[ 53.752569] audit: type=1800 audit(1542723757.782:27): pid=6487 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [ 53.772284] audit: type=1800 audit(1542723757.802:28): pid=6487 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 55.584524] audit: type=1800 audit(1542723759.632:29): pid=6487 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 55.603940] audit: type=1800 audit(1542723759.632:30): pid=6487 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.19' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 66.960366] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details. [ 66.997192] ================================================================== [ 67.004651] BUG: KMSAN: uninit-value in vmx_queue_exception+0x757/0x920 [ 67.011384] CPU: 0 PID: 6638 Comm: syz-executor166 Not tainted 4.20.0-rc3+ #89 [ 67.018727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 67.028061] Call Trace: [ 67.030631] dump_stack+0x32d/0x480 [ 67.034241] ? vmx_queue_exception+0x757/0x920 [ 67.038826] kmsan_report+0x19f/0x300 [ 67.042616] __msan_warning+0x76/0xc0 [ 67.046402] vmx_queue_exception+0x757/0x920 [ 67.050932] ? vmx_set_rflags+0x5cf/0x790 [ 67.055074] ? vmx_inject_nmi+0x4d0/0x4d0 [ 67.059205] kvm_arch_vcpu_ioctl_run+0x7d81/0x12040 [ 67.064378] ? task_kmsan_context_state+0x51/0x90 [ 67.069205] ? INIT_BOOL+0xc/0x30 [ 67.072661] ? _raw_spin_lock_irqsave+0x320/0x490 [ 67.077495] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 67.082935] ? depot_save_stack+0x398/0x4b0 [ 67.087249] ? __msan_poison_alloca+0x1e0/0x270 [ 67.091907] ? kmsan_set_origin+0x7f/0x100 [ 67.096131] ? put_pid+0x71/0x410 [ 67.099567] ? kvm_vcpu_ioctl+0x1f85/0x1f90 [ 67.103873] ? put_pid+0x330/0x410 [ 67.107397] ? get_task_pid+0x19d/0x290 [ 67.111362] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 67.115417] ? do_vfs_ioctl+0x184/0x2f70 [ 67.119467] ? __se_sys_ioctl+0x1da/0x270 [ 67.123601] ? kvm_vm_release+0x90/0x90 [ 67.127581] do_vfs_ioctl+0xfbc/0x2f70 [ 67.131462] ? security_file_ioctl+0x92/0x200 [ 67.135946] __se_sys_ioctl+0x1da/0x270 [ 67.139911] __x64_sys_ioctl+0x4a/0x70 [ 67.143900] do_syscall_64+0xcf/0x110 [ 67.147689] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 67.152863] RIP: 0033:0x442a39 [ 67.156042] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 1b 0c fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 67.174928] RSP: 002b:00007ffef8ea1048 EFLAGS: 00000217 ORIG_RAX: 0000000000000010 [ 67.182616] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000442a39 [ 67.189868] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 67.197142] RBP: 00000000006cd018 R08: 00000000004002c8 R09: 00000000004002c8 [ 67.204399] R10: 0000000020014000 R11: 0000000000000217 R12: 0000000000403ae0 [ 67.211675] R13: 0000000000403b70 R14: 0000000000000000 R15: 0000000000000000 [ 67.218944] [ 67.220550] Uninit was stored to memory at: [ 67.224874] kmsan_internal_chain_origin+0x136/0x240 [ 67.229957] __msan_chain_origin+0x6d/0xb0 [ 67.234170] kvm_inject_page_fault+0xa60/0xef0 [ 67.238731] nested_vmx_get_vmptr+0x36f/0x3d0 [ 67.243208] handle_vmon+0x5ea/0xe70 [ 67.246903] vmx_handle_exit+0x21bd/0xb980 [ 67.251139] kvm_arch_vcpu_ioctl_run+0xaeee/0x12040 [ 67.256231] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 67.260276] do_vfs_ioctl+0xfbc/0x2f70 [ 67.264143] __se_sys_ioctl+0x1da/0x270 [ 67.268098] __x64_sys_ioctl+0x4a/0x70 [ 67.271966] do_syscall_64+0xcf/0x110 [ 67.275750] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 67.280918] [ 67.282530] Local variable description: ----e@nested_vmx_get_vmptr [ 67.288822] Variable was created at: [ 67.292521] nested_vmx_get_vmptr+0xa5/0x3d0 [ 67.297179] handle_vmon+0x5ea/0xe70 [ 67.300872] ================================================================== [ 67.308208] Disabling lock debugging due to kernel taint [ 67.313638] Kernel panic - not syncing: panic_on_warn set ... [ 67.319507] CPU: 0 PID: 6638 Comm: syz-executor166 Tainted: G B 4.20.0-rc3+ #89 [ 67.328239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 67.337578] Call Trace: [ 67.340169] dump_stack+0x32d/0x480 [ 67.343792] panic+0x624/0xc08 [ 67.346981] kmsan_report+0x300/0x300 [ 67.350765] __msan_warning+0x76/0xc0 [ 67.354554] vmx_queue_exception+0x757/0x920 [ 67.358979] ? vmx_set_rflags+0x5cf/0x790 [ 67.363112] ? vmx_inject_nmi+0x4d0/0x4d0 [ 67.367330] kvm_arch_vcpu_ioctl_run+0x7d81/0x12040 [ 67.372378] ? task_kmsan_context_state+0x51/0x90 [ 67.377202] ? INIT_BOOL+0xc/0x30 [ 67.380639] ? _raw_spin_lock_irqsave+0x320/0x490 [ 67.385470] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 67.390992] ? depot_save_stack+0x398/0x4b0 [ 67.395300] ? __msan_poison_alloca+0x1e0/0x270 [ 67.399971] ? kmsan_set_origin+0x7f/0x100 [ 67.404197] ? put_pid+0x71/0x410 [ 67.407635] ? kvm_vcpu_ioctl+0x1f85/0x1f90 [ 67.411941] ? put_pid+0x330/0x410 [ 67.415468] ? get_task_pid+0x19d/0x290 [ 67.419438] kvm_vcpu_ioctl+0xfb1/0x1f90 [ 67.423491] ? do_vfs_ioctl+0x184/0x2f70 [ 67.427534] ? __se_sys_ioctl+0x1da/0x270 [ 67.431678] ? kvm_vm_release+0x90/0x90 [ 67.435644] do_vfs_ioctl+0xfbc/0x2f70 [ 67.439518] ? security_file_ioctl+0x92/0x200 [ 67.444000] __se_sys_ioctl+0x1da/0x270 [ 67.447961] __x64_sys_ioctl+0x4a/0x70 [ 67.451832] do_syscall_64+0xcf/0x110 [ 67.455619] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 67.460790] RIP: 0033:0x442a39 [ 67.463964] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 1b 0c fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 67.482863] RSP: 002b:00007ffef8ea1048 EFLAGS: 00000217 ORIG_RAX: 0000000000000010 [ 67.490643] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000442a39 [ 67.497896] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 67.505148] RBP: 00000000006cd018 R08: 00000000004002c8 R09: 00000000004002c8 [ 67.512399] R10: 0000000020014000 R11: 0000000000000217 R12: 0000000000403ae0 [ 67.519658] R13: 0000000000403b70 R14: 0000000000000000 R15: 0000000000000000 [ 67.528072] Kernel Offset: disabled [ 67.531700] Rebooting in 86400 seconds..