[   56.744603] audit: type=1800 audit(1540403046.799:25): pid=6055 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   56.763727] audit: type=1800 audit(1540403046.799:26): pid=6055 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   56.783440] audit: type=1800 audit(1540403046.819:27): pid=6055 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   59.616872] sshd (6190) used greatest stack depth: 53280 bytes left

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.21' (ECDSA) to the list of known hosts.
2018/10/24 17:44:19 parsed 1 programs
2018/10/24 17:44:25 executed programs: 0
syzkaller login: [   75.729574] IPVS: ftp: loaded support on port[0] = 21
[   76.301968] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.308403] bridge0: port 1(bridge_slave_0) entered disabled state
[   76.316648] device bridge_slave_0 entered promiscuous mode
[   76.354403] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.360835] bridge0: port 2(bridge_slave_1) entered disabled state
[   76.368945] device bridge_slave_1 entered promiscuous mode
[   76.406142] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   76.444072] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   76.558178] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   76.599094] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   76.780780] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   76.788635] team0: Port device team_slave_0 added
[   76.825895] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   76.833639] team0: Port device team_slave_1 added
[   76.870866] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   76.909833] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   76.948550] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   76.990372] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   77.365458] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.371945] bridge0: port 2(bridge_slave_1) entered forwarding state
[   77.378678] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.385262] bridge0: port 1(bridge_slave_0) entered forwarding state
[   77.393073] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   78.141263] ip (6361) used greatest stack depth: 53152 bytes left
[   78.172079] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   78.760478] 8021q: adding VLAN 0 to HW filter on device bond0
[   78.886510] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   79.012106] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   79.018369] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   79.026486] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   79.181600] 8021q: adding VLAN 0 to HW filter on device team0
[   79.989788] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details.
[   80.092626] ==================================================================
[   80.100166] BUG: KMSAN: kernel-infoleak in kvm_write_guest_page+0x366/0x4c0
[   80.107268] CPU: 1 PID: 6477 Comm: syz-executor0 Not tainted 4.19.0-rc8+ #70
[   80.114442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   80.123818] Call Trace:
[   80.126481]  dump_stack+0x306/0x460
[   80.130119]  ? kvm_write_guest_page+0x366/0x4c0
[   80.134801]  kmsan_report+0x1a2/0x2e0
[   80.138608]  kmsan_internal_check_memory+0x374/0x460
[   80.143714]  ? __msan_metadata_ptr_for_store_4+0x13/0x20
[   80.149199]  kmsan_copy_to_user+0x89/0xe0
[   80.153365]  kvm_write_guest_page+0x366/0x4c0
[   80.157890]  kvm_write_guest+0x1d6/0x350
[   80.161993]  kvm_emulate_hypercall+0x1cb9/0x20d0
[   80.166790]  handle_vmcall+0x41/0x50
[   80.170500]  ? handle_rdpmc+0x80/0x80
[   80.174305]  vmx_handle_exit+0x20f5/0xb900
[   80.178570]  ? vmx_flush_tlb_gva+0x450/0x450
[   80.182978]  kvm_arch_vcpu_ioctl_run+0xa22b/0x10ab0
[   80.188020]  ? kmsan_set_origin_inline+0x6b/0x120
[   80.192873]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[   80.198358]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[   80.203742]  ? __list_del_entry_valid+0x123/0x440
[   80.208601]  ? __msan_metadata_ptr_for_store_1+0x13/0x20
[   80.214072]  ? wait_for_common+0x791/0x960
[   80.218341]  ? kmsan_set_origin+0x83/0x140
[   80.222595]  ? kmsan_internal_unpoison_shadow+0x83/0xe0
[   80.227960]  ? __msan_get_context_state+0x9/0x30
[   80.232714]  ? INIT_BOOL+0x17/0x30
[   80.236251]  ? put_pid+0x3de/0x410
[   80.239791]  ? cachefiles_walk_to_object+0x36a5/0x4210
[   80.245089]  kvm_vcpu_ioctl+0x11a7/0x20b0
[   80.249265]  ? do_vfs_ioctl+0x187/0x2ca0
[   80.253325]  ? __se_sys_ioctl+0x1da/0x270
[   80.257472]  ? kvm_vm_release+0x90/0x90
[   80.261445]  do_vfs_ioctl+0xf28/0x2ca0
[   80.265346]  ? security_file_ioctl+0x92/0x200
[   80.269847]  __se_sys_ioctl+0x1da/0x270
[   80.273886]  __x64_sys_ioctl+0x4a/0x70
[   80.277811]  do_syscall_64+0xbe/0x100
[   80.281632]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[   80.286817] RIP: 0033:0x457569
[   80.290002] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[   80.308910] RSP: 002b:00007f934e6b0c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   80.316628] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569
[   80.323891] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[   80.331155] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000
[   80.338419] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f934e6b16d4
[   80.345688] R13: 00000000004c0027 R14: 00000000004d0108 R15: 00000000ffffffff
[   80.352977] 
[   80.354615] Local variable description: ----clock_pairing.i@kvm_emulate_hypercall
[   80.362222] Variable was created at:
[   80.365966]  kvm_emulate_hypercall+0x60/0x20d0
[   80.370578]  handle_vmcall+0x41/0x50
[   80.374296] 
[   80.375929] Bytes 28-63 of 64 are uninitialized
[   80.380591] Memory access of size 64 starts at ffff88019e8af440
[   80.386635] ==================================================================
[   80.394001] Disabling lock debugging due to kernel taint
[   80.399439] Kernel panic - not syncing: panic_on_warn set ...
[   80.399439] 
[   80.406828] CPU: 1 PID: 6477 Comm: syz-executor0 Tainted: G    B             4.19.0-rc8+ #70
[   80.415436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   80.424788] Call Trace:
[   80.427397]  dump_stack+0x306/0x460
[   80.431041]  panic+0x54c/0xafa
[   80.434298]  ? __msan_metadata_ptr_for_store_1+0x13/0x20
[   80.439782]  kmsan_report+0x2d3/0x2e0
[   80.443590]  kmsan_internal_check_memory+0x374/0x460
[   80.448722]  ? __msan_metadata_ptr_for_store_4+0x13/0x20
[   80.454197]  kmsan_copy_to_user+0x89/0xe0
[   80.458364]  kvm_write_guest_page+0x366/0x4c0
[   80.462888]  kvm_write_guest+0x1d6/0x350
[   80.466962]  kvm_emulate_hypercall+0x1cb9/0x20d0
[   80.471782]  handle_vmcall+0x41/0x50
[   80.475510]  ? handle_rdpmc+0x80/0x80
[   80.479308]  vmx_handle_exit+0x20f5/0xb900
[   80.483587]  ? vmx_flush_tlb_gva+0x450/0x450
[   80.488030]  kvm_arch_vcpu_ioctl_run+0xa22b/0x10ab0
[   80.493042]  ? kmsan_set_origin_inline+0x6b/0x120
[   80.497924]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[   80.503375]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[   80.508756]  ? __list_del_entry_valid+0x123/0x440
[   80.513644]  ? __msan_metadata_ptr_for_store_1+0x13/0x20
[   80.519106]  ? wait_for_common+0x791/0x960
[   80.523359]  ? kmsan_set_origin+0x83/0x140
[   80.527594]  ? kmsan_internal_unpoison_shadow+0x83/0xe0
[   80.532981]  ? __msan_get_context_state+0x9/0x30
[   80.537756]  ? INIT_BOOL+0x17/0x30
[   80.541305]  ? put_pid+0x3de/0x410
[   80.544868]  ? cachefiles_walk_to_object+0x36a5/0x4210
[   80.550183]  kvm_vcpu_ioctl+0x11a7/0x20b0
[   80.554365]  ? do_vfs_ioctl+0x187/0x2ca0
[   80.558450]  ? __se_sys_ioctl+0x1da/0x270
[   80.562597]  ? kvm_vm_release+0x90/0x90
[   80.566569]  do_vfs_ioctl+0xf28/0x2ca0
[   80.570487]  ? security_file_ioctl+0x92/0x200
[   80.574992]  __se_sys_ioctl+0x1da/0x270
[   80.578976]  __x64_sys_ioctl+0x4a/0x70
[   80.582864]  do_syscall_64+0xbe/0x100
[   80.586669]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[   80.591900] RIP: 0033:0x457569
[   80.595114] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[   80.614021] RSP: 002b:00007f934e6b0c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   80.621749] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569
[   80.629042] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[   80.636310] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000
[   80.643579] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f934e6b16d4
[   80.650892] R13: 00000000004c0027 R14: 00000000004d0108 R15: 00000000ffffffff
[   80.659153] Kernel Offset: disabled
[   80.662794] Rebooting in 86400 seconds..