kasan: GPF could be caused by NULL-ptr deref or user memory access
syz-executor.4: page allocation failure: order:5, mode:0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null)
general protection fault: 0000 [#1] PREEMPT SMP KASAN
Modules linked in:
CPU: 1 PID: 3677 Comm: modprobe Not tainted 4.14.169-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
task: ffff888082f10400 task.stack: ffff88802c4f8000
RIP: 0010:do_last fs/namei.c:3269 [inline]
RIP: 0010:path_openat+0x20b/0x3db0 fs/namei.c:3569
RSP: 0018:ffff88802c4ffb28 EFLAGS: 00010247
RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0001020304050608
RDX: 0000000000000000 RSI: 1ffff1100589ff56 RDI: 0000000000000004
RBP: ffff88802c4ffc80 R08: ffff888082f10400 R09: 0000000000000001
R10: 0000000000000000 R11: 0000000000000003 R12: ffff88802c4ffcc0
R13: ffff88802c4ffcc0 R14: ffff88807d39da20 R15: 0000000000000000
FS:  00007efc743cb700(0000) GS:ffff8880aed00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000000071a934 CR3: 000000007e84e000 CR4: 00000000001426e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 do_filp_open+0x18e/0x250 fs/namei.c:3603
 do_sys_open+0x2c5/0x430 fs/open.c:1084
 SYSC_open fs/open.c:1102 [inline]
 SyS_open+0x2d/0x40 fs/open.c:1097
 do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292
 entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x7efc73ce3120
RSP: 002b:00007ffeca173238 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 00007efc73fae471 RCX: 00007efc73ce3120
RDX: 0000000000000000 RSI: 0000000000090800 RDI: 00007efc73fae471
RBP: 00007efc741b32e8 R08: 72656c6c616b7a79 R09: 00007ffeca174392
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000000 R15: 00055facc785c680
Code: 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 03 30 00 00 48 b8 00 00 00 00 00 fc ff df 49 8b 5e 58 48 8d 7b 04 48 89 fa 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 
RIP: do_last fs/namei.c:3269 [inline] RSP: ffff88802c4ffb28
RIP: path_openat+0x20b/0x3db0 fs/namei.c:3569 RSP: ffff88802c4ffb28
syz-executor.2: page allocation failure: order:5, mode:0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null)
syz-executor.4 cpuset=syz4 mems_allowed=0-1
CPU: 1 PID: 3675 Comm: syz-executor.4 Tainted: G      D         4.14.169-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0x142/0x197 lib/dump_stack.c:58
 warn_alloc.cold+0x96/0x1af mm/page_alloc.c:3248
syz-executor.2 cpuset=
 __alloc_pages_slowpath+0x23c6/0x2930 mm/page_alloc.c:4095
 __alloc_pages_nodemask+0x62c/0x7a0 mm/page_alloc.c:4198
 __alloc_pages include/linux/gfp.h:484 [inline]
 __alloc_pages_node include/linux/gfp.h:497 [inline]
 kmem_getpages mm/slab.c:1419 [inline]
 cache_grow_begin+0x80/0x400 mm/slab.c:2676
 fallback_alloc+0x1fd/0x2c0 mm/slab.c:3217
 ____cache_alloc_node+0x1be/0x1d0 mm/slab.c:3285
 __do_cache_alloc mm/slab.c:3354 [inline]
 slab_alloc mm/slab.c:3382 [inline]
 kmem_cache_alloc_trace+0x213/0x790 mm/slab.c:3616
 kmalloc include/linux/slab.h:488 [inline]
 kzalloc include/linux/slab.h:661 [inline]
 kvm_arch_alloc_vm include/linux/kvm_host.h:816 [inline]
 kvm_create_vm arch/x86/kvm/../../../virt/kvm/kvm_main.c:651 [inline]
 kvm_dev_ioctl_create_vm arch/x86/kvm/../../../virt/kvm/kvm_main.c:3270 [inline]
 kvm_dev_ioctl+0x163/0x1620 arch/x86/kvm/../../../virt/kvm/kvm_main.c:3321
 vfs_ioctl fs/ioctl.c:46 [inline]
 file_ioctl fs/ioctl.c:500 [inline]
 do_vfs_ioctl+0x7ae/0x1060 fs/ioctl.c:684
syz2
 SYSC_ioctl fs/ioctl.c:701 [inline]
 SyS_ioctl+0x8f/0xc0 fs/ioctl.c:692
 do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292
 entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x45b349
RSP: 002b:00007f7c9bea3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00007f7c9bea46d4 RCX: 000000000045b349
RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003
RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
R13: 000000000000038b R14: 00000000004c4b15 R15: 000000000075bf2c
 mems_allowed=0-1
CPU: 0 PID: 3694 Comm: syz-executor.2 Tainted: G      D         4.14.169-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
warn_alloc_show_mem: 2 callbacks suppressed
Mem-Info:
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0x142/0x197 lib/dump_stack.c:58
 warn_alloc.cold+0x96/0x1af mm/page_alloc.c:3248
active_anon:239801 inactive_anon:206 isolated_anon:0
 active_file:1599 inactive_file:1439 isolated_file:32
 unevictable:0 dirty:80 writeback:0 unstable:0
 slab_reclaimable:14304 slab_unreclaimable:127945
 mapped:54776 shmem:260 pagetables:3635 bounce:0
 free:29774 free_pcp:219 free_cma:0
 __alloc_pages_slowpath+0x23c6/0x2930 mm/page_alloc.c:4095
 __alloc_pages_nodemask+0x62c/0x7a0 mm/page_alloc.c:4198
 __alloc_pages include/linux/gfp.h:484 [inline]
 __alloc_pages_node include/linux/gfp.h:497 [inline]
 kmem_getpages mm/slab.c:1419 [inline]
 cache_grow_begin+0x80/0x400 mm/slab.c:2676
 fallback_alloc+0x1fd/0x2c0 mm/slab.c:3217
Node 0 active_anon:882804kB inactive_anon:820kB active_file:6392kB inactive_file:5756kB unevictable:0kB isolated(anon):0kB isolated(file):128kB mapped:219104kB dirty:320kB writeback:0kB shmem:1040kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 169984kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
 ____cache_alloc_node+0x1be/0x1d0 mm/slab.c:3285
 __do_cache_alloc mm/slab.c:3354 [inline]
 slab_alloc mm/slab.c:3382 [inline]
 kmem_cache_alloc_trace+0x213/0x790 mm/slab.c:3616
Node 1 active_anon:76400kB inactive_anon:4kB active_file:4kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 69632kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes
 kmalloc include/linux/slab.h:488 [inline]
 kzalloc include/linux/slab.h:661 [inline]
 kvm_arch_alloc_vm include/linux/kvm_host.h:816 [inline]
 kvm_create_vm arch/x86/kvm/../../../virt/kvm/kvm_main.c:651 [inline]
 kvm_dev_ioctl_create_vm arch/x86/kvm/../../../virt/kvm/kvm_main.c:3270 [inline]
 kvm_dev_ioctl+0x163/0x1620 arch/x86/kvm/../../../virt/kvm/kvm_main.c:3321
 vfs_ioctl fs/ioctl.c:46 [inline]
 file_ioctl fs/ioctl.c:500 [inline]
 do_vfs_ioctl+0x7ae/0x1060 fs/ioctl.c:684
 SYSC_ioctl fs/ioctl.c:701 [inline]
 SyS_ioctl+0x8f/0xc0 fs/ioctl.c:692
 do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292
 entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x45b349
---[ end trace 684760c2cb82d530 ]---
RSP: 002b:00007f99e9fe2c78 EFLAGS: 00000246