[ 12.206545] rsyslogd (2978) used greatest stack depth: 14504 bytes left [?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 35.101677] audit: type=1400 audit(1512907072.657:6): avc: denied { map } for pid=3137 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Warning: Permanently added 'ci-upstream-mmots-kasan-gce-3,10.128.0.4' (ECDSA) to the list of known hosts. [ 41.122089] audit: type=1400 audit(1512907078.677:7): avc: denied { map } for pid=3149 comm="syz-execprog" path="/root/syz-execprog" dev="sda1" ino=16479 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 2017/12/10 11:57:59 parsed 1 programs 2017/12/10 11:57:59 executed programs: 0 [ 41.585684] audit: type=1400 audit(1512907079.139:8): avc: denied { map } for pid=3149 comm="syz-execprog" path="/root/syzkaller-shm788615675" dev="sda1" ino=16482 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1 [ 41.660499] kvm: KVM_SET_TSS_ADDR need to be called before entering vcpu [ 41.692186] *** Guest State *** [ 41.692193] CR0: actual=0x0000000080000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 41.692198] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 41.692201] CR3 = 0x00000000fffbc000 [ 41.692205] RSP = 0x0000000000000f80 RIP = 0x0000000000000000 [ 41.692210] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 41.692216] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 41.692221] CS: sel=0x0030, attr=0x0409b, limit=0x000fffff, base=0x0000000000000000 [ 41.692228] DS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 41.692235] SS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 41.692244] ES: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 41.692251] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 41.692258] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 41.692264] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 41.692271] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 41.692276] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 41.692284] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 41.692289] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 41.692294] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 41.692298] Interruptibility = 00000000 ActivityState = 00000000 [ 41.692301] *** Host State *** [ 41.692306] RIP = 0xffffffff811bdb34 RSP = 0xffff8801c6de7508 [ 41.692315] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 41.692320] FSBase=00007f376fd22700 GSBase=ffff8801db200000 TRBase=fffffffffe3c0000 [ 41.692325] GDTBase=fffffffffe3be000 IDTBase=ffffffffff3fe000 [ 41.692331] CR0=0000000080050033 CR3=00000001c55ac000 CR4=00000000001426f0 [ 41.692337] Sysenter RSP=fffffffffe3bf200 CS:RIP=0010:ffffffff85201b00 [ 41.692342] EFER = 0x0000000000000d01 PAT = 0x0000000000000000 [ 41.692345] *** Control State *** [ 41.692348] PinBased=0000003f CPUBased=b699edfe SecondaryExec=0000004a [ 41.692352] EntryControls=0000d1ff ExitControls=0023efff [ 41.692357] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 41.692361] VMEntry: intr_info=80000001 errcode=00000000 ilen=00000000 [ 41.692364] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 41.692368] reason=80000021 qualification=0000000000000000 [ 41.692371] IDTVectoring: info=00000000 errcode=00000000 [ 41.692374] TSC Offset = 0xffffffe8134a50af [ 41.692384] EPT pointer = 0x00000001c414f01e [ 41.820572] *** Guest State *** [ 41.820579] CR0: actual=0x0000000080000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 41.820584] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 41.820587] CR3 = 0x00000000fffbc000 [ 41.820591] RSP = 0x0000000000000f80 RIP = 0x0000000000000000 [ 41.820595] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 41.820602] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 41.820607] CS: sel=0x0030, attr=0x0409b, limit=0x000fffff, base=0x0000000000000000 [ 41.820614] DS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 41.820621] SS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 41.820628] ES: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 41.820635] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 41.820642] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 41.820647] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 41.820654] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 41.820660] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 41.820667] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 41.820672] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 41.820677] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 41.820681] Interruptibility = 00000000 ActivityState = 00000000 [ 41.820684] *** Host State *** [ 41.820689] RIP = 0xffffffff811bdb34 RSP = 0xffff8801c20c7508 [ 41.820697] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 41.820704] FSBase=00007f376fd22700 GSBase=ffff8801db300000 TRBase=fffffffffe401000 [ 41.820709] GDTBase=fffffffffe3ff000 IDTBase=ffffffffff3fe000 [ 41.820715] CR0=0000000080050033 CR3=00000001c55ac000 CR4=00000000001426e0 [ 41.820721] Sysenter RSP=fffffffffe400200 CS:RIP=0010:ffffffff85201b00 [ 41.820727] EFER = 0x0000000000000d01 PAT = 0x0000000000000000 [ 41.820729] *** Control State *** [ 41.820733] PinBased=0000003f CPUBased=b699edfe SecondaryExec=0000004a [ 41.820736] EntryControls=0000d1ff ExitControls=0023efff [ 41.820742] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 41.820745] VMEntry: intr_info=80000001 errcode=00000000 ilen=00000000 [ 41.820749] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 41.820753] reason=80000021 qualification=0000000000000000 [ 41.820756] IDTVectoring: info=00000000 errcode=00000000 [ 41.820759] TSC Offset = 0xffffffe802d61765 [ 41.820763] EPT pointer = 0x00000001c1d7c01e [ 42.524395] *** Guest State *** [ 42.536725] *** Guest State *** [ 42.536732] CR0: actual=0x0000000080000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 [ 42.536738] CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 [ 42.536741] CR3 = 0x00000000fffbc000 [ 42.536744] RSP = 0x0000000000000f80 RIP = 0x0000000000000000 [ 42.536749] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 42.536756] Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 [ 42.536761] CS: sel=0x0030, attr=0x0409b, limit=0x000fffff, base=0x0000000000000000 [ 42.536768] DS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 42.536775] SS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 42.536782] ES: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 42.536790] FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 42.536797] GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 [ 42.536802] GDTR: limit=0x000007ff, base=0x0000000000001000 [ 42.536809] LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 [ 42.536814] IDTR: limit=0x000001ff, base=0x0000000000003800 [ 42.536822] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [ 42.536826] EFER = 0x0000000000000001 PAT = 0x0007040600070406 [ 42.536831] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 42.536836] Interruptibility = 00000000 ActivityState = 00000000 [ 42.536838] *** Host State *** [ 42.536843] RIP = 0xffffffff811bdb34 RSP = 0xffff8801d851f508 [ 42.536853] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 42.536858] FSBase=00007f376fd00700 GSBase=ffff8801db300000 TRBase=fffffffffe401000 [ 42.536863] GDTBase=fffffffffe3ff000 IDTBase=ffffffffff3fe000 [ 42.536869] CR0=0000000080050033 CR3=00000001c41e4000 CR4=00000000001426e0 [ 42.536875] Sysenter RSP=fffffffffe400200 CS:RIP=0010:ffffffff85201b00 [ 42.536880] EFER = 0x0000000000000d01 PAT = 0x0000000000000000 [ 42.536883] *** Control State *** [ 42.536887] PinBased=0000003f CPUBased=b699edfe SecondaryExec=0000004a [ 42.536890] EntryControls=0000d1ff ExitControls=0023efff [ 42.536896] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 42.536899] VMEntry: intr_info=80000001 errcode=00000000 ilen=00000000 [ 42.536903] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 42.536906] reason=80000021 qualification=0000000000000000 [ 42.536910] IDTVectoring: info=00000000 errcode=00000000 [ 42.536913] TSC Offset = 0xffffffe7a2a381cd [ 42.536917] EPT pointer = 0x00000001d8aba01e [ 42.615369] WARNING: CPU: 1 PID: 3254 at arch/x86/kvm/x86.c:7295 kvm_arch_vcpu_ioctl_run+0x1d4/0x5be0 [ 42.615374] Kernel panic - not syncing: panic_on_warn set ... [ 42.615374] [ 42.615381] CPU: 1 PID: 3254 Comm: syz-executor7 Not tainted 4.15.0-rc2-mm1+ #39 [ 42.615385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 42.615388] Call Trace: [ 42.615397] dump_stack+0x194/0x257 [ 42.615408] ? arch_local_irq_restore+0x53/0x53 [ 42.615422] ? vsnprintf+0x1ed/0x1900 [ 42.615434] panic+0x1e4/0x41c [ 42.615440] ? refcount_error_report+0x214/0x214 [ 42.615447] ? show_regs_print_info+0x18/0x18 [ 42.615461] ? __warn+0x1c1/0x200 [ 42.615471] ? kvm_arch_vcpu_ioctl_run+0x1d4/0x5be0 [ 42.615476] __warn+0x1dc/0x200 [ 42.615483] ? kvm_arch_vcpu_ioctl_run+0x1d4/0x5be0 [ 42.615492] report_bug+0x211/0x2d0 [ 42.615505] fixup_bug.part.11+0x37/0x80 [ 42.615512] do_error_trap+0x2d7/0x3e0 [ 42.615520] ? lock_acquire+0x1d5/0x580 [ 42.615528] ? math_error+0x400/0x400 [ 42.615536] ? __lock_is_held+0xbc/0x140 [ 42.615553] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 42.615565] do_invalid_op+0x1b/0x20 [ 42.615573] invalid_op+0x22/0x40 [ 42.615579] RIP: 0010:kvm_arch_vcpu_ioctl_run+0x1d4/0x5be0 [ 42.615583] RSP: 0018:ffff8801d84f76b0 EFLAGS: 00010293 [ 42.615589] RAX: ffff8801d804a1c0 RBX: ffff8801bf508000 RCX: ffffffff810dee44 [ 42.615593] RDX: 0000000000000000 RSI: ffffffff863449c0 RDI: ffff8801bd0e8ab8 [ 42.615597] RBP: ffff8801d84f7a40 R08: 1ffff10037a1dbeb R09: 0000000000000001 [ 42.615601] R10: ffff8801d84f7a58 R11: ffffed003b09ee22 R12: 0000000000000000 [ 42.615604] R13: ffff8801d804a1c0 R14: ffff8801c2c84080 R15: ffff8801bd0e8880 [ 42.615618] ? kvm_arch_vcpu_ioctl_run+0x1d4/0x5be0 [ 42.615636] ? futex_wait_setup+0x22e/0x3d0 [ 42.615650] ? futex_wake+0x680/0x680 [ 42.615656] ? lock_downgrade+0x980/0x980 [ 42.615665] ? kvm_arch_vcpu_runnable+0x560/0x560 [ 42.615677] ? handle_invept+0x5f0/0x5f0 [ 42.615698] ? debug_check_no_locks_freed+0x3d0/0x3d0 [ 42.615705] ? lock_downgrade+0x980/0x980 [ 42.615714] ? lock_acquire+0x1d5/0x580 [ 42.615721] ? finish_task_switch+0x1aa/0x740 [ 42.615728] ? find_held_lock+0x39/0x1d0 [ 42.615739] ? kvm_arch_vcpu_load+0x1c1/0x890 [ 42.615746] ? kvm_arch_vcpu_load+0x4b1/0x890 [ 42.615755] ? kvm_arch_dev_ioctl+0x3b0/0x3b0 [ 42.615762] ? preempt_notifier_dec+0x20/0x20 [ 42.615770] ? trace_hardirqs_on+0xd/0x10 [ 42.615787] kvm_vcpu_ioctl+0x64c/0x1010 [ 42.615792] ? kvm_vcpu_ioctl+0x64c/0x1010 [ 42.615801] ? __kvm_gfn_to_hva_cache_init+0xbb0/0xbb0 [ 42.615809] ? find_held_lock+0x39/0x1d0 [ 42.615826] ? lock_downgrade+0x980/0x980 [ 42.615835] ? __fget+0xbb/0x580 [ 42.615844] ? avc_ss_reset+0x110/0x110 [ 42.615854] ? lock_release+0xda0/0xda0 [ 42.615863] ? __lock_is_held+0xbc/0x140 [ 42.615881] ? __fget+0x362/0x580 [ 42.615896] ? iterate_fd+0x3f0/0x3f0 [ 42.615916] ? __kvm_gfn_to_hva_cache_init+0xbb0/0xbb0 [ 42.615923] do_vfs_ioctl+0x1b1/0x1530 [ 42.615935] ? ioctl_preallocate+0x2b0/0x2b0 [ 42.615944] ? selinux_capable+0x40/0x40 [ 42.615956] ? SyS_futex+0x269/0x390 [ 42.615973] ? security_file_ioctl+0x89/0xb0 [ 42.615984] SyS_ioctl+0x8f/0xc0 [ 42.615995] entry_SYSCALL_64_fastpath+0x1f/0x96 [ 42.616000] RIP: 0033:0x452a39 [ 42.616003] RSP: 002b:00007f9de6f65c58 EFLAGS: 00000212 ORIG_RAX: 0000000000000010 [ 42.616010] RAX: ffffffffffffffda RBX: 00000000007580d8 RCX: 0000000000452a39 [ 42.616014] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000004 [ 42.616017] RBP: 0000000000000212 R08: 0000000000000000 R09: 0000000000000000 [ 42.616021] R10: 0000000000000000 R11: 0000000000000212 R12: 00000000006f1250 [ 42.616025] R13: 00000000ffffffff R14: 00007f9de6f666d4 R15: 0000000000000008 [ 42.616211] Dumping ftrace buffer: [ 42.616247] (ftrace buffer empty) [ 42.616252] Kernel Offset: disabled [ 43.206284] Rebooting in 86400 seconds..