[....] Starting OpenBSD Secure Shell server: sshd[ 18.359022] random: sshd: uninitialized urandom read (32 bytes read, 32 bits of entropy available) [?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 20.673647] random: sshd: uninitialized urandom read (32 bytes read, 36 bits of entropy available) [ 20.999328] random: sshd: uninitialized urandom read (32 bytes read, 36 bits of entropy available) [ 21.883635] random: sshd: uninitialized urandom read (32 bytes read, 120 bits of entropy available) [ 22.042482] random: sshd: uninitialized urandom read (32 bytes read, 126 bits of entropy available) [ 22.165387] random: nonblocking pool is initialized Warning: Permanently added '10.128.0.2' (ECDSA) to the list of known hosts. executing program [ 27.519640] audit: type=1400 audit(1518030255.779:5): avc: denied { create } for pid=3701 comm="syzkaller654406" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 [ 27.545872] audit: type=1400 audit(1518030255.799:6): avc: denied { write } for pid=3701 comm="syzkaller654406" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 [ 27.570097] kasan: CONFIG_KASAN_INLINE enabled [ 27.574476] kasan: GPF could be caused by NULL-ptr deref or user memory accessgeneral protection fault: 0000 [#1] PREEMPT SMP KASAN [ 27.587286] Dumping ftrace buffer: [ 27.590794] (ftrace buffer empty) [ 27.594473] Modules linked in: [ 27.597749] CPU: 0 PID: 3701 Comm: syzkaller654406 Not tainted 4.4.115-g810bdaf #9 [ 27.605422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 27.614744] task: ffff8801cf480000 task.stack: ffff8801cba90000 [ 27.620765] RIP: 0010:[] [] do_raw_spin_lock+0x25/0x2c0 [ 27.629428] RSP: 0018:ffff8801cba97660 EFLAGS: 00010203 [ 27.634844] RAX: dffffc0000000000 RBX: 0000000000000010 RCX: 0000000000000000 [ 27.642091] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000014 [ 27.649329] RBP: ffff8801cba97688 R08: 0000000000000000 R09: 0000000000000000 [ 27.656567] R10: ffffffff838443e0 R11: 1ffff10039752e9e R12: 0000000000000000 [ 27.663804] R13: 00000000fffffdf4 R14: 000000000000007d R15: ffff8801cba97728 [ 27.671043] FS: 000000000228b880(0063) GS:ffff8801db200000(0000) knlGS:0000000000000000 [ 27.679237] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 27.685085] CR2: 000000002023df9c CR3: 00000001cf6ca000 CR4: 0000000000160670 [ 27.692328] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 27.699566] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 27.706800] Stack: [ 27.708916] 0000000000000010 0000000000000000 00000000fffffdf4 000000000000007d [ 27.716877] ffff8801cba97728 ffff8801cba976a8 ffffffff83773762 ffffffff82fa5269 [ 27.724836] 0000000000000010 ffff8801cba97710 ffffffff82fa5269 ffffffff82fa4cdf [ 27.732799] Call Trace: [ 27.735356] [] _raw_spin_lock_bh+0x42/0x50 [ 27.741207] [] ? nfulnl_recv_config+0x609/0x1430 [ 27.747580] [] nfulnl_recv_config+0x609/0x1430 [ 27.753776] [] ? nfulnl_recv_config+0x7f/0x1430 [ 27.760063] [] ? nfulnl_log_packet+0x2290/0x2290 [ 27.766433] [] nfnetlink_rcv_msg+0xa63/0xbc0 [ 27.772459] [] ? nfnetlink_rcv_msg+0x3d6/0xbc0 [ 27.778655] [] netlink_rcv_skb+0x13e/0x370 [ 27.784505] [] ? nfnetlink_bind+0x250/0x250 [ 27.790442] [] nfnetlink_rcv+0x29e/0x1070 [ 27.796208] [] ? netlink_unicast+0x44f/0x760 [ 27.802233] [] ? selinux_nlmsg_lookup+0x312/0x4f0 [ 27.808693] [] netlink_unicast+0x522/0x760 [ 27.814542] [] ? netlink_unicast+0x44f/0x760 [ 27.820565] [] ? netlink_attachskb+0x6c0/0x6c0 [ 27.826764] [] netlink_sendmsg+0x8e8/0xc50 [ 27.832613] [] ? netlink_unicast+0x760/0x760 [ 27.838650] [] ? selinux_socket_sendmsg+0x3f/0x50 [ 27.845109] [] ? security_socket_sendmsg+0x89/0xb0 [ 27.851654] [] ? netlink_unicast+0x760/0x760 [ 27.857678] [] sock_sendmsg+0xca/0x110 [ 27.863180] [] ___sys_sendmsg+0x6c1/0x7c0 [ 27.868947] [] ? copy_msghdr_from_user+0x550/0x550 [ 27.875494] [] ? __alloc_pages_direct_compact+0x250/0x250 [ 27.882649] [] ? check_preemption_disabled+0x3b/0x200 [ 27.889456] [] ? __lru_cache_add+0x164/0x240 [ 27.895484] [] ? do_huge_pmd_anonymous_page+0x549/0xa10 [ 27.902465] [] ? _raw_spin_unlock+0x2c/0x50 [ 27.908405] [] ? do_huge_pmd_anonymous_page+0x3dd/0xa10 [ 27.915389] [] ? __fget_light+0xa1/0x1e0 [ 27.921066] [] ? __fdget+0x18/0x20 [ 27.926224] [] __sys_sendmsg+0xd3/0x190 [ 27.931816] [] ? SyS_shutdown+0x1b0/0x1b0 [ 27.937582] [] ? __do_page_fault+0x290/0xa00 [ 27.943605] [] ? __do_page_fault+0x380/0xa00 [ 27.949631] [] ? move_addr_to_kernel+0x50/0x50 [ 27.955827] [] SyS_sendmsg+0x2d/0x50 [ 27.961157] [] entry_SYSCALL_64_fastpath+0x1c/0x98 [ 27.967700] Code: 84 00 00 00 00 00 48 b8 00 00 00 00 00 fc ff df 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 89 fb 48 83 c7 04 48 89 fa 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 [ 27.994163] RIP [] do_raw_spin_lock+0x25/0x2c0 [ 28.000481] RSP [ 28.004116] ---[ end trace 42fa85ae219459ba ]--- [ 28.008849] Kernel panic - not syncing: Fatal exception in interrupt [ 28.015776] Dumping ftrace buffer: [ 28.019289] (ftrace buffer empty) [ 28.022966] Kernel Offset: disabled [ 28.026561] Rebooting in 86400 seconds..