[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 23.194663] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 24.500845] random: sshd: uninitialized urandom read (32 bytes read) [ 24.736232] random: sshd: uninitialized urandom read (32 bytes read) [ 25.283796] random: sshd: uninitialized urandom read (32 bytes read) [ 117.611155] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.17' (ECDSA) to the list of known hosts. [ 123.580368] random: sshd: uninitialized urandom read (32 bytes read) 2018/09/04 09:00:50 parsed 1 programs [ 124.999290] random: cc1: uninitialized urandom read (8 bytes read) 2018/09/04 09:00:53 executed programs: 0 [ 126.610842] IPVS: ftp: loaded support on port[0] = 21 [ 126.840734] bridge0: port 1(bridge_slave_0) entered blocking state [ 126.847237] bridge0: port 1(bridge_slave_0) entered disabled state [ 126.855164] device bridge_slave_0 entered promiscuous mode [ 126.874331] bridge0: port 2(bridge_slave_1) entered blocking state [ 126.880755] bridge0: port 2(bridge_slave_1) entered disabled state [ 126.887846] device bridge_slave_1 entered promiscuous mode [ 126.904667] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 126.922390] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 126.967476] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 126.987079] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 127.057782] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 127.065330] team0: Port device team_slave_0 added [ 127.082094] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 127.089430] team0: Port device team_slave_1 added [ 127.105703] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 127.124335] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 127.141913] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 127.159413] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 127.291486] bridge0: port 2(bridge_slave_1) entered blocking state [ 127.298140] bridge0: port 2(bridge_slave_1) entered forwarding state [ 127.305197] bridge0: port 1(bridge_slave_0) entered blocking state [ 127.311569] bridge0: port 1(bridge_slave_0) entered forwarding state [ 127.775559] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 127.781783] 8021q: adding VLAN 0 to HW filter on device bond0 [ 127.803412] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 127.833527] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 127.880529] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 127.886696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 127.895987] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 127.936561] 8021q: adding VLAN 0 to HW filter on device team0 [ 128.213467] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details. [ 128.241946] WARNING: CPU: 0 PID: 4942 at arch/x86/kvm/vmx.c:4754 free_loaded_vmcs+0x160/0x1b0 [ 128.250615] Kernel panic - not syncing: panic_on_warn set ... [ 128.250615] [ 128.257966] CPU: 0 PID: 4942 Comm: syz-executor0 Not tainted 4.19.0-rc2+ #220 [ 128.265221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 128.274553] Call Trace: [ 128.277138] dump_stack+0x1c9/0x2b4 [ 128.280750] ? dump_stack_print_info.cold.2+0x52/0x52 [ 128.285924] panic+0x238/0x4e7 [ 128.289106] ? add_taint.cold.5+0x16/0x16 [ 128.293243] ? __warn.cold.8+0x148/0x1ba [ 128.297285] ? __warn.cold.8+0x117/0x1ba [ 128.301335] ? free_loaded_vmcs+0x160/0x1b0 [ 128.305636] __warn.cold.8+0x163/0x1ba [ 128.309508] ? free_loaded_vmcs+0x160/0x1b0 [ 128.313823] report_bug+0x252/0x2d0 [ 128.317432] do_error_trap+0x1fc/0x4d0 [ 128.321305] ? math_error+0x3e0/0x3e0 [ 128.325085] ? find_held_lock+0x36/0x1c0 [ 128.329150] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 128.333977] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 128.338983] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 128.344516] ? smp_call_function_single+0x2d6/0x5c0 [ 128.349515] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 128.354340] do_invalid_op+0x1b/0x20 [ 128.358033] invalid_op+0x14/0x20 [ 128.361466] RIP: 0010:free_loaded_vmcs+0x160/0x1b0 [ 128.366376] Code: 81 e8 44 be 53 00 48 89 da 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 75 49 4c 8b 23 e9 22 ff ff ff e8 80 fc 5f 00 <0f> 0b eb b0 e8 b7 f9 9e 00 e9 f4 fe ff ff 48 89 df e8 ca f9 9e 00 [ 128.385263] RSP: 0018:ffff8801d0637748 EFLAGS: 00010293 [ 128.390612] RAX: ffff8801d0848480 RBX: ffff8801d04e57a8 RCX: 0000000000000000 [ 128.397886] RDX: 0000000000000000 RSI: ffffffff811cd2a0 RDI: ffff8801d04e57b0 [ 128.405153] RBP: ffff8801d0637760 R08: ffff8801d0848480 R09: 0000000000000000 [ 128.412404] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8801d3954000 [ 128.419665] R13: 0000000000000000 R14: dffffc0000000000 R15: 0000000000000001 [ 128.426937] ? free_loaded_vmcs+0x160/0x1b0 [ 128.431288] ? free_loaded_vmcs+0x160/0x1b0 [ 128.435599] vmx_free_vcpu+0x204/0x300 [ 128.439471] kvm_arch_destroy_vm+0x365/0x7c0 [ 128.443866] ? kvm_arch_sync_events+0x30/0x30 [ 128.448348] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 128.453872] ? mmu_notifier_unregister+0x474/0x600 [ 128.458785] ? trace_hardirqs_on+0x2c0/0x2c0 [ 128.463177] ? __mmu_notifier_register+0x30/0x30 [ 128.467923] ? __free_pages+0x10a/0x190 [ 128.471894] ? free_unref_page+0x930/0x930 [ 128.476123] kvm_put_kvm+0x73f/0x1060 [ 128.479906] ? kvm_write_guest_cached+0x40/0x40 [ 128.484559] ? up_write+0x7b/0x220 [ 128.488080] ? up_read+0x110/0x110 [ 128.491607] ? mntput+0x74/0xa0 [ 128.494876] ? debugfs_remove_recursive+0x420/0x560 [ 128.499883] ? debugfs_remove+0x130/0x130 [ 128.504020] ? kvm_vm_release+0x50/0x50 [ 128.507975] kvm_vcpu_release+0x7b/0xa0 [ 128.511930] __fput+0x38a/0xa40 [ 128.515204] ? __alloc_file+0x400/0x400 [ 128.519265] ? trace_hardirqs_on+0xbd/0x2c0 [ 128.523585] ? kasan_check_read+0x11/0x20 [ 128.527713] ? task_work_run+0x1af/0x2a0 [ 128.531756] ? trace_hardirqs_off_caller+0x2b0/0x2b0 [ 128.536837] ? kasan_check_write+0x14/0x20 [ 128.541051] ? do_raw_spin_lock+0xc1/0x200 [ 128.545264] ____fput+0x15/0x20 [ 128.548528] task_work_run+0x1e8/0x2a0 [ 128.552394] ? task_work_cancel+0x240/0x240 [ 128.556699] ? copy_fd_bitmaps+0x210/0x210 [ 128.560915] ? do_syscall_64+0x9a/0x820 [ 128.564872] exit_to_usermode_loop+0x318/0x380 [ 128.569433] ? syscall_slow_exit_work+0x490/0x490 [ 128.574258] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 128.579785] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 128.585306] do_syscall_64+0x6be/0x820 [ 128.589171] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 128.594529] ? syscall_return_slowpath+0x5e0/0x5e0 [ 128.599513] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 128.604347] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 128.609445] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 128.614445] ? prepare_exit_to_usermode+0x291/0x3b0 [ 128.619445] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 128.624272] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 128.629505] RIP: 0033:0x410c30 [ 128.632688] Code: 01 f0 ff ff 0f 83 60 19 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 83 3d 5d 53 63 00 00 75 14 b8 03 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 34 19 00 00 c3 48 83 ec 08 e8 0a fc ff ff [ 128.651568] RSP: 002b:00007ffcce65e8d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 [ 128.659256] RAX: 0000000000000000 RBX: 0000000000000006 RCX: 0000000000410c30 [ 128.666505] RDX: 0000001b30820000 RSI: 00000000007334f0 RDI: 0000000000000005 [ 128.673755] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000001 [ 128.681005] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004129f0 [ 128.688252] R13: 0000000000412a80 R14: 0000000000000000 R15: badc0ffeebadface [ 128.695952] Dumping ftrace buffer: [ 128.699562] (ftrace buffer empty) [ 128.703255] Kernel Offset: disabled [ 128.706868] Rebooting in 86400 seconds..