[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[   15.641111] random: sshd: uninitialized urandom read (32 bytes read)
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   23.893119] random: sshd: uninitialized urandom read (32 bytes read)
[   24.375322] random: sshd: uninitialized urandom read (32 bytes read)
[   25.190880] random: sshd: uninitialized urandom read (32 bytes read)
[   28.390387] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.10.51' (ECDSA) to the list of known hosts.
[   33.881114] random: sshd: uninitialized urandom read (32 bytes read)
executing program
[   33.964975] 9pnet_virtio: no channels available for device (null)
[   33.972200] 9pnet: p9_fd_create_tcp (4453): problem connecting socket to 127.0.0.1
[   33.980804] kasan: CONFIG_KASAN_INLINE enabled
[   33.981593] 9pnet: p9_fd_create_tcp (4454): problem connecting socket to 127.0.0.1
[   33.985453] kasan: GPF could be caused by NULL-ptr deref or user memory access
[   34.000660] general protection fault: 0000 [#1] SMP KASAN
[   34.006194] CPU: 1 PID: 4453 Comm: syz-executor179 Not tainted 4.18.0-rc4-next-20180713+ #7
[   34.014671] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   34.024025] RIP: 0010:vsscanf+0x3c1/0x2af0
[   34.028241] Code: f9 44 89 ee bf 6e 00 00 00 e8 0b 48 e2 f9 41 80 fd 6e 0f 84 ce 02 00 00 e8 2c 47 e2 f9 4c 89 f0 4c 89 f2 48 c1 e8 03 83 e2 07 <42> 0f b6 04 38 38 d0 7f 08 84 c0 0f 85 e8 1c 00 00 45 0f b6 26 31 
[   34.047363] RSP: 0018:ffff8801af0b7190 EFLAGS: 00010246
[   34.052721] RAX: 0000000000000000 RBX: ffffffff8883ff41 RCX: ffffffff879a2915
[   34.059987] RDX: 0000000000000000 RSI: ffffffff879a2924 RDI: 0000000000000001
[   34.067242] RBP: ffff8801af0b7360 R08: ffff8801af286680 R09: ffff8801af0b7554
[   34.074498] R10: 000000009700bb54 R11: ffff8801daf236b3 R12: ffffffff8883ff41
[   34.081748] R13: 0000000000000064 R14: 0000000000000000 R15: dffffc0000000000
[   34.089455] FS:  00007ff6b53fb700(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000
[   34.097674] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   34.103536] CR2: 0000000020000100 CR3: 00000001b814d000 CR4: 00000000001406e0
[   34.110791] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   34.118128] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   34.125550] Call Trace:
[   34.128146]  ? __lock_acquire+0x342f/0x5020
[   34.132453]  ? simple_strtoll+0xa0/0xa0
[   34.136411]  ? __kasan_slab_free+0x131/0x170
[   34.140838]  ? trace_hardirqs_on+0xd/0x10
[   34.144978]  ? parse_opts+0x351/0x500
[   34.148764]  ? p9_fd_poll+0x2b0/0x2b0
[   34.152545]  ? kasan_kmalloc+0xc4/0xe0
[   34.156423]  ? p9_idpool_create+0x42/0x120
[   34.160640]  ? p9_client_create+0x852/0x1770
[   34.165031]  ? v9fs_session_init+0x21a/0x1a80
[   34.169524]  sscanf+0xab/0xe0
[   34.172613]  ? vsscanf+0x2af0/0x2af0
[   34.176307]  ? kasan_slab_free+0xe/0x10
[   34.180265]  ? v9fs_mount+0x7c/0x900
[   34.183972]  ? legacy_get_tree+0x118/0x440
[   34.188198]  ? vfs_get_tree+0x1cb/0x5c0
[   34.192266]  ? do_mount+0x6c1/0x1fb0
[   34.195968]  ? __x64_sys_mount+0xbe/0x150
[   34.200114]  p9_fd_create_tcp+0x113/0x8a0
[   34.204255]  ? lock_downgrade+0x8f0/0x8f0
[   34.208406]  ? p9_fd_create_unix+0x370/0x370
[   34.212798]  ? check_same_owner+0x340/0x340
[   34.217106]  ? _raw_spin_unlock_irqrestore+0x63/0xc0
[   34.222198]  ? kasan_unpoison_shadow+0x35/0x50
[   34.226760]  ? kasan_kmalloc+0xc4/0xe0
[   34.230646]  ? __lockdep_init_map+0x105/0x590
[   34.235126]  ? kmem_cache_alloc_trace+0x318/0x780
[   34.239952]  ? lockdep_init_map+0x9/0x10
[   34.243998]  ? __raw_spin_lock_init+0x2d/0x100
[   34.248563]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   34.254091]  p9_client_create+0x8ed/0x1770
[   34.258311]  ? p9_client_read+0xc60/0xc60
[   34.262614]  ? kasan_check_read+0x11/0x20
[   34.266848]  ? lock_acquire+0x1e4/0x540
[   34.270822]  ? fs_reclaim_acquire+0x20/0x20
[   34.275143]  ? lock_release+0xa30/0xa30
[   34.279105]  ? __lockdep_init_map+0x105/0x590
[   34.283764]  ? kasan_check_write+0x14/0x20
[   34.287982]  ? __init_rwsem+0x1cc/0x2a0
[   34.292034]  ? do_raw_write_unlock.cold.8+0x49/0x49
[   34.297046]  ? __kmalloc_track_caller+0x311/0x760
[   34.301879]  ? save_stack+0xa9/0xd0
[   34.305510]  ? save_stack+0x43/0xd0
[   34.309126]  ? kasan_kmalloc+0xc4/0xe0
[   34.312997]  ? kmem_cache_alloc_trace+0x152/0x780
[   34.317821]  ? memcpy+0x45/0x50
[   34.321085]  v9fs_session_init+0x21a/0x1a80
[   34.325393]  ? rcu_note_context_switch+0x730/0x730
[   34.330330]  ? do_mount+0x69e/0x1fb0
[   34.334116]  ? lock_acquire+0x1e4/0x540
[   34.338072]  ? v9fs_show_options+0x7e0/0x7e0
[   34.342462]  ? lock_release+0xa30/0xa30
[   34.346588]  ? check_same_owner+0x340/0x340
[   34.350910]  ? lock_downgrade+0x8f0/0x8f0
[   34.355045]  ? kasan_unpoison_shadow+0x35/0x50
[   34.361954]  ? kasan_kmalloc+0xc4/0xe0
[   34.365844]  ? kmem_cache_alloc_trace+0x318/0x780
[   34.370671]  ? kasan_unpoison_shadow+0x35/0x50
[   34.375248]  ? kasan_kmalloc+0xc4/0xe0
[   34.379136]  v9fs_mount+0x7c/0x900
[   34.382672]  ? v9fs_drop_inode+0x150/0x150
[   34.386894]  legacy_get_tree+0x118/0x440
[   34.390942]  vfs_get_tree+0x1cb/0x5c0
[   34.394731]  do_mount+0x6c1/0x1fb0
[   34.398257]  ? check_same_owner+0x340/0x340
[   34.402568]  ? lock_release+0xa30/0xa30
[   34.406533]  ? copy_mount_string+0x40/0x40
[   34.410752]  ? kasan_kmalloc+0xc4/0xe0
[   34.414624]  ? kmem_cache_alloc_trace+0x318/0x780
[   34.419453]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   34.425072]  ? _copy_from_user+0xdf/0x150
[   34.429207]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   34.434737]  ? copy_mount_options+0x285/0x380
[   34.439215]  ksys_mount+0x12d/0x140
[   34.443007]  __x64_sys_mount+0xbe/0x150
[   34.446975]  do_syscall_64+0x1b9/0x820
[   34.450839]  ? finish_task_switch+0x1d3/0x870
[   34.455312]  ? syscall_return_slowpath+0x5e0/0x5e0
[   34.460219]  ? syscall_return_slowpath+0x31d/0x5e0
[   34.465230]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[   34.470316]  ? prepare_exit_to_usermode+0x291/0x3b0
[   34.475328]  ? perf_trace_sys_enter+0xb10/0xb10
[   34.480067]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   34.484899]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   34.490254] RIP: 0033:0x4456d9
[   34.493420] Code: e8 7c b7 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 2b 12 fc ff c3 66 2e 0f 1f 84 00 00 00 00 
[   34.513185] RSP: 002b:00007ff6b53fada8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   34.520886] RAX: ffffffffffffffda RBX: 00000000006dac24 RCX: 00000000004456d9
[   34.528141] RDX: 0000000020000340 RSI: 00000000200000c0 RDI: 0000000000000000
[   34.535395] RBP: 00000000006dac20 R08: 0000000020000180 R09: 0000000000000000
[   34.542654] R10: 0000000000000000 R11: 0000000000000246 R12: 0030656c69662f2e
[   34.550078] R13: 63743d736e617274 R14: 2e302e302e373231 R15: 0000000000000003
[   34.557333] Modules linked in:
[   34.560771] Dumping ftrace buffer:
[   34.564290]    (ftrace buffer empty)
[   34.568133] ---[ end trace a87567c6b33221b3 ]---
[   34.572935] RIP: 0010:vsscanf+0x3c1/0x2af0
[   34.577171] Code: f9 44 89 ee bf 6e 00 00 00 e8 0b 48 e2 f9 41 80 fd 6e 0f 84 ce 02 00 00 e8 2c 47 e2 f9 4c 89 f0 4c 89 f2 48 c1 e8 03 83 e2 07 <42> 0f b6 04 38 38 d0 7f 08 84 c0 0f 85 e8 1c 00 00 45 0f b6 26 31 
[   34.597040] RSP: 0018:ffff8801af0b7190 EFLAGS: 00010246
[   34.602439] RAX: 0000000000000000 RBX: ffffffff8883ff41 RCX: ffffffff879a2915
[   34.609751] RDX: 0000000000000000 RSI: ffffffff879a2924 RDI: 0000000000000001
[   34.617032] RBP: ffff8801af0b7360 R08: ffff8801af286680 R09: ffff8801af0b7554
[   34.624329] R10: 000000009700bb54 R11: ffff8801daf236b3 R12: ffffffff8883ff41
[   34.631620] R13: 0000000000000064 R14: 0000000000000000 R15: dffffc0000000000
[   34.638897] FS:  00007ff6b53fb700(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000
[   34.647120] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   34.653020] CR2: 0000000020000100 CR3: 00000001b814d000 CR4: 00000000001406e0
[   34.660296] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   34.667594] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   34.674870] Kernel panic - not syncing: Fatal exception
[   34.680763] Dumping ftrace buffer:
[   34.684309]    (ftrace buffer empty)
[   34.687999] Kernel Offset: disabled
[   34.691626] Rebooting in 86400 seconds..