[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 14.746324] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 17.245830] random: sshd: uninitialized urandom read (32 bytes read) [ 17.478624] random: sshd: uninitialized urandom read (32 bytes read) [ 18.352042] random: sshd: uninitialized urandom read (32 bytes read) [ 26.672924] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.10.55' (ECDSA) to the list of known hosts. [ 32.177255] random: sshd: uninitialized urandom read (32 bytes read) executing program [ 32.259709] 9pnet_virtio: no channels available for device (null) [ 32.268138] 9pnet: p9_fd_create_tcp (3800): problem connecting socket to 127.0.0.1 [ 32.276925] kasan: CONFIG_KASAN_INLINE enabled [ 32.279153] 9pnet: p9_fd_create_tcp (3801): problem connecting socket to 127.0.0.1 [ 32.289235] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 32.297270] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 32.303485] Dumping ftrace buffer: [ 32.307001] (ftrace buffer empty) [ 32.310704] Modules linked in: [ 32.313993] CPU: 1 PID: 3800 Comm: syz-executor280 Not tainted 4.9.111-g03c70fe #58 [ 32.321759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 32.331119] task: ffff8801b79a8000 task.stack: ffff8801d96c0000 [ 32.337154] RIP: 0010:[] [] vsscanf+0x33f/0x2430 [ 32.345232] RSP: 0018:ffff8801d96c74e8 EFLAGS: 00010246 [ 32.350657] RAX: 0000000000000000 RBX: ffffffff841a2801 RCX: 0000000000000000 [ 32.357908] RDX: 0000000000000000 RSI: ffffffff81eda1e2 RDI: ffffffff841a2800 [ 32.365158] RBP: ffff8801d96c7698 R08: ffff8801d96c7860 R09: ffff8801d96c7864 [ 32.372408] R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff841a2801 [ 32.379655] R13: 0000000000000064 R14: dffffc0000000000 R15: 0000000000000000 [ 32.386900] FS: 00007f1e7c49d700(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000 [ 32.395106] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 32.400971] CR2: 00007f1e7c47be78 CR3: 00000001c4023000 CR4: 00000000001606f0 [ 32.408227] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 32.415472] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 32.422714] Stack: [ 32.424851] ffff8801b79a8000 fffffbfff07c45e9 1ffff1003b2d8ea6 0000000000000000 [ 32.432836] 00000000000002ff 00000000d96c7530 ffffffff8123ffff ffff8801d96c76c8 [ 32.440840] ffffffff841a2864 0000000041b58ab3 ffffffff843e3698 ffffffff81ed9eb0 [ 32.448827] Call Trace: [ 32.451393] [] ? rt_mutex_enqueue+0x10f/0x2f0 [ 32.457514] [] ? simple_strtoll+0xa0/0xa0 [ 32.463287] [] ? parse_opts.part.1+0x252/0x320 [ 32.469507] [] ? kasan_slab_free+0x88/0xc0 [ 32.475382] [] ? kfree+0xfb/0x310 [ 32.480465] [] ? parse_opts.part.1+0x257/0x320 [ 32.486850] [] ? p9_read_work+0xac0/0xac0 [ 32.492640] [] ? p9_client_create+0x673/0x10a0 [ 32.498845] [] ? v9fs_mount+0x7d/0x810 [ 32.504363] [] ? mount_fs+0x28c/0x370 [ 32.509797] [] ? vfs_kern_mount.part.29+0xd1/0x3d0 [ 32.516351] [] ? do_mount+0x3c9/0x2740 [ 32.521866] [] sscanf+0xab/0xe0 [ 32.526772] [] ? vsscanf+0x2430/0x2430 [ 32.532280] [] p9_fd_create_tcp+0x127/0x430 [ 32.538224] [] ? p9_fd_create_unix+0x260/0x260 [ 32.544429] [] ? check_preemption_disabled+0x3b/0x170 [ 32.551258] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 32.558073] [] ? lockdep_init_map+0x105/0x4f0 [ 32.564192] [] ? __raw_spin_lock_init+0x2d/0x100 [ 32.570572] [] p9_client_create+0x6ff/0x10a0 [ 32.576610] [] ? p9_client_zc_rpc.constprop.11+0x1020/0x1020 [ 32.584035] [] ? rcu_read_lock_sched_held+0x103/0x120 [ 32.590854] [] ? bdi_register+0xb4/0x570 [ 32.596541] [] ? bdi_init+0x7ae/0xab0 [ 32.601981] [] v9fs_session_init+0x333/0x13a0 [ 32.608108] [] ? _raw_spin_unlock_irqrestore+0x45/0x70 [ 32.615009] [] ? debug_check_no_obj_freed+0x2ec/0x930 [ 32.621827] [] ? v9fs_inode_init_once+0x30/0x30 [ 32.628133] [] ? debug_object_activate+0x4e0/0x4e0 [ 32.634694] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 32.641505] [] ? free_hot_cold_page+0x493/0x840 [ 32.647798] [] ? check_preemption_disabled+0x3b/0x170 [ 32.654730] [] ? kasan_unpoison_shadow+0x35/0x50 [ 32.661110] [] ? kasan_kmalloc+0xc7/0xe0 [ 32.666800] [] ? kmem_cache_alloc_trace+0xfd/0x2b0 [ 32.673360] [] ? v9fs_mount+0x62/0x810 [ 32.678879] [] v9fs_mount+0x7d/0x810 [ 32.684225] [] mount_fs+0x28c/0x370 [ 32.689474] [] vfs_kern_mount.part.29+0xd1/0x3d0 [ 32.695849] [] ? ns_capable_common+0x12a/0x150 [ 32.702052] [] do_mount+0x3c9/0x2740 [ 32.707385] [] ? copy_mount_string+0x40/0x40 [ 32.713413] [] ? kasan_unpoison_shadow+0x35/0x50 [ 32.719801] [] ? kasan_kmalloc+0xc7/0xe0 [ 32.725506] [] ? kmem_cache_alloc_trace+0xfd/0x2b0 [ 32.732078] [] ? copy_mount_options+0x5f/0x320 [ 32.738286] [] ? copy_mount_options+0x1e5/0x320 [ 32.744582] [] SyS_mount+0xfe/0x110 [ 32.749839] [] ? copy_mnt_ns+0x8e0/0x8e0 [ 32.755521] [] do_syscall_64+0x1a6/0x490 [ 32.761222] [] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 32.768121] Code: ff 45 84 ed 0f 84 c9 fe ff ff e8 3d 48 48 ff 41 80 fd 6e 0f 84 34 02 00 00 e8 2e 48 48 ff 4c 89 f8 4c 89 fa 48 c1 e8 03 83 e2 07 <42> 0f b6 04 30 38 d0 7f 08 84 c0 0f 85 dd 17 00 00 41 80 3f 00 [ 32.795045] RIP [] vsscanf+0x33f/0x2430 [ 32.800772] RSP [ 32.804706] ---[ end trace 5be52bcf699e81a0 ]--- [ 32.809448] Kernel panic - not syncing: Fatal exception [ 32.815182] Dumping ftrace buffer: [ 32.818708] (ftrace buffer empty) [ 32.822395] Kernel Offset: disabled [ 32.825999] Rebooting in 86400 seconds..