[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[   30.103719] random: sshd: uninitialized urandom read (32 bytes read)
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   30.813882] random: sshd: uninitialized urandom read (32 bytes read)
[   31.181858] random: sshd: uninitialized urandom read (32 bytes read)

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   32.329639] random: sshd: uninitialized urandom read (32 bytes read)
[   78.304397] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.10.50' (ECDSA) to the list of known hosts.
[   83.825722] random: sshd: uninitialized urandom read (32 bytes read)
2018/06/14 16:15:31 parsed 1 programs
[   85.164406] random: cc1: uninitialized urandom read (8 bytes read)
2018/06/14 16:15:33 executed programs: 0
[   86.707871] IPVS: ftp: loaded support on port[0] = 21
[   86.708818] IPVS: ftp: loaded support on port[0] = 21
[   86.717742] IPVS: ftp: loaded support on port[0] = 21
[   86.737309] IPVS: ftp: loaded support on port[0] = 21
[   86.741624] IPVS: ftp: loaded support on port[0] = 21
[   86.779307] IPVS: ftp: loaded support on port[0] = 21
[   86.781451] IPVS: ftp: loaded support on port[0] = 21
[   86.816396] IPVS: ftp: loaded support on port[0] = 21
[   87.490837] ip (4649) used greatest stack depth: 54424 bytes left
[   87.597054] ==================================================================
[   87.604445] BUG: KMSAN: uninit-value in __list_add_valid+0x1b8/0x450
[   87.610934] CPU: 0 PID: 4676 Comm: ip Not tainted 4.17.0+ #7
[   87.616724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   87.626077] Call Trace:
[   87.628645]  <IRQ>
[   87.630866]  dump_stack+0x185/0x1d0
[   87.634470]  kmsan_report+0x188/0x2a0
[   87.638248]  __msan_warning_32+0x70/0xc0
[   87.642286]  __list_add_valid+0x1b8/0x450
[   87.646422]  enqueue_task_fair+0xe12/0x4490
[   87.650723]  ? __msan_metadata_ptr_for_store_n+0x10/0x10
[   87.656151]  ? update_load_avg+0x2cc0/0x2cc0
[   87.660536]  try_to_wake_up+0x162f/0x2260
[   87.664669]  wake_up_process+0x34/0x40
[   87.668541]  swake_up+0xfb/0x3b0
[   87.671884]  ? __msan_metadata_ptr_for_store_1+0x13/0x20
[   87.677314]  rcu_report_qs_rnp+0x767/0x880
[   87.681546]  rcu_process_callbacks+0x90a/0x2060
[   87.686196]  ? rcu_scheduler_starting+0xe0/0xe0
[   87.690845]  __do_softirq+0x592/0x979
[   87.694624]  irq_exit+0x202/0x240
[   87.698234]  exiting_irq+0xe/0x10
[   87.701674]  smp_apic_timer_interrupt+0x64/0x90
[   87.706325]  apic_timer_interrupt+0xf/0x20
[   87.710539]  </IRQ>
[   87.712767] RIP: 0010:nla_put+0x160/0x340
[   87.716909] RSP: 0018:ffff8801bcf3ef40 EFLAGS: 00000293 ORIG_RAX: ffffffffffffff13
[   87.724594] RAX: 0000000000000000 RBX: 0000000000000008 RCX: ffff8801b9b99d40
[   87.731927] RDX: 0000000000000000 RSI: aaaaaaaaaaaab000 RDI: 00000000db600085
[   87.739172] RBP: ffff8801bcf3efc0 R08: 0000000000000010 R09: ffff8801bcf66414
[   87.746426] R10: 0000000000000000 R11: ffffffff88b63b00 R12: ffff8801b9b9a618
[   87.754112] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000001aac
[   87.761373]  ? addrconf_rs_timer+0xc70/0xc70
[   87.765762]  rtnl_fill_ifinfo+0x10c4/0x6360
[   87.770063]  ? validate_nla+0x80a/0xe40
[   87.774018]  rtnl_dump_ifinfo+0x13dc/0x1b60
[   87.778323]  ? __msan_metadata_ptr_for_load_4+0x10/0x20
[   87.783670]  ? __kmalloc_node_track_caller+0xf7e/0x11b0
[   87.789014]  ? rtnl_getlink+0xe70/0xe70
[   87.792964]  netlink_dump+0x9b5/0x1550
[   87.796844]  ? try_module_get+0x61/0x3d0
[   87.800884]  __netlink_dump_start+0x1131/0x1270
[   87.805529]  rtnetlink_rcv_msg+0x144d/0x1570
[   87.809921]  ? rtnl_getlink+0xe70/0xe70
[   87.813878]  ? rtnl_getlink+0xe70/0xe70
[   87.817833]  netlink_rcv_skb+0x37e/0x600
[   87.821879]  ? rtnetlink_bind+0x120/0x120
[   87.826002]  rtnetlink_rcv+0x50/0x60
[   87.829688]  netlink_unicast+0x1680/0x1750
[   87.833902]  ? rtnetlink_net_exit+0xa0/0xa0
[   87.838205]  netlink_sendmsg+0x104f/0x1350
[   87.842416]  ? netlink_getsockopt+0xc60/0xc60
[   87.846889]  __sys_sendto+0x6c4/0x7e0
[   87.850673]  __x64_sys_sendto+0x1a1/0x210
[   87.854797]  ? __sys_sendto+0x7e0/0x7e0
[   87.858746]  do_syscall_64+0x15b/0x230
[   87.862611]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   87.867775] RIP: 0033:0x7f722ca53282
[   87.871465] RSP: 002b:00007ffd53b40440 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   87.879150] RAX: ffffffffffffffda RBX: 00000000006395c0 RCX: 00007f722ca53282
[   87.886407] RDX: 000000000000001c RSI: 00007ffd53b40470 RDI: 0000000000000003
[   87.893658] RBP: 0000000000000600 R08: 0000000000000000 R09: 0000000000000000
[   87.900905] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd53b40cb0
[   87.908151] R13: 0000000000000000 R14: 00007ffd53b404c8 R15: 00007ffd53b40cd0
[   87.915401] 
[   87.917002] Uninit was stored to memory at:
[   87.921304]  kmsan_internal_chain_origin+0x12b/0x210
[   87.926394]  __msan_chain_origin+0x69/0xc0
[   87.930605]  pick_next_task_fair+0x2474/0x2530
[   87.935177]  pick_next_task+0x1ba/0x420
[   87.939139]  __schedule+0x20f/0x770
[   87.942738]  do_task_dead+0xc8/0xf0
[   87.946341]  do_exit+0x347e/0x3930
[   87.949855]  do_group_exit+0x1a0/0x360
[   87.953719]  __do_sys_exit_group+0x21/0x30
[   87.957929]  __se_sys_exit_group+0x14/0x20
[   87.962137]  __x64_sys_exit_group+0x4c/0x50
[   87.966430]  do_syscall_64+0x15b/0x230
[   87.970293]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   87.975460] Local variable description: ----tlb.i@ldt_arch_exit_mmap
[   87.981922] Variable was created at:
[   87.985618]  ldt_arch_exit_mmap+0x46/0x160
[   87.989830]  exit_mmap+0x410/0x980
[   87.993339] ==================================================================
[   88.000670] Disabling lock debugging due to kernel taint
[   88.006351] Kernel panic - not syncing: panic_on_warn set ...
[   88.006351] 
[   88.013689] CPU: 0 PID: 4676 Comm: ip Tainted: G    B             4.17.0+ #7
[   88.020855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   88.030192] Call Trace:
[   88.032750]  <IRQ>
[   88.034877]  dump_stack+0x185/0x1d0
[   88.038483]  panic+0x3d0/0x990
[   88.041673]  kmsan_report+0x29e/0x2a0
[   88.045449]  __msan_warning_32+0x70/0xc0
[   88.049501]  __list_add_valid+0x1b8/0x450
[   88.053628]  enqueue_task_fair+0xe12/0x4490
[   88.057928]  ? __msan_metadata_ptr_for_store_n+0x10/0x10
[   88.063358]  ? update_load_avg+0x2cc0/0x2cc0
[   88.067744]  try_to_wake_up+0x162f/0x2260
[   88.071869]  wake_up_process+0x34/0x40
[   88.075734]  swake_up+0xfb/0x3b0
[   88.079076]  ? __msan_metadata_ptr_for_store_1+0x13/0x20
[   88.084502]  rcu_report_qs_rnp+0x767/0x880
[   88.088716]  rcu_process_callbacks+0x90a/0x2060
[   88.093364]  ? rcu_scheduler_starting+0xe0/0xe0
[   88.098010]  __do_softirq+0x592/0x979
[   88.101788]  irq_exit+0x202/0x240
[   88.105222]  exiting_irq+0xe/0x10
[   88.108673]  smp_apic_timer_interrupt+0x64/0x90
[   88.113320]  apic_timer_interrupt+0xf/0x20
[   88.117526]  </IRQ>
[   88.119744] RIP: 0010:nla_put+0x160/0x340
[   88.123865] RSP: 0018:ffff8801bcf3ef40 EFLAGS: 00000293 ORIG_RAX: ffffffffffffff13
[   88.131644] RAX: 0000000000000000 RBX: 0000000000000008 RCX: ffff8801b9b99d40
[   88.138889] RDX: 0000000000000000 RSI: aaaaaaaaaaaab000 RDI: 00000000db600085
[   88.146136] RBP: ffff8801bcf3efc0 R08: 0000000000000010 R09: ffff8801bcf66414
[   88.153389] R10: 0000000000000000 R11: ffffffff88b63b00 R12: ffff8801b9b9a618
[   88.160631] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000001aac
[   88.167894]  ? addrconf_rs_timer+0xc70/0xc70
[   88.172283]  rtnl_fill_ifinfo+0x10c4/0x6360
[   88.176583]  ? validate_nla+0x80a/0xe40
[   88.180542]  rtnl_dump_ifinfo+0x13dc/0x1b60
[   88.184844]  ? __msan_metadata_ptr_for_load_4+0x10/0x20
[   88.190183]  ? __kmalloc_node_track_caller+0xf7e/0x11b0
[   88.195537]  ? rtnl_getlink+0xe70/0xe70
[   88.199483]  netlink_dump+0x9b5/0x1550
[   88.203346]  ? try_module_get+0x61/0x3d0
[   88.207383]  __netlink_dump_start+0x1131/0x1270
[   88.212030]  rtnetlink_rcv_msg+0x144d/0x1570
[   88.216412]  ? rtnl_getlink+0xe70/0xe70
[   88.220359]  ? rtnl_getlink+0xe70/0xe70
[   88.224316]  netlink_rcv_skb+0x37e/0x600
[   88.228354]  ? rtnetlink_bind+0x120/0x120
[   88.232479]  rtnetlink_rcv+0x50/0x60
[   88.236169]  netlink_unicast+0x1680/0x1750
[   88.240382]  ? rtnetlink_net_exit+0xa0/0xa0
[   88.244685]  netlink_sendmsg+0x104f/0x1350
[   88.248898]  ? netlink_getsockopt+0xc60/0xc60
[   88.253371]  __sys_sendto+0x6c4/0x7e0
[   88.257153]  __x64_sys_sendto+0x1a1/0x210
[   88.261279]  ? __sys_sendto+0x7e0/0x7e0
[   88.265228]  do_syscall_64+0x15b/0x230
[   88.269093]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   88.274255] RIP: 0033:0x7f722ca53282
[   88.277961] RSP: 002b:00007ffd53b40440 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   88.285643] RAX: ffffffffffffffda RBX: 00000000006395c0 RCX: 00007f722ca53282
[   88.292890] RDX: 000000000000001c RSI: 00007ffd53b40470 RDI: 0000000000000003
[   88.300135] RBP: 0000000000000600 R08: 0000000000000000 R09: 0000000000000000
[   88.307388] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd53b40cb0
[   88.314634] R13: 0000000000000000 R14: 00007ffd53b404c8 R15: 00007ffd53b40cd0
[   89.488229] Shutting down cpus with NMI
[   89.504858] Dumping ftrace buffer:
[   89.508381]    (ftrace buffer empty)
[   89.512071] Kernel Offset: disabled
[   89.515679] Rebooting in 86400 seconds..