[....] Starting enhanced syslogd: rsyslogd[ 11.208819] audit: type=1400 audit(1514341293.156:4): avc: denied { syslog } for pid=3176 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added 'ci-android-49-kasan-gce-9,10.128.0.95' (ECDSA) to the list of known hosts. executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program syzkaller login: [ 20.111835] kasan: CONFIG_KASAN_INLINE enabled [ 20.112682] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 20.113980] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 20.114493] kasan: CONFIG_KASAN_INLINE enabled [ 20.114495] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 20.116661] Dumping ftrace buffer: [ 20.117136] (ftrace buffer empty) [ 20.117663] Modules linked in: [ 20.118135] CPU: 1 PID: 3332 Comm: syzkaller982337 Not tainted 4.9.71-g2506378 #113 [ 20.119153] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 20.120375] task: ffff8801cb801800 task.stack: ffff8801c94e8000 [ 20.121172] RIP: 0010:[] [] __free_pages+0x21/0x80 [ 20.122280] RSP: 0018:ffff8801c94ef9b0 EFLAGS: 00010a07 [ 20.122999] RAX: dffffc0000000000 RBX: dead4ead00000000 RCX: ffffffff82664deb [ 20.123985] RDX: 1bd5a9d5a0000003 RSI: 0000000000000001 RDI: dead4ead0000001c [ 20.124939] RBP: ffff8801c94ef9c0 R08: 0000000000000001 R09: 0000000000000000 [ 20.125891] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000004 [ 20.126843] R13: 0000000000000020 R14: ffff8801bd50a100 R15: dffffc0000000000 [ 20.127795] FS: 000000000114c940(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000 [ 20.128888] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 20.129665] CR2: 000000002064f000 CR3: 00000001c9c91000 CR4: 00000000001406e0 [ 20.130618] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 20.131589] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 20.135744] Stack: [ 20.137859] ffff8801cb801800 ffff8801bd50a258 ffff8801c94efa20 ffffffff82664e11 [ 20.145817] ffff8801bd50a270 ffffed0037aa144b ffffed0037aa144e ffff8801bd50a268 [ 20.153769] dead4ead00000000 ffff8801bd50a240 0000000000000000 0000000000000000 [ 20.161719] Call Trace: [ 20.164273] [] sg_remove_scat.isra.19+0x1c1/0x2d0 [ 20.170731] [] sg_finish_rem_req+0x2b5/0x340 [ 20.176753] [] sg_new_read.isra.20+0x39/0x3e0 [ 20.182863] [] ? sg_get_rq_mark+0x142/0x190 [ 20.188800] [] sg_read+0x8bd/0x1440 [ 20.194044] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 20.201283] [] ? fsnotify+0xf30/0xf30 [ 20.206702] [] ? avc_policy_seqno+0x9/0x20 [ 20.212554] [] do_loop_readv_writev.part.17+0x141/0x1e0 [ 20.219531] [] ? security_file_permission+0x89/0x1e0 [ 20.226248] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 20.232877] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 20.239510] [] do_readv_writev+0x520/0x750 [ 20.245362] [] ? vfs_write+0x530/0x530 [ 20.250867] [] ? __pmd_alloc+0x410/0x410 [ 20.256545] [] ? __do_page_fault+0x5ec/0xd40 [ 20.262568] [] vfs_readv+0x84/0xc0 [ 20.267722] [] do_readv+0xe6/0x250 [ 20.272876] [] ? vfs_readv+0xc0/0xc0 [ 20.278205] [] ? entry_SYSCALL_64_fastpath+0x5/0xc6 [ 20.284838] [] ? trace_hardirqs_on_caller+0x38b/0x590 [ 20.291642] [] SyS_readv+0x27/0x30 [ 20.296798] [] entry_SYSCALL_64_fastpath+0x23/0xc6 [ 20.303339] Code: e9 27 fc ff ff 0f 1f 44 00 00 48 b8 00 00 00 00 00 fc ff df 55 48 89 e5 53 48 89 fb 48 83 c7 1c 48 89 fa 48 83 ec 08 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 3d [ 20.329706] RIP [] __free_pages+0x21/0x80 [ 20.335581] RSP [ 20.339178] general protection fault: 0000 [#2] PREEMPT SMP KASAN [ 20.344286] kasan: CONFIG_KASAN_INLINE enabled [ 20.344288] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 20.357259] Dumping ftrace buffer: [ 20.360762] (ftrace buffer empty) [ 20.364437] Modules linked in: [ 20.367708] CPU: 0 PID: 3326 Comm: syzkaller982337 Tainted: G D 4.9.71-g2506378 #113 [ 20.376678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 20.385997] task: ffff8801cbec6000 task.stack: ffff8801c9598000 [ 20.392018] RIP: 0010:[] [] __free_pages+0x21/0x80 [ 20.400242] RSP: 0018:ffff8801c959f9b0 EFLAGS: 00010a07 [ 20.405656] RAX: dffffc0000000000 RBX: dead4ead00000000 RCX: ffffffff82664deb [ 20.412893] RDX: 1bd5a9d5a0000003 RSI: 0000000000000001 RDI: dead4ead0000001c [ 20.420127] RBP: ffff8801c959f9c0 R08: 0000000000000001 R09: 0000000000000000 [ 20.427363] R10: 0000000000000000 R11: ffff8801cbec6000 R12: 0000000000000004 [ 20.434600] R13: 0000000000000020 R14: ffff8801bd4fc200 R15: dffffc0000000000 [ 20.441839] FS: 000000000114c940(0000) GS:ffff8801db200000(0000) knlGS:0000000000000000 [ 20.450029] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 20.455878] CR2: 000000002064f000 CR3: 00000001c8cf9000 CR4: 00000000001406f0 [ 20.463128] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 20.470364] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 20.477598] Stack: [ 20.479711] ffff8801cbec6000 ffff8801bd4fc358 ffff8801c959fa20 ffffffff82664e11 [ 20.487659] ffff8801bd4fc370 ffffed0037a9f86b ffffed0037a9f86e ffff8801bd4fc368 [ 20.495606] dead4ead00000000 ffff8801bd4fc340 0000000000000000 0000000000000000 [ 20.503554] Call Trace: [ 20.506108] [] sg_remove_scat.isra.19+0x1c1/0x2d0 [ 20.512566] [] sg_finish_rem_req+0x2b5/0x340 [ 20.518587] [] sg_new_read.isra.20+0x39/0x3e0 [ 20.524697] [] ? sg_get_rq_mark+0x142/0x190 [ 20.530633] [] sg_read+0x8bd/0x1440 [ 20.535876] [] ? __check_object_size+0x174/0x3a9 [ 20.542245] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 20.548878] [] ? fsnotify+0xf30/0xf30 [ 20.554293] [] ? avc_policy_seqno+0x9/0x20 [ 20.560144] [] do_loop_readv_writev.part.17+0x141/0x1e0 [ 20.567123] [] ? security_file_permission+0x89/0x1e0 [ 20.573839] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 20.580469] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 20.587100] [] do_readv_writev+0x520/0x750 [ 20.592948] [] ? vfs_write+0x530/0x530 [ 20.598453] [] ? __pmd_alloc+0x410/0x410 [ 20.604131] [] ? check_preemption_disabled+0x3b/0x200 [ 20.610936] [] ? __inode_security_revalidate+0xd9/0x130 [ 20.617914] [] ? __do_page_fault+0x319/0xd40 [ 20.623937] [] ? __do_page_fault+0x5ec/0xd40 [ 20.629960] [] vfs_readv+0x84/0xc0 [ 20.635113] [] do_readv+0xe6/0x250 [ 20.640268] [] ? vfs_readv+0xc0/0xc0 [ 20.645599] [] ? mm_fault_error+0x2c0/0x2c0 [ 20.651534] [] ? debug_locks_off+0x86/0xa0 [ 20.657385] [] SyS_readv+0x27/0x30 [ 20.662540] [] entry_SYSCALL_64_fastpath+0x23/0xc6 [ 20.669080] Code: e9 27 fc ff ff 0f 1f 44 00 00 48 b8 00 00 00 00 00 fc ff df 55 48 89 e5 53 48 89 fb 48 83 c7 1c 48 89 fa 48 83 ec 08 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 3d [ 20.695429] RIP [] __free_pages+0x21/0x80 [ 20.701313] RSP [ 20.704918] general protection fault: 0000 [#3] PREEMPT SMP KASAN [ 20.709111] kasan: CONFIG_KASAN_INLINE enabled [ 20.709113] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 20.723008] Dumping ftrace buffer: [ 20.726512] (ftrace buffer empty) [ 20.730187] Modules linked in: [ 20.733459] CPU: 1 PID: 3330 Comm: syzkaller982337 Tainted: G D 4.9.71-g2506378 #113 [ 20.742432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 20.751767] task: ffff8801cb800000 task.stack: ffff8801c9520000 [ 20.757787] RIP: 0010:[] [] __free_pages+0x21/0x80 [ 20.766015] RSP: 0018:ffff8801c95279b0 EFLAGS: 00010a07 [ 20.771428] RAX: dffffc0000000000 RBX: dead4ead00000000 RCX: ffffffff82664deb [ 20.778663] RDX: 1bd5a9d5a0000003 RSI: 0000000000000001 RDI: dead4ead0000001c [ 20.785899] RBP: ffff8801c95279c0 R08: 0000000000000001 R09: 0000000000000000 [ 20.793133] R10: 0000000000000000 R11: ffff8801cb800000 R12: 0000000000000004 [ 20.800373] R13: 0000000000000020 R14: ffff8801bd50c200 R15: dffffc0000000000 [ 20.807612] FS: 000000000114c940(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000 [ 20.815802] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 20.821649] CR2: 000000002064f000 CR3: 00000001cbe9a000 CR4: 00000000001406e0 [ 20.828885] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 20.836128] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 20.843364] Stack: [ 20.845480] ffff8801cb800000 ffff8801bd50c358 ffff8801c9527a20 ffffffff82664e11 [ 20.853441] ffff8801bd50c370 ffffed0037aa186b ffffed0037aa186e ffff8801bd50c368 [ 20.861395] dead4ead00000000 ffff8801bd50c340 0000000000000000 0000000000000000 [ 20.869349] Call Trace: [ 20.871907] [] sg_remove_scat.isra.19+0x1c1/0x2d0 [ 20.878363] [] sg_finish_rem_req+0x2b5/0x340 [ 20.884384] [] sg_new_read.isra.20+0x39/0x3e0 [ 20.890492] [] ? sg_get_rq_mark+0x142/0x190 [ 20.896426] [] sg_read+0x8bd/0x1440 [ 20.901669] [] ? __check_object_size+0x174/0x3a9 [ 20.908037] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 20.914668] [] ? fsnotify+0xf30/0xf30 [ 20.920087] [] ? avc_policy_seqno+0x9/0x20 [ 20.925938] [] do_loop_readv_writev.part.17+0x141/0x1e0 [ 20.932916] [] ? security_file_permission+0x89/0x1e0 [ 20.939633] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 20.946263] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 20.952892] [] do_readv_writev+0x520/0x750 [ 20.958743] [] ? vfs_write+0x530/0x530 [ 20.964246] [] ? __pmd_alloc+0x410/0x410 [ 20.969923] [] ? check_preemption_disabled+0x3b/0x200 [ 20.976730] [] ? __inode_security_revalidate+0xd9/0x130 [ 20.983712] [] ? __do_page_fault+0x319/0xd40 [ 20.989736] [] ? __do_page_fault+0x5ec/0xd40 [ 20.995761] [] vfs_readv+0x84/0xc0 [ 21.000916] [] do_readv+0xe6/0x250 [ 21.006070] [] ? vfs_readv+0xc0/0xc0 [ 21.011401] [] ? mm_fault_error+0x2c0/0x2c0 [ 21.017348] [] SyS_readv+0x27/0x30 [ 21.022512] [] entry_SYSCALL_64_fastpath+0x23/0xc6 [ 21.029053] Code: e9 27 fc ff ff 0f 1f 44 00 00 48 b8 00 00 00 00 00 fc ff df 55 48 89 e5 53 48 89 fb 48 83 c7 1c 48 89 fa 48 83 ec 08 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 3d [ 21.055483] RIP [] __free_pages+0x21/0x80 [ 21.061360] RSP [ 21.064962] general protection fault: 0000 [#4] PREEMPT SMP KASAN [ 21.071105] kasan: CONFIG_KASAN_INLINE enabled [ 21.071107] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 21.083041] Dumping ftrace buffer: [ 21.086544] (ftrace buffer empty) [ 21.090219] Modules linked in: [ 21.093494] CPU: 0 PID: 3325 Comm: syzkaller982337 Tainted: G D 4.9.71-g2506378 #113 [ 21.102465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 21.111789] task: ffff8801cbec1800 task.stack: ffff8801c8ec8000 [ 21.117807] RIP: 0010:[] [] __free_pages+0x21/0x80 [ 21.126032] RSP: 0018:ffff8801c8ecf9b0 EFLAGS: 00010a07 [ 21.131448] RAX: dffffc0000000000 RBX: dead4ead00000000 RCX: ffffffff82664deb [ 21.138683] RDX: 1bd5a9d5a0000003 RSI: 0000000000000001 RDI: dead4ead0000001c [ 21.145920] RBP: ffff8801c8ecf9c0 R08: 0000000000000001 R09: 0000000000000000 [ 21.153154] R10: 0000000000000000 R11: ffff8801cbec1800 R12: 0000000000000004 [ 21.160389] R13: 0000000000000020 R14: ffff8801bd560000 R15: dffffc0000000000 [ 21.167628] FS: 000000000114c940(0000) GS:ffff8801db200000(0000) knlGS:0000000000000000 [ 21.175818] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 21.181664] CR2: 000000002064f000 CR3: 00000001c95a0000 CR4: 00000000001406f0 [ 21.188901] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 21.196135] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 21.203368] Stack: [ 21.205484] ffff8801cbec1800 ffff8801bd560158 ffff8801c8ecfa20 ffffffff82664e11 [ 21.213436] ffff8801bd560170 ffffed0037aac02b ffffed0037aac02e ffff8801bd560168 [ 21.221389] dead4ead00000000 ffff8801bd560140 0000000000000000 0000000000000000 [ 21.229340] Call Trace: [ 21.231896] [] sg_remove_scat.isra.19+0x1c1/0x2d0 [ 21.238353] [] sg_finish_rem_req+0x2b5/0x340 [ 21.244377] [] sg_new_read.isra.20+0x39/0x3e0 [ 21.250485] [] ? sg_get_rq_mark+0x142/0x190 [ 21.256421] [] sg_read+0x8bd/0x1440 [ 21.261666] [] ? __check_object_size+0x174/0x3a9 [ 21.268034] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 21.274664] [] ? fsnotify+0xf30/0xf30 [ 21.280087] [] ? avc_policy_seqno+0x9/0x20 [ 21.285939] [] do_loop_readv_writev.part.17+0x141/0x1e0 [ 21.292917] [] ? security_file_permission+0x89/0x1e0 [ 21.299634] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 21.306263] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 21.312893] [] do_readv_writev+0x520/0x750 [ 21.318745] [] ? vfs_write+0x530/0x530 [ 21.324252] [] ? __pmd_alloc+0x410/0x410 [ 21.329933] [] ? check_preemption_disabled+0x3b/0x200 [ 21.336738] [] ? __inode_security_revalidate+0xd9/0x130 [ 21.343717] [] ? __do_page_fault+0x319/0xd40 [ 21.349741] [] ? __do_page_fault+0x5ec/0xd40 [ 21.355771] [] vfs_readv+0x84/0xc0 [ 21.360924] [] do_readv+0xe6/0x250 [ 21.366080] [] ? vfs_readv+0xc0/0xc0 [ 21.371409] [] ? mm_fault_error+0x2c0/0x2c0 [ 21.377345] [] SyS_readv+0x27/0x30 [ 21.382501] [] entry_SYSCALL_64_fastpath+0x23/0xc6 [ 21.389040] Code: e9 27 fc ff ff 0f 1f 44 00 00 48 b8 00 00 00 00 00 fc ff df 55 48 89 e5 53 48 89 fb 48 83 c7 1c 48 89 fa 48 83 ec 08 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 3d [ 21.415427] RIP [] __free_pages+0x21/0x80 [ 21.421302] RSP [ 21.424903] general protection fault: 0000 [#5] PREEMPT SMP KASAN [ 21.426920] kasan: CONFIG_KASAN_INLINE enabled [ 21.426922] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 21.442975] Dumping ftrace buffer: [ 21.446477] (ftrace buffer empty) [ 21.450152] Modules linked in: [ 21.453428] CPU: 1 PID: 3331 Comm: syzkaller982337 Tainted: G D 4.9.71-g2506378 #113 [ 21.462398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 21.471717] task: ffff8801cb803000 task.stack: ffff8801c9508000 [ 21.477739] RIP: 0010:[] [] __free_pages+0x21/0x80 [ 21.485962] RSP: 0018:ffff8801c950f9b0 EFLAGS: 00010a07 [ 21.491377] RAX: dffffc0000000000 RBX: dead4ead00000000 RCX: ffffffff82664deb [ 21.498613] RDX: 1bd5a9d5a0000003 RSI: 0000000000000001 RDI: dead4ead0000001c [ 21.505848] RBP: ffff8801c950f9c0 R08: 0000000000000001 R09: 0000000000000000 [ 21.513083] R10: 0000000000000000 R11: ffff8801cb803000 R12: 0000000000000004 [ 21.520320] R13: 0000000000000020 R14: ffff8801bd590000 R15: dffffc0000000000 [ 21.527556] FS: 000000000114c940(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000 [ 21.535747] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 21.541593] CR2: 000000002064f000 CR3: 00000001cb317000 CR4: 00000000001406e0 [ 21.548831] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 21.556067] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 21.563302] Stack: [ 21.565414] ffff8801cb803000 ffff8801bd590158 ffff8801c950fa20 ffffffff82664e11 [ 21.573367] ffff8801bd590170 ffffed0037ab202b ffffed0037ab202e ffff8801bd590168 [ 21.581318] dead4ead00000000 ffff8801bd590140 0000000000000000 0000000000000000 [ 21.589275] Call Trace: [ 21.591829] [] sg_remove_scat.isra.19+0x1c1/0x2d0 [ 21.598286] [] sg_finish_rem_req+0x2b5/0x340 [ 21.604309] [] sg_new_read.isra.20+0x39/0x3e0 [ 21.610419] [] ? sg_get_rq_mark+0x142/0x190 [ 21.616354] [] sg_read+0x8bd/0x1440 [ 21.621594] [] ? __check_object_size+0x174/0x3a9 [ 21.627964] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 21.634596] [] ? fsnotify+0xf30/0xf30 [ 21.640012] [] ? avc_policy_seqno+0x9/0x20 [ 21.645863] [] do_loop_readv_writev.part.17+0x141/0x1e0 [ 21.652841] [] ? security_file_permission+0x89/0x1e0 [ 21.659558] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 21.666190] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 21.672823] [] do_readv_writev+0x520/0x750 [ 21.678672] [] ? vfs_write+0x530/0x530 [ 21.684176] [] ? __pmd_alloc+0x410/0x410 [ 21.689855] [] ? check_preemption_disabled+0x3b/0x200 [ 21.696659] [] ? __inode_security_revalidate+0xd9/0x130 [ 21.703639] [] ? __do_page_fault+0x319/0xd40 [ 21.709663] [] ? __do_page_fault+0x5ec/0xd40 [ 21.715685] [] vfs_readv+0x84/0xc0 [ 21.720840] [] do_readv+0xe6/0x250 [ 21.725994] [] ? vfs_readv+0xc0/0xc0 [ 21.731322] [] ? mm_fault_error+0x2c0/0x2c0 [ 21.737258] [] SyS_readv+0x27/0x30 [ 21.742415] [] entry_SYSCALL_64_fastpath+0x23/0xc6 [ 21.748957] Code: e9 27 fc ff ff 0f 1f 44 00 00 48 b8 00 00 00 00 00 fc ff df 55 48 89 e5 53 48 89 fb 48 83 c7 1c 48 89 fa 48 83 ec 08 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 3d [ 21.775897] RIP [] __free_pages+0x21/0x80 [ 21.781774] RSP [ 21.785374] general protection fault: 0000 [#6] PREEMPT SMP KASAN [ 21.791600] Dumping ftrace buffer: [ 21.791606] kasan: CONFIG_KASAN_INLINE enabled [ 21.791608] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 21.806967] (ftrace buffer empty) [ 21.810643] Modules linked in: [ 21.813918] CPU: 0 PID: 3329 Comm: syzkaller982337 Tainted: G D 4.9.71-g2506378 #113 [ 21.822889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 21.832216] task: ffff8801cbec0000 task.stack: ffff8801c9538000 [ 21.838238] RIP: 0010:[] [] __free_pages+0x21/0x80 [ 21.846466] RSP: 0018:ffff8801c953f9b0 EFLAGS: 00010a07 [ 21.851881] RAX: dffffc0000000000 RBX: dead4ead00000000 RCX: ffffffff82664deb [ 21.859117] RDX: 1bd5a9d5a0000003 RSI: 0000000000000001 RDI: dead4ead0000001c [ 21.866353] RBP: ffff8801c953f9c0 R08: 0000000000000001 R09: 0000000000000000 [ 21.873596] R10: 0000000000000000 R11: ffff8801cbec0000 R12: 0000000000000004 [ 21.880833] R13: 0000000000000020 R14: ffff8801bd562100 R15: dffffc0000000000 [ 21.888070] FS: 000000000114c940(0000) GS:ffff8801db200000(0000) knlGS:0000000000000000 [ 21.896259] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 21.902104] CR2: 000000002064f000 CR3: 00000001cb1ea000 CR4: 00000000001406f0 [ 21.909342] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 21.916577] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 21.923810] Stack: [ 21.925926] ffff8801cbec0000 ffff8801bd562258 ffff8801c953fa20 ffffffff82664e11 [ 21.933878] ffff8801bd562270 ffffed0037aac44b ffffed0037aac44e ffff8801bd562268 [ 21.941835] dead4ead00000000 ffff8801bd562240 0000000000000000 0000000000000000 [ 21.949784] Call Trace: [ 21.952337] [] sg_remove_scat.isra.19+0x1c1/0x2d0 [ 21.958794] [] sg_finish_rem_req+0x2b5/0x340 [ 21.964816] [] sg_new_read.isra.20+0x39/0x3e0 [ 21.970925] [] ? sg_get_rq_mark+0x142/0x190 [ 21.976859] [] sg_read+0x8bd/0x1440 [ 21.982101] [] ? __check_object_size+0x174/0x3a9 [ 21.988469] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 21.995102] [] ? fsnotify+0xf30/0xf30 [ 22.000517] [] ? avc_policy_seqno+0x9/0x20 [ 22.006366] [] do_loop_readv_writev.part.17+0x141/0x1e0 [ 22.013342] [] ? security_file_permission+0x89/0x1e0 [ 22.020060] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 22.026696] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 22.033327] [] do_readv_writev+0x520/0x750 [ 22.039177] [] ? vfs_write+0x530/0x530 [ 22.044681] [] ? __pmd_alloc+0x410/0x410 [ 22.050360] [] ? check_preemption_disabled+0x3b/0x200 [ 22.057171] [] ? __inode_security_revalidate+0xd9/0x130 [ 22.064152] [] ? __do_page_fault+0x319/0xd40 [ 22.070174] [] ? __do_page_fault+0x5ec/0xd40 [ 22.076200] [] vfs_readv+0x84/0xc0 [ 22.081356] [] do_readv+0xe6/0x250 [ 22.086509] [] ? vfs_readv+0xc0/0xc0 [ 22.091838] [] ? mm_fault_error+0x2c0/0x2c0 [ 22.097773] [] SyS_readv+0x27/0x30 [ 22.102928] [] entry_SYSCALL_64_fastpath+0x23/0xc6 [ 22.109474] Code: e9 27 fc ff ff 0f 1f 44 00 00 48 b8 00 00 00 00 00 fc ff df 55 48 89 e5 53 48 89 fb 48 83 c7 1c 48 89 fa 48 83 ec 08 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 3d [ 22.135894] RIP [] __free_pages+0x21/0x80 [ 22.141778] RSP [ 22.145377] general protection fault: 0000 [#7] PREEMPT SMP KASAN [ 22.149125] kasan: CONFIG_KASAN_INLINE enabled [ 22.149127] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 22.163468] Dumping ftrace buffer: [ 22.163471] (ftrace buffer empty) [ 22.163474] Modules linked in: [ 22.163482] CPU: 1 PID: 3328 Comm: syzkaller982337 Tainted: G D 4.9.71-g2506378 #113 [ 22.163485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 22.163488] task: ffff8801cbec3000 task.stack: ffff8801c9b78000 [ 22.163502] RIP: 0010:[] [] __free_pages+0x21/0x80 [ 22.163505] RSP: 0018:ffff8801c9b7f9b0 EFLAGS: 00010a07 [ 22.163508] RAX: dffffc0000000000 RBX: dead4ead00000000 RCX: ffffffff82664deb [ 22.163511] RDX: 1bd5a9d5a0000003 RSI: 0000000000000001 RDI: dead4ead0000001c [ 22.163514] RBP: ffff8801c9b7f9c0 R08: 0000000000000001 R09: 0000000000000000 [ 22.163516] R10: 0000000000000000 R11: ffff8801cbec3000 R12: 0000000000000004 [ 22.163519] R13: 0000000000000020 R14: ffff8801bd592100 R15: dffffc0000000000 [ 22.163524] FS: 000000000114c940(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000 [ 22.163526] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 22.163529] CR2: 000000002064f000 CR3: 00000001ca456000 CR4: 00000000001406e0 [ 22.163533] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 22.163536] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 22.163537] Stack: [ 22.163545] ffff8801cbec3000 ffff8801bd592258 ffff8801c9b7fa20 ffffffff82664e11 [ 22.163551] ffff8801bd592270 ffffed0037ab244b ffffed0037ab244e ffff8801bd592268 [ 22.163557] dead4ead00000000 ffff8801bd592240 0000000000000000 0000000000000000 [ 22.163559] Call Trace: [ 22.163567] [] sg_remove_scat.isra.19+0x1c1/0x2d0 [ 22.163572] [] sg_finish_rem_req+0x2b5/0x340 [ 22.163577] [] sg_new_read.isra.20+0x39/0x3e0 [ 22.163581] [] ? sg_get_rq_mark+0x142/0x190 [ 22.163586] [] sg_read+0x8bd/0x1440 [ 22.163592] [] ? __check_object_size+0x174/0x3a9 [ 22.163597] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 22.163604] [] ? fsnotify+0xf30/0xf30 [ 22.163611] [] ? avc_policy_seqno+0x9/0x20 [ 22.163616] [] do_loop_readv_writev.part.17+0x141/0x1e0 [ 22.163621] [] ? security_file_permission+0x89/0x1e0 [ 22.163626] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 22.163631] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 22.163636] [] do_readv_writev+0x520/0x750 [ 22.163641] [] ? vfs_write+0x530/0x530 [ 22.163649] [] ? __pmd_alloc+0x410/0x410 [ 22.163657] [] ? check_preemption_disabled+0x3b/0x200 [ 22.163663] [] ? __inode_security_revalidate+0xd9/0x130 [ 22.163671] [] ? __do_page_fault+0x319/0xd40 [ 22.163676] [] ? __do_page_fault+0x5ec/0xd40 [ 22.163681] [] vfs_readv+0x84/0xc0 [ 22.163686] [] do_readv+0xe6/0x250 [ 22.163691] [] ? vfs_readv+0xc0/0xc0 [ 22.163696] [] ? mm_fault_error+0x2c0/0x2c0 [ 22.163702] [] SyS_readv+0x27/0x30 [ 22.163708] [] entry_SYSCALL_64_fastpath+0x23/0xc6 [ 22.163781] Code: e9 27 fc ff ff 0f 1f 44 00 00 48 b8 00 00 00 00 00 fc ff df 55 48 89 e5 53 48 89 fb 48 83 c7 1c 48 89 fa 48 83 ec 08 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 3d [ 22.163787] RIP [] __free_pages+0x21/0x80 [ 22.163788] RSP [ 22.163796] general protection fault: 0000 [#8] PREEMPT SMP KASAN [ 22.163799] Dumping ftrace buffer: [ 22.163801] (ftrace buffer empty) [ 22.163804] Modules linked in: [ 22.163809] CPU: 0 PID: 3327 Comm: syzkaller982337 Tainted: G D 4.9.71-g2506378 #113 [ 22.163812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 22.163815] task: ffff8801cbec4800 task.stack: ffff8801c9540000 [ 22.163823] RIP: 0010:[] [] __free_pages+0x21/0x80 [ 22.163826] RSP: 0018:ffff8801c95479b0 EFLAGS: 00010a07 [ 22.163830] RAX: dffffc0000000000 RBX: dead4ead00000000 RCX: ffffffff82664deb [ 22.163832] RDX: 1bd5a9d5a0000003 RSI: 0000000000000001 RDI: dead4ead0000001c [ 22.163835] RBP: ffff8801c95479c0 R08: 0000000000000001 R09: 0000000000000000 [ 22.163838] R10: 0000000000000000 R11: ffff8801cbec4800 R12: 0000000000000004 [ 22.163841] R13: 0000000000000020 R14: ffff8801bd564200 R15: dffffc0000000000 [ 22.163845] FS: 000000000114c940(0000) GS:ffff8801db200000(0000) knlGS:0000000000000000 [ 22.163848] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 22.163851] CR2: 000000002064f000 CR3: 00000001c98ce000 CR4: 00000000001406f0 [ 22.163856] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 22.163859] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 22.163861] Stack: [ 22.163870] ffff8801cbec4800 ffff8801bd564358 ffff8801c9547a20 ffffffff82664e11 [ 22.163878] ffff8801bd564370 ffffed0037aac86b ffffed0037aac86e ffff8801bd564368 [ 22.163885] dead4ead00000000 ffff8801bd564340 0000000000000000 0000000000000000 [ 22.163887] Call Trace: [ 22.163892] [] sg_remove_scat.isra.19+0x1c1/0x2d0 [ 22.163898] [] sg_finish_rem_req+0x2b5/0x340 [ 22.163903] [] sg_new_read.isra.20+0x39/0x3e0 [ 22.163908] [] ? sg_get_rq_mark+0x142/0x190 [ 22.163914] [] sg_read+0x8bd/0x1440 [ 22.163920] [] ? __check_object_size+0x174/0x3a9 [ 22.163927] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 22.163933] [] ? fsnotify+0xf30/0xf30 [ 22.163940] [] ? avc_policy_seqno+0x9/0x20 [ 22.163947] [] do_loop_readv_writev.part.17+0x141/0x1e0 [ 22.163952] [] ? security_file_permission+0x89/0x1e0 [ 22.163957] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 22.163962] [] ? sg_proc_seq_show_debug+0xd10/0xd10 [ 22.163968] [] do_readv_writev+0x520/0x750 [ 22.163973] [] ? vfs_write+0x530/0x530 [ 22.163979] [] ? __pmd_alloc+0x410/0x410 [ 22.163985] [] ? check_preemption_disabled+0x3b/0x200 [ 22.163992] [] ? __inode_security_revalidate+0xd9/0x130 [ 22.163997] [] ? __do_page_fault+0x319/0xd40 [ 22.164003] [] ? __do_page_fault+0x5ec/0xd40 [ 22.164008] [] vfs_readv+0x84/0xc0 [ 22.164013] [] do_readv+0xe6/0x250 [ 22.164019] [] ? vfs_readv+0xc0/0xc0 [ 22.164024] [] ? mm_fault_error+0x2c0/0x2c0 [ 22.164031] [] SyS_readv+0x27/0x30 [ 22.164037] [] entry_SYSCALL_64_fastpath+0x23/0xc6 [ 22.164126] Code: e9 27 fc ff ff 0f 1f 44 00 00 48 b8 00 00 00 00 00 fc ff df 55 48 89 e5 53 48 89 fb 48 83 c7 1c 48 89 fa 48 83 ec 08 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 3d [ 22.164134] RIP [] __free_pages+0x21/0x80 [ 22.164136] RSP [ 22.176624] ---[ end trace a927246bcc6535ac ]--- [ 22.176629] Kernel panic - not syncing: Fatal exception [ 22.185144] Dumping ftrace buffer: [ 22.185147] (ftrace buffer empty) [ 22.185149] Kernel Offset: disabled [ 22.858413] Rebooting in 86400 seconds..