[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[   29.439411] random: sshd: uninitialized urandom read (32 bytes read)
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   33.667312] random: sshd: uninitialized urandom read (32 bytes read)
[   34.111178] random: sshd: uninitialized urandom read (32 bytes read)
[   35.228661] random: sshd: uninitialized urandom read (32 bytes read)
[   52.090543] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.10.46' (ECDSA) to the list of known hosts.
[   57.581455] random: sshd: uninitialized urandom read (32 bytes read)
2018/05/30 03:12:59 parsed 1 programs
2018/05/30 03:12:59 executed programs: 0
[   58.113659] IPVS: ftp: loaded support on port[0] = 21
[   58.132971] IPVS: ftp: loaded support on port[0] = 21
[   58.140373] IPVS: ftp: loaded support on port[0] = 21
[   58.145671] IPVS: ftp: loaded support on port[0] = 21
[   58.179993] IPVS: ftp: loaded support on port[0] = 21
[   58.200559] IPVS: ftp: loaded support on port[0] = 21
[   58.203811] IPVS: ftp: loaded support on port[0] = 21
[   58.210651] IPVS: ftp: loaded support on port[0] = 21
[   58.467397] ip (4582) used greatest stack depth: 54520 bytes left
[   58.571118] ip (4598) used greatest stack depth: 54056 bytes left
[   58.619492] ==================================================================
[   58.626883] BUG: KMSAN: uninit-value in __list_add_valid+0x1b8/0x450
[   58.633357] CPU: 0 PID: 4614 Comm: ip Not tainted 4.17.0-rc5+ #102
[   58.639646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   58.648973] Call Trace:
[   58.651539]  dump_stack+0x185/0x1d0
[   58.655141]  ? __list_add_valid+0x1b8/0x450
[   58.659449]  kmsan_report+0x149/0x260
[   58.663224]  __msan_warning_32+0x6e/0xc0
[   58.667260]  __list_add_valid+0x1b8/0x450
[   58.671393]  enqueue_task_fair+0xe02/0x4470
[   58.675694]  ? __msan_metadata_ptr_for_store_2+0x10/0x20
[   58.681120]  ? update_load_avg+0x2cc0/0x2cc0
[   58.685511]  try_to_wake_up+0x1430/0x20b0
[   58.689634]  wake_up_process+0x34/0x40
[   58.693494]  wake_up_q+0x5f/0xa0
[   58.696836]  __mutex_unlock_slowpath+0x530/0x5d0
[   58.701566]  ? kmsan_set_origin_inline+0x6b/0x120
[   58.706385]  mutex_unlock+0x56/0x80
[   58.709990]  __rtnl_unlock+0x6e/0x150
[   58.713766]  netdev_run_todo+0x160/0x1530
[   58.717901]  rtnetlink_rcv_msg+0x11b5/0x1560
[   58.722285]  ? do_syscall_64+0x152/0x230
[   58.726321]  ? netlink_sendmsg+0x76e/0x1350
[   58.730627]  ? __sys_sendto+0x6c0/0x7e0
[   58.734579]  ? __x64_sys_sendto+0x1a1/0x210
[   58.738876]  ? do_syscall_64+0x152/0x230
[   58.742923]  ? entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   58.748265]  ? kmsan_set_origin_inline+0x6b/0x120
[   58.753085]  ? kmsan_set_origin+0x9e/0x160
[   58.757303]  netlink_rcv_skb+0x378/0x600
[   58.761340]  ? rtnetlink_bind+0x120/0x120
[   58.765461]  rtnetlink_rcv+0x50/0x60
[   58.769150]  netlink_unicast+0x1678/0x1750
[   58.773361]  ? rtnetlink_net_exit+0xa0/0xa0
[   58.777656]  netlink_sendmsg+0x104f/0x1350
[   58.781868]  ? netlink_getsockopt+0xc80/0xc80
[   58.786339]  __sys_sendto+0x6c0/0x7e0
[   58.790114]  ? filemap_fault+0x2630/0x2630
[   58.794328]  __x64_sys_sendto+0x1a1/0x210
[   58.798454]  do_syscall_64+0x152/0x230
[   58.802317]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   58.807485] RIP: 0033:0x7f7a37221282
[   58.811170] RSP: 002b:00007ffdafc14f20 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   58.818851] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f7a37221282
[   58.826109] RDX: 0000000000000020 RSI: 00007ffdafc14f60 RDI: 0000000000000003
[   58.833352] RBP: 00007ffdafc16f5a R08: 0000000000000000 R09: 0000000000000000
[   58.840593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006
[   58.847836] R13: 00007ffdafc156e0 R14: 00007ffdafc156e8 R15: 0000000000000000
[   58.855084] 
[   58.856682] Uninit was stored to memory at:
[   58.860980]  kmsan_internal_chain_origin+0x12b/0x210
[   58.866055]  __msan_chain_origin+0x69/0xc0
[   58.870268]  pick_next_task_fair+0x2464/0x2520
[   58.874835]  pick_next_task+0x1b1/0x410
[   58.878786]  __schedule+0x20b/0x730
[   58.882389]  do_task_dead+0xc8/0xf0
[   58.885993]  do_exit+0x340e/0x38d0
[   58.889507]  do_group_exit+0x1a0/0x360
[   58.893367]  __do_sys_exit_group+0x21/0x30
[   58.897576]  __se_sys_exit_group+0x14/0x20
[   58.901813]  __x64_sys_exit_group+0x4c/0x50
[   58.906108]  do_syscall_64+0x152/0x230
[   58.909972]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   58.915131] Local variable description: ----tlb.i@ldt_arch_exit_mmap
[   58.921590] Variable was created at:
[   58.925278]  ldt_arch_exit_mmap+0x46/0x160
[   58.929487]  exit_mmap+0x3ef/0x970
[   58.932995] ==================================================================
[   58.940325] Disabling lock debugging due to kernel taint
[   58.945747] Kernel panic - not syncing: panic_on_warn set ...
[   58.945747] 
[   58.953088] CPU: 0 PID: 4614 Comm: ip Tainted: G    B             4.17.0-rc5+ #102
[   58.960766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   58.970091] Call Trace:
[   58.972656]  dump_stack+0x185/0x1d0
[   58.976262]  panic+0x39d/0x940
[   58.979437]  ? __list_add_valid+0x1b8/0x450
[   58.983735]  kmsan_report+0x260/0x260
[   58.987511]  __msan_warning_32+0x6e/0xc0
[   58.991545]  __list_add_valid+0x1b8/0x450
[   58.995671]  enqueue_task_fair+0xe02/0x4470
[   58.999968]  ? __msan_metadata_ptr_for_store_2+0x10/0x20
[   59.005394]  ? update_load_avg+0x2cc0/0x2cc0
[   59.009778]  try_to_wake_up+0x1430/0x20b0
[   59.013903]  wake_up_process+0x34/0x40
[   59.017762]  wake_up_q+0x5f/0xa0
[   59.021103]  __mutex_unlock_slowpath+0x530/0x5d0
[   59.025832]  ? kmsan_set_origin_inline+0x6b/0x120
[   59.030670]  mutex_unlock+0x56/0x80
[   59.034275]  __rtnl_unlock+0x6e/0x150
[   59.038051]  netdev_run_todo+0x160/0x1530
[   59.042175]  rtnetlink_rcv_msg+0x11b5/0x1560
[   59.046649]  ? do_syscall_64+0x152/0x230
[   59.050685]  ? netlink_sendmsg+0x76e/0x1350
[   59.054982]  ? __sys_sendto+0x6c0/0x7e0
[   59.058929]  ? __x64_sys_sendto+0x1a1/0x210
[   59.063222]  ? do_syscall_64+0x152/0x230
[   59.067260]  ? entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   59.072599]  ? kmsan_set_origin_inline+0x6b/0x120
[   59.077416]  ? kmsan_set_origin+0x9e/0x160
[   59.081628]  netlink_rcv_skb+0x378/0x600
[   59.085677]  ? rtnetlink_bind+0x120/0x120
[   59.089798]  rtnetlink_rcv+0x50/0x60
[   59.093484]  netlink_unicast+0x1678/0x1750
[   59.097693]  ? rtnetlink_net_exit+0xa0/0xa0
[   59.101989]  netlink_sendmsg+0x104f/0x1350
[   59.106199]  ? netlink_getsockopt+0xc80/0xc80
[   59.110671]  __sys_sendto+0x6c0/0x7e0
[   59.114451]  ? filemap_fault+0x2630/0x2630
[   59.118665]  __x64_sys_sendto+0x1a1/0x210
[   59.122787]  do_syscall_64+0x152/0x230
[   59.126650]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   59.131813] RIP: 0033:0x7f7a37221282
[   59.135496] RSP: 002b:00007ffdafc14f20 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   59.143178] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f7a37221282
[   59.150422] RDX: 0000000000000020 RSI: 00007ffdafc14f60 RDI: 0000000000000003
[   59.157669] RBP: 00007ffdafc16f5a R08: 0000000000000000 R09: 0000000000000000
[   59.164913] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006
[   59.172158] R13: 00007ffdafc156e0 R14: 00007ffdafc156e8 R15: 0000000000000000
[   60.324674] Shutting down cpus with NMI
[   60.340798] Dumping ftrace buffer:
[   60.344324]    (ftrace buffer empty)
[   60.348013] Kernel Offset: disabled
[   60.351626] Rebooting in 86400 seconds..