futex_wake_op: syz-executor0 tries to shift op by 4031; fix this program INFO: trying to register non-static key. the code is fine but needs lockdep annotation. turning off the locking correctness validator. CPU: 1 PID: 4639 Comm: syz-executor2 Not tainted 4.14.0-rc7-next-20171103+ #38 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 register_lock_class+0x55e/0x2c70 kernel/locking/lockdep.c:781 __lock_acquire+0x203/0x4770 kernel/locking/lockdep.c:3387 lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:4004 __raw_spin_lock_bh include/linux/spinlock_api_smp.h:135 [inline] _raw_spin_lock_bh+0x31/0x40 kernel/locking/spinlock.c:174 spin_lock_bh include/linux/spinlock.h:320 [inline] tcp_fastopen_reset_cipher+0x194/0x580 net/ipv4/tcp_fastopen.c:98 do_tcp_setsockopt.isra.37+0x24d/0x21b0 net/ipv4/tcp.c:2589 tcp_setsockopt+0xb0/0xd0 net/ipv4/tcp.c:2879 sock_common_setsockopt+0x95/0xd0 net/core/sock.c:2965 SYSC_setsockopt net/socket.c:1851 [inline] SyS_setsockopt+0x189/0x360 net/socket.c:1830 entry_SYSCALL_64_fastpath+0x1f/0xbe RIP: 0033:0x452869 RSP: 002b:00007f1415606be8 EFLAGS: 00000212 ORIG_RAX: 0000000000000036 RAX: ffffffffffffffda RBX: 0000000000758020 RCX: 0000000000452869 RDX: 0000000000000021 RSI: 0000000000000006 RDI: 0000000000000013 RBP: 0000000000000086 R08: 0000000000000010 R09: 0000000000000000 R10: 0000000020f2b000 R11: 0000000000000212 R12: 00000000006f4460 R13: 00000000ffffffff R14: 00007f14156076d4 R15: 0000000000000000 futex_wake_op: syz-executor0 tries to shift op by 4031; fix this program device gre0 entered promiscuous mode netlink: 16 bytes leftover after parsing attributes in process `syz-executor0'. netlink: 16 bytes leftover after parsing attributes in process `syz-executor0'. SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5 sclass=netlink_route_socket pig=4815 comm=syz-executor3 device gre0 entered promiscuous mode kvm [4807]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x4000008f kvm [4807]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x4000008e kvm [4807]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x4000008d kvm [4807]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x4000008c SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5 sclass=netlink_route_socket pig=4842 comm=syz-executor3 kvm [4807]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x4000008b kvm [4807]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x4000008a kvm [4807]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x40000089 kvm [4807]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x40000088 kvm [4807]: vcpu0, guest rIP: 0x9135 Hyper-V unhandled rdmsr: 0x40000087 *** Guest State *** CR0: actual=0x0000000080000031, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 CR4: actual=0x0000000000002051, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 CR3 = 0x00000000fffbc000 RSP = 0x000000000000fffa RIP = 0x0000000000000000 RFLAGS=0x00033000 DR7 = 0x0000000000000400 Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 CS: sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000 DS: sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000 SS: sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000 ES: sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000 FS: sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000 GS: sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000 GDTR: limit=0x0000ffff, base=0x0000000000000000 LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 IDTR: limit=0x0000ffff, base=0x0000000000000000 TR: sel=0x0000, attr=0x0008b, limit=0x00002088, base=0x0000000000000000 EFER = 0x0000000000000000 PAT = 0x0007040600070406 DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 Interruptibility = 00000000 ActivityState = 00000000 *** Host State *** RIP = 0xffffffff811bc783 RSP = 0xffff8801c6a274c8 CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 FSBase=00007fed4da71700 GSBase=ffff8801db300000 TRBase=ffff8801db323280 GDTBase=ffffffffff576000 IDTBase=ffffffffff57b000 CR0=0000000080050033 CR3=0000000199c1b000 CR4=00000000001426e0 Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff8508a1f0 EFER = 0x0000000000000d01 PAT = 0x0000000000000000 *** Control State *** PinBased=0000003f CPUBased=b6a1edfa SecondaryExec=00000043 EntryControls=0000d1ff ExitControls=0023efff ExceptionBitmap=ffffbfff PFECmask=00000000 PFECmatch=00000000 VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 reason=80000021 qualification=0000000000000000 IDTVectoring: info=00000000 errcode=00000000 TSC Offset = 0xffffffd49cd182d1 TPR Threshold = 0x00 EPT pointer = 0x00000001c614801e audit: type=1326 audit(1510085264.926:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=4962 comm="syz-executor3" exe="/root/syz-executor3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x452869 code=0x0 audit: type=1326 audit(1510085265.005:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=4962 comm="syz-executor3" exe="/root/syz-executor3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x452869 code=0x0 rfkill: input handler disabled rfkill: input handler enabled device syz5 entered promiscuous mode device syz5 left promiscuous mode device syz5 entered promiscuous mode dccp_invalid_packet: P.CsCov 15 exceeds packet length 1020 audit: type=1326 audit(1510085265.497:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=5111 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452869 code=0x7ffc0000 audit: type=1326 audit(1510085265.519:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=5111 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452869 code=0x7ffc0000 audit: type=1326 audit(1510085265.519:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=5111 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=228 compat=0 ip=0x45560a code=0x7ffc0000 audit: type=1326 audit(1510085265.519:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=5111 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452869 code=0x7ffc0000 audit: type=1326 audit(1510085265.519:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=5111 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=54 compat=0 ip=0x452869 code=0x7ffc0000 audit: type=1326 audit(1510085265.519:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=5111 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452869 code=0x7ffc0000 audit: type=1326 audit(1510085265.520:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=5111 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452869 code=0x7ffc0000 audit: type=1326 audit(1510085265.520:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=5111 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452869 code=0x7ffc0000 dccp_invalid_packet: P.CsCov 15 exceeds packet length 1020 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=60742 sclass=netlink_route_socket pig=5195 comm=syz-executor5 raw_sendmsg: syz-executor4 forgot to set AF_INET. Fix it! QAT: Invalid ioctl SELinux: unrecognized netlink message: protocol=0 nlmsg_type=60742 sclass=netlink_route_socket pig=5195 comm=syz-executor5 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8 sclass=netlink_route_socket pig=5210 comm=syz-executor6 QAT: Invalid ioctl QAT: Invalid ioctl netlink: 5 bytes leftover after parsing attributes in process `syz-executor0'. QAT: Invalid ioctl tmpfs: Bad mount option q SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8 sclass=netlink_route_socket pig=5232 comm=syz-executor6 QAT: Invalid ioctl QAT: Invalid ioctl netlink: 5 bytes leftover after parsing attributes in process `syz-executor0'. tmpfs: Bad mount option q tc_dump_action: action bad kind tc_dump_action: action bad kind netlink: 2 bytes leftover after parsing attributes in process `syz-executor2'. netlink: 2 bytes leftover after parsing attributes in process `syz-executor2'. netlink: 9 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 6 bytes leftover after parsing attributes in process `syz-executor4'. netlink: 6 bytes leftover after parsing attributes in process `syz-executor4'. mmap: syz-executor5 (5673) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.txt. rfkill: input handler disabled rfkill: input handler enabled netlink: 2 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 2 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor7'. kvm: emulating exchange as write RDS: rds_bind could not find a transport for 172.20.0.170, load rds_tcp or rds_rdma? RDS: rds_bind could not find a transport for 172.20.0.170, load rds_tcp or rds_rdma? mmap: syz-executor4 (6114): VmData 18661376 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data. device eql entered promiscuous mode RDS: rds_bind could not find a transport for 255.255.255.255, load rds_tcp or rds_rdma? RDS: rds_bind could not find a transport for 255.255.255.255, load rds_tcp or rds_rdma? QAT: Invalid ioctl sg_write: data in/out 589788/28 bytes for SCSI command 0x0-- guessing data in; program syz-executor0 not setting count and/or reply_len properly sg_write: data in/out 327415624/94 bytes for SCSI command 0xd7-- guessing data in; program syz-executor0 not setting count and/or reply_len properly sg_write: data in/out 589788/28 bytes for SCSI command 0x0-- guessing data in; program syz-executor0 not setting count and/or reply_len properly sg_write: data in/out 327415624/94 bytes for SCSI command 0xd7-- guessing data in; program syz-executor0 not setting count and/or reply_len properly nla_parse: 6 callbacks suppressed netlink: 14 bytes leftover after parsing attributes in process `syz-executor2'. netlink: 14 bytes leftover after parsing attributes in process `syz-executor2'. netlink: 8 bytes leftover after parsing attributes in process `syz-executor3'. irq bypass consumer (token ffff8801bf0cb300) registration fails: -16 QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl netlink: 37 bytes leftover after parsing attributes in process `syz-executor6'.