BUG: sleeping function called from invalid context at ./include/linux/uaccess.h:71 in_atomic(): 1, irqs_disabled(): 0, pid: 7630, name: syz-executor0 INFO: lockdep is turned off. CPU: 0 PID: 7630 Comm: syz-executor0 Not tainted 4.13.0-rc5-next-20170815+ #3 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:16 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:52 ___might_sleep+0x2b2/0x470 kernel/sched/core.c:6013 __might_sleep+0x95/0x190 kernel/sched/core.c:5966 __might_fault+0xab/0x1d0 mm/memory.c:4383 __copy_from_user include/linux/uaccess.h:71 [inline] paging32_walk_addr_generic+0x428/0x1e00 arch/x86/kvm/paging_tmpl.h:369 paging32_walk_addr arch/x86/kvm/paging_tmpl.h:475 [inline] paging32_gva_to_gpa+0xa5/0x230 arch/x86/kvm/paging_tmpl.h:913 kvm_read_guest_virt_helper+0xd8/0x140 arch/x86/kvm/x86.c:4399 kvm_read_guest_virt_system+0x3c/0x50 arch/x86/kvm/x86.c:4466 segmented_read_std+0x10c/0x180 arch/x86/kvm/emulate.c:819 em_fxrstor+0x27b/0x410 arch/x86/kvm/emulate.c:4022 x86_emulate_insn+0x55d/0x3c50 arch/x86/kvm/emulate.c:5471 x86_emulate_instruction+0x411/0x1ca0 arch/x86/kvm/x86.c:5705 kvm_mmu_page_fault+0x18b/0x2c0 arch/x86/kvm/mmu.c:4852 handle_ept_violation+0x1d1/0x5a0 arch/x86/kvm/vmx.c:6399 vmx_handle_exit+0x281/0x1aa0 arch/x86/kvm/vmx.c:8716 vcpu_enter_guest arch/x86/kvm/x86.c:7006 [inline] vcpu_run arch/x86/kvm/x86.c:7068 [inline] kvm_arch_vcpu_ioctl_run+0x1cee/0x58b0 arch/x86/kvm/x86.c:7229 kvm_vcpu_ioctl+0x64c/0x1010 arch/x86/kvm/../../../virt/kvm/kvm_main.c:2591 vfs_ioctl fs/ioctl.c:45 [inline] do_vfs_ioctl+0x1b1/0x1520 fs/ioctl.c:685 SYSC_ioctl fs/ioctl.c:700 [inline] SyS_ioctl+0x8f/0xc0 fs/ioctl.c:691 entry_SYSCALL_64_fastpath+0x1f/0xbe RIP: 0033:0x446739 RSP: 002b:00007f4af2ad5c08 EFLAGS: 00000282 ORIG_RAX: 0000000000000010 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=9623 sclass=netlink_route_socket pig=7647 comm=syz-executor2 RAX: ffffffffffffffda RBX: 0000000000000019 RCX: 0000000000446739 RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000019 RBP: 000000002007a800 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000282 R12: 0000000000009120 R13: 000000002aaaaaab R14: 00000000006e76a0 R15: 0000000000000019 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=9623 sclass=netlink_route_socket pig=7647 comm=syz-executor2 sctp: [Deprecated]: syz-executor0 (pid 7665) Use of int in max_burst socket option deprecated. Use struct sctp_assoc_value instead sctp: [Deprecated]: syz-executor0 (pid 7665) Use of int in max_burst socket option deprecated. Use struct sctp_assoc_value instead dccp_invalid_packet: P.Data Offset(0) too small dccp_invalid_packet: P.Data Offset(0) too small SELinux: unrecognized netlink message: protocol=0 nlmsg_type=52941 sclass=netlink_route_socket pig=7833 comm=syz-executor1 TCP: request_sock_TCP: Possible SYN flooding on port 20000. Sending cookies. Check SNMP counters. TCP: tcp_parse_options: Illegal window scaling value 64 > 14 received TCP: tcp_parse_options: Illegal window scaling value 64 > 14 received QAT: Invalid ioctl QAT: Invalid ioctl devpts: called with bogus options device lo entered promiscuous mode devpts: called with bogus options TCP: request_sock_TCP: Possible SYN flooding on port 20004. Sending cookies. Check SNMP counters. sock: process `syz-executor3' is using obsolete getsockopt SO_BSDCOMPAT kvm [8202]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x40000020 data 0x66c9000000021043 loop_reread_partitions: partition scan of loop0 (-\t@r9hxGQ:[il L*@R-Tr-x) failed (rc=-13) TCP: request_sock_TCPv6: Possible SYN flooding on port 20025. Sending cookies. Check SNMP counters. kvm [8458]: vcpu0, guest rIP: 0x0 disabled perfctr wrmsr: 0xc1 data 0x8000 kvm [8458]: vcpu0, guest rIP: 0x0 disabled perfctr wrmsr: 0xc1 data 0x8000 *** Guest State *** CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=fffffffffffff871 CR3 = 0x00000000fffbc000 RSP = 0x0000000000000000 RIP = 0x000000000000fff0 RFLAGS=0x00010100 DR7 = 0x0000000000000400 Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 GDTR: limit=0x0000ffff, base=0x0000000000000000 LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 IDTR: limit=0x0000ffff, base=0x0000000000000000 TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 EFER = 0x0000000000000000 PAT = 0x0007040600070406 DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 BndCfgS = 0x0000000000000000 Interruptibility = 00000000 ActivityState = 00000000 *** Host State *** RIP = 0xffffffff811b6397 RSP = 0xffff88002e2474c8 CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 FSBase=00007fe3bb7a5700 GSBase=ffff88006de00000 TRBase=ffff88006de22d40 GDTBase=ffffffffff575000 IDTBase=ffffffffff57b000 CR0=0000000080050033 CR3=000000006cb42000 CR4=00000000000026e0 Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff84d6d190 EFER = 0x0000000000000d01 PAT = 0x0007040600070406 *** Control State *** PinBased=0000003f CPUBased=b6a1edfa SecondaryExec=001000e3 EntryControls=0001d1ff ExitControls=00afefff ExceptionBitmap=0006004a PFECmask=00000000 PFECmatch=00000000 VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 reason=80000021 qualification=0000000000000000 IDTVectoring: info=00000000 errcode=00000000 TSC Offset = 0xffffffe518462782 TPR Threshold = 0x00 EPT pointer = 0x0000000069e8101e Virtual processor ID = 0x00c0 nla_parse: 18 callbacks suppressed netlink: 5 bytes leftover after parsing attributes in process `syz-executor2'. IPv6: NLM_F_REPLACE set, but no existing node found! *** Guest State *** CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=fffffffffffff871 CR3 = 0x00000000fffbc000 RSP = 0x0000000000000f80 RIP = 0x000000000000800b RFLAGS=0x00010046 DR7 = 0x0000000000000400 Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 SS: sel=0x0000, attr=0x08081, limit=0x00000000, base=0x0000000000000000 ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 GDTR: limit=0x00000000, base=0x0000000000000000 LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 IDTR: limit=0x00000000, base=0x0000000000000000 TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 EFER = 0x0000000000000000 PAT = 0x0007040600070406 DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 BndCfgS = 0x0000000000000000 Interruptibility = 00000008 ActivityState = 00000000 *** Host State *** RIP = 0xffffffff811b6397 RSP = 0xffff880027c874c8 CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 FSBase=00007f57e75b3700 GSBase=ffff88003ed00000 TRBase=ffff88003ed22d40 GDTBase=ffffffffff576000 IDTBase=ffffffffff57b000 CR0=0000000080050033 CR3=000000003e29a000 CR4=00000000000026e0 Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff84d6d190 EFER = 0x0000000000000d01 PAT = 0x0007040600070406 *** Control State *** PinBased=0000003f CPUBased=b6d9edfa SecondaryExec=001000e2 EntryControls=0001d1ff ExitControls=00afefff ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 VMEntry: intr_info=8000030d errcode=00000000 ilen=00000000 VMExit: intr_info=00000000 errcode=00000000 ilen=00000002 reason=80000021 qualification=0000000000000000 IDTVectoring: info=00000000 errcode=00000000 TSC Offset = 0xffffffe5023b16a6 EPT pointer = 0x000000003ae1001e Virtual processor ID = 0x00c9 selinux_nlmsg_perm: 4 callbacks suppressed SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=8704 comm=syz-executor2 device lo entered promiscuous mode SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=8704 comm=syz-executor2 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=8704 comm=syz-executor2 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=8704 comm=syz-executor2 device lo left promiscuous mode device lo entered promiscuous mode SELinux: unrecognized netlink message: protocol=0 nlmsg_type=202 sclass=netlink_route_socket pig=8740 comm=syz-executor2 device lo left promiscuous mode SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=8750 comm=syz-executor2 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=8750 comm=syz-executor2 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=8759 comm=syz-executor2 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=8760 comm=syz-executor2 netlink: 7 bytes leftover after parsing attributes in process `syz-executor6'. PF_BRIDGE: br_mdb_parse() with unknown ifindex netlink: 7 bytes leftover after parsing attributes in process `syz-executor6'. PF_BRIDGE: br_mdb_parse() with unknown ifindex SELinux: unrecognized netlink message: protocol=0 nlmsg_type=202 sclass=netlink_route_socket pig=8740 comm=syz-executor2 sctp: [Deprecated]: syz-executor3 (pid 8890) Use of int in maxseg socket option. Use struct sctp_assoc_value instead netlink: 4 bytes leftover after parsing attributes in process `syz-executor7'. TCP: request_sock_TCP: Possible SYN flooding on port 20016. Sending cookies. Check SNMP counters. QAT: Invalid ioctl QAT: Invalid ioctl netlink: 2 bytes leftover after parsing attributes in process `syz-executor5'. netlink: 24 bytes leftover after parsing attributes in process `syz-executor4'. xprt_adjust_timeout: rq_timeout = 0! netlink: 60 bytes leftover after parsing attributes in process `syz-executor4'. netlink: 4052 bytes leftover after parsing attributes in process `syz-executor4'. netlink: 24 bytes leftover after parsing attributes in process `syz-executor4'. xprt_adjust_timeout: rq_timeout = 0! netlink: 1 bytes leftover after parsing attributes in process `syz-executor2'. IPv6: NLM_F_REPLACE set, but no existing node found! kvm [9108]: vcpu0, guest rIP: 0x913f disabled perfctr wrmsr: 0x186 data 0x7b31ef kvm [9108]: vcpu0, guest rIP: 0x913f disabled perfctr wrmsr: 0x186 data 0x7b31ef QAT: Invalid ioctl IPv6: NLM_F_REPLACE set, but no existing node found! kvm_hv_set_msr: 163 callbacks suppressed QAT: Invalid ioctl kvm [9136]: vcpu0, guest rIP: 0x9115 Hyper-V uhandled wrmsr: 0x4000008f data 0xe0000011 kvm [9136]: vcpu0, guest rIP: 0x9115 Hyper-V uhandled wrmsr: 0x4000008e data 0xe0000011 kvm [9136]: vcpu0, guest rIP: 0x9115 Hyper-V uhandled wrmsr: 0x4000008d data 0xe0000011 kvm [9136]: vcpu0, guest rIP: 0x9115 Hyper-V uhandled wrmsr: 0x4000008c data 0xe0000011 kvm [9136]: vcpu0, guest rIP: 0x9115 Hyper-V uhandled wrmsr: 0x4000008b data 0xe0000011 kvm [9136]: vcpu0, guest rIP: 0x9115 Hyper-V uhandled wrmsr: 0x4000008a data 0xe0000011 kvm [9136]: vcpu0, guest rIP: 0x9115 Hyper-V uhandled wrmsr: 0x40000089 data 0xe0000011 kvm [9136]: vcpu0, guest rIP: 0x9115 Hyper-V uhandled wrmsr: 0x40000088 data 0xe0000011 kvm [9136]: vcpu0, guest rIP: 0x9115 Hyper-V uhandled wrmsr: 0x40000087 data 0xe0000011 kvm [9136]: vcpu0, guest rIP: 0x9115 Hyper-V uhandled wrmsr: 0x40000086 data 0xe0000011 kvm [9136]: vcpu0, guest rIP: 0x9115 Hyper-V uhandled wrmsr: 0x40000020 data 0xe0000011 kvm [9136]: vcpu0, guest rIP: 0x9115 Hyper-V uhandled wrmsr: 0x40000020 data 0xe0000011 net_ratelimit: 2 callbacks suppressed syz1: Invalid MTU 67108868 requested, hw max 65521 syz1: Invalid MTU 67108868 requested, hw max 65521 device syz3 entered promiscuous mode QAT: Invalid ioctl QAT: Invalid ioctl *** Guest State *** NFS: bad mount option value specified: v_ dccp_invalid_packet: pskb_may_pull failed CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 CR4: actual=0x0000000000022050, shadow=0x0000000000020000, gh_mask=fffffffffffff871 CR3 = 0x00000000fffbc000 RSP = 0x0000000000000f80 RIP = 0x0000000000000000 RFLAGS=0x00000002 DR7 = 0x0000000000000400 Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 CS: sel=0x0010, attr=0x0009b, limit=0x000fffff, base=0x0000000000000000 DS: sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000 SS: sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000 ES: sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000 FS: sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000 GS: sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000 GDTR: limit=0x000007ff, base=0x0000000000001000 LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 IDTR: limit=0x0000ffff, base=0x0000000000000000 TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 EFER = 0x0000000000000000 PAT = 0x0007040600070406 DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 BndCfgS = 0x0000000000000000 Interruptibility = 00000000 ActivityState = 00000000 *** Host State *** RIP = 0xffffffff811b6397 RSP = 0xffff8800553cf4c8 CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 FSBase=00007f4af2ad6700 GSBase=ffff88003ec00000 TRBase=ffff88003ec22d40 GDTBase=ffffffffff577000 IDTBase=ffffffffff57b000 CR0=0000000080050033 CR3=000000003dc5a000 CR4=00000000000026f0 Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff84d6d190 EFER = 0x0000000000000d01 PAT = 0x0007040600070406 *** Control State *** PinBased=0000003f CPUBased=b6a1edfa SecondaryExec=001000e3 EntryControls=0001d1ff ExitControls=00afefff ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 reason=80000021 qualification=0000000000000000 IDTVectoring: info=00000000 errcode=00000000 TSC Offset = 0xffffffe3d4f8b5a2 TPR Threshold = 0x00 EPT pointer = 0x000000003d94f01e Virtual processor ID = 0x0001 NFS: bad mount option value specified: v_ QAT: Invalid ioctl QAT: Invalid ioctl device syz3 left promiscuous mode *** Guest State *** CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=fffffffffffff871 CR3 = 0x00000000fffbc000 RSP = 0x0000000000000f80 RIP = 0x0000000000000000 RFLAGS=0x00000002 DR7 = 0x0000000000000400 Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 CS: sel=0x0010, attr=0x0009b, limit=0x000fffff, base=0x0000000000000000 DS: sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000 SS: sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000 ES: sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000 FS: sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000 GS: sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000 GDTR: limit=0x000007ff, base=0x0000000000001000 LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 IDTR: limit=0x0000ffff, base=0x0000000000000000 TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 EFER = 0x0000000000000000 PAT = 0x0007040600070406 DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 BndCfgS = 0x0000000000000000 Interruptibility = 00000000 ActivityState = 00000000 *** Host State *** RIP = 0xffffffff811b6397 RSP = 0xffff8800553cf4c8 CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 FSBase=00007f4af2ad6700 GSBase=ffff88003ec00000 TRBase=ffff88003ec22d40 GDTBase=ffffffffff577000 IDTBase=ffffffffff57b000 CR0=0000000080050033 CR3=000000003dc5a000 CR4=00000000000026f0 Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff84d6d190 EFER = 0x0000000000000d01 PAT = 0x0007040600070406 *** Control State *** PinBased=0000003f CPUBased=b6a1edfa SecondaryExec=001000e3 EntryControls=0001d1ff ExitControls=00afefff ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 reason=80000021 qualification=0000000000000000 IDTVectoring: info=00000000 errcode=00000000 TSC Offset = 0xffffffe3d00f115a TPR Threshold = 0x00 EPT pointer = 0x000000003b74401e Virtual processor ID = 0x00e4 device syz3 entered promiscuous mode Assertion failed! net/irda/ircomm/ircomm_core.c:ircomm_flow_request:475 self != NULL kvm [9450]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc1 data 0x8000 kvm [9450]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc1 data 0x8000 dccp_invalid_packet: P.CsCov 15 exceeds packet length 28 dccp_invalid_packet: P.CsCov 15 exceeds packet length 28 ptm ptm4: ldisc open failed (-12), clearing slot 4 device syz2 entered promiscuous mode device syz2 left promiscuous mode *** Guest State *** CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 CR4: actual=0x0000000000002050, shadow=0x0000000000000010, gh_mask=fffffffffffff871 CR3 = 0x00000000fffbc000 RSP = 0x0000000000000f80 RIP = 0x0000000000000000 device syz2 entered promiscuous mode device syz2 left promiscuous mode RFLAGS=0x00000046 DR7 = 0x0000000000000400 Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 CS: sel=0x0030, attr=0x0409b, limit=0x000fffff, base=0x0000000000000000 DS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 SS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 ES: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 GDTR: limit=0x000007ff, base=0x0000000000001000 LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 IDTR: limit=0x000001ff, base=0x0000000000003800 TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 EFER = 0x0000000000002001 PAT = 0x0007040600070406 DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 BndCfgS = 0x0000000000000000 Interruptibility = 00000008 ActivityState = 00000000 *** Host State *** RIP = 0xffffffff811b6397 RSP = 0xffff8800553274c8 CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 FSBase=00007f26aa68f700 GSBase=ffff88006df00000 TRBase=ffff88006df22d40 GDTBase=ffffffffff574000 IDTBase=ffffffffff57b000 CR0=0000000080050033 CR3=000000003a3a8000 CR4=00000000000026e0 Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff84d6d190 EFER = 0x0000000000000d01 PAT = 0x0007040600070406 *** Control State *** PinBased=0000003f CPUBased=b699edfa SecondaryExec=001000e2 EntryControls=0001d1ff ExitControls=00afefff ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 VMExit: intr_info=00000000 errcode=00000000 ilen=00000002 reason=80000021 qualification=0000000000000000 IDTVectoring: info=00000000 errcode=00000000 TSC Offset = 0xffffffe3534d1092 EPT pointer = 0x000000006976c01e Virtual processor ID = 0x0001 APIC base relocation is unsupported by KVM kvm [9783]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0x186 data 0x8 Disabled LAPIC found during irq injection kvm [9783]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0x186 data 0x8 Disabled LAPIC found during irq injection *** Guest State *** CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=fffffffffffff871 CR3 = 0x00000000fffbc000 RSP = 0x0000000000000f80 RIP = 0x0000000000000000 RFLAGS=0x00000046 DR7 = 0x0000000000000400 Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 SS: sel=0x0000, attr=0x08081, limit=0x00000000, base=0x0000000000000000 ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 GDTR: limit=0x00000000, base=0x0000000000000000 LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 IDTR: limit=0x00000000, base=0x0000000000000000 TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 EFER = 0x0000000000000000 PAT = 0x0007040600070406 DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 BndCfgS = 0x0000000000000000 Interruptibility = 00000008 ActivityState = 00000000 *** Host State *** RIP = 0xffffffff811b6397 RSP = 0xffff8800553274c8 CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 FSBase=00007f26aa68f700 GSBase=ffff88006df00000 TRBase=ffff88006df22d40 GDTBase=ffffffffff574000 IDTBase=ffffffffff57b000 CR0=0000000080050033 CR3=000000003a3a8000 CR4=00000000000026e0 Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff84d6d190 EFER = 0x0000000000000d01 PAT = 0x0007040600070406 *** Control State *** PinBased=0000003f CPUBased=b6d9edfa SecondaryExec=001000e2 EntryControls=0001d1ff ExitControls=00afefff ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 reason=80000021 qualification=0000000000000000 IDTVectoring: info=00000000 errcode=00000000 TSC Offset = 0xffffffe3534d1092 EPT pointer = 0x000000006976c01e Virtual processor ID = 0x0001 *** Guest State *** CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 CR4: actual=0x0000000000002050, shadow=0x0000000000000010, gh_mask=fffffffffffff871 CR3 = 0x00000000fffbc000 RSP = 0x0000000000000f80 RIP = 0x0000000000000000 RFLAGS=0x00000002 DR7 = 0x0000000000000400 Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 CS: sel=0x0030, attr=0x0409b, limit=0x000fffff, base=0x0000000000000000 DS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 SS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 ES: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 GDTR: limit=0x000007ff, base=0x0000000000001000 LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 IDTR: limit=0x000001ff, base=0x0000000000003800 TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 EFER = 0x0000000000002001 PAT = 0x0007040600070406 DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 BndCfgS = 0x0000000000000000 Interruptibility = 00000000 ActivityState = 00000000 *** Host State *** RIP = 0xffffffff811b6397 RSP = 0xffff8800553274c8 CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 FSBase=00007f26aa68f700 GSBase=ffff88006df00000 TRBase=ffff88006df22d40 GDTBase=ffffffffff574000 IDTBase=ffffffffff57b000 CR0=0000000080050033 CR3=000000003a3a8000 CR4=00000000000026e0 Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff84d6d190 EFER = 0x0000000000000d01 PAT = 0x0007040600070406 *** Control State *** PinBased=0000003f CPUBased=b699edfa SecondaryExec=001000e2 EntryControls=0001d1ff ExitControls=00afefff ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 reason=80000021 qualification=0000000000000000 IDTVectoring: info=00000000 errcode=00000000 TSC Offset = 0xffffffe340cb0136 EPT pointer = 0x00000000569a701e Virtual processor ID = 0x00f0 TCP: request_sock_TCP: Possible SYN flooding on port 20016. Sending cookies. Check SNMP counters. sock: process `syz-executor0' is using obsolete setsockopt SO_BSDCOMPAT sctp: [Deprecated]: syz-executor5 (pid 9957) Use of int in maxseg socket option. Use struct sctp_assoc_value instead sctp: [Deprecated]: syz-executor5 (pid 9988) Use of int in maxseg socket option. Use struct sctp_assoc_value instead QAT: Invalid ioctl sctp: [Deprecated]: syz-executor6 (pid 10162) Use of int in maxseg socket option. Use struct sctp_assoc_value instead rpcbind: RPC call returned error 13 rpcbind: RPC call returned error 13 QAT: Invalid ioctl QAT: Invalid ioctl PF_BRIDGE: br_mdb_parse() with invalid ifindex PF_BRIDGE: br_mdb_parse() with invalid ifindex QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl sctp: [Deprecated]: syz-executor7 (pid 10620) Use of struct sctp_assoc_value in delayed_ack socket option. Use struct sctp_sack_info instead device lo entered promiscuous mode device lo left promiscuous mode device lo entered promiscuous mode device lo left promiscuous mode sg_write: data in/out 393180/4 bytes for SCSI command 0x27-- guessing data in; program syz-executor6 not setting count and/or reply_len properly sg_write: data in/out 393180/4 bytes for SCSI command 0x27-- guessing data in; program syz-executor6 not setting count and/or reply_len properly QAT: Invalid ioctl pit: kvm: requested 2514 ns i8254 timer period limited to 500000 ns *** Guest State *** CR0: actual=0x0000000000000020, shadow=0x0000000000000020, gh_mask=fffffffffffffff7 CR4: actual=0x0000000000402058, shadow=0x0000000000400008, gh_mask=fffffffffffff871 CR3 = 0x00000000fffbc000 RSP = 0x0000000000000000 RIP = 0x000000000000fff0 RFLAGS=0x00000002 DR7 = 0x0000000000000400 Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 CS: sel=0x0000, attr=0x0a087, limit=0x00000001, base=0x0000000000000000 DS: sel=0x000d, attr=0x10000, limit=0x00005001, base=0x0000000000001000 SS: sel=0x000a, attr=0x10000, limit=0x00003000, base=0x0000000000006000 ES: sel=0x000f, attr=0x10000, limit=0x00000000, base=0x0000000000000000 FS: sel=0x0000, attr=0x10000, limit=0x00001000, base=0x0000000000000001 GS: sel=0x0000, attr=0x10000, limit=0x00010000, base=0x0000000000100000 GDTR: limit=0x00001c6d, base=0x0000000000000001 LDTR: sel=0x000e, attr=0x080bf, limit=0x00004000, base=0x0000000000004001 IDTR: limit=0x00007000, base=0x0000000000007000 TR: sel=0x0004, attr=0x10000, limit=0x00005000, base=0x000000000000f000 EFER = 0x0000000000000400 PAT = 0x0007040600070406 DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 BndCfgS = 0x0000000000000000 Interruptibility = 00000000 ActivityState = 00000000 *** Host State *** RIP = 0xffffffff811b6397 RSP = 0xffff88005725f4c8 CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 FSBase=00007fba81767700 GSBase=ffff88003ec00000 TRBase=ffff88003ed22d40 GDTBase=ffffffffff576000 IDTBase=ffffffffff57b000 CR0=0000000080050033 CR3=000000003c2ec000 CR4=00000000000026f0 Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff84d6d190 EFER = 0x0000000000000d01 PAT = 0x0007040600070406 *** Control State *** PinBased=0000003f CPUBased=b6a1edfa SecondaryExec=001000e3 EntryControls=0001d3ff ExitControls=00afefff ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 VMEntry: intr_info=8000000b errcode=00000000 ilen=00000000 VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 reason=80000021 qualification=0000000000000000 IDTVectoring: info=00000000 errcode=00000000 TSC Offset = 0xffffffe150e0f61c TPR Threshold = 0x00 EPT pointer = 0x000000003ae8d01e Virtual processor ID = 0x0001 sg_write: data in/out 393180/4 bytes for SCSI command 0x27-- guessing data in; program syz-executor7 not setting count and/or reply_len properly sg_write: data in/out 393180/4 bytes for SCSI command 0x27-- guessing data in; program syz-executor7 not setting count and/or reply_len properly QAT: Invalid ioctl QAT: Invalid ioctl kvm_pmu: event creation failed -2 Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable QAT: Invalid ioctl QAT: Invalid ioctl sctp: [Deprecated]: syz-executor0 (pid 11398) Use of int in maxseg socket option. Use struct sctp_assoc_value instead sctp: [Deprecated]: syz-executor0 (pid 11405) Use of int in maxseg socket option. Use struct sctp_assoc_value instead sctp: [Deprecated]: syz-executor0 (pid 11407) Use of struct sctp_assoc_value in delayed_ack socket option. Use struct sctp_sack_info instead sctp: [Deprecated]: syz-executor0 (pid 11407) Use of struct sctp_assoc_value in delayed_ack socket option. Use struct sctp_sack_info instead sctp: [Deprecated]: syz-executor0 (pid 11423) Use of struct sctp_assoc_value in delayed_ack socket option. Use struct sctp_sack_info instead sctp: [Deprecated]: syz-executor0 (pid 11417) Use of struct sctp_assoc_value in delayed_ack socket option. Use struct sctp_sack_info instead hid-generic 0003:0627:0001.0001: pid 11519 passed too short report hid-generic 0003:0627:0001.0001: pid 11519 passed too short report device sit0 entered promiscuous mode TCP: request_sock_TCPv6: Possible SYN flooding on port 20001. Sending cookies. Check SNMP counters. nla_parse: 57 callbacks suppressed netlink: 13 bytes leftover after parsing attributes in process `syz-executor3'. netlink: 13 bytes leftover after parsing attributes in process `syz-executor3'. netlink: 8 bytes leftover after parsing attributes in process `syz-executor3'. netlink: 8 bytes leftover after parsing attributes in process `syz-executor3'. sctp: [Deprecated]: syz-executor5 (pid 11774) Use of int in maxseg socket option. Use struct sctp_assoc_value instead sctp: [Deprecated]: syz-executor5 (pid 11828) Use of int in maxseg socket option. Use struct sctp_assoc_value instead kvm [11883]: vcpu2, guest rIP: 0x0 kvm_set_msr_common: MSR_IA32_DEBUGCTLMSR 0x1, nop kvm [11883]: vcpu2, guest rIP: 0x0 kvm_set_msr_common: MSR_IA32_DEBUGCTLMSR 0x1, nop netlink: 3 bytes leftover after parsing attributes in process `syz-executor0'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor0'. device syz2 entered promiscuous mode device syz2 left promiscuous mode device syz2 entered promiscuous mode kvm [12032]: vcpu0, guest rIP: 0x913a unimplemented MMIO_CONF_BASE wrmsr: 0x40963985 kvm [12032]: vcpu0, guest rIP: 0x913a disabled perfctr wrmsr: 0xc0010007 data 0x40963985 kvm [12032]: vcpu0, guest rIP: 0x913a disabled perfctr wrmsr: 0xc0010006 data 0xffff3985 kvm [12032]: vcpu0, guest rIP: 0x913a disabled perfctr wrmsr: 0xc0010005 data 0xffff3985 kvm [12032]: vcpu0, guest rIP: 0x913a disabled perfctr wrmsr: 0xc0010002 data 0x40963985 sg_write: data in/out 2127708969/6 bytes for SCSI command 0xe3-- guessing data in; program syz-executor1 not setting count and/or reply_len properly 9pnet_virtio: no channels available for device ./bus sg_write: data in/out 2127708969/6 bytes for SCSI command 0xe3-- guessing data in; program syz-executor1 not setting count and/or reply_len properly 9pnet_virtio: no channels available for device ./bus netlink: 1 bytes leftover after parsing attributes in process `syz-executor3'. netlink: 1 bytes leftover after parsing attributes in process `syz-executor3'. QAT: Invalid ioctl QAT: Invalid ioctl TCP: tcp_parse_options: Illegal window scaling value 255 > 14 received TCP: tcp_parse_options: Illegal window scaling value 255 > 14 received *** Guest State *** CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=fffffffffffff871 CR3 = 0x00000000fffbc000 RSP = 0x0000000000000000 RIP = 0x000000000000fff0 RFLAGS=0x00010000 DR7 = 0x0000000000000400 Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 GDTR: limit=0x0000ffff, base=0x0000000000000000 LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 IDTR: limit=0x0000ffff, base=0x0000000000000000 TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 EFER = 0x0000000000000000 PAT = 0x0007040600070406 DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 BndCfgS = 0x0000000000000000 Interruptibility = 0000000a ActivityState = 00000000 *** Host State *** RIP = 0xffffffff811b6397 RSP = 0xffff88006721f4c8 CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 FSBase=00007fe3bb7cb700 GSBase=ffff88003ed00000 TRBase=ffff88003ed22d40 GDTBase=ffffffffff576000 IDTBase=ffffffffff57b000 CR0=0000000080050033 CR3=0000000027dc2000 CR4=00000000000026e0 Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff84d6d190 EFER = 0x0000000000000d01 PAT = 0x0007040600070406 *** Control State *** PinBased=0000003f CPUBased=b6a1edfa SecondaryExec=001000e3 EntryControls=0001d1ff ExitControls=00afefff ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 VMEntry: intr_info=80000305 errcode=00000008 ilen=00000000 VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 reason=80000021 qualification=0000000000000000 IDTVectoring: info=00000000 errcode=00000000 TSC Offset = 0xffffffdf411817f8 TPR Threshold = 0x00 sg_write: data in/out 131038/42 bytes for SCSI command 0xa1-- guessing data in; program syz-executor4 not setting count and/or reply_len properly EPT pointer = 0x000000003dcb901e Virtual processor ID = 0x0143 *** Guest State *** CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=fffffffffffff871 CR3 = 0x00000000fffbc000 RSP = 0x0000000000000f80 RIP = 0x0000000000000000 RFLAGS=0x003cf702 DR7 = 0x0000000000000400 Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810 CS: sel=0x0030, attr=0x0409b, limit=0x000fffff, base=0x0000000000000000 DS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 SS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 ES: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 GDTR: limit=0x000007ff, base=0x0000000000001000 LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 IDTR: limit=0x000001ff, base=0x0000000000003800 TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 EFER = 0x0000000000000001 PAT = 0x0007040600070406 DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 BndCfgS = 0x0000000000000000 Interruptibility = 0000000a ActivityState = 00000000 *** Host State *** RIP = 0xffffffff811b6397 RSP = 0xffff88006721f4c8 CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 FSBase=00007fe3bb7cb700 GSBase=ffff88003ed00000 TRBase=ffff88003ed22d40 GDTBase=ffffffffff576000 IDTBase=ffffffffff57b000 CR0=0000000080050033 CR3=0000000027dc2000 CR4=00000000000026e0 Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff84d6d190 EFER = 0x0000000000000d01 PAT = 0x0007040600070406 *** Control State *** PinBased=0000007f CPUBased=b6a1edfe SecondaryExec=001000e3 EntryControls=0001d1ff ExitControls=00afefff ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 VMEntry: intr_info=80000305 errcode=00000008 ilen=00000000 VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 reason=80000021 qualification=0000000000000000 IDTVectoring: info=00000000 errcode=00000000 TSC Offset = 0xffffffdf411817f8 TPR Threshold = 0x00 EPT pointer = 0x000000003dcb901e Virtual processor ID = 0x0143 *** Guest State *** CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=fffffffffffff871 CR3 = 0x00000000fffbc000 RSP = 0x0000000000000000 RIP = 0x000000000000fff0 RFLAGS=0x00010000 DR7 = 0x0000000000000400 Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 GDTR: limit=0x0000ffff, base=0x0000000000000000 LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 IDTR: limit=0x0000ffff, base=0x0000000000000000 TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 EFER = 0x0000000000000000 PAT = 0x0007040600070406 DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 BndCfgS = 0x0000000000000000 Interruptibility = 0000000a ActivityState = 00000000 *** Host State *** RIP = 0xffffffff811b6397 RSP = 0xffff880057f474c8 CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 FSBase=00007fe3bb7a8700 GSBase=ffff88006de00000 TRBase=ffff88006de22d40 GDTBase=ffffffffff575000 IDTBase=ffffffffff57b000 CR0=0000000080050033 CR3=0000000027dc2000 CR4=00000000000026e0 Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff84d6d190 EFER = 0x0000000000000d01 PAT = 0x0007040600070406 *** Control State *** PinBased=0000003f CPUBased=b6a1edfa SecondaryExec=001000e3 EntryControls=0001d1ff ExitControls=00afefff ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 VMEntry: intr_info=80000b05 errcode=00000008 ilen=00000000 VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 reason=80000021 qualification=0000000000000000 IDTVectoring: info=00000000 errcode=00000000 TSC Offset = 0xffffffdf355c1c0e TPR Threshold = 0x00 EPT pointer = 0x0000000056e0501e Virtual processor ID = 0x014d *** Guest State *** CR0: actual=0x0000000000000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=fffffffffffff871 CR3 = 0x00000000fffbc000 RSP = 0x0000000000000f80 RIP = 0x0000000000000000 RFLAGS=0x00000002 DR7 = 0x0000000000000400 Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 CS: sel=0x0010, attr=0x0009b, limit=0x000fffff, base=0x0000000000000000 DS: sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000 SS: sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000 ES: sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000 FS: sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000 GS: sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000 GDTR: limit=0x000007ff, base=0x0000000000001000 LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 IDTR: limit=0x0000ffff, base=0x0000000000000000 TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 EFER = 0x0000000000000000 PAT = 0x0007040600070406 DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 BndCfgS = 0x0000000000000000 Interruptibility = 00000000 ActivityState = 00000000 *** Host State *** RIP = 0xffffffff811b6397 RSP = 0xffff880053c3f4c8 CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 FSBase=00007f3e10b55700 GSBase=ffff88003ed00000 TRBase=ffff88003ed22d40 GDTBase=ffffffffff576000 IDTBase=ffffffffff57b000 CR0=0000000080050033 CR3=0000000038fee000 CR4=00000000000026e0 Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff84d6d190 EFER = 0x0000000000000d01 PAT = 0x0007040600070406 *** Control State *** PinBased=0000003f CPUBased=b699edfa SecondaryExec=001000e2 EntryControls=0001d1ff ExitControls=00afefff ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 reason=80000021 qualification=0000000000000000 IDTVectoring: info=00000000 errcode=00000000 TSC Offset = 0xffffffdf3352cc8a EPT pointer = 0x000000002d86101e Virtual processor ID = 0x014b *** Guest State *** CR0: actual=0x0000000000000029, shadow=0x0000000000000009, gh_mask=fffffffffffffff7 CR4: actual=0x0000000000012050, shadow=0x0000000000010000, gh_mask=fffffffffffff871 CR3 = 0x00000000fffbc000 RSP = 0x0000000000000f80 RIP = 0x0000000000000000 RFLAGS=0x00000002 DR7 = 0x0000000000000400 Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 CS: sel=0x0010, attr=0x0009b, limit=0x000fffff, base=0x0000000000000000 DS: sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000 SS: sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000 ES: sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000 FS: sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000 GS: sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000 GDTR: limit=0x000007ff, base=0x0000000000001000 LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 IDTR: limit=0x0000f000, base=0x0000000000010000 TR: sel=0x000c, attr=0x10000, limit=0x00010000, base=0x0000000000000002 EFER = 0x0000000000000400 PAT = 0x0007040600070406 DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 BndCfgS = 0x0000000000000000 Interruptibility = 00000000 ActivityState = 00000000 *** Host State *** RIP = 0xffffffff811b6397 RSP = 0xffff8800572274c8 CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 FSBase=00007fe3bb7cb700 GSBase=ffff88006de00000 TRBase=ffff88006de22d40 GDTBase=ffffffffff575000 IDTBase=ffffffffff57b000 CR0=0000000080050033 CR3=000000002da61000 CR4=00000000000026e0 Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff84d6d190 EFER = 0x0000000000000d01 PAT = 0x0007040600070406 *** Control State *** PinBased=0000003f CPUBased=b6a1edfa SecondaryExec=001000e3 EntryControls=0001d3ff ExitControls=00afefff ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 VMEntry: intr_info=80000001 errcode=00000000 ilen=00000000 VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 reason=80000021 qualification=0000000000000000 IDTVectoring: info=00000000 errcode=00000000 TSC Offset = 0xffffffdf197cec4a TPR Threshold = 0x00 EPT pointer = 0x00000000671a101e Virtual processor ID = 0x0143 *** Guest State *** CR0: actual=0x0000000000000029, shadow=0x0000000000000009, gh_mask=fffffffffffffff7 CR4: actual=0x0000000000012050, shadow=0x0000000000010000, gh_mask=fffffffffffff871 CR3 = 0x00000000fffbc000 RSP = 0x0000000000000f80 RIP = 0x0000000000000000 RFLAGS=0x00000002 DR7 = 0x0000000000000400 Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 CS: sel=0x0010, attr=0x0009b, limit=0x000fffff, base=0x0000000000000000 DS: sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000 SS: sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000 ES: sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000 FS: sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000 GS: sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000 GDTR: limit=0x000007ff, base=0x0000000000001000 LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 IDTR: limit=0x0000f000, base=0x0000000000010000 TR: sel=0x000c, attr=0x10000, limit=0x00010000, base=0x0000000000000002 EFER = 0x0000000000000400 PAT = 0x0007040600070406 DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 BndCfgS = 0x0000000000000000 Interruptibility = 00000000 ActivityState = 00000000 *** Host State *** RIP = 0xffffffff811b6397 RSP = 0xffff8800572274c8 CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 FSBase=00007fe3bb7cb700 GSBase=ffff88006df00000 TRBase=ffff88006df22d40 GDTBase=ffffffffff574000 IDTBase=ffffffffff57b000 CR0=0000000080050033 CR3=000000002da61000 CR4=00000000000026e0 Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff84d6d190 EFER = 0x0000000000000d01 PAT = 0x0007040600070406 *** Control State *** PinBased=0000003f CPUBased=b699edfe SecondaryExec=001000e2 EntryControls=0001d3ff ExitControls=00afefff ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 VMEntry: intr_info=80000001 errcode=00000000 ilen=00000000 VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 reason=80000021 qualification=0000000000000000 IDTVectoring: info=00000000 errcode=00000000 TSC Offset = 0xffffffdf137d8d48 EPT pointer = 0x000000006762a01e Virtual processor ID = 0x0151 syz1: Invalid MTU 67108868 requested, hw max 65521 syz1: Invalid MTU 67108868 requested, hw max 65521 kvm_hv_get_msr: 698 callbacks suppressed kvm [12460]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x4000008f kvm [12460]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x4000008e kvm [12460]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x4000008d kvm [12460]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x4000008c kvm [12460]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x4000008b kvm [12460]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x4000008a kvm [12460]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x40000089 kvm [12460]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x40000088 kvm [12460]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x40000087 kvm [12460]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x40000086 kvm: emulating exchange as write kvm_hv_set_msr: 247 callbacks suppressed kvm [12460]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x40000023 data 0x66c900003b9a1043 kvm [12460]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x40000022 data 0x66c90000cb211043 kvm [12460]: vcpu0, guest rIP: 0x9112 Hyper-V uhandled wrmsr: 0x40000020 data 0x66c9000000031043 syz-executor4: vmalloc: allocation failure: 17179869180 bytes, mode:0x14080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) syz-executor4 cpuset=/ mems_allowed=0-1 CPU: 0 PID: 12512 Comm: syz-executor4 Tainted: G W 4.13.0-rc5-next-20170815+ #3 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:16 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:52 warn_alloc+0x1c2/0x2f0 mm/page_alloc.c:3234 __vmalloc_node_range+0x57b/0x710 mm/vmalloc.c:1778 __vmalloc_node mm/vmalloc.c:1807 [inline] __vmalloc_node_flags_caller+0x50/0x60 mm/vmalloc.c:1829 kvmalloc_node+0x82/0xd0 mm/util.c:406 kvmalloc include/linux/mm.h:524 [inline] kvmalloc_array include/linux/mm.h:540 [inline] xt_alloc_entry_offsets+0x21/0x30 net/netfilter/x_tables.c:774 translate_table+0x235/0x1690 net/ipv6/netfilter/ip6_tables.c:711 do_replace net/ipv6/netfilter/ip6_tables.c:1155 [inline] do_ip6t_set_ctl+0x345/0x5c0 net/ipv6/netfilter/ip6_tables.c:1681 nf_sockopt net/netfilter/nf_sockopt.c:105 [inline] nf_setsockopt+0x67/0xc0 net/netfilter/nf_sockopt.c:114 ipv6_setsockopt+0x115/0x150 net/ipv6/ipv6_sockglue.c:920 rawv6_setsockopt+0x4a/0xf0 net/ipv6/raw.c:1059 sock_common_setsockopt+0x95/0xd0 net/core/sock.c:2973 SYSC_setsockopt net/socket.c:1852 [inline] SyS_setsockopt+0x189/0x360 net/socket.c:1831 entry_SYSCALL_64_fastpath+0x1f/0xbe RIP: 0033:0x446739 RSP: 002b:00007fb09a491c08 EFLAGS: 00000296 ORIG_RAX: 0000000000000036 RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000446739 RDX: 0800000000000040 RSI: 0400000000000029 RDI: 0000000000000005 RBP: 0000000000708000 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000020000000 R11: 0000000000000296 R12: 00000000ffffffff R13: 00000000000042f0 R14: 00000000006e63b0 R15: 0000000020000000 warn_alloc_show_mem: 3 callbacks suppressed Mem-Info: active_anon:82822 inactive_anon:64 isolated_anon:0 active_file:3573 inactive_file:4813 isolated_file:0 unevictable:0 dirty:85 writeback:9 unstable:0 slab_reclaimable:8067 slab_unreclaimable:39830 mapped:20889 shmem:77 pagetables:785 bounce:0 free:251529 free_pcp:1063 free_cma:0 Node 0 active_anon:169068kB inactive_anon:92kB active_file:7400kB inactive_file:2460kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:36292kB dirty:200kB writeback:0kB shmem:116kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 53248kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no Node 1 active_anon:176880kB inactive_anon:164kB active_file:6892kB inactive_file:16792kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:47264kB dirty:140kB writeback:36kB shmem:192kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 32768kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no Node 0 DMA free:15908kB min:640kB low:800kB high:960kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 884 884 884 Node 0 DMA32 free:572328kB min:36500kB low:45624kB high:54748kB active_anon:173248kB inactive_anon:92kB active_file:7400kB inactive_file:2460kB unevictable:4kB writepending:152kB present:1032192kB managed:907904kB mlocked:4kB kernel_stack:2976kB pagetables:1720kB bounce:0kB free_pcp:1984kB local_pcp:448kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 Node 1 DMA32 free:404908kB min:30440kB low:38048kB high:45656kB active_anon:172712kB inactive_anon:164kB active_file:6892kB inactive_file:16792kB unevictable:0kB writepending:328kB present:1048560kB managed:755224kB mlocked:0kB kernel_stack:2272kB pagetables:1568kB bounce:0kB free_pcp:2140kB local_pcp:676kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB Node 0 DMA32: 100*4kB (UE) 674*8kB (UME) 1020*16kB (UME) 652*32kB (UME) 390*64kB (UM) 189*128kB (UME) 33*256kB (UM) 7*512kB (UME) 7*1024kB (ME) 2*2048kB (UM) 111*4096kB (M) = 570080kB Node 1 DMA32: 1077*4kB (UME) 2430*8kB (UME) 1457*16kB (UME) 635*32kB (UME) 301*64kB (UME) 116*128kB (UME) 30*256kB (UM) 18*512kB (UME) 11*1024kB (UME) 1*2048kB (U) 65*4096kB (UM) = 397940kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 8462 total pagecache pages 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 524186 pages RAM 0 pages HighMem/MovableOnly 104427 pages reserved syz-executor4: vmalloc: allocation failure: 17179869180 bytes, mode:0x14080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) syz-executor4 cpuset=/ mems_allowed=0-1 CPU: 0 PID: 12517 Comm: syz-executor4 Tainted: G W 4.13.0-rc5-next-20170815+ #3 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:16 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:52 warn_alloc+0x1c2/0x2f0 mm/page_alloc.c:3234 __vmalloc_node_range+0x57b/0x710 mm/vmalloc.c:1778 __vmalloc_node mm/vmalloc.c:1807 [inline] __vmalloc_node_flags_caller+0x50/0x60 mm/vmalloc.c:1829 kvmalloc_node+0x82/0xd0 mm/util.c:406 kvmalloc include/linux/mm.h:524 [inline] kvmalloc_array include/linux/mm.h:540 [inline] xt_alloc_entry_offsets+0x21/0x30 net/netfilter/x_tables.c:774 translate_table+0x235/0x1690 net/ipv6/netfilter/ip6_tables.c:711 do_replace net/ipv6/netfilter/ip6_tables.c:1155 [inline] do_ip6t_set_ctl+0x345/0x5c0 net/ipv6/netfilter/ip6_tables.c:1681 nf_sockopt net/netfilter/nf_sockopt.c:105 [inline] nf_setsockopt+0x67/0xc0 net/netfilter/nf_sockopt.c:114 ipv6_setsockopt+0x115/0x150 net/ipv6/ipv6_sockglue.c:920 rawv6_setsockopt+0x4a/0xf0 net/ipv6/raw.c:1059 sock_common_setsockopt+0x95/0xd0 net/core/sock.c:2973 SYSC_setsockopt net/socket.c:1852 [inline] SyS_setsockopt+0x189/0x360 net/socket.c:1831 entry_SYSCALL_64_fastpath+0x1f/0xbe RIP: 0033:0x446739 RSP: 002b:00007fb09a470c08 EFLAGS: 00000296 ORIG_RAX: 0000000000000036 RAX: ffffffffffffffda RBX: 000000000000001c RCX: 0000000000446739 RDX: 0800000000000040 RSI: 0400000000000029 RDI: 000000000000001c RBP: 00000000007080a8 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000020000000 R11: 0000000000000296 R12: 00000000ffffffff R13: 0000000000003250 R14: 00000000006e5310 R15: 0000000000008916 sg_write: data in/out 196574/112 bytes for SCSI command 0x8-- guessing data in; program syz-executor7 not setting count and/or reply_len properly sg_write: data in/out 196574/112 bytes for SCSI command 0x8-- guessing data in; program syz-executor7 not setting count and/or reply_len properly sctp: [Deprecated]: syz-executor1 (pid 12610) Use of struct sctp_assoc_value in delayed_ack socket option. Use struct sctp_sack_info instead sctp: [Deprecated]: syz-executor1 (pid 12610) Use of int in maxseg socket option. Use struct sctp_assoc_value instead sctp: [Deprecated]: syz-executor1 (pid 12617) Use of struct sctp_assoc_value in delayed_ack socket option. Use struct sctp_sack_info instead sctp: [Deprecated]: syz-executor1 (pid 12614) Use of int in maxseg socket option. Use struct sctp_assoc_value instead