[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 30.580486] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 32.375733] random: sshd: uninitialized urandom read (32 bytes read) [ 32.729079] random: sshd: uninitialized urandom read (32 bytes read) [ 33.834163] random: sshd: uninitialized urandom read (32 bytes read) [ 200.102049] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.7' (ECDSA) to the list of known hosts. [ 205.647009] random: sshd: uninitialized urandom read (32 bytes read) 2018/06/28 22:12:17 parsed 1 programs [ 206.957089] random: cc1: uninitialized urandom read (8 bytes read) 2018/06/28 22:12:19 executed programs: 0 [ 208.505001] IPVS: ftp: loaded support on port[0] = 21 [ 208.506230] IPVS: ftp: loaded support on port[0] = 21 [ 208.530803] IPVS: ftp: loaded support on port[0] = 21 [ 208.531422] IPVS: ftp: loaded support on port[0] = 21 [ 208.572171] IPVS: ftp: loaded support on port[0] = 21 [ 208.576990] IPVS: ftp: loaded support on port[0] = 21 [ 208.579612] IPVS: ftp: loaded support on port[0] = 21 [ 208.591052] IPVS: ftp: loaded support on port[0] = 21 [ 209.251705] ip (4644) used greatest stack depth: 54352 bytes left [ 209.426954] ================================================================== [ 209.434357] BUG: KMSAN: uninit-value in __list_add_valid+0x1b8/0x450 [ 209.440848] CPU: 0 PID: 4689 Comm: ip Not tainted 4.17.0+ #9 [ 209.446620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 209.455954] Call Trace: [ 209.458523] dump_stack+0x185/0x1d0 [ 209.462125] kmsan_report+0x188/0x2a0 [ 209.465902] __msan_warning_32+0x70/0xc0 [ 209.469942] __list_add_valid+0x1b8/0x450 [ 209.474080] enqueue_task_fair+0xe12/0x4490 [ 209.478382] ? __msan_metadata_ptr_for_store_4+0x10/0x20 [ 209.483812] ? update_load_avg+0x2cc0/0x2cc0 [ 209.488199] try_to_wake_up+0x162f/0x2260 [ 209.492328] wake_up_process+0x34/0x40 [ 209.496199] wake_up_q+0x5f/0xa0 [ 209.499544] __mutex_unlock_slowpath+0x530/0x5d0 [ 209.504286] ? kmsan_set_origin_inline+0x6b/0x120 [ 209.509106] mutex_unlock+0x56/0x80 [ 209.512710] __rtnl_unlock+0x6e/0x150 [ 209.516500] netdev_run_todo+0x160/0x1530 [ 209.520632] rtnetlink_rcv_msg+0x11cd/0x1570 [ 209.525036] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 209.530377] ? netlink_sendmsg+0x76e/0x1350 [ 209.534676] ? kmsan_set_origin_inline+0x6b/0x120 [ 209.539492] ? __msan_poison_alloca+0x15c/0x1d0 [ 209.544134] ? __should_failslab+0x278/0x2a0 [ 209.548521] ? kmsan_set_origin_inline+0x6b/0x120 [ 209.553343] ? kmsan_set_origin+0x9e/0x160 [ 209.557565] netlink_rcv_skb+0x37e/0x600 [ 209.561611] ? rtnetlink_bind+0x120/0x120 [ 209.565743] rtnetlink_rcv+0x50/0x60 [ 209.569435] netlink_unicast+0x1680/0x1750 [ 209.573651] ? rtnetlink_net_exit+0xa0/0xa0 [ 209.577949] netlink_sendmsg+0x104f/0x1350 [ 209.582162] ? netlink_getsockopt+0xc60/0xc60 [ 209.586636] __sys_sendto+0x6c4/0x7e0 [ 209.590426] ? filemap_fault+0x2590/0x2590 [ 209.594644] __x64_sys_sendto+0x1a1/0x210 [ 209.598780] ? __sys_sendto+0x7e0/0x7e0 [ 209.602746] do_syscall_64+0x15b/0x230 [ 209.606622] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 209.611789] RIP: 0033:0x7f4a57427282 [ 209.615475] RSP: 002b:00007ffd59a0d260 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 209.623260] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f4a57427282 [ 209.630510] RDX: 0000000000000020 RSI: 00007ffd59a0d2a0 RDI: 0000000000000003 [ 209.637754] RBP: 00007ffd59a0df5a R08: 0000000000000000 R09: 0000000000000000 [ 209.645006] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 209.652256] R13: 00007ffd59a0da20 R14: 00007ffd59a0da28 R15: 0000000000000000 [ 209.659514] [ 209.661141] Uninit was stored to memory at: [ 209.665444] kmsan_internal_chain_origin+0x12b/0x210 [ 209.670520] __msan_chain_origin+0x69/0xc0 [ 209.674731] pick_next_task_fair+0x2474/0x2530 [ 209.679288] pick_next_task+0x1ba/0x420 [ 209.683250] __schedule+0x20f/0x770 [ 209.686855] do_task_dead+0xc8/0xf0 [ 209.690486] do_exit+0x347e/0x3930 [ 209.693999] do_group_exit+0x1a0/0x360 [ 209.697859] __do_sys_exit_group+0x21/0x30 [ 209.702078] __se_sys_exit_group+0x14/0x20 [ 209.706288] __x64_sys_exit_group+0x4c/0x50 [ 209.710584] do_syscall_64+0x15b/0x230 [ 209.714447] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 209.719620] [ 209.721221] Local variable description: ----flags.i.i.i.i@_raw_spin_lock_irqsave [ 209.728723] Variable was created at: [ 209.732413] _raw_spin_lock_irqsave+0x45/0xf0 [ 209.736886] do_task_dead+0x40/0xf0 [ 209.740483] ================================================================== [ 209.747822] Disabling lock debugging due to kernel taint [ 209.753247] Kernel panic - not syncing: panic_on_warn set ... [ 209.753247] [ 209.760589] CPU: 0 PID: 4689 Comm: ip Tainted: G B 4.17.0+ #9 [ 209.767748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 209.777076] Call Trace: [ 209.779642] dump_stack+0x185/0x1d0 [ 209.783246] panic+0x3d0/0x990 [ 209.786430] kmsan_report+0x29e/0x2a0 [ 209.790223] __msan_warning_32+0x70/0xc0 [ 209.794265] __list_add_valid+0x1b8/0x450 [ 209.798391] enqueue_task_fair+0xe12/0x4490 [ 209.802710] ? __msan_metadata_ptr_for_store_4+0x10/0x20 [ 209.808139] ? update_load_avg+0x2cc0/0x2cc0 [ 209.812532] try_to_wake_up+0x162f/0x2260 [ 209.816659] wake_up_process+0x34/0x40 [ 209.820520] wake_up_q+0x5f/0xa0 [ 209.823862] __mutex_unlock_slowpath+0x530/0x5d0 [ 209.828592] ? kmsan_set_origin_inline+0x6b/0x120 [ 209.833410] mutex_unlock+0x56/0x80 [ 209.837022] __rtnl_unlock+0x6e/0x150 [ 209.840900] netdev_run_todo+0x160/0x1530 [ 209.845030] rtnetlink_rcv_msg+0x11cd/0x1570 [ 209.849420] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 209.854845] ? netlink_sendmsg+0x76e/0x1350 [ 209.859153] ? kmsan_set_origin_inline+0x6b/0x120 [ 209.863972] ? __msan_poison_alloca+0x15c/0x1d0 [ 209.868617] ? __should_failslab+0x278/0x2a0 [ 209.873003] ? kmsan_set_origin_inline+0x6b/0x120 [ 209.877908] ? kmsan_set_origin+0x9e/0x160 [ 209.882119] netlink_rcv_skb+0x37e/0x600 [ 209.886157] ? rtnetlink_bind+0x120/0x120 [ 209.890282] rtnetlink_rcv+0x50/0x60 [ 209.893971] netlink_unicast+0x1680/0x1750 [ 209.898184] ? rtnetlink_net_exit+0xa0/0xa0 [ 209.902483] netlink_sendmsg+0x104f/0x1350 [ 209.906697] ? netlink_getsockopt+0xc60/0xc60 [ 209.911255] __sys_sendto+0x6c4/0x7e0 [ 209.915044] ? filemap_fault+0x2590/0x2590 [ 209.919446] __x64_sys_sendto+0x1a1/0x210 [ 209.923675] ? __sys_sendto+0x7e0/0x7e0 [ 209.927638] do_syscall_64+0x15b/0x230 [ 209.931540] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 209.936755] RIP: 0033:0x7f4a57427282 [ 209.940455] RSP: 002b:00007ffd59a0d260 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 209.948148] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f4a57427282 [ 209.955412] RDX: 0000000000000020 RSI: 00007ffd59a0d2a0 RDI: 0000000000000003 [ 209.962673] RBP: 00007ffd59a0df5a R08: 0000000000000000 R09: 0000000000000000 [ 209.969923] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 209.977180] R13: 00007ffd59a0da20 R14: 00007ffd59a0da28 R15: 0000000000000000 [ 211.155696] Shutting down cpus with NMI [ 211.172076] Dumping ftrace buffer: [ 211.175632] (ftrace buffer empty) [ 211.179330] Kernel Offset: disabled [ 211.182946] Rebooting in 86400 seconds..