[   35.666311] audit: type=1800 audit(1539206290.459:25): pid=5652 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   35.704159] audit: type=1800 audit(1539206290.469:26): pid=5652 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   35.727633] audit: type=1800 audit(1539206290.469:27): pid=5652 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   36.179602] sshd (5715) used greatest stack depth: 16424 bytes left
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.53' (ECDSA) to the list of known hosts.
2018/10/10 21:36:56 parsed 1 programs
2018/10/10 21:36:58 executed programs: 0
syzkaller login: [ 1163.337305] IPVS: ftp: loaded support on port[0] = 21
[ 1163.529248] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1163.535746] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1163.543044] device bridge_slave_0 entered promiscuous mode
[ 1163.558887] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1163.565421] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1163.572662] device bridge_slave_1 entered promiscuous mode
[ 1163.586463] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[ 1163.601294] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[ 1163.639235] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 1163.655532] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 1163.710331] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[ 1163.717771] team0: Port device team_slave_0 added
[ 1163.731955] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[ 1163.739152] team0: Port device team_slave_1 added
[ 1163.752457] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1163.768360] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1163.784771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1163.800466] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1163.903455] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1163.909935] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1163.916586] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1163.922974] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1164.284978] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[ 1164.291345] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1164.330248] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[ 1164.369789] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1164.376795] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[ 1164.415504] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[ 1164.421626] 8021q: adding VLAN 0 to HW filter on device team0
[ 1164.478682] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1164.732228] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details.
[ 1165.534154] ------------[ cut here ]------------
[ 1165.538950] kernel BUG at arch/x86/kvm/x86.c:353!
[ 1165.543804] ------------[ cut here ]------------
[ 1165.548543] kernel BUG at arch/x86/kvm/x86.c:353!
[ 1165.553451] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[ 1165.558808] CPU: 1 PID: 6078 Comm: syz-executor0 Not tainted 4.19.0-rc7+ #276
[ 1165.566061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1165.575544] RIP: 0010:kvm_spurious_fault+0x9/0x10
[ 1165.580374] Code: 45 10 50 e8 e9 44 7c 00 58 5a 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 0f 1f 84 00 00 00 00 00 55 48 89 e5 e8 97 03 73 00 <0f> 0b 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 41 55 41 89 fd 41 54
[ 1165.599262] RSP: 0018:ffff8801daf07bd8 EFLAGS: 00010006
[ 1165.604615] RAX: ffff8801cd24e0c0 RBX: 1ffff1003b5e0f7f RCX: ffffffff81385bcc
[ 1165.611958] RDX: 0000000000010000 RSI: ffffffff810bd1f9 RDI: ffff8801daf07c18
[ 1165.619561] RBP: ffff8801daf07bd8 R08: ffff8801cd24e0c0 R09: ffffed003b5e5ba0
[ 1165.626817] R10: ffffed003b5e5ba0 R11: ffff8801daf2dd07 R12: ffff8801daf07c58
[ 1165.634072] R13: dffffc0000000000 R14: ffff8801cecb6000 R15: ffff8801daf07c18
[ 1165.641329] FS:  00007f93de8a4700(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000
[ 1165.649539] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1165.655402] CR2: ffff8801daf07c18 CR3: 00000001ba5f4000 CR4: 00000000001426e0
[ 1165.662659] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1165.669915] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1165.677164] Call Trace:
[ 1165.679736]  <IRQ>
[ 1165.681970]  kvm_fastop_exception+0x50b/0x5455
[ 1165.686603]  ? vmcs_clear+0x94/0x100
[ 1165.690344]  ? trace_hardirqs_on+0x310/0x310
[ 1165.694742]  ? vmx_set_cr3+0x7a0/0x7a0
[ 1165.698624]  __loaded_vmcs_clear+0x2d6/0x690
[ 1165.703093]  ? check_preemption_disabled+0x48/0x200
[ 1165.708096]  ? vmx_set_virtual_apic_mode+0x790/0x790
[ 1165.713218]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1165.718744]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1165.724301]  ? check_preemption_disabled+0x48/0x200
[ 1165.729307]  ? vmx_set_virtual_apic_mode+0x790/0x790
[ 1165.734442]  flush_smp_call_function_queue+0x1d2/0x640
[ 1165.739720]  ? smp_call_function_any+0x1c0/0x1c0
[ 1165.744524]  ? kvm_clock_read+0x18/0x30
[ 1165.748483]  ? kvm_sched_clock_read+0x9/0x20
[ 1165.752889]  ? sched_clock+0x31/0x40
[ 1165.756632]  ? sched_clock_cpu+0x1b/0x1b0
[ 1165.760776]  ? check_preemption_disabled+0x48/0x200
[ 1165.765787]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1165.771309]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1165.776831]  ? check_preemption_disabled+0x48/0x200
[ 1165.781836]  generic_smp_call_function_single_interrupt+0x13/0x2b
[ 1165.788057]  smp_call_function_single_interrupt+0x12f/0x650
[ 1165.793757]  ? smp_call_function_interrupt+0x650/0x650
[ 1165.799029]  ? interrupt_entry+0xb5/0xf0
[ 1165.803087]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1165.808090]  ? trace_hardirqs_off_caller+0xbb/0x310
[ 1165.813129]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1165.817965]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1165.822968]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1165.827969]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1165.833492]  ? check_preemption_disabled+0x48/0x200
[ 1165.838503]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1165.844050]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1165.848885]  call_function_single_interrupt+0xf/0x20
[ 1165.853979]  </IRQ>
[ 1165.856232] RIP: 0010:preempt_schedule_irq+0x7d/0x110
[ 1165.861409] Code: 00 e8 87 6a a6 f9 e8 c2 d8 d5 f9 4c 89 f0 48 c1 e8 03 42 80 3c 20 00 75 7b 48 83 3d 14 ea 82 01 00 74 61 fb 66 0f 1f 44 00 00 <bf> 01 00 00 00 e8 f9 d1 ff ff 41 80 7d 00 00 75 6a 48 83 3d ea e9
[ 1165.880303] RSP: 0018:ffff8801ba1ff0f0 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff04
[ 1165.888000] RAX: 1ffffffff1263e53 RBX: 0000000000000000 RCX: ffffffff8184e1ca
[ 1165.895252] RDX: 0000000000000004 RSI: ffffffff8184e1e4 RDI: ffffffff896fe100
[ 1165.902511] RBP: ffff8801ba1ff118 R08: ffff8801cd24e0c0 R09: ffffed003b5e5979
[ 1165.909772] R10: ffffed003b5e5979 R11: ffff8801daf2cbcb R12: dffffc0000000000
[ 1165.917025] R13: fffffbfff1263e52 R14: ffffffff8931f298 R15: ffffffff8931f290
[ 1165.924294]  ? trace_hardirqs_on+0x9a/0x310
[ 1165.928627]  ? trace_hardirqs_on+0xb4/0x310
[ 1165.932936]  retint_kernel+0x1b/0x2d
[ 1165.936687] RIP: 0010:do_error_trap+0x270/0x4d0
[ 1165.941342] Code: 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 4f 02 00 00 48 83 3d 55 6a 07 08 00 0f 84 46 01 00 00 fb 66 0f 1f 44 00 00 <e9> b8 fe ff ff 31 c0 41 b8 01 00 00 00 48 ba 00 00 00 00 00 fc ff
[ 1165.960226] RSP: 0018:ffff8801ba1ff1d8 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff02
[ 1165.967919] RAX: dffffc0000000000 RBX: ffff8801ba1ff328 RCX: ffffffff8184e1ca
[ 1165.975175] RDX: 1ffffffff1263e53 RSI: ffffffff8184e1e4 RDI: ffffffff8931f298
[ 1165.982432] RBP: ffff8801ba1ff308 R08: ffff8801cd24e0c0 R09: 0000000000000001
[ 1165.989689] R10: ffffed003b5e3ee2 R11: 0000000000000000 R12: 0000000000000006
[ 1165.996941] R13: ffff8801ba1ff2e0 R14: 0000000000000004 R15: 1ffff1003743fe40
[ 1166.004206]  ? trace_hardirqs_on+0x9a/0x310
[ 1166.008511]  ? trace_hardirqs_on+0xb4/0x310
[ 1166.012820]  ? do_error_trap+0x239/0x4d0
[ 1166.016942]  ? save_stack+0x43/0xd0
[ 1166.020567]  ? math_error+0x3f0/0x3f0
[ 1166.024353]  ? retint_kernel+0x2d/0x2d
[ 1166.028227]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1166.033055]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1166.038056]  ? trace_hardirqs_off+0x310/0x310
[ 1166.042596]  ? __alloc_pages_nodemask+0x6e4/0xde0
[ 1166.047425]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1166.052261]  do_invalid_op+0x1b/0x20
[ 1166.055959]  invalid_op+0x14/0x20
[ 1166.059399] RIP: 0010:kvm_spurious_fault+0x9/0x10
[ 1166.064226] Code: 45 10 50 e8 e9 44 7c 00 58 5a 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 0f 1f 84 00 00 00 00 00 55 48 89 e5 e8 97 03 73 00 <0f> 0b 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 41 55 41 89 fd 41 54
[ 1166.083112] RSP: 0018:ffff8801ba1ff3d0 EFLAGS: 00010293
[ 1166.088461] RAX: ffff8801cd24e0c0 RBX: 1ffff1003743fe7e RCX: ffffffff81385bcc
[ 1166.095716] RDX: 0000000000000000 RSI: ffffffff810bd1f9 RDI: ffff8801ba1ff410
[ 1166.102986] RBP: ffff8801ba1ff3d0 R08: ffff8801cd24e0c0 R09: ffff8801d2545000
[ 1166.110241] R10: ffffed003a4a8bff R11: ffff8801d2545fff R12: ffff8801ba1ff450
[ 1166.117496] R13: dffffc0000000000 R14: ffff8801d2545000 R15: ffff8801ba1ff410
[ 1166.124808]  ? __phys_addr+0x9c/0x120
[ 1166.128597]  ? kvm_spurious_fault+0x9/0x10
[ 1166.132824]  kvm_fastop_exception+0x50b/0x5455
[ 1166.137392]  ? vmcs_clear+0x94/0x100
[ 1166.141103]  ? vmx_set_cr3+0x7a0/0x7a0
[ 1166.144980]  ? memset+0x31/0x40
[ 1166.148245]  alloc_loaded_vmcs+0x7f/0x280
[ 1166.152382]  vmx_create_vcpu+0x20e/0x25e0
[ 1166.156518]  ? futex_wait_queue_me+0x55d/0x840
[ 1166.161122]  ? chrdev_open+0xde/0x710
[ 1166.164914]  ? refill_pi_state_cache.part.9+0x320/0x320
[ 1166.170300]  ? do_raw_spin_lock+0xc1/0x200
[ 1166.174532]  ? vmx_free_vcpu+0x300/0x300
[ 1166.178584]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1166.184107]  ? kasan_check_write+0x14/0x20
[ 1166.188342]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1166.193268]  ? wait_for_completion+0x8a0/0x8a0
[ 1166.197841]  ? __sanitizer_cov_trace_switch+0x53/0x90
[ 1166.203055]  kvm_arch_vcpu_create+0xe5/0x220
[ 1166.207449]  ? kvm_arch_vcpu_free+0x90/0x90
[ 1166.211959]  kvm_vm_ioctl+0x470/0x1d40
[ 1166.215839]  ? drop_futex_key_refs.isra.15+0x6d/0xe0
[ 1166.220927]  ? kvm_set_memory_region+0x50/0x50
[ 1166.225505]  ? mark_held_locks+0x130/0x130
[ 1166.229733]  ? do_futex+0x249/0x26d0
[ 1166.233431]  ? kasan_check_read+0x11/0x20
[ 1166.237620]  ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160
[ 1166.242881]  ? rcu_bh_qs+0xc0/0xc0
[ 1166.246426]  ? unwind_dump+0x190/0x190
[ 1166.250303]  ? exit_robust_list+0x280/0x280
[ 1166.254645]  ? kernel_text_address+0x79/0xf0
[ 1166.259157]  ? __fget+0x4aa/0x740
[ 1166.262611]  ? lock_downgrade+0x900/0x900
[ 1166.266751]  ? rcu_read_unlock_special.part.39+0x11f0/0x11f0
[ 1166.272538]  ? save_stack+0x43/0xd0
[ 1166.276151]  ? __kasan_slab_free+0x102/0x150
[ 1166.280544]  ? kasan_slab_free+0xe/0x10
[ 1166.285058]  ? __fget+0x4d1/0x740
[ 1166.288503]  ? ksys_dup3+0x680/0x680
[ 1166.292257]  ? __might_fault+0x12b/0x1e0
[ 1166.296305]  ? lock_downgrade+0x900/0x900
[ 1166.300436]  ? lock_release+0x970/0x970
[ 1166.304426]  ? arch_local_save_flags+0x40/0x40
[ 1166.308993]  ? kvm_set_memory_region+0x50/0x50
[ 1166.313562]  do_vfs_ioctl+0x1de/0x1720
[ 1166.317451]  ? ioctl_preallocate+0x300/0x300
[ 1166.321858]  ? __fget_light+0x2e9/0x430
[ 1166.325842]  ? fget_raw+0x20/0x20
[ 1166.329285]  ? _copy_to_user+0xc8/0x110
[ 1166.333248]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1166.338784]  ? put_timespec64+0x10f/0x1b0
[ 1166.342918]  ? nsecs_to_jiffies+0x30/0x30
[ 1166.347133]  ? security_file_ioctl+0x94/0xc0
[ 1166.351536]  ksys_ioctl+0xa9/0xd0
[ 1166.354978]  __x64_sys_ioctl+0x73/0xb0
[ 1166.358852]  do_syscall_64+0x1b9/0x820
[ 1166.362740]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1166.368090]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1166.373009]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1166.378034]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1166.383087]  ? recalc_sigpending_tsk+0x180/0x180
[ 1166.387840]  ? kasan_check_write+0x14/0x20
[ 1166.392065]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1166.396895]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1166.402068] RIP: 0033:0x457579
[ 1166.405256] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1166.424241] RSP: 002b:00007f93de8a3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1166.431947] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579
[ 1166.439202] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000007
[ 1166.446471] RBP: 000000000072c040 R08: 0000000000000000 R09: 0000000000000000
[ 1166.453726] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f93de8a46d4
[ 1166.460994] R13: 00000000004bfc18 R14: 00000000004cfca0 R15: 00000000ffffffff
[ 1166.468252] Modules linked in:
[ 1166.471479] ---[ end trace 5fa6089412d96a1a ]---
[ 1166.476226] RIP: 0010:kvm_spurious_fault+0x9/0x10
[ 1166.481056] Code: 45 10 50 e8 e9 44 7c 00 58 5a 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 0f 1f 84 00 00 00 00 00 55 48 89 e5 e8 97 03 73 00 <0f> 0b 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 41 55 41 89 fd 41 54
[ 1166.499942] RSP: 0018:ffff8801daf07bd8 EFLAGS: 00010006
[ 1166.505294] RAX: ffff8801cd24e0c0 RBX: 1ffff1003b5e0f7f RCX: ffffffff81385bcc
[ 1166.512549] RDX: 0000000000010000 RSI: ffffffff810bd1f9 RDI: ffff8801daf07c18
[ 1166.519805] RBP: ffff8801daf07bd8 R08: ffff8801cd24e0c0 R09: ffffed003b5e5ba0
[ 1166.527061] R10: ffffed003b5e5ba0 R11: ffff8801daf2dd07 R12: ffff8801daf07c58
[ 1166.534313] R13: dffffc0000000000 R14: ffff8801cecb6000 R15: ffff8801daf07c18
[ 1166.541578] FS:  00007f93de8a4700(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000
[ 1166.549786] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1166.555650] CR2: ffff8801daf07c18 CR3: 00000001ba5f4000 CR4: 00000000001426e0
[ 1166.562905] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1166.570183] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1166.577438] Kernel panic - not syncing: Fatal exception in interrupt
[ 1166.585182] Kernel Offset: disabled
[ 1166.588826] Rebooting in 86400 seconds..