Warning: Permanently added '10.128.0.187' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 87.611328][ T23] audit: type=1400 audit(1575444670.371:42): avc: denied { map } for pid=9664 comm="syz-executor744" path="/root/syz-executor744730087" dev="sda1" ino=16484 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 87.615237][ T9664] ================================================================== [ 87.646461][ T9664] BUG: KASAN: vmalloc-out-of-bounds in kvm_dev_ioctl_get_cpuid+0xad7/0xb0b [ 87.655027][ T9664] Write of size 4 at addr ffffc90000d36050 by task syz-executor744/9664 [ 87.663321][ T9664] [ 87.665676][ T9664] CPU: 1 PID: 9664 Comm: syz-executor744 Not tainted 5.4.0-syzkaller #0 [ 87.674005][ T9664] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 87.684037][ T9664] Call Trace: [ 87.687310][ T9664] dump_stack+0x197/0x210 [ 87.691615][ T9664] ? kvm_dev_ioctl_get_cpuid+0xad7/0xb0b [ 87.697229][ T9664] print_address_description.constprop.0.cold+0x5/0x30b [ 87.704139][ T9664] ? kvm_dev_ioctl_get_cpuid+0xad7/0xb0b [ 87.709745][ T9664] ? kvm_dev_ioctl_get_cpuid+0xad7/0xb0b [ 87.715353][ T9664] __kasan_report.cold+0x1b/0x41 [ 87.720269][ T9664] ? kvm_dev_ioctl_get_cpuid+0xe1/0xb0b [ 87.725790][ T9664] ? kvm_dev_ioctl_get_cpuid+0xad7/0xb0b [ 87.731400][ T9664] kasan_report+0x12/0x20 [ 87.735707][ T9664] __asan_report_store4_noabort+0x17/0x20 [ 87.741408][ T9664] kvm_dev_ioctl_get_cpuid+0xad7/0xb0b [ 87.746850][ T9664] ? kvm_vcpu_ioctl_get_cpuid2+0x160/0x160 [ 87.752638][ T9664] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 87.758857][ T9664] ? _copy_from_user+0x12c/0x1a0 [ 87.763772][ T9664] kvm_arch_dev_ioctl+0x300/0x4b0 [ 87.768773][ T9664] ? kvm_vm_ioctl_check_extension+0x3d0/0x3d0 [ 87.774826][ T9664] ? tomoyo_path_number_perm+0x454/0x520 [ 87.780436][ T9664] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 87.786649][ T9664] ? tomoyo_path_number_perm+0x25e/0x520 [ 87.792262][ T9664] kvm_dev_ioctl+0x127/0x17d0 [ 87.796927][ T9664] ? kvm_put_kvm+0xcc0/0xcc0 [ 87.801493][ T9664] ? ___might_sleep+0x163/0x2c0 [ 87.806337][ T9664] ? kvm_put_kvm+0xcc0/0xcc0 [ 87.810905][ T9664] do_vfs_ioctl+0x977/0x14e0 [ 87.815475][ T9664] ? compat_ioctl_preallocate+0x220/0x220 [ 87.821170][ T9664] ? selinux_file_mprotect+0x620/0x620 [ 87.826607][ T9664] ? kmem_cache_free+0x26b/0x320 [ 87.831535][ T9664] ? putname+0xf4/0x130 [ 87.835691][ T9664] ? do_sys_open+0x31d/0x5d0 [ 87.840257][ T9664] ? tomoyo_file_ioctl+0x23/0x30 [ 87.845170][ T9664] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 87.851388][ T9664] ? security_file_ioctl+0x8d/0xc0 [ 87.856488][ T9664] ksys_ioctl+0xab/0xd0 [ 87.860624][ T9664] __x64_sys_ioctl+0x73/0xb0 [ 87.865291][ T9664] do_syscall_64+0xfa/0x790 [ 87.869774][ T9664] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 87.875639][ T9664] RIP: 0033:0x440209 [ 87.879526][ T9664] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 5b 14 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 87.899108][ T9664] RSP: 002b:00007ffc51ae37d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 87.907765][ T9664] RAX: ffffffffffffffda RBX: 00007ffc51ae37e0 RCX: 0000000000440209 [ 87.915737][ T9664] RDX: 0000000020000240 RSI: 00000000c008ae09 RDI: 0000000000000004 [ 87.923693][ T9664] RBP: 00000000006ca018 R08: 0000000000000016 R09: 68742f636f72702f [ 87.931715][ T9664] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401af0 [ 87.939716][ T9664] R13: 0000000000401b80 R14: 0000000000000000 R15: 0000000000000000 [ 87.947674][ T9664] [ 87.949981][ T9664] [ 87.952284][ T9664] Memory state around the buggy address: [ 87.957891][ T9664] ffffc90000d35f00: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 [ 87.965931][ T9664] ffffc90000d35f80: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 [ 87.973995][ T9664] >ffffc90000d36000: 00 00 00 00 00 00 00 00 00 00 f9 f9 f9 f9 f9 f9 [ 87.982031][ T9664] ^ [ 87.988706][ T9664] ffffc90000d36080: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 [ 87.996832][ T9664] ffffc90000d36100: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 [ 88.004866][ T9664] ================================================================== [ 88.012912][ T9664] Disabling lock debugging due to kernel taint [ 88.020445][ T9664] Kernel panic - not syncing: panic_on_warn set ... [ 88.027036][ T9664] CPU: 0 PID: 9664 Comm: syz-executor744 Tainted: G B 5.4.0-syzkaller #0 [ 88.036818][ T9664] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 88.046848][ T9664] Call Trace: [ 88.050115][ T9664] dump_stack+0x197/0x210 [ 88.054421][ T9664] panic+0x2e3/0x75c [ 88.058290][ T9664] ? add_taint.cold+0x16/0x16 [ 88.062947][ T9664] ? kvm_dev_ioctl_get_cpuid+0xad7/0xb0b [ 88.068577][ T9664] ? preempt_schedule+0x4b/0x60 [ 88.073537][ T9664] ? ___preempt_schedule+0x16/0x18 [ 88.078641][ T9664] ? trace_hardirqs_on+0x5e/0x240 [ 88.083655][ T9664] ? kvm_dev_ioctl_get_cpuid+0xad7/0xb0b [ 88.089263][ T9664] end_report+0x47/0x4f [ 88.093398][ T9664] ? kvm_dev_ioctl_get_cpuid+0xad7/0xb0b [ 88.099015][ T9664] __kasan_report.cold+0xe/0x41 [ 88.103842][ T9664] ? kvm_dev_ioctl_get_cpuid+0xe1/0xb0b [ 88.109361][ T9664] ? kvm_dev_ioctl_get_cpuid+0xad7/0xb0b [ 88.114972][ T9664] kasan_report+0x12/0x20 [ 88.119276][ T9664] __asan_report_store4_noabort+0x17/0x20 [ 88.124976][ T9664] kvm_dev_ioctl_get_cpuid+0xad7/0xb0b [ 88.130425][ T9664] ? kvm_vcpu_ioctl_get_cpuid2+0x160/0x160 [ 88.136217][ T9664] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 88.142525][ T9664] ? _copy_from_user+0x12c/0x1a0 [ 88.147436][ T9664] kvm_arch_dev_ioctl+0x300/0x4b0 [ 88.152445][ T9664] ? kvm_vm_ioctl_check_extension+0x3d0/0x3d0 [ 88.158494][ T9664] ? tomoyo_path_number_perm+0x454/0x520 [ 88.164100][ T9664] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 88.170337][ T9664] ? tomoyo_path_number_perm+0x25e/0x520 [ 88.175977][ T9664] kvm_dev_ioctl+0x127/0x17d0 [ 88.180657][ T9664] ? kvm_put_kvm+0xcc0/0xcc0 [ 88.185227][ T9664] ? ___might_sleep+0x163/0x2c0 [ 88.190059][ T9664] ? kvm_put_kvm+0xcc0/0xcc0 [ 88.194633][ T9664] do_vfs_ioctl+0x977/0x14e0 [ 88.199200][ T9664] ? compat_ioctl_preallocate+0x220/0x220 [ 88.204894][ T9664] ? selinux_file_mprotect+0x620/0x620 [ 88.210333][ T9664] ? kmem_cache_free+0x26b/0x320 [ 88.215246][ T9664] ? putname+0xf4/0x130 [ 88.219375][ T9664] ? do_sys_open+0x31d/0x5d0 [ 88.224039][ T9664] ? tomoyo_file_ioctl+0x23/0x30 [ 88.228973][ T9664] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 88.235249][ T9664] ? security_file_ioctl+0x8d/0xc0 [ 88.240450][ T9664] ksys_ioctl+0xab/0xd0 [ 88.244581][ T9664] __x64_sys_ioctl+0x73/0xb0 [ 88.249146][ T9664] do_syscall_64+0xfa/0x790 [ 88.253623][ T9664] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 88.259487][ T9664] RIP: 0033:0x440209 [ 88.263359][ T9664] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 5b 14 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 88.282978][ T9664] RSP: 002b:00007ffc51ae37d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 88.291362][ T9664] RAX: ffffffffffffffda RBX: 00007ffc51ae37e0 RCX: 0000000000440209 [ 88.299308][ T9664] RDX: 0000000020000240 RSI: 00000000c008ae09 RDI: 0000000000000004 [ 88.307265][ T9664] RBP: 00000000006ca018 R08: 0000000000000016 R09: 68742f636f72702f [ 88.315211][ T9664] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401af0 [ 88.323956][ T9664] R13: 0000000000401b80 R14: 0000000000000000 R15: 0000000000000000 [ 88.333180][ T9664] Kernel Offset: disabled [ 88.337519][ T9664] Rebooting in 86400 seconds..