syzkaller syzkaller login: [ 11.913665][ T23] kauditd_printk_skb: 60 callbacks suppressed [ 11.913671][ T23] audit: type=1400 audit(1635200277.320:71): avc: denied { transition } for pid=289 comm="sshd" path="/bin/sh" dev="sda1" ino=73 scontext=system_u:system_r:initrc_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 11.920840][ T23] audit: type=1400 audit(1635200277.330:72): avc: denied { write } for pid=289 comm="sh" path="pipe:[226]" dev="pipefs" ino=226 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:initrc_t tclass=fifo_file permissive=1 [ 12.132600][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #80!!! [ 12.135248][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #80!!! [ 12.137538][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #80!!! [ 32.129557][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!! Warning: Permanently added '10.128.10.11' (ECDSA) to the list of known hosts. 2021/10/25 22:18:23 parsed 1 programs [ 37.848164][ T23] audit: type=1400 audit(1635200303.250:73): avc: denied { getattr } for pid=365 comm="syz-execprog" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 37.863084][ T370] cgroup: Unknown subsys name 'net' [ 37.871821][ T23] audit: type=1400 audit(1635200303.250:74): avc: denied { read } for pid=365 comm="syz-execprog" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 37.898227][ T23] audit: type=1400 audit(1635200303.250:75): avc: denied { open } for pid=365 comm="syz-execprog" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 37.898388][ T370] cgroup: Unknown subsys name 'devices' [ 37.921576][ T23] audit: type=1400 audit(1635200303.260:76): avc: denied { read } for pid=365 comm="syz-execprog" name="raw-gadget" dev="devtmpfs" ino=165 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 37.950064][ T23] audit: type=1400 audit(1635200303.260:77): avc: denied { open } for pid=365 comm="syz-execprog" path="/dev/raw-gadget" dev="devtmpfs" ino=165 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 37.973492][ T23] audit: type=1400 audit(1635200303.270:78): avc: denied { mounton } for pid=370 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1137 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 37.996259][ T23] audit: type=1400 audit(1635200303.270:79): avc: denied { mount } for pid=370 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 38.018552][ T23] audit: type=1400 audit(1635200303.290:80): avc: denied { unmount } for pid=370 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 38.090958][ T370] cgroup: Unknown subsys name 'hugetlb' [ 38.096622][ T370] cgroup: Unknown subsys name 'rlimit' 2021/10/25 22:18:23 executed programs: 0 [ 38.160947][ T23] audit: type=1400 audit(1635200303.570:81): avc: denied { mounton } for pid=370 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 38.185854][ T23] audit: type=1400 audit(1635200303.600:82): avc: denied { mount } for pid=370 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 38.315061][ T378] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.322284][ T378] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.329651][ T378] device bridge_slave_0 entered promiscuous mode [ 38.337506][ T378] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.344561][ T378] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.351850][ T378] device bridge_slave_1 entered promiscuous mode [ 38.409092][ T383] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.416198][ T383] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.423548][ T383] device bridge_slave_0 entered promiscuous mode [ 38.444787][ T384] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.451956][ T384] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.459241][ T384] device bridge_slave_0 entered promiscuous mode [ 38.467222][ T383] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.474563][ T383] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.481981][ T383] device bridge_slave_1 entered promiscuous mode [ 38.499950][ T385] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.506981][ T385] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.514455][ T385] device bridge_slave_0 entered promiscuous mode [ 38.521207][ T377] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.528267][ T377] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.535614][ T377] device bridge_slave_0 entered promiscuous mode [ 38.542188][ T384] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.549185][ T384] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.556523][ T384] device bridge_slave_1 entered promiscuous mode [ 38.569607][ T382] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.576706][ T382] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.584087][ T382] device bridge_slave_0 entered promiscuous mode [ 38.593021][ T382] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.600058][ T382] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.607265][ T382] device bridge_slave_1 entered promiscuous mode [ 38.613837][ T385] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.620906][ T385] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.628118][ T385] device bridge_slave_1 entered promiscuous mode [ 38.634745][ T377] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.641871][ T377] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.649080][ T377] device bridge_slave_1 entered promiscuous mode [ 38.728518][ T378] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.735576][ T378] bridge0: port 2(bridge_slave_1) entered forwarding state [ 38.742859][ T378] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.749895][ T378] bridge0: port 1(bridge_slave_0) entered forwarding state [ 38.769688][ T377] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.776720][ T377] bridge0: port 2(bridge_slave_1) entered forwarding state [ 38.783940][ T377] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.791004][ T377] bridge0: port 1(bridge_slave_0) entered forwarding state [ 38.815523][ T384] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.822571][ T384] bridge0: port 2(bridge_slave_1) entered forwarding state [ 38.829822][ T384] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.836824][ T384] bridge0: port 1(bridge_slave_0) entered forwarding state [ 38.857001][ T382] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.864043][ T382] bridge0: port 2(bridge_slave_1) entered forwarding state [ 38.871286][ T382] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.878287][ T382] bridge0: port 1(bridge_slave_0) entered forwarding state [ 38.902499][ T383] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.909558][ T383] bridge0: port 2(bridge_slave_1) entered forwarding state [ 38.916778][ T383] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.923837][ T383] bridge0: port 1(bridge_slave_0) entered forwarding state [ 38.934759][ T24] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.942260][ T24] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.949766][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 38.957191][ T24] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.964642][ T24] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.971780][ T24] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.978873][ T24] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.986330][ T24] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.993464][ T24] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.000673][ T24] bridge0: port 1(bridge_slave_0) entered disabled state [ 39.007859][ T24] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.015625][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 39.023039][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 39.039536][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 39.047529][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 39.049587][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!! [ 39.055718][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.071381][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 39.078682][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 39.086853][ T45] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.093873][ T45] bridge0: port 2(bridge_slave_1) entered forwarding state [ 39.101788][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 39.109655][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 39.130723][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 39.138794][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.145814][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 39.153201][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 39.161452][ T45] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.168462][ T45] bridge0: port 2(bridge_slave_1) entered forwarding state [ 39.175807][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 39.184285][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.191312][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 39.198606][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 39.206740][ T45] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.213752][ T45] bridge0: port 2(bridge_slave_1) entered forwarding state [ 39.221058][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 39.228940][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 39.236950][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 39.244875][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 39.280373][ T371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 39.288041][ T371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 39.289985][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!! [ 39.305144][ T371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 39.314070][ T371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 39.339857][ T371] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 39.348040][ T371] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.355075][ T371] bridge0: port 1(bridge_slave_0) entered forwarding state [ 39.362703][ T371] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 39.371376][ T371] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.378392][ T371] bridge0: port 1(bridge_slave_0) entered forwarding state [ 39.385807][ T371] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 39.393911][ T371] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.400946][ T371] bridge0: port 2(bridge_slave_1) entered forwarding state [ 39.408284][ T371] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 39.416273][ T371] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 39.424116][ T371] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 39.432681][ T371] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 39.440880][ T371] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.447909][ T371] bridge0: port 2(bridge_slave_1) entered forwarding state [ 39.455234][ T371] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 39.463343][ T371] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 39.481672][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 39.489949][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 39.498136][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 39.506230][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 39.530380][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 39.538497][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 39.547380][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 39.555936][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 39.564090][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 39.571989][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 39.579960][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 39.588066][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 39.597025][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 39.605300][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 39.613910][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 39.622543][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 39.630915][ T24] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.637927][ T24] bridge0: port 1(bridge_slave_0) entered forwarding state [ 39.645468][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 39.653849][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 39.662083][ T24] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.669090][ T24] bridge0: port 2(bridge_slave_1) entered forwarding state [ 39.676516][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 39.684721][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 39.699596][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 39.707177][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 39.715828][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 39.724140][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 39.732600][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 39.741099][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 39.748879][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 39.757084][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 39.764925][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 39.784332][ T377] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation [ 39.803087][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 39.813114][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 39.814016][ T409] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 39.824783][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 39.847031][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 39.856401][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 39.864344][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 39.873065][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 39.881469][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 39.890019][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 39.898229][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 39.906537][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 39.914808][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 39.923094][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 39.950708][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 39.958738][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 39.967865][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 39.976759][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 39.985056][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 39.993416][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 40.001858][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 40.010217][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 40.018344][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 40.026715][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 40.034989][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 40.043749][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 40.052315][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 40.060637][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 40.068807][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready 2021/10/25 22:18:28 executed programs: 24 [ 45.182714][ T697] ------------[ cut here ]------------ [ 45.188403][ T697] kernel BUG at arch/x86/kvm/../../../virt/kvm/kvm_main.c:516! [ 45.196113][ T697] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 45.202174][ T697] CPU: 0 PID: 697 Comm: syz-executor.2 Not tainted 5.10.75-syzkaller-01082-g234d53d2bb60 #0 [ 45.212219][ T697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 45.222292][ T697] RIP: 0010:kvm_mmu_notifier_invalidate_range_end+0xb2/0xc0 [ 45.229571][ T697] Code: 49 8b 1e 48 c7 c7 ff ff ff ff 48 89 de e8 46 96 64 00 48 85 db 78 0e e8 7c 91 64 00 5b 41 5c 41 5e 41 5f 5d c3 e8 6e 91 64 00 <0f> 0b 66 66 2e 0f 1f 84 00 00 00 00 00 90 55 48 89 e5 41 57 41 56 [ 45.249685][ T697] RSP: 0000:ffffc90001c2f7d0 EFLAGS: 00010293 [ 45.255761][ T697] RAX: ffffffff81086782 RBX: ffffffffffffffff RCX: ffff888111c03b40 [ 45.263719][ T697] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: ffffffffffffffff [ 45.271676][ T697] RBP: ffffc90001c2f7f0 R08: ffffffff8108676a R09: 0000000000000003 [ 45.279628][ T697] R10: fffff52000385ee9 R11: 0000000000000004 R12: dffffc0000000000 [ 45.287589][ T697] R13: dffffc0000000000 R14: ffffc90001c3a160 R15: ffffc90001c31000 [ 45.295562][ T697] FS: 00007fa9ce490700(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 45.304472][ T697] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 45.311126][ T697] CR2: 00007fa9ce5197d0 CR3: 00000001224df000 CR4: 00000000003526b0 [ 45.319084][ T697] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 45.327054][ T697] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 45.335004][ T697] Call Trace: [ 45.338283][ T697] ? kvm_mmu_notifier_invalidate_range_start+0x300/0x300 [ 45.345289][ T697] __mmu_notifier_invalidate_range_end+0x246/0x300 [ 45.351777][ T697] wp_page_copy+0xe51/0x1750 [ 45.356348][ T697] ? copy_user_highpage+0x1b0/0x1b0 [ 45.361526][ T697] ? __kasan_check_write+0x14/0x20 [ 45.366620][ T697] ? _raw_spin_trylock+0xcb/0x1a0 [ 45.371631][ T697] ? kmem_cache_free+0xaa/0x1e0 [ 45.376479][ T697] do_wp_page+0x73b/0xc80 [ 45.380792][ T697] handle_pte_fault+0x575/0xac0 [ 45.385627][ T697] ___handle_speculative_fault+0xd97/0x17d0 [ 45.391504][ T697] ? __handle_speculative_fault+0x2a0/0x2a0 [ 45.397392][ T697] ? putname+0xf8/0x150 [ 45.401530][ T697] ? _raw_read_unlock+0x25/0x40 [ 45.406369][ T697] ? get_vma+0x14e/0x160 [ 45.410697][ T697] __handle_speculative_fault+0xc3/0x2a0 [ 45.416311][ T697] do_user_addr_fault+0x8c9/0xd70 [ 45.421315][ T697] ? __x64_sys_openat+0x243/0x290 [ 45.426322][ T697] ? trace_raw_output_x86_exceptions+0x100/0x100 [ 45.432630][ T697] exc_page_fault+0x98/0x2d0 [ 45.437197][ T697] ? asm_exc_page_fault+0x8/0x30 [ 45.442126][ T697] asm_exc_page_fault+0x1e/0x30 [ 45.446965][ T697] RIP: 0033:0x7fa9ce5236cf [ 45.451364][ T697] Code: 44 00 00 45 31 c0 31 c9 ba 80 00 00 00 48 89 de bf ca 00 00 00 e8 61 93 05 00 8b 03 85 c0 74 e3 c7 45 08 00 00 00 00 48 89 ef 0c fb ff ff 8b 45 0c 85 c0 75 39 b9 40 42 0f 00 ba 81 00 00 00 [ 45.470954][ T697] RSP: 002b:00007fa9ce490220 EFLAGS: 00010202 [ 45.477003][ T697] RAX: 0000000000000001 RBX: 00007fa9ce6801a8 RCX: 00007fa9ce57ca39 [ 45.484960][ T697] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fa9ce6801a0 [ 45.492913][ T697] RBP: 00007fa9ce6801a0 R08: 0000000000000000 R09: 0000000000000000 [ 45.500864][ T697] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa9ce6801ac [ 45.508820][ T697] R13: 00007fff2fc9ff8f R14: 00007fa9ce490300 R15: 0000000000022000 [ 45.516771][ T697] Modules linked in: [ 45.524010][ T650] ------------[ cut here ]------------ [ 45.529988][ T650] kernel BUG at arch/x86/kvm/../../../virt/kvm/kvm_main.c:516! [ 45.538433][ T697] ---[ end trace e4513eaee796f883 ]--- [ 45.544028][ T697] RIP: 0010:kvm_mmu_notifier_invalidate_range_end+0xb2/0xc0 [ 45.551531][ T650] invalid opcode: 0000 [#2] PREEMPT SMP KASAN [ 45.557587][ T650] CPU: 0 PID: 650 Comm: syz-executor.2 Tainted: G D 5.10.75-syzkaller-01082-g234d53d2bb60 #0 [ 45.569011][ T650] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 45.579054][ T650] RIP: 0010:kvm_mmu_notifier_invalidate_range_end+0xb2/0xc0 [ 45.586318][ T650] Code: 49 8b 1e 48 c7 c7 ff ff ff ff 48 89 de e8 46 96 64 00 48 85 db 78 0e e8 7c 91 64 00 5b 41 5c 41 5e 41 5f 5d c3 e8 6e 91 64 00 <0f> 0b 66 66 2e 0f 1f 84 00 00 00 00 00 90 55 48 89 e5 41 57 41 56 [ 45.605900][ T650] RSP: 0000:ffffc900012777d0 EFLAGS: 00010293 [ 45.611970][ T650] RAX: ffffffff81086782 RBX: ffffffffffffffff RCX: ffff888122e9cf00 [ 45.619924][ T650] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: ffffffffffffffff [ 45.627876][ T650] RBP: ffffc900012777f0 R08: ffffffff8108676a R09: 0000000000000003 [ 45.635827][ T650] R10: fffff5200024eee9 R11: 0000000000000004 R12: dffffc0000000000 [ 45.643782][ T650] R13: dffffc0000000000 R14: ffffc90001c3a160 R15: ffffc90001c31000 [ 45.651741][ T650] FS: 00005555570eb400(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 45.660650][ T650] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 45.667317][ T650] CR2: 00005555570eb3bc CR3: 00000001224df000 CR4: 00000000003526b0 [ 45.675273][ T650] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 45.683242][ T650] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 45.691215][ T650] Call Trace: [ 45.694501][ T650] ? kvm_mmu_notifier_invalidate_range_start+0x300/0x300 [ 45.701505][ T650] __mmu_notifier_invalidate_range_end+0x246/0x300 [ 45.707989][ T650] wp_page_copy+0xe51/0x1750 [ 45.712559][ T650] ? copy_user_highpage+0x1b0/0x1b0 [ 45.717737][ T650] ? __kasan_check_write+0x14/0x20 [ 45.722828][ T650] ? _raw_spin_trylock+0xcb/0x1a0 [ 45.727843][ T650] do_wp_page+0x73b/0xc80 [ 45.732179][ T650] handle_pte_fault+0x575/0xac0 [ 45.737014][ T650] ___handle_speculative_fault+0xd97/0x17d0 [ 45.743327][ T650] ? __handle_speculative_fault+0x2a0/0x2a0 [ 45.749204][ T650] ? __kasan_check_write+0x14/0x20 [ 45.754297][ T650] ? _raw_read_unlock+0x25/0x40 [ 45.759128][ T650] ? get_vma+0x14e/0x160 [ 45.763357][ T650] __handle_speculative_fault+0xc3/0x2a0 [ 45.768973][ T650] do_user_addr_fault+0x8c9/0xd70 [ 45.773983][ T650] ? trace_raw_output_x86_exceptions+0x100/0x100 [ 45.780292][ T650] exc_page_fault+0x98/0x2d0 [ 45.784866][ T650] ? asm_exc_page_fault+0x8/0x30 [ 45.789786][ T650] asm_exc_page_fault+0x1e/0x30 [ 45.794615][ T650] RIP: 0033:0x7fa9ce57ca4b [ 45.799008][ T650] Code: 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 <64> 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 [ 45.818592][ T650] RSP: 002b:00007fff2fca0008 EFLAGS: 00010213 [ 45.824639][ T650] RAX: 000000000000006e RBX: 0000000000000032 RCX: ffffffffffffffbc [ 45.832599][ T650] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fa9ce6801ac [ 45.840560][ T650] RBP: 00007fa9ce6801ac R08: 00007fff2fd9c0b8 R09: 0000000000000000 [ 45.848523][ T650] R10: 00007fff2fca00e0 R11: 0000000000000246 R12: 000000000000b06a [ 45.856480][ T650] R13: 00000000000003e8 R14: 00007fa9ce67ff60 R15: 000000000000ad26 [ 45.864433][ T650] Modules linked in: [ 45.871546][ T697] Code: 49 8b 1e 48 c7 c7 ff ff ff ff 48 89 de e8 46 96 64 00 48 85 db 78 0e e8 7c 91 64 00 5b 41 5c 41 5e 41 5f 5d c3 e8 6e 91 64 00 <0f> 0b 66 66 2e 0f 1f 84 00 00 00 00 00 90 55 48 89 e5 41 57 41 56 [ 45.891672][ T697] RSP: 0000:ffffc90001c2f7d0 EFLAGS: 00010293 [ 45.897887][ T697] RAX: ffffffff81086782 RBX: ffffffffffffffff RCX: ffff888111c03b40 [ 45.906091][ T697] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: ffffffffffffffff [ 45.914225][ T697] RBP: ffffc90001c2f7f0 R08: ffffffff8108676a R09: 0000000000000003 [ 45.922346][ T697] R10: fffff52000385ee9 R11: 0000000000000004 R12: dffffc0000000000 [ 45.930470][ T697] R13: dffffc0000000000 R14: ffffc90001c3a160 R15: ffffc90001c31000 [ 45.938478][ T697] FS: 00007fa9ce490700(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 45.947569][ T697] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 45.954309][ T697] CR2: 00005555570eb3bc CR3: 00000001224df000 CR4: 00000000003526b0 [ 45.962416][ T697] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 45.969664][ T650] ---[ end trace e4513eaee796f884 ]--- [ 45.970568][ T697] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 45.984080][ T697] Kernel panic - not syncing: Fatal exception [ 45.985686][ T650] RIP: 0010:kvm_mmu_notifier_invalidate_range_end+0xb2/0xc0 [ 45.990409][ T697] Kernel Offset: disabled [ 46.001991][ T697] Rebooting in 86400 seconds..