[ 63.446895][ T26] audit: type=1800 audit(1573630974.866:33): pid=9206 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 68.443833][ T26] kauditd_printk_skb: 7 callbacks suppressed [ 68.443846][ T26] audit: type=1400 audit(1573630979.866:41): avc: denied { map } for pid=9386 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Warning: Permanently added '10.128.1.44' (ECDSA) to the list of known hosts. executing program [ 88.596832][ T26] audit: type=1400 audit(1573631000.016:42): avc: denied { map } for pid=9398 comm="syz-executor266" path="/root/syz-executor266153114" dev="sda1" ino=1426 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 88.603654][ T9398] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 88.624010][ T26] audit: type=1400 audit(1573631000.026:43): avc: denied { map } for pid=9398 comm="syz-executor266" path="/dev/bus/usb/007/001" dev="devtmpfs" ino=17343 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:usb_device_t:s0 tclass=chr_file permissive=1 [ 88.684011][ T9398] ------------[ cut here ]------------ [ 88.689556][ T9398] kernel BUG at arch/x86/kvm/mmu.c:3324! [ 88.695360][ T9398] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 88.701467][ T9398] CPU: 1 PID: 9398 Comm: syz-executor266 Not tainted 5.4.0-rc7+ #0 [ 88.709340][ T9398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 88.719397][ T9398] RIP: 0010:transparent_hugepage_adjust+0x490/0x530 [ 88.725967][ T9398] Code: 63 00 48 8b 45 b8 48 83 e8 01 e9 19 fd ff ff e8 e6 3e 63 00 48 8b 45 b8 48 83 e8 01 48 89 45 c8 e9 a1 fd ff ff e8 d0 3e 63 00 <0f> 0b 48 89 df e8 36 a1 9e 00 e9 9f fb ff ff 4c 89 ff e8 29 a1 9e [ 88.745551][ T9398] RSP: 0018:ffff8880942f7690 EFLAGS: 00010293 [ 88.752113][ T9398] RAX: ffff888093148500 RBX: ffff8880942f7778 RCX: ffffffff810fe787 [ 88.760059][ T9398] RDX: 0000000000000000 RSI: ffffffff810fe8c0 RDI: 0000000000000007 [ 88.768006][ T9398] RBP: ffff8880942f76d8 R08: ffff888093148500 R09: ffffed1014809682 [ 88.775951][ T9398] R10: ffffed1014809681 R11: ffff8880a404b40b R12: ffff8880942f7768 [ 88.783909][ T9398] R13: 00000000000001a3 R14: 000000000008aba1 R15: 0000000000000000 [ 88.791870][ T9398] FS: 000000000202d880(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 88.800783][ T9398] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 88.807344][ T9398] CR2: 0000000000000000 CR3: 00000000a9270000 CR4: 00000000001426e0 [ 88.815294][ T9398] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 88.823243][ T9398] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 88.831187][ T9398] Call Trace: [ 88.834458][ T9398] tdp_page_fault+0x56e/0x650 [ 88.839112][ T9398] ? nonpaging_page_fault+0x5c0/0x5c0 [ 88.844458][ T9398] ? __check_heap_object+0x61/0xb3 [ 88.849544][ T9398] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 88.855760][ T9398] ? vmx_vcpu_load_vmcs+0x5d6/0xae0 [ 88.860934][ T9398] ? is_bpf_text_address+0xd3/0x170 [ 88.866106][ T9398] kvm_mmu_page_fault+0x1dd/0x1800 [ 88.871192][ T9398] ? __kasan_check_read+0x11/0x20 [ 88.876190][ T9398] ? mark_lock+0xc2/0x1220 [ 88.880585][ T9398] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 88.886802][ T9398] ? kvm_mmu_invalidate_zap_pages_in_memslot+0x20/0x20 [ 88.893629][ T9398] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 88.899771][ T9398] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 88.905305][ T9398] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 88.911263][ T9398] handle_ept_violation+0x259/0x560 [ 88.916438][ T9398] ? vmx_inject_irq+0x5c0/0x5c0 [ 88.921263][ T9398] vmx_handle_exit+0x29f/0x1730 [ 88.926089][ T9398] kvm_arch_vcpu_ioctl_run+0x1cb8/0x70d0 [ 88.931696][ T9398] ? kvm_vcpu_ioctl+0x181/0xfc0 [ 88.936520][ T9398] ? lock_downgrade+0x920/0x920 [ 88.941347][ T9398] ? kvm_arch_vcpu_runnable+0x6e0/0x6e0 [ 88.946955][ T9398] ? lock_downgrade+0x920/0x920 [ 88.951782][ T9398] kvm_vcpu_ioctl+0x4dc/0xfc0 [ 88.956432][ T9398] ? kvm_vcpu_ioctl+0x4dc/0xfc0 [ 88.961258][ T9398] ? vcpu_stat_get_per_vm_open+0x40/0x40 [ 88.966863][ T9398] ? tomoyo_path_number_perm+0x263/0x520 [ 88.972469][ T9398] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 88.978253][ T9398] ? vcpu_stat_get_per_vm_open+0x40/0x40 [ 88.983858][ T9398] do_vfs_ioctl+0xdb6/0x13e0 [ 88.988426][ T9398] ? ioctl_preallocate+0x210/0x210 [ 88.993524][ T9398] ? selinux_file_mprotect+0x620/0x620 [ 88.998959][ T9398] ? __kasan_check_write+0x14/0x20 [ 89.004047][ T9398] ? tomoyo_file_ioctl+0x23/0x30 [ 89.008962][ T9398] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 89.015175][ T9398] ? security_file_ioctl+0x8d/0xc0 [ 89.020259][ T9398] ksys_ioctl+0xab/0xd0 [ 89.024390][ T9398] __x64_sys_ioctl+0x73/0xb0 [ 89.028954][ T9398] do_syscall_64+0xfa/0x760 [ 89.033436][ T9398] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 89.039301][ T9398] RIP: 0033:0x443f49 [ 89.043189][ T9398] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b d8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 89.062768][ T9398] RSP: 002b:00007ffd76f8f418 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 89.071153][ T9398] RAX: ffffffffffffffda RBX: 00000000004002e0 RCX: 0000000000443f49 [ 89.079097][ T9398] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006 [ 89.087060][ T9398] RBP: 00000000006ce018 R08: 00000000004002e0 R09: 00000000004002e0 [ 89.095008][ T9398] R10: 00000000004002e0 R11: 0000000000000246 R12: 0000000000401c50 [ 89.102951][ T9398] R13: 0000000000401ce0 R14: 0000000000000000 R15: 0000000000000000 [ 89.110902][ T9398] Modules linked in: [ 89.114873][ T9398] ---[ end trace a620bbd2bf29c775 ]--- [ 89.120344][ T9398] RIP: 0010:transparent_hugepage_adjust+0x490/0x530 [ 89.126957][ T9398] Code: 63 00 48 8b 45 b8 48 83 e8 01 e9 19 fd ff ff e8 e6 3e 63 00 48 8b 45 b8 48 83 e8 01 48 89 45 c8 e9 a1 fd ff ff e8 d0 3e 63 00 <0f> 0b 48 89 df e8 36 a1 9e 00 e9 9f fb ff ff 4c 89 ff e8 29 a1 9e [ 89.146671][ T9398] RSP: 0018:ffff8880942f7690 EFLAGS: 00010293 [ 89.152744][ T9398] RAX: ffff888093148500 RBX: ffff8880942f7778 RCX: ffffffff810fe787 [ 89.160705][ T9398] RDX: 0000000000000000 RSI: ffffffff810fe8c0 RDI: 0000000000000007 [ 89.168698][ T9398] RBP: ffff8880942f76d8 R08: ffff888093148500 R09: ffffed1014809682 [ 89.176669][ T9398] R10: ffffed1014809681 R11: ffff8880a404b40b R12: ffff8880942f7768 [ 89.184687][ T9398] R13: 00000000000001a3 R14: 000000000008aba1 R15: 0000000000000000 [ 89.192679][ T9398] FS: 000000000202d880(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 89.201605][ T9398] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 89.208165][ T9398] CR2: 0000000000000000 CR3: 00000000a9270000 CR4: 00000000001426e0 [ 89.216142][ T9398] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 89.224141][ T9398] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 89.232118][ T9398] Kernel panic - not syncing: Fatal exception [ 89.239484][ T9398] Kernel Offset: disabled [ 89.243805][ T9398] Rebooting in 86400 seconds..