the code is fine but needs lockdep annotation. turning off the locking correctness validator. CPU: 3 PID: 3253 Comm: syz-executor5 Not tainted 4.14.0-rc7-next-20171103+ #10 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 register_lock_class+0x55e/0x2c70 kernel/locking/lockdep.c:781 __lock_acquire+0x203/0x4770 kernel/locking/lockdep.c:3387 lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:4004 __raw_spin_lock_bh include/linux/spinlock_api_smp.h:135 [inline] _raw_spin_lock_bh+0x31/0x40 kernel/locking/spinlock.c:174 spin_lock_bh include/linux/spinlock.h:320 [inline] tcp_fastopen_reset_cipher+0x194/0x580 net/ipv4/tcp_fastopen.c:98 do_tcp_setsockopt.isra.37+0x24d/0x21b0 net/ipv4/tcp.c:2589 tcp_setsockopt+0xb0/0xd0 net/ipv4/tcp.c:2879 sock_common_setsockopt+0x95/0xd0 net/core/sock.c:2965 SYSC_setsockopt net/socket.c:1851 [inline] SyS_setsockopt+0x189/0x360 net/socket.c:1830 entry_SYSCALL_64_fastpath+0x1f/0xbe RIP: 0033:0x447c89 RSP: 002b:00007f00c3855bd8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 RAX: ffffffffffffffda RBX: 00007f00c38566cc RCX: 0000000000447c89 RDX: 0000000000000021 RSI: 0000000000000006 RDI: 0000000000000018 RBP: 0000000000000086 R08: 0000000000000010 R09: 0000000000000000 R10: 0000000020f2b000 R11: 0000000000000246 R12: 00000000ffffffff R13: 0000000000008328 R14: 00000000006ec3c8 R15: 00007f00c3856700 netlink: 3 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor7'. raw_sendmsg: syz-executor7 forgot to set AF_INET. Fix it! capability: warning: `syz-executor6' uses deprecated v2 capabilities in a way that may be insecure QAT: Invalid ioctl QAT: Invalid ioctl capability: warning: `syz-executor1' uses 32-bit capabilities (legacy support in use) *** Guest State *** CR0: actual=0x62689cc002a97de7, shadow=0x62689cc022a97de7, gh_mask=fffffffffffffff7 CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 CR3 = 0x00000000fffbc000 RSP = 0x00000000000000a0 RIP = 0x0000000000000004 RFLAGS=0x0001fffe DR7 = 0x0000000000000408 Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 SS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000001000 ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 GDTR: limit=0x00003002, base=0x000000000001f000 LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 IDTR: limit=0x00004000, base=0x0000000000000004 TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 EFER = 0x0000000000000500 PAT = 0x0007040600070406 DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 BndCfgS = 0x0000000000000000 Interruptibility = 00000000 ActivityState = 00000000 *** Host State *** RIP = 0xffffffff811bc783 RSP = 0xffff8800377af4c8 CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 FSBase=00007fec347b3700 GSBase=ffff88003ed00000 TRBase=ffff88003ed23280 GDTBase=ffffffffff576000 IDTBase=ffffffffff57b000 CR0=0000000080050033 CR3=0000000067f96000 CR4=00000000000026e0 Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8508a200 EFER = 0x0000000000000d01 PAT = 0x0007040600070406 *** Control State *** PinBased=0000007f CPUBased=b6a1edfa SecondaryExec=000000e3 EntryControls=0001d1ff ExitControls=00afefff ExceptionBitmap=0006004a PFECmask=00000000 PFECmatch=00000000 VMEntry: intr_info=00000082 errcode=00000000 ilen=00000000 VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 reason=80000021 qualification=0000000000000000 IDTVectoring: info=00000000 errcode=00000000 TSC Offset = 0xffffffe53011659c TPR Threshold = 0x00 EPT pointer = 0x000000006724601e Virtual processor ID = 0x0001 audit: type=1326 audit(1510136351.087:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=3497 comm="syz-executor6" exe="/syz-executor6" sig=0 arch=c000003e syscall=202 compat=0 ip=0x447c89 code=0x7ffc0000 audit: type=1326 audit(1510136351.088:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=3497 comm="syz-executor6" exe="/syz-executor6" sig=0 arch=c000003e syscall=72 compat=0 ip=0x447c89 code=0x7ffc0000 audit: type=1326 audit(1510136351.088:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=3497 comm="syz-executor6" exe="/syz-executor6" sig=0 arch=c000003e syscall=202 compat=0 ip=0x447c89 code=0x7ffc0000 audit: type=1326 audit(1510136351.088:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=3497 comm="syz-executor6" exe="/syz-executor6" sig=0 arch=c000003e syscall=202 compat=0 ip=0x447c89 code=0x7ffc0000 audit: type=1326 audit(1510136351.089:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=3497 comm="syz-executor6" exe="/syz-executor6" sig=0 arch=c000003e syscall=16 compat=0 ip=0x447c89 code=0x7ffc0000 audit: type=1326 audit(1510136351.089:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=3497 comm="syz-executor6" exe="/syz-executor6" sig=0 arch=c000003e syscall=202 compat=0 ip=0x447c89 code=0x7ffc0000 audit: type=1326 audit(1510136351.089:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=3497 comm="syz-executor6" exe="/syz-executor6" sig=0 arch=c000003e syscall=202 compat=0 ip=0x447c89 code=0x7ffc0000 audit: type=1326 audit(1510136351.089:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=3497 comm="syz-executor6" exe="/syz-executor6" sig=0 arch=c000003e syscall=16 compat=0 ip=0x447c89 code=0x7ffc0000 audit: type=1326 audit(1510136351.089:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=3497 comm="syz-executor6" exe="/syz-executor6" sig=0 arch=c000003e syscall=202 compat=0 ip=0x447c89 code=0x7ffc0000 audit: type=1326 audit(1510136351.089:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=3497 comm="syz-executor6" exe="/syz-executor6" sig=0 arch=c000003e syscall=202 compat=0 ip=0x447c89 code=0x7ffc0000 *** Guest State *** CR0: actual=0x62689cc002a97de7, shadow=0x62689cc022a97de7, gh_mask=fffffffffffffff7 CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 CR3 = 0x00000000fffbc000 RSP = 0x00000000000000a0 RIP = 0x0000000000000004 RFLAGS=0x0001fffe DR7 = 0x0000000000000408 Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 SS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000001000 ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 GDTR: limit=0x00003002, base=0x000000000001f000 LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 IDTR: limit=0x00004000, base=0x0000000000000004 TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 EFER = 0x0000000000000500 PAT = 0x0007040600070406 DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 BndCfgS = 0x0000000000000000 Interruptibility = 00000000 ActivityState = 00000000 *** Host State *** RIP = 0xffffffff811bc783 RSP = 0xffff8800377af4c8 CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 FSBase=00007fec347b3700 GSBase=ffff88003ed00000 TRBase=ffff88003ed23280 GDTBase=ffffffffff576000 IDTBase=ffffffffff57b000 CR0=0000000080050033 CR3=0000000067f96000 CR4=00000000000026e0 Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8508a200 EFER = 0x0000000000000d01 PAT = 0x0007040600070406 *** Control State *** PinBased=0000007f CPUBased=b6a1edfa SecondaryExec=000000e3 EntryControls=0001d1ff ExitControls=00afefff ExceptionBitmap=0006004a PFECmask=00000000 PFECmatch=00000000 VMEntry: intr_info=00000082 errcode=00000000 ilen=00000000 VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 reason=80000021 qualification=0000000000000000 IDTVectoring: info=00000000 errcode=00000000 TSC Offset = 0xffffffe52272e63c TPR Threshold = 0x00 EPT pointer = 0x0000000066e8b01e Virtual processor ID = 0x0009 netlink: 1 bytes leftover after parsing attributes in process `syz-executor1'. netlink: 1 bytes leftover after parsing attributes in process `syz-executor1'. netlink: 6 bytes leftover after parsing attributes in process `syz-executor2'. hrtimer: interrupt took 20444 ns netlink: 6 bytes leftover after parsing attributes in process `syz-executor2'. netlink: 13 bytes leftover after parsing attributes in process `syz-executor7'. SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=3590 comm=syz-executor3 mmap: syz-executor1 (3586) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.txt. netlink: 13 bytes leftover after parsing attributes in process `syz-executor7'. QAT: Invalid ioctl QAT: Invalid ioctl syz-executor7 uses obsolete (PF_INET,SOCK_PACKET) tmpfs: No value for mount option ' ' *** Guest State *** CR0: actual=0x0000000000000020, shadow=0x0000000000000000, gh_mask=fffffffffffffff7 CR4: actual=0x0000000000002050, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 CR3 = 0x00000000fffbc000 RSP = 0x0000000000000000 RIP = 0x0000000000000004 RFLAGS=0x0001fefe DR7 = 0x0000000000000400 Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 SS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 ES: sel=0x000d, attr=0x10000, limit=0x00000000, base=0x0000000000000000 FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 GDTR: limit=0x00000000, base=0x0000000000000000 LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 IDTR: limit=0x00000000, base=0x0000000000000000 TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 EFER = 0x0000000000000500 PAT = 0x0007040600070406 DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 BndCfgS = 0x0000000000000000 Interruptibility = 00000000 ActivityState = 00000000 *** Host State *** RIP = 0xffffffff811bc783 RSP = 0xffff880036bb74c8 CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 FSBase=00007f58bc4fd700 GSBase=ffff88006de00000 TRBase=ffff88006df23280 GDTBase=ffffffffff574000 IDTBase=ffffffffff57b000 CR0=0000000080050033 CR3=000000003b7a0000 CR4=00000000000026e0 Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8508a200 EFER = 0x0000000000000d01 PAT = 0x0007040600070406 *** Control State *** PinBased=0000007f CPUBased=b6a1edfe SecondaryExec=000000e3 EntryControls=0001d1ff ExitControls=00afefff ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 VMEntry: intr_info=80000603 errcode=00000000 ilen=00000000 VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 reason=80000021 qualification=0000000000000000 IDTVectoring: info=00000000 errcode=00000000 TSC Offset = 0xffffffe44c2647ca TPR Threshold = 0x00 EPT pointer = 0x000000006c43f01e Virtual processor ID = 0x0011 device gre0 entered promiscuous mode QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl netlink: 1 bytes leftover after parsing attributes in process `syz-executor3'. SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pig=3847 comm=syz-executor4 QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl rfkill: input handler disabled rfkill: input handler enabled QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5 sclass=netlink_route_socket pig=4057 comm=syz-executor6 netlink: 3 bytes leftover after parsing attributes in process `syz-executor1'. device gre0 entered promiscuous mode do_dccp_getsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl sctp: [Deprecated]: syz-executor2 (pid 4418) Use of struct sctp_assoc_value in delayed_ack socket option. Use struct sctp_sack_info instead sctp: [Deprecated]: syz-executor2 (pid 4418) Use of struct sctp_assoc_value in delayed_ack socket option. Use struct sctp_sack_info instead nla_parse: 15 callbacks suppressed netlink: 1 bytes leftover after parsing attributes in process `syz-executor6'. netlink: 1 bytes leftover after parsing attributes in process `syz-executor0'. netlink: 1 bytes leftover after parsing attributes in process `syz-executor0'. netlink: 1 bytes leftover after parsing attributes in process `syz-executor6'. sock: process `syz-executor4' is using obsolete getsockopt SO_BSDCOMPAT SELinux: unrecognized netlink message: protocol=9 nlmsg_type=5 sclass=netlink_audit_socket pig=4503 comm=syz-executor1 rfkill: input handler disabled netlink: 3 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor7'. rfkill: input handler enabled SELinux: unrecognized netlink message: protocol=9 nlmsg_type=5 sclass=netlink_audit_socket pig=4552 comm=syz-executor1 SELinux: failure in selinux_parse_skb(), unable to parse packet SELinux: failure in selinux_parse_skb(), unable to parse packet Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=4608 comm=syz-executor6 device gre0 entered promiscuous mode netlink: 1 bytes leftover after parsing attributes in process `syz-executor0'. netlink: 1 bytes leftover after parsing attributes in process `syz-executor0'. netlink: 64 bytes leftover after parsing attributes in process `syz-executor6'. netlink: 5 bytes leftover after parsing attributes in process `syz-executor2'. kauditd_printk_skb: 277 callbacks suppressed audit: type=1326 audit(1510136357.484:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=4873 comm="syz-executor2" exe="/syz-executor2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x447c89 code=0x0 IPv6: ADDRCONF(NETDEV_UP): lo: link is not ready audit: type=1326 audit(1510136357.630:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=4873 comm="syz-executor2" exe="/syz-executor2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x447c89 code=0x0