INIT: Entering runlevel: 2
[[36minfo[39;49m] Using makefile-style concurrent boot in runlevel 2.
[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added 'ci-upstream-next-kasan-gce-7,10.128.15.224' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [   26.396111] kvm: KVM_SET_TSS_ADDR need to be called before entering vcpu
[   26.398345] usercopy: kernel memory overwrite attempt detected to ffff8801c0f91bd4 (kvm_vcpu) (80 bytes)
[   26.399691] ------------[ cut here ]------------
[   26.400345] kernel BUG at mm/usercopy.c:84!
[   26.400922] invalid opcode: 0000 [#1] SMP KASAN
[   26.401543] Dumping ftrace buffer:
[   26.402016]    (ftrace buffer empty)
[   26.402512] Modules linked in:
[   26.402946] CPU: 0 PID: 2989 Comm: syzkaller546738 Not tainted 4.14.0-rc5-next-20171018+ #36
[   26.404082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   26.405326] task: ffff8801d1cd2740 task.stack: ffff8801d2140000
[   26.406131] RIP: 0010:__check_object_size+0x3a2/0x4f0
[   26.406815] RSP: 0018:ffff8801d2147148 EFLAGS: 00010286
[   26.407526] RAX: 000000000000005c RBX: ffffffff8511a0e0 RCX: 0000000000000000
[   26.408487] RDX: 000000000000005c RSI: 1ffff1003a428de9 RDI: ffffed003a428e1d
[   26.409437] RBP: ffff8801d2147238 R08: 0000000000000001 R09: 0000000000000000
[   26.410389] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff8511a0a0
[   26.411338] R13: ffff8801c0f91bd4 R14: 0000000000000050 R15: ffffea000703e400
[   26.412307] FS:  000000000147b880(0000) GS:ffff8801db200000(0000) knlGS:0000000000000000
[   26.413383] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   26.414157] CR2: 0000000020ccbfe3 CR3: 00000001d2ad7000 CR4: 00000000001426f0
[   26.415145] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   26.416095] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   26.422605] Call Trace:
[   26.425160]  ? lock_release+0xa40/0xa40
[   26.429101]  ? check_stack_object+0x140/0x140
[   26.433568]  ? __might_sleep+0x95/0x190
[   26.437512]  kvm_vcpu_ioctl_set_cpuid2+0x75/0x1a0
[   26.442324]  kvm_arch_vcpu_ioctl+0x1718/0x4710
[   26.446871]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   26.451854]  ? kvm_arch_vcpu_put+0x3e0/0x3e0
[   26.456229]  ? get_kernel_page+0x110/0x110
[   26.460430]  ? __lru_cache_add+0x2a4/0x410
[   26.464634]  ? __pagevec_lru_add+0x30/0x30
[   26.468836]  ? save_stack+0xa3/0xd0
[   26.472429]  ? save_stack+0x43/0xd0
[   26.476030]  ? kasan_kmalloc+0xad/0xe0
[   26.479882]  ? print_irqtrace_events+0x270/0x270
[   26.484603]  ? __handle_mm_fault+0x1827/0x39c0
[   26.489153]  ? check_noncircular+0x20/0x20
[   26.493352]  ? lru_cache_add+0x1c7/0x3a0
[   26.497377]  ? get_mem_cgroup_from_mm+0x710/0x710
[   26.502183]  ? lru_cache_add_file+0x20/0x20
[   26.506469]  ? lock_acquire+0x1d5/0x580
[   26.510408]  ? lock_acquire+0x1d5/0x580
[   26.514348]  ? vcpu_load+0x1c/0x70
[   26.517857]  ? lock_release+0xa40/0xa40
[   26.521797]  ? trace_event_raw_event_sched_switch+0x8a0/0x8a0
[   26.527645]  ? find_held_lock+0x35/0x1d0
[   26.531672]  ? rcu_note_context_switch+0x710/0x710
[   26.536654]  ? __might_sleep+0x95/0x190
[   26.540591]  ? vcpu_load+0x1c/0x70
[   26.544098]  ? __mutex_lock+0x16f/0x19d0
[   26.548127]  ? vcpu_load+0x1c/0x70
[   26.551636]  ? do_raw_spin_trylock+0x190/0x190
[   26.556184]  ? trace_event_raw_event_sched_switch+0x840/0x8a0
[   26.562031]  ? vcpu_load+0x1c/0x70
[   26.565541]  ? mutex_lock_io_nested+0x1880/0x1880
[   26.570351]  ? _raw_spin_unlock+0x22/0x30
[   26.574464]  ? do_huge_pmd_anonymous_page+0xb21/0x1b00
[   26.579707]  ? __thp_get_unmapped_area+0x130/0x130
[   26.584602]  ? vmx_vcpu_load+0x9c6/0xdd0
[   26.588631]  ? handle_invept+0x5f0/0x5f0
[   26.592659]  ? trace_hardirqs_on+0xd/0x10
[   26.596770]  ? queue_delayed_work_on+0x10d/0x1d0
[   26.601495]  ? refcount_add+0x60/0x60
[   26.605263]  ? kvm_arch_vcpu_create+0x1a0/0x1a0
[   26.609900]  ? kvm_vm_ioctl+0x220/0x1c40
[   26.613923]  ? kfree+0xe4/0x250
[   26.617171]  ? kvm_arch_vcpu_load+0x1c1/0x890
[   26.621633]  ? kvm_arch_vcpu_load+0x4b1/0x890
[   26.626095]  ? kvm_arch_dev_ioctl+0x3b0/0x3b0
[   26.630555]  ? __hrtick_start+0x1d0/0x1d0
[   26.634676]  ? vcpu_load+0x4b/0x70
[   26.638186]  kvm_vcpu_ioctl+0x240/0x1010
[   26.642214]  ? __kvm_gfn_to_hva_cache_init+0xbb0/0xbb0
[   26.647461]  ? find_held_lock+0x35/0x1d0
[   26.651491]  ? handle_mm_fault+0x248/0x8d0
[   26.655692]  ? find_held_lock+0x35/0x1d0
[   26.659729]  ? __do_page_fault+0x64c/0xd60
[   26.663926]  ? lock_downgrade+0x990/0x990
[   26.668042]  ? handle_mm_fault+0x410/0x8d0
[   26.672238]  ? down_read_trylock+0xdb/0x170
[   26.676525]  ? __do_page_fault+0x31e/0xd60
[   26.680735]  ? __handle_mm_fault+0x39c0/0x39c0
[   26.685285]  ? vmacache_find+0x5f/0x280
[   26.689231]  ? up_read+0x1a/0x40
[   26.692562]  ? __do_page_fault+0x3d6/0xd60
[   26.696766]  ? __kvm_gfn_to_hva_cache_init+0xbb0/0xbb0
[   26.702008]  do_vfs_ioctl+0x1b1/0x1520
[   26.705860]  ? _cond_resched+0x14/0x30
[   26.709712]  ? ioctl_preallocate+0x2b0/0x2b0
[   26.714087]  ? selinux_capable+0x40/0x40
[   26.718112]  ? putname+0xf3/0x130
[   26.721539]  ? security_file_ioctl+0x89/0xb0
[   26.725913]  SyS_ioctl+0x8f/0xc0
[   26.729246]  entry_SYSCALL_64_fastpath+0x1f/0xbe
[   26.733964] RIP: 0033:0x43fdd9
[   26.737118] RSP: 002b:00007ffd03c51808 EFLAGS: 00000203 ORIG_RAX: 0000000000000010
[   26.744788] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 000000000043fdd9
[   26.752026] RDX: 0000000020ccbfe3 RSI: 000000004008ae90 RDI: 0000000000000005
[   26.759260] RBP: 0000000000000082 R08: 0000000000000000 R09: 0000000000000000
[   26.766493] R10: 0000000000000000 R11: 0000000000000203 R12: 0000000000401740
[   26.773726] R13: 00000000004017d0 R14: 0000000000000000 R15: 0000000000000000
[   26.780969] Code: 48 0f 44 da e8 70 f0 c3 ff 48 8b 85 28 ff ff ff 4d 89 f1 4c 89 e9 4c 89 e2 48 89 de 48 c7 c7 a0 a1 11 85 49 89 c0 e8 c3 fb ad ff <0f> 0b 48 c7 c0 60 9f 11 85 eb 96 48 c7 c0 a0 9f 11 85 eb 8d 48 
[   26.800039] RIP: __check_object_size+0x3a2/0x4f0 RSP: ffff8801d2147148
[   26.806726] ---[ end trace b75745d107b27daa ]---
[   26.811457] Kernel panic - not syncing: Fatal exception
[   26.816822] Dumping ftrace buffer:
[   26.820328]    (ftrace buffer empty)
[   26.824009] Kernel Offset: disabled
[   26.827602] Rebooting in 86400 seconds..