forked to background, child pid 3176 no interfaces have a carri[ 21.757107][ T3177] 8021q: adding VLAN 0 to HW filter on device bond0 er [ 21.767553][ T3177] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.0.98' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 40.247794][ T3591] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 40.337117][ T3591] page:ffffea0001ca7940 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x729e5 [ 40.347339][ T3591] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 40.354443][ T3591] raw: 00fff00000000000 ffffea0001c82f48 ffffea0001caa808 0000000000000000 [ 40.363067][ T3591] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000 [ 40.371748][ T3591] page dumped because: VM_BUG_ON_PAGE(page_ref_count(page) == 0) [ 40.379609][ T3591] page_owner tracks the page as freed [ 40.384964][ T3591] page last allocated via order 0, migratetype Movable, gfp_mask 0x1100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO), pid 3591, ts 40278427582, free_ts 40279093894 [ 40.400555][ T3591] get_page_from_freelist+0xba2/0x3df0 [ 40.406028][ T3591] __alloc_pages+0x1b2/0x500 [ 40.410895][ T3591] alloc_pages_vma+0xf9/0x770 [ 40.415578][ T3591] __handle_mm_fault+0x1ca4/0x4150 [ 40.420702][ T3591] handle_mm_fault+0x1c8/0x790 [ 40.425467][ T3591] __get_user_pages+0x4f7/0xf10 [ 40.430346][ T3591] get_user_pages_unlocked+0x1b3/0x760 [ 40.435816][ T3591] hva_to_pfn+0x1bf/0xe30 [ 40.440156][ T3591] kvm_gfn_to_pfn_cache_refresh+0x559/0x1360 [ 40.446137][ T3591] kvm_xen_hvm_set_attr+0x2e7/0x6b0 [ 40.451341][ T3591] kvm_arch_vm_ioctl+0xde8/0x1700 [ 40.456365][ T3591] kvm_vm_ioctl+0xee5/0x22c0 [ 40.460972][ T3591] __x64_sys_ioctl+0x193/0x200 [ 40.465824][ T3591] do_syscall_64+0x35/0xb0 [ 40.470246][ T3591] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 40.476137][ T3591] page last free stack trace: [ 40.480833][ T3591] free_pcp_prepare+0x548/0xd10 [ 40.485779][ T3591] free_unref_page_list+0x18f/0xf60 [ 40.491008][ T3591] release_pages+0xaf9/0x2440 [ 40.495690][ T3591] tlb_finish_mmu+0x165/0x8c0 [ 40.500399][ T3591] exit_mmap+0x1de/0x4a0 [ 40.504638][ T3591] __mmput+0x122/0x4b0 [ 40.508723][ T3591] mmput+0x56/0x60 [ 40.512440][ T3591] do_exit+0xa12/0x2a30 [ 40.516596][ T3591] do_group_exit+0xd2/0x2f0 [ 40.521114][ T3591] __x64_sys_exit_group+0x3a/0x50 [ 40.526155][ T3591] do_syscall_64+0x35/0xb0 [ 40.530580][ T3591] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 40.536486][ T3591] ------------[ cut here ]------------ [ 40.541938][ T3591] kernel BUG at include/linux/mm.h:720! [ 40.547494][ T3591] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 40.553540][ T3591] CPU: 1 PID: 3591 Comm: syz-executor359 Tainted: G W 5.17.0-syzkaller-02237-g1bc191051dca #0 [ 40.565065][ T3591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 40.575099][ T3591] RIP: 0010:kvm_release_pfn_clean.part.0+0x245/0x290 [ 40.581758][ T3591] Code: e8 80 8b 70 00 48 89 ef e8 88 86 9b 00 5b 5d 41 5c e9 6f 8b 70 00 e8 6a 8b 70 00 48 c7 c6 40 12 a2 89 48 89 ef e8 cb 3e a6 00 <0f> 0b e8 54 c6 bb 00 e9 eb fd ff ff 48 89 ef e8 47 c6 bb 00 e9 78 [ 40.601342][ T3591] RSP: 0018:ffffc90002c5fb40 EFLAGS: 00010293 [ 40.607388][ T3591] RAX: 0000000000000000 RBX: ffffea0001ca7974 RCX: 0000000000000000 [ 40.615349][ T3591] RDX: ffff888076db8000 RSI: ffffffff81083525 RDI: 0000000000000003 [ 40.623309][ T3591] RBP: ffffea0001ca7940 R08: 0000000000000029 R09: 00000000ffffffff [ 40.631269][ T3591] R10: ffffffff89186e92 R11: 00000000ffffffff R12: 0000000000000000 [ 40.639227][ T3591] R13: ffff8880729e5000 R14: 0000600000000000 R15: ffff88813fff91c0 [ 40.647187][ T3591] FS: 0000000000000000(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000 [ 40.656109][ T3591] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 40.662687][ T3591] CR2: 00007ffd71251dc0 CR3: 0000000022e53000 CR4: 00000000003526e0 [ 40.670650][ T3591] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 40.678607][ T3591] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 40.686567][ T3591] Call Trace: [ 40.689832][ T3591] [ 40.692748][ T3591] kvm_release_pfn+0x91/0xa0 [ 40.697338][ T3591] kvm_gfn_to_pfn_cache_unmap+0x2df/0x3a0 [ 40.703052][ T3591] kvm_gfn_to_pfn_cache_destroy+0x199/0x260 [ 40.709204][ T3591] kvm_xen_destroy_vm+0x18/0x90 [ 40.714047][ T3591] kvm_arch_destroy_vm+0x360/0x470 [ 40.719158][ T3591] ? trace_hardirqs_on+0x5b/0x1c0 [ 40.724172][ T3591] ? kvm_arch_pre_destroy_vm+0x20/0x20 [ 40.729627][ T3591] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 40.735865][ T3591] kvm_put_kvm+0x4fa/0xb60 [ 40.740280][ T3591] kvm_vm_release+0x3f/0x50 [ 40.744789][ T3591] __fput+0x286/0x9f0 [ 40.748768][ T3591] ? kvm_put_kvm+0xb60/0xb60 [ 40.753353][ T3591] task_work_run+0xdd/0x1a0 [ 40.757852][ T3591] do_exit+0xaff/0x2a30 [ 40.761998][ T3591] ? lock_downgrade+0x6e0/0x6e0 [ 40.766843][ T3591] ? mm_update_next_owner+0x7a0/0x7a0 [ 40.772215][ T3591] do_group_exit+0xd2/0x2f0 [ 40.776799][ T3591] __x64_sys_exit_group+0x3a/0x50 [ 40.781817][ T3591] do_syscall_64+0x35/0xb0 [ 40.786228][ T3591] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 40.792119][ T3591] RIP: 0033:0x7fc40e85fc09 [ 40.796521][ T3591] Code: Unable to access opcode bytes at RIP 0x7fc40e85fbdf. [ 40.803871][ T3591] RSP: 002b:00007fff3320ca18 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 40.812271][ T3591] RAX: ffffffffffffffda RBX: 00007fc40e8d3270 RCX: 00007fc40e85fc09 [ 40.820237][ T3591] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000 [ 40.828194][ T3591] RBP: 0000000000000000 R08: ffffffffffffffc0 R09: 0000000000000000 [ 40.836152][ T3591] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc40e8d3270 [ 40.844111][ T3591] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001 [ 40.852088][ T3591] [ 40.855093][ T3591] Modules linked in: [ 40.859206][ T3591] ---[ end trace 0000000000000000 ]--- [ 40.864655][ T3591] RIP: 0010:kvm_release_pfn_clean.part.0+0x245/0x290 [ 40.871377][ T3591] Code: e8 80 8b 70 00 48 89 ef e8 88 86 9b 00 5b 5d 41 5c e9 6f 8b 70 00 e8 6a 8b 70 00 48 c7 c6 40 12 a2 89 48 89 ef e8 cb 3e a6 00 <0f> 0b e8 54 c6 bb 00 e9 eb fd ff ff 48 89 ef e8 47 c6 bb 00 e9 78 [ 40.891059][ T3591] RSP: 0018:ffffc90002c5fb40 EFLAGS: 00010293 [ 40.897132][ T3591] RAX: 0000000000000000 RBX: ffffea0001ca7974 RCX: 0000000000000000 [ 40.905099][ T3591] RDX: ffff888076db8000 RSI: ffffffff81083525 RDI: 0000000000000003 [ 40.913512][ T3591] RBP: ffffea0001ca7940 R08: 0000000000000029 R09: 00000000ffffffff [ 40.921496][ T3591] R10: ffffffff89186e92 R11: 00000000ffffffff R12: 0000000000000000 [ 40.929469][ T3591] R13: ffff8880729e5000 R14: 0000600000000000 R15: ffff88813fff91c0 [ 40.937450][ T3591] FS: 0000000000000000(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000 [ 40.946367][ T3591] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 40.952979][ T3591] CR2: 00007ffd71251dc0 CR3: 0000000022e53000 CR4: 00000000003526e0 [ 40.960975][ T3591] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 40.968975][ T3591] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 40.976985][ T3591] Kernel panic - not syncing: Fatal exception [ 40.983212][ T3591] Kernel Offset: disabled [ 40.987521][ T3591] Rebooting in 86400 seconds..