rpcbind: RPC call returned error 22 QAT: Invalid ioctl BUG: sleeping function called from invalid context at ./include/linux/uaccess.h:72 in_atomic(): 1, irqs_disabled(): 0, pid: 4408, name: syz-executor4 2 locks held by syz-executor4/4408: #0: (&vcpu->mutex){+.+.}, at: [] vcpu_load+0x1c/0x70 arch/x86/kvm/../../../virt/kvm/kvm_main.c:153 #1: (&kvm->srcu){....}, at: [] vcpu_enter_guest arch/x86/kvm/x86.c:7048 [inline] #1: (&kvm->srcu){....}, at: [] vcpu_run arch/x86/kvm/x86.c:7127 [inline] #1: (&kvm->srcu){....}, at: [] kvm_arch_vcpu_ioctl_run+0x1bfb/0x5d20 arch/x86/kvm/x86.c:7297 CPU: 1 PID: 4408 Comm: syz-executor4 Not tainted 4.14.0+ #194 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 ___might_sleep+0x2b2/0x470 kernel/sched/core.c:6060 __might_sleep+0x95/0x190 kernel/sched/core.c:6013 __might_fault+0xab/0x1d0 mm/memory.c:4525 __copy_from_user include/linux/uaccess.h:72 [inline] __kvm_read_guest_page+0x58/0xa0 arch/x86/kvm/../../../virt/kvm/kvm_main.c:1730 kvm_vcpu_read_guest_page+0x44/0x60 arch/x86/kvm/../../../virt/kvm/kvm_main.c:1750 kvm_read_guest_virt_helper+0x76/0x140 arch/x86/kvm/x86.c:4455 kvm_read_guest_virt_system+0x3c/0x50 arch/x86/kvm/x86.c:4514 segmented_read_std+0x10c/0x180 arch/x86/kvm/emulate.c:824 em_fxrstor+0x27b/0x410 arch/x86/kvm/emulate.c:4036 x86_emulate_insn+0x55d/0x3cf0 arch/x86/kvm/emulate.c:5495 x86_emulate_instruction+0x411/0x1ca0 arch/x86/kvm/x86.c:5752 kvm_mmu_page_fault+0x1d3/0x2f0 arch/x86/kvm/mmu.c:4953 handle_ept_violation+0x198/0x550 arch/x86/kvm/vmx.c:6543 vmx_handle_exit+0x25d/0x1ce0 arch/x86/kvm/vmx.c:8891 vcpu_enter_guest arch/x86/kvm/x86.c:7065 [inline] vcpu_run arch/x86/kvm/x86.c:7127 [inline] kvm_arch_vcpu_ioctl_run+0x1d53/0x5d20 arch/x86/kvm/x86.c:7297 kvm_vcpu_ioctl+0x64c/0x1010 arch/x86/kvm/../../../virt/kvm/kvm_main.c:2551 vfs_ioctl fs/ioctl.c:46 [inline] do_vfs_ioctl+0x1b1/0x1530 fs/ioctl.c:686 SYSC_ioctl fs/ioctl.c:701 [inline] SyS_ioctl+0x8f/0xc0 fs/ioctl.c:692 entry_SYSCALL_64_fastpath+0x1f/0x96 RIP: 0033:0x452879 RSP: 002b:00007fafd962abe8 EFLAGS: 00000212 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 0000000000758020 RCX: 0000000000452879 RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000017 RBP: 0000000000000086 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000212 R12: 0000000000000018 R13: 0000000020399000 R14: 00007fafd962b6d4 R15: 0000000000000000 QAT: Invalid ioctl QAT: Invalid ioctl BUG: sleeping function called from invalid context at ./include/linux/uaccess.h:72 in_atomic(): 1, irqs_disabled(): 0, pid: 4489, name: syz-executor4 2 locks held by syz-executor4/4489: #0: (&vcpu->mutex){+.+.}, at: [] vcpu_load+0x1c/0x70 arch/x86/kvm/../../../virt/kvm/kvm_main.c:153 #1: (&kvm->srcu){....}, at: [] vcpu_enter_guest arch/x86/kvm/x86.c:7048 [inline] #1: (&kvm->srcu){....}, at: [] vcpu_run arch/x86/kvm/x86.c:7127 [inline] #1: (&kvm->srcu){....}, at: [] kvm_arch_vcpu_ioctl_run+0x1bfb/0x5d20 arch/x86/kvm/x86.c:7297 CPU: 0 PID: 4489 Comm: syz-executor4 Tainted: G W 4.14.0+ #194 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 ___might_sleep+0x2b2/0x470 kernel/sched/core.c:6060 __might_sleep+0x95/0x190 kernel/sched/core.c:6013 __might_fault+0xab/0x1d0 mm/memory.c:4525 __copy_from_user include/linux/uaccess.h:72 [inline] __kvm_read_guest_page+0x58/0xa0 arch/x86/kvm/../../../virt/kvm/kvm_main.c:1730 kvm_vcpu_read_guest_page+0x44/0x60 arch/x86/kvm/../../../virt/kvm/kvm_main.c:1750 kvm_read_guest_virt_helper+0x76/0x140 arch/x86/kvm/x86.c:4455 kvm_read_guest_virt_system+0x3c/0x50 arch/x86/kvm/x86.c:4514 segmented_read_std+0x10c/0x180 arch/x86/kvm/emulate.c:824 em_fxrstor+0x27b/0x410 arch/x86/kvm/emulate.c:4036 x86_emulate_insn+0x55d/0x3cf0 arch/x86/kvm/emulate.c:5495 x86_emulate_instruction+0x411/0x1ca0 arch/x86/kvm/x86.c:5752 kvm_mmu_page_fault+0x1d3/0x2f0 arch/x86/kvm/mmu.c:4953 handle_ept_violation+0x198/0x550 arch/x86/kvm/vmx.c:6543 vmx_handle_exit+0x25d/0x1ce0 arch/x86/kvm/vmx.c:8891 vcpu_enter_guest arch/x86/kvm/x86.c:7065 [inline] vcpu_run arch/x86/kvm/x86.c:7127 [inline] kvm_arch_vcpu_ioctl_run+0x1d53/0x5d20 arch/x86/kvm/x86.c:7297 kvm_vcpu_ioctl+0x64c/0x1010 arch/x86/kvm/../../../virt/kvm/kvm_main.c:2551 vfs_ioctl fs/ioctl.c:46 [inline] do_vfs_ioctl+0x1b1/0x1530 fs/ioctl.c:686 SYSC_ioctl fs/ioctl.c:701 [inline] SyS_ioctl+0x8f/0xc0 fs/ioctl.c:692 entry_SYSCALL_64_fastpath+0x1f/0x96 RIP: 0033:0x452879 RSP: 002b:00007fafd962abe8 EFLAGS: 00000212 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 0000000000758020 RCX: 0000000000452879 RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000017 RBP: 0000000000000086 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000212 R12: 0000000000000018 R13: 0000000020399000 R14: 00007fafd962b6d4 R15: 0000000000000000 mmap: syz-executor0 (4641) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.txt. device gre0 entered promiscuous mode device gre0 entered promiscuous mode nla_parse: 6 callbacks suppressed netlink: 3 bytes leftover after parsing attributes in process `syz-executor3'. QAT: Invalid ioctl netlink: 3 bytes leftover after parsing attributes in process `syz-executor3'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor3'. QAT: Invalid ioctl netlink: 72 bytes leftover after parsing attributes in process `syz-executor5'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor3'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor4'. netlink: 72 bytes leftover after parsing attributes in process `syz-executor5'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor4'. netlink: 4 bytes leftover after parsing attributes in process `syz-executor4'. print_req_error: I/O error, dev loop4, sector 0 Buffer I/O error on dev loop4, logical block 0, lost async page write netlink: 3 bytes leftover after parsing attributes in process `syz-executor4'. QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl kauditd_printk_skb: 573 callbacks suppressed audit: type=1326 audit(1511692348.183:582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=4795 comm="syz-executor6" exe="/root/syz-executor6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x452879 code=0xffff0000 QAT: Invalid ioctl audit: type=1326 audit(1511692348.334:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=4795 comm="syz-executor6" exe="/root/syz-executor6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x452879 code=0xffff0000 QAT: Invalid ioctl audit: type=1326 audit(1511692348.503:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=4865 comm="syz-executor5" exe="/root/syz-executor5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x452879 code=0xffff0000 audit: type=1326 audit(1511692348.635:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=4865 comm="syz-executor5" exe="/root/syz-executor5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x452879 code=0xffff0000 device lo entered promiscuous mode could not allocate digest TFM handle @ނMZBڛxQ\: 29¾:r could not allocate digest TFM handle @ނMZBڛxQ\: 29¾:r xprt_adjust_timeout: rq_timeout = 0! xprt_adjust_timeout: rq_timeout = 0! dccp_close: ABORT with 3592 bytes unread sg_write: data in/out 45116/228 bytes for SCSI command 0x0-- guessing data in; program syz-executor2 not setting count and/or reply_len properly sg_write: data in/out 45116/228 bytes for SCSI command 0x0-- guessing data in; program syz-executor2 not setting count and/or reply_len properly audit: type=1326 audit(1511692349.743:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=5113 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452879 code=0x7ffc0000 Started in network mode Own node address <87.350.961>, network identity 4711 sg_write: data in/out 327650/154 bytes for SCSI command 0x50-- guessing data in; program syz-executor6 not setting count and/or reply_len properly audit: type=1326 audit(1511692349.743:587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=5113 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452879 code=0x7ffc0000 sg_write: data in/out 327650/154 bytes for SCSI command 0x50-- guessing data in; program syz-executor6 not setting count and/or reply_len properly audit: type=1326 audit(1511692349.747:588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=5113 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=2 compat=0 ip=0x40cbb1 code=0x7ffc0000 audit: type=1326 audit(1511692349.747:589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=5113 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452879 code=0x7ffc0000 audit: type=1326 audit(1511692349.747:590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=5113 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452879 code=0x7ffc0000 audit: type=1326 audit(1511692349.750:591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=5113 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=157 compat=0 ip=0x452879 code=0x7ffc0000 mmap: syz-executor0 (5160): VmData 2088960 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data. dccp_close: ABORT with 305 bytes unread kvm [5186]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x4000008f data 0x71 kvm [5186]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x4000008e data 0x71 kvm [5186]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x4000008d data 0x71 kvm [5186]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x4000008c data 0x71 kvm [5186]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x4000008b data 0xd1 kvm [5186]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x4000008a data 0x31 kvm [5186]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x40000089 data 0x31 dccp_invalid_packet: invalid packet type dccp_invalid_packet: invalid packet type device gre0 entered promiscuous mode encrypted_key: master key parameter 'JH `'4PjF(j2?p.sRRUc "6 ]%5j' is invalid encrypted_key: master key parameter 'JH `'4PjF(j2?p.sRRUc "6 ]%5j' is invalid kvm [5531]: vcpu0, guest rIP: 0xfff0 kvm_set_msr_common: MSR_IA32_DEBUGCTLMSR 0x2, nop RDS: rds_bind could not find a transport for 172.20.1.187, load rds_tcp or rds_rdma? RDS: rds_bind could not find a transport for 172.20.1.187, load rds_tcp or rds_rdma? kvm [5531]: vcpu0, guest rIP: 0xfff0 kvm_set_msr_common: MSR_IA32_DEBUGCTLMSR 0x2, nop cgroup: cgroup2: unknown option "" sock: sock_set_timeout: `syz-executor3' (pid 5694) tries to set negative timeout sctp: [Deprecated]: syz-executor0 (pid 5728) Use of struct sctp_assoc_value in delayed_ack socket option. Use struct sctp_sack_info instead nla_parse: 21 callbacks suppressed netlink: 6 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 8 bytes leftover after parsing attributes in process `syz-executor3'. sctp: [Deprecated]: syz-executor0 (pid 5746) Use of struct sctp_assoc_value in delayed_ack socket option. Use struct sctp_sack_info instead netlink: 6 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 8 bytes leftover after parsing attributes in process `syz-executor3'. kauditd_printk_skb: 65 callbacks suppressed audit: type=1326 audit(1511692353.256:657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=5801 comm="syz-executor6" exe="/root/syz-executor6" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452879 code=0x7ffc0000 audit: type=1326 audit(1511692353.284:658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=5801 comm="syz-executor6" exe="/root/syz-executor6" sig=0 arch=c000003e syscall=16 compat=0 ip=0x452879 code=0x7ffc0000 audit: type=1326 audit(1511692353.284:659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=5801 comm="syz-executor6" exe="/root/syz-executor6" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452879 code=0x7ffc0000 audit: type=1326 audit(1511692353.284:660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=5801 comm="syz-executor6" exe="/root/syz-executor6" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452879 code=0x7ffc0000 audit: type=1326 audit(1511692353.290:661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=5801 comm="syz-executor6" exe="/root/syz-executor6" sig=0 arch=c000003e syscall=298 compat=0 ip=0x452879 code=0x7ffc0000 audit: type=1326 audit(1511692353.291:662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=5801 comm="syz-executor6" exe="/root/syz-executor6" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452879 code=0x7ffc0000 audit: type=1326 audit(1511692353.293:663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=5801 comm="syz-executor6" exe="/root/syz-executor6" sig=0 arch=c000003e syscall=59 compat=0 ip=0x452879 code=0x7ffc0000 audit: type=1326 audit(1511692353.294:664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=5801 comm="syz-executor6" exe="/root/syz-executor6" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452879 code=0x7ffc0000 audit: type=1326 audit(1511692353.294:665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=5801 comm="syz-executor6" exe="/root/syz-executor6" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452879 code=0x7ffc0000 audit: type=1326 audit(1511692353.295:666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=5801 comm="syz-executor6" exe="/root/syz-executor6" sig=0 arch=c000003e syscall=298 compat=0 ip=0x452879 code=0x7ffc0000 netlink: 3 bytes leftover after parsing attributes in process `syz-executor3'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor3'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor0'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor0'. netlink: 9 bytes leftover after parsing attributes in process `syz-executor5'. netlink: 9 bytes leftover after parsing attributes in process `syz-executor5'. sctp: [Deprecated]: syz-executor2 (pid 6089) Use of struct sctp_assoc_value in delayed_ack socket option. Use struct sctp_sack_info instead device gre0 entered promiscuous mode sctp: [Deprecated]: syz-executor2 (pid 6104) Use of struct sctp_assoc_value in delayed_ack socket option. Use struct sctp_sack_info instead