[ 35.860716] audit: type=1800 audit(1539202925.978:25): pid=5881 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 35.885788] audit: type=1800 audit(1539202925.988:26): pid=5881 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 35.905519] audit: type=1800 audit(1539202925.988:27): pid=5881 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [ 36.505259] sshd (5948) used greatest stack depth: 16328 bytes left [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.61' (ECDSA) to the list of known hosts. 2018/10/10 20:22:20 parsed 1 programs 2018/10/10 20:22:22 executed programs: 0 syzkaller login: [ 52.036288] IPVS: ftp: loaded support on port[0] = 21 [ 52.081553] IPVS: ftp: loaded support on port[0] = 21 [ 52.092850] IPVS: ftp: loaded support on port[0] = 21 [ 52.106035] IPVS: ftp: loaded support on port[0] = 21 [ 52.119371] IPVS: ftp: loaded support on port[0] = 21 [ 52.121087] IPVS: ftp: loaded support on port[0] = 21 [ 53.021570] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.031363] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.039471] device bridge_slave_0 entered promiscuous mode [ 53.111219] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.119158] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.129037] device bridge_slave_1 entered promiscuous mode [ 53.142124] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.150983] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.158637] device bridge_slave_0 entered promiscuous mode [ 53.182639] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.189019] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.207461] device bridge_slave_0 entered promiscuous mode [ 53.216453] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.223014] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.230241] device bridge_slave_0 entered promiscuous mode [ 53.243891] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.250289] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.258383] device bridge_slave_1 entered promiscuous mode [ 53.267280] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.277541] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.287174] device bridge_slave_0 entered promiscuous mode [ 53.294072] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 53.302118] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.311690] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.319373] device bridge_slave_1 entered promiscuous mode [ 53.333557] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.339913] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.355618] device bridge_slave_1 entered promiscuous mode [ 53.366229] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 53.375486] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 53.387843] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.397127] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.408013] device bridge_slave_0 entered promiscuous mode [ 53.416017] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 53.423918] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.430351] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.441391] device bridge_slave_1 entered promiscuous mode [ 53.449708] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 53.461542] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 53.470717] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 53.482628] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.501661] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.508790] device bridge_slave_1 entered promiscuous mode [ 53.516815] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 53.546354] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 53.561366] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 53.591914] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 53.649945] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 53.658764] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 53.687043] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 53.701027] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 53.714330] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 53.749654] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 53.764753] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 53.782058] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 53.800369] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 53.809001] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 53.827386] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 53.841138] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 53.850624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 53.864750] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 53.874833] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 53.885163] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 53.896282] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 53.906981] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 53.920600] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 53.932829] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 53.940544] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 53.948978] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 53.958657] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 53.975480] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 53.998911] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 54.008840] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 54.023337] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 54.031496] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 54.041851] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 54.099755] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 54.116076] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 54.134830] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 54.142918] team0: Port device team_slave_0 added [ 54.148217] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 54.165027] team0: Port device team_slave_0 added [ 54.172788] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 54.181129] team0: Port device team_slave_0 added [ 54.217892] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 54.229380] team0: Port device team_slave_1 added [ 54.236311] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 54.243940] team0: Port device team_slave_1 added [ 54.251369] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 54.260576] team0: Port device team_slave_1 added [ 54.318411] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 54.326578] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 54.336584] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 54.344510] team0: Port device team_slave_0 added [ 54.354443] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 54.361663] team0: Port device team_slave_0 added [ 54.373618] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 54.382904] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 54.392627] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 54.414229] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 54.421919] team0: Port device team_slave_1 added [ 54.428989] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 54.440359] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 54.458197] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 54.469694] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 54.480754] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 54.494694] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 54.502699] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 54.510184] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 54.518078] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 54.525259] team0: Port device team_slave_1 added [ 54.533403] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 54.540454] team0: Port device team_slave_0 added [ 54.547488] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 54.557189] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 54.569729] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 54.580296] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 54.595164] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 54.604162] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 54.612110] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 54.620167] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 54.629888] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 54.642843] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 54.650698] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 54.663336] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 54.671568] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 54.682710] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 54.690593] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 54.699607] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 54.707190] team0: Port device team_slave_1 added [ 54.714063] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 54.731820] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 54.746341] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 54.758772] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 54.767002] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 54.776152] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 54.794365] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 54.806496] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 54.821976] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 54.839900] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 54.848081] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 54.857929] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 54.877232] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 54.894972] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 54.914265] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 54.924938] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 54.948248] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 54.979213] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 54.987016] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 54.994866] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 55.012075] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 55.025386] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 55.040552] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 55.086286] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 55.096097] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 55.104358] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 55.339404] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.345862] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.352550] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.358918] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.378306] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 55.386654] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.393093] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.399655] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.406068] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.413588] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 55.422780] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.429163] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.435837] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.442240] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.449775] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 55.501138] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.507559] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.514415] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.520788] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.528874] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 55.658411] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.664844] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.671495] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.677917] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.690647] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 55.741724] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 55.749695] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 55.756837] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 55.767211] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 55.775451] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 55.793592] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.800005] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.806700] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.813105] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.824919] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 56.742364] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 57.525469] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.546327] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.579745] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.653497] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.715288] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 57.735286] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 57.790216] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 57.805384] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.826866] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.858458] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 57.923916] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 57.935507] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 57.948648] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.965931] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 57.980249] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 57.988869] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 58.037493] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 58.043774] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 58.050698] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 58.061756] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 58.073659] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 58.121796] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.148043] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 58.164043] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 58.171101] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 58.186075] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.245101] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 58.261383] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 58.269091] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 58.286252] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 58.298532] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.308370] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 58.315901] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 58.368888] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.446886] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.491258] 8021q: adding VLAN 0 to HW filter on device team0 [ 59.278843] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details. [ 59.359649] ------------[ cut here ]------------ [ 59.364546] kernel BUG at arch/x86/kvm/x86.c:353! [ 59.369600] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 59.374054] kobject: 'kvm' (0000000068ccc868): kobject_uevent_env [ 59.375003] CPU: 0 PID: 7560 Comm: syz-executor0 Not tainted 4.19.0-rc7-next-20181010+ #91 [ 59.375011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 59.375033] RIP: 0010:kvm_spurious_fault+0x9/0x10 [ 59.395910] kobject: 'kvm' (0000000068ccc868): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 59.399031] Code: 45 10 50 e8 b9 db 7b 00 58 5a 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 0f 1f 84 00 00 00 00 00 55 48 89 e5 e8 d7 81 72 00 <0f> 0b 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 41 55 49 89 f5 41 54 [ 59.399040] RSP: 0018:ffff8801ccf9f548 EFLAGS: 00010293 [ 59.437260] RAX: ffff8801cb482040 RBX: ffff8801ccf9f5c8 RCX: ffffffff8138fcac [ 59.444550] RDX: 0000000000000000 RSI: ffffffff810be879 RDI: ffff8801ccf9f588 [ 59.446486] kobject: 'loop5' (000000008dbe3967): kobject_uevent_env [ 59.451881] RBP: ffff8801ccf9f548 R08: ffff8801cb482040 R09: fffff520003f1046 [ 59.451890] R10: fffff520003f1046 R11: ffffc90001f88237 R12: 1ffff100399f3ead [ 59.451899] R13: ffff8801ccf9f588 R14: ffff8801d956f000 R15: ffff8801ba8cd000 [ 59.451911] FS: 00007f6822324700(0000) GS:ffff8801dae00000(0000) knlGS:0000000000000000 [ 59.451925] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 59.467087] kobject: 'loop5' (000000008dbe3967): fill_kobj_path: path = '/devices/virtual/block/loop5' [ 59.472907] CR2: ffff8801ccf9f588 CR3: 00000001b9150000 CR4: 00000000001426f0 [ 59.472919] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 59.472926] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 59.472931] Call Trace: [ 59.472977] kvm_fastop_exception+0x49c/0x54da [ 59.472996] ? vmcs_load+0xa0/0x150 [ 59.480868] kobject: 'kvm' (0000000068ccc868): kobject_uevent_env [ 59.488568] ? crash_vmclear_local_loaded_vmcss+0x1a0/0x1a0 [ 59.488583] ? save_stack+0xa9/0xd0 [ 59.488597] vmx_vcpu_load+0x496/0x1030 [ 59.488611] ? do_vfs_ioctl+0x1de/0x1720 [ 59.488628] ? ksys_ioctl+0xa9/0xd0 [ 59.506318] kobject: 'kvm' (0000000068ccc868): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 59.511322] ? __x64_sys_ioctl+0x73/0xb0 [ 59.511343] ? add_atomic_switch_msr.constprop.120+0x990/0x990 [ 59.511361] ? kasan_check_read+0x11/0x20 [ 59.530167] kobject: 'kvm' (0000000068ccc868): kobject_uevent_env [ 59.533081] ? do_raw_spin_unlock+0xa7/0x2f0 [ 59.533101] ? fs_reclaim_acquire+0x20/0x20 [ 59.533118] ? __might_fault+0x12b/0x1e0 [ 59.533137] ? lock_downgrade+0x900/0x900 [ 59.538831] kobject: 'kvm' (0000000068ccc868): kobject_uevent_env [ 59.543015] ? lock_release+0xa10/0xa10 [ 59.543028] ? perf_trace_sched_process_exec+0x860/0x860 [ 59.543049] kvm_arch_vcpu_load+0x1d4/0x960 [ 59.543067] ? kvm_arch_dev_ioctl+0x620/0x620 [ 59.548927] kobject: 'kvm' (0000000068ccc868): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 59.552407] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 59.552422] ? check_preemption_disabled+0x48/0x200 [ 59.552438] vcpu_load+0x35/0x70 [ 59.552460] kvm_arch_vcpu_ioctl_set_sregs+0x1a/0x40 [ 59.556548] kobject: 'kvm' (0000000068ccc868): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 59.560491] kvm_vcpu_ioctl+0x951/0x1150 [ 59.560509] ? kvm_uevent_notify_change.part.31+0x450/0x450 [ 59.560525] ? exit_robust_list+0x280/0x280 [ 59.569762] ------------[ cut here ]------------ [ 59.573168] ? _raw_spin_unlock+0x2c/0x50 [ 59.577219] kernel BUG at arch/x86/kvm/x86.c:353! [ 59.583199] ? __fget+0x4aa/0x740 [ 59.703389] ? lock_downgrade+0x900/0x900 [ 59.707556] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 59.712506] ? __fget+0x4d1/0x740 [ 59.715991] ? ksys_dup3+0x680/0x680 [ 59.719791] ? __might_fault+0x12b/0x1e0 [ 59.723864] ? lock_downgrade+0x900/0x900 [ 59.728024] ? lock_release+0xa10/0xa10 [ 59.732018] ? perf_trace_sched_process_exec+0x860/0x860 [ 59.737492] ? kvm_uevent_notify_change.part.31+0x450/0x450 [ 59.743221] do_vfs_ioctl+0x1de/0x1720 [ 59.747123] ? ioctl_preallocate+0x300/0x300 [ 59.751546] ? __fget_light+0x2e9/0x430 [ 59.755529] ? fget_raw+0x20/0x20 [ 59.759012] ? _copy_to_user+0xc8/0x110 [ 59.763032] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 59.768583] ? put_timespec64+0x10f/0x1b0 [ 59.772741] ? nsecs_to_jiffies+0x30/0x30 [ 59.776906] ? security_file_ioctl+0x94/0xc0 [ 59.781331] ksys_ioctl+0xa9/0xd0 [ 59.784800] __x64_sys_ioctl+0x73/0xb0 [ 59.788706] do_syscall_64+0x1b9/0x820 [ 59.792604] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 59.798003] ? syscall_return_slowpath+0x5e0/0x5e0 [ 59.802943] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 59.807823] ? trace_hardirqs_on_caller+0x310/0x310 [ 59.812853] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 59.817885] ? prepare_exit_to_usermode+0x291/0x3b0 [ 59.822918] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 59.827802] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 59.833009] RIP: 0033:0x457579 [ 59.836214] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 59.855131] RSP: 002b:00007f6822323c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 59.862869] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 59.870152] RDX: 00000000200003c0 RSI: 000000004138ae84 RDI: 0000000000000005 [ 59.877430] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 59.884707] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f68223246d4 [ 59.892000] R13: 00000000004c0273 R14: 00000000004d0378 R15: 00000000ffffffff [ 59.899283] Modules linked in: [ 59.902510] invalid opcode: 0000 [#2] PREEMPT SMP KASAN [ 59.902595] ---[ end trace 7f7607493917c8a1 ]--- [ 59.907900] CPU: 1 PID: 7567 Comm: syz-executor5 Tainted: G D 4.19.0-rc7-next-20181010+ #91 [ 59.912689] RIP: 0010:kvm_spurious_fault+0x9/0x10 [ 59.922432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 59.922448] RIP: 0010:kvm_spurious_fault+0x9/0x10 [ 59.922463] Code: 45 10 50 e8 b9 db 7b 00 58 5a 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 0f 1f 84 00 00 00 00 00 55 48 89 e5 e8 d7 81 72 00 <0f> 0b 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 41 55 49 89 f5 41 54 [ 59.922476] RSP: 0018:ffff8801ba69f380 EFLAGS: 00010093 [ 59.927341] Code: 45 10 50 e8 b9 db 7b 00 58 5a 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 0f 1f 84 00 00 00 00 00 55 48 89 e5 e8 d7 81 72 00 <0f> 0b 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 41 55 49 89 f5 41 54 [ 59.936689] RAX: ffff8801cbfec240 RBX: 1ffff100374d3e74 RCX: ffffffff8138fcac [ 59.936697] RDX: 0000000000000000 RSI: ffffffff810be879 RDI: ffff8801ba69f3c0 [ 59.936704] RBP: ffff8801ba69f380 R08: ffff8801cbfec240 R09: fffff520003f9847 [ 59.936711] R10: fffff520003f9847 R11: ffffc90001fcc23b R12: ffff8801ba69f400 [ 59.936718] R13: dffffc0000000000 R14: ffff8801d916e000 R15: ffff8801ba69f3c0 [ 59.936730] FS: 0000000001af0940(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000 [ 59.936743] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 59.941584] RSP: 0018:ffff8801ccf9f548 EFLAGS: 00010293 [ 59.960492] CR2: ffff8801ba69f3c0 CR3: 00000001cf1a8000 CR4: 00000000001426e0 [ 59.960503] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 59.960509] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 59.960514] Call Trace: [ 59.960535] kvm_fastop_exception+0x484/0x54da [ 59.960555] ? vmcs_clear+0x94/0x100 [ 59.985332] ? trace_hardirqs_on+0x310/0x310 [ 59.985349] ? handle_interrupt_window+0xa0/0xa0 [ 59.985364] __loaded_vmcs_clear+0x2d6/0x690 [ 59.985379] ? trace_hardirqs_off+0xb8/0x310 [ 59.985399] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 59.992740] RAX: ffff8801cb482040 RBX: ffff8801ccf9f5c8 RCX: ffffffff8138fcac [ 60.000005] ? nested_get_vmcs12_pages+0x15b0/0x15b0 [ 60.007300] RDX: 0000000000000000 RSI: ffffffff810be879 RDI: ffff8801ccf9f588 [ 60.014540] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 60.014556] ? check_preemption_disabled+0x48/0x200 [ 60.014573] ? nested_get_vmcs12_pages+0x15b0/0x15b0 [ 60.021844] RBP: ffff8801ccf9f548 R08: ffff8801cb482040 R09: fffff520003f1046 [ 60.030075] generic_exec_single+0x379/0x5f0 [ 60.030088] ? smp_call_on_cpu+0x560/0x560 [ 60.030104] ? kvm_mmu_free_roots+0x2c8/0x730 [ 60.030122] ? lock_downgrade+0x900/0x900 [ 60.036031] R10: fffff520003f1046 R11: ffffc90001f88237 R12: 1ffff100399f3ead [ 60.041403] ? kvm_mmu_commit_zap_page.part.90+0x439/0x5d0 [ 60.048695] R13: ffff8801ccf9f588 R14: ffff8801d956f000 R15: ffff8801ba8cd000 [ 60.055940] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 60.055978] ? check_preemption_disabled+0x48/0x200 [ 60.055995] smp_call_function_single+0x25a/0x660 [ 60.063296] FS: 00007f6822324700(0000) GS:ffff8801dae00000(0000) knlGS:0000000000000000 [ 60.065861] ? kvm_arch_vcpu_put+0x1d2/0x420 [ 60.070428] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 60.074141] ? nested_get_vmcs12_pages+0x15b0/0x15b0 [ 60.074154] ? generic_exec_single+0x5f0/0x5f0 [ 60.074168] ? kvm_arch_has_assigned_device+0xe7/0x130 [ 60.074183] ? hardware_disable+0x530/0x530 [ 60.078586] CR2: ffff8801ccf9f588 CR3: 00000001b9150000 CR4: 00000000001426f0 [ 60.083339] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 60.083357] ? tg_nop+0x10/0x10 [ 60.083373] ? vmx_vcpu_put+0x1d/0x20 [ 60.087779] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 60.092189] free_loaded_vmcs+0x13c/0x1b0 [ 60.092203] vmx_free_vcpu+0x211/0x2f0 [ 60.092221] kvm_arch_destroy_vm+0x365/0x7c0 [ 60.097753] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 60.105033] ? kvm_arch_sync_events+0x30/0x30 [ 60.105049] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 60.105064] ? mmu_notifier_unregister+0x46f/0x600 [ 60.105082] ? __mmu_notifier_invalidate_range_start+0x360/0x360 [ 60.110179] Kernel panic - not syncing: Fatal exception [ 60.117471] ? __free_pages+0x10a/0x190 [ 60.308550] ? free_unref_page+0x960/0x960 [ 60.312824] kvm_put_kvm+0x6c8/0xff0 [ 60.316565] ? kvm_vcpu_block+0x1020/0x1020 [ 60.320907] ? do_raw_spin_unlock+0xa7/0x2f0 [ 60.325336] ? up_write+0x7b/0x220 [ 60.328894] ? down_write_nested+0x130/0x130 [ 60.333322] ? mntput+0x74/0xa0 [ 60.336622] ? debugfs_remove_recursive+0x40d/0x530 [ 60.341706] ? fsnotify_first_mark+0x350/0x350 [ 60.346307] ? debugfs_remove+0x130/0x130 [ 60.350479] kvm_vcpu_release+0x7b/0xa0 [ 60.354466] __fput+0x3bc/0xa70 [ 60.357766] ? kvm_vm_release+0x50/0x50 [ 60.361754] ? get_max_files+0x20/0x20 [ 60.365655] ? trace_hardirqs_on+0xbd/0x310 [ 60.370005] ? kasan_check_read+0x11/0x20 [ 60.374166] ? task_work_run+0x1af/0x2a0 [ 60.378329] ? trace_hardirqs_off_caller+0x300/0x300 [ 60.383453] ? filp_close+0x1cd/0x250 [ 60.387269] ____fput+0x15/0x20 [ 60.390565] task_work_run+0x1e8/0x2a0 [ 60.394471] ? task_work_cancel+0x240/0x240 [ 60.398807] ? copy_fd_bitmaps+0x210/0x210 [ 60.403072] exit_to_usermode_loop+0x318/0x380 [ 60.407673] ? __bpf_trace_sys_exit+0x30/0x30 [ 60.412187] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 60.417741] do_syscall_64+0x6be/0x820 [ 60.421644] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 60.427024] ? syscall_return_slowpath+0x5e0/0x5e0 [ 60.431989] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 60.436854] ? trace_hardirqs_on_caller+0x310/0x310 [ 60.441886] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 60.446918] ? prepare_exit_to_usermode+0x291/0x3b0 [ 60.451991] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 60.456851] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 60.462051] RIP: 0033:0x411051 [ 60.465255] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 34 19 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 60.484173] RSP: 002b:00007ffc7e192b50 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 60.491905] RAX: 0000000000000000 RBX: 0000000000000007 RCX: 0000000000411051 [ 60.499189] RDX: 0000000000000000 RSI: 0000000000731ac8 RDI: 0000000000000006 [ 60.506474] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 60.513758] R10: 00007ffc7e192a80 R11: 0000000000000293 R12: 0000000000000000 [ 60.521040] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000005 [ 60.528328] Modules linked in: [ 60.531543] ---[ end trace 7f7607493917c8a2 ]--- [ 60.536319] RIP: 0010:kvm_spurious_fault+0x9/0x10 [ 60.541179] Code: 45 10 50 e8 b9 db 7b 00 58 5a 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 0f 1f 84 00 00 00 00 00 55 48 89 e5 e8 d7 81 72 00 <0f> 0b 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 41 55 49 89 f5 41 54 [ 60.560098] RSP: 0018:ffff8801ccf9f548 EFLAGS: 00010293 [ 60.565487] RAX: ffff8801cb482040 RBX: ffff8801ccf9f5c8 RCX: ffffffff8138fcac [ 60.572769] RDX: 0000000000000000 RSI: ffffffff810be879 RDI: ffff8801ccf9f588 [ 60.580053] RBP: ffff8801ccf9f548 R08: ffff8801cb482040 R09: fffff520003f1046 [ 60.587338] R10: fffff520003f1046 R11: ffffc90001f88237 R12: 1ffff100399f3ead [ 60.594625] R13: ffff8801ccf9f588 R14: ffff8801d956f000 R15: ffff8801ba8cd000 [ 60.601912] FS: 0000000001af0940(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000 [ 60.610148] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 60.616043] CR2: ffff8801ba69f3c0 CR3: 00000001cf1a8000 CR4: 00000000001426e0 [ 60.623322] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 60.630638] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 61.266898] Shutting down cpus with NMI [ 61.271839] Kernel Offset: disabled [ 61.275479] Rebooting in 86400 seconds..