[....] Starting enhanced syslogd: rsyslogd[ 10.714197] audit: type=1400 audit(1514287639.776:4): avc: denied { syslog } for pid=3170 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added 'ci-android-49-kasan-gce-2,10.128.0.15' (ECDSA) to the list of known hosts. net.ipv6.conf.syz4.accept_dad = 0 net.ipv6.conf.syz5.accept_dad = 0 net.ipv6.conf.syz0.accept_dad = 0 net.ipv6.conf.syz3.accept_dad = 0 net.ipv6.conf.syz6.accept_dad = 0 net.ipv6.conf.syz2.accept_dad = 0 net.ipv6.conf.syz7.accept_dad = 0 net.ipv6.conf.syz1.accept_dad = 0 net.ipv6.conf.syz4.router_solicitations = 0 net.ipv6.conf.syz7.router_solicitations = 0 net.ipv6.conf.syz2.router_solicitations = 0 net.ipv6.conf.syz3.router_solicitations = 0 net.ipv6.conf.syz0.router_solicitations = 0 net.ipv6.conf.syz6.router_solicitations = 0 net.ipv6.conf.syz5.router_solicitations = 0 net.ipv6.conf.syz1.router_solicitations = 0 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program syzkaller login: [ 20.709003] kasan: CONFIG_KASAN_INLINE enabled [ 20.709769] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 20.711250] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 20.712477] Dumping ftrace buffer: [ 20.713308] (ftrace buffer empty) [ 20.714234] kasan: CONFIG_KASAN_INLINE enabled [ 20.714236] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 20.715879] Modules linked in: [ 20.716355] CPU: 1 PID: 3327 Comm: syzkaller048048 Not tainted 4.9.71-g2506378 #113 [ 20.717376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 20.718596] task: ffff8801cc19b000 task.stack: ffff8801c8de0000 [ 20.719406] RIP: 0010:[] [] __free_pages+0x21/0x80 [ 20.720517] RSP: 0018:ffff8801c8de79b0 EFLAGS: 00010a07 [ 20.721253] RAX: dffffc0000000000 RBX: dead4ead00000000 RCX: ffffffff82664deb [ 20.722208] RDX: 1bd5a9d5a0000003 RSI: 0000000000000001 RDI: dead4ead0000001c [ 20.723161] RBP: ffff8801c8de79c0 R08: 0000000000000001 R09: 0000000000000001 [ 20.724204] R10: 0000000000000000 R11: ffff8801cc19b000 R12: 0000000000000004 [ 20.725235] R13: 0000000000000020 R14: ffff8801bfd74200 R15: dffffc0000000000 [ 20.726196] FS: 000000000115c940(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000 [ 20.727280] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 20.728084] CR2: 0000000020dc8000 CR3: 00000001caa3f000 CR4: 00000000001406e0 [ 20.729039] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 20.735922] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 20.743155] Stack: [ 20.745270] ffffffff838af9b9 ffff8801bfd74358 ffff8801c8de7a20 ffffffff82664e11 [ 20.753228] ffff8801bfd74370 ffffed0037fae86b ffffed0037fae86e ffff8801bfd74368 [ 20.761179] dead4ead00000000 ffff8801bfd74340 0000000000000000 0000000000000000 [ 20.769133] Call Trace: [ 20.771687] [] ? retint_kernel+0x2d/0x2d [ 20.777365] [] sg_remove_scat.isra.19+0x1c1/0x2d0 [ 20.784025] [] sg_finish_rem_req+0x2b5/0x340 [ 20.790056] [] sg_new_read.isra.20+0x356/0x3e0 [ 20.796253] [] ? sg_get_rq_mark+0xe2/0x190 [ 20.802104] [] sg_read+0x8bd/0x1440 [ 20.807350] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 20.813984] [] ? fsnotify+0xf30/0xf30 [ 20.819407] [] ? avc_policy_seqno+0x9/0x20 [ 20.825260] [] do_loop_readv_writev.part.17+0x141/0x1e0 [ 20.832239] [] ? security_file_permission+0x89/0x1e0 [ 20.838958] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 20.845591] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 20.852226] [] do_readv_writev+0x520/0x750 [ 20.858079] [] ? vfs_write+0x530/0x530 [ 20.863585] [] ? __pmd_alloc+0x410/0x410 [ 20.869265] [] ? __do_page_fault+0x5ec/0xd40 [ 20.875291] [] vfs_readv+0x84/0xc0 [ 20.880445] [] do_readv+0xe6/0x250 [ 20.885603] [] ? vfs_readv+0xc0/0xc0 [ 20.890935] [] ? entry_SYSCALL_64_fastpath+0x5/0xc6 [ 20.897571] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 20.904385] [] SyS_readv+0x27/0x30 [ 20.909550] [] entry_SYSCALL_64_fastpath+0x23/0xc6 [ 20.916097] Code: e9 27 fc ff ff 0f 1f 44 00 00 48 b8 00 00 00 00 00 fc ff df 55 48 89 e5 53 48 89 fb 48 83 c7 1c 48 89 fa 48 83 ec 08 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 3d [ 20.942499] RIP [] __free_pages+0x21/0x80 [ 20.948378] RSP [ 20.951987] general protection fault: 0000 [#2] PREEMPT SMP KASAN [ 20.958246] Dumping ftrace buffer: [ 20.958628] kasan: CONFIG_KASAN_INLINE enabled [ 20.958630] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 20.973627] (ftrace buffer empty) [ 20.977306] Modules linked in: [ 20.980586] CPU: 0 PID: 3322 Comm: syzkaller048048 Tainted: G D 4.9.71-g2506378 #113 [ 20.989561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 20.998880] task: ffff8801cb6ce000 task.stack: ffff8801c9f40000 [ 21.004899] RIP: 0010:[] [] __free_pages+0x21/0x80 [ 21.013125] RSP: 0018:ffff8801c9f479b0 EFLAGS: 00010a07 [ 21.018536] RAX: dffffc0000000000 RBX: dead4ead00000000 RCX: ffffffff82664deb [ 21.025771] RDX: 1bd5a9d5a0000003 RSI: 0000000000000001 RDI: dead4ead0000001c [ 21.033016] RBP: ffff8801c9f479c0 R08: 0000000000000001 R09: 0000000000000000 [ 21.040251] R10: 0000000000000000 R11: ffff8801cb6ce000 R12: 0000000000000004 [ 21.047487] R13: 0000000000000020 R14: ffff8801bfd9a100 R15: dffffc0000000000 [ 21.054723] FS: 000000000115c940(0000) GS:ffff8801db200000(0000) knlGS:0000000000000000 [ 21.062911] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 21.068757] CR2: 0000000020dc8000 CR3: 00000001c78f5000 CR4: 00000000001406f0 [ 21.075993] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 21.083229] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 21.090461] Stack: [ 21.092575] ffffffff838af9b9 ffff8801bfd9a258 ffff8801c9f47a20 ffffffff82664e11 [ 21.100531] ffff8801bfd9a270 ffffed0037fb344b ffffed0037fb344e ffff8801bfd9a268 [ 21.108478] dead4ead00000000 ffff8801bfd9a240 0000000000000000 0000000000000000 [ 21.116418] Call Trace: [ 21.118974] [] ? retint_kernel+0x2d/0x2d [ 21.124659] [] sg_remove_scat.isra.19+0x1c1/0x2d0 [ 21.131117] [] sg_finish_rem_req+0x2b5/0x340 [ 21.137137] [] sg_new_read.isra.20+0x356/0x3e0 [ 21.143333] [] ? sg_get_rq_mark+0xb3/0x190 [ 21.149182] [] sg_read+0x8bd/0x1440 [ 21.154425] [] ? __check_object_size+0x174/0x3a9 [ 21.160793] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 21.167516] [] ? fsnotify+0xf30/0xf30 [ 21.172932] [] ? avc_policy_seqno+0x9/0x20 [ 21.178781] [] do_loop_readv_writev.part.17+0x141/0x1e0 [ 21.185767] [] ? security_file_permission+0x89/0x1e0 [ 21.192483] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 21.199110] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 21.205740] [] do_readv_writev+0x520/0x750 [ 21.211589] [] ? vfs_write+0x530/0x530 [ 21.217095] [] ? __pmd_alloc+0x410/0x410 [ 21.222772] [] ? check_preemption_disabled+0x3b/0x200 [ 21.229579] [] ? __inode_security_revalidate+0xd9/0x130 [ 21.236562] [] ? __do_page_fault+0x319/0xd40 [ 21.242586] [] ? __do_page_fault+0x5ec/0xd40 [ 21.248609] [] vfs_readv+0x84/0xc0 [ 21.253763] [] do_readv+0xe6/0x250 [ 21.258917] [] ? vfs_readv+0xc0/0xc0 [ 21.264244] [] ? mm_fault_error+0x2c0/0x2c0 [ 21.270177] [] SyS_readv+0x27/0x30 [ 21.275331] [] entry_SYSCALL_64_fastpath+0x23/0xc6 [ 21.281871] Code: e9 27 fc ff ff 0f 1f 44 00 00 48 b8 00 00 00 00 00 fc ff df 55 48 89 e5 53 48 89 fb 48 83 c7 1c 48 89 fa 48 83 ec 08 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 3d [ 21.308184] RIP [] __free_pages+0x21/0x80 [ 21.314059] RSP [ 21.317666] general protection fault: 0000 [#3] PREEMPT SMP KASAN [ 21.323893] Dumping ftrace buffer: [ 21.327400] (ftrace buffer empty) [ 21.329006] kasan: CONFIG_KASAN_INLINE enabled [ 21.329008] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 21.342956] Modules linked in: [ 21.346236] CPU: 1 PID: 3320 Comm: syzkaller048048 Tainted: G D 4.9.71-g2506378 #113 [ 21.355211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 21.364534] task: ffff8801c9818000 task.stack: ffff8801c9ee8000 [ 21.370554] RIP: 0010:[] [] __free_pages+0x21/0x80 [ 21.378781] RSP: 0018:ffff8801c9eef9b0 EFLAGS: 00010a07 [ 21.384195] RAX: dffffc0000000000 RBX: dead4ead00000000 RCX: ffffffff82664deb [ 21.391430] RDX: 1bd5a9d5a0000003 RSI: 0000000000000001 RDI: dead4ead0000001c [ 21.398669] RBP: ffff8801c9eef9c0 R08: 0000000000000001 R09: 0000000000000000 [ 21.405902] R10: 0000000000000000 R11: ffff8801c9818000 R12: 0000000000000004 [ 21.413137] R13: 0000000000000020 R14: ffff8801bfdb2100 R15: dffffc0000000000 [ 21.420379] FS: 000000000115c940(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000 [ 21.428569] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 21.434415] CR2: 0000000020dc8000 CR3: 00000001c92e4000 CR4: 00000000001406e0 [ 21.441652] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 21.448887] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 21.456119] Stack: [ 21.458233] ffffffff838af9b9 ffff8801bfdb2258 ffff8801c9eefa20 ffffffff82664e11 [ 21.466180] ffff8801bfdb2270 ffffed0037fb644b ffffed0037fb644e ffff8801bfdb2268 [ 21.474125] dead4ead00000000 ffff8801bfdb2240 0000000000000000 0000000000000000 [ 21.482068] Call Trace: [ 21.484621] [] ? retint_kernel+0x2d/0x2d [ 21.490296] [] sg_remove_scat.isra.19+0x1c1/0x2d0 [ 21.496750] [] sg_finish_rem_req+0x2b5/0x340 [ 21.502772] [] sg_new_read.isra.20+0x356/0x3e0 [ 21.508966] [] ? sg_get_rq_mark+0xe5/0x190 [ 21.514813] [] sg_read+0x8bd/0x1440 [ 21.520056] [] ? __check_object_size+0x174/0x3a9 [ 21.526424] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 21.533057] [] ? fsnotify+0xf30/0xf30 [ 21.538482] [] ? avc_policy_seqno+0x9/0x20 [ 21.544330] [] do_loop_readv_writev.part.17+0x141/0x1e0 [ 21.551304] [] ? security_file_permission+0x89/0x1e0 [ 21.558019] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 21.564649] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 21.571279] [] do_readv_writev+0x520/0x750 [ 21.577129] [] ? vfs_write+0x530/0x530 [ 21.582634] [] ? __pmd_alloc+0x410/0x410 [ 21.588310] [] ? check_preemption_disabled+0x3b/0x200 [ 21.595128] [] ? __inode_security_revalidate+0xd9/0x130 [ 21.602110] [] ? __do_page_fault+0x319/0xd40 [ 21.608132] [] ? __do_page_fault+0x5ec/0xd40 [ 21.614158] [] vfs_readv+0x84/0xc0 [ 21.619311] [] do_readv+0xe6/0x250 [ 21.624464] [] ? vfs_readv+0xc0/0xc0 [ 21.629791] [] ? mm_fault_error+0x2c0/0x2c0 [ 21.635725] [] SyS_readv+0x27/0x30 [ 21.640881] [] entry_SYSCALL_64_fastpath+0x23/0xc6 executing program executing program executing program executing program executing program [ 21.647421] Code: e9 27 fc ff ff 0f 1f 44 00 00 48 b8 00 00 00 00 00 fc ff df 55 48 89 e5 53 48 89 fb 48 83 c7 1c 48 89 fa 48 83 ec 08 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 3d [ 21.674258] RIP [] __free_pages+0x21/0x80 [ 21.680136] RSP [ 21.683742] general protection fault: 0000 [#4] PREEMPT SMP KASAN [ 21.688988] kasan: CONFIG_KASAN_INLINE enabled [ 21.688990] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 21.701900] Dumping ftrace buffer: [ 21.701903] (ftrace buffer empty) [ 21.701906] Modules linked in: [ 21.701915] CPU: 0 PID: 3323 Comm: syzkaller048048 Tainted: G D 4.9.71-g2506378 #113 [ 21.701917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 21.701921] task: ffff8801cc1db000 task.stack: ffff8801c0c98000 [ 21.701936] RIP: 0010:[] [] __free_pages+0x21/0x80 [ 21.701938] RSP: 0018:ffff8801c0c9f9b0 EFLAGS: 00010a07 [ 21.701941] RAX: dffffc0000000000 RBX: dead4ead00000000 RCX: ffffffff82664deb [ 21.701943] RDX: 1bd5a9d5a0000003 RSI: 0000000000000001 RDI: dead4ead0000001c [ 21.701945] RBP: ffff8801c0c9f9c0 R08: 0000000000000001 R09: 0000000000000000 [ 21.701947] R10: 0000000000000000 R11: ffff8801cc1db000 R12: 0000000000000004 [ 21.701949] R13: 0000000000000020 R14: ffff8801bfd9c200 R15: dffffc0000000000 [ 21.701953] FS: 000000000115c940(0000) GS:ffff8801db200000(0000) knlGS:0000000000000000 [ 21.701955] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 21.701957] CR2: 0000000020dc8000 CR3: 00000001c9193000 CR4: 00000000001406f0 [ 21.701961] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 21.701963] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 21.701964] Stack: [ 21.701971] ffffffff838af9b9 ffff8801bfd9c358 ffff8801c0c9fa20 ffffffff82664e11 [ 21.701976] ffff8801bfd9c370 ffffed0037fb386b ffffed0037fb386e ffff8801bfd9c368 [ 21.701981] dead4ead00000000 ffff8801bfd9c340 0000000000000000 0000000000000000 [ 21.701982] Call Trace: [ 21.701989] [] ? retint_kernel+0x2d/0x2d [ 21.701997] [] sg_remove_scat.isra.19+0x1c1/0x2d0 [ 21.702001] [] sg_finish_rem_req+0x2b5/0x340 [ 21.702006] [] sg_new_read.isra.20+0x356/0x3e0 [ 21.702009] [] ? sg_get_rq_mark+0xb5/0x190 [ 21.702012] [] sg_read+0x8bd/0x1440 [ 21.702019] [] ? __check_object_size+0x174/0x3a9 [ 21.702022] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 21.702035] [] ? fsnotify+0xf30/0xf30 [ 21.702041] [] ? avc_policy_seqno+0x9/0x20 [ 21.702046] [] do_loop_readv_writev.part.17+0x141/0x1e0 [ 21.702050] [] ? security_file_permission+0x89/0x1e0 [ 21.702054] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 21.702057] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 21.702061] [] do_readv_writev+0x520/0x750 [ 21.702065] [] ? vfs_write+0x530/0x530 [ 21.702074] [] ? __pmd_alloc+0x410/0x410 [ 21.702081] [] ? check_preemption_disabled+0x3b/0x200 [ 21.702085] [] ? __inode_security_revalidate+0xd9/0x130 [ 21.702094] [] ? __do_page_fault+0x319/0xd40 [ 21.702098] [] ? __do_page_fault+0x5ec/0xd40 [ 21.702102] [] vfs_readv+0x84/0xc0 [ 21.702105] [] do_readv+0xe6/0x250 [ 21.702109] [] ? vfs_readv+0xc0/0xc0 [ 21.702112] [] ? mm_fault_error+0x2c0/0x2c0 [ 21.702116] [] SyS_readv+0x27/0x30 [ 21.702120] [] entry_SYSCALL_64_fastpath+0x23/0xc6 [ 21.702175] Code: e9 27 fc ff ff 0f 1f 44 00 00 48 b8 00 00 00 00 00 fc ff df 55 48 89 e5 53 48 89 fb 48 83 c7 1c 48 89 fa 48 83 ec 08 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 3d [ 21.702179] RIP [] __free_pages+0x21/0x80 [ 21.702180] RSP [ 21.702192] general protection fault: 0000 [#5] PREEMPT SMP KASAN [ 21.702196] Dumping ftrace buffer: [ 21.702198] (ftrace buffer empty) [ 21.702200] Modules linked in: [ 21.702207] CPU: 1 PID: 3326 Comm: syzkaller048048 Tainted: G D 4.9.71-g2506378 #113 [ 21.702210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 21.702212] task: ffff8801cc199800 task.stack: ffff8801c0c58000 [ 21.702221] RIP: 0010:[] [] __free_pages+0x21/0x80 [ 21.702223] RSP: 0018:ffff8801c0c5f9b0 EFLAGS: 00010a07 [ 21.702225] RAX: dffffc0000000000 RBX: dead4ead00000000 RCX: ffffffff82664deb [ 21.702228] RDX: 1bd5a9d5a0000003 RSI: 0000000000000001 RDI: dead4ead0000001c [ 21.702231] RBP: ffff8801c0c5f9c0 R08: 0000000000000001 R09: 0000000000000000 [ 21.702233] R10: 0000000000000000 R11: ffff8801cc199800 R12: 0000000000000004 [ 21.702235] R13: 0000000000000020 R14: ffff8801bfdb4200 R15: dffffc0000000000 [ 21.702239] FS: 000000000115c940(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000 [ 21.702241] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 21.702243] CR2: 0000000020dc8000 CR3: 00000001c9b62000 CR4: 00000000001406e0 [ 21.702247] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 21.702249] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 21.702250] Stack: [ 21.702258] ffffffff838af9b9 ffff8801bfdb4358 ffff8801c0c5fa20 ffffffff82664e11 [ 21.702263] ffff8801bfdb4370 ffffed0037fb686b ffffed0037fb686e ffff8801bfdb4368 [ 21.702267] dead4ead00000000 ffff8801bfdb4340 0000000000000000 0000000000000000 [ 21.702270] Call Trace: [ 21.702275] [] ? retint_kernel+0x2d/0x2d [ 21.702282] [] sg_remove_scat.isra.19+0x1c1/0x2d0 [ 21.702286] [] sg_finish_rem_req+0x2b5/0x340 [ 21.702289] [] sg_new_read.isra.20+0x356/0x3e0 [ 21.702293] [] ? sg_get_rq_mark+0xe6/0x190 [ 21.702296] [] sg_read+0x8bd/0x1440 [ 21.702305] [] ? __check_object_size+0x174/0x3a9 [ 21.702309] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 21.702314] [] ? fsnotify+0xf30/0xf30 [ 21.702319] [] ? avc_policy_seqno+0x9/0x20 [ 21.702324] [] do_loop_readv_writev.part.17+0x141/0x1e0 [ 21.702331] [] ? security_file_permission+0x89/0x1e0 [ 21.702335] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 21.702340] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 21.702346] [] do_readv_writev+0x520/0x750 [ 21.702349] [] ? vfs_write+0x530/0x530 [ 21.702357] [] ? __pmd_alloc+0x410/0x410 [ 21.702362] [] ? check_preemption_disabled+0x3b/0x200 [ 21.702367] [] ? __inode_security_revalidate+0xd9/0x130 [ 21.702375] [] ? __do_page_fault+0x319/0xd40 [ 21.702381] [] ? __do_page_fault+0x5ec/0xd40 [ 21.702384] [] vfs_readv+0x84/0xc0 [ 21.702390] [] do_readv+0xe6/0x250 [ 21.702393] [] ? vfs_readv+0xc0/0xc0 [ 21.702399] [] ? mm_fault_error+0x2c0/0x2c0 [ 21.702403] [] SyS_readv+0x27/0x30 [ 21.702406] [] entry_SYSCALL_64_fastpath+0x23/0xc6 [ 21.702504] Code: e9 27 fc ff ff 0f 1f 44 00 00 48 b8 00 00 00 00 00 fc ff df 55 48 89 e5 53 48 89 fb 48 83 c7 1c 48 89 fa 48 83 ec 08 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 3d [ 21.702513] RIP [] __free_pages+0x21/0x80 [ 21.702516] RSP [ 21.717156] kasan: CONFIG_KASAN_INLINE enabled [ 21.717158] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 21.717166] general protection fault: 0000 [#6] PREEMPT SMP KASAN [ 21.717171] Dumping ftrace buffer: [ 21.717174] (ftrace buffer empty) [ 21.717177] Modules linked in: [ 21.717183] CPU: 0 PID: 3325 Comm: syzkaller048048 Tainted: G D 4.9.71-g2506378 #113 [ 21.717186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 21.717189] task: ffff8801cc1d8000 task.stack: ffff8801c9ec8000 [ 21.717203] RIP: 0010:[] [] __free_pages+0x21/0x80 [ 21.717206] RSP: 0018:ffff8801c9ecf9b0 EFLAGS: 00010a07 [ 21.717208] RAX: dffffc0000000000 RBX: dead4ead00000000 RCX: ffffffff82664deb [ 21.717210] RDX: 1bd5a9d5a0000003 RSI: 0000000000000001 RDI: dead4ead0000001c [ 21.717213] RBP: ffff8801c9ecf9c0 R08: 0000000000000001 R09: 0000000000000000 [ 21.717215] R10: 0000000000000000 R11: ffff8801cc1d8000 R12: 0000000000000004 [ 21.717217] R13: 0000000000000020 R14: ffff8801c3412100 R15: dffffc0000000000 [ 21.717220] FS: 000000000115c940(0000) GS:ffff8801db200000(0000) knlGS:0000000000000000 [ 21.717223] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 21.717225] CR2: 0000000020dc8000 CR3: 00000001c8e08000 CR4: 00000000001406f0 [ 21.717229] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 21.717231] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 21.717231] Stack: [ 21.717237] ffffffff838af9b9 ffff8801c3412258 ffff8801c9ecfa20 ffffffff82664e11 [ 21.717242] ffff8801c3412270 ffffed003868244b ffffed003868244e ffff8801c3412268 [ 21.717247] dead4ead00000000 ffff8801c3412240 0000000000000000 0000000000000000 [ 21.717247] Call Trace: [ 21.717255] [] ? retint_kernel+0x2d/0x2d [ 21.717262] [] sg_remove_scat.isra.19+0x1c1/0x2d0 [ 21.717265] [] sg_finish_rem_req+0x2b5/0x340 [ 21.717269] [] sg_new_read.isra.20+0x356/0x3e0 [ 21.717273] [] ? sg_get_rq_mark+0xb7/0x190 [ 21.717276] [] sg_read+0x8bd/0x1440 [ 21.717283] [] ? __check_object_size+0x174/0x3a9 [ 21.717286] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 21.717295] [] ? fsnotify+0xf30/0xf30 [ 21.717302] [] ? avc_policy_seqno+0x9/0x20 [ 21.717306] [] do_loop_readv_writev.part.17+0x141/0x1e0 [ 21.717311] [] ? security_file_permission+0x89/0x1e0 [ 21.717314] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 21.717318] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 21.717322] [] do_readv_writev+0x520/0x750 [ 21.717325] [] ? vfs_write+0x530/0x530 [ 21.717334] [] ? __pmd_alloc+0x410/0x410 [ 21.717340] [] ? check_preemption_disabled+0x3b/0x200 [ 21.717345] [] ? __inode_security_revalidate+0xd9/0x130 [ 21.717354] [] ? __do_page_fault+0x319/0xd40 [ 21.717358] [] ? __do_page_fault+0x5ec/0xd40 [ 21.717362] [] vfs_readv+0x84/0xc0 [ 21.717365] [] do_readv+0xe6/0x250 [ 21.717369] [] ? vfs_readv+0xc0/0xc0 [ 21.717372] [] ? mm_fault_error+0x2c0/0x2c0 [ 21.717376] [] SyS_readv+0x27/0x30 [ 21.717380] [] entry_SYSCALL_64_fastpath+0x23/0xc6 [ 21.717433] Code: e9 27 fc ff ff 0f 1f 44 00 00 48 b8 00 00 00 00 00 fc ff df 55 48 89 e5 53 48 89 fb 48 83 c7 1c 48 89 fa 48 83 ec 08 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 3d [ 21.717437] RIP [] __free_pages+0x21/0x80 [ 21.717438] RSP [ 21.717445] ---[ end trace 0b0245ec24ae701c ]--- [ 21.717447] Kernel panic - not syncing: Fatal exception [ 21.719491] Dumping ftrace buffer: [ 21.719493] (ftrace buffer empty) [ 21.719495] Kernel Offset: disabled [ 22.772157] Rebooting in 86400 seconds..