[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[   19.953838] random: sshd: uninitialized urandom read (32 bytes read)
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   21.211277] random: sshd: uninitialized urandom read (32 bytes read)
[   21.559406] random: sshd: uninitialized urandom read (32 bytes read)
[   22.394239] random: sshd: uninitialized urandom read (32 bytes read)
[   22.560739] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.10.40' (ECDSA) to the list of known hosts.
[   28.150720] random: sshd: uninitialized urandom read (32 bytes read)
2018/07/02 01:20:39 parsed 1 programs
[   29.466888] random: cc1: uninitialized urandom read (8 bytes read)
2018/07/02 01:20:41 executed programs: 0
[   30.721646] IPVS: ftp: loaded support on port[0] = 21
[   30.910309] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.916762] bridge0: port 1(bridge_slave_0) entered disabled state
[   30.924232] device bridge_slave_0 entered promiscuous mode
[   30.939758] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.946119] bridge0: port 2(bridge_slave_1) entered disabled state
[   30.953261] device bridge_slave_1 entered promiscuous mode
[   30.968195] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   30.984870] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   31.024726] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   31.042414] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   31.102237] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   31.110067] team0: Port device team_slave_0 added
[   31.125171] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   31.132405] team0: Port device team_slave_1 added
[   31.146890] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   31.163723] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   31.180343] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   31.198234] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   31.311699] bridge0: port 2(bridge_slave_1) entered blocking state
[   31.318159] bridge0: port 2(bridge_slave_1) entered forwarding state
[   31.325132] bridge0: port 1(bridge_slave_0) entered blocking state
[   31.331671] bridge0: port 1(bridge_slave_0) entered forwarding state
[   31.733725] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[   31.739839] 8021q: adding VLAN 0 to HW filter on device bond0
[   31.781297] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   31.822432] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   31.830705] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   31.868348] 8021q: adding VLAN 0 to HW filter on device team0
[   32.119277] ------------[ cut here ]------------
[   32.124076] kernel BUG at mm/gup.c:1242!
[   32.128208] invalid opcode: 0000 [#1] SMP KASAN
[   32.132878] CPU: 1 PID: 4837 Comm: syz-executor0 Not tainted 4.18.0-rc2+ #29
[   32.140051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   32.149427] RIP: 0010:__mm_populate+0x472/0x520
[   32.154073] Code: ea 03 0f b6 04 02 84 c0 74 08 3c 03 0f 8e aa 00 00 00 44 8b 75 98 45 31 e4 e9 58 ff ff ff e8 b5 9e d1 ff 0f 0b e8 ae 9e d1 ff <0f> 0b 48 8b bd 60 ff ff ff e8 d0 72 0f 00 e9 52 fc ff ff 48 8b bd 
[   32.173243] RSP: 0018:ffff8801aae77ae0 EFLAGS: 00010293
[   32.178589] RAX: ffff8801cfb48280 RBX: 0000000000008000 RCX: ffffffff81aa6a68
[   32.185850] RDX: 0000000000000000 RSI: ffffffff81aa6dc2 RDI: 0000000000000006
[   32.193102] RBP: ffff8801aae77ba0 R08: ffff8801cfb48280 R09: fffffbfff133d66a
[   32.200350] R10: 0000000000000003 R11: 0000000000000000 R12: 000000007bf81000
[   32.207611] R13: 0000000000007676 R14: dffffc0000000000 R15: 0000000000000000
[   32.214875] FS:  0000000000000000(0000) GS:ffff8801daf00000(0063) knlGS:000000000865b900
[   32.223092] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[   32.228968] CR2: 00000000080e3a94 CR3: 00000001cb021000 CR4: 00000000001406e0
[   32.236225] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   32.243492] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   32.250754] Call Trace:
[   32.253325]  ? up_write+0x7b/0x220
[   32.256861]  ? populate_vma_page_range+0x3d0/0x3d0
[   32.261787]  ? down_read_killable+0x200/0x200
[   32.266271]  vm_brk_flags+0x1fe/0x240
[   32.270058]  ? do_brk_flags+0xde0/0xde0
[   32.274033]  ? __might_fault+0x1a3/0x1e0
[   32.278080]  vm_brk+0x1f/0x30
[   32.281171]  load_elf_library+0x711/0x8e0
[   32.285301]  ? load_elf_phdrs+0x270/0x270
[   32.289431]  ? lock_release+0xa30/0xa30
[   32.293384]  ? __fsnotify_parent+0xcc/0x420
[   32.297687]  ? putname+0xf2/0x130
[   32.301127]  __ia32_sys_uselib+0x37e/0x4c0
[   32.305347]  do_fast_syscall_32+0x34d/0xfb2
[   32.309653]  ? do_int80_syscall_32+0x890/0x890
[   32.314239]  ? syscall_slow_exit_work+0x500/0x500
[   32.319070]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   32.324588]  ? syscall_return_slowpath+0x31d/0x5e0
[   32.329510]  ? sysret32_from_system_call+0x5/0x46
[   32.334347]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   32.339174]  entry_SYSENTER_compat+0x70/0x7f
[   32.343562] RIP: 0023:0xf7fcbcb9
[   32.346901] Code: 55 08 8b 88 64 cd ff ff 8b 98 68 cd ff ff 89 c8 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 1c 24 c3 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 
[   32.366050] RSP: 002b:00000000ff8df4ac EFLAGS: 00000282 ORIG_RAX: 0000000000000056
[   32.373753] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 0000000000000000
[   32.381004] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   32.388263] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   32.395513] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[   32.402763] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   32.410019] Modules linked in:
[   32.413200] Dumping ftrace buffer:
[   32.416714]    (ftrace buffer empty)
[   32.420890] ---[ end trace f964ea7008b66351 ]---
[   32.425688] RIP: 0010:__mm_populate+0x472/0x520
[   32.430360] Code: ea 03 0f b6 04 02 84 c0 74 08 3c 03 0f 8e aa 00 00 00 44 8b 75 98 45 31 e4 e9 58 ff ff ff e8 b5 9e d1 ff 0f 0b e8 ae 9e d1 ff <0f> 0b 48 8b bd 60 ff ff ff e8 d0 72 0f 00 e9 52 fc ff ff 48 8b bd 
[   32.449612] RSP: 0018:ffff8801aae77ae0 EFLAGS: 00010293
[   32.454989] RAX: ffff8801cfb48280 RBX: 0000000000008000 RCX: ffffffff81aa6a68
[   32.462273] RDX: 0000000000000000 RSI: ffffffff81aa6dc2 RDI: 0000000000000006
[   32.469562] RBP: ffff8801aae77ba0 R08: ffff8801cfb48280 R09: fffffbfff133d66a
[   32.476836] R10: 0000000000000003 R11: 0000000000000000 R12: 000000007bf81000
[   32.484122] R13: 0000000000007676 R14: dffffc0000000000 R15: 0000000000000000
[   32.491402] FS:  0000000000000000(0000) GS:ffff8801daf00000(0063) knlGS:000000000865b900
[   32.499636] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[   32.505522] CR2: 00000000080e3a94 CR3: 00000001cb021000 CR4: 00000000001406e0
[   32.512798] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   32.520077] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   32.527364] Kernel panic - not syncing: Fatal exception
[   32.533259] Dumping ftrace buffer:
[   32.536780]    (ftrace buffer empty)
[   32.540468] Kernel Offset: disabled
[   32.544075] Rebooting in 86400 seconds..