[....] Starting OpenBSD Secure Shell server: sshd[ 20.280986] random: sshd: uninitialized urandom read (32 bytes read, 31 bits of entropy available) [?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 23.937833] random: sshd: uninitialized urandom read (32 bytes read, 36 bits of entropy available) [ 24.481774] random: sshd: uninitialized urandom read (32 bytes read, 36 bits of entropy available) [ 25.494779] random: sshd: uninitialized urandom read (32 bytes read, 122 bits of entropy available) [ 25.663103] random: sshd: uninitialized urandom read (32 bytes read, 128 bits of entropy available) [ 25.765987] random: nonblocking pool is initialized Warning: Permanently added '10.128.0.47' (ECDSA) to the list of known hosts. executing program executing program executing program executing program executing program executing program [ 31.188998] kasan: CONFIG_KASAN_INLINE enabled [ 31.193428] kasan: GPF could be caused by NULL-ptr deref or user memory accessgeneral protection fault: 0000 [#1] PREEMPT SMP KASAN [ 31.206298] Dumping ftrace buffer: [ 31.209804] (ftrace buffer empty) [ 31.213481] Modules linked in: [ 31.216761] CPU: 0 PID: 3765 Comm: syzkaller929723 Not tainted 4.4.125-g38f41ec #63 [ 31.224519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 31.233844] task: ffff8801c80d0000 task.stack: ffff8800ac850000 [ 31.239868] RIP: 0010:[] [] __free_pages+0x21/0x90 [ 31.248117] RSP: 0018:ffff8800ac8579e8 EFLAGS: 00010a07 [ 31.253534] RAX: dffffc0000000000 RBX: dead4ead00000000 RCX: ffffffff825bb1fb [ 31.260776] RDX: 1bd5a9d5a0000003 RSI: 0000000000000001 RDI: dead4ead0000001c [ 31.268015] RBP: ffff8800ac8579f8 R08: 0000000000000001 R09: 0000000000000001 [ 31.275255] R10: 0000000000000000 R11: 1ffff1001590af1a R12: 0000000000000004 [ 31.282502] R13: 0000000000000020 R14: ffff8801c7420000 R15: dffffc0000000000 [ 31.289750] FS: 00007fba8cd64700(0000) GS:ffff8801db200000(0000) knlGS:0000000000000000 [ 31.297951] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 31.303805] CR2: 00007fba8cd42e78 CR3: 00000000ad158000 CR4: 0000000000160670 [ 31.311048] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 31.318294] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 31.325530] Stack: [ 31.327645] 0000000000000246 ffff8801c7420158 ffff8800ac857a58 ffffffff825bb221 [ 31.335626] ffff8801c7420170 ffffed0038e8402b ffffed0038e8402e[ 31.341408] kasan: CONFIG_KASAN_INLINE enabledkasan: GPF could be caused by NULL-ptr deref or user memory access ffff8801c7420168 [ 31.354115] dead4ead00000000 ffff8801c7420140 0000000000000000 0000000000000000 [ 31.362089] Call Trace: [ 31.364650] [] sg_remove_scat.isra.17+0x1c1/0x2d0 [ 31.371113] [] sg_finish_rem_req+0x2a6/0x320 [ 31.377143] [] sg_new_read+0x36c/0x420 [ 31.382655] [] sg_read+0x8cf/0x14d0 [ 31.387902] [] ? __check_object_size+0x154/0x35b [ 31.394281] [] ? sg_proc_seq_show_debug+0xda0/0xda0 [ 31.400916] [] ? fsnotify+0xee0/0xee0 [ 31.406336] [] ? avc_policy_seqno+0x9/0x20 [ 31.412200] [] do_loop_readv_writev+0x141/0x1e0 [ 31.418498] [] ? security_file_permission+0x89/0x1e0 [ 31.425223] [] ? sg_proc_seq_show_debug+0xda0/0xda0 [ 31.431862] [] ? sg_proc_seq_show_debug+0xda0/0xda0 [ 31.438497] [] do_readv_writev+0x5dd/0x6e0 [ 31.444350] [] ? vfs_write+0x530/0x530 [ 31.449860] [] ? __fget+0x23a/0x3b0 [ 31.455115] [] ? __fget+0x47/0x3b0 [ 31.460274] [] vfs_readv+0x78/0xb0 [ 31.465433] [] SyS_readv+0xd9/0x240 [ 31.470679] [] ? rw_copy_check_uvector+0x2b0/0x2b0 [ 31.477229] [] ? lockdep_sys_exit_thunk+0x12/0x14 [ 31.483702] [] entry_SYSCALL_64_fastpath+0x22/0x9e [ 31.490428] Code: c6 a0 0c 00 e9 78 fd ff ff 90 48 b8 00 00 00 00 00 fc ff df 55 48 89 e5 53 48 89 fb 48 83 c7 1c 48 89 fa 48 83 ec 08 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 49 [ 31.517208] RIP [] __free_pages+0x21/0x90 [ 31.523093] RSP [ 31.526695] general protection fault: 0000 [#2] PREEMPT SMP KASAN[ 31.532902] ---[ end trace 2fe256659bce64ab ]--- [ 31.532906] Kernel panic - not syncing: Fatal exception [ 31.543177] [ 31.545079] Dumping ftrace buffer: [ 31.548599] (ftrace buffer empty) [ 31.552282] Modules linked in: [ 31.555571] CPU: 1 PID: 3779 Comm: syzkaller929723 Tainted: G D 4.4.125-g38f41ec #63 [ 31.564550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 31.573876] task: ffff8801c87f3000 task.stack: ffff8801d0c30000 [ 31.579904] RIP: 0010:[] [] __free_pages+0x21/0x90 [ 31.588143] RSP: 0018:ffff8801d0c379e8 EFLAGS: 00010a07 [ 31.593562] RAX: dffffc0000000000 RBX: dead4ead00000000 RCX: ffffffff825bb1fb [ 31.600807] RDX: 1bd5a9d5a0000003 RSI: 0000000000000001 RDI: dead4ead0000001c [ 31.608049] RBP: ffff8801d0c379f8 R08: 0000000000000000 R09: 0000000000000000 [ 31.615291] R10: 0000000000000000 R11: 1ffff1003a186f1a R12: 0000000000000004 [ 31.622533] R13: 0000000000000020 R14: ffff8801c7420000 R15: dffffc0000000000 [ 31.629776] FS: 00007fba8cb96700(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000 [ 31.637974] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 31.643837] CR2: 00007fba8cb74e78 CR3: 00000000ad158000 CR4: 0000000000160670 [ 31.651084] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 31.658326] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 31.665566] Stack: [ 31.667687] 0000000000000246 ffff8801c7420158 ffff8801d0c37a58 ffffffff825bb221 [ 31.675665] ffff8801c7420170 ffffed0038e8402b ffffed0038e8402e ffff8801c7420168 [ 31.683654] dead4ead00000000 ffff8801c7420140 0000000000000000 0000000000000000 [ 31.691636] Call Trace: [ 31.694197] [] sg_remove_scat.isra.17+0x1c1/0x2d0 [ 31.700675] [] sg_finish_rem_req+0x2a6/0x320 [ 31.706706] [] sg_new_read+0x36c/0x420 [ 31.712218] [] sg_read+0x8cf/0x14d0 [ 31.717468] [] ? __check_object_size+0x154/0x35b [ 31.723847] [] ? sg_proc_seq_show_debug+0xda0/0xda0 [ 31.730484] [] ? fsnotify+0xee0/0xee0 [ 31.735908] [] ? avc_policy_seqno+0x9/0x20 [ 31.741765] [] do_loop_readv_writev+0x141/0x1e0 [ 31.748058] [] ? security_file_permission+0x89/0x1e0 [ 31.754785] [] ? sg_proc_seq_show_debug+0xda0/0xda0 [ 31.761470] [] ? sg_proc_seq_show_debug+0xda0/0xda0 [ 31.768108] [] do_readv_writev+0x5dd/0x6e0 [ 31.773965] [] ? vfs_write+0x530/0x530 [ 31.779480] [] ? debug_check_no_locks_freed+0x2c0/0x2c0 [ 31.786467] [] ? __fget+0x47/0x3b0 [ 31.791629] [] ? __fget+0x23a/0x3b0 [ 31.796876] [] ? __fget+0x47/0x3b0 [ 31.802038] [] vfs_readv+0x78/0xb0 [ 31.807204] [] SyS_readv+0xd9/0x240 [ 31.812455] [] ? rw_copy_check_uvector+0x2b0/0x2b0 [ 31.819015] [] ? lockdep_sys_exit_thunk+0x12/0x14 [ 31.825480] [] entry_SYSCALL_64_fastpath+0x22/0x9e [ 31.832027] Code: c6 a0 0c 00 e9 78 fd ff ff 90 48 b8 00 00 00 00 00 fc ff df 55 48 89 e5 53 48 89 fb 48 83 c7 1c 48 89 fa 48 83 ec 08 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 49 [ 31.858912] RIP [] __free_pages+0x21/0x90 [ 31.864804] RSP [ 31.868816] Dumping ftrace buffer: [ 31.872340] (ftrace buffer empty) [ 31.876021] Kernel Offset: disabled [ 31.879615] Rebooting in 86400 seconds..