[....] Starting periodic command scheduler: cron�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[ 13.925453] random: sshd: uninitialized urandom read (32 bytes read)
�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
Debian GNU/Linux 7 syzkaller ttyS0
syzkaller login: [ 18.072509] random: sshd: uninitialized urandom read (32 bytes read)
[ 18.396425] random: sshd: uninitialized urandom read (32 bytes read)
[ 19.165900] random: sshd: uninitialized urandom read (32 bytes read)
[ 19.301868] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.10.43' (ECDSA) to the list of known hosts.
[ 24.766381] random: sshd: uninitialized urandom read (32 bytes read)
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[ 24.881725] BUG: sleeping function called from invalid context at net/core/sock.c:2502
[ 24.889833] in_atomic(): 1, irqs_disabled(): 0, pid: 3807, name: syz-executor684
[ 24.897366] 2 locks held by syz-executor684/3807:
[ 24.902204] #0: (&mm->mmap_sem){++++++}, at: [<ffffffff810d977b>] __do_page_fault+0x36b/0xd50
[ 24.911539] #1: (rcu_callback){......}, at: [<ffffffff8128586e>] rcu_process_callbacks+0x98e/0x12b0
[ 24.921375] Preemption disabled at:[ 24.924825] [<ffffffff814d19d8>] clear_huge_page+0x98/0x470
[ 24.930544] CPU: 1 PID: 3807 Comm: syz-executor684 Not tainted 4.9.96-g71fce1e #10
[ 24.938221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 24.947555] ffff8801db307cd8 ffffffff81eb0b69 ffffffff814d19d8 0000000000000000
[ 24.955569] 0000000000000101 ffff8801b6f50000 ffff8801b6f50000 ffff8801db307d10
[ 24.963570] ffffffff81422310 ffff8801b6f50000 ffffffff83ef5aa0 00000000000009c6
[ 24.971597] Call Trace:
[ 24.974157] <IRQ> [ 24.976206] [<ffffffff81eb0b69>] dump_stack+0xc1/0x128
[ 24.981582] [<ffffffff814d19d8>] ? clear_huge_page+0x98/0x470
[ 24.987552] [<ffffffff81422310>] ___might_sleep.cold.123+0x1bc/0x1f5
[ 24.994115] [<ffffffff811b9335>] __might_sleep+0x95/0x1a0
[ 24.999723] [<ffffffff81233ae6>] ? trace_hardirqs_on_caller+0x266/0x590
[ 25.006547] [<ffffffff8301f614>] lock_sock_nested+0x34/0x120
[ 25.012413] [<ffffffff8341b189>] inet_shutdown+0x69/0x360
[ 25.018015] [<ffffffff836bd2a0>] ? pppol2tp_recvmsg+0x280/0x280
[ 25.024140] [<ffffffff836bd340>] pppol2tp_session_close+0xa0/0xe0
[ 25.030439] [<ffffffff836b6b71>] l2tp_tunnel_closeall+0x231/0x350
[ 25.036921] [<ffffffff836b73f2>] l2tp_tunnel_destruct+0x2f2/0x590
[ 25.043213] [<ffffffff836b72aa>] ? l2tp_tunnel_destruct+0x1aa/0x590
[ 25.049686] [<ffffffff836b7100>] ? l2tp_tunnel_del_work+0x470/0x470
[ 25.056161] [<ffffffff8301c095>] __sk_destruct+0x55/0x590
[ 25.061853] [<ffffffff8128578e>] rcu_process_callbacks+0x8ae/0x12b0
[ 25.068316] [<ffffffff8128586e>] ? rcu_process_callbacks+0x98e/0x12b0
[ 25.074975] [<ffffffff8301c040>] ? sock_set_timeout+0x210/0x210
[ 25.081100] [<ffffffff839f9efb>] __do_softirq+0x20b/0x937
[ 25.086701] [<ffffffff81149037>] irq_exit+0x147/0x190
[ 25.091955] [<ffffffff839f8ae1>] smp_apic_timer_interrupt+0x81/0xa0
[ 25.098436] [<ffffffff839f4c70>] apic_timer_interrupt+0xa0/0xb0
[ 25.104564] <EOI> [ 25.106618] [<ffffffff81ede9f7>] ? clear_page_c_e+0x7/0x10
[ 25.112334] [<ffffffff814d1a1c>] ? clear_huge_page+0xdc/0x470
[ 25.118282] [<ffffffff812412ed>] ? __raw_spin_lock_init+0x2d/0x100
[ 25.124661] [<ffffffff81543cb7>] do_huge_pmd_anonymous_page+0x3c7/0x10f0
[ 25.131570] [<ffffffff814cedee>] handle_mm_fault+0x1a9e/0x28e0
[ 25.137612] [<ffffffff81cf030f>] ? security_socket_connect+0x8f/0xc0
[ 25.144167] [<ffffffff814cd350>] ? vm_insert_mixed+0x200/0x200
[ 25.150201] [<ffffffff8122e3f2>] ? __lock_is_held+0xa2/0xf0
[ 25.155975] [<ffffffff810d99bf>] __do_page_fault+0x5af/0xd50
[ 25.161833] [<ffffffff810d9410>] ? mm_fault_error+0x2c0/0x2c0
[ 25.167778] [<ffffffff81003036>] ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 25.174441] [<ffffffff810da187>] do_page_fault+0x27/0x30
[ 25.179964] [<ffffffff839f4488>] page_fault+0x28/0x30
[ 25.185262]
[ 25.186875] =================================
[ 25.191338] [ INFO: inconsistent lock state ]
[ 25.195809] 4.9.96-g71fce1e #10 Tainted: G W
[ 25.201326] ---------------------------------
[ 25.205808] inconsistent {SOFTIRQ-ON-W} -> {IN-SOFTIRQ-W} usage.
[ 25.211932] syz-executor684/3807 [HC0[0]:SC1[3]:HE1:SE0] takes:
[ 25.217958] (sk_lock-AF_PPPOX){+.?.+.}, at: [<ffffffff8341b189>] inet_shutdown+0x69/0x360
{SOFTIRQ-ON-W} state was registered at:
[ 25.230585] mark_held_locks+0xc7/0x130
[ 25.234640] trace_hardirqs_on_caller+0x38b/0x590
[ 25.239541] trace_hardirqs_on+0xd/0x10
[ 25.243575] __local_bh_enable_ip+0x6a/0xd0
[ 25.247959] lock_sock_nested+0xdc/0x120
[ 25.252081] pppol2tp_connect+0xd8/0x18e0
[ 25.256290] SYSC_connect+0x1b8/0x300
[ 25.260150] SyS_connect+0x24/0x30
[ 25.263753] do_syscall_64+0x1a6/0x490
[ 25.267711] entry_SYSCALL_64_after_swapgs+0x5d/0xdb
[ 25.272870] irq event stamp: 812
[ 25.276297] hardirqs last enabled at (812): [<ffffffff839f3ca9>] restore_regs_and_iret+0x0/0x1d
[ 25.285205] hardirqs last disabled at (811): [<ffffffff839f4c6b>] apic_timer_interrupt+0x9b/0xb0
[ 25.294102] softirqs last enabled at (224): [<ffffffff8302009e>] release_sock+0x14e/0x1c0
[ 25.302479] softirqs last disabled at (237): [<ffffffff81149037>] irq_exit+0x147/0x190
[ 25.310500]
[ 25.310500] other info that might help us debug this:
[ 25.317137] Possible unsafe locking scenario:
[ 25.317137]
[ 25.323162] CPU0
[ 25.325712] ----
[ 25.328265] lock(sk_lock-AF_PPPOX);
[ 25.332284] <Interrupt>
[ 25.335015] lock(sk_lock-AF_PPPOX);
[ 25.339198]
[ 25.339198] *** DEADLOCK ***
[ 25.339198]
[ 25.345240] 2 locks held by syz-executor684/3807:
[ 25.350052] #0: (&mm->mmap_sem){++++++}, at: [<ffffffff810d977b>] __do_page_fault+0x36b/0xd50
[ 25.359360] #1: (rcu_callback){......}, at: [<ffffffff8128586e>] rcu_process_callbacks+0x98e/0x12b0
[ 25.369194]
[ 25.369194] stack backtrace:
[ 25.373754] CPU: 1 PID: 3807 Comm: syz-executor684 Tainted: G W 4.9.96-g71fce1e #10
[ 25.382648] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 25.391982] ffff8801db307a58 ffffffff81eb0b69 ffff8801b6f50000 ffffffff853eee60
[ 25.399986] ffff8801b6f50918 ffff8801b6f50938 0000000000000000 ffff8801db307ac8
[ 25.407973] ffffffff814256bb 0000000000000003 0000000000000001 ffff880100000000
[ 25.415970] Call Trace:
[ 25.418525] <IRQ> [ 25.420564] [<ffffffff81eb0b69>] dump_stack+0xc1/0x128
[ 25.425923] [<ffffffff814256bb>] print_usage_bug.cold.56+0x327/0x421
[ 25.433106] [<ffffffff8107ae56>] ? save_stack_trace+0x16/0x20
[ 25.439068] [<ffffffff81233196>] mark_lock+0xcc6/0x1280
[ 25.444510] [<ffffffff81231ac0>] ? check_usage_backwards+0x2e0/0x2e0
[ 25.451065] [<ffffffff812350c0>] __lock_acquire+0xd40/0x4070
[ 25.456929] [<ffffffff81234380>] ? debug_check_no_locks_freed+0x210/0x210
[ 25.463923] [<ffffffff81f185fb>] ? check_preemption_disabled+0x3b/0x170
[ 25.470758] [<ffffffff839f3ca9>] ? retint_kernel+0x2d/0x2d
[ 25.476708] [<ffffffff81238e60>] lock_acquire+0x130/0x3e0
[ 25.482319] [<ffffffff8341b189>] ? inet_shutdown+0x69/0x360
[ 25.488099] [<ffffffff8301f6a6>] lock_sock_nested+0xc6/0x120
[ 25.493956] [<ffffffff8341b189>] ? inet_shutdown+0x69/0x360
[ 25.499724] [<ffffffff8341b189>] inet_shutdown+0x69/0x360
[ 25.505328] [<ffffffff836bd2a0>] ? pppol2tp_recvmsg+0x280/0x280
[ 25.511443] [<ffffffff836bd340>] pppol2tp_session_close+0xa0/0xe0
[ 25.517733] [<ffffffff836b6b71>] l2tp_tunnel_closeall+0x231/0x350
[ 25.524025] [<ffffffff836b73f2>] l2tp_tunnel_destruct+0x2f2/0x590
[ 25.530316] [<ffffffff836b72aa>] ? l2tp_tunnel_destruct+0x1aa/0x590
[ 25.536786] [<ffffffff836b7100>] ? l2tp_tunnel_del_work+0x470/0x470
[ 25.543263] [<ffffffff8301c095>] __sk_destruct+0x55/0x590
[ 25.548867] [<ffffffff8128578e>] rcu_process_callbacks+0x8ae/0x12b0
[ 25.555337] [<ffffffff8128586e>] ? rcu_process_callbacks+0x98e/0x12b0
[ 25.561989] [<ffffffff8301c040>] ? sock_set_timeout+0x210/0x210
[ 25.568111] [<ffffffff839f9efb>] __do_softirq+0x20b/0x937
[ 25.573730] [<ffffffff81149037>] irq_exit+0x147/0x190
[ 25.579005] [<ffffffff839f8ae1>] smp_apic_timer_interrupt+0x81/0xa0
[ 25.585477] [<ffffffff839f4c70>] apic_timer_interrupt+0xa0/0xb0
[ 25.591612] <EOI> [ 25.593654] [<ffffffff81ede9f7>] ? clear_page_c_e+0x7/0x10
[ 25.599383] [<ffffffff814d1a1c>] ? clear_huge_page+0xdc/0x470
[ 25.605523] [<ffffffff812412ed>] ? __raw_spin_lock_init+0x2d/0x100
[ 25.611911] [<ffffffff81543cb7>] do_huge_pmd_anonymous_page+0x3c7/0x10f0
[ 25.618820] [<ffffffff814cedee>] handle_mm_fault+0x1a9e/0x28e0
[ 25.624853] [<ffffffff81cf030f>] ? security_socket_connect+0x8f/0xc0
[ 25.631410] [<ffffffff814cd350>] ? vm_insert_mixed+0x200/0x200
[ 25.637441] [<ffffffff8122e3f2>] ? __lock_is_held+0xa2/0xf0
[ 25.643215] [<ffffffff810d99bf>] __do_page_fault+0x5af/0xd50
[ 25.649078] [<ffffffff810d9410>] ? mm_fault_error+0x2c0/0x2c0
[ 25.655021] [<ffffffff81003036>] ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 25.661658] [<ffffffff810da187>] do_page_fault+0x27/0x30
[ 25.667168] [<ffffffff839f4488>] page_fault+0x28/0x30
[ 25.672446] ------------[ cut here ]------------
[ 25.677194] WARNING: CPU: 1 PID: 3807 at net/ipv4/af_inet.c:167 inet_sock_destruct+0x598/0x760
[ 25.685946] Kernel panic - not syncing: panic_on_warn set ...
[ 25.685946]
[ 25.693380] CPU: 1 PID: 3807 Comm: syz-executor684 Tainted: G W 4.9.96-g71fce1e #10
[ 25.702280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 25.711617] ffff8801db307cc0 ffffffff81eb0b69 ffffffff83a484a0 00000000ffffffff
[ 25.719656] 0000000000000000 0000000000000001 00000000000000a7 ffff8801db307d80
[ 25.727737] ffffffff8141f975 0000000041b58ab3 ffffffff841b8030 ffffffff8141f7b6
[ 25.735738] Call Trace:
[ 25.738304] <IRQ> [ 25.740355] [<ffffffff81eb0b69>] dump_stack+0xc1/0x128
[ 25.745712] [<ffffffff8141f975>] panic+0x1bf/0x3bc
[ 25.750704] [<ffffffff8141f7b6>] ? add_taint.cold.6+0x16/0x16
[ 25.757519] [<ffffffff8141fc46>] ? __warn.cold.9+0xa6/0x17f
[ 25.763295] [<ffffffff8341ec28>] ? inet_sock_destruct+0x598/0x760
[ 25.769591] [<ffffffff8141fc61>] __warn.cold.9+0xc1/0x17f
[ 25.775190] [<ffffffff836b6bef>] ? l2tp_tunnel_closeall+0x2af/0x350
[ 25.781668] [<ffffffff8113461c>] warn_slowpath_null+0x2c/0x40
[ 25.787632] [<ffffffff8341ec28>] inet_sock_destruct+0x598/0x760
[ 25.793772] [<ffffffff8341e690>] ? ipv4_mib_init_net+0x570/0x570
[ 25.799996] [<ffffffff836b7439>] l2tp_tunnel_destruct+0x339/0x590
[ 25.806311] [<ffffffff836b72aa>] ? l2tp_tunnel_destruct+0x1aa/0x590
[ 25.812797] [<ffffffff836b7100>] ? l2tp_tunnel_del_work+0x470/0x470
[ 25.819290] [<ffffffff8301c095>] __sk_destruct+0x55/0x590
[ 25.824916] [<ffffffff8128578e>] rcu_process_callbacks+0x8ae/0x12b0
[ 25.831395] [<ffffffff8128586e>] ? rcu_process_callbacks+0x98e/0x12b0
[ 25.838043] [<ffffffff8301c040>] ? sock_set_timeout+0x210/0x210
[ 25.844172] [<ffffffff839f9efb>] __do_softirq+0x20b/0x937
[ 25.849771] [<ffffffff81149037>] irq_exit+0x147/0x190
[ 25.855024] [<ffffffff839f8ae1>] smp_apic_timer_interrupt+0x81/0xa0
[ 25.861491] [<ffffffff839f4c70>] apic_timer_interrupt+0xa0/0xb0
[ 25.867620] <EOI> [ 25.869663] [<ffffffff81ede9f7>] ? clear_page_c_e+0x7/0x10
[ 25.875377] [<ffffffff814d1a1c>] ? clear_huge_page+0xdc/0x470
[ 25.881322] [<ffffffff812412ed>] ? __raw_spin_lock_init+0x2d/0x100
[ 25.887702] [<ffffffff81543cb7>] do_huge_pmd_anonymous_page+0x3c7/0x10f0
[ 25.894609] [<ffffffff814cedee>] handle_mm_fault+0x1a9e/0x28e0
[ 25.900645] [<ffffffff81cf030f>] ? security_socket_connect+0x8f/0xc0
[ 25.907290] [<ffffffff814cd350>] ? vm_insert_mixed+0x200/0x200
[ 25.913339] [<ffffffff8122e3f2>] ? __lock_is_held+0xa2/0xf0
[ 25.919122] [<ffffffff810d99bf>] __do_page_fault+0x5af/0xd50
[ 25.924991] [<ffffffff810d9410>] ? mm_fault_error+0x2c0/0x2c0
[ 25.930939] [<ffffffff81003036>] ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 25.937583] [<ffffffff810da187>] do_page_fault+0x27/0x30
[ 25.943102] [<ffffffff839f4488>] page_fault+0x28/0x30
[ 25.948995] Dumping ftrace buffer:
[ 25.952513] (ftrace buffer empty)
[ 25.956201] Kernel Offset: disabled
[ 25.959800] Rebooting in 86400 seconds..