[info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 43.785992] IPVS: Creating netns size=2664 id=1 [ 43.786948] IPVS: ftp: loaded support on port[0] = 21 Warning: Permanently added '10.128.10.35' (ECDSA) to the list of known hosts. 2019/04/14 10:05:19 parsed 1 programs 2019/04/14 10:05:19 executed programs: 0 [ 53.388783] IPVS: Creating netns size=2664 id=2 [ 53.393843] IPVS: ftp: loaded support on port[0] = 21 [ 53.403881] IPVS: Creating netns size=2664 id=3 [ 53.409576] IPVS: ftp: loaded support on port[0] = 21 [ 53.421676] IPVS: Creating netns size=2664 id=4 [ 53.427836] IPVS: ftp: loaded support on port[0] = 21 [ 53.441615] IPVS: Creating netns size=2664 id=5 [ 53.447469] IPVS: ftp: loaded support on port[0] = 21 [ 53.463762] IPVS: Creating netns size=2664 id=6 [ 53.468465] IPVS: ftp: loaded support on port[0] = 21 [ 53.484535] IPVS: Creating netns size=2664 id=7 [ 53.489521] IPVS: ftp: loaded support on port[0] = 21 [ 53.611565] device bridge_slave_0 entered promiscuous mode [ 53.627047] device bridge_slave_1 entered promiscuous mode [ 53.652273] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 53.666861] device bridge_slave_0 entered promiscuous mode [ 53.672996] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 53.684694] device bridge_slave_1 entered promiscuous mode [ 53.709825] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 53.717744] device bridge_slave_0 entered promiscuous mode [ 53.729109] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 53.738380] device bridge_slave_1 entered promiscuous mode [ 53.745318] IPv6: ADDRCONF(NETDEV_UP): bond_slave_0: link is not ready [ 53.752352] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 53.762473] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 53.775220] IPv6: ADDRCONF(NETDEV_UP): bond_slave_1: link is not ready [ 53.782005] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 53.791854] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 53.799718] device bridge_slave_0 entered promiscuous mode [ 53.806312] IPv6: ADDRCONF(NETDEV_UP): bond_slave_0: link is not ready [ 53.813101] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 53.826607] device bridge_slave_0 entered promiscuous mode [ 53.833071] device bridge_slave_1 entered promiscuous mode [ 53.839658] IPv6: ADDRCONF(NETDEV_UP): bond_slave_1: link is not ready [ 53.847538] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 53.861840] device bridge_slave_1 entered promiscuous mode [ 53.869037] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 53.884383] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 53.891759] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 53.899558] IPv6: ADDRCONF(NETDEV_UP): bond_slave_0: link is not ready [ 53.906624] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 53.915012] device bridge_slave_0 entered promiscuous mode [ 53.928895] IPv6: ADDRCONF(NETDEV_UP): bond_slave_1: link is not ready [ 53.935877] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 53.950219] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 53.957950] device bridge_slave_1 entered promiscuous mode [ 53.964497] IPv6: ADDRCONF(NETDEV_UP): bond_slave_0: link is not ready [ 53.971296] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 53.983792] IPv6: ADDRCONF(NETDEV_UP): bond_slave_1: link is not ready [ 53.990613] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 53.998899] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 54.015687] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 54.024719] IPv6: ADDRCONF(NETDEV_UP): bond_slave_0: link is not ready [ 54.031576] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 54.044662] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 54.052102] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 54.063860] IPv6: ADDRCONF(NETDEV_UP): bond_slave_1: link is not ready [ 54.070679] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 54.081690] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 54.089440] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 54.096953] IPv6: ADDRCONF(NETDEV_UP): bond_slave_0: link is not ready [ 54.103827] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 54.115775] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 54.125301] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 54.137517] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 54.145155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 54.155046] IPv6: ADDRCONF(NETDEV_UP): bond_slave_1: link is not ready [ 54.161875] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 54.172601] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 54.189937] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 54.204851] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 54.212847] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 54.224181] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 54.233900] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 54.252423] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 54.265080] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 54.273970] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 54.284192] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 54.304584] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 54.320630] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 54.331339] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 54.340395] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 54.353933] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 54.374694] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 54.382617] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.389285] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.395792] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.402284] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.412539] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.419062] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.425567] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.432064] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.455367] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.461909] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.468427] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.475020] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.517781] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.524340] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.530856] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.537378] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.559462] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.566016] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.572517] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.579047] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.649034] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.655610] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.662147] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.668688] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.140573] 8021q: adding VLAN 0 to HW filter on device bond0 [ 55.164179] 8021q: adding VLAN 0 to HW filter on device bond0 [ 55.183874] 8021q: adding VLAN 0 to HW filter on device bond0 [ 55.200637] 8021q: adding VLAN 0 to HW filter on device bond0 [ 55.219803] 8021q: adding VLAN 0 to HW filter on device bond0 [ 55.230850] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.240434] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.251187] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.275796] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.282473] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.298521] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 55.309565] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 55.326004] 8021q: adding VLAN 0 to HW filter on device bond0 [ 55.334719] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 55.343937] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 55.352828] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 55.384242] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 55.435743] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 55.782110] kvm: emulating exchange as write 2019/04/14 10:05:24 executed programs: 139 2019/04/14 10:05:29 executed programs: 397 2019/04/14 10:05:34 executed programs: 658 [ 69.433569] bridge0: port 2(bridge_slave_1) entered forwarding state [ 69.433571] bridge0: port 2(bridge_slave_1) entered forwarding state [ 69.433599] bridge0: port 1(bridge_slave_0) entered forwarding state [ 69.453202] bridge0: port 1(bridge_slave_0) entered forwarding state [ 69.473467] bridge0: port 2(bridge_slave_1) entered forwarding state [ 69.513448] bridge0: port 1(bridge_slave_0) entered forwarding state [ 69.553451] bridge0: port 2(bridge_slave_1) entered forwarding state [ 69.560018] bridge0: port 1(bridge_slave_0) entered forwarding state [ 69.593446] bridge0: port 2(bridge_slave_1) entered forwarding state [ 69.600079] bridge0: port 1(bridge_slave_0) entered forwarding state [ 69.683447] bridge0: port 2(bridge_slave_1) entered forwarding state [ 69.690032] bridge0: port 1(bridge_slave_0) entered forwarding state 2019/04/14 10:05:39 executed programs: 913 2019/04/14 10:05:44 executed programs: 1169 2019/04/14 10:05:49 executed programs: 1432 2019/04/14 10:05:54 executed programs: 1690 2019/04/14 10:05:59 executed programs: 1946 2019/04/14 10:06:04 executed programs: 2202 2019/04/14 10:06:09 executed programs: 2458 2019/04/14 10:06:14 executed programs: 2713 2019/04/14 10:06:19 executed programs: 2970 2019/04/14 10:06:24 executed programs: 3226 2019/04/14 10:06:29 executed programs: 3483 2019/04/14 10:06:34 executed programs: 3738 2019/04/14 10:06:39 executed programs: 3995 2019/04/14 10:06:44 executed programs: 4255 2019/04/14 10:06:49 executed programs: 4517 2019/04/14 10:06:54 executed programs: 4778 2019/04/14 10:06:59 executed programs: 5034 2019/04/14 10:07:04 executed programs: 5291 2019/04/14 10:07:09 executed programs: 5549 2019/04/14 10:07:14 executed programs: 5814 2019/04/14 10:07:19 executed programs: 6073 2019/04/14 10:07:24 executed programs: 6334 2019/04/14 10:07:30 executed programs: 6594 2019/04/14 10:07:35 executed programs: 6854 2019/04/14 10:07:40 executed programs: 7112 2019/04/14 10:07:45 executed programs: 7368 2019/04/14 10:07:50 executed programs: 7623 2019/04/14 10:07:55 executed programs: 7883 2019/04/14 10:08:00 executed programs: 8143 2019/04/14 10:08:05 executed programs: 8405 2019/04/14 10:08:10 executed programs: 8662 2019/04/14 10:08:15 executed programs: 8921 2019/04/14 10:08:20 executed programs: 9181 2019/04/14 10:08:25 executed programs: 9444 2019/04/14 10:08:30 executed programs: 9706 [ 246.752528] BUG: unable to handle kernel NULL pointer dereference at 0000000000000080 [ 246.760842] IP: [] kvm_apic_set_version+0x11/0x60 [ 246.767362] PGD ba8a3067 PUD b705b067 PMD 0 [ 246.772134] Oops: 0000 [#1] PREEMPT SMP [ 246.776574] Modules linked in: [ 246.779873] CPU: 1 PID: 13626 Comm: syz-executor3 Not tainted 4.2.0-rc5+ #1 [ 246.787122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 246.796458] task: ffff880214d326c0 ti: ffff8800b706c000 task.ti: ffff8800b706c000 [ 246.804055] RIP: 0010:[] [] kvm_apic_set_version+0x11/0x60 [ 246.813003] RSP: 0018:ffff8800b706fd00 EFLAGS: 00010246 [ 246.818430] RAX: 0000000000000021 RBX: 0000000000000000 RCX: 0000000000000000 [ 246.825699] RDX: 0000000000000000 RSI: 00007f8f64847d60 RDI: ffff8800b7018040 [ 246.832947] RBP: ffff8800b706fd08 R08: 0000000000000000 R09: 0000000000000000 [ 246.840194] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000021 [ 246.847444] R13: 00007f8f64847838 R14: ffff8800b706fd68 R15: ffff880214d326c0 [ 246.854691] FS: 00007f8f64849700(0000) GS:ffff88021fd00000(0000) knlGS:0000000000000000 [ 246.862893] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 246.868756] CR2: 0000000000000080 CR3: 00000000b717e000 CR4: 00000000001426e0 [ 246.876006] Stack: [ 246.878144] ffff8800b7018040 ffff8800b706fd38 ffffffff810475a8 0000000000000000 [ 246.886170] 00007f8f64847830 fffffffffffffff2 ffff8800b7018040 ffff8800b706fe10 [ 246.894203] ffffffff8101dd9e ffff8800b706fd68 ffffffff811b9efc ffff8800b7018080 [ 246.902217] Call Trace: [ 246.904784] [] kvm_vcpu_ioctl_set_cpuid2+0x68/0x90 [ 246.911342] [] kvm_arch_vcpu_ioctl+0x9fe/0x11c0 [ 246.917661] [] ? trace_hardirqs_on_caller+0x13c/0x1d0 [ 246.924481] [] ? trace_hardirqs_on+0xd/0x10 [ 246.930432] [] ? vmx_vcpu_load+0x32/0x230 [ 246.936209] [] ? vcpu_load+0x1d/0x70 [ 246.941563] [] ? kvm_arch_vcpu_load+0x4f/0x1f0 [ 246.947778] [] kvm_vcpu_ioctl+0xaf/0x7d0 [ 246.953477] [] do_vfs_ioctl+0x2da/0x530 [ 246.959083] [] ? __fget_light+0x25/0x90 [ 246.964688] [] SyS_ioctl+0x74/0x80 [ 246.969882] [] entry_SYSCALL_64_fastpath+0x16/0x76 [ 246.976439] Code: 0f a3 b4 02 00 02 00 00 19 f6 85 f6 5d 0f 95 c0 c3 66 0f 1f 84 00 00 00 00 00 55 48 89 e5 53 48 8b 9f 20 03 00 00 0f 1f 44 00 00 <48> 8b bb 80 00 00 00 31 d2 be 01 00 00 00 e8 cc 51 00 00 48 85 [ 247.004001] RIP [] kvm_apic_set_version+0x11/0x60 [ 247.010612] RSP [ 247.014220] CR2: 0000000000000080 [ 247.017680] BUG: unable to handle kernel NULL pointer dereference at 0000000000000080 [ 247.025933] IP: [] kvm_apic_set_version+0x11/0x60 [ 247.032445] PGD 211dc8067 PUD 211ed9067 PMD 0 [ 247.037378] Oops: 0000 [#2] PREEMPT SMP [ 247.041833] Modules linked in: [ 247.045144] CPU: 0 PID: 13628 Comm: syz-executor0 Tainted: G D 4.2.0-rc5+ #1 [ 247.053434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 247.062770] task: ffff880211b24640 ti: ffff8800b89c8000 task.ti: ffff8800b89c8000 [ 247.070371] RIP: 0010:[] [] kvm_apic_set_version+0x11/0x60 [ 247.079323] RSP: 0018:ffff8800b89cbd00 EFLAGS: 00010246 [ 247.084863] RAX: 0000000000000021 RBX: 0000000000000000 RCX: 0000000000000000 [ 247.092112] RDX: 0000000000000000 RSI: 00007fa059ef2d60 RDI: ffff8800b71702c0 [ 247.099359] RBP: ffff8800b89cbd08 R08: 0000000000000001 R09: 0000000000000000 [ 247.106620] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000021 [ 247.113971] R13: 00007fa059ef2838 R14: ffff8800b89cbd68 R15: ffff880211b24640 [ 247.121222] FS: 00007fa059ef4700(0000) GS:ffff88021fc00000(0000) knlGS:0000000000000000 [ 247.129435] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 247.135295] CR2: 0000000000000080 CR3: 0000000211c1d000 CR4: 00000000001426f0 [ 247.142552] Stack: [ 247.144680] ffff8800b71702c0 ffff8800b89cbd38 ffffffff810475a8 0000000000000000 [ 247.152761] 00007fa059ef2830 fffffffffffffff2 ffff8800b71702c0 ffff8800b89cbe10 [ 247.160812] ffffffff8101dd9e ffff8800b7170360 ffff8800b7170300 0000000000000000 [ 247.168884] Call Trace: [ 247.171458] [] kvm_vcpu_ioctl_set_cpuid2+0x68/0x90 [ 247.178017] [] kvm_arch_vcpu_ioctl+0x9fe/0x11c0 [ 247.184316] [] ? trace_hardirqs_on+0xd/0x10 [ 247.190357] [] ? vmx_vcpu_load+0x32/0x230 [ 247.196136] [] ? vcpu_load+0x1d/0x70 [ 247.201492] [] ? kvm_arch_vcpu_load+0x4f/0x1f0 [ 247.207704] [] kvm_vcpu_ioctl+0xaf/0x7d0 [ 247.213395] [] ? expand_files+0x2f0/0x2f0 [ 247.219170] [] do_vfs_ioctl+0x2da/0x530 [ 247.224780] [] ? __fget_light+0x25/0x90 [ 247.230388] [] SyS_ioctl+0x74/0x80 [ 247.235581] [] entry_SYSCALL_64_fastpath+0x16/0x76 [ 247.242145] Code: 0f a3 b4 02 00 02 00 00 19 f6 85 f6 5d 0f 95 c0 c3 66 0f 1f 84 00 00 00 00 00 55 48 89 e5 53 48 8b 9f 20 03 00 00 0f 1f 44 00 00 <48> 8b bb 80 00 00 00 31 d2 be 01 00 00 00 e8 cc 51 00 00 48 85 [ 247.269736] RIP [] kvm_apic_set_version+0x11/0x60 [ 247.276332] RSP [ 247.279935] CR2: 0000000000000080 [ 247.284699] ---[ end trace 6543832750dc5e69 ]--- [ 247.289487] Kernel panic - not syncing: Fatal exception [ 247.289490] ---[ end trace 6543832750dc5e6a ]--- [ 248.391707] Shutting down cpus with NMI [ 248.396405] Kernel Offset: disabled