[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 34.309729] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 38.365060] random: sshd: uninitialized urandom read (32 bytes read) [ 38.838304] random: sshd: uninitialized urandom read (32 bytes read) [ 40.264208] random: sshd: uninitialized urandom read (32 bytes read) [ 388.718549] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.14' (ECDSA) to the list of known hosts. [ 394.265175] random: sshd: uninitialized urandom read (32 bytes read) executing program [ 574.431266] INFO: task syz-executor260:4590 blocked for more than 140 seconds. [ 574.438786] Not tainted 4.18.0-rc5+ #29 [ 574.443446] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 574.451490] syz-executor260 D58432 4590 4587 0x00000004 [ 574.457388] Call Trace: [ 574.460149] __schedule+0x652/0x780 [ 574.463861] schedule+0x1cc/0x300 [ 574.467471] __fuse_request_send+0x105a/0x1a90 [ 574.472187] ? init_wait_entry+0x1a0/0x1a0 [ 574.476512] fuse_simple_request+0x9cc/0xc10 [ 574.481038] fuse_lookup_name+0x472/0xc80 [ 574.485298] ? rcu_all_qs+0x3f/0x210 [ 574.489103] ? _cond_resched+0x4c/0x100 [ 574.493146] fuse_lookup+0x193/0x810 [ 574.497009] ? __list_add_valid+0xb8/0x450 [ 574.501363] ? fuse_getattr+0x8a0/0x8a0 [ 574.506279] __lookup_hash+0x26c/0x510 [ 574.510255] filename_create+0x322/0xbe0 [ 574.514403] do_mkdirat+0x120/0x690 [ 574.518098] __x64_sys_mkdirat+0xe1/0x120 [ 574.522440] ? do_mkdirat+0x690/0x690 [ 574.526339] do_syscall_64+0x15b/0x230 [ 574.530313] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 574.535562] RIP: 0033:0x445849 [ 574.538805] Code: Bad RIP value. [ 574.542245] RSP: 002b:00007f961b5dada8 EFLAGS: 00000293 ORIG_RAX: 0000000000000102 [ 574.550033] RAX: ffffffffffffffda RBX: 00000000006dac24 RCX: 0000000000445849 [ 574.557347] RDX: 0000000000000000 RSI: 0000000020000500 RDI: 00000000ffffff9c [ 574.564731] RBP: 00000000006dac20 R08: 0000000000000000 R09: 0000000000000000 [ 574.572066] R10: 0000000000000000 R11: 0000000000000293 R12: 0030656c69662f2e [ 574.579408] R13: 65646f6d746f6f72 R14: 2f30656c69662f2e R15: 0000000000000008 [ 574.586766] INFO: task syz-executor260:4591 blocked for more than 140 seconds. [ 574.594223] Not tainted 4.18.0-rc5+ #29 [ 574.598754] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 574.606767] syz-executor260 D58688 4591 4587 0x00000004 [ 574.612576] Call Trace: [ 574.615267] __schedule+0x652/0x780 [ 574.618955] schedule+0x1cc/0x300 [ 574.622539] __rwsem_down_write_failed_common+0x807/0x1480 [ 574.628241] rwsem_down_write_failed+0x2c/0x30 [ 574.632896] call_rwsem_down_write_failed+0x17/0x30 [ 574.637987] ? fuse_do_getattr+0x16f0/0x16f0 [ 574.642498] down_write+0x5e/0xc0 [ 574.646039] filename_create+0x2c4/0xbe0 [ 574.650153] do_mkdirat+0x120/0x690 [ 574.653853] __x64_sys_mkdirat+0xe1/0x120 [ 574.658068] ? do_mkdirat+0x690/0x690 [ 574.661941] do_syscall_64+0x15b/0x230 [ 574.665905] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 574.671146] RIP: 0033:0x445849 [ 574.674380] Code: Bad RIP value. [ 574.677825] RSP: 002b:00007f961b5b9da8 EFLAGS: 00000293 ORIG_RAX: 0000000000000102 [ 574.685594] RAX: ffffffffffffffda RBX: 00000000006dac3c RCX: 0000000000445849 [ 574.692959] RDX: 0000000000000000 RSI: 0000000020000500 RDI: 00000000ffffff9c [ 574.700282] RBP: 00000000006dac38 R08: 0000000000000000 R09: 0000000000000000 [ 574.707626] R10: 0000000000000000 R11: 0000000000000293 R12: 0030656c69662f2e [ 574.714957] R13: 65646f6d746f6f72 R14: 2f30656c69662f2e R15: 0000000000000008 [ 574.722316] NMI backtrace for cpu 1 [ 574.726003] CPU: 1 PID: 808 Comm: khungtaskd Not tainted 4.18.0-rc5+ #29 [ 574.732835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 574.742200] Call Trace: [ 574.744817] dump_stack+0x185/0x1e0 [ 574.748445] nmi_trigger_cpumask_backtrace+0x26f/0x4e0 [ 574.753785] ? arch_trigger_cpumask_backtrace+0x40/0x40 [ 574.759152] arch_trigger_cpumask_backtrace+0x2c/0x40 [ 574.764383] trigger_all_cpu_backtrace+0x2b/0x30 [ 574.769156] watchdog+0x1107/0x1130 [ 574.772816] kthread+0x473/0x4b0 [ 574.776209] ? reset_hung_task_detector+0x30/0x30 [ 574.781059] ? kthread_blkcg+0xf0/0xf0 [ 574.784947] ret_from_fork+0x35/0x40 [ 574.788803] Sending NMI from CPU 1 to CPUs 0: [ 574.793463] ------------[ cut here ]------------ [ 574.798270] kernel BUG at mm/kmsan/kmsan_entry.c:81! [ 574.803399] invalid opcode: 0000 [#1] SMP PTI [ 574.807915] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 4.18.0-rc5+ #29 [ 574.814502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 574.824067] RIP: 0010:kmsan_nmi_enter+0x42/0x70 [ 574.828724] Code: 00 74 27 65 8b 04 25 80 90 03 00 83 c0 01 83 f8 08 7d 27 65 89 04 25 80 90 03 00 65 c6 04 25 15 6e 0b 00 ff c3 0f 0b 90 eb fe <0f> 0b 66 90 66 2e 0f 1f 84 00 00 00 00 00 eb fe 0f 0b 66 90 66 2e [ 574.848207] RSP: 0018:fffffe000000eea8 EFLAGS: 00010046 [ 574.853583] RAX: 0000000080000000 RBX: 0000000000000001 RCX: 00000000c0000101 [ 574.861035] RDX: 00000000ffff8802 RSI: ffffffff8a40136c RDI: ffffea0000439620 [ 574.868380] RBP: fffffe000000eef9 R08: 0000000000000000 R09: 0000000000000000 [ 574.875691] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 574.882977] R13: 0000000000000000 R14: 00000001c1b7c000 R15: 0000000000000000 [ 574.890296] FS: 0000000000000000(0000) GS:ffff88021fc00000(0000) knlGS:0000000000000000 [ 574.898633] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 574.904515] CR2: 00007f961b598e78 CR3: 00000001c1b7c000 CR4: 00000000001406f0 [ 574.911788] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 574.919061] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 574.926329] Call Trace: [ 574.928923] [ 574.931094] ? end_repeat_nmi+0x19/0x8e [ 574.935076] ? end_repeat_nmi+0x7/0x8e [ 574.938970] ? __cpuidle_text_start+0x8/0x8 [ 574.943301] ? default_idle+0x210/0x3f0 [ 574.947275] ? default_idle+0x210/0x3f0 [ 574.951250] ? default_idle+0x210/0x3f0 [ 574.955220] [ 574.957465] ? __cpuidle_text_start+0x8/0x8 [ 574.961788] ? __cpuidle_text_start+0x8/0x8 [ 574.966181] ? arch_cpu_idle+0x26/0x30 [ 574.970091] ? do_idle+0x36c/0x830 [ 574.973642] ? cpu_startup_entry+0x105/0x150 [ 574.978055] ? rest_init+0x1c1/0x1f0 [ 574.981793] ? hpet_time_init+0xd0/0xe0 [ 574.985770] ? start_kernel+0x11bd/0x11e0 [ 574.989925] ? x86_64_start_kernel+0xf0/0x100 [ 574.994426] ? secondary_startup_64+0xa5/0xb0 [ 574.998917] Modules linked in: [ 575.002127] Dumping ftrace buffer: [ 575.005655] (ftrace buffer empty) [ 575.009378] ---[ end trace 9eb832af7380e150 ]--- [ 575.014145] RIP: 0010:kmsan_nmi_enter+0x42/0x70 [ 575.018811] Code: 00 74 27 65 8b 04 25 80 90 03 00 83 c0 01 83 f8 08 7d 27 65 89 04 25 80 90 03 00 65 c6 04 25 15 6e 0b 00 ff c3 0f 0b 90 eb fe <0f> 0b 66 90 66 2e 0f 1f 84 00 00 00 00 00 eb fe 0f 0b 66 90 66 2e [ 575.038301] RSP: 0018:fffffe000000eea8 EFLAGS: 00010046 [ 575.043674] RAX: 0000000080000000 RBX: 0000000000000001 RCX: 00000000c0000101 [ 575.050944] RDX: 00000000ffff8802 RSI: ffffffff8a40136c RDI: ffffea0000439620 [ 575.058212] RBP: fffffe000000eef9 R08: 0000000000000000 R09: 0000000000000000 [ 575.065481] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 575.072768] R13: 0000000000000000 R14: 00000001c1b7c000 R15: 0000000000000000 [ 575.080046] FS: 0000000000000000(0000) GS:ffff88021fc00000(0000) knlGS:0000000000000000 [ 575.088274] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 575.094164] CR2: 00007f961b598e78 CR3: 00000001c1b7c000 CR4: 00000000001406f0 [ 575.101452] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 575.108721] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 575.116016] Kernel panic - not syncing: Fatal exception [ 575.121808] Dumping ftrace buffer: [ 575.125337] (ftrace buffer empty) [ 575.129038] Kernel Offset: disabled [ 575.132668] Rebooting in 86400 seconds..