[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[   19.177991] random: sshd: uninitialized urandom read (32 bytes read)
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   23.294509] random: sshd: uninitialized urandom read (32 bytes read)
[   23.573462] random: sshd: uninitialized urandom read (32 bytes read)
[   24.429728] random: sshd: uninitialized urandom read (32 bytes read)
[   24.590807] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.0.23' (ECDSA) to the list of known hosts.
[   30.126188] random: sshd: uninitialized urandom read (32 bytes read)
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[   30.229810] BTRFS: device fsid ecf6f2a2-2997-48ae-b81e-1b00920efd9a devid 0 transid 210 /dev/loop0
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[   30.316162] print_req_error: I/O error, dev loop4, sector 128
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[   30.385725] print_req_error: I/O error, dev loop2, sector 128
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[   30.724622] WARNING: CPU: 1 PID: 4535 at fs/btrfs/volumes.c:1071 close_fs_devices+0xbf0/0xfd0
[   30.733341] Kernel panic - not syncing: panic_on_warn set ...
[   30.733341] 
[   30.740725] CPU: 1 PID: 4535 Comm: syz-executor936 Not tainted 4.18.0-rc1+ #107
[   30.748178] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   30.757608] Call Trace:
[   30.760214]  dump_stack+0x1c9/0x2b4
[   30.763860]  ? dump_stack_print_info.cold.2+0x52/0x52
[   30.769096]  panic+0x238/0x4e7
[   30.772314]  ? add_taint.cold.5+0x16/0x16
[   30.776477]  ? __warn.cold.8+0x148/0x1ba
[   30.780721]  ? __warn.cold.8+0x117/0x1ba
[   30.784796]  ? close_fs_devices+0xbf0/0xfd0
[   30.789134]  __warn.cold.8+0x163/0x1ba
[   30.793032]  ? close_fs_devices+0xbf0/0xfd0
[   30.797364]  report_bug+0x252/0x2d0
[   30.800999]  do_error_trap+0x1fc/0x4d0
[   30.804893]  ? trace_hardirqs_on+0xd/0x10
[   30.809048]  ? math_error+0x3f0/0x3f0
[   30.812855]  ? note_gp_changes+0x550/0x550
[   30.817095]  ? __blkdev_put+0x3f1/0x830
[   30.821087]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   30.825938]  do_invalid_op+0x1b/0x20
[   30.829661]  invalid_op+0x14/0x20
[   30.833131] RIP: 0010:close_fs_devices+0xbf0/0xfd0
[   30.838049] Code: 54 af fe 0f 0b e8 f0 54 af fe 0f 0b 48 89 f7 e8 d6 1f ed fe e9 de f5 ff ff e8 dc 54 af fe 0f 0b e9 fd fd ff ff e8 d0 54 af fe <0f> 0b e9 a8 fd ff ff 48 8b bd 58 fd ff ff e8 6d 20 ed fe e9 35 fd 
[   30.857397] RSP: 0018:ffff8801aca4f050 EFLAGS: 00010293
[   30.862777] RAX: ffff8801d9506400 RBX: 0000000000000001 RCX: ffffffff82cc5376
[   30.870059] RDX: 0000000000000000 RSI: ffffffff82cc55d0 RDI: 0000000000000007
[   30.877341] RBP: ffff8801aca4f350 R08: ffff8801d9506400 R09: 0000000000000006
[   30.884644] R10: ffff8801d9506400 R11: 0000000000000000 R12: ffffed0035949e2d
[   30.891935] R13: 1ffff10035949e1d R14: ffff8801aca4f0e8 R15: ffff8801d7e9ed88
[   30.899234]  ? close_fs_devices+0x996/0xfd0
[   30.903599]  ? close_fs_devices+0xbf0/0xfd0
[   30.907946]  ? btrfs_alloc_device+0x8e0/0x8e0
[   30.912454]  ? do_raw_spin_unlock+0xa7/0x2f0
[   30.916876]  ? kasan_check_write+0x14/0x20
[   30.921119]  ? wake_up_q+0xb3/0x100
[   30.924760]  ? __mutex_unlock_slowpath+0x439/0x8c0
[   30.929704]  ? wait_for_completion+0x8d0/0x8d0
[   30.934318]  btrfs_close_devices+0x29/0x150
[   30.938652]  btrfs_mount_root+0x143c/0x1e90
[   30.942996]  ? btrfs_decode_error+0x70/0x70
[   30.947333]  ? save_stack+0x43/0xd0
[   30.950969]  ? __kasan_slab_free+0x11a/0x170
[   30.955384]  ? kasan_slab_free+0xe/0x10
[   30.959533]  ? kfree+0xd9/0x260
[   30.962820]  ? mount_fs+0xae/0x328
[   30.966363]  ? vfs_kern_mount.part.34+0xdc/0x4e0
[   30.971117]  ? do_mount+0x581/0x30e0
[   30.974831]  ? ksys_mount+0x12d/0x140
[   30.978634]  ? __x64_sys_mount+0xbe/0x150
[   30.982814]  ? do_syscall_64+0x1b9/0x820
[   30.986883]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   30.992259]  ? kasan_check_read+0x11/0x20
[   30.996412]  ? do_raw_spin_unlock+0xa7/0x2f0
[   31.000831]  ? do_raw_spin_trylock+0x1c0/0x1c0
[   31.005428]  ? do_raw_spin_lock+0xc1/0x200
[   31.009696]  mount_fs+0xae/0x328
[   31.013074]  ? debug_check_no_obj_freed+0x30b/0x595
[   31.018100]  vfs_kern_mount.part.34+0xdc/0x4e0
[   31.022696]  ? may_umount+0xb0/0xb0
[   31.026334]  ? kfree+0x111/0x260
[   31.029706]  ? btrfs_mount+0x84c/0x215e
[   31.033694]  vfs_kern_mount+0x40/0x60
[   31.037507]  btrfs_mount+0x4a9/0x215e
[   31.041313]  ? kasan_check_read+0x11/0x20
[   31.045465]  ? rcu_is_watching+0x8c/0x150
[   31.049627]  ? btrfs_remount+0x1710/0x1710
[   31.053876]  ? __lockdep_init_map+0x105/0x590
[   31.058387]  ? __lockdep_init_map+0x105/0x590
[   31.062897]  ? lockdep_init_map+0x9/0x10
[   31.066964]  ? __init_waitqueue_head+0x9e/0x150
[   31.071638]  ? init_wait_entry+0x1c0/0x1c0
[   31.075884]  ? memcpy+0x45/0x50
[   31.079173]  ? alloc_vfsmnt+0x779/0x9f0
[   31.083151]  ? mnt_free_id.isra.27+0x60/0x60
[   31.087565]  ? kasan_check_read+0x11/0x20
[   31.091722]  ? graph_lock+0x170/0x170
[   31.095549]  ? rcu_pm_notify+0xc0/0xc0
[   31.099455]  ? find_held_lock+0x36/0x1c0
[   31.103532]  ? lock_downgrade+0x8f0/0x8f0
[   31.107699]  mount_fs+0xae/0x328
[   31.111065]  ? btrfs_remount+0x1710/0x1710
[   31.115305]  ? mount_fs+0xae/0x328
[   31.118851]  ? mpi_free.cold.1+0x19/0x19
[   31.123014]  vfs_kern_mount.part.34+0xdc/0x4e0
[   31.127608]  ? may_umount+0xb0/0xb0
[   31.131244]  ? _raw_read_unlock+0x22/0x30
[   31.135401]  ? __get_fs_type+0x97/0xc0
[   31.139300]  do_mount+0x581/0x30e0
[   31.142848]  ? do_raw_spin_unlock+0xa7/0x2f0
[   31.147269]  ? copy_mount_string+0x40/0x40
[   31.151519]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   31.156289]  ? __do_page_fault+0x449/0xe50
[   31.160536]  ? retint_kernel+0x10/0x10
[   31.164444]  ? memset+0x31/0x40
[   31.167737]  ? copy_mount_options+0x285/0x380
[   31.172245]  ksys_mount+0x12d/0x140
[   31.175880]  __x64_sys_mount+0xbe/0x150
[   31.179863]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   31.184894]  do_syscall_64+0x1b9/0x820
[   31.188797]  ? syscall_return_slowpath+0x5e0/0x5e0
[   31.193739]  ? syscall_return_slowpath+0x31d/0x5e0
[   31.198700]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[   31.204083]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   31.208946]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   31.214137] RIP: 0033:0x446ffa
[   31.217319] Code: b8 08 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 1d aa fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 fa a9 fb ff c3 66 0f 1f 84 00 00 00 00 00 
[   31.236661] RSP: 002b:00007fff166ae5c8 EFLAGS: 00000293 ORIG_RAX: 00000000000000a5
[   31.244389] RAX: ffffffffffffffda RBX: 00007fff166ae5e0 RCX: 0000000000446ffa
[   31.251674] RDX: 00007fff166ae5e0 RSI: 00000000200000c0 RDI: 00007fff166ae600
[   31.258956] RBP: 0000000000000001 R08: 00007fff166ae640 R09: 000000000000000a
[   31.266244] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000023
[   31.273520] R13: 0000000000000024 R14: 0000000000000000 R15: 0000000000000001
[   31.281631] Dumping ftrace buffer:
[   31.285423]    (ftrace buffer empty)
[   31.289114] Kernel Offset: disabled
[   31.292725] Rebooting in 86400 seconds..