Warning: Permanently added '10.128.0.106' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 81.416878][ T25] audit: type=1400 audit(1575328893.042:42): avc: denied { map } for pid=9767 comm="syz-executor490" path="/root/syz-executor490529523" dev="sda1" ino=16484 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 81.420353][ T9767] ================================================================== [ 81.452969][ T9767] BUG: KASAN: vmalloc-out-of-bounds in kvm_dev_ioctl_get_cpuid+0xad7/0xb0b [ 81.461544][ T9767] Write of size 4 at addr ffffc90000d36050 by task syz-executor490/9767 [ 81.470187][ T9767] [ 81.472512][ T9767] CPU: 1 PID: 9767 Comm: syz-executor490 Not tainted 5.4.0-syzkaller #0 [ 81.480832][ T9767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 81.490873][ T9767] Call Trace: [ 81.494168][ T9767] dump_stack+0x197/0x210 [ 81.498481][ T9767] ? kvm_dev_ioctl_get_cpuid+0xad7/0xb0b [ 81.504107][ T9767] print_address_description.constprop.0.cold+0x5/0x30b [ 81.511035][ T9767] ? kvm_dev_ioctl_get_cpuid+0xad7/0xb0b [ 81.516670][ T9767] ? kvm_dev_ioctl_get_cpuid+0xad7/0xb0b [ 81.522722][ T9767] __kasan_report.cold+0x1b/0x41 [ 81.527688][ T9767] ? kvm_dev_ioctl_get_cpuid+0xe1/0xb0b [ 81.533240][ T9767] ? kvm_dev_ioctl_get_cpuid+0xad7/0xb0b [ 81.538884][ T9767] kasan_report+0x12/0x20 [ 81.543229][ T9767] __asan_report_store4_noabort+0x17/0x20 [ 81.548939][ T9767] kvm_dev_ioctl_get_cpuid+0xad7/0xb0b [ 81.554386][ T9767] ? kvm_vcpu_ioctl_get_cpuid2+0x160/0x160 [ 81.560174][ T9767] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 81.566408][ T9767] ? _copy_from_user+0x12c/0x1a0 [ 81.571340][ T9767] kvm_arch_dev_ioctl+0x300/0x4b0 [ 81.576345][ T9767] ? kvm_vm_ioctl_check_extension+0x3d0/0x3d0 [ 81.582401][ T9767] ? tomoyo_path_number_perm+0x454/0x520 [ 81.588022][ T9767] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 81.594252][ T9767] ? tomoyo_path_number_perm+0x25e/0x520 [ 81.599877][ T9767] kvm_dev_ioctl+0x127/0x17d0 [ 81.604539][ T9767] ? kvm_put_kvm+0xcc0/0xcc0 [ 81.609126][ T9767] ? ___might_sleep+0x163/0x2c0 [ 81.613964][ T9767] ? kvm_put_kvm+0xcc0/0xcc0 [ 81.618535][ T9767] do_vfs_ioctl+0xdb6/0x13e0 [ 81.623109][ T9767] ? compat_ioctl_preallocate+0x210/0x210 [ 81.628817][ T9767] ? selinux_file_mprotect+0x620/0x620 [ 81.634275][ T9767] ? perf_trace_initcall_level+0x370/0x420 [ 81.640073][ T9767] ? do_sys_open+0x31d/0x5d0 [ 81.644672][ T9767] ? tomoyo_file_ioctl+0x23/0x30 [ 81.649620][ T9767] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 81.655970][ T9767] ? security_file_ioctl+0x8d/0xc0 [ 81.661109][ T9767] ksys_ioctl+0xab/0xd0 [ 81.665283][ T9767] __x64_sys_ioctl+0x73/0xb0 [ 81.669948][ T9767] do_syscall_64+0xfa/0x790 [ 81.674438][ T9767] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 81.680324][ T9767] RIP: 0033:0x440159 [ 81.684203][ T9767] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 81.704422][ T9767] RSP: 002b:00007ffd106332c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 81.712823][ T9767] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440159 [ 81.720891][ T9767] RDX: 0000000020000080 RSI: 00000000c008ae09 RDI: 0000000000000003 [ 81.729055][ T9767] RBP: 00000000006ca018 R08: 0000000000000000 R09: 00000000004002c8 [ 81.737275][ T9767] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004019e0 [ 81.745262][ T9767] R13: 0000000000401a70 R14: 0000000000000000 R15: 0000000000000000 [ 81.753377][ T9767] [ 81.755704][ T9767] [ 81.758020][ T9767] Memory state around the buggy address: [ 81.764964][ T9767] ffffc90000d35f00: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 [ 81.774048][ T9767] ffffc90000d35f80: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 [ 81.782714][ T9767] >ffffc90000d36000: 00 00 00 00 00 00 00 00 00 00 f9 f9 f9 f9 f9 f9 [ 81.792344][ T9767] ^ [ 81.799782][ T9767] ffffc90000d36080: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 [ 81.807828][ T9767] ffffc90000d36100: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 [ 81.815879][ T9767] ================================================================== [ 81.823920][ T9767] Disabling lock debugging due to kernel taint [ 81.830950][ T9767] Kernel panic - not syncing: panic_on_warn set ... [ 81.837665][ T9767] CPU: 1 PID: 9767 Comm: syz-executor490 Tainted: G B 5.4.0-syzkaller #0 [ 81.847397][ T9767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 81.860827][ T9767] Call Trace: [ 81.864104][ T9767] dump_stack+0x197/0x210 [ 81.868431][ T9767] panic+0x2e3/0x75c [ 81.872496][ T9767] ? add_taint.cold+0x16/0x16 [ 81.877270][ T9767] ? kvm_dev_ioctl_get_cpuid+0xad7/0xb0b [ 81.883184][ T9767] ? preempt_schedule+0x4b/0x60 [ 81.889403][ T9767] ? ___preempt_schedule+0x16/0x18 [ 81.895385][ T9767] ? trace_hardirqs_on+0x5e/0x240 [ 81.901808][ T9767] ? kvm_dev_ioctl_get_cpuid+0xad7/0xb0b [ 81.914594][ T9767] end_report+0x47/0x4f [ 81.918940][ T9767] ? kvm_dev_ioctl_get_cpuid+0xad7/0xb0b [ 81.924575][ T9767] __kasan_report.cold+0xe/0x41 [ 81.930368][ T9767] ? kvm_dev_ioctl_get_cpuid+0xe1/0xb0b [ 81.936819][ T9767] ? kvm_dev_ioctl_get_cpuid+0xad7/0xb0b [ 81.943323][ T9767] kasan_report+0x12/0x20 [ 81.949475][ T9767] __asan_report_store4_noabort+0x17/0x20 [ 81.955796][ T9767] kvm_dev_ioctl_get_cpuid+0xad7/0xb0b [ 81.961964][ T9767] ? kvm_vcpu_ioctl_get_cpuid2+0x160/0x160 [ 81.968967][ T9767] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 81.975621][ T9767] ? _copy_from_user+0x12c/0x1a0 [ 81.980799][ T9767] kvm_arch_dev_ioctl+0x300/0x4b0 [ 81.986323][ T9767] ? kvm_vm_ioctl_check_extension+0x3d0/0x3d0 [ 81.992479][ T9767] ? tomoyo_path_number_perm+0x454/0x520 [ 81.998560][ T9767] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 82.004780][ T9767] ? tomoyo_path_number_perm+0x25e/0x520 [ 82.010610][ T9767] kvm_dev_ioctl+0x127/0x17d0 [ 82.015740][ T9767] ? kvm_put_kvm+0xcc0/0xcc0 [ 82.021617][ T9767] ? ___might_sleep+0x163/0x2c0 [ 82.028415][ T9767] ? kvm_put_kvm+0xcc0/0xcc0 [ 82.032990][ T9767] do_vfs_ioctl+0xdb6/0x13e0 [ 82.037740][ T9767] ? compat_ioctl_preallocate+0x210/0x210 [ 82.049092][ T9767] ? selinux_file_mprotect+0x620/0x620 [ 82.055352][ T9767] ? perf_trace_initcall_level+0x370/0x420 [ 82.062208][ T9767] ? do_sys_open+0x31d/0x5d0 [ 82.068953][ T9767] ? tomoyo_file_ioctl+0x23/0x30 [ 82.075572][ T9767] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 82.081991][ T9767] ? security_file_ioctl+0x8d/0xc0 [ 82.087258][ T9767] ksys_ioctl+0xab/0xd0 [ 82.091415][ T9767] __x64_sys_ioctl+0x73/0xb0 [ 82.096233][ T9767] do_syscall_64+0xfa/0x790 [ 82.100850][ T9767] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 82.106732][ T9767] RIP: 0033:0x440159 [ 82.111058][ T9767] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 82.131093][ T9767] RSP: 002b:00007ffd106332c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 82.140166][ T9767] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440159 [ 82.149025][ T9767] RDX: 0000000020000080 RSI: 00000000c008ae09 RDI: 0000000000000003 [ 82.157984][ T9767] RBP: 00000000006ca018 R08: 0000000000000000 R09: 00000000004002c8 [ 82.167014][ T9767] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004019e0 [ 82.175424][ T9767] R13: 0000000000401a70 R14: 0000000000000000 R15: 0000000000000000 [ 82.185171][ T9767] Kernel Offset: disabled [ 82.190096][ T9767] Rebooting in 86400 seconds..