random: sshd: uninitialized urandom read (32 bytes read, 38 bits of entropy available)
random: sshd: uninitialized urandom read (32 bytes read, 38 bits of entropy available)
random: sshd: uninitialized urandom read (32 bytes read, 123 bits of entropy available)
random: nonblocking pool is initialized
==================================================================
BUG: KASAN: slab-out-of-bounds in list_empty include/linux/list.h:189 [inline]
BUG: KASAN: slab-out-of-bounds in sg_remove_request+0xf9/0x110 drivers/scsi/sg.c:2120
Read of size 8 at addr ffff8801d2a2e140 by task syzkaller396689/3773

CPU: 0 PID: 3773 Comm: syzkaller396689 Not tainted 4.4.118-g239a415 #25
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 0000000000000000 49e8436b2483c3c6 ffff8801d915f9f0 ffffffff81d0402d
 ffffea00074a8b80 ffff8801d2a2e140 0000000000000000 ffff8801d2a2e140
 ffff8801d9218238 ffff8801d915fa28 ffffffff814fe103 ffff8801d2a2e140
Call Trace:
 [<ffffffff81d0402d>] __dump_stack lib/dump_stack.c:15 [inline]
 [<ffffffff81d0402d>] dump_stack+0xc1/0x124 lib/dump_stack.c:51
 [<ffffffff814fe103>] print_address_description+0x73/0x260 mm/kasan/report.c:252
 [<ffffffff814fe615>] kasan_report_error mm/kasan/report.c:351 [inline]
 [<ffffffff814fe615>] kasan_report+0x285/0x370 mm/kasan/report.c:408
 [<ffffffff814fe774>] __asan_report_load8_noabort+0x14/0x20 mm/kasan/report.c:429
 [<ffffffff825b83a9>] list_empty include/linux/list.h:189 [inline]
 [<ffffffff825b83a9>] sg_remove_request+0xf9/0x110 drivers/scsi/sg.c:2120
 [<ffffffff825b8925>] sg_finish_rem_req+0x295/0x340 drivers/scsi/sg.c:1837
 [<ffffffff825ba7cb>] sg_read+0xa1b/0x1490 drivers/scsi/sg.c:537
 [<ffffffff8151d7c1>] do_loop_readv_writev+0x141/0x1e0 fs/read_write.c:680
 [<ffffffff8151fb1d>] do_readv_writev+0x5dd/0x6e0 fs/read_write.c:810
 [<ffffffff8151fc98>] vfs_readv+0x78/0xb0 fs/read_write.c:834
 [<ffffffff81521fc9>] SYSC_readv fs/read_write.c:860 [inline]
 [<ffffffff81521fc9>] SyS_readv+0xd9/0x240 fs/read_write.c:852
 [<ffffffff83772a5f>] entry_SYSCALL_64_fastpath+0x1c/0x98

Allocated by task 0:
(stack is not available)

Freed by task 0:
(stack is not available)

The buggy address belongs to the object at ffff8801d2a2e100
 which belongs to the cache fasync_cache of size 96
The buggy address is located 64 bytes inside of
 96-byte region [ffff8801d2a2e100, ffff8801d2a2e160)
The buggy address belongs to the page:
------------[ cut here ]------------
WARNING: CPU: 1 PID: 0 at lib/debugobjects.c:263 debug_print_object+0x17d/0x220 lib/debugobjects.c:260()
ODEBUG: deactivate not available (active state 0) object type: hrtimer hint: tick_sched_timer+0x0/0x120 kernel/time/tick-sched.c:124
Kernel panic - not syncing: panic_on_warn set ...

CPU: 1 PID: 0 Comm: swapper/1 Not tainted 4.4.118-g239a415 #25
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 0000000000000000 76e7db57fbb46551 ffff8801db307ac8 ffffffff81d0402d
 ffffffff83843b40 ffff8801db307ba0 ffffffff839feaa0 0000000000000009
 0000000000000107 ffff8801db307b90 ffffffff8141aaea 0000000041b58ab3
Call Trace:
 <IRQ>  [<ffffffff81d0402d>] __dump_stack lib/dump_stack.c:15 [inline]
 <IRQ>  [<ffffffff81d0402d>] dump_stack+0xc1/0x124 lib/dump_stack.c:51
 [<ffffffff8141aaea>] panic+0x1aa/0x388 kernel/panic.c:112
 [<ffffffff8112d885>] warn_slowpath_common+0x125/0x140 kernel/panic.c:455
 [<ffffffff8112d961>] warn_slowpath_fmt+0xc1/0x110 kernel/panic.c:471
 [<ffffffff81d6488d>] debug_print_object+0x17d/0x220 lib/debugobjects.c:260
 [<ffffffff81d6605d>] debug_object_deactivate+0x25d/0x3c0 lib/debugobjects.c:488
 [<ffffffff812ada72>] debug_hrtimer_deactivate kernel/time/hrtimer.c:415 [inline]
 [<ffffffff812ada72>] debug_deactivate kernel/time/hrtimer.c:461 [inline]
 [<ffffffff812ada72>] __run_hrtimer kernel/time/hrtimer.c:1224 [inline]
 [<ffffffff812ada72>] __hrtimer_run_queues+0x492/0xfe0 kernel/time/hrtimer.c:1319
 [<ffffffff812afdc6>] hrtimer_interrupt+0x1a6/0x440 kernel/time/hrtimer.c:1353
 [<ffffffff810b0dea>] local_apic_timer_interrupt+0x6a/0xb0 arch/x86/kernel/apic/apic.c:901
 [<ffffffff837756b6>] smp_apic_timer_interrupt+0x76/0xa0 arch/x86/kernel/apic/apic.c:925
 [<ffffffff83774610>] apic_timer_interrupt+0xa0/0xb0 arch/x86/entry/entry_64.S:737
 <EOI>  [<ffffffff810d0536>] ? native_safe_halt+0x6/0x10 arch/x86/include/asm/irqflags.h:49
 [<ffffffff81027e85>] arch_safe_halt arch/x86/include/asm/paravirt.h:117 [inline]
 [<ffffffff81027e85>] default_idle+0x55/0x3c0 arch/x86/kernel/process.c:290
 [<ffffffff810293fa>] arch_cpu_idle+0xa/0x10 arch/x86/kernel/process.c:281
 [<ffffffff81221468>] default_idle_call+0x48/0x70 kernel/sched/idle.c:93
 [<ffffffff81221b6d>] cpuidle_idle_call kernel/sched/idle.c:157 [inline]
 [<ffffffff81221b6d>] cpu_idle_loop kernel/sched/idle.c:253 [inline]
 [<ffffffff81221b6d>] cpu_startup_entry+0x5fd/0x8f0 kernel/sched/idle.c:301
 [<ffffffff810adc64>] start_secondary+0x304/0x3e0 arch/x86/kernel/smpboot.c:242
Shutting down cpus with NMI
Dumping ftrace buffer:
   (ftrace buffer empty)
Kernel Offset: disabled
Rebooting in 86400 seconds..