[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[   19.841081] random: sshd: uninitialized urandom read (32 bytes read)
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   22.982176] random: sshd: uninitialized urandom read (32 bytes read)
[   23.319195] random: sshd: uninitialized urandom read (32 bytes read)
[   24.067749] random: sshd: uninitialized urandom read (32 bytes read)
[  463.455322] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.0.35' (ECDSA) to the list of known hosts.
[  468.984229] random: sshd: uninitialized urandom read (32 bytes read)
executing program
executing program
executing program
[  615.392150] INFO: task syz-executor325:4508 blocked for more than 120 seconds.
[  615.399725]       Not tainted 4.17.0-rc6+ #64
[  615.404257] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  615.412229] syz-executor325 D23216  4508   4506 0x00000000
[  615.417966] Call Trace:
[  615.420679]  __schedule+0x801/0x1e30
[  615.424418]  ? __sched_text_start+0x8/0x8
[  615.428643]  ? do_raw_spin_trylock+0x1b0/0x1b0
[  615.433359]  ? _raw_spin_unlock_irqrestore+0x74/0xc0
[  615.438476]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  615.443505]  ? trace_hardirqs_on+0xd/0x10
[  615.447668]  ? prepare_to_wait_event+0x38e/0xc50
[  615.452435]  ? prepare_to_wait_exclusive+0x540/0x540
[  615.457543]  ? find_held_lock+0x36/0x1c0
[  615.461622]  schedule+0xef/0x430
[  615.464996]  ? __schedule+0x1e30/0x1e30
[  615.469043]  ? check_same_owner+0x320/0x320
[  615.473388]  ? replenish_dl_entity.cold.53+0x37/0x37
[  615.478503]  ? __might_sleep+0x95/0x190
[  615.482536]  blk_mq_freeze_queue_wait+0x1ce/0x460
[  615.487398]  ? blk_mq_poll+0x930/0x930
[  615.491299]  ? blk_mq_run_hw_queue+0x119/0x390
[  615.495901]  ? blk_mq_run_work_fn+0x70/0x70
[  615.500235]  ? finish_wait+0x420/0x420
[  615.504145]  blk_freeze_queue+0x4a/0x80
[  615.508134]  blk_mq_freeze_queue+0x15/0x20
[  615.512444]  lo_ioctl+0xa9a/0x2130
[  615.516008]  ? lo_rw_aio_complete+0x430/0x430
[  615.520561]  blkdev_ioctl+0x9b6/0x2020
[  615.524472]  ? blkpg_ioctl+0xc40/0xc40
[  615.528385]  ? lock_downgrade+0x8e0/0x8e0
[  615.532618]  ? kasan_check_read+0x11/0x20
[  615.536804]  ? rcu_is_watching+0x85/0x140
[  615.540970]  ? rcu_pm_notify+0xc0/0xc0
[  615.544883]  ? vfs_writev+0x255/0x330
[  615.548720]  ? rcu_read_lock_sched_held+0x108/0x120
[  615.553746]  ? kfree+0x1e9/0x260
[  615.557125]  ? vfs_writev+0xfc/0x330
[  615.560871]  ? do_raw_spin_unlock+0x9e/0x2e0
[  615.565305]  ? vfs_iter_write+0xb0/0xb0
[  615.569322]  block_ioctl+0xee/0x130
[  615.572967]  ? blkdev_fallocate+0x400/0x400
[  615.577320]  do_vfs_ioctl+0x1cf/0x16a0
[  615.581251]  ? ioctl_preallocate+0x2e0/0x2e0
[  615.585688]  ? fget_raw+0x20/0x20
[  615.589158]  ? quarantine_put+0xeb/0x190
[  615.593228]  ? do_pwritev+0x167/0x270
[  615.597103]  ? security_file_ioctl+0x94/0xc0
[  615.601525]  ksys_ioctl+0xa9/0xd0
[  615.604991]  __x64_sys_ioctl+0x73/0xb0
[  615.608930]  do_syscall_64+0x1b1/0x800
[  615.612844]  ? syscall_slow_exit_work+0x4f0/0x4f0
[  615.617784]  ? syscall_return_slowpath+0x5c0/0x5c0
[  615.622736]  ? syscall_return_slowpath+0x30f/0x5c0
[  615.627676]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  615.633062]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  615.637917]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  615.643127] RIP: 0033:0x443dd9
[  615.646335] RSP: 002b:00007ffe8c463b48 EFLAGS: 00000286 ORIG_RAX: 0000000000000010
[  615.654073] RAX: ffffffffffffffda RBX: 6f6f6c2f7665642f RCX: 0000000000443dd9
[  615.661364] RDX: 0000000000000007 RSI: 0000000000004c06 RDI: 0000000000000007
[  615.668663] RBP: 00000000006ce018 R08: 00000000004002e0 R09: 00000000004002e0
[  615.675952] R10: 00000000004002e0 R11: 0000000000000286 R12: 0000000000401a80
[  615.683946] R13: 0000000000401b10 R14: 0000000000000000 R15: 0000000000000000
[  615.691261] 
[  615.691261] Showing all locks held in the system:
[  615.697617] 2 locks held by khungtaskd/893:
[  615.702005]  #0:         (ptrval) (rcu_read_lock){....}, at: watchdog+0x1ff/0xf60
[  615.709750]  #1:         (ptrval) (tasklist_lock){.+.+}, at: debug_show_all_locks+0xde/0x34a
[  615.718426] 2 locks held by getty/4481:
[  615.722404]  #0:         (ptrval) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40
[  615.730679]  #1:         (ptrval) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x321/0x1cc0
[  615.739617] 2 locks held by getty/4482:
[  615.743618]  #0:         (ptrval) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40
[  615.751888]  #1:         (ptrval) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x321/0x1cc0
[  615.760778] 2 locks held by getty/4483:
[  615.764756]  #0:         (ptrval) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40
[  615.773039]  #1:         (ptrval) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x321/0x1cc0
[  615.781924] 2 locks held by getty/4484:
[  615.785917]  #0:         (ptrval) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40
[  615.794184]  #1:         (ptrval) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x321/0x1cc0
[  615.803081] 2 locks held by getty/4485:
[  615.807061]  #0:         (ptrval) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40
[  615.815349]  #1:         (ptrval) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x321/0x1cc0
[  615.824241] 2 locks held by getty/4486:
[  615.828236]  #0:         (ptrval) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40
[  615.836504]  #1:         (ptrval) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x321/0x1cc0
[  615.845400] 2 locks held by getty/4487:
[  615.849389]  #0:         (ptrval) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40
[  615.857678]  #1:         (ptrval) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x321/0x1cc0
[  615.866560] 1 lock held by syz-executor325/4508:
[  615.871344]  #0:         (ptrval) (&lo->lo_ctl_mutex/1){+.+.}, at: lo_ioctl+0x8d/0x2130
[  615.879546] 
[  615.881195] =============================================
[  615.881195] 
[  615.888239] NMI backtrace for cpu 1
[  615.891901] CPU: 1 PID: 893 Comm: khungtaskd Not tainted 4.17.0-rc6+ #64
[  615.898723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  615.908064] Call Trace:
[  615.910701]  dump_stack+0x1b9/0x294
[  615.914326]  ? dump_stack_print_info.cold.2+0x52/0x52
[  615.919512]  nmi_cpu_backtrace.cold.4+0x19/0xce
[  615.924219]  ? lapic_can_unplug_cpu.cold.26+0x3f/0x3f
[  615.929393]  nmi_trigger_cpumask_backtrace+0x151/0x192
[  615.934653]  arch_trigger_cpumask_backtrace+0x14/0x20
[  615.939828]  watchdog+0xc10/0xf60
[  615.943265]  ? reset_hung_task_detector+0xb0/0xb0
[  615.948092]  ? __schedule+0x1e30/0x1e30
[  615.952048]  ? do_raw_spin_unlock+0x9e/0x2e0
[  615.956434]  ? do_raw_spin_trylock+0x1b0/0x1b0
[  615.960995]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  615.966549]  ? __kthread_parkme+0x111/0x1d0
[  615.970851]  ? parse_args.cold.15+0x1b3/0x1b3
[  615.975323]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  615.980316]  ? trace_hardirqs_on+0xd/0x10
[  615.984445]  kthread+0x345/0x410
[  615.987793]  ? reset_hung_task_detector+0xb0/0xb0
[  615.992613]  ? kthread_bind+0x40/0x40
[  615.996394]  ret_from_fork+0x3a/0x50
[  616.000175] Sending NMI from CPU 1 to CPUs 0:
[  616.004724] NMI backtrace for cpu 0 skipped: idling at native_safe_halt+0x6/0x10
[  616.005696] Kernel panic - not syncing: hung_task: blocked tasks
[  616.018456] CPU: 1 PID: 893 Comm: khungtaskd Not tainted 4.17.0-rc6+ #64
[  616.025275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  616.034610] Call Trace:
[  616.037186]  dump_stack+0x1b9/0x294
[  616.040800]  ? dump_stack_print_info.cold.2+0x52/0x52
[  616.046029]  ? printk_safe_log_store+0x260/0x260
[  616.050801]  panic+0x22f/0x4de
[  616.053975]  ? add_taint.cold.5+0x16/0x16
[  616.058106]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  616.063624]  ? nmi_trigger_cpumask_backtrace+0x13a/0x192
[  616.069066]  ? printk_safe_flush+0xd7/0x130
[  616.073372]  watchdog+0xc21/0xf60
[  616.076811]  ? reset_hung_task_detector+0xb0/0xb0
[  616.081639]  ? __schedule+0x1e30/0x1e30
[  616.085595]  ? do_raw_spin_unlock+0x9e/0x2e0
[  616.089983]  ? do_raw_spin_trylock+0x1b0/0x1b0
[  616.094546]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  616.100074]  ? __kthread_parkme+0x111/0x1d0
[  616.104374]  ? parse_args.cold.15+0x1b3/0x1b3
[  616.108848]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  616.113843]  ? trace_hardirqs_on+0xd/0x10
[  616.117974]  kthread+0x345/0x410
[  616.121322]  ? reset_hung_task_detector+0xb0/0xb0
[  616.126143]  ? kthread_bind+0x40/0x40
[  616.129925]  ret_from_fork+0x3a/0x50
[  616.134203] Dumping ftrace buffer:
[  616.137814]    (ftrace buffer empty)
[  616.141504] Kernel Offset: disabled
[  616.145115] Rebooting in 86400 seconds..