[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[   19.917696] random: sshd: uninitialized urandom read (32 bytes read)
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   23.831750] random: sshd: uninitialized urandom read (32 bytes read)
[   24.356363] random: sshd: uninitialized urandom read (32 bytes read)
[   25.119391] random: sshd: uninitialized urandom read (32 bytes read)
[  437.346423] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.10.40' (ECDSA) to the list of known hosts.
[  443.400304] random: sshd: uninitialized urandom read (32 bytes read)
executing program
executing program
executing program
[  615.391173] INFO: task syz-executor605:4489 blocked for more than 120 seconds.
[  615.398740]       Not tainted 4.17.0-rc6+ #64
[  615.403266] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  615.411309] syz-executor605 D22544  4489   4487 0x00000000
[  615.417044] Call Trace:
[  615.419766]  __schedule+0x801/0x1e30
[  615.423525]  ? __sched_text_start+0x8/0x8
[  615.427787]  ? do_raw_spin_trylock+0x1b0/0x1b0
[  615.432420]  ? _raw_spin_unlock_irqrestore+0x74/0xc0
[  615.437557]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  615.442605]  ? trace_hardirqs_on+0xd/0x10
[  615.446777]  ? prepare_to_wait_event+0x38e/0xc50
[  615.451567]  ? prepare_to_wait_exclusive+0x540/0x540
[  615.456690]  ? find_held_lock+0x36/0x1c0
[  615.460784]  schedule+0xef/0x430
[  615.464170]  ? __schedule+0x1e30/0x1e30
[  615.468234]  ? check_same_owner+0x320/0x320
[  615.472593]  ? replenish_dl_entity.cold.53+0x37/0x37
[  615.477743]  ? __might_sleep+0x95/0x190
[  615.481799]  blk_mq_freeze_queue_wait+0x1ce/0x460
[  615.486692]  ? blk_mq_poll+0x930/0x930
[  615.490606]  ? blk_mq_run_hw_queue+0x119/0x390
[  615.495220]  ? blk_mq_run_work_fn+0x70/0x70
[  615.499564]  ? finish_wait+0x420/0x420
[  615.503492]  blk_freeze_queue+0x4a/0x80
[  615.507486]  blk_mq_freeze_queue+0x15/0x20
[  615.511799]  lo_ioctl+0xa9a/0x2130
[  615.515368]  ? lo_rw_aio_complete+0x430/0x430
[  615.519905]  blkdev_ioctl+0x9b6/0x2020
[  615.523816]  ? blkpg_ioctl+0xc40/0xc40
[  615.527735]  ? lock_downgrade+0x8e0/0x8e0
[  615.531989]  ? kasan_check_read+0x11/0x20
[  615.536218]  ? rcu_is_watching+0x85/0x140
[  615.540400]  ? rcu_pm_notify+0xc0/0xc0
[  615.544340]  ? vfs_writev+0x255/0x330
[  615.548169]  ? rcu_read_lock_sched_held+0x108/0x120
[  615.553221]  ? kfree+0x1e9/0x260
[  615.556604]  ? vfs_writev+0xfc/0x330
[  615.560351]  ? do_raw_spin_unlock+0x9e/0x2e0
[  615.564776]  ? vfs_iter_write+0xb0/0xb0
[  615.568818]  block_ioctl+0xee/0x130
[  615.572628]  ? blkdev_fallocate+0x400/0x400
[  615.577031]  do_vfs_ioctl+0x1cf/0x16a0
[  615.580949]  ? ioctl_preallocate+0x2e0/0x2e0
[  615.585393]  ? fget_raw+0x20/0x20
[  615.588868]  ? quarantine_put+0xeb/0x190
[  615.592968]  ? do_pwritev+0x167/0x270
[  615.596832]  ? security_file_ioctl+0x94/0xc0
[  615.601283]  ksys_ioctl+0xa9/0xd0
[  615.604763]  __x64_sys_ioctl+0x73/0xb0
[  615.608722]  do_syscall_64+0x1b1/0x800
[  615.612638]  ? syscall_return_slowpath+0x5c0/0x5c0
[  615.617588]  ? syscall_return_slowpath+0x30f/0x5c0
[  615.622536]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  615.627921]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  615.632777]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  615.637991] RIP: 0033:0x443dd9
[  615.641189] RSP: 002b:00007fff610abb88 EFLAGS: 00000286 ORIG_RAX: 0000000000000010
[  615.648953] RAX: ffffffffffffffda RBX: 6f6f6c2f7665642f RCX: 0000000000443dd9
[  615.656269] RDX: 0000000000000007 RSI: 0000000000004c06 RDI: 0000000000000007
[  615.663578] RBP: 00000000006ce018 R08: 00000000004002e0 R09: 00000000004002e0
[  615.670883] R10: 00000000004002e0 R11: 0000000000000286 R12: 0000000000401a80
[  615.678179] R13: 0000000000401b10 R14: 0000000000000000 R15: 0000000000000000
[  615.685488] 
[  615.685488] Showing all locks held in the system:
[  615.691849] 2 locks held by khungtaskd/892:
[  615.696259]  #0:         (ptrval) (rcu_read_lock){....}, at: watchdog+0x1ff/0xf60
[  615.704029]  #1:         (ptrval) (tasklist_lock){.+.+}, at: debug_show_all_locks+0xde/0x34a
[  615.712702] 2 locks held by getty/4462:
[  615.716712]  #0:         (ptrval) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40
[  615.725023]  #1:         (ptrval) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x321/0x1cc0
[  615.733990] 2 locks held by getty/4463:
[  615.737992]  #0:         (ptrval) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40
[  615.746289]  #1:         (ptrval) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x321/0x1cc0
[  615.755180] 2 locks held by getty/4464:
[  615.759182]  #0:         (ptrval) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40
[  615.767462]  #1:         (ptrval) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x321/0x1cc0
[  615.776345] 2 locks held by getty/4465:
[  615.780361]  #0:         (ptrval) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40
[  615.788647]  #1:         (ptrval) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x321/0x1cc0
[  615.797551] 2 locks held by getty/4466:
[  615.801535]  #0:         (ptrval) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40
[  615.809815]  #1:         (ptrval) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x321/0x1cc0
[  615.818735] 2 locks held by getty/4467:
[  615.822749]  #0:         (ptrval) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40
[  615.831062]  #1:         (ptrval) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x321/0x1cc0
[  615.840074] 2 locks held by getty/4468:
[  615.844112]  #0:         (ptrval) (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40
[  615.852446]  #1:         (ptrval) (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x321/0x1cc0
[  615.861353] 1 lock held by syz-executor605/4489:
[  615.866128]  #0:         (ptrval) (&lo->lo_ctl_mutex/1){+.+.}, at: lo_ioctl+0x8d/0x2130
[  615.874324] 
[  615.875966] =============================================
[  615.875966] 
[  615.883028] NMI backtrace for cpu 1
[  615.886682] CPU: 1 PID: 892 Comm: khungtaskd Not tainted 4.17.0-rc6+ #64
[  615.893499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  615.902837] Call Trace:
[  615.905466]  dump_stack+0x1b9/0x294
[  615.909078]  ? dump_stack_print_info.cold.2+0x52/0x52
[  615.914259]  nmi_cpu_backtrace.cold.4+0x19/0xce
[  615.918948]  ? lapic_can_unplug_cpu.cold.26+0x3f/0x3f
[  615.924132]  nmi_trigger_cpumask_backtrace+0x151/0x192
[  615.929395]  arch_trigger_cpumask_backtrace+0x14/0x20
[  615.934563]  watchdog+0xc10/0xf60
[  615.938004]  ? reset_hung_task_detector+0xb0/0xb0
[  615.942828]  ? __schedule+0x1e30/0x1e30
[  615.946792]  ? do_raw_spin_unlock+0x9e/0x2e0
[  615.951189]  ? do_raw_spin_trylock+0x1b0/0x1b0
[  615.955762]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  615.961336]  ? __kthread_parkme+0x111/0x1d0
[  615.965641]  ? parse_args.cold.15+0x1b3/0x1b3
[  615.970132]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  615.975135]  ? trace_hardirqs_on+0xd/0x10
[  615.979270]  kthread+0x345/0x410
[  615.982624]  ? reset_hung_task_detector+0xb0/0xb0
[  615.987445]  ? kthread_bind+0x40/0x40
[  615.991239]  ret_from_fork+0x3a/0x50
[  615.995042] Sending NMI from CPU 1 to CPUs 0:
[  615.999582] NMI backtrace for cpu 0 skipped: idling at native_safe_halt+0x6/0x10
[  616.000572] Kernel panic - not syncing: hung_task: blocked tasks
[  616.013304] CPU: 1 PID: 892 Comm: khungtaskd Not tainted 4.17.0-rc6+ #64
[  616.020128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  616.029459] Call Trace:
[  616.032047]  dump_stack+0x1b9/0x294
[  616.035657]  ? dump_stack_print_info.cold.2+0x52/0x52
[  616.040880]  ? printk_safe_log_store+0x260/0x260
[  616.045667]  panic+0x22f/0x4de
[  616.048849]  ? add_taint.cold.5+0x16/0x16
[  616.052984]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  616.058502]  ? nmi_trigger_cpumask_backtrace+0x13a/0x192
[  616.063951]  ? printk_safe_flush+0xd7/0x130
[  616.068267]  watchdog+0xc21/0xf60
[  616.071708]  ? reset_hung_task_detector+0xb0/0xb0
[  616.076548]  ? __schedule+0x1e30/0x1e30
[  616.080510]  ? do_raw_spin_unlock+0x9e/0x2e0
[  616.084900]  ? do_raw_spin_trylock+0x1b0/0x1b0
[  616.089480]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  616.095013]  ? __kthread_parkme+0x111/0x1d0
[  616.099332]  ? parse_args.cold.15+0x1b3/0x1b3
[  616.103816]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  616.108811]  ? trace_hardirqs_on+0xd/0x10
[  616.113029]  kthread+0x345/0x410
[  616.116385]  ? reset_hung_task_detector+0xb0/0xb0
[  616.121232]  ? kthread_bind+0x40/0x40
[  616.125016]  ret_from_fork+0x3a/0x50
[  616.129766] Dumping ftrace buffer:
[  616.133408]    (ftrace buffer empty)
[  616.137101] Kernel Offset: disabled
[  616.140711] Rebooting in 86400 seconds..