[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[   33.870318] random: sshd: uninitialized urandom read (32 bytes read)
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   37.120820] random: sshd: uninitialized urandom read (32 bytes read)
[   37.640167] random: sshd: uninitialized urandom read (32 bytes read)
[   39.010940] random: sshd: uninitialized urandom read (32 bytes read)
[   49.440963] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.0.6' (ECDSA) to the list of known hosts.
[   54.934810] random: sshd: uninitialized urandom read (32 bytes read)
executing program
executing program
[   55.064505] ==================================================================
[   55.071913] BUG: KMSAN: uninit-value in __nf_conntrack_find_get+0xc15/0x2190
[   55.079085] CPU: 1 PID: 4597 Comm: syz-executor721 Not tainted 4.18.0-rc5+ #29
[   55.086425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   55.095762] Call Trace:
[   55.098339]  dump_stack+0x185/0x1e0
[   55.101952]  kmsan_report+0x195/0x2c0
[   55.105750]  __msan_warning+0x7d/0xe0
[   55.109537]  __nf_conntrack_find_get+0xc15/0x2190
[   55.114365]  ? __msan_poison_alloca+0x183/0x220
[   55.119022]  ? __msan_metadata_ptr_for_load_4+0x10/0x20
[   55.124376]  ? hash_conntrack_raw+0x5f7/0x8c0
[   55.128858]  nf_conntrack_in+0x1674/0x2070
[   55.133091]  ipv6_conntrack_local+0xc3/0xf0
[   55.137395]  ? ipv6_conntrack_in+0xf0/0xf0
[   55.141610]  nf_hook_slow+0x15d/0x3e0
[   55.145407]  __ip6_local_out+0x64c/0x770
[   55.149455]  ? __ip6_local_out+0x770/0x770
[   55.153676]  ip6_local_out+0xa4/0x1d0
[   55.157476]  ip6_push_pending_frames+0x218/0x4d0
[   55.162217]  rawv6_sendmsg+0x45f0/0x5410
[   55.166275]  ? kmsan_set_origin_inline+0x6b/0x120
[   55.171099]  ? __msan_poison_alloca+0x183/0x220
[   55.175750]  ? __fdget+0x4e/0x60
[   55.179105]  ? compat_rawv6_ioctl+0x100/0x100
[   55.183858]  inet_sendmsg+0x3fc/0x760
[   55.187653]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[   55.193014]  ? inet_getname+0x4a0/0x4a0
[   55.196972]  __sys_sendto+0x798/0x8e0
[   55.200765]  ? syscall_return_slowpath+0x108/0x800
[   55.205681]  __x64_sys_sendto+0x1a1/0x210
[   55.209816]  ? __sys_sendto+0x8e0/0x8e0
[   55.213774]  do_syscall_64+0x15b/0x230
[   55.217649]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[   55.222819] RIP: 0033:0x4492d9
[   55.225987] Code: e8 7c b7 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 ab d6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
[   55.245150] RSP: 002b:00007f47eee70d98 EFLAGS: 00000212 ORIG_RAX: 000000000000002c
[   55.252841] RAX: ffffffffffffffda RBX: 00000000006dac24 RCX: 00000000004492d9
[   55.260102] RDX: 000000000000fedf RSI: 0000000020000000 RDI: 0000000000000005
[   55.267353] RBP: 0000000000000000 R08: 0000000020000180 R09: 000000000000001a
[   55.274602] R10: 0000000000000000 R11: 0000000000000212 R12: 00000000006dac20
[   55.281850] R13: 7364612f7665642f R14: 00007f47eee719c0 R15: 0000000000000003
[   55.289105] 
[   55.290711] Uninit was stored to memory at:
[   55.295016]  kmsan_internal_chain_origin+0x13c/0x240
[   55.300110]  __msan_chain_origin+0x76/0xd0
[   55.304340]  __nf_conntrack_confirm+0x2700/0x3f70
[   55.309166]  ipv6_confirm+0x573/0x740
[   55.312944]  nf_hook_slow+0x15d/0x3e0
[   55.316728]  ip6_output+0x37d/0x710
[   55.320338]  ip6_local_out+0x164/0x1d0
[   55.324207]  ip6_push_pending_frames+0x218/0x4d0
[   55.328957]  rawv6_sendmsg+0x45f0/0x5410
[   55.333002]  inet_sendmsg+0x3fc/0x760
[   55.336801]  __sys_sendto+0x798/0x8e0
[   55.340587]  __x64_sys_sendto+0x1a1/0x210
[   55.344721]  do_syscall_64+0x15b/0x230
[   55.348592]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[   55.353758] 
[   55.355451] Uninit was created at:
[   55.358974]  kmsan_internal_poison_shadow+0xc8/0x1d0
[   55.364060]  kmsan_kmalloc+0xa1/0x120
[   55.367841]  kmem_cache_alloc+0xad2/0xbb0
[   55.372000]  __nf_conntrack_alloc+0x166/0x670
[   55.376475]  init_conntrack+0x635/0x2840
[   55.380517]  nf_conntrack_in+0x1812/0x2070
[   55.384742]  ipv6_conntrack_local+0xc3/0xf0
[   55.389051]  nf_hook_slow+0x15d/0x3e0
[   55.392834]  __ip6_local_out+0x64c/0x770
[   55.396877]  ip6_local_out+0xa4/0x1d0
[   55.400660]  ip6_push_pending_frames+0x218/0x4d0
[   55.405398]  rawv6_sendmsg+0x45f0/0x5410
[   55.409459]  inet_sendmsg+0x3fc/0x760
[   55.413257]  __sys_sendto+0x798/0x8e0
[   55.417039]  __x64_sys_sendto+0x1a1/0x210
[   55.421167]  do_syscall_64+0x15b/0x230
[   55.425048]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[   55.430304] ==================================================================
[   55.437641] Disabling lock debugging due to kernel taint
[   55.443070] Kernel panic - not syncing: panic_on_warn set ...
[   55.443070] 
[   55.450418] CPU: 1 PID: 4597 Comm: syz-executor721 Tainted: G    B             4.18.0-rc5+ #29
[   55.459156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   55.468499] Call Trace:
[   55.471082]  dump_stack+0x185/0x1e0
[   55.474705]  panic+0x3d0/0x9b0
[   55.477902]  kmsan_report+0x2bf/0x2c0
[   55.481689]  __msan_warning+0x7d/0xe0
[   55.485475]  __nf_conntrack_find_get+0xc15/0x2190
[   55.490313]  ? __msan_poison_alloca+0x183/0x220
[   55.494980]  ? __msan_metadata_ptr_for_load_4+0x10/0x20
[   55.500331]  ? hash_conntrack_raw+0x5f7/0x8c0
[   55.504813]  nf_conntrack_in+0x1674/0x2070
[   55.509060]  ipv6_conntrack_local+0xc3/0xf0
[   55.513364]  ? ipv6_conntrack_in+0xf0/0xf0
[   55.517578]  nf_hook_slow+0x15d/0x3e0
[   55.521366]  __ip6_local_out+0x64c/0x770
[   55.525412]  ? __ip6_local_out+0x770/0x770
[   55.529630]  ip6_local_out+0xa4/0x1d0
[   55.533416]  ip6_push_pending_frames+0x218/0x4d0
[   55.538159]  rawv6_sendmsg+0x45f0/0x5410
[   55.542228]  ? kmsan_set_origin_inline+0x6b/0x120
[   55.547066]  ? __msan_poison_alloca+0x183/0x220
[   55.551717]  ? __fdget+0x4e/0x60
[   55.555071]  ? compat_rawv6_ioctl+0x100/0x100
[   55.559546]  inet_sendmsg+0x3fc/0x760
[   55.563338]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[   55.568684]  ? inet_getname+0x4a0/0x4a0
[   55.572638]  __sys_sendto+0x798/0x8e0
[   55.576430]  ? syscall_return_slowpath+0x108/0x800
[   55.581343]  __x64_sys_sendto+0x1a1/0x210
[   55.585487]  ? __sys_sendto+0x8e0/0x8e0
[   55.589443]  do_syscall_64+0x15b/0x230
[   55.593316]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[   55.598487] RIP: 0033:0x4492d9
[   55.601656] Code: e8 7c b7 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 ab d6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
[   55.620813] RSP: 002b:00007f47eee70d98 EFLAGS: 00000212 ORIG_RAX: 000000000000002c
[   55.628503] RAX: ffffffffffffffda RBX: 00000000006dac24 RCX: 00000000004492d9
[   55.635755] RDX: 000000000000fedf RSI: 0000000020000000 RDI: 0000000000000005
[   55.643179] RBP: 0000000000000000 R08: 0000000020000180 R09: 000000000000001a
[   55.650431] R10: 0000000000000000 R11: 0000000000000212 R12: 00000000006dac20
[   55.657681] R13: 7364612f7665642f R14: 00007f47eee719c0 R15: 0000000000000003
[   55.665338] Dumping ftrace buffer:
[   55.668858]    (ftrace buffer empty)
[   55.672548] Kernel Offset: disabled
[   55.676162] Rebooting in 86400 seconds..