[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[   14.267971][ T1664] random: sshd: uninitialized urandom read (32 bytes read)
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   21.828271][ T1701] random: sshd: uninitialized urandom read (32 bytes read)
[   21.973760][ T1704] random: sshd: uninitialized urandom read (32 bytes read)
[   22.035812][    C1] random: crng init done
Warning: Permanently added '10.128.0.137' (ECDSA) to the list of known hosts.
2019/09/03 12:58:06 fuzzer started
2019/09/03 12:58:07 dialing manager at 10.128.0.105:43075
2019/09/03 12:58:07 syscalls: 84
2019/09/03 12:58:07 code coverage: enabled
2019/09/03 12:58:07 comparison tracing: enabled
2019/09/03 12:58:07 extra coverage: enabled
2019/09/03 12:58:07 setuid sandbox: enabled
2019/09/03 12:58:07 namespace sandbox: enabled
2019/09/03 12:58:07 Android sandbox: /sys/fs/selinux/policy does not exist
2019/09/03 12:58:07 fault injection: enabled
2019/09/03 12:58:07 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2019/09/03 12:58:07 net packet injection: /dev/net/tun can't be opened (open /dev/net/tun: no such device)
2019/09/03 12:58:07 net device setup: enabled
12:58:08 executing program 0:
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x7d, 0xce, 0xbb, 0x8, 0xfe6, 0x9700, 0x8948, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xa3, 0x0, 0x2, 0x5d, 0xb9, 0x16, 0x0, [], [{{0x9, 0x5, 0x7, 0x2}}, {{0x9, 0x5, 0x8c, 0x2}}]}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000240)={0x24, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000500)={0x2c, &(0x7f0000000280)={0x0, 0x0, 0x6, "8624e5e72cdb"}, 0x0, 0x0, &(0x7f00000003c0)={0x20, 0x1, 0x1, "fd"}, 0x0})
syz_usb_control_io(r0, &(0x7f0000000200)={0x2c, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000080)={0xac, &(0x7f00000003c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

12:58:08 executing program 2:
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0xe0, 0xa0, 0x2c, 0x8, 0x43e, 0x3101, 0x95bd, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x2e, 0x0, 0x0, 0xe8, 0x7c, 0x33}}]}}]}}, 0x0)

12:58:08 executing program 5:
syz_usb_connect(0x1, 0x22b, &(0x7f0000000080)=ANY=[@ANYBLOB="120100003e058b0860040800a98c0000000109021b0001000000000904ea0001026a970007058102b600000000a2977945d03daccf0feecb41de07f29a00ae0169da0c5dc34fbd5aa3a1c58643c6597ef9d3401a2ea37edef7ee5038961475167ec1fbfda41bd8e00dd2c3e3197d4b037a13cfe333df5b26d137b3f6591361d6f7bb0ee815d8546f3d0f79d4eb9cfefaa58066e445bfad8ed02e6b7dca63ac072eebec25d5500b72640d3968e0d5ab3d9023512c8410baad11b8f00eba83bbbb5d361d711de7f036d3c017ba3a7e51c0d16aa111422a6731a070d49b47277b7c35f1981be8601d3b623945448624fe7b09"], 0x0)
syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x180000000, 0x105180)

12:58:08 executing program 3:
syz_open_dev$hidraw(&(0x7f00000012c0)='/dev/../raw#\x00', 0x0, 0x0)
r0 = syz_open_dev$hidraw(0x0, 0x0, 0x4000)
syz_open_dev$hidraw(0x0, 0x0, 0x201)
write$hidraw(0xffffffffffffffff, 0x0, 0x0)
read$hidraw(r0, &(0x7f0000003200)=""/4096, 0xffffffad)

12:58:08 executing program 4:
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xc4, 0x5d, 0xdc, 0x8, 0x61d, 0xc160, 0x8bd3, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xa7, 0x0, 0x1, 0xd0, 0x28, 0xf5, 0x0, [], [{{0x9, 0x5, 0x8b, 0x2, 0xfffffffffffffffc}}]}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)

12:58:08 executing program 1:
r0 = syz_open_dev$evdev(&(0x7f0000001100)='/dev/input/event#\x00', 0x3, 0x0)
ioctl$EVIOCSMASK(0xffffffffffffffff, 0x40104593, &(0x7f00000000c0)={0x2, 0xfffffc96, 0x0})
r1 = syz_open_dev$hidraw(0x0, 0x0, 0x10103e)
ioctl$EVIOCSMASK(r0, 0x40104593, &(0x7f0000000240)={0x2, 0x8, &(0x7f0000000180)="bd9d5a4d33446325"})
write$hidraw(r1, &(0x7f0000000080)="8f734c0600000000000000bcaa6981f111dd545e5c7f9742379a0b0500000000000000d10ee15a50e25cf3357a46f0000000", 0xb6)

[   29.588214][ T1737] cgroup1: Unknown subsys name 'perf_event'
[   29.592192][ T1738] cgroup1: Unknown subsys name 'perf_event'
[   29.600639][ T1738] cgroup1: Unknown subsys name 'net_cls'
[   29.607316][ T1737] cgroup1: Unknown subsys name 'net_cls'
[   29.625439][ T1739] cgroup1: Unknown subsys name 'perf_event'
[   29.636369][ T1739] cgroup1: Unknown subsys name 'net_cls'
[   29.645674][ T1742] cgroup1: Unknown subsys name 'perf_event'
[   29.648553][ T1741] cgroup1: Unknown subsys name 'perf_event'
[   29.661125][ T1742] cgroup1: Unknown subsys name 'net_cls'
[   29.663238][ T1741] cgroup1: Unknown subsys name 'net_cls'
[   29.685875][ T1748] cgroup1: Unknown subsys name 'perf_event'
[   29.693484][ T1748] cgroup1: Unknown subsys name 'net_cls'
12:58:11 executing program 3:
syz_usb_connect(0x0, 0x24, &(0x7f0000000180)={{0x12, 0x1, 0x0, 0xf8, 0x5b, 0x6e, 0x8, 0x8ca, 0x111, 0xa0b9, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xc4, 0x0, 0x0, 0x9f, 0xca, 0xd5}}]}}]}}, 0x0)

12:58:11 executing program 1:
r0 = syz_open_dev$evdev(&(0x7f0000001100)='/dev/input/event#\x00', 0x3, 0x0)
ioctl$EVIOCSMASK(0xffffffffffffffff, 0x40104593, &(0x7f00000000c0)={0x2, 0xfffffc96, 0x0})
r1 = syz_open_dev$hidraw(0x0, 0x0, 0x10103e)
ioctl$EVIOCSMASK(r0, 0x40104593, &(0x7f0000000240)={0x2, 0x8, &(0x7f0000000180)="bd9d5a4d33446325"})
write$hidraw(r1, &(0x7f0000000080)="8f734c0600000000000000bcaa6981f111dd545e5c7f9742379a0b0500000000000000d10ee15a50e25cf3357a46f0000000", 0xb6)

[   32.780826][   T12] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   32.830949][    C0] ------------[ cut here ]------------
[   32.836579][    C0] WARNING: CPU: 0 PID: 238 at kernel/kcov.c:684 kcov_remote_start.cold+0xc/0x26
[   32.845590][    C0] Kernel panic - not syncing: panic_on_warn set ...
[   32.852161][    C0] CPU: 0 PID: 238 Comm: udevd Not tainted 5.3.0-rc7+ #0
[   32.859067][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   32.870836][    C0] Call Trace:
[   32.874100][    C0]  <IRQ>
[   32.876934][    C0]  dump_stack+0xca/0x13e
[   32.880742][   T83] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   32.881163][    C0]  ? kcov_remote_stop+0x110/0x1bc
[   32.893648][    C0]  panic+0x2a3/0x6da
[   32.897522][    C0]  ? add_taint.cold+0x16/0x16
[   32.902177][    C0]  ? __probe_kernel_read+0x188/0x1d0
[   32.907450][    C0]  ? __warn.cold+0x5/0x4a
[   32.911752][    C0]  ? __warn+0xe3/0x1e0
[   32.915799][    C0]  ? kcov_remote_start.cold+0xc/0x26
[   32.920724][    C1] ------------[ cut here ]------------
[   32.921067][    C0]  __warn.cold+0x20/0x4a
[   32.926539][    C1] WARNING: CPU: 1 PID: 0 at kernel/kcov.c:684 kcov_remote_start.cold+0xc/0x26
[   32.930727][    C0]  ? __irq_work_queue_local+0xa3/0xe0
[   32.939530][    C1] Modules linked in:
[   32.945242][    C0]  ? kcov_remote_start.cold+0xc/0x26
[   32.949107][    C1] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 5.3.0-rc7+ #0
[   32.954360][    C0]  report_bug+0x262/0x2a0
[   32.961432][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   32.967734][    C0]  do_error_trap+0x12b/0x1e0
[   32.977766][    C1] RIP: 0010:kcov_remote_start.cold+0xc/0x26
[   32.977779][    C1] Code: b0 f8 ff ff 48 c7 c7 d8 dd a4 86 e8 54 93 ea ff 0f 0b 5b 4c 89 e7 5d 41 5c e9 9d e7 2f 04 48 c7 c7 d8 dd a4 86 e8 3a 93 ea ff <0f> 0b e9 93 fd ff ff 48 c7 c7 d8 dd a4 86 e8 27 93 ea ff 0f 0b e9
[   32.982353][    C0]  ? kcov_remote_start.cold+0xc/0x26
[   32.988209][    C1] RSP: 0018:ffff8881db309ae8 EFLAGS: 00010082
[   33.007981][    C0]  do_invalid_op+0x32/0x40
[   33.013243][    C1] RAX: 0000000000000024 RBX: ffff8881d56aaa80 RCX: 0000000000000000
[   33.019380][    C0]  ? kcov_remote_start.cold+0xc/0x26
[   33.023768][    C1] RDX: 0000000000000000 RSI: ffffffff81288ddd RDI: ffffed103b66134f
[   33.023778][    C1] RBP: ffff8881d56aaa80 R08: 0000000000000024 R09: ffffed103b665d58
[   33.031728][    C0]  invalid_op+0x23/0x30
[   33.036978][    C1] R10: ffffed103b665d57 R11: ffff8881db32eabf R12: ffff8881c97f4308
[   33.036989][    C1] R13: ffff8881d55f8038 R14: dffffc0000000000 R15: ffff8881c8d1c900
[   33.044937][    C0] RIP: 0010:kcov_remote_start.cold+0xc/0x26
[   33.052879][    C1] FS:  0000000000000000(0000) GS:ffff8881db300000(0000) knlGS:0000000000000000
[   33.057004][    C0] Code: b0 f8 ff ff 48 c7 c7 d8 dd a4 86 e8 54 93 ea ff 0f 0b 5b 4c 89 e7 5d 41 5c e9 9d e7 2f 04 48 c7 c7 d8 dd a4 86 e8 3a 93 ea ff <0f> 0b e9 93 fd ff ff 48 c7 c7 d8 dd a4 86 e8 27 93 ea ff 0f 0b e9
[   33.064944][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   33.072886][    C0] RSP: 0018:ffff8881db209ae8 EFLAGS: 00010082
[   33.078751][    C1] CR2: 0000001b30123000 CR3: 00000001b5788000 CR4: 00000000001406e0
[   33.087655][    C0] RAX: 0000000000000024 RBX: ffff8881d567ee80 RCX: 0000000000000000
[   33.087666][    C0] RDX: 0000000000000000 RSI: ffffffff81288ddd RDI: ffffed103b64134f
[   33.107506][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   33.114062][    C0] RBP: ffff8881d567ee80 R08: 0000000000000024 R09: ffffed103b645d58
[   33.114072][    C0] R10: ffffed103b645d57 R11: ffff8881db22eabf R12: ffff8881cd145d88
[   33.120108][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   33.128058][    C0] R13: ffff8881d55f4238 R14: dffffc0000000000 R15: ffff8881cbadc200
[   33.128078][    C0]  ? vprintk_func+0x7d/0x113
[   33.136045][    C1] Call Trace:
[   33.144006][    C0]  ? kcov_remote_start.cold+0xc/0x26
[   33.151948][    C1]  <IRQ>
[   33.159903][    C0]  dummy_timer+0x125f/0x301a
[   33.167853][    C1]  dummy_timer+0x125f/0x301a
[   33.175808][    C0]  ? lock_acquire+0x127/0x320
[   33.183752][    C1]  ? lock_acquire+0x127/0x320
[   33.188323][    C0]  ? dummy_udc_probe+0x930/0x930
[   33.191583][    C1]  ? dummy_udc_probe+0x930/0x930
[   33.196841][    C0]  call_timer_fn+0x179/0x650
[   33.199665][    C1]  call_timer_fn+0x179/0x650
[   33.204225][    C0]  ? dummy_udc_probe+0x930/0x930
[   33.208784][    C1]  ? dummy_udc_probe+0x930/0x930
[   33.213431][    C0]  ? msleep_interruptible+0x130/0x130
[   33.218080][    C1]  ? msleep_interruptible+0x130/0x130
[   33.223001][    C0]  ? do_raw_spin_lock+0x11a/0x280
[   33.227914][    C1]  ? do_raw_spin_lock+0x11a/0x280
[   33.232484][    C0]  ? mark_held_locks+0x9f/0xe0
[   33.237057][    C1]  ? _raw_spin_unlock_irq+0x24/0x30
[   33.241973][    C0]  ? _raw_spin_unlock_irq+0x24/0x30
[   33.247055][    C1]  ? dummy_udc_probe+0x930/0x930
[   33.253355][    C0]  ? dummy_udc_probe+0x930/0x930
[   33.258697][    C1]  run_timer_softirq+0x5cc/0x14b0
[   33.263778][    C0]  run_timer_softirq+0x5cc/0x14b0
[   33.268772][    C1]  ? add_timer+0x7a0/0x7a0
[   33.273503][    C0]  ? add_timer+0x7a0/0x7a0
[   33.278682][    C1]  ? ktime_get+0x162/0x1c0
[   33.283847][    C0]  ? mark_lock+0xbc/0x1130
[   33.288754][    C1]  ? lapic_next_event+0x4d/0x80
[   33.293659][    C0]  __do_softirq+0x221/0x912
[   33.298650][    C1]  __do_softirq+0x221/0x912
[   33.303644][    C0]  irq_exit+0x178/0x1a0
[   33.308027][    C1]  irq_exit+0x178/0x1a0
[   33.312414][    C0]  smp_apic_timer_interrupt+0x12f/0x500
[   33.316797][    C1]  smp_apic_timer_interrupt+0x12f/0x500
[   33.321210][    C0]  apic_timer_interrupt+0xf/0x20
[   33.326034][    C1]  apic_timer_interrupt+0xf/0x20
[   33.330505][    C0]  </IRQ>
[   33.334985][    C1]  </IRQ>
[   33.339139][    C0] RIP: 0010:lock_acquire+0x16a/0x320
[   33.343261][    C1] RIP: 0010:default_idle+0x28/0x2e0
[   33.343276][    C1] Code: 90 90 41 56 41 55 65 44 8b 2d 54 d8 93 7a 41 54 55 53 0f 1f 44 00 00 e8 46 49 d5 fb e9 07 00 00 00 0f 00 2d ea 7d 54 00 fb f4 <65> 44 8b 2d 30 d8 93 7a 0f 1f 44 00 00 5b 5d 41 5c 41 5d 41 5e c3
[   33.348792][    C0] Code: c1 ea 03 0f b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 95 01 00 00 c7 83 44 08 00 00 00 00 00 00 ff 34 24 9d <48> 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f c3 65 8b 15 60 18 dc 7e
[   33.354298][    C1] RSP: 0018:ffff8881da217dc8 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13
[   33.359226][    C0] RSP: 0018:ffff8881d393fdb8 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13
[   33.364134][    C1] RAX: 0000000000000007 RBX: ffff8881da1fb000 RCX: 1ffffffff0f13ed6
[   33.367044][    C0] RAX: 0000000000000007 RBX: ffff8881d3e5e000 RCX: 0000000000000a3e
[   33.369951][    C1] RDX: 0000000000000000 RSI: 0000000000000006 RDI: ffff8881da1fb844
[   33.375200][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff8881d3e5e844
[   33.375211][    C0] RBP: ffff8881d43925f8 R08: ffffffff88d24dd0 R09: fffffbfff11ad79d
[   33.380376][    C1] RBP: ffffed103b43f600 R08: ffff8881da1fb000 R09: 0000000000000001
[   33.380386][    C1] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000001
[   33.399956][    C0] R10: fffffbfff11ad79c R11: ffffffff88d6bce7 R12: 0000000000000000
[   33.399966][    C0] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000000
[   33.419549][    C1] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000000
[   33.419566][    C1]  ? default_idle+0x1a/0x2e0
[   33.427945][    C0]  __sb_start_write+0x1f4/0x440
[   33.436322][    C1]  do_idle+0x3c2/0x4f0
[   33.444265][    C0]  ? vfs_write+0x474/0x5c0
[   33.452211][    C1]  ? __wake_up_common+0x352/0x640
[   33.460154][    C0]  vfs_write+0x474/0x5c0
[   33.468112][    C1]  ? arch_cpu_idle_exit+0x40/0x40
[   33.476076][    C0]  ksys_write+0x127/0x250
[   33.484049][    C1]  ? _raw_spin_unlock_irqrestore+0x3e/0x50
[   33.492353][    C0]  ? __ia32_sys_read+0xb0/0xb0
[   33.500299][    C1]  ? lockdep_hardirqs_on+0x379/0x580
[   33.508769][    C0]  ? trace_hardirqs_off_caller+0x55/0x1e0
[   33.516721][    C1]  cpu_startup_entry+0x14/0x20
[   33.516735][    C1]  start_secondary+0x297/0x340
[   33.521321][    C0]  do_syscall_64+0xb7/0x580
[   33.526149][    C1]  ? set_cpu_sibling_map+0x1ff0/0x1ff0
[   33.530196][    C0]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   33.534582][    C1]  secondary_startup_64+0xa4/0xb0
[   33.539575][    C0] RIP: 0033:0x7f67c8145370
[   33.543787][    C1] irq event stamp: 151887
[   33.548786][    C0] Code: 73 01 c3 48 8b 0d c8 4a 2b 00 31 d2 48 29 c2 64 89 11 48 83 c8 ff eb ea 90 90 83 3d 85 a2 2b 00 00 75 10 b8 01 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 0e 8a 01 00 48 89 04 24
[   33.553088][    C1] hardirqs last  enabled at (151886): [<ffffffff856dd104>] _raw_spin_unlock_irq+0x24/0x30
[   33.558855][    C0] RSP: 002b:00007fff4e68d8d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   33.563600][    C1] hardirqs last disabled at (151887): [<ffffffff856dcf2f>] _raw_spin_lock_irqsave+0xf/0x50
[   33.563616][    C1] softirqs last  enabled at (151882): [<ffffffff81154ad6>] irq_enter+0xb6/0xd0
[   33.568865][    C0] RAX: ffffffffffffffda RBX: 0000000001ecbc10 RCX: 00007f67c8145370
[   33.574554][    C1] softirqs last disabled at (151883): [<ffffffff81154c68>] irq_exit+0x178/0x1a0
[   33.574563][    C1] ---[ end trace 2099f4d6187e8d90 ]---
[   33.579295][    C0] RDX: 0000000000000006 RSI: 000000000041f4f9 RDI: 000000000000000b
[   33.700505][    C0] RBP: 0000000001ee2740 R08: 000000000041f4f1 R09: 00007f67c819b7d0
[   33.708454][    C0] R10: 7269762f73656369 R11: 0000000000000246 R12: 000000000000000b
[   33.716401][    C0] R13: 0000000000000000 R14: 0000000001ecbc10 R15: 0000000001ec9250
[   33.725124][    C0] Kernel Offset: disabled
[   33.729475][    C0] Rebooting in 86400 seconds..