[ 56.564896] audit: type=1800 audit(1539123244.597:27): pid=6061 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 58.159259] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. [ 58.889426] random: sshd: uninitialized urandom read (32 bytes read) [ 59.534624] random: sshd: uninitialized urandom read (32 bytes read) Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 61.154558] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.21' (ECDSA) to the list of known hosts. [ 67.039237] random: sshd: uninitialized urandom read (32 bytes read) 2018/10/09 22:14:17 fuzzer started [ 71.766758] random: cc1: uninitialized urandom read (8 bytes read) 2018/10/09 22:14:22 dialing manager at 10.128.0.26:44001 2018/10/09 22:14:22 syscalls: 1 2018/10/09 22:14:22 code coverage: enabled 2018/10/09 22:14:22 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled 2018/10/09 22:14:22 setuid sandbox: enabled 2018/10/09 22:14:22 namespace sandbox: enabled 2018/10/09 22:14:22 Android sandbox: /sys/fs/selinux/policy does not exist 2018/10/09 22:14:22 fault injection: enabled 2018/10/09 22:14:22 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2018/10/09 22:14:22 net packed injection: enabled 2018/10/09 22:14:22 net device setup: enabled [ 78.159653] random: crng init done 22:16:15 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000080), 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, &(0x7f0000000040)="b9800000c00f3235001000000f30f24c0f2c49e8426dc4027d3493b80800003626660f7e676d660f1678b06cc403f9dfbeb70000000bc7442400f5000000c744240284d178bcff1c24f2f347dbe1", 0x4e}], 0x77, 0x48, &(0x7f0000000140), 0x1000000000000390) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/43) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 188.642055] IPVS: ftp: loaded support on port[0] = 21 [ 191.033449] bridge0: port 1(bridge_slave_0) entered blocking state [ 191.039950] bridge0: port 1(bridge_slave_0) entered disabled state [ 191.048699] device bridge_slave_0 entered promiscuous mode [ 191.198775] bridge0: port 2(bridge_slave_1) entered blocking state [ 191.205398] bridge0: port 2(bridge_slave_1) entered disabled state [ 191.214126] device bridge_slave_1 entered promiscuous mode [ 191.361022] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 191.506777] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready 22:16:20 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)={0xa, 0xb, 0x100000000000914, 0x5}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000080)={r0, &(0x7f0000000000), &(0x7f0000000440)}, 0x20) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000140)={r0, &(0x7f0000000000), &(0x7f0000000100)=""/25}, 0x18) [ 191.949291] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 192.109281] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 192.418058] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 192.425296] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 192.633167] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 192.640245] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 192.688215] IPVS: ftp: loaded support on port[0] = 21 [ 193.433580] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 193.441968] team0: Port device team_slave_0 added [ 193.668476] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 193.676617] team0: Port device team_slave_1 added [ 193.965669] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 193.972840] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 193.981934] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 194.280110] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 194.287304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 194.296278] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 194.534586] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 194.542295] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 194.551197] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 194.730830] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 194.738644] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 194.748051] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 196.374168] bridge0: port 1(bridge_slave_0) entered blocking state [ 196.380644] bridge0: port 1(bridge_slave_0) entered disabled state [ 196.389224] device bridge_slave_0 entered promiscuous mode [ 196.572053] bridge0: port 2(bridge_slave_1) entered blocking state [ 196.578572] bridge0: port 2(bridge_slave_1) entered disabled state [ 196.587462] device bridge_slave_1 entered promiscuous mode [ 196.779368] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 197.015111] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 197.250155] bridge0: port 2(bridge_slave_1) entered blocking state [ 197.256762] bridge0: port 2(bridge_slave_1) entered forwarding state [ 197.263863] bridge0: port 1(bridge_slave_0) entered blocking state [ 197.270335] bridge0: port 1(bridge_slave_0) entered forwarding state [ 197.279443] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 197.503740] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 197.596454] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 197.841143] bond0: Enslaving bond_slave_1 as an active interface with an up link 22:16:26 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000004000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f00000001c0)="3ef00fc78b95cfb807008ee065650f06f36ebaf80c66b889c52e8f66efbafc0cec66b8186e00000f23d00f21f866350000000e0f23f80f01cbd03d670fc75d622e0f01cb", 0x44}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$UI_ABS_SETUP(0xffffffffffffffff, 0x401c5504, &(0x7f0000000000)={0x0, {0x0, 0x40, 0x0, 0x200}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$int_out(0xffffffffffffffff, 0x0, &(0x7f0000000180)) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 198.167946] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 198.175125] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 198.499479] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 198.506705] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 199.099462] IPVS: ftp: loaded support on port[0] = 21 [ 199.350170] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 199.358292] team0: Port device team_slave_0 added [ 199.604713] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 199.612993] team0: Port device team_slave_1 added [ 199.784342] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 199.791431] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 199.800547] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 200.144536] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 200.151595] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 200.160572] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 200.504018] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 200.511586] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 200.520647] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 200.851487] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 200.859230] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 200.868484] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 203.894273] bridge0: port 2(bridge_slave_1) entered blocking state [ 203.900767] bridge0: port 2(bridge_slave_1) entered forwarding state [ 203.907818] bridge0: port 1(bridge_slave_0) entered blocking state [ 203.914341] bridge0: port 1(bridge_slave_0) entered forwarding state [ 203.923327] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 204.077828] bridge0: port 1(bridge_slave_0) entered blocking state [ 204.084404] bridge0: port 1(bridge_slave_0) entered disabled state [ 204.092950] device bridge_slave_0 entered promiscuous mode [ 204.376910] bridge0: port 2(bridge_slave_1) entered blocking state [ 204.383581] bridge0: port 2(bridge_slave_1) entered disabled state [ 204.392084] device bridge_slave_1 entered promiscuous mode [ 204.603948] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 204.652520] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 204.786815] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 205.683035] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 205.876364] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 206.169879] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 206.177073] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready 22:16:34 executing program 3: r0 = socket$inet(0x2, 0x3, 0x1) recvmmsg(r0, &(0x7f0000001a40)=[{{&(0x7f0000001540)=@ax25, 0x80, &(0x7f0000001940), 0x0, &(0x7f00000019c0)=""/104, 0x68}}], 0x1, 0x0, 0x0) setsockopt$inet_int(r0, 0x0, 0x17, &(0x7f0000000040)=0x6, 0x4) sendto$inet(r0, &(0x7f0000004000), 0x33f, 0x0, &(0x7f0000002000), 0x10) [ 206.550686] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 206.558060] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 207.563804] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 207.572096] team0: Port device team_slave_0 added [ 207.667822] IPVS: ftp: loaded support on port[0] = 21 [ 207.992419] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 208.000557] team0: Port device team_slave_1 added [ 208.330588] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 208.337787] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 208.346742] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 208.745037] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 208.752411] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 208.761413] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 209.110291] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 209.118055] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 209.127262] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 209.442954] 8021q: adding VLAN 0 to HW filter on device bond0 [ 209.506518] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 209.514170] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 209.523094] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 210.745707] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 212.185446] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 212.191936] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 212.199913] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 213.488526] 8021q: adding VLAN 0 to HW filter on device team0 [ 213.521467] bridge0: port 1(bridge_slave_0) entered blocking state [ 213.528060] bridge0: port 1(bridge_slave_0) entered disabled state [ 213.537223] device bridge_slave_0 entered promiscuous mode [ 213.563017] bridge0: port 2(bridge_slave_1) entered blocking state [ 213.569472] bridge0: port 2(bridge_slave_1) entered forwarding state [ 213.576450] bridge0: port 1(bridge_slave_0) entered blocking state [ 213.582961] bridge0: port 1(bridge_slave_0) entered forwarding state [ 213.591501] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 213.854217] bridge0: port 2(bridge_slave_1) entered blocking state [ 213.860692] bridge0: port 2(bridge_slave_1) entered disabled state [ 213.869491] device bridge_slave_1 entered promiscuous mode [ 213.876236] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 214.218353] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 214.573823] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 215.569356] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 215.952698] bond0: Enslaving bond_slave_1 as an active interface with an up link 22:16:44 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) keyctl$setperm(0x5, 0x0, 0x10000020) [ 216.429580] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 216.436865] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 216.867841] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 216.875075] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 217.505104] IPVS: ftp: loaded support on port[0] = 21 [ 218.224629] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 218.232713] team0: Port device team_slave_0 added [ 218.590888] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 218.599095] team0: Port device team_slave_1 added [ 219.039236] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 219.046520] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 219.055627] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 219.471586] 8021q: adding VLAN 0 to HW filter on device bond0 [ 219.509051] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 219.516220] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 219.525005] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 219.955616] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 219.963490] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 219.972764] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 220.408098] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 220.415801] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 220.424890] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 221.141913] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 222.715513] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 222.722128] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 222.730049] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 223.384788] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details. [ 223.595687] ================================================================== [ 223.603144] BUG: KMSAN: uninit-value in vmx_set_constant_host_state+0x1778/0x1830 [ 223.610831] CPU: 1 PID: 6945 Comm: syz-executor0 Not tainted 4.19.0-rc4+ #65 [ 223.618039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 223.627413] Call Trace: [ 223.630038] dump_stack+0x306/0x460 [ 223.633705] ? vmx_set_constant_host_state+0x1778/0x1830 [ 223.639207] kmsan_report+0x1a2/0x2e0 [ 223.643055] __msan_warning+0x7c/0xe0 [ 223.646904] vmx_set_constant_host_state+0x1778/0x1830 [ 223.652230] vmx_create_vcpu+0x3e6f/0x7870 [ 223.656496] ? kmsan_set_origin_inline+0x6b/0x120 [ 223.661375] ? __msan_poison_alloca+0x17a/0x210 [ 223.666089] ? vmx_vm_init+0x340/0x340 [ 223.670014] kvm_arch_vcpu_create+0x25d/0x2f0 [ 223.674546] kvm_vm_ioctl+0x13fd/0x33d0 [ 223.678561] ? __msan_poison_alloca+0x17a/0x210 [ 223.683267] ? do_vfs_ioctl+0x18a/0x2810 [ 223.687356] ? __se_sys_ioctl+0x1da/0x270 [ 223.691528] ? vcpu_stat_clear_per_vm+0x420/0x420 [ 223.696393] ? vcpu_stat_clear_per_vm+0x420/0x420 [ 223.701264] do_vfs_ioctl+0xcf3/0x2810 [ 223.705220] ? security_file_ioctl+0x92/0x200 [ 223.709775] __se_sys_ioctl+0x1da/0x270 [ 223.713788] __x64_sys_ioctl+0x4a/0x70 [ 223.717702] do_syscall_64+0xbe/0x100 [ 223.721535] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 223.726744] RIP: 0033:0x457579 [ 223.729962] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 223.748893] RSP: 002b:00007fb0669f1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 223.756634] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 223.763930] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000004 [ 223.771226] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 223.778551] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb0669f26d4 [ 223.785860] R13: 00000000004bfc18 R14: 00000000004cfca0 R15: 00000000ffffffff [ 223.793171] [ 223.794834] Local variable description: ----dt@vmx_set_constant_host_state [ 223.801863] Variable was created at: [ 223.805615] vmx_set_constant_host_state+0x2b0/0x1830 [ 223.810840] vmx_create_vcpu+0x3e6f/0x7870 [ 223.815090] ================================================================== [ 223.822474] Disabling lock debugging due to kernel taint [ 223.827940] Kernel panic - not syncing: panic_on_warn set ... [ 223.827940] [ 223.835352] CPU: 1 PID: 6945 Comm: syz-executor0 Tainted: G B 4.19.0-rc4+ #65 [ 223.843946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 223.853319] Call Trace: [ 223.855953] dump_stack+0x306/0x460 [ 223.859638] panic+0x54c/0xafa [ 223.862912] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 223.868404] kmsan_report+0x2d3/0x2e0 [ 223.872250] __msan_warning+0x7c/0xe0 [ 223.876093] vmx_set_constant_host_state+0x1778/0x1830 [ 223.881421] vmx_create_vcpu+0x3e6f/0x7870 [ 223.885684] ? kmsan_set_origin_inline+0x6b/0x120 [ 223.890569] ? __msan_poison_alloca+0x17a/0x210 [ 223.895295] ? vmx_vm_init+0x340/0x340 [ 223.899229] kvm_arch_vcpu_create+0x25d/0x2f0 [ 223.903769] kvm_vm_ioctl+0x13fd/0x33d0 [ 223.907800] ? __msan_poison_alloca+0x17a/0x210 [ 223.912504] ? do_vfs_ioctl+0x18a/0x2810 [ 223.916590] ? __se_sys_ioctl+0x1da/0x270 [ 223.920774] ? vcpu_stat_clear_per_vm+0x420/0x420 [ 223.925650] ? vcpu_stat_clear_per_vm+0x420/0x420 [ 223.930527] do_vfs_ioctl+0xcf3/0x2810 [ 223.934464] ? security_file_ioctl+0x92/0x200 [ 223.938998] __se_sys_ioctl+0x1da/0x270 [ 223.943023] __x64_sys_ioctl+0x4a/0x70 [ 223.946962] do_syscall_64+0xbe/0x100 [ 223.950796] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 223.956004] RIP: 0033:0x457579 [ 223.959220] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 223.978144] RSP: 002b:00007fb0669f1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 223.985877] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 223.993178] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000004 [ 224.000479] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 224.007762] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb0669f26d4 [ 224.015053] R13: 00000000004bfc18 R14: 00000000004cfca0 R15: 00000000ffffffff [ 224.023327] Kernel Offset: disabled [ 224.026968] Rebooting in 86400 seconds..