[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 19.025476] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 23.827871] random: sshd: uninitialized urandom read (32 bytes read) [ 24.186882] random: sshd: uninitialized urandom read (32 bytes read) [ 24.907459] random: sshd: uninitialized urandom read (32 bytes read) [ 454.650312] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.10.21' (ECDSA) to the list of known hosts. [ 460.153862] random: sshd: uninitialized urandom read (32 bytes read) executing program executing program [ 615.392170] INFO: task syz-executor016:4484 blocked for more than 120 seconds. [ 615.399767] Not tainted 4.17.0-rc3+ #26 [ 615.404286] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 615.412294] syz-executor016 D23216 4484 4482 0x00000000 [ 615.418015] Call Trace: [ 615.420700] __schedule+0x801/0x1e30 [ 615.424448] ? __sched_text_start+0x8/0x8 [ 615.428672] ? mark_held_locks+0xc9/0x160 [ 615.432857] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 615.437492] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 615.442623] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 615.447655] ? trace_hardirqs_on+0xd/0x10 [ 615.451831] ? prepare_to_wait_event+0x37d/0xb90 [ 615.456606] ? prepare_to_wait_exclusive+0x530/0x530 [ 615.461737] ? find_held_lock+0x36/0x1c0 [ 615.465824] schedule+0xef/0x430 [ 615.469222] ? __schedule+0x1e30/0x1e30 [ 615.473230] ? check_same_owner+0x320/0x320 [ 615.477566] ? replenish_dl_entity.cold.52+0x37/0x37 [ 615.482675] ? __might_sleep+0x95/0x190 [ 615.486694] blk_mq_freeze_queue_wait+0x1ce/0x460 [ 615.491552] ? blk_mq_poll+0x930/0x930 [ 615.495467] ? blk_mq_run_hw_queue+0x119/0x390 [ 615.500077] ? blk_mq_run_work_fn+0x70/0x70 [ 615.504420] ? prepare_to_wait+0x4d0/0x4d0 [ 615.508681] blk_freeze_queue+0x4a/0x80 [ 615.512680] blk_mq_freeze_queue+0x15/0x20 [ 615.516955] lo_ioctl+0xa9a/0x2130 [ 615.520521] ? lo_rw_aio_complete+0x430/0x430 [ 615.525039] blkdev_ioctl+0x9b6/0x2020 [ 615.528954] ? blkpg_ioctl+0xc40/0xc40 [ 615.532875] ? lock_downgrade+0x8e0/0x8e0 [ 615.537091] ? kasan_check_read+0x11/0x20 [ 615.541284] ? rcu_is_watching+0x85/0x140 [ 615.545458] ? rcu_pm_notify+0xc0/0xc0 [ 615.549376] ? vfs_writev+0x255/0x330 [ 615.553204] ? rcu_read_lock_sched_held+0x108/0x120 [ 615.558235] ? kfree+0x1e9/0x260 [ 615.561614] ? vfs_writev+0xfc/0x330 [ 615.565344] ? do_raw_spin_unlock+0x9e/0x2e0 [ 615.569778] ? vfs_iter_write+0xb0/0xb0 [ 615.573795] block_ioctl+0xee/0x130 [ 615.577462] ? blkdev_fallocate+0x400/0x400 [ 615.581820] do_vfs_ioctl+0x1cf/0x16a0 [ 615.585735] ? ioctl_preallocate+0x2e0/0x2e0 [ 615.590167] ? fget_raw+0x20/0x20 [ 615.593656] ? quarantine_put+0xeb/0x190 [ 615.597739] ? do_pwritev+0x167/0x270 [ 615.601587] ? security_file_ioctl+0x94/0xc0 [ 615.606037] ksys_ioctl+0xa9/0xd0 [ 615.609523] __x64_sys_ioctl+0x73/0xb0 [ 615.613461] do_syscall_64+0x1b1/0x800 [ 615.617382] ? syscall_return_slowpath+0x5c0/0x5c0 [ 615.622353] ? syscall_return_slowpath+0x30f/0x5c0 [ 615.627315] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 615.632729] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 615.637618] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 615.642835] RIP: 0033:0x443df9 [ 615.646045] RSP: 002b:00007ffdcf81cb18 EFLAGS: 00000286 ORIG_RAX: 0000000000000010 [ 615.653795] RAX: ffffffffffffffda RBX: 6f6f6c2f7665642f RCX: 0000000000443df9 [ 615.661115] RDX: 0000000000000005 RSI: 0000000000004c06 RDI: 0000000000000005 [ 615.668412] RBP: 00000000006ce018 R08: 00000000004002e0 R09: 00000000004002e0 [ 615.675723] R10: 00000000004002e0 R11: 0000000000000286 R12: 0000000000401aa0 [ 615.683033] R13: 0000000000401b30 R14: 0000000000000000 R15: 0000000000000000 [ 615.690340] [ 615.690340] Showing all locks held in the system: [ 615.696705] 2 locks held by khungtaskd/892: [ 615.701118] #0: (ptrval) (rcu_read_lock){....}, at: watchdog+0x1ff/0xf60 [ 615.708836] #1: (ptrval) (tasklist_lock){.+.+}, at: debug_show_all_locks+0xde/0x34a [ 615.717542] 2 locks held by getty/4456: [ 615.721531] #0: (ptrval) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40 [ 615.729824] #1: (ptrval) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x321/0x1cc0 [ 615.738768] 2 locks held by getty/4457: [ 615.742769] #0: (ptrval) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40 [ 615.751055] #1: (ptrval) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x321/0x1cc0 [ 615.759949] 2 locks held by getty/4458: [ 615.763941] #0: (ptrval) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40 [ 615.772243] #1: (ptrval) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x321/0x1cc0 [ 615.781160] 2 locks held by getty/4459: [ 615.785171] #0: (ptrval) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40 [ 615.793553] #1: (ptrval) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x321/0x1cc0 [ 615.802481] 2 locks held by getty/4460: [ 615.806491] #0: (ptrval) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40 [ 615.814811] #1: (ptrval) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x321/0x1cc0 [ 615.823724] 2 locks held by getty/4461: [ 615.827742] #0: (ptrval) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40 [ 615.836054] #1: (ptrval) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x321/0x1cc0 [ 615.844952] 2 locks held by getty/4462: [ 615.848967] #0: (ptrval) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40 [ 615.857279] #1: (ptrval) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x321/0x1cc0 [ 615.866189] 1 lock held by syz-executor016/4484: [ 615.870975] #0: (ptrval) (&lo->lo_ctl_mutex/1){+.+.}, at: lo_ioctl+0x8d/0x2130 [ 615.879198] [ 615.880856] ============================================= [ 615.880856] [ 615.887923] NMI backtrace for cpu 0 [ 615.891588] CPU: 0 PID: 892 Comm: khungtaskd Not tainted 4.17.0-rc3+ #26 [ 615.898414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 615.907756] Call Trace: [ 615.910406] dump_stack+0x1b9/0x294 [ 615.914026] ? dump_stack_print_info.cold.2+0x52/0x52 [ 615.919202] nmi_cpu_backtrace.cold.4+0x19/0xce [ 615.923871] ? lapic_can_unplug_cpu.cold.26+0x3f/0x3f [ 615.929051] nmi_trigger_cpumask_backtrace+0x151/0x192 [ 615.934322] arch_trigger_cpumask_backtrace+0x14/0x20 [ 615.939767] watchdog+0xc10/0xf60 [ 615.943492] ? reset_hung_task_detector+0xb0/0xb0 [ 615.948349] ? __schedule+0x1e30/0x1e30 [ 615.952315] ? do_raw_spin_unlock+0x9e/0x2e0 [ 615.956705] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 615.961269] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 615.966375] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 615.971376] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 615.976928] ? __kthread_parkme+0x1b7/0x280 [ 615.981234] kthread+0x345/0x410 [ 615.984582] ? reset_hung_task_detector+0xb0/0xb0 [ 615.989422] ? kthread_bind+0x40/0x40 [ 615.993205] ret_from_fork+0x3a/0x50 [ 615.996997] Sending NMI from CPU 0 to CPUs 1: [ 616.001544] NMI backtrace for cpu 1 [ 616.001555] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 4.17.0-rc3+ #26 [ 616.001558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 616.001595] RIP: 0010:update_ts_time_stats+0x0/0x1e0 [ 616.001598] RSP: 0018:ffff8801daf07c98 EFLAGS: 00000046 [ 616.001604] RAX: ffff8801d9ad2340 RBX: ffff8801daf264e0 RCX: 0000000000000000 [ 616.001608] RDX: 0000008f6c8d6f2e RSI: ffff8801daf264e0 RDI: 0000000000000001 [ 616.001612] RBP: ffff8801daf07cc8 R08: ffff8801d9ad2340 R09: 0000000000000000 [ 616.001616] R10: ffffed0043fff009 R11: ffff88021fff8057 R12: 0000000000000017 [ 616.001620] R13: ffff8801daf2652c R14: 0000008f6c8d6f2e R15: 0000000000000004 [ 616.001626] FS: 0000000000000000(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000 [ 616.001630] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 616.001634] CR2: ffffffffff600400 CR3: 00000001b901f000 CR4: 00000000001406e0 [ 616.001640] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 616.001643] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 616.001646] Call Trace: [ 616.001648] [ 616.001656] ? tick_irq_enter+0x25f/0x390 [ 616.001672] irq_enter+0xb6/0xd0 [ 616.001679] scheduler_ipi+0x39b/0xa30 [ 616.001685] ? migration_cpu_stop+0x460/0x460 [ 616.001694] ? kasan_check_read+0x11/0x20 [ 616.001703] ? rcu_nmi_exit+0xd7/0x2b0 [ 616.001709] ? rcu_idle_enter+0x460/0x460 [ 616.001721] ? clockevents_program_event+0x140/0x370 [ 616.001729] ? kasan_check_read+0x11/0x20 [ 616.001735] ? rcu_is_watching+0x85/0x140 [ 616.001741] ? rcu_pm_notify+0xc0/0xc0 [ 616.001747] ? task_prio+0x50/0x50 [ 616.001754] ? rcu_irq_exit+0xd8/0x110 [ 616.001763] smp_reschedule_interrupt+0xed/0x660 [ 616.001769] ? smp_thermal_interrupt+0x800/0x800 [ 616.001780] ? kvm_clock_read+0x25/0x30 [ 616.001786] ? kvm_sched_clock_read+0x9/0x20 [ 616.001794] ? sched_clock+0x31/0x40 [ 616.001801] ? sched_clock_cpu+0x1b/0x180 [ 616.001810] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 616.001817] reschedule_interrupt+0xf/0x20 [ 616.001819] [ 616.001826] RIP: 0010:native_safe_halt+0x6/0x10 [ 616.001829] RSP: 0018:ffff8801d9ae7c38 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff02 [ 616.001836] RAX: dffffc0000000000 RBX: 1ffff1003b35cf8a RCX: 0000000000000000 [ 616.001839] RDX: 1ffffffff11a3170 RSI: 0000000000000001 RDI: ffffffff88d18b80 [ 616.001843] RBP: ffff8801d9ae7c38 R08: ffffed003b5e46c3 R09: 0000000000000000 [ 616.001846] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000001 [ 616.001850] R13: ffff8801d9ae7cf0 R14: ffffffff897bf1a0 R15: 0000000000000000 [ 616.001859] ? trace_hardirqs_on+0xd/0x10 [ 616.001865] default_idle+0xc2/0x440 [ 616.001872] ? __sched_text_end+0x3/0x3 [ 616.001878] ? rcu_idle_enter+0x304/0x460 [ 616.001885] ? rcu_eqs_special_set+0x190/0x190 [ 616.001895] ? tsc_verify_tsc_adjust+0xf7/0x360 [ 616.001902] ? mark_tsc_async_resets+0x20/0x20 [ 616.001908] ? tick_nohz_idle_enter+0x219/0x320 [ 616.001914] arch_cpu_idle+0x10/0x20 [ 616.001921] default_idle_call+0x6d/0x90 [ 616.001927] do_idle+0x395/0x560 [ 616.001933] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 616.001940] ? arch_cpu_idle_exit+0x70/0x70 [ 616.001945] ? trace_hardirqs_on+0xd/0x10 [ 616.001952] ? complete+0x62/0x80 [ 616.001959] cpu_startup_entry+0x104/0x120 [ 616.001965] ? cpu_in_idle+0x20/0x20 [ 616.001973] start_secondary+0x426/0x5b0 [ 616.001980] ? set_cpu_sibling_map+0x1860/0x1860 [ 616.001991] secondary_startup_64+0xa5/0xb0 [ 616.001995] Code: 62 cc 87 bb ea ff ff ff e8 a2 45 f5 ff e9 e7 fc ff ff 4c 89 f7 e8 91 f5 49 00 e9 54 ff ff ff 90 90 90 90 90 90 90 90 90 90 90 90 <55> 48 89 e5 41 57 41 56 41 89 fe 41 55 49 89 cd 41 54 49 89 d4 [ 616.002544] Kernel panic - not syncing: hung_task: blocked tasks [ 616.356811] CPU: 0 PID: 892 Comm: khungtaskd Not tainted 4.17.0-rc3+ #26 [ 616.363627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 616.372958] Call Trace: [ 616.375533] dump_stack+0x1b9/0x294 [ 616.379143] ? dump_stack_print_info.cold.2+0x52/0x52 [ 616.384318] ? printk_safe_log_store+0x260/0x260 [ 616.389056] panic+0x22f/0x4de [ 616.392266] ? add_taint.cold.5+0x16/0x16 [ 616.396503] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 616.402544] ? nmi_trigger_cpumask_backtrace+0x13a/0x192 [ 616.407979] ? printk_safe_flush+0xd7/0x130 [ 616.412289] watchdog+0xc21/0xf60 [ 616.415728] ? reset_hung_task_detector+0xb0/0xb0 [ 616.420560] ? __schedule+0x1e30/0x1e30 [ 616.424865] ? do_raw_spin_unlock+0x9e/0x2e0 [ 616.429264] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 616.433827] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 616.438924] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 616.443931] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 616.449453] ? __kthread_parkme+0x1b7/0x280 [ 616.453758] kthread+0x345/0x410 [ 616.457153] ? reset_hung_task_detector+0xb0/0xb0 [ 616.462062] ? kthread_bind+0x40/0x40 [ 616.465842] ret_from_fork+0x3a/0x50 [ 616.470463] Dumping ftrace buffer: [ 616.474090] (ftrace buffer empty) [ 616.477783] Kernel Offset: disabled [ 616.481487] Rebooting in 86400 seconds..