================================================================================ UBSAN: Undefined behaviour in drivers/vhost/vhost.c:116:62 load of value 255 is not a valid value for type '_Bool' CPU: 1 PID: 11740 Comm: syz-executor.4 Not tainted 4.19.152-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x22c/0x33e lib/dump_stack.c:118 ubsan_epilogue+0xe/0x3a lib/ubsan.c:161 __ubsan_handle_load_invalid_value.cold+0x63/0x6f lib/ubsan.c:454 vhost_init_is_le drivers/vhost/vhost.c:116 [inline] vhost_reset_is_le drivers/vhost/vhost.c:143 [inline] vhost_vq_reset.constprop.0.cold+0x15/0x1a drivers/vhost/vhost.c:325 vhost_dev_init+0x442/0x780 drivers/vhost/vhost.c:463 vhost_net_open+0x54c/0x730 drivers/vhost/net.c:1103 misc_open+0x372/0x4a0 drivers/char/misc.c:141 chrdev_open+0x266/0x770 fs/char_dev.c:423 do_dentry_open+0x4aa/0x1160 fs/open.c:796 do_last fs/namei.c:3421 [inline] path_openat+0x7d5/0x2e90 fs/namei.c:3537 do_filp_open+0x18c/0x3f0 fs/namei.c:3567 do_sys_open+0x3b3/0x520 fs/open.c:1085 do_syscall_64+0xf9/0x670 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x45de59 Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007fddd246fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 RAX: ffffffffffffffda RBX: 0000000000024a80 RCX: 000000000045de59 RDX: 0000000000000002 RSI: 00000000200001c0 RDI: ffffffffffffff9c RBP: 000000000118bf68 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118bf2c R13: 00007ffd2626a37f R14: 00007fddd24709c0 R15: 000000000118bf2c ================================================================================ syz-executor.1 uses obsolete (PF_INET,SOCK_PACKET) audit: type=1326 audit(1603202731.005:40): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=11856 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=228 compat=0 ip=0x460cba code=0xffff0000 audit: type=1326 audit(1603202731.035:41): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=11873 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=228 compat=0 ip=0x460cba code=0xffff0000 audit: type=1326 audit(1603202731.065:42): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=11856 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=228 compat=0 ip=0x460cba code=0xffff0000 audit: type=1326 audit(1603202731.685:43): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=11856 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=228 compat=0 ip=0x460cba code=0xffff0000 audit: type=1326 audit(1603202731.805:44): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=11873 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=228 compat=0 ip=0x460cba code=0xffff0000 kvm: pic: level sensitive irq not supported kvm: pic: level sensitive irq not supported kvm: pic: single mode not supported kvm: pic: level sensitive irq not supported kvm: pic: single mode not supported kvm: pic: level sensitive irq not supported kvm: pic: single mode not supported kvm: pic: single mode not supported *** Guest State *** CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 CR3 = 0x0000000000000000 RSP = 0x0000000000000000 RIP = 0x0000000000000000 RFLAGS=0x0002c246 DR7 = 0x0000000000000400 Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 GDTR: limit=0x0000ffff, base=0x0000000000000000 LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 IDTR: limit=0x0000ffff, base=0x0000000000000000 TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 EFER = 0x0000000000000000 PAT = 0x0007040600070406 DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 Interruptibility = 00000000 ActivityState = 00000000 *** Host State *** RIP = 0xffffffff811ca2ea RSP = 0xffff888043bff878 CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 FSBase=00007fddd2470700 GSBase=ffff8880ae300000 TRBase=fffffe0000034000 GDTBase=fffffe0000032000 IDTBase=fffffe0000000000 CR0=0000000080050033 CR3=0000000092641000 CR4=00000000001426e0 Sysenter RSP=fffffe0000034000 CS:RIP=0010:ffffffff87c013e0 EFER = 0x0000000000000d01 PAT = 0x0407050600070106 *** Control State *** PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000e3 EntryControls=0000d1ff ExitControls=002fefff ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 VMEntry: intr_info=80000000 errcode=00000000 ilen=00000000 VMExit: intr_info=00000000 errcode=00000000 ilen=00000001 reason=80000021 qualification=0000000000000000 IDTVectoring: info=00000000 errcode=00000000 TSC Offset = 0xffffff67b3c983f2 TPR Threshold = 0x00 EPT pointer = 0x000000004893e01e Virtual processor ID = 0x0001 audit: type=1400 audit(1603202733.835:45): avc: denied { block_suspend } for pid=12085 comm="syz-executor.3" capability=36 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 overlayfs: filesystem on './bus' not supported as upperdir audit: type=1804 audit(1603202733.895:46): pid=12098 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir680645536/syzkaller.z2yOWn/100/bus/bus/file0" dev="overlay" ino=16056 res=1 audit: type=1400 audit(1603202735.116:47): avc: denied { dac_override } for pid=12172 comm="syz-executor.3" capability=1 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=cap_userns permissive=1 kvm: pic: single mode not supported kvm: pic: level sensitive irq not supported kvm: pic: single mode not supported kvm: pic: single mode not supported kvm: pic: single mode not supported kvm: pic: single mode not supported kvm: pic: single mode not supported bridge0: port 2(bridge_slave_1) entered disabled state bridge0: port 1(bridge_slave_0) entered disabled state