? prepare_exit_to_usermode+0x297/0x430
[  121.253625]  ? prepare_exit_to_usermode+0x297/0x430
[  121.257511]  do_exit+0x110e/0x3930
[  121.262518]  do_signal+0xca/0x2060
[  121.267530]  do_group_exit+0x1a0/0x360
[  121.271077]  ? __msan_metadata_ptr_for_load_4+0x10/0x20
[  121.274593]  get_signal+0x15c3/0x2190
[  121.278484]  ? kmem_cache_free+0x8a2/0x2c30
[  121.283847]  ? __msan_poison_alloca+0x183/0x220
[  121.287643]  ? do_filp_open+0x88/0x740
[  121.291968]  ? prepare_exit_to_usermode+0x297/0x430
[  121.296639]  ? putname+0x1d8/0x210
[  121.300511]  ? do_signal+0xae/0x2060
[  121.305525]  ? kmsan_set_origin_inline+0x6b/0x120
[  121.309050]  ? prepare_exit_to_usermode+0x297/0x430
[  121.312768]  prepare_exit_to_usermode+0x297/0x430
[  121.317586]  ? prepare_exit_to_usermode+0x297/0x430
[  121.322598]  syscall_return_slowpath+0x108/0x800
[  121.327434]  do_signal+0xca/0x2060
[  121.332473]  ? __x64_sys_futex+0x1a2/0x200
[  121.337203]  ? kmsan_set_origin_inline+0x6b/0x120
[  121.340750]  do_syscall_64+0x1ad/0x230
[  121.344985]  ? kmsan_set_origin_inline+0x6b/0x120
[  121.349808]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  121.353685]  prepare_exit_to_usermode+0x297/0x430
[  121.358529] RIP: 0033:0x44d7e9
[  121.363729]  syscall_return_slowpath+0x108/0x800
[  121.368562] Code: 
[  121.371870]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[  121.376580] e8 
[  121.378754]  ? schedule_tail+0x9c/0x360
[  121.384061] 6c e6 
[  121.385999]  ? task_thread_info+0xd/0x30
[  121.389930] ff 
[  121.392098]  ? __switch_to+0x330/0x420
[  121.396107] ff 48 
[  121.398031]  ret_from_fork+0x15/0x40
[  121.401888] 83 
[  121.404039] RIP: 0033:0x450179
[  121.407718] c4 18 
[  121.409612] Code: 
[  121.412791] c3 0f 
[  121.414948] ff 
[  121.417073] 1f 80 
[  121.419230] 48 
[  121.421095] 00 00 
[  121.423240] 85 f6 
[  121.425135] 00 
[  121.427263] 0f 84 
[  121.429436] 00 
[  121.431305] 97 a1 
[  121.433467] 48 
[  121.435348] fb 
[  121.437478] 89 f8 
[  121.439378] ff 
[  121.441258] 48 89 
[  121.443423] 48 
[  121.445315] f7 
[  121.447453] 83 ee 
[  121.449362] 48 
[  121.451235] 10 48 
[  121.453406] 89 
[  121.455289] 89 
[  121.457503] d6 48 
[  121.459403] 4e 
[  121.461284] 89 
[  121.463424] 08 
[  121.465300] ca 4d 
[  121.467183] 48 89 
[  121.469068] 89 c2 
[  121.471228] 3e 
[  121.473366] 4d 89 
[  121.475526] 48 
[  121.477396] c8 4c 
[  121.479557] 89 
[  121.481428] 8b 4c 
[  121.483601] d7 
[  121.485467] 24 08 
[  121.487625] 4c 
[  121.489507] 0f 
[  121.491632] 89 c2 
[  121.493532] 05 
[  121.495406] 4d 
[  121.497544] <48> 
[  121.499412] 89 c8 
[  121.501295] 3d 01 
[  121.503399] 4c 
[  121.505517] f0 ff 
[  121.507680] 8b 
[  121.509543] ff 0f 
[  121.511694] 54 
[  121.513558] 83 fb 
[  121.516137] 24 08 
[  121.518018] ca fb 
[  121.520156] b8 38 
[  121.522305] ff 
[  121.524430] 00 00 
[  121.526575] c3 66 
[  121.528477] 00 
[  121.530616] 2e 
[  121.532743] 0f 05 
[  121.534629] 0f 1f 
[  121.536515] <48> 85 
[  121.538668] 84 
[  121.540793] c0 0f 
[  121.543135] 00 
[  121.544999] 8c 6e 
[  121.547140] 00 00 
[  121.549033] a1 
[  121.551180] 00 
[  121.553318] fb 
[  121.555204] RSP: 002b:00007f23a8797d78 EFLAGS: 00000246
[  121.557069] ff 74 
[  121.558985]  ORIG_RAX: 00000000000000ca
[  121.564339] 01 
[  121.566503] RAX: fffffffffffffe00 RBX: 00000000006e0ce4 RCX: 000000000044d7e9
[  121.570445] c3 31 
[  121.572348] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000006e0ce4
[  121.579606] ed 48 
[  121.581773] RBP: 0030656c69662f2e R08: 0000000000000000 R09: 0000000000000000
[  121.589042] f7 
[  121.591192] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  121.598452] c7 00 
[  121.600372] R13: 00000000006e0ce0 R14: 0000000000000000 R15: 0000000000000000
[  121.607635] 00 
[  121.609784] ---[ end trace f9d03893b02d7c4f ]---
[  121.617063] 01 
[  121.619356] WARNING: CPU: 1 PID: 4562 at net/ipv4/af_inet.c:156 inet_sock_destruct+0xd00/0xd60
[  121.623674] 00 75 
[  121.625568] Modules linked in:
[  121.637163] CPU: 1 PID: 4562 Comm: syz-executor294 Tainted: G        W         4.18.0-rc5+ #29
[  121.640347] RSP: 002b:00007f23a8713e70 EFLAGS: 00000202
[  121.649075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  121.649099]  ORIG_RAX: 0000000000000038
[  121.654474] RIP: 0010:inet_sock_destruct+0xd00/0xd60
[  121.663804] RAX: 0000000000000000 RBX: 00007f23a8714700 RCX: 0000000000450179
[  121.663831] RDX: 00007f23a87149d0 RSI: 00007f23a8713e70 RDI: 00000000003d0f00
[  121.667819] Code: 
[  121.672910] RBP: 00007ffefc387b50 R08: 00007f23a8714700 R09: 00007f23a8714700
[  121.672933] R10: 00007f23a87149d0 R11: 0000000000000202 R12: 0000000000000000
[  121.680221] 0f 
[  121.687496] R13: 00007ffefc387aaf R14: 00007f23a87149c0 R15: 000000000000005b
[  121.689622] 0b e9 2e fd ff ff 48 8b 7d c0 e8 ea df 10 f9 e9 34 fd ff ff 8b 3a e8 de df 10 f9 45 85 f6 0f 84 49 fd ff ff e8 50 2b b5 f8 <0f> 0b e9 42 fd ff ff 48 8b 7d c0 e8 c0 df 10 f9 48 8b 45 b8 e9 44 
[  121.732089] RSP: 0018:ffff88019a88f338 EFLAGS: 00010293
[  121.737459] RAX: ffffffff88b2f9b0 RBX: ffff88019e283ff8 RCX: ffff8801a47a0000
[  121.744721] RDX: 0000000000000000 RSI: aaaaaaaaaaaab000 RDI: ffffea0009b4f120
[  121.751998] RBP: ffff88019a88f3d0 R08: 0000000000480000 R09: 0000000000000002
[  121.759275] R10: 000000008010000e R11: ffffffff88b2ecb0 R12: ffff8801a47a0900
[  121.766542] R13: 0000000000000000 R14: 0000000000000fe3 R15: ffff88019e283f12
[  121.773813] FS:  00007f23a8798700(0000) GS:ffff88021fd00000(0000) knlGS:0000000000000000
[  121.782051] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  121.787927] CR2: 00007f7b32a741c4 CR3: 00000001b71e0000 CR4: 00000000001406e0
[  121.795194] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  121.802459] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  121.809719] Call Trace:
[  121.812390]  ? __sk_destruct+0x81/0x9a0
[  121.816369]  ? ip_mc_config+0x3c0/0x3c0
[  121.820340]  __sk_destruct+0xe2/0x9a0
[  121.824141]  ? __msan_metadata_ptr_for_load_1+0x10/0x20
[  121.829504]  ? netlink_has_listeners+0x1c6/0x2b0
[  121.834275]  __sk_free+0x5c4/0x680
[  121.838437]  sk_free+0xb4/0x100
[  121.841722]  tcp_close+0x1389/0x1920
[  121.845460]  ? ip_mc_drop_socket+0x6ac/0x6f0
[  121.849929]  ? tcp_check_oom+0x540/0x540
[  121.854035]  inet_release+0x256/0x2d0
[  121.857886]  ? inet_listen+0x4d0/0x4d0
[  121.861824]  sock_close+0x11e/0x360
[  121.865484]  __fput+0x458/0xa30
[  121.868799]  ? fput+0x300/0x300
[  121.872105]  ____fput+0x37/0x40
[  121.875395]  task_work_run+0x22e/0x2b0
[  121.879323]  do_exit+0x110e/0x3930
[  121.882890]  do_group_exit+0x1a0/0x360
[  121.886807]  get_signal+0x15c3/0x2190
[  121.890679]  ? __msan_poison_alloca+0x183/0x220
[  121.895388]  ? prepare_exit_to_usermode+0x297/0x430
[  121.900460]  ? do_signal+0xae/0x2060
[  121.904200]  ? prepare_exit_to_usermode+0x297/0x430
[  121.909258]  ? prepare_exit_to_usermode+0x297/0x430
[  121.914292]  do_signal+0xca/0x2060
[  121.917866]  ? __msan_metadata_ptr_for_load_4+0x10/0x20
[  121.923263]  ? kmem_cache_free+0x8a2/0x2c30
[  121.927614]  ? do_filp_open+0x88/0x740
[  121.931539]  ? putname+0x1d8/0x210
[  121.935551]  ? kmsan_set_origin_inline+0x6b/0x120
[  121.940525]  prepare_exit_to_usermode+0x297/0x430
[  121.945383]  syscall_return_slowpath+0x108/0x800
[  121.950190]  ? __x64_sys_futex+0x1a2/0x200
[  121.954464]  do_syscall_64+0x1ad/0x230
[  121.958368]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  121.963565] RIP: 0033:0x44d7e9
[  121.966748] Code: e8 6c e6 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb ca fb ff c3 66 2e 0f 1f 84 00 00 00 00 
[  121.986316] RSP: 002b:00007f23a8797d78 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  121.994051] RAX: fffffffffffffe00 RBX: 00000000006e0ce4 RCX: 000000000044d7e9
[  122.001329] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000006e0ce4
[  122.008607] RBP: 0030656c69662f2e R08: 0000000000000000 R09: 0000000000000000
[  122.015882] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  122.023155] R13: 00000000006e0ce0 R14: 0000000000000000 R15: 0000000000000000
[  122.030437] ---[ end trace f9d03893b02d7c50 ]---
[  122.035703] Dumping ftrace buffer:
[  122.039253]    (ftrace buffer empty)
[  122.042954] Kernel Offset: disabled
[  122.046582] Rebooting in 86400 seconds..