[ 26.071056] random: sshd: uninitialized urandom read (32 bytes read) [ 26.559292] random: sshd: uninitialized urandom read (32 bytes read) [ 35.217166] random: sshd: uninitialized urandom read (32 bytes read) [ 36.214929] random: cc1: uninitialized urandom read (8 bytes read) [ 36.660129] IPVS: ftp: loaded support on port[0] = 21 [ 62.521137] can: request_module (can-proto-0) failed. [ 62.531022] can: request_module (can-proto-0) failed. [ 64.778720] random: sshd: uninitialized urandom read (32 bytes read) [ 65.173777] random: sshd: uninitialized urandom read (32 bytes read) [ 65.344447] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.211' (ECDSA) to the list of known hosts. 2019/11/22 07:17:55 parsed 1 programs 2019/11/22 07:17:56 executed programs: 0 [ 72.150281] IPVS: ftp: loaded support on port[0] = 21 [ 72.166330] IPVS: ftp: loaded support on port[0] = 21 [ 72.175088] IPVS: ftp: loaded support on port[0] = 21 [ 72.175279] IPVS: ftp: loaded support on port[0] = 21 [ 72.195716] IPVS: ftp: loaded support on port[0] = 21 [ 72.197123] IPVS: ftp: loaded support on port[0] = 21 [ 73.028130] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.041616] bridge0: port 1(bridge_slave_0) entered disabled state [ 73.048702] device bridge_slave_0 entered promiscuous mode [ 73.073710] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.090173] bridge0: port 1(bridge_slave_0) entered disabled state [ 73.099105] device bridge_slave_0 entered promiscuous mode [ 73.114584] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.121648] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.128631] device bridge_slave_1 entered promiscuous mode [ 73.150693] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.157073] bridge0: port 1(bridge_slave_0) entered disabled state [ 73.167155] device bridge_slave_0 entered promiscuous mode [ 73.176820] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.184657] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.192527] device bridge_slave_1 entered promiscuous mode [ 73.207736] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 73.222740] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.229123] bridge0: port 1(bridge_slave_0) entered disabled state [ 73.241892] device bridge_slave_0 entered promiscuous mode [ 73.249787] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 73.261859] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.268229] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.275884] device bridge_slave_1 entered promiscuous mode [ 73.284990] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.291949] bridge0: port 1(bridge_slave_0) entered disabled state [ 73.298875] device bridge_slave_0 entered promiscuous mode [ 73.309178] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 73.318244] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 73.327151] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.335304] bridge0: port 1(bridge_slave_0) entered disabled state [ 73.343339] device bridge_slave_0 entered promiscuous mode [ 73.350292] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.356637] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.364141] device bridge_slave_1 entered promiscuous mode [ 73.373376] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 73.388292] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.395531] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.403255] device bridge_slave_1 entered promiscuous mode [ 73.411190] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.417555] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.426319] device bridge_slave_1 entered promiscuous mode [ 73.438303] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 73.449272] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 73.464531] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 73.483785] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 73.508151] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 73.518930] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 73.530594] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 73.555311] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 73.581566] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 73.593267] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 73.651000] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 73.665728] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 73.698512] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 73.708958] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 73.732701] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 73.758748] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 73.770635] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 73.781370] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 73.795300] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 73.804853] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 73.816080] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 73.833821] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 73.848015] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 73.856352] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 73.864988] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 73.877767] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 73.886002] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 73.897242] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 73.905063] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 73.918410] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 73.936568] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 73.944301] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 73.954195] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 73.968452] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 73.979157] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 73.998100] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 74.009606] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 74.034308] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 74.042809] team0: Port device team_slave_0 added [ 74.049836] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 74.057662] team0: Port device team_slave_0 added [ 74.091666] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 74.105167] team0: Port device team_slave_1 added [ 74.126963] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 74.135529] team0: Port device team_slave_0 added [ 74.141294] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 74.148360] team0: Port device team_slave_0 added [ 74.159970] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 74.174776] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 74.190931] team0: Port device team_slave_1 added [ 74.197418] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 74.205404] team0: Port device team_slave_0 added [ 74.212846] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 74.220754] team0: Port device team_slave_1 added [ 74.226130] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 74.235108] team0: Port device team_slave_0 added [ 74.241333] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 74.248603] team0: Port device team_slave_1 added [ 74.258847] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 74.267768] team0: Port device team_slave_1 added [ 74.276151] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 74.290760] team0: Port device team_slave_1 added [ 74.298143] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 74.308813] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 74.322476] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 74.331381] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 74.351322] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 74.366690] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 74.378817] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 74.399615] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 74.408156] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 74.416153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 74.424033] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 74.431728] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 74.441517] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 74.453194] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 74.468116] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 74.481359] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 74.488898] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 74.497774] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 74.506748] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 74.515349] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 74.523498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 74.531422] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 74.539010] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 74.547659] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 74.556509] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 74.567826] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 74.579702] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 74.589930] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 74.602702] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 74.615709] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 74.623701] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 74.631582] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 74.639206] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 74.647013] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 74.654755] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 74.662782] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 74.673637] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 74.681630] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 74.691719] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 74.699159] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 74.712841] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 74.719789] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 74.738848] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 74.747194] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 74.755052] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 74.762919] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 74.770909] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 75.177712] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.184268] bridge0: port 2(bridge_slave_1) entered forwarding state [ 75.191338] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.197692] bridge0: port 1(bridge_slave_0) entered forwarding state [ 75.206528] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 75.215128] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.221562] bridge0: port 2(bridge_slave_1) entered forwarding state [ 75.228192] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.234576] bridge0: port 1(bridge_slave_0) entered forwarding state [ 75.243729] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 75.289852] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.296278] bridge0: port 2(bridge_slave_1) entered forwarding state [ 75.302960] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.309330] bridge0: port 1(bridge_slave_0) entered forwarding state [ 75.317802] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 75.328949] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.335371] bridge0: port 2(bridge_slave_1) entered forwarding state [ 75.342027] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.348378] bridge0: port 1(bridge_slave_0) entered forwarding state [ 75.356448] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 75.364877] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.371284] bridge0: port 2(bridge_slave_1) entered forwarding state [ 75.377905] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.384439] bridge0: port 1(bridge_slave_0) entered forwarding state [ 75.391641] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 75.403849] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.410248] bridge0: port 2(bridge_slave_1) entered forwarding state [ 75.416883] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.423297] bridge0: port 1(bridge_slave_0) entered forwarding state [ 75.431344] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 75.816482] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 75.825660] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 75.834787] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 75.842309] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 75.849374] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 75.857342] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 77.215266] 8021q: adding VLAN 0 to HW filter on device bond0 [ 77.255376] 8021q: adding VLAN 0 to HW filter on device bond0 [ 77.268690] 8021q: adding VLAN 0 to HW filter on device bond0 [ 77.291840] 8021q: adding VLAN 0 to HW filter on device bond0 [ 77.318696] 8021q: adding VLAN 0 to HW filter on device bond0 [ 77.372916] 8021q: adding VLAN 0 to HW filter on device bond0 [ 77.414063] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 77.439138] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 77.463905] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 77.481802] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 77.528742] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 77.579046] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 77.603861] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 77.625621] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 77.633532] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 77.645225] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 77.663000] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 77.680876] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 77.690973] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 77.700316] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 77.713267] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 77.724218] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 77.736239] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 77.744302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 77.757073] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 77.768789] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 77.779784] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 77.805745] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 77.817177] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 77.827894] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 77.866117] 8021q: adding VLAN 0 to HW filter on device team0 [ 77.916859] 8021q: adding VLAN 0 to HW filter on device team0 [ 77.935673] 8021q: adding VLAN 0 to HW filter on device team0 [ 77.946473] 8021q: adding VLAN 0 to HW filter on device team0 [ 77.968947] 8021q: adding VLAN 0 to HW filter on device team0 [ 77.987321] 8021q: adding VLAN 0 to HW filter on device team0 [ 79.014667] ================================================================== [ 79.022279] BUG: KASAN: use-after-free in finish_task_switch+0x56e/0x8c0 [ 79.029143] Read of size 8 at addr ffff8801c46c8058 by task syz-executor0/6761 [ 79.036524] [ 79.038174] CPU: 0 PID: 6761 Comm: syz-executor0 Not tainted 4.18.0-rc6-syzkaller #0 [ 79.046051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 79.055400] Call Trace: [ 79.057993] dump_stack+0x16e/0x22a [ 79.061629] ? dump_stack_print_info.cold.2+0x48/0x48 [ 79.066814] ? printk+0x9a/0xc0 [ 79.070116] ? kmsg_dump_rewind_nolock+0xdf/0xdf [ 79.074865] print_address_description.cold.8+0x9/0x1ff [ 79.074874] kasan_report.cold.9+0x242/0x2fe [ 79.074884] ? finish_task_switch+0x56e/0x8c0 [ 79.074894] __asan_report_load8_noabort+0x14/0x20 [ 79.084625] finish_task_switch+0x56e/0x8c0 [ 79.094029] ? preempt_notifier_register+0x200/0x200 [ 79.094038] ? lock_repin_lock+0x430/0x430 [ 79.094044] ? vmx_vcpu_put+0x2b/0x150 [ 79.094052] ? kvm_arch_vcpu_put+0x299/0x3c0 [ 79.094065] __schedule+0x83e/0x1f40 [ 79.094078] ? pci_mmcfg_check_reserved+0x120/0x120 [ 79.094083] ? find_held_lock+0x36/0x1c0 [ 79.094094] ? is_bpf_text_address+0x60/0xe0 [ 79.103481] ? lock_downgrade+0x900/0x900 [ 79.103491] ? mark_held_locks+0xc7/0x130 [ 79.103499] ? preempt_schedule_irq+0x5e/0x110 [ 79.103509] preempt_schedule_irq+0x87/0x110 [ 79.103519] retint_kernel+0x1b/0x2d [ 79.103527] RIP: 0010:depot_save_stack+0xbf/0x470 [ 79.103530] Code: 01 [ 79.111619] c8 c1 c3 08 44 31 d3 41 [ 79.116774] vmwrite error: reg 6c0a value fffffe0000034000 (err 212992) [ 79.119729] 89 da 41 29 d9 01 c3 41 c1 c2 10 45 31 d1 45 89 ca 44 29 c8 41 01 d9 41 c1 ca 0d 44 31 d0 41 89 c2 <29> c3 44 01 c8 41 c1 c2 04 44 31 d3 41 83 f8 03 77 86 41 83 f8 02 [ 79.187918] RSP: 0018:ffff8801b88df1c8 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff13 [ 79.195615] RAX: 00000000f053ad46 RBX: 000000009697aeaf RCX: ffff8801b88df228 [ 79.202880] RDX: ffff8801b88df24c RSI: 0000000000608040 RDI: 0000000000000014 [ 79.210135] RBP: ffff8801b88df200 R08: 000000000000001f R09: 000000004b2c9494 [ 79.217401] R10: 00000000f053ad46 R11: ffff8801dac23953 R12: ffff8801da97c0c0 [ 79.224655] R13: ffff8801b88df210 R14: 0000000000000000 R15: ffff8801cc817faf [ 79.231933] save_stack+0xa9/0xd0 [ 79.235381] ? save_stack+0x43/0xd0 [ 79.238990] ? kasan_kmalloc+0xc7/0xe0 [ 79.242857] ? kasan_slab_alloc+0x12/0x20 [ 79.246993] ? kmem_cache_alloc+0x12e/0x780 [ 79.251303] ? new_inode_smack+0x1b/0xa0 [ 79.255435] ? smack_inode_alloc_security+0x85/0xf0 [ 79.260435] ? security_inode_alloc+0x63/0xa0 [ 79.264930] ? inode_init_always+0x685/0xdd0 [ 79.269422] ? alloc_inode+0x6c/0x150 [ 79.273203] ? new_inode_pseudo+0x66/0x190 [ 79.277429] ? new_inode+0x14/0x30 [ 79.280961] ? debugfs_get_inode+0xe/0x110 [ 79.285197] ? __debugfs_create_file+0x74/0x390 [ 79.289849] ? debugfs_create_file+0x24/0x30 [ 79.294243] ? kvm_dev_ioctl+0xa24/0x1a30 [ 79.298416] ? do_vfs_ioctl+0x195/0x1650 [ 79.302463] ? ksys_ioctl+0x62/0x90 [ 79.306072] ? __x64_sys_ioctl+0x6e/0xb0 [ 79.310116] ? do_syscall_64+0x183/0x700 [ 79.314157] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 79.319506] ? is_bpf_text_address+0x7d/0xe0 [ 79.323895] ? kernel_text_address+0x79/0xf0 [ 79.328286] ? print_usage_bug+0xc0/0xc0 [ 79.332336] ? __lock_is_held+0xb5/0x140 [ 79.336387] ? check_same_owner+0x330/0x330 [ 79.340696] ? kasan_unpoison_shadow+0x35/0x50 [ 79.345258] kasan_kmalloc+0xc7/0xe0 [ 79.348958] kasan_slab_alloc+0x12/0x20 [ 79.352913] kmem_cache_alloc+0x12e/0x780 [ 79.357043] ? lock_downgrade+0x900/0x900 [ 79.361180] new_inode_smack+0x1b/0xa0 [ 79.365050] smack_inode_alloc_security+0x85/0xf0 [ 79.369874] security_inode_alloc+0x63/0xa0 [ 79.374178] inode_init_always+0x685/0xdd0 [ 79.378404] ? __address_space_init_once+0x240/0x240 [ 79.383492] ? __lock_is_held+0xb5/0x140 [ 79.387551] ? rcu_read_lock_sched_held+0x108/0x120 [ 79.392549] ? kmem_cache_alloc+0x625/0x780 [ 79.396857] alloc_inode+0x6c/0x150 [ 79.400468] new_inode_pseudo+0x66/0x190 [ 79.404511] ? prune_icache_sb+0x1e0/0x1e0 [ 79.408727] ? down_read+0x1d0/0x1d0 [ 79.412448] new_inode+0x14/0x30 [ 79.415796] debugfs_get_inode+0xe/0x110 [ 79.419840] __debugfs_create_file+0x74/0x390 [ 79.424317] ? kvm_dev_ioctl+0x850/0x1a30 [ 79.428452] debugfs_create_file+0x24/0x30 [ 79.432669] kvm_dev_ioctl+0xa24/0x1a30 [ 79.436629] ? kvm_debugfs_release+0x90/0x90 [ 79.441021] ? do_futex+0x877/0x24f0 [ 79.444722] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 79.449980] ? kasan_check_read+0x11/0x20 [ 79.454114] ? graph_lock+0x170/0x170 [ 79.457899] ? unwind_dump+0x190/0x190 [ 79.461771] ? exit_robust_list+0x1b0/0x1b0 [ 79.466077] ? is_bpf_text_address+0x7d/0xe0 [ 79.470472] ? find_held_lock+0x36/0x1c0 [ 79.474518] ? __fget+0x307/0x520 [ 79.477954] ? lock_downgrade+0x900/0x900 [ 79.482088] ? rcu_read_unlock_special.part.63+0xf50/0xf50 [ 79.487694] ? kasan_check_read+0x11/0x20 [ 79.491824] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 79.497081] ? rcu_bh_qs+0xc0/0xc0 [ 79.500622] ? __fget+0x324/0x520 [ 79.504062] ? expand_files.part.8+0x880/0x880 [ 79.508632] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 79.513721] do_vfs_ioctl+0x195/0x1650 [ 79.517591] ? rcu_lockdep_current_cpu_online+0x1ae/0x210 [ 79.523111] ? rcu_pm_notify+0xc0/0xc0 [ 79.526981] ? ioctl_preallocate+0x2d0/0x2d0 [ 79.531371] ? memset+0x31/0x40 [ 79.534635] ? smack_file_ioctl+0xd4/0x370 [ 79.538852] ? fget_raw+0x10/0x10 [ 79.548020] ? smack_file_lock+0x2c0/0x2c0 [ 79.552244] ? do_sys_open+0x25b/0x6b0 [ 79.556121] ksys_ioctl+0x62/0x90 [ 79.559560] __x64_sys_ioctl+0x6e/0xb0 [ 79.563429] do_syscall_64+0x183/0x700 [ 79.567305] ? finish_task_switch+0x1f4/0x8c0 [ 79.571784] ? syscall_return_slowpath+0x4e0/0x4e0 [ 79.576697] ? syscall_return_slowpath+0x215/0x4e0 [ 79.581611] ? prepare_exit_to_usermode+0x300/0x300 [ 79.586611] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 79.591959] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 79.596793] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 79.601965] RIP: 0033:0x4577c9 [ 79.605136] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 79.624339] RSP: 002b:00007fdc056e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 79.632032] RAX: ffffffffffffffda RBX: 00007fdc056e26d4 RCX: 00000000004577c9 [ 79.639319] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000006 [ 79.646572] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 79.653826] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 79.661077] R13: 00000000004cfcc8 R14: 00000000004bfe00 R15: 0000000000000000 [ 79.668345] [ 79.668350] CPU: 1 PID: 6783 Comm: syz-executor4 Not tainted 4.18.0-rc6-syzkaller #0 [ 79.669968] Allocated by task 6761: [ 79.677843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 79.681463] save_stack+0x43/0xd0 [ 79.691067] Call Trace: [ 79.694532] kasan_kmalloc+0xc7/0xe0 [ 79.694539] kasan_slab_alloc+0x12/0x20 [ 79.697118] dump_stack+0x16e/0x22a [ 79.700804] kmem_cache_alloc+0x12e/0x780 [ 79.700811] vmx_create_vcpu+0xc6/0x1f50 [ 79.704772] ? dump_stack_print_info.cold.2+0x48/0x48 [ 79.708380] kvm_arch_vcpu_create+0xb0/0x1c0 [ 79.712509] vmwrite_error+0x2a/0x30 [ 79.716538] kvm_vm_ioctl+0x5e0/0x1c60 [ 79.716544] do_vfs_ioctl+0x195/0x1650 [ 79.721711] vmx_vcpu_load+0xad9/0xf40 [ 79.726098] ksys_ioctl+0x62/0x90 [ 79.729789] ? vmx_write_tsc_offset+0x590/0x590 [ 79.733646] __x64_sys_ioctl+0x6e/0xb0 [ 79.737507] ? graph_lock+0x170/0x170 [ 79.741388] do_syscall_64+0x183/0x700 [ 79.741395] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 79.744833] ? rcu_lockdep_current_cpu_online+0x1ae/0x210 [ 79.749467] [ 79.753340] ? rcu_pm_notify+0xc0/0xc0 [ 79.757115] Freed by task 6760: [ 79.761010] kvm_arch_vcpu_load+0x1d8/0x7a0 [ 79.766180] save_stack+0x43/0xd0 [ 79.771875] ? kvm_arch_dev_ioctl+0x430/0x430 [ 79.773474] __kasan_slab_free+0x102/0x150 [ 79.777359] kvm_sched_in+0x63/0x80 [ 79.780601] kasan_slab_free+0xe/0x10 [ 79.780606] kmem_cache_free+0x83/0x2d0 [ 79.784907] finish_task_switch+0x537/0x8c0 [ 79.788352] vmx_free_vcpu+0x200/0x290 [ 79.792839] ? preempt_notifier_register+0x200/0x200 [ 79.797042] kvm_arch_destroy_vm+0x322/0x7a0 [ 79.797050] kvm_put_kvm+0x59c/0xdd0 [ 79.800670] ? lock_repin_lock+0x430/0x430 [ 79.804466] kvm_vcpu_release+0x77/0xa0 [ 79.808414] ? vmx_vcpu_put+0x2b/0x150 [ 79.812718] __fput+0x2e6/0x990 [ 79.816580] ? kvm_arch_vcpu_put+0x299/0x3c0 [ 79.821657] ____fput+0x9/0x10 [ 79.826046] __schedule+0x83e/0x1f40 [ 79.829731] task_work_run+0x19f/0x240 [ 79.833956] ? pci_mmcfg_check_reserved+0x120/0x120 [ 79.838504] exit_to_usermode_loop+0x269/0x300 [ 79.838509] do_syscall_64+0x587/0x700 [ 79.842379] ? console_unlock+0xd82/0xfd0 [ 79.845632] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 79.845635] [ 79.850032] ? preempt_schedule+0x4d/0x60 [ 79.853187] The buggy address belongs to the object at ffff8801c46c8040 [ 79.853187] which belongs to the cache kvm_vcpu of size 23616 [ 79.856874] preempt_schedule_common+0x1f/0xd0 [ 79.860733] The buggy address is located 24 bytes inside of [ 79.860733] 23616-byte region [ffff8801c46c8040, ffff8801c46cdc80) [ 79.860735] The buggy address belongs to the page: [ 79.865726] preempt_schedule+0x4d/0x60 [ 79.870278] page:ffffea000711b200 count:1 mapcount:0 mapping:ffff8801d57a0a80 index:0x0 [ 79.874166] ___preempt_schedule+0x16/0x18 [ 79.878280] compound_mapcount: 0 [ 79.883452] vprintk_emit+0x3df/0xad0 [ 79.889192] ? wake_up_klogd+0x160/0x160 [ 79.901747] flags: 0x2fffc0000008100(slab|head) [ 79.901754] raw: 02fffc0000008100 ffff8801d579e648 ffffea0007022c08 ffff8801d57a0a80 [ 79.906316] ? __save_stack_trace+0x30/0xf0 [ 79.918279] raw: 0000000000000000 ffff8801c46c8040 0000000100000001 0000000000000000 [ 79.923226] ? save_stack+0xa9/0xd0 [ 79.927159] page dumped because: kasan: bad access detected [ 79.935277] ? kasan_kmalloc+0xc7/0xe0 [ 79.939483] [ 79.942910] ? __kmalloc+0x14e/0x7a0 [ 79.942917] ? kobject_get_path+0x9d/0x200 [ 79.946705] Memory state around the buggy address: [ 79.950759] ? kobject_uevent_env+0x224/0x1070 [ 79.955399] ffff8801c46c7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 79.963277] ? kvm_uevent_notify_change.part.33+0x2ab/0x3f0 [ 79.967570] ffff8801c46c7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 79.975446] ? kvm_dev_ioctl+0x1315/0x1a30 [ 79.979052] >ffff8801c46c8000: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb [ 79.984743] vprintk_default+0x1a/0x20 [ 79.988616] ^ [ 79.988620] ffff8801c46c8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 79.990234] vprintk_func+0x2c/0xf2 [ 79.993919] ffff8801c46c8100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 79.998130] printk+0x9a/0xc0 [ 80.003029] ================================================================== [ 80.007596] ? kmsg_dump_rewind_nolock+0xdf/0xdf [ 80.014926] Disabling lock debugging due to kernel taint [ 80.020706] __dynamic_pr_debug+0x149/0x1c0 [ 80.031261] Kernel panic - not syncing: panic_on_warn set ... [ 80.031261] [ 80.032250] ? dynamic_emit_prefix+0x360/0x360 [ 80.104817] ? rcu_lockdep_current_cpu_online+0x1ae/0x210 [ 80.110333] ? rcu_pm_notify+0xc0/0xc0 [ 80.114199] ? rcu_read_lock_sched_held+0x108/0x120 [ 80.119305] ? __kmalloc+0x646/0x7a0 [ 80.123004] ? rcu_read_lock_sched_held+0x108/0x120 [ 80.128001] kobject_get_path+0x18a/0x200 [ 80.132130] kobject_uevent_env+0x224/0x1070 [ 80.136604] ? kfree+0x107/0x270 [ 80.139953] ? kvm_uevent_notify_change.part.33+0x22f/0x3f0 [ 80.145653] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 80.150653] kvm_uevent_notify_change.part.33+0x2ab/0x3f0 [ 80.156172] kvm_dev_ioctl+0x1315/0x1a30 [ 80.160213] ? kvm_debugfs_release+0x90/0x90 [ 80.164597] ? do_futex+0x877/0x24f0 [ 80.168289] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 80.173552] ? kasan_check_read+0x11/0x20 [ 80.177688] ? graph_lock+0x170/0x170 [ 80.181469] ? unwind_dump+0x190/0x190 [ 80.185338] ? exit_robust_list+0x1b0/0x1b0 [ 80.189636] ? is_bpf_text_address+0x7d/0xe0 [ 80.194020] ? find_held_lock+0x36/0x1c0 [ 80.198061] ? __fget+0x307/0x520 [ 80.201504] ? lock_downgrade+0x900/0x900 [ 80.205648] ? rcu_read_unlock_special.part.63+0xf50/0xf50 [ 80.211250] ? kasan_check_read+0x11/0x20 [ 80.215373] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 80.220627] ? rcu_bh_qs+0xc0/0xc0 [ 80.224147] ? __fget+0x324/0x520 [ 80.227583] ? expand_files.part.8+0x880/0x880 [ 80.232145] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 80.237230] do_vfs_ioctl+0x195/0x1650 [ 80.241107] ? rcu_lockdep_current_cpu_online+0x1ae/0x210 [ 80.246618] ? rcu_pm_notify+0xc0/0xc0 [ 80.250484] ? ioctl_preallocate+0x2d0/0x2d0 [ 80.254872] ? memset+0x31/0x40 [ 80.258131] ? smack_file_ioctl+0xd4/0x370 [ 80.262341] ? fget_raw+0x10/0x10 [ 80.265784] ? smack_file_lock+0x2c0/0x2c0 [ 80.270004] ? do_sys_open+0x25b/0x6b0 [ 80.273871] ksys_ioctl+0x62/0x90 [ 80.277393] __x64_sys_ioctl+0x6e/0xb0 [ 80.281534] do_syscall_64+0x183/0x700 [ 80.285400] ? finish_task_switch+0x1f4/0x8c0 [ 80.289871] ? syscall_return_slowpath+0x4e0/0x4e0 [ 80.294785] ? syscall_return_slowpath+0x215/0x4e0 [ 80.299693] ? prepare_exit_to_usermode+0x300/0x300 [ 80.304688] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 80.310041] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 80.314872] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 80.320042] RIP: 0033:0x4577c9 [ 80.323230] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 80.342427] RSP: 002b:00007f7a026fec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 80.350113] RAX: ffffffffffffffda RBX: 00007f7a026ff6d4 RCX: 00000000004577c9 [ 80.357362] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000006 [ 80.364612] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 80.371860] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 80.379108] R13: 00000000004cfcc8 R14: 00000000004bfe00 R15: 0000000000000000 [ 80.386380] CPU: 0 PID: 6761 Comm: syz-executor0 Tainted: G B 4.18.0-rc6-syzkaller #0 [ 80.390591] vmwrite error: reg 6c0c value fffffe0000032000 (err 204800) [ 80.395667] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 80.411837] Call Trace: [ 80.414407] dump_stack+0x16e/0x22a [ 80.418014] ? dump_stack_print_info.cold.2+0x48/0x48 [ 80.423181] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 80.427918] panic+0x1c6/0x37d [ 80.431087] ? add_taint.cold.5+0x11/0x11 [ 80.435212] ? do_raw_spin_unlock+0xa7/0x2f0 [ 80.439599] kasan_end_report+0x47/0x4f [ 80.443556] kasan_report.cold.9+0x76/0x2fe [ 80.447865] ? finish_task_switch+0x56e/0x8c0 [ 80.452335] __asan_report_load8_noabort+0x14/0x20 [ 80.457240] finish_task_switch+0x56e/0x8c0 [ 80.461538] ? preempt_notifier_register+0x200/0x200 [ 80.466618] ? lock_repin_lock+0x430/0x430 [ 80.470832] ? vmx_vcpu_put+0x2b/0x150 [ 80.474708] ? kvm_arch_vcpu_put+0x299/0x3c0 [ 80.479098] __schedule+0x83e/0x1f40 [ 80.482793] ? pci_mmcfg_check_reserved+0x120/0x120 [ 80.487790] ? find_held_lock+0x36/0x1c0 [ 80.491832] ? is_bpf_text_address+0x60/0xe0 [ 80.496216] ? lock_downgrade+0x900/0x900 [ 80.500345] ? mark_held_locks+0xc7/0x130 [ 80.504470] ? preempt_schedule_irq+0x5e/0x110 [ 80.509031] preempt_schedule_irq+0x87/0x110 [ 80.513413] retint_kernel+0x1b/0x2d [ 80.517109] RIP: 0010:depot_save_stack+0xbf/0x470 [ 80.521923] Code: 01 c8 c1 c3 08 44 31 d3 41 89 da 41 29 d9 01 c3 41 c1 c2 10 45 31 d1 45 89 ca 44 29 c8 41 01 d9 41 c1 ca 0d 44 31 d0 41 89 c2 <29> c3 44 01 c8 41 c1 c2 04 44 31 d3 41 83 f8 03 77 86 41 83 f8 02 [ 80.541006] RSP: 0018:ffff8801b88df1c8 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff13 [ 80.548694] RAX: 00000000f053ad46 RBX: 000000009697aeaf RCX: ffff8801b88df228 [ 80.555942] RDX: ffff8801b88df24c RSI: 0000000000608040 RDI: 0000000000000014 [ 80.563191] RBP: ffff8801b88df200 R08: 000000000000001f R09: 000000004b2c9494 [ 80.570439] R10: 00000000f053ad46 R11: ffff8801dac23953 R12: ffff8801da97c0c0 [ 80.577693] R13: ffff8801b88df210 R14: 0000000000000000 R15: ffff8801cc817faf [ 80.584965] save_stack+0xa9/0xd0 [ 80.588394] ? save_stack+0x43/0xd0 [ 80.591997] ? kasan_kmalloc+0xc7/0xe0 [ 80.595860] ? kasan_slab_alloc+0x12/0x20 [ 80.599982] ? kmem_cache_alloc+0x12e/0x780 [ 80.604284] ? new_inode_smack+0x1b/0xa0 [ 80.608330] ? smack_inode_alloc_security+0x85/0xf0 [ 80.613322] ? security_inode_alloc+0x63/0xa0 [ 80.617793] ? inode_init_always+0x685/0xdd0 [ 80.622178] ? alloc_inode+0x6c/0x150 [ 80.625954] ? new_inode_pseudo+0x66/0x190 [ 80.630176] ? new_inode+0x14/0x30 [ 80.633703] ? debugfs_get_inode+0xe/0x110 [ 80.637913] ? __debugfs_create_file+0x74/0x390 [ 80.642570] ? debugfs_create_file+0x24/0x30 [ 80.646962] ? kvm_dev_ioctl+0xa24/0x1a30 [ 80.651086] ? do_vfs_ioctl+0x195/0x1650 [ 80.655124] ? ksys_ioctl+0x62/0x90 [ 80.658727] ? __x64_sys_ioctl+0x6e/0xb0 [ 80.662766] ? do_syscall_64+0x183/0x700 [ 80.666807] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 80.672162] ? is_bpf_text_address+0x7d/0xe0 [ 80.676561] ? kernel_text_address+0x79/0xf0 [ 80.680961] ? print_usage_bug+0xc0/0xc0 [ 80.685007] ? __lock_is_held+0xb5/0x140 [ 80.690149] ? check_same_owner+0x330/0x330 [ 80.694721] ? kasan_unpoison_shadow+0x35/0x50 [ 80.699304] kasan_kmalloc+0xc7/0xe0 [ 80.703005] kasan_slab_alloc+0x12/0x20 [ 80.706958] kmem_cache_alloc+0x12e/0x780 [ 80.711083] ? lock_downgrade+0x900/0x900 [ 80.715213] new_inode_smack+0x1b/0xa0 [ 80.719092] smack_inode_alloc_security+0x85/0xf0 [ 80.723912] security_inode_alloc+0x63/0xa0 [ 80.728213] inode_init_always+0x685/0xdd0 [ 80.732425] ? __address_space_init_once+0x240/0x240 [ 80.737507] ? __lock_is_held+0xb5/0x140 [ 80.741547] ? rcu_read_lock_sched_held+0x108/0x120 [ 80.746539] ? kmem_cache_alloc+0x625/0x780 [ 80.750846] alloc_inode+0x6c/0x150 [ 80.754468] new_inode_pseudo+0x66/0x190 [ 80.758680] ? prune_icache_sb+0x1e0/0x1e0 [ 80.762926] ? down_read+0x1d0/0x1d0 [ 80.766626] new_inode+0x14/0x30 [ 80.769976] debugfs_get_inode+0xe/0x110 [ 80.774040] __debugfs_create_file+0x74/0x390 [ 80.778530] ? kvm_dev_ioctl+0x850/0x1a30 [ 80.782670] debugfs_create_file+0x24/0x30 [ 80.786902] kvm_dev_ioctl+0xa24/0x1a30 [ 80.790872] ? kvm_debugfs_release+0x90/0x90 [ 80.795292] ? do_futex+0x877/0x24f0 [ 80.798989] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 80.804258] ? kasan_check_read+0x11/0x20 [ 80.808397] ? graph_lock+0x170/0x170 [ 80.812187] ? unwind_dump+0x190/0x190 [ 80.816054] ? exit_robust_list+0x1b0/0x1b0 [ 80.820354] ? is_bpf_text_address+0x7d/0xe0 [ 80.824766] ? find_held_lock+0x36/0x1c0 [ 80.828805] ? __fget+0x307/0x520 [ 80.832236] ? lock_downgrade+0x900/0x900 [ 80.836361] ? rcu_read_unlock_special.part.63+0xf50/0xf50 [ 80.841961] ? kasan_check_read+0x11/0x20 [ 80.846087] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 80.851340] ? rcu_bh_qs+0xc0/0xc0 [ 80.854859] ? __fget+0x324/0x520 [ 80.858292] ? expand_files.part.8+0x880/0x880 [ 80.862854] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 80.867956] do_vfs_ioctl+0x195/0x1650 [ 80.871822] ? rcu_lockdep_current_cpu_online+0x1ae/0x210 [ 80.877336] ? rcu_pm_notify+0xc0/0xc0 [ 80.881201] ? ioctl_preallocate+0x2d0/0x2d0 [ 80.885587] ? memset+0x31/0x40 [ 80.888851] ? smack_file_ioctl+0xd4/0x370 [ 80.893062] ? fget_raw+0x10/0x10 [ 80.896491] ? smack_file_lock+0x2c0/0x2c0 [ 80.900712] ? do_sys_open+0x25b/0x6b0 [ 80.904579] ksys_ioctl+0x62/0x90 [ 80.908026] __x64_sys_ioctl+0x6e/0xb0 [ 80.911894] do_syscall_64+0x183/0x700 [ 80.915764] ? finish_task_switch+0x1f4/0x8c0 [ 80.920248] ? syscall_return_slowpath+0x4e0/0x4e0 [ 80.925157] ? syscall_return_slowpath+0x215/0x4e0 [ 80.930086] ? prepare_exit_to_usermode+0x300/0x300 [ 80.935089] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 80.940430] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 80.945253] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 80.950523] RIP: 0033:0x4577c9 [ 80.953727] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 80.972820] RSP: 002b:00007fdc056e1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 80.980516] RAX: ffffffffffffffda RBX: 00007fdc056e26d4 RCX: 00000000004577c9 [ 80.987764] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000006 [ 80.995015] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 81.002263] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 81.009540] R13: 00000000004cfcc8 R14: 00000000004bfe00 R15: 0000000000000000 [ 81.016814] CPU: 1 PID: 6783 Comm: syz-executor4 Tainted: G B 4.18.0-rc6-syzkaller #0 [ 81.026081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 81.035423] Call Trace: [ 81.038006] dump_stack+0x16e/0x22a [ 81.041613] ? dump_stack_print_info.cold.2+0x48/0x48 [ 81.046788] vmwrite_error+0x2a/0x30 [ 81.050482] vmx_vcpu_load+0xac7/0xf40 [ 81.054355] ? vmx_write_tsc_offset+0x590/0x590 [ 81.059003] ? graph_lock+0x170/0x170 [ 81.062787] ? rcu_lockdep_current_cpu_online+0x1ae/0x210 [ 81.068301] ? rcu_pm_notify+0xc0/0xc0 [ 81.072176] kvm_arch_vcpu_load+0x1d8/0x7a0 [ 81.076479] ? kvm_arch_dev_ioctl+0x430/0x430 [ 81.080958] kvm_sched_in+0x63/0x80 [ 81.084566] finish_task_switch+0x537/0x8c0 [ 81.088880] ? preempt_notifier_register+0x200/0x200 [ 81.093966] ? lock_repin_lock+0x430/0x430 [ 81.098190] ? vmx_vcpu_put+0x2b/0x150 [ 81.102066] ? kvm_arch_vcpu_put+0x299/0x3c0 [ 81.106549] __schedule+0x83e/0x1f40 [ 81.110244] ? pci_mmcfg_check_reserved+0x120/0x120 [ 81.115239] ? console_unlock+0xd82/0xfd0 [ 81.119371] ? preempt_schedule+0x4d/0x60 [ 81.123532] preempt_schedule_common+0x1f/0xd0 [ 81.128096] preempt_schedule+0x4d/0x60 [ 81.132054] ___preempt_schedule+0x16/0x18 [ 81.136291] vprintk_emit+0x3df/0xad0 [ 81.140076] ? wake_up_klogd+0x160/0x160 [ 81.144131] ? __save_stack_trace+0x30/0xf0 [ 81.148435] ? save_stack+0xa9/0xd0 [ 81.152039] ? kasan_kmalloc+0xc7/0xe0 [ 81.155904] ? __kmalloc+0x14e/0x7a0 [ 81.159594] ? kobject_get_path+0x9d/0x200 [ 81.163804] ? kobject_uevent_env+0x224/0x1070 [ 81.168364] ? kvm_uevent_notify_change.part.33+0x2ab/0x3f0 [ 81.174055] ? kvm_dev_ioctl+0x1315/0x1a30 [ 81.178267] vprintk_default+0x1a/0x20 [ 81.182133] vprintk_func+0x2c/0xf2 [ 81.185741] printk+0x9a/0xc0 [ 81.188825] ? kmsg_dump_rewind_nolock+0xdf/0xdf [ 81.193561] __dynamic_pr_debug+0x149/0x1c0 [ 81.197859] ? dynamic_emit_prefix+0x360/0x360 [ 81.202423] ? rcu_lockdep_current_cpu_online+0x1ae/0x210 [ 81.207941] ? rcu_pm_notify+0xc0/0xc0 [ 81.211809] ? rcu_read_lock_sched_held+0x108/0x120 [ 81.216803] ? __kmalloc+0x646/0x7a0 [ 81.220500] ? rcu_read_lock_sched_held+0x108/0x120 [ 81.225497] kobject_get_path+0x18a/0x200 [ 81.229625] kobject_uevent_env+0x224/0x1070 [ 81.234268] ? kfree+0x107/0x270 [ 81.237616] ? kvm_uevent_notify_change.part.33+0x22f/0x3f0 [ 81.243304] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 81.248301] kvm_uevent_notify_change.part.33+0x2ab/0x3f0 [ 81.253816] kvm_dev_ioctl+0x1315/0x1a30 [ 81.257856] ? kvm_debugfs_release+0x90/0x90 [ 81.262240] ? do_futex+0x877/0x24f0 [ 81.265942] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 81.271208] ? kasan_check_read+0x11/0x20 [ 81.275330] ? graph_lock+0x170/0x170 [ 81.279197] ? unwind_dump+0x190/0x190 [ 81.283068] ? exit_robust_list+0x1b0/0x1b0 [ 81.287375] ? is_bpf_text_address+0x7d/0xe0 [ 81.291760] ? find_held_lock+0x36/0x1c0 [ 81.295802] ? __fget+0x307/0x520 [ 81.299230] ? lock_downgrade+0x900/0x900 [ 81.303364] ? rcu_read_unlock_special.part.63+0xf50/0xf50 [ 81.308961] ? kasan_check_read+0x11/0x20 [ 81.313088] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 81.318340] ? rcu_bh_qs+0xc0/0xc0 [ 81.321872] ? __fget+0x324/0x520 [ 81.325306] ? expand_files.part.8+0x880/0x880 [ 81.329866] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 81.334952] do_vfs_ioctl+0x195/0x1650 [ 81.338818] ? rcu_lockdep_current_cpu_online+0x1ae/0x210 [ 81.344331] ? rcu_pm_notify+0xc0/0xc0 [ 81.348200] ? ioctl_preallocate+0x2d0/0x2d0 [ 81.352599] ? memset+0x31/0x40 [ 81.355855] ? smack_file_ioctl+0xd4/0x370 [ 81.360068] ? fget_raw+0x10/0x10 [ 81.363500] ? smack_file_lock+0x2c0/0x2c0 [ 81.367723] ? do_sys_open+0x25b/0x6b0 [ 81.371594] ksys_ioctl+0x62/0x90 [ 81.375025] __x64_sys_ioctl+0x6e/0xb0 [ 81.378891] do_syscall_64+0x183/0x700 [ 81.382758] ? finish_task_switch+0x1f4/0x8c0 [ 81.387229] ? syscall_return_slowpath+0x4e0/0x4e0 [ 81.392137] ? syscall_return_slowpath+0x215/0x4e0 [ 81.397043] ? prepare_exit_to_usermode+0x300/0x300 [ 81.402036] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 81.407377] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 81.412198] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 81.417377] RIP: 0033:0x4577c9 [ 81.420545] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 81.439643] RSP: 002b:00007f7a026fec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 81.447343] RAX: ffffffffffffffda RBX: 00007f7a026ff6d4 RCX: 00000000004577c9 [ 81.454599] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000006 [ 81.461859] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 81.469105] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 81.476354] R13: 00000000004cfcc8 R14: 00000000004bfe00 R15: 0000000000000000 [ 81.484932] Kernel Offset: disabled [ 81.488565] Rebooting in 86400 seconds..