[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[   15.247247] random: sshd: uninitialized urandom read (32 bytes read)
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   16.126246] random: sshd: uninitialized urandom read (32 bytes read)
[   16.338541] random: sshd: uninitialized urandom read (32 bytes read)

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   17.016948] random: sshd: uninitialized urandom read (32 bytes read)
[   98.581756] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.15.205' (ECDSA) to the list of known hosts.
[  104.096768] random: sshd: uninitialized urandom read (32 bytes read)
[  104.181431] IPVS: ftp: loaded support on port[0] = 21
[  106.355668] ==================================================================
[  106.363090] BUG: KASAN: stack-out-of-bounds in __handle_mm_fault+0x1adb/0x4460
[  106.370430] Read of size 4 at addr ffff8801a7b03c80 by task syz-executor003/4438
[  106.377933] 
[  106.379543] CPU: 0 PID: 4438 Comm: syz-executor003 Not tainted 4.18.0-rc3+ #48
[  106.387049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  106.396376] Call Trace:
[  106.398964]  dump_stack+0x1c9/0x2b4
[  106.402582]  ? dump_stack_print_info.cold.2+0x52/0x52
[  106.407752]  ? printk+0xa7/0xcf
[  106.411007]  ? kmsg_dump_rewind_nolock+0xe4/0xe4
[  106.415742]  ? __handle_mm_fault+0x1adb/0x4460
[  106.420301]  print_address_description+0x6c/0x20b
[  106.425121]  ? __handle_mm_fault+0x1adb/0x4460
[  106.429682]  kasan_report.cold.7+0x242/0x2fe
[  106.434069]  __asan_report_load4_noabort+0x14/0x20
[  106.438976]  __handle_mm_fault+0x1adb/0x4460
[  106.443378]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[  106.448199]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  106.452770]  ? kasan_check_write+0x14/0x20
[  106.457001]  ? do_raw_spin_lock+0xc1/0x200
[  106.461222]  ? lock_acquire+0x1e4/0x540
[  106.465182]  ? handle_mm_fault+0x417/0xc80
[  106.469401]  ? lock_downgrade+0x8f0/0x8f0
[  106.473536]  ? lock_release+0xa30/0xa30
[  106.477507]  ? lock_release+0xa30/0xa30
[  106.481460]  ? do_raw_spin_lock+0xc1/0x200
[  106.485673]  ? mem_cgroup_from_task+0xcb/0x1f0
[  106.490231]  ? percpu_ref_tryget_live+0x310/0x310
[  106.495053]  handle_mm_fault+0x53e/0xc80
[  106.499094]  ? __handle_mm_fault+0x4460/0x4460
[  106.503656]  ? find_vma+0x34/0x190
[  106.507181]  __do_page_fault+0x620/0xe50
[  106.511218]  ? clock_was_set_work+0x30/0x30
[  106.515517]  ? mm_fault_error+0x380/0x380
[  106.519653]  ? __x64_sys_nanosleep+0x1f8/0x280
[  106.524224]  ? hrtimer_nanosleep+0x620/0x620
[  106.528611]  do_page_fault+0xf6/0x8c0
[  106.532394]  ? vmalloc_sync_all+0x30/0x30
[  106.536517]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  106.542035]  ? do_syscall_64+0x497/0x820
[  106.546074]  ? syscall_return_slowpath+0x5e0/0x5e0
[  106.550981]  ? syscall_return_slowpath+0x31d/0x5e0
[  106.555886]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  106.560880]  ? prepare_exit_to_usermode+0x291/0x3b0
[  106.565884]  ? page_fault+0x8/0x30
[  106.569402]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  106.574229]  ? page_fault+0x8/0x30
[  106.577754]  page_fault+0x1e/0x30
[  106.581183] RIP: 0033:0x472c90
[  106.584349] Code: Bad RIP value.
[  106.587700] RSP: 002b:00007ffdf455e058 EFLAGS: 00010246
[  106.593039] RAX: 0000000000000000 RBX: 0000000000000299 RCX: 0000000000472c90
[  106.600288] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007ffdf455e060
[  106.607532] RBP: 0000000000000299 R08: 0000000000000001 R09: 0000000001e1d880
[  106.614786] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000000000dd
[  106.622041] R13: 0000000000019f36 R14: 0000000000000000 R15: 0000000000000000
[  106.629303] 
[  106.630907] Allocated by task 3093156384:
[  106.635037] BUG: unable to handle kernel paging request at ffffffff8c3f6968
[  106.642119] PGD 8e6d067 P4D 8e6d067 PUD 8e6e063 PMD 0 
[  106.647380] Oops: 0000 [#1] SMP KASAN
[  106.651161] CPU: 0 PID: 4438 Comm: syz-executor003 Not tainted 4.18.0-rc3+ #48
[  106.658493] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  106.667845] RIP: 0010:depot_fetch_stack+0x10/0x30
[  106.672681] Code: e8 c5 2e 47 fe e9 b3 fd ff ff e8 bb 2e 47 fe e9 55 fd ff ff 90 90 90 90 90 90 89 f8 c1 ef 11 25 ff ff 1f 00 81 e7 f0 3f 00 00 <48> 03 3c c5 60 29 43 8b 8b 47 0c 48 83 c7 18 c7 46 10 00 00 00 00 
[  106.691904] RSP: 0000:ffff8801acbaf948 EFLAGS: 00010006
[  106.697289] RAX: 00000000001f8801 RBX: ffff8801a7b03ef4 RCX: 0000000000000000
[  106.704576] RDX: 0000000000000000 RSI: ffff8801acbaf950 RDI: 0000000000003ff0
[  106.711856] RBP: ffff8801acbaf978 R08: ffff8801ac74a100 R09: ffffed003b5c3ec2
[  106.719149] R10: ffffed003b5c3ec2 R11: ffff8801dae1f617 R12: ffff8801a7b03740
[  106.726424] R13: ffff8801a7b03c80 R14: ffff8801d3ebde40 R15: ffff8801a7b03ef0
[  106.733701] FS:  0000000001e1d880(0000) GS:ffff8801dae00000(0000) knlGS:0000000000000000
[  106.741931] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  106.747815] CR2: ffffffff8c3f6968 CR3: 00000001c03f7000 CR4: 00000000001406f0
[  106.755089] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  106.762365] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  106.769635] Call Trace:
[  106.772236]  ? print_track.isra.4+0x3b/0x6f
[  106.776565]  print_address_description+0xfb/0x20b
[  106.781415]  ? __handle_mm_fault+0x1adb/0x4460
[  106.785999]  kasan_report.cold.7+0x242/0x2fe
[  106.790419]  __asan_report_load4_noabort+0x14/0x20
[  106.795358]  __handle_mm_fault+0x1adb/0x4460
[  106.799779]  ? vmf_insert_mixed_mkwrite+0xa0/0xa0
[  106.804629]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  106.809223]  ? kasan_check_write+0x14/0x20
[  106.813463]  ? do_raw_spin_lock+0xc1/0x200
[  106.817708]  ? lock_acquire+0x1e4/0x540
[  106.821696]  ? handle_mm_fault+0x417/0xc80
[  106.825939]  ? lock_downgrade+0x8f0/0x8f0
[  106.830090]  ? lock_release+0xa30/0xa30
[  106.834075]  ? lock_release+0xa30/0xa30
[  106.838053]  ? do_raw_spin_lock+0xc1/0x200
[  106.842297]  ? mem_cgroup_from_task+0xcb/0x1f0
[  106.846886]  ? percpu_ref_tryget_live+0x310/0x310
[  106.851743]  handle_mm_fault+0x53e/0xc80
[  106.855815]  ? __handle_mm_fault+0x4460/0x4460
[  106.860435]  ? find_vma+0x34/0x190
[  106.863984]  __do_page_fault+0x620/0xe50
[  106.868059]  ? clock_was_set_work+0x30/0x30
[  106.872391]  ? mm_fault_error+0x380/0x380
[  106.876544]  ? __x64_sys_nanosleep+0x1f8/0x280
[  106.881139]  ? hrtimer_nanosleep+0x620/0x620
[  106.885556]  do_page_fault+0xf6/0x8c0
[  106.889362]  ? vmalloc_sync_all+0x30/0x30
[  106.893516]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  106.899054]  ? do_syscall_64+0x497/0x820
[  106.903119]  ? syscall_return_slowpath+0x5e0/0x5e0
[  106.908059]  ? syscall_return_slowpath+0x31d/0x5e0
[  106.912991]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  106.918017]  ? prepare_exit_to_usermode+0x291/0x3b0
[  106.923038]  ? page_fault+0x8/0x30
[  106.926580]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  106.931424]  ? page_fault+0x8/0x30
[  106.934964]  page_fault+0x1e/0x30
[  106.938417] RIP: 0033:0x472c90
[  106.941598] Code: Bad RIP value.
[  106.944969] RSP: 002b:00007ffdf455e058 EFLAGS: 00010246
[  106.950331] RAX: 0000000000000000 RBX: 0000000000000299 RCX: 0000000000472c90
[  106.957596] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007ffdf455e060
[  106.964862] RBP: 0000000000000299 R08: 0000000000000001 R09: 0000000001e1d880
[  106.972137] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000000000dd
[  106.979410] R13: 0000000000019f36 R14: 0000000000000000 R15: 0000000000000000
[  106.986691] Modules linked in:
[  106.989888] Dumping ftrace buffer:
[  106.993422]    (ftrace buffer empty)
[  106.997132] CR2: ffffffff8c3f6968
[  107.000587] ---[ end trace 3dec94d54e68182e ]---
[  107.005347] RIP: 0010:depot_fetch_stack+0x10/0x30
[  107.010178] Code: e8 c5 2e 47 fe e9 b3 fd ff ff e8 bb 2e 47 fe e9 55 fd ff ff 90 90 90 90 90 90 89 f8 c1 ef 11 25 ff ff 1f 00 81 e7 f0 3f 00 00 <48> 03 3c c5 60 29 43 8b 8b 47 0c 48 83 c7 18 c7 46 10 00 00 00 00 
[  107.029440] RSP: 0000:ffff8801acbaf948 EFLAGS: 00010006
[  107.034806] RAX: 00000000001f8801 RBX: ffff8801a7b03ef4 RCX: 0000000000000000
[  107.042074] RDX: 0000000000000000 RSI: ffff8801acbaf950 RDI: 0000000000003ff0
[  107.049342] RBP: ffff8801acbaf978 R08: ffff8801ac74a100 R09: ffffed003b5c3ec2
[  107.056611] R10: ffffed003b5c3ec2 R11: ffff8801dae1f617 R12: ffff8801a7b03740
[  107.063886] R13: ffff8801a7b03c80 R14: ffff8801d3ebde40 R15: ffff8801a7b03ef0
[  107.071160] FS:  0000000001e1d880(0000) GS:ffff8801dae00000(0000) knlGS:0000000000000000
[  107.079390] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  107.085275] CR2: 0000000000472c66 CR3: 00000001c03f7000 CR4: 00000000001406f0
[  107.092548] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  107.099821] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  107.107090] Kernel panic - not syncing: Fatal exception
[  107.113020] Dumping ftrace buffer:
[  107.116545]    (ftrace buffer empty)
[  107.120230] Kernel Offset: disabled
[  107.123844] Rebooting in 86400 seconds..