[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 33.925508] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 38.577359] random: sshd: uninitialized urandom read (32 bytes read) [ 39.058981] random: sshd: uninitialized urandom read (32 bytes read) [ 40.386193] random: sshd: uninitialized urandom read (32 bytes read) [ 40.612304] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.49' (ECDSA) to the list of known hosts. [ 46.225578] random: sshd: uninitialized urandom read (32 bytes read) executing program [ 46.862400] ================================================================== [ 46.869809] BUG: KMSAN: kernel-infoleak in snd_pcm_oss_read+0x78b/0x1b30 [ 46.876635] CPU: 0 PID: 4579 Comm: syz-executor061 Not tainted 4.17.0+ #22 [ 46.883909] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 46.893286] Call Trace: [ 46.895889] dump_stack+0x185/0x1d0 [ 46.899520] kmsan_report+0x188/0x2a0 [ 46.903309] kmsan_internal_check_memory+0x17e/0x1f0 [ 46.908401] kmsan_copy_to_user+0x73/0xb0 [ 46.912636] snd_pcm_oss_read+0x78b/0x1b30 [ 46.916882] ? snd_pcm_oss_unregister_minor+0x4d0/0x4d0 [ 46.922264] __vfs_read+0x1b2/0x9d0 [ 46.925893] vfs_read+0x36c/0x6b0 [ 46.929340] __x64_sys_read+0x1bf/0x3e0 [ 46.933316] ? ksys_read+0x360/0x360 [ 46.937404] do_syscall_64+0x15b/0x230 [ 46.941282] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 46.946457] RIP: 0033:0x440049 [ 46.949630] RSP: 002b:00007fffbbad5c18 EFLAGS: 00000203 ORIG_RAX: 0000000000000000 [ 46.957323] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440049 [ 46.964575] RDX: 00000000000000fa RSI: 0000000020000300 RDI: 0000000000000003 [ 46.971829] RBP: 00000000006ca018 R08: 00000000004002c8 R09: 00000000004002c8 [ 46.979358] R10: 00000000004002c8 R11: 0000000000000203 R12: 00000000004018d0 [ 46.986626] R13: 0000000000401960 R14: 0000000000000000 R15: 0000000000000000 [ 46.993896] [ 46.995518] Uninit was created at: [ 46.999082] kmsan_internal_alloc_meta_for_pages+0x146/0x700 [ 47.004870] kmsan_alloc_page+0x75/0xd0 [ 47.008842] __alloc_pages_nodemask+0xf7b/0x5cc0 [ 47.013605] alloc_pages_current+0x6b1/0x970 [ 47.018003] __vmalloc_node_range+0x8bf/0x1170 [ 47.022674] vmalloc+0xd8/0xf0 [ 47.025859] snd_pcm_oss_change_params_locked+0x631b/0x6940 [ 47.031570] snd_pcm_oss_read+0x4ad/0x1b30 [ 47.035823] __vfs_read+0x1b2/0x9d0 [ 47.039439] vfs_read+0x36c/0x6b0 [ 47.042883] __x64_sys_read+0x1bf/0x3e0 [ 47.046844] do_syscall_64+0x15b/0x230 [ 47.050717] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 47.055891] [ 47.057502] Bytes 0-249 of 250 are uninitialized [ 47.062238] Memory access starts at ffffc90001893000 [ 47.067330] ================================================================== [ 47.074680] Disabling lock debugging due to kernel taint [ 47.080112] Kernel panic - not syncing: panic_on_warn set ... [ 47.080112] [ 47.087483] CPU: 0 PID: 4579 Comm: syz-executor061 Tainted: G B 4.17.0+ #22 [ 47.095877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 47.105222] Call Trace: [ 47.107802] dump_stack+0x185/0x1d0 [ 47.111468] panic+0x3d0/0x9b0 [ 47.114670] kmsan_report+0x29e/0x2a0 [ 47.118467] kmsan_internal_check_memory+0x17e/0x1f0 [ 47.123563] kmsan_copy_to_user+0x73/0xb0 [ 47.127708] snd_pcm_oss_read+0x78b/0x1b30 [ 47.131940] ? snd_pcm_oss_unregister_minor+0x4d0/0x4d0 [ 47.137301] __vfs_read+0x1b2/0x9d0 [ 47.140928] vfs_read+0x36c/0x6b0 [ 47.144386] __x64_sys_read+0x1bf/0x3e0 [ 47.148357] ? ksys_read+0x360/0x360 [ 47.152074] do_syscall_64+0x15b/0x230 [ 47.156001] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 47.161194] RIP: 0033:0x440049 [ 47.164367] RSP: 002b:00007fffbbad5c18 EFLAGS: 00000203 ORIG_RAX: 0000000000000000 [ 47.172067] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440049 [ 47.179324] RDX: 00000000000000fa RSI: 0000000020000300 RDI: 0000000000000003 [ 47.186582] RBP: 00000000006ca018 R08: 00000000004002c8 R09: 00000000004002c8 [ 47.193840] R10: 00000000004002c8 R11: 0000000000000203 R12: 00000000004018d0 [ 47.201118] R13: 0000000000401960 R14: 0000000000000000 R15: 0000000000000000 [ 47.209162] Dumping ftrace buffer: [ 47.212694] (ftrace buffer empty) [ 47.216395] Kernel Offset: disabled [ 47.220006] Rebooting in 86400 seconds..