syzbot

hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
8021q: adding VLAN 0 to HW filter on device batadv0
L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details.
BUG: unable to handle kernel paging request at ffff888093442000
#PF error: [PROT] [WRITE] [RSVD]
PGD b201067 P4D b201067 PUD 21ffff067 PMD 80000000934001e3 
Oops: 000b [#1] PREEMPT SMP KASAN
CPU: 0 PID: 7656 Comm: syz-executor.0 Not tainted 5.0.0-rc7+ #86
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:__write_once_size include/linux/compiler.h:220 [inline]
RIP: 0010:__update_clear_spte_fast arch/x86/kvm/mmu.c:547 [inline]
RIP: 0010:mmu_spte_clear_no_track arch/x86/kvm/mmu.c:848 [inline]
RIP: 0010:drop_parent_pte arch/x86/kvm/mmu.c:2040 [inline]
RIP: 0010:mmu_page_zap_pte+0x18a/0x250 arch/x86/kvm/mmu.c:2618
Code: 8b 73 28 4c 89 e7 48 83 c6 48 e8 b1 3f ff ff 4c 89 e2 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 a4 00 00 00 <49> c7 04 24 00 00 00 00 41 be 01 00 00 00 e9 fd fe ff ff e8 9e 4a
RSP: 0018:ffff88808e3bfb40 EFLAGS: 00010246
RAX: dffffc0000000000 RBX: ffffea00025ae940 RCX: ffffffff810ed6cb
RDX: 1ffff11012688400 RSI: ffffffff810ed6f4 RDI: 0000000000000007
RBP: ffff88808e3bfb68 R08: ffff8880916c2500 R09: ffffed1015d05bd0
R10: ffffed1015d05bcf R11: ffff8880ae82de7b R12: ffff888093442000
R13: 0000000000000004 R14: ffffc90006043000 R15: 0000000000000000
FS:  00000000013f2940(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffff888093442000 CR3: 000000008dd7a000 CR4: 00000000001426f0
Call Trace:
 kvm_mmu_page_unlink_children arch/x86/kvm/mmu.c:2635 [inline]
 kvm_mmu_prepare_zap_page+0x163/0x1170 arch/x86/kvm/mmu.c:2679
 kvm_zap_obsolete_pages arch/x86/kvm/mmu.c:5844 [inline]
 kvm_mmu_invalidate_zap_all_pages+0x3ca/0x550 arch/x86/kvm/mmu.c:5885
 kvm_arch_flush_shadow_all+0x16/0x20 arch/x86/kvm/x86.c:9465
 kvm_mmu_notifier_release+0x5c/0x90 arch/x86/kvm/../../../virt/kvm/kvm_main.c:494
 mmu_notifier_unregister+0x137/0x410 mm/mmu_notifier.c:356
 kvm_destroy_vm arch/x86/kvm/../../../virt/kvm/kvm_main.c:744 [inline]
 kvm_put_kvm+0x553/0xc70 arch/x86/kvm/../../../virt/kvm/kvm_main.c:769
 kvm_vcpu_release+0x7b/0xa0 arch/x86/kvm/../../../virt/kvm/kvm_main.c:2495
 __fput+0x2df/0x8d0 fs/file_table.c:278
 ____fput+0x16/0x20 fs/file_table.c:309
 task_work_run+0x14a/0x1c0 kernel/task_work.c:113
 tracehook_notify_resume include/linux/tracehook.h:188 [inline]
 exit_to_usermode_loop+0x273/0x2c0 arch/x86/entry/common.c:166
 prepare_exit_to_usermode arch/x86/entry/common.c:197 [inline]
 syscall_return_slowpath arch/x86/entry/common.c:268 [inline]
 do_syscall_64+0x52d/0x610 arch/x86/entry/common.c:293
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x411d31
Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 94 19 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
RSP: 002b:00007ffe73c67380 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
RAX: 0000000000000000 RBX: 0000000000000006 RCX: 0000000000411d31
RDX: 0000000000000000 RSI: 0000000000740528 RDI: 0000000000000005
RBP: 0000000000000000 R08: 0000000000740520 R09: 000000000000c38e
R10: 00007ffe73c672a0 R11: 0000000000000293 R12: 0000000000000000
R13: 0000000000000001 R14: 0000000000000005 R15: 0000000000000000
Modules linked in:
CR2: ffff888093442000
---[ end trace a5c3cbabd59bc178 ]---
RIP: 0010:__write_once_size include/linux/compiler.h:220 [inline]
RIP: 0010:__update_clear_spte_fast arch/x86/kvm/mmu.c:547 [inline]
RIP: 0010:mmu_spte_clear_no_track arch/x86/kvm/mmu.c:848 [inline]
RIP: 0010:drop_parent_pte arch/x86/kvm/mmu.c:2040 [inline]
RIP: 0010:mmu_page_zap_pte+0x18a/0x250 arch/x86/kvm/mmu.c:2618
Code: 8b 73 28 4c 89 e7 48 83 c6 48 e8 b1 3f ff ff 4c 89 e2 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 a4 00 00 00 <49> c7 04 24 00 00 00 00 41 be 01 00 00 00 e9 fd fe ff ff e8 9e 4a
RSP: 0018:ffff88808e3bfb40 EFLAGS: 00010246
RAX: dffffc0000000000 RBX: ffffea00025ae940 RCX: ffffffff810ed6cb
RDX: 1ffff11012688400 RSI: ffffffff810ed6f4 RDI: 0000000000000007
RBP: ffff88808e3bfb68 R08: ffff8880916c2500 R09: ffffed1015d05bd0
R10: ffffed1015d05bcf R11: ffff8880ae82de7b R12: ffff888093442000
R13: 0000000000000004 R14: ffffc90006043000 R15: 0000000000000000
FS:  00000000013f2940(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffff888093442000 CR3: 000000008dd7a000 CR4: 00000000001426f0