[ 26.867591] audit: type=1800 audit(1539416531.227:27): pid=5459 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [ 26.889018] audit: type=1800 audit(1539416531.237:28): pid=5459 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 27.610864] audit: type=1800 audit(1539416532.047:29): pid=5459 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 27.631462] audit: type=1800 audit(1539416532.057:30): pid=5459 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.27' (ECDSA) to the list of known hosts. 2018/10/13 07:44:21 parsed 1 programs 2018/10/13 07:44:22 executed programs: 0 syzkaller login: [ 158.440489] IPVS: ftp: loaded support on port[0] = 21 [ 158.687901] bridge0: port 1(bridge_slave_0) entered blocking state [ 158.694523] bridge0: port 1(bridge_slave_0) entered disabled state [ 158.701734] device bridge_slave_0 entered promiscuous mode [ 158.721254] bridge0: port 2(bridge_slave_1) entered blocking state [ 158.727915] bridge0: port 2(bridge_slave_1) entered disabled state [ 158.734865] device bridge_slave_1 entered promiscuous mode [ 158.752492] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 158.769997] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 158.818667] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 158.838516] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 158.914638] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 158.922429] team0: Port device team_slave_0 added [ 158.938930] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 158.946225] team0: Port device team_slave_1 added [ 158.963712] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 158.984560] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 159.003752] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 159.023597] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 159.170510] bridge0: port 2(bridge_slave_1) entered blocking state [ 159.176978] bridge0: port 2(bridge_slave_1) entered forwarding state [ 159.183821] bridge0: port 1(bridge_slave_0) entered blocking state [ 159.190163] bridge0: port 1(bridge_slave_0) entered forwarding state [ 159.702402] 8021q: adding VLAN 0 to HW filter on device bond0 [ 159.754895] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 159.806602] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 159.813148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 159.820325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 159.871730] 8021q: adding VLAN 0 to HW filter on device team0 [ 160.188101] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details. [ 160.276582] ------------[ cut here ]------------ [ 160.281371] kernel BUG at arch/x86/kvm/x86.c:353! [ 160.286234] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 160.291615] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 4.19.0-rc7-next-20181012+ #93 [ 160.299408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 160.308770] RIP: 0010:kvm_spurious_fault+0x9/0x10 [ 160.313612] Code: 45 10 50 e8 99 db 7b 00 58 5a 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 0f 1f 84 00 00 00 00 00 55 48 89 e5 e8 b7 81 72 00 <0f> 0b 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 41 55 49 89 f5 41 54 [ 160.332512] RSP: 0018:ffff8801daf07bd8 EFLAGS: 00010006 [ 160.337870] RAX: ffff8801d9af2340 RBX: 1ffff1003b5e0f7f RCX: ffffffff8138fcac [ 160.345146] RDX: 0000000000010000 RSI: ffffffff810be899 RDI: ffff8801daf07c18 [ 160.352420] RBP: ffff8801daf07bd8 R08: ffff8801d9af2340 R09: ffffed003b5e5b68 [ 160.359685] R10: ffffed003b5e5b68 R11: ffff8801daf2db47 R12: ffff8801daf07c58 [ 160.366977] R13: dffffc0000000000 R14: ffff8801ce4af000 R15: ffff8801daf07c18 [ 160.374247] FS: 0000000000000000(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000 [ 160.382476] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 160.388368] CR2: ffff8801daf07c18 CR3: 00000001bb6f0000 CR4: 00000000001426e0 [ 160.395644] Call Trace: [ 160.398234] [ 160.400398] kvm_fastop_exception+0x484/0x54da [ 160.404979] ? vmcs_clear+0x94/0x100 [ 160.408694] ? handle_nmi_window+0xd0/0xd0 [ 160.412930] __loaded_vmcs_clear+0x2d6/0x690 [ 160.417339] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 160.422875] ? nested_get_vmcs12_pages+0x15b0/0x15b0 [ 160.427981] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 160.433516] ? check_preemption_disabled+0x48/0x200 [ 160.438539] ? nested_get_vmcs12_pages+0x15b0/0x15b0 [ 160.443647] flush_smp_call_function_queue+0x1d2/0x640 [ 160.448926] ? cpumask_weight+0x40/0x40 [ 160.452923] ? check_preemption_disabled+0x48/0x200 [ 160.457944] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 160.463481] ? rcu_pm_notify+0xc0/0xc0 [ 160.467376] generic_smp_call_function_single_interrupt+0x13/0x2b [ 160.473609] smp_call_function_single_interrupt+0x12f/0x640 [ 160.479323] ? smp_call_function_interrupt+0x640/0x640 [ 160.484613] ? interrupt_entry+0xb5/0xc0 [ 160.488679] ? trace_hardirqs_off_caller+0xbb/0x300 [ 160.493695] ? trace_hardirqs_off_caller+0xbb/0x300 [ 160.498717] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 160.503560] ? trace_hardirqs_on_caller+0x310/0x310 [ 160.508576] ? trace_hardirqs_on_caller+0x310/0x310 [ 160.513597] ? task_prio+0x50/0x50 [ 160.517153] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 160.522694] ? check_preemption_disabled+0x48/0x200 [ 160.527711] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 160.532559] call_function_single_interrupt+0xf/0x20 [ 160.537765] [ 160.540007] RIP: 0010:rcu_idle_exit+0x3d8/0x4f0 [ 160.544679] Code: 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 13 01 00 00 48 83 3d 0f 93 c8 07 00 74 57 4c 89 f7 57 9d <0f> 1f 44 00 00 e9 8a fe ff ff 80 3d f9 ea 85 08 00 0f 85 bb fd ff [ 160.563575] RSP: 0018:ffff8801d9b07c70 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff04 [ 160.571284] RAX: dffffc0000000000 RBX: ffff8801daf2d9c0 RCX: 0000000000000000 [ 160.578575] RDX: 1ffffffff1263ebe RSI: 0000000000000001 RDI: 0000000000000286 [ 160.585842] RBP: ffff8801d9b07d40 R08: ffff8801d9af2340 R09: 0000000000000000 [ 160.593108] R10: 0000000000000000 R11: 0000000000000000 R12: 1ffff1003b360f8f [ 160.600373] R13: ffff8801d9b07d18 R14: 0000000000000286 R15: 1ffff1003b360f9b [ 160.607664] ? rcu_irq_exit_irqson+0x130/0x130 [ 160.612248] ? tsc_verify_tsc_adjust+0x137/0x450 [ 160.617011] ? trace_hardirqs_off_caller+0x300/0x300 [ 160.622115] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 160.627651] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 160.633198] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 160.638741] do_idle+0x341/0x5c0 [ 160.642112] ? retint_kernel+0x2d/0x2d [ 160.646002] ? arch_cpu_idle_exit+0x70/0x70 [ 160.650351] cpu_startup_entry+0x10c/0x120 [ 160.654587] ? cpu_in_idle+0x20/0x20 [ 160.658308] start_secondary+0x487/0x5f0 [ 160.662372] ? set_cpu_sibling_map+0x1890/0x1890 [ 160.667132] secondary_startup_64+0xa4/0xb0 [ 160.671454] Modules linked in: [ 160.674661] ---[ end trace 957dfb804f2d5db2 ]--- [ 160.679418] RIP: 0010:kvm_spurious_fault+0x9/0x10 [ 160.684267] Code: 45 10 50 e8 99 db 7b 00 58 5a 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 0f 1f 84 00 00 00 00 00 55 48 89 e5 e8 b7 81 72 00 <0f> 0b 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 41 55 49 89 f5 41 54 [ 160.703167] RSP: 0018:ffff8801daf07bd8 EFLAGS: 00010006 [ 160.708539] RAX: ffff8801d9af2340 RBX: 1ffff1003b5e0f7f RCX: ffffffff8138fcac [ 160.715806] RDX: 0000000000010000 RSI: ffffffff810be899 RDI: ffff8801daf07c18 [ 160.723072] RBP: ffff8801daf07bd8 R08: ffff8801d9af2340 R09: ffffed003b5e5b68 [ 160.730351] R10: ffffed003b5e5b68 R11: ffff8801daf2db47 R12: ffff8801daf07c58 [ 160.737624] R13: dffffc0000000000 R14: ffff8801ce4af000 R15: ffff8801daf07c18 [ 160.744895] FS: 0000000000000000(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000 [ 160.753121] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 160.758996] CR2: ffff8801daf07c18 CR3: 00000001bb6f0000 CR4: 00000000001426e0 [ 160.766270] Kernel panic - not syncing: Fatal exception in interrupt [ 160.773613] Kernel Offset: disabled [ 160.777238] Rebooting in 86400 seconds..