[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 15.812662] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 21.224855] random: sshd: uninitialized urandom read (32 bytes read) [ 21.724207] random: sshd: uninitialized urandom read (32 bytes read) [ 22.447539] random: sshd: uninitialized urandom read (32 bytes read) [ 408.409618] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.19' (ECDSA) to the list of known hosts. [ 413.877900] random: sshd: uninitialized urandom read (32 bytes read) executing program [ 574.431129] INFO: task syz-executor280:4462 blocked for more than 140 seconds. [ 574.438549] Not tainted 4.18.0-rc5-next-20180720+ #12 [ 574.444275] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 574.452241] syz-executor280 D23544 4462 4459 0x00000004 [ 574.457942] Call Trace: [ 574.460615] __schedule+0x87c/0x1ea0 [ 574.464354] ? __sched_text_start+0x8/0x8 [ 574.468497] ? cpuacct_css_alloc+0x160/0x160 [ 574.472914] ? trace_hardirqs_on+0x10/0x10 [ 574.477140] ? update_curr+0x4e7/0xc00 [ 574.481032] ? __account_cfs_rq_runtime+0x770/0x770 [ 574.486219] ? __sanitizer_cov_trace_const_cmp8+0x10/0x20 [ 574.491758] ? trace_hardirqs_on+0x10/0x10 [ 574.495987] ? trace_hardirqs_on+0x10/0x10 [ 574.500225] ? reweight_entity+0x1100/0x1100 [ 574.504628] schedule+0xfb/0x450 [ 574.507999] ? lock_downgrade+0x8f0/0x8f0 [ 574.512158] ? __schedule+0x1ea0/0x1ea0 [ 574.516144] ? kasan_check_read+0x11/0x20 [ 574.520441] ? do_raw_spin_unlock+0xa7/0x2f0 [ 574.524847] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 574.529424] ? kasan_check_write+0x14/0x20 [ 574.533656] ? do_raw_spin_lock+0xc1/0x200 [ 574.537882] __rwsem_down_write_failed_common+0x95d/0x1630 [ 574.543504] ? rwsem_spin_on_owner+0xa40/0xa40 [ 574.548080] ? trace_hardirqs_on+0x10/0x10 [ 574.552318] ? bpf_prog_kallsyms_find+0xde/0x4c0 [ 574.557072] ? trace_hardirqs_on+0x10/0x10 [ 574.561315] ? lock_acquire+0x1e4/0x540 [ 574.565283] ? is_bpf_text_address+0xae/0x170 [ 574.569784] ? trace_hardirqs_on+0x10/0x10 [ 574.574024] ? lock_acquire+0x1e4/0x540 [ 574.578000] ? depot_save_stack+0x291/0x470 [ 574.582333] ? lock_downgrade+0x8f0/0x8f0 [ 574.586490] ? kasan_check_read+0x11/0x20 [ 574.590633] ? do_raw_spin_unlock+0xa7/0x2f0 [ 574.595039] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 574.599622] ? kasan_check_write+0x14/0x20 [ 574.603852] ? do_raw_spin_lock+0xc1/0x200 [ 574.608080] ? trace_hardirqs_on+0xd/0x10 [ 574.612226] ? depot_save_stack+0x291/0x470 [ 574.616545] ? save_stack+0xa9/0xd0 [ 574.620172] ? lock_acquire+0x1e4/0x540 [ 574.624145] ? find_inode.isra.20+0x188/0x1d0 [ 574.628648] ? lock_downgrade+0x8f0/0x8f0 [ 574.632785] ? lock_acquire+0x1e4/0x540 [ 574.636760] ? fuse_reverse_inval_entry+0xae/0x6d0 [ 574.641681] ? do_raw_spin_unlock+0xa7/0x2f0 [ 574.646085] ? lock_release+0xa30/0xa30 [ 574.650047] ? check_same_owner+0x340/0x340 [ 574.654363] ? kasan_check_read+0x11/0x20 [ 574.658506] rwsem_down_write_failed+0xe/0x10 [ 574.662998] ? rwsem_down_write_failed+0xe/0x10 [ 574.667657] call_rwsem_down_write_failed+0x17/0x30 [ 574.672672] down_write+0xaa/0x130 [ 574.676204] ? fuse_reverse_inval_entry+0xae/0x6d0 [ 574.681133] ? down_read+0x1d0/0x1d0 [ 574.684838] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 574.690383] ? ilookup5+0x103/0x140 [ 574.693997] ? fuse_init_file_inode+0x70/0x70 [ 574.698497] fuse_reverse_inval_entry+0xae/0x6d0 [ 574.703244] ? fuse_update_attributes+0xd0/0xd0 [ 574.707909] fuse_dev_do_write+0x2b91/0x36f0 [ 574.712312] ? refill_pi_state_cache.part.8+0x320/0x320 [ 574.717675] ? kasan_check_write+0x14/0x20 [ 574.721898] ? do_raw_spin_lock+0xc1/0x200 [ 574.726129] ? fuse_dev_read+0x250/0x250 [ 574.730182] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 574.735192] ? futex_wait_setup+0x281/0x410 [ 574.739503] ? trace_hardirqs_on+0x10/0x10 [ 574.743729] ? futex_wake+0x760/0x760 [ 574.747521] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 574.753079] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 574.758285] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 574.763821] ? drop_futex_key_refs.isra.14+0x6d/0xe0 [ 574.768919] ? futex_wait+0x5d2/0xa20 [ 574.772713] ? end_requests+0x460/0x460 [ 574.776680] ? futex_wait_setup+0x410/0x410 [ 574.780998] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 574.786529] ? drop_futex_key_refs.isra.14+0x6d/0xe0 [ 574.791628] ? futex_wake+0x304/0x760 [ 574.795425] ? is_bpf_text_address+0xd7/0x170 [ 574.799920] ? lock_acquire+0x1e4/0x540 [ 574.803886] ? __fget+0x4ac/0x740 [ 574.807331] ? lock_downgrade+0x8f0/0x8f0 [ 574.811470] ? lock_release+0xa30/0xa30 [ 574.815443] ? exit_robust_list+0x290/0x290 [ 574.819761] ? kasan_check_read+0x11/0x20 [ 574.823915] ? __fget+0x4d5/0x740 [ 574.827357] ? memset+0x31/0x40 [ 574.830628] fuse_dev_write+0x19a/0x240 [ 574.834594] ? fuse_dev_splice_write+0xe60/0xe60 [ 574.839343] ? fuse_dev_splice_read+0x840/0x840 [ 574.844010] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 574.849558] ? iov_iter_init+0xc9/0x1f0 [ 574.853540] __vfs_write+0x6af/0x9d0 [ 574.857249] ? kernel_read+0x120/0x120 [ 574.861138] ? vfs_copy_file_range+0xba0/0xba0 [ 574.865716] ? fsnotify_first_mark+0x350/0x350 [ 574.870300] ? fsnotify+0x14e0/0x14e0 [ 574.874093] ? rw_verify_area+0x118/0x360 [ 574.878235] vfs_write+0x1fc/0x560 [ 574.881766] ksys_write+0x101/0x260 [ 574.885397] ? __ia32_sys_read+0xb0/0xb0 [ 574.889452] ? ksys_mount+0xa8/0x140 [ 574.893160] __x64_sys_write+0x73/0xb0 [ 574.897041] do_syscall_64+0x1b9/0x820 [ 574.900920] ? finish_task_switch+0x1d3/0x870 [ 574.905407] ? syscall_return_slowpath+0x5e0/0x5e0 [ 574.910330] ? syscall_return_slowpath+0x31d/0x5e0 [ 574.915257] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 574.920279] ? prepare_exit_to_usermode+0x291/0x3b0 [ 574.925293] ? perf_trace_sys_enter+0xb10/0xb10 [ 574.929964] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 574.934803] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 574.939989] RIP: 0033:0x445869 [ 574.943167] Code: Bad RIP value. [ 574.946531] RSP: 002b:00007fd769700da8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 574.954238] RAX: ffffffffffffffda RBX: 00000000006dac24 RCX: 0000000000445869 [ 574.961506] RDX: 0000000000000029 RSI: 00000000200000c0 RDI: 0000000000000003 [ 574.968773] RBP: 00000000006dac20 R08: 0000000000000000 R09: 0000000000000000 [ 574.976041] R10: 0000000000000000 R11: 0000000000000246 R12: 0030656c69662f2e [ 574.983307] R13: 64695f70756f7267 R14: 2f30656c69662f2e R15: 0000000000000001 [ 574.990672] INFO: task syz-executor280:4463 blocked for more than 140 seconds. [ 574.998028] Not tainted 4.18.0-rc5-next-20180720+ #12 [ 575.003732] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 575.011697] syz-executor280 D25872 4463 4459 0x00000004 [ 575.017326] Call Trace: [ 575.019912] __schedule+0x87c/0x1ea0 [ 575.023642] ? __sched_text_start+0x8/0x8 [ 575.027794] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 575.032379] ? kasan_check_write+0x14/0x20 [ 575.036614] ? do_raw_spin_lock+0xc1/0x200 [ 575.040863] ? trace_hardirqs_on+0xd/0x10 [ 575.045025] ? prepare_to_wait_event+0x396/0xc70 [ 575.049778] ? prepare_to_wait_exclusive+0x550/0x550 [ 575.054879] ? send_sigio+0x340/0x340 [ 575.058675] ? do_raw_spin_unlock+0xa7/0x2f0 [ 575.063076] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 575.067655] schedule+0xfb/0x450 [ 575.071017] ? lock_downgrade+0x8f0/0x8f0 [ 575.075158] ? __schedule+0x1ea0/0x1ea0 [ 575.079128] ? check_same_owner+0x340/0x340 [ 575.083451] ? do_raw_spin_unlock+0xa7/0x2f0 [ 575.087854] ? replenish_dl_entity.cold.54+0x37/0x37 [ 575.092955] request_wait_answer+0x4c8/0x920 [ 575.097358] ? fuse_read_forget.isra.22+0xdc0/0xdc0 [ 575.102368] ? finish_wait+0x430/0x430 [ 575.106246] ? send_sigio+0x340/0x340 [ 575.110044] ? lock_acquire+0x1e4/0x540 [ 575.114021] ? finish_wait+0x430/0x430 [ 575.117914] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 575.123355] ? finish_wait+0x430/0x430 [ 575.127238] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 575.131814] ? fuse_dev_ioctl+0x430/0x430 [ 575.135961] ? kasan_check_write+0x14/0x20 [ 575.140188] ? do_raw_spin_lock+0xc1/0x200 [ 575.144418] __fuse_request_send+0x12a/0x1d0 [ 575.148822] fuse_request_send+0x62/0xa0 [ 575.152879] fuse_simple_request+0x33d/0x730 [ 575.157280] fuse_lookup_name+0x3ee/0x830 [ 575.161425] ? fuse_valid_type+0xb0/0xb0 [ 575.165485] ? mutex_lock_nested+0x16/0x20 [ 575.169719] fuse_lookup+0xff/0x4c0 [ 575.173337] ? fuse_lookup_name+0x830/0x830 [ 575.177655] ? kasan_check_write+0x14/0x20 [ 575.181884] ? do_raw_spin_lock+0xc1/0x200 [ 575.186120] __lookup_hash+0x12e/0x190 [ 575.190006] filename_create+0x1e5/0x5b0 [ 575.194077] ? kern_path_mountpoint+0x40/0x40 [ 575.198574] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 575.204104] ? getname_flags+0x26e/0x5a0 [ 575.208170] do_mkdirat+0xda/0x310 [ 575.211702] ? __ia32_sys_mknod+0xb0/0xb0 [ 575.215847] __x64_sys_mkdirat+0x76/0xb0 [ 575.219903] do_syscall_64+0x1b9/0x820 [ 575.223792] ? syscall_return_slowpath+0x5e0/0x5e0 [ 575.228712] ? syscall_return_slowpath+0x31d/0x5e0 [ 575.233638] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 575.238651] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 575.243496] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 575.248678] RIP: 0033:0x445869 [ 575.251857] Code: Bad RIP value. [ 575.255219] RSP: 002b:00007fd7696dfda8 EFLAGS: 00000297 ORIG_RAX: 0000000000000102 [ 575.262963] RAX: ffffffffffffffda RBX: 00000000006dac3c RCX: 0000000000445869 [ 575.270225] RDX: 0000000000000000 RSI: 0000000020000500 RDI: 00000000ffffff9c [ 575.277496] RBP: 00000000006dac38 R08: 0000000000000000 R09: 0000000000000000 [ 575.284760] R10: 0000000000000000 R11: 0000000000000297 R12: 0030656c69662f2e [ 575.292025] R13: 64695f70756f7267 R14: 2f30656c69662f2e R15: 0000000000000001 [ 575.299557] INFO: lockdep is turned off. [ 575.303613] NMI backtrace for cpu 0 [ 575.307234] CPU: 0 PID: 900 Comm: khungtaskd Not tainted 4.18.0-rc5-next-20180720+ #12 [ 575.315262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 575.324589] Call Trace: [ 575.327211] dump_stack+0x1c9/0x2b4 [ 575.330824] ? dump_stack_print_info.cold.2+0x52/0x52 [ 575.336089] ? vprintk_default+0x28/0x30 [ 575.340131] ? lapic_can_unplug_cpu.cold.28+0x3f/0x3f [ 575.345300] nmi_cpu_backtrace.cold.3+0x48/0x88 [ 575.349947] ? lapic_can_unplug_cpu.cold.28+0x3f/0x3f [ 575.355126] nmi_trigger_cpumask_backtrace+0x151/0x192 [ 575.360381] arch_trigger_cpumask_backtrace+0x14/0x20 [ 575.365558] watchdog+0xb39/0x10b0 [ 575.369078] ? reset_hung_task_detector+0xd0/0xd0 [ 575.373904] ? kasan_check_read+0x11/0x20 [ 575.378030] ? do_raw_spin_unlock+0xa7/0x2f0 [ 575.382419] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 575.387508] ? __kthread_parkme+0x58/0x1b0 [ 575.391721] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 575.396714] ? trace_hardirqs_on+0xd/0x10 [ 575.400858] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 575.406380] ? __kthread_parkme+0x106/0x1b0 [ 575.410677] kthread+0x345/0x410 [ 575.414019] ? reset_hung_task_detector+0xd0/0xd0 [ 575.418837] ? kthread_bind+0x40/0x40 [ 575.422615] ret_from_fork+0x3a/0x50 [ 575.426352] Sending NMI from CPU 0 to CPUs 1: [ 575.430875] NMI backtrace for cpu 1 skipped: idling at native_safe_halt+0x6/0x10 [ 575.431851] Kernel panic - not syncing: hung_task: blocked tasks [ 575.444542] CPU: 0 PID: 900 Comm: khungtaskd Not tainted 4.18.0-rc5-next-20180720+ #12 [ 575.452581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 575.461919] Call Trace: [ 575.464500] dump_stack+0x1c9/0x2b4 [ 575.468104] ? dump_stack_print_info.cold.2+0x52/0x52 [ 575.473271] ? printk_safe_log_store+0x2f0/0x2f0 [ 575.478016] panic+0x238/0x4e7 [ 575.481188] ? add_taint.cold.5+0x16/0x16 [ 575.485314] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 575.490830] ? nmi_trigger_cpumask_backtrace+0x13a/0x192 [ 575.496266] ? printk_safe_flush+0xd7/0x130 [ 575.500567] watchdog+0xb4a/0x10b0 [ 575.504089] ? reset_hung_task_detector+0xd0/0xd0 [ 575.508916] ? kasan_check_read+0x11/0x20 [ 575.513062] ? do_raw_spin_unlock+0xa7/0x2f0 [ 575.517452] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 575.522532] ? __kthread_parkme+0x58/0x1b0 [ 575.526744] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 575.531737] ? trace_hardirqs_on+0xd/0x10 [ 575.535862] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 575.541376] ? __kthread_parkme+0x106/0x1b0 [ 575.545673] kthread+0x345/0x410 [ 575.549028] ? reset_hung_task_detector+0xd0/0xd0 [ 575.553846] ? kthread_bind+0x40/0x40 [ 575.557623] ret_from_fork+0x3a/0x50 [ 575.561709] Dumping ftrace buffer: [ 575.565234] (ftrace buffer empty) [ 575.568919] Kernel Offset: disabled [ 575.572532] Rebooting in 86400 seconds..