[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 28.522364] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 31.161296] random: sshd: uninitialized urandom read (32 bytes read) [ 31.541658] random: sshd: uninitialized urandom read (32 bytes read) [ 32.626516] random: sshd: uninitialized urandom read (32 bytes read) [ 32.840215] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.10.46' (ECDSA) to the list of known hosts. [ 38.347506] random: sshd: uninitialized urandom read (32 bytes read) 2018/05/27 20:54:42 parsed 1 programs 2018/05/27 20:54:42 executed programs: 0 [ 38.957938] IPVS: ftp: loaded support on port[0] = 21 [ 39.128982] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.135443] bridge0: port 1(bridge_slave_0) entered disabled state [ 39.142779] device bridge_slave_0 entered promiscuous mode [ 39.163831] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.170278] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.177616] device bridge_slave_1 entered promiscuous mode [ 39.198331] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 39.219659] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 39.263223] ip (4509) used greatest stack depth: 54312 bytes left [ 39.279541] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 39.303098] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 39.391688] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 39.399208] team0: Port device team_slave_0 added [ 39.419092] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 39.426609] team0: Port device team_slave_1 added [ 39.447297] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 39.470660] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 39.493743] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 39.517271] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 39.699508] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.705945] bridge0: port 2(bridge_slave_1) entered forwarding state [ 39.712747] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.719166] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.384184] 8021q: adding VLAN 0 to HW filter on device bond0 [ 40.451553] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 40.517164] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 40.523442] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 40.530936] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 40.594264] 8021q: adding VLAN 0 to HW filter on device team0 [ 40.986465] ================================================================== [ 40.994066] BUG: KMSAN: uninit-value in copy_siginfo_to_user+0x383/0x1270 [ 41.001010] CPU: 1 PID: 4719 Comm: syz-executor0 Not tainted 4.17.0-rc5+ #102 [ 41.008278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 41.017619] Call Trace: [ 41.020207] dump_stack+0x185/0x1d0 [ 41.023832] ? copy_siginfo_to_user+0x383/0x1270 [ 41.028754] kmsan_report+0x149/0x260 [ 41.032550] __msan_warning_32+0x6e/0xc0 [ 41.036619] copy_siginfo_to_user+0x383/0x1270 [ 41.041200] ? kmsan_internal_unpoison_shadow+0x83/0xe0 [ 41.046555] ptrace_request+0x1d6a/0x20e0 [ 41.050681] ? __msan_poison_alloca+0x15c/0x1d0 [ 41.055340] ? wait_task_inactive+0x21b/0x990 [ 41.059818] ? _raw_spin_lock_irqsave+0x45/0xf0 [ 41.064470] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 41.069916] ? wait_task_inactive+0x7df/0x990 [ 41.074395] arch_ptrace+0x1f6/0x1230 [ 41.078187] ? ptrace_check_attach+0x182/0x5e0 [ 41.082749] __se_sys_ptrace+0x309/0x850 [ 41.086797] __x64_sys_ptrace+0x11e/0x170 [ 41.090941] do_syscall_64+0x152/0x230 [ 41.094821] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 41.099997] RIP: 0033:0x455a09 [ 41.103182] RSP: 002b:00007ffd2def6b18 EFLAGS: 00000246 ORIG_RAX: 0000000000000065 [ 41.110872] RAX: ffffffffffffffda RBX: 00000000026ff914 RCX: 0000000000455a09 [ 41.118129] RDX: 0000000000730004 RSI: 0000000000000001 RDI: 0000000000004209 [ 41.125393] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 41.132640] R10: 0000000020000000 R11: 0000000000000246 R12: 00000000ffffffff [ 41.139898] R13: 000000000000052c R14: 00000000006fbcc0 R15: 000000000000a335 [ 41.147156] [ 41.148758] Local variable description: ----kiov@ptrace_request [ 41.154789] Variable was created at: [ 41.158486] ptrace_request+0x194/0x20e0 [ 41.162526] arch_ptrace+0x1f6/0x1230 [ 41.166301] ================================================================== [ 41.173647] Disabling lock debugging due to kernel taint [ 41.179083] Kernel panic - not syncing: panic_on_warn set ... [ 41.179083] [ 41.186444] CPU: 1 PID: 4719 Comm: syz-executor0 Tainted: G B 4.17.0-rc5+ #102 [ 41.195084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 41.204423] Call Trace: [ 41.207007] dump_stack+0x185/0x1d0 [ 41.210639] panic+0x39d/0x940 [ 41.213822] ? copy_siginfo_to_user+0x383/0x1270 [ 41.218561] kmsan_report+0x260/0x260 [ 41.222346] __msan_warning_32+0x6e/0xc0 [ 41.226388] copy_siginfo_to_user+0x383/0x1270 [ 41.230951] ? kmsan_internal_unpoison_shadow+0x83/0xe0 [ 41.236310] ptrace_request+0x1d6a/0x20e0 [ 41.240439] ? __msan_poison_alloca+0x15c/0x1d0 [ 41.245091] ? wait_task_inactive+0x21b/0x990 [ 41.249570] ? _raw_spin_lock_irqsave+0x45/0xf0 [ 41.254221] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 41.259664] ? wait_task_inactive+0x7df/0x990 [ 41.264146] arch_ptrace+0x1f6/0x1230 [ 41.267930] ? ptrace_check_attach+0x182/0x5e0 [ 41.272496] __se_sys_ptrace+0x309/0x850 [ 41.276542] __x64_sys_ptrace+0x11e/0x170 [ 41.280689] do_syscall_64+0x152/0x230 [ 41.284572] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 41.289747] RIP: 0033:0x455a09 [ 41.292920] RSP: 002b:00007ffd2def6b18 EFLAGS: 00000246 ORIG_RAX: 0000000000000065 [ 41.300610] RAX: ffffffffffffffda RBX: 00000000026ff914 RCX: 0000000000455a09 [ 41.307864] RDX: 0000000000730004 RSI: 0000000000000001 RDI: 0000000000004209 [ 41.315136] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 41.322388] R10: 0000000020000000 R11: 0000000000000246 R12: 00000000ffffffff [ 41.329637] R13: 000000000000052c R14: 00000000006fbcc0 R15: 000000000000a335 [ 41.337368] Dumping ftrace buffer: [ 41.340899] (ftrace buffer empty) [ 41.344594] Kernel Offset: disabled [ 41.348199] Rebooting in 86400 seconds..