[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 12.153013] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 18.524818] random: sshd: uninitialized urandom read (32 bytes read) [ 18.771684] random: sshd: uninitialized urandom read (32 bytes read) [ 19.255410] random: sshd: uninitialized urandom read (32 bytes read) [ 29.754908] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.35' (ECDSA) to the list of known hosts. [ 35.409270] random: sshd: uninitialized urandom read (32 bytes read) executing program [ 35.496655] usercopy: kernel memory exposure attempt detected from ffff8801cbe5fff2 (kmalloc-4096) (57692 bytes) [ 35.507419] ------------[ cut here ]------------ [ 35.512248] kernel BUG at mm/usercopy.c:72! [ 35.517160] invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI [ 35.523066] Dumping ftrace buffer: [ 35.526579] (ftrace buffer empty) [ 35.530261] Modules linked in: [ 35.533428] CPU: 1 PID: 1835 Comm: syz-executor557 Not tainted 4.14.67+ #1 [ 35.540416] task: ffff8801d5c7de00 task.stack: ffff8801cbf58000 [ 35.546457] RIP: 0010:__check_object_size+0x311/0x3a2 [ 35.551621] RSP: 0018:ffff8801cbf5fb58 EFLAGS: 00010282 [ 35.556956] RAX: 0000000000000064 RBX: 000000000000e15c RCX: 0000000000000000 [ 35.564247] RDX: 0000000000000000 RSI: ffffffff83069c00 RDI: ffffffff84bce3a0 [ 35.571497] RBP: ffff8801cbe5fff2 R08: 0000000000000001 R09: 0000000000000000 [ 35.578821] R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff830bfbe0 [ 35.586118] R13: 0000000000000001 R14: ffffffff830bfba0 R15: ffffea00072f9600 [ 35.593373] FS: 000000000120b940(0000) GS:ffff8801dbb00000(0000) knlGS:0000000000000000 [ 35.601573] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 35.607534] CR2: 0000562e60ae10e0 CR3: 00000001d10c6003 CR4: 00000000001606a0 [ 35.614783] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 35.622029] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 35.629273] Call Trace: [ 35.631844] bpf_test_finish.isra.0+0xba/0x190 [ 35.636404] ? bpf_test_run+0x350/0x350 [ 35.640352] ? kvm_clock_read+0x1f/0x30 [ 35.644300] ? ktime_get+0x17f/0x1c0 [ 35.647985] ? bpf_test_run+0x280/0x350 [ 35.651936] bpf_prog_test_run_skb+0x4d0/0x8c0 [ 35.656494] ? bpf_test_init.isra.1+0xc0/0xc0 [ 35.660965] ? __fget_light+0x163/0x1f0 [ 35.664912] ? bpf_prog_add+0x42/0xa0 [ 35.668684] ? bpf_test_init.isra.1+0xc0/0xc0 [ 35.673152] SyS_bpf+0x79d/0x3640 [ 35.676703] ? bpf_prog_get+0x20/0x20 [ 35.680482] ? __do_page_fault+0x485/0xb60 [ 35.684698] ? lock_downgrade+0x560/0x560 [ 35.688824] ? up_read+0x17/0x30 [ 35.692289] ? __do_page_fault+0x64c/0xb60 [ 35.696508] ? do_syscall_64+0x43/0x4b0 [ 35.700465] ? bpf_prog_get+0x20/0x20 [ 35.704243] do_syscall_64+0x19b/0x4b0 [ 35.708108] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 35.713271] RIP: 0033:0x440bc9 [ 35.716433] RSP: 002b:00007ffe5b11d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 35.724111] RAX: ffffffffffffffda RBX: 00007ffe5b11d030 RCX: 0000000000440bc9 [ 35.731353] RDX: 0000000000000028 RSI: 0000000020000180 RDI: 000000000000000a [ 35.738700] RBP: 0000000000000000 R08: 00000000004009ae R09: 00000000004009ae [ 35.745945] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000402450 [ 35.753228] R13: 00000000004024e0 R14: 0000000000000000 R15: 0000000000000000 [ 35.760594] Code: fb 0b 83 4c 0f 45 e2 e8 be d6 db ff 48 8b 04 24 49 89 d9 48 89 e9 4c 89 f2 4c 89 e6 48 c7 c7 20 fc 0b 83 49 89 c0 e8 5a 1b cd ff <0f> 0b 4c 89 ff e8 55 cf fd ff e9 09 fe ff ff 4c 89 ff e8 48 cf [ 35.779664] RIP: __check_object_size+0x311/0x3a2 RSP: ffff8801cbf5fb58 [ 35.788012] ---[ end trace e012b703a07e15e3 ]--- [ 35.792796] Kernel panic - not syncing: Fatal exception [ 35.798508] Dumping ftrace buffer: [ 35.802025] (ftrace buffer empty) [ 35.805821] Kernel Offset: 0x200000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff) [ 35.816543] Rebooting in 86400 seconds..