possible deadlock in _rcu_barrier
13 views
Skip to first unread message
syzbot
Oct 27, 2017, 3:24:04 AM10/27/17
to syzkaller-upst...@googlegroups.com
Hello,
syzkaller hit the following crash on
7159188b70e3a07dd9953f2a0aef9da8c4b1ef2f
git://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/master
compiler: gcc (GCC) 7.1.1 20170620
.config is attached
Raw console output is attached.
CC: [jiangs...@gmail.com linux-...@vger.kernel.org t...@kernel.org]
======================================================
WARNING: possible circular locking dependency detected
4.13.0-rc6-next-20170825+ #9 Not tainted
------------------------------------------------------
kvm [6027]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc1 data
0x8000
kworker/2:3/4650 is trying to acquire lock:
(rcu_sched_state.barrier_mutex){+.+.}, at: [<ffffffff815be7ff>]
_rcu_barrier+0x13f/0x7a0 kernel/rcu/tree.c:3502
but task is already holding lock:
((&map->work)){+.+.}, at: [<ffffffff8146858c>]
process_one_work+0xb2c/0x1be0 kernel/workqueue.c:2094
which lock already depends on the new lock.
the existing dependency chain (in reverse order) is:
-> #4 ((&map->work)){+.+.}:
process_one_work+0xba5/0x1be0 kernel/workqueue.c:2095
worker_thread+0x223/0x1860 kernel/workqueue.c:2233
kthread+0x39c/0x470 kernel/kthread.c:231
ret_from_fork+0x2a/0x40 arch/x86/entry/entry_64.S:431
0xffffffffffffffff
-> #3 ((complete)wq_barr::done/1){+.+.}:
check_prevs_add kernel/locking/lockdep.c:2020 [inline]
validate_chain kernel/locking/lockdep.c:2469 [inline]
__lock_acquire+0x3286/0x4620 kernel/locking/lockdep.c:3498
lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:4002
complete_acquire include/linux/completion.h:39 [inline]
__wait_for_common kernel/sched/completion.c:108 [inline]
wait_for_common kernel/sched/completion.c:122 [inline]
wait_for_completion+0xc8/0x770 kernel/sched/completion.c:143
flush_work+0x621/0x930 kernel/workqueue.c:2868
lru_add_drain_all_cpuslocked+0x331/0x520 mm/swap.c:722
lru_add_drain_all+0x13/0x20 mm/swap.c:730
SYSC_mlockall mm/mlock.c:803 [inline]
SyS_mlockall+0x2fb/0x670 mm/mlock.c:791
entry_SYSCALL_64_fastpath+0x1f/0xbe
-> #2 (lock#5){+.+.}:
check_prevs_add kernel/locking/lockdep.c:2020 [inline]
validate_chain kernel/locking/lockdep.c:2469 [inline]
__lock_acquire+0x3286/0x4620 kernel/locking/lockdep.c:3498
lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:4002
__mutex_lock_common kernel/locking/mutex.c:756 [inline]
__mutex_lock+0x16f/0x1870 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
kvm [6027]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc1 data
0x8000
lru_add_drain_all_cpuslocked+0xb3/0x520 mm/swap.c:704
lru_add_drain_all+0x13/0x20 mm/swap.c:730
SYSC_mlockall mm/mlock.c:803 [inline]
SyS_mlockall+0x2fb/0x670 mm/mlock.c:791
entry_SYSCALL_64_fastpath+0x1f/0xbe
-> #1 (cpu_hotplug_lock.rw_sem){++++}:
check_prevs_add kernel/locking/lockdep.c:2020 [inline]
validate_chain kernel/locking/lockdep.c:2469 [inline]
__lock_acquire+0x3286/0x4620 kernel/locking/lockdep.c:3498
lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:4002
percpu_down_read_preempt_disable include/linux/percpu-rwsem.h:35
[inline]
percpu_down_read include/linux/percpu-rwsem.h:58 [inline]
cpus_read_lock+0x42/0x90 kernel/cpu.c:218
get_online_cpus include/linux/cpu.h:126 [inline]
_rcu_barrier+0x33d/0x7a0 kernel/rcu/tree.c:3525
rcu_barrier_sched kernel/rcu/tree.c:3591 [inline]
rcu_barrier+0x10/0x20 kernel/rcu/tree_plugin.h:891
netdev_run_todo+0x28f/0xca0 net/core/dev.c:7824
rtnl_unlock+0xe/0x10 net/core/rtnetlink.c:106
tun_detach drivers/net/tun.c:588 [inline]
tun_chr_close+0x49/0x60 drivers/net/tun.c:2595
__fput+0x333/0x7f0 fs/file_table.c:210
____fput+0x15/0x20 fs/file_table.c:246
task_work_run+0x199/0x270 kernel/task_work.c:112
exit_task_work include/linux/task_work.h:21 [inline]
do_exit+0xa52/0x1b40 kernel/exit.c:865
do_group_exit+0x149/0x400 kernel/exit.c:968
get_signal+0x7e8/0x17e0 kernel/signal.c:2334
do_signal+0x94/0x1ee0 arch/x86/kernel/signal.c:808
exit_to_usermode_loop+0x224/0x300 arch/x86/entry/common.c:158
prepare_exit_to_usermode arch/x86/entry/common.c:197 [inline]
syscall_return_slowpath+0x42f/0x500 arch/x86/entry/common.c:266
entry_SYSCALL_64_fastpath+0xbc/0xbe
-> #0 (rcu_sched_state.barrier_mutex){+.+.}:
check_prev_add+0x865/0x1520 kernel/locking/lockdep.c:1894
check_prevs_add kernel/locking/lockdep.c:2020 [inline]
validate_chain kernel/locking/lockdep.c:2469 [inline]
__lock_acquire+0x3286/0x4620 kernel/locking/lockdep.c:3498
lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:4002
__mutex_lock_common kernel/locking/mutex.c:756 [inline]
__mutex_lock+0x16f/0x1870 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
_rcu_barrier+0x13f/0x7a0 kernel/rcu/tree.c:3502
rcu_barrier_sched kernel/rcu/tree.c:3591 [inline]
rcu_barrier+0x10/0x20 kernel/rcu/tree_plugin.h:891
htab_map_free+0x9d/0x640 kernel/bpf/hashtab.c:1112
bpf_map_free_deferred+0xac/0xd0 kernel/bpf/syscall.c:209
process_one_work+0xbfd/0x1be0 kernel/workqueue.c:2098
worker_thread+0x223/0x1860 kernel/workqueue.c:2233
kthread+0x39c/0x470 kernel/kthread.c:231
ret_from_fork+0x2a/0x40 arch/x86/entry/entry_64.S:431
other info that might help us debug this:
Chain exists of:
rcu_sched_state.barrier_mutex --> (complete)wq_barr::done/1 -->
(&map->work)
Possible unsafe locking scenario:
CPU0 CPU1
---- ----
lock((&map->work));
lock((complete)wq_barr::done/1);
lock((&map->work));
lock(rcu_sched_state.barrier_mutex);
*** DEADLOCK ***
2 locks held by kworker/2:3/4650:
#0: ("events"){.+.+}, at: [<ffffffff81468534>] __write_once_size
include/linux/compiler.h:305 [inline]
#0: ("events"){.+.+}, at: [<ffffffff81468534>] atomic64_set
arch/x86/include/asm/atomic64_64.h:33 [inline]
#0: ("events"){.+.+}, at: [<ffffffff81468534>] atomic_long_set
include/asm-generic/atomic-long.h:56 [inline]
#0: ("events"){.+.+}, at: [<ffffffff81468534>] set_work_data
kernel/workqueue.c:617 [inline]
#0: ("events"){.+.+}, at: [<ffffffff81468534>]
set_work_pool_and_clear_pending kernel/workqueue.c:644 [inline]
#0: ("events"){.+.+}, at: [<ffffffff81468534>]
process_one_work+0xad4/0x1be0 kernel/workqueue.c:2090
#1: ((&map->work)){+.+.}, at: [<ffffffff8146858c>]
process_one_work+0xb2c/0x1be0 kernel/workqueue.c:2094
stack backtrace:
CPU: 2 PID: 4650 Comm: kworker/2:3 Not tainted 4.13.0-rc6-next-20170825+ #9
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011
Workqueue: events bpf_map_free_deferred
Call Trace:
__dump_stack lib/dump_stack.c:16 [inline]
dump_stack+0x194/0x257 lib/dump_stack.c:52
print_circular_bug+0x503/0x710 kernel/locking/lockdep.c:1259
check_prev_add+0x865/0x1520 kernel/locking/lockdep.c:1894
check_prevs_add kernel/locking/lockdep.c:2020 [inline]
validate_chain kernel/locking/lockdep.c:2469 [inline]
__lock_acquire+0x3286/0x4620 kernel/locking/lockdep.c:3498
lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:4002
__mutex_lock_common kernel/locking/mutex.c:756 [inline]
__mutex_lock+0x16f/0x1870 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
_rcu_barrier+0x13f/0x7a0 kernel/rcu/tree.c:3502
rcu_barrier_sched kernel/rcu/tree.c:3591 [inline]
rcu_barrier+0x10/0x20 kernel/rcu/tree_plugin.h:891
htab_map_free+0x9d/0x640 kernel/bpf/hashtab.c:1112
bpf_map_free_deferred+0xac/0xd0 kernel/bpf/syscall.c:209
process_one_work+0xbfd/0x1be0 kernel/workqueue.c:2098
worker_thread+0x223/0x1860 kernel/workqueue.c:2233
kthread+0x39c/0x470 kernel/kthread.c:231
ret_from_fork+0x2a/0x40 arch/x86/entry/entry_64.S:431
QAT: Invalid ioctl
netlink: 19 bytes leftover after parsing attributes in process
`syz-executor5'.
TCP: request_sock_TCPv6: Possible SYN flooding on port 20009. Sending
cookies. Check SNMP counters.
QAT: Invalid ioctl
netlink: 19 bytes leftover after parsing attributes in process
`syz-executor5'.
QAT: Invalid ioctl
QAT: Invalid ioctl
rpcbind: RPC call returned error 22
print_req_error: I/O error, dev loop6, sector 0
print_req_error: I/O error, dev loop6, sector 0
Buffer I/O error on dev loop6, logical block 0, async page read
print_req_error: I/O error, dev loop6, sector 0
Buffer I/O error on dev loop6, logical block 0, async page read
print_req_error: I/O error, dev loop6, sector 0
Buffer I/O error on dev loop6, logical block 0, async page read
print_req_error: I/O error, dev loop6, sector 0
Buffer I/O error on dev loop6, logical block 0, async page read
print_req_error: I/O error, dev loop6, sector 0
Buffer I/O error on dev loop6, logical block 0, async page read
print_req_error: I/O error, dev loop6, sector 24
Buffer I/O error on dev loop6, logical block 3, async page read
print_req_error: I/O error, dev loop6, sector 0
Buffer I/O error on dev loop6, logical block 0, async page read
print_req_error: I/O error, dev loop6, sector 0
Buffer I/O error on dev loop6, logical block 0, async page read
print_req_error: I/O error, dev loop6, sector 0
Buffer I/O error on dev loop6, logical block 0, async page read
Buffer I/O error on dev loop6, logical block 0, async page read
rfkill: input handler disabled
rfkill: input handler enabled
rfkill: input handler disabled
rfkill: input handler enabled
*** Guest State ***
CR0: actual=0x0000000080000021, shadow=0x00000000e0000021,
gh_mask=fffffffffffffff7
CR4: actual=0x0000000000002040, shadow=0x0000000000000000,
gh_mask=ffffffffffffe871
CR3 = 0x0000000000000000
RSP = 0x0000000000000f80 RIP = 0x0000000000000000
RFLAGS=0x00000002 DR7 = 0x0000000000000400
Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
SS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
GDTR: limit=0x00000000, base=0x0000000000000000
LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
IDTR: limit=0x00000000, base=0x0000000000000000
TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
EFER = 0x0000000000000000 PAT = 0x0007040600070406
DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000
BndCfgS = 0x0000000000000000
Interruptibility = 00000000 ActivityState = 00000000
*** Host State ***
RIP = 0xffffffff811b8fd7 RSP = 0xffff880039ea74c8
CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
FSBase=00007f0d877d1700 GSBase=ffff88006de00000 TRBase=ffff88006de23100
GDTBase=ffffffffff575000 IDTBase=ffffffffff57b000
CR0=0000000080050033 CR3=0000000052335000 CR4=00000000000026e0
Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff84da5a70
EFER = 0x0000000000000d01 PAT = 0x0007040600070406
*** Control State ***
PinBased=0000003f CPUBased=b6986dfa SecondaryExec=000000e2
EntryControls=0001d1ff ExitControls=00afefff
ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
reason=80000021 qualification=0000000000000000
IDTVectoring: info=00000000 errcode=00000000
TSC Offset = 0xffffffe2c7a09334
EPT pointer = 0x000000006c9da01e
Virtual processor ID = 0x0072
*** Guest State ***
CR0: actual=0x0000000080000021, shadow=0x00000000e0000021,
gh_mask=fffffffffffffff7
CR4: actual=0x0000000000002060, shadow=0x0000000000000020,
gh_mask=ffffffffffffe871
CR3 = 0x0000000000000000
PDPTR0 = 0x0000000000000000 PDPTR1 = 0x0000000000000000
PDPTR2 = 0x0000000000000000 PDPTR3 = 0x0000000000000000
RSP = 0x0000000000000f80 RIP = 0x0000000000000000
RFLAGS=0x00000002 DR7 = 0x0000000000000400
Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810
CS: sel=0x0030, attr=0x0409b, limit=0x000fffff, base=0x0000000000000000
DS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
SS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
ES: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
GDTR: limit=0x000007ff, base=0x0000000000001000
LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800
IDTR: limit=0x000001ff, base=0x0000000000003800
TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
EFER = 0x0000000000000001 PAT = 0x0007040600070406
DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000
BndCfgS = 0x0000000000000000
Interruptibility = 00000000 ActivityState = 00000000
*** Host State ***
RIP = 0xffffffff811b8fd7 RSP = 0xffff880039ea74c8
CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
FSBase=00007f0d877d1700 GSBase=ffff88006de00000 TRBase=ffff88006de23100
GDTBase=ffffffffff575000 IDTBase=ffffffffff57b000
CR0=0000000080050033 CR3=0000000052335000 CR4=00000000000026e0
Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff84da5a70
EFER = 0x0000000000000d01 PAT = 0x0007040600070406
*** Control State ***
PinBased=0000003f CPUBased=b6986dfa SecondaryExec=000000e2
EntryControls=0001d1ff ExitControls=00afefff
ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
reason=80000021 qualification=0000000000000000
IDTVectoring: info=00000000 errcode=00000000
TSC Offset = 0xffffffe2c7a09334
EPT pointer = 0x000000006c9da01e
Virtual processor ID = 0x0072
*** Guest State ***
CR0: actual=0x0000000080000021, shadow=0x00000000e0000021,
gh_mask=fffffffffffffff7
CR4: actual=0x0000000000002040, shadow=0x0000000000000000,
gh_mask=ffffffffffffe871
CR3 = 0x0000000000000000
RSP = 0x0000000000000000 RIP = 0x000000000000fff0
RFLAGS=0x00000002 DR7 = 0x0000000000000400
Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
SS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
GDTR: limit=0x00000000, base=0x0000000000000000
LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
IDTR: limit=0x00000000, base=0x0000000000000000
TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
EFER = 0x0000000000000000 PAT = 0x0007040600070406
DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000
BndCfgS = 0x0000000000000000
Interruptibility = 00000000 ActivityState = 00000000
*** Host State ***
RIP = 0xffffffff811b8fd7 RSP = 0xffff880037fcf4c8
CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
FSBase=00007f0d877af700 GSBase=ffff88003ec00000 TRBase=ffff88003ec23100
GDTBase=ffffffffff577000 IDTBase=ffffffffff57b000
CR0=0000000080050033 CR3=0000000052335000 CR4=00000000000026f0
Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff84da5a70
EFER = 0x0000000000000d01 PAT = 0x0007040600070406
*** Control State ***
PinBased=0000003f CPUBased=b6986dfa SecondaryExec=000000e2
EntryControls=0001d1ff ExitControls=00afefff
ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
reason=80000021 qualification=0000000000000000
IDTVectoring: info=00000000 errcode=00000000
TSC Offset = 0xffffffe2c2eacdc0
EPT pointer = 0x000000003b94001e
Virtual processor ID = 0x0070
*** Guest State ***
CR0: actual=0x0000000000000031, shadow=0x0000000060000011,
gh_mask=fffffffffffffff7
CR4: actual=0x0000000000002050, shadow=0x0000000000000020,
gh_mask=ffffffffffffe871
CR3 = 0x00000000fffbc000
RSP = 0x0000000000000f80 RIP = 0x0000000000000000
RFLAGS=0x00000002 DR7 = 0x0000000000000400
Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810
CS: sel=0x0030, attr=0x0409b, limit=0x000fffff, base=0x0000000000000000
DS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
SS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
ES: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
GDTR: limit=0x000007ff, base=0x0000000000001000
LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800
IDTR: limit=0x000001ff, base=0x0000000000003800
TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
EFER = 0x0000000000000001 PAT = 0x0007040600070406
DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000
BndCfgS = 0x0000000000000000
Interruptibility = 00000000 ActivityState = 00000000
*** Host State ***
RIP = 0xffffffff811b8fd7 RSP = 0xffff88003df674c8
CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
FSBase=00007f4d4573c700 GSBase=ffff88006de00000 TRBase=ffff88006de23100
GDTBase=ffffffffff575000 IDTBase=ffffffffff57b000
CR0=0000000080050033 CR3=000000006be02000 CR4=00000000000026e0
Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff84da5a70
EFER = 0x0000000000000d01 PAT = 0x0007040600070406
*** Control State ***
PinBased=0000003f CPUBased=b6a1edfa SecondaryExec=000000e3
EntryControls=0001d1ff ExitControls=00afefff
ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
reason=80000021 qualification=0000000000000000
IDTVectoring: info=00000000 errcode=00000000
TSC Offset = 0xffffffe2c2c758e2
TPR Threshold = 0x00
EPT pointer = 0x000000006b95201e
Virtual processor ID = 0x0001
*** Guest State ***
CR0: actual=0x0000000080000021, shadow=0x00000000e0000021,
gh_mask=fffffffffffffff7
CR4: actual=0x0000000000002040, shadow=0x0000000000000000,
gh_mask=ffffffffffffe871
CR3 = 0x0000000000000000
RSP = 0x0000000000000f80 RIP = 0x0000000000000000
RFLAGS=0x00000002 DR7 = 0x0000000000000400
Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810
CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
SS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
GDTR: limit=0x000007ff, base=0x0000000000001000
LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800
IDTR: limit=0x00000000, base=0x0000000000000000
TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
EFER = 0x0000000000000000 PAT = 0x0007040600070406
DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000
BndCfgS = 0x0000000000000000
Interruptibility = 00000000 ActivityState = 00000000
*** Host State ***
RIP = 0xffffffff811b8fd7 RSP = 0xffff880037fcf4c8
CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
FSBase=00007f0d877af700 GSBase=ffff88003ec00000 TRBase=ffff88003ec23100
GDTBase=ffffffffff577000 IDTBase=ffffffffff57b000
CR0=0000000080050033 CR3=0000000052335000 CR4=00000000000026f0
Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff84da5a70
EFER = 0x0000000000000d01 PAT = 0x0007040600070406
*** Control State ***
PinBased=0000003f CPUBased=b6986dfa SecondaryExec=000000e2
EntryControls=0001d1ff ExitControls=00afefff
ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
reason=80000021 qualification=0000000000000000
IDTVectoring: info=00000000 errcode=00000000
TSC Offset = 0xffffffe2c2eacdc0
EPT pointer = 0x000000003b94001e
Virtual processor ID = 0x0070
*** Guest State ***
CR0: actual=0x0000000000000023, shadow=0x0000000060000003,
gh_mask=fffffffffffffff7
CR4: actual=0x0000000000002050, shadow=0x0000000000000000,
gh_mask=ffffffffffffe871
CR3 = 0x00000000fffbc000
RSP = 0x0000000000000000 RIP = 0x0000000000000000
RFLAGS=0x00041090 DR7 = 0x0000000000000400
Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810
CS: sel=0x0043, attr=0x040fb, limit=0x000fffff, base=0x0000000000000000
DS: sel=0x004b, attr=0x040f3, limit=0x000fffff, base=0x0000000000000000
SS: sel=0x004b, attr=0x040f3, limit=0x000fffff, base=0x0000000000000000
ES: sel=0x004b, attr=0x040f3, limit=0x000fffff, base=0x0000000000000000
FS: sel=0x004b, attr=0x040f3, limit=0x000fffff, base=0x0000000000000000
GS: sel=0x004b, attr=0x040f3, limit=0x000fffff, base=0x0000000000000000
GDTR: limit=0x000007ff, base=0x0000000000001000
LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800
IDTR: limit=0x000001ff, base=0x0000000000003800
TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
EFER = 0x0000000000000001 PAT = 0x0007040600070406
DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000
BndCfgS = 0x0000000000000000
Interruptibility = 00000008 ActivityState = 00000000
*** Host State ***
RIP = 0xffffffff811b8fd7 RSP = 0xffff88005483f4c8
CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
FSBase=00007f2a07e32700 GSBase=ffff88006df00000 TRBase=ffff88006df23100
GDTBase=ffffffffff574000 IDTBase=ffffffffff57b000
CR0=0000000080050033 CR3=0000000069dd8000 CR4=00000000000026e0
Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff84da5a70
EFER = 0x0000000000000d01 PAT = 0x0007040600070406
*** Control State ***
PinBased=0000003f CPUBased=b6a1edfa SecondaryExec=000000e3
EntryControls=0001d1ff ExitControls=00afefff
ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
VMEntry: intr_info=00000306 errcode=00000000 ilen=00000000
VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
reason=80000021 qualification=0000000000000000
IDTVectoring: info=00000000 errcode=00000000
TSC Offset = 0xffffffe2a3071312
TPR Threshold = 0x00
EPT pointer = 0x000000006a31901e
Virtual processor ID = 0x0001
kauditd_printk_skb: 1262 callbacks suppressed
audit: type=1326 audit(1503818042.593:1274): auid=4294967295 uid=0 gid=0
ses=4294967295 subj=kernel pid=6446 comm="syz-executor4"
exe="/syz-executor4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x446749
code=0xffff0000
audit: type=1326 audit(1503818042.647:1275): auid=4294967295 uid=0 gid=0
ses=4294967295 subj=kernel pid=6446 comm="syz-executor4"
exe="/syz-executor4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x446749
code=0xffff0000
?: Invalid MTU 16777220 requested, hw max 65508
?: Invalid MTU 16777220 requested, hw max 65508
QAT: Invalid ioctl
QAT: Invalid ioctl
*** Guest State ***
CR0: actual=0x0000000000000030, shadow=0x0000000060000010,
gh_mask=fffffffffffffff7
CR4: actual=0x0000000000022050, shadow=0x0000000000020000,
gh_mask=ffffffffffffe871
CR3 = 0x00000000fffbc000
RSP = 0x0000000000000f80 RIP = 0x0000000000000000
RFLAGS=0x00000002 DR7 = 0x0000000000000400
Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
CS: sel=0x0010, attr=0x0009b, limit=0x000fffff, base=0x0000000000000000
DS: sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000
SS: sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000
ES: sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000
FS: sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000
GS: sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000
GDTR: limit=0x000007ff, base=0x0000000000001000
LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800
IDTR: limit=0x0000ffff, base=0x0000000000000000
TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
EFER = 0x0000000000000000 PAT = 0x0007040600070406
DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000
BndCfgS = 0x0000000000000000
Interruptibility = 00000000 ActivityState = 00000000
*** Host State ***
RIP = 0xffffffff811b8fd7 RSP = 0xffff88003d7e74c8
CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
FSBase=00007f12f6cce700 GSBase=ffff88003ed00000 TRBase=ffff88003ed23100
GDTBase=ffffffffff576000 IDTBase=ffffffffff57b000
CR0=0000000080050033 CR3=000000003c91c000 CR4=00000000000026e0
Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff84da5a70
EFER = 0x0000000000000d01 PAT = 0x0007040600070406
*** Control State ***
PinBased=0000003f CPUBased=b6a1edfa SecondaryExec=000000e3
EntryControls=0001d1ff ExitControls=00afefff
ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
reason=80000021 qualification=0000000000000000
IDTVectoring: info=00000000 errcode=00000000
TSC Offset = 0xffffffe270503290
TPR Threshold = 0x00
EPT pointer = 0x00000000279b501e
Virtual processor ID = 0x0001
QAT: Invalid ioctl
QAT: Invalid ioctl
?: renamed from sit0
audit: type=1326 audit(1503818042.862:1276): auid=4294967295 uid=0 gid=0
ses=4294967295 subj=kernel pid=6643 comm="syz-executor5"
exe="/syz-executor5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x446749
code=0xffff0000
audit: type=1326 audit(1503818042.915:1277): auid=4294967295 uid=0 gid=0
ses=4294967295 subj=kernel pid=6643 comm="syz-executor5"
exe="/syz-executor5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x446749
code=0xffff0000
sctp: [Deprecated]: syz-executor6 (pid 6752) Use of int in maxseg socket
option.
Use struct sctp_assoc_value instead
device syz3 left promiscuous mode
[drm:cirrus_gem_create] *ERROR* failed to allocate GEM object
[drm:cirrus_gem_create] *ERROR* failed to allocate GEM object
audit: type=1326 audit(1503818044.483:1278): auid=4294967295 uid=0 gid=0
ses=4294967295 subj=kernel pid=7163 comm="syz-executor7"
exe="/syz-executor7" sig=31 arch=c000003e syscall=202 compat=0 ip=0x446749
code=0xffff0000
IPv6: Can't replace route, no match found
audit: type=1326 audit(1503818044.547:1279): auid=4294967295 uid=0 gid=0
ses=4294967295 subj=kernel pid=7163 comm="syz-executor7"
exe="/syz-executor7" sig=31 arch=c000003e syscall=202 compat=0 ip=0x446749
code=0xffff0000
TCP: request_sock_TCPv6: Possible SYN flooding on port 20001. Sending
cookies. Check SNMP counters.
device lo entered promiscuous mode
TCP: request_sock_TCP: Possible SYN flooding on port 20024. Sending
cookies. Check SNMP counters.
sctp: [Deprecated]: syz-executor6 (pid 7397) Use of int in max_burst socket
option.
Use struct sctp_assoc_value instead
sctp: [Deprecated]: syz-executor6 (pid 7417) Use of int in max_burst socket
option.
Use struct sctp_assoc_value instead
device lo left promiscuous mode
device lo entered promiscuous mode
TCP: request_sock_TCP: Possible SYN flooding on port 20004. Sending
cookies. Check SNMP counters.
TCP: request_sock_TCP: Possible SYN flooding on port 20004. Sending
cookies. Check SNMP counters.
dccp_invalid_packet: P.Data Offset(172) too large
device lo left promiscuous mode
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0
sclass=netlink_route_socket pig=7473 comm=syz-executor0
dccp_invalid_packet: P.Data Offset(172) too large
audit: type=1326 audit(1503818044.982:1280): auid=4294967295 uid=0 gid=0
ses=4294967295 subj=kernel pid=7485 comm="syz-executor2"
exe="/syz-executor2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x446749
code=0xffff0000
tmpfs: Bad mount option q�]g�4��G�
audit: type=1326 audit(1503818045.045:1281): auid=4294967295 uid=0 gid=0
ses=4294967295 subj=kernel pid=7485 comm="syz-executor2"
exe="/syz-executor2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x446749
code=0xffff0000
rpcbind: RPC call returned error 22
tmpfs: Bad mount option q�]g�4��G�
TCP: request_sock_TCPv6: Possible SYN flooding on port 20009. Sending
cookies. Check SNMP counters.
sock: process `syz-executor1' is using obsolete getsockopt SO_BSDCOMPAT
sctp: [Deprecated]: syz-executor4 (pid 7587) Use of int in maxseg socket
option.
Use struct sctp_assoc_value instead
audit: type=1326 audit(1503818045.192:1282): auid=4294967295 uid=0 gid=0
ses=4294967295 subj=kernel pid=7630 comm="syz-executor5"
exe="/syz-executor5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x446749
code=0xffff0000
rfkill: input handler disabled
sctp: [Deprecated]: syz-executor4 (pid 7587) Use of int in maxseg socket
option.
Use struct sctp_assoc_value instead
8021q: VLANs not supported on lo
rfkill: input handler enabled
device syz4 entered promiscuous mode
audit: type=1326 audit(1503818045.254:1283): auid=4294967295 uid=0 gid=0
ses=4294967295 subj=kernel pid=7630 comm="syz-executor5"
exe="/syz-executor5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x446749
code=0xffff0000
device syz4 left promiscuous mode
device syz4 entered promiscuous mode
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
*** Guest State ***
CR0: actual=0x0000000080000031, shadow=0x00000000e0000011,
gh_mask=fffffffffffffff7
CR4: actual=0x0000000000002060, shadow=0x0000000000000020,
gh_mask=ffffffffffffe871
CR3 = 0x0000000000002000
RSP = 0x0000000000000008 RIP = 0x0000000000009135
RFLAGS=0x00050400 DR7 = 0x0000000000000400
Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810
CS: sel=0x0050, attr=0x0209b, limit=0x0000ffff, base=0x0000000000000000
DS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
SS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
ES: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
GDTR: limit=0x000007ff, base=0x0000000000001000
LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800
IDTR: limit=0x000001ff, base=0x0000000000003800
TR: sel=0x00d8, attr=0x0008b, limit=0x000001ff, base=0x0000000000003a00
EFER = 0x0000000000000501 PAT = 0x0007040600070406
DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000
BndCfgS = 0x0000000000000000
Interruptibility = 00000000 ActivityState = 00000000
*** Host State ***
RIP = 0xffffffff811b8fd7 RSP = 0xffff880037e274c8
CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
FSBase=00007f1c29f52700 GSBase=ffff88006df00000 TRBase=ffff88006df23100
GDTBase=ffffffffff574000 IDTBase=ffffffffff57b000
CR0=0000000080050033 CR3=000000003c939000 CR4=00000000000026e0
Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff84da5a70
EFER = 0x0000000000000d01 PAT = 0x0007040600070406
*** Control State ***
PinBased=0000003f CPUBased=b6986dfa SecondaryExec=000000e2
EntryControls=0001d3ff ExitControls=00afefff
ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
VMEntry: intr_info=80000b0e errcode=00000000 ilen=00000000
VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
reason=80000021 qualification=0000000000000000
IDTVectoring: info=00000000 errcode=00000000
TSC Offset = 0xffffffe0737d0f56
EPT pointer = 0x000000006bfba01e
Virtual processor ID = 0x0083
kvm [7806]: vcpu0, guest rIP: 0xfff0 kvm_set_msr_common:
MSR_IA32_DEBUGCTLMSR 0x2, nop
kvm [7806]: vcpu0, guest rIP: 0xfff0 kvm_set_msr_common:
MSR_IA32_DEBUGCTLMSR 0x2, nop
nla_parse: 39 callbacks suppressed
netlink: 5 bytes leftover after parsing attributes in process
`syz-executor6'.
netlink: 5 bytes leftover after parsing attributes in process
`syz-executor6'.
netlink: 5 bytes leftover after parsing attributes in process
`syz-executor6'.
netlink: 5 bytes leftover after parsing attributes in process
`syz-executor6'.
ata1.00: invalid multi_count 64 ignored
netlink: 6 bytes leftover after parsing attributes in process
`syz-executor2'.
ata1.00: exception Emask 0x0 SAct 0x1 SErr 0x0 action 0x0
ata1.00: failed command: WRITE MULTIPLE FUA EXT
ata1.00: cmd ce/07:00:00:00:03/00:00:00:00:00/09 tag 0 ncq nodata 188 out
res 50/00:00:28:25:00/00:00:28:25:00/a0 Emask 0x40 (internal error)
ata1.00: status: { DRDY }
ata1.00: ATA Identify Device Log not supported
ata1.00: Security Log not supported
ata1.00: ATA Identify Device Log not supported
ata1.00: Security Log not supported
ata1.00: configured for MWDMA2
ata1: EH complete
netlink: 6 bytes leftover after parsing attributes in process
`syz-executor2'.
netlink: 6 bytes leftover after parsing attributes in process
`syz-executor2'.
netlink: 11 bytes leftover after parsing attributes in process
`syz-executor5'.
netlink: 11 bytes leftover after parsing attributes in process
`syz-executor5'.
netlink: 6 bytes leftover after parsing attributes in process
`syz-executor2'.
ata1.00: invalid multi_count 64 ignored
ata1.00: exception Emask 0x0 SAct 0x1 SErr 0x0 action 0x0
ata1.00: failed command: WRITE MULTIPLE FUA EXT
ata1.00: cmd ce/07:00:00:00:03/00:00:00:00:00/09 tag 0 ncq nodata 188 out
res 50/00:00:c0:29:04/00:00:c0:29:04/a0 Emask 0x40 (internal error)
ata1.00: status: { DRDY }
ata1.00: ATA Identify Device Log not supported
ata1.00: Security Log not supported
ata1.00: ATA Identify Device Log not supported
ata1.00: Security Log not supported
ata1.00: configured for MWDMA2
ata1: EH complete
ata1.00: invalid multi_count 64 ignored
ata1.00: exception Emask 0x0 SAct 0x1 SErr 0x0 action 0x0
ata1.00: failed command: WRITE MULTIPLE FUA EXT
ata1.00: cmd ce/07:00:00:00:03/00:00:00:00:00/09 tag 0 ncq nodata 188 out
res 41/04:01:00:00:00/04:01:00:00:00/a0 Emask 0x41 (internal error)
ata1.00: status: { DRDY ERR }
ata1.00: error: { ABRT }
ata1.00: ATA Identify Device Log not supported
ata1.00: Security Log not supported
ata1.00: ATA Identify Device Log not supported
ata1.00: Security Log not supported
ata1.00: configured for MWDMA2
ata1: EH complete
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
RDS: rds_bind could not find a transport for 224.0.0.1, load rds_tcp or
rds_rdma?
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2393
sclass=netlink_route_socket pig=8339 comm=syz-executor4
RDS: rds_bind could not find a transport for 224.0.0.1, load rds_tcp or
rds_rdma?
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2393
sclass=netlink_route_socket pig=8362 comm=syz-executor4
QAT: Invalid ioctl
QAT: Invalid ioctl
device lo entered promiscuous mode
QAT: Invalid ioctl
QAT: Invalid ioctl
print_req_error: 190 callbacks suppressed
print_req_error: I/O error, dev loop3, sector 0
buffer_io_error: 186 callbacks suppressed
Buffer I/O error on dev loop3, logical block 0, lost async page write
kauditd_printk_skb: 4 callbacks suppressed
audit: type=1326 audit(1503818048.229:1288): auid=4294967295 uid=0 gid=0
ses=4294967295 subj=kernel pid=8524 comm="syz-executor3"
exe="/syz-executor3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x446749
code=0xffff0000
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
audit: type=1326 audit(1503818048.273:1289): auid=4294967295 uid=0 gid=0
ses=4294967295 subj=kernel pid=8524 comm="syz-executor3"
exe="/syz-executor3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x446749
code=0xffff0000
audit: type=1326 audit(1503818048.273:1290): auid=4294967295 uid=0 gid=0
ses=4294967295 subj=kernel pid=8524 comm="syz-executor3"
exe="/syz-executor3" sig=9 arch=c000003e syscall=202 compat=0 ip=0x446749
code=0x0
SELinux: unknown mount option
audit: type=1326 audit(1503818048.541:1291): auid=4294967295 uid=0 gid=0
ses=4294967295 subj=kernel pid=8730 comm="syz-executor7"
exe="/syz-executor7" sig=31 arch=c000003e syscall=202 compat=0 ip=0x446749
code=0xffff0000
audit: type=1326 audit(1503818048.620:1292): auid=4294967295 uid=0 gid=0
ses=4294967295 subj=kernel pid=8730 comm="syz-executor7"
exe="/syz-executor7" sig=31 arch=c000003e syscall=202 compat=0 ip=0x446749
code=0xffff0000
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=14606
sclass=netlink_route_socket pig=8880 comm=syz-executor1
sctp: [Deprecated]: syz-executor6 (pid 8873) Use of int in max_burst socket
option.
Use struct sctp_assoc_value instead
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=14606
sclass=netlink_route_socket pig=8880 comm=syz-executor1
sctp: [Deprecated]: syz-executor6 (pid 8873) Use of int in max_burst socket
option.
Use struct sctp_assoc_value instead
sock: process `syz-executor4' is using obsolete setsockopt SO_BSDCOMPAT
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
TCP: request_sock_TCPv6: Possible SYN flooding on port 20021. Sending
cookies. Check SNMP counters.
kvm [9378]: vcpu0, guest rIP: 0x9138 Hyper-V uhandled wrmsr: 0x40000020
data 0x400
kvm [9378]: vcpu0, guest rIP: 0x9138 Hyper-V uhandled wrmsr: 0x40000020
data 0x400
*** Guest State ***
CR0: actual=0x0000000080000021, shadow=0x00000000e0000021,
gh_mask=fffffffffffffff7
CR4: actual=0x0000000000002040, shadow=0x0000000000000000,
gh_mask=ffffffffffffe871
CR3 = 0x0000000000000000
RSP = 0x0000000000000f80 RIP = 0x0000000000000000
RFLAGS=0x00000002 DR7 = 0x0000000000000400
Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
SS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
GDTR: limit=0x00000000, base=0x0000000000000000
LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
IDTR: limit=0x00000000, base=0x0000000000000000
TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
EFER = 0x0000000000000000 PAT = 0x0007040600070406
DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000
BndCfgS = 0x0000000000000000
Interruptibility = 00000000 ActivityState = 00000000
*** Host State ***
RIP = 0xffffffff811b8fd7 RSP = 0xffff88003c6874c8
CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
FSBase=00007fba8c2c8700 GSBase=ffff88006df00000 TRBase=ffff88006df23100
GDTBase=ffffffffff574000 IDTBase=ffffffffff57b000
CR0=0000000080050033 CR3=00000000391b5000 CR4=00000000000026e0
Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff84da5a70
EFER = 0x0000000000000d01 PAT = 0x0007040600070406
*** Control State ***
PinBased=0000003f CPUBased=b6986dfa SecondaryExec=000000e2
EntryControls=0001d1ff ExitControls=00afefff
ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
reason=80000021 qualification=0000000000000000
IDTVectoring: info=00000000 errcode=00000000
TSC Offset = 0xffffffdd11922b9a
EPT pointer = 0x000000006a7bf01e
Virtual processor ID = 0x0083
QAT: Invalid ioctl
*** Guest State ***
CR0: actual=0x0000000080000021, shadow=0x00000000e0000021,
gh_mask=fffffffffffffff7
CR4: actual=0x0000000000002060, shadow=0x0000000000000020,
gh_mask=ffffffffffffe871
CR3 = 0x0000000000000000
QAT: Invalid ioctl
PDPTR0 = 0x0000000000000000 PDPTR1 = 0x0000000000000000
PDPTR2 = 0x0000000000000000 PDPTR3 = 0x0000000000000000
RSP = 0x0000000000000f80 RIP = 0x0000000000000000
RFLAGS=0x00000002 DR7 = 0x0000000000000400
Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810
CS: sel=0x0030, attr=0x0409b, limit=0x000fffff, base=0x0000000000000000
DS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
SS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
ES: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
*** Guest State ***
CR0: actual=0x0000000080000021, shadow=0x00000000e0000021,
gh_mask=fffffffffffffff7
CR4: actual=0x0000000000002040, shadow=0x0000000000000000,
gh_mask=ffffffffffffe871
CR3 = 0x0000000000000000
RSP = 0x0000000000000f80 RIP = 0x0000000000000000
RFLAGS=0x00000002 DR7 = 0x0000000000000400
Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
SS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
GDTR: limit=0x00000000, base=0x0000000000000000
LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
IDTR: limit=0x00000000, base=0x0000000000000000
TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
EFER = 0x0000000000000000 PAT = 0x0007040600070406
DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000
BndCfgS = 0x0000000000000000
Interruptibility = 00000000 ActivityState = 00000000
*** Host State ***
RIP = 0xffffffff811b8fd7 RSP = 0xffff88003d3ef4c8
CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
FSBase=00007fba8c2a6700 GSBase=ffff88006df00000 TRBase=ffff88006df23100
GDTBase=ffffffffff574000 IDTBase=ffffffffff57b000
CR0=0000000080050033 CR3=00000000391b5000 CR4=00000000000026e0
Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff84da5a70
EFER = 0x0000000000000d01 PAT = 0x0007040600070406
*** Control State ***
PinBased=0000003f CPUBased=b6986dfa SecondaryExec=000000e2
EntryControls=0001d1ff ExitControls=00afefff
ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
reason=80000021 qualification=0000000000000000
IDTVectoring: info=00000000 errcode=00000000
TSC Offset = 0xffffffdd00774410
EPT pointer = 0x00000000698ec01e
Virtual processor ID = 0x00de
*** Guest State ***
CR0: actual=0x0000000080000021, shadow=0x00000000e0000021,
gh_mask=fffffffffffffff7
CR4: actual=0x0000000000002060, shadow=0x0000000000000020,
gh_mask=ffffffffffffe871
CR3 = 0x0000000000000000
PDPTR0 = 0x0000000000000000 PDPTR1 = 0x0000000000000000
PDPTR2 = 0x0000000000000000 PDPTR3 = 0x0000000000000000
RSP = 0x0000000000000f80 RIP = 0x0000000000000000
RFLAGS=0x00000002 DR7 = 0x0000000000000400
Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810
CS: sel=0x0030, attr=0x0409b, limit=0x000fffff, base=0x0000000000000000
DS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
SS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
ES: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
GDTR: limit=0x000007ff, base=0x0000000000001000
LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800
IDTR: limit=0x000001ff, base=0x0000000000003800
TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
EFER = 0x0000000000000001 PAT = 0x0007040600070406
DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000
BndCfgS = 0x0000000000000000
Interruptibility = 00000000 ActivityState = 00000000
*** Host State ***
RIP = 0xffffffff811b8fd7 RSP = 0xffff88003b5df4c8
CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
FSBase=00007fba8c285700 GSBase=ffff88003ec00000 TRBase=ffff88003ec23100
GDTBase=ffffffffff577000 IDTBase=ffffffffff57b000
CR0=0000000080050033 CR3=00000000391b5000 CR4=00000000000026f0
Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff84da5a70
EFER = 0x0000000000000d01 PAT = 0x0007040600070406
*** Control State ***
PinBased=0000003f CPUBased=b6986dfa SecondaryExec=000000e2
EntryControls=0001d1ff ExitControls=00afefff
ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
reason=80000021 qualification=0000000000000000
IDTVectoring: info=00000000 errcode=00000000
TSC Offset = 0xffffffdd00774410
EPT pointer = 0x00000000698ec01e
Virtual processor ID = 0x00de
dccp_v4_rcv: dropped packet with invalid checksum
dccp_v4_rcv: dropped packet with invalid checksum
audit: type=1326 audit(1503818049.695:1293): auid=4294967295 uid=0 gid=0
ses=4294967295 subj=kernel pid=9472 comm="syz-executor7"
exe="/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x446749
code=0x0
GDTR: limit=0x000007ff, base=0x0000000000001000
LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800
IDTR: limit=0x000001ff, base=0x0000000000003800
TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
EFER = 0x0000000000000001 PAT = 0x0007040600070406
DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000
BndCfgS = 0x0000000000000000
Interruptibility = 00000000 ActivityState = 00000000
*** Host State ***
RIP = 0xffffffff811b8fd7 RSP = 0xffff8800388df4c8
CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
FSBase=00007fba8c2e9700 GSBase=ffff88006de00000 TRBase=ffff88006de23100
GDTBase=ffffffffff575000 IDTBase=ffffffffff57b000
CR0=0000000080050033 CR3=00000000391b5000 CR4=00000000000026e0
Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff84da5a70
EFER = 0x0000000000000d01 PAT = 0x0007040600070406
*** Control State ***
PinBased=0000003f CPUBased=b6986dfa SecondaryExec=000000e2
EntryControls=0001d1ff ExitControls=00afefff
ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
reason=80000021 qualification=0000000000000000
IDTVectoring: info=00000000 errcode=00000000
TSC Offset = 0xffffffdd11922b9a
EPT pointer = 0x000000006a7bf01e
Virtual processor ID = 0x0083
audit: type=1326 audit(1503818049.761:1294): auid=4294967295 uid=0 gid=0
ses=4294967295 subj=kernel pid=9472 comm="syz-executor7"
exe="/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x446749
code=0x0
audit: type=1326 audit(1503818049.780:1295): auid=4294967295 uid=0 gid=0
ses=4294967295 subj=kernel pid=9495 comm="syz-executor3"
exe="/syz-executor3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x446749
code=0xffff0000
audit: type=1326 audit(1503818049.825:1296): auid=4294967295 uid=0 gid=0
ses=4294967295 subj=kernel pid=9495 comm="syz-executor3"
exe="/syz-executor3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x446749
code=0xffff0000
kvm [9527]: vcpu0, guest rIP: 0x910f Hyper-V uhandled wrmsr: 0x4000008f
data 0x4000f1
kvm [9527]: vcpu0, guest rIP: 0x910f Hyper-V uhandled wrmsr: 0x4000008e
data 0x4000f2
kvm [9527]: vcpu0, guest rIP: 0x910f Hyper-V uhandled wrmsr: 0x4000008d
data 0x4000f3
kvm [9527]: vcpu0, guest rIP: 0x910f Hyper-V uhandled wrmsr: 0x4000008c
data 0x4000f4
kvm [9527]: vcpu0, guest rIP: 0x910f Hyper-V uhandled wrmsr: 0x4000008b
data 0x4000f5
kvm [9527]: vcpu0, guest rIP: 0x910f Hyper-V uhandled wrmsr: 0x4000008a
data 0x4000f6
kvm [9527]: vcpu0, guest rIP: 0x910f Hyper-V uhandled wrmsr: 0x40000089
data 0x4000f7
kvm [9527]: vcpu0, guest rIP: 0x910f Hyper-V uhandled wrmsr: 0x40000088
data 0x4000f8
kvm [9527]: vcpu0, guest rIP: 0x910f Hyper-V uhandled wrmsr: 0x40000087
data 0x4000f9
kvm [9527]: vcpu0, guest rIP: 0x910f Hyper-V uhandled wrmsr: 0x40000086
data 0x4000fa
audit: type=1326 audit(1503818049.893:1297): auid=4294967295 uid=0 gid=0
ses=4294967295 subj=kernel pid=9495 comm="syz-executor3"
exe="/syz-executor3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x446749
code=0xffff0000
*** Guest State ***
CR0: actual=0x0000000000000030, shadow=0x0000000060000010,
gh_mask=fffffffffffffff7
CR4: actual=0x0000000000002050, shadow=0x0000000000000000,
gh_mask=ffffffffffffe871
CR3 = 0x00000000fffbc000
RSP = 0x0000000000000000 RIP = 0x000000000000fff0
RFLAGS=0x00000000 DR7 = 0x0000000000000400
Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
GDTR: limit=0x0000ffff, base=0x0000000000000000
LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
IDTR: limit=0x0000ffff, base=0x0000000000000000
TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
EFER = 0x0000000000000000 PAT = 0x0007040600070406
DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000
BndCfgS = 0x0000000000000000
Interruptibility = 00000000 ActivityState = 00000000
*** Host State ***
RIP = 0xffffffff811b8fd7 RSP = 0xffff880054b7f4c8
CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
FSBase=00007f395fcc6700 GSBase=ffff88003ed00000 TRBase=ffff88003ed23100
GDTBase=ffffffffff576000 IDTBase=ffffffffff57b000
CR0=0000000080050033 CR3=000000003c902000 CR4=00000000000026e0
Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff84da5a70
EFER = 0x0000000000000d01 PAT = 0x0007040600070406
*** Control State ***
PinBased=0000003f CPUBased=b6a1edfa SecondaryExec=000000e3
EntryControls=0001d1ff ExitControls=00afefff
ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
VMEntry: intr_info=80000301 errcode=00000000 ilen=00000000
VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
reason=80000021 qualification=0000000000000000
IDTVectoring: info=00000000 errcode=00000000
TSC Offset = 0xffffffdcb773e282
TPR Threshold = 0x00
EPT pointer = 0x000000003e3aa01e
Virtual processor ID = 0x00e7
device lo entered promiscuous mode
device lo left promiscuous mode
IPv6: Can't replace route, no match found
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
device syz1 entered promiscuous mode
device syz1 left promiscuous mode
device syz1 entered promiscuous mode
cgroup: cgroup2: unknown option ""
tmpfs: No value for mount option '�ɿ'
cgroup: cgroup2: unknown option ""
sctp: [Deprecated]: syz-executor3 (pid 10222) Use of int in max_burst
socket option.
Use struct sctp_assoc_value instead
sctp: [Deprecated]: syz-executor3 (pid 10222) Use of int in max_burst
socket option.
Use struct sctp_assoc_value instead
skbuff: bad partial csum: csum=65285/255 len=14
IPv6: NLM_F_REPLACE set, but no existing node found!
sock: sock_set_timeout: `syz-executor5' (pid 10314) tries to set negative
timeout
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=47729
sclass=netlink_route_socket pig=10344 comm=syz-executor3
sock: sock_set_timeout: `syz-executor5' (pid 10359) tries to set negative
timeout
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=47729
sclass=netlink_route_socket pig=10351 comm=syz-executor3
sctp: [Deprecated]: syz-executor0 (pid 10326) Use of struct
sctp_assoc_value in delayed_ack socket option.
Use struct sctp_sack_info instead
device lo entered promiscuous mode
?: renamed from sit0
PF_BRIDGE: br_mdb_parse() with unknown ifindex
PF_BRIDGE: br_mdb_parse() with unknown ifindex
loop_reread_partitions: partition scan of loop0
(- \� t�@�� r�9h �x G�Q:[��i�l �
�L�*� �@� ���R�-�T�r-�x�� ) failed (rc=-13)
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0
sclass=netlink_route_socket pig=10757 comm=syz-executor0
nla_parse: 40 callbacks suppressed
netlink: 3 bytes leftover after parsing attributes in process
`syz-executor2'.
netlink: 3 bytes leftover after parsing attributes in process
`syz-executor2'.
netlink: 3 bytes leftover after parsing attributes in process
`syz-executor2'.
netlink: 3 bytes leftover after parsing attributes in process
`syz-executor2'.
netlink: 4 bytes leftover after parsing attributes in process
`syz-executor1'.
netlink: 4 bytes leftover after parsing attributes in process
`syz-executor1'.
---
This bug is generated by a dumb bot. It may contain errors.
See https://goo.gl/tpsmEJ for details.
Direct all questions to syzk...@googlegroups.com.
syzbot will keep track of this bug report.
Once a fix for this bug is committed, please reply to this email with:
#syz fix: exact-commit-title
To mark this as a duplicate of another syzbot report, please reply with:
#syz dup: exact-subject-of-another-report
If it's a one-off invalid bug report, please reply with:
#syz invalid
Note: if the crash happens again, it will cause creation of a new bug
report.
To upstream this report, please reply with:
#syz upstream
syzkaller hit the following crash on
7159188b70e3a07dd9953f2a0aef9da8c4b1ef2f
git://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/master
compiler: gcc (GCC) 7.1.1 20170620
.config is attached
Raw console output is attached.
CC: [jiangs...@gmail.com linux-...@vger.kernel.org t...@kernel.org]
======================================================
WARNING: possible circular locking dependency detected
4.13.0-rc6-next-20170825+ #9 Not tainted
------------------------------------------------------
kvm [6027]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc1 data
0x8000
kworker/2:3/4650 is trying to acquire lock:
(rcu_sched_state.barrier_mutex){+.+.}, at: [<ffffffff815be7ff>]
_rcu_barrier+0x13f/0x7a0 kernel/rcu/tree.c:3502
but task is already holding lock:
((&map->work)){+.+.}, at: [<ffffffff8146858c>]
process_one_work+0xb2c/0x1be0 kernel/workqueue.c:2094
which lock already depends on the new lock.
the existing dependency chain (in reverse order) is:
-> #4 ((&map->work)){+.+.}:
process_one_work+0xba5/0x1be0 kernel/workqueue.c:2095
worker_thread+0x223/0x1860 kernel/workqueue.c:2233
kthread+0x39c/0x470 kernel/kthread.c:231
ret_from_fork+0x2a/0x40 arch/x86/entry/entry_64.S:431
0xffffffffffffffff
-> #3 ((complete)wq_barr::done/1){+.+.}:
check_prevs_add kernel/locking/lockdep.c:2020 [inline]
validate_chain kernel/locking/lockdep.c:2469 [inline]
__lock_acquire+0x3286/0x4620 kernel/locking/lockdep.c:3498
lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:4002
complete_acquire include/linux/completion.h:39 [inline]
__wait_for_common kernel/sched/completion.c:108 [inline]
wait_for_common kernel/sched/completion.c:122 [inline]
wait_for_completion+0xc8/0x770 kernel/sched/completion.c:143
flush_work+0x621/0x930 kernel/workqueue.c:2868
lru_add_drain_all_cpuslocked+0x331/0x520 mm/swap.c:722
lru_add_drain_all+0x13/0x20 mm/swap.c:730
SYSC_mlockall mm/mlock.c:803 [inline]
SyS_mlockall+0x2fb/0x670 mm/mlock.c:791
entry_SYSCALL_64_fastpath+0x1f/0xbe
-> #2 (lock#5){+.+.}:
check_prevs_add kernel/locking/lockdep.c:2020 [inline]
validate_chain kernel/locking/lockdep.c:2469 [inline]
__lock_acquire+0x3286/0x4620 kernel/locking/lockdep.c:3498
lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:4002
__mutex_lock_common kernel/locking/mutex.c:756 [inline]
__mutex_lock+0x16f/0x1870 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
kvm [6027]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc1 data
0x8000
lru_add_drain_all_cpuslocked+0xb3/0x520 mm/swap.c:704
lru_add_drain_all+0x13/0x20 mm/swap.c:730
SYSC_mlockall mm/mlock.c:803 [inline]
SyS_mlockall+0x2fb/0x670 mm/mlock.c:791
entry_SYSCALL_64_fastpath+0x1f/0xbe
-> #1 (cpu_hotplug_lock.rw_sem){++++}:
check_prevs_add kernel/locking/lockdep.c:2020 [inline]
validate_chain kernel/locking/lockdep.c:2469 [inline]
__lock_acquire+0x3286/0x4620 kernel/locking/lockdep.c:3498
lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:4002
percpu_down_read_preempt_disable include/linux/percpu-rwsem.h:35
[inline]
percpu_down_read include/linux/percpu-rwsem.h:58 [inline]
cpus_read_lock+0x42/0x90 kernel/cpu.c:218
get_online_cpus include/linux/cpu.h:126 [inline]
_rcu_barrier+0x33d/0x7a0 kernel/rcu/tree.c:3525
rcu_barrier_sched kernel/rcu/tree.c:3591 [inline]
rcu_barrier+0x10/0x20 kernel/rcu/tree_plugin.h:891
netdev_run_todo+0x28f/0xca0 net/core/dev.c:7824
rtnl_unlock+0xe/0x10 net/core/rtnetlink.c:106
tun_detach drivers/net/tun.c:588 [inline]
tun_chr_close+0x49/0x60 drivers/net/tun.c:2595
__fput+0x333/0x7f0 fs/file_table.c:210
____fput+0x15/0x20 fs/file_table.c:246
task_work_run+0x199/0x270 kernel/task_work.c:112
exit_task_work include/linux/task_work.h:21 [inline]
do_exit+0xa52/0x1b40 kernel/exit.c:865
do_group_exit+0x149/0x400 kernel/exit.c:968
get_signal+0x7e8/0x17e0 kernel/signal.c:2334
do_signal+0x94/0x1ee0 arch/x86/kernel/signal.c:808
exit_to_usermode_loop+0x224/0x300 arch/x86/entry/common.c:158
prepare_exit_to_usermode arch/x86/entry/common.c:197 [inline]
syscall_return_slowpath+0x42f/0x500 arch/x86/entry/common.c:266
entry_SYSCALL_64_fastpath+0xbc/0xbe
-> #0 (rcu_sched_state.barrier_mutex){+.+.}:
check_prev_add+0x865/0x1520 kernel/locking/lockdep.c:1894
check_prevs_add kernel/locking/lockdep.c:2020 [inline]
validate_chain kernel/locking/lockdep.c:2469 [inline]
__lock_acquire+0x3286/0x4620 kernel/locking/lockdep.c:3498
lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:4002
__mutex_lock_common kernel/locking/mutex.c:756 [inline]
__mutex_lock+0x16f/0x1870 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
_rcu_barrier+0x13f/0x7a0 kernel/rcu/tree.c:3502
rcu_barrier_sched kernel/rcu/tree.c:3591 [inline]
rcu_barrier+0x10/0x20 kernel/rcu/tree_plugin.h:891
htab_map_free+0x9d/0x640 kernel/bpf/hashtab.c:1112
bpf_map_free_deferred+0xac/0xd0 kernel/bpf/syscall.c:209
process_one_work+0xbfd/0x1be0 kernel/workqueue.c:2098
worker_thread+0x223/0x1860 kernel/workqueue.c:2233
kthread+0x39c/0x470 kernel/kthread.c:231
ret_from_fork+0x2a/0x40 arch/x86/entry/entry_64.S:431
other info that might help us debug this:
Chain exists of:
rcu_sched_state.barrier_mutex --> (complete)wq_barr::done/1 -->
(&map->work)
Possible unsafe locking scenario:
CPU0 CPU1
---- ----
lock((&map->work));
lock((complete)wq_barr::done/1);
lock((&map->work));
lock(rcu_sched_state.barrier_mutex);
*** DEADLOCK ***
2 locks held by kworker/2:3/4650:
#0: ("events"){.+.+}, at: [<ffffffff81468534>] __write_once_size
include/linux/compiler.h:305 [inline]
#0: ("events"){.+.+}, at: [<ffffffff81468534>] atomic64_set
arch/x86/include/asm/atomic64_64.h:33 [inline]
#0: ("events"){.+.+}, at: [<ffffffff81468534>] atomic_long_set
include/asm-generic/atomic-long.h:56 [inline]
#0: ("events"){.+.+}, at: [<ffffffff81468534>] set_work_data
kernel/workqueue.c:617 [inline]
#0: ("events"){.+.+}, at: [<ffffffff81468534>]
set_work_pool_and_clear_pending kernel/workqueue.c:644 [inline]
#0: ("events"){.+.+}, at: [<ffffffff81468534>]
process_one_work+0xad4/0x1be0 kernel/workqueue.c:2090
#1: ((&map->work)){+.+.}, at: [<ffffffff8146858c>]
process_one_work+0xb2c/0x1be0 kernel/workqueue.c:2094
stack backtrace:
CPU: 2 PID: 4650 Comm: kworker/2:3 Not tainted 4.13.0-rc6-next-20170825+ #9
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011
Workqueue: events bpf_map_free_deferred
Call Trace:
__dump_stack lib/dump_stack.c:16 [inline]
dump_stack+0x194/0x257 lib/dump_stack.c:52
print_circular_bug+0x503/0x710 kernel/locking/lockdep.c:1259
check_prev_add+0x865/0x1520 kernel/locking/lockdep.c:1894
check_prevs_add kernel/locking/lockdep.c:2020 [inline]
validate_chain kernel/locking/lockdep.c:2469 [inline]
__lock_acquire+0x3286/0x4620 kernel/locking/lockdep.c:3498
lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:4002
__mutex_lock_common kernel/locking/mutex.c:756 [inline]
__mutex_lock+0x16f/0x1870 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
_rcu_barrier+0x13f/0x7a0 kernel/rcu/tree.c:3502
rcu_barrier_sched kernel/rcu/tree.c:3591 [inline]
rcu_barrier+0x10/0x20 kernel/rcu/tree_plugin.h:891
htab_map_free+0x9d/0x640 kernel/bpf/hashtab.c:1112
bpf_map_free_deferred+0xac/0xd0 kernel/bpf/syscall.c:209
process_one_work+0xbfd/0x1be0 kernel/workqueue.c:2098
worker_thread+0x223/0x1860 kernel/workqueue.c:2233
kthread+0x39c/0x470 kernel/kthread.c:231
ret_from_fork+0x2a/0x40 arch/x86/entry/entry_64.S:431
QAT: Invalid ioctl
netlink: 19 bytes leftover after parsing attributes in process
`syz-executor5'.
TCP: request_sock_TCPv6: Possible SYN flooding on port 20009. Sending
cookies. Check SNMP counters.
QAT: Invalid ioctl
netlink: 19 bytes leftover after parsing attributes in process
`syz-executor5'.
QAT: Invalid ioctl
QAT: Invalid ioctl
rpcbind: RPC call returned error 22
print_req_error: I/O error, dev loop6, sector 0
print_req_error: I/O error, dev loop6, sector 0
Buffer I/O error on dev loop6, logical block 0, async page read
print_req_error: I/O error, dev loop6, sector 0
Buffer I/O error on dev loop6, logical block 0, async page read
print_req_error: I/O error, dev loop6, sector 0
Buffer I/O error on dev loop6, logical block 0, async page read
print_req_error: I/O error, dev loop6, sector 0
Buffer I/O error on dev loop6, logical block 0, async page read
print_req_error: I/O error, dev loop6, sector 0
Buffer I/O error on dev loop6, logical block 0, async page read
print_req_error: I/O error, dev loop6, sector 24
Buffer I/O error on dev loop6, logical block 3, async page read
print_req_error: I/O error, dev loop6, sector 0
Buffer I/O error on dev loop6, logical block 0, async page read
print_req_error: I/O error, dev loop6, sector 0
Buffer I/O error on dev loop6, logical block 0, async page read
print_req_error: I/O error, dev loop6, sector 0
Buffer I/O error on dev loop6, logical block 0, async page read
Buffer I/O error on dev loop6, logical block 0, async page read
rfkill: input handler disabled
rfkill: input handler enabled
rfkill: input handler disabled
rfkill: input handler enabled
*** Guest State ***
CR0: actual=0x0000000080000021, shadow=0x00000000e0000021,
gh_mask=fffffffffffffff7
CR4: actual=0x0000000000002040, shadow=0x0000000000000000,
gh_mask=ffffffffffffe871
CR3 = 0x0000000000000000
RSP = 0x0000000000000f80 RIP = 0x0000000000000000
RFLAGS=0x00000002 DR7 = 0x0000000000000400
Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
SS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
GDTR: limit=0x00000000, base=0x0000000000000000
LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
IDTR: limit=0x00000000, base=0x0000000000000000
TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
EFER = 0x0000000000000000 PAT = 0x0007040600070406
DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000
BndCfgS = 0x0000000000000000
Interruptibility = 00000000 ActivityState = 00000000
*** Host State ***
RIP = 0xffffffff811b8fd7 RSP = 0xffff880039ea74c8
CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
FSBase=00007f0d877d1700 GSBase=ffff88006de00000 TRBase=ffff88006de23100
GDTBase=ffffffffff575000 IDTBase=ffffffffff57b000
CR0=0000000080050033 CR3=0000000052335000 CR4=00000000000026e0
Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff84da5a70
EFER = 0x0000000000000d01 PAT = 0x0007040600070406
*** Control State ***
PinBased=0000003f CPUBased=b6986dfa SecondaryExec=000000e2
EntryControls=0001d1ff ExitControls=00afefff
ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
reason=80000021 qualification=0000000000000000
IDTVectoring: info=00000000 errcode=00000000
TSC Offset = 0xffffffe2c7a09334
EPT pointer = 0x000000006c9da01e
Virtual processor ID = 0x0072
*** Guest State ***
CR0: actual=0x0000000080000021, shadow=0x00000000e0000021,
gh_mask=fffffffffffffff7
CR4: actual=0x0000000000002060, shadow=0x0000000000000020,
gh_mask=ffffffffffffe871
CR3 = 0x0000000000000000
PDPTR0 = 0x0000000000000000 PDPTR1 = 0x0000000000000000
PDPTR2 = 0x0000000000000000 PDPTR3 = 0x0000000000000000
RSP = 0x0000000000000f80 RIP = 0x0000000000000000
RFLAGS=0x00000002 DR7 = 0x0000000000000400
Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810
CS: sel=0x0030, attr=0x0409b, limit=0x000fffff, base=0x0000000000000000
DS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
SS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
ES: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
GDTR: limit=0x000007ff, base=0x0000000000001000
LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800
IDTR: limit=0x000001ff, base=0x0000000000003800
TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
EFER = 0x0000000000000001 PAT = 0x0007040600070406
DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000
BndCfgS = 0x0000000000000000
Interruptibility = 00000000 ActivityState = 00000000
*** Host State ***
RIP = 0xffffffff811b8fd7 RSP = 0xffff880039ea74c8
CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
FSBase=00007f0d877d1700 GSBase=ffff88006de00000 TRBase=ffff88006de23100
GDTBase=ffffffffff575000 IDTBase=ffffffffff57b000
CR0=0000000080050033 CR3=0000000052335000 CR4=00000000000026e0
Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff84da5a70
EFER = 0x0000000000000d01 PAT = 0x0007040600070406
*** Control State ***
PinBased=0000003f CPUBased=b6986dfa SecondaryExec=000000e2
EntryControls=0001d1ff ExitControls=00afefff
ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
reason=80000021 qualification=0000000000000000
IDTVectoring: info=00000000 errcode=00000000
TSC Offset = 0xffffffe2c7a09334
EPT pointer = 0x000000006c9da01e
Virtual processor ID = 0x0072
*** Guest State ***
CR0: actual=0x0000000080000021, shadow=0x00000000e0000021,
gh_mask=fffffffffffffff7
CR4: actual=0x0000000000002040, shadow=0x0000000000000000,
gh_mask=ffffffffffffe871
CR3 = 0x0000000000000000
RSP = 0x0000000000000000 RIP = 0x000000000000fff0
RFLAGS=0x00000002 DR7 = 0x0000000000000400
Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
SS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
GDTR: limit=0x00000000, base=0x0000000000000000
LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
IDTR: limit=0x00000000, base=0x0000000000000000
TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
EFER = 0x0000000000000000 PAT = 0x0007040600070406
DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000
BndCfgS = 0x0000000000000000
Interruptibility = 00000000 ActivityState = 00000000
*** Host State ***
RIP = 0xffffffff811b8fd7 RSP = 0xffff880037fcf4c8
CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
FSBase=00007f0d877af700 GSBase=ffff88003ec00000 TRBase=ffff88003ec23100
GDTBase=ffffffffff577000 IDTBase=ffffffffff57b000
CR0=0000000080050033 CR3=0000000052335000 CR4=00000000000026f0
Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff84da5a70
EFER = 0x0000000000000d01 PAT = 0x0007040600070406
*** Control State ***
PinBased=0000003f CPUBased=b6986dfa SecondaryExec=000000e2
EntryControls=0001d1ff ExitControls=00afefff
ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
reason=80000021 qualification=0000000000000000
IDTVectoring: info=00000000 errcode=00000000
TSC Offset = 0xffffffe2c2eacdc0
EPT pointer = 0x000000003b94001e
Virtual processor ID = 0x0070
*** Guest State ***
CR0: actual=0x0000000000000031, shadow=0x0000000060000011,
gh_mask=fffffffffffffff7
CR4: actual=0x0000000000002050, shadow=0x0000000000000020,
gh_mask=ffffffffffffe871
CR3 = 0x00000000fffbc000
RSP = 0x0000000000000f80 RIP = 0x0000000000000000
RFLAGS=0x00000002 DR7 = 0x0000000000000400
Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810
CS: sel=0x0030, attr=0x0409b, limit=0x000fffff, base=0x0000000000000000
DS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
SS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
ES: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
GDTR: limit=0x000007ff, base=0x0000000000001000
LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800
IDTR: limit=0x000001ff, base=0x0000000000003800
TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
EFER = 0x0000000000000001 PAT = 0x0007040600070406
DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000
BndCfgS = 0x0000000000000000
Interruptibility = 00000000 ActivityState = 00000000
*** Host State ***
RIP = 0xffffffff811b8fd7 RSP = 0xffff88003df674c8
CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
FSBase=00007f4d4573c700 GSBase=ffff88006de00000 TRBase=ffff88006de23100
GDTBase=ffffffffff575000 IDTBase=ffffffffff57b000
CR0=0000000080050033 CR3=000000006be02000 CR4=00000000000026e0
Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff84da5a70
EFER = 0x0000000000000d01 PAT = 0x0007040600070406
*** Control State ***
PinBased=0000003f CPUBased=b6a1edfa SecondaryExec=000000e3
EntryControls=0001d1ff ExitControls=00afefff
ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
reason=80000021 qualification=0000000000000000
IDTVectoring: info=00000000 errcode=00000000
TSC Offset = 0xffffffe2c2c758e2
TPR Threshold = 0x00
EPT pointer = 0x000000006b95201e
Virtual processor ID = 0x0001
*** Guest State ***
CR0: actual=0x0000000080000021, shadow=0x00000000e0000021,
gh_mask=fffffffffffffff7
CR4: actual=0x0000000000002040, shadow=0x0000000000000000,
gh_mask=ffffffffffffe871
CR3 = 0x0000000000000000
RSP = 0x0000000000000f80 RIP = 0x0000000000000000
RFLAGS=0x00000002 DR7 = 0x0000000000000400
Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810
CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
SS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
GDTR: limit=0x000007ff, base=0x0000000000001000
LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800
IDTR: limit=0x00000000, base=0x0000000000000000
TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
EFER = 0x0000000000000000 PAT = 0x0007040600070406
DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000
BndCfgS = 0x0000000000000000
Interruptibility = 00000000 ActivityState = 00000000
*** Host State ***
RIP = 0xffffffff811b8fd7 RSP = 0xffff880037fcf4c8
CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
FSBase=00007f0d877af700 GSBase=ffff88003ec00000 TRBase=ffff88003ec23100
GDTBase=ffffffffff577000 IDTBase=ffffffffff57b000
CR0=0000000080050033 CR3=0000000052335000 CR4=00000000000026f0
Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff84da5a70
EFER = 0x0000000000000d01 PAT = 0x0007040600070406
*** Control State ***
PinBased=0000003f CPUBased=b6986dfa SecondaryExec=000000e2
EntryControls=0001d1ff ExitControls=00afefff
ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
reason=80000021 qualification=0000000000000000
IDTVectoring: info=00000000 errcode=00000000
TSC Offset = 0xffffffe2c2eacdc0
EPT pointer = 0x000000003b94001e
Virtual processor ID = 0x0070
*** Guest State ***
CR0: actual=0x0000000000000023, shadow=0x0000000060000003,
gh_mask=fffffffffffffff7
CR4: actual=0x0000000000002050, shadow=0x0000000000000000,
gh_mask=ffffffffffffe871
CR3 = 0x00000000fffbc000
RSP = 0x0000000000000000 RIP = 0x0000000000000000
RFLAGS=0x00041090 DR7 = 0x0000000000000400
Sysenter RSP=0000000000000f80 CS:RIP=0030:0000000000002810
CS: sel=0x0043, attr=0x040fb, limit=0x000fffff, base=0x0000000000000000
DS: sel=0x004b, attr=0x040f3, limit=0x000fffff, base=0x0000000000000000
SS: sel=0x004b, attr=0x040f3, limit=0x000fffff, base=0x0000000000000000
ES: sel=0x004b, attr=0x040f3, limit=0x000fffff, base=0x0000000000000000
FS: sel=0x004b, attr=0x040f3, limit=0x000fffff, base=0x0000000000000000
GS: sel=0x004b, attr=0x040f3, limit=0x000fffff, base=0x0000000000000000
GDTR: limit=0x000007ff, base=0x0000000000001000
LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800
IDTR: limit=0x000001ff, base=0x0000000000003800
TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
EFER = 0x0000000000000001 PAT = 0x0007040600070406
DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000
BndCfgS = 0x0000000000000000
Interruptibility = 00000008 ActivityState = 00000000
*** Host State ***
RIP = 0xffffffff811b8fd7 RSP = 0xffff88005483f4c8
CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
FSBase=00007f2a07e32700 GSBase=ffff88006df00000 TRBase=ffff88006df23100
GDTBase=ffffffffff574000 IDTBase=ffffffffff57b000
CR0=0000000080050033 CR3=0000000069dd8000 CR4=00000000000026e0
Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff84da5a70
EFER = 0x0000000000000d01 PAT = 0x0007040600070406
*** Control State ***
PinBased=0000003f CPUBased=b6a1edfa SecondaryExec=000000e3
EntryControls=0001d1ff ExitControls=00afefff
ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
VMEntry: intr_info=00000306 errcode=00000000 ilen=00000000
VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
reason=80000021 qualification=0000000000000000
IDTVectoring: info=00000000 errcode=00000000
TSC Offset = 0xffffffe2a3071312
TPR Threshold = 0x00
EPT pointer = 0x000000006a31901e
Virtual processor ID = 0x0001
kauditd_printk_skb: 1262 callbacks suppressed
audit: type=1326 audit(1503818042.593:1274): auid=4294967295 uid=0 gid=0
ses=4294967295 subj=kernel pid=6446 comm="syz-executor4"
exe="/syz-executor4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x446749
code=0xffff0000
audit: type=1326 audit(1503818042.647:1275): auid=4294967295 uid=0 gid=0
ses=4294967295 subj=kernel pid=6446 comm="syz-executor4"
exe="/syz-executor4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x446749
code=0xffff0000
?: Invalid MTU 16777220 requested, hw max 65508
?: Invalid MTU 16777220 requested, hw max 65508
QAT: Invalid ioctl
QAT: Invalid ioctl
*** Guest State ***
CR0: actual=0x0000000000000030, shadow=0x0000000060000010,
gh_mask=fffffffffffffff7
CR4: actual=0x0000000000022050, shadow=0x0000000000020000,
gh_mask=ffffffffffffe871
CR3 = 0x00000000fffbc000
RSP = 0x0000000000000f80 RIP = 0x0000000000000000
RFLAGS=0x00000002 DR7 = 0x0000000000000400
Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
CS: sel=0x0010, attr=0x0009b, limit=0x000fffff, base=0x0000000000000000
DS: sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000
SS: sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000
ES: sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000
FS: sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000
GS: sel=0x0018, attr=0x00093, limit=0x000fffff, base=0x0000000000000000
GDTR: limit=0x000007ff, base=0x0000000000001000
LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800
IDTR: limit=0x0000ffff, base=0x0000000000000000
TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
EFER = 0x0000000000000000 PAT = 0x0007040600070406
DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000
BndCfgS = 0x0000000000000000
Interruptibility = 00000000 ActivityState = 00000000
*** Host State ***
RIP = 0xffffffff811b8fd7 RSP = 0xffff88003d7e74c8
CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
FSBase=00007f12f6cce700 GSBase=ffff88003ed00000 TRBase=ffff88003ed23100
GDTBase=ffffffffff576000 IDTBase=ffffffffff57b000
CR0=0000000080050033 CR3=000000003c91c000 CR4=00000000000026e0
Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff84da5a70
EFER = 0x0000000000000d01 PAT = 0x0007040600070406
*** Control State ***
PinBased=0000003f CPUBased=b6a1edfa SecondaryExec=000000e3
EntryControls=0001d1ff ExitControls=00afefff
ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
reason=80000021 qualification=0000000000000000
IDTVectoring: info=00000000 errcode=00000000
TSC Offset = 0xffffffe270503290
TPR Threshold = 0x00
EPT pointer = 0x00000000279b501e
Virtual processor ID = 0x0001
QAT: Invalid ioctl
QAT: Invalid ioctl
?: renamed from sit0
audit: type=1326 audit(1503818042.862:1276): auid=4294967295 uid=0 gid=0
ses=4294967295 subj=kernel pid=6643 comm="syz-executor5"
exe="/syz-executor5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x446749
code=0xffff0000
audit: type=1326 audit(1503818042.915:1277): auid=4294967295 uid=0 gid=0
ses=4294967295 subj=kernel pid=6643 comm="syz-executor5"
exe="/syz-executor5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x446749
code=0xffff0000
sctp: [Deprecated]: syz-executor6 (pid 6752) Use of int in maxseg socket
option.
Use struct sctp_assoc_value instead
device syz3 left promiscuous mode
[drm:cirrus_gem_create] *ERROR* failed to allocate GEM object
[drm:cirrus_gem_create] *ERROR* failed to allocate GEM object
audit: type=1326 audit(1503818044.483:1278): auid=4294967295 uid=0 gid=0
ses=4294967295 subj=kernel pid=7163 comm="syz-executor7"
exe="/syz-executor7" sig=31 arch=c000003e syscall=202 compat=0 ip=0x446749
code=0xffff0000
IPv6: Can't replace route, no match found
audit: type=1326 audit(1503818044.547:1279): auid=4294967295 uid=0 gid=0
ses=4294967295 subj=kernel pid=7163 comm="syz-executor7"
exe="/syz-executor7" sig=31 arch=c000003e syscall=202 compat=0 ip=0x446749
code=0xffff0000
TCP: request_sock_TCPv6: Possible SYN flooding on port 20001. Sending
cookies. Check SNMP counters.
device lo entered promiscuous mode
TCP: request_sock_TCP: Possible SYN flooding on port 20024. Sending
cookies. Check SNMP counters.
sctp: [Deprecated]: syz-executor6 (pid 7397) Use of int in max_burst socket
option.
Use struct sctp_assoc_value instead
sctp: [Deprecated]: syz-executor6 (pid 7417) Use of int in max_burst socket
option.
Use struct sctp_assoc_value instead
device lo left promiscuous mode
device lo entered promiscuous mode
TCP: request_sock_TCP: Possible SYN flooding on port 20004. Sending
cookies. Check SNMP counters.
TCP: request_sock_TCP: Possible SYN flooding on port 20004. Sending
cookies. Check SNMP counters.
dccp_invalid_packet: P.Data Offset(172) too large
device lo left promiscuous mode
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0
sclass=netlink_route_socket pig=7473 comm=syz-executor0
dccp_invalid_packet: P.Data Offset(172) too large
audit: type=1326 audit(1503818044.982:1280): auid=4294967295 uid=0 gid=0
ses=4294967295 subj=kernel pid=7485 comm="syz-executor2"
exe="/syz-executor2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x446749
code=0xffff0000
tmpfs: Bad mount option q�]g�4��G�
audit: type=1326 audit(1503818045.045:1281): auid=4294967295 uid=0 gid=0
ses=4294967295 subj=kernel pid=7485 comm="syz-executor2"
exe="/syz-executor2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x446749
code=0xffff0000
rpcbind: RPC call returned error 22
tmpfs: Bad mount option q�]g�4��G�
TCP: request_sock_TCPv6: Possible SYN flooding on port 20009. Sending
cookies. Check SNMP counters.
sock: process `syz-executor1' is using obsolete getsockopt SO_BSDCOMPAT
sctp: [Deprecated]: syz-executor4 (pid 7587) Use of int in maxseg socket
option.
Use struct sctp_assoc_value instead
audit: type=1326 audit(1503818045.192:1282): auid=4294967295 uid=0 gid=0
ses=4294967295 subj=kernel pid=7630 comm="syz-executor5"
exe="/syz-executor5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x446749
code=0xffff0000
rfkill: input handler disabled
sctp: [Deprecated]: syz-executor4 (pid 7587) Use of int in maxseg socket
option.
Use struct sctp_assoc_value instead
8021q: VLANs not supported on lo
rfkill: input handler enabled
device syz4 entered promiscuous mode
audit: type=1326 audit(1503818045.254:1283): auid=4294967295 uid=0 gid=0
ses=4294967295 subj=kernel pid=7630 comm="syz-executor5"
exe="/syz-executor5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x446749
code=0xffff0000
device syz4 left promiscuous mode
device syz4 entered promiscuous mode
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
*** Guest State ***
CR0: actual=0x0000000080000031, shadow=0x00000000e0000011,
gh_mask=fffffffffffffff7
CR4: actual=0x0000000000002060, shadow=0x0000000000000020,
gh_mask=ffffffffffffe871
CR3 = 0x0000000000002000
RSP = 0x0000000000000008 RIP = 0x0000000000009135
RFLAGS=0x00050400 DR7 = 0x0000000000000400
Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810
CS: sel=0x0050, attr=0x0209b, limit=0x0000ffff, base=0x0000000000000000
DS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
SS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
ES: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
GDTR: limit=0x000007ff, base=0x0000000000001000
LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800
IDTR: limit=0x000001ff, base=0x0000000000003800
TR: sel=0x00d8, attr=0x0008b, limit=0x000001ff, base=0x0000000000003a00
EFER = 0x0000000000000501 PAT = 0x0007040600070406
DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000
BndCfgS = 0x0000000000000000
Interruptibility = 00000000 ActivityState = 00000000
*** Host State ***
RIP = 0xffffffff811b8fd7 RSP = 0xffff880037e274c8
CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
FSBase=00007f1c29f52700 GSBase=ffff88006df00000 TRBase=ffff88006df23100
GDTBase=ffffffffff574000 IDTBase=ffffffffff57b000
CR0=0000000080050033 CR3=000000003c939000 CR4=00000000000026e0
Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff84da5a70
EFER = 0x0000000000000d01 PAT = 0x0007040600070406
*** Control State ***
PinBased=0000003f CPUBased=b6986dfa SecondaryExec=000000e2
EntryControls=0001d3ff ExitControls=00afefff
ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
VMEntry: intr_info=80000b0e errcode=00000000 ilen=00000000
VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
reason=80000021 qualification=0000000000000000
IDTVectoring: info=00000000 errcode=00000000
TSC Offset = 0xffffffe0737d0f56
EPT pointer = 0x000000006bfba01e
Virtual processor ID = 0x0083
kvm [7806]: vcpu0, guest rIP: 0xfff0 kvm_set_msr_common:
MSR_IA32_DEBUGCTLMSR 0x2, nop
kvm [7806]: vcpu0, guest rIP: 0xfff0 kvm_set_msr_common:
MSR_IA32_DEBUGCTLMSR 0x2, nop
nla_parse: 39 callbacks suppressed
netlink: 5 bytes leftover after parsing attributes in process
`syz-executor6'.
netlink: 5 bytes leftover after parsing attributes in process
`syz-executor6'.
netlink: 5 bytes leftover after parsing attributes in process
`syz-executor6'.
netlink: 5 bytes leftover after parsing attributes in process
`syz-executor6'.
ata1.00: invalid multi_count 64 ignored
netlink: 6 bytes leftover after parsing attributes in process
`syz-executor2'.
ata1.00: exception Emask 0x0 SAct 0x1 SErr 0x0 action 0x0
ata1.00: failed command: WRITE MULTIPLE FUA EXT
ata1.00: cmd ce/07:00:00:00:03/00:00:00:00:00/09 tag 0 ncq nodata 188 out
res 50/00:00:28:25:00/00:00:28:25:00/a0 Emask 0x40 (internal error)
ata1.00: status: { DRDY }
ata1.00: ATA Identify Device Log not supported
ata1.00: Security Log not supported
ata1.00: ATA Identify Device Log not supported
ata1.00: Security Log not supported
ata1.00: configured for MWDMA2
ata1: EH complete
netlink: 6 bytes leftover after parsing attributes in process
`syz-executor2'.
netlink: 6 bytes leftover after parsing attributes in process
`syz-executor2'.
netlink: 11 bytes leftover after parsing attributes in process
`syz-executor5'.
netlink: 11 bytes leftover after parsing attributes in process
`syz-executor5'.
netlink: 6 bytes leftover after parsing attributes in process
`syz-executor2'.
ata1.00: invalid multi_count 64 ignored
ata1.00: exception Emask 0x0 SAct 0x1 SErr 0x0 action 0x0
ata1.00: failed command: WRITE MULTIPLE FUA EXT
ata1.00: cmd ce/07:00:00:00:03/00:00:00:00:00/09 tag 0 ncq nodata 188 out
res 50/00:00:c0:29:04/00:00:c0:29:04/a0 Emask 0x40 (internal error)
ata1.00: status: { DRDY }
ata1.00: ATA Identify Device Log not supported
ata1.00: Security Log not supported
ata1.00: ATA Identify Device Log not supported
ata1.00: Security Log not supported
ata1.00: configured for MWDMA2
ata1: EH complete
ata1.00: invalid multi_count 64 ignored
ata1.00: exception Emask 0x0 SAct 0x1 SErr 0x0 action 0x0
ata1.00: failed command: WRITE MULTIPLE FUA EXT
ata1.00: cmd ce/07:00:00:00:03/00:00:00:00:00/09 tag 0 ncq nodata 188 out
res 41/04:01:00:00:00/04:01:00:00:00/a0 Emask 0x41 (internal error)
ata1.00: status: { DRDY ERR }
ata1.00: error: { ABRT }
ata1.00: ATA Identify Device Log not supported
ata1.00: Security Log not supported
ata1.00: ATA Identify Device Log not supported
ata1.00: Security Log not supported
ata1.00: configured for MWDMA2
ata1: EH complete
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
RDS: rds_bind could not find a transport for 224.0.0.1, load rds_tcp or
rds_rdma?
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2393
sclass=netlink_route_socket pig=8339 comm=syz-executor4
RDS: rds_bind could not find a transport for 224.0.0.1, load rds_tcp or
rds_rdma?
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2393
sclass=netlink_route_socket pig=8362 comm=syz-executor4
QAT: Invalid ioctl
QAT: Invalid ioctl
device lo entered promiscuous mode
QAT: Invalid ioctl
QAT: Invalid ioctl
print_req_error: 190 callbacks suppressed
print_req_error: I/O error, dev loop3, sector 0
buffer_io_error: 186 callbacks suppressed
Buffer I/O error on dev loop3, logical block 0, lost async page write
kauditd_printk_skb: 4 callbacks suppressed
audit: type=1326 audit(1503818048.229:1288): auid=4294967295 uid=0 gid=0
ses=4294967295 subj=kernel pid=8524 comm="syz-executor3"
exe="/syz-executor3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x446749
code=0xffff0000
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
audit: type=1326 audit(1503818048.273:1289): auid=4294967295 uid=0 gid=0
ses=4294967295 subj=kernel pid=8524 comm="syz-executor3"
exe="/syz-executor3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x446749
code=0xffff0000
audit: type=1326 audit(1503818048.273:1290): auid=4294967295 uid=0 gid=0
ses=4294967295 subj=kernel pid=8524 comm="syz-executor3"
exe="/syz-executor3" sig=9 arch=c000003e syscall=202 compat=0 ip=0x446749
code=0x0
SELinux: unknown mount option
audit: type=1326 audit(1503818048.541:1291): auid=4294967295 uid=0 gid=0
ses=4294967295 subj=kernel pid=8730 comm="syz-executor7"
exe="/syz-executor7" sig=31 arch=c000003e syscall=202 compat=0 ip=0x446749
code=0xffff0000
audit: type=1326 audit(1503818048.620:1292): auid=4294967295 uid=0 gid=0
ses=4294967295 subj=kernel pid=8730 comm="syz-executor7"
exe="/syz-executor7" sig=31 arch=c000003e syscall=202 compat=0 ip=0x446749
code=0xffff0000
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=14606
sclass=netlink_route_socket pig=8880 comm=syz-executor1
sctp: [Deprecated]: syz-executor6 (pid 8873) Use of int in max_burst socket
option.
Use struct sctp_assoc_value instead
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=14606
sclass=netlink_route_socket pig=8880 comm=syz-executor1
sctp: [Deprecated]: syz-executor6 (pid 8873) Use of int in max_burst socket
option.
Use struct sctp_assoc_value instead
sock: process `syz-executor4' is using obsolete setsockopt SO_BSDCOMPAT
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
TCP: request_sock_TCPv6: Possible SYN flooding on port 20021. Sending
cookies. Check SNMP counters.
kvm [9378]: vcpu0, guest rIP: 0x9138 Hyper-V uhandled wrmsr: 0x40000020
data 0x400
kvm [9378]: vcpu0, guest rIP: 0x9138 Hyper-V uhandled wrmsr: 0x40000020
data 0x400
*** Guest State ***
CR0: actual=0x0000000080000021, shadow=0x00000000e0000021,
gh_mask=fffffffffffffff7
CR4: actual=0x0000000000002040, shadow=0x0000000000000000,
gh_mask=ffffffffffffe871
CR3 = 0x0000000000000000
RSP = 0x0000000000000f80 RIP = 0x0000000000000000
RFLAGS=0x00000002 DR7 = 0x0000000000000400
Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
SS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
GDTR: limit=0x00000000, base=0x0000000000000000
LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
IDTR: limit=0x00000000, base=0x0000000000000000
TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
EFER = 0x0000000000000000 PAT = 0x0007040600070406
DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000
BndCfgS = 0x0000000000000000
Interruptibility = 00000000 ActivityState = 00000000
*** Host State ***
RIP = 0xffffffff811b8fd7 RSP = 0xffff88003c6874c8
CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
FSBase=00007fba8c2c8700 GSBase=ffff88006df00000 TRBase=ffff88006df23100
GDTBase=ffffffffff574000 IDTBase=ffffffffff57b000
CR0=0000000080050033 CR3=00000000391b5000 CR4=00000000000026e0
Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff84da5a70
EFER = 0x0000000000000d01 PAT = 0x0007040600070406
*** Control State ***
PinBased=0000003f CPUBased=b6986dfa SecondaryExec=000000e2
EntryControls=0001d1ff ExitControls=00afefff
ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
reason=80000021 qualification=0000000000000000
IDTVectoring: info=00000000 errcode=00000000
TSC Offset = 0xffffffdd11922b9a
EPT pointer = 0x000000006a7bf01e
Virtual processor ID = 0x0083
QAT: Invalid ioctl
*** Guest State ***
CR0: actual=0x0000000080000021, shadow=0x00000000e0000021,
gh_mask=fffffffffffffff7
CR4: actual=0x0000000000002060, shadow=0x0000000000000020,
gh_mask=ffffffffffffe871
CR3 = 0x0000000000000000
QAT: Invalid ioctl
PDPTR0 = 0x0000000000000000 PDPTR1 = 0x0000000000000000
PDPTR2 = 0x0000000000000000 PDPTR3 = 0x0000000000000000
RSP = 0x0000000000000f80 RIP = 0x0000000000000000
RFLAGS=0x00000002 DR7 = 0x0000000000000400
Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810
CS: sel=0x0030, attr=0x0409b, limit=0x000fffff, base=0x0000000000000000
DS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
SS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
ES: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
*** Guest State ***
CR0: actual=0x0000000080000021, shadow=0x00000000e0000021,
gh_mask=fffffffffffffff7
CR4: actual=0x0000000000002040, shadow=0x0000000000000000,
gh_mask=ffffffffffffe871
CR3 = 0x0000000000000000
RSP = 0x0000000000000f80 RIP = 0x0000000000000000
RFLAGS=0x00000002 DR7 = 0x0000000000000400
Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
SS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
GDTR: limit=0x00000000, base=0x0000000000000000
LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
IDTR: limit=0x00000000, base=0x0000000000000000
TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
EFER = 0x0000000000000000 PAT = 0x0007040600070406
DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000
BndCfgS = 0x0000000000000000
Interruptibility = 00000000 ActivityState = 00000000
*** Host State ***
RIP = 0xffffffff811b8fd7 RSP = 0xffff88003d3ef4c8
CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
FSBase=00007fba8c2a6700 GSBase=ffff88006df00000 TRBase=ffff88006df23100
GDTBase=ffffffffff574000 IDTBase=ffffffffff57b000
CR0=0000000080050033 CR3=00000000391b5000 CR4=00000000000026e0
Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff84da5a70
EFER = 0x0000000000000d01 PAT = 0x0007040600070406
*** Control State ***
PinBased=0000003f CPUBased=b6986dfa SecondaryExec=000000e2
EntryControls=0001d1ff ExitControls=00afefff
ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
reason=80000021 qualification=0000000000000000
IDTVectoring: info=00000000 errcode=00000000
TSC Offset = 0xffffffdd00774410
EPT pointer = 0x00000000698ec01e
Virtual processor ID = 0x00de
*** Guest State ***
CR0: actual=0x0000000080000021, shadow=0x00000000e0000021,
gh_mask=fffffffffffffff7
CR4: actual=0x0000000000002060, shadow=0x0000000000000020,
gh_mask=ffffffffffffe871
CR3 = 0x0000000000000000
PDPTR0 = 0x0000000000000000 PDPTR1 = 0x0000000000000000
PDPTR2 = 0x0000000000000000 PDPTR3 = 0x0000000000000000
RSP = 0x0000000000000f80 RIP = 0x0000000000000000
RFLAGS=0x00000002 DR7 = 0x0000000000000400
Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810
CS: sel=0x0030, attr=0x0409b, limit=0x000fffff, base=0x0000000000000000
DS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
SS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
ES: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000
GDTR: limit=0x000007ff, base=0x0000000000001000
LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800
IDTR: limit=0x000001ff, base=0x0000000000003800
TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
EFER = 0x0000000000000001 PAT = 0x0007040600070406
DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000
BndCfgS = 0x0000000000000000
Interruptibility = 00000000 ActivityState = 00000000
*** Host State ***
RIP = 0xffffffff811b8fd7 RSP = 0xffff88003b5df4c8
CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
FSBase=00007fba8c285700 GSBase=ffff88003ec00000 TRBase=ffff88003ec23100
GDTBase=ffffffffff577000 IDTBase=ffffffffff57b000
CR0=0000000080050033 CR3=00000000391b5000 CR4=00000000000026f0
Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff84da5a70
EFER = 0x0000000000000d01 PAT = 0x0007040600070406
*** Control State ***
PinBased=0000003f CPUBased=b6986dfa SecondaryExec=000000e2
EntryControls=0001d1ff ExitControls=00afefff
ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
reason=80000021 qualification=0000000000000000
IDTVectoring: info=00000000 errcode=00000000
TSC Offset = 0xffffffdd00774410
EPT pointer = 0x00000000698ec01e
Virtual processor ID = 0x00de
dccp_v4_rcv: dropped packet with invalid checksum
dccp_v4_rcv: dropped packet with invalid checksum
audit: type=1326 audit(1503818049.695:1293): auid=4294967295 uid=0 gid=0
ses=4294967295 subj=kernel pid=9472 comm="syz-executor7"
exe="/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x446749
code=0x0
GDTR: limit=0x000007ff, base=0x0000000000001000
LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800
IDTR: limit=0x000001ff, base=0x0000000000003800
TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
EFER = 0x0000000000000001 PAT = 0x0007040600070406
DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000
BndCfgS = 0x0000000000000000
Interruptibility = 00000000 ActivityState = 00000000
*** Host State ***
RIP = 0xffffffff811b8fd7 RSP = 0xffff8800388df4c8
CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
FSBase=00007fba8c2e9700 GSBase=ffff88006de00000 TRBase=ffff88006de23100
GDTBase=ffffffffff575000 IDTBase=ffffffffff57b000
CR0=0000000080050033 CR3=00000000391b5000 CR4=00000000000026e0
Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff84da5a70
EFER = 0x0000000000000d01 PAT = 0x0007040600070406
*** Control State ***
PinBased=0000003f CPUBased=b6986dfa SecondaryExec=000000e2
EntryControls=0001d1ff ExitControls=00afefff
ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
reason=80000021 qualification=0000000000000000
IDTVectoring: info=00000000 errcode=00000000
TSC Offset = 0xffffffdd11922b9a
EPT pointer = 0x000000006a7bf01e
Virtual processor ID = 0x0083
audit: type=1326 audit(1503818049.761:1294): auid=4294967295 uid=0 gid=0
ses=4294967295 subj=kernel pid=9472 comm="syz-executor7"
exe="/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x446749
code=0x0
audit: type=1326 audit(1503818049.780:1295): auid=4294967295 uid=0 gid=0
ses=4294967295 subj=kernel pid=9495 comm="syz-executor3"
exe="/syz-executor3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x446749
code=0xffff0000
audit: type=1326 audit(1503818049.825:1296): auid=4294967295 uid=0 gid=0
ses=4294967295 subj=kernel pid=9495 comm="syz-executor3"
exe="/syz-executor3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x446749
code=0xffff0000
kvm [9527]: vcpu0, guest rIP: 0x910f Hyper-V uhandled wrmsr: 0x4000008f
data 0x4000f1
kvm [9527]: vcpu0, guest rIP: 0x910f Hyper-V uhandled wrmsr: 0x4000008e
data 0x4000f2
kvm [9527]: vcpu0, guest rIP: 0x910f Hyper-V uhandled wrmsr: 0x4000008d
data 0x4000f3
kvm [9527]: vcpu0, guest rIP: 0x910f Hyper-V uhandled wrmsr: 0x4000008c
data 0x4000f4
kvm [9527]: vcpu0, guest rIP: 0x910f Hyper-V uhandled wrmsr: 0x4000008b
data 0x4000f5
kvm [9527]: vcpu0, guest rIP: 0x910f Hyper-V uhandled wrmsr: 0x4000008a
data 0x4000f6
kvm [9527]: vcpu0, guest rIP: 0x910f Hyper-V uhandled wrmsr: 0x40000089
data 0x4000f7
kvm [9527]: vcpu0, guest rIP: 0x910f Hyper-V uhandled wrmsr: 0x40000088
data 0x4000f8
kvm [9527]: vcpu0, guest rIP: 0x910f Hyper-V uhandled wrmsr: 0x40000087
data 0x4000f9
kvm [9527]: vcpu0, guest rIP: 0x910f Hyper-V uhandled wrmsr: 0x40000086
data 0x4000fa
audit: type=1326 audit(1503818049.893:1297): auid=4294967295 uid=0 gid=0
ses=4294967295 subj=kernel pid=9495 comm="syz-executor3"
exe="/syz-executor3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x446749
code=0xffff0000
*** Guest State ***
CR0: actual=0x0000000000000030, shadow=0x0000000060000010,
gh_mask=fffffffffffffff7
CR4: actual=0x0000000000002050, shadow=0x0000000000000000,
gh_mask=ffffffffffffe871
CR3 = 0x00000000fffbc000
RSP = 0x0000000000000000 RIP = 0x000000000000fff0
RFLAGS=0x00000000 DR7 = 0x0000000000000400
Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
GDTR: limit=0x0000ffff, base=0x0000000000000000
LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
IDTR: limit=0x0000ffff, base=0x0000000000000000
TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
EFER = 0x0000000000000000 PAT = 0x0007040600070406
DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000
BndCfgS = 0x0000000000000000
Interruptibility = 00000000 ActivityState = 00000000
*** Host State ***
RIP = 0xffffffff811b8fd7 RSP = 0xffff880054b7f4c8
CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
FSBase=00007f395fcc6700 GSBase=ffff88003ed00000 TRBase=ffff88003ed23100
GDTBase=ffffffffff576000 IDTBase=ffffffffff57b000
CR0=0000000080050033 CR3=000000003c902000 CR4=00000000000026e0
Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff84da5a70
EFER = 0x0000000000000d01 PAT = 0x0007040600070406
*** Control State ***
PinBased=0000003f CPUBased=b6a1edfa SecondaryExec=000000e3
EntryControls=0001d1ff ExitControls=00afefff
ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
VMEntry: intr_info=80000301 errcode=00000000 ilen=00000000
VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
reason=80000021 qualification=0000000000000000
IDTVectoring: info=00000000 errcode=00000000
TSC Offset = 0xffffffdcb773e282
TPR Threshold = 0x00
EPT pointer = 0x000000003e3aa01e
Virtual processor ID = 0x00e7
device lo entered promiscuous mode
device lo left promiscuous mode
IPv6: Can't replace route, no match found
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
device syz1 entered promiscuous mode
device syz1 left promiscuous mode
device syz1 entered promiscuous mode
cgroup: cgroup2: unknown option ""
tmpfs: No value for mount option '�ɿ'
cgroup: cgroup2: unknown option ""
sctp: [Deprecated]: syz-executor3 (pid 10222) Use of int in max_burst
socket option.
Use struct sctp_assoc_value instead
sctp: [Deprecated]: syz-executor3 (pid 10222) Use of int in max_burst
socket option.
Use struct sctp_assoc_value instead
skbuff: bad partial csum: csum=65285/255 len=14
IPv6: NLM_F_REPLACE set, but no existing node found!
sock: sock_set_timeout: `syz-executor5' (pid 10314) tries to set negative
timeout
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=47729
sclass=netlink_route_socket pig=10344 comm=syz-executor3
sock: sock_set_timeout: `syz-executor5' (pid 10359) tries to set negative
timeout
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=47729
sclass=netlink_route_socket pig=10351 comm=syz-executor3
sctp: [Deprecated]: syz-executor0 (pid 10326) Use of struct
sctp_assoc_value in delayed_ack socket option.
Use struct sctp_sack_info instead
device lo entered promiscuous mode
?: renamed from sit0
PF_BRIDGE: br_mdb_parse() with unknown ifindex
PF_BRIDGE: br_mdb_parse() with unknown ifindex
loop_reread_partitions: partition scan of loop0
(- \� t�@�� r�9h �x G�Q:[��i�l �
�L�*� �@� ���R�-�T�r-�x�� ) failed (rc=-13)
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
QAT: Invalid ioctl
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0
sclass=netlink_route_socket pig=10757 comm=syz-executor0
nla_parse: 40 callbacks suppressed
netlink: 3 bytes leftover after parsing attributes in process
`syz-executor2'.
netlink: 3 bytes leftover after parsing attributes in process
`syz-executor2'.
netlink: 3 bytes leftover after parsing attributes in process
`syz-executor2'.
netlink: 3 bytes leftover after parsing attributes in process
`syz-executor2'.
netlink: 4 bytes leftover after parsing attributes in process
`syz-executor1'.
netlink: 4 bytes leftover after parsing attributes in process
`syz-executor1'.
---
This bug is generated by a dumb bot. It may contain errors.
See https://goo.gl/tpsmEJ for details.
Direct all questions to syzk...@googlegroups.com.
syzbot will keep track of this bug report.
Once a fix for this bug is committed, please reply to this email with:
#syz fix: exact-commit-title
To mark this as a duplicate of another syzbot report, please reply with:
#syz dup: exact-subject-of-another-report
If it's a one-off invalid bug report, please reply with:
#syz invalid
Note: if the crash happens again, it will cause creation of a new bug
report.
To upstream this report, please reply with:
#syz upstream
Dmitry Vyukov
Oct 27, 2017, 4:06:20 AM10/27/17
to syzbot, 'Dmitry Vyukov' via syzkaller-upstream-moderation
Happened few times, last time on Aug 28, long deadlock chain. Let's
close this for now.
#syz invalid
On Fri, Oct 27, 2017 at 9:24 AM, syzbot
<bot+cb2320b0d9912570d9...@syzkaller.appspotmail.com>
wrote:
> --
> You received this message because you are subscribed to the Google Groups
> "syzkaller-upstream-moderation" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to syzkaller-upstream-m...@googlegroups.com.
> To post to this group, send email to
> syzkaller-upst...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/syzkaller-upstream-moderation/001a11440f6654de8e055c822cef%40google.com.
> For more options, visit https://groups.google.com/d/optout.
close this for now.
#syz invalid
On Fri, Oct 27, 2017 at 9:24 AM, syzbot
<bot+cb2320b0d9912570d9...@syzkaller.appspotmail.com>
wrote:
> You received this message because you are subscribed to the Google Groups
> "syzkaller-upstream-moderation" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to syzkaller-upstream-m...@googlegroups.com.
> To post to this group, send email to
> syzkaller-upst...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/syzkaller-upstream-moderation/001a11440f6654de8e055c822cef%40google.com.
> For more options, visit https://groups.google.com/d/optout.
Reply all
Reply to author
Forward
0 new messages