[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[   15.666706] random: sshd: uninitialized urandom read (32 bytes read)
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   19.228455] random: sshd: uninitialized urandom read (32 bytes read)
[   19.593285] random: sshd: uninitialized urandom read (32 bytes read)
[   20.322476] random: sshd: uninitialized urandom read (32 bytes read)
[  654.860281] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.0.12' (ECDSA) to the list of known hosts.
[  660.286360] random: sshd: uninitialized urandom read (32 bytes read)
executing program
[  861.151220] INFO: task syz-executor027:4468 blocked for more than 140 seconds.
[  861.158680]       Not tainted 4.18.0-rc5-next-20180720+ #12
[  861.164409] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  861.172398] syz-executor027 D25504  4468   4464 0x00000004
[  861.178061] Call Trace:
[  861.180674]  __schedule+0x87c/0x1ea0
[  861.184418]  ? __sched_text_start+0x8/0x8
[  861.188591]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  861.193222]  ? kasan_check_write+0x14/0x20
[  861.197513]  ? do_raw_spin_lock+0xc1/0x200
[  861.201777]  ? trace_hardirqs_on+0xd/0x10
[  861.205951]  ? prepare_to_wait_event+0x396/0xc70
[  861.210741]  ? prepare_to_wait_exclusive+0x550/0x550
[  861.215865]  ? send_sigio+0x340/0x340
[  861.219695]  ? do_raw_spin_unlock+0xa7/0x2f0
[  861.224121]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  861.228751]  schedule+0xfb/0x450
[  861.232159]  ? lock_downgrade+0x8f0/0x8f0
[  861.236383]  ? __schedule+0x1ea0/0x1ea0
[  861.240410]  ? check_same_owner+0x340/0x340
[  861.244807]  ? do_raw_spin_unlock+0xa7/0x2f0
[  861.249262]  ? replenish_dl_entity.cold.54+0x37/0x37
[  861.254429]  request_wait_answer+0x4c8/0x920
[  861.258860]  ? fuse_read_forget.isra.22+0xdc0/0xdc0
[  861.263929]  ? finish_wait+0x430/0x430
[  861.267858]  ? send_sigio+0x340/0x340
[  861.271697]  ? lock_acquire+0x1e4/0x540
[  861.275699]  ? finish_wait+0x430/0x430
[  861.279629]  ? refcount_inc_not_zero_checked+0x1e5/0x2f0
[  861.285107]  ? finish_wait+0x430/0x430
[  861.289030]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  861.293642]  ? fuse_dev_ioctl+0x430/0x430
[  861.297913]  ? kasan_check_write+0x14/0x20
[  861.302186]  ? do_raw_spin_lock+0xc1/0x200
[  861.306453]  __fuse_request_send+0x12a/0x1d0
[  861.310886]  fuse_request_send+0x62/0xa0
[  861.314990]  fuse_simple_request+0x33d/0x730
[  861.319449]  fuse_lookup_name+0x3ee/0x830
[  861.323630]  ? fuse_valid_type+0xb0/0xb0
[  861.327723]  ? mutex_lock_nested+0x16/0x20
[  861.331985]  fuse_lookup+0xff/0x4c0
[  861.335633]  ? fuse_lookup_name+0x830/0x830
[  861.339984]  ? lock_acquire+0x1e4/0x540
[  861.343981]  ? __lockdep_init_map+0x105/0x590
[  861.348532]  __lookup_slow+0x2b5/0x540
[  861.352460]  ? vfs_unlink+0x510/0x510
[  861.356436]  ? down_read+0xb5/0x1d0
[  861.360109]  ? lookup_slow+0x49/0x80
[  861.363891]  ? __down_interruptible+0x700/0x700
[  861.368606]  ? lookup_fast+0x470/0x12a0
[  861.372649]  ? __follow_mount_rcu.isra.35.part.36+0x890/0x890
[  861.378570]  lookup_slow+0x57/0x80
[  861.382132]  walk_component+0x94a/0x2630
[  861.386219]  ? inode_permission+0xb2/0x560
[  861.390492]  ? path_init+0x1fc0/0x1fc0
[  861.394400]  ? walk_component+0x2630/0x2630
[  861.398744]  ? save_stack+0xa9/0xd0
[  861.402393]  ? save_stack+0x43/0xd0
[  861.406053]  ? kmem_cache_alloc+0x12e/0x760
[  861.410401]  ? getname_flags+0xd0/0x5a0
[  861.414398]  ? user_path_at_empty+0x2d/0x50
[  861.418734]  ? ksys_chroot+0xc0/0x2f0
[  861.422563]  path_lookupat.isra.45+0x212/0xc00
[  861.427166]  ? path_parentat.isra.43+0x160/0x160
[  861.431956]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  861.437168]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  861.442218]  ? __check_object_size+0xa3/0x5d7
[  861.446750]  ? usercopy_warn+0x120/0x120
[  861.450839]  ? kasan_check_read+0x11/0x20
[  861.455035]  ? do_raw_spin_unlock+0xa7/0x2f0
[  861.459507]  filename_lookup+0x264/0x510
[  861.463603]  ? filename_parentat.isra.58+0x570/0x570
[  861.468728]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  861.474292]  ? mpi_free.cold.1+0x19/0x19
[  861.478377]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  861.483928]  ? getname_flags+0x26e/0x5a0
[  861.488013]  user_path_at_empty+0x40/0x50
[  861.492192]  ksys_chroot+0xc0/0x2f0
[  861.495830]  ? __ia32_sys_fchdir+0x1f0/0x1f0
[  861.500267]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  861.504895]  ? compat_start_thread+0x80/0x80
[  861.509335]  __x64_sys_chroot+0x31/0x40
[  861.513358]  do_syscall_64+0x1b9/0x820
[  861.517281]  ? syscall_return_slowpath+0x5e0/0x5e0
[  861.522257]  ? syscall_return_slowpath+0x31d/0x5e0
[  861.527234]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  861.532306]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  861.537300]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  861.542550] RIP: 0033:0x4457e9
[  861.545749] Code: Bad RIP value.
[  861.549156] RSP: 002b:00007efed0d37da8 EFLAGS: 00000297 ORIG_RAX: 00000000000000a1
[  861.556907] RAX: ffffffffffffffda RBX: 00000000006dac3c RCX: 00000000004457e9
[  861.564201] RDX: 0000000000402534 RSI: 5d3eb8ca47b1110e RDI: 0000000020000040
[  861.571518] RBP: 00000000006dac38 R08: 00007efed0d38700 R09: 0000000000000000
[  861.578811] R10: 00007efed0d38700 R11: 0000000000000297 R12: 0030656c69662f2e
[  861.586104] R13: 65646f6d746f6f72 R14: 2f30656c69662f2e R15: 0000000000000001
[  861.593427] INFO: lockdep is turned off.
[  861.597500] NMI backtrace for cpu 1
[  861.601144] CPU: 1 PID: 900 Comm: khungtaskd Not tainted 4.18.0-rc5-next-20180720+ #12
[  861.609195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  861.618546] Call Trace:
[  861.621125]  dump_stack+0x1c9/0x2b4
[  861.624734]  ? dump_stack_print_info.cold.2+0x52/0x52
[  861.629907]  ? vprintk_default+0x28/0x30
[  861.633953]  ? lapic_can_unplug_cpu.cold.28+0x3f/0x3f
[  861.639121]  nmi_cpu_backtrace.cold.3+0x48/0x88
[  861.643772]  ? lapic_can_unplug_cpu.cold.28+0x3f/0x3f
[  861.648963]  nmi_trigger_cpumask_backtrace+0x151/0x192
[  861.654224]  arch_trigger_cpumask_backtrace+0x14/0x20
[  861.659396]  watchdog+0xb39/0x10b0
[  861.662921]  ? reset_hung_task_detector+0xd0/0xd0
[  861.667767]  ? kasan_check_read+0x11/0x20
[  861.671897]  ? do_raw_spin_unlock+0xa7/0x2f0
[  861.676289]  ? _raw_spin_unlock_irqrestore+0x74/0xc0
[  861.681371]  ? __kthread_parkme+0x58/0x1b0
[  861.685594]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  861.690589]  ? trace_hardirqs_on+0xd/0x10
[  861.694721]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  861.700236]  ? __kthread_parkme+0x106/0x1b0
[  861.704536]  kthread+0x345/0x410
[  861.707885]  ? reset_hung_task_detector+0xd0/0xd0
[  861.712710]  ? kthread_bind+0x40/0x40
[  861.716491]  ret_from_fork+0x3a/0x50
[  861.720258] Sending NMI from CPU 1 to CPUs 0:
[  861.724822] NMI backtrace for cpu 0 skipped: idling at native_safe_halt+0x6/0x10
[  861.725777] Kernel panic - not syncing: hung_task: blocked tasks
[  861.738559] CPU: 1 PID: 900 Comm: khungtaskd Not tainted 4.18.0-rc5-next-20180720+ #12
[  861.746594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  861.755930] Call Trace:
[  861.758515]  dump_stack+0x1c9/0x2b4
[  861.762122]  ? dump_stack_print_info.cold.2+0x52/0x52
[  861.767331]  ? printk_safe_log_store+0x2f0/0x2f0
[  861.772076]  panic+0x238/0x4e7
[  861.775249]  ? add_taint.cold.5+0x16/0x16
[  861.779395]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  861.784931]  ? nmi_trigger_cpumask_backtrace+0x13a/0x192
[  861.790366]  ? printk_safe_flush+0xd7/0x130
[  861.794690]  watchdog+0xb4a/0x10b0
[  861.798230]  ? reset_hung_task_detector+0xd0/0xd0
[  861.803076]  ? kasan_check_read+0x11/0x20
[  861.807206]  ? do_raw_spin_unlock+0xa7/0x2f0
[  861.811599]  ? _raw_spin_unlock_irqrestore+0x74/0xc0
[  861.816690]  ? __kthread_parkme+0x58/0x1b0
[  861.820907]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  861.825909]  ? trace_hardirqs_on+0xd/0x10
[  861.830040]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  861.835555]  ? __kthread_parkme+0x106/0x1b0
[  861.840376]  kthread+0x345/0x410
[  861.843726]  ? reset_hung_task_detector+0xd0/0xd0
[  861.848560]  ? kthread_bind+0x40/0x40
[  861.852363]  ret_from_fork+0x3a/0x50
[  861.856497] Dumping ftrace buffer:
[  861.860035]    (ftrace buffer empty)
[  861.863746] Kernel Offset: disabled
[  861.867379] Rebooting in 86400 seconds..