[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 37.572584] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. [ 38.534916] random: sshd: uninitialized urandom read (32 bytes read) [ 38.860435] random: sshd: uninitialized urandom read (32 bytes read) Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 39.799580] random: sshd: uninitialized urandom read (32 bytes read) [ 40.056867] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.10.23' (ECDSA) to the list of known hosts. [ 45.734243] random: sshd: uninitialized urandom read (32 bytes read) executing program [ 45.859251] ================================================================== [ 45.866647] BUG: KMSAN: uninit-value in fuse_dev_do_write+0xaba/0xbd30 [ 45.873310] CPU: 0 PID: 4465 Comm: syz-executor904 Not tainted 4.18.0-rc8+ #34 [ 45.880655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 45.889997] Call Trace: [ 45.892613] dump_stack+0x17c/0x1c0 [ 45.896238] kmsan_report+0x188/0x2a0 [ 45.900075] __msan_warning+0x70/0xc0 [ 45.903887] fuse_dev_do_write+0xaba/0xbd30 [ 45.908200] ? __msan_poison_alloca+0x173/0x200 [ 45.912867] ? trace_kmalloc+0x9f/0x2b0 [ 45.916859] fuse_dev_splice_write+0xe23/0xf90 [ 45.921458] ? fuse_dev_fasync+0x170/0x170 [ 45.925691] direct_splice_actor+0x19e/0x200 [ 45.930119] splice_direct_to_actor+0x746/0xfb0 [ 45.934778] ? do_splice_direct+0x540/0x540 [ 45.939126] do_splice_direct+0x332/0x540 [ 45.943296] do_sendfile+0x1090/0x1df0 [ 45.947201] __se_sys_sendfile64+0x2ea/0x380 [ 45.951634] __x64_sys_sendfile64+0x11e/0x170 [ 45.956125] ? __ia32_sys_sendfile+0x160/0x160 [ 45.960697] do_syscall_64+0x15b/0x220 [ 45.964589] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 45.969766] RIP: 0033:0x440069 [ 45.972937] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 45.992278] RSP: 002b:00007fff423a6498 EFLAGS: 00000217 ORIG_RAX: 0000000000000028 [ 46.000109] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440069 [ 46.007367] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 46.014624] RBP: 00000000006ca018 R08: 00000000004002c8 R09: 00000000004002c8 [ 46.021900] R10: 0000000000010000 R11: 0000000000000217 R12: 00000000004018f0 [ 46.029159] R13: 0000000000401980 R14: 0000000000000000 R15: 0000000000000000 [ 46.036427] [ 46.038045] Uninit was stored to memory at: [ 46.042384] kmsan_internal_chain_origin+0x128/0x210 [ 46.047478] kmsan_memcpy_origins+0x13d/0x1b0 [ 46.051980] __msan_memcpy+0xda/0x130 [ 46.055796] fuse_dev_do_write+0x81a/0xbd30 [ 46.060103] fuse_dev_splice_write+0xe23/0xf90 [ 46.064671] direct_splice_actor+0x19e/0x200 [ 46.069070] splice_direct_to_actor+0x746/0xfb0 [ 46.073734] do_splice_direct+0x332/0x540 [ 46.077876] do_sendfile+0x1090/0x1df0 [ 46.081767] __se_sys_sendfile64+0x2ea/0x380 [ 46.086179] __x64_sys_sendfile64+0x11e/0x170 [ 46.090666] do_syscall_64+0x15b/0x220 [ 46.094542] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 46.099725] [ 46.101335] Uninit was created at: [ 46.104883] kmsan_internal_alloc_meta_for_pages+0x146/0x700 [ 46.110670] kmsan_alloc_page+0x75/0xd0 [ 46.114651] __alloc_pages_nodemask+0xf6b/0x5c80 [ 46.119396] alloc_pages_current+0x6b1/0x970 [ 46.123793] push_pipe+0x660/0xc10 [ 46.127321] iov_iter_get_pages+0x1378/0x1810 [ 46.131804] bio_iov_iter_get_pages+0x1de/0xd90 [ 46.136463] blkdev_direct_IO+0x1fb6/0x2c70 [ 46.140775] generic_file_read_iter+0x79a/0x4430 [ 46.145518] blkdev_read_iter+0x20d/0x270 [ 46.149656] generic_file_splice_read+0x629/0x960 [ 46.154490] splice_direct_to_actor+0x4af/0xfb0 [ 46.159147] do_splice_direct+0x332/0x540 [ 46.163291] do_sendfile+0x1090/0x1df0 [ 46.167166] __se_sys_sendfile64+0x2ea/0x380 [ 46.171560] __x64_sys_sendfile64+0x11e/0x170 [ 46.176053] do_syscall_64+0x15b/0x220 [ 46.179933] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 46.185118] ================================================================== [ 46.192456] Disabling lock debugging due to kernel taint [ 46.197893] Kernel panic - not syncing: panic_on_warn set ... [ 46.197893] [ 46.205270] CPU: 0 PID: 4465 Comm: syz-executor904 Tainted: G B 4.18.0-rc8+ #34 [ 46.214004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 46.223356] Call Trace: [ 46.225950] dump_stack+0x17c/0x1c0 [ 46.229583] panic+0x3c3/0x9a0 [ 46.232792] kmsan_report+0x29e/0x2a0 [ 46.236594] __msan_warning+0x70/0xc0 [ 46.240388] fuse_dev_do_write+0xaba/0xbd30 [ 46.244701] ? __msan_poison_alloca+0x173/0x200 [ 46.249368] ? trace_kmalloc+0x9f/0x2b0 [ 46.253359] fuse_dev_splice_write+0xe23/0xf90 [ 46.257963] ? fuse_dev_fasync+0x170/0x170 [ 46.262196] direct_splice_actor+0x19e/0x200 [ 46.266604] splice_direct_to_actor+0x746/0xfb0 [ 46.271262] ? do_splice_direct+0x540/0x540 [ 46.275598] do_splice_direct+0x332/0x540 [ 46.279753] do_sendfile+0x1090/0x1df0 [ 46.283657] __se_sys_sendfile64+0x2ea/0x380 [ 46.288071] __x64_sys_sendfile64+0x11e/0x170 [ 46.292578] ? __ia32_sys_sendfile+0x160/0x160 [ 46.297153] do_syscall_64+0x15b/0x220 [ 46.301054] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 46.306236] RIP: 0033:0x440069 [ 46.309409] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 46.328715] RSP: 002b:00007fff423a6498 EFLAGS: 00000217 ORIG_RAX: 0000000000000028 [ 46.336417] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440069 [ 46.343682] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 46.350937] RBP: 00000000006ca018 R08: 00000000004002c8 R09: 00000000004002c8 [ 46.358207] R10: 0000000000010000 R11: 0000000000000217 R12: 00000000004018f0 [ 46.365463] R13: 0000000000401980 R14: 0000000000000000 R15: 0000000000000000 [ 46.373104] Dumping ftrace buffer: [ 46.376633] (ftrace buffer empty) [ 46.380327] Kernel Offset: disabled [ 46.383960] Rebooting in 86400 seconds..