[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 32.387077] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 36.361111] random: sshd: uninitialized urandom read (32 bytes read) [ 36.968861] random: sshd: uninitialized urandom read (32 bytes read) [ 38.193823] random: sshd: uninitialized urandom read (32 bytes read) [ 38.415804] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.10.7' (ECDSA) to the list of known hosts. [ 43.985371] random: sshd: uninitialized urandom read (32 bytes read) executing program [ 44.108605] ================================================================== [ 44.115998] BUG: KMSAN: uninit-value in move_addr_to_user+0x32e/0x530 [ 44.122557] CPU: 0 PID: 4549 Comm: syz-executor287 Not tainted 4.17.0-rc3+ #88 [ 44.129895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 44.139233] Call Trace: [ 44.141822] dump_stack+0x185/0x1d0 [ 44.145446] ? kmsan_internal_check_memory+0x116/0x1e0 [ 44.150707] kmsan_report+0x142/0x240 [ 44.154493] kmsan_internal_check_memory+0x135/0x1e0 [ 44.159581] kmsan_copy_to_user+0x69/0x160 [ 44.163802] move_addr_to_user+0x32e/0x530 [ 44.168023] ___sys_recvmsg+0x4e2/0x810 [ 44.171987] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 44.177328] ? __fget_light+0x6b9/0x710 [ 44.181282] __x64_sys_recvmsg+0x325/0x460 [ 44.185507] do_syscall_64+0x154/0x220 [ 44.189377] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 44.194543] RIP: 0033:0x4455e9 [ 44.197709] RSP: 002b:00007fe3bd36ddb8 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 44.205394] RAX: ffffffffffffffda RBX: 00000000006dac24 RCX: 00000000004455e9 [ 44.212640] RDX: 0000000000002002 RSI: 0000000020000400 RDI: 0000000000000003 [ 44.219890] RBP: 00000000006dac20 R08: 0000000000000000 R09: 0000000000000000 [ 44.227136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 44.234382] R13: 00007fff98ce4b6f R14: 00007fe3bd36e9c0 R15: 0000000000000003 [ 44.241631] [ 44.243237] Local variable description: ----addr@___sys_recvmsg [ 44.249267] Variable was created at: [ 44.252958] ___sys_recvmsg+0xd5/0x810 [ 44.256819] __x64_sys_recvmsg+0x325/0x460 [ 44.261026] [ 44.262635] Byte 19 of 32 is uninitialized [ 44.266839] ================================================================== [ 44.274171] Disabling lock debugging due to kernel taint [ 44.279595] Kernel panic - not syncing: panic_on_warn set ... [ 44.279595] [ 44.286936] CPU: 0 PID: 4549 Comm: syz-executor287 Tainted: G B 4.17.0-rc3+ #88 [ 44.295658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 44.304984] Call Trace: [ 44.307553] dump_stack+0x185/0x1d0 [ 44.311167] panic+0x39d/0x940 [ 44.314357] ? kmsan_internal_check_memory+0x116/0x1e0 [ 44.319610] kmsan_report+0x238/0x240 [ 44.323388] kmsan_internal_check_memory+0x135/0x1e0 [ 44.328470] kmsan_copy_to_user+0x69/0x160 [ 44.332687] move_addr_to_user+0x32e/0x530 [ 44.336989] ___sys_recvmsg+0x4e2/0x810 [ 44.340948] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 44.346287] ? __fget_light+0x6b9/0x710 [ 44.350240] __x64_sys_recvmsg+0x325/0x460 [ 44.354453] do_syscall_64+0x154/0x220 [ 44.358319] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 44.363481] RIP: 0033:0x4455e9 [ 44.366647] RSP: 002b:00007fe3bd36ddb8 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 44.374341] RAX: ffffffffffffffda RBX: 00000000006dac24 RCX: 00000000004455e9 [ 44.381585] RDX: 0000000000002002 RSI: 0000000020000400 RDI: 0000000000000003 [ 44.388838] RBP: 00000000006dac20 R08: 0000000000000000 R09: 0000000000000000 [ 44.396089] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 44.403335] R13: 00007fff98ce4b6f R14: 00007fe3bd36e9c0 R15: 0000000000000003 [ 44.411043] Dumping ftrace buffer: [ 44.414573] (ftrace buffer empty) [ 44.418255] Kernel Offset: disabled [ 44.421855] Rebooting in 86400 seconds..