BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor2/10243
caller is __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
CPU: 0 PID: 10243 Comm: syz-executor2 Not tainted 4.4.105-g36205b7 #4
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
0000000000000000 bb605abddf6d6676 ffff8801d2d776b8 ffffffff81cc9b4f
0000000000000000 ffffffff839fd4a0 ffff8801d2d776f8 ffffffff81d28d58
ffffffff83d093a0 ffff8800b8a43910 dffffc0000000000 ffffffff83cff4e0
Call Trace:
[<ffffffff81cc9b4f>] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline]
[<ffffffff81cc9b4f>] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51
[<ffffffff81d28d58>] check_preemption_disabled+0x1b8/0x1f0 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:46
[<ffffffff81d28dc3>] __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
[<ffffffff832a4598>] ipcomp_alloc_tfms /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:286 [inline]
[<ffffffff832a4598>] ipcomp_init_state+0x168/0x8e0 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:363
[<ffffffff83206e7e>] ipcomp4_init_state+0x9e/0x840 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/ipcomp.c:137
[<ffffffff83282524>] __xfrm_init_state+0x354/0xa40 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2058
[<ffffffff83282c1e>] xfrm_init_state+0xe/0x10 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2084
[<ffffffff8340f088>] pfkey_msg2xfrm_state /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1281 [inline]
[<ffffffff8340f088>] pfkey_add+0x1e18/0x3d80 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1498
[<ffffffff834134bd>] pfkey_process+0x58d/0x900 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:2826
[<ffffffff83414feb>] pfkey_sendmsg+0x35b/0x6c0 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:3670
[<ffffffff82d94005>] sock_sendmsg_nosec /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:625 [inline]
[<ffffffff82d94005>] sock_sendmsg+0xb5/0xf0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:635
[<ffffffff82d95add>] ___sys_sendmsg+0x66d/0x7d0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1961
[<ffffffff82d97863>] __sys_sendmsg+0xc3/0x160 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1995
[<ffffffff82d9790d>] SYSC_sendmsg /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2006 [inline]
[<ffffffff82d9790d>] SyS_sendmsg+0xd/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2002
[<ffffffff8374ab36>] entry_SYSCALL_64_fastpath+0x16/0x76
audit: type=1400 audit(1513033836.296:16): avc: denied { create } for pid=10260 comm="syz-executor2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_fib_lookup_socket permissive=1
audit: type=1400 audit(1513033836.416:17): avc: denied { read } for pid=10260 comm="syz-executor2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_fib_lookup_socket permissive=1
netlink: 8 bytes leftover after parsing attributes in process `syz-executor7'.
netlink: 8 bytes leftover after parsing attributes in process `syz-executor7'.
device gre0 entered promiscuous mode
BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor6/10457
caller is __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
CPU: 1 PID: 10457 Comm: syz-executor6 Not tainted 4.4.105-g36205b7 #4
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
0000000000000000 74af139444f6515b ffff8801d2cc76b8 ffffffff81cc9b4f
0000000000000001 ffffffff839fd4a0 ffff8801d2cc76f8 ffffffff81d28d58
ffffffff83d093a0 ffff8800b8a42450 dffffc0000000000 ffffffff83cff4e0
Call Trace:
[<ffffffff81cc9b4f>] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline]
[<ffffffff81cc9b4f>] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51
[<ffffffff81d28d58>] check_preemption_disabled+0x1b8/0x1f0 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:46
[<ffffffff81d28dc3>] __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
[<ffffffff832a4598>] ipcomp_alloc_tfms /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:286 [inline]
[<ffffffff832a4598>] ipcomp_init_state+0x168/0x8e0 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:363
[<ffffffff83206e7e>] ipcomp4_init_state+0x9e/0x840 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/ipcomp.c:137
[<ffffffff83282524>] __xfrm_init_state+0x354/0xa40 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2058
[<ffffffff83282c1e>] xfrm_init_state+0xe/0x10 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2084
[<ffffffff8340f088>] pfkey_msg2xfrm_state /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1281 [inline]
[<ffffffff8340f088>] pfkey_add+0x1e18/0x3d80 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1498
[<ffffffff834134bd>] pfkey_process+0x58d/0x900 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:2826
[<ffffffff83414feb>] pfkey_sendmsg+0x35b/0x6c0 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:3670
[<ffffffff82d94005>] sock_sendmsg_nosec /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:625 [inline]
[<ffffffff82d94005>] sock_sendmsg+0xb5/0xf0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:635
[<ffffffff82d95add>] ___sys_sendmsg+0x66d/0x7d0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1961
[<ffffffff82d97863>] __sys_sendmsg+0xc3/0x160 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1995
[<ffffffff82d9790d>] SYSC_sendmsg /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2006 [inline]
[<ffffffff82d9790d>] SyS_sendmsg+0xd/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2002
[<ffffffff8374ab36>] entry_SYSCALL_64_fastpath+0x16/0x76
BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor6/10457
caller is __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
CPU: 0 PID: 10457 Comm: syz-executor6 Not tainted 4.4.105-g36205b7 #4
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
0000000000000000 74af139444f6515b ffff8801d2cc76b8 ffffffff81cc9b4f
0000000000000000 ffffffff839fd4a0 ffff8801d2cc76f8 ffffffff81d28d58
ffffffff83d093a0 ffff8800b8a40530 dffffc0000000000 ffffffff83cff4e0
Call Trace:
[<ffffffff81cc9b4f>] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline]
[<ffffffff81cc9b4f>] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51
[<ffffffff81d28d58>] check_preemption_disabled+0x1b8/0x1f0 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:46
[<ffffffff81d28dc3>] __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
[<ffffffff832a4598>] ipcomp_alloc_tfms /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:286 [inline]
[<ffffffff832a4598>] ipcomp_init_state+0x168/0x8e0 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:363
[<ffffffff83206e7e>] ipcomp4_init_state+0x9e/0x840 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/ipcomp.c:137
[<ffffffff83282524>] __xfrm_init_state+0x354/0xa40 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2058
[<ffffffff83282c1e>] xfrm_init_state+0xe/0x10 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2084
[<ffffffff8340f088>] pfkey_msg2xfrm_state /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1281 [inline]
[<ffffffff8340f088>] pfkey_add+0x1e18/0x3d80 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1498
[<ffffffff834134bd>] pfkey_process+0x58d/0x900 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:2826
[<ffffffff83414feb>] pfkey_sendmsg+0x35b/0x6c0 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:3670
[<ffffffff82d94005>] sock_sendmsg_nosec /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:625 [inline]
[<ffffffff82d94005>] sock_sendmsg+0xb5/0xf0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:635
[<ffffffff82d95add>] ___sys_sendmsg+0x66d/0x7d0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1961
[<ffffffff82d97863>] __sys_sendmsg+0xc3/0x160 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1995
[<ffffffff82d9790d>] SYSC_sendmsg /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2006 [inline]
[<ffffffff82d9790d>] SyS_sendmsg+0xd/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2002
[<ffffffff8374ab36>] entry_SYSCALL_64_fastpath+0x16/0x76
BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor3/10528
caller is __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
CPU: 0 PID: 10528 Comm: syz-executor3 Not tainted 4.4.105-g36205b7 #4
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
0000000000000000 3aec9801a59b0d44 ffff8800b7c576b8 ffffffff81cc9b4f
0000000000000000 ffffffff839fd4a0 ffff8800b7c576f8 ffffffff81d28d58
ffffffff83d093a0 ffff8801d2ca5f20 dffffc0000000000 ffffffff83cff4e0
Call Trace:
[<ffffffff81cc9b4f>] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline]
[<ffffffff81cc9b4f>] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51
[<ffffffff81d28d58>] check_preemption_disabled+0x1b8/0x1f0 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:46
[<ffffffff81d28dc3>] __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
[<ffffffff832a4598>] ipcomp_alloc_tfms /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:286 [inline]
[<ffffffff832a4598>] ipcomp_init_state+0x168/0x8e0 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:363
[<ffffffff83206e7e>] ipcomp4_init_state+0x9e/0x840 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/ipcomp.c:137
[<ffffffff83282524>] __xfrm_init_state+0x354/0xa40 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2058
[<ffffffff83282c1e>] xfrm_init_state+0xe/0x10 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2084
[<ffffffff8340f088>] pfkey_msg2xfrm_state /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1281 [inline]
[<ffffffff8340f088>] pfkey_add+0x1e18/0x3d80 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1498
[<ffffffff834134bd>] pfkey_process+0x58d/0x900 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:2826
[<ffffffff83414feb>] pfkey_sendmsg+0x35b/0x6c0 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:3670
[<ffffffff82d94005>] sock_sendmsg_nosec /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:625 [inline]
[<ffffffff82d94005>] sock_sendmsg+0xb5/0xf0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:635
[<ffffffff82d95add>] ___sys_sendmsg+0x66d/0x7d0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1961
[<ffffffff82d97863>] __sys_sendmsg+0xc3/0x160 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1995
[<ffffffff82d9790d>] SYSC_sendmsg /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2006 [inline]
[<ffffffff82d9790d>] SyS_sendmsg+0xd/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2002
[<ffffffff8374ab36>] entry_SYSCALL_64_fastpath+0x16/0x76
BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor3/10551
caller is __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
CPU: 0 PID: 10551 Comm: syz-executor3 Not tainted 4.4.105-g36205b7 #4
netlink: 2 bytes leftover after parsing attributes in process `syz-executor2'.
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
0000000000000000 25408e62c78b807b ffff8801d32df6b8 ffffffff81cc9b4f
0000000000000000 ffffffff839fd4a0 ffff8801d32df6f8 ffffffff81d28d58
ffffffff83d093a0 ffff8800b8a41f20 dffffc0000000000 ffffffff83cff4e0
Call Trace:
[<ffffffff81cc9b4f>] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline]
[<ffffffff81cc9b4f>] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51
[<ffffffff81d28d58>] check_preemption_disabled+0x1b8/0x1f0 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:46
[<ffffffff81d28dc3>] __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
[<ffffffff832a4598>] ipcomp_alloc_tfms /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:286 [inline]
[<ffffffff832a4598>] ipcomp_init_state+0x168/0x8e0 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:363
[<ffffffff83206e7e>] ipcomp4_init_state+0x9e/0x840 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/ipcomp.c:137
[<ffffffff83282524>] __xfrm_init_state+0x354/0xa40 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2058
[<ffffffff83282c1e>] xfrm_init_state+0xe/0x10 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2084
[<ffffffff8340f088>] pfkey_msg2xfrm_state /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1281 [inline]
[<ffffffff8340f088>] pfkey_add+0x1e18/0x3d80 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1498
[<ffffffff834134bd>] pfkey_process+0x58d/0x900 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:2826
[<ffffffff83414feb>] pfkey_sendmsg+0x35b/0x6c0 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:3670
[<ffffffff82d94005>] sock_sendmsg_nosec /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:625 [inline]
[<ffffffff82d94005>] sock_sendmsg+0xb5/0xf0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:635
[<ffffffff82d95add>] ___sys_sendmsg+0x66d/0x7d0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1961
[<ffffffff82d97863>] __sys_sendmsg+0xc3/0x160 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1995
[<ffffffff82d9790d>] SYSC_sendmsg /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2006 [inline]
[<ffffffff82d9790d>] SyS_sendmsg+0xd/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2002
[<ffffffff8374ab36>] entry_SYSCALL_64_fastpath+0x16/0x76
netlink: 2 bytes leftover after parsing attributes in process `syz-executor2'.
audit: type=1400 audit(1513033838.136:18): avc: denied { create } for pid=10621 comm="syz-executor1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_crypto_socket permissive=1
device gre0 entered promiscuous mode
device gre0 entered promiscuous mode
netlink: 2 bytes leftover after parsing attributes in process `syz-executor4'.
netlink: 2 bytes leftover after parsing attributes in process `syz-executor4'.
netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'.
netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'.
BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor7/11156
caller is __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
CPU: 1 PID: 11156 Comm: syz-executor7 Not tainted 4.4.105-g36205b7 #4
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
0000000000000000 d7b40097870c5d9d ffff8801d32d76b8 ffffffff81cc9b4f
0000000000000001 ffffffff839fd4a0 ffff8801d32d76f8 ffffffff81d28d58
ffffffff83d093a0 ffff8801da7673e0 dffffc0000000000 ffffffff83cff4e0
Call Trace:
[<ffffffff81cc9b4f>] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline]
[<ffffffff81cc9b4f>] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51
[<ffffffff81d28d58>] check_preemption_disabled+0x1b8/0x1f0 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:46
[<ffffffff81d28dc3>] __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
[<ffffffff832a4598>] ipcomp_alloc_tfms /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:286 [inline]
[<ffffffff832a4598>] ipcomp_init_state+0x168/0x8e0 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:363
[<ffffffff83206e7e>] ipcomp4_init_state+0x9e/0x840 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/ipcomp.c:137
[<ffffffff83282524>] __xfrm_init_state+0x354/0xa40 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2058
[<ffffffff83282c1e>] xfrm_init_state+0xe/0x10 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2084
[<ffffffff8340f088>] pfkey_msg2xfrm_state /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1281 [inline]
[<ffffffff8340f088>] pfkey_add+0x1e18/0x3d80 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1498
[<ffffffff834134bd>] pfkey_process+0x58d/0x900 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:2826
[<ffffffff83414feb>] pfkey_sendmsg+0x35b/0x6c0 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:3670
[<ffffffff82d94005>] sock_sendmsg_nosec /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:625 [inline]
[<ffffffff82d94005>] sock_sendmsg+0xb5/0xf0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:635
device gre0 entered promiscuous mode
[<ffffffff82d95add>] ___sys_sendmsg+0x66d/0x7d0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1961
[<ffffffff82d97863>] __sys_sendmsg+0xc3/0x160 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1995
[<ffffffff82d9790d>] SYSC_sendmsg /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2006 [inline]
[<ffffffff82d9790d>] SyS_sendmsg+0xd/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2002
[<ffffffff8374ab36>] entry_SYSCALL_64_fastpath+0x16/0x76
BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor7/11220
caller is __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
CPU: 1 PID: 11220 Comm: syz-executor7 Not tainted 4.4.105-g36205b7 #4
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
0000000000000000 3c6e8a32709540ff ffff8800b6c2f6b8 ffffffff81cc9b4f
0000000000000001 ffffffff839fd4a0 ffff8800b6c2f6f8 ffffffff81d28d58
ffffffff83d093a0 ffff8801d3010530 dffffc0000000000 ffffffff83cff4e0
Call Trace:
[<ffffffff81cc9b4f>] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline]
[<ffffffff81cc9b4f>] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51
[<ffffffff81d28d58>] check_preemption_disabled+0x1b8/0x1f0 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:46
[<ffffffff81d28dc3>] __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
[<ffffffff832a4598>] ipcomp_alloc_tfms /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:286 [inline]
[<ffffffff832a4598>] ipcomp_init_state+0x168/0x8e0 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:363
[<ffffffff83206e7e>] ipcomp4_init_state+0x9e/0x840 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/ipcomp.c:137
[<ffffffff83282524>] __xfrm_init_state+0x354/0xa40 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2058
[<ffffffff83282c1e>] xfrm_init_state+0xe/0x10 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2084
[<ffffffff8340f088>] pfkey_msg2xfrm_state /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1281 [inline]
[<ffffffff8340f088>] pfkey_add+0x1e18/0x3d80 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1498
[<ffffffff834134bd>] pfkey_process+0x58d/0x900 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:2826
[<ffffffff83414feb>] pfkey_sendmsg+0x35b/0x6c0 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:3670
[<ffffffff82d94005>] sock_sendmsg_nosec /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:625 [inline]
[<ffffffff82d94005>] sock_sendmsg+0xb5/0xf0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:635
[<ffffffff82d95add>] ___sys_sendmsg+0x66d/0x7d0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1961
[<ffffffff82d97863>] __sys_sendmsg+0xc3/0x160 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1995
[<ffffffff82d9790d>] SYSC_sendmsg /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2006 [inline]
[<ffffffff82d9790d>] SyS_sendmsg+0xd/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2002
[<ffffffff8374ab36>] entry_SYSCALL_64_fastpath+0x16/0x76
netlink: 2 bytes leftover after parsing attributes in process `syz-executor2'.
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket
netlink: 8 bytes leftover after parsing attributes in process `syz-executor3'.
netlink: 8 bytes leftover after parsing attributes in process `syz-executor3'.
audit: type=1400 audit(1513033841.946:19): avc: denied { setopt } for pid=11804 comm="syz-executor4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1
device gre0 entered promiscuous mode
audit: type=1400 audit(1513033842.086:20): avc: denied { set_context_mgr } for pid=11848 comm="syz-executor6" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=binder permissive=1
binder: 11848:11872 BC_ACQUIRE_DONE u0000000000000000 no match
binder: 11848:11872 got reply transaction with no transaction stack
binder: 11848:11872 transaction failed 29201/-71, size 48-40 line 2924
binder: 11848:11872 ioctl c0306201 20000000 returned -14
binder: BINDER_SET_CONTEXT_MGR already set
binder: 11848:11853 ioctl 40046207 0 returned -16
binder: 11848:11881 BC_ACQUIRE_DONE u0000000000000000 no match
binder: 11848:11881 got reply transaction with no transaction stack
binder: 11848:11881 transaction failed 29201/-71, size 48-40 line 2924
binder: 11962:11969 ERROR: BC_REGISTER_LOOPER called without request
binder: 11959:11966 ERROR: BC_REGISTER_LOOPER called without request
binder: 11959:11966 BC_ACQUIRE_DONE u0000000000000000 no match
binder: 11959:11966 got reply transaction with no transaction stack
binder: 11959:11966 transaction failed 29201/-71, size 48-40 line 2924
binder: 11959:11976 ERROR: BC_REGISTER_LOOPER called without request
binder: 11959:11966 BC_ACQUIRE_DONE u0000000000000000 no match
binder: 11959:11966 got reply transaction with no transaction stack
binder: 11959:11966 transaction failed 29201/-71, size 48-40 line 2924
binder: 11962:11995 ERROR: BC_REGISTER_LOOPER called without request
binder: 11962:11985 BC_ACQUIRE_DONE u0000000000000000 no match
binder: 11962:11985 got reply transaction with no transaction stack
device gre0 entered promiscuous mode
binder: 11962:11985 transaction failed 29201/-71, size 48-40 line 2924
binder: 11962:11984 BC_ACQUIRE_DONE u0000000000000000 no match
binder: 11962:11984 got reply transaction with no transaction stack
binder: 11962:11984 transaction failed 29201/-71, size 48-40 line 2924
device gre0 entered promiscuous mode
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket
binder: 12171:12178 ERROR: BC_REGISTER_LOOPER called without request
binder: 12171:12195 transaction failed 29189/-22, size 0-0 line 3008
binder: 12171:12178 BC_ACQUIRE_DONE u0000000000000000 no match
binder: 12171:12178 Acquire 1 refcount change on invalid ref 0 ret -22
==================================================================
[<ffffffff814f8a21>] vfs_read+0xe1/0x340 /syzkaller/managers/android-44-kasan-gce/kernel/fs/read_write.c:454
Bytes b4 ffff8800b3d23a80: 01 00 00 00 0e 00 00 00 8b a8 ff ff 00 00 00 00 ................
INFO: Freed in fasync_free_rcu+0x14/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/fs/fcntl.c:562 age=33 cpu=0 pid=3
==================================================================
[<ffffffff814db589>] kasan_report /syzkaller/managers/android-44-kasan-gce/kernel/mm/kasan/report.c:282 [inline]
[<ffffffff814db589>] __asan_report_load4_noabort+0x29/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/mm/kasan/report.c:282
[<ffffffff814db589>] kasan_report /syzkaller/managers/android-44-kasan-gce/kernel/mm/kasan/report.c:282 [inline]
[<ffffffff814db589>] __asan_report_load4_noabort+0x29/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/mm/kasan/report.c:282
[<ffffffff8123b9c6>] pv_queued_spin_lock_slowpath /syzkaller/managers/android-44-kasan-gce/kernel/./arch/x86/include/asm/paravirt.h:696 [inline]
[<ffffffff8123b9c6>] queued_spin_lock_slowpath /syzkaller/managers/android-44-kasan-gce/kernel/./arch/x86/include/asm/qspinlock.h:28 [inline]
[<ffffffff8123b9c6>] queued_spin_lock /syzkaller/managers/android-44-kasan-gce/kernel/include/asm-generic/qspinlock.h:102 [inline]
[<ffffffff8123b9c6>] queued_write_lock_slowpath+0x116/0x150 /syzkaller/managers/android-44-kasan-gce/kernel/kernel/locking/qrwlock.c:115
run_ksoftirqd+0x20/0x60 /syzkaller/managers/android-44-kasan-gce/kernel/kernel/softirq.c:662
__rcu_reclaim /syzkaller/managers/android-44-kasan-gce/kernel/kernel/rcu/rcu.h:118 [inline]
rcu_do_batch /syzkaller/managers/android-44-kasan-gce/kernel/kernel/rcu/tree.c:2705 [inline]
invoke_rcu_callbacks /syzkaller/managers/android-44-kasan-gce/kernel/kernel/rcu/tree.c:2973 [inline]
__rcu_process_callbacks /syzkaller/managers/android-44-kasan-gce/kernel/kernel/rcu/tree.c:2940 [inline]
rcu_process_callbacks+0x7ff/0x1490 /syzkaller/managers/android-44-kasan-gce/kernel/kernel/rcu/tree.c:2957
[<ffffffff814d3af4>] print_trailer+0x114/0x1a0 /syzkaller/managers/android-44-kasan-gce/kernel/mm/slub.c:682
[<ffffffff8374ab36>] entry_SYSCALL_64_fastpath+0x16/0x76
==================================================================
smpboot_thread_fn+0x55f/0x920 /syzkaller/managers/android-44-kasan-gce/kernel/kernel/smpboot.c:163
__slab_free+0x18c/0x2b0 /syzkaller/managers/android-44-kasan-gce/kernel/mm/slub.c:2685
BUG fasync_cache (Tainted: G B ): kasan: bad access detected
0000000000000000 09fb900b7dcb25cc ffff8801d333f9b0 ffffffff81cc9b4f
ffff8800b3d23b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
__slab_free+0x18c/0x2b0 /syzkaller/managers/android-44-kasan-gce/kernel/mm/slub.c:2685
Read of size 4 by task syz-executor5/12212
[<ffffffff814f6d8a>] __vfs_read+0xda/0x3e0 /syzkaller/managers/android-44-kasan-gce/kernel/fs/read_write.c:432
==================================================================
slab_alloc_node /syzkaller/managers/android-44-kasan-gce/kernel/mm/slub.c:2567 [inline]
slab_alloc /syzkaller/managers/android-44-kasan-gce/kernel/mm/slub.c:2609 [inline]
kmem_cache_alloc+0x155/0x290 /syzkaller/managers/android-44-kasan-gce/kernel/mm/slub.c:2614
ffff8800b3d22010 ffff8800b3d23a90 ffff8801d333f9e0 ffffffff814d3af4
[<ffffffff8374ab36>] entry_SYSCALL_64_fastpath+0x16/0x76
BUG fasync_cache (Tainted: G B ): kasan: bad access detected
Object ffff8800b3d23a90: 00 00 00 00 ad 4e ad de ff ff ff ff 00 00 00 00 .....N..........
Call Trace:
__slab_free+0x18c/0x2b0 /syzkaller/managers/android-44-kasan-gce/kernel/mm/slub.c:2685
==================================================================
Object ffff8800b3d23ae0: 00 86 c5 b7 00 88 ff ff 30 f5 52 81 ff ff ff ff ........0.R.....
[<ffffffff814d3af4>] print_trailer+0x114/0x1a0 /syzkaller/managers/android-44-kasan-gce/kernel/mm/slub.c:682
[<ffffffff8123b9c6>] pv_queued_spin_lock_slowpath /syzkaller/managers/android-44-kasan-gce/kernel/./arch/x86/include/asm/paravirt.h:696 [inline]
[<ffffffff8123b9c6>] queued_spin_lock_slowpath /syzkaller/managers/android-44-kasan-gce/kernel/./arch/x86/include/asm/qspinlock.h:28 [inline]
[<ffffffff8123b9c6>] queued_spin_lock /syzkaller/managers/android-44-kasan-gce/kernel/include/asm-generic/qspinlock.h:102 [inline]
[<ffffffff8123b9c6>] queued_write_lock_slowpath+0x116/0x150 /syzkaller/managers/android-44-kasan-gce/kernel/kernel/locking/qrwlock.c:115
BUG fasync_cache (Tainted: G B ): kasan: bad access detected
Object ffff8800b3d23a90: 00 00 00 00 ad 4e ad de ff ff ff ff 00 00 00 00 .....N..........
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
ret_from_fork+0x3f/0x70 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/entry/entry_64.S:468
smpboot_thread_fn+0x55f/0x920 /syzkaller/managers/android-44-kasan-gce/kernel/kernel/smpboot.c:163
^
Object ffff8800b3d23ac0: 00 50 8b 83 ff ff ff ff 01 46 00 00 06 00 00 00 .P.......F......
Call Trace:
Read of size 4 by task syz-executor5/12212
ffff8800b3d23b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
0000000000000000 09fb900b7dcb25cc ffff8801d333f9b0 ffffffff81cc9b4f
Object ffff8800b3d23a90: 00 00 00 00 ad 4e ad de ff ff ff ff 00 00 00 00 .....N..........
ffff8801d94aec00 ffffea0002cf4880 ffff8800b3d23a90 0000000000000000
fasync_free_rcu+0x14/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/fs/fcntl.c:562
BUG: KASAN: slab-out-of-bounds in __read_once_size /syzkaller/managers/android-44-kasan-gce/kernel/include/linux/compiler.h:218 [inline] at addr ffff8800b3d23af4
BUG: KASAN: slab-out-of-bounds in atomic_read /syzkaller/managers/android-44-kasan-gce/kernel/./arch/x86/include/asm/atomic.h:27 [inline] at addr ffff8800b3d23af4
BUG: KASAN: slab-out-of-bounds in virt_spin_lock /syzkaller/managers/android-44-kasan-gce/kernel/./arch/x86/include/asm/qspinlock.h:56 [inline] at addr ffff8800b3d23af4
BUG: KASAN: slab-out-of-bounds in native_queued_spin_lock_slowpath+0x5ad/0x660 /syzkaller/managers/android-44-kasan-gce/kernel/kernel/locking/qspinlock.c:352 at addr ffff8800b3d23af4
Object ffff8800b3d23ae0: 00 86 c5 b7 00 88 ff ff 30 f5 52 81 ff ff ff ff ........0.R.....
[<ffffffff8123648d>] __read_once_size /syzkaller/managers/android-44-kasan-gce/kernel/include/linux/compiler.h:218 [inline]
[<ffffffff8123648d>] atomic_read /syzkaller/managers/android-44-kasan-gce/kernel/./arch/x86/include/asm/atomic.h:27 [inline]
[<ffffffff8123648d>] virt_spin_lock /syzkaller/managers/android-44-kasan-gce/kernel/./arch/x86/include/asm/qspinlock.h:56 [inline]
[<ffffffff8123648d>] native_queued_spin_lock_slowpath+0x5ad/0x660 /syzkaller/managers/android-44-kasan-gce/kernel/kernel/locking/qspinlock.c:352
__slab_alloc.isra.74.constprop.77+0x50/0xa0 /syzkaller/managers/android-44-kasan-gce/kernel/mm/slub.c:2504
[<ffffffff82564a50>] sg_remove_request+0x60/0x100 /syzkaller/managers/android-44-kasan-gce/kernel/drivers/scsi/sg.c:2132
Bytes b4 ffff8800b3d23a80: 01 00 00 00 0e 00 00 00 8b a8 ff ff 00 00 00 00 ................
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
___slab_alloc.constprop.78+0x4c6/0x530 /syzkaller/managers/android-44-kasan-gce/kernel/mm/slub.c:2475
Object ffff8800b3d23ad0: 00 00 00 00 00 00 00 00 00 21 5a b9 00 88 ff ff .........!Z.....
Call Trace:
entry_SYSCALL_64_fastpath+0x16/0x76
[<ffffffff8374ab36>] entry_SYSCALL_64_fastpath+0x16/0x76
^
ffff8800b3d22010 ffff8800b3d23a90 ffff8801d333f9e0 ffffffff814d3af4
ffff8800b3d23a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
Object ffff8800b3d23ac0: 00 50 8b 83 ff ff ff ff 01 46 00 00 06 00 00 00 .P.......F......
fasync_free_rcu+0x14/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/fs/fcntl.c:562
BUG: KASAN: slab-out-of-bounds in __read_once_size /syzkaller/managers/android-44-kasan-gce/kernel/include/linux/compiler.h:218 [inline] at addr ffff8800b3d23af4
BUG: KASAN: slab-out-of-bounds in atomic_read /syzkaller/managers/android-44-kasan-gce/kernel/./arch/x86/include/asm/atomic.h:27 [inline] at addr ffff8800b3d23af4
BUG: KASAN: slab-out-of-bounds in virt_spin_lock /syzkaller/managers/android-44-kasan-gce/kernel/./arch/x86/include/asm/qspinlock.h:56 [inline] at addr ffff8800b3d23af4
BUG: KASAN: slab-out-of-bounds in native_queued_spin_lock_slowpath+0x5ad/0x660 /syzkaller/managers/android-44-kasan-gce/kernel/kernel/locking/qspinlock.c:352 at addr ffff8800b3d23af4
Object ffff8800b3d23a90: 00 00 00 00 ad 4e ad de ff ff ff ff 00 00 00 00 .....N..........
ffff8801d94aec00 ffffea0002cf4880 ffff8800b3d23a90 0000000000000000
INFO: Allocated in fasync_alloc /syzkaller/managers/android-44-kasan-gce/kernel/fs/fcntl.c:603 [inline] age=0 cpu=1 pid=12212
INFO: Allocated in fasync_add_entry /syzkaller/managers/android-44-kasan-gce/kernel/fs/fcntl.c:661 [inline] age=0 cpu=1 pid=12212
INFO: Allocated in fasync_helper+0x29/0x90 /syzkaller/managers/android-44-kasan-gce/kernel/fs/fcntl.c:690 age=0 cpu=1 pid=12212
[<ffffffff82564ff5>] sg_finish_rem_req+0x255/0x2f0 /syzkaller/managers/android-44-kasan-gce/kernel/drivers/scsi/sg.c:1848
ffff8800b3d23b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
__do_softirq+0x24d/0xa60 /syzkaller/managers/android-44-kasan-gce/kernel/kernel/softirq.c:273
[<ffffffff814db589>] kasan_report /syzkaller/managers/android-44-kasan-gce/kernel/mm/kasan/report.c:282 [inline]
[<ffffffff814db589>] __asan_report_load4_noabort+0x29/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/mm/kasan/report.c:282
[<ffffffff814db589>] kasan_report /syzkaller/managers/android-44-kasan-gce/kernel/mm/kasan/report.c:282 [inline]
[<ffffffff814db589>] __asan_report_load4_noabort+0x29/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/mm/kasan/report.c:282
[<ffffffff814db589>] kasan_report /syzkaller/managers/android-44-kasan-gce/kernel/mm/kasan/report.c:282 [inline]
[<ffffffff814db589>] __asan_report_load4_noabort+0x29/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/mm/kasan/report.c:282
ffff8800b3d23980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
Object ffff8800b3d23ac0: 00 50 8b 83 ff ff ff ff 01 46 00 00 06 00 00 00 .P.......F......
0000000000000000 09fb900b7dcb25cc ffff8801d333f9b0 ffffffff81cc9b4f
[<ffffffff814f8a21>] vfs_read+0xe1/0x340 /syzkaller/managers/android-44-kasan-gce/kernel/fs/read_write.c:454
ffff8800b3d23b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
CPU: 1 PID: 12212 Comm: syz-executor5 Tainted: G B 4.4.105-g36205b7 #4
smpboot_thread_fn+0x55f/0x920 /syzkaller/managers/android-44-kasan-gce/kernel/kernel/smpboot.c:163
^
0000000000000000 09fb900b7dcb25cc ffff8801d333f9b0 ffffffff81cc9b4f
>ffff8800b3d23a80: fc fc 00 00 00 00 00 00 00 00 00 00 00 00 fc fc
Object ffff8800b3d23ac0: 00 50 8b 83 ff ff ff ff 01 46 00 00 06 00 00 00 .P.......F......
ffff8800b3d22010 ffff8800b3d23a90 ffff8801d333f9e0 ffffffff814d3af4
[<ffffffff82564ff5>] sg_finish_rem_req+0x255/0x2f0 /syzkaller/managers/android-44-kasan-gce/kernel/drivers/scsi/sg.c:1848
INFO: Freed in fasync_free_rcu+0x14/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/fs/fcntl.c:562 age=33 cpu=0 pid=3
slab_alloc_node /syzkaller/managers/android-44-kasan-gce/kernel/mm/slub.c:2567 [inline]
slab_alloc /syzkaller/managers/android-44-kasan-gce/kernel/mm/slub.c:2609 [inline]
kmem_cache_alloc+0x155/0x290 /syzkaller/managers/android-44-kasan-gce/kernel/mm/slub.c:2614
Object ffff8800b3d23ad0: 00 00 00 00 00 00 00 00 00 21 5a b9 00 88 ff ff .........!Z.....
[<ffffffff814d3af4>] print_trailer+0x114/0x1a0 /syzkaller/managers/android-44-kasan-gce/kernel/mm/slub.c:682
0000000000000000 09fb900b7dcb25cc ffff8801d333f9b0 ffffffff81cc9b4f
ffff8800b3d23b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[<ffffffff814d3af4>] print_trailer+0x114/0x1a0 /syzkaller/managers/android-44-kasan-gce/kernel/mm/slub.c:682
[<ffffffff8123b9c6>] pv_queued_spin_lock_slowpath /syzkaller/managers/android-44-kasan-gce/kernel/./arch/x86/include/asm/paravirt.h:696 [inline]
[<ffffffff8123b9c6>] queued_spin_lock_slowpath /syzkaller/managers/android-44-kasan-gce/kernel/./arch/x86/include/asm/qspinlock.h:28 [inline]
[<ffffffff8123b9c6>] queued_spin_lock /syzkaller/managers/android-44-kasan-gce/kernel/include/asm-generic/qspinlock.h:102 [inline]
[<ffffffff8123b9c6>] queued_write_lock_slowpath+0x116/0x150 /syzkaller/managers/android-44-kasan-gce/kernel/kernel/locking/qrwlock.c:115
Object ffff8800b3d23a90: 00 00 00 00 ad 4e ad de ff ff ff ff 00 00 00 00 .....N..........
==================================================================
Object ffff8800b3d23ae0: 00 86 c5 b7 00 88 ff ff 30 f5 52 81 ff ff ff ff ........0.R.....
ffff8800b3d23b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
Object ffff8800b3d23ad0: 00 00 00 00 00 00 00 00 00 21 5a b9 00 88 ff ff .........!Z.....
CPU: 1 PID: 12212 Comm: syz-executor5 Tainted: G B 4.4.105-g36205b7 #4
Object ffff8800b3d23a90: 00 00 00 00 ad 4e ad de ff ff ff ff 00 00 00 00 .....N..........
[<ffffffff814db589>] kasan_report /syzkaller/managers/android-44-kasan-gce/kernel/mm/kasan/report.c:282 [inline]
[<ffffffff814db589>] __asan_report_load4_noabort+0x29/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/mm/kasan/report.c:282
>ffff8800b3d23a80: fc fc 00 00 00 00 00 00 00 00 00 00 00 00 fc fc
___slab_alloc.constprop.78+0x4c6/0x530 /syzkaller/managers/android-44-kasan-gce/kernel/mm/slub.c:2475
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Object ffff8800b3d23ae0: 00 86 c5 b7 00 88 ff ff 30 f5 52 81 ff ff ff ff ........0.R.....
[<ffffffff814d3af4>] print_trailer+0x114/0x1a0 /syzkaller/managers/android-44-kasan-gce/kernel/mm/slub.c:682
Object ffff8800b3d23aa0: ff ff ff ff ff ff ff ff 80 e3 70 85 ff ff ff ff ..........p.....
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
ffff8800b3d23b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
ffff8801d94aec00 ffffea0002cf4880 ffff8800b3d23a90 0000000000000000
INFO: Allocated in fasync_alloc /syzkaller/managers/android-44-kasan-gce/kernel/fs/fcntl.c:603 [inline] age=0 cpu=1 pid=12212
INFO: Allocated in fasync_add_entry /syzkaller/managers/android-44-kasan-gce/kernel/fs/fcntl.c:661 [inline] age=0 cpu=1 pid=12212
INFO: Allocated in fasync_helper+0x29/0x90 /syzkaller/managers/android-44-kasan-gce/kernel/fs/fcntl.c:690 age=0 cpu=1 pid=12212
Object ffff8800b3d23ad0: 00 00 00 00 00 00 00 00 00 21 5a b9 00 88 ff ff .........!Z.....
[<ffffffff82566a87>] sg_read+0x767/0x1260 /syzkaller/managers/android-44-kasan-gce/kernel/drivers/scsi/sg.c:538
ffff8800b3d22010 ffff8800b3d23a90 ffff8801d333f9e0 ffffffff814d3af4
INFO: Slab 0xffffea0002cf4880 objects=20 used=1 fp=0xffff8800b3d235e0 flags=0x4000000000004080
Read of size 4 by task syz-executor5/12212
ffff8800b3d23a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
ffff8800b3d22010 ffff8800b3d23a90 ffff8801d333f9e0 ffffffff814d3af4
run_ksoftirqd+0x20/0x60 /syzkaller/managers/android-44-kasan-gce/kernel/kernel/softirq.c:662
Object ffff8800b3d23ae0: 00 86 c5 b7 00 88 ff ff 30 f5 52 81 ff ff ff ff ........0.R.....
>ffff8800b3d23a80: fc fc 00 00 00 00 00 00 00 00 00 00 00 00 fc fc
CPU: 1 PID: 12212 Comm: syz-executor5 Tainted: G B 4.4.105-g36205b7 #4
__do_softirq+0x24d/0xa60 /syzkaller/managers/android-44-kasan-gce/kernel/kernel/softirq.c:273
[<ffffffff814d945f>] object_err+0x2f/0x40 /syzkaller/managers/android-44-kasan-gce/kernel/mm/slub.c:689
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
__slab_free+0x18c/0x2b0 /syzkaller/managers/android-44-kasan-gce/kernel/mm/slub.c:2685
[<ffffffff8123648d>] __read_once_size /syzkaller/managers/android-44-kasan-gce/kernel/include/linux/compiler.h:218 [inline]
[<ffffffff8123648d>] atomic_read /syzkaller/managers/android-44-kasan-gce/kernel/./arch/x86/include/asm/atomic.h:27 [inline]
[<ffffffff8123648d>] virt_spin_lock /syzkaller/managers/android-44-kasan-gce/kernel/./arch/x86/include/asm/qspinlock.h:56 [inline]
[<ffffffff8123648d>] native_queued_spin_lock_slowpath+0x5ad/0x660 /syzkaller/managers/android-44-kasan-gce/kernel/kernel/locking/qspinlock.c:352
entry_SYSCALL_64_fastpath+0x16/0x76
ffff8800b3d23b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
smpboot_thread_fn+0x55f/0x920 /syzkaller/managers/android-44-kasan-gce/kernel/kernel/smpboot.c:163
[<ffffffff814fb393>] SYSC_read /syzkaller/managers/android-44-kasan-gce/kernel/fs/read_write.c:569 [inline]
[<ffffffff814fb393>] SyS_read+0xd3/0x1c0 /syzkaller/managers/android-44-kasan-gce/kernel/fs/read_write.c:562
>ffff8800b3d23a80: fc fc 00 00 00 00 00 00 00 00 00 00 00 00 fc fc
ffff8800b3d23980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
ffff8800b3d23980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
Read of size 4 by task syz-executor5/12212
Call Trace:
ffff8800b3d23b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
__slab_alloc.isra.74.constprop.77+0x50/0xa0 /syzkaller/managers/android-44-kasan-gce/kernel/mm/slub.c:2504
ffff8800b3d22010 ffff8800b3d23a90 ffff8801d333f9e0 ffffffff814d3af4
ffff8800b3d23a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[<ffffffff814d3af4>] print_trailer+0x114/0x1a0 /syzkaller/managers/android-44-kasan-gce/kernel/mm/slub.c:682
Object ffff8800b3d23a90: 00 00 00 00 ad 4e ad de ff ff ff ff 00 00 00 00 .....N..........
Object ffff8800b3d23ad0: 00 00 00 00 00 00 00 00 00 21 5a b9 00 88 ff ff .........!Z.....
>ffff8800b3d23a80: fc fc 00 00 00 00 00 00 00 00 00 00 00 00 fc fc
___slab_alloc.constprop.78+0x4c6/0x530 /syzkaller/managers/android-44-kasan-gce/kernel/mm/slub.c:2475
Object ffff8800b3d23ae0: 00 86 c5 b7 00 88 ff ff 30 f5 52 81 ff ff ff ff ........0.R.....
__slab_free+0x18c/0x2b0 /syzkaller/managers/android-44-kasan-gce/kernel/mm/slub.c:2685
fasync_free_rcu+0x14/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/fs/fcntl.c:562
BUG fasync_cache (Tainted: G B ): kasan: bad access detected
Object ffff8800b3d23ab0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
BUG: KASAN: slab-out-of-bounds in __read_once_size /syzkaller/managers/android-44-kasan-gce/kernel/include/linux/compiler.h:218 [inline] at addr ffff8800b3d23af4
BUG: KASAN: slab-out-of-bounds in atomic_read /syzkaller/managers/android-44-kasan-gce/kernel/./arch/x86/include/asm/atomic.h:27 [inline] at addr ffff8800b3d23af4
BUG: KASAN: slab-out-of-bounds in virt_spin_lock /syzkaller/managers/android-44-kasan-gce/kernel/./arch/x86/include/asm/qspinlock.h:56 [inline] at addr ffff8800b3d23af4
BUG: KASAN: slab-out-of-bounds in native_queued_spin_lock_slowpath+0x5ad/0x660 /syzkaller/managers/android-44-kasan-gce/kernel/kernel/locking/qspinlock.c:352 at addr ffff8800b3d23af4
^
fasync_free_rcu+0x14/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/fs/fcntl.c:562
__slab_alloc.isra.74.constprop.77+0x50/0xa0 /syzkaller/managers/android-44-kasan-gce/kernel/mm/slub.c:2504
ffff8800b3d22010 ffff8800b3d23a90 ffff8801d333f9e0 ffffffff814d3af4
BUG: KASAN: slab-out-of-bounds in __read_once_size /syzkaller/managers/android-44-kasan-gce/kernel/include/linux/compiler.h:218 [inline] at addr ffff8800b3d23af4
BUG: KASAN: slab-out-of-bounds in atomic_read /syzkaller/managers/android-44-kasan-gce/kernel/./arch/x86/include/asm/atomic.h:27 [inline] at addr ffff8800b3d23af4
BUG: KASAN: slab-out-of-bounds in virt_spin_lock /syzkaller/managers/android-44-kasan-gce/kernel/./arch/x86/include/asm/qspinlock.h:56 [inline] at addr ffff8800b3d23af4
BUG: KASAN: slab-out-of-bounds in native_queued_spin_lock_slowpath+0x5ad/0x660 /syzkaller/managers/android-44-kasan-gce/kernel/kernel/locking/qspinlock.c:352 at addr ffff8800b3d23af4
Object ffff8800b3d23aa0: ff ff ff ff ff ff ff ff 80 e3 70 85 ff ff ff ff ..........p.....
[<ffffffff8123648d>] __read_once_size /syzkaller/managers/android-44-kasan-gce/kernel/include/linux/compiler.h:218 [inline]
[<ffffffff8123648d>] atomic_read /syzkaller/managers/android-44-kasan-gce/kernel/./arch/x86/include/asm/atomic.h:27 [inline]
[<ffffffff8123648d>] virt_spin_lock /syzkaller/managers/android-44-kasan-gce/kernel/./arch/x86/include/asm/qspinlock.h:56 [inline]
[<ffffffff8123648d>] native_queued_spin_lock_slowpath+0x5ad/0x660 /syzkaller/managers/android-44-kasan-gce/kernel/kernel/locking/qspinlock.c:352
___slab_alloc.constprop.78+0x4c6/0x530 /syzkaller/managers/android-44-kasan-gce/kernel/mm/slub.c:2475
Object ffff8800b3d23a90: 00 00 00 00 ad 4e ad de ff ff ff ff 00 00 00 00 .....N..........
[<ffffffff814d945f>] object_err+0x2f/0x40 /syzkaller/managers/android-44-kasan-gce/kernel/mm/slub.c:689
BUG: KASAN: slab-out-of-bounds in __read_once_size /syzkaller/managers/android-44-kasan-gce/kernel/include/linux/compiler.h:218 [inline] at addr ffff8800b3d23af4
BUG: KASAN: slab-out-of-bounds in atomic_read /syzkaller/managers/android-44-kasan-gce/kernel/./arch/x86/include/asm/atomic.h:27 [inline] at addr ffff8800b3d23af4
BUG: KASAN: slab-out-of-bounds in virt_spin_lock /syzkaller/managers/android-44-kasan-gce/kernel/./arch/x86/include/asm/qspinlock.h:56 [inline] at addr ffff8800b3d23af4
BUG: KASAN: slab-out-of-bounds in native_queued_spin_lock_slowpath+0x5ad/0x660 /syzkaller/managers/android-44-kasan-gce/kernel/kernel/locking/qspinlock.c:352 at addr ffff8800b3d23af4
0000000000000000 09fb900b7dcb25cc ffff8801d333f9b0 ffffffff81cc9b4f
>ffff8800b3d23a80: fc fc 00 00 00 00 00 00 00 00 00 00 00 00 fc fc
Object ffff8800b3d23a90: 00 00 00 00 ad 4e ad de ff ff ff ff 00 00 00 00 .....N..........
entry_SYSCALL_64_fastpath+0x16/0x76
[<ffffffff8374ab36>] entry_SYSCALL_64_fastpath+0x16/0x76
0000000000000000 09fb900b7dcb25cc ffff8801d333f9b0 ffffffff81cc9b4f
^
Object ffff8800b3d23ac0: 00 50 8b 83 ff ff ff ff 01 46 00 00 06 00 00 00 .P.......F......
fasync_free_rcu+0x14/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/fs/fcntl.c:562
==================================================================
Object ffff8800b3d23a90: 00 00 00 00 ad 4e ad de ff ff ff ff 00 00 00 00 .....N..........
Object ffff8800b3d23a90: 00 00 00 00 ad 4e ad de ff ff ff ff 00 00 00 00 .....N..........
[<ffffffff8123b9c6>] pv_queued_spin_lock_slowpath /syzkaller/managers/android-44-kasan-gce/kernel/./arch/x86/include/asm/paravirt.h:696 [inline]
[<ffffffff8123b9c6>] queued_spin_lock_slowpath /syzkaller/managers/android-44-kasan-gce/kernel/./arch/x86/include/asm/qspinlock.h:28 [inline]
[<ffffffff8123b9c6>] queued_spin_lock /syzkaller/managers/android-44-kasan-gce/kernel/include/asm-generic/qspinlock.h:102 [inline]
[<ffffffff8123b9c6>] queued_write_lock_slowpath+0x116/0x150 /syzkaller/managers/android-44-kasan-gce/kernel/kernel/locking/qrwlock.c:115
__slab_free+0x18c/0x2b0 /syzkaller/managers/android-44-kasan-gce/kernel/mm/slub.c:2685
entry_SYSCALL_64_fastpath+0x16/0x76
>ffff8800b3d23a80: fc fc 00 00 00 00 00 00 00 00 00 00 00 00 fc fc
ffff8800b3d23b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
INFO: Allocated in fasync_alloc /syzkaller/managers/android-44-kasan-gce/kernel/fs/fcntl.c:603 [inline] age=0 cpu=1 pid=12212
INFO: Allocated in fasync_add_entry /syzkaller/managers/android-44-kasan-gce/kernel/fs/fcntl.c:661 [inline] age=0 cpu=1 pid=12212
INFO: Allocated in fasync_helper+0x29/0x90 /syzkaller/managers/android-44-kasan-gce/kernel/fs/fcntl.c:690 age=0 cpu=1 pid=12212
Object ffff8800b3d23a90: 00 00 00 00 ad 4e ad de ff ff ff ff 00 00 00 00 .....N..........
ret_from_fork+0x3f/0x70 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/entry/entry_64.S:468
smpboot_thread_fn+0x55f/0x920 /syzkaller/managers/android-44-kasan-gce/kernel/kernel/smpboot.c:163
ffff8800b3d23980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
-----------------------------------------------------------------------------
entry_SYSCALL_64_fastpath+0x16/0x76
[<ffffffff82564ff5>] sg_finish_rem_req+0x255/0x2f0 /syzkaller/managers/android-44-kasan-gce/kernel/drivers/scsi/sg.c:1848
[<ffffffff814db589>] kasan_report /syzkaller/managers/android-44-kasan-gce/kernel/mm/kasan/report.c:282 [inline]
[<ffffffff814db589>] __asan_report_load4_noabort+0x29/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/mm/kasan/report.c:282
CPU: 1 PID: 12212 Comm: syz-executor5 Tainted: G B 4.4.105-g36205b7 #4
Object ffff8800b3d23ab0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
INFO: Object 0xffff8800b3d23a90 @offset=6800 fp=0xdead4ead00000000
[<ffffffff814db589>] kasan_report /syzkaller/managers/android-44-kasan-gce/kernel/mm/kasan/report.c:282 [inline]
[<ffffffff814db589>] __asan_report_load4_noabort+0x29/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/mm/kasan/report.c:282
==================================================================
0000000000000000 09fb900b7dcb25cc ffff8801d333f9b0 ffffffff81cc9b4f
INFO: Object 0xffff8800b3d23a90 @offset=6800 fp=0xdead4ead00000000
ffff8800b3d23980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
ret_from_fork+0x3f/0x70 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/entry/entry_64.S:468
__slab_free+0x18c/0x2b0 /syzkaller/managers/android-44-kasan-gce/kernel/mm/slub.c:2685
__slab_alloc.isra.74.constprop.77+0x50/0xa0 /syzkaller/managers/android-44-kasan-gce/kernel/mm/slub.c:2504
ffff8800b3d23980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
Object ffff8800b3d23ac0: 00 50 8b 83 ff ff ff ff 01 46 00 00 06 00 00 00 .P.......F......
CPU: 1 PID: 12212 Comm: syz-executor5 Tainted: G B 4.4.105-g36205b7 #4
__do_softirq+0x24d/0xa60 /syzkaller/managers/android-44-kasan-gce/kernel/kernel/softirq.c:273
[<ffffffff814d945f>] object_err+0x2f/0x40 /syzkaller/managers/android-44-kasan-gce/kernel/mm/slub.c:689
Object ffff8800b3d23aa0: ff ff ff ff ff ff ff ff 80 e3 70 85 ff ff ff ff ..........p.....
Object ffff8800b3d23ae0: 00 86 c5 b7 00 88 ff ff 30 f5 52 81 ff ff ff ff ........0.R.....
Call Trace:
slab_alloc_node /syzkaller/managers/android-44-kasan-gce/kernel/mm/slub.c:2567 [inline]
slab_alloc /syzkaller/managers/android-44-kasan-gce/kernel/mm/slub.c:2609 [inline]
kmem_cache_alloc+0x155/0x290 /syzkaller/managers/android-44-kasan-gce/kernel/mm/slub.c:2614
0000000000000000 09fb900b7dcb25cc ffff8801d333f9b0 ffffffff81cc9b4f
=============================================================================
>ffff8800b3d23a80: fc fc 00 00 00 00 00 00 00 00 00 00 00 00 fc fc
CPU: 1 PID: 12212 Comm: syz-executor5 Tainted: G B 4.4.105-g36205b7 #4
sg_fasync+0x66/0xb0 /syzkaller/managers/android-44-kasan-gce/kernel/drivers/scsi/sg.c:1213
INFO: Allocated in fasync_alloc /syzkaller/managers/android-44-kasan-gce/kernel/fs/fcntl.c:603 [inline] age=0 cpu=1 pid=12212
INFO: Allocated in fasync_add_entry /syzkaller/managers/android-44-kasan-gce/kernel/fs/fcntl.c:661 [inline] age=0 cpu=1 pid=12212
INFO: Allocated in fasync_helper+0x29/0x90 /syzkaller/managers/android-44-kasan-gce/kernel/fs/fcntl.c:690 age=0 cpu=1 pid=12212
[<ffffffff814d945f>] object_err+0x2f/0x40 /syzkaller/managers/android-44-kasan-gce/kernel/mm/slub.c:689
Object ffff8800b3d23ad0: 00 00 00 00 00 00 00 00 00 21 5a b9 00 88 ff ff .........!Z.....
Object ffff8800b3d23ad0: 00 00 00 00 00 00 00 00 00 21 5a b9 00 88 ff ff .........!Z.....
ffff8800b3d22010 ffff8800b3d23a90 ffff8801d333f9e0 ffffffff814d3af4
fasync_free_rcu+0x14/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/fs/fcntl.c:562
__slab_free+0x18c/0x2b0 /syzkaller/managers/android-44-kasan-gce/kernel/mm/slub.c:2685
__slab_alloc.isra.74.constprop.77+0x50/0xa0 /syzkaller/managers/android-44-kasan-gce/kernel/mm/slub.c:2504
Object ffff8800b3d23ab0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ffff8800b3d22010 ffff8800b3d23a90 ffff8801d333f9e0 ffffffff814d3af4
ffff8800b3d23b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
Object ffff8800b3d23ab0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Object ffff8800b3d23ab0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
[<ffffffff814db589>] kasan_report /syzkaller/managers/android-44-kasan-gce/kernel/mm/kasan/report.c:282 [inline]
[<ffffffff814db589>] __asan_report_load4_noabort+0x29/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/mm/kasan/report.c:282
INFO: Object 0xffff8800b3d23a90 @offset=6800 fp=0xdead4ead00000000
ffff8800b3d23b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[<ffffffff82564ff5>] sg_finish_rem_req+0x255/0x2f0 /syzkaller/managers/android-44-kasan-gce/kernel/drivers/scsi/sg.c:1848
ffff8800b3d23b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[<ffffffff814db589>] kasan_report /syzkaller/managers/android-44-kasan-gce/kernel/mm/kasan/report.c:282 [inline]
[<ffffffff814db589>] __asan_report_load4_noabort+0x29/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/mm/kasan/report.c:282
Call Trace:
ffff8800b3d23a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
CPU: 1 PID: 12212 Comm: syz-executor5 Tainted: G B 4.4.105-g36205b7 #4
Object ffff8800b3d23a90: 00 00 00 00 ad 4e ad de ff ff ff ff 00 00 00 00 .....N..........
ffff8801d94aec00 ffffea0002cf4880 ffff8800b3d23a90 0000000000000000
ffff8800b3d23b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc