[   21.401335] random: sshd: uninitialized urandom read (32 bytes read, 34 bits of entropy available)
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   25.037982] random: sshd: uninitialized urandom read (32 bytes read, 38 bits of entropy available)
[   25.444079] random: sshd: uninitialized urandom read (32 bytes read, 38 bits of entropy available)
[   26.445378] random: sshd: uninitialized urandom read (32 bytes read, 121 bits of entropy available)
[   26.617811] random: sshd: uninitialized urandom read (32 bytes read, 125 bits of entropy available)
[   30.424759] random: nonblocking pool is initialized
Warning: Permanently added '10.128.0.15' (ECDSA) to the list of known hosts.
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[   32.133007] kasan: CONFIG_KASAN_INLINE enabled[   32.137527] BUG: spinlock bad magic on CPU#1, syzkaller084253/3789
[   32.137537]  lock: 0xffff8800aad88018, .magic: dead4eac, .owner: <none>/-1, .owner_cpu: -1

[   32.137544] CPU: 1 PID: 3789 Comm: syzkaller084253 Not tainted 4.4.120-gd63fdf6 #28
[   32.137547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   32.137550]  0000000000000000 030e976e9749cc1a ffff8801db307760 ffffffff81d0408d
[   32.137556]  ffff8800aad88018 ffff8801c6048000 0000000000000001 0000000000000001
[   32.137562]  0000000000000000 ffff8801db3077a0 ffffffff81246aad ffff8801d51d0d80
[   32.137568] Call Trace:
[   32.137569]  <IRQ>  [<ffffffff81d0408d>] dump_stack+0xc1/0x124
[   32.137599]  [<ffffffff81246aad>] spin_dump+0x14d/0x280
[   32.137609]  [<ffffffff81c96778>] ? __blk_mq_free_request+0xe8/0x130
[   32.137614]  [<ffffffff81246e98>] do_raw_spin_lock+0x228/0x2c0
[   32.137625]  [<ffffffff83773546>] _raw_spin_lock_irqsave+0x56/0x70
[   32.137634]  [<ffffffff8121f7ee>] ? __wake_up+0x1e/0x50
[   32.137639]  [<ffffffff8121f7ee>] __wake_up+0x1e/0x50
[   32.137650]  [<ffffffff825bbcdc>] sg_rq_end_io+0x5dc/0xbc0
[   32.137656]  [<ffffffff825bb700>] ? sg_release+0x1f0/0x1f0
[   32.137662]  [<ffffffff81c77021>] ? blk_account_io_done+0xb1/0x860
[   32.137667]  [<ffffffff81c7677e>] ? blk_update_request+0x64e/0xce0
[   32.137672]  [<ffffffff825bb700>] ? sg_release+0x1f0/0x1f0
[   32.137679]  [<ffffffff81c98e44>] __blk_mq_end_request+0x54/0xc0
[   32.137687]  [<ffffffff82523a35>] scsi_end_request+0x135/0x5b0
[   32.137695]  [<ffffffff8252cc83>] scsi_io_completion+0x15c3/0x1710
[   32.137702]  [<ffffffff8252b6c0>] ? scsi_unblock_requests+0x50/0x50
[   32.137707]  [<ffffffff825101bf>] scsi_finish_command+0x3af/0x520
[   32.137713]  [<ffffffff8252a380>] scsi_softirq_done+0x250/0x350
[   32.137719]  [<ffffffff81c9b0a5>] __blk_mq_complete_request+0x205/0x500
[   32.137726]  [<ffffffff81c9b3fb>] blk_mq_complete_request+0x5b/0x70
[   32.137731]  [<ffffffff8252705b>] scsi_mq_done+0xfb/0x3c0
[   32.137738]  [<ffffffff8254ff4f>] virtscsi_complete_cmd+0x5cf/0x7f0
[   32.137745]  [<ffffffff8254f980>] ? virtscsi_remove+0x140/0x140
[   32.137751]  [<ffffffff8254dc69>] virtscsi_vq_done+0xc9/0x170
[   32.137757]  [<ffffffff8254dba0>] ? virtscsi_target_destroy+0x50/0x50
[   32.137763]  [<ffffffff812bc770>] ? process_cpu_nsleep+0x30/0x30
[   32.137769]  [<ffffffff8254ddb7>] virtscsi_req_done+0xa7/0xd0
[   32.137774]  [<ffffffff8254dd10>] ? virtscsi_vq_done+0x170/0x170
[   32.137781]  [<ffffffff81f2cae9>] vring_interrupt+0x109/0x150
[   32.137786]  [<ffffffff81f2c9e0>] ? vring_new_virtqueue+0x7c0/0x7c0
[   32.137794]  [<ffffffff8126e271>] handle_irq_event_percpu+0xf1/0x960
[   32.137800]  [<ffffffff8126eb87>] handle_irq_event+0xa7/0x140
[   32.137806]  [<ffffffff812788ea>] handle_edge_irq+0x1fa/0x8e0
[   32.137814]  [<ffffffff81016900>] handle_irq+0x250/0x3a0
[   32.137822]  [<ffffffff81d63e4b>] ? check_preemption_disabled+0x3b/0x200
[   32.137827]  [<ffffffff8122eebd>] ? trace_hardirqs_off+0xd/0x10
[   32.137834]  [<ffffffff83776419>] do_IRQ+0x89/0x1b0
[   32.137840]  [<ffffffff837744e0>] common_interrupt+0xa0/0xa0
[   32.137846]  [<ffffffff83776e11>] ? __do_softirq+0x1e1/0xa38
[   32.137851]  [<ffffffff83776e0a>] ? __do_softirq+0x1da/0xa38
[   32.137862]  [<ffffffff8113daa9>] irq_exit+0x119/0x140
[   32.137869]  [<ffffffff837765bb>] smp_apic_timer_interrupt+0x7b/0xa0
[   32.137874]  [<ffffffff83775510>] apic_timer_interrupt+0xa0/0xb0
[   32.137876]  <EOI>  [<ffffffff81269de0>] ? console_unlock+0x790/0xa00
[   32.137887]  [<ffffffff81269dea>] ? console_unlock+0x79a/0xa00
[   32.137892]  [<ffffffff83772f25>] ? _raw_spin_unlock_irqrestore+0x45/0x70
[   32.137897]  [<ffffffff8126a373>] ? vprintk_emit+0x323/0x850
[   32.137903]  [<ffffffff8126a5ae>] vprintk_emit+0x55e/0x850
[   32.137909]  [<ffffffff8126a8c8>] vprintk+0x28/0x30
[   32.137913]  [<ffffffff8126a8ed>] vprintk_default+0x1d/0x30
[   32.137921]  [<ffffffff8141b77d>] printk+0xb7/0xe2
[   32.137928]  [<ffffffff8141b6c6>] ? pm_qos_get_value.part.4+0xb/0xb
[   32.137934]  [<ffffffff810f0d45>] ? kasan_die_handler+0x25/0x40
[   32.137939]  [<ffffffff810f0d51>] kasan_die_handler+0x31/0x40
[   32.137945]  [<ffffffff81194025>] notifier_call_chain+0x95/0x1b0
[   32.137951]  [<ffffffff8119564b>] atomic_notifier_call_chain+0x7b/0x140
[   32.137957]  [<ffffffff811955d0>] ? __atomic_notifier_call_chain+0x150/0x150
[   32.137963]  [<ffffffff811957ef>] notify_die+0xdf/0x160
[   32.137969]  [<ffffffff81195710>] ? atomic_notifier_call_chain+0x140/0x140
[   32.137975]  [<ffffffff81434701>] ? __free_pages+0x21/0x90
[   32.137981]  [<ffffffff8118ba31>] ? search_exception_tables+0x31/0x40
[   32.137986]  [<ffffffff81011fa7>] do_general_protection+0x2f7/0x390
[   32.137992]  [<ffffffff83774d28>] general_protection+0x28/0x30
[   32.137998]  [<ffffffff825b85eb>] ? sg_remove_scat.isra.17+0x19b/0x2d0
[   32.138004]  [<ffffffff81434701>] ? __free_pages+0x21/0x90
[   32.138011]  [<ffffffff825b8611>] sg_remove_scat.isra.17+0x1c1/0x2d0
[   32.138017]  [<ffffffff825b89d5>] sg_finish_rem_req+0x2b5/0x340
[   32.138023]  [<ffffffff825b8bdd>] sg_new_read.isra.18+0x17d/0x3c0
[   32.138030]  [<ffffffff825ba6fc>] sg_read+0x8bc/0x1490
[   32.138038]  [<ffffffff81515644>] ? __check_object_size+0x154/0x35b
[   32.138045]  [<ffffffff825b9e40>] ? sg_proc_seq_show_debug+0xda0/0xda0
[   32.138053]  [<ffffffff815ea180>] ? fsnotify+0xee0/0xee0
[   32.138062]  [<ffffffff81b4d1e9>] ? avc_policy_seqno+0x9/0x20
[   32.138069]  [<ffffffff8151d801>] do_loop_readv_writev+0x141/0x1e0
[   32.138076]  [<ffffffff81b440e9>] ? security_file_permission+0x89/0x1e0
[   32.138082]  [<ffffffff825b9e40>] ? sg_proc_seq_show_debug+0xda0/0xda0
[   32.138089]  [<ffffffff825b9e40>] ? sg_proc_seq_show_debug+0xda0/0xda0
[   32.138094]  [<ffffffff8151fb5d>] do_readv_writev+0x5dd/0x6e0
[   32.138099]  [<ffffffff8151f580>] ? vfs_write+0x530/0x530
[   32.138105]  [<ffffffff825c3bb0>] ? sg_ioctl+0x29f0/0x29f0
[   32.138111]  [<ffffffff8151d37b>] ? __vfs_write+0x10b/0x450
[   32.138116]  [<ffffffff814fec1b>] ? quarantine_put+0xab/0x180
[   32.138123]  [<ffffffff815786d3>] ? __fget+0x213/0x3b0
[   32.138129]  [<ffffffff815786fa>] ? __fget+0x23a/0x3b0
[   32.138134]  [<ffffffff81578507>] ? __fget+0x47/0x3b0
[   32.138139]  [<ffffffff8151fcd8>] vfs_readv+0x78/0xb0
[   32.138145]  [<ffffffff81522009>] SyS_readv+0xd9/0x240
[   32.138150]  [<ffffffff81521f30>] ? rw_copy_check_uvector+0x2b0/0x2b0
[   32.138156]  [<ffffffff81003044>] ? lockdep_sys_exit_thunk+0x12/0x14
[   32.138163]  [<ffffffff8377395f>] entry_SYSCALL_64_fastpath+0x1c/0x98
[   32.145337] kasan: CONFIG_KASAN_INLINE enabledkasan: GPF could be caused by NULL-ptr deref or user memory accessgeneral protection fault: 0000 [#1] PREEMPT SMP KASAN
[   32.145359] Dumping ftrace buffer:
[   32.145363]    (ftrace buffer empty)
[   32.145365] Modules linked in:
[   32.145375] CPU: 0 PID: 3796 Comm: syzkaller084253 Not tainted 4.4.120-gd63fdf6 #28
[   32.145379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   32.145383] task: ffff8801d9539800 task.stack: ffff8800bb3d8000
[   32.145386] RIP: 0010:[<ffffffff81434701>]  [<ffffffff81434701>] __free_pages+0x21/0x90
[   32.145405] RSP: 0018:ffff8800bb3df9f0  EFLAGS: 00010a07
[   32.145409] RAX: dffffc0000000000 RBX: dead4ead00000000 RCX: ffffffff825b85eb
[   32.145413] RDX: 1bd5a9d5a0000003 RSI: 0000000000000006 RDI: dead4ead0000001c
[   32.145416] RBP: ffff8800bb3dfa00 R08: 0000000048000000 R09: 0000000000001e30
[   32.145420] R10: 0000000000002100 R11: 1ffff1001767bf1c R12: 0000000000000004
[   32.145423] R13: 0000000000000020 R14: ffff8801d8e9a100 R15: dffffc0000000000
[   32.145429] FS:  00007f5f62974700(0000) GS:ffff8801db200000(0000) knlGS:0000000000000000
[   32.145432] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   32.145436] CR2: 0000000020a2afe3 CR3: 00000001cfa20000 CR4: 0000000000160670
[   32.145443] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   32.145446] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   32.145447] Stack:
[   32.145449]  0000000000000246 ffff8801d8e9a258 ffff8800bb3dfa60 ffffffff825b8611
[   32.145457]  ffff8801d8e9a270 ffffed003b1d344b ffffed003b1d344e ffff8801d8e9a268
[   32.145465]  dead4ead00000000 ffff8801d8e9a240 0000000000000000 0000000000000000
[   32.145472] Call Trace:
[   32.145487]  [<ffffffff825b8611>] sg_remove_scat.isra.17+0x1c1/0x2d0
[   32.145493]  [<ffffffff825b89d5>] sg_finish_rem_req+0x2b5/0x340
[   32.145500]  [<ffffffff825b8bdd>] sg_new_read.isra.18+0x17d/0x3c0
[   32.145506]  [<ffffffff825ba6fc>] sg_read+0x8bc/0x1490
[   32.145516]  [<ffffffff81515644>] ? __check_object_size+0x154/0x35b
[   32.145522]  [<ffffffff825b9e40>] ? sg_proc_seq_show_debug+0xda0/0xda0
[   32.145530]  [<ffffffff815ea180>] ? fsnotify+0xee0/0xee0
[   32.145541]  [<ffffffff81b4d1e9>] ? avc_policy_seqno+0x9/0x20
[   32.145549]  [<ffffffff8151d801>] do_loop_readv_writev+0x141/0x1e0
[   32.145556]  [<ffffffff81b440e9>] ? security_file_permission+0x89/0x1e0
[   32.145562]  [<ffffffff825b9e40>] ? sg_proc_seq_show_debug+0xda0/0xda0
[   32.145569]  [<ffffffff825b9e40>] ? sg_proc_seq_show_debug+0xda0/0xda0
[   32.145574]  [<ffffffff8151fb5d>] do_readv_writev+0x5dd/0x6e0
[   32.145579]  [<ffffffff8151f580>] ? vfs_write+0x530/0x530
[   32.145585]  [<ffffffff825c3bb0>] ? sg_ioctl+0x29f0/0x29f0
[   32.145591]  [<ffffffff8151d37b>] ? __vfs_write+0x10b/0x450
[   32.145599]  [<ffffffff81578507>] ? __fget+0x47/0x3b0
[   32.145605]  [<ffffffff81b4d1e9>] ? avc_policy_seqno+0x9/0x20
[   32.145610]  [<ffffffff815786d3>] ? __fget+0x213/0x3b0
[   32.145616]  [<ffffffff815786fa>] ? __fget+0x23a/0x3b0
[   32.145621]  [<ffffffff81578507>] ? __fget+0x47/0x3b0
[   32.145626]  [<ffffffff8151fcd8>] vfs_readv+0x78/0xb0
[   32.145631]  [<ffffffff81522009>] SyS_readv+0xd9/0x240
[   32.145637]  [<ffffffff81521f30>] ? rw_copy_check_uvector+0x2b0/0x2b0
[   32.145645]  [<ffffffff81003044>] ? lockdep_sys_exit_thunk+0x12/0x14
[   32.145654]  [<ffffffff8377395f>] entry_SYSCALL_64_fastpath+0x1c/0x98
[   32.145656] Code: c6 a0 0c 00 e9 78 fd ff ff 90 48 b8 00 00 00 00 00 fc ff df 55 48 89 e5 53 48 89 fb 48 83 c7 1c 48 89 fa 48 83 ec 08 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 49 
[   32.145756] RIP  [<ffffffff81434701>] __free_pages+0x21/0x90
[   32.145763]  RSP <ffff8800bb3df9f0>
[   32.145770] ---[ end trace 8cf76e71675b5c3f ]---
[   32.145774] Kernel panic - not syncing: Fatal exception
[   32.153638] Dumping ftrace buffer:
[   32.153641]    (ftrace buffer empty)
[   32.153644] Kernel Offset: disabled
[   33.116596] Rebooting in 86400 seconds..