[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 24.302383] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 27.573457] random: sshd: uninitialized urandom read (32 bytes read) [ 27.786476] random: sshd: uninitialized urandom read (32 bytes read) [ 28.356174] random: sshd: uninitialized urandom read (32 bytes read) [ 76.947458] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.10.8' (ECDSA) to the list of known hosts. [ 82.734189] random: sshd: uninitialized urandom read (32 bytes read) 2018/09/04 16:50:33 parsed 1 programs [ 83.839820] random: cc1: uninitialized urandom read (8 bytes read) 2018/09/04 16:50:34 executed programs: 0 [ 84.632226] IPVS: ftp: loaded support on port[0] = 21 [ 84.846645] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.853226] bridge0: port 1(bridge_slave_0) entered disabled state [ 84.861216] device bridge_slave_0 entered promiscuous mode [ 84.877627] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.883988] bridge0: port 2(bridge_slave_1) entered disabled state [ 84.890912] device bridge_slave_1 entered promiscuous mode [ 84.907337] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 84.923420] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 84.967372] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 84.985741] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 85.051350] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 85.059229] team0: Port device team_slave_0 added [ 85.074724] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 85.081796] team0: Port device team_slave_1 added [ 85.097534] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 85.115460] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 85.132609] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 85.149868] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 85.275675] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.282106] bridge0: port 2(bridge_slave_1) entered forwarding state [ 85.288900] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.295290] bridge0: port 1(bridge_slave_0) entered forwarding state [ 85.739159] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 85.745290] 8021q: adding VLAN 0 to HW filter on device bond0 [ 85.790797] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 85.836789] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 85.845524] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 85.886761] 8021q: adding VLAN 0 to HW filter on device team0 [ 86.158998] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details. [ 86.191151] WARNING: CPU: 0 PID: 4966 at arch/x86/kvm/vmx.c:4754 free_loaded_vmcs+0x160/0x1b0 [ 86.199892] Kernel panic - not syncing: panic_on_warn set ... [ 86.199892] [ 86.207243] CPU: 0 PID: 4966 Comm: syz-executor0 Not tainted 4.19.0-rc2-next-20180904+ #55 [ 86.215696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 86.225149] Call Trace: [ 86.227722] dump_stack+0x1c9/0x2b4 [ 86.231342] ? dump_stack_print_info.cold.2+0x52/0x52 [ 86.236527] panic+0x238/0x4e7 [ 86.239713] ? add_taint.cold.5+0x16/0x16 [ 86.243862] ? __warn.cold.8+0x148/0x1ba [ 86.247908] ? __warn.cold.8+0x117/0x1ba [ 86.251954] ? free_loaded_vmcs+0x160/0x1b0 [ 86.256259] __warn.cold.8+0x163/0x1ba [ 86.260296] ? free_loaded_vmcs+0x160/0x1b0 [ 86.264762] report_bug+0x252/0x2d0 [ 86.268380] do_error_trap+0x1fc/0x4d0 [ 86.272280] ? math_error+0x3e0/0x3e0 [ 86.276163] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 86.280994] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 86.286055] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 86.291582] ? smp_call_function_single+0x2d6/0x5c0 [ 86.296582] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 86.301409] do_invalid_op+0x1b/0x20 [ 86.305108] invalid_op+0x14/0x20 [ 86.308562] RIP: 0010:free_loaded_vmcs+0x160/0x1b0 [ 86.313477] Code: 81 e8 34 bb 53 00 48 89 da 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 75 49 4c 8b 23 e9 22 ff ff ff e8 c0 03 60 00 <0f> 0b eb b0 e8 77 1f 9f 00 e9 f4 fe ff ff 48 89 df e8 8a 1f 9f 00 [ 86.332555] RSP: 0018:ffff8801b476f740 EFLAGS: 00010293 [ 86.337907] RAX: ffff8801b471c6c0 RBX: ffff8801d7e557a8 RCX: 0000000000000000 [ 86.345266] RDX: 0000000000000000 RSI: ffffffff811cd2b0 RDI: ffff8801d7e557b0 [ 86.352517] RBP: ffff8801b476f758 R08: ffff8801b471c6c0 R09: 0000000000000000 [ 86.359774] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8801c6aed000 [ 86.367030] R13: 0000000000000000 R14: dffffc0000000000 R15: 0000000000000001 [ 86.374407] ? free_loaded_vmcs+0x160/0x1b0 [ 86.378726] vmx_free_vcpu+0x204/0x300 [ 86.382686] kvm_arch_destroy_vm+0x365/0x7c0 [ 86.387089] ? kvm_arch_sync_events+0x30/0x30 [ 86.391570] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 86.397096] ? mmu_notifier_unregister+0x474/0x600 [ 86.402014] ? trace_hardirqs_on+0x2c0/0x2c0 [ 86.406411] ? __mmu_notifier_register+0x30/0x30 [ 86.411254] ? __free_pages+0x10a/0x190 [ 86.415218] ? free_unref_page+0x930/0x930 [ 86.419509] kvm_put_kvm+0x73f/0x1060 [ 86.423456] ? kvm_write_guest_cached+0x40/0x40 [ 86.428263] ? up_write+0x7b/0x220 [ 86.431833] ? up_read+0x110/0x110 [ 86.435368] ? mntput+0x74/0xa0 [ 86.438696] ? debugfs_remove_recursive+0x420/0x560 [ 86.443705] ? fsnotify_first_mark+0x350/0x350 [ 86.448276] ? debugfs_remove+0x130/0x130 [ 86.452419] kvm_vcpu_release+0x7b/0xa0 [ 86.456394] __fput+0x3c1/0xa80 [ 86.459681] ? kvm_vm_release+0x50/0x50 [ 86.463709] ? __alloc_file+0x400/0x400 [ 86.467676] ? trace_hardirqs_on+0xbd/0x2c0 [ 86.471996] ? kasan_check_read+0x11/0x20 [ 86.476129] ? task_work_run+0x1af/0x2a0 [ 86.480216] ? trace_hardirqs_off_caller+0x2b0/0x2b0 [ 86.485307] ? kasan_check_write+0x14/0x20 [ 86.489552] ? do_raw_spin_lock+0xc1/0x200 [ 86.493773] ____fput+0x15/0x20 [ 86.497037] task_work_run+0x1e8/0x2a0 [ 86.500919] ? task_work_cancel+0x240/0x240 [ 86.505249] ? copy_fd_bitmaps+0x210/0x210 [ 86.509509] ? do_syscall_64+0x9a/0x820 [ 86.513614] exit_to_usermode_loop+0x318/0x380 [ 86.518239] ? syscall_slow_exit_work+0x490/0x490 [ 86.523077] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 86.528601] do_syscall_64+0x6be/0x820 [ 86.532473] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 86.537908] ? syscall_return_slowpath+0x5e0/0x5e0 [ 86.542835] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 86.547668] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 86.552674] ? prepare_exit_to_usermode+0x291/0x3b0 [ 86.557677] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 86.562514] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 86.567684] RIP: 0033:0x410c51 [ 86.570902] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 34 19 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 86.589795] RSP: 002b:00007ffd41313ae0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 86.597508] RAX: 0000000000000000 RBX: 0000000000000006 RCX: 0000000000410c51 [ 86.604761] RDX: 0000000000000000 RSI: 00000000007334f0 RDI: 0000000000000005 [ 86.612022] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000001 [ 86.619281] R10: 00007ffd41313a10 R11: 0000000000000293 R12: 00000000004129f0 [ 86.626535] R13: 0000000000412a80 R14: 0000000000000000 R15: badc0ffeebadface [ 86.634323] Dumping ftrace buffer: [ 86.638003] (ftrace buffer empty) [ 86.641699] Kernel Offset: disabled [ 86.645311] Rebooting in 86400 seconds..