[ OK ] Started Getty on tty2. [ OK ] Started Serial Getty on ttyS0. [ OK ] Started Getty on tty1. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.10.9' (ECDSA) to the list of known hosts. executing program executing program executing program executing program executing program syzkaller login: [ 27.662856] ------------[ cut here ]------------ [ 27.667689] kernel BUG at drivers/vhost/vhost.c:2240! [ 27.673339] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 27.678690] Modules linked in: [ 27.681858] CPU: 0 PID: 7970 Comm: vhost-7969 Not tainted 4.14.267-syzkaller #0 [ 27.689273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 27.698604] task: ffff88808f8be6c0 task.stack: ffff8880b3b68000 [ 27.704650] RIP: 0010:vhost_get_vq_desc+0x1b5c/0x20c0 [ 27.709813] RSP: 0018:ffff8880b3b6fb80 EFLAGS: 00010297 [ 27.715148] RAX: ffff88808f8be6c0 RBX: 0000000000000001 RCX: dffffc0000000000 [ 27.722401] RDX: 0000000000000000 RSI: ffff8880b3b6fdb8 RDI: ffff888091784b86 [ 27.729642] RBP: 0000000000000000 R08: 0000000000000400 R09: 0000000000000001 [ 27.736885] R10: ffff8880b3b6fc5f R11: ffff88808f8be6c0 R12: ffff888091784b98 [ 27.744129] R13: 0000000000000000 R14: 0000000000000000 R15: ffff8880917849c8 [ 27.751375] FS: 0000000000000000(0000) GS:ffff8880ba400000(0000) knlGS:0000000000000000 [ 27.759573] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 27.765426] CR2: 0000000000000002 CR3: 00000000ab171000 CR4: 00000000003406f0 [ 27.772673] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 27.779914] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 27.787170] Call Trace: [ 27.789736] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 27.794811] ? debug_check_no_obj_freed+0x2c0/0x680 [ 27.799799] ? vhost_vq_avail_empty+0x320/0x320 [ 27.804442] ? mark_held_locks+0xa6/0xf0 [ 27.808474] ? kfree+0x14a/0x250 [ 27.811810] ? vhost_vsock_handle_tx_kick+0x687/0x900 [ 27.816968] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 27.821956] vhost_vsock_handle_tx_kick+0x1d1/0x900 [ 27.826951] ? vhost_vsock_handle_rx_kick+0x50/0x50 [ 27.831944] ? _raw_spin_unlock_irqrestore+0x79/0xe0 [ 27.837020] ? vhost_worker+0x205/0x450 [ 27.840965] ? vhost_worker+0x205/0x450 [ 27.844909] vhost_worker+0x267/0x450 [ 27.848698] ? vq_memory_access_ok+0x210/0x210 [ 27.853251] ? _raw_spin_unlock_irqrestore+0x79/0xe0 [ 27.858328] ? vq_memory_access_ok+0x210/0x210 [ 27.862888] kthread+0x30d/0x420 [ 27.866229] ? kthread_create_on_node+0xd0/0xd0 [ 27.870874] ret_from_fork+0x24/0x30 [ 27.874567] Code: 94 00 00 00 48 c7 c6 c0 86 48 88 48 c7 c7 38 08 06 8a 48 89 ca 48 c1 e1 04 48 01 d9 e8 ee 38 aa fd e9 c1 fc ff ff e8 44 2e d6 fb <0f> 0b e8 3d 2e d6 fb 44 89 f2 b9 10 00 00 00 48 c7 c6 c0 84 48 [ 27.893633] RIP: vhost_get_vq_desc+0x1b5c/0x20c0 RSP: ffff8880b3b6fb80 [ 27.900373] ---[ end trace 6d65af052c41cb5b ]--- [ 27.905113] Kernel panic - not syncing: Fatal exception [ 27.910624] Kernel Offset: disabled [ 27.914230] Rebooting in 86400 seconds..