[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 15.445458] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 20.212945] random: sshd: uninitialized urandom read (32 bytes read) [ 20.511746] random: sshd: uninitialized urandom read (32 bytes read) [ 21.271859] random: sshd: uninitialized urandom read (32 bytes read) [ 763.637117] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.20' (ECDSA) to the list of known hosts. [ 769.070700] random: sshd: uninitialized urandom read (32 bytes read) executing program executing program executing program [ 1004.512264] INFO: task syz-executor226:4470 blocked for more than 140 seconds. [ 1004.519734] Not tainted 4.18.0-rc5-next-20180720+ #12 [ 1004.525447] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1004.533411] syz-executor226 D24320 4470 4468 0x00000000 [ 1004.539079] Call Trace: [ 1004.541801] __schedule+0x87c/0x1ea0 [ 1004.545571] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 1004.550156] ? __sched_text_start+0x8/0x8 [ 1004.554305] ? _raw_spin_unlock+0x22/0x30 [ 1004.558485] ? __queue_work+0x68d/0x1410 [ 1004.562582] ? kasan_check_read+0x11/0x20 [ 1004.566737] ? flush_rcu_work+0x90/0x90 [ 1004.570707] ? kasan_check_write+0x14/0x20 [ 1004.574936] ? do_raw_spin_lock+0xc1/0x200 [ 1004.579186] ? trace_hardirqs_off+0xd/0x10 [ 1004.583934] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 1004.589091] ? debug_check_no_obj_freed+0x30b/0x595 [ 1004.594109] schedule+0xfb/0x450 [ 1004.597511] ? padata_do_parallel+0x5da/0x8d0 [ 1004.602022] ? __schedule+0x1ea0/0x1ea0 [ 1004.605993] ? retint_kernel+0x10/0x10 [ 1004.609886] ? lock_acquire+0x1e4/0x540 [ 1004.613857] ? wait_for_completion+0x428/0x8d0 [ 1004.618438] schedule_timeout+0x1cc/0x260 [ 1004.622584] ? usleep_range+0x1a0/0x1a0 [ 1004.626555] ? do_raw_spin_unlock+0xa7/0x2f0 [ 1004.630962] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 1004.635542] ? kasan_check_write+0x14/0x20 [ 1004.639771] ? do_raw_spin_lock+0xc1/0x200 [ 1004.644030] wait_for_completion+0x430/0x8d0 [ 1004.648433] ? wait_for_completion_interruptible+0x950/0x950 [ 1004.654271] ? wake_up_q+0x100/0x100 [ 1004.658014] ? pcrypt_aead_enc+0x190/0x190 [ 1004.662298] ? sock_kmalloc+0x182/0x1f0 [ 1004.666302] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1004.671862] ? pcrypt_aead_decrypt+0x370/0x460 [ 1004.676476] aead_recvmsg+0x1544/0x1bb0 [ 1004.680462] ? aead_release+0x50/0x50 [ 1004.684264] ? aead_release+0x50/0x50 [ 1004.688062] sock_recvmsg_nosec+0x8c/0xb0 [ 1004.692209] ? __sock_tx_timestamp+0xd0/0xd0 [ 1004.696613] ___sys_recvmsg+0x2b6/0x680 [ 1004.700587] ? ___sys_sendmsg+0x930/0x930 [ 1004.704737] ? alloc_pages_current+0x114/0x210 [ 1004.709316] ? af_alg_sendmsg+0x93e/0x1190 [ 1004.713549] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1004.719098] ? lock_acquire+0x1e4/0x540 [ 1004.723128] ? __might_fault+0x12b/0x1e0 [ 1004.727199] ? lock_downgrade+0x8f0/0x8f0 [ 1004.731340] ? af_alg_sendpage+0xb50/0xb50 [ 1004.735572] ? lock_release+0xa30/0xa30 [ 1004.739541] ? check_same_owner+0x340/0x340 [ 1004.743883] ? rcu_note_context_switch+0x730/0x730 [ 1004.748823] ? check_same_owner+0x340/0x340 [ 1004.753142] __sys_recvmmsg+0x301/0xba0 [ 1004.757114] ? __ia32_sys_recvmsg+0xb0/0xb0 [ 1004.761433] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1004.766993] ? __vfs_write+0x11f/0x9d0 [ 1004.770909] ? fsnotify+0xbac/0x14e0 [ 1004.774646] ? fsnotify_first_mark+0x350/0x350 [ 1004.779236] ? __fsnotify_parent+0xcc/0x420 [ 1004.783554] ? __sys_accept4+0x5ad/0x8a0 [ 1004.787614] ? fsnotify+0x14e0/0x14e0 [ 1004.791412] ? vfs_write+0x2ad/0x560 [ 1004.795128] do_sys_recvmmsg+0x181/0x1a0 [ 1004.799182] ? __sys_recvmmsg+0xba0/0xba0 [ 1004.803326] ? __ia32_sys_read+0xb0/0xb0 [ 1004.807384] ? __ia32_sys_fallocate+0xf0/0xf0 [ 1004.811874] __x64_sys_recvmmsg+0xbe/0x150 [ 1004.816133] do_syscall_64+0x1b9/0x820 [ 1004.820026] ? syscall_slow_exit_work+0x500/0x500 [ 1004.824863] ? syscall_return_slowpath+0x5e0/0x5e0 [ 1004.829790] ? syscall_return_slowpath+0x31d/0x5e0 [ 1004.834719] ? prepare_exit_to_usermode+0x291/0x3b0 [ 1004.839733] ? perf_trace_sys_enter+0xb10/0xb10 [ 1004.844397] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1004.849240] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1004.854421] RIP: 0033:0x440379 [ 1004.857603] Code: Bad RIP value. [ 1004.860981] RSP: 002b:00007ffcad1e64c8 EFLAGS: 00000207 ORIG_RAX: 000000000000012b [ 1004.868688] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000440379 [ 1004.875951] RDX: 0000000000000002 RSI: 0000000020003340 RDI: 000000000000000a [ 1004.883218] RBP: 00000000006ca018 R08: 0000000000000000 R09: 00000000004002c8 [ 1004.890482] R10: 0000000000000000 R11: 0000000000000207 R12: 0000000000401c00 [ 1004.897750] R13: 0000000000401c90 R14: 0000000000000000 R15: 0000000000000000 [ 1004.905035] INFO: lockdep is turned off. [ 1004.909125] NMI backtrace for cpu 1 [ 1004.912769] CPU: 1 PID: 901 Comm: khungtaskd Not tainted 4.18.0-rc5-next-20180720+ #12 [ 1004.920812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1004.930147] Call Trace: [ 1004.932740] dump_stack+0x1c9/0x2b4 [ 1004.936348] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1004.941535] ? vprintk_default+0x28/0x30 [ 1004.945598] ? lapic_can_unplug_cpu.cold.28+0x3f/0x3f [ 1004.950765] nmi_cpu_backtrace.cold.3+0x48/0x88 [ 1004.955414] ? lapic_can_unplug_cpu.cold.28+0x3f/0x3f [ 1004.960593] nmi_trigger_cpumask_backtrace+0x151/0x192 [ 1004.965846] arch_trigger_cpumask_backtrace+0x14/0x20 [ 1004.971011] watchdog+0xb39/0x10b0 [ 1004.974528] ? reset_hung_task_detector+0xd0/0xd0 [ 1004.979353] ? kasan_check_read+0x11/0x20 [ 1004.983478] ? do_raw_spin_unlock+0xa7/0x2f0 [ 1004.987865] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 1004.992944] ? __kthread_parkme+0x58/0x1b0 [ 1004.997156] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1005.002156] ? trace_hardirqs_on+0xd/0x10 [ 1005.006281] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1005.011798] ? __kthread_parkme+0x106/0x1b0 [ 1005.016096] kthread+0x345/0x410 [ 1005.019438] ? reset_hung_task_detector+0xd0/0xd0 [ 1005.024260] ? kthread_bind+0x40/0x40 [ 1005.028036] ret_from_fork+0x3a/0x50 [ 1005.031797] Sending NMI from CPU 1 to CPUs 0: [ 1005.037344] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.021 msecs [ 1005.038309] NMI backtrace for cpu 0 [ 1005.038313] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 4.18.0-rc5-next-20180720+ #12 [ 1005.038317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1005.038320] RIP: 0010:debug_lockdep_rcu_enabled+0x31/0x90 [ 1005.038322] Code: 55 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 0f b6 14 02 48 89 f8 48 89 e5 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 4c <8b> 15 c9 12 39 08 85 d2 74 3e 48 c7 c7 80 95 2a 89 48 b8 00 00 00 [ 1005.038398] RSP: 0018:ffff8801dae07498 EFLAGS: 00000046 [ 1005.038402] RAX: 0000000000000003 RBX: 1ffff1003b5c0e9a RCX: 00000001000bac6c [ 1005.038406] RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffffffff899f47c0 [ 1005.038409] RBP: ffff8801dae07498 R08: 0000000000000000 R09: dffffc0000000000 [ 1005.038413] R10: ffff8801d9a52d58 R11: 0000000000001b4e R12: ffff8801dae075b0 [ 1005.038416] R13: ffffffff88f928a0 R14: ffff8801dae07780 R15: ffffffff88e75dc0 [ 1005.038420] FS: 0000000000000000(0000) GS:ffff8801dae00000(0000) knlGS:0000000000000000 [ 1005.038423] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1005.038426] CR2: ffffffffff600400 CR3: 00000001ac8ef000 CR4: 00000000001406f0 [ 1005.038430] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1005.038433] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1005.038435] Call Trace: [ 1005.038436] [ 1005.038438] lock_release+0x706/0xa30 [ 1005.038440] ? lock_acquire+0x1e4/0x540 [ 1005.038443] ? rebalance_domains+0x35a/0xd90 [ 1005.038445] ? lock_downgrade+0x8f0/0x8f0 [ 1005.038447] ? lock_release+0xa30/0xa30 [ 1005.038449] ? trace_hardirqs_on+0x10/0x10 [ 1005.038452] ? trace_hardirqs_on+0x10/0x10 [ 1005.038454] rebalance_domains+0x379/0xd90 [ 1005.038456] ? load_balance+0x3640/0x3640 [ 1005.038458] ? do_raw_spin_lock+0xc1/0x200 [ 1005.038461] ? rcu_process_callbacks+0x1641/0x2860 [ 1005.038463] ? lock_repin_lock+0x430/0x430 [ 1005.038466] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 1005.038468] ? find_next_bit+0x104/0x130 [ 1005.038470] _nohz_idle_balance+0x636/0x820 [ 1005.038473] ? rebalance_domains+0xd90/0xd90 [ 1005.038475] ? rq_online_fair+0x4c0/0x4c0 [ 1005.038477] ? lock_acquire+0x1e4/0x540 [ 1005.038479] ? rebalance_domains+0x35a/0xd90 [ 1005.038481] ? lock_downgrade+0x8f0/0x8f0 [ 1005.038484] ? do_raw_spin_unlock+0xa7/0x2f0 [ 1005.038486] ? lock_release+0xa30/0xa30 [ 1005.038489] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1005.038491] ? __run_timers+0xa37/0xc70 [ 1005.038493] run_rebalance_domains+0x2c6/0x4c0 [ 1005.038496] ? _nohz_idle_balance+0x820/0x820 [ 1005.038498] ? tick_irq_enter+0x83/0x390 [ 1005.038500] ? lock_downgrade+0x8f0/0x8f0 [ 1005.038503] ? hrtimer_update_softirq_timer+0xa0/0xa0 [ 1005.038505] ? irq_exit+0x1d4/0x210 [ 1005.038507] __do_softirq+0x2e8/0xb17 [ 1005.038509] ? __irqentry_text_end+0x1f97a8/0x1f97a8 [ 1005.038511] ? kvm_clock_read+0x25/0x30 [ 1005.038514] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1005.038516] ? kasan_check_read+0x11/0x20 [ 1005.038518] ? nr_iowait_cpu+0x9c/0x150 [ 1005.038521] ? nr_iowait+0x1f0/0x1f0 [ 1005.038523] ? rcu_idle_exit+0x430/0x430 [ 1005.038525] ? raise_softirq_irqoff+0x164/0x330 [ 1005.038527] ? irq_exit+0x210/0x210 [ 1005.038530] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1005.038532] ? sched_set_stop_task+0x290/0x290 [ 1005.038534] irq_exit+0x1d4/0x210 [ 1005.038537] scheduler_ipi+0x53c/0xa50 [ 1005.038539] ? migration_cpu_stop+0x470/0x470 [ 1005.038541] ? kasan_check_read+0x11/0x20 [ 1005.038543] ? rcu_nmi_exit+0xe0/0x2d0 [ 1005.038546] ? rcu_idle_enter+0x480/0x480 [ 1005.038548] ? clockevents_program_event+0x140/0x370 [ 1005.038551] ? tick_program_event+0xb2/0x130 [ 1005.038554] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1005.038556] ? task_prio+0x50/0x50 [ 1005.038558] smp_reschedule_interrupt+0xf5/0x670 [ 1005.038560] ? smp_thermal_interrupt+0x820/0x820 [ 1005.038563] ? kvm_clock_read+0x25/0x30 [ 1005.038565] ? kvm_sched_clock_read+0x9/0x20 [ 1005.038567] ? sched_clock+0x31/0x40 [ 1005.038569] ? sched_clock_cpu+0x1b/0x180 [ 1005.038571] ? task_prio+0x50/0x50 [ 1005.038574] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1005.038576] reschedule_interrupt+0xf/0x20 [ 1005.038577] [ 1005.038580] RIP: 0010:native_safe_halt+0x6/0x10 [ 1005.038581] Code: c7 48 89 45 d8 e8 7a 3e 1c fa 48 8b 45 d8 e9 d2 fe ff ff 48 89 df e8 69 3e 1c fa eb 8a 90 90 90 90 90 90 90 55 48 89 e5 fb f4 <5d> c3 0f 1f 84 00 00 00 00 00 55 48 89 e5 f4 5d c3 90 90 90 90 90 [ 1005.038656] RSP: 0018:ffffffff88e07bc0 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff02 [ 1005.038662] RAX: dffffc0000000000 RBX: 1ffffffff11c0f7b RCX: ffffffff8166e182 [ 1005.038665] RDX: 1ffffffff11e3658 RSI: 0000000000000004 RDI: ffffffff88f1b2c0 [ 1005.038669] RBP: ffffffff88e07bc0 R08: ffffed003b5c46d7 R09: ffffed003b5c46d6 [ 1005.038672] R10: ffffed003b5c46d6 R11: ffff8801dae236b3 R12: 0000000000000000 [ 1005.038675] R13: ffffffff88e07c78 R14: ffffffff899f46e0 R15: 0000000000000000 [ 1005.038678] ? rcu_dynticks_eqs_enter+0x22/0x30 [ 1005.038680] default_idle+0xc7/0x450 [ 1005.038682] ? __sched_text_end+0x3/0x3 [ 1005.038684] ? rcu_idle_enter+0x30a/0x480 [ 1005.038686] ? rcu_eqs_special_set+0x1b0/0x1b0 [ 1005.038689] ? tsc_verify_tsc_adjust+0x109/0x380 [ 1005.038691] ? mark_tsc_async_resets+0x20/0x20 [ 1005.038694] ? sched_set_stop_task+0x290/0x290 [ 1005.038696] ? __tick_nohz_idle_restart_tick+0x28c/0x3c0 [ 1005.038699] arch_cpu_idle+0x10/0x20 [ 1005.038701] default_idle_call+0x6d/0x90 [ 1005.038703] do_idle+0x3aa/0x570 [ 1005.038705] ? arch_cpu_idle_exit+0x70/0x70 [ 1005.038707] ? __schedule+0x1ea0/0x1ea0 [ 1005.038709] cpu_startup_entry+0x10c/0x120 [ 1005.038711] ? cpu_in_idle+0x20/0x20 [ 1005.038714] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1005.038716] ? trace_hardirqs_on+0xd/0x10 [ 1005.038718] rest_init+0xe1/0xe4 [ 1005.038720] start_kernel+0x90e/0x949 [ 1005.038722] ? mem_encrypt_init+0xb/0xb [ 1005.038725] ? early_idt_handler_common+0x3b/0x60 [ 1005.038728] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1005.038730] ? x86_family+0x3e/0x50 [ 1005.038732] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1005.038735] x86_64_start_reservations+0x29/0x2b [ 1005.038737] x86_64_start_kernel+0x76/0x79 [ 1005.038739] secondary_startup_64+0xa4/0xb0 [ 1005.038746] Kernel panic - not syncing: hung_task: blocked tasks [ 1005.629415] CPU: 1 PID: 901 Comm: khungtaskd Not tainted 4.18.0-rc5-next-20180720+ #12 [ 1005.637446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1005.646786] Call Trace: [ 1005.649360] dump_stack+0x1c9/0x2b4 [ 1005.652966] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1005.658137] ? printk_safe_log_store+0x2f0/0x2f0 [ 1005.662943] panic+0x238/0x4e7 [ 1005.666116] ? add_taint.cold.5+0x16/0x16 [ 1005.670245] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1005.675764] ? nmi_trigger_cpumask_backtrace+0x13a/0x192 [ 1005.681191] ? printk_safe_flush+0xd7/0x130 [ 1005.685491] watchdog+0xb4a/0x10b0 [ 1005.689015] ? reset_hung_task_detector+0xd0/0xd0 [ 1005.693861] ? kasan_check_read+0x11/0x20 [ 1005.697990] ? do_raw_spin_unlock+0xa7/0x2f0 [ 1005.702408] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 1005.708100] ? __kthread_parkme+0x58/0x1b0 [ 1005.712318] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1005.717311] ? trace_hardirqs_on+0xd/0x10 [ 1005.721443] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1005.726956] ? __kthread_parkme+0x106/0x1b0 [ 1005.731272] kthread+0x345/0x410 [ 1005.734625] ? reset_hung_task_detector+0xd0/0xd0 [ 1005.739455] ? kthread_bind+0x40/0x40 [ 1005.743245] ret_from_fork+0x3a/0x50 [ 1005.747343] Dumping ftrace buffer: [ 1005.750862] (ftrace buffer empty) [ 1005.754550] Kernel Offset: disabled [ 1005.758162] Rebooting in 86400 seconds..