WARNING: possible circular locking dependency detected 4.13.0-rc6-next-20170823+ #7 Not tainted ------------------------------------------------------ kworker/2:1/800 is trying to acquire lock: (&kvm->irqfds.resampler_lock){+.+.}, at: [] irqfd_resampler_shutdown+0xe3/0x6b0 arch/x86/kvm/../../../virt/kvm/eventfd.c:98 but task is already holding lock: ((&irqfd->shutdown)){+.+.}, at: [] process_one_work+0xb2c/0x1be0 kernel/workqueue.c:2094 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #2 ((&irqfd->shutdown)){+.+.}: process_one_work+0xba5/0x1be0 kernel/workqueue.c:2095 worker_thread+0x223/0x1860 kernel/workqueue.c:2233 kthread+0x39c/0x470 kernel/kthread.c:231 ret_from_fork+0x2a/0x40 arch/x86/entry/entry_64.S:431 0xffffffffffffffff -> #1 ((complete)&rcu.completion){+.+.}: check_prevs_add kernel/locking/lockdep.c:2020 [inline] validate_chain kernel/locking/lockdep.c:2469 [inline] __lock_acquire+0x3286/0x4620 kernel/locking/lockdep.c:3498 lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:4002 complete_acquire include/linux/completion.h:39 [inline] __wait_for_common kernel/sched/completion.c:108 [inline] wait_for_common kernel/sched/completion.c:122 [inline] wait_for_completion+0xc8/0x770 kernel/sched/completion.c:143 __synchronize_srcu+0x1b5/0x250 kernel/rcu/srcutree.c:898 synchronize_srcu_expedited kernel/rcu/srcutree.c:923 [inline] synchronize_srcu+0x1a3/0x560 kernel/rcu/srcutree.c:974 kvm_irqfd_assign arch/x86/kvm/../../../virt/kvm/eventfd.c:364 [inline] kvm_irqfd+0x994/0x1d50 arch/x86/kvm/../../../virt/kvm/eventfd.c:572 kvm_vm_ioctl+0x1079/0x1c40 arch/x86/kvm/../../../virt/kvm/kvm_main.c:3032 vfs_ioctl fs/ioctl.c:45 [inline] do_vfs_ioctl+0x1b1/0x1530 fs/ioctl.c:685 SYSC_ioctl fs/ioctl.c:700 [inline] SyS_ioctl+0x8f/0xc0 fs/ioctl.c:691 entry_SYSCALL_64_fastpath+0x1f/0xbe -> #0 (&kvm->irqfds.resampler_lock){+.+.}: check_prev_add+0x865/0x1520 kernel/locking/lockdep.c:1894 check_prevs_add kernel/locking/lockdep.c:2020 [inline] validate_chain kernel/locking/lockdep.c:2469 [inline] __lock_acquire+0x3286/0x4620 kernel/locking/lockdep.c:3498 lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:4002 __mutex_lock_common kernel/locking/mutex.c:756 [inline] __mutex_lock+0x16f/0x1870 kernel/locking/mutex.c:893 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908 irqfd_resampler_shutdown+0xe3/0x6b0 arch/x86/kvm/../../../virt/kvm/eventfd.c:98 irqfd_shutdown+0xd8/0x1a0 arch/x86/kvm/../../../virt/kvm/eventfd.c:137 process_one_work+0xbfd/0x1be0 kernel/workqueue.c:2098 worker_thread+0x223/0x1860 kernel/workqueue.c:2233 kthread+0x39c/0x470 kernel/kthread.c:231 ret_from_fork+0x2a/0x40 arch/x86/entry/entry_64.S:431 other info that might help us debug this: Chain exists of: &kvm->irqfds.resampler_lock --> (complete)&rcu.completion --> (&irqfd->shutdown) Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock((&irqfd->shutdown)); lock((complete)&rcu.completion); lock((&irqfd->shutdown)); lock(&kvm->irqfds.resampler_lock); *** DEADLOCK *** 2 locks held by kworker/2:1/800: #0: ("kvm-irqfd-cleanup"){++++}, at: [] __write_once_size include/linux/compiler.h:305 [inline] #0: ("kvm-irqfd-cleanup"){++++}, at: [] atomic64_set arch/x86/include/asm/atomic64_64.h:33 [inline] #0: ("kvm-irqfd-cleanup"){++++}, at: [] atomic_long_set include/asm-generic/atomic-long.h:56 [inline] #0: ("kvm-irqfd-cleanup"){++++}, at: [] set_work_data kernel/workqueue.c:617 [inline] #0: ("kvm-irqfd-cleanup"){++++}, at: [] set_work_pool_and_clear_pending kernel/workqueue.c:644 [inline] #0: ("kvm-irqfd-cleanup"){++++}, at: [] process_one_work+0xad4/0x1be0 kernel/workqueue.c:2090 #1: ((&irqfd->shutdown)){+.+.}, at: [] process_one_work+0xb2c/0x1be0 kernel/workqueue.c:2094 stack backtrace: CPU: 2 PID: 800 Comm: kworker/2:1 Not tainted 4.13.0-rc6-next-20170823+ #7 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011 Workqueue: kvm-irqfd-cleanup irqfd_shutdown Call Trace: __dump_stack lib/dump_stack.c:16 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:52 print_circular_bug+0x503/0x710 kernel/locking/lockdep.c:1259 check_prev_add+0x865/0x1520 kernel/locking/lockdep.c:1894 check_prevs_add kernel/locking/lockdep.c:2020 [inline] validate_chain kernel/locking/lockdep.c:2469 [inline] __lock_acquire+0x3286/0x4620 kernel/locking/lockdep.c:3498 netlink: 4 bytes leftover after parsing attributes in process `syz-executor3'. lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:4002 __mutex_lock_common kernel/locking/mutex.c:756 [inline] __mutex_lock+0x16f/0x1870 kernel/locking/mutex.c:893 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908 irqfd_resampler_shutdown+0xe3/0x6b0 arch/x86/kvm/../../../virt/kvm/eventfd.c:98 irqfd_shutdown+0xd8/0x1a0 arch/x86/kvm/../../../virt/kvm/eventfd.c:137 process_one_work+0xbfd/0x1be0 kernel/workqueue.c:2098 worker_thread+0x223/0x1860 kernel/workqueue.c:2233 netlink: 4 bytes leftover after parsing attributes in process `syz-executor3'. kthread+0x39c/0x470 kernel/kthread.c:231 ret_from_fork+0x2a/0x40 arch/x86/entry/entry_64.S:431 QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl mmap: syz-executor3 (3525) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.txt. QAT: Invalid ioctl capability: warning: `syz-executor0' uses 32-bit capabilities (legacy support in use) raw_sendmsg: syz-executor0 forgot to set AF_INET. Fix it! audit: type=1326 audit(1503537783.048:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=3624 comm="syz-executor5" exe="/syz-executor5" sig=9 arch=c000003e syscall=202 compat=0 ip=0x446749 code=0x0 RDS: rds_bind could not find a transport for 172.20.6.187, load rds_tcp or rds_rdma? audit: type=1326 audit(1503537783.122:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=3624 comm="syz-executor5" exe="/syz-executor5" sig=9 arch=c000003e syscall=202 compat=0 ip=0x446749 code=0x0 RDS: rds_bind could not find a transport for 172.20.6.187, load rds_tcp or rds_rdma? netlink: 1 bytes leftover after parsing attributes in process `syz-executor6'. ALSA: seq fatal error: cannot create timer (-22) netlink: 1 bytes leftover after parsing attributes in process `syz-executor6'. ALSA: seq fatal error: cannot create timer (-22) audit: type=1326 audit(1503537783.694:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=3854 comm="syz-executor7" exe="/syz-executor7" sig=31 arch=c000003e syscall=202 compat=0 ip=0x446749 code=0xffff0000 QAT: Invalid ioctl QAT: Invalid ioctl syz-executor2 uses obsolete (PF_INET,SOCK_PACKET) TCP: request_sock_TCPv6: Possible SYN flooding on port 20013. Sending cookies. Check SNMP counters. audit: type=1326 audit(1503537784.596:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=4121 comm="syz-executor3" exe="/syz-executor3" sig=9 arch=c000003e syscall=202 compat=0 ip=0x446749 code=0x0 audit: type=1326 audit(1503537784.723:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=4121 comm="syz-executor3" exe="/syz-executor3" sig=9 arch=c000003e syscall=202 compat=0 ip=0x446749 code=0x0 *** Guest State *** CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=fffffffffffff871 CR3 = 0x00000000fffbc000 RSP = 0x0000000000000000 RIP = 0x0000000000000000 RFLAGS=0x00041090 DR7 = 0x0000000000000400 Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 CS: sel=0x0043, attr=0x040fb, limit=0x000fffff, base=0x0000000000000000 DS: sel=0x004b, attr=0x040f3, limit=0x000fffff, base=0x0000000000000000 SS: sel=0x004b, attr=0x040f3, limit=0x000fffff, base=0x0000000000000000 ES: sel=0x004b, attr=0x040f3, limit=0x000fffff, base=0x0000000000000000 FS: sel=0x004b, attr=0x040f3, limit=0x000fffff, base=0x0000000000000000 GS: sel=0x004b, attr=0x040f3, limit=0x000fffff, base=0x0000000000000000 GDTR: limit=0x000007ff, base=0x0000000000001000 LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 IDTR: limit=0x000001ff, base=0x0000000000003800 TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 EFER = 0x0000000000000001 PAT = 0x0007040600070406 DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 BndCfgS = 0x0000000000000000 Interruptibility = 00000000 ActivityState = 00000000 *** Host State *** RIP = 0xffffffff811b6277 RSP = 0xffff88006a6df4c8 CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 FSBase=00007ff43199e700 GSBase=ffff88003ed00000 TRBase=ffff88003ed23100 GDTBase=ffffffffff576000 IDTBase=ffffffffff57b000 CR0=0000000080050033 CR3=000000004d34b000 CR4=00000000000026e0 Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff84d9d270 EFER = 0x0000000000000d01 PAT = 0x0007040600070406 *** Control State *** PinBased=0000003f CPUBased=b6a1edfa SecondaryExec=001000e3 EntryControls=0001d1ff ExitControls=00afefff ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 reason=80000021 qualification=0000000000000000 IDTVectoring: info=00000000 errcode=00000000 TSC Offset = 0xffffffd2553846c6 TPR Threshold = 0x00 EPT pointer = 0x000000003a40301e Virtual processor ID = 0x0001 QAT: Invalid ioctl audit: type=1326 audit(1503537785.973:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=4408 comm="syz-executor6" exe="/syz-executor6" sig=9 arch=c000003e syscall=202 compat=0 ip=0x446749 code=0x0 QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl audit: type=1326 audit(1503537786.185:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=4408 comm="syz-executor6" exe="/syz-executor6" sig=9 arch=c000003e syscall=202 compat=0 ip=0x446749 code=0x0 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pig=4478 comm=syz-executor1 tc_ctl_action: received NO action attribs SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pig=4478 comm=syz-executor1 tc_ctl_action: received NO action attribs sctp: [Deprecated]: syz-executor3 (pid 4472) Use of struct sctp_assoc_value in delayed_ack socket option. Use struct sctp_sack_info instead syz-executor1: vmalloc: allocation failure: 4833356120 bytes, mode:0x14080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) syz-executor1 cpuset=/ mems_allowed=0-1 CPU: 2 PID: 4511 Comm: syz-executor1 Not tainted 4.13.0-rc6-next-20170823+ #7 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:16 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:52 warn_alloc+0x1c2/0x2f0 mm/page_alloc.c:3238 __vmalloc_node_range+0x599/0x730 mm/vmalloc.c:1781 __vmalloc_node mm/vmalloc.c:1810 [inline] __vmalloc_node_flags_caller+0x50/0x60 mm/vmalloc.c:1832 kvmalloc_node+0x82/0xd0 mm/util.c:406 kvmalloc include/linux/mm.h:529 [inline] kvmalloc_array include/linux/mm.h:545 [inline] xt_alloc_entry_offsets+0x21/0x30 net/netfilter/x_tables.c:774 translate_table+0x235/0x1610 net/ipv4/netfilter/ip_tables.c:692 do_replace net/ipv4/netfilter/ip_tables.c:1135 [inline] do_ipt_set_ctl+0x34b/0x5c0 net/ipv4/netfilter/ip_tables.c:1669 nf_sockopt net/netfilter/nf_sockopt.c:105 [inline] nf_setsockopt+0x67/0xc0 net/netfilter/nf_sockopt.c:114 ip_setsockopt+0xa1/0xb0 net/ipv4/ip_sockglue.c:1251 tcp_setsockopt+0x82/0xd0 net/ipv4/tcp.c:2735 sock_common_setsockopt+0x95/0xd0 net/core/sock.c:2973 SYSC_setsockopt net/socket.c:1852 [inline] SyS_setsockopt+0x189/0x360 net/socket.c:1831 entry_SYSCALL_64_fastpath+0x1f/0xbe RIP: 0033:0x446749 RSP: 002b:00007f8a86265c08 EFLAGS: 00000296 ORIG_RAX: 0000000000000036 RAX: ffffffffffffffda RBX: 0000000000000018 RCX: 0000000000446749 RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000018 RBP: 00000000007080a8 R08: 0000000000000056 R09: 0000000000000000 R10: 0000000020006000 R11: 0000000000000296 R12: 00000000ffffffff R13: 0000000000004180 R14: 00000000006e6240 R15: 000000002099f000 Mem-Info: active_anon:91566 inactive_anon:42 isolated_anon:0 active_file:3433 inactive_file:4680 isolated_file:0 unevictable:0 dirty:104 writeback:0 unstable:0 slab_reclaimable:5582 slab_unreclaimable:34773 mapped:20801 shmem:52 pagetables:835 bounce:0 free:252268 free_pcp:1039 free_cma:0 Node 0 active_anon:66132kB inactive_anon:136kB active_file:5168kB inactive_file:14388kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:38928kB dirty:24kB writeback:0kB shmem:164kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no Node 1 active_anon:302168kB inactive_anon:32kB active_file:8564kB inactive_file:4336kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:44276kB dirty:404kB writeback:0kB shmem:44kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no Node 0 DMA free:15908kB min:640kB low:800kB high:960kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 886 886 886 Node 0 DMA32 free:685912kB min:36536kB low:45668kB high:54800kB active_anon:59976kB inactive_anon:136kB active_file:5168kB inactive_file:14388kB unevictable:0kB writepending:24kB present:1032192kB managed:909748kB mlocked:0kB kernel_stack:3328kB pagetables:1264kB bounce:0kB free_pcp:2140kB local_pcp:688kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 Node 1 DMA32 free:313420kB min:30404kB low:38004kB high:45604kB active_anon:302168kB inactive_anon:32kB active_file:8564kB inactive_file:4336kB unevictable:0kB writepending:404kB present:1048560kB managed:755216kB mlocked:0kB kernel_stack:2112kB pagetables:1876kB bounce:0kB free_pcp:2032kB local_pcp:220kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB Node 0 DMA32: 414*4kB (UME) 348*8kB (UE) 889*16kB (UME) 361*32kB (UME) 77*64kB (UM) 4*128kB (UM) 2*256kB (ME) 3*512kB (UM) 5*1024kB (UME) 4*2048kB (UME) 155*4096kB (M) = 685896kB Node 1 DMA32: 257*4kB (UE) 1997*8kB (UME) 1890*16kB (UME) 1189*32kB (UME) 724*64kB (UME) 198*128kB (UM) 41*256kB (UM) 3*512kB (UM) 7*1024kB (UM) 5*2048kB (UME) 31*4096kB (M) = 313388kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 8169 total pagecache pages 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 524186 pages RAM 0 pages HighMem/MovableOnly 103968 pages reserved TCP: request_sock_TCP: Possible SYN flooding on port 20028. Sending cookies. Check SNMP counters. syz-executor1: vmalloc: allocation failure: 4833356120 bytes, mode:0x14080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) syz-executor1 cpuset=/ mems_allowed=0-1 CPU: 3 PID: 4518 Comm: syz-executor1 Not tainted 4.13.0-rc6-next-20170823+ #7 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:16 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:52 warn_alloc+0x1c2/0x2f0 mm/page_alloc.c:3238 __vmalloc_node_range+0x599/0x730 mm/vmalloc.c:1781 __vmalloc_node mm/vmalloc.c:1810 [inline] __vmalloc_node_flags_caller+0x50/0x60 mm/vmalloc.c:1832 kvmalloc_node+0x82/0xd0 mm/util.c:406 kvmalloc include/linux/mm.h:529 [inline] kvmalloc_array include/linux/mm.h:545 [inline] xt_alloc_entry_offsets+0x21/0x30 net/netfilter/x_tables.c:774 translate_table+0x235/0x1610 net/ipv4/netfilter/ip_tables.c:692 do_replace net/ipv4/netfilter/ip_tables.c:1135 [inline] do_ipt_set_ctl+0x34b/0x5c0 net/ipv4/netfilter/ip_tables.c:1669 nf_sockopt net/netfilter/nf_sockopt.c:105 [inline] nf_setsockopt+0x67/0xc0 net/netfilter/nf_sockopt.c:114 ip_setsockopt+0xa1/0xb0 net/ipv4/ip_sockglue.c:1251 tcp_setsockopt+0x82/0xd0 net/ipv4/tcp.c:2735 sock_common_setsockopt+0x95/0xd0 net/core/sock.c:2973 SYSC_setsockopt net/socket.c:1852 [inline] SyS_setsockopt+0x189/0x360 net/socket.c:1831 entry_SYSCALL_64_fastpath+0x1f/0xbe RIP: 0033:0x446749 RSP: 002b:00007f8a86244c08 EFLAGS: 00000296 ORIG_RAX: 0000000000000036 RAX: ffffffffffffffda RBX: 0000000000000020 RCX: 0000000000446749 RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000020 RBP: 0000000000a5f870 R08: 0000000000000056 R09: 0000000000000000 R10: 0000000020006000 R11: 0000000000000296 R12: 0000000000000000 R13: 0000000000000000 R14: 00007f8a862459c0 R15: 00007f8a86245700 nla_parse: 7 callbacks suppressed netlink: 1 bytes leftover after parsing attributes in process `syz-executor4'. QAT: Invalid ioctl sock: process `syz-executor0' is using obsolete setsockopt SO_BSDCOMPAT QAT: Invalid ioctl netlink: 10 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 10 bytes leftover after parsing attributes in process `syz-executor7'. sd 0:0:0:0: [sg0] tag#0 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK sd 0:0:0:0: [sg0] tag#0 CDB: opcode=0x61 (reserved) sd 0:0:0:0: [sg0] tag#0 CDB[00]: 61 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:0:0: [sg0] tag#0 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:0:0: [sg0] tag#0 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:0:0: [sg0] tag#0 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:0:0: [sg0] tag#0 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:0:0: [sg0] tag#0 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:0:0: [sg0] tag#0 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:0:0: [sg0] tag#0 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK sd 0:0:0:0: [sg0] tag#0 CDB: opcode=0x61 (reserved) sd 0:0:0:0: [sg0] tag#0 CDB[00]: 61 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:0:0: [sg0] tag#0 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:0:0: [sg0] tag#0 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:0:0: [sg0] tag#0 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:0:0: [sg0] tag#0 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:0:0: [sg0] tag#0 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:0:0: [sg0] tag#0 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=258 sclass=netlink_route_socket pig=4964 comm=syz-executor5 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=258 sclass=netlink_route_socket pig=4976 comm=syz-executor5 netlink: 72 bytes leftover after parsing attributes in process `syz-executor0'. netlink: 72 bytes leftover after parsing attributes in process `syz-executor0'. kvm [5021]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc1 data 0x8000 QAT: Invalid ioctl QAT: Invalid ioctl *** Guest State *** CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 CR4: actual=0x0000000000022050, shadow=0x0000000000020000, gh_mask=fffffffffffff871 CR3 = 0x00000000fffbc000 RSP = 0x0000000000000f80 RIP = 0x0000000000000000 RFLAGS=0x00000002 DR7 = 0x0000000000000400 Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 CS: sel=0x0010, attr=0x0009b, limit=0x000fffff, base=0x0000000000000000 DS: sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000 netlink: 72 bytes leftover after parsing attributes in process `syz-executor0'. netlink: 72 bytes leftover after parsing attributes in process `syz-executor0'. kvm [5021]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc1 data 0x8000 SS: sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000 ES: sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000 FS: sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000 GS: sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000 GDTR: limit=0x000007ff, base=0x0000000000001000 LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 QAT: Invalid ioctl QAT: Invalid ioctl IDTR: limit=0x0000ffff, base=0x0000000000000000 TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 EFER = 0x0000000000000000 PAT = 0x0007040600070406 DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 BndCfgS = 0x0000000000000000 Interruptibility = 00000000 ActivityState = 00000000 *** Host State *** RIP = 0xffffffff811b6277 RSP = 0xffff880039d574c8 CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 FSBase=00007f7e2da92700 GSBase=ffff88003ed00000 TRBase=ffff88003ed23100 GDTBase=ffffffffff576000 IDTBase=ffffffffff57b000 CR0=0000000080050033 CR3=000000006c78b000 CR4=00000000000026e0 Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff84d9d270 EFER = 0x0000000000000d01 PAT = 0x0007040600070406 *** Control State *** PinBased=0000003f CPUBased=b6a1edfa SecondaryExec=001000e3 EntryControls=0001d1ff ExitControls=00afefff ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 reason=80000021 qualification=0000000000000000 IDTVectoring: info=00000000 errcode=00000000 TSC Offset = 0xffffffd0062efbb8 TPR Threshold = 0x00 EPT pointer = 0x00000000396f701e Virtual processor ID = 0x0035 kvm [5064]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x4000008f kvm [5064]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x4000008e netlink: 5 bytes leftover after parsing attributes in process `syz-executor1'. kvm [5064]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x4000008d kvm [5064]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x4000008c kvm [5064]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x4000008b kvm [5064]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x4000008a kvm [5064]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x40000089 kvm [5064]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x40000088 kvm [5064]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x40000087 kvm [5064]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x40000086 kvm [5064]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x40000023 data 0x66c900003b9a1043 kvm [5064]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x40000022 data 0x66c90000cb211043 kvm [5064]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x40000020 data 0x66c9000000081043 device lo entered promiscuous mode netlink: 5 bytes leftover after parsing attributes in process `syz-executor1'. netlink: 2 bytes leftover after parsing attributes in process `syz-executor7'. device syz1 entered promiscuous mode device syz1 left promiscuous mode sctp: [Deprecated]: syz-executor3 (pid 5327) Use of int in max_burst socket option. Use struct sctp_assoc_value instead sctp: [Deprecated]: syz-executor3 (pid 5335) Use of int in max_burst socket option. Use struct sctp_assoc_value instead audit: type=1326 audit(1503537790.012:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=5407 comm="syz-executor4" exe="/syz-executor4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x446749 code=0xffff0000 audit: type=1326 audit(1503537790.155:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=5407 comm="syz-executor4" exe="/syz-executor4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x446749 code=0xffff0000 QAT: Invalid ioctl TCP: request_sock_TCPv6: Possible SYN flooding on port 20013. Sending cookies. Check SNMP counters. TCP: request_sock_TCPv6: Possible SYN flooding on port 20013. Sending cookies. Check SNMP counters. QAT: Invalid ioctl audit: type=1326 audit(1503537791.050:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=5587 comm="syz-executor5" exe="/syz-executor5" sig=9 arch=c000003e syscall=202 compat=0 ip=0x446749 code=0x0 kvm [5627]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x40000023 data 0x66c900003b9a1043 kvm [5627]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x40000022 data 0x66c90000cb211043 audit: type=1326 audit(1503537791.174:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=5587 comm="syz-executor5" exe="/syz-executor5" sig=9 arch=c000003e syscall=202 compat=0 ip=0x446749 code=0x0 device syz4 entered promiscuous mode device syz4 left promiscuous mode device syz7 entered promiscuous mode device syz4 entered promiscuous mode device syz7 left promiscuous mode device syz7 entered promiscuous mode nla_parse: 18 callbacks suppressed netlink: 3 bytes leftover after parsing attributes in process `syz-executor5'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor5'. SELinux: unrecognized netlink message: protocol=0 nlmsg_type=14606 sclass=netlink_route_socket pig=5862 comm=syz-executor5 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=14606 sclass=netlink_route_socket pig=5881 comm=syz-executor5 audit: type=1326 audit(1503537792.128:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=5888 comm="syz-executor0" exe="/syz-executor0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x446749 code=0xffff0000 device lo entered promiscuous mode audit: type=1326 audit(1503537792.205:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=5888 comm="syz-executor0" exe="/syz-executor0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x446749 code=0xffff0000