[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   26.060286] kauditd_printk_skb: 7 callbacks suppressed
[   26.060312] audit: type=1800 audit(1539710427.135:29): pid=5415 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0
[   26.094558] audit: type=1800 audit(1539710427.135:30): pid=5415 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.14' (ECDSA) to the list of known hosts.
2018/10/16 17:21:36 parsed 1 programs
2018/10/16 17:21:38 executed programs: 0
syzkaller login: [   97.004531] IPVS: ftp: loaded support on port[0] = 21
[   97.243650] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.250421] bridge0: port 1(bridge_slave_0) entered disabled state
[   97.257421] device bridge_slave_0 entered promiscuous mode
[   97.276631] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.283253] bridge0: port 2(bridge_slave_1) entered disabled state
[   97.290237] device bridge_slave_1 entered promiscuous mode
[   97.307177] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   97.324806] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   97.372900] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   97.393513] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   97.467437] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   97.474935] team0: Port device team_slave_0 added
[   97.491388] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   97.498494] team0: Port device team_slave_1 added
[   97.515436] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   97.535725] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   97.554389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   97.574305] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   97.718315] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.724815] bridge0: port 2(bridge_slave_1) entered forwarding state
[   97.731760] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.738184] bridge0: port 1(bridge_slave_0) entered forwarding state
[   98.242773] 8021q: adding VLAN 0 to HW filter on device bond0
[   98.293641] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   98.344730] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   98.351133] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   98.358067] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   98.409335] 8021q: adding VLAN 0 to HW filter on device team0
[   98.713158] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details.
[   98.769954] kasan: CONFIG_KASAN_INLINE enabled
[   98.774691] kasan: GPF could be caused by NULL-ptr deref or user memory access
[   98.782153] general protection fault: 0000 [#1] PREEMPT SMP KASAN
[   98.788414] CPU: 0 PID: 5843 Comm: syz-executor0 Not tainted 4.19.0-rc8-next-20181016+ #95
[   98.796944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   98.806302] RIP: 0010:kvm_pv_send_ipi+0x364/0xdd0
[   98.811139] Code: 45 84 ed 0f 84 da 07 00 00 e8 a8 2b 65 00 48 8d 4b 14 48 b8 00 00 00 00 00 fc ff df 48 89 ca 48 89 8d 70 fe ff ff 48 c1 ea 03 <0f> b6 14 02 48 89 c8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 f5
[   98.830031] RSP: 0018:ffff8801d150eee0 EFLAGS: 00010203
[   98.835386] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000014
[   98.842882] RDX: 0000000000000002 RSI: ffffffff8118f798 RDI: 0000000000000005
[   98.850141] RBP: ffff8801d150f080 R08: ffff8801ce2740c0 R09: ffffed003b5c5b4f
[   98.857405] R10: ffffed003b5c5b4f R11: ffff8801dae2da7b R12: ffff8801d150f058
[   98.864748] R13: 0000000000000001 R14: 0000000000000000 R15: ffff8801d150efd8
[   98.872856] FS:  00007f3464f35700(0000) GS:ffff8801dae00000(0000) knlGS:0000000000000000
[   98.881071] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   98.886947] CR2: 0000000000000000 CR3: 00000001c7872000 CR4: 00000000001426f0
[   98.894213] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   98.901482] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   98.908748] Call Trace:
[   98.911337]  ? zap_class+0x640/0x640
[   98.915070]  ? kvm_apic_set_irq+0x170/0x170
[   98.919532]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   98.925074]  ? check_preemption_disabled+0x48/0x280
[   98.930089]  ? __lock_is_held+0xb5/0x140
[   98.934147]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   98.939684]  ? vmx_read_guest_seg_ar+0x221/0x270
[   98.944444]  kvm_emulate_hypercall+0x5e2/0xf20
[   98.949166]  ? kvm_pv_clock_pairing+0x760/0x760
[   98.953946]  ? zap_class+0x640/0x640
[   98.957654]  ? mark_held_locks+0x130/0x130
[   98.961890]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   98.968291]  ? check_preemption_disabled+0x48/0x280
[   98.973305]  ? __lock_is_held+0xb5/0x140
[   98.977445]  handle_vmcall+0x15/0x20
[   98.981157]  ? handle_tpr_below_threshold+0x20/0x20
[   98.986169]  vmx_handle_exit+0x338/0x4720
[   98.990308]  ? vmx_vcpu_load+0xb06/0x1030
[   98.994453]  ? print_usage_bug+0xc0/0xc0
[   98.998505]  ? vmx_vcpu_run+0x1378/0x2880
[   99.002716]  ? vmx_vcpu_run+0x136c/0x2880
[   99.006868]  ? handle_vmfunc+0x9d0/0x9d0
[   99.010923]  ? vmx_vcpu_run+0x1378/0x2880
[   99.015195]  ? print_usage_bug+0xc0/0xc0
[   99.019255]  ? vmx_vcpu_run+0x1378/0x2880
[   99.023396]  ? vmx_vcpu_run+0x136c/0x2880
[   99.027535]  ? vmx_vcpu_run+0x1378/0x2880
[   99.031675]  ? vmx_vcpu_run+0x136c/0x2880
[   99.035815]  ? vmx_vcpu_run+0x1378/0x2880
[   99.039954]  ? vmx_vcpu_run+0x136c/0x2880
[   99.044097]  ? vmx_vcpu_run+0x1378/0x2880
[   99.048238]  ? vmx_vcpu_run+0x136c/0x2880
[   99.052466]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   99.058011]  ? __vmx_complete_interrupts+0x1ef/0x3e0
[   99.063114]  ? vmx_vcpu_run+0x680/0x2880
[   99.067169]  ? lock_acquire+0x1ed/0x520
[   99.071137]  ? kvm_arch_vcpu_ioctl_run+0x3c8f/0x7280
[   99.076235]  ? kvm_arch_vcpu_ioctl_run+0x3c23/0x7280
[   99.081455]  ? lock_release+0xa10/0xa10
[   99.085435]  ? trace_hardirqs_on+0xbd/0x310
[   99.089750]  ? kvm_vcpu_ioctl+0x5c8/0x1150
[   99.093982]  ? check_preemption_disabled+0x48/0x280
[   99.098990]  ? check_preemption_disabled+0x48/0x280
[   99.104003]  kvm_arch_vcpu_ioctl_run+0x3e0b/0x7280
[   99.108928]  ? kvm_arch_vcpu_runnable+0x720/0x720
[   99.113764]  ? debug_object_free+0x32d/0x690
[   99.118164]  ? __init_waitqueue_head+0x9e/0x150
[   99.122824]  ? debug_object_destroy+0x2b0/0x2b0
[   99.127495]  ? __wait_rcu_gp+0x274/0x360
[   99.131553]  ? synchronize_rcu.part.53+0x104/0x120
[   99.136476]  ? kfree_call_rcu+0x10/0x10
[   99.140452]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[   99.145983]  ? put_pid.part.3+0x1c5/0x240
[   99.150125]  ? pid_task+0x200/0x200
[   99.153749]  kvm_vcpu_ioctl+0x5c8/0x1150
[   99.157800]  ? kvm_vcpu_ioctl+0x5c8/0x1150
[   99.162031]  ? kvm_uevent_notify_change.part.32+0x450/0x450
[   99.167734]  ? find_held_lock+0x36/0x1c0
[   99.171792]  ? __fget+0x4aa/0x740
[   99.175236]  ? check_preemption_disabled+0x48/0x280
[   99.180246]  ? kasan_check_read+0x11/0x20
[   99.184392]  ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[   99.189659]  ? rcu_softirq_qs+0x20/0x20
[   99.193629]  ? __fget+0x4d1/0x740
[   99.197074]  ? ksys_dup3+0x680/0x680
[   99.200780]  ? __might_fault+0x12b/0x1e0
[   99.204832]  ? lock_downgrade+0x900/0x900
[   99.208971]  ? lock_release+0xa10/0xa10
[   99.212937]  ? perf_trace_sched_process_exec+0x860/0x860
[   99.218404]  ? kvm_uevent_notify_change.part.32+0x450/0x450
[   99.224106]  do_vfs_ioctl+0x1de/0x1720
[   99.227989]  ? ioctl_preallocate+0x300/0x300
[   99.232396]  ? __fget_light+0x2e9/0x430
[   99.236377]  ? fget_raw+0x20/0x20
[   99.239823]  ? _copy_to_user+0xc8/0x110
[   99.243791]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   99.249318]  ? put_timespec64+0x10f/0x1b0
[   99.253484]  ? nsecs_to_jiffies+0x30/0x30
[   99.257627]  ? do_syscall_64+0x9a/0x820
[   99.261593]  ? do_syscall_64+0x9a/0x820
[   99.265560]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[   99.270136]  ? security_file_ioctl+0x94/0xc0
[   99.274536]  ksys_ioctl+0xa9/0xd0
[   99.277984]  __x64_sys_ioctl+0x73/0xb0
[   99.281865]  do_syscall_64+0x1b9/0x820
[   99.285745]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[   99.291222]  ? syscall_return_slowpath+0x5e0/0x5e0
[   99.296214]  ? trace_hardirqs_on_caller+0x310/0x310
[   99.301233]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[   99.306246]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[   99.312901]  ? __switch_to_asm+0x40/0x70
[   99.316953]  ? __switch_to_asm+0x34/0x70
[   99.321014]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   99.326052]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   99.331245] RIP: 0033:0x457569
[   99.334444] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[   99.353339] RSP: 002b:00007f3464f34c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   99.361065] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569
[   99.368328] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007
[   99.375606] RBP: 000000000072c040 R08: 0000000000000000 R09: 0000000000000000
[   99.382868] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3464f356d4
[   99.390129] R13: 00000000004c0027 R14: 00000000004d0108 R15: 00000000ffffffff
[   99.397392] Modules linked in:
[   99.402651] kobject: 'kvm' (00000000df46c03a): kobject_uevent_env
[   99.403018] ---[ end trace 0528ea4a558670a6 ]---
[   99.408932] kobject: 'kvm' (00000000df46c03a): fill_kobj_path: path = '/devices/virtual/misc/kvm'
[   99.413708] RIP: 0010:kvm_pv_send_ipi+0x364/0xdd0
[   99.413718] Code: 45 84 ed 0f 84 da 07 00 00 e8 a8 2b 65 00 48 8d 4b 14 48 b8 00 00 00 00 00 fc ff df 48 89 ca 48 89 8d 70 fe ff ff 48 c1 ea 03 <0f> b6 14 02 48 89 c8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 f5
[   99.413722] RSP: 0018:ffff8801d150eee0 EFLAGS: 00010203
[   99.413729] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000014
[   99.413734] RDX: 0000000000000002 RSI: ffffffff8118f798 RDI: 0000000000000005
[   99.413739] RBP: ffff8801d150f080 R08: ffff8801ce2740c0 R09: ffffed003b5c5b4f
[   99.413744] R10: ffffed003b5c5b4f R11: ffff8801dae2da7b R12: ffff8801d150f058
[   99.413748] R13: 0000000000000001 R14: 0000000000000000 R15: ffff8801d150efd8
[   99.413755] FS:  00007f3464f35700(0000) GS:ffff8801dae00000(0000) knlGS:0000000000000000
[   99.413760] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   99.413765] CR2: 0000000000000000 CR3: 00000001c7872000 CR4: 00000000001426f0
[   99.413772] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   99.413776] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   99.413781] Kernel panic - not syncing: Fatal exception
[   99.414628] Kernel Offset: disabled
[   99.534001] Rebooting in 86400 seconds..