[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 18.388702] random: sshd: uninitialized urandom read (32 bytes read, 31 bits of entropy available) [?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 19.836165] random: sshd: uninitialized urandom read (32 bytes read, 33 bits of entropy available) [ 20.175277] random: sshd: uninitialized urandom read (32 bytes read, 33 bits of entropy available) [ 20.932281] random: sshd: uninitialized urandom read (32 bytes read, 85 bits of entropy available) [ 21.081187] random: sshd: uninitialized urandom read (32 bytes read, 88 bits of entropy available) Warning: Permanently added '10.128.15.210' (ECDSA) to the list of known hosts. [ 26.445992] random: sshd: uninitialized urandom read (32 bytes read, 94 bits of entropy available) 2018/02/24 08:49:02 parsed 1 programs 2018/02/24 08:49:02 executed programs: 0 [ 26.813454] IPVS: Creating netns size=2552 id=1 [ 26.858039] IPVS: Creating netns size=2552 id=2 [ 26.907072] IPVS: Creating netns size=2552 id=3 [ 26.957409] IPVS: Creating netns size=2552 id=4 [ 27.030920] IPVS: Creating netns size=2552 id=5 [ 27.114654] IPVS: Creating netns size=2552 id=6 [ 27.216367] IPVS: Creating netns size=2552 id=7 [ 27.294837] IPVS: Creating netns size=2552 id=8 [ 29.496165] ------------[ cut here ]------------ [ 29.500954] kernel BUG at include/linux/skbuff.h:1824! [ 29.506217] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 29.512072] Dumping ftrace buffer: [ 29.515595] (ftrace buffer empty) [ 29.519291] Modules linked in: [ 29.522600] CPU: 1 PID: 4927 Comm: syz-executor0 Not tainted 4.4.116-g17c7c49 #18 [ 29.530202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 29.539541] task: ffff8800ad6d9800 task.stack: ffff8800a9d78000 [ 29.545568] RIP: 0010:[] [] __ip6_make_skb+0x120b/0x1c30 [ 29.554328] RSP: 0018:ffff8800a9d7f3d0 EFLAGS: 00010293 [ 29.559747] RAX: ffff8800ad6d9800 RBX: 0000000000000738 RCX: ffffffff8330e5eb [ 29.566988] RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffff8800ad6104d0 [ 29.574226] RBP: ffff8800a9d7f5d0 R08: ffff8800b4c2cbb8 R09: 0000000000000000 [ 29.581465] R10: 0000000000001100 R11: 1ffff100153afe42 R12: 00000000000000d6 [ 29.588705] R13: ffff8800b4c2cb40 R14: ffff8800b4c2cbbc R15: ffff8800ad610000 [ 29.595946] FS: 0000000000000000(0000) GS:ffff8801db300000(0063) knlGS:00000000f77b5b40 [ 29.604144] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 29.609993] CR2: 00007f37850a0270 CR3: 00000001c9960000 CR4: 0000000000160670 [ 29.617234] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 29.624473] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 29.631711] Stack: [ 29.633831] ffff8800a9d7f440 ffff8800b4c2cbfc ffff8800b4c2cc10 ffff8800b4c2cc08 [ 29.641799] ffff8800b4f941c8 1ffff100153afe8c ffff8800b7a81500 ffff8801d253f0c0 [ 29.649764] ffff8800ad610012 ffff8800ad610520 ffff8800aa7a8000 ffff8800b4c2cbc8 [ 29.657733] Call Trace: [ 29.660289] [] ? ip6_output+0x520/0x520 [ 29.665882] [] ? sock_wmalloc+0x78/0xe0 [ 29.671479] [] ? debug_check_no_locks_freed+0x2c0/0x2c0 [ 29.678462] [] ? ip6_setup_cork+0x11a0/0x11a0 [ 29.684577] [] ? debug_check_no_locks_freed+0x250/0x2c0 [ 29.691561] [] udp_v6_push_pending_frames+0x20a/0x340 [ 29.698367] [] ? udpv6_destroy_sock+0xd0/0xd0 [ 29.704481] [] ? __udpv6_queue_rcv_skb+0x470/0x470 [ 29.711027] [] udpv6_sendmsg+0x1f12/0x2500 [ 29.716878] [] ? set_next_entity+0x2bd/0x3d0 [ 29.722906] [] ? __udpv6_queue_rcv_skb+0x470/0x470 [ 29.729451] [] ? udp6_lib_lookup+0x60/0x60 [ 29.735307] [] ? avc_has_perm_noaudit+0x460/0x460 [ 29.741768] [] ? check_preemption_disabled+0x3b/0x200 [ 29.748579] [] ? sock_has_perm+0x1c1/0x400 [ 29.754432] [] ? sock_has_perm+0x29f/0x400 [ 29.760287] [] ? sock_has_perm+0x9f/0x400 [ 29.766053] [] ? selinux_file_send_sigiotask+0x310/0x310 [ 29.773123] [] ? inet_sendmsg+0x73/0x4c0 [ 29.778802] [] ? inet_sendmsg+0x201/0x4c0 [ 29.784567] [] inet_sendmsg+0x2bc/0x4c0 [ 29.790158] [] ? inet_sendmsg+0x73/0x4c0 [ 29.795838] [] ? inet_recvmsg+0x4c0/0x4c0 [ 29.801604] [] sock_sendmsg+0xca/0x110 [ 29.807111] [] ___sys_sendmsg+0x312/0x7c0 [ 29.812878] [] ? copy_msghdr_from_user+0x550/0x550 [ 29.819947] [] ? __fget+0x47/0x3b0 [ 29.825108] [] ? copy_msghdr_from_user+0x550/0x550 [ 29.831654] [] ? __fget+0x20b/0x3b0 [ 29.836898] [] ? __fget+0x232/0x3b0 [ 29.842142] [] ? __fget+0x47/0x3b0 [ 29.847301] [] ? __fget_light+0xa1/0x1e0 [ 29.852984] [] ? __fdget+0x18/0x20 [ 29.858146] [] __sys_sendmmsg+0x1d6/0x2e0 [ 29.863910] [] ? SyS_sendmsg+0x50/0x50 [ 29.869415] [] ? __fget_light+0xa1/0x1e0 [ 29.875093] [] ? __fdget+0x18/0x20 [ 29.880251] [] ? sockfd_lookup_light+0x118/0x160 [ 29.886624] [] ? compat_SyS_futex+0x1f9/0x2a0 [ 29.892738] [] ? fd_install+0x4d/0x60 [ 29.898156] [] ? compat_SyS_get_robust_list+0x300/0x300 [ 29.905136] [] ? move_addr_to_kernel+0x50/0x50 [ 29.911340] [] compat_SyS_sendmmsg+0x32/0x40 [ 29.917364] [] ? compat_SyS_sendmsg+0x40/0x40 [ 29.923486] [] do_fast_syscall_32+0x314/0x890 [ 29.929602] [] sysenter_flags_fixed+0xd/0x17 [ 29.935624] Code: 08 84 c9 0f 85 c0 08 00 00 41 3b 45 7c 72 17 e8 8c 27 05 fe 45 89 e6 4d 01 f7 4d 89 bd d0 00 00 00 e9 17 f2 ff ff e8 75 27 05 fe <0f> 0b e8 6e 27 05 fe 48 8b 7c 24 50 e8 34 d2 fe ff 41 89 c4 e9 [ 29.962302] RIP [] __ip6_make_skb+0x120b/0x1c30 [ 29.968705] RSP [ 30.106197] ------------[ cut here ]------------ [ 30.110982] kernel BUG at include/linux/skbuff.h:1824! [ 30.116244] invalid opcode: 0000 [#2] PREEMPT SMP KASAN [ 30.122099] Dumping ftrace buffer: [ 30.125622] (ftrace buffer empty) [ 30.129319] Modules linked in: [ 30.132622] CPU: 0 PID: 4987 Comm: syz-executor1 Tainted: G D 4.4.116-g17c7c49 #18 [ 30.141435] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 30.150770] task: ffff8801d1839800 task.stack: ffff8801d2d98000 [ 30.156805] RIP: 0010:[] [] __ip6_make_skb+0x120b/0x1c30 [ 30.165582] RSP: 0018:ffff8801d2d9f3d0 EFLAGS: 00010293 [ 30.171011] RAX: ffff8801d1839800 RBX: 0000000000000738 RCX: ffffffff8330e5eb [ 30.178267] RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffff8801c99684d0 [ 30.185520] RBP: ffff8801d2d9f5d0 R08: ffff8800ad623078 R09: 0000000000000000 [ 30.192772] R10: 0000000000001100 R11: 1ffff1003a5b3e42 R12: 00000000000000d6 [ 30.200029] R13: ffff8800ad623000 R14: ffff8800ad62307c R15: ffff8801c9968000 [ 30.207284] FS: 0000000000000000(0000) GS:ffff8801db200000(0063) knlGS:00000000f77eeb40 [ 30.215493] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 30.221357] CR2: 00007efd4f60e4c0 CR3: 00000001c9810000 CR4: 0000000000160670 [ 30.228615] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 30.235870] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 30.243117] Stack: [ 30.245243] ffff8801d2d9f440 ffff8800ad6230bc ffff8800ad6230d0 ffff8800ad6230c8 [ 30.253267] ffff8800b39174c8 1ffff1003a5b3e8c ffff8800b882f180 ffff8801c9b74ea0 [ 30.261292] ffff8801c9968012 ffff8801c9968520 ffff8800a9e28000 ffff8800ad623088 [ 30.269308] Call Trace: [ 30.271882] [] ? ip6_output+0x520/0x520 [ 30.277492] [] ? sock_wmalloc+0x78/0xe0 [ 30.283106] [] ? debug_check_no_locks_freed+0x2c0/0x2c0 [ 30.290110] [] ? ip6_setup_cork+0x11a0/0x11a0 [ 30.296242] [] ? debug_check_no_locks_freed+0x250/0x2c0 [ 30.303245] [] udp_v6_push_pending_frames+0x20a/0x340 [ 30.310069] [] ? udpv6_destroy_sock+0xd0/0xd0 [ 30.316206] [] ? __udpv6_queue_rcv_skb+0x470/0x470 [ 30.322769] [] udpv6_sendmsg+0x1f12/0x2500 [ 30.328638] [] ? update_stats_wait_end+0x4c5/0xa30 [ 30.335205] [] ? __udpv6_queue_rcv_skb+0x470/0x470 [ 30.341767] [] ? udp6_lib_lookup+0x60/0x60 [ 30.347643] [] ? avc_has_perm_noaudit+0x460/0x460 [ 30.354123] [] ? sock_has_perm+0x1c1/0x400 [ 30.359996] [] ? sock_has_perm+0x29f/0x400 [ 30.365864] [] ? sock_has_perm+0x9f/0x400 [ 30.371646] [] ? selinux_file_send_sigiotask+0x310/0x310 [ 30.378733] [] ? inet_sendmsg+0x73/0x4c0 [ 30.384430] [] ? inet_sendmsg+0x201/0x4c0 [ 30.390217] [] inet_sendmsg+0x2bc/0x4c0 [ 30.395823] [] ? inet_sendmsg+0x73/0x4c0 [ 30.401516] [] ? inet_recvmsg+0x4c0/0x4c0 [ 30.407301] [] sock_sendmsg+0xca/0x110 [ 30.412820] [] ___sys_sendmsg+0x312/0x7c0 [ 30.418603] [] ? copy_msghdr_from_user+0x550/0x550 [ 30.425181] [] ? wake_up_q+0xbe/0x130 [ 30.430625] [] ? drop_futex_key_refs.isra.10+0x6c/0xe0 [ 30.437539] [] ? __fget+0x47/0x3b0 [ 30.442716] [] ? copy_msghdr_from_user+0x550/0x550 [ 30.449280] [] ? __fget+0x20b/0x3b0 [ 30.454542] [] ? __fget+0x232/0x3b0 [ 30.459804] [] ? __fget+0x47/0x3b0 [ 30.464978] [] ? __fget_light+0xa1/0x1e0 [ 30.470676] [] ? __fdget+0x18/0x20 [ 30.475853] [] __sys_sendmmsg+0x1d6/0x2e0 [ 30.481636] [] ? SyS_sendmsg+0x50/0x50 [ 30.487156] [] ? __fget_light+0xa1/0x1e0 [ 30.491910] ---[ end trace f0c90f90ca110eac ]--- [ 30.491914] Kernel panic - not syncing: Fatal exception [ 30.502905] [] ? __fdget+0x18/0x20 [ 30.508068] [] ? sockfd_lookup_light+0x118/0x160 [ 30.514456] [] ? compat_SyS_futex+0x1f9/0x2a0 [ 30.520574] [] ? fd_install+0x4d/0x60 [ 30.525999] [] ? compat_SyS_get_robust_list+0x300/0x300 [ 30.532987] [] ? move_addr_to_kernel+0x50/0x50 [ 30.539195] [] compat_SyS_sendmmsg+0x32/0x40 [ 30.545227] [] ? compat_SyS_sendmsg+0x40/0x40 [ 30.551347] [] do_fast_syscall_32+0x314/0x890 [ 30.557467] [] sysenter_flags_fixed+0xd/0x17 [ 30.563492] Code: 08 84 c9 0f 85 c0 08 00 00 41 3b 45 7c 72 17 e8 8c 27 05 fe 45 89 e6 4d 01 f7 4d 89 bd d0 00 00 00 e9 17 f2 ff ff e8 75 27 05 fe <0f> 0b e8 6e 27 05 fe 48 8b 7c 24 50 e8 34 d2 fe ff 41 89 c4 e9 [ 30.590321] RIP [] __ip6_make_skb+0x120b/0x1c30 [ 30.596732] RSP [ 30.600745] Dumping ftrace buffer: [ 30.604266] (ftrace buffer empty) [ 30.607944] Kernel Offset: disabled [ 30.611540] Rebooting in 86400 seconds..