[....] Starting periodic command scheduler: cron�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[ 18.515473] random: sshd: uninitialized urandom read (32 bytes read)
�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
Debian GNU/Linux 7 syzkaller ttyS0
syzkaller login: [ 22.379667] random: sshd: uninitialized urandom read (32 bytes read)
[ 22.695760] random: sshd: uninitialized urandom read (32 bytes read)
[ 23.578920] random: sshd: uninitialized urandom read (32 bytes read)
[ 700.437289] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.0.6' (ECDSA) to the list of known hosts.
[ 706.013680] random: sshd: uninitialized urandom read (32 bytes read)
executing program
[ 861.151162] INFO: task syz-executor483:4533 blocked for more than 140 seconds.
[ 861.158738] Not tainted 4.18.0-rc6+ #160
[ 861.163370] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 861.171363] syz-executor483 D23640 4533 4529 0x00000004
[ 861.177108] Call Trace:
[ 861.179785] __schedule+0x87c/0x1ed0
[ 861.183541] ? __sched_text_start+0x8/0x8
[ 861.187728] ? do_raw_spin_trylock+0x1c0/0x1c0
[ 861.192345] ? _raw_spin_unlock_irqrestore+0x74/0xc0
[ 861.197478] ? trace_hardirqs_on_caller+0x421/0x5c0
[ 861.202521] ? trace_hardirqs_on+0xd/0x10
[ 861.206707] ? prepare_to_wait_event+0x396/0xc70
[ 861.211485] ? prepare_to_wait_exclusive+0x550/0x550
[ 861.216612] schedule+0xfb/0x450
[ 861.219995] ? __schedule+0x1ed0/0x1ed0
[ 861.223986] ? check_same_owner+0x340/0x340
[ 861.228341] ? do_raw_spin_unlock+0xa7/0x2f0
[ 861.232764] ? replenish_dl_entity.cold.53+0x37/0x37
[ 861.237896] request_wait_answer+0x4c8/0x920
[ 861.242342] ? fuse_read_forget.isra.22+0xdc0/0xdc0
[ 861.247385] ? finish_wait+0x430/0x430
[ 861.251291] ? finish_wait+0x430/0x430
[ 861.255204] ? finish_wait+0x430/0x430
[ 861.259103] ? do_raw_spin_trylock+0x1c0/0x1c0
[ 861.263720] ? fuse_dev_ioctl+0x430/0x430
[ 861.267879] ? kasan_check_write+0x14/0x20
[ 861.272132] ? do_raw_spin_lock+0xc1/0x200
[ 861.276373] __fuse_request_send+0x12a/0x1d0
[ 861.280810] fuse_request_send+0x62/0xa0
[ 861.284881] fuse_simple_request+0x33d/0x730
[ 861.289320] fuse_lookup_name+0x3ee/0x830
[ 861.293483] ? fuse_valid_type+0xb0/0xb0
[ 861.297570] fuse_lookup+0xf9/0x4c0
[ 861.301205] ? fuse_lookup_name+0x830/0x830
[ 861.305548] ? __lockdep_init_map+0x105/0x590
[ 861.310088] __lookup_slow+0x2b5/0x540
[ 861.314008] ? vfs_unlink+0x510/0x510
[ 861.317835] ? down_read+0xb5/0x1d0
[ 861.321480] ? lookup_slow+0x49/0x80
[ 861.325210] ? __down_interruptible+0x700/0x700
[ 861.329898] ? lookup_fast+0x470/0x12a0
[ 861.333889] ? __follow_mount_rcu.isra.36.part.37+0x890/0x890
[ 861.339808] lookup_slow+0x57/0x80
[ 861.343364] walk_component+0x94a/0x2630
[ 861.347460] ? inode_permission+0xb2/0x560
[ 861.351708] ? path_init+0x2340/0x2340
[ 861.355623] ? walk_component+0x2630/0x2630
[ 861.359969] ? save_stack+0xa9/0xd0
[ 861.363614] ? save_stack+0x43/0xd0
[ 861.367266] ? kmem_cache_alloc+0x12e/0x760
[ 861.371611] ? getname_flags+0xd0/0x5a0
[ 861.375598] ? user_path_at_empty+0x2d/0x50
[ 861.379948] ? ksys_chroot+0xc0/0x2f0
[ 861.383775] path_lookupat.isra.45+0x202/0xbf0
[ 861.388395] ? find_held_lock+0x36/0x1c0
[ 861.392490] ? path_parentat.isra.43+0x160/0x160
[ 861.397294] ? __sanitizer_cov_trace_switch+0x53/0x90
[ 861.402509] ? __sanitizer_cov_trace_cmp8+0x18/0x20
[ 861.407551] ? __check_object_size+0x9d/0x5f2
[ 861.412071] ? usercopy_warn+0x120/0x120
[ 861.416159] ? kasan_check_read+0x11/0x20
[ 861.420321] ? do_raw_spin_unlock+0xa7/0x2f0
[ 861.424767] filename_lookup+0x264/0x510
[ 861.428866] ? filename_parentat.isra.58+0x570/0x570
[ 861.434010] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 861.439610] ? mpi_free.cold.1+0x19/0x19
[ 861.443707] ? find_held_lock+0x36/0x1c0
[ 861.447788] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 861.453363] ? getname_flags+0x26e/0x5a0
[ 861.457440] user_path_at_empty+0x40/0x50
[ 861.461618] ksys_chroot+0xc0/0x2f0
[ 861.465276] ? __ia32_sys_fchdir+0x1f0/0x1f0
[ 861.469715] ? do_raw_spin_trylock+0x1c0/0x1c0
[ 861.474319] ? _raw_spin_unlock_irq+0x27/0x70
[ 861.478846] ? do_syscall_64+0x9a/0x820
[ 861.482838] __x64_sys_chroot+0x31/0x40
[ 861.486936] do_syscall_64+0x1b9/0x820
[ 861.490832] ? syscall_return_slowpath+0x5e0/0x5e0
[ 861.495784] ? syscall_return_slowpath+0x31d/0x5e0
[ 861.500728] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[ 861.506118] ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 861.511005] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 861.516262] RIP: 0033:0x4457e9
[ 861.519482] Code: Bad RIP value.
[ 861.522878] RSP: 002b:00007f2009954da8 EFLAGS: 00000297 ORIG_RAX: 00000000000000a1
[ 861.530640] RAX: ffffffffffffffda RBX: 00000000006dac3c RCX: 00000000004457e9
[ 861.537928] RDX: 0000000000402534 RSI: c5ddecdc863f677d RDI: 0000000020000040
[ 861.545235] RBP: 00000000006dac38 R08: 00007f2009955700 R09: 0000000000000000
[ 861.552509] R10: 00007f2009955700 R11: 0000000000000297 R12: 0030656c69662f2e
[ 861.559805] R13: 65646f6d746f6f72 R14: 2f30656c69662f2e R15: 0000000000000001
[ 861.567105]
[ 861.567105] Showing all locks held in the system:
[ 861.573487] 1 lock held by khungtaskd/901:
[ 861.577741] #0: (____ptrval____) (rcu_read_lock){....}, at: debug_show_all_locks+0xd0/0x428
[ 861.586398] 1 lock held by rsyslogd/4414:
[ 861.590557] #0: (____ptrval____) (&f->f_pos_lock){+.+.}, at: __fdget_pos+0x1bb/0x200
[ 861.598595] 2 locks held by getty/4504:
[ 861.602575] #0: (____ptrval____) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40
[ 861.610859] #1: (____ptrval____) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0
[ 861.619763] 2 locks held by getty/4505:
[ 861.623756] #0: (____ptrval____) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40
[ 861.632046] #1: (____ptrval____) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0
[ 861.640942] 2 locks held by getty/4506:
[ 861.644929] #0: (____ptrval____) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40
[ 861.653220] #1: (____ptrval____) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0
[ 861.662109] 2 locks held by getty/4507:
[ 861.666103] #0: (____ptrval____) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40
[ 861.674378] #1: (____ptrval____) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0
[ 861.683273] 2 locks held by getty/4508:
[ 861.687283] #0: (____ptrval____) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40
[ 861.695568] #1: (____ptrval____) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0
[ 861.704445] 2 locks held by getty/4509:
[ 861.708445] #0: (____ptrval____) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40
[ 861.716736] #1: (____ptrval____) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0
[ 861.725664] 2 locks held by getty/4510:
[ 861.729647] #0: (____ptrval____) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40
[ 861.737948] #1: (____ptrval____) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0
[ 861.746842] 2 locks held by syz-executor483/4533:
[ 861.751707] #0: (____ptrval____) (&type->i_mutex_dir_key#3){.+.+}, at: lookup_slow+0x49/0x80
[ 861.760418] #1: (____ptrval____) (&fi->mutex){+.+.}, at: fuse_lock_inode+0xaf/0xe0
[ 861.768263]
[ 861.769892] =============================================
[ 861.769892]
[ 861.776930] NMI backtrace for cpu 1
[ 861.780574] CPU: 1 PID: 901 Comm: khungtaskd Not tainted 4.18.0-rc6+ #160
[ 861.787481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 861.796813] Call Trace:
[ 861.799446] dump_stack+0x1c9/0x2b4
[ 861.803071] ? dump_stack_print_info.cold.2+0x52/0x52
[ 861.808241] ? vprintk_default+0x28/0x30
[ 861.812310] nmi_cpu_backtrace.cold.4+0x19/0xce
[ 861.816956] ? rcu_report_qs_rnp+0x7a0/0x7a0
[ 861.821345] ? lapic_can_unplug_cpu.cold.27+0x3f/0x3f
[ 861.826521] nmi_trigger_cpumask_backtrace+0x151/0x192
[ 861.831785] arch_trigger_cpumask_backtrace+0x14/0x20
[ 861.836953] watchdog+0x9c4/0xf80
[ 861.840398] ? reset_hung_task_detector+0xd0/0xd0
[ 861.845239] ? kasan_check_read+0x11/0x20
[ 861.849367] ? do_raw_spin_unlock+0xa7/0x2f0
[ 861.853768] ? _raw_spin_unlock_irqrestore+0x74/0xc0
[ 861.858858] ? __kthread_parkme+0x58/0x1b0
[ 861.863106] ? trace_hardirqs_on_caller+0x421/0x5c0
[ 861.868121] ? trace_hardirqs_on+0xd/0x10
[ 861.872279] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 861.877818] ? __kthread_parkme+0x106/0x1b0
[ 861.882141] kthread+0x345/0x410
[ 861.885494] ? reset_hung_task_detector+0xd0/0xd0
[ 861.890326] ? kthread_bind+0x40/0x40
[ 861.894107] ret_from_fork+0x3a/0x50
[ 861.897885] Sending NMI from CPU 1 to CPUs 0:
[ 861.902439] NMI backtrace for cpu 0 skipped: idling at native_safe_halt+0x6/0x10
[ 861.903408] Kernel panic - not syncing: hung_task: blocked tasks
[ 861.916246] CPU: 1 PID: 901 Comm: khungtaskd Not tainted 4.18.0-rc6+ #160
[ 861.923162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 861.932754] Call Trace:
[ 861.935337] dump_stack+0x1c9/0x2b4
[ 861.938946] ? dump_stack_print_info.cold.2+0x52/0x52
[ 861.944201] ? printk_safe_log_store+0x2f0/0x2f0
[ 861.948950] panic+0x238/0x4e7
[ 861.952127] ? add_taint.cold.5+0x16/0x16
[ 861.956256] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 861.961774] ? nmi_trigger_cpumask_backtrace+0x13a/0x192
[ 861.967201] ? printk_safe_flush+0xd7/0x130
[ 861.971511] watchdog+0x9d5/0xf80
[ 861.974950] ? reset_hung_task_detector+0xd0/0xd0
[ 861.979775] ? kasan_check_read+0x11/0x20
[ 861.983900] ? do_raw_spin_unlock+0xa7/0x2f0
[ 861.988288] ? _raw_spin_unlock_irqrestore+0x74/0xc0
[ 861.993370] ? __kthread_parkme+0x58/0x1b0
[ 861.997597] ? trace_hardirqs_on_caller+0x421/0x5c0
[ 862.002594] ? trace_hardirqs_on+0xd/0x10
[ 862.006725] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 862.012255] ? __kthread_parkme+0x106/0x1b0
[ 862.016557] kthread+0x345/0x410
[ 862.019909] ? reset_hung_task_detector+0xd0/0xd0
[ 862.024739] ? kthread_bind+0x40/0x40
[ 862.028520] ret_from_fork+0x3a/0x50
[ 862.032823] Dumping ftrace buffer:
[ 862.036407] (ftrace buffer empty)
[ 862.040110] Kernel Offset: disabled
[ 862.043739] Rebooting in 86400 seconds..