[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[   27.824532] random: sshd: uninitialized urandom read (32 bytes read)
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   31.194555] random: sshd: uninitialized urandom read (32 bytes read)
[   31.509472] random: sshd: uninitialized urandom read (32 bytes read)
[   32.583526] random: sshd: uninitialized urandom read (32 bytes read)
[  795.888273] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.10.31' (ECDSA) to the list of known hosts.
[  801.425703] random: sshd: uninitialized urandom read (32 bytes read)
2018/05/20 21:27:39 parsed 1 programs
2018/05/20 21:27:39 executed programs: 0
[  802.040132] IPVS: ftp: loaded support on port[0] = 21
[  802.173899] ip (4489) used greatest stack depth: 54344 bytes left
[  802.224082] bridge0: port 1(bridge_slave_0) entered blocking state
[  802.230519] bridge0: port 1(bridge_slave_0) entered disabled state
[  802.238163] device bridge_slave_0 entered promiscuous mode
[  802.260436] bridge0: port 2(bridge_slave_1) entered blocking state
[  802.266897] bridge0: port 2(bridge_slave_1) entered disabled state
[  802.274658] device bridge_slave_1 entered promiscuous mode
[  802.296838] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  802.320483] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  802.381399] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  802.406411] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  802.512756] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  802.520115] team0: Port device team_slave_0 added
[  802.541918] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  802.549562] team0: Port device team_slave_1 added
[  802.571828] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  802.597520] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  802.620794] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  802.644175] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  802.825097] bridge0: port 2(bridge_slave_1) entered blocking state
[  802.831534] bridge0: port 2(bridge_slave_1) entered forwarding state
[  802.838275] bridge0: port 1(bridge_slave_0) entered blocking state
[  802.844682] bridge0: port 1(bridge_slave_0) entered forwarding state
[  802.974621] ip (4574) used greatest stack depth: 54152 bytes left
[  803.510623] 8021q: adding VLAN 0 to HW filter on device bond0
[  803.576098] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  803.639655] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  803.647641] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  803.656153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  803.719759] 8021q: adding VLAN 0 to HW filter on device team0
[  804.126150] capability: warning: `syz-executor0' uses 32-bit capabilities (legacy support in use)
2018/05/20 21:27:44 executed programs: 130
2018/05/20 21:27:49 executed programs: 352
2018/05/20 21:27:54 executed programs: 576
2018/05/20 21:27:59 executed programs: 798
2018/05/20 21:28:04 executed programs: 1018
2018/05/20 21:28:09 executed programs: 1237
2018/05/20 21:28:14 executed programs: 1455
2018/05/20 21:28:19 executed programs: 1675
2018/05/20 21:28:24 executed programs: 1895
2018/05/20 21:28:29 executed programs: 2118
2018/05/20 21:28:34 executed programs: 2339
2018/05/20 21:28:39 executed programs: 2557
[  862.409271] ==================================================================
[  862.416911] BUG: KMSAN: uninit-value in update_cfs_rq_load_avg+0x1380/0x1ad0
[  862.424121] CPU: 0 PID: 4476 Comm: syz-executor0 Not tainted 4.17.0-rc5+ #101
[  862.431380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  862.440719] Call Trace:
[  862.443335]  dump_stack+0x185/0x1d0
[  862.446953]  ? update_cfs_rq_load_avg+0x1380/0x1ad0
[  862.451970]  kmsan_report+0x149/0x260
[  862.455762]  __msan_warning_32+0x6e/0xc0
[  862.459811]  update_cfs_rq_load_avg+0x1380/0x1ad0
[  862.464658]  update_load_avg+0xe5e/0x2d00
[  862.468800]  dequeue_task_fair+0x29d8/0x32f0
[  862.473198]  ? rb_insert_color+0xe79/0x1300
[  862.477511]  ? enqueue_task_fair+0x4470/0x4470
[  862.482084]  deactivate_task+0x50a/0x780
[  862.486187]  __schedule+0x164/0x730
[  862.489807]  ? schedule+0x1cc/0x2f0
[  862.493425]  schedule+0x1cc/0x2f0
[  862.496867]  do_nanosleep+0x2c3/0x9b0
[  862.500661]  __se_sys_nanosleep+0x41a/0x6a0
[  862.504983]  ? hrtimer_init_sleeper+0xc0/0xc0
[  862.509474]  __x64_sys_nanosleep+0x92/0xc0
[  862.513698]  do_syscall_64+0x154/0x220
[  862.517578]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  862.522753] RIP: 0033:0x481110
[  862.526099] RSP: 002b:00007fff92708e18 EFLAGS: 00000246 ORIG_RAX: 0000000000000023
[  862.533855] RAX: ffffffffffffffda RBX: 0000000000000a06 RCX: 0000000000481110
[  862.541111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007fff92708e20
[  862.548375] RBP: 00000000000d28c4 R08: 0000000000000001 R09: 0000000000a87940
[  862.555634] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  862.562894] R13: 0000000000000006 R14: 0000000000001e9f R15: 00000000000d28b9
[  862.570153] 
[  862.571761] Uninit was stored to memory at:
[  862.576124]  kmsan_internal_chain_origin+0x12b/0x210
[  862.581218]  __msan_chain_origin+0x69/0xc0
[  862.585451]  reweight_entity+0x1610/0x1a30
[  862.589713]  task_tick_fair+0x5f8/0x1050
[  862.593768]  scheduler_tick+0x288/0x480
[  862.597729]  update_process_times+0x157/0x1a0
[  862.602221]  tick_sched_timer+0x3ba/0x520
[  862.606443]  __hrtimer_run_queues+0xc03/0x15d0
[  862.611016]  hrtimer_interrupt+0x451/0x13c0
[  862.615333]  local_apic_timer_interrupt+0x66/0x230
[  862.620329]  smp_apic_timer_interrupt+0x5a/0x90
[  862.624982] Uninit was stored to memory at:
[  862.629312]  kmsan_internal_chain_origin+0x12b/0x210
[  862.634404]  __msan_chain_origin+0x69/0xc0
[  862.638627]  reweight_entity+0x1456/0x1a30
[  862.642855]  task_tick_fair+0x5f8/0x1050
[  862.646906]  scheduler_tick+0x288/0x480
[  862.650868]  update_process_times+0x157/0x1a0
[  862.655351]  tick_sched_timer+0x3ba/0x520
[  862.659494]  __hrtimer_run_queues+0xc03/0x15d0
[  862.664066]  hrtimer_interrupt+0x451/0x13c0
[  862.668393]  local_apic_timer_interrupt+0x66/0x230
[  862.673424]  smp_apic_timer_interrupt+0x5a/0x90
[  862.678077] Uninit was stored to memory at:
[  862.682396]  kmsan_internal_chain_origin+0x12b/0x210
[  862.687487]  __msan_chain_origin+0x69/0xc0
[  862.691719]  reweight_entity+0x128b/0x1a30
[  862.695941]  enqueue_task_fair+0x40b7/0x4470
[  862.700345]  try_to_wake_up+0x13c0/0x2090
[  862.704486]  wake_up_process+0x34/0x40
[  862.708363]  hrtimer_wakeup+0xac/0x100
[  862.712238]  __hrtimer_run_queues+0xc03/0x15d0
[  862.716817]  hrtimer_interrupt+0x451/0x13c0
[  862.721138]  local_apic_timer_interrupt+0x66/0x230
[  862.726063]  smp_apic_timer_interrupt+0x5a/0x90
[  862.730805] Local variable description: ----ac@__alloc_pages_nodemask
[  862.737364] Variable was created at:
[  862.741069]  __alloc_pages_nodemask+0x196/0x5dd0
[  862.745814]  alloc_pages_current+0x6b5/0x970
[  862.750206] ==================================================================
[  862.757586] Disabling lock debugging due to kernel taint
[  862.763025] Kernel panic - not syncing: panic_on_warn set ...
[  862.763025] 
[  862.770385] CPU: 0 PID: 4476 Comm: syz-executor0 Tainted: G    B             4.17.0-rc5+ #101
[  862.779045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  862.788387] Call Trace:
[  862.790971]  dump_stack+0x185/0x1d0
[  862.794590]  panic+0x39d/0x940
[  862.797784]  ? update_cfs_rq_load_avg+0x1380/0x1ad0
[  862.802790]  kmsan_report+0x260/0x260
[  862.806580]  __msan_warning_32+0x6e/0xc0
[  862.810635]  update_cfs_rq_load_avg+0x1380/0x1ad0
[  862.815471]  update_load_avg+0xe5e/0x2d00
[  862.819615]  dequeue_task_fair+0x29d8/0x32f0
[  862.824017]  ? rb_insert_color+0xe79/0x1300
[  862.828343]  ? enqueue_task_fair+0x4470/0x4470
[  862.832926]  deactivate_task+0x50a/0x780
[  862.836982]  __schedule+0x164/0x730
[  862.840596]  ? schedule+0x1cc/0x2f0
[  862.844213]  schedule+0x1cc/0x2f0
[  862.847652]  do_nanosleep+0x2c3/0x9b0
[  862.851444]  __se_sys_nanosleep+0x41a/0x6a0
[  862.855760]  ? hrtimer_init_sleeper+0xc0/0xc0
[  862.860251]  __x64_sys_nanosleep+0x92/0xc0
[  862.864476]  do_syscall_64+0x154/0x220
[  862.868355]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  862.873535] RIP: 0033:0x481110
[  862.876731] RSP: 002b:00007fff92708e18 EFLAGS: 00000246 ORIG_RAX: 0000000000000023
[  862.884437] RAX: ffffffffffffffda RBX: 0000000000000a06 RCX: 0000000000481110
[  862.891713] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007fff92708e20
[  862.898975] RBP: 00000000000d28c4 R08: 0000000000000001 R09: 0000000000a87940
[  862.906242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  862.913503] R13: 0000000000000006 R14: 0000000000001e9f R15: 00000000000d28b9
[  864.042995] Shutting down cpus with NMI
[  864.058685] Dumping ftrace buffer:
[  864.062235]    (ftrace buffer empty)
[  864.065932] Kernel Offset: disabled
[  864.069551] Rebooting in 86400 seconds..