[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 24.528055] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. [ 24.918868] random: sshd: uninitialized urandom read (32 bytes read) [ 25.181192] random: sshd: uninitialized urandom read (32 bytes read) Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 25.949125] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.15.204' (ECDSA) to the list of known hosts. [ 31.741492] random: sshd: uninitialized urandom read (32 bytes read) 2018/09/12 05:00:38 fuzzer started [ 33.073318] random: cc1: uninitialized urandom read (8 bytes read) 2018/09/12 05:00:40 dialing manager at 10.128.0.26:42863 2018/09/12 05:00:40 checking revisions... 2018/09/12 05:00:40 testing simple program... [ 34.421008] kasan: CONFIG_KASAN_INLINE enabled [ 34.425772] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 34.433127] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 34.439348] CPU: 1 PID: 5580 Comm: syz-executor0 Not tainted 4.19.0-rc3-next-20180912+ #72 [ 34.447732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 34.457086] RIP: 0010:__lock_acquire+0x237/0x4ec0 [ 34.461915] Code: 28 00 00 00 0f 85 aa 33 00 00 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 48 b8 00 00 00 00 00 fc ff df 4c 89 ea 48 c1 ea 03 <80> 3c 02 00 0f 85 6d 35 00 00 49 81 7d 00 20 90 9e 8a 0f 84 54 ff [ 34.480804] RSP: 0018:ffff8801d36ff430 EFLAGS: 00010006 [ 34.486154] RAX: dffffc0000000000 RBX: 1ffff1003a6dff03 RCX: 0000000000000000 [ 34.493408] RDX: 0000000140000014 RSI: 0000000000000000 RDI: ffffffff89722928 [ 34.500710] RBP: ffff8801d36ff7c0 R08: 0000000000000001 R09: 0000000000000001 [ 34.507970] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000 [ 34.515233] R13: 0000000a000000a0 R14: ffff8801b9cde100 R15: 0000000000000000 [ 34.522500] FS: 0000000000db8940(0000) GS:ffff8801dad00000(0000) knlGS:0000000000000000 [ 34.530757] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 34.536629] CR2: 0000000000482e00 CR3: 00000001b9d4f000 CR4: 00000000001406e0 [ 34.543890] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 34.551151] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 34.558427] Call Trace: [ 34.561007] ? __lock_acquire+0x7ec/0x4ec0 [ 34.565238] ? depot_save_stack+0x292/0x470 [ 34.569564] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 34.574678] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 34.579771] ? mark_held_locks+0x130/0x130 [ 34.583992] ? mark_held_locks+0x130/0x130 [ 34.588214] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 34.593656] ? kasan_check_write+0x14/0x20 [ 34.597899] ? do_raw_spin_lock+0xc1/0x200 [ 34.602143] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 34.607247] ? depot_save_stack+0x292/0x470 [ 34.611554] ? save_stack+0xa9/0xd0 [ 34.615182] ? save_stack+0x43/0xd0 [ 34.618793] ? kasan_kmalloc+0xc7/0xe0 [ 34.622663] ? kmem_cache_alloc_trace+0x152/0x750 [ 34.627490] ? apparmor_fs_context_alloc+0x43/0xa0 [ 34.632434] ? security_fs_context_alloc+0x54/0xb0 [ 34.637353] ? vfs_new_fs_context+0x36e/0x789 [ 34.641840] ? mq_create_mount+0x29/0x190 [ 34.645973] ? mq_init_ns+0x15a/0x210 [ 34.649754] ? copy_ipcs+0x3d2/0x580 [ 34.653452] ? create_new_namespaces+0x376/0x900 [ 34.658210] ? unshare_nsproxy_namespaces+0xc3/0x1f0 [ 34.663302] ? ksys_unshare+0x79c/0x10b0 [ 34.667354] ? do_syscall_64+0x1b9/0x820 [ 34.671408] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 34.676761] ? find_held_lock+0x36/0x1c0 [ 34.680811] ? kmem_cache_alloc_trace+0x5a2/0x750 [ 34.685641] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 34.691167] ? check_preemption_disabled+0x48/0x200 [ 34.696173] lock_acquire+0x1ed/0x520 [ 34.699971] ? lockref_get+0x15/0x50 [ 34.703674] ? mqueue_get_tree+0x48/0x2e0 [ 34.707811] ? lock_release+0x970/0x970 [ 34.711774] ? lock_release+0x970/0x970 [ 34.715734] ? refcount_dec_not_one+0x1de/0x320 [ 34.720393] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 34.725833] _raw_spin_lock+0x2d/0x40 [ 34.729639] ? lockref_get+0x15/0x50 [ 34.733357] lockref_get+0x15/0x50 [ 34.736891] mqueue_get_tree+0x101/0x2e0 [ 34.740942] vfs_get_tree+0x1cb/0x5c0 [ 34.744730] mq_create_mount+0xe3/0x190 [ 34.748692] mq_init_ns+0x15a/0x210 [ 34.752300] copy_ipcs+0x3d2/0x580 [ 34.755844] ? ipcns_get+0xe0/0xe0 [ 34.759378] ? do_mount+0x1db0/0x1db0 [ 34.763162] ? kmem_cache_alloc+0x33a/0x730 [ 34.767470] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 34.772995] ? perf_event_namespaces+0x136/0x400 [ 34.777743] create_new_namespaces+0x376/0x900 [ 34.782337] ? sys_ni_syscall+0x20/0x20 [ 34.786315] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 34.791840] ? ns_capable_common+0x13f/0x170 [ 34.796241] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 34.801159] ksys_unshare+0x79c/0x10b0 [ 34.805033] ? walk_process_tree+0x440/0x440 [ 34.809431] ? lock_downgrade+0x900/0x900 [ 34.813565] ? kasan_check_read+0x11/0x20 [ 34.817698] ? do_raw_spin_unlock+0xa7/0x2f0 [ 34.822317] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 34.826885] ? kasan_check_write+0x14/0x20 [ 34.831103] ? do_raw_read_unlock+0x3f/0x60 [ 34.835410] ? do_syscall_64+0x9a/0x820 [ 34.839370] ? do_syscall_64+0x9a/0x820 [ 34.843335] ? lockdep_hardirqs_on+0x421/0x5c0 [ 34.847925] ? trace_hardirqs_on+0xbd/0x310 [ 34.852235] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 34.857606] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 34.863048] ? __ia32_sys_prlimit64+0x8c0/0x8c0 [ 34.867709] __x64_sys_unshare+0x31/0x40 [ 34.871760] do_syscall_64+0x1b9/0x820 [ 34.875638] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 34.881011] ? syscall_return_slowpath+0x5e0/0x5e0 [ 34.885927] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 34.890755] ? trace_hardirqs_on_caller+0x310/0x310 [ 34.895756] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 34.900757] ? prepare_exit_to_usermode+0x291/0x3b0 [ 34.905763] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 34.910593] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 34.915789] RIP: 0033:0x459d87 [ 34.918969] Code: 00 00 00 b8 63 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 3d 8a fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 10 01 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 1d 8a fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 34.937874] RSP: 002b:00007ffcccf0eee8 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 34.945591] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459d87 [ 34.952851] RDX: 0000000000000000 RSI: 00007ffcccf0eef0 RDI: 0000000008000000 [ 34.960112] RBP: 0000000000930b28 R08: 0000000000000000 R09: 0000000000000018 [ 34.967369] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000010 [ 34.974633] R13: 0000000000412cc0 R14: 0000000000000000 R15: 0000000000000000 [ 34.981892] Modules linked in: [ 34.985076] ---[ end trace 404378fbbfe9896c ]--- [ 34.990149] RIP: 0010:__lock_acquire+0x237/0x4ec0 [ 34.994981] Code: 28 00 00 00 0f 85 aa 33 00 00 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 48 b8 00 00 00 00 00 fc ff df 4c 89 ea 48 c1 ea 03 <80> 3c 02 00 0f 85 6d 35 00 00 49 81 7d 00 20 90 9e 8a 0f 84 54 ff [ 35.013889] RSP: 0018:ffff8801d36ff430 EFLAGS: 00010006 [ 35.019264] RAX: dffffc0000000000 RBX: 1ffff1003a6dff03 RCX: 0000000000000000 [ 35.026528] RDX: 0000000140000014 RSI: 0000000000000000 RDI: ffffffff89722928 [ 35.033786] RBP: ffff8801d36ff7c0 R08: 0000000000000001 R09: 0000000000000001 [ 35.041044] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000 [ 35.048320] R13: 0000000a000000a0 R14: ffff8801b9cde100 R15: 0000000000000000 [ 35.055579] FS: 0000000000db8940(0000) GS:ffff8801dad00000(0000) knlGS:0000000000000000 [ 35.063793] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 35.069658] CR2: 0000000000482e00 CR3: 00000001b9d4f000 CR4: 00000000001406e0 [ 35.076913] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 35.084187] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 35.091444] Kernel panic - not syncing: Fatal exception [ 35.097782] Kernel Offset: disabled [ 35.101404] Rebooting in 86400 seconds..