[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 31.022426] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 35.800917] random: sshd: uninitialized urandom read (32 bytes read) [ 36.219722] random: sshd: uninitialized urandom read (32 bytes read) [ 37.356683] random: sshd: uninitialized urandom read (32 bytes read) [ 44.196284] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.49' (ECDSA) to the list of known hosts. [ 49.731991] random: sshd: uninitialized urandom read (32 bytes read) 2018/06/04 01:32:53 parsed 1 programs 2018/06/04 01:32:53 executed programs: 0 [ 50.272831] IPVS: ftp: loaded support on port[0] = 21 [ 50.295738] IPVS: ftp: loaded support on port[0] = 21 [ 50.306767] IPVS: ftp: loaded support on port[0] = 21 [ 50.310840] IPVS: ftp: loaded support on port[0] = 21 [ 50.323470] IPVS: ftp: loaded support on port[0] = 21 [ 50.330686] IPVS: ftp: loaded support on port[0] = 21 [ 50.334074] IPVS: ftp: loaded support on port[0] = 21 [ 50.368798] IPVS: ftp: loaded support on port[0] = 21 [ 50.535891] ip (4507) used greatest stack depth: 54520 bytes left [ 50.669107] ================================================================== [ 50.676523] BUG: KMSAN: uninit-value in __list_add_valid+0x1b8/0x450 [ 50.683004] CPU: 1 PID: 4544 Comm: sh Not tainted 4.17.0-rc5+ #103 [ 50.689294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 50.698634] Call Trace: [ 50.701199] dump_stack+0x185/0x1d0 [ 50.704801] ? __list_add_valid+0x1b8/0x450 [ 50.709099] kmsan_report+0x149/0x260 [ 50.712876] __msan_warning_32+0x6e/0xc0 [ 50.716926] __list_add_valid+0x1b8/0x450 [ 50.721051] pick_next_task_fair+0x2200/0x2520 [ 50.725611] pick_next_task+0x1b1/0x410 [ 50.729562] __schedule+0x20b/0x730 [ 50.733163] ? _cond_resched+0x5e/0xd0 [ 50.737025] _cond_resched+0x5e/0xd0 [ 50.740712] kmem_cache_alloc+0xf5/0xb90 [ 50.744758] ? prepare_creds+0x65/0x5e0 [ 50.748717] ? __msan_poison_alloca+0x15c/0x1d0 [ 50.753359] prepare_creds+0x65/0x5e0 [ 50.757135] ? copy_creds+0x53/0x910 [ 50.760833] copy_creds+0x133/0x910 [ 50.764437] copy_process+0x1276/0x9bc0 [ 50.768396] ? kmsan_set_origin_inline+0x6b/0x120 [ 50.773218] ? __msan_poison_alloca+0x15c/0x1d0 [ 50.777863] ? cp_new_stat+0x327/0x9b0 [ 50.781726] ? __msan_poison_alloca+0xb1/0x1d0 [ 50.786285] _do_fork+0x311/0xf00 [ 50.789715] __x64_sys_clone+0x15e/0x1b0 [ 50.793759] do_syscall_64+0x152/0x230 [ 50.797624] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 50.802786] RIP: 0033:0x7fc1bc91ef46 [ 50.806471] RSP: 002b:00007fff04bfe7e0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 50.814156] RAX: ffffffffffffffda RBX: 00007fff04bfe7e0 RCX: 00007fc1bc91ef46 [ 50.821402] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 50.828655] RBP: 00007fff04bfe820 R08: 0000000000000000 R09: 0000000000000008 [ 50.835903] R10: 00007fc1bce159d0 R11: 0000000000000246 R12: 0000000000000000 [ 50.843148] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 50.850395] [ 50.851994] Uninit was stored to memory at: [ 50.856296] kmsan_internal_chain_origin+0x12b/0x210 [ 50.861383] __msan_chain_origin+0x69/0xc0 [ 50.865590] pick_next_task_fair+0x2464/0x2520 [ 50.870145] pick_next_task+0x1b1/0x410 [ 50.874095] __schedule+0x20b/0x730 [ 50.877698] do_task_dead+0xc8/0xf0 [ 50.881303] do_exit+0x340e/0x38d0 [ 50.884816] do_group_exit+0x1a0/0x360 [ 50.888676] __do_sys_exit_group+0x21/0x30 [ 50.892884] __se_sys_exit_group+0x14/0x20 [ 50.897092] __x64_sys_exit_group+0x4c/0x50 [ 50.901387] do_syscall_64+0x152/0x230 [ 50.905252] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 50.910412] Local variable description: ----tlb.i@ldt_arch_exit_mmap [ 50.916871] Variable was created at: [ 50.920572] ldt_arch_exit_mmap+0x46/0x160 [ 50.924788] exit_mmap+0x3ef/0x970 [ 50.928298] ================================================================== [ 50.935630] Disabling lock debugging due to kernel taint [ 50.941053] Kernel panic - not syncing: panic_on_warn set ... [ 50.941053] [ 50.948398] CPU: 1 PID: 4544 Comm: sh Tainted: G B 4.17.0-rc5+ #103 [ 50.956076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 50.965404] Call Trace: [ 50.967972] dump_stack+0x185/0x1d0 [ 50.971572] panic+0x39d/0x940 [ 50.974749] ? __list_add_valid+0x1b8/0x450 [ 50.979049] kmsan_report+0x260/0x260 [ 50.982836] __msan_warning_32+0x6e/0xc0 [ 50.986873] __list_add_valid+0x1b8/0x450 [ 50.991006] pick_next_task_fair+0x2200/0x2520 [ 50.995578] pick_next_task+0x1b1/0x410 [ 50.999530] __schedule+0x20b/0x730 [ 51.003132] ? _cond_resched+0x5e/0xd0 [ 51.006997] _cond_resched+0x5e/0xd0 [ 51.010696] kmem_cache_alloc+0xf5/0xb90 [ 51.014731] ? prepare_creds+0x65/0x5e0 [ 51.018682] ? __msan_poison_alloca+0x15c/0x1d0 [ 51.023324] prepare_creds+0x65/0x5e0 [ 51.027108] ? copy_creds+0x53/0x910 [ 51.030794] copy_creds+0x133/0x910 [ 51.034409] copy_process+0x1276/0x9bc0 [ 51.038367] ? kmsan_set_origin_inline+0x6b/0x120 [ 51.043183] ? __msan_poison_alloca+0x15c/0x1d0 [ 51.047828] ? cp_new_stat+0x327/0x9b0 [ 51.051693] ? __msan_poison_alloca+0xb1/0x1d0 [ 51.056254] _do_fork+0x311/0xf00 [ 51.059684] __x64_sys_clone+0x15e/0x1b0 [ 51.063723] do_syscall_64+0x152/0x230 [ 51.067587] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 51.072765] RIP: 0033:0x7fc1bc91ef46 [ 51.076460] RSP: 002b:00007fff04bfe7e0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 51.084143] RAX: ffffffffffffffda RBX: 00007fff04bfe7e0 RCX: 00007fc1bc91ef46 [ 51.091398] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 51.098645] RBP: 00007fff04bfe820 R08: 0000000000000000 R09: 0000000000000008 [ 51.105976] R10: 00007fc1bce159d0 R11: 0000000000000246 R12: 0000000000000000 [ 51.113220] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 52.198213] Shutting down cpus with NMI [ 52.213441] Dumping ftrace buffer: [ 52.216978] (ftrace buffer empty) [ 52.220662] Kernel Offset: disabled [ 52.224281] Rebooting in 86400 seconds..