ell server: sshd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[ 32.088075] audit: type=1800 audit(1555876234.869:34): pid=6852 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op="collect_data" cause="failed(directio)" comm="startpar" name="rmnologin" dev="sda1" ino=2456 res=0
Debian GNU/Linux 7 syzkaller ttyS0
syzkaller login: [ 34.826552] random: sshd: uninitialized urandom read (32 bytes read)
[ 35.016975] audit: type=1400 audit(1555876237.829:35): avc: denied { map } for pid=7026 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
[ 35.069732] random: sshd: uninitialized urandom read (32 bytes read)
[ 35.616417] random: sshd: uninitialized urandom read (32 bytes read)
[ 438.530815] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.1.27' (ECDSA) to the list of known hosts.
[ 444.122966] random: sshd: uninitialized urandom read (32 bytes read)
executing program
executing program
[ 444.241295] audit: type=1400 audit(1555876647.059:36): avc: denied { map } for pid=7038 comm="syz-executor830" path="/root/syz-executor830216529" dev="sda1" ino=1426 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
executing program
[ 714.710667] INFO: task syz-executor830:7059 blocked for more than 140 seconds.
[ 714.718290] Not tainted 4.14.113 #3
[ 714.723305] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 714.731314] syz-executor830 D28528 7059 7038 0x00000004
[ 714.736981] Call Trace:
[ 714.739680] __schedule+0x7be/0x1cf0
[ 714.743423] ? pci_mmcfg_check_reserved+0x150/0x150
[ 714.748494] ? find_held_lock+0x35/0x130
[ 714.752601] schedule+0x92/0x1c0
[ 714.755968] schedule_timeout+0x93d/0xe10
[ 714.760146] ? wait_for_completion+0x274/0x420
[ 714.764751] ? find_held_lock+0x35/0x130
[ 714.768788] ? usleep_range+0x130/0x130
[ 714.772789] ? wait_for_completion+0x274/0x420
[ 714.777379] ? mark_held_locks+0xb1/0x100
[ 714.781579] ? _raw_spin_unlock_irq+0x28/0x90
[ 714.786098] ? trace_hardirqs_on_caller+0x400/0x590
[ 714.791192] wait_for_completion+0x27c/0x420
[ 714.795632] ? __local_bh_enable_ip+0x99/0x1a0
[ 714.800247] ? wait_for_completion_interruptible+0x490/0x490
[ 714.806090] ? wake_up_q+0xf0/0xf0
[ 714.809666] af_alg_wait_for_completion+0x38/0xb0
[ 714.814552] aead_recvmsg+0x83a/0x1da0
[ 714.818570] ? aead_release+0x50/0x50
[ 714.822478] ? selinux_socket_recvmsg+0x36/0x40
[ 714.827179] ? security_socket_recvmsg+0x97/0xc0
[ 714.832023] ? aead_release+0x50/0x50
[ 714.836056] sock_recvmsg+0xc8/0x110
[ 714.839753] sock_read_iter+0x22f/0x340
[ 714.843770] ? sock_recvmsg+0x110/0x110
[ 714.847771] ? __fsnotify_update_child_dentry_flags.part.0+0x300/0x300
[ 714.854950] do_iter_readv_writev+0x4f7/0x680
[ 714.859546] ? vfs_dedupe_file_range+0x8f0/0x8f0
[ 714.864496] ? rw_verify_area+0xea/0x2b0
[ 714.868577] do_iter_read+0x221/0x5b0
[ 714.872441] ? dup_iter+0x260/0x260
[ 714.876073] vfs_readv+0xd3/0x130
[ 714.879512] ? compat_rw_copy_check_uvector+0x310/0x310
[ 714.884907] ? SyS_sendmsg+0x50/0x50
[ 714.888630] ? fd_install+0x4d/0x60
[ 714.892292] ? kernel_accept+0x300/0x300
[ 714.896355] ? _raw_spin_unlock_bh+0x31/0x40
[ 714.900854] ? release_sock+0x14c/0x1c0
[ 714.905179] ? __fget_light+0x172/0x1f0
[ 714.909158] do_readv+0xc2/0x220
[ 714.912651] ? vfs_readv+0x130/0x130
[ 714.916352] ? SyS_recv+0x40/0x40
[ 714.919782] ? do_preadv+0x200/0x200
[ 714.923512] SyS_readv+0x28/0x30
[ 714.926927] do_syscall_64+0x1eb/0x630
[ 714.930843] ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 714.935680] entry_SYSCALL_64_after_hwframe+0x42/0xb7
[ 714.940951] RIP: 0033:0x441349
[ 714.944122] RSP: 002b:00007fff2352d3c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[ 714.951842] RAX: ffffffffffffffda RBX: 00000000004a23d8 RCX: 0000000000441349
[ 714.959090] RDX: 0000000000000001 RSI: 00000000200007c0 RDI: 0000000000000004
[ 714.966377] RBP: 000000000006c788 R08: 00000000004002c8 R09: 00000000004002c8
[ 714.973674] R10: 00000000004002c8 R11: 0000000000000246 R12: 0000000000402170
[ 714.981379] R13: 0000000000402200 R14: 0000000000000000 R15: 0000000000000000
[ 714.988657]
[ 714.988657] Showing all locks held in the system:
[ 714.994997] 1 lock held by khungtaskd/1007:
[ 714.999381] #0: (tasklist_lock){.+.+}, at: [<ffffffff81486f98>] debug_show_all_locks+0x7f/0x21f
[ 715.008489] 2 locks held by getty/7013:
[ 715.012599] #0: (&tty->ldisc_sem){++++}, at: [<ffffffff861b0323>] ldsem_down_read+0x33/0x40
[ 715.021306] #1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff8310c666>] n_tty_read+0x1e6/0x17b0
[ 715.030715] 2 locks held by getty/7014:
[ 715.034671] #0: (&tty->ldisc_sem){++++}, at: [<ffffffff861b0323>] ldsem_down_read+0x33/0x40
[ 715.043383] #1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff8310c666>] n_tty_read+0x1e6/0x17b0
[ 715.052671] 2 locks held by getty/7015:
[ 715.056623] #0: (&tty->ldisc_sem){++++}, at: [<ffffffff861b0323>] ldsem_down_read+0x33/0x40
[ 715.065302] #1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff8310c666>] n_tty_read+0x1e6/0x17b0
[ 715.074582] 2 locks held by getty/7016:
[ 715.078535] #0: (&tty->ldisc_sem){++++}, at: [<ffffffff861b0323>] ldsem_down_read+0x33/0x40
[ 715.087283] #1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff8310c666>] n_tty_read+0x1e6/0x17b0
[ 715.096707] 2 locks held by getty/7017:
[ 715.100699] #0: (&tty->ldisc_sem){++++}, at: [<ffffffff861b0323>] ldsem_down_read+0x33/0x40
[ 715.109355] #1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff8310c666>] n_tty_read+0x1e6/0x17b0
[ 715.118678] 2 locks held by getty/7018:
[ 715.122667] #0: (&tty->ldisc_sem){++++}, at: [<ffffffff861b0323>] ldsem_down_read+0x33/0x40
[ 715.131373] #1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff8310c666>] n_tty_read+0x1e6/0x17b0
[ 715.140661] 2 locks held by getty/7019:
[ 715.144608] #0: (&tty->ldisc_sem){++++}, at: [<ffffffff861b0323>] ldsem_down_read+0x33/0x40
[ 715.153289] #1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff8310c666>] n_tty_read+0x1e6/0x17b0
[ 715.162594] 1 lock held by syz-executor830/7059:
[ 715.167321] #0: (sk_lock-AF_ALG){+.+.}, at: [<ffffffff82c0d0df>] af_alg_wait_for_data+0x1df/0x480
[ 715.176536]
[ 715.178139] =============================================
[ 715.178139]
[ 715.185362] NMI backtrace for cpu 1
[ 715.189181] CPU: 1 PID: 1007 Comm: khungtaskd Not tainted 4.14.113 #3
[ 715.195886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 715.205225] Call Trace:
[ 715.207881] dump_stack+0x138/0x19c
[ 715.211506] nmi_cpu_backtrace.cold+0x57/0x94
[ 715.216061] ? irq_force_complete_move.cold+0x7d/0x7d
[ 715.221243] nmi_trigger_cpumask_backtrace+0x141/0x189
[ 715.226513] arch_trigger_cpumask_backtrace+0x14/0x20
[ 715.231727] watchdog+0x5e7/0xb90
[ 715.235196] kthread+0x31c/0x430
[ 715.238627] ? hungtask_pm_notify+0x60/0x60
[ 715.242937] ? kthread_create_on_node+0xd0/0xd0
[ 715.247652] ret_from_fork+0x3a/0x50
[ 715.251415] Sending NMI from CPU 1 to CPUs 0:
[ 715.256088] NMI backtrace for cpu 0 skipped: idling at pc 0xffffffff861b0e02
[ 715.257020] Kernel panic - not syncing: hung_task: blocked tasks
[ 715.269444] CPU: 1 PID: 1007 Comm: khungtaskd Not tainted 4.14.113 #3
[ 715.275999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 715.285441] Call Trace:
[ 715.288005] dump_stack+0x138/0x19c
[ 715.291727] panic+0x1f2/0x438
[ 715.294933] ? add_taint.cold+0x16/0x16
[ 715.298905] ? ___preempt_schedule+0x16/0x18
[ 715.303327] watchdog+0x5f8/0xb90
[ 715.306767] kthread+0x31c/0x430
[ 715.310329] ? hungtask_pm_notify+0x60/0x60
[ 715.314626] ? kthread_create_on_node+0xd0/0xd0
[ 715.319279] ret_from_fork+0x3a/0x50
[ 715.323952] Kernel Offset: disabled
[ 715.327637] Rebooting in 86400 seconds..