[ 34.755853] audit: type=1800 audit(1551018469.778:27): pid=7459 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [ 34.790284] audit: type=1800 audit(1551018469.778:28): pid=7459 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 35.517215] audit: type=1800 audit(1551018470.598:29): pid=7459 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 35.542167] audit: type=1800 audit(1551018470.608:30): pid=7459 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.235' (ECDSA) to the list of known hosts. 2019/02/24 14:28:02 parsed 1 programs 2019/02/24 14:28:03 executed programs: 0 syzkaller login: [ 48.767978] IPVS: ftp: loaded support on port[0] = 21 [ 48.818648] chnl_net:caif_netlink_parms(): no params data found [ 48.847846] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.855084] bridge0: port 1(bridge_slave_0) entered disabled state [ 48.862079] device bridge_slave_0 entered promiscuous mode [ 48.869344] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.875731] bridge0: port 2(bridge_slave_1) entered disabled state [ 48.882752] device bridge_slave_1 entered promiscuous mode [ 48.897547] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 48.906737] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 48.923040] team0: Port device team_slave_0 added [ 48.929040] team0: Port device team_slave_1 added [ 49.010297] device hsr_slave_0 entered promiscuous mode [ 49.088927] device hsr_slave_1 entered promiscuous mode [ 49.146690] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.153144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.160061] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.166421] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.194887] 8021q: adding VLAN 0 to HW filter on device bond0 [ 49.205701] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 49.214567] bridge0: port 1(bridge_slave_0) entered disabled state [ 49.232261] bridge0: port 2(bridge_slave_1) entered disabled state [ 49.240101] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 49.250972] 8021q: adding VLAN 0 to HW filter on device team0 [ 49.259234] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 49.266841] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.273259] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.289952] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 49.297560] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.303956] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.312983] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 49.320783] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 49.329006] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 49.338333] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 49.349461] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 49.360357] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 49.367289] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 49.383214] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 49.430580] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details. [ 50.142003] BUG: unable to handle kernel paging request at ffff888093442000 [ 50.149130] #PF error: [PROT] [WRITE] [RSVD] [ 50.153535] PGD b201067 P4D b201067 PUD 21ffff067 PMD 80000000934001e3 [ 50.160316] Oops: 000b [#1] PREEMPT SMP KASAN [ 50.164822] CPU: 0 PID: 7656 Comm: syz-executor.0 Not tainted 5.0.0-rc7+ #86 [ 50.171994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 50.181341] RIP: 0010:mmu_page_zap_pte+0x18a/0x250 [ 50.186257] Code: 8b 73 28 4c 89 e7 48 83 c6 48 e8 b1 3f ff ff 4c 89 e2 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 a4 00 00 00 <49> c7 04 24 00 00 00 00 41 be 01 00 00 00 e9 fd fe ff ff e8 9e 4a [ 50.205138] RSP: 0018:ffff88808e3bfb40 EFLAGS: 00010246 [ 50.210482] RAX: dffffc0000000000 RBX: ffffea00025ae940 RCX: ffffffff810ed6cb [ 50.217744] RDX: 1ffff11012688400 RSI: ffffffff810ed6f4 RDI: 0000000000000007 [ 50.225014] RBP: ffff88808e3bfb68 R08: ffff8880916c2500 R09: ffffed1015d05bd0 [ 50.232280] R10: ffffed1015d05bcf R11: ffff8880ae82de7b R12: ffff888093442000 [ 50.239549] R13: 0000000000000004 R14: ffffc90006043000 R15: 0000000000000000 [ 50.246800] FS: 00000000013f2940(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000 [ 50.255005] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 50.260866] CR2: ffff888093442000 CR3: 000000008dd7a000 CR4: 00000000001426f0 [ 50.268131] Call Trace: [ 50.270732] kvm_mmu_prepare_zap_page+0x163/0x1170 [ 50.275644] ? paging64_gva_to_gpa_nested+0x1d0/0x1d0 [ 50.280818] kvm_mmu_invalidate_zap_all_pages+0x3ca/0x550 [ 50.286354] kvm_arch_flush_shadow_all+0x16/0x20 [ 50.291094] kvm_mmu_notifier_release+0x5c/0x90 [ 50.295745] ? kvm_vcpu_on_spin+0x550/0x550 [ 50.300049] mmu_notifier_unregister+0x137/0x410 [ 50.304788] ? free_pages+0x46/0x50 [ 50.308394] ? kvm_vcpu_on_spin+0x550/0x550 [ 50.312696] kvm_put_kvm+0x553/0xc70 [ 50.316394] ? kvm_vm_release+0x60/0x60 [ 50.320349] kvm_vcpu_release+0x7b/0xa0 [ 50.324305] __fput+0x2df/0x8d0 [ 50.327567] ____fput+0x16/0x20 [ 50.330838] task_work_run+0x14a/0x1c0 [ 50.334721] exit_to_usermode_loop+0x273/0x2c0 [ 50.339301] do_syscall_64+0x52d/0x610 [ 50.343173] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 50.348342] RIP: 0033:0x411d31 [ 50.351527] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 94 19 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 50.370408] RSP: 002b:00007ffe73c67380 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 50.378093] RAX: 0000000000000000 RBX: 0000000000000006 RCX: 0000000000411d31 [ 50.385356] RDX: 0000000000000000 RSI: 0000000000740528 RDI: 0000000000000005 [ 50.392607] RBP: 0000000000000000 R08: 0000000000740520 R09: 000000000000c38e [ 50.399875] R10: 00007ffe73c672a0 R11: 0000000000000293 R12: 0000000000000000 [ 50.407124] R13: 0000000000000001 R14: 0000000000000005 R15: 0000000000000000 [ 50.414374] Modules linked in: [ 50.417546] CR2: ffff888093442000 [ 50.420980] ---[ end trace a5c3cbabd59bc178 ]--- [ 50.425728] RIP: 0010:mmu_page_zap_pte+0x18a/0x250 [ 50.430653] Code: 8b 73 28 4c 89 e7 48 83 c6 48 e8 b1 3f ff ff 4c 89 e2 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 a4 00 00 00 <49> c7 04 24 00 00 00 00 41 be 01 00 00 00 e9 fd fe ff ff e8 9e 4a [ 50.449539] RSP: 0018:ffff88808e3bfb40 EFLAGS: 00010246 [ 50.454879] RAX: dffffc0000000000 RBX: ffffea00025ae940 RCX: ffffffff810ed6cb [ 50.462126] RDX: 1ffff11012688400 RSI: ffffffff810ed6f4 RDI: 0000000000000007 [ 50.469379] RBP: ffff88808e3bfb68 R08: ffff8880916c2500 R09: ffffed1015d05bd0 [ 50.476644] R10: ffffed1015d05bcf R11: ffff8880ae82de7b R12: ffff888093442000 [ 50.483893] R13: 0000000000000004 R14: ffffc90006043000 R15: 0000000000000000 [ 50.491155] FS: 00000000013f2940(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000 [ 50.499372] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 50.505228] CR2: ffff888093442000 CR3: 000000008dd7a000 CR4: 00000000001426f0 [ 50.512480] Kernel panic - not syncing: Fatal exception [ 50.518775] Kernel Offset: disabled [ 50.522396] Rebooting in 86400 seconds..