Starting mcstransd: [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Sh[ 18.415769] random: sshd: uninitialized urandom read (32 bytes read, 31 bits of entropy available) ell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 19.759442] random: sshd: uninitialized urandom read (32 bytes read, 34 bits of entropy available) [ 20.065741] random: sshd: uninitialized urandom read (32 bytes read, 35 bits of entropy available) [ 21.148766] random: nonblocking pool is initialized Warning: Permanently added '10.128.0.24' (ECDSA) to the list of known hosts. 2018/02/04 19:45:10 fuzzer started 2018/02/04 19:45:10 dialing manager at 10.128.0.26:44803 2018/02/04 19:45:13 kcov=true, comps=false 2018/02/04 19:45:14 executing program 0: mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002) write$evdev(r0, &(0x7f0000ccf000-0xf0)=[{}, {}], 0x30) ioctl(r0, 0x227c, &(0x7f00005f8000)) 2018/02/04 19:45:14 executing program 3: mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_sctp(0x2, 0x5, 0x84) sendmmsg$inet_sctp(r0, &(0x7f00009b5000-0xfc)=[{&(0x7f0000c8f000-0x10)=@in={0x2, 0xffffffffffffffff, @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}}, 0x10, &(0x7f0000700000+0x129)=[{&(0x7f0000e14000)='e', 0x1}], 0x1, &(0x7f0000520000)=[]}], 0x1, 0x0) 2018/02/04 19:45:14 executing program 7: 2018/02/04 19:45:14 executing program 4: 2018/02/04 19:45:14 executing program 5: mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x3, @broadcast=0xffffffff}, 0x10) sendto$inet(r0, &(0x7f0000fd0000), 0xfffffffffffffec1, 0x20000801, &(0x7f0000deb000-0x10)={0x2, 0x3, @loopback=0x7f000001}, 0x10) clone(0x40000000, &(0x7f00008a2000), &(0x7f0000d6d000-0x4), &(0x7f0000ca4000), &(0x7f0000ab6000-0xa0)) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00002e3000-0x6)='vegas\x00', 0x6) shutdown(r0, 0x1) 2018/02/04 19:45:14 executing program 6: mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_dccp(0xa, 0x6, 0x0) perf_event_open(&(0x7f000001d000)={0x5, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x8}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt(r0, 0x0, 0x7, &(0x7f00003e8000-0x4)=""/4, &(0x7f0000000000)=0x3) 2018/02/04 19:45:14 executing program 1: 2018/02/04 19:45:14 executing program 2: [ 46.092112] IPVS: Creating netns size=2552 id=1 [ 46.141217] IPVS: Creating netns size=2552 id=2 [ 46.208396] IPVS: Creating netns size=2552 id=3 [ 46.251949] IPVS: Creating netns size=2552 id=4 [ 46.319665] IPVS: Creating netns size=2552 id=5 [ 46.408251] IPVS: Creating netns size=2552 id=6 [ 46.518246] IPVS: Creating netns size=2552 id=7 [ 46.616226] IPVS: Creating netns size=2552 id=8 [ 47.101502] ip (4162) used greatest stack depth: 25000 bytes left [ 49.101321] IPVS: Creating netns size=2552 id=9 [ 49.958756] pktgen: kernel_thread() failed for cpu 0 [ 49.963877] pktgen: Cannot create thread for cpu 0 (-4) [ 49.969399] pktgen: kernel_thread() failed for cpu 1 [ 49.974513] pktgen: Cannot create thread for cpu 1 (-4) [ 49.979849] pktgen: Initialization failed for all threads [ 50.045161] kasan: CONFIG_KASAN_INLINE enabled [ 50.049564] kasan: GPF could be caused by NULL-ptr deref or user memory accessgeneral protection fault: 0000 [#1] PREEMPT SMP KASAN [ 50.062376] Dumping ftrace buffer: [ 50.065882] (ftrace buffer empty) [ 50.069563] Modules linked in: [ 50.072838] CPU: 0 PID: 4875 Comm: syz-executor5 Not tainted 4.4.115-gaa856bd #6 [ 50.080335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 50.089657] task: ffff8800b4cc4800 task.stack: ffff8801c8c08000 [ 50.095678] RIP: 0010:[] [] nfqnl_nf_hook_drop+0x190/0x3a0 [ 50.104601] RSP: 0018:ffff8801c8c0f998 EFLAGS: 00010202 [ 50.110016] RAX: 0000000000000007 RBX: 0000000000000003 RCX: ffffffff82f9d1a9 [ 50.117255] RDX: 0000000000010000 RSI: ffffc90002b6a000 RDI: ffffffff84418180 [ 50.124496] RBP: ffff8801c8c0f9c8 R08: 0000000000000000 R09: 0000000000000000 [ 50.131734] R10: ffffffff838443e0 R11: 1ffff10039181efe R12: dffffc0000000000 [ 50.138974] R13: ffff8801c7dc6ea8 R14: 0000000000000038 R15: 00000000000000b8 [ 50.146213] FS: 00007f65e6a50700(0000) GS:ffff8801db200000(0000) knlGS:0000000000000000 [ 50.154409] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 50.160264] CR2: 00000000006fab54 CR3: 00000001d2cb2000 CR4: 0000000000160670 [ 50.167504] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 50.174753] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 50.181992] Stack: [ 50.184105] ffffffff82f9d120 ffffffff83cc6620 ffff8801d7bb1e00 ffff8801c7dc6ea8 [ 50.192073] ffff8801c7dc6ea8 ffff8801c7dc6ea0 ffff8801c8c0f9f8 ffffffff82f9506e [ 50.200036] ffffffff82f94fb0 ffffffff843e37e0 ffff8801d7bb28b8 dffffc0000000000 [ 50.207999] Call Trace: [ 50.210554] [] ? nfqnl_nf_hook_drop+0x100/0x3a0 [ 50.216840] [] nf_queue_nf_hook_drop+0xbe/0x1d0 [ 50.223124] [] ? nf_queue_entry_release_refs+0x150/0x150 [ 50.230193] [] nf_unregister_net_hook+0x2ab/0x350 [ 50.236652] [] netfilter_net_exit+0x40/0xb0 [ 50.242592] [] ? nf_unregister_net_hooks+0x60/0x60 [ 50.249139] [] ops_exit_list.isra.4+0xae/0x150 [ 50.255338] [] setup_net+0x221/0x3e0 [ 50.260667] [] ? ops_init+0x3a0/0x3a0 [ 50.266087] [] ? kasan_slab_alloc+0x12/0x20 [ 50.272025] [] copy_net_ns+0xd2/0x190 [ 50.277444] [] create_new_namespaces+0x2f6/0x610 [ 50.283815] [] copy_namespaces+0x291/0x320 [ 50.289668] [] ? copy_namespaces+0x3e/0x320 [ 50.295609] [] copy_process+0x1d98/0x6120 [ 50.301376] [] ? __cleanup_sighand+0x50/0x50 [ 50.307405] [] ? fput+0x20/0x150 [ 50.312388] [] ? SYSC_bind+0x1ad/0x280 [ 50.317898] [] ? kcov_close+0x20/0x20 [ 50.323316] [] ? move_addr_to_kernel.part.12+0x110/0x110 [ 50.330383] [] _do_fork+0x151/0xe00 [ 50.335630] [] ? fork_idle+0x270/0x270 [ 50.341136] [] ? do_futex+0x15d0/0x15d0 [ 50.346729] [] ? security_file_ioctl+0x89/0xb0 [ 50.352929] [] SyS_clone+0x37/0x50 [ 50.358088] [] entry_SYSCALL_64_fastpath+0x1c/0x98 [ 50.364630] Code: df 83 01 00 0f 84 d8 00 00 00 4d 8d 77 38 49 bc 00 00 00 00 00 fc ff df 49 81 c7 b8 00 00 00 e8 d7 3b 3c fe 4c 89 f0 48 c1 e8 03 <42> 80 3c 20 00 0f 85 f4 01 00 00 49 8b 1e e8 7d 8c 2e fe 48 85 [ 50.391170] RIP [] nfqnl_nf_hook_drop+0x190/0x3a0 [ 50.397744] RSP [ 50.401571] ---[ end trace 9c9046ca06e5e3f3 ]--- [ 50.406348] Kernel panic - not syncing: Fatal exception [ 50.412131] Dumping ftrace buffer: [ 50.415645] (ftrace buffer empty) [ 50.419324] Kernel Offset: disabled [ 50.422923] Rebooting in 86400 seconds..