[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   57.282981][   T26] audit: type=1800 audit(1575344506.745:25): pid=8786 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   57.303025][   T26] audit: type=1800 audit(1575344506.745:26): pid=8786 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   57.323762][   T26] audit: type=1800 audit(1575344506.745:27): pid=8786 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.1.55' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   82.041499][ T8940] ==================================================================
[   82.049792][ T8940] BUG: KASAN: vmalloc-out-of-bounds in kvm_dev_ioctl_get_cpuid+0xad7/0xb0b
[   82.058353][ T8940] Write of size 4 at addr ffffc90000d36050 by task syz-executor580/8940
[   82.066675][ T8940] 
[   82.068987][ T8940] CPU: 0 PID: 8940 Comm: syz-executor580 Not tainted 5.4.0-syzkaller #0
[   82.077413][ T8940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   82.087444][ T8940] Call Trace:
[   82.090712][ T8940]  dump_stack+0x197/0x210
[   82.095031][ T8940]  ? kvm_dev_ioctl_get_cpuid+0xad7/0xb0b
[   82.100643][ T8940]  print_address_description.constprop.0.cold+0x5/0x30b
[   82.107555][ T8940]  ? kvm_dev_ioctl_get_cpuid+0xad7/0xb0b
[   82.113161][ T8940]  ? kvm_dev_ioctl_get_cpuid+0xad7/0xb0b
[   82.118789][ T8940]  __kasan_report.cold+0x1b/0x41
[   82.123709][ T8940]  ? kvm_dev_ioctl_get_cpuid+0xe1/0xb0b
[   82.129234][ T8940]  ? kvm_dev_ioctl_get_cpuid+0xad7/0xb0b
[   82.134851][ T8940]  kasan_report+0x12/0x20
[   82.139161][ T8940]  __asan_report_store4_noabort+0x17/0x20
[   82.144855][ T8940]  kvm_dev_ioctl_get_cpuid+0xad7/0xb0b
[   82.150294][ T8940]  ? kvm_vcpu_ioctl_get_cpuid2+0x160/0x160
[   82.156081][ T8940]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   82.162296][ T8940]  ? _copy_from_user+0x12c/0x1a0
[   82.167244][ T8940]  kvm_arch_dev_ioctl+0x300/0x4b0
[   82.172254][ T8940]  ? kvm_vm_ioctl_check_extension+0x3d0/0x3d0
[   82.178306][ T8940]  kvm_dev_ioctl+0x127/0x17d0
[   82.182961][ T8940]  ? putname+0xf4/0x130
[   82.187105][ T8940]  ? do_sys_open+0x31d/0x5d0
[   82.191692][ T8940]  ? kvm_put_kvm+0xcc0/0xcc0
[   82.196289][ T8940]  ? tomoyo_file_ioctl+0x23/0x30
[   82.201235][ T8940]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   82.207460][ T8940]  ? security_file_ioctl+0x8d/0xc0
[   82.212673][ T8940]  __ia32_compat_sys_ioctl+0x22d/0x5c0
[   82.218147][ T8940]  ? kvm_put_kvm+0xcc0/0xcc0
[   82.222720][ T8940]  do_fast_syscall_32+0x27b/0xe16
[   82.227726][ T8940]  entry_SYSENTER_compat+0x70/0x7f
[   82.232811][ T8940] RIP: 0023:0xf7fc6a39
[   82.236864][ T8940] Code: 00 00 00 89 d3 5b 5e 5f 5d c3 b8 80 96 98 00 eb c4 8b 04 24 c3 8b 1c 24 c3 8b 34 24 c3 8b 3c 24 c3 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[   82.256452][ T8940] RSP: 002b:00000000ff83a73c EFLAGS: 00000213 ORIG_RAX: 0000000000000036
[   82.264846][ T8940] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c008ae09
[   82.272803][ T8940] RDX: 0000000020000000 RSI: 00000000080ea078 RDI: 00000000ff83a790
[   82.280754][ T8940] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   82.288707][ T8940] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[   82.296653][ T8940] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   82.304610][ T8940] 
[   82.306914][ T8940] 
[   82.309216][ T8940] Memory state around the buggy address:
[   82.314831][ T8940]  ffffc90000d35f00: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9
[   82.322867][ T8940]  ffffc90000d35f80: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9
[   82.330905][ T8940] >ffffc90000d36000: 00 00 00 00 00 00 00 00 00 00 f9 f9 f9 f9 f9 f9
[   82.338939][ T8940]                                                  ^
[   82.345585][ T8940]  ffffc90000d36080: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9
[   82.353620][ T8940]  ffffc90000d36100: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9
[   82.361652][ T8940] ==================================================================
[   82.369685][ T8940] Disabling lock debugging due to kernel taint
[   82.376432][ T8940] Kernel panic - not syncing: panic_on_warn set ...
[   82.383027][ T8940] CPU: 0 PID: 8940 Comm: syz-executor580 Tainted: G    B             5.4.0-syzkaller #0
[   82.392720][ T8940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   82.402753][ T8940] Call Trace:
[   82.406033][ T8940]  dump_stack+0x197/0x210
[   82.410345][ T8940]  panic+0x2e3/0x75c
[   82.414217][ T8940]  ? add_taint.cold+0x16/0x16
[   82.418891][ T8940]  ? kvm_dev_ioctl_get_cpuid+0xad7/0xb0b
[   82.424502][ T8940]  ? preempt_schedule+0x4b/0x60
[   82.429330][ T8940]  ? ___preempt_schedule+0x16/0x18
[   82.434418][ T8940]  ? trace_hardirqs_on+0x5e/0x240
[   82.439430][ T8940]  ? kvm_dev_ioctl_get_cpuid+0xad7/0xb0b
[   82.445045][ T8940]  end_report+0x47/0x4f
[   82.449199][ T8940]  ? kvm_dev_ioctl_get_cpuid+0xad7/0xb0b
[   82.454803][ T8940]  __kasan_report.cold+0xe/0x41
[   82.459644][ T8940]  ? kvm_dev_ioctl_get_cpuid+0xe1/0xb0b
[   82.465165][ T8940]  ? kvm_dev_ioctl_get_cpuid+0xad7/0xb0b
[   82.470782][ T8940]  kasan_report+0x12/0x20
[   82.475087][ T8940]  __asan_report_store4_noabort+0x17/0x20
[   82.480781][ T8940]  kvm_dev_ioctl_get_cpuid+0xad7/0xb0b
[   82.486218][ T8940]  ? kvm_vcpu_ioctl_get_cpuid2+0x160/0x160
[   82.492002][ T8940]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   82.498216][ T8940]  ? _copy_from_user+0x12c/0x1a0
[   82.503130][ T8940]  kvm_arch_dev_ioctl+0x300/0x4b0
[   82.508138][ T8940]  ? kvm_vm_ioctl_check_extension+0x3d0/0x3d0
[   82.514198][ T8940]  kvm_dev_ioctl+0x127/0x17d0
[   82.518896][ T8940]  ? putname+0xf4/0x130
[   82.523041][ T8940]  ? do_sys_open+0x31d/0x5d0
[   82.527610][ T8940]  ? kvm_put_kvm+0xcc0/0xcc0
[   82.532184][ T8940]  ? tomoyo_file_ioctl+0x23/0x30
[   82.537100][ T8940]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   82.543314][ T8940]  ? security_file_ioctl+0x8d/0xc0
[   82.548404][ T8940]  __ia32_compat_sys_ioctl+0x22d/0x5c0
[   82.553837][ T8940]  ? kvm_put_kvm+0xcc0/0xcc0
[   82.558407][ T8940]  do_fast_syscall_32+0x27b/0xe16
[   82.563406][ T8940]  entry_SYSENTER_compat+0x70/0x7f
[   82.568495][ T8940] RIP: 0023:0xf7fc6a39
[   82.572539][ T8940] Code: 00 00 00 89 d3 5b 5e 5f 5d c3 b8 80 96 98 00 eb c4 8b 04 24 c3 8b 1c 24 c3 8b 34 24 c3 8b 3c 24 c3 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[   82.592116][ T8940] RSP: 002b:00000000ff83a73c EFLAGS: 00000213 ORIG_RAX: 0000000000000036
[   82.600500][ T8940] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c008ae09
[   82.608457][ T8940] RDX: 0000000020000000 RSI: 00000000080ea078 RDI: 00000000ff83a790
[   82.616401][ T8940] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   82.624346][ T8940] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[   82.632316][ T8940] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   82.641644][ T8940] Kernel Offset: disabled
[   82.645967][ T8940] Rebooting in 86400 seconds..