[....] Starting OpenBSD Secure Shell server: sshd[ 25.337436] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. [ 26.719018] random: sshd: uninitialized urandom read (32 bytes read) Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 27.042117] random: sshd: uninitialized urandom read (32 bytes read) [ 27.665290] random: sshd: uninitialized urandom read (32 bytes read) [ 70.143841] random: sshd: uninitialized urandom read (32 bytes read) [ 70.255400] sshd (5325) used greatest stack depth: 16520 bytes left Warning: Permanently added '10.128.0.51' (ECDSA) to the list of known hosts. [ 75.980604] random: sshd: uninitialized urandom read (32 bytes read) 2018/09/21 14:38:43 parsed 1 programs [ 77.199125] random: cc1: uninitialized urandom read (8 bytes read) 2018/09/21 14:38:45 executed programs: 0 [ 78.346212] IPVS: ftp: loaded support on port[0] = 21 [ 78.587444] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.594347] bridge0: port 1(bridge_slave_0) entered disabled state [ 78.601418] device bridge_slave_0 entered promiscuous mode [ 78.620028] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.626560] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.633804] device bridge_slave_1 entered promiscuous mode [ 78.650615] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 78.668276] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 78.715390] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 78.734957] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 78.807300] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 78.814843] team0: Port device team_slave_0 added [ 78.830862] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 78.838134] team0: Port device team_slave_1 added [ 78.855665] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 78.875535] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 78.893943] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 78.912878] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 79.050062] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.056520] bridge0: port 2(bridge_slave_1) entered forwarding state [ 79.063430] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.069803] bridge0: port 1(bridge_slave_0) entered forwarding state [ 79.556085] 8021q: adding VLAN 0 to HW filter on device bond0 [ 79.605054] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 79.654379] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 79.660494] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 79.668702] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 79.714964] 8021q: adding VLAN 0 to HW filter on device team0 [ 80.023517] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details. [ 80.053061] vmwrite error: reg 6c0a value fffffe0000034000 (err -773168960) [ 80.060227] CPU: 1 PID: 5601 Comm: syz-executor0 Not tainted 4.19.0-rc4+ #248 [ 80.067502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 80.076853] Call Trace: [ 80.079449] dump_stack+0x1c4/0x2b4 [ 80.083083] ? dump_stack_print_info.cold.2+0x52/0x52 [ 80.088278] ? kvm_arch_vcpu_load+0x247/0x970 [ 80.092776] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 80.098237] vmwrite_error+0x4c/0x60 [ 80.101970] vmx_vcpu_load+0xd10/0x1030 [ 80.106040] ? vmx_write_tsc_offset+0x680/0x680 [ 80.110716] ? graph_lock+0x170/0x170 [ 80.114527] ? graph_lock+0x170/0x170 [ 80.118335] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 80.123881] ? check_preemption_disabled+0x48/0x200 [ 80.128904] ? check_preemption_disabled+0x48/0x200 [ 80.133928] ? find_held_lock+0x36/0x1c0 [ 80.138004] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 80.143546] ? vmx_sched_in+0xe0/0x600 [ 80.147467] kvm_arch_vcpu_load+0x247/0x970 [ 80.151794] ? trace_hardirqs_on+0xbd/0x310 [ 80.156142] ? kvm_arch_dev_ioctl+0x630/0x630 [ 80.160668] kvm_sched_in+0x82/0xa0 [ 80.164308] finish_task_switch+0x56e/0x900 [ 80.168644] ? __switch_to_asm+0x34/0x70 [ 80.172713] ? preempt_notifier_register+0x200/0x200 [ 80.177821] ? __switch_to_asm+0x34/0x70 [ 80.181889] ? __switch_to_asm+0x34/0x70 [ 80.185951] ? __switch_to_asm+0x40/0x70 [ 80.190013] ? __switch_to_asm+0x34/0x70 [ 80.194073] ? __switch_to_asm+0x40/0x70 [ 80.198132] ? __switch_to_asm+0x34/0x70 [ 80.202194] ? __switch_to_asm+0x40/0x70 [ 80.206258] ? __switch_to_asm+0x34/0x70 [ 80.210322] ? __switch_to_asm+0x34/0x70 [ 80.214410] ? __switch_to_asm+0x40/0x70 [ 80.218471] ? __switch_to_asm+0x34/0x70 [ 80.222530] ? __switch_to_asm+0x40/0x70 [ 80.226591] ? __switch_to_asm+0x34/0x70 [ 80.230658] ? __switch_to_asm+0x40/0x70 [ 80.234729] __schedule+0x874/0x1ed0 [ 80.238455] ? __sched_text_start+0x8/0x8 [ 80.242603] ? check_preemption_disabled+0x48/0x200 [ 80.247649] ? find_held_lock+0x36/0x1c0 [ 80.251729] ? try_to_wake_up+0x10a/0x12f0 [ 80.255972] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 80.261082] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 80.266198] ? lockdep_hardirqs_on+0x421/0x5c0 [ 80.270789] ? preempt_schedule+0x4d/0x60 [ 80.274952] preempt_schedule_common+0x1f/0xd0 [ 80.279539] preempt_schedule+0x4d/0x60 [ 80.284387] ___preempt_schedule+0x16/0x18 [ 80.288644] _raw_spin_unlock_irqrestore+0xbb/0xd0 [ 80.293586] try_to_wake_up+0x10a/0x12f0 [ 80.297659] ? __mutex_lock+0x85e/0x1700 [ 80.301862] ? migrate_swap_stop+0x930/0x930 [ 80.306278] ? find_held_lock+0x36/0x1c0 [ 80.310357] ? futex_wake+0x613/0x760 [ 80.314182] ? lock_downgrade+0x900/0x900 [ 80.318342] ? kasan_check_read+0x11/0x20 [ 80.322492] ? do_raw_spin_unlock+0xa7/0x2f0 [ 80.326908] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 80.331493] ? __unqueue_futex+0x2e0/0x2e0 [ 80.335738] wake_up_q+0xa4/0x100 [ 80.339201] futex_wake+0x61f/0x760 [ 80.342845] ? get_futex_key+0x21b0/0x21b0 [ 80.347091] ? rcu_lockdep_current_cpu_online+0x1f0/0x2d0 [ 80.352629] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 80.357923] ? rcu_pm_notify+0xc0/0xc0 [ 80.361826] do_futex+0x2e4/0x26d0 [ 80.365387] ? kvm_vcpu_ioctl+0x2a1/0x1150 [ 80.369644] ? exit_robust_list+0x280/0x280 [ 80.373973] ? find_held_lock+0x36/0x1c0 [ 80.378052] ? __fget+0x4aa/0x740 [ 80.381509] ? lock_downgrade+0x900/0x900 [ 80.385677] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 80.391478] ? kasan_check_read+0x11/0x20 [ 80.395639] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 80.400921] ? rcu_bh_qs+0xc0/0xc0 [ 80.404476] ? __fget+0x4d1/0x740 [ 80.407939] ? ksys_dup3+0x680/0x680 [ 80.411678] ? kvm_vcpu_block+0x1030/0x1030 [ 80.416005] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 80.422045] ? do_vfs_ioctl+0x201/0x1720 [ 80.426118] ? ioctl_preallocate+0x300/0x300 [ 80.430536] ? __fget_light+0x2e9/0x430 [ 80.434515] ? fget_raw+0x20/0x20 [ 80.437973] ? graph_lock+0x170/0x170 [ 80.441782] __x64_sys_futex+0x472/0x6a0 [ 80.445858] ? do_futex+0x26d0/0x26d0 [ 80.449668] ? trace_hardirqs_on+0xbd/0x310 [ 80.453993] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 80.459534] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 80.464901] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 80.470356] ? ksys_ioctl+0x81/0xd0 [ 80.473996] do_syscall_64+0x1b9/0x820 [ 80.477888] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 80.483256] ? syscall_return_slowpath+0x5e0/0x5e0 [ 80.488193] ? trace_hardirqs_on_caller+0x310/0x310 [ 80.493215] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 80.498245] ? recalc_sigpending_tsk+0x180/0x180 [ 80.503009] ? kasan_check_write+0x14/0x20 [ 80.507254] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 80.512109] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 80.517300] RIP: 0033:0x457679 [ 80.520496] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 80.539580] RSP: 002b:00007f1c1a1f7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 80.547294] RAX: ffffffffffffffda RBX: 000000000072c048 RCX: 0000000000457679 [ 80.554563] RDX: 0000000000000016 RSI: 0000000000000081 RDI: 000000000072c04c [ 80.561830] RBP: 000000000072c040 R08: 0000000000000000 R09: 0000000000000000 [ 80.569102] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000072c04c [ 80.576370] R13: 00007ffc0845277f R14: 00007f1c1a1f89c0 R15: 0000000000000002 [ 80.584546] vmwrite error: reg 6c0c value fffffe0000032000 (err -773168960) [ 80.591682] CPU: 1 PID: 5601 Comm: syz-executor0 Not tainted 4.19.0-rc4+ #248 [ 80.598958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 80.608308] Call Trace: [ 80.610898] dump_stack+0x1c4/0x2b4 [ 80.614533] ? dump_stack_print_info.cold.2+0x52/0x52 [ 80.619730] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 80.625192] vmwrite_error+0x4c/0x60 [ 80.628914] vmx_vcpu_load+0xcf9/0x1030 [ 80.632899] ? vmx_write_tsc_offset+0x680/0x680 [ 80.637571] ? graph_lock+0x170/0x170 [ 80.641395] ? graph_lock+0x170/0x170 [ 80.645203] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 80.650743] ? check_preemption_disabled+0x48/0x200 [ 80.655761] ? check_preemption_disabled+0x48/0x200 [ 80.660785] ? find_held_lock+0x36/0x1c0 [ 80.664863] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 80.670411] ? vmx_sched_in+0xe0/0x600 [ 80.674315] kvm_arch_vcpu_load+0x247/0x970 [ 80.678649] ? trace_hardirqs_on+0xbd/0x310 [ 80.682979] ? kvm_arch_dev_ioctl+0x630/0x630 [ 80.687496] kvm_sched_in+0x82/0xa0 [ 80.691138] finish_task_switch+0x56e/0x900 [ 80.695471] ? __switch_to_asm+0x34/0x70 [ 80.699540] ? preempt_notifier_register+0x200/0x200 [ 80.704651] ? __switch_to_asm+0x34/0x70 [ 80.708717] ? __switch_to_asm+0x34/0x70 [ 80.712780] ? __switch_to_asm+0x40/0x70 [ 80.716843] ? __switch_to_asm+0x34/0x70 [ 80.720905] ? __switch_to_asm+0x40/0x70 [ 80.724989] ? __switch_to_asm+0x34/0x70 [ 80.729051] ? __switch_to_asm+0x40/0x70 [ 80.733111] ? __switch_to_asm+0x34/0x70 [ 80.737181] ? __switch_to_asm+0x34/0x70 [ 80.741241] ? __switch_to_asm+0x40/0x70 [ 80.745308] ? __switch_to_asm+0x34/0x70 [ 80.749369] ? __switch_to_asm+0x40/0x70 [ 80.753451] ? __switch_to_asm+0x34/0x70 [ 80.757520] ? __switch_to_asm+0x40/0x70 [ 80.761588] __schedule+0x874/0x1ed0 [ 80.765314] ? __sched_text_start+0x8/0x8 [ 80.769461] ? check_preemption_disabled+0x48/0x200 [ 80.774491] ? find_held_lock+0x36/0x1c0 [ 80.778566] ? try_to_wake_up+0x10a/0x12f0 [ 80.782805] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 80.787910] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 80.793027] ? lockdep_hardirqs_on+0x421/0x5c0 [ 80.797610] ? preempt_schedule+0x4d/0x60 [ 80.801771] preempt_schedule_common+0x1f/0xd0 [ 80.806362] preempt_schedule+0x4d/0x60 [ 80.810341] ___preempt_schedule+0x16/0x18 [ 80.814588] _raw_spin_unlock_irqrestore+0xbb/0xd0 [ 80.819520] try_to_wake_up+0x10a/0x12f0 [ 80.823582] ? __mutex_lock+0x85e/0x1700 [ 80.827661] ? migrate_swap_stop+0x930/0x930 [ 80.832074] ? find_held_lock+0x36/0x1c0 [ 80.836153] ? futex_wake+0x613/0x760 [ 80.839958] ? lock_downgrade+0x900/0x900 [ 80.844121] ? kasan_check_read+0x11/0x20 [ 80.848275] ? do_raw_spin_unlock+0xa7/0x2f0 [ 80.852687] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 80.857271] ? __unqueue_futex+0x2e0/0x2e0 [ 80.861514] wake_up_q+0xa4/0x100 [ 80.864978] futex_wake+0x61f/0x760 [ 80.868643] ? get_futex_key+0x21b0/0x21b0 [ 80.872907] ? rcu_lockdep_current_cpu_online+0x1f0/0x2d0 [ 80.878449] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 80.883730] ? rcu_pm_notify+0xc0/0xc0 [ 80.887644] do_futex+0x2e4/0x26d0 [ 80.891198] ? kvm_vcpu_ioctl+0x2a1/0x1150 [ 80.895447] ? exit_robust_list+0x280/0x280 [ 80.899788] ? find_held_lock+0x36/0x1c0 [ 80.903866] ? __fget+0x4aa/0x740 [ 80.907332] ? lock_downgrade+0x900/0x900 [ 80.911492] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 80.917296] ? kasan_check_read+0x11/0x20 [ 80.921464] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 80.926749] ? rcu_bh_qs+0xc0/0xc0 [ 80.930303] ? __fget+0x4d1/0x740 [ 80.933765] ? ksys_dup3+0x680/0x680 [ 80.937498] ? kvm_vcpu_block+0x1030/0x1030 [ 80.941825] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 80.947363] ? do_vfs_ioctl+0x201/0x1720 [ 80.951433] ? ioctl_preallocate+0x300/0x300 [ 80.955844] ? __fget_light+0x2e9/0x430 [ 80.959827] ? fget_raw+0x20/0x20 [ 80.963285] ? graph_lock+0x170/0x170 [ 80.967095] __x64_sys_futex+0x472/0x6a0 [ 80.971170] ? do_futex+0x26d0/0x26d0 [ 80.974973] ? trace_hardirqs_on+0xbd/0x310 [ 80.979297] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 80.984857] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 80.990226] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 80.995683] ? ksys_ioctl+0x81/0xd0 [ 80.999329] do_syscall_64+0x1b9/0x820 [ 81.003220] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 81.008589] ? syscall_return_slowpath+0x5e0/0x5e0 [ 81.013529] ? trace_hardirqs_on_caller+0x310/0x310 [ 81.018549] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 81.023572] ? recalc_sigpending_tsk+0x180/0x180 [ 81.028331] ? kasan_check_write+0x14/0x20 [ 81.032573] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 81.037426] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 81.042618] RIP: 0033:0x457679 [ 81.045825] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 81.064724] RSP: 002b:00007f1c1a1f7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 81.072435] RAX: ffffffffffffffda RBX: 000000000072c048 RCX: 0000000000457679 [ 81.080049] RDX: 0000000000000016 RSI: 0000000000000081 RDI: 000000000072c04c [ 81.087321] RBP: 000000000072c040 R08: 0000000000000000 R09: 0000000000000000 [ 81.094591] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000072c04c [ 81.101885] R13: 00007ffc0845277f R14: 00007f1c1a1f89c0 R15: 0000000000000002 [ 81.109260] vmwrite error: reg 6c10 value fffffe0000033200 (err -773168960) [ 81.116414] CPU: 1 PID: 5601 Comm: syz-executor0 Not tainted 4.19.0-rc4+ #248 [ 81.123693] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 81.133045] Call Trace: [ 81.135642] dump_stack+0x1c4/0x2b4 [ 81.139361] ? dump_stack_print_info.cold.2+0x52/0x52 [ 81.144559] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 81.150024] vmwrite_error+0x4c/0x60 [ 81.153745] vmx_vcpu_load+0xd27/0x1030 [ 81.157730] ? vmx_write_tsc_offset+0x680/0x680 [ 81.162403] ? graph_lock+0x170/0x170 [ 81.166230] ? graph_lock+0x170/0x170 [ 81.170036] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 81.175578] ? check_preemption_disabled+0x48/0x200 [ 81.180592] ? check_preemption_disabled+0x48/0x200 [ 81.185617] ? find_held_lock+0x36/0x1c0 [ 81.189696] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 81.195234] ? vmx_sched_in+0xe0/0x600 [ 81.199130] kvm_arch_vcpu_load+0x247/0x970 [ 81.203462] ? trace_hardirqs_on+0xbd/0x310 [ 81.207802] ? kvm_arch_dev_ioctl+0x630/0x630 [ 81.212327] kvm_sched_in+0x82/0xa0 [ 81.215963] finish_task_switch+0x56e/0x900 [ 81.220291] ? __switch_to_asm+0x34/0x70 [ 81.224357] ? preempt_notifier_register+0x200/0x200 [ 81.229458] ? __switch_to_asm+0x34/0x70 [ 81.233520] ? __switch_to_asm+0x34/0x70 [ 81.237584] ? __switch_to_asm+0x40/0x70 [ 81.241839] ? __switch_to_asm+0x34/0x70 [ 81.245902] ? __switch_to_asm+0x40/0x70 [ 81.249963] ? __switch_to_asm+0x34/0x70 [ 81.254044] ? __switch_to_asm+0x40/0x70 [ 81.258195] ? __switch_to_asm+0x34/0x70 [ 81.262260] ? __switch_to_asm+0x34/0x70 [ 81.266320] ? __switch_to_asm+0x40/0x70 [ 81.270385] ? __switch_to_asm+0x34/0x70 [ 81.274446] ? __switch_to_asm+0x40/0x70 [ 81.278507] ? __switch_to_asm+0x34/0x70 [ 81.282583] ? __switch_to_asm+0x40/0x70 [ 81.286675] __schedule+0x874/0x1ed0 [ 81.290406] ? __sched_text_start+0x8/0x8 [ 81.294556] ? check_preemption_disabled+0x48/0x200 [ 81.299585] ? find_held_lock+0x36/0x1c0 [ 81.303667] ? try_to_wake_up+0x10a/0x12f0 [ 81.307908] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 81.313016] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 81.318130] ? lockdep_hardirqs_on+0x421/0x5c0 [ 81.322722] ? preempt_schedule+0x4d/0x60 [ 81.326885] preempt_schedule_common+0x1f/0xd0 [ 81.331473] preempt_schedule+0x4d/0x60 [ 81.335457] ___preempt_schedule+0x16/0x18 [ 81.339701] _raw_spin_unlock_irqrestore+0xbb/0xd0 [ 81.344641] try_to_wake_up+0x10a/0x12f0 [ 81.348708] ? __mutex_lock+0x85e/0x1700 [ 81.352778] ? migrate_swap_stop+0x930/0x930 [ 81.357192] ? find_held_lock+0x36/0x1c0 [ 81.361279] ? futex_wake+0x613/0x760 [ 81.365082] ? lock_downgrade+0x900/0x900 [ 81.369245] ? kasan_check_read+0x11/0x20 [ 81.373396] ? do_raw_spin_unlock+0xa7/0x2f0 [ 81.377807] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 81.382394] ? __unqueue_futex+0x2e0/0x2e0 [ 81.386659] wake_up_q+0xa4/0x100 [ 81.390126] futex_wake+0x61f/0x760 [ 81.393774] ? get_futex_key+0x21b0/0x21b0 [ 81.398017] ? rcu_lockdep_current_cpu_online+0x1f0/0x2d0 [ 81.403554] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 81.408834] ? rcu_pm_notify+0xc0/0xc0 [ 81.412741] do_futex+0x2e4/0x26d0 [ 81.416290] ? kvm_vcpu_ioctl+0x2a1/0x1150 [ 81.421007] ? exit_robust_list+0x280/0x280 [ 81.425333] ? find_held_lock+0x36/0x1c0 [ 81.429412] ? __fget+0x4aa/0x740 [ 81.432868] ? lock_downgrade+0x900/0x900 [ 81.437023] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 81.442822] ? kasan_check_read+0x11/0x20 [ 81.446975] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 81.452256] ? rcu_bh_qs+0xc0/0xc0 [ 81.455809] ? __fget+0x4d1/0x740 [ 81.459276] ? ksys_dup3+0x680/0x680 [ 81.463014] ? kvm_vcpu_block+0x1030/0x1030 [ 81.467341] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 81.472879] ? do_vfs_ioctl+0x201/0x1720 [ 81.476951] ? ioctl_preallocate+0x300/0x300 [ 81.481361] ? __fget_light+0x2e9/0x430 [ 81.485339] ? fget_raw+0x20/0x20 [ 81.488797] ? graph_lock+0x170/0x170 [ 81.492626] __x64_sys_futex+0x472/0x6a0 [ 81.496707] ? do_futex+0x26d0/0x26d0 [ 81.500509] ? trace_hardirqs_on+0xbd/0x310 [ 81.504837] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 81.510377] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 81.515747] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 81.521202] ? ksys_ioctl+0x81/0xd0 [ 81.524841] do_syscall_64+0x1b9/0x820 [ 81.528730] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 81.534099] ? syscall_return_slowpath+0x5e0/0x5e0 [ 81.553791] ? trace_hardirqs_on_caller+0x310/0x310 [ 81.558809] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 81.563829] ? recalc_sigpending_tsk+0x180/0x180 [ 81.568586] ? kasan_check_write+0x14/0x20 [ 81.572829] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 81.577684] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 81.582873] RIP: 0033:0x457679 [ 81.586074] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 81.604977] RSP: 002b:00007f1c1a1f7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 81.612690] RAX: ffffffffffffffda RBX: 000000000072c048 RCX: 0000000000457679 [ 81.619959] RDX: 0000000000000016 RSI: 0000000000000081 RDI: 000000000072c04c [ 81.627230] RBP: 000000000072c040 R08: 0000000000000000 R09: 0000000000000000 [ 81.634497] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000072c04c [ 81.641764] R13: 00007ffc0845277f R14: 00007f1c1a1f89c0 R15: 0000000000000002 [ 81.649139] kasan: CONFIG_KASAN_INLINE enabled [ 81.653887] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 81.661266] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 81.667502] CPU: 1 PID: 5601 Comm: syz-executor0 Not tainted 4.19.0-rc4+ #248 [ 81.674771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 81.684129] RIP: 0010:kvm_lapic_hv_timer_in_use+0x56/0xd0 [ 81.689668] Code: c1 ea 03 80 3c 02 00 75 7a 48 8b 9b e0 03 00 00 e8 cf 7a 66 00 48 8d 7b 7c 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <0f> b6 04 02 48 89 fa 83 e2 07 38 d0 7f 04 84 c0 75 51 0f b6 5b 7c [ 81.708566] RSP: 0018:ffff8801b8d0f098 EFLAGS: 00010207 [ 81.713926] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffff810f00fe [ 81.721190] RDX: 000000000000000f RSI: ffffffff811859b1 RDI: 000000000000007c [ 81.728454] RBP: ffff8801b8d0f0a0 R08: ffff8801d1ea60c0 R09: ffffed00371cfb6c [ 81.735719] R10: ffffed00371cfb6c R11: ffff8801b8e7db67 R12: 0000000000000001 [ 81.742988] R13: 1ffff100371a1e1a R14: 0000000000000000 R15: ffff8801b8e78060 [ 81.750258] FS: 00007f1c1a1f8700(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000 [ 81.758478] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 81.764352] CR2: 00007f63d064f000 CR3: 00000001c23f2000 CR4: 00000000001426e0 [ 81.771618] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 81.778890] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 81.786155] Call Trace: [ 81.788749] kvm_arch_vcpu_load+0x516/0x970 [ 81.793072] ? trace_hardirqs_on+0xbd/0x310 [ 81.797393] ? kvm_arch_dev_ioctl+0x630/0x630 [ 81.801892] kvm_sched_in+0x82/0xa0 [ 81.805525] finish_task_switch+0x56e/0x900 [ 81.809846] ? __switch_to_asm+0x34/0x70 [ 81.813915] ? preempt_notifier_register+0x200/0x200 [ 81.819017] ? __switch_to_asm+0x34/0x70 [ 81.823079] ? __switch_to_asm+0x34/0x70 [ 81.827134] ? __switch_to_asm+0x40/0x70 [ 81.831201] ? __switch_to_asm+0x34/0x70 [ 81.835260] ? __switch_to_asm+0x40/0x70 [ 81.839317] ? __switch_to_asm+0x34/0x70 [ 81.843375] ? __switch_to_asm+0x40/0x70 [ 81.847433] ? __switch_to_asm+0x34/0x70 [ 81.851491] ? __switch_to_asm+0x34/0x70 [ 81.855547] ? __switch_to_asm+0x40/0x70 [ 81.859605] ? __switch_to_asm+0x34/0x70 [ 81.863674] ? __switch_to_asm+0x40/0x70 [ 81.867728] ? __switch_to_asm+0x34/0x70 [ 81.871787] ? __switch_to_asm+0x40/0x70 [ 81.875853] __schedule+0x874/0x1ed0 [ 81.879571] ? __sched_text_start+0x8/0x8 [ 81.883719] ? check_preemption_disabled+0x48/0x200 [ 81.888746] ? find_held_lock+0x36/0x1c0 [ 81.892809] ? try_to_wake_up+0x10a/0x12f0 [ 81.897042] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 81.902148] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 81.907250] ? lockdep_hardirqs_on+0x421/0x5c0 [ 81.911832] ? preempt_schedule+0x4d/0x60 [ 81.915981] preempt_schedule_common+0x1f/0xd0 [ 81.920560] preempt_schedule+0x4d/0x60 [ 81.924534] ___preempt_schedule+0x16/0x18 [ 81.928772] _raw_spin_unlock_irqrestore+0xbb/0xd0 [ 81.933700] try_to_wake_up+0x10a/0x12f0 [ 81.937757] ? __mutex_lock+0x85e/0x1700 [ 81.941825] ? migrate_swap_stop+0x930/0x930 [ 81.946239] ? find_held_lock+0x36/0x1c0 [ 81.950310] ? futex_wake+0x613/0x760 [ 81.954109] ? lock_downgrade+0x900/0x900 [ 81.958263] ? kasan_check_read+0x11/0x20 [ 81.962412] ? do_raw_spin_unlock+0xa7/0x2f0 [ 81.966822] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 81.971407] ? __unqueue_futex+0x2e0/0x2e0 [ 81.975653] wake_up_q+0xa4/0x100 [ 81.979109] futex_wake+0x61f/0x760 [ 81.982739] ? get_futex_key+0x21b0/0x21b0 [ 81.986975] ? rcu_lockdep_current_cpu_online+0x1f0/0x2d0 [ 81.992519] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 81.997801] ? rcu_pm_notify+0xc0/0xc0 [ 82.001698] do_futex+0x2e4/0x26d0 [ 82.005243] ? kvm_vcpu_ioctl+0x2a1/0x1150 [ 82.009480] ? exit_robust_list+0x280/0x280 [ 82.013800] ? find_held_lock+0x36/0x1c0 [ 82.017864] ? __fget+0x4aa/0x740 [ 82.021317] ? lock_downgrade+0x900/0x900 [ 82.025471] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 82.031271] ? kasan_check_read+0x11/0x20 [ 82.035418] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 82.040693] ? rcu_bh_qs+0xc0/0xc0 [ 82.044240] ? __fget+0x4d1/0x740 [ 82.047694] ? ksys_dup3+0x680/0x680 [ 82.051417] ? kvm_vcpu_block+0x1030/0x1030 [ 82.055739] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 82.061275] ? do_vfs_ioctl+0x201/0x1720 [ 82.065366] ? ioctl_preallocate+0x300/0x300 [ 82.069774] ? __fget_light+0x2e9/0x430 [ 82.073752] ? fget_raw+0x20/0x20 [ 82.077203] ? graph_lock+0x170/0x170 [ 82.081010] __x64_sys_futex+0x472/0x6a0 [ 82.085093] ? do_futex+0x26d0/0x26d0 [ 82.088893] ? trace_hardirqs_on+0xbd/0x310 [ 82.093215] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 82.098751] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 82.104113] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 82.109563] ? ksys_ioctl+0x81/0xd0 [ 82.113193] do_syscall_64+0x1b9/0x820 [ 82.117077] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 82.122440] ? syscall_return_slowpath+0x5e0/0x5e0 [ 82.127367] ? trace_hardirqs_on_caller+0x310/0x310 [ 82.132383] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 82.137399] ? recalc_sigpending_tsk+0x180/0x180 [ 82.142164] ? kasan_check_write+0x14/0x20 [ 82.146402] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 82.151248] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 82.156455] RIP: 0033:0x457679 [ 82.159659] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 82.178557] RSP: 002b:00007f1c1a1f7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 82.186262] RAX: ffffffffffffffda RBX: 000000000072c048 RCX: 0000000000457679 [ 82.193525] RDX: 0000000000000016 RSI: 0000000000000081 RDI: 000000000072c04c [ 82.200787] RBP: 000000000072c040 R08: 0000000000000000 R09: 0000000000000000 [ 82.208050] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000072c04c [ 82.215351] R13: 00007ffc0845277f R14: 00007f1c1a1f89c0 R15: 0000000000000002 [ 82.222619] Modules linked in: [ 82.225867] ---[ end trace 107e9054540c67ea ]--- [ 82.230652] RIP: 0010:kvm_lapic_hv_timer_in_use+0x56/0xd0 [ 82.236229] Code: c1 ea 03 80 3c 02 00 75 7a 48 8b 9b e0 03 00 00 e8 cf 7a 66 00 48 8d 7b 7c 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <0f> b6 04 02 48 89 fa 83 e2 07 38 d0 7f 04 84 c0 75 51 0f b6 5b 7c [ 82.255185] RSP: 0018:ffff8801b8d0f098 EFLAGS: 00010207 [ 82.260559] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffff810f00fe [ 82.267875] RDX: 000000000000000f RSI: ffffffff811859b1 RDI: 000000000000007c [ 82.275182] RBP: ffff8801b8d0f0a0 R08: ffff8801d1ea60c0 R09: ffffed00371cfb6c [ 82.282471] R10: ffffed00371cfb6c R11: ffff8801b8e7db67 R12: 0000000000000001 [ 82.290058] R13: 1ffff100371a1e1a R14: 0000000000000000 R15: ffff8801b8e78060 [ 82.297382] FS: 00007f1c1a1f8700(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000 [ 82.305668] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 82.311563] CR2: 00007f63d064f000 CR3: 00000001c23f2000 CR4: 00000000001426e0 [ 82.318876] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 82.326185] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 82.333495] Kernel panic - not syncing: Fatal exception [ 82.339869] Kernel Offset: disabled [ 82.343493] Rebooting in 86400 seconds..