Warning: Permanently added 'ci-upstream-kasan-gce-6,10.128.0.19' (ECDSA) to the list of known hosts. serialport: Connected to syzkaller.us-central1-c.ci-upstream-kasan-gce-6 port 1 (session ID: 283f0953bc328cc4eb3b9d11ab04a10ecd22f96bbd82f3cc3f783f13b7907f67, active connections: 1). 2017/07/29 02:45:00 parsed 1 programs 2017/07/29 02:45:00 executed programs: 0 INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 35.989605] kvm: KVM_SET_TSS_ADDR need to be called before entering vcpu 2017/07/29 02:45:05 executed programs: 329 [ 44.244399] kasan: CONFIG_KASAN_INLINE enabled [ 44.249191] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 44.256565] general protection fault: 0000 [#1] SMP KASAN [ 44.262088] Dumping ftrace buffer: [ 44.265621] (ftrace buffer empty) [ 44.269320] Modules linked in: [ 44.272509] CPU: 0 PID: 4407 Comm: syz-executor5 Not tainted 4.13.0-rc2+ #9 [ 44.279581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 44.288902] task: ffff8801d661c0c0 task.stack: ffff8801ca9b0000 [ 44.294930] RIP: 0010:gfn_to_rmap+0x57f/0x6b0 [ 44.299392] RSP: 0018:ffff8801ca9b6820 EFLAGS: 00010297 [ 44.304723] RAX: dffffc0000000000 RBX: ffff8801cc3e1078 RCX: 1ffff1003987c204 [ 44.311962] RDX: 0000000000000000 RSI: ffff8801cc3ec3c8 RDI: ffff8801cc3e1080 [ 44.319212] RBP: ffff8801ca9b6960 R08: 0000000000000002 R09: 0000000000000004 [ 44.326711] R10: ffff8801ca9b6cc8 R11: ffffffff81120ef1 R12: 0000000000000002 [ 44.333950] R13: 000000000000000f R14: 000000000000000e R15: dffffc0000000000 [ 44.341189] FS: 0000000000000000(0000) GS:ffff8801dc000000(0000) knlGS:0000000000000000 [ 44.349380] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 44.355231] CR2: 0000000000000000 CR3: 00000001d28ce000 CR4: 00000000001426f0 [ 44.362479] Call Trace: [ 44.365048] ? kvm_handle_hva_range+0x620/0x620 [ 44.369703] ? update_curr+0x30c/0x800 [ 44.373591] ? mark_lock+0x81/0x13d0 [ 44.377292] ? mmu_shrink_scan+0xb50/0xb50 [ 44.381510] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 44.386699] ? pte_list_remove+0x7b/0x3c0 [ 44.390825] drop_spte+0x161/0x270 [ 44.394340] mmu_page_zap_pte+0x224/0x350 [ 44.398461] ? kvm_mmu_zap_collapsible_spte+0x400/0x400 [ 44.403793] ? __lock_is_held+0xb6/0x140 [ 44.407831] kvm_mmu_prepare_zap_page+0x1b7/0x1260 [ 44.412729] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 44.417896] ? mmio_info_in_cache+0x4b0/0x4b0 [ 44.422366] ? check_noncircular+0x20/0x20 [ 44.426571] ? find_held_lock+0x35/0x1d0 [ 44.430614] ? __is_insn_slot_addr+0x1fc/0x330 [ 44.435178] ? lock_downgrade+0x990/0x990 [ 44.439308] ? check_noncircular+0x20/0x20 [ 44.443519] ? kvm_make_all_cpus_request+0x444/0x580 [ 44.448604] ? gfn_to_pfn_atomic+0x5a0/0x5a0 [ 44.452990] ? lock_release+0xa40/0xa40 [ 44.456946] ? __lock_is_held+0xb6/0x140 [ 44.460988] ? kvm_vcpu_on_spin+0x6d0/0x6d0 [ 44.465290] kvm_mmu_invalidate_zap_all_pages+0x4a0/0x680 [ 44.470810] ? kvm_mmu_zap_collapsible_sptes+0xb0/0xb0 [ 44.476062] ? lock_acquire+0x1d5/0x580 [ 44.480010] ? lock_acquire+0x1d5/0x580 [ 44.483964] ? lock_release+0xa40/0xa40 [ 44.487914] ? lock_release+0xa40/0xa40 [ 44.491869] ? __khugepaged_exit+0x410/0x650 [ 44.496255] ? do_exit+0x981/0x1b10 [ 44.499864] ? kvm_vcpu_on_spin+0x6d0/0x6d0 [ 44.504165] kvm_arch_flush_shadow_all+0x15/0x20 [ 44.508901] kvm_mmu_notifier_release+0x59/0x90 [ 44.513546] ? kvm_vcpu_on_spin+0x6d0/0x6d0 [ 44.517850] __mmu_notifier_release+0x1d5/0x690 [ 44.522499] ? find_held_lock+0x35/0x1d0 [ 44.526544] ? __mmu_notifier_invalidate_range_end+0x350/0x350 [ 44.532493] ? lock_downgrade+0x990/0x990 [ 44.536621] ? rcu_pm_notify+0xc0/0xc0 [ 44.540491] ? __khugepaged_exit+0x410/0x650 [ 44.544880] ? __khugepaged_exit+0x410/0x650 [ 44.549261] ? rcu_read_lock_sched_held+0x108/0x120 [ 44.554260] exit_mmap+0x3a3/0x470 [ 44.557776] ? __khugepaged_exit+0x43d/0x650 [ 44.562161] ? SyS_munmap+0x30/0x30 [ 44.565764] ? hugepage_madvise+0xf0/0xf0 [ 44.569890] ? check_same_owner+0x320/0x320 [ 44.574201] ? __might_sleep+0x95/0x190 [ 44.578160] mmput+0x223/0x6e0 [ 44.581331] ? get_task_exe_file+0xc0/0xc0 [ 44.585547] ? do_exit+0x979/0x1b10 [ 44.589156] ? lock_downgrade+0x990/0x990 [ 44.593285] ? do_raw_spin_trylock+0x190/0x190 [ 44.597850] ? down_read+0x96/0x150 [ 44.601454] ? do_exit+0x49c/0x1b10 [ 44.605056] ? __down_interruptible+0x6a0/0x6a0 [ 44.609699] ? trace_hardirqs_on+0xd/0x10 [ 44.613822] ? _raw_spin_unlock_irq+0x27/0x70 [ 44.618303] do_exit+0x981/0x1b10 [ 44.621733] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 44.626902] ? __rb_erase_color+0x27b0/0x27b0 [ 44.631376] ? update_cfs_shares+0x4b0/0x4b0 [ 44.635762] ? exit_notify+0xb10/0xb10 [ 44.639628] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 44.644795] ? find_held_lock+0x35/0x1d0 [ 44.648842] ? queued_spin_unlock_wait+0x380/0x380 [ 44.653748] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 44.658918] ? check_noncircular+0x20/0x20 [ 44.663137] ? check_noncircular+0x20/0x20 [ 44.667351] ? check_noncircular+0x20/0x20 [ 44.671568] ? check_noncircular+0x20/0x20 [ 44.675781] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 44.680779] ? check_noncircular+0x20/0x20 [ 44.684997] ? __lock_is_held+0xb6/0x140 [ 44.689051] ? find_held_lock+0x35/0x1d0 [ 44.693099] ? get_signal+0x855/0x17e0 [ 44.696966] ? lock_downgrade+0x990/0x990 [ 44.701101] do_group_exit+0x149/0x400 [ 44.704968] ? __lock_is_held+0xb6/0x140 [ 44.709008] ? SyS_exit+0x30/0x30 [ 44.712441] ? _raw_spin_unlock_irq+0x27/0x70 [ 44.716914] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 44.721908] get_signal+0x7e8/0x17e0 [ 44.725616] ? ptrace_notify+0x130/0x130 [ 44.729655] ? __schedule+0x8f0/0x2070 [ 44.733523] ? __sched_text_start+0x8/0x8 [ 44.737653] ? __fget+0x333/0x570 [ 44.741096] do_signal+0x94/0x1ee0 [ 44.744612] ? lock_release+0xa40/0xa40 [ 44.748570] ? setup_sigcontext+0x7d0/0x7d0 [ 44.752877] ? schedule+0x108/0x440 [ 44.756482] ? __schedule+0x2070/0x2070 [ 44.760439] ? lock_downgrade+0x990/0x990 [ 44.764563] ? is_prefetch.isra.33+0x420/0x420 [ 44.769124] ? exit_to_usermode_loop+0x98/0x2d0 [ 44.773775] exit_to_usermode_loop+0x21c/0x2d0 [ 44.778337] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 44.783951] syscall_return_slowpath+0x3a7/0x450 [ 44.788686] ? prepare_exit_to_usermode+0x220/0x220 [ 44.793689] ? entry_SYSCALL_64_fastpath+0x91/0xbe [ 44.798595] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 44.803590] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 44.808326] entry_SYSCALL_64_fastpath+0xbc/0xbe [ 44.813057] RIP: 0033:0x4512c9 [ 44.816225] RSP: 002b:00007f5548015c18 EFLAGS: 00000206 ORIG_RAX: 00000000000000ca [ 44.823907] RAX: 0000000000000001 RBX: 00000000007180a8 RCX: 00000000004512c9 [ 44.831155] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 00000000007180cc [ 44.838400] RBP: 0000000000001fe0 R08: 0000000000000000 R09: 0000000000000000 [ 44.845640] R10: 0000000000000000 R11: 0000000000000206 R12: 00000000004b7f09 [ 44.852887] R13: 00000000ffffffff R14: 0000000000000007 R15: 000000000000ae80 [ 44.860140] Code: 3c 02 00 00 48 c7 c7 20 63 62 84 c6 05 e0 42 f8 03 01 e8 25 de 44 00 e9 da fb ff ff e8 6b 7f 5d 00 48 b8 00 00 00 00 00 fc ff df <80> 38 00 0f 85 1b 01 00 00 4c 8b 24 25 00 00 00 00 31 db e9 83 [ 44.879244] RIP: gfn_to_rmap+0x57f/0x6b0 RSP: ffff8801ca9b6820 [ 44.885245] ---[ end trace 0a16957bec756c04 ]--- [ 44.889992] Kernel panic - not syncing: Fatal exception [ 44.895665] Dumping ftrace buffer: [ 44.899170] (ftrace buffer empty) [ 44.902844] Kernel Offset: disabled [ 44.906433] Rebooting in 86400 seconds..