[   57.326051] audit: type=1800 audit(1540380792.375:25): pid=6074 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   57.345888] audit: type=1800 audit(1540380792.385:26): pid=6074 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   57.365568] audit: type=1800 audit(1540380792.405:27): pid=6074 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[   57.397994] audit: type=1800 audit(1540380792.435:28): pid=6074 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.78' (ECDSA) to the list of known hosts.
2018/10/24 11:33:41 parsed 1 programs
syzkaller login: [   90.377388] ld (6237) used greatest stack depth: 53280 bytes left
2018/10/24 11:33:47 executed programs: 0
[   92.719779] IPVS: ftp: loaded support on port[0] = 21
[   93.310916] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.317542] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.325775] device bridge_slave_0 entered promiscuous mode
[   93.365813] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.372297] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.379880] device bridge_slave_1 entered promiscuous mode
[   93.418053] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   93.456373] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   93.572490] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   93.615031] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   93.802816] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   93.810403] team0: Port device team_slave_0 added
[   93.848808] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   93.856484] team0: Port device team_slave_1 added
[   93.895537] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   93.938369] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   93.980977] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   94.021968] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   94.163618] ip (6318) used greatest stack depth: 53264 bytes left
[   94.425767] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.432347] bridge0: port 2(bridge_slave_1) entered forwarding state
[   94.439126] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.445714] bridge0: port 1(bridge_slave_0) entered forwarding state
[   94.453656] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[   95.141988] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   96.002100] 8021q: adding VLAN 0 to HW filter on device bond0
[   96.136530] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   96.268230] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   96.274577] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   96.282496] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   96.418525] 8021q: adding VLAN 0 to HW filter on device team0
[   97.236613] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details.
[   97.342982] ==================================================================
[   97.350430] BUG: KMSAN: kernel-infoleak in kvm_write_guest_page+0x366/0x4c0
[   97.357588] CPU: 1 PID: 6498 Comm: syz-executor0 Not tainted 4.19.0-rc8+ #70
[   97.364813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   97.374165] Call Trace:
[   97.376782]  dump_stack+0x306/0x460
[   97.380428]  ? kvm_write_guest_page+0x366/0x4c0
[   97.385127]  kmsan_report+0x1a2/0x2e0
[   97.389170]  kmsan_internal_check_memory+0x374/0x460
[   97.394291]  ? __msan_metadata_ptr_for_store_4+0x13/0x20
[   97.399749]  kmsan_copy_to_user+0x89/0xe0
[   97.403898]  kvm_write_guest_page+0x366/0x4c0
[   97.408436]  kvm_write_guest+0x1d6/0x350
[   97.412530]  kvm_emulate_hypercall+0x1cb9/0x20d0
[   97.417331]  handle_vmcall+0x41/0x50
[   97.421065]  ? handle_rdpmc+0x80/0x80
[   97.424864]  vmx_handle_exit+0x20f5/0xb900
[   97.429116]  ? vmx_flush_tlb_gva+0x450/0x450
[   97.433532]  kvm_arch_vcpu_ioctl_run+0xa22b/0x10ab0
[   97.438655]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[   97.444025]  ? __list_del_entry_valid+0x123/0x440
[   97.448913]  ? __msan_metadata_ptr_for_store_1+0x13/0x20
[   97.454389]  ? wait_for_common+0x791/0x960
[   97.458679]  ? kmsan_set_origin+0x83/0x140
[   97.462919]  ? kmsan_internal_unpoison_shadow+0x83/0xe0
[   97.468287]  ? __msan_get_context_state+0x9/0x30
[   97.473046]  ? INIT_BOOL+0x17/0x30
[   97.476609]  ? put_pid+0x3de/0x410
[   97.480169]  kvm_vcpu_ioctl+0x11a7/0x20b0
[   97.484352]  ? do_vfs_ioctl+0x187/0x2ca0
[   97.488434]  ? __se_sys_ioctl+0x1da/0x270
[   97.492586]  ? kvm_vm_release+0x90/0x90
[   97.496575]  do_vfs_ioctl+0xf28/0x2ca0
[   97.500478]  ? security_file_ioctl+0x92/0x200
[   97.504994]  __se_sys_ioctl+0x1da/0x270
[   97.508978]  __x64_sys_ioctl+0x4a/0x70
[   97.512864]  do_syscall_64+0xbe/0x100
[   97.516681]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[   97.521905] RIP: 0033:0x457569
[   97.525109] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[   97.544035] RSP: 002b:00007f1b3797fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   97.551743] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569
[   97.559004] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[   97.566267] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000
[   97.573529] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1b379806d4
[   97.580794] R13: 00000000004c0027 R14: 00000000004d0108 R15: 00000000ffffffff
[   97.588074] 
[   97.589704] Local variable description: ----clock_pairing.i@kvm_emulate_hypercall
[   97.597327] Variable was created at:
[   97.601043]  kvm_emulate_hypercall+0x60/0x20d0
[   97.605621]  handle_vmcall+0x41/0x50
[   97.609323] 
[   97.610976] Bytes 28-63 of 64 are uninitialized
[   97.615634] Memory access of size 64 starts at ffff8801a11bf440
[   97.621681] ==================================================================
[   97.629042] Disabling lock debugging due to kernel taint
[   97.634486] Kernel panic - not syncing: panic_on_warn set ...
[   97.634486] 
[   97.641857] CPU: 1 PID: 6498 Comm: syz-executor0 Tainted: G    B             4.19.0-rc8+ #70
[   97.650429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   97.659781] Call Trace:
[   97.662376]  dump_stack+0x306/0x460
[   97.666017]  panic+0x54c/0xafa
[   97.669241]  ? __msan_metadata_ptr_for_store_1+0x13/0x20
[   97.674717]  kmsan_report+0x2d3/0x2e0
[   97.678568]  kmsan_internal_check_memory+0x374/0x460
[   97.683678]  ? __msan_metadata_ptr_for_store_4+0x13/0x20
[   97.689164]  kmsan_copy_to_user+0x89/0xe0
[   97.693331]  kvm_write_guest_page+0x366/0x4c0
[   97.697838]  kvm_write_guest+0x1d6/0x350
[   97.701916]  kvm_emulate_hypercall+0x1cb9/0x20d0
[   97.706701]  handle_vmcall+0x41/0x50
[   97.710414]  ? handle_rdpmc+0x80/0x80
[   97.714213]  vmx_handle_exit+0x20f5/0xb900
[   97.718481]  ? vmx_flush_tlb_gva+0x450/0x450
[   97.722891]  kvm_arch_vcpu_ioctl_run+0xa22b/0x10ab0
[   97.727994]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[   97.733360]  ? __list_del_entry_valid+0x123/0x440
[   97.738223]  ? __msan_metadata_ptr_for_store_1+0x13/0x20
[   97.743715]  ? wait_for_common+0x791/0x960
[   97.747981]  ? kmsan_set_origin+0x83/0x140
[   97.752220]  ? kmsan_internal_unpoison_shadow+0x83/0xe0
[   97.757587]  ? __msan_get_context_state+0x9/0x30
[   97.762349]  ? INIT_BOOL+0x17/0x30
[   97.765912]  ? put_pid+0x3de/0x410
[   97.769496]  kvm_vcpu_ioctl+0x11a7/0x20b0
[   97.773688]  ? do_vfs_ioctl+0x187/0x2ca0
[   97.777766]  ? __se_sys_ioctl+0x1da/0x270
[   97.781933]  ? kvm_vm_release+0x90/0x90
[   97.785905]  do_vfs_ioctl+0xf28/0x2ca0
[   97.789829]  ? security_file_ioctl+0x92/0x200
[   97.794341]  __se_sys_ioctl+0x1da/0x270
[   97.798321]  __x64_sys_ioctl+0x4a/0x70
[   97.802207]  do_syscall_64+0xbe/0x100
[   97.806013]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[   97.811209] RIP: 0033:0x457569
[   97.814433] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[   97.833345] RSP: 002b:00007f1b3797fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   97.841053] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569
[   97.848331] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[   97.855623] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000
[   97.862914] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1b379806d4
[   97.870187] R13: 00000000004c0027 R14: 00000000004d0108 R15: 00000000ffffffff
[   97.878396] Kernel Offset: disabled
[   97.882038] Rebooting in 86400 seconds..