Warning: Permanently added '10.128.1.5' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 72.986695][ T9008] ================================================================== [ 72.995089][ T9008] BUG: KASAN: vmalloc-out-of-bounds in kvm_dev_ioctl_get_cpuid+0xad7/0xb0b [ 73.003656][ T9008] Write of size 4 at addr ffffc90000d36050 by task syz-executor542/9008 [ 73.011996][ T9008] [ 73.014312][ T9008] CPU: 0 PID: 9008 Comm: syz-executor542 Not tainted 5.4.0-syzkaller #0 [ 73.022632][ T9008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 73.032877][ T9008] Call Trace: [ 73.036217][ T9008] dump_stack+0x197/0x210 [ 73.040549][ T9008] ? kvm_dev_ioctl_get_cpuid+0xad7/0xb0b [ 73.046217][ T9008] print_address_description.constprop.0.cold+0x5/0x30b [ 73.053138][ T9008] ? kvm_dev_ioctl_get_cpuid+0xad7/0xb0b [ 73.058776][ T9008] ? kvm_dev_ioctl_get_cpuid+0xad7/0xb0b [ 73.064516][ T9008] __kasan_report.cold+0x1b/0x41 [ 73.069478][ T9008] ? kvm_dev_ioctl_get_cpuid+0xe1/0xb0b [ 73.075013][ T9008] ? kvm_dev_ioctl_get_cpuid+0xad7/0xb0b [ 73.080634][ T9008] kasan_report+0x12/0x20 [ 73.084956][ T9008] __asan_report_store4_noabort+0x17/0x20 [ 73.090659][ T9008] kvm_dev_ioctl_get_cpuid+0xad7/0xb0b [ 73.096397][ T9008] ? kvm_vcpu_ioctl_get_cpuid2+0x160/0x160 [ 73.102215][ T9008] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 73.108481][ T9008] ? _copy_from_user+0x12c/0x1a0 [ 73.113401][ T9008] kvm_arch_dev_ioctl+0x300/0x4b0 [ 73.118425][ T9008] ? kvm_vm_ioctl_check_extension+0x3d0/0x3d0 [ 73.124481][ T9008] ? tomoyo_path_number_perm+0x454/0x520 [ 73.130102][ T9008] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 73.136331][ T9008] ? tomoyo_path_number_perm+0x25e/0x520 [ 73.141956][ T9008] kvm_dev_ioctl+0x127/0x17d0 [ 73.146624][ T9008] ? kvm_put_kvm+0xcc0/0xcc0 [ 73.151335][ T9008] ? kvm_put_kvm+0xcc0/0xcc0 [ 73.155928][ T9008] do_vfs_ioctl+0x977/0x14e0 [ 73.161207][ T9008] ? compat_ioctl_preallocate+0x220/0x220 [ 73.166912][ T9008] ? perf_trace_initcall_level+0x370/0x420 [ 73.172704][ T9008] ? putname+0xf4/0x130 [ 73.176841][ T9008] ? do_sys_open+0x31d/0x5d0 [ 73.181413][ T9008] ? tomoyo_file_ioctl+0x23/0x30 [ 73.186331][ T9008] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 73.192550][ T9008] ? security_file_ioctl+0x8d/0xc0 [ 73.197662][ T9008] ksys_ioctl+0xab/0xd0 [ 73.201806][ T9008] __x64_sys_ioctl+0x73/0xb0 [ 73.206388][ T9008] do_syscall_64+0xfa/0x790 [ 73.210884][ T9008] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 73.216877][ T9008] RIP: 0033:0x440199 [ 73.220772][ T9008] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 73.240544][ T9008] RSP: 002b:00007fff7ae751a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 73.248961][ T9008] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440199 [ 73.257351][ T9008] RDX: 0000000020000000 RSI: 00000000c008ae09 RDI: 0000000000000003 [ 73.265372][ T9008] RBP: 00000000006ca018 R08: 0000000000000000 R09: 00000000004002c8 [ 73.273329][ T9008] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401a20 [ 73.281282][ T9008] R13: 0000000000401ab0 R14: 0000000000000000 R15: 0000000000000000 [ 73.289248][ T9008] [ 73.291555][ T9008] [ 73.293882][ T9008] Memory state around the buggy address: [ 73.299493][ T9008] ffffc90000d35f00: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 [ 73.307544][ T9008] ffffc90000d35f80: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 [ 73.315583][ T9008] >ffffc90000d36000: 00 00 00 00 00 00 00 00 00 00 f9 f9 f9 f9 f9 f9 [ 73.323625][ T9008] ^ [ 73.330274][ T9008] ffffc90000d36080: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 [ 73.338311][ T9008] ffffc90000d36100: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 [ 73.346360][ T9008] ================================================================== [ 73.354403][ T9008] Disabling lock debugging due to kernel taint [ 73.361110][ T9008] Kernel panic - not syncing: panic_on_warn set ... [ 73.367708][ T9008] CPU: 0 PID: 9008 Comm: syz-executor542 Tainted: G B 5.4.0-syzkaller #0 [ 73.377396][ T9008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 73.387439][ T9008] Call Trace: [ 73.390723][ T9008] dump_stack+0x197/0x210 [ 73.395032][ T9008] panic+0x2e3/0x75c [ 73.399029][ T9008] ? add_taint.cold+0x16/0x16 [ 73.403701][ T9008] ? kvm_dev_ioctl_get_cpuid+0xad7/0xb0b [ 73.409323][ T9008] ? preempt_schedule+0x4b/0x60 [ 73.414171][ T9008] ? ___preempt_schedule+0x16/0x18 [ 73.419265][ T9008] ? trace_hardirqs_on+0x5e/0x240 [ 73.424281][ T9008] ? kvm_dev_ioctl_get_cpuid+0xad7/0xb0b [ 73.429891][ T9008] end_report+0x47/0x4f [ 73.434034][ T9008] ? kvm_dev_ioctl_get_cpuid+0xad7/0xb0b [ 73.439642][ T9008] __kasan_report.cold+0xe/0x41 [ 73.444488][ T9008] ? kvm_dev_ioctl_get_cpuid+0xe1/0xb0b [ 73.450012][ T9008] ? kvm_dev_ioctl_get_cpuid+0xad7/0xb0b [ 73.455621][ T9008] kasan_report+0x12/0x20 [ 73.459930][ T9008] __asan_report_store4_noabort+0x17/0x20 [ 73.465627][ T9008] kvm_dev_ioctl_get_cpuid+0xad7/0xb0b [ 73.471079][ T9008] ? kvm_vcpu_ioctl_get_cpuid2+0x160/0x160 [ 73.476876][ T9008] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 73.483091][ T9008] ? _copy_from_user+0x12c/0x1a0 [ 73.488005][ T9008] kvm_arch_dev_ioctl+0x300/0x4b0 [ 73.493005][ T9008] ? kvm_vm_ioctl_check_extension+0x3d0/0x3d0 [ 73.499059][ T9008] ? tomoyo_path_number_perm+0x454/0x520 [ 73.504671][ T9008] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 73.510908][ T9008] ? tomoyo_path_number_perm+0x25e/0x520 [ 73.516527][ T9008] kvm_dev_ioctl+0x127/0x17d0 [ 73.521184][ T9008] ? kvm_put_kvm+0xcc0/0xcc0 [ 73.525764][ T9008] ? kvm_put_kvm+0xcc0/0xcc0 [ 73.530345][ T9008] do_vfs_ioctl+0x977/0x14e0 [ 73.534914][ T9008] ? compat_ioctl_preallocate+0x220/0x220 [ 73.540610][ T9008] ? perf_trace_initcall_level+0x370/0x420 [ 73.546392][ T9008] ? putname+0xf4/0x130 [ 73.550523][ T9008] ? do_sys_open+0x31d/0x5d0 [ 73.555091][ T9008] ? tomoyo_file_ioctl+0x23/0x30 [ 73.560006][ T9008] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 73.566224][ T9008] ? security_file_ioctl+0x8d/0xc0 [ 73.571310][ T9008] ksys_ioctl+0xab/0xd0 [ 73.575455][ T9008] __x64_sys_ioctl+0x73/0xb0 [ 73.580023][ T9008] do_syscall_64+0xfa/0x790 [ 73.584519][ T9008] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 73.590385][ T9008] RIP: 0033:0x440199 [ 73.594279][ T9008] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 73.613921][ T9008] RSP: 002b:00007fff7ae751a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 73.622327][ T9008] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440199 [ 73.630334][ T9008] RDX: 0000000020000000 RSI: 00000000c008ae09 RDI: 0000000000000003 [ 73.638287][ T9008] RBP: 00000000006ca018 R08: 0000000000000000 R09: 00000000004002c8 [ 73.646242][ T9008] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401a20 [ 73.654194][ T9008] R13: 0000000000401ab0 R14: 0000000000000000 R15: 0000000000000000 [ 73.663463][ T9008] Kernel Offset: disabled [ 73.667799][ T9008] Rebooting in 86400 seconds..