[....] Starting OpenBSD Secure Shell server: sshd[ 11.326212] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 27.715126] random: sshd: uninitialized urandom read (32 bytes read) [ 27.940955] audit: type=1400 audit(1543621029.311:6): avc: denied { map } for pid=1770 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 [ 27.977884] random: sshd: uninitialized urandom read (32 bytes read) [ 28.433328] random: sshd: uninitialized urandom read (32 bytes read) [ 43.077564] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.102' (ECDSA) to the list of known hosts. [ 48.844186] random: sshd: uninitialized urandom read (32 bytes read) executing program [ 48.941144] audit: type=1400 audit(1543621050.311:7): avc: denied { map } for pid=1794 comm="syz-executor725" path="/root/syz-executor725102246" dev="sda1" ino=16461 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 48.968048] audit: type=1400 audit(1543621050.321:8): avc: denied { map } for pid=1795 comm="syz-executor725" path="/root/syzkaller.ppuyMF/0/bus" dev="sda1" ino=16484 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 62.723916] ------------[ cut here ]------------ [ 62.728791] WARNING: CPU: 1 PID: 2145 at fs/direct-io.c:293 dio_complete+0x578/0x800 [ 62.736674] Kernel panic - not syncing: panic_on_warn set ... [ 62.736674] [ 62.744065] CPU: 1 PID: 2145 Comm: syz-executor725 Not tainted 4.14.84+ #14 [ 62.751165] Call Trace: [ 62.753757] dump_stack+0xb9/0x11b [ 62.757302] ? dio_complete+0x4d0/0x800 [ 62.761282] panic+0x1bf/0x3a4 [ 62.764478] ? add_taint.cold.4+0x16/0x16 [ 62.768640] ? __probe_kernel_read+0x163/0x1c0 [ 62.773233] ? dio_complete+0x578/0x800 [ 62.777214] __warn.cold.7+0x2f/0x35 [ 62.780932] ? dio_complete+0x578/0x800 [ 62.784910] report_bug+0x1f7/0x26c [ 62.788756] do_error_trap+0x1ba/0x2c0 [ 62.792650] ? math_error+0x2d0/0x2d0 [ 62.796451] ? clear_shadow_entry+0x190/0x190 [ 62.800945] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 62.805778] invalid_op+0x18/0x40 [ 62.809216] RIP: 0010:dio_complete+0x578/0x800 [ 62.813780] RSP: 0018:ffff8881c5d87070 EFLAGS: 00010297 [ 62.819167] RAX: ffff8881c7619780 RBX: ffff8881c61e23c0 RCX: 0000000000000000 [ 62.826424] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff8881c76197a4 [ 62.833679] RBP: 0000000000010000 R08: 0000000000000001 R09: 0000000000000000 [ 62.840932] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8881bed754d8 [ 62.848219] R13: 0000000000010000 R14: 0000000000000002 R15: ffff8881c61e2458 [ 62.855534] ? ext4_update_bh_state+0xe0/0xe0 [ 62.860074] __blockdev_direct_IO+0x7614/0xc4e0 [ 62.864784] ? sb_init_dio_done_wq+0x70/0x70 [ 62.869185] ? trace_hardirqs_on+0x10/0x10 [ 62.873419] ? ext4_dio_get_block_unwritten_async+0x1b0/0x1b0 [ 62.879332] ? ext4_dio_get_block_unwritten_async+0x1b0/0x1b0 [ 62.885206] ext4_direct_IO+0x905/0x27f0 [ 62.889260] ? __filemap_fdatawait_range+0x1c2/0x260 [ 62.894350] ? ext4_da_write_begin+0x1050/0x1050 [ 62.899110] ? filemap_check_errors+0x8b/0xb0 [ 62.903634] generic_file_direct_write+0x225/0x430 [ 62.908554] __generic_file_write_iter+0x213/0x540 [ 62.913470] ? generic_write_checks+0x252/0x410 [ 62.918174] ext4_file_write_iter+0x4f6/0xe20 [ 62.922661] ? ext4_file_mmap+0x1a0/0x1a0 [ 62.926802] ? kasan_kmalloc.part.1+0xa9/0xd0 [ 62.931283] ? kasan_kmalloc.part.1+0x4f/0xd0 [ 62.935764] ? __kmalloc+0x153/0x340 [ 62.939463] ? iter_file_splice_write+0x142/0xab0 [ 62.944291] ? direct_splice_actor+0x116/0x160 [ 62.948891] ? splice_direct_to_actor+0x28c/0x750 [ 62.953719] ? do_splice_direct+0x17b/0x220 [ 62.958047] do_iter_readv_writev+0x3a4/0x560 [ 62.962572] ? clone_verify_area+0x1e0/0x1e0 [ 62.966985] ? security_file_permission+0x88/0x1e0 [ 62.971924] do_iter_write+0x156/0x530 [ 62.975799] ? kasan_unpoison_shadow+0x30/0x40 [ 62.980365] ? kasan_kmalloc+0x76/0xc0 [ 62.984240] vfs_iter_write+0x70/0xa0 [ 62.988044] iter_file_splice_write+0x5b4/0xab0 [ 62.992747] ? vmsplice_to_user+0x1e0/0x1e0 [ 62.997058] ? avc_policy_seqno+0x5/0x10 [ 63.001116] ? vmsplice_to_user+0x1e0/0x1e0 [ 63.005425] direct_splice_actor+0x116/0x160 [ 63.009819] splice_direct_to_actor+0x28c/0x750 [ 63.014475] ? pipe_to_sendpage+0x300/0x300 [ 63.018785] ? do_splice_to+0x150/0x150 [ 63.022743] ? security_file_permission+0x88/0x1e0 [ 63.027703] do_splice_direct+0x17b/0x220 [ 63.031839] ? splice_direct_to_actor+0x750/0x750 [ 63.036672] ? rcu_read_lock_sched_held+0x102/0x120 [ 63.041676] do_sendfile+0x4a1/0xb50 [ 63.045381] ? do_compat_pwritev64+0x170/0x170 [ 63.049947] ? kmem_cache_free+0x2cd/0x350 [ 63.054169] ? SyS_futex+0x1b7/0x2b5 [ 63.057874] SyS_sendfile64+0x11f/0x140 [ 63.061834] ? SyS_sendfile+0x150/0x150 [ 63.065835] ? do_syscall_64+0x43/0x4b0 [ 63.069794] ? SyS_sendfile+0x150/0x150 [ 63.073754] do_syscall_64+0x19b/0x4b0 [ 63.077672] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 63.082887] RIP: 0033:0x4471e9 [ 63.086063] RSP: 002b:00007efe3d436ce8 EFLAGS: 00000206 ORIG_RAX: 0000000000000028 [ 63.093756] RAX: ffffffffffffffda RBX: 00000000006dcc58 RCX: 00000000004471e9 [ 63.101059] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000003 [ 63.108312] RBP: 00000000006dcc50 R08: 0000000000000000 R09: 0000000000000000 [ 63.115563] R10: 00008000fffffffe R11: 0000000000000206 R12: 00000000006dcc5c [ 63.122858] R13: 00007ffda9224a1f R14: 00007efe3d4379c0 R15: 00000000006dcd4c [ 63.130602] Kernel Offset: 0x22800000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff) [ 63.141531] Rebooting in 86400 seconds..