[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 14.428703] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 19.283200] random: sshd: uninitialized urandom read (32 bytes read) [ 19.625196] random: sshd: uninitialized urandom read (32 bytes read) [ 20.426982] random: sshd: uninitialized urandom read (32 bytes read) [ 20.566737] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.33' (ECDSA) to the list of known hosts. [ 26.034732] random: sshd: uninitialized urandom read (32 bytes read) 2018/04/25 03:20:09 parsed 1 programs 2018/04/25 03:20:09 executed programs: 0 [ 26.494439] IPVS: Creating netns size=2536 id=1 [ 26.516164] IPVS: Creating netns size=2536 id=2 [ 26.553010] IPVS: Creating netns size=2536 id=3 [ 26.601896] IPVS: Creating netns size=2536 id=4 [ 26.646564] IPVS: Creating netns size=2536 id=5 [ 26.673218] IPVS: Creating netns size=2536 id=6 [ 26.706235] IPVS: Creating netns size=2536 id=7 [ 26.755085] IPVS: Creating netns size=2536 id=8 2018/04/25 03:20:15 executed programs: 854 2018/04/25 03:20:20 executed programs: 1715 2018/04/25 03:20:25 executed programs: 2576 2018/04/25 03:20:30 executed programs: 3451 [ 49.375906] ================================================================== [ 49.383309] BUG: KASAN: out-of-bounds in __unwind_start+0x37c/0x3c0 [ 49.389705] Read of size 8 at addr ffff8801c9897810 by task syz-executor2/14083 [ 49.397136] [ 49.398757] CPU: 0 PID: 14083 Comm: syz-executor2 Not tainted 4.9.96-g320d53a #10 [ 49.406363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 49.415708] ffff8801b9367768 ffffffff81eb0b69 ffffea00072625c0 ffff8801c9897810 [ 49.423744] 0000000000000000 ffff8801c9897818 ffff8801b93678a0 ffff8801b93677a0 [ 49.431774] ffffffff8156540b ffff8801c9897810 0000000000000008 0000000000000000 [ 49.439816] Call Trace: [ 49.442389] [] dump_stack+0xc1/0x128 [ 49.447751] [] print_address_description+0x6c/0x234 [ 49.454433] [] kasan_report.cold.6+0x242/0x2fe [ 49.460670] [] ? __unwind_start+0x37c/0x3c0 [ 49.466633] [] __asan_report_load8_noabort+0x14/0x20 [ 49.473376] [] __unwind_start+0x37c/0x3c0 [ 49.479167] [] ? ptrace_may_access+0x24/0x50 [ 49.485212] [] __save_stack_trace+0x59/0xf0 [ 49.491158] [] save_stack_trace_tsk+0x48/0x70 [ 49.497276] [] proc_pid_stack+0x148/0x220 [ 49.503074] [] ? lock_trace+0xc0/0xc0 [ 49.508498] [] proc_single_show+0xfd/0x170 [ 49.514359] [] traverse+0x363/0x920 [ 49.519612] [] ? seq_buf_alloc+0x80/0x80 [ 49.525301] [] seq_read+0xd19/0x12e0 [ 49.530637] [] ? putname+0xdb/0x110 [ 49.535892] [] ? do_futex+0x174/0x1770 [ 49.541429] [] ? seq_dentry+0x290/0x290 [ 49.547044] [] ? debug_check_no_locks_freed+0x210/0x210 [ 49.554048] [] ? fsnotify+0x114/0x1100 [ 49.559564] [] __vfs_read+0x115/0x570 [ 49.565003] [] ? seq_dentry+0x290/0x290 [ 49.570601] [] ? do_iter_readv_writev+0x4b0/0x4b0 [ 49.577068] [] ? __fsnotify_update_child_dentry_flags.part.1+0x300/0x300 [ 49.585528] [] ? fsnotify+0x1100/0x1100 [ 49.591124] [] ? avc_policy_seqno+0x9/0x20 [ 49.596980] [] ? selinux_file_permission+0x82/0x470 [ 49.603626] [] ? security_file_permission+0x8f/0x1f0 [ 49.610358] [] ? rw_verify_area+0xe5/0x2b0 [ 49.616223] [] vfs_read+0x120/0x380 [ 49.621473] [] SyS_pread64+0x145/0x170 [ 49.626994] [] ? SyS_write+0x1c0/0x1c0 [ 49.632505] [] ? up_read+0x1a/0x40 [ 49.637673] [] sys32_pread+0x39/0x50 [ 49.643036] [] ? sys32_waitpid+0x30/0x30 [ 49.648727] [] do_fast_syscall_32+0x2f7/0x870 [ 49.654845] [] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 49.661493] [] entry_SYSENTER_compat+0x90/0xa2 [ 49.667702] [ 49.669308] The buggy address belongs to the page: [ 49.674213] page:ffffea00072625c0 count:0 mapcount:0 mapping: (null) index:0x0 [ 49.682450] flags: 0x8000000000000000() [ 49.686398] page dumped because: kasan: bad access detected [ 49.692074] [ 49.693673] Memory state around the buggy address: [ 49.698574] ffff8801c9897700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 49.705904] ffff8801c9897780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 49.713235] >ffff8801c9897800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 49.720562] ^ [ 49.724678] ffff8801c9897880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 49.732007] ffff8801c9897900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 49.739344] ================================================================== [ 49.746760] Disabling lock debugging due to kernel taint [ 49.754849] Kernel panic - not syncing: panic_on_warn set ... [ 49.754849] [ 49.762228] CPU: 0 PID: 14083 Comm: syz-executor2 Tainted: G B 4.9.96-g320d53a #10 [ 49.771048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 49.780395] ffff8801b93676c8 ffffffff81eb0b69 ffffffff841c492d 00000000ffffffff [ 49.788378] 0000000000000000 0000000000000000 ffff8801b93678a0 ffff8801b9367788 [ 49.796385] ffffffff8141f975 0000000041b58ab3 ffffffff841b8030 ffffffff8141f7b6 [ 49.804387] Call Trace: [ 49.806946] [] dump_stack+0xc1/0x128 [ 49.812282] [] panic+0x1bf/0x3bc [ 49.817283] [] ? add_taint.cold.6+0x16/0x16 [ 49.823233] [] ? ___preempt_schedule+0x16/0x18 [ 49.829450] [] kasan_end_report+0x47/0x4f [ 49.835314] [] kasan_report.cold.6+0x76/0x2fe [ 49.841437] [] ? __unwind_start+0x37c/0x3c0 [ 49.847387] [] __asan_report_load8_noabort+0x14/0x20 [ 49.854126] [] __unwind_start+0x37c/0x3c0 [ 49.859928] [] ? ptrace_may_access+0x24/0x50 [ 49.865963] [] __save_stack_trace+0x59/0xf0 [ 49.871908] [] save_stack_trace_tsk+0x48/0x70 [ 49.878032] [] proc_pid_stack+0x148/0x220 [ 49.883803] [] ? lock_trace+0xc0/0xc0 [ 49.889225] [] proc_single_show+0xfd/0x170 [ 49.895084] [] traverse+0x363/0x920 [ 49.900333] [] ? seq_buf_alloc+0x80/0x80 [ 49.906022] [] seq_read+0xd19/0x12e0 [ 49.911364] [] ? putname+0xdb/0x110 [ 49.916617] [] ? do_futex+0x174/0x1770 [ 49.922133] [] ? seq_dentry+0x290/0x290 [ 49.927731] [] ? debug_check_no_locks_freed+0x210/0x210 [ 49.934717] [] ? fsnotify+0x114/0x1100 [ 49.940228] [] __vfs_read+0x115/0x570 [ 49.945655] [] ? seq_dentry+0x290/0x290 [ 49.951254] [] ? do_iter_readv_writev+0x4b0/0x4b0 [ 49.957721] [] ? __fsnotify_update_child_dentry_flags.part.1+0x300/0x300 [ 49.966206] [] ? fsnotify+0x1100/0x1100 [ 49.971815] [] ? avc_policy_seqno+0x9/0x20 [ 49.977682] [] ? selinux_file_permission+0x82/0x470 [ 49.984319] [] ? security_file_permission+0x8f/0x1f0 [ 49.991055] [] ? rw_verify_area+0xe5/0x2b0 [ 49.996910] [] vfs_read+0x120/0x380 [ 50.002162] [] SyS_pread64+0x145/0x170 [ 50.007672] [] ? SyS_write+0x1c0/0x1c0 [ 50.013179] [] ? up_read+0x1a/0x40 [ 50.018342] [] sys32_pread+0x39/0x50 [ 50.023679] [] ? sys32_waitpid+0x30/0x30 [ 50.029373] [] do_fast_syscall_32+0x2f7/0x870 [ 50.035579] [] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 50.042219] [] entry_SYSENTER_compat+0x90/0xa2 [ 50.048852] Dumping ftrace buffer: [ 50.052366] (ftrace buffer empty) [ 50.056062] Kernel Offset: disabled [ 50.059759] Rebooting in 86400 seconds..