2017/08/12 14:12:24 parsed 1 programs
2017/08/12 14:12:24 executed programs: 0
syzkaller login: [   27.447865] pte_list_remove: ffff88006c65f008 0->BUG
[   27.448492] ------------[ cut here ]------------
[   27.448976] kernel BUG at arch/x86/kvm/mmu.c:1194!
[   27.449565] invalid opcode: 0000 [#1] SMP KASAN
[   27.450043] Dumping ftrace buffer:
[   27.450403]    (ftrace buffer empty)
[   27.450770] Modules linked in:
[   27.451099] CPU: 2 PID: 3172 Comm: syz-executor0 Not tainted 4.13.0-rc4-next-20170811 #1
[   27.451816] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011
[   27.452631] task: ffff88003b302940 task.stack: ffff88003ad28000
[   27.453278] RIP: 0010:pte_list_remove+0x3ae/0x3c0
[   27.453698] RSP: 0018:ffff88003ad2e8c8 EFLAGS: 00010282
[   27.454142] RAX: 0000000000000028 RBX: ffff88003d454a08 RCX: 0000000000000000
[   27.454884] RDX: 0000000000000028 RSI: 1ffff100075a5cd9 RDI: ffffed00075a5d0d
[   27.455640] RBP: ffff88003ad2e908 R08: 0000000000000001 R09: 0000000000000000
[   27.456333] R10: ffff88003ad2ecb0 R11: 0000000000000000 R12: 0000000000000001
[   27.457032] R13: 0000000000000000 R14: ffff88006a3ab040 R15: ffff88006a3ab068
[   27.457775] FS:  0000000000000000(0000) GS:ffff88006e000000(0000) knlGS:0000000000000000
[   27.458620] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   27.459204] CR2: 0000000020aff000 CR3: 000000006b0b1000 CR4: 00000000000026e0
[   27.463069] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000081c3cfc0
[   27.464500] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[   27.465509] Call Trace:
[   27.465933]  drop_spte+0x16c/0x270
[   27.466437]  mmu_page_zap_pte+0x224/0x350
[   27.466965]  ? kvm_mmu_zap_collapsible_spte+0x400/0x400
[   27.468000]  ? __lock_is_held+0xb6/0x140
[   27.468753]  kvm_mmu_prepare_zap_page+0x1c5/0x1310
[   27.469275]  ? print_usage_bug+0x480/0x480
[   27.469656]  ? mmio_info_in_cache+0x670/0x670
[   27.470060]  ? __lock_acquire+0x6aa/0x3bc0
[   27.470424]  ? print_usage_bug+0x480/0x480
[   27.470789]  ? __lock_acquire+0x6aa/0x3bc0
[   27.471149]  ? check_noncircular+0x20/0x20
[   27.471457]  ? find_held_lock+0x35/0x1d0
[   27.471752]  ? __is_insn_slot_addr+0x1fc/0x330
[   27.472065]  ? lock_downgrade+0x990/0x990
[   27.472359]  ? check_noncircular+0x20/0x20
[   27.472644]  ? kvm_make_all_cpus_request+0x444/0x580
[   27.472991]  ? gfn_to_pfn_atomic+0x650/0x650
[   27.473316]  ? lock_downgrade+0x990/0x990
[   27.473650]  ? lock_release+0xa40/0xa40
[   27.474004]  ? lock_release+0xa40/0xa40
[   27.474394]  ? __lock_is_held+0xb6/0x140
[   27.474775]  ? kvm_vcpu_on_spin+0x710/0x710
[   27.475167]  kvm_mmu_invalidate_zap_all_pages+0x4a0/0x680
[   27.475962]  ? kvm_mmu_zap_collapsible_sptes+0xb0/0xb0
[   27.476556]  ? lock_acquire+0x1d5/0x580
[   27.476926]  ? lock_release+0xa40/0xa40
[   27.477317]  ? lock_release+0xa40/0xa40
[   27.477697]  ? kasan_slab_free+0x6e/0xc0
[   27.478062]  ? __khugepaged_exit+0x410/0x650
[   27.478484]  ? kvm_vcpu_on_spin+0x710/0x710
[   27.478870]  kvm_arch_flush_shadow_all+0x15/0x20
[   27.479374]  kvm_mmu_notifier_release+0x59/0x90
[   27.479817]  ? kvm_vcpu_on_spin+0x710/0x710
[   27.480220]  __mmu_notifier_release+0x1d5/0x690
[   27.480641]  ? find_held_lock+0x35/0x1d0
[   27.480996]  ? __mmu_notifier_invalidate_range_end+0x350/0x350
[   27.481527]  ? __khugepaged_exit+0x3f7/0x650
[   27.481909]  ? lock_downgrade+0x990/0x990
[   27.482301]  ? rcu_pm_notify+0xc0/0xc0
[   27.482642]  ? __khugepaged_exit+0x410/0x650
[   27.483427]  ? __khugepaged_exit+0x410/0x650
[   27.483838]  exit_mmap+0x479/0x560
[   27.484153]  ? __khugepaged_exit+0x43d/0x650
[   27.484545]  ? SyS_munmap+0x30/0x30
[   27.484866]  ? hugepage_madvise+0xf0/0xf0
[   27.485251]  ? check_same_owner+0x320/0x320
[   27.485644]  ? rcu_note_context_switch+0x710/0x710
[   27.486119]  ? __might_sleep+0x95/0x190
[   27.486493]  mmput+0x223/0x6e0
[   27.486809]  ? get_task_exe_file+0xc0/0xc0
[   27.487215]  ? do_exit+0x991/0x1b20
[   27.487520]  ? lock_downgrade+0x990/0x990
[   27.487924]  ? do_raw_spin_trylock+0x190/0x190
[   27.488399]  ? down_read+0x96/0x150
[   27.488756]  ? do_exit+0x4ad/0x1b20
[   27.489119]  ? __down_interruptible+0x6a0/0x6a0
[   27.489562]  ? trace_hardirqs_on+0xd/0x10
[   27.489955]  ? _raw_spin_unlock_irq+0x27/0x70
[   27.490375]  do_exit+0x999/0x1b20
[   27.490708]  ? check_noncircular+0x20/0x20
[   27.491131]  ? __lock_is_held+0xb6/0x140
[   27.491526]  ? exit_notify+0xb10/0xb10
[   27.491898]  ? kvfree+0x36/0x60
[   27.492212]  ? rcu_read_lock_sched_held+0x108/0x120
[   27.492711]  ? mark_held_locks+0xaf/0x100
[   27.493101]  ? kfree+0xed/0x260
[   27.493413]  ? kvfree+0x36/0x60
[   27.493828]  ? find_held_lock+0x35/0x1d0
[   27.494241]  ? kvm_set_memory_region+0x39/0x50
[   27.494647]  ? lock_downgrade+0x990/0x990
[   27.495416]  ? kvm_write_guest_cached+0x40/0x40
[   27.496339]  ? check_noncircular+0x20/0x20
[   27.497111]  ? __lock_acquire+0x6aa/0x3bc0
[   27.497866]  ? __mutex_unlock_slowpath+0xe9/0xac0
[   27.498837]  ? find_held_lock+0x35/0x1d0
[   27.499552]  ? get_signal+0x855/0x17e0
[   27.500098]  ? lock_downgrade+0x990/0x990
[   27.500485]  do_group_exit+0x149/0x400
[   27.500828]  ? __lock_is_held+0xb6/0x140
[   27.501196]  ? SyS_exit+0x30/0x30
[   27.501516]  ? _raw_spin_unlock_irq+0x27/0x70
[   27.501914]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   27.502381]  get_signal+0x7e8/0x17e0
[   27.502721]  ? ptrace_notify+0x130/0x130
[   27.503083]  ? find_held_lock+0x35/0x1d0
[   27.503458]  ? __fget+0x333/0x570
[   27.503770]  do_signal+0x94/0x1ee0
[   27.504352]  ? lock_release+0xa40/0xa40
[   27.504664]  ? __lock_is_held+0xb6/0x140
[   27.505067]  ? setup_sigcontext+0x7d0/0x7d0
[   27.505479]  ? __fget+0x35c/0x570
[   27.505796]  ? downgrade_write+0x150/0x150
[   27.506174]  ? vmacache_find+0x61/0x270
[   27.506561]  ? exit_to_usermode_loop+0x98/0x2d0
[   27.506976]  exit_to_usermode_loop+0x21c/0x2d0
[   27.507381]  ? trace_event_raw_event_sys_exit+0x260/0x260
[   27.507893]  ? selinux_capable+0x40/0x40
[   27.508252]  syscall_return_slowpath+0x42f/0x500
[   27.508673]  ? prepare_exit_to_usermode+0x2c0/0x2c0
[   27.509130]  ? entry_SYSCALL_64_fastpath+0x91/0xbe
[   27.509613]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   27.510108]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   27.510572]  entry_SYSCALL_64_fastpath+0xbc/0xbe
[   27.511036] RIP: 0033:0x446627
[   27.511341] RSP: 002b:00007f4723cc6088 EFLAGS: 00000216 ORIG_RAX: 0000000000000010
[   27.512491] RAX: 0000000000000000 RBX: 0000000000000013 RCX: 0000000000446627
[   27.513743] RDX: 00007f4723cc66a0 RSI: 000000004020ae46 RDI: 0000000000000004
[   27.515019] RBP: 000000002001a000 R08: 0000000000000001 R09: 0000000000000000
[   27.515802] R10: 0000000000000000 R11: 0000000000000216 R12: 0000000000000014
[   27.516835] R13: 0000000000005570 R14: 00000000006e7630 R15: 0000000000000005
[   27.518243] Code: f9 48 5e 00 48 8b 75 d0 48 c7 c7 40 4d 62 84 e8 3e 74 49 00 0f 0b e8 e2 48 5e 00 48 8b 75 d0 48 c7 c7 00 4d 62 84 e8 27 74 49 00 <0f> 0b 4c 89 ef e8 88 cd 90 00 e9 01 fe ff ff 0f 1f 00 55 48 89 
[   27.520156] RIP: pte_list_remove+0x3ae/0x3c0 RSP: ffff88003ad2e8c8
[   27.520758] ---[ end trace 155eb34dca756930 ]---
[   27.521271] Kernel panic - not syncing: Fatal exception
[   27.521877] Dumping ftrace buffer:
[   27.522238]    (ftrace buffer empty)
[   27.522573] Kernel Offset: disabled
[   27.522868] Rebooting in 86400 seconds..