[info] Using makefile-style concurrent boot in runlevel 2. [ 23.457446] audit: type=1800 audit(1540353412.521:21): pid=5173 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="bootlogs" dev="sda1" ino=2419 res=0 [ 23.488311] audit: type=1800 audit(1540353412.521:22): pid=5173 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="motd" dev="sda1" ino=2447 res=0 [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.72' (ECDSA) to the list of known hosts. 2018/10/24 03:57:46 parsed 1 programs 2018/10/24 03:57:48 executed programs: 0 syzkaller login: [ 79.570371] IPVS: ftp: loaded support on port[0] = 21 [ 79.579598] IPVS: ftp: loaded support on port[0] = 21 [ 79.580075] IPVS: ftp: loaded support on port[0] = 21 [ 79.594260] IPVS: ftp: loaded support on port[0] = 21 [ 79.604622] IPVS: ftp: loaded support on port[0] = 21 [ 79.606234] IPVS: ftp: loaded support on port[0] = 21 [ 80.547697] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.554205] bridge0: port 1(bridge_slave_0) entered disabled state [ 80.564999] device bridge_slave_0 entered promiscuous mode [ 80.630360] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.637407] bridge0: port 1(bridge_slave_0) entered disabled state [ 80.648204] device bridge_slave_0 entered promiscuous mode [ 80.657826] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.664179] bridge0: port 1(bridge_slave_0) entered disabled state [ 80.673021] device bridge_slave_0 entered promiscuous mode [ 80.682780] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.693847] bridge0: port 1(bridge_slave_0) entered disabled state [ 80.703655] device bridge_slave_0 entered promiscuous mode [ 80.710752] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.718401] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.726190] device bridge_slave_1 entered promiscuous mode [ 80.733121] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.740414] bridge0: port 1(bridge_slave_0) entered disabled state [ 80.748055] device bridge_slave_0 entered promiscuous mode [ 80.757403] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.763764] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.772207] device bridge_slave_1 entered promiscuous mode [ 80.780704] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.792199] bridge0: port 1(bridge_slave_0) entered disabled state [ 80.800121] device bridge_slave_0 entered promiscuous mode [ 80.809203] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 80.820964] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.828725] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.837079] device bridge_slave_1 entered promiscuous mode [ 80.845116] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 80.855700] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.862057] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.874231] device bridge_slave_1 entered promiscuous mode [ 80.883749] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.892448] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.900135] device bridge_slave_1 entered promiscuous mode [ 80.906623] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.913068] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.920767] device bridge_slave_1 entered promiscuous mode [ 80.930529] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 80.939715] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 80.950360] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 80.964561] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 80.973342] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 80.983744] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 80.997747] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 81.040722] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 81.062002] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 81.073959] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 81.167154] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 81.194948] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 81.249926] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 81.280201] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 81.292216] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 81.306271] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 81.317761] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 81.326944] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 81.338172] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 81.345137] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 81.364622] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 81.385563] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 81.394669] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 81.420973] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 81.432351] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 81.449295] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 81.463455] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 81.472257] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 81.481629] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 81.491355] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 81.502610] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 81.512291] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 81.521039] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 81.536242] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 81.544036] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 81.555861] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 81.563513] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 81.571435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 81.590362] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 81.610735] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 81.719868] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 81.734668] team0: Port device team_slave_0 added [ 81.779431] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 81.797469] team0: Port device team_slave_0 added [ 81.820284] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 81.828575] team0: Port device team_slave_0 added [ 81.844618] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 81.856610] team0: Port device team_slave_0 added [ 81.861909] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 81.879904] team0: Port device team_slave_1 added [ 81.891934] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 81.900800] team0: Port device team_slave_1 added [ 81.909262] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 81.918882] team0: Port device team_slave_1 added [ 81.925501] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 81.932863] team0: Port device team_slave_0 added [ 81.942022] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 81.954955] team0: Port device team_slave_1 added [ 81.968619] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 81.989239] team0: Port device team_slave_0 added [ 81.994896] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 82.010853] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 82.037589] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 82.055594] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 82.068750] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 82.082816] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 82.097877] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 82.105739] team0: Port device team_slave_1 added [ 82.115948] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 82.125122] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 82.136097] team0: Port device team_slave_1 added [ 82.143311] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 82.157495] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 82.165263] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 82.180498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 82.188775] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 82.197058] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 82.213577] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 82.224422] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 82.240363] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 82.251905] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 82.271788] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 82.292958] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 82.301611] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 82.314907] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 82.322783] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 82.330673] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 82.338478] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 82.346300] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 82.354061] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 82.361647] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 82.369365] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 82.384292] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 82.396060] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 82.413987] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 82.425924] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 82.432762] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 82.443761] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 82.458753] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 82.467980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 82.476252] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 82.483950] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 82.491543] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 82.499206] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 82.522013] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 82.547024] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 82.554122] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 82.566140] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 82.581768] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 82.590919] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 82.610977] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 82.624081] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 82.636374] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 82.661341] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 82.669994] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 82.680072] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 83.142252] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.148799] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.155835] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.162219] bridge0: port 1(bridge_slave_0) entered forwarding state [ 83.170943] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 83.228477] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.234882] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.241605] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.248021] bridge0: port 1(bridge_slave_0) entered forwarding state [ 83.263093] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 83.277681] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 83.290490] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 83.329170] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.335629] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.342313] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.348755] bridge0: port 1(bridge_slave_0) entered forwarding state [ 83.363990] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 83.373665] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.380072] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.386821] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.393191] bridge0: port 1(bridge_slave_0) entered forwarding state [ 83.401902] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 83.481687] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.488111] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.494761] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.501185] bridge0: port 1(bridge_slave_0) entered forwarding state [ 83.508942] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 83.598825] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.605217] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.611936] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.618353] bridge0: port 1(bridge_slave_0) entered forwarding state [ 83.628393] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 84.325465] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 84.332725] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 84.356408] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 84.363602] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 85.922327] 8021q: adding VLAN 0 to HW filter on device bond0 [ 85.954264] 8021q: adding VLAN 0 to HW filter on device bond0 [ 86.063171] 8021q: adding VLAN 0 to HW filter on device bond0 [ 86.140135] 8021q: adding VLAN 0 to HW filter on device bond0 [ 86.170698] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 86.242672] 8021q: adding VLAN 0 to HW filter on device bond0 [ 86.259485] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 86.317593] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 86.336775] 8021q: adding VLAN 0 to HW filter on device bond0 [ 86.415071] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 86.479631] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 86.487548] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 86.494503] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 86.517543] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 86.547078] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 86.580555] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 86.588044] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 86.603866] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 86.618721] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 86.625738] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 86.632798] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 86.717710] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 86.728712] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 86.736751] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 86.780954] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 86.794476] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 86.805723] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 86.826912] 8021q: adding VLAN 0 to HW filter on device team0 [ 86.839897] 8021q: adding VLAN 0 to HW filter on device team0 [ 86.873267] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 86.886202] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 86.893421] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 86.907707] 8021q: adding VLAN 0 to HW filter on device team0 [ 86.991300] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.124610] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.135779] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.435917] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details. 2018/10/24 03:57:57 executed programs: 6 2018/10/24 03:58:02 executed programs: 129 2018/10/24 03:58:07 executed programs: 261 [ 103.690940] ------------[ cut here ]------------ [ 103.695720] kernel BUG at arch/x86/kvm/x86.c:353! [ 103.701892] BUG: unable to handle kernel paging request at ffff8801d5b3e000 [ 103.709000] PGD bc01067 P4D bc01067 PUD 1d9bdf063 PMD 80000001d5a001e3 [ 103.713597] kobject: 'kvm' (00000000b29fa281): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 103.715778] Oops: 000b [#1] PREEMPT SMP KASAN [ 103.715800] CPU: 0 PID: 8826 Comm: syz-executor3 Not tainted 4.19.0+ #300 [ 103.715808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 103.715829] RIP: 0010:mmu_page_zap_pte+0x295/0x390 [ 103.715841] Code: 48 b8 00 00 00 00 00 fc ff df 4c 89 ea 48 c7 85 58 ff ff ff 00 00 00 00 48 c1 ea 03 80 3c 02 00 0f 85 d4 00 00 00 48 c1 eb 03 <49> c7 45 00 00 00 00 00 48 b8 00 00 00 00 00 fc ff df 41 be 01 00 [ 103.715847] RSP: 0018:ffff8801bc867158 EFLAGS: 00010a06 [ 103.715859] RAX: dffffc0000000000 RBX: 1ffff1003790ce30 RCX: ffffffff8111254b [ 103.715867] RDX: 1ffff1003ab67c00 RSI: ffffffff8111262b RDI: 0000000000000007 [ 103.715876] RBP: ffff8801bc867228 R08: ffff8801b9350180 R09: ffffed003b5c5b57 [ 103.715890] R10: ffffed003b5c5b57 R11: ffff8801dae2dabb R12: 1ffff1003790ce2c [ 103.803851] R13: ffff8801d5b3e000 R14: 0000000000000004 R15: 0000000000000000 [ 103.811150] FS: 0000000002537940(0000) GS:ffff8801dae00000(0000) knlGS:0000000000000000 [ 103.819372] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 103.825251] CR2: ffff8801d5b3e000 CR3: 00000001d35fd000 CR4: 00000000001426f0 [ 103.832704] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 103.839972] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 103.847233] Call Trace: [ 103.849835] ? ept_prefetch_invalid_gpte.isra.72+0x1c0/0x1c0 [ 103.855636] ? __lock_is_held+0xb5/0x140 [ 103.859705] kvm_mmu_prepare_zap_page+0x215/0x1830 [ 103.864644] ? mark_held_locks+0x130/0x130 [ 103.868882] ? print_usage_bug+0xc0/0xc0 [ 103.872954] ? kvm_handle_hva_range+0x780/0x780 [ 103.877624] ? find_held_lock+0x36/0x1c0 [ 103.881688] ? __lock_acquire+0x62f/0x4c20 [ 103.885928] ? __lock_acquire+0x62f/0x4c20 [ 103.890159] ? zap_class+0x640/0x640 [ 103.893869] ? print_usage_bug+0xc0/0xc0 [ 103.897934] ? mark_held_locks+0x130/0x130 [ 103.902167] ? mark_held_locks+0x130/0x130 [ 103.906399] ? find_held_lock+0x36/0x1c0 [ 103.910459] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 103.916000] ? check_preemption_disabled+0x48/0x280 [ 103.921018] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 103.926559] ? kvm_make_vcpus_request_mask+0x47b/0x590 [ 103.931860] ? gfn_to_page+0xb0/0xb0 [ 103.935577] ? kvm_mmu_invalidate_zap_all_pages+0x9f/0x7b0 [ 103.941217] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 103.946752] ? check_preemption_disabled+0x48/0x280 [ 103.951775] ? kvm_reload_remote_mmus+0x99/0xe0 [ 103.956452] ? kvm_make_all_cpus_request+0xe0/0xe0 [ 103.961382] kvm_mmu_invalidate_zap_all_pages+0x348/0x7b0 [ 103.966921] ? kvm_mmu_zap_collapsible_sptes+0x850/0x850 [ 103.972376] ? kvm_vcpu_on_spin+0x830/0x830 [ 103.976700] ? lock_acquire+0x1ed/0x520 [ 103.980674] ? lock_release+0xa00/0xa00 [ 103.984664] ? lock_release+0xa00/0xa00 [ 103.988637] ? trace_hardirqs_on+0x310/0x310 [ 103.993047] kvm_arch_flush_shadow_all+0x15/0x20 [ 103.997810] kvm_mmu_notifier_release+0x59/0x90 [ 104.002478] ? kvm_vcpu_on_spin+0x830/0x830 [ 104.006810] mmu_notifier_unregister+0x1ff/0x600 [ 104.011571] ? kvm_vcpu_on_spin+0x830/0x830 [ 104.015894] ? __mmu_notifier_invalidate_range_start+0x360/0x360 [ 104.022069] ? __free_pages+0x10a/0x190 [ 104.026044] ? free_unref_page+0x960/0x960 [ 104.030278] ? trace_hardirqs_off_caller+0x310/0x310 [ 104.035398] kvm_put_kvm+0x6c0/0xff0 [ 104.039121] ? kvm_write_guest_cached+0x40/0x40 [ 104.043804] ? up_write+0x7b/0x220 [ 104.047348] ? down_write_nested+0x130/0x130 [ 104.051758] ? mntput+0x74/0xa0 [ 104.055051] ? debugfs_remove_recursive+0x40d/0x530 [ 104.060075] ? debugfs_remove+0x130/0x130 [ 104.064231] ? kvm_vm_release+0x50/0x50 [ 104.068207] kvm_vcpu_release+0x7b/0xa0 [ 104.072179] __fput+0x385/0xa30 [ 104.075465] ? get_max_files+0x20/0x20 [ 104.079350] ? trace_hardirqs_on+0xbd/0x310 [ 104.083674] ? kasan_check_read+0x11/0x20 [ 104.087823] ? task_work_run+0x1af/0x2a0 [ 104.091884] ? trace_hardirqs_off_caller+0x310/0x310 [ 104.096991] ? filp_close+0x1cd/0x250 [ 104.100797] ____fput+0x15/0x20 [ 104.104094] task_work_run+0x1e8/0x2a0 [ 104.107984] ? task_work_cancel+0x240/0x240 [ 104.112323] ? copy_fd_bitmaps+0x210/0x210 [ 104.116599] ? do_syscall_64+0x9a/0x820 [ 104.120575] exit_to_usermode_loop+0x318/0x380 [ 104.125162] ? __bpf_trace_sys_exit+0x30/0x30 [ 104.129661] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 104.135200] do_syscall_64+0x6be/0x820 [ 104.139089] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 104.144456] ? syscall_return_slowpath+0x5e0/0x5e0 [ 104.149384] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 104.154228] ? trace_hardirqs_on_caller+0x310/0x310 [ 104.159253] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 104.164296] ? prepare_exit_to_usermode+0x291/0x3b0 [ 104.169313] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 104.174163] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 104.179348] RIP: 0033:0x411021 [ 104.182577] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 34 19 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 104.201491] RSP: 002b:00007ffc331dfb10 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 104.209210] RAX: 0000000000000000 RBX: 0000000000000006 RCX: 0000000000411021 [ 104.216492] RDX: 0000000000000000 RSI: 0000000000730930 RDI: 0000000000000005 [ 104.223766] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 104.231034] R10: 00007ffc331dfa40 R11: 0000000000000293 R12: 0000000000000000 [ 104.238299] R13: 0000000000000001 R14: 000000000000003d R15: 0000000000000003 [ 104.245590] Modules linked in: [ 104.248781] CR2: ffff8801d5b3e000 [ 104.252261] ---[ end trace aeec23f7e37e665e ]--- [ 104.252308] invalid opcode: 0000 [#2] PREEMPT SMP KASAN [ 104.252323] CPU: 1 PID: 8842 Comm: syz-executor1 Tainted: G D 4.19.0+ #300 [ 104.257067] RIP: 0010:mmu_page_zap_pte+0x295/0x390 [ 104.262412] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 104.270715] Code: 48 b8 00 00 00 00 00 fc ff df 4c 89 ea 48 c7 85 58 ff ff ff 00 00 00 00 48 c1 ea 03 80 3c 02 00 0f 85 d4 00 00 00 48 c1 eb 03 <49> c7 45 00 00 00 00 00 48 b8 00 00 00 00 00 fc ff df 41 be 01 00 [ 104.275628] RIP: 0010:kvm_spurious_fault+0x9/0x10 [ 104.284958] RSP: 0018:ffff8801bc867158 EFLAGS: 00010a06 [ 104.303850] Code: 45 10 50 e8 e9 e8 7c 00 58 5a 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 0f 1f 84 00 00 00 00 00 55 48 89 e5 e8 77 93 73 00 <0f> 0b 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 41 55 49 89 f5 41 54 [ 104.314018] RSP: 0018:ffff8801c84273d0 EFLAGS: 00010293 [ 104.332918] RAX: dffffc0000000000 RBX: 1ffff1003790ce30 RCX: ffffffff8111254b [ 104.338276] RDX: 1ffff1003ab67c00 RSI: ffffffff8111262b RDI: 0000000000000007 [ 104.345575] RAX: ffff8801c0c68480 RBX: 1ffff10039084e7e RCX: ffffffff8138e47c [ 104.352835] RBP: ffff8801bc867228 R08: ffff8801b9350180 R09: ffffed003b5c5b57 [ 104.360094] RDX: 0000000000000000 RSI: ffffffff810beba9 RDI: ffff8801c8427410 [ 104.367350] R10: ffffed003b5c5b57 R11: ffff8801dae2dabb R12: 1ffff1003790ce2c [ 104.374608] RBP: ffff8801c84273d0 R08: ffff8801c0c68480 R09: ffff8801d7f72000 [ 104.381864] R13: ffff8801d5b3e000 R14: 0000000000000004 R15: 0000000000000000 [ 104.389119] R10: ffffed003afee5ff R11: ffff8801d7f72fff R12: ffff8801c8427450 [ 104.397330] FS: 0000000002537940(0000) GS:ffff8801dae00000(0000) knlGS:0000000000000000 [ 104.404586] R13: dffffc0000000000 R14: ffff8801d7f72000 R15: ffff8801c8427410 [ 104.412800] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 104.420066] FS: 00007f2887193700(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000 [ 104.425933] CR2: ffff8801d5b3e000 CR3: 00000001d35fd000 CR4: 00000000001426f0 [ 104.434148] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 104.441401] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 104.447268] CR2: 000000000072c000 CR3: 00000001c7296000 CR4: 00000000001426e0 [ 104.454547] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 104.461819] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 104.469086] Kernel panic - not syncing: Fatal exception [ 104.476385] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 104.488984] Call Trace: [ 104.491584] kvm_fastop_exception+0x484/0x54d9 [ 104.496164] ? vmcs_clear+0x94/0x100 [ 104.499882] ? handle_interrupt_window+0xa0/0xa0 [ 104.504633] ? vmx_create_vcpu+0x1c4/0x25e0 [ 104.509019] ? memset+0x31/0x40 [ 104.512304] alloc_loaded_vmcs+0x7f/0x280 [ 104.516449] vmx_create_vcpu+0x20e/0x25e0 [ 104.520606] ? try_to_wake_up+0x10a/0x12e0 [ 104.524837] ? handle_vmwrite+0x12b0/0x12b0 [ 104.529174] ? kasan_check_write+0x14/0x20 [ 104.533408] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 104.538364] ? migrate_swap_stop+0x8a0/0x8a0 [ 104.542800] ? find_held_lock+0x36/0x1c0 [ 104.546864] ? wait_for_completion+0x8a0/0x8a0 [ 104.551451] ? lock_downgrade+0x900/0x900 [ 104.555604] kvm_arch_vcpu_create+0xe5/0x220 [ 104.560015] ? kvm_arch_vcpu_free+0x90/0x90 [ 104.564345] kvm_vm_ioctl+0x470/0x1d40 [ 104.568234] ? drop_futex_key_refs.isra.14+0x6d/0xe0 [ 104.573341] ? kvm_set_memory_region+0x50/0x50 [ 104.577923] ? __lock_acquire+0x62f/0x4c20 [ 104.582180] ? mark_held_locks+0x130/0x130 [ 104.586424] ? zap_class+0x640/0x640 [ 104.590161] ? do_futex+0x249/0x26d0 [ 104.593882] ? _raw_spin_unlock+0x2c/0x50 [ 104.598034] ? find_held_lock+0x36/0x1c0 [ 104.602096] ? __fget+0x4aa/0x740 [ 104.605550] ? lock_downgrade+0x900/0x900 [ 104.609743] ? check_preemption_disabled+0x48/0x280 [ 104.614761] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 104.619702] ? kasan_check_read+0x11/0x20 [ 104.623851] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 104.629125] ? rcu_softirq_qs+0x20/0x20 [ 104.633102] ? __fget+0x4d1/0x740 [ 104.636558] ? ksys_dup3+0x680/0x680 [ 104.640275] ? __might_fault+0x12b/0x1e0 [ 104.644342] ? lock_downgrade+0x900/0x900 [ 104.648496] ? lock_release+0xa00/0xa00 [ 104.652478] ? perf_trace_sched_process_exec+0x860/0x860 [ 104.657945] ? kvm_set_memory_region+0x50/0x50 [ 104.662532] do_vfs_ioctl+0x1de/0x1720 [ 104.666422] ? ioctl_preallocate+0x300/0x300 [ 104.670827] ? __fget_light+0x2e9/0x430 [ 104.674799] ? fget_raw+0x20/0x20 [ 104.678268] ? _copy_to_user+0xc8/0x110 [ 104.682264] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 104.687836] ? put_timespec64+0x10f/0x1b0 [ 104.691983] ? nsecs_to_jiffies+0x30/0x30 [ 104.696131] ? do_syscall_64+0x9a/0x820 [ 104.700136] ? do_syscall_64+0x9a/0x820 [ 104.704108] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 104.708691] ? security_file_ioctl+0x94/0xc0 [ 104.713103] ksys_ioctl+0xa9/0xd0 [ 104.716557] __x64_sys_ioctl+0x73/0xb0 [ 104.720444] do_syscall_64+0x1b9/0x820 [ 104.724331] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 104.729728] ? syscall_return_slowpath+0x5e0/0x5e0 [ 104.734675] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 104.739529] ? trace_hardirqs_on_caller+0x310/0x310 [ 104.744557] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 104.749574] ? prepare_exit_to_usermode+0x291/0x3b0 [ 104.754607] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 104.759457] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 104.764644] RIP: 0033:0x457569 [ 104.767836] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 104.786748] RSP: 002b:00007f2887192c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 104.794458] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569 [ 104.801721] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000004 [ 104.808984] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 104.816248] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28871936d4 [ 104.823512] R13: 00000000004bfc04 R14: 00000000004cfca0 R15: 00000000ffffffff [ 104.830794] Modules linked in: [ 104.835179] Kernel Offset: disabled [ 104.838808] Rebooting in 86400 seconds..