[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[   38.439657] random: sshd: uninitialized urandom read (32 bytes read)
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   40.210781] random: sshd: uninitialized urandom read (32 bytes read)
[   40.535615] random: sshd: uninitialized urandom read (32 bytes read)
[   41.399074] random: sshd: uninitialized urandom read (32 bytes read)
[   90.125012] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.10.23' (ECDSA) to the list of known hosts.
[   95.756606] random: sshd: uninitialized urandom read (32 bytes read)
2018/08/28 01:17:35 parsed 1 programs
[   97.127376] random: cc1: uninitialized urandom read (8 bytes read)
2018/08/28 01:17:37 executed programs: 0
[   98.463726] IPVS: ftp: loaded support on port[0] = 21
[   98.824807] bridge0: port 1(bridge_slave_0) entered blocking state
[   98.831277] bridge0: port 1(bridge_slave_0) entered disabled state
[   98.838897] device bridge_slave_0 entered promiscuous mode
[   98.864451] bridge0: port 2(bridge_slave_1) entered blocking state
[   98.870850] bridge0: port 2(bridge_slave_1) entered disabled state
[   98.878392] device bridge_slave_1 entered promiscuous mode
[   98.903721] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   98.929423] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   98.961497] ip (4547) used greatest stack depth: 53432 bytes left
[   99.002333] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   99.031986] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   99.146269] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   99.153687] team0: Port device team_slave_0 added
[   99.178477] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   99.185864] team0: Port device team_slave_1 added
[   99.211736] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   99.241693] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   99.270991] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   99.299928] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   99.534360] bridge0: port 2(bridge_slave_1) entered blocking state
[   99.540880] bridge0: port 2(bridge_slave_1) entered forwarding state
[   99.547790] bridge0: port 1(bridge_slave_0) entered blocking state
[   99.554235] bridge0: port 1(bridge_slave_0) entered forwarding state
[  100.443762] 8021q: adding VLAN 0 to HW filter on device bond0
[  100.530869] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  100.615529] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  100.621765] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  100.630372] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  100.713238] 8021q: adding VLAN 0 to HW filter on device team0
[  101.278434] hrtimer: interrupt took 33436 ns
[  101.543135] cache_from_obj: Wrong slab cache. (null) but object is from ccid2_hc_tx_sock
[  101.551548] WARNING: CPU: 1 PID: 4503 at mm/slab.h:379 kmem_cache_free+0x3e7/0x2b50
[  101.559451] Kernel panic - not syncing: panic_on_warn set ...
[  101.559451] 
[  101.566924] CPU: 1 PID: 4503 Comm: syz-executor0 Not tainted 4.18.0-rc8+ #34
[  101.574129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  101.583513] Call Trace:
[  101.586243]  <IRQ>
[  101.588415]  dump_stack+0x17c/0x1c0
[  101.592104]  panic+0x3c3/0x9a0
[  101.595367]  __warn+0x40f/0x580
[  101.598693]  ? kmem_cache_free+0x3e7/0x2b50
[  101.603139]  report_bug+0x6f2/0x840
[  101.606989]  ? kmem_cache_free+0x3e7/0x2b50
[  101.611475]  ? kmem_cache_free+0x3e7/0x2b50
[  101.615848]  do_error_trap+0x1c0/0x620
[  101.619868]  ? vprintk_default+0x90/0xa0
[  101.623962]  do_invalid_op+0x46/0x50
[  101.627823]  invalid_op+0x14/0x20
[  101.631303] RIP: 0010:kmem_cache_free+0x3e7/0x2b50
[  101.636237] Code: 00 c7 86 20 03 00 00 00 00 00 00 48 c7 c7 b7 8d 49 89 48 c7 c6 e9 8d 49 89 31 c0 48 8b 95 e0 fe ff ff 4c 89 f1 e8 49 47 84 ff <0f> 0b 4c 8b 65 90 eb 08 4c 89 6d c0 44 89 7d d4 49 bd ff ff ff 7f 
[  101.655607] RSP: 0018:ffff88021fd0fb48 EFLAGS: 00010282
[  101.661118] RAX: 000000000000004c RBX: 0000000000000000 RCX: 0000000000000000
[  101.668567] RDX: 0000000000000000 RSI: aaaaaaaaaaaab000 RDI: ffffea000cbef440
[  101.675862] RBP: ffff88021fd0fc98 R08: 0000000000480020 R09: 0000000000000002
[  101.683161] R10: 0000000000000000 R11: ffffffff85031d70 R12: ffff8801cf40ac58
[  101.690446] R13: 0000000000000000 R14: ffff8801d3df5400 R15: 0000000000000000
[  101.697818]  ? write_ext_msg+0x920/0x920
[  101.701956]  ? kmem_cache_free+0x3e7/0x2b50
[  101.706301]  ? kmsan_set_origin_inline+0x6b/0x120
[  101.711165]  ? __msan_poison_alloca+0x173/0x200
[  101.715889]  ccid_hc_tx_delete+0x18a/0x1b0
[  101.720182]  dccp_sk_destruct+0x6b/0xd0
[  101.724173]  ? dccp_init_sock+0x4c0/0x4c0
[  101.728374]  __sk_destruct+0xca/0x970
[  101.732339]  ? rcu_cblist_dequeue+0xf8/0x250
[  101.736798]  ? sk_destruct+0xf0/0xf0
[  101.740540]  rcu_process_callbacks+0x132d/0x1a90
[  101.745361]  ? rcu_scheduler_starting+0xe0/0xe0
[  101.750129]  __do_softirq+0x582/0x969
[  101.753961]  irq_exit+0x208/0x240
[  101.757433]  exiting_irq+0xe/0x10
[  101.760903]  smp_apic_timer_interrupt+0x64/0x90
[  101.765721]  apic_timer_interrupt+0xf/0x20
[  101.769971]  </IRQ>
[  101.772228] RIP: 0010:finish_lock_switch+0x2b/0x40
[  101.777162] Code: 48 89 e5 53 48 89 fb e8 43 de 8b 00 8b b8 88 0c 00 00 48 8b 00 48 85 c0 75 12 48 89 df e8 9d d3 8b 00 c6 00 00 c6 03 00 fb 5b <5d> c3 e8 5e dd 8b 00 eb e7 66 90 66 2e 0f 1f 84 00 00 00 00 00 55 
[  101.796506] RSP: 0018:ffff8801ae4ffc30 EFLAGS: 00000292 ORIG_RAX: ffffffffffffff13
[  101.804240] RAX: ffff88021f3d0d00 RBX: ffff8801d0a35880 RCX: ffff88021f3d1d00
[  101.811557] RDX: ffff88021f3d1d00 RSI: aaaaaaaaaaaab000 RDI: ffffea000cbf2560
[  101.818847] RBP: ffff8801ae4ffc30 R08: 0000000000480020 R09: 0000000000000002
[  101.826142] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8801d4681d80
[  101.833590] R13: 0000000000000000 R14: ffff8801d0a36178 R15: ffff88021fdb9d00
[  101.840930]  finish_task_switch+0xe3/0x260
[  101.845219]  __schedule+0x681/0x770
[  101.848922]  schedule+0x1bc/0x2d0
[  101.852407]  do_nanosleep+0x2b3/0x9a0
[  101.856276]  __se_sys_nanosleep+0x49b/0x690
[  101.860619]  ? hrtimer_init_sleeper+0xc0/0xc0
[  101.865153]  __x64_sys_nanosleep+0x92/0xc0
[  101.869487]  ? hrtimer_nanosleep+0x560/0x560
[  101.873970]  do_syscall_64+0x15b/0x220
[  101.877935]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  101.883147] RIP: 0033:0x482b40
[  101.886397] Code: 00 00 48 c7 c0 d4 ff ff ff 64 c7 00 16 00 00 00 31 c0 eb be 66 0f 1f 44 00 00 83 3d 11 39 5c 00 00 75 14 b8 23 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 14 fa f8 ff c3 48 83 ec 08 e8 ba 70 fd ff 
[  101.905764] RSP: 002b:00007ffd60093bd8 EFLAGS: 00000246 ORIG_RAX: 0000000000000023
[  101.913518] RAX: ffffffffffffffda RBX: 0000000000018c9d RCX: 0000000000482b40
[  101.920989] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007ffd60093be0
[  101.928319] RBP: 000000000000010d R08: 0000000000000001 R09: 0000000000c29940
[  101.935783] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000009
[  101.943116] R13: 0000000000018c7b R14: 0000000000000004 R15: badc0ffeebadface
[  101.951152] Dumping ftrace buffer:
[  101.954722]    (ftrace buffer empty)
[  101.958455] Kernel Offset: disabled
[  101.962109] Rebooting in 86400 seconds..