BUG: unable to handle kernel NULL pointer dereference at 0000000000000001
IP: tracehook_notify_resume include/linux/tracehook.h:191 [inline]
IP: exit_to_usermode_loop+0x1a9/0x200 arch/x86/entry/common.c:164
PGD 0 P4D 0 
Oops: 0000 [#1] PREEMPT SMP KASAN
Modules linked in:
CPU: 0 PID: 6060 Comm: agetty Not tainted 4.14.194-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
task: ffff88809b6c21c0 task.stack: ffff88809a408000
RIP: 0010:tracehook_notify_resume include/linux/tracehook.h:191 [inline]
RIP: 0010:exit_to_usermode_loop+0x1a9/0x200 arch/x86/entry/common.c:164
RSP: 0018:ffff88809a40fec0 EFLAGS: 00010286
RAX: ffff88809b6c21c0 RBX: 0000000000000002 RCX: 0000000000000000
RDX: 1ffff110136d8523 RSI: 0000000000000001 RDI: ffff88809b6c2918
RBP: dffffc0000000000 R08: ffffffff8a08ddd8 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: ffffed10136d8438
R13: ffff88809a40ff58 R14: ffff88809b6c21c0 R15: ffffffff87d16918
FS:  00007f8329849500(0000) GS:ffff8880aea00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000001 CR3: 0000000093dfc000 CR4: 00000000001426f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 prepare_exit_to_usermode arch/x86/entry/common.c:199 [inline]
 syscall_return_slowpath arch/x86/entry/common.c:270 [inline]
 do_syscall_64+0x4a3/0x640 arch/x86/entry/common.c:297
 entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x7f83292fda4b
RSP: 002b:00007fff0bb93728 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
RAX: 0000000000000000 RBX: 00005654f0c8edb0 RCX: 00007f83292fda4b
RDX: 00007f8329621900 RSI: 0000000000000001 RDI: 0000000000000003
RBP: 00007f8329622440 R08: 00007f8329849500 R09: 00007f8329849500
R10: 0000000000000073 R11: 0000000000000206 R12: 0000000000000000
R13: 000000000000006c R14: 00007fff0bb937e0 R15: 00007fff0bb93b30
Code: 5a 6d 00 e9 fd fe ff ff e8 a5 40 5b 00 e8 10 38 53 05 e9 e0 fe ff ff e8 96 40 5b 00 0f 0b e8 8f 40 5b 00 00 00 00 88 40 5b 00 e8 <13> 26 3c 00 e9 21 ff ff ff 48 c7 c7 18 69 d1 87 e8 82 0b 85 00 
RIP: tracehook_notify_resume include/linux/tracehook.h:191 [inline] RSP: ffff88809a40fec0
RIP: exit_to_usermode_loop+0x1a9/0x200 arch/x86/entry/common.c:164 RSP: ffff88809a40fec0
CR2: 0000000000000001
BUG: unable to handle kernel paging request at 00000000305f8903
IP: update_vsyscall+0x1ef/0x340 arch/x86/entry/vsyscall/vsyscall_gtod.c:55
PGD 96f8f067 P4D 96f8f067 PUD 5bfe8067 PMD 0 
Oops: 0002 [#2] PREEMPT SMP KASAN
Modules linked in:
CPU: 1 PID: 16316 Comm: syz-executor.0 Tainted: G      D         4.14.194-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
task: ffff88808d48e140 task.stack: ffff888055e98000
RIP: 0010:update_vsyscall+0x1ef/0x340 arch/x86/entry/vsyscall/vsyscall_gtod.c:55
RSP: 0018:ffff8880aeb07ca8 EFLAGS: 00010046
RAX: 00000000305f8903 RBX: ffffffff87d16260 RCX: 0000000000000017
RDX: 1ffffffff14b4f67 RSI: 0000000000000000 RDI: ffffffff8a5a7b38
RBP: ffffffff8a5a7ac0 R08: 0000000000000001 R09: 0000000000000001
R10: ffff88821fff7057 R11: ffff88808d48e140 R12: 0000000000000000
R13: 000000000000043f R14: 0000000000000440 R15: 0005b007df0d3be5
FS:  00007f21bdea2700(0000) GS:ffff8880aeb00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00000000305f8903 CR3: 0000000097121000 CR4: 00000000001426e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <IRQ>
 timekeeping_update+0x223/0x3a0 kernel/time/timekeeping.c:656
 update_wall_time+0x5b0/0xa20 kernel/time/timekeeping.c:2117
 tick_do_update_jiffies64.part.0+0x172/0x270 kernel/time/tick-sched.c:100
 tick_do_update_jiffies64 kernel/time/tick-sched.c:66 [inline]
 tick_sched_do_timer kernel/time/tick-sched.c:139 [inline]
 tick_sched_timer+0x1a0/0x200 kernel/time/tick-sched.c:1216
 __run_hrtimer kernel/time/hrtimer.c:1223 [inline]
 __hrtimer_run_queues+0x30b/0xc80 kernel/time/hrtimer.c:1287
 hrtimer_interrupt+0x1e6/0x5e0 kernel/time/hrtimer.c:1321
 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1075 [inline]
 smp_apic_timer_interrupt+0x117/0x5e0 arch/x86/kernel/apic/apic.c:1100
 apic_timer_interrupt+0x93/0xa0 arch/x86/entry/entry_64.S:793
 </IRQ>
RIP: 0010:csd_lock_wait kernel/smp.c:108 [inline]
RIP: 0010:smp_call_function_single+0x185/0x370 kernel/smp.c:302
RSP: 0018:ffff888055e9f240 EFLAGS: 00000297 ORIG_RAX: ffffffffffffff10
RAX: 0000000000000003 RBX: 1ffff1100abd3e4c RCX: 0000000000000830
RDX: 0000000000000000 RSI: 00000000000000fb RDI: 0000000000000830
RBP: ffff888055e9f2f0 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000000 R11: ffff88808d48e140 R12: 0000000000000000
R13: ffff888055dcdd60 R14: 0000000000000001 R15: dffffc0000000000
 loaded_vmcs_clear arch/x86/kvm/vmx.c:1722 [inline]
 vmx_vcpu_load+0x778/0xda0 arch/x86/kvm/vmx.c:2475
 kvm_arch_vcpu_load+0x11a/0x750 arch/x86/kvm/x86.c:3034
 __fire_sched_in_preempt_notifiers kernel/sched/core.c:2542 [inline]
 fire_sched_in_preempt_notifiers kernel/sched/core.c:2548 [inline]
 finish_task_switch+0x218/0x610 kernel/sched/core.c:2678
 context_switch kernel/sched/core.c:2811 [inline]
 __schedule+0x893/0x1de0 kernel/sched/core.c:3384
 preempt_schedule_irq+0xb0/0x140 kernel/sched/core.c:3611
 retint_kernel+0x1b/0x2d
RIP: 0010:__sanitizer_cov_trace_pc+0x9/0x50 kernel/kcov.c:65
RSP: 0018:ffff888055e9f698 EFLAGS: 00000297 ORIG_RAX: ffffffffffffff10
RAX: ffff88808d48e140 RBX: 000000000000000f RCX: 000000000000000e
RDX: 0000000000000000 RSI: 000000000000000f RDI: ffff888055dcc100
RBP: ffff888055dcc100 R08: 000000000000000f R09: ffff888055dc8680
R10: ffff888055dcc10e R11: ffff88808d48e140 R12: ffff88808d48e140
R13: ffffea0001577200 R14: ffff888055dcc10f R15: ffffea0001577200
 get_current arch/x86/include/asm/current.h:15 [inline]
 check_stack_object+0x1a/0xa0 mm/usercopy.c:38
 __check_object_size mm/usercopy.c:247 [inline]
 __check_object_size+0x119/0x22c mm/usercopy.c:228
 check_object_size include/linux/thread_info.h:108 [inline]
 __copy_from_user include/linux/uaccess.h:74 [inline]
 __kvm_read_guest_page+0xee/0x150 arch/x86/kvm/../../../virt/kvm/kvm_main.c:1793
 kvm_fetch_guest_virt+0x104/0x170 arch/x86/kvm/x86.c:4691
 __do_insn_fetch_bytes+0x291/0x5d0 arch/x86/kvm/emulate.c:895
 x86_decode_insn+0x163c/0x5020 arch/x86/kvm/emulate.c:5069
 x86_emulate_instruction+0x5e7/0x1770 arch/x86/kvm/x86.c:5951
 emulate_instruction arch/x86/include/asm/kvm_host.h:1189 [inline]
 handle_exception+0x23f/0xa30 arch/x86/kvm/vmx.c:6290
 vmx_handle_exit+0x1f8/0x14d0 arch/x86/kvm/vmx.c:9183
 vcpu_enter_guest arch/x86/kvm/x86.c:7290 [inline]
 vcpu_run arch/x86/kvm/x86.c:7353 [inline]
 kvm_arch_vcpu_ioctl_run+0x1dee/0x5d30 arch/x86/kvm/x86.c:7520
 kvm_vcpu_ioctl+0x3de/0xc50 arch/x86/kvm/../../../virt/kvm/kvm_main.c:2661
 vfs_ioctl fs/ioctl.c:46 [inline]
 file_ioctl fs/ioctl.c:500 [inline]
 do_vfs_ioctl+0x75a/0xff0 fs/ioctl.c:684
 SYSC_ioctl fs/ioctl.c:701 [inline]
 SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692
 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
 entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x45d579
RSP: 002b:00007f21bdea1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 0000000000011740 RCX: 000000000045d579
RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007
RBP: 000000000118d020 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118cfec
R13: 00007ffceb53dc5f R14: 00007f21bdea29c0 R15: 000000000118cfec
Code: 4c 03 6d 70 48 89 fa 48 c1 ea 03 4c 89 2d ca 80 6c 08 80 3c 02 00 4c 8b 7d 20 0f 85 28 01 00 00 48 8b 45 78 4d 8d 75 01 8b 4d 1c <48> 00 00 00 00 44 24 08 b8 00 ca 9a 3b 48 d3 e3 4c 01 fb 41 bf 
RIP: update_vsyscall+0x1ef/0x340 arch/x86/entry/vsyscall/vsyscall_gtod.c:55 RSP: ffff8880aeb07ca8
CR2: 00000000305f8903
---[ end trace d337c2b69bc4e0b9 ]---