[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 14.444347] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 21.422506] random: sshd: uninitialized urandom read (32 bytes read) [ 21.692578] random: sshd: uninitialized urandom read (32 bytes read) [ 22.409857] random: sshd: uninitialized urandom read (32 bytes read) [ 22.546949] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.10.45' (ECDSA) to the list of known hosts. [ 27.938282] random: sshd: uninitialized urandom read (32 bytes read) executing program [ 28.019714] WARNING: CPU: 1 PID: 4410 at include/net/sock.h:660 smc_unhash_sk+0x357/0x4b0 [ 28.028054] Kernel panic - not syncing: panic_on_warn set ... [ 28.028054] [ 28.035400] CPU: 1 PID: 4410 Comm: syz-executor303 Not tainted 4.18.0-rc3+ #131 [ 28.042824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 28.052166] Call Trace: [ 28.054744] dump_stack+0x1c9/0x2b4 [ 28.058354] ? dump_stack_print_info.cold.2+0x52/0x52 [ 28.063562] panic+0x238/0x4e7 [ 28.066744] ? add_taint.cold.5+0x16/0x16 [ 28.070879] ? __warn.cold.8+0x148/0x1ba [ 28.074922] ? __warn.cold.8+0x117/0x1ba [ 28.078965] ? smc_unhash_sk+0x357/0x4b0 [ 28.083010] __warn.cold.8+0x163/0x1ba [ 28.086894] ? smc_unhash_sk+0x357/0x4b0 [ 28.090940] report_bug+0x252/0x2d0 [ 28.094566] do_error_trap+0x1fc/0x4d0 [ 28.098443] ? math_error+0x3e0/0x3e0 [ 28.102224] ? kasan_check_write+0x14/0x20 [ 28.106438] ? do_raw_spin_lock+0xc1/0x200 [ 28.110660] ? lock_acquire+0x1e4/0x540 [ 28.114617] ? smc_unhash_sk+0xd7/0x4b0 [ 28.118571] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 28.123401] do_invalid_op+0x1b/0x20 [ 28.127097] invalid_op+0x14/0x20 [ 28.130539] RIP: 0010:smc_unhash_sk+0x357/0x4b0 [ 28.135181] Code: 48 8b 45 d0 65 48 33 04 25 28 00 00 00 0f 85 88 00 00 00 48 81 c4 c0 00 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 f9 16 18 fa <0f> 0b e9 47 ff ff ff 4c 89 ff 48 89 85 28 ff ff ff e8 d3 ef 55 fa [ 28.154310] RSP: 0018:ffff8801b1997480 EFLAGS: 00010293 [ 28.159666] RAX: ffff8801af050640 RBX: ffff8801b0401140 RCX: ffffffff8763f416 [ 28.166938] RDX: 0000000000000000 RSI: ffffffff8763f4d7 RDI: 0000000000000005 [ 28.174204] RBP: ffff8801b1997568 R08: ffff8801af050640 R09: ffffed0036080238 [ 28.181462] R10: ffffed0036080238 R11: ffff8801b04011c3 R12: 1ffff10036332e94 [ 28.188713] R13: ffff8801b1997540 R14: ffffffff89938760 R15: ffff8801b04011c0 [ 28.195981] ? smc_unhash_sk+0x296/0x4b0 [ 28.200036] ? smc_unhash_sk+0x357/0x4b0 [ 28.204087] ? smc_rx_data_available+0x120/0x120 [ 28.208822] ? release_sock+0x1ec/0x2c0 [ 28.212778] ? do_raw_write_trylock+0x1c0/0x1c0 [ 28.217430] ? __release_sock+0x3a0/0x3a0 [ 28.221564] ? smc_release+0x2cb/0x680 [ 28.225434] ? trace_hardirqs_on+0xd/0x10 [ 28.229560] ? __local_bh_enable_ip+0x161/0x230 [ 28.234210] smc_release+0x3d1/0x680 [ 28.237912] __sock_release+0xd7/0x260 [ 28.241778] ? __sock_release+0x260/0x260 [ 28.245917] sock_close+0x19/0x20 [ 28.249350] __fput+0x355/0x8b0 [ 28.252619] ? fput+0x1a0/0x1a0 [ 28.255884] ? kasan_check_write+0x14/0x20 [ 28.260097] ? do_raw_spin_lock+0xc1/0x200 [ 28.264311] ____fput+0x15/0x20 [ 28.267572] task_work_run+0x1ec/0x2a0 [ 28.271448] ? task_work_cancel+0x250/0x250 [ 28.275751] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 28.281270] ? switch_task_namespaces+0xa2/0xd0 [ 28.285921] do_exit+0x1b08/0x2750 [ 28.289443] ? mm_update_next_owner+0x9a0/0x9a0 [ 28.294095] ? trace_hardirqs_on+0x10/0x10 [ 28.298308] ? trace_hardirqs_on+0x10/0x10 [ 28.302525] ? __thp_get_unmapped_area+0x180/0x180 [ 28.307431] ? kmem_cache_alloc+0x54b/0x760 [ 28.311751] ? lock_downgrade+0x8f0/0x8f0 [ 28.315881] ? lock_acquire+0x1e4/0x540 [ 28.319837] ? fs_reclaim_acquire+0x20/0x20 [ 28.324138] ? __lockdep_init_map+0x105/0x590 [ 28.328616] ? pud_val+0x88/0x100 [ 28.332047] ? pmd_val+0x100/0x100 [ 28.335571] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 28.341086] ? __handle_mm_fault+0x94b/0x4460 [ 28.345562] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 28.350387] ? release_sock+0x1ec/0x2c0 [ 28.354353] ? lock_downgrade+0x8f0/0x8f0 [ 28.358490] ? kasan_check_read+0x11/0x20 [ 28.362617] ? do_raw_spin_unlock+0xa7/0x2f0 [ 28.367012] ? release_sock+0x1ec/0x2c0 [ 28.370975] ? trace_hardirqs_on+0xd/0x10 [ 28.375105] ? __local_bh_enable_ip+0x161/0x230 [ 28.379766] ? _raw_spin_unlock_bh+0x30/0x40 [ 28.384156] ? release_sock+0x1ec/0x2c0 [ 28.388119] ? kasan_check_write+0x14/0x20 [ 28.392333] ? __release_sock+0x3a0/0x3a0 [ 28.396461] ? __local_bh_enable_ip+0x161/0x230 [ 28.401112] ? smc_setsockopt+0x388/0x6e0 [ 28.405252] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 28.410769] ? __sys_setsockopt+0x257/0x3b0 [ 28.415077] do_group_exit+0x177/0x440 [ 28.418946] ? mm_fault_error+0x380/0x380 [ 28.423072] ? __ia32_sys_exit+0x50/0x50 [ 28.427113] __x64_sys_exit_group+0x3e/0x50 [ 28.431414] do_syscall_64+0x1b9/0x820 [ 28.435281] ? syscall_return_slowpath+0x5e0/0x5e0 [ 28.440195] ? syscall_return_slowpath+0x31d/0x5e0 [ 28.445109] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 28.450106] ? prepare_exit_to_usermode+0x291/0x3b0 [ 28.455102] ? perf_trace_sys_enter+0xb10/0xb10 [ 28.459751] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 28.464575] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 28.469748] RIP: 0033:0x43ec78 [ 28.472913] Code: Bad RIP value. [ 28.476266] RSP: 002b:00007ffd934ab948 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 28.483952] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000043ec78 [ 28.491199] RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 [ 28.498444] RBP: 00000000004be528 R08: 00000000000000e7 R09: ffffffffffffffd0 [ 28.505693] R10: 0000000020000980 R11: 0000000000000246 R12: 0000000000000001 [ 28.512938] R13: 00000000006d0180 R14: 0000000000000000 R15: 0000000000000000 [ 28.520680] Dumping ftrace buffer: [ 28.524200] (ftrace buffer empty) [ 28.527887] Kernel Offset: disabled [ 28.531493] Rebooting in 86400 seconds..