[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 29.247512] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 34.326631] random: sshd: uninitialized urandom read (32 bytes read) [ 34.636187] random: sshd: uninitialized urandom read (32 bytes read) [ 35.768015] random: sshd: uninitialized urandom read (32 bytes read) [ 50.728705] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.10.20' (ECDSA) to the list of known hosts. [ 56.167819] random: sshd: uninitialized urandom read (32 bytes read) 2018/05/25 06:49:02 parsed 1 programs 2018/05/25 06:49:02 executed programs: 0 [ 56.693838] IPVS: ftp: loaded support on port[0] = 21 [ 56.701819] IPVS: ftp: loaded support on port[0] = 21 [ 56.724282] IPVS: ftp: loaded support on port[0] = 21 [ 56.743773] IPVS: ftp: loaded support on port[0] = 21 [ 56.755860] IPVS: ftp: loaded support on port[0] = 21 [ 56.767204] IPVS: ftp: loaded support on port[0] = 21 [ 56.768649] IPVS: ftp: loaded support on port[0] = 21 [ 56.776364] IPVS: ftp: loaded support on port[0] = 21 [ 56.937556] ip (4501) used greatest stack depth: 54424 bytes left [ 57.201795] ip (4558) used greatest stack depth: 54056 bytes left [ 57.324166] ================================================================== [ 57.331551] BUG: KMSAN: uninit-value in __list_add_valid+0x1b8/0x450 [ 57.338021] CPU: 0 PID: 4585 Comm: ip Not tainted 4.17.0-rc5+ #102 [ 57.344311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 57.353640] Call Trace: [ 57.356206] dump_stack+0x185/0x1d0 [ 57.359808] ? __list_add_valid+0x1b8/0x450 [ 57.364106] kmsan_report+0x149/0x260 [ 57.367881] __msan_warning_32+0x6e/0xc0 [ 57.371915] __list_add_valid+0x1b8/0x450 [ 57.376039] enqueue_task_fair+0xe02/0x4470 [ 57.380342] ? __msan_metadata_ptr_for_store_2+0x10/0x20 [ 57.385769] ? update_load_avg+0x2cc0/0x2cc0 [ 57.390157] try_to_wake_up+0x1430/0x20b0 [ 57.394282] wake_up_process+0x34/0x40 [ 57.398147] __queue_work+0x1c1d/0x1f20 [ 57.402095] ? kmsan_set_origin_inline+0x6b/0x120 [ 57.406920] queue_work_on+0x1a5/0x1c0 [ 57.410785] netdevice_event+0xc53/0xf10 [ 57.414821] ? del_netdev_ips+0xa0/0xa0 [ 57.418770] ? del_netdev_default_ips_join+0x1e0/0x1e0 [ 57.424020] ? is_eth_port_of_netdev+0x520/0x520 [ 57.428750] ? enum_all_gids_of_dev_cb+0x8f0/0x8f0 [ 57.433654] ? inet6addr_event+0x4c0/0x4c0 [ 57.437861] ? inet6addr_event+0x4c0/0x4c0 [ 57.442160] raw_notifier_call_chain+0x13b/0x250 [ 57.446896] register_netdevice+0x211c/0x26c0 [ 57.451371] veth_newlink+0x1186/0x1480 [ 57.455323] ? alloc_netdev_mqs+0x15ca/0x1740 [ 57.459794] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 57.465219] ? alloc_netdev_mqs+0x16d3/0x1740 [ 57.469692] ? rtnl_create_link+0xe57/0x1050 [ 57.474097] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 57.479433] ? rtnl_create_link+0xf19/0x1050 [ 57.483827] ? veth_validate+0x340/0x340 [ 57.487862] rtnl_newlink+0x272d/0x37a0 [ 57.491808] ? rtnl_newlink+0xca5/0x37a0 [ 57.495843] ? rtnl_newlink+0xb62/0x37a0 [ 57.499882] ? kmsan_set_origin_inline+0x6b/0x120 [ 57.504696] ? __msan_poison_alloca+0x15c/0x1d0 [ 57.509341] ? rcu_all_qs+0x32/0x1f0 [ 57.513037] ? rtnl_setlink+0x770/0x770 [ 57.516992] rtnetlink_rcv_msg+0xa32/0x1560 [ 57.521289] ? do_syscall_64+0x152/0x230 [ 57.525325] ? netlink_sendmsg+0x76e/0x1350 [ 57.529622] ? ___sys_sendmsg+0xec0/0x1310 [ 57.533839] ? __x64_sys_sendmsg+0x331/0x460 [ 57.538220] ? do_syscall_64+0x152/0x230 [ 57.542255] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 57.547595] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 57.552932] ? lookup_fast+0xbf3/0x1780 [ 57.556888] ? kmsan_set_origin_inline+0x6b/0x120 [ 57.561705] ? kmsan_set_origin+0x9e/0x160 [ 57.565913] netlink_rcv_skb+0x378/0x600 [ 57.569950] ? rtnetlink_bind+0x120/0x120 [ 57.574070] rtnetlink_rcv+0x50/0x60 [ 57.577755] netlink_unicast+0x1678/0x1750 [ 57.581965] ? rtnetlink_net_exit+0xa0/0xa0 [ 57.586262] netlink_sendmsg+0x104f/0x1350 [ 57.590471] ? netlink_getsockopt+0xc80/0xc80 [ 57.594942] ___sys_sendmsg+0xec0/0x1310 [ 57.598977] ? __fdget+0x4e/0x60 [ 57.602322] ? __fget_light+0x57/0x700 [ 57.606184] ? __fdget+0x4e/0x60 [ 57.609523] ? __fget_light+0x1dc/0x700 [ 57.613476] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 57.618823] ? __fget_light+0x1f5/0x700 [ 57.622776] __x64_sys_sendmsg+0x331/0x460 [ 57.626987] do_syscall_64+0x152/0x230 [ 57.630850] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 57.636015] RIP: 0033:0x7f072bfe5320 [ 57.639717] RSP: 002b:00007fff65d3f8e8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 57.647399] RAX: ffffffffffffffda RBX: 00007fff65d439e0 RCX: 00007f072bfe5320 [ 57.654644] RDX: 0000000000000000 RSI: 00007fff65d3f920 RDI: 0000000000000003 [ 57.661998] RBP: 00007fff65d3f920 R08: 0000000000000000 R09: 0000000000000006 [ 57.669241] R10: 0000000000000000 R11: 0000000000000246 R12: 000000005b07b1e1 [ 57.676489] R13: 0000000000000000 R14: 00000000006395c0 R15: 00007fff65d441b0 [ 57.683753] [ 57.685353] Uninit was stored to memory at: [ 57.689653] kmsan_internal_chain_origin+0x12b/0x210 [ 57.694731] __msan_chain_origin+0x69/0xc0 [ 57.698941] pick_next_task_fair+0x2464/0x2520 [ 57.703493] pick_next_task+0x1b1/0x410 [ 57.707444] __schedule+0x20b/0x730 [ 57.711045] do_task_dead+0xc8/0xf0 [ 57.714648] do_exit+0x340e/0x38d0 [ 57.718173] do_group_exit+0x1a0/0x360 [ 57.722035] __do_sys_exit_group+0x21/0x30 [ 57.726246] __se_sys_exit_group+0x14/0x20 [ 57.730453] __x64_sys_exit_group+0x4c/0x50 [ 57.734746] do_syscall_64+0x152/0x230 [ 57.738608] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 57.743767] Local variable description: ----flags.i.i.i.i@_raw_spin_lock_irqsave [ 57.751269] Variable was created at: [ 57.754958] _raw_spin_lock_irqsave+0x45/0xf0 [ 57.759427] do_task_dead+0x40/0xf0 [ 57.763023] ================================================================== [ 57.770352] Disabling lock debugging due to kernel taint [ 57.775774] Kernel panic - not syncing: panic_on_warn set ... [ 57.775774] [ 57.783121] CPU: 0 PID: 4585 Comm: ip Tainted: G B 4.17.0-rc5+ #102 [ 57.790798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 57.800559] Call Trace: [ 57.803126] dump_stack+0x185/0x1d0 [ 57.806728] panic+0x39d/0x940 [ 57.809900] ? __list_add_valid+0x1b8/0x450 [ 57.814214] kmsan_report+0x260/0x260 [ 57.817990] __msan_warning_32+0x6e/0xc0 [ 57.822026] __list_add_valid+0x1b8/0x450 [ 57.826152] enqueue_task_fair+0xe02/0x4470 [ 57.830458] ? __msan_metadata_ptr_for_store_2+0x10/0x20 [ 57.835884] ? update_load_avg+0x2cc0/0x2cc0 [ 57.840266] try_to_wake_up+0x1430/0x20b0 [ 57.844996] wake_up_process+0x34/0x40 [ 57.848858] __queue_work+0x1c1d/0x1f20 [ 57.852808] ? kmsan_set_origin_inline+0x6b/0x120 [ 57.857625] queue_work_on+0x1a5/0x1c0 [ 57.861489] netdevice_event+0xc53/0xf10 [ 57.865612] ? del_netdev_ips+0xa0/0xa0 [ 57.869562] ? del_netdev_default_ips_join+0x1e0/0x1e0 [ 57.874818] ? is_eth_port_of_netdev+0x520/0x520 [ 57.879553] ? enum_all_gids_of_dev_cb+0x8f0/0x8f0 [ 57.884455] ? inet6addr_event+0x4c0/0x4c0 [ 57.888661] ? inet6addr_event+0x4c0/0x4c0 [ 57.892873] raw_notifier_call_chain+0x13b/0x250 [ 57.897604] register_netdevice+0x211c/0x26c0 [ 57.902087] veth_newlink+0x1186/0x1480 [ 57.906036] ? alloc_netdev_mqs+0x15ca/0x1740 [ 57.910508] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 57.915930] ? alloc_netdev_mqs+0x16d3/0x1740 [ 57.920400] ? rtnl_create_link+0xe57/0x1050 [ 57.924781] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 57.930121] ? rtnl_create_link+0xf19/0x1050 [ 57.934510] ? veth_validate+0x340/0x340 [ 57.938547] rtnl_newlink+0x272d/0x37a0 [ 57.942494] ? rtnl_newlink+0xca5/0x37a0 [ 57.946531] ? rtnl_newlink+0xb62/0x37a0 [ 57.950576] ? kmsan_set_origin_inline+0x6b/0x120 [ 57.955392] ? __msan_poison_alloca+0x15c/0x1d0 [ 57.960036] ? rcu_all_qs+0x32/0x1f0 [ 57.963732] ? rtnl_setlink+0x770/0x770 [ 57.967681] rtnetlink_rcv_msg+0xa32/0x1560 [ 57.971978] ? do_syscall_64+0x152/0x230 [ 57.976017] ? netlink_sendmsg+0x76e/0x1350 [ 57.980331] ? ___sys_sendmsg+0xec0/0x1310 [ 57.984546] ? __x64_sys_sendmsg+0x331/0x460 [ 57.988928] ? do_syscall_64+0x152/0x230 [ 57.992967] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 57.998307] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 58.003642] ? lookup_fast+0xbf3/0x1780 [ 58.007593] ? kmsan_set_origin_inline+0x6b/0x120 [ 58.012411] ? kmsan_set_origin+0x9e/0x160 [ 58.016620] netlink_rcv_skb+0x378/0x600 [ 58.020658] ? rtnetlink_bind+0x120/0x120 [ 58.024779] rtnetlink_rcv+0x50/0x60 [ 58.028474] netlink_unicast+0x1678/0x1750 [ 58.032687] ? rtnetlink_net_exit+0xa0/0xa0 [ 58.037099] netlink_sendmsg+0x104f/0x1350 [ 58.041312] ? netlink_getsockopt+0xc80/0xc80 [ 58.045782] ___sys_sendmsg+0xec0/0x1310 [ 58.049909] ? __fdget+0x4e/0x60 [ 58.053256] ? __fget_light+0x57/0x700 [ 58.057135] ? __fdget+0x4e/0x60 [ 58.060474] ? __fget_light+0x1dc/0x700 [ 58.064427] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 58.069771] ? __fget_light+0x1f5/0x700 [ 58.073726] __x64_sys_sendmsg+0x331/0x460 [ 58.077941] do_syscall_64+0x152/0x230 [ 58.081808] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 58.087065] RIP: 0033:0x7f072bfe5320 [ 58.090750] RSP: 002b:00007fff65d3f8e8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 58.098434] RAX: ffffffffffffffda RBX: 00007fff65d439e0 RCX: 00007f072bfe5320 [ 58.105852] RDX: 0000000000000000 RSI: 00007fff65d3f920 RDI: 0000000000000003 [ 58.113104] RBP: 00007fff65d3f920 R08: 0000000000000000 R09: 0000000000000006 [ 58.120350] R10: 0000000000000000 R11: 0000000000000246 R12: 000000005b07b1e1 [ 58.127597] R13: 0000000000000000 R14: 00000000006395c0 R15: 00007fff65d441b0 [ 59.292983] Shutting down cpus with NMI [ 59.309152] Dumping ftrace buffer: [ 59.312678] (ftrace buffer empty) [ 59.316368] Kernel Offset: disabled [ 59.319975] Rebooting in 86400 seconds..