[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   60.567247] sshd (6216) used greatest stack depth: 53392 bytes left
[....] Starting OpenBSD Secure Shell server: sshd[   60.802375] random: sshd: uninitialized urandom read (32 bytes read)
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   61.778777] random: sshd: uninitialized urandom read (32 bytes read)
[   62.325376] random: sshd: uninitialized urandom read (32 bytes read)

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   64.605637] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.10.34' (ECDSA) to the list of known hosts.
[   70.526658] random: sshd: uninitialized urandom read (32 bytes read)
2018/10/09 23:18:32 fuzzer started
[   75.247962] random: cc1: uninitialized urandom read (8 bytes read)
2018/10/09 23:18:37 dialing manager at 10.128.0.26:44001
2018/10/09 23:18:37 syscalls: 1
2018/10/09 23:18:37 code coverage: enabled
2018/10/09 23:18:37 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled
2018/10/09 23:18:37 setuid sandbox: enabled
2018/10/09 23:18:37 namespace sandbox: enabled
2018/10/09 23:18:37 Android sandbox: /sys/fs/selinux/policy does not exist
2018/10/09 23:18:37 fault injection: enabled
2018/10/09 23:18:37 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2018/10/09 23:18:37 net packed injection: enabled
2018/10/09 23:18:37 net device setup: enabled
[   80.122137] random: crng init done
23:20:29 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000180)="0f00db670f01df66b8000000000f23d80f21f86635400000f00f23f80f09b800008ee00f009a00000f212b0f01c30f21b00f1af9", 0x34}], 0x1, 0x5d, &(0x7f0000000080), 0x0)
mlockall(0x0)
setsockopt$inet_sctp_SCTP_AUTO_ASCONF(0xffffffffffffffff, 0x84, 0x1e, &(0x7f00000001c0), 0x4)
perf_event_open(&(0x7f000001d000)={0x1, 0x42, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x4000000004002, 0x0)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000e, 0x13, r2, 0x0)
mbind(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, &(0x7f0000000000), 0x45, 0x2)
write$binfmt_misc(r2, &(0x7f0000000440)=ANY=[@ANYBLOB="e5b4772e"], 0x4)
syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x383000)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000580), 0xc, &(0x7f0000000640)={&(0x7f0000000600)=@flushpolicy={0x10, 0x1d, 0x10, 0x0, 0x25dfdbfe}, 0x10}}, 0x1)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000140)=0x401, 0x4)
setsockopt$inet_sctp_SCTP_SET_PEER_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x5, &(0x7f0000000480)={0x0, @in6={{0xa, 0x0, 0x70b3, @loopback, 0x4}}}, 0x84)

[  190.688074] IPVS: ftp: loaded support on port[0] = 21
[  193.089361] bridge0: port 1(bridge_slave_0) entered blocking state
[  193.096138] bridge0: port 1(bridge_slave_0) entered disabled state
[  193.104862] device bridge_slave_0 entered promiscuous mode
[  193.243492] bridge0: port 2(bridge_slave_1) entered blocking state
[  193.249982] bridge0: port 2(bridge_slave_1) entered disabled state
[  193.258657] device bridge_slave_1 entered promiscuous mode
[  193.398830] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  193.537335] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  193.843785] ip (6358) used greatest stack depth: 53296 bytes left
23:20:34 executing program 1:
r0 = socket$inet6(0xa, 0x3, 0x800001800000001)
ioctl(r0, 0x8912, &(0x7f0000000040)="153f6234488dd24d766070")
syz_emit_ethernet(0x7e, &(0x7f0000000140)={@local, @empty=[0x0, 0x3f00000000000000], [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, @remote, @dev={0xac, 0x14, 0x14, 0x11}}, @icmp=@parameter_prob={0x3, 0xf, 0x0, 0x0, 0x0, 0x0, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x104, 0x0, @local, @dev, {[@timestamp={0x44, 0x40, 0x0, 0x0, 0x0, [{[@rand_addr]}, {[@multicast2]}, {[@multicast1]}, {}, {[@loopback]}, {[@broadcast]}, {[@multicast1]}, {[@dev]}]}]}}}}}}}, &(0x7f00000000c0)={0x0, 0x2, [0x0, 0xfffffffffffffffd]})

[  193.983072] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  194.179702] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  194.555329] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  194.562459] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  194.830374] IPVS: ftp: loaded support on port[0] = 21
[  195.407018] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  195.415267] team0: Port device team_slave_0 added
[  195.623199] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  195.631192] team0: Port device team_slave_1 added
[  195.779372] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  195.786528] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  195.795681] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  196.009275] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  196.016545] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  196.025584] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  196.247609] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  196.255434] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  196.264756] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  196.466521] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  196.474405] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  196.483435] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  198.338722] bridge0: port 1(bridge_slave_0) entered blocking state
[  198.345404] bridge0: port 1(bridge_slave_0) entered disabled state
[  198.354122] device bridge_slave_0 entered promiscuous mode
[  198.559067] bridge0: port 2(bridge_slave_1) entered blocking state
[  198.565745] bridge0: port 2(bridge_slave_1) entered disabled state
[  198.574328] device bridge_slave_1 entered promiscuous mode
[  198.774200] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  198.915532] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  199.273337] bridge0: port 2(bridge_slave_1) entered blocking state
[  199.279844] bridge0: port 2(bridge_slave_1) entered forwarding state
[  199.286932] bridge0: port 1(bridge_slave_0) entered blocking state
[  199.293517] bridge0: port 1(bridge_slave_0) entered forwarding state
[  199.302732] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  199.582670] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  199.592381] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  199.862164] bond0: Enslaving bond_slave_1 as an active interface with an up link
23:20:40 executing program 2:
syz_emit_ethernet(0x7e, &(0x7f0000000140)={@local, @empty=[0x0, 0x3f00000000000000], [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, @remote, @dev={0xac, 0x14, 0x14, 0x11}}, @icmp=@parameter_prob={0x3, 0xf, 0x0, 0x0, 0x0, 0x0, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x104, 0x0, @local, @dev, {[@timestamp={0x44, 0x40, 0x0, 0x0, 0x0, [{[@rand_addr]}, {[@multicast2]}, {[@multicast1]}, {}, {[@loopback]}, {[@broadcast]}, {[@multicast1]}, {[@dev]}]}]}}}}}}}, &(0x7f00000000c0)={0x0, 0x2, [0x0, 0xfffffffffffffffd]})

[  200.165962] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  200.173280] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  200.494125] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  200.501218] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  200.824258] IPVS: ftp: loaded support on port[0] = 21
[  201.343902] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  201.352264] team0: Port device team_slave_0 added
[  201.618721] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  201.627014] team0: Port device team_slave_1 added
[  201.980619] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  201.987940] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  201.997096] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  202.202120] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  202.209212] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  202.218440] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  202.583505] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  202.591440] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  202.600877] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  202.766790] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  202.774699] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  202.783811] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  205.335447] bridge0: port 1(bridge_slave_0) entered blocking state
[  205.342107] bridge0: port 1(bridge_slave_0) entered disabled state
[  205.351046] device bridge_slave_0 entered promiscuous mode
[  205.679623] bridge0: port 2(bridge_slave_1) entered blocking state
[  205.686333] bridge0: port 2(bridge_slave_1) entered disabled state
[  205.695024] device bridge_slave_1 entered promiscuous mode
[  205.907205] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  206.184850] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  206.193300] bridge0: port 2(bridge_slave_1) entered blocking state
[  206.199796] bridge0: port 2(bridge_slave_1) entered forwarding state
[  206.206918] bridge0: port 1(bridge_slave_0) entered blocking state
[  206.213460] bridge0: port 1(bridge_slave_0) entered forwarding state
[  206.222469] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  207.186229] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  207.203949] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  207.560050] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  207.905130] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  207.912342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  208.235481] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  208.243047] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
23:20:48 executing program 3:
perf_event_open(&(0x7f0000aaa000)={0x2, 0x70, 0x4b, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0xfffffffffffffff9}]})

[  209.163641] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  209.171889] team0: Port device team_slave_0 added
[  209.546224] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  209.554580] team0: Port device team_slave_1 added
[  209.822654] IPVS: ftp: loaded support on port[0] = 21
[  209.926478] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  209.933786] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  209.942965] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  210.282580] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  210.289718] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  210.298916] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  210.643423] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  210.651640] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  210.660843] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  211.031877] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  211.039473] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  211.048959] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  212.679024] 8021q: adding VLAN 0 to HW filter on device bond0
[  214.064700] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  215.253622] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  215.259981] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  215.267987] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  215.347682] bridge0: port 2(bridge_slave_1) entered blocking state
[  215.354248] bridge0: port 2(bridge_slave_1) entered forwarding state
[  215.361141] bridge0: port 1(bridge_slave_0) entered blocking state
[  215.367739] bridge0: port 1(bridge_slave_0) entered forwarding state
[  215.376390] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  215.392921] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  216.227759] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.234425] bridge0: port 1(bridge_slave_0) entered disabled state
[  216.243138] device bridge_slave_0 entered promiscuous mode
[  216.650217] 8021q: adding VLAN 0 to HW filter on device team0
[  216.692745] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.699236] bridge0: port 2(bridge_slave_1) entered disabled state
[  216.708050] device bridge_slave_1 entered promiscuous mode
[  217.093504] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  217.381343] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  218.444422] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  218.777776] bond0: Enslaving bond_slave_1 as an active interface with an up link
23:20:59 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
syz_emit_ethernet(0x36, &(0x7f0000000080)={@local, @local, [], {@ipv4={0x800, {{0x8, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x689, 0x0, @dev, @remote={0xac, 0x14, 0x223}}, @icmp=@timestamp_reply={0xffffff89, 0x3}}}}}, &(0x7f0000000040))

[  219.216442] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  219.223821] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  219.676612] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  219.683869] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  220.406159] IPVS: ftp: loaded support on port[0] = 21
[  221.148762] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  221.157029] team0: Port device team_slave_0 added
[  221.580117] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  221.588532] team0: Port device team_slave_1 added
[  221.773002] 8021q: adding VLAN 0 to HW filter on device bond0
[  222.104296] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  222.111365] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  222.120382] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  222.506896] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  222.514119] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  222.523325] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  222.958647] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  222.966830] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  222.976061] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  223.401700] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  223.415364] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  223.423119] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  223.432288] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  225.102783] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  225.109241] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  225.117225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  226.264421] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details.
[  226.394037] ==================================================================
[  226.401489] BUG: KMSAN: uninit-value in vmx_set_constant_host_state+0x1778/0x1830
[  226.409155] CPU: 0 PID: 7042 Comm: syz-executor0 Not tainted 4.19.0-rc4+ #65
[  226.417060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  226.426444] Call Trace:
[  226.429072]  dump_stack+0x306/0x460
[  226.432738]  ? vmx_set_constant_host_state+0x1778/0x1830
[  226.438242]  kmsan_report+0x1a2/0x2e0
[  226.442086]  __msan_warning+0x7c/0xe0
[  226.445938]  vmx_set_constant_host_state+0x1778/0x1830
[  226.451272]  vmx_create_vcpu+0x3e6f/0x7870
[  226.455546]  ? kmsan_set_origin_inline+0x6b/0x120
[  226.460424]  ? __msan_poison_alloca+0x17a/0x210
[  226.465151]  ? vmx_vm_init+0x340/0x340
[  226.469084]  kvm_arch_vcpu_create+0x25d/0x2f0
[  226.473636]  kvm_vm_ioctl+0x13fd/0x33d0
[  226.477662]  ? __msan_poison_alloca+0x17a/0x210
[  226.482369]  ? do_vfs_ioctl+0x18a/0x2810
[  226.486461]  ? __se_sys_ioctl+0x1da/0x270
[  226.490641]  ? vcpu_stat_clear_per_vm+0x420/0x420
[  226.495521]  ? vcpu_stat_clear_per_vm+0x420/0x420
[  226.500395]  do_vfs_ioctl+0xcf3/0x2810
[  226.504336]  ? security_file_ioctl+0x92/0x200
[  226.508884]  __se_sys_ioctl+0x1da/0x270
[  226.512900]  __x64_sys_ioctl+0x4a/0x70
[  226.516823]  do_syscall_64+0xbe/0x100
[  226.520665]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  226.525874] RIP: 0033:0x457579
[  226.529093] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  226.548030] RSP: 002b:00007f9395033c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  226.555771] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579
[  226.563065] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000004
[  226.570373] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[  226.577671] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f93950346d4
[  226.584971] R13: 00000000004bfc18 R14: 00000000004cfca0 R15: 00000000ffffffff
[  226.592719] 
[  226.594363] Local variable description: ----dt@vmx_set_constant_host_state
[  226.601388] Variable was created at:
[  226.605190]  vmx_set_constant_host_state+0x2b0/0x1830
[  226.610430]  vmx_create_vcpu+0x3e6f/0x7870
[  226.614675] ==================================================================
[  226.622049] Disabling lock debugging due to kernel taint
[  226.627519] Kernel panic - not syncing: panic_on_warn set ...
[  226.627519] 
[  226.634923] CPU: 0 PID: 7042 Comm: syz-executor0 Tainted: G    B             4.19.0-rc4+ #65
[  226.643525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  226.652903] Call Trace:
[  226.655532]  dump_stack+0x306/0x460
[  226.659213]  panic+0x54c/0xafa
[  226.662483]  ? __msan_metadata_ptr_for_store_1+0x13/0x20
[  226.667968]  kmsan_report+0x2d3/0x2e0
[  226.671823]  __msan_warning+0x7c/0xe0
[  226.675670]  vmx_set_constant_host_state+0x1778/0x1830
[  226.680988]  vmx_create_vcpu+0x3e6f/0x7870
[  226.685254]  ? kmsan_set_origin_inline+0x6b/0x120
[  226.690135]  ? __msan_poison_alloca+0x17a/0x210
[  226.694862]  ? vmx_vm_init+0x340/0x340
[  226.698795]  kvm_arch_vcpu_create+0x25d/0x2f0
[  226.703343]  kvm_vm_ioctl+0x13fd/0x33d0
[  226.707358]  ? __msan_poison_alloca+0x17a/0x210
[  226.712071]  ? do_vfs_ioctl+0x18a/0x2810
[  226.716171]  ? __se_sys_ioctl+0x1da/0x270
[  226.720354]  ? vcpu_stat_clear_per_vm+0x420/0x420
[  226.725244]  ? vcpu_stat_clear_per_vm+0x420/0x420
[  226.730130]  do_vfs_ioctl+0xcf3/0x2810
[  226.734069]  ? security_file_ioctl+0x92/0x200
[  226.738623]  __se_sys_ioctl+0x1da/0x270
[  226.742644]  __x64_sys_ioctl+0x4a/0x70
[  226.746567]  do_syscall_64+0xbe/0x100
[  226.750402]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  226.755613] RIP: 0033:0x457579
[  226.758832] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  226.777766] RSP: 002b:00007f9395033c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  226.785516] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579
[  226.792810] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000004
[  226.800115] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[  226.807444] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f93950346d4
[  226.814749] R13: 00000000004bfc18 R14: 00000000004cfca0 R15: 00000000ffffffff
[  226.823003] Kernel Offset: disabled
[  226.826650] Rebooting in 86400 seconds..