[....] Starting enhanced syslogd: rsyslogd[ 11.591073] audit: type=1400 audit(1513007703.675:5): avc: denied { syslog } for pid=2988 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 34.594328] audit: type=1400 audit(1513007726.679:6): avc: denied { map } for pid=3134 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Warning: Permanently added 'ci-upstream-mmots-kasan-gce-1,10.128.0.17' (ECDSA) to the list of known hosts. executing program executing program executing program executing program executing program executing program executing program executing program [ 56.688465] audit: type=1400 audit(1513007748.773:7): avc: denied { map } for pid=3146 comm="syzkaller947778" path="/root/syzkaller947778301" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 56.737828] kvm: KVM_SET_TSS_ADDR need to be called before entering vcpu executing program executing program executing program executing program executing program executing program [ 56.915271] pte_list_remove: 0000000033e71424 0->BUG [ 56.920496] ------------[ cut here ]------------ [ 56.925233] kernel BUG at arch/x86/kvm/mmu.c:1208! [ 56.930177] invalid opcode: 0000 [#1] SMP KASAN [ 56.934810] Dumping ftrace buffer: [ 56.938316] (ftrace buffer empty) [ 56.941992] Modules linked in: [ 56.945152] CPU: 1 PID: 3158 Comm: syzkaller947778 Not tainted 4.15.0-rc2-mm1+ #39 [ 56.952825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 56.962170] RIP: 0010:pte_list_remove+0x3ae/0x3c0 [ 56.966974] RSP: 0018:ffff8801c57aef30 EFLAGS: 00010286 [ 56.972302] RAX: 0000000000000028 RBX: ffff8801dadbfd00 RCX: 0000000000000000 [ 56.979630] RDX: 0000000000000028 RSI: 1ffff10038af5da6 RDI: ffffed0038af5dda [ 56.986867] RBP: ffff8801c57aef70 R08: 1ffff10038af5d68 R09: 0000000000000000 [ 56.994104] R10: 000000000000000b R11: 0000000000000000 R12: ffff8801c44e9000 [ 57.001340] R13: 0000000000000000 R14: ffff8801c44d1ec0 R15: ffff8801c44d1ee8 [ 57.008578] FS: 0000000000000000(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000 [ 57.016772] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 57.022621] CR2: 0000000000417050 CR3: 00000001c52ab000 CR4: 00000000001426e0 [ 57.029857] Call Trace: [ 57.032417] drop_spte+0x15a/0x250 [ 57.035926] mmu_page_zap_pte+0x224/0x340 [ 57.040041] ? kvm_mmu_zap_collapsible_spte+0x3f0/0x3f0 [ 57.045380] ? __lock_is_held+0xbc/0x140 [ 57.049415] kvm_mmu_prepare_zap_page+0x1c5/0x1310 [ 57.054311] ? __is_insn_slot_addr+0x1fc/0x330 [ 57.058862] ? mmio_info_in_cache+0x6b0/0x6b0 [ 57.063326] ? __lock_acquire+0x6e9/0x47f0 [ 57.067527] ? unwind_dump+0x4d0/0x4d0 [ 57.071382] ? __read_once_size_nocheck.constprop.8+0x10/0x10 [ 57.077233] ? check_noncircular+0x20/0x20 [ 57.081439] ? debug_check_no_locks_freed+0x3d0/0x3d0 [ 57.086597] ? debug_check_no_locks_freed+0x3d0/0x3d0 [ 57.091749] ? __free_insn_slot+0x5c0/0x5c0 [ 57.096039] ? find_held_lock+0x39/0x1d0 [ 57.100069] ? check_noncircular+0x20/0x20 [ 57.104269] ? kvm_make_all_cpus_request+0x44a/0x580 [ 57.109348] ? gfn_to_pfn_atomic+0x650/0x650 [ 57.113724] ? lock_release+0xda0/0xda0 [ 57.117662] ? __free_insn_slot+0x5c0/0x5c0 [ 57.121951] ? __lock_is_held+0xbc/0x140 [ 57.125986] ? kvm_dying_cpu+0x40/0x40 [ 57.129844] kvm_mmu_invalidate_zap_all_pages+0x4a0/0x680 [ 57.135350] ? kvm_mmu_zap_collapsible_sptes+0xb0/0xb0 [ 57.140594] ? lock_acquire+0x1d5/0x580 [ 57.144537] ? lock_release+0xda0/0xda0 [ 57.148477] ? lock_release+0xda0/0xda0 [ 57.152419] ? kmem_cache_free+0x77/0x280 [ 57.156532] ? kvm_dying_cpu+0x40/0x40 [ 57.160384] kvm_arch_flush_shadow_all+0x15/0x20 [ 57.165105] kvm_mmu_notifier_release+0x59/0x90 [ 57.169832] ? kvm_dying_cpu+0x40/0x40 [ 57.173686] __mmu_notifier_release+0x1d5/0x690 [ 57.178324] ? __mmu_notifier_invalidate_range_end+0x360/0x360 [ 57.184263] ? __khugepaged_exit+0x9a/0x640 [ 57.188552] ? lock_release+0xda0/0xda0 [ 57.192493] ? rcu_pm_notify+0xc0/0xc0 [ 57.196349] ? __khugepaged_exit+0x40f/0x640 [ 57.200728] exit_mmap+0x42d/0x530 [ 57.204248] ? SyS_munmap+0x30/0x30 [ 57.207841] ? __khugepaged_exit+0x42f/0x640 [ 57.212222] ? hugepage_madvise+0xf0/0xf0 [ 57.216334] ? trace_event_raw_event_sched_switch+0x800/0x800 [ 57.222188] ? rcu_note_context_switch+0x710/0x710 [ 57.227082] ? reacquire_held_locks+0x201/0x3e0 [ 57.231720] ? __might_sleep+0x95/0x190 [ 57.235664] mmput+0x223/0x6c0 [ 57.238827] ? get_task_exe_file+0xc0/0xc0 [ 57.243030] ? lock_downgrade+0x980/0x980 [ 57.247144] ? is_current_pgrp_orphaned+0xa0/0xa0 [ 57.251953] ? do_exit+0x8a1/0x1ae0 [ 57.255545] ? rcu_note_context_switch+0x710/0x710 [ 57.260440] ? lock_release+0xda0/0xda0 [ 57.264377] ? __might_sleep+0x95/0x190 [ 57.268318] ? do_raw_spin_trylock+0x190/0x190 [ 57.272866] ? __down_interruptible+0x6b0/0x6b0 [ 57.277502] ? trace_hardirqs_on+0xd/0x10 [ 57.281615] ? _raw_spin_unlock_irq+0x27/0x70 [ 57.286076] do_exit+0x90a/0x1ae0 [ 57.289501] ? hrtimer_try_to_cancel+0x51/0x5c0 [ 57.294135] ? mm_update_next_owner+0x930/0x930 [ 57.298772] ? __hrtimer_get_remaining+0x1c0/0x1c0 [ 57.303671] ? trace_event_raw_event_sched_switch+0x800/0x800 [ 57.309517] ? _do_fork+0x2ae/0xf10 [ 57.313109] ? rcu_note_context_switch+0x710/0x710 [ 57.318001] ? fork_idle+0x2d0/0x2d0 [ 57.321679] ? __might_sleep+0x95/0x190 [ 57.325621] ? do_nanosleep+0x4fc/0x6e0 [ 57.329564] ? schedule_timeout_idle+0x90/0x90 [ 57.334119] ? memset+0x31/0x40 [ 57.337369] ? hrtimer_nanosleep+0x2cc/0x860 [ 57.341743] ? nanosleep_copyout+0x100/0x100 [ 57.346115] ? __might_sleep+0x95/0x190 [ 57.350057] ? kasan_check_write+0x14/0x20 [ 57.354256] ? _copy_from_user+0x99/0x110 [ 57.358370] ? __hrtimer_init+0x140/0x140 [ 57.362486] ? syscall_return_slowpath+0x550/0x550 [ 57.367383] do_group_exit+0x149/0x400 [ 57.371235] ? SyS_exit+0x30/0x30 [ 57.374656] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 57.379636] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 57.384357] SyS_exit_group+0x1d/0x20 [ 57.388123] entry_SYSCALL_64_fastpath+0x1f/0x96 [ 57.392843] RIP: 0033:0x4493f9 [ 57.395997] RSP: 002b:00007ffe70bfd148 EFLAGS: 00000206 ORIG_RAX: 00000000000000e7 [ 57.403670] RAX: ffffffffffffffda RBX: 00007f9af7520700 RCX: 00000000004493f9 [ 57.410907] RDX: 0000000000447b91 RSI: 0000000000000000 RDI: 0000000000000000 [ 57.418140] RBP: 00007ffe70bfd0f0 R08: 00000000006dd1c0 R09: 0000000000000000 [ 57.425376] R10: 00000000006dd144 R11: 0000000000000206 R12: 0000000000000000 [ 57.432611] R13: 00007ffe70bfd0ef R14: 00007f9af75209c0 R15: 0000000000000000 [ 57.439862] Code: d9 18 61 00 48 8b 75 d0 48 c7 c7 00 61 62 85 e8 61 d9 4a 00 0f 0b e8 c2 18 61 00 48 8b 75 d0 48 c7 c7 c0 60 62 85 e8 4a d9 4a 00 <0f> 0b 4c 89 ef e8 e8 b6 97 00 e9 01 fe ff ff 0f 1f 00 55 48 89 [ 57.458929] RIP: pte_list_remove+0x3ae/0x3c0 RSP: ffff8801c57aef30 [ 57.465245] ---[ end trace c2bbbe5e5b55d672 ]--- [ 57.469980] Kernel panic - not syncing: Fatal exception [ 57.475652] Dumping ftrace buffer: [ 57.479160] (ftrace buffer empty) [ 57.482840] Kernel Offset: disabled [ 57.486443] Rebooting in 86400 seconds..