[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 32.974738] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. [ 33.681773] random: sshd: uninitialized urandom read (32 bytes read) [ 34.012751] random: sshd: uninitialized urandom read (32 bytes read) Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 35.304360] random: sshd: uninitialized urandom read (32 bytes read) [ 35.531808] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.15.207' (ECDSA) to the list of known hosts. [ 41.032443] random: sshd: uninitialized urandom read (32 bytes read) executing program [ 41.681559] ================================================================== [ 41.688946] BUG: KMSAN: kernel-infoleak in snd_pcm_oss_read+0x78b/0x1b30 [ 41.695767] CPU: 0 PID: 4536 Comm: syz-executor402 Not tainted 4.17.0+ #22 [ 41.702841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 41.712182] Call Trace: [ 41.714747] dump_stack+0x185/0x1d0 [ 41.718361] kmsan_report+0x188/0x2a0 [ 41.722172] kmsan_internal_check_memory+0x17e/0x1f0 [ 41.727257] kmsan_copy_to_user+0x73/0xb0 [ 41.731386] snd_pcm_oss_read+0x78b/0x1b30 [ 41.735610] ? snd_pcm_oss_unregister_minor+0x4d0/0x4d0 [ 41.740952] __vfs_read+0x1b2/0x9d0 [ 41.744566] vfs_read+0x36c/0x6b0 [ 41.748003] __x64_sys_read+0x1bf/0x3e0 [ 41.751956] ? ksys_read+0x360/0x360 [ 41.755646] do_syscall_64+0x15b/0x230 [ 41.759531] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 41.764703] RIP: 0033:0x440029 [ 41.767874] RSP: 002b:00007fff60a57f48 EFLAGS: 00000213 ORIG_RAX: 0000000000000000 [ 41.775561] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440029 [ 41.782826] RDX: 0000000000000035 RSI: 0000000020000040 RDI: 0000000000000003 [ 41.790078] RBP: 00000000006ca018 R08: 00000000004002c8 R09: 00000000004002c8 [ 41.797338] R10: 0000000000000000 R11: 0000000000000213 R12: 00000000004018b0 [ 41.804591] R13: 0000000000401940 R14: 0000000000000000 R15: 0000000000000000 [ 41.811849] [ 41.813453] Uninit was stored to memory at: [ 41.817762] kmsan_internal_chain_origin+0x12b/0x210 [ 41.822843] __msan_chain_origin+0x69/0xc0 [ 41.827060] mulaw_encode+0x962/0xc10 [ 41.830836] mulaw_transfer+0x1c8/0x250 [ 41.834787] snd_pcm_plug_read_transfer+0x8fe/0xae0 [ 41.839784] snd_pcm_oss_read+0xb22/0x1b30 [ 41.843999] __vfs_read+0x1b2/0x9d0 [ 41.847605] vfs_read+0x36c/0x6b0 [ 41.851041] __x64_sys_read+0x1bf/0x3e0 [ 41.854991] do_syscall_64+0x15b/0x230 [ 41.858860] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 41.864022] [ 41.865630] Uninit was stored to memory at: [ 41.869938] kmsan_internal_chain_origin+0x12b/0x210 [ 41.875022] kmsan_memcpy_origins+0x11d/0x170 [ 41.879498] __msan_memcpy+0xda/0x130 [ 41.883277] mulaw_encode+0x5cd/0xc10 [ 41.887058] mulaw_transfer+0x1c8/0x250 [ 41.891021] snd_pcm_plug_read_transfer+0x8fe/0xae0 [ 41.896025] snd_pcm_oss_read+0xb22/0x1b30 [ 41.900247] __vfs_read+0x1b2/0x9d0 [ 41.904025] vfs_read+0x36c/0x6b0 [ 41.907453] __x64_sys_read+0x1bf/0x3e0 [ 41.911405] do_syscall_64+0x15b/0x230 [ 41.915275] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 41.920435] [ 41.922035] Uninit was created at: [ 41.925559] kmsan_internal_alloc_meta_for_pages+0x146/0x700 [ 41.931336] kmsan_alloc_page+0x75/0xd0 [ 41.935289] __alloc_pages_nodemask+0xf7b/0x5cc0 [ 41.940030] alloc_pages_current+0x6b1/0x970 [ 41.944424] __vmalloc_node_range+0x8bf/0x1170 [ 41.948991] vmalloc+0xd8/0xf0 [ 41.952171] snd_pcm_plugin_alloc+0x29a/0xc70 [ 41.956648] snd_pcm_plug_alloc+0x281/0x5d0 [ 41.960948] snd_pcm_oss_change_params_locked+0x59ef/0x6940 [ 41.966637] snd_pcm_oss_read+0x4ad/0x1b30 [ 41.970852] __vfs_read+0x1b2/0x9d0 [ 41.974461] vfs_read+0x36c/0x6b0 [ 41.977893] __x64_sys_read+0x1bf/0x3e0 [ 41.981854] do_syscall_64+0x15b/0x230 [ 41.985720] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 41.990884] [ 41.992496] Bytes 0-52 of 53 are uninitialized [ 41.997058] Memory access starts at ffffc9000189e000 [ 42.002140] ================================================================== [ 42.009480] Disabling lock debugging due to kernel taint [ 42.014907] Kernel panic - not syncing: panic_on_warn set ... [ 42.014907] [ 42.022256] CPU: 0 PID: 4536 Comm: syz-executor402 Tainted: G B 4.17.0+ #22 [ 42.030634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 42.039967] Call Trace: [ 42.042536] dump_stack+0x185/0x1d0 [ 42.046146] panic+0x3d0/0x9b0 [ 42.049332] kmsan_report+0x29e/0x2a0 [ 42.053121] kmsan_internal_check_memory+0x17e/0x1f0 [ 42.058210] kmsan_copy_to_user+0x73/0xb0 [ 42.062354] snd_pcm_oss_read+0x78b/0x1b30 [ 42.066585] ? snd_pcm_oss_unregister_minor+0x4d0/0x4d0 [ 42.071927] __vfs_read+0x1b2/0x9d0 [ 42.075548] vfs_read+0x36c/0x6b0 [ 42.078987] __x64_sys_read+0x1bf/0x3e0 [ 42.082942] ? ksys_read+0x360/0x360 [ 42.086635] do_syscall_64+0x15b/0x230 [ 42.090505] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 42.095680] RIP: 0033:0x440029 [ 42.098846] RSP: 002b:00007fff60a57f48 EFLAGS: 00000213 ORIG_RAX: 0000000000000000 [ 42.106537] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440029 [ 42.113787] RDX: 0000000000000035 RSI: 0000000020000040 RDI: 0000000000000003 [ 42.121036] RBP: 00000000006ca018 R08: 00000000004002c8 R09: 00000000004002c8 [ 42.128284] R10: 0000000000000000 R11: 0000000000000213 R12: 00000000004018b0 [ 42.135531] R13: 0000000000401940 R14: 0000000000000000 R15: 0000000000000000 [ 42.143341] Dumping ftrace buffer: [ 42.146868] (ftrace buffer empty) [ 42.150555] Kernel Offset: disabled [ 42.154161] Rebooting in 86400 seconds..