[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 13.923661] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 18.735110] random: sshd: uninitialized urandom read (32 bytes read) [ 19.118890] random: sshd: uninitialized urandom read (32 bytes read) [ 19.590734] random: sshd: uninitialized urandom read (32 bytes read) [ 19.747215] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.54' (ECDSA) to the list of known hosts. [ 25.434691] random: sshd: uninitialized urandom read (32 bytes read) executing program [ 25.527203] dl_rq->running_bw > dl_rq->this_bw [ 25.527337] ------------[ cut here ]------------ [ 25.537578] WARNING: CPU: 0 PID: 1981 at kernel/sched/deadline.c:125 switched_from_dl.cold.25+0x5b/0x62 [ 25.547105] Kernel panic - not syncing: panic_on_warn set ... [ 25.547105] [ 25.554459] CPU: 0 PID: 1981 Comm: syz-executor145 Not tainted 4.14.67+ #1 [ 25.561454] Call Trace: [ 25.564035] dump_stack+0xb9/0x11b [ 25.567569] ? switched_from_dl.cold.25+0x30/0x62 [ 25.572405] panic+0x1bf/0x3a4 [ 25.575612] ? add_taint.cold.4+0x16/0x16 [ 25.579756] ? __probe_kernel_read+0x163/0x1c0 [ 25.584525] ? switched_from_dl.cold.25+0x5b/0x62 [ 25.589358] __warn.cold.7+0x148/0x185 [ 25.593239] ? switched_from_dl.cold.25+0x5b/0x62 [ 25.598074] report_bug+0x1f7/0x26c [ 25.601693] do_error_trap+0x1ba/0x2c0 [ 25.605569] ? math_error+0x2d0/0x2d0 [ 25.609360] ? vprintk_emit+0x233/0x4e0 [ 25.613327] ? vprintk_emit+0x1f9/0x4e0 [ 25.617308] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 25.622146] invalid_op+0x18/0x40 [ 25.625593] RIP: 0010:switched_from_dl.cold.25+0x5b/0x62 [ 25.631031] RSP: 0018:ffff8801b90b7d18 EFLAGS: 00010082 [ 25.636380] RAX: 0000000000000022 RBX: ffff8801ba4cc680 RCX: 0000000000000000 [ 25.643636] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff8801baa89f78 [ 25.650890] RBP: ffff8801d792a240 R08: 0000000000000001 R09: 0000000000000000 [ 25.658148] R10: ffff8801baa8a028 R11: 0000000000000001 R12: ffff8801ba4cc6dc [ 25.665404] R13: 0000000000000000 R14: ffff8801d792ab50 R15: 0000000000099179 [ 25.672692] ? switched_from_dl.cold.25+0x5b/0x62 [ 25.677531] __sched_setscheduler+0x9a1/0x2800 [ 25.682109] ? cpu_cgroup_fork+0x120/0x120 [ 25.686339] SyS_sched_setattr+0x22c/0x370 [ 25.690563] ? SyS_sched_setparam+0x20/0x20 [ 25.694864] ? do_syscall_64+0x43/0x4b0 [ 25.698817] ? SyS_sched_setparam+0x20/0x20 [ 25.703113] do_syscall_64+0x19b/0x4b0 [ 25.706982] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 25.712144] RIP: 0033:0x4456e9 [ 25.715306] RSP: 002b:00007f2c3d1d2da8 EFLAGS: 00000293 ORIG_RAX: 000000000000013a [ 25.722994] RAX: ffffffffffffffda RBX: 00000000006dac28 RCX: 00000000004456e9 [ 25.730257] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 00000000000007bc [ 25.737513] RBP: 00000000006dac20 R08: 0000000000000000 R09: 0000000000000000 [ 25.744772] R10: 0000000000000000 R11: 0000000000000293 R12: 00000000006dac2c [ 25.752033] R13: 0000840000000002 R14: 00007f2c3d1d39c0 R15: 00000000006dad2c [ 25.759300] [ 25.759304] ====================================================== [ 25.759307] WARNING: possible circular locking dependency detected [ 25.759309] 4.14.67+ #1 Not tainted [ 25.759311] ------------------------------------------------------ [ 25.759314] syz-executor145/1981 is trying to acquire lock: [ 25.759316] (&port_lock_key){-...}, at: [] serial8250_console_write+0x6af/0x800 [ 25.759323] [ 25.759325] but task is already holding lock: [ 25.759327] (&rq->lock){-.-.}, at: [] task_rq_lock+0xc9/0x340 [ 25.759333] [ 25.759336] which lock already depends on the new lock. [ 25.759337] [ 25.759339] [ 25.759341] the existing dependency chain (in reverse order) is: [ 25.759343] [ 25.759344] -> #3 (&rq->lock){-.-.}: [ 25.759351] _raw_spin_lock+0x2a/0x40 [ 25.759354] task_fork_fair+0x59/0x590 [ 25.759356] sched_fork+0x48b/0xd30 [ 25.759358] copy_process.part.6+0x120d/0x6490 [ 25.759360] _do_fork+0x1c2/0xd50 [ 25.759362] kernel_thread+0x2f/0x40 [ 25.759364] rest_init+0x22/0x2a0 [ 25.759366] start_kernel+0x6fb/0x739 [ 25.759368] secondary_startup_64+0xa5/0xb0 [ 25.759370] [ 25.759371] -> #2 (&p->pi_lock){-.-.}: [ 25.759379] _raw_spin_lock_irqsave+0x41/0x50 [ 25.759381] try_to_wake_up+0x95/0x1230 [ 25.759383] __wake_up_common+0x109/0x5a0 [ 25.759385] __wake_up_common_lock+0xc5/0x120 [ 25.759388] tty_port_default_wakeup+0x26/0x40 [ 25.759390] serial8250_tx_chars+0x417/0xa70 [ 25.759392] serial8250_handle_irq.part.15+0x1b1/0x1f0 [ 25.759395] serial8250_default_handle_irq+0x9b/0x110 [ 25.759397] serial8250_interrupt+0xea/0x1a0 [ 25.759399] __handle_irq_event_percpu+0xf8/0x770 [ 25.759401] handle_irq_event_percpu+0x76/0x150 [ 25.759403] handle_irq_event+0xa1/0x12d [ 25.759406] handle_edge_irq+0x1f0/0x7f0 [ 25.759408] handle_irq+0x242/0x328 [ 25.759409] do_IRQ+0x7d/0x1b0 [ 25.759411] ret_from_intr+0x0/0x22 [ 25.759414] _raw_spin_unlock_irqrestore+0x59/0x70 [ 25.759416] uart_write+0x2a7/0x480 [ 25.759418] n_tty_write+0x4f5/0xda0 [ 25.759420] tty_write+0x397/0x810 [ 25.759422] redirected_tty_write+0x9a/0xa0 [ 25.759424] __vfs_write+0xf4/0x5c0 [ 25.759434] vfs_write+0x17f/0x4d0 [ 25.759436] SyS_write+0xc2/0x1a0 [ 25.759438] do_syscall_64+0x19b/0x4b0 [ 25.759440] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 25.759442] [ 25.759443] -> #1 (&tty->write_wait){-...}: [ 25.759451] _raw_spin_lock_irqsave+0x41/0x50 [ 25.759453] __wake_up_common_lock+0xaa/0x120 [ 25.759455] tty_port_default_wakeup+0x26/0x40 [ 25.759458] serial8250_tx_chars+0x417/0xa70 [ 25.759460] serial8250_handle_irq.part.15+0x1b1/0x1f0 [ 25.759469] serial8250_default_handle_irq+0x9b/0x110 [ 25.759471] serial8250_interrupt+0xea/0x1a0 [ 25.759473] __handle_irq_event_percpu+0xf8/0x770 [ 25.759475] handle_irq_event_percpu+0x76/0x150 [ 25.759477] handle_irq_event+0xa1/0x12d [ 25.759480] handle_edge_irq+0x1f0/0x7f0 [ 25.759482] handle_irq+0x242/0x328 [ 25.759483] do_IRQ+0x7d/0x1b0 [ 25.759486] ret_from_intr+0x0/0x22 [ 25.759488] _raw_spin_unlock_irqrestore+0x59/0x70 [ 25.759490] uart_write+0x2a7/0x480 [ 25.759492] n_tty_write+0x4f5/0xda0 [ 25.759494] tty_write+0x397/0x810 [ 25.759496] redirected_tty_write+0x9a/0xa0 [ 25.759498] __vfs_write+0xf4/0x5c0 [ 25.759500] vfs_write+0x17f/0x4d0 [ 25.759502] SyS_write+0xc2/0x1a0 [ 25.759504] do_syscall_64+0x19b/0x4b0 [ 25.759507] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 25.759508] [ 25.759510] -> #0 (&port_lock_key){-...}: [ 25.759517] lock_acquire+0x10f/0x380 [ 25.759520] _raw_spin_lock_irqsave+0x41/0x50 [ 25.759522] serial8250_console_write+0x6af/0x800 [ 25.759524] console_unlock+0x5b9/0xb50 [ 25.759526] vprintk_emit+0x241/0x4e0 [ 25.759528] vprintk_func+0x58/0x136 [ 25.759530] printk+0xa7/0xcf [ 25.759532] __warn+0x36/0x50 [ 25.759534] report_bug+0x1f7/0x26c [ 25.759536] do_error_trap+0x1ba/0x2c0 [ 25.759538] invalid_op+0x18/0x40 [ 25.759540] switched_from_dl.cold.25+0x5b/0x62 [ 25.759543] __sched_setscheduler+0x9a1/0x2800 [ 25.759545] SyS_sched_setattr+0x22c/0x370 [ 25.759547] do_syscall_64+0x19b/0x4b0 [ 25.759549] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 25.759551] [ 25.759553] other info that might help us debug this: [ 25.759554] [ 25.759556] Chain exists of: [ 25.759557] &port_lock_key --> &p->pi_lock --> &rq->lock [ 25.759567] [ 25.759569] Possible unsafe locking scenario: [ 25.759570] [ 25.759572] CPU0 CPU1 [ 25.759575] ---- ---- [ 25.759576] lock(&rq->lock); [ 25.759581] lock(&p->pi_lock); [ 25.759586] lock(&rq->lock); [ 25.759590] lock(&port_lock_key); [ 25.759595] [ 25.759597] *** DEADLOCK *** [ 25.759598] [ 25.759600] 4 locks held by syz-executor145/1981: [ 25.759601] #0: (rcu_read_lock){....}, at: [] SyS_sched_setattr+0x1c0/0x370 [ 25.759609] #1: (&p->pi_lock){-.-.}, at: [] task_rq_lock+0x68/0x340 [ 25.759617] #2: (&rq->lock){-.-.}, at: [] task_rq_lock+0xc9/0x340 [ 25.759625] #3: (console_lock){+.+.}, at: [] vprintk_emit+0x233/0x4e0 [ 25.759633] [ 25.759635] stack backtrace: [ 25.759638] CPU: 0 PID: 1981 Comm: syz-executor145 Not tainted 4.14.67+ #1 [ 25.759639] Call Trace: [ 25.759641] dump_stack+0xb9/0x11b [ 25.759647] print_circular_bug.isra.18.cold.43+0x2d3/0x40c [ 25.759649] ? save_trace+0xd6/0x250 [ 25.759652] __lock_acquire+0x2ff9/0x4320 [ 25.759654] ? trace_hardirqs_on+0x10/0x10 [ 25.759656] ? put_dec+0xc0/0xc0 [ 25.759658] ? format_decode+0x188/0x8f0 [ 25.759660] ? __lock_acquire+0x619/0x4320 [ 25.759662] ? memcpy+0x34/0x50 [ 25.759664] ? vsnprintf+0x17b/0x13a0 [ 25.759666] lock_acquire+0x10f/0x380 [ 25.759668] ? serial8250_console_write+0x6af/0x800 [ 25.759670] _raw_spin_lock_irqsave+0x41/0x50 [ 25.759673] ? serial8250_console_write+0x6af/0x800 [ 25.759675] serial8250_console_write+0x6af/0x800 [ 25.759677] ? set_precision+0x140/0x140 [ 25.759679] ? serial8250_release_port+0x20/0x20 [ 25.759682] ? console_unlock+0x2a3/0xb50 [ 25.759684] ? lock_downgrade+0x560/0x560 [ 25.759686] ? memcpy+0x34/0x50 [ 25.759688] ? msg_print_text+0x177/0x1a0 [ 25.759690] ? univ8250_console_setup+0x150/0x150 [ 25.759692] console_unlock+0x5b9/0xb50 [ 25.759694] ? vprintk_emit+0x233/0x4e0 [ 25.759696] vprintk_emit+0x241/0x4e0 [ 25.759698] ? switched_from_dl.cold.25+0x5b/0x62 [ 25.759700] vprintk_func+0x58/0x136 [ 25.759702] printk+0xa7/0xcf [ 25.759705] ? show_regs_print_info+0x5b/0x5b [ 25.759707] ? __probe_kernel_read+0x163/0x1c0 [ 25.759709] __warn+0x36/0x50 [ 25.759711] ? switched_from_dl.cold.25+0x5b/0x62 [ 25.759713] report_bug+0x1f7/0x26c [ 25.759715] do_error_trap+0x1ba/0x2c0 [ 25.759717] ? math_error+0x2d0/0x2d0 [ 25.759719] ? vprintk_emit+0x233/0x4e0 [ 25.759721] ? vprintk_emit+0x1f9/0x4e0 [ 25.759723] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 25.759725] invalid_op+0x18/0x40 [ 25.759728] RIP: 0010:switched_from_dl.cold.25+0x5b/0x62 [ 25.759730] RSP: 0018:ffff8801b90b7d18 EFLAGS: 00010082 [ 25.759734] RAX: 0000000000000022 RBX: ffff8801ba4cc680 RCX: 0000000000000000 [ 25.759738] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff8801baa89f78 [ 25.759741] RBP: ffff8801d792a240 R08: 0000000000000001 R09: 0000000000000000 [ 25.759744] R10: ffff8801baa8a028 R11: 0000000000000001 R12: ffff8801ba4cc6dc [ 25.759747] R13: 0000000000000000 R14: ffff8801d792ab50 R15: 0000000000099179 [ 25.759749] ? switched_from_dl.cold.25+0x5b/0x62 [ 25.759752] __sched_setscheduler+0x9a1/0x2800 [ 25.759754] ? cpu_cgroup_fork+0x120/0x120 [ 25.759756] SyS_sched_setattr+0x22c/0x370 [ 25.759758] ? SyS_sched_setparam+0x20/0x20 [ 25.759760] ? do_syscall_64+0x43/0x4b0 [ 25.759762] ? SyS_sched_setparam+0x20/0x20 [ 25.759764] do_syscall_64+0x19b/0x4b0 [ 25.759767] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 25.759769] RIP: 0033:0x4456e9 [ 25.759771] RSP: 002b:00007f2c3d1d2da8 EFLAGS: 00000293 ORIG_RAX: 000000000000013a [ 25.759776] RAX: ffffffffffffffda RBX: 00000000006dac28 RCX: 00000000004456e9 [ 25.759779] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 00000000000007bc [ 25.759782] RBP: 00000000006dac20 R08: 0000000000000000 R09: 0000000000000000 [ 25.759785] R10: 0000000000000000 R11: 0000000000000293 R12: 00000000006dac2c [ 25.759788] R13: 0000840000000002 R14: 00007f2c3d1d39c0 R15: 00000000006dad2c [ 26.869755] Shutting down cpus with NMI [ 27.716319] Dumping ftrace buffer: [ 27.719842] (ftrace buffer empty) [ 27.723532] Kernel Offset: 0xc400000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff) [ 27.734395] Rebooting in 86400 seconds..