2017/08/13 18:27:06 parsed 1 programs
2017/08/13 18:27:06 executed programs: 0
syzkaller login: [   38.309303] pte_list_remove: ffff88003de77078 0->BUG
[   38.309845] ------------[ cut here ]------------
[   38.310337] kernel BUG at arch/x86/kvm/mmu.c:1194!
[   38.310825] invalid opcode: 0000 [#1] SMP KASAN
[   38.311299] Dumping ftrace buffer:
[   38.311642]    (ftrace buffer empty)
[   38.312184] Modules linked in:
[   38.312495] CPU: 2 PID: 3620 Comm: syz-executor4 Not tainted 4.13.0-rc4-next-20170811 #2
[   38.313263] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011
[   38.314066] task: ffff880039cd84c0 task.stack: ffff88003b8e0000
[   38.314677] RIP: 0010:pte_list_remove+0x3ae/0x3c0
[   38.315166] RSP: 0018:ffff88003b8e68c8 EFLAGS: 00010282
[   38.315676] RAX: 0000000000000028 RBX: ffff88003db4ac80 RCX: 0000000000000000
[   38.316359] RDX: 0000000000000028 RSI: 1ffff1000771ccd9 RDI: ffffed000771cd0d
[   38.316830] RBP: ffff88003b8e6908 R08: 0000000000000000 R09: 1ffff1000771ccab
[   38.317335] R10: ffff88003b8e6cb0 R11: ffffffff85b2d3b8 R12: ffff88003de77078
[   38.317820] R13: 0000000000000000 R14: ffff88003de644c8 R15: ffff88003de644f0
[   38.318448] FS:  0000000000000000(0000) GS:ffff88006de00000(0000) knlGS:0000000000000000
[   38.319261] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   38.319833] CR2: 0000000000000000 CR3: 000000003e3ae000 CR4: 00000000000026e0
[   38.320542] Call Trace:
[   38.320799]  drop_spte+0x15a/0x250
[   38.321141]  mmu_page_zap_pte+0x224/0x340
[   38.321549]  ? kvm_mmu_zap_collapsible_spte+0x3f0/0x3f0
[   38.322085]  ? trace_hardirqs_on+0xd/0x10
[   38.322515]  ? get_dump_page+0x150/0x150
[   38.322921]  ? percpu_counter_add_batch+0xce/0x130
[   38.323445]  kvm_mmu_prepare_zap_page+0x1c5/0x1310
[   38.324595]  ? drain_local_pages_wq+0x20/0x20
[   38.324997]  ? mmio_info_in_cache+0x670/0x670
[   38.325443]  ? update_load_avg+0x1231/0x2a90
[   38.325881]  ? check_preempt_wakeup+0x1320/0x1320
[   38.326363]  ? lock_acquire+0x1d5/0x580
[   38.326753]  ? lock_acquire+0x1d5/0x580
[   38.327159]  ? __is_insn_slot_addr+0x1fc/0x330
[   38.327608]  ? lock_downgrade+0x990/0x990
[   38.328018]  ? lock_release+0xa40/0xa40
[   38.328417]  ? __read_once_size_nocheck.constprop.8+0x10/0x10
[   38.329015]  ? set_next_entity+0x2ca/0xd60
[   38.329454]  ? entry_SYSCALL_64_fastpath+0xbc/0xbe
[   38.329946]  ? bpf_prog_kallsyms_find+0xbd/0x440
[   38.330426]  ? kvm_make_all_cpus_request+0x444/0x580
[   38.330904]  ? gfn_to_pfn_atomic+0x650/0x650
[   38.331346]  ? lock_downgrade+0x990/0x990
[   38.331764]  ? lock_release+0xa40/0xa40
[   38.332164]  ? lock_release+0xa40/0xa40
[   38.332583]  ? __free_insn_slot+0x5c0/0x5c0
[   38.333018]  ? unwind_dump+0x4c0/0x4c0
[   38.333409]  kvm_mmu_invalidate_zap_all_pages+0x4a0/0x680
[   38.335185]  ? kvm_mmu_zap_collapsible_sptes+0xb0/0xb0
[   38.335643]  ? lock_acquire+0x1d5/0x580
[   38.336066]  ? lock_release+0xa40/0xa40
[   38.336407]  ? lock_release+0xa40/0xa40
[   38.336655]  ? kasan_slab_free+0x71/0xc0
[   38.336936]  ? __khugepaged_exit+0x410/0x650
[   38.337264]  ? kvm_vcpu_on_spin+0x710/0x710
[   38.337553]  kvm_arch_flush_shadow_all+0x15/0x20
[   38.337882]  kvm_mmu_notifier_release+0x59/0x90
[   38.338235]  ? kvm_vcpu_on_spin+0x710/0x710
[   38.338527]  __mmu_notifier_release+0x1d5/0x690
[   38.338971]  ? __mmu_notifier_invalidate_range_end+0x350/0x350
[   38.339545]  ? __khugepaged_exit+0x3f7/0x650
[   38.339972]  ? lock_downgrade+0x990/0x990
[   38.340386]  ? do_raw_spin_trylock+0x190/0x190
[   38.340835]  ? trace_hardirqs_off+0xd/0x10
[   38.341285]  ? quarantine_put+0xeb/0x190
[   38.341555]  exit_mmap+0x479/0x560
[   38.341787]  ? __khugepaged_exit+0x43d/0x650
[   38.342076]  ? SyS_munmap+0x30/0x30
[   38.342337]  ? hugepage_madvise+0xf0/0xf0
[   38.342646]  ? check_same_owner+0x320/0x320
[   38.343094]  ? rcu_note_context_switch+0x710/0x710
[   38.343495]  ? lock_release+0xa40/0xa40
[   38.343773]  ? __might_sleep+0x95/0x190
[   38.344120]  mmput+0x223/0x6e0
[   38.344352]  ? get_task_exe_file+0xc0/0xc0
[   38.344632]  ? is_current_pgrp_orphaned+0xa0/0xa0
[   38.344992]  ? do_exit+0x991/0x1b30
[   38.345586]  ? lock_downgrade+0x990/0x990
[   38.345944]  ? do_raw_spin_trylock+0x190/0x190
[   38.346341]  ? down_read+0x96/0x150
[   38.346655]  ? do_exit+0x4ad/0x1b30
[   38.346997]  ? __down_interruptible+0x6a0/0x6a0
[   38.347408]  ? trace_hardirqs_on+0xd/0x10
[   38.347755]  ? _raw_spin_unlock_irq+0x27/0x70
[   38.348117]  do_exit+0x9a1/0x1b30
[   38.348363]  ? unlink_anon_vmas+0x20d/0x9f0
[   38.348661]  ? mm_update_next_owner+0x930/0x930
[   38.349086]  ? plist_check_head+0x130/0x130
[   38.349514]  ? lock_acquire+0x1d5/0x580
[   38.349910]  ? schedule+0x108/0x440
[   38.350272]  ? lock_downgrade+0x990/0x990
[   38.350553]  ? __schedule+0x2070/0x2070
[   38.350816]  ? check_same_owner+0x320/0x320
[   38.351152]  ? rcu_note_context_switch+0x710/0x710
[   38.351598]  ? futex_wait_setup+0x14a/0x3d0
[   38.351980]  ? __might_sleep+0x95/0x190
[   38.352332]  ? _cond_resched+0x14/0x30
[   38.352710]  ? futex_wait_queue_me+0x524/0x7e0
[   38.353071]  ? refill_pi_state_cache.part.6+0x2f0/0x2f0
[   38.353582]  ? get_futex_value_locked+0xc3/0xf0
[   38.354096]  ? futex_wait_setup+0x22e/0x3d0
[   38.354527]  ? futex_wake+0x680/0x680
[   38.354900]  ? __dequeue_signal+0x103/0x7b0
[   38.355337]  ? recalc_sigpending_tsk+0x117/0x150
[   38.355809]  ? get_signal+0x855/0x17e0
[   38.356190]  ? lock_downgrade+0x990/0x990
[   38.356608]  do_group_exit+0x149/0x400
[   38.356991]  ? SyS_exit+0x30/0x30
[   38.357351]  ? drop_futex_key_refs.isra.13+0x60/0xb0
[   38.357856]  get_signal+0x7e8/0x17e0
[   38.358243]  ? ptrace_notify+0x130/0x130
[   38.358662]  ? exit_robust_list+0x240/0x240
[   38.359099]  ? SyS_brk+0x6f0/0x6f0
[   38.359468]  do_signal+0x94/0x1ee0
[   38.359926]  ? vm_mmap_pgoff+0x1ed/0x280
[   38.360318]  ? lock_downgrade+0x990/0x990
[   38.360719]  ? putname+0xee/0x130
[   38.361047]  ? userfaultfd_unmap_complete+0x327/0x510
[   38.361582]  ? setup_sigcontext+0x7d0/0x7d0
[   38.362004]  ? userfaultfd_unmap_prep+0x540/0x540
[   38.362483]  ? do_mmap+0x34f/0xd40
[   38.362851]  ? up_read+0x40/0x40
[   38.363323]  ? down_write+0x120/0x120
[   38.363746]  ? security_mmap_file+0x14e/0x190
[   38.364183]  ? vm_mmap_pgoff+0x1fc/0x280
[   38.364644]  ? vm_mmap_pgoff+0x13b/0x280
[   38.365055]  exit_to_usermode_loop+0x224/0x300
[   38.365850]  ? trace_event_raw_event_sys_exit+0x260/0x260
[   38.366690]  ? selinux_capable+0x40/0x40
[   38.367356]  syscall_return_slowpath+0x42f/0x500
[   38.367820]  ? prepare_exit_to_usermode+0x2c0/0x2c0
[   38.368320]  ? find_mergeable_anon_vma+0xd0/0xd0
[   38.368817]  ? security_file_ioctl+0x7d/0xb0
[   38.369258]  ? security_file_ioctl+0x89/0xb0
[   38.369692]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   38.370021]  entry_SYSCALL_64_fastpath+0xbc/0xbe
[   38.370390] RIP: 0033:0x446739
[   38.370626] RSP: 002b:00007f0b5cf3fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[   38.371338] RAX: 0000000000000000 RBX: 00000000007080c8 RCX: 0000000000446739
[   38.372156] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000007080c8
[   38.372883] RBP: 00000000007080a8 R08: 0000000000000000 R09: 0000000000000000
[   38.373991] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   38.375239] R13: 0000000000000000 R14: 00007f0b5cf409c0 R15: 00007f0b5cf40700
[   38.376481] Code: 09 8b 5e 00 48 8b 75 d0 48 c7 c7 40 4d e2 84 e8 8e 6b 49 00 0f 0b e8 f2 8a 5e 00 48 8b 75 d0 48 c7 c7 00 4d e2 84 e8 77 6b 49 00 <0f> 0b 4c 89 ef e8 88 8b 92 00 e9 01 fe ff ff 0f 1f 00 55 48 89 
[   38.379609] RIP: pte_list_remove+0x3ae/0x3c0 RSP: ffff88003b8e68c8
[   38.380722] ---[ end trace 9d5c9d88bb60720e ]---
[   38.381567] Kernel panic - not syncing: Fatal exception
[   38.382583] Dumping ftrace buffer:
[   38.383195]    (ftrace buffer empty)
[   38.383598] Kernel Offset: disabled
[   38.383996] Rebooting in 86400 seconds..