upstream test error: general protection fault in vhost_dev

Oops: general protection fault, probably for non-canonical address 0xa0dd60750014e8: 0000 [#1] SMP PTI
CPU: 0 UID: 0 PID: 5892 Comm: syz.4.65 Not tainted 6.16.0-syzkaller-11752-g7881cd6886a8 #0 PREEMPT(none) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
RIP: 0010:_compound_head include/linux/page-flags.h:284 [inline]
RIP: 0010:virt_to_folio include/linux/mm.h:1182 [inline]
RIP: 0010:kfree+0xf2/0xec0 mm/slub.c:4871
Code: ef 0c 48 3d 00 10 00 00 41 0f 42 f6 89 75 d0 4f 8d 3c bf 49 c1 e7 04 48 09 4d b0 48 8b 45 80 4a 8d 7c 38 08 0f 85 70 05 00 00 <4c> 8b 27 e8 06 61 14 00 4c 8b 28 44 8b 32 44 89 e8 83 e0 01 44 89
RSP: 0018:ffff88811b6c7a28 EFLAGS: 00010246
RAX: ffffea0000000000 RBX: 0000000000000000 RCX: 0000000000000000
RDX: ffff88821ff13408 RSI: 0000000000000000 RDI: 00a0dd60750014e8
RBP: ffff88811b6c7ad0 R08: ffffea000000000f R09: 0000000000000000
R10: ffff888117972c20 R11: 0000000000000000 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000000 R15: 00a0f360750014e0
FS:  0000000000000000(0000) GS:ffff8881aa69a000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00005555690674a8 CR3: 0000000130550000 CR4: 00000000003526f0
Call Trace:
 <TASK>
 vhost_vq_free_iovecs drivers/vhost/vhost.c:505 [inline]
 vhost_dev_free_iovecs drivers/vhost/vhost.c:542 [inline]
 vhost_dev_cleanup+0x74d/0xf20 drivers/vhost/vhost.c:1214
 vhost_vsock_dev_release+0x789/0x850 drivers/vhost/vsock.c:755
 __fput+0x60b/0x1040 fs/file_table.c:468
 ____fput+0x25/0x30 fs/file_table.c:496
 task_work_run+0x209/0x2b0 kernel/task_work.c:227
 exit_task_work include/linux/task_work.h:40 [inline]
 do_exit+0x99d/0x3d50 kernel/exit.c:961
 do_group_exit+0x259/0x390 kernel/exit.c:1102
 __do_sys_exit_group kernel/exit.c:1113 [inline]
 __se_sys_exit_group kernel/exit.c:1111 [inline]
 __x64_sys_exit_group+0x35/0x40 kernel/exit.c:1111
 x64_sys_call+0x3e1a/0x3e20 arch/x86/include/generated/asm/syscalls_64.h:232
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd9/0x210 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f519bf8eb69
Code: Unable to access opcode bytes at 0x7f519bf8eb3f.
RSP: 002b:00007ffcf97cb7d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f519bf8eb69
RDX: ffffffffffffffff RSI: ffffffffffffffff RDI: 0000000000000000
RBP: 00007ffcf97cb83c R08: 0000000000000001 R09: 00000000000927c0
R10: 00007f519be00000 R11: 0000000000000246 R12: 000000000000000b
R13: 00000000000927c0 R14: 000000000002bebd R15: 00007ffcf97cb890
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:_compound_head include/linux/page-flags.h:284 [inline]
RIP: 0010:virt_to_folio include/linux/mm.h:1182 [inline]
RIP: 0010:kfree+0xf2/0xec0 mm/slub.c:4871
Code: ef 0c 48 3d 00 10 00 00 41 0f 42 f6 89 75 d0 4f 8d 3c bf 49 c1 e7 04 48 09 4d b0 48 8b 45 80 4a 8d 7c 38 08 0f 85 70 05 00 00 <4c> 8b 27 e8 06 61 14 00 4c 8b 28 44 8b 32 44 89 e8 83 e0 01 44 89
RSP: 0018:ffff88811b6c7a28 EFLAGS: 00010246
RAX: ffffea0000000000 RBX: 0000000000000000 RCX: 0000000000000000
RDX: ffff88821ff13408 RSI: 0000000000000000 RDI: 00a0dd60750014e8
RBP: ffff88811b6c7ad0 R08: ffffea000000000f R09: 0000000000000000
R10: ffff888117972c20 R11: 0000000000000000 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000000 R15: 00a0f360750014e0
FS:  0000000000000000(0000) GS:ffff8881aa69a000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00005555690674a8 CR3: 0000000130550000 CR4: 00000000003526f0
----------------
Code disassembly (best guess):
   0:	ef                   	out    %eax,(%dx)
   1:	0c 48                	or     $0x48,%al
   3:	3d 00 10 00 00       	cmp    $0x1000,%eax
   8:	41 0f 42 f6          	cmovb  %r14d,%esi
   c:	89 75 d0             	mov    %esi,-0x30(%rbp)
   f:	4f 8d 3c bf          	lea    (%r15,%r15,4),%r15
  13:	49 c1 e7 04          	shl    $0x4,%r15
  17:	48 09 4d b0          	or     %rcx,-0x50(%rbp)
  1b:	48 8b 45 80          	mov    -0x80(%rbp),%rax
  1f:	4a 8d 7c 38 08       	lea    0x8(%rax,%r15,1),%rdi
  24:	0f 85 70 05 00 00    	jne    0x59a
* 2a:	4c 8b 27             	mov    (%rdi),%r12 <-- trapping instruction
  2d:	e8 06 61 14 00       	call   0x146138
  32:	4c 8b 28             	mov    (%rax),%r13
  35:	44 8b 32             	mov    (%rdx),%r14d
  38:	44 89 e8             	mov    %r13d,%eax
  3b:	83 e0 01             	and    $0x1,%eax
  3e:	44                   	rex.R
  3f:	89                   	.byte 0x89

Crashes (19):
Time	Kernel	Commit	Syzkaller	Config	Log	Report	Assets (help?)	Manager	Title
2025/08/06 04:55	upstream	7881cd6886a8	904e669c	.config	console log	report	[disk image] [vmlinux] [kernel image]	ci-upstream-kmsan-gce-root	upstream test error: general protection fault in vhost_dev_cleanup
2025/08/05 13:25	upstream	7e161a991ea7	904e669c	.config	console log	report	[disk image] [vmlinux] [kernel image]	ci-upstream-kmsan-gce-root	upstream test error: general protection fault in vhost_dev_cleanup
2025/08/05 08:40	upstream	7e161a991ea7	abdcb213	.config	console log	report	[disk image] [vmlinux] [kernel image]	ci-upstream-kmsan-gce-root	upstream test error: general protection fault in vhost_dev_cleanup
2025/08/04 13:12	upstream	d2eedaa3909b	7368264b	.config	console log	report	[disk image] [vmlinux] [kernel image]	ci-upstream-kmsan-gce-root	upstream test error: general protection fault in vhost_dev_cleanup
2025/08/02 21:10	upstream	186f3edfdd41	7368264b	.config	console log	report	[disk image] [vmlinux] [kernel image]	ci-upstream-kmsan-gce-root	upstream test error: general protection fault in vhost_dev_cleanup
2025/08/02 17:47	upstream	eacf91b0c78a	7368264b	.config	console log	report	[disk image] [vmlinux] [kernel image]	ci-upstream-kmsan-gce-root	upstream test error: general protection fault in vhost_dev_cleanup
2025/08/02 07:12	upstream	a6923c06a3b2	7368264b	.config	console log	report	[disk image] [vmlinux] [kernel image]	ci-upstream-kmsan-gce-root	upstream test error: general protection fault in vhost_dev_cleanup
2025/08/08 00:50	upstream	6e64f4580381	6a893178	.config	console log	report	[disk image] [vmlinux] [kernel image]	ci-upstream-kmsan-gce-386-root	upstream test error: general protection fault in vhost_dev_cleanup
2025/08/07 12:00	upstream	6e64f4580381	04cffc22	.config	console log	report	[disk image] [vmlinux] [kernel image]	ci-upstream-kmsan-gce-386-root	upstream test error: general protection fault in vhost_dev_cleanup
2025/08/07 05:24	upstream	6e64f4580381	4bd24a3e	.config	console log	report	[disk image] [vmlinux] [kernel image]	ci-upstream-kmsan-gce-386-root	upstream test error: general protection fault in vhost_dev_cleanup
2025/08/06 12:29	upstream	479058002c32	4bd24a3e	.config	console log	report	[disk image] [vmlinux] [kernel image]	ci-upstream-kmsan-gce-386-root	upstream test error: general protection fault in vhost_dev_cleanup
2025/08/06 07:14	upstream	479058002c32	904e669c	.config	console log	report	[disk image] [vmlinux] [kernel image]	ci-upstream-kmsan-gce-386-root	upstream test error: general protection fault in vhost_dev_cleanup
2025/08/06 03:42	upstream	7881cd6886a8	904e669c	.config	console log	report	[disk image] [vmlinux] [kernel image]	ci-upstream-kmsan-gce-386-root	upstream test error: general protection fault in vhost_dev_cleanup
2025/08/05 16:42	upstream	6bcdbd62bd56	904e669c	.config	console log	report	[disk image] [vmlinux] [kernel image]	ci-upstream-kmsan-gce-386-root	upstream test error: general protection fault in vhost_dev_cleanup
2025/08/05 15:33	upstream	5998f2bca43e	904e669c	.config	console log	report	[disk image] [vmlinux] [kernel image]	ci-upstream-kmsan-gce-386-root	upstream test error: general protection fault in vhost_dev_cleanup
2025/08/05 12:47	upstream	7e161a991ea7	904e669c	.config	console log	report	[disk image] [vmlinux] [kernel image]	ci-upstream-kmsan-gce-386-root	upstream test error: general protection fault in vhost_dev_cleanup
2025/08/05 06:22	upstream	7e161a991ea7	abdcb213	.config	console log	report	[disk image] [vmlinux] [kernel image]	ci-upstream-kmsan-gce-386-root	upstream test error: general protection fault in vhost_dev_cleanup
2025/08/04 00:36	upstream	3c4a063b1f8a	7368264b	.config	console log	report	[disk image] [vmlinux] [kernel image]	ci-upstream-kmsan-gce-386-root	upstream test error: general protection fault in vhost_dev_cleanup
2025/08/02 04:27	upstream	a6923c06a3b2	40127d41	.config	console log	report	[disk image] [vmlinux] [kernel image]	ci-upstream-kmsan-gce-386-root	upstream test error: general protection fault in vhost_dev_cleanup

Crashes (19):

Time

Assets (help?)

2025/08/06 04:55

upstream

[disk image] [vmlinux] [kernel image]

ci-upstream-kmsan-gce-root

upstream test error: general protection fault in vhost_dev_cleanup

2025/08/05 13:25

upstream

[disk image] [vmlinux] [kernel image]

ci-upstream-kmsan-gce-root

upstream test error: general protection fault in vhost_dev_cleanup

2025/08/05 08:40

upstream

[disk image] [vmlinux] [kernel image]

ci-upstream-kmsan-gce-root

upstream test error: general protection fault in vhost_dev_cleanup

2025/08/04 13:12

upstream

[disk image] [vmlinux] [kernel image]

ci-upstream-kmsan-gce-root

upstream test error: general protection fault in vhost_dev_cleanup

2025/08/02 21:10

upstream

[disk image] [vmlinux] [kernel image]

ci-upstream-kmsan-gce-root

upstream test error: general protection fault in vhost_dev_cleanup

2025/08/02 17:47

upstream

[disk image] [vmlinux] [kernel image]

ci-upstream-kmsan-gce-root

upstream test error: general protection fault in vhost_dev_cleanup

2025/08/02 07:12

upstream

[disk image] [vmlinux] [kernel image]

ci-upstream-kmsan-gce-root

upstream test error: general protection fault in vhost_dev_cleanup

2025/08/08 00:50

upstream

[disk image] [vmlinux] [kernel image]

ci-upstream-kmsan-gce-386-root

upstream test error: general protection fault in vhost_dev_cleanup

2025/08/07 12:00

upstream

[disk image] [vmlinux] [kernel image]

ci-upstream-kmsan-gce-386-root

upstream test error: general protection fault in vhost_dev_cleanup

2025/08/07 05:24

upstream

[disk image] [vmlinux] [kernel image]

ci-upstream-kmsan-gce-386-root

upstream test error: general protection fault in vhost_dev_cleanup

2025/08/06 12:29

upstream

[disk image] [vmlinux] [kernel image]

ci-upstream-kmsan-gce-386-root

upstream test error: general protection fault in vhost_dev_cleanup

2025/08/06 07:14

upstream

[disk image] [vmlinux] [kernel image]

ci-upstream-kmsan-gce-386-root

upstream test error: general protection fault in vhost_dev_cleanup

2025/08/06 03:42

upstream

[disk image] [vmlinux] [kernel image]

ci-upstream-kmsan-gce-386-root

upstream test error: general protection fault in vhost_dev_cleanup

2025/08/05 16:42

upstream

[disk image] [vmlinux] [kernel image]

ci-upstream-kmsan-gce-386-root

upstream test error: general protection fault in vhost_dev_cleanup

2025/08/05 15:33

upstream

[disk image] [vmlinux] [kernel image]

ci-upstream-kmsan-gce-386-root

upstream test error: general protection fault in vhost_dev_cleanup

2025/08/05 12:47

upstream

[disk image] [vmlinux] [kernel image]

ci-upstream-kmsan-gce-386-root

upstream test error: general protection fault in vhost_dev_cleanup

2025/08/05 06:22

upstream

[disk image] [vmlinux] [kernel image]

ci-upstream-kmsan-gce-386-root

upstream test error: general protection fault in vhost_dev_cleanup

2025/08/04 00:36

upstream

[disk image] [vmlinux] [kernel image]

ci-upstream-kmsan-gce-386-root

upstream test error: general protection fault in vhost_dev_cleanup

2025/08/02 04:27

upstream

[disk image] [vmlinux] [kernel image]

ci-upstream-kmsan-gce-386-root

upstream test error: general protection fault in vhost_dev_cleanup