INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.34' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 40.394424] IPVS: ftp: loaded support on port[0] = 21 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 40.644359] ------------[ cut here ]------------ [ 40.649144] kernel BUG at drivers/vhost/vhost.c:1652! [ 40.654459] invalid opcode: 0000 [#1] SMP PTI [ 40.658979] Dumping ftrace buffer: [ 40.660565] ------------[ cut here ]------------ [ 40.662536] (ftrace buffer empty) [ 40.667288] kernel BUG at drivers/vhost/vhost.c:1652! [ 40.670978] Modules linked in: [ 40.679342] CPU: 0 PID: 4494 Comm: syz-executor641 Not tainted 4.16.0+ #87 [ 40.686347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 40.695719] RIP: 0010:log_write+0x5fa/0x660 [ 40.700035] RSP: 0018:ffff8801c237fa90 EFLAGS: 00010297 [ 40.705403] RAX: 0000000000000000 RBX: ffff8801d8738918 RCX: ffffffffffffffff [ 40.712673] RDX: 0000000000000000 RSI: 000fdfdffff00001 RDI: 000000009ba0009d [ 40.719944] RBP: ffff8801c237fb30 R08: 0000000000000000 R09: 0000000000000002 [ 40.727211] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 40.734496] R13: 0000000000000002 R14: 0000000000000000 R15: 0000000000000000 [ 40.741769] FS: 00007f8aea98f700(0000) GS:ffff88021fc00000(0000) knlGS:0000000000000000 [ 40.749998] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 40.755877] CR2: 0000000020bf6000 CR3: 00000001a22d8000 CR4: 00000000001406f0 [ 40.763148] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 40.770423] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 40.777687] Call Trace: [ 40.780363] ? _cond_resched+0x3c/0xd0 [ 40.784302] vhost_update_used_flags+0x680/0x8d0 [ 40.789118] vhost_vq_init_access+0x173/0xa20 [ 40.793665] vhost_vsock_dev_ioctl+0x1051/0x1450 [ 40.798480] ? peek_head_len+0xe00/0xe00 [ 40.802575] do_vfs_ioctl+0xaf0/0x2440 [ 40.806489] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 40.811864] ? __fget_light+0x6b9/0x710 [ 40.815841] ? prepare_exit_to_usermode+0x149/0x3a0 [ 40.820864] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 40.826268] SYSC_ioctl+0x1d2/0x260 [ 40.829956] SyS_ioctl+0x54/0x80 [ 40.833368] do_syscall_64+0x309/0x430 [ 40.837273] ? ioctl_file_clone+0x4f0/0x4f0 [ 40.841602] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 40.846787] RIP: 0033:0x44a039 [ 40.849974] RSP: 002b:00007f8aea98ece8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 40.857686] RAX: ffffffffffffffda RBX: 00000000006dbc24 RCX: 000000000044a039 [ 40.864964] RDX: 0000000020f82ffc RSI: 000000004004af61 RDI: 000000000000001a [ 40.872234] RBP: 00000000006dbc20 R08: 0000000000000000 R09: 0000000000000000 [ 40.879500] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 40.886776] R13: 00007ffd37afe2bf R14: 00007f8aea98f9c0 R15: 0000000000000009 [ 40.894045] Code: eb 1b 8b 7d c0 e8 f7 00 35 fa 45 85 f6 0f 89 fe fb ff ff eb 0f 4d 89 f7 e9 ed fd ff ff e8 5f 7f dd f9 eb 25 e8 58 7f dd f9 eb 3e <0f> 0b 0f 1f 40 00 eb fe 8b 7d d0 e8 c6 00 35 fa 4d 85 ff 0f 85 [ 40.913542] RIP: log_write+0x5fa/0x660 RSP: ffff8801c237fa90 [ 40.919369] invalid opcode: 0000 [#2] SMP PTI [ 40.919521] ---[ end trace 09540ff68128c8ce ]--- [ 40.923871] Dumping ftrace buffer: [ 40.923882] (ftrace buffer empty) [ 40.923889] Modules linked in: [ 40.923921] CPU: 1 PID: 4496 Comm: syz-executor641 Tainted: G D 4.16.0+ #87 [ 40.923943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 40.928711] Kernel panic - not syncing: Fatal exception [ 40.932226] RIP: 0010:log_write+0x5fa/0x660 [ 40.966347] RSP: 0018:ffff8801c356fa90 EFLAGS: 00010297 [ 40.971716] RAX: 0000000000000000 RBX: ffff8801a2c74418 RCX: ffffffffffffffff [ 40.978986] RDX: 0000000000000000 RSI: 000fdfdffff00001 RDI: 000000009ba0009d [ 40.986256] RBP: ffff8801c356fb30 R08: 0000000000000000 R09: 0000000000000002 [ 40.993522] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 41.000788] R13: 0000000000000002 R14: 0000000000000000 R15: 0000000000000000 [ 41.008064] FS: 00007f8aea96e700(0000) GS:ffff88021fd00000(0000) knlGS:0000000000000000 [ 41.016289] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 41.022168] CR2: 00007f8aea94cdb8 CR3: 00000001a22d8000 CR4: 00000000001406e0 [ 41.029439] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 41.036705] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 41.043971] Call Trace: [ 41.046636] ? _cond_resched+0x3c/0xd0 [ 41.050564] vhost_update_used_flags+0x680/0x8d0 [ 41.055379] vhost_vq_init_access+0x173/0xa20 [ 41.059929] vhost_vsock_dev_ioctl+0x1051/0x1450 [ 41.064743] ? peek_head_len+0xe00/0xe00 [ 41.068845] do_vfs_ioctl+0xaf0/0x2440 [ 41.072759] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 41.078125] ? __fget_light+0x6b9/0x710 [ 41.082104] ? prepare_exit_to_usermode+0x149/0x3a0 [ 41.087131] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 41.092536] SYSC_ioctl+0x1d2/0x260 [ 41.096223] SyS_ioctl+0x54/0x80 [ 41.099638] do_syscall_64+0x309/0x430 [ 41.103546] ? ioctl_file_clone+0x4f0/0x4f0 [ 41.107877] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 41.113067] RIP: 0033:0x44a039 [ 41.116251] RSP: 002b:00007f8aea96dce8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 41.123964] RAX: ffffffffffffffda RBX: 00000000006dbc3c RCX: 000000000044a039 [ 41.131234] RDX: 0000000020f82ffc RSI: 000000004004af61 RDI: 000000000000001b [ 41.138505] RBP: 00000000006dbc38 R08: 0000000000000000 R09: 0000000000000000 [ 41.145772] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 41.153040] R13: 00007ffd37afe2bf R14: 00007f8aea96e9c0 R15: 0000000000000009 [ 41.160312] Code: eb 1b 8b 7d c0 e8 f7 00 35 fa 45 85 f6 0f 89 fe fb ff ff eb 0f 4d 89 f7 e9 ed fd ff ff e8 5f 7f dd f9 eb 25 e8 58 7f dd f9 eb 3e <0f> 0b 0f 1f 40 00 eb fe 8b 7d d0 e8 c6 00 35 fa 4d 85 ff 0f 85 [ 41.179817] RIP: log_write+0x5fa/0x660 RSP: ffff8801c356fa90 [ 41.186060] Dumping ftrace buffer: [ 41.189591] (ftrace buffer empty) [ 41.193285] Kernel Offset: disabled [ 41.196917] Rebooting in 86400 seconds..