[ 8.431720] random: sshd: uninitialized urandom read (32 bytes read) Starting mcstransd: [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 29.225829] random: sshd: uninitialized urandom read (32 bytes read) [ 29.734413] random: sshd: uninitialized urandom read (32 bytes read) [ 30.129838] random: crng init done Warning: Permanently added '10.128.10.25' (ECDSA) to the list of known hosts. executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 36.580625] syz-executor632 (2068) used greatest stack depth: 23784 bytes left [ 36.826446] BUG: sleeping function called from invalid context at kernel/locking/rwsem.c:51 [ 36.834975] in_atomic(): 1, irqs_disabled(): 0, pid: 0, name: swapper/0 [ 36.841722] no locks held by swapper/0/0. [ 36.845840] Preemption disabled at:[ 36.849289] [] schedule_preempt_disabled+0x1d/0x20 [ 36.855777] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 4.9.141+ #1 [ 36.861995] ffff8801db607a20 ffffffff81b42e79 ffffffff828094ad 0000000000000000 [ 36.870343] 0000000000000101 ffffffff83029180 ffffffff83029180 ffff8801db607a58 [ 36.878328] ffffffff813f9ecf ffffffff83029180 ffffffff82a4fa80 0000000000000033 [ 36.886311] Call Trace: [ 36.888886] [ 36.890926] [] dump_stack+0xc1/0x128 [ 36.896292] [] ? schedule_preempt_disabled+0x1d/0x20 [ 36.903027] [] ___might_sleep.cold.31+0x18a/0x1fc [ 36.909497] [] __might_sleep+0x95/0x1a0 [ 36.915183] [] ? filemap_check_errors+0x90/0xc0 [ 36.921474] [] down_write+0x21/0xa0 [ 36.926742] [] __generic_file_fsync+0xc1/0x1a0 [ 36.932951] [] ext4_sync_file+0x659/0x10a0 [ 36.938809] [] ? ext4_llseek+0x8e0/0x8e0 [ 36.944498] [] vfs_fsync_range+0x10c/0x260 [ 36.950361] [] dio_complete+0x512/0x6c0 [ 36.956008] [] ? trace_hardirqs_on_caller+0x266/0x590 [ 36.962835] [] ? ext4_update_bh_state+0xf0/0xf0 [ 36.969137] [] dio_bio_end_aio+0x11c/0x370 [ 36.975002] [] ? dio_complete+0x6c0/0x6c0 [ 36.980782] [] bio_endio+0x1a5/0x1f0 [ 36.986173] [] blk_update_request+0x248/0x9b0 [ 36.992303] [] scsi_end_request+0x9d/0x5c0 [ 36.998164] [] scsi_io_completion+0x273/0x17a0 [ 37.004368] [] ? scsi_unblock_requests+0x50/0x50 [ 37.010748] [] ? check_preemption_disabled+0x3b/0x200 [ 37.017563] [] ? scsi_handle_queue_ramp_up+0x32a/0x430 [ 37.024464] [] ? sd_completed_bytes+0x3f0/0x3f0 [ 37.030763] [] scsi_finish_command+0x3ba/0x530 [ 37.036978] [] scsi_softirq_done+0x250/0x360 [ 37.043083] [] ? trace_hardirqs_on_caller+0x266/0x590 [ 37.049904] [] blk_done_softirq+0x27d/0x3e0 [ 37.055850] [] ? handle_edge_irq+0x331/0x900 [ 37.061880] [] ? trigger_softirq+0x210/0x210 [ 37.067913] [] __do_softirq+0x20e/0x964 [ 37.073510] [] ? check_preemption_disabled+0x3b/0x200 [ 37.080320] [] irq_exit+0x11c/0x150 [ 37.085567] [] do_IRQ+0x10d/0x1c0 [ 37.090690] [] common_interrupt+0x9d/0x9d [ 37.096505] [ 37.098554] [] ? native_safe_halt+0x6/0x10 [ 37.104444] [] default_idle+0x55/0x360 [ 37.109964] [] arch_cpu_idle+0x10/0x20 [ 37.115480] [] default_idle_call+0x45/0x60 [ 37.121337] [] cpu_startup_entry+0x2b5/0x380 [ 37.127367] [] ? cpu_in_idle+0x20/0x20 [ 37.132920] [] rest_init+0x183/0x189 [ 37.138285] [] ? trace_event_define_fields_x86_irq_vector+0x2c/0x2c [ 37.146311] [] start_kernel+0x5fb/0x62f [ 37.151908] [] ? thread_stack_cache_init+0xb/0xb [ 37.158286] [] ? early_idt_handler_array+0x120/0x120 [ 37.165025] [] x86_64_start_reservations+0x29/0x2b [ 37.171581] [] x86_64_start_kernel+0x13a/0x15d [ 37.177856] [ 37.179462] ================================= [ 37.183924] [ INFO: inconsistent lock state ] [ 37.188388] 4.9.141+ #1 Tainted: G W [ 37.193200] --------------------------------- [ 37.197661] inconsistent {SOFTIRQ-ON-W} -> {IN-SOFTIRQ-W} usage. [ 37.203780] swapper/0/0 [HC0[0]:SC1[1]:HE1:SE0] takes: [ 37.209024] (&sb->s_type->i_mutex_key#9){+.?.+.}, at: [] __generic_file_fsync+0xc1/0x1a0 {SOFTIRQ-ON-W} state was registered at: [ 37.223051] __lock_acquire+0xbdd/0x4a10 [ 37.227169] lock_acquire+0x130/0x3e0 [ 37.231084] down_write+0x41/0xa0 [ 37.234598] prepare_binprm+0x2b7/0x750 [ 37.238634] do_execveat_common.isra.14+0xe9f/0x1ed0 [ 37.243793] SyS_execve+0x42/0x50 [ 37.247304] do_syscall_64+0x19f/0x550 [ 37.251251] entry_SYSCALL_64_after_swapgs+0x5d/0xdb [ 37.256418] irq event stamp: 283986 [ 37.260022] hardirqs last enabled at (283986): [] restore_regs_and_iret+0x0/0x1d [ 37.269224] hardirqs last disabled at (283985): [] apic_timer_interrupt+0x98/0xb0 [ 37.278388] softirqs last enabled at (283948): [] _local_bh_enable+0x1c/0x50 [ 37.287196] softirqs last disabled at (283949): [] irq_exit+0x11c/0x150 [ 37.295478] [ 37.295478] other info that might help us debug this: [ 37.302116] Possible unsafe locking scenario: [ 37.302116] [ 37.308145] CPU0 [ 37.310700] ---- [ 37.313272] lock(&sb->s_type->i_mutex_key#9); [ 37.318269] [ 37.320999] lock(&sb->s_type->i_mutex_key#9); [ 37.326169] [ 37.326169] *** DEADLOCK *** [ 37.326169] [ 37.332204] no locks held by swapper/0/0. [ 37.336324] [ 37.336324] stack backtrace: [ 37.340792] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 4.9.141+ #1 [ 37.348211] ffff8801db607790 ffffffff81b42e79 ffffffff83029180 ffffffff83cab370 [ 37.356279] ffffffff83029a30 ffffffff83029a50 ffffffff84244d40 ffff8801db607808 [ 37.364282] ffffffff81400780 0000000000000001 ffffffff00000001 0000000000000000 [ 37.372264] Call Trace: [ 37.374822] [ 37.376862] [] dump_stack+0xc1/0x128 [ 37.382240] [] print_usage_bug.cold.40+0x44e/0x57e [ 37.388806] [] mark_lock+0x2f2/0x1290 [ 37.394227] [] ? print_irq_inversion_bug+0x90/0x90 [ 37.400776] [] __lock_acquire+0x1084/0x4a10 [ 37.406734] [] ? hrtimer_interrupt+0x338/0x430 [ 37.412943] [] ? check_preemption_disabled+0x3b/0x200 [ 37.419830] [] ? retint_kernel+0x2d/0x2d [ 37.425523] [] ? trace_hardirqs_on_caller+0x266/0x590 [ 37.432338] [] ? trace_hardirqs_on+0x10/0x10 [ 37.438384] [] ? check_preemption_disabled+0x3b/0x200 [ 37.445193] [] ? retint_kernel+0x2d/0x2d [ 37.450875] [] ? dump_stack+0x105/0x128 [ 37.456479] [] ? dump_stack+0x10f/0x128 [ 37.462121] [] lock_acquire+0x130/0x3e0 [ 37.467733] [] ? __generic_file_fsync+0xc1/0x1a0 [ 37.474116] [] down_write+0x41/0xa0 [ 37.479364] [] ? __generic_file_fsync+0xc1/0x1a0 [ 37.485788] [] __generic_file_fsync+0xc1/0x1a0 [ 37.492003] [] ext4_sync_file+0x659/0x10a0 [ 37.497864] [] ? ext4_llseek+0x8e0/0x8e0 [ 37.503547] [] vfs_fsync_range+0x10c/0x260 [ 37.509410] [] dio_complete+0x512/0x6c0 [ 37.515010] [] ? trace_hardirqs_on_caller+0x266/0x590 [ 37.521822] [] ? ext4_update_bh_state+0xf0/0xf0 [ 37.528112] [] dio_bio_end_aio+0x11c/0x370 [ 37.533971] [] ? dio_complete+0x6c0/0x6c0 [ 37.539742] [] bio_endio+0x1a5/0x1f0 [ 37.545077] [] blk_update_request+0x248/0x9b0 [ 37.551193] [] scsi_end_request+0x9d/0x5c0 [ 37.557049] [] scsi_io_completion+0x273/0x17a0 [ 37.563253] [] ? scsi_unblock_requests+0x50/0x50 [ 37.569764] [] ? check_preemption_disabled+0x3b/0x200 [ 37.576692] [] ? scsi_handle_queue_ramp_up+0x32a/0x430 [ 37.583597] [] ? sd_completed_bytes+0x3f0/0x3f0 [ 37.589890] [] scsi_finish_command+0x3ba/0x530 [ 37.596099] [] scsi_softirq_done+0x250/0x360 [ 37.602128] [] ? trace_hardirqs_on_caller+0x266/0x590 [ 37.609094] [] blk_done_softirq+0x27d/0x3e0 [ 37.615054] [] ? handle_edge_irq+0x331/0x900 [ 37.621088] [] ? trigger_softirq+0x210/0x210 [ 37.627145] [] __do_softirq+0x20e/0x964 [ 37.632741] [] ? check_preemption_disabled+0x3b/0x200 [ 37.639555] [] irq_exit+0x11c/0x150 [ 37.644802] [] do_IRQ+0x10d/0x1c0 [ 37.649878] [] common_interrupt+0x9d/0x9d [ 37.655712] [ 37.657761] [] ? native_safe_halt+0x6/0x10 [ 37.663651] [] default_idle+0x55/0x360 [ 37.669161] [] arch_cpu_idle+0x10/0x20 [ 37.674669] [] default_idle_call+0x45/0x60 [ 37.680536] [] cpu_startup_entry+0x2b5/0x380 [ 37.686565] [] ? cpu_in_idle+0x20/0x20 [ 37.692074] [] rest_init+0x183/0x189 [ 37.697419] [] ? trace_event_define_fields_x86_irq_vector+0x2c/0x2c [ 37.705525] [] start_kernel+0x5fb/0x62f [ 37.711130] [] ? thread_stack_cache_init+0xb/0xb [ 37.717520] [] ? early_idt_handler_array+0x120/0x120 [ 37.724249] [] x86_64_start_reservations+0x29/0x2b [ 37.730806] [] x86_64_start_kernel+0x13a/0x15d [ 37.737184] BUG: scheduling while atomic: swapper/0/0/0x00000102 [ 37.743329] INFO: lockdep is turned off. [ 37.747363] Modules linked in: [ 37.750676] Preemption disabled at:[ 37.754120] [] schedule_preempt_disabled+0x1d/0x20 [ 37.760636] Kernel panic - not syncing: scheduling while atomic [ 37.760636] [ 37.768154] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 4.9.141+ #1 [ 37.775586] ffff8801db6075e0 ffffffff81b42e79 ffffffff82a47a40 00000000ffffffff [ 37.783615] ffffffff82809400 0000000000000000 ffffffff83029180 ffff8801db6076a0 [ 37.791602] ffffffff813f7125 0000000041b58ab3 ffffffff82e2b62b ffffffff813f6f66 [ 37.799674] Call Trace: [ 37.802246] [ 37.804296] [] dump_stack+0xc1/0x128 [ 37.809658] [] ? preempt_schedule_notrace+0x70/0x100 [ 37.816387] [] panic+0x1bf/0x39f [ 37.821376] [] ? add_taint.cold.5+0x16/0x16 [ 37.827321] [] ? vprintk_emit+0x272/0x790 [ 37.833091] [] ? vprintk_emit+0x272/0x790 [ 37.838864] [] ? schedule_preempt_disabled+0x1d/0x20 [ 37.845592] [] __schedule_bug.cold.30+0x8d/0x8d [ 37.851983] [] __schedule+0xfec/0x1b10 [ 37.857505] [] ? trace_hardirqs_on+0x10/0x10 [ 37.863545] [] ? blk_queue_bio+0x51d/0xc40 [ 37.869407] [] schedule+0x7f/0x1b0 [ 37.874570] [] schedule_timeout+0x735/0xe20 [ 37.880515] [] ? trace_hardirqs_on+0x10/0x10 [ 37.886581] [] ? usleep_range+0x140/0x140 [ 37.892407] [] ? kvm_clock_read+0x23/0x40 [ 37.898198] [] ? kvm_clock_get_cycles+0x9/0x10 [ 37.904409] [] ? ktime_get+0x185/0x1e0 [ 37.909923] [] ? __delayacct_blkio_start+0x41/0x80 [ 37.916476] [] io_schedule_timeout+0x1ba/0x390 [ 37.922689] [] wait_for_common_io.constprop.1+0x297/0x4b0 [ 37.929849] [] ? wait_for_completion_killable_timeout+0x10/0x10 [ 37.937529] [] ? wake_up_q+0xe0/0xe0 [ 37.942866] [] ? lockdep_init_map+0x105/0x4f0 [ 37.948986] [] wait_for_completion_io+0x13/0x20 [ 37.955333] [] submit_bio_wait+0x112/0x180 [ 37.961206] [] ? submit_bio_wait_endio+0xb0/0xb0 [ 37.967590] [] blkdev_issue_flush+0x152/0x220 [ 37.973815] [] ext4_sync_file+0xb3e/0x10a0 [ 37.979674] [] ? ext4_llseek+0x8e0/0x8e0 [ 37.985366] [] vfs_fsync_range+0x10c/0x260 [ 37.991227] [] dio_complete+0x512/0x6c0 [ 37.996831] [] ? trace_hardirqs_on_caller+0x266/0x590 [ 38.003652] [] ? ext4_update_bh_state+0xf0/0xf0 [ 38.009945] [] dio_bio_end_aio+0x11c/0x370 [ 38.015802] [] ? dio_complete+0x6c0/0x6c0 [ 38.021575] [] bio_endio+0x1a5/0x1f0 [ 38.026913] [] blk_update_request+0x248/0x9b0 [ 38.033038] [] scsi_end_request+0x9d/0x5c0 [ 38.038908] [] scsi_io_completion+0x273/0x17a0 [ 38.045122] [] ? scsi_unblock_requests+0x50/0x50 [ 38.051511] [] ? check_preemption_disabled+0x3b/0x200 [ 38.058334] [] ? scsi_handle_queue_ramp_up+0x32a/0x430 [ 38.065238] [] ? sd_completed_bytes+0x3f0/0x3f0 [ 38.071530] [] scsi_finish_command+0x3ba/0x530 [ 38.077739] [] scsi_softirq_done+0x250/0x360 [ 38.083772] [] ? trace_hardirqs_on_caller+0x266/0x590 [ 38.090703] [] blk_done_softirq+0x27d/0x3e0 [ 38.096651] [] ? handle_edge_irq+0x331/0x900 [ 38.102680] [] ? trigger_softirq+0x210/0x210 [ 38.108718] [] __do_softirq+0x20e/0x964 [ 38.114316] [] ? check_preemption_disabled+0x3b/0x200 [ 38.121129] [] irq_exit+0x11c/0x150 [ 38.126380] [] do_IRQ+0x10d/0x1c0 [ 38.131454] [] common_interrupt+0x9d/0x9d [ 38.137223] [ 38.139264] [] ? native_safe_halt+0x6/0x10 [ 38.145140] [] default_idle+0x55/0x360 [ 38.150761] [] arch_cpu_idle+0x10/0x20 [ 38.156279] [] default_idle_call+0x45/0x60 [ 38.162143] [] cpu_startup_entry+0x2b5/0x380 [ 38.168174] [] ? cpu_in_idle+0x20/0x20 [ 38.173751] [] rest_init+0x183/0x189 [ 38.179096] [] ? trace_event_define_fields_x86_irq_vector+0x2c/0x2c [ 38.187125] [] start_kernel+0x5fb/0x62f [ 38.192762] [] ? thread_stack_cache_init+0xb/0xb [ 38.199255] [] ? early_idt_handler_array+0x120/0x120 [ 38.205986] [] x86_64_start_reservations+0x29/0x2b [ 38.212549] [] x86_64_start_kernel+0x13a/0x15d [ 38.219069] Kernel Offset: disabled [ 38.222679] Rebooting in 86400 seconds..