INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added 'ci-upstream-kasan-gce-3,10.128.0.24' (ECDSA) to the list of known hosts. executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program syzkaller login: [ 407.334245] BUG: Bad page state in process syzkaller249964 pfn:1bd8d6 [ 407.341031] page:ffffea0006f63580 count:0 mapcount:0 mapping: (null) index:0x20ad6 [ 407.349747] flags: 0x200000000040019(locked|uptodate|dirty|swapbacked) [ 407.356404] raw: 0200000000040019 0000000000000000 0000000000020ad6 00000000ffffffff [ 407.364282] raw: ffffea0006f635a0 ffffea0006f635a0 0000000000000000 0000000000000000 [ 407.372146] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set [ 407.378720] bad because of flags: 0x1(locked) [ 407.383195] Modules linked in: [ 407.386866] CPU: 0 PID: 13946 Comm: syzkaller249964 Not tainted 4.13.0-rc5+ #36 [ 407.394296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 407.403647] Call Trace: [ 407.406269] dump_stack+0x194/0x257 [ 407.409875] ? arch_local_irq_restore+0x53/0x53 [ 407.414550] ? split_huge_page_to_list+0xab8/0x16c0 [ 407.419570] bad_page+0x230/0x2b0 [ 407.422995] ? si_mem_available+0x590/0x590 [ 407.427310] ? check_noncircular+0x20/0x20 [ 407.431533] ? __page_cache_release+0x750/0xd30 [ 407.436196] ? lock_downgrade+0x990/0x990 [ 407.440308] ? do_raw_spin_trylock+0x190/0x190 [ 407.444862] ? do_raw_spin_trylock+0x190/0x190 [ 407.449420] free_pages_check_bad+0x1f0/0x2e0 [ 407.453903] ? mem_cgroup_uncharge+0xfd/0x150 [ 407.458370] ? bad_page+0x2b0/0x2b0 [ 407.461966] ? __lock_is_held+0xb6/0x140 [ 407.466003] free_hot_cold_page+0x8cf/0x12b0 [ 407.470376] ? pagevec_move_tail_fn+0x1210/0x1210 [ 407.475189] ? mark_free_pages+0x350/0x350 [ 407.479401] ? check_noncircular+0x20/0x20 [ 407.483623] ? kvfree+0x60/0x60 [ 407.486868] ? do_raw_spin_trylock+0x190/0x190 [ 407.491430] ? find_held_lock+0x35/0x1d0 [ 407.495479] ? madvise_free_pte_range+0xa68/0x1ec0 [ 407.500379] ? lock_downgrade+0x990/0x990 [ 407.504493] ? madvise_free_single_vma+0x580/0x580 [ 407.509422] ? do_raw_spin_trylock+0x190/0x190 [ 407.513975] __put_page+0xfb/0x160 [ 407.517477] ? __lru_cache_add+0x410/0x410 [ 407.521676] ? __lock_acquire+0x6ef/0x3dc0 [ 407.525888] madvise_free_pte_range+0x137a/0x1ec0 [ 407.530694] ? check_noncircular+0x20/0x20 [ 407.534895] ? check_noncircular+0x20/0x20 [ 407.539114] ? madvise_willneed+0x960/0x960 [ 407.543422] ? print_usage_bug+0x480/0x480 [ 407.547658] ? set_next_entity+0x30e/0xe10 [ 407.551880] ? find_held_lock+0x35/0x1d0 [ 407.555912] ? __page_frag_cache_drain+0x1c0/0x1c0 [ 407.560811] ? mem_cgroup_uncharge+0x150/0x150 [ 407.565361] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 407.570522] ? release_pages+0xb8a/0x11d0 [ 407.574669] ? _raw_spin_unlock_irq+0x27/0x70 [ 407.579140] ? __put_compound_page+0xb0/0xb0 [ 407.583522] ? __lock_is_held+0xb6/0x140 [ 407.587588] ? rcu_read_lock_sched_held+0x108/0x120 [ 407.592570] ? __pagevec_lru_add_fn+0x783/0xf40 [ 407.597222] ? get_kernel_page+0x110/0x110 [ 407.601426] ? print_usage_bug+0x480/0x480 [ 407.605631] ? print_usage_bug+0x480/0x480 [ 407.609829] ? lock_release+0xa40/0xa40 [ 407.613773] ? madvise_willneed+0x960/0x960 [ 407.618063] __walk_page_range+0xc3a/0x1450 [ 407.622362] ? walk_page_test+0x130/0x130 [ 407.626474] ? vmacache_find+0x61/0x270 [ 407.630420] ? walk_page_test+0x5c/0x130 [ 407.634450] walk_page_range+0x200/0x470 [ 407.638482] ? __walk_page_range+0x1450/0x1450 [ 407.643027] ? mark_held_locks+0x90/0x100 [ 407.647142] ? mark_held_locks+0xaf/0x100 [ 407.651260] madvise_free_page_range.isra.9+0x17d/0x230 [ 407.656587] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 407.661570] ? SyS_fadvise64+0x5f0/0x5f0 [ 407.665594] ? madvise_willneed+0x960/0x960 [ 407.669886] ? arch_tlb_gather_mmu+0x2e8/0x3a0 [ 407.674440] madvise_free_single_vma+0x353/0x580 [ 407.679162] ? lock_acquire+0x1d5/0x580 [ 407.683107] ? madvise_free_page_range.isra.9+0x230/0x230 [ 407.688662] ? blk_start_plug+0xbb/0x370 [ 407.692695] ? blk_lld_busy+0x60/0x60 [ 407.696493] ? userfaultfd_remove+0x102/0x220 [ 407.700962] ? vmacache_update+0xfe/0x130 [ 407.705078] ? find_vma+0x30/0x150 [ 407.708600] SyS_madvise+0x7d3/0x13c0 [ 407.712371] ? do_raw_spin_trylock+0x190/0x190 [ 407.716917] ? lock_release+0xa40/0xa40 [ 407.720868] ? madvise_free_pte_range+0x1ec0/0x1ec0 [ 407.725872] ? syscall_return_slowpath+0x22f/0x450 [ 407.730776] ? prepare_exit_to_usermode+0x220/0x220 [ 407.735766] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 407.740500] entry_SYSCALL_64_fastpath+0x1f/0xbe [ 407.745221] RIP: 0033:0x4462e9 [ 407.748473] RSP: 002b:00007febbc9a8d08 EFLAGS: 00000202 ORIG_RAX: 000000000000001c [ 407.756147] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004462e9 [ 407.763382] RDX: 0000010200000008 RSI: 0000000000012000 RDI: 0000000020ad6000 [ 407.770616] RBP: 0000000000000086 R08: 00007febbc9a9700 R09: 00007febbc9a9700 [ 407.777873] R10: 00007febbc9a9700 R11: 0000000000000202 R12: 0000000000000000 [ 407.785110] R13: 00007ffc37647b0f R14: 00007febbc9a99c0 R15: 0000000000000000 [ 407.792348] ? entry_SYSCALL_64_fastpath+0x1f/0xbe [ 407.797474] Disabling lock debugging due to kernel taint executing program executing program executing program executing program executing program