[....] Starting OpenBSD Secure Shell server: sshd[ 25.580875] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 29.685106] random: sshd: uninitialized urandom read (32 bytes read) [ 30.066906] random: sshd: uninitialized urandom read (32 bytes read) [ 30.616579] sshd (5536) used greatest stack depth: 16584 bytes left [ 30.639711] random: sshd: uninitialized urandom read (32 bytes read) [ 30.873818] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.10.34' (ECDSA) to the list of known hosts. [ 36.511976] random: sshd: uninitialized urandom read (32 bytes read) [ 36.645693] kasan: CONFIG_KASAN_INLINE enabled [ 36.650395] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 36.658039] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 36.664277] CPU: 0 PID: 5550 Comm: syz-executor419 Not tainted 4.19.0-rc3-next-20180912+ #72 [ 36.672877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 36.682245] RIP: 0010:mqueue_get_tree+0xba/0x2e0 [ 36.687007] Code: 4c 8d b3 98 00 00 00 4d 85 ed 0f 84 d1 00 00 00 e8 6b 44 3f fe 49 8d 7d 08 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 e3 01 00 00 48 b8 00 00 00 00 00 fc ff df 4d 8b [ 36.705943] RSP: 0018:ffff8801c8197928 EFLAGS: 00010207 [ 36.711303] RAX: dffffc0000000000 RBX: ffff8801cd253840 RCX: ffffffff8160aca1 [ 36.718679] RDX: 0000000020000000 RSI: ffffffff833deb15 RDI: 0000000100000007 [ 36.725942] RBP: ffff8801c8197948 R08: fffffbfff13555fd R09: fffffbfff13555fc [ 36.733198] R10: fffffbfff13555fc R11: ffffffff89aaafe3 R12: ffff8801d7add7c0 [ 36.740462] R13: 00000000ffffffff R14: ffff8801cd2538d8 R15: ffff8801cd2538d8 [ 36.747725] FS: 00000000007de940(0000) GS:ffff8801dac00000(0000) knlGS:0000000000000000 [ 36.755940] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 36.761817] CR2: 000000000046eb10 CR3: 00000001cb91e000 CR4: 00000000001406f0 [ 36.769080] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 36.776410] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 36.783739] Call Trace: [ 36.786374] vfs_get_tree+0x1cb/0x5c0 [ 36.790173] mq_create_mount+0xe3/0x190 [ 36.794181] mq_init_ns+0x15a/0x210 [ 36.797816] copy_ipcs+0x3d2/0x580 [ 36.801345] ? ipcns_get+0xe0/0xe0 [ 36.804975] ? do_mount+0x1db0/0x1db0 [ 36.808765] ? kmem_cache_alloc+0x33a/0x730 [ 36.813075] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 36.818616] ? perf_event_namespaces+0x136/0x400 [ 36.823369] create_new_namespaces+0x376/0x900 [ 36.827946] ? sys_ni_syscall+0x20/0x20 [ 36.831908] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 36.837433] ? ns_capable_common+0x13f/0x170 [ 36.841833] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 36.846753] ksys_unshare+0x79c/0x10b0 [ 36.850688] ? walk_process_tree+0x440/0x440 [ 36.855087] ? lock_downgrade+0x900/0x900 [ 36.859235] ? kasan_check_read+0x11/0x20 [ 36.863371] ? do_raw_spin_unlock+0xa7/0x2f0 [ 36.867773] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 36.872456] ? kasan_check_write+0x14/0x20 [ 36.876676] ? do_raw_read_unlock+0x3f/0x60 [ 36.880991] ? do_syscall_64+0x9a/0x820 [ 36.885060] ? do_syscall_64+0x9a/0x820 [ 36.889024] ? lockdep_hardirqs_on+0x421/0x5c0 [ 36.893597] ? trace_hardirqs_on+0xbd/0x310 [ 36.897996] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 36.903347] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 36.908781] ? __ia32_sys_prlimit64+0x8c0/0x8c0 [ 36.913439] __x64_sys_unshare+0x31/0x40 [ 36.917488] do_syscall_64+0x1b9/0x820 [ 36.921383] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 36.926736] ? syscall_return_slowpath+0x5e0/0x5e0 [ 36.931651] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 36.936524] ? trace_hardirqs_on_caller+0x310/0x310 [ 36.941531] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 36.946534] ? prepare_exit_to_usermode+0x291/0x3b0 [ 36.951545] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 36.956380] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 36.961558] RIP: 0033:0x4462d7 [ 36.964747] Code: 00 00 00 b8 63 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd d7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 10 01 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 bd d7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 36.983640] RSP: 002b:00007ffe0a68a828 EFLAGS: 00000217 ORIG_RAX: 0000000000000110 [ 36.991352] RAX: ffffffffffffffda RBX: 00007ffe0a68b3e0 RCX: 00000000004462d7 [ 36.998619] RDX: 0000000000000000 RSI: 00007ffe0a68a830 RDI: 0000000008000000 [ 37.005878] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000018 [ 37.013141] R10: 0000000000000000 R11: 0000000000000217 R12: 0000000000403f20 [ 37.020443] R13: 0000000000403fb0 R14: 0000000000000000 R15: 0000000000000000 [ 37.027710] Modules linked in: [ 37.030972] ---[ end trace 4821ce0357513477 ]--- [ 37.035763] RIP: 0010:mqueue_get_tree+0xba/0x2e0 [ 37.040552] Code: 4c 8d b3 98 00 00 00 4d 85 ed 0f 84 d1 00 00 00 e8 6b 44 3f fe 49 8d 7d 08 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 e3 01 00 00 48 b8 00 00 00 00 00 fc ff df 4d 8b [ 37.059656] RSP: 0018:ffff8801c8197928 EFLAGS: 00010207 [ 37.065054] RAX: dffffc0000000000 RBX: ffff8801cd253840 RCX: ffffffff8160aca1 [ 37.072425] RDX: 0000000020000000 RSI: ffffffff833deb15 RDI: 0000000100000007 [ 37.079737] RBP: ffff8801c8197948 R08: fffffbfff13555fd R09: fffffbfff13555fc [ 37.087038] R10: fffffbfff13555fc R11: ffffffff89aaafe3 R12: ffff8801d7add7c0 [ 37.094403] R13: 00000000ffffffff R14: ffff8801cd2538d8 R15: ffff8801cd2538d8 [ 37.101685] FS: 00000000007de940(0000) GS:ffff8801dac00000(0000) knlGS:0000000000000000 [ 37.109963] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 37.115863] CR2: 000000000046eb10 CR3: 00000001cb91e000 CR4: 00000000001406f0 [ 37.123168] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 37.130453] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 37.133093] kobject: 'regulatory.0' (00000000a8fa56c5): kobject_uevent_env [ 37.137883] Kernel panic - not syncing: Fatal exception [ 37.146454] kobject: 'regulatory.0' (00000000a8fa56c5): fill_kobj_path: path = '/devices/platform/regulatory.0' [ 37.161325] Kernel Offset: disabled [ 37.164971] Rebooting in 86400 seconds..