[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 16.476247] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. [ 16.973908] random: sshd: uninitialized urandom read (32 bytes read) [ 17.261141] random: sshd: uninitialized urandom read (32 bytes read) Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 18.014156] random: sshd: uninitialized urandom read (32 bytes read) [ 18.147302] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.38' (ECDSA) to the list of known hosts. [ 23.662256] random: sshd: uninitialized urandom read (32 bytes read) executing program [ 23.746844] IPVS: ftp: loaded support on port[0] = 21 [ 23.781048] kasan: CONFIG_KASAN_INLINE enabled [ 23.781060] kasan: CONFIG_KASAN_INLINE enabled [ 23.785695] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 23.785709] general protection fault: 0000 [#1] SMP KASAN [ 23.785725] CPU: 1 PID: 4446 Comm: syz-executor685 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 23.790293] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 23.797619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 23.797637] RIP: 0010:list_lru_count_one+0x156/0x460 [ 23.797644] Code: 08 3c 03 0f 8e b5 02 00 00 4d 63 bd d8 0a 00 00 e8 7f 35 d2 ff 48 8d 7b 50 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 d8 02 00 00 49 8d 46 c0 4c 8b 6b 50 48 ba 00 00 [ 23.852516] RSP: 0018:ffff8801afe27198 EFLAGS: 00010206 [ 23.857862] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffff81aa3a64 [ 23.865116] RDX: 000000000000000a RSI: ffffffff81aa3ad1 RDI: 0000000000000050 [ 23.872368] RBP: ffff8801afe27228 R08: ffff8801b0394480 R09: 0000000000000000 [ 23.879631] R10: ffffed00360172a8 R11: ffff8801b00b9547 R12: 1ffff10035fc4e34 [ 23.886882] R13: ffff8801b0ef4180 R14: ffff8801afe27200 R15: 0000000000000000 [ 23.894136] FS: 0000000000e0e880(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000 [ 23.902353] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 23.908215] CR2: 00000000006ce080 CR3: 00000001ab395000 CR4: 00000000001406e0 [ 23.915468] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 23.922720] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 23.929969] Call Trace: [ 23.932542] ? list_lru_isolate_move+0x3c0/0x3c0 [ 23.937296] ? trace_hardirqs_on+0x10/0x10 [ 23.941518] ? copy_process.part.41+0x3c4/0x73f0 [ 23.946257] super_cache_count+0x153/0x2e0 [ 23.950496] ? __radix_tree_lookup+0x491/0x610 [ 23.955063] do_shrink_slab+0x148/0xc50 [ 23.959025] ? node_tag_get.constprop.17+0xa0/0xa0 [ 23.963937] ? snapshot_refaults+0x290/0x290 [ 23.968328] ? inactive_list_is_low+0x2f9/0x850 [ 23.972991] ? shrink_slab+0x1f3/0xa60 [ 23.976860] ? downgrade_write+0x2b0/0x2b0 [ 23.981091] ? throttle_direct_reclaim+0x9f0/0x9f0 [ 23.986009] ? radix_tree_lookup+0x21/0x30 [ 23.990227] shrink_slab+0x861/0xa60 [ 23.993926] ? unregister_memcg_shrinker.isra.39+0x50/0x50 [ 23.999547] ? try_to_wake_up+0x10a/0x12b0 [ 24.003775] ? reweight_entity+0x1100/0x1100 [ 24.008173] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 24.012928] ? retint_kernel+0x10/0x10 [ 24.016805] shrink_node+0x429/0x16a0 [ 24.020609] ? shrink_node_memcg+0x18f0/0x18f0 [ 24.025174] ? kvm_clock_read+0x25/0x30 [ 24.029133] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 24.034135] ? ktime_get_raw_ts64+0x4f0/0x4f0 [ 24.038613] ? kasan_check_read+0x11/0x20 [ 24.042754] ? do_raw_spin_unlock+0xa7/0x2f0 [ 24.047146] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 24.051725] ? kasan_check_write+0x14/0x20 [ 24.055943] ? do_raw_spin_lock+0xc1/0x200 [ 24.060164] do_try_to_free_pages+0x3e7/0x1290 [ 24.064733] ? shrink_node+0x16a0/0x16a0 [ 24.068779] ? lock_acquire+0x1e4/0x540 [ 24.072737] ? lock_acquire+0x1e4/0x540 [ 24.076695] ? lock_downgrade+0x8f0/0x8f0 [ 24.080828] try_to_free_mem_cgroup_pages+0x49d/0xc90 [ 24.086004] ? kasan_check_read+0x11/0x20 [ 24.090699] ? try_to_free_pages+0xb80/0xb80 [ 24.095095] ? kasan_check_read+0x11/0x20 [ 24.099231] ? trace_hardirqs_off+0xd/0x10 [ 24.103453] ? trace_hardirqs_on+0xd/0x10 [ 24.107591] ? cgroup_file_notify+0x226/0x2f0 [ 24.112071] ? cgroup_procs_write_finish+0xf0/0xf0 [ 24.116985] ? do_raw_spin_lock+0xc1/0x200 [ 24.121207] ? get_mem_cgroup_from_mm+0x209/0x440 [ 24.126035] reclaim_high.constprop.73+0x137/0x1e0 [ 24.130959] ? memcg_oom_wake_function+0x6b0/0x6b0 [ 24.135875] ? done_path_create+0xcc/0x110 [ 24.140093] mem_cgroup_handle_over_high+0x8d/0x130 [ 24.145099] exit_to_usermode_loop+0x287/0x380 [ 24.149674] ? syscall_slow_exit_work+0x500/0x500 [ 24.154504] do_syscall_64+0x6be/0x820 [ 24.158375] ? syscall_return_slowpath+0x5e0/0x5e0 [ 24.163286] ? syscall_return_slowpath+0x31d/0x5e0 [ 24.168217] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 24.173216] ? prepare_exit_to_usermode+0x291/0x3b0 [ 24.178214] ? perf_trace_sys_enter+0xb10/0xb10 [ 24.182878] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 24.187717] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 24.192902] RIP: 0033:0x44021a [ 24.196070] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 24.215251] RSP: 002b:00007ffe6c6b8a00 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 24.222941] RAX: 0000000000000003 RBX: 0000000000000000 RCX: 000000000044021a [ 24.230193] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 24.237448] RBP: 00007ffe6c6b8a20 R08: 0000000000000001 R09: 0000000000e0e880 [ 24.244699] R10: 0000000000e0eb50 R11: 0000000000000246 R12: 0000000000000001 [ 24.251951] R13: 0000000000005cdb R14: 0000000000000000 R15: 0000000000000000 [ 24.259204] Modules linked in: [ 24.262379] Dumping ftrace buffer: [ 24.265907] (ftrace buffer empty) [ 24.269616] general protection fault: 0000 [#2] SMP KASAN [ 24.269870] ---[ end trace 17104fae47c19aec ]--- [ 24.275156] CPU: 0 PID: 4448 Comm: syz-executor685 Tainted: G D 4.18.0-rc4-next-20180713+ #7 [ 24.275163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 24.275177] RIP: 0010:list_lru_count_one+0x156/0x460 [ 24.275184] Code: [ 24.279939] RIP: 0010:list_lru_count_one+0x156/0x460 [ 24.289776] 08 3c 03 0f 8e [ 24.299133] Code: [ 24.304206] b5 02 00 00 4d 63 [ 24.306360] 08 [ 24.311422] bd d8 0a 00 00 [ 24.314356] 3c [ 24.316468] e8 7f 35 d2 ff 48 [ 24.319662] 03 [ 24.321514] 8d 7b 50 48 b8 [ 24.324446] 0f [ 24.326294] 00 00 00 00 00 fc [ 24.329487] 8e [ 24.331354] ff df 48 89 fa 48 [ 24.334291] b5 [ 24.336154] c1 ea 03 <80> 3c 02 [ 24.339348] 02 [ 24.341202] 00 0f 85 d8 02 [ 24.344397] 00 [ 24.346250] 00 00 49 8d 46 c0 [ 24.349618] 00 [ 24.351469] 4c 8b 6b 50 48 [ 24.354401] 4d [ 24.356253] ba 00 00 [ 24.356267] RSP: 0018:ffff8801aff9f1e0 EFLAGS: 00010206 [ 24.359451] 63 [ 24.361309] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffff81aa3a64 [ 24.361316] RDX: 000000000000000a RSI: ffffffff81aa3ad1 RDI: 0000000000000050 [ 24.361327] RBP: ffff8801aff9f270 R08: ffff8801b05ae040 R09: 0000000000000000 [ 24.364237] bd [ 24.366097] R10: ffffed00360172a8 R11: ffff8801b00b9547 R12: 1ffff10035ff3e3d [ 24.366105] R13: ffff8801b0ef4180 R14: ffff8801aff9f248 R15: 0000000000000000 [ 24.366118] FS: 0000000000e0e880(0000) GS:ffff8801dae00000(0000) knlGS:0000000000000000 [ 24.368507] d8 [ 24.373837] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 24.373844] CR2: 0000000000e0eb50 CR3: 00000001b0fe0000 CR4: 00000000001406f0 [ 24.373855] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 24.375729] 0a [ 24.382968] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 24.382972] Call Trace: [ 24.382994] ? list_lru_isolate_move+0x3c0/0x3c0 [ 24.390242] 00 [ 24.397505] super_cache_count+0x153/0x2e0 [ 24.397524] ? __radix_tree_lookup+0x491/0x610 [ 24.399387] 00 [ 24.406633] do_shrink_slab+0x148/0xc50 [ 24.406651] ? node_tag_get.constprop.17+0xa0/0xa0 [ 24.413896] e8 [ 24.422112] ? snapshot_refaults+0x290/0x290 [ 24.422129] ? kasan_check_read+0x11/0x20 [ 24.423993] 7f [ 24.429862] ? shrink_slab+0x1f3/0xa60 [ 24.429877] ? percpu_ref_put_many+0x131/0x240 [ 24.437136] 35 [ 24.444393] ? downgrade_write+0x2b0/0x2b0 [ 24.444409] ? throttle_direct_reclaim+0x9f0/0x9f0 [ 24.446274] d2 [ 24.453521] ? radix_tree_lookup+0x21/0x30 [ 24.453535] shrink_slab+0x861/0xa60 [ 24.456097] ff [ 24.460829] ? unregister_memcg_shrinker.isra.39+0x50/0x50 [ 24.460849] ? lock_downgrade+0x8f0/0x8f0 [ 24.462712] 48 [ 24.466925] ? kasan_check_read+0x11/0x20 [ 24.466941] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 24.471501] 8d [ 24.473368] shrink_node+0x429/0x16a0 [ 24.473391] ? shrink_node_memcg+0x18f0/0x18f0 [ 24.477334] 7b [ 24.482233] ? kvm_clock_read+0x25/0x30 [ 24.482250] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 24.484115] 50 [ 24.488497] ? ktime_get_raw_ts64+0x4f0/0x4f0 [ 24.488512] ? calc_wheel_index+0x260/0x260 [ 24.492638] 48 [ 24.494502] ? kasan_check_write+0x14/0x20 [ 24.494518] ? trace_hardirqs_off+0xd/0x10 [ 24.498379] b8 [ 24.502938] do_try_to_free_pages+0x3e7/0x1290 [ 24.502957] ? shrink_node+0x16a0/0x16a0 [ 24.504819] 00 [ 24.509029] ? lock_acquire+0x1e4/0x540 [ 24.509044] ? percpu_ref_tryget_live+0x143/0x440 [ 24.513960] 00 [ 24.515826] ? lock_downgrade+0x8f0/0x8f0 [ 24.515843] try_to_free_mem_cgroup_pages+0x49d/0xc90 [ 24.520052] 00 [ 24.523739] ? try_to_free_pages+0xb80/0xb80 [ 24.523754] ? kasan_check_read+0x11/0x20 [ 24.525618] 00 [ 24.531217] ? do_raw_spin_lock+0xc1/0x200 [ 24.531234] ? trace_hardirqs_on+0xd/0x10 [ 24.535355] 00 [ 24.537219] ? cgroup_file_notify+0x226/0x2f0 [ 24.537236] ? cgroup_procs_write_finish+0xf0/0xf0 [ 24.541356] fc [ 24.545912] ? get_mem_cgroup_from_mm+0x209/0x440 [ 24.545929] reclaim_high.constprop.73+0x137/0x1e0 [ 24.547792] ff [ 24.551564] ? memcg_oom_wake_function+0x6b0/0x6b0 [ 24.551580] ? vmalloc_sync_all+0x30/0x30 [ 24.556138] df [ 24.558005] ? lock_acquire+0x1e4/0x540 [ 24.558018] mem_cgroup_handle_over_high+0x8d/0x130 [ 24.558036] exit_to_usermode_loop+0x287/0x380 [ 24.561983] 48 [ 24.566978] ? syscall_slow_exit_work+0x500/0x500 [ 24.566994] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 24.568883] 89 [ 24.573364] syscall_return_slowpath+0x533/0x5e0 [ 24.573380] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 24.577687] fa [ 24.579566] ? __put_user_4+0x1c/0x30 [ 24.579582] ret_from_fork+0x15/0x50 [ 24.583792] 48 [ 24.587997] RIP: 0033:0x44021a [ 24.588000] Code: Bad RIP value. [ 24.588024] RSP: 002b:00007ffe6c6b8a00 EFLAGS: 00000246 [ 24.589897] c1 [ 24.594442] ORIG_RAX: 0000000000000038 [ 24.594449] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 000000000044021a [ 24.594455] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 24.594466] RBP: 00007ffe6c6b8a20 R08: 0000000000000001 R09: 0000000000e0e880 [ 24.598516] ea [ 24.600374] R10: 0000000000e0eb50 R11: 0000000000000246 R12: 0000000000000001 [ 24.600382] R13: 0000000000005cdb R14: 0000000000000000 R15: 0000000000000000 [ 24.600392] Modules linked in: [ 24.604350] 03 [ 24.609161] Dumping ftrace buffer: [ 24.609167] (ftrace buffer empty) [ 24.609247] ---[ end trace 17104fae47c19aed ]--- [ 24.611056] <80> [ 24.615197] RIP: 0010:list_lru_count_one+0x156/0x460 [ 24.615203] Code: [ 24.620379] 3c [ 24.622255] 08 [ 24.626650] 02 [ 24.630779] 3c 03 [ 24.632662] 00 [ 24.636877] 0f 8e [ 24.641019] 0f [ 24.642890] b5 02 [ 24.647377] 85 [ 24.652285] 00 00 [ 24.654171] d8 [ 24.659019] 4d [ 24.663935] 02 [ 24.665806] 63 bd [ 24.670725] 00 [ 24.674855] d8 0a [ 24.676737] 00 [ 24.680693] 00 00 [ 24.685702] 49 [ 24.690265] e8 7f [ 24.692148] 8d [ 24.696971] 35 d2 [ 24.701720] 46 [ 24.703591] ff 48 [ 24.708339] c0 [ 24.713334] 8d 7b [ 24.715216] 4c [ 24.718996] 50 48 [ 24.722707] 8b [ 24.724590] b8 00 [ 24.727789] 6b [ 24.731134] 00 00 [ 24.736492] 50 [ 24.738361] 00 00 [ 24.742326] 48 [ 24.749589] fc ff [ 24.756861] ba [ 24.764133] df [ 24.766018] 00 [ 24.773271] 48 89 [ 24.780538] 00 [ 24.783711] fa 48 [ 24.789112] c1 ea [ 24.792840] RSP: 0018:ffff8801afe27198 EFLAGS: 00010206 [ 24.797583] 03 [ 24.804715] <80> 3c [ 24.806862] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffff81aa3a64 [ 24.808726] 02 00 [ 24.810614] RDX: 000000000000000a RSI: ffffffff81aa3ad1 RDI: 0000000000000050 [ 24.812479] 0f 85 [ 24.814626] RBP: ffff8801afe27228 R08: ffff8801b0394480 R09: 0000000000000000 [ 24.816505] d8 02 [ 24.818655] R10: ffffed00360172a8 R11: ffff8801b00b9547 R12: 1ffff10035fc4e34 [ 24.820522] 00 00 49 [ 24.822686] R13: ffff8801b0ef4180 R14: ffff8801afe27200 R15: 0000000000000000 [ 24.824553] 8d 46 [ 24.826715] FS: 0000000000e0e880(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000 [ 24.828579] c0 4c [ 24.830466] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 24.832331] 8b 6b [ 24.834492] CR2: 00000000006ce080 CR3: 00000001ab395000 CR4: 00000000001406e0 [ 24.836358] 50 48 [ 24.838509] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 24.840375] ba 00 [ 24.842525] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 24.844392] 00 [ 24.844406] RSP: 0018:ffff8801afe27198 EFLAGS: 00010206 [ 24.846542] Kernel panic - not syncing: Fatal exception [ 24.851014] Dumping ftrace buffer: [ 24.851019] (ftrace buffer empty) [ 24.851022] Kernel Offset: disabled [ 25.016901] Rebooting in 86400 seconds..