Warning: Permanently added '10.128.0.229' (ECDSA) to the list of known hosts. executing program [ 94.245595][ T27] audit: type=1400 audit(1561252335.467:36): avc: denied { map } for pid=10070 comm="syz-executor157" path="/root/syz-executor157653955" dev="sda1" ino=1426 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 94.249535][T10070] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 94.325128][T10070] BUG: unable to handle page fault for address: ffffed12f9f1f61f [ 94.332876][T10070] #PF: supervisor read access in kernel mode [ 94.338910][T10070] #PF: error_code(0x0000) - not-present page [ 94.345585][T10070] PGD 21fff0067 P4D 21fff0067 PUD 0 [ 94.350929][T10070] Oops: 0000 [#1] PREEMPT SMP KASAN [ 94.356216][T10070] CPU: 1 PID: 10070 Comm: syz-executor157 Not tainted 5.2.0-rc5+ #31 [ 94.364606][T10070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 94.374736][T10070] RIP: 0010:coalesced_mmio_write+0x28a/0x4d0 [ 94.380712][T10070] Code: 38 d0 7c 08 84 d2 0f 85 55 02 00 00 41 8b 47 04 48 8d 14 40 49 8d 7c d7 08 48 ba 00 00 00 00 00 fc ff df 48 89 fe 48 c1 ee 03 <80> 3c 16 00 0f 85 1b 02 00 00 48 8d 14 40 48 be 00 00 00 00 00 fc [ 94.400782][T10070] RSP: 0018:ffff888086a97170 EFLAGS: 00010a02 [ 94.406915][T10070] RAX: 00000000f7d5760a RBX: 0000000000000000 RCX: ffffffff81080faa [ 94.415137][T10070] RDX: dffffc0000000000 RSI: 1ffff112f9f1f61f RDI: ffff8897cf8fb0f8 [ 94.423275][T10070] RBP: ffff888086a971c0 R08: ffff8880916aa240 R09: 0000000000000000 [ 94.432028][T10070] R10: ffffed1010d52e1b R11: 0000000000000003 R12: 0000000000000001 [ 94.440032][T10070] R13: ffff888097882290 R14: 0000000000000001 R15: ffff8880938ca000 [ 94.448237][T10070] FS: 0000555556702940(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 94.457445][T10070] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 94.464085][T10070] CR2: ffffed12f9f1f61f CR3: 000000009593d000 CR4: 00000000001426e0 [ 94.472045][T10070] Call Trace: [ 94.475481][T10070] ? coalesced_mmio_destructor+0x170/0x170 [ 94.482103][T10070] __kvm_io_bus_write+0x29b/0x380 [ 94.487120][T10070] kvm_io_bus_write+0x15c/0x290 [ 94.492079][T10070] ? __bpf_trace_kvm_async_get_page_class+0x30/0x30 [ 94.498759][T10070] write_mmio+0x175/0x4e0 [ 94.503220][T10070] emulator_read_write_onepage+0x429/0xd50 [ 94.509047][T10070] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 94.515434][T10070] emulator_read_write+0x1b7/0x5a0 [ 94.520714][T10070] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 94.526957][T10070] emulator_write_emulated+0x3c/0x50 [ 94.532342][T10070] segmented_write+0xf0/0x150 [ 94.537012][T10070] ? em_fxsave+0x50/0x50 [ 94.541394][T10070] ? memcpy+0x46/0x50 [ 94.545466][T10070] writeback+0x3f4/0x6a0 [ 94.550360][T10070] ? __emulate_int_real+0x6c0/0x6c0 [ 94.555547][T10070] ? emulator_read_gpr+0x80/0xc0 [ 94.560476][T10070] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 94.566831][T10070] ? fastop+0x18d/0x2b0 [ 94.571431][T10070] ? em_salc+0x8/0x8 [ 94.576026][T10070] x86_emulate_insn+0x1de1/0x48f0 [ 94.581171][T10070] ? init_decode_cache+0xc0/0xc0 [ 94.586107][T10070] x86_emulate_instruction+0xca3/0x1c50 [ 94.591643][T10070] ? ept_page_fault+0x1560/0x1560 [ 94.596669][T10070] ? write_emulate+0x40/0x40 [ 94.601251][T10070] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 94.607963][T10070] ? mmio_info_in_cache+0x143/0x560 [ 94.613480][T10070] kvm_mmu_page_fault+0x370/0x1870 [ 94.619108][T10070] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 94.625354][T10070] ? kvm_mmu_remote_flush_or_zap+0x9e/0xf0 [ 94.631410][T10070] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 94.637738][T10070] ? kvm_mmu_flush_or_zap+0x79/0xa0 [ 94.643187][T10070] ? __kvm_mmu_zap_all+0x350/0x350 [ 94.649056][T10070] ? mark_held_locks+0xf0/0xf0 [ 94.653823][T10070] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 94.660242][T10070] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 94.666127][T10070] handle_ept_violation+0x1c8/0x500 [ 94.671327][T10070] ? add_atomic_switch_msr.constprop.0+0xd70/0xd70 [ 94.678494][T10070] vmx_handle_exit+0x280/0x1540 [ 94.684897][T10070] vcpu_enter_guest+0x1174/0x5f40 [ 94.703913][T10070] ? emulator_read_emulated+0x50/0x50 [ 94.709387][T10070] ? lock_acquire+0x16f/0x3f0 [ 94.714262][T10070] ? kvm_check_async_pf_completion+0x2d8/0x440 [ 94.720775][T10070] kvm_arch_vcpu_ioctl_run+0x423/0x1740 [ 94.726319][T10070] ? kvm_arch_vcpu_ioctl_run+0x423/0x1740 [ 94.732300][T10070] kvm_vcpu_ioctl+0x4dc/0xf90 [ 94.736970][T10070] ? kvm_set_memory_region+0x50/0x50 [ 94.742378][T10070] ? tomoyo_path_number_perm+0x263/0x520 [ 94.747992][T10070] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 94.754048][T10070] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 94.759872][T10070] ? __set_current_blocked+0xe4/0x120 [ 94.765237][T10070] ? kvm_set_memory_region+0x50/0x50 [ 94.770783][T10070] do_vfs_ioctl+0xd5f/0x1380 [ 94.775456][T10070] ? ioctl_preallocate+0x210/0x210 [ 94.780591][T10070] ? selinux_file_mprotect+0x620/0x620 [ 94.786179][T10070] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 94.792436][T10070] ? __sys_sendmsg+0x10b/0x1d0 [ 94.797214][T10070] ? __ia32_sys_shutdown+0x80/0x80 [ 94.802318][T10070] ? kasan_check_read+0x11/0x20 [ 94.807159][T10070] ? tomoyo_file_ioctl+0x23/0x30 [ 94.812293][T10070] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 94.818798][T10070] ? security_file_ioctl+0x8d/0xc0 [ 94.824392][T10070] ksys_ioctl+0xab/0xd0 [ 94.828631][T10070] __x64_sys_ioctl+0x73/0xb0 [ 94.833211][T10070] do_syscall_64+0xfd/0x680 [ 94.838180][T10070] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 94.844093][T10070] RIP: 0033:0x4444e9 [ 94.847969][T10070] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 1b 0c fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 94.867714][T10070] RSP: 002b:00007ffc4ab39bd8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 94.876352][T10070] RAX: ffffffffffffffda RBX: 00007ffc4ab39be0 RCX: 00000000004444e9 [ 94.884476][T10070] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 94.892525][T10070] RBP: 0000000000000000 R08: 0000000000402240 R09: 0000000000402240 [ 94.900622][T10070] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000405590 [ 94.908593][T10070] R13: 0000000000405620 R14: 0000000000000000 R15: 0000000000000000 [ 94.916560][T10070] Modules linked in: [ 94.920478][T10070] CR2: ffffed12f9f1f61f [ 94.924797][T10070] ---[ end trace 22c8cb54d1054189 ]--- [ 94.930251][T10070] RIP: 0010:coalesced_mmio_write+0x28a/0x4d0 [ 94.936480][T10070] Code: 38 d0 7c 08 84 d2 0f 85 55 02 00 00 41 8b 47 04 48 8d 14 40 49 8d 7c d7 08 48 ba 00 00 00 00 00 fc ff df 48 89 fe 48 c1 ee 03 <80> 3c 16 00 0f 85 1b 02 00 00 48 8d 14 40 48 be 00 00 00 00 00 fc [ 94.956294][T10070] RSP: 0018:ffff888086a97170 EFLAGS: 00010a02 [ 94.962348][T10070] RAX: 00000000f7d5760a RBX: 0000000000000000 RCX: ffffffff81080faa [ 94.970305][T10070] RDX: dffffc0000000000 RSI: 1ffff112f9f1f61f RDI: ffff8897cf8fb0f8 [ 94.978254][T10070] RBP: ffff888086a971c0 R08: ffff8880916aa240 R09: 0000000000000000 [ 94.986209][T10070] R10: ffffed1010d52e1b R11: 0000000000000003 R12: 0000000000000001 [ 94.994204][T10070] R13: ffff888097882290 R14: 0000000000000001 R15: ffff8880938ca000 [ 95.002162][T10070] FS: 0000555556702940(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 95.011176][T10070] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 95.017954][T10070] CR2: ffffed12f9f1f61f CR3: 000000009593d000 CR4: 00000000001426e0 [ 95.026007][T10070] Kernel panic - not syncing: Fatal exception [ 95.033285][T10070] Kernel Offset: disabled [ 95.037616][T10070] Rebooting in 86400 seconds..