[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[   30.831495] random: sshd: uninitialized urandom read (32 bytes read)
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   35.540122] random: sshd: uninitialized urandom read (32 bytes read)
[   36.033377] random: sshd: uninitialized urandom read (32 bytes read)
[   37.184575] random: sshd: uninitialized urandom read (32 bytes read)
[   84.988787] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.0.33' (ECDSA) to the list of known hosts.
[   90.598294] random: sshd: uninitialized urandom read (32 bytes read)
2018/06/10 21:56:45 parsed 1 programs
[   91.882529] random: cc1: uninitialized urandom read (8 bytes read)
2018/06/10 21:56:47 executed programs: 0
[   93.086844] IPVS: ftp: loaded support on port[0] = 21
[   93.087903] IPVS: ftp: loaded support on port[0] = 21
[   93.101740] IPVS: ftp: loaded support on port[0] = 21
[   93.108371] IPVS: ftp: loaded support on port[0] = 21
[   93.108970] IPVS: ftp: loaded support on port[0] = 21
[   93.118517] IPVS: ftp: loaded support on port[0] = 21
[   93.126128] IPVS: ftp: loaded support on port[0] = 21
[   93.141626] IPVS: ftp: loaded support on port[0] = 21
[   93.367526] ip (4550) used greatest stack depth: 54536 bytes left
[   93.711045] ==================================================================
[   93.718437] BUG: KMSAN: uninit-value in __list_add_valid+0x1b8/0x450
[   93.724911] CPU: 1 PID: 4626 Comm: ip Not tainted 4.17.0+ #5
[   93.730680] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   93.740094] Call Trace:
[   93.742650]  <IRQ>
[   93.744782]  dump_stack+0x185/0x1d0
[   93.748387]  kmsan_report+0x188/0x2a0
[   93.752165]  __msan_warning_32+0x70/0xc0
[   93.756201]  __list_add_valid+0x1b8/0x450
[   93.760327]  enqueue_task_fair+0xe12/0x4490
[   93.764690]  ? __msan_metadata_ptr_for_load_1+0x10/0x20
[   93.770029]  ? update_load_avg+0x2cc0/0x2cc0
[   93.774417]  try_to_wake_up+0x162f/0x2260
[   93.778559]  wake_up_process+0x34/0x40
[   93.782425]  process_timeout+0x59/0x70
[   93.786290]  call_timer_fn+0x280/0x5d0
[   93.790151]  ? run_local_timers+0x100/0x100
[   93.794447]  __run_timers+0xd96/0x11b0
[   93.798326]  ? run_local_timers+0x100/0x100
[   93.802675]  ? irq_exit+0x202/0x240
[   93.806279]  ? run_timer_softirq+0x14/0x70
[   93.810576]  ? timers_dead_cpu+0x1010/0x1010
[   93.814957]  run_timer_softirq+0x43/0x70
[   93.818994]  __do_softirq+0x592/0x979
[   93.822770]  irq_exit+0x202/0x240
[   93.826199]  exiting_irq+0xe/0x10
[   93.829644]  smp_apic_timer_interrupt+0x64/0x90
[   93.834288]  apic_timer_interrupt+0xf/0x20
[   93.838502]  </IRQ>
[   93.840724] RIP: 0010:kmsan_kmalloc+0xc6/0x100
[   93.845278] RSP: 0018:ffff88019ec4fc60 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13
[   93.852959] RAX: 0000000000000246 RBX: ffff8801d86adc00 RCX: 000000000000002b
[   93.860215] RDX: 000000000000002a RSI: ffffea000b128128 RDI: ffff8801d86adc00
[   93.867460] RBP: ffff88019ec4fca0 R08: 00000000010000c0 R09: 0000000000000003
[   93.874715] R10: 0000000000000002 R11: ffffffff81c9aa40 R12: ffff88021f00dc80
[   93.881962] R13: ffff8801a7979d40 R14: 00000000000000a8 R15: 00000000014000c0
[   93.889213]  ? __ia32_sys_faccessat+0x120/0x120
[   93.893861]  kmsan_slab_alloc+0x10/0x20
[   93.897809]  kmem_cache_alloc+0x68c/0xb70
[   93.901935]  ? prepare_creds+0x65/0x5e0
[   93.905885]  prepare_creds+0x65/0x5e0
[   93.909660]  ? do_faccessat+0x94/0xbc0
[   93.913537]  ? __x64_sys_access+0x9c/0xd0
[   93.917670]  ? __x64_sys_access+0x9c/0xd0
[   93.921795]  do_faccessat+0xed/0xbc0
[   93.925486]  ? kmsan_set_origin_inline+0x6b/0x120
[   93.930301]  ? __msan_poison_alloca+0x15c/0x1d0
[   93.934944]  __x64_sys_access+0x9c/0xd0
[   93.938890]  ? __ia32_sys_faccessat+0x120/0x120
[   93.943534]  do_syscall_64+0x15b/0x230
[   93.947401]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   93.952578] RIP: 0033:0x7f8f03a1a267
[   93.956261] RSP: 002b:00007ffceff87f98 EFLAGS: 00000246 ORIG_RAX: 0000000000000015
[   93.963942] RAX: ffffffffffffffda RBX: 00000000004032f9 RCX: 00007f8f03a1a267
[   93.971186] RDX: 000000000000001d RSI: 0000000000000000 RDI: 00007f8f03a1e2e6
[   93.978431] RBP: 00007f8f03c1d000 R08: 00007f8f03c25570 R09: 0000000000000000
[   93.985675] R10: 000000006ffffeff R11: 0000000000000246 R12: 00007f8f03c251c8
[   93.992918] R13: 00007f8f03c1d718 R14: 00000000000033ef R15: 00007f8f03c25570
[   94.000163] 
[   94.001763] Uninit was stored to memory at:
[   94.006062]  kmsan_internal_chain_origin+0x12b/0x210
[   94.011224]  __msan_chain_origin+0x69/0xc0
[   94.015434]  pick_next_task_fair+0x2474/0x2530
[   94.020000]  pick_next_task+0x1ba/0x420
[   94.023951]  __schedule+0x20f/0x770
[   94.027555]  do_task_dead+0xc8/0xf0
[   94.031156]  do_exit+0x347e/0x3930
[   94.034672]  do_group_exit+0x1a0/0x360
[   94.038542]  __do_sys_exit_group+0x21/0x30
[   94.042754]  __se_sys_exit_group+0x14/0x20
[   94.046969]  __x64_sys_exit_group+0x4c/0x50
[   94.051270]  do_syscall_64+0x15b/0x230
[   94.055134]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   94.060295] Local variable description: ----tlb.i@ldt_arch_exit_mmap
[   94.066756] Variable was created at:
[   94.070443]  ldt_arch_exit_mmap+0x46/0x160
[   94.074652]  exit_mmap+0x410/0x980
[   94.078161] ==================================================================
[   94.085500] Disabling lock debugging due to kernel taint
[   94.090924] Kernel panic - not syncing: panic_on_warn set ...
[   94.090924] 
[   94.098262] CPU: 1 PID: 4626 Comm: ip Tainted: G    B             4.17.0+ #5
[   94.105419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   94.114746] Call Trace:
[   94.117309]  <IRQ>
[   94.119438]  dump_stack+0x185/0x1d0
[   94.123049]  panic+0x3d0/0x990
[   94.126224]  kmsan_report+0x29e/0x2a0
[   94.129998]  __msan_warning_32+0x70/0xc0
[   94.134032]  __list_add_valid+0x1b8/0x450
[   94.138164]  enqueue_task_fair+0xe12/0x4490
[   94.142462]  ? __msan_metadata_ptr_for_load_1+0x10/0x20
[   94.147804]  ? update_load_avg+0x2cc0/0x2cc0
[   94.152195]  try_to_wake_up+0x162f/0x2260
[   94.156407]  wake_up_process+0x34/0x40
[   94.160287]  process_timeout+0x59/0x70
[   94.164170]  call_timer_fn+0x280/0x5d0
[   94.168056]  ? run_local_timers+0x100/0x100
[   94.172385]  __run_timers+0xd96/0x11b0
[   94.176287]  ? run_local_timers+0x100/0x100
[   94.180626]  ? irq_exit+0x202/0x240
[   94.184233]  ? run_timer_softirq+0x14/0x70
[   94.188443]  ? timers_dead_cpu+0x1010/0x1010
[   94.192835]  run_timer_softirq+0x43/0x70
[   94.196882]  __do_softirq+0x592/0x979
[   94.200671]  irq_exit+0x202/0x240
[   94.204189]  exiting_irq+0xe/0x10
[   94.207618]  smp_apic_timer_interrupt+0x64/0x90
[   94.212260]  apic_timer_interrupt+0xf/0x20
[   94.216477]  </IRQ>
[   94.218692] RIP: 0010:kmsan_kmalloc+0xc6/0x100
[   94.223254] RSP: 0018:ffff88019ec4fc60 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13
[   94.230936] RAX: 0000000000000246 RBX: ffff8801d86adc00 RCX: 000000000000002b
[   94.238201] RDX: 000000000000002a RSI: ffffea000b128128 RDI: ffff8801d86adc00
[   94.245448] RBP: ffff88019ec4fca0 R08: 00000000010000c0 R09: 0000000000000003
[   94.252781] R10: 0000000000000002 R11: ffffffff81c9aa40 R12: ffff88021f00dc80
[   94.260025] R13: ffff8801a7979d40 R14: 00000000000000a8 R15: 00000000014000c0
[   94.267364]  ? __ia32_sys_faccessat+0x120/0x120
[   94.272019]  kmsan_slab_alloc+0x10/0x20
[   94.275968]  kmem_cache_alloc+0x68c/0xb70
[   94.280092]  ? prepare_creds+0x65/0x5e0
[   94.284044]  prepare_creds+0x65/0x5e0
[   94.287826]  ? do_faccessat+0x94/0xbc0
[   94.291689]  ? __x64_sys_access+0x9c/0xd0
[   94.295811]  ? __x64_sys_access+0x9c/0xd0
[   94.299931]  do_faccessat+0xed/0xbc0
[   94.303623]  ? kmsan_set_origin_inline+0x6b/0x120
[   94.308442]  ? __msan_poison_alloca+0x15c/0x1d0
[   94.313108]  __x64_sys_access+0x9c/0xd0
[   94.317080]  ? __ia32_sys_faccessat+0x120/0x120
[   94.321741]  do_syscall_64+0x15b/0x230
[   94.325707]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   94.330874] RIP: 0033:0x7f8f03a1a267
[   94.334573] RSP: 002b:00007ffceff87f98 EFLAGS: 00000246 ORIG_RAX: 0000000000000015
[   94.342253] RAX: ffffffffffffffda RBX: 00000000004032f9 RCX: 00007f8f03a1a267
[   94.349499] RDX: 000000000000001d RSI: 0000000000000000 RDI: 00007f8f03a1e2e6
[   94.356744] RBP: 00007f8f03c1d000 R08: 00007f8f03c25570 R09: 0000000000000000
[   94.363989] R10: 000000006ffffeff R11: 0000000000000246 R12: 00007f8f03c251c8
[   94.371242] R13: 00007f8f03c1d718 R14: 00000000000033ef R15: 00007f8f03c25570
[   95.469980] Shutting down cpus with NMI
[   95.486243] Dumping ftrace buffer:
[   95.489802]    (ftrace buffer empty)
[   95.493508] Kernel Offset: disabled
[   95.497115] Rebooting in 86400 seconds..