[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 29.718276] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 32.994441] random: sshd: uninitialized urandom read (32 bytes read) [ 33.458884] random: sshd: uninitialized urandom read (32 bytes read) [ 34.514425] random: sshd: uninitialized urandom read (32 bytes read) [ 34.721760] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.10.5' (ECDSA) to the list of known hosts. [ 40.202283] random: sshd: uninitialized urandom read (32 bytes read) executing program [ 40.323941] ================================================================== [ 40.331352] BUG: KMSAN: uninit-value in netlink_rcv_skb+0x3e3/0x600 [ 40.337747] CPU: 1 PID: 4471 Comm: syz-executor225 Not tainted 4.17.0-rc5+ #96 [ 40.345083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 40.354414] Call Trace: [ 40.356985] dump_stack+0x185/0x1d0 [ 40.360603] ? netlink_rcv_skb+0x3e3/0x600 [ 40.364825] kmsan_report+0x142/0x240 [ 40.368604] __msan_warning_32+0x6c/0xb0 [ 40.372643] netlink_rcv_skb+0x3e3/0x600 [ 40.376682] ? rtnetlink_bind+0x120/0x120 [ 40.380805] rtnetlink_rcv+0x50/0x60 [ 40.384494] netlink_unicast+0x166b/0x1740 [ 40.388706] ? rtnetlink_net_exit+0xa0/0xa0 [ 40.393009] netlink_sendmsg+0x1072/0x1370 [ 40.397226] kernel_sendmsg+0x228/0x2d0 [ 40.401175] ? netlink_getsockopt+0xc80/0xc80 [ 40.405647] sock_no_sendpage+0x1c8/0x250 [ 40.409770] ? sock_no_mmap+0x30/0x30 [ 40.413545] sock_sendpage+0x1de/0x2c0 [ 40.417422] pipe_to_sendpage+0x31b/0x430 [ 40.421544] ? sock_fasync+0x2b0/0x2b0 [ 40.425411] ? generic_pipe_buf_get+0xf0/0xf0 [ 40.429883] __splice_from_pipe+0x49a/0xf30 [ 40.434180] ? generic_splice_sendpage+0x2a0/0x2a0 [ 40.439090] generic_splice_sendpage+0x1c6/0x2a0 [ 40.443824] ? iter_file_splice_write+0x1710/0x1710 [ 40.448815] ? iter_file_splice_write+0x1710/0x1710 [ 40.453806] direct_splice_actor+0x19b/0x200 [ 40.458191] splice_direct_to_actor+0x764/0x1040 [ 40.462920] ? do_splice_direct+0x540/0x540 [ 40.467220] ? security_file_permission+0x269/0x490 [ 40.472225] do_splice_direct+0x335/0x540 [ 40.476369] do_sendfile+0x1067/0x1e40 [ 40.480238] __x64_sys_sendfile64+0x218/0x390 [ 40.484713] do_syscall_64+0x154/0x220 [ 40.488578] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 40.493745] RIP: 0033:0x4455f9 [ 40.496912] RSP: 002b:00007f53de890d18 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 40.504595] RAX: ffffffffffffffda RBX: 00000000006dac24 RCX: 00000000004455f9 [ 40.511842] RDX: 00000000200000c0 RSI: 0000000000000004 RDI: 0000000000000003 [ 40.519089] RBP: 0000000000000000 R08: 65732f636f72702f R09: 65732f636f72702f [ 40.526336] R10: 0000000080000002 R11: 0000000000000246 R12: 00000000006dac20 [ 40.533593] R13: 00007f53de890d20 R14: 0000000000000000 R15: 0000000000000001 [ 40.540842] [ 40.542454] Uninit was stored to memory at: [ 40.546763] kmsan_internal_chain_origin+0x12b/0x210 [ 40.551843] kmsan_memcpy_origins+0x11d/0x170 [ 40.556324] __msan_memcpy+0x109/0x160 [ 40.560187] _copy_from_iter_full+0xdfc/0x1450 [ 40.564743] netlink_sendmsg+0xe1c/0x1370 [ 40.568868] kernel_sendmsg+0x228/0x2d0 [ 40.572828] sock_no_sendpage+0x1c8/0x250 [ 40.576948] sock_sendpage+0x1de/0x2c0 [ 40.580813] pipe_to_sendpage+0x31b/0x430 [ 40.584936] __splice_from_pipe+0x49a/0xf30 [ 40.589243] generic_splice_sendpage+0x1c6/0x2a0 [ 40.593975] direct_splice_actor+0x19b/0x200 [ 40.598361] splice_direct_to_actor+0x764/0x1040 [ 40.603090] do_splice_direct+0x335/0x540 [ 40.607222] do_sendfile+0x1067/0x1e40 [ 40.611083] __x64_sys_sendfile64+0x218/0x390 [ 40.615554] do_syscall_64+0x154/0x220 [ 40.619420] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 40.624579] Uninit was created at: [ 40.628096] kmsan_alloc_meta_for_pages+0x161/0x3a0 [ 40.633086] kmsan_alloc_page+0x82/0xe0 [ 40.637035] __alloc_pages_nodemask+0xf8e/0x5dd0 [ 40.641765] alloc_pages_current+0x6b5/0x970 [ 40.646150] push_pipe+0x680/0xca0 [ 40.649664] iov_iter_get_pages+0x1357/0x1810 [ 40.654138] __blockdev_direct_IO+0x1a4d/0x6580 [ 40.658791] ext4_direct_IO+0xed8/0x27c0 [ 40.662835] generic_file_read_iter+0x3bd2/0x4440 [ 40.667653] ext4_file_read_iter+0x30f/0x520 [ 40.672038] generic_file_splice_read+0x5d2/0x900 [ 40.676865] splice_direct_to_actor+0x4c6/0x1040 [ 40.681604] do_splice_direct+0x335/0x540 [ 40.685727] do_sendfile+0x1067/0x1e40 [ 40.689588] __x64_sys_sendfile64+0x218/0x390 [ 40.694057] do_syscall_64+0x154/0x220 [ 40.697921] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 40.703082] ================================================================== [ 40.710420] Disabling lock debugging due to kernel taint [ 40.715844] Kernel panic - not syncing: panic_on_warn set ... [ 40.715844] [ 40.723193] CPU: 1 PID: 4471 Comm: syz-executor225 Tainted: G B 4.17.0-rc5+ #96 [ 40.731912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 40.741244] Call Trace: [ 40.743817] dump_stack+0x185/0x1d0 [ 40.747424] panic+0x39d/0x940 [ 40.750602] ? netlink_rcv_skb+0x3e3/0x600 [ 40.754816] kmsan_report+0x238/0x240 [ 40.758592] __msan_warning_32+0x6c/0xb0 [ 40.762630] netlink_rcv_skb+0x3e3/0x600 [ 40.766679] ? rtnetlink_bind+0x120/0x120 [ 40.770807] rtnetlink_rcv+0x50/0x60 [ 40.774496] netlink_unicast+0x166b/0x1740 [ 40.778710] ? rtnetlink_net_exit+0xa0/0xa0 [ 40.783010] netlink_sendmsg+0x1072/0x1370 [ 40.787224] kernel_sendmsg+0x228/0x2d0 [ 40.791173] ? netlink_getsockopt+0xc80/0xc80 [ 40.795647] sock_no_sendpage+0x1c8/0x250 [ 40.799773] ? sock_no_mmap+0x30/0x30 [ 40.803556] sock_sendpage+0x1de/0x2c0 [ 40.807426] pipe_to_sendpage+0x31b/0x430 [ 40.811568] ? sock_fasync+0x2b0/0x2b0 [ 40.815443] ? generic_pipe_buf_get+0xf0/0xf0 [ 40.819913] __splice_from_pipe+0x49a/0xf30 [ 40.824211] ? generic_splice_sendpage+0x2a0/0x2a0 [ 40.829118] generic_splice_sendpage+0x1c6/0x2a0 [ 40.833870] ? iter_file_splice_write+0x1710/0x1710 [ 40.838862] ? iter_file_splice_write+0x1710/0x1710 [ 40.843854] direct_splice_actor+0x19b/0x200 [ 40.848240] splice_direct_to_actor+0x764/0x1040 [ 40.852972] ? do_splice_direct+0x540/0x540 [ 40.857275] ? security_file_permission+0x269/0x490 [ 40.862282] do_splice_direct+0x335/0x540 [ 40.866424] do_sendfile+0x1067/0x1e40 [ 40.870293] __x64_sys_sendfile64+0x218/0x390 [ 40.874766] do_syscall_64+0x154/0x220 [ 40.878632] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 40.883795] RIP: 0033:0x4455f9 [ 40.886962] RSP: 002b:00007f53de890d18 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 40.894645] RAX: ffffffffffffffda RBX: 00000000006dac24 RCX: 00000000004455f9 [ 40.901889] RDX: 00000000200000c0 RSI: 0000000000000004 RDI: 0000000000000003 [ 40.909132] RBP: 0000000000000000 R08: 65732f636f72702f R09: 65732f636f72702f [ 40.916381] R10: 0000000080000002 R11: 0000000000000246 R12: 00000000006dac20 [ 40.923636] R13: 00007f53de890d20 R14: 0000000000000000 R15: 0000000000000001 [ 40.931507] Dumping ftrace buffer: [ 40.935040] (ftrace buffer empty) [ 40.938741] Kernel Offset: disabled [ 40.942347] Rebooting in 86400 seconds..