syzbot

 sign-in | mailing list | source | docs
🐞 Open [142] 🐞 Fixed [16] 🐞 Invalid [163] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

BUG: using __this_cpu_read() in preemptible [ADDR] code: syz-executor

Status: closed as invalid on 2017/12/12 13:26
First crash: 2320d, last: 2319d
Similar bugs (2)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
android-49 BUG: using __this_cpu_read() in preemptible [ADDR] code: syz-executor 1213 2319d 2320d 0/3 closed as invalid on 2017/12/12 13:35
android-49 BUG: using __this_cpu_read() in preemptible [ADDR] code: syz-executor (2) 1 2319d 2319d 0/3 closed as invalid on 2017/12/12 15:26

Sample crash report:
nla_parse: 50 callbacks suppressed
netlink: 4 bytes leftover after parsing attributes in process `syz-executor3'.
BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor1/4646
caller is __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
CPU: 0 PID: 4646 Comm: syz-executor1 Not tainted 4.4.105-g36205b7 #4
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 0000000000000000 070ea33ce428b337 ffff8801d31b76b8 ffffffff81cc9b4f
 0000000000000000 ffffffff839fd4a0 ffff8801d31b76f8 ffffffff81d28d58
 ffffffff83d093a0 ffff8801d3186450 dffffc0000000000 ffffffff83cff4e0
Call Trace:
 [<ffffffff81cc9b4f>] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline]
 [<ffffffff81cc9b4f>] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51
 [<ffffffff81d28d58>] check_preemption_disabled+0x1b8/0x1f0 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:46
 [<ffffffff81d28dc3>] __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
 [<ffffffff832a4598>] ipcomp_alloc_tfms /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:286 [inline]
 [<ffffffff832a4598>] ipcomp_init_state+0x168/0x8e0 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:363
 [<ffffffff83206e7e>] ipcomp4_init_state+0x9e/0x840 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/ipcomp.c:137
 [<ffffffff83282524>] __xfrm_init_state+0x354/0xa40 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2058
 [<ffffffff83282c1e>] xfrm_init_state+0xe/0x10 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2084
 [<ffffffff8340f088>] pfkey_msg2xfrm_state /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1281 [inline]
 [<ffffffff8340f088>] pfkey_add+0x1e18/0x3d80 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1498
 [<ffffffff834134bd>] pfkey_process+0x58d/0x900 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:2826
 [<ffffffff83414feb>] pfkey_sendmsg+0x35b/0x6c0 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:3670
 [<ffffffff82d94005>] sock_sendmsg_nosec /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:625 [inline]
 [<ffffffff82d94005>] sock_sendmsg+0xb5/0xf0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:635
 [<ffffffff82d95add>] ___sys_sendmsg+0x66d/0x7d0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1961
 [<ffffffff82d97863>] __sys_sendmsg+0xc3/0x160 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1995
 [<ffffffff82d9790d>] SYSC_sendmsg /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2006 [inline]
 [<ffffffff82d9790d>] SyS_sendmsg+0xd/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2002
 [<ffffffff8374ab36>] entry_SYSCALL_64_fastpath+0x16/0x76
netlink: 18 bytes leftover after parsing attributes in process `syz-executor6'.
netlink: 4 bytes leftover after parsing attributes in process `syz-executor3'.
netlink: 18 bytes leftover after parsing attributes in process `syz-executor6'.
netlink: 18 bytes leftover after parsing attributes in process `syz-executor3'.
netlink: 18 bytes leftover after parsing attributes in process `syz-executor3'.
BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor0/4788
caller is __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
CPU: 1 PID: 4788 Comm: syz-executor0 Not tainted 4.4.105-g36205b7 #4
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 0000000000000000 90b8e10337afa80f ffff8800b71ff6b8 ffffffff81cc9b4f
 0000000000000001 ffffffff839fd4a0 ffff8800b71ff6f8 ffffffff81d28d58
 ffffffff83d093a0 ffff8801d3187910 dffffc0000000000 ffffffff83cff4e0
Call Trace:
 [<ffffffff81cc9b4f>] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline]
 [<ffffffff81cc9b4f>] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51
 [<ffffffff81d28d58>] check_preemption_disabled+0x1b8/0x1f0 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:46
 [<ffffffff81d28dc3>] __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
 [<ffffffff832a4598>] ipcomp_alloc_tfms /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:286 [inline]
 [<ffffffff832a4598>] ipcomp_init_state+0x168/0x8e0 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:363
 [<ffffffff83206e7e>] ipcomp4_init_state+0x9e/0x840 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/ipcomp.c:137
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1538 sclass=netlink_route_socket
netlink: 18 bytes leftover after parsing attributes in process `syz-executor5'.
netlink: 18 bytes leftover after parsing attributes in process `syz-executor5'.
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1538 sclass=netlink_route_socket
 [<ffffffff83282524>] __xfrm_init_state+0x354/0xa40 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2058
 [<ffffffff83282c1e>] xfrm_init_state+0xe/0x10 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2084
 [<ffffffff8340f088>] pfkey_msg2xfrm_state /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1281 [inline]
 [<ffffffff8340f088>] pfkey_add+0x1e18/0x3d80 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1498
 [<ffffffff834134bd>] pfkey_process+0x58d/0x900 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:2826
 [<ffffffff83414feb>] pfkey_sendmsg+0x35b/0x6c0 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:3670
 [<ffffffff82d94005>] sock_sendmsg_nosec /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:625 [inline]
 [<ffffffff82d94005>] sock_sendmsg+0xb5/0xf0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:635
 [<ffffffff82d95add>] ___sys_sendmsg+0x66d/0x7d0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1961
 [<ffffffff82d97863>] __sys_sendmsg+0xc3/0x160 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1995
 [<ffffffff82d9790d>] SYSC_sendmsg /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2006 [inline]
 [<ffffffff82d9790d>] SyS_sendmsg+0xd/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2002
 [<ffffffff8374ab36>] entry_SYSCALL_64_fastpath+0x16/0x76
BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor3/4792
caller is __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
CPU: 0 PID: 4792 Comm: syz-executor3 Not tainted 4.4.105-g36205b7 #4
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 0000000000000000 342620942daed8b2 ffff8801d1b2f6b8 ffffffff81cc9b4f
 0000000000000000 ffffffff839fd4a0 ffff8801d1b2f6f8 ffffffff81d28d58
 ffffffff83d093a0 ffff8801d3184a60 dffffc0000000000 ffffffff83cff4e0
Call Trace:
 [<ffffffff81cc9b4f>] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline]
 [<ffffffff81cc9b4f>] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51
 [<ffffffff81d28d58>] check_preemption_disabled+0x1b8/0x1f0 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:46
 [<ffffffff81d28dc3>] __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
 [<ffffffff832a4598>] ipcomp_alloc_tfms /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:286 [inline]
 [<ffffffff832a4598>] ipcomp_init_state+0x168/0x8e0 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:363
 [<ffffffff83206e7e>] ipcomp4_init_state+0x9e/0x840 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/ipcomp.c:137
 [<ffffffff83282524>] __xfrm_init_state+0x354/0xa40 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2058
 [<ffffffff83282c1e>] xfrm_init_state+0xe/0x10 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2084
 [<ffffffff8340f088>] pfkey_msg2xfrm_state /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1281 [inline]
 [<ffffffff8340f088>] pfkey_add+0x1e18/0x3d80 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1498
 [<ffffffff834134bd>] pfkey_process+0x58d/0x900 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:2826
 [<ffffffff83414feb>] pfkey_sendmsg+0x35b/0x6c0 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:3670
 [<ffffffff82d94005>] sock_sendmsg_nosec /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:625 [inline]
 [<ffffffff82d94005>] sock_sendmsg+0xb5/0xf0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:635
 [<ffffffff82d95add>] ___sys_sendmsg+0x66d/0x7d0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1961
 [<ffffffff82d97863>] __sys_sendmsg+0xc3/0x160 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1995
 [<ffffffff82d9790d>] SYSC_sendmsg /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2006 [inline]
 [<ffffffff82d9790d>] SyS_sendmsg+0xd/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2002
 [<ffffffff8374ab36>] entry_SYSCALL_64_fastpath+0x16/0x76
BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor4/4858
caller is __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
CPU: 0 PID: 4858 Comm: syz-executor4 Not tainted 4.4.105-g36205b7 #4
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 0000000000000000 f36c7dc7e2a52cf6 ffff8800b41a76b8 ffffffff81cc9b4f
 0000000000000000 ffffffff839fd4a0 ffff8800b41a76f8 ffffffff81d28d58
 ffffffff83d093a0 ffff8800b708b910 dffffc0000000000 ffffffff83cff4e0
Call Trace:
 [<ffffffff81cc9b4f>] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline]
 [<ffffffff81cc9b4f>] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51
 [<ffffffff81d28d58>] check_preemption_disabled+0x1b8/0x1f0 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:46
 [<ffffffff81d28dc3>] __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
 [<ffffffff832a4598>] ipcomp_alloc_tfms /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:286 [inline]
 [<ffffffff832a4598>] ipcomp_init_state+0x168/0x8e0 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:363
 [<ffffffff83206e7e>] ipcomp4_init_state+0x9e/0x840 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/ipcomp.c:137
 [<ffffffff83282524>] __xfrm_init_state+0x354/0xa40 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2058
 [<ffffffff83282c1e>] xfrm_init_state+0xe/0x10 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2084
 [<ffffffff8340f088>] pfkey_msg2xfrm_state /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1281 [inline]
 [<ffffffff8340f088>] pfkey_add+0x1e18/0x3d80 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1498
 [<ffffffff834134bd>] pfkey_process+0x58d/0x900 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:2826
 [<ffffffff83414feb>] pfkey_sendmsg+0x35b/0x6c0 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:3670
 [<ffffffff82d94005>] sock_sendmsg_nosec /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:625 [inline]
 [<ffffffff82d94005>] sock_sendmsg+0xb5/0xf0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:635
 [<ffffffff82d95add>] ___sys_sendmsg+0x66d/0x7d0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1961
 [<ffffffff82d97863>] __sys_sendmsg+0xc3/0x160 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1995
 [<ffffffff82d9790d>] SYSC_sendmsg /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2006 [inline]
 [<ffffffff82d9790d>] SyS_sendmsg+0xd/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2002
 [<ffffffff8374ab36>] entry_SYSCALL_64_fastpath+0x16/0x76
BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor4/4864
caller is __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
CPU: 0 PID: 4864 Comm: syz-executor4 Not tainted 4.4.105-g36205b7 #4
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 0000000000000000 2aace66eb36e6335 ffff8801d4c776b8 ffffffff81cc9b4f
 0000000000000000 ffffffff839fd4a0 ffff8801d4c776f8 ffffffff81d28d58
 ffffffff83d093a0 ffff8800b708a450 dffffc0000000000 ffffffff83cff4e0
Call Trace:
 [<ffffffff81cc9b4f>] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline]
 [<ffffffff81cc9b4f>] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51
 [<ffffffff81d28d58>] check_preemption_disabled+0x1b8/0x1f0 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:46
 [<ffffffff81d28dc3>] __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
 [<ffffffff832a4598>] ipcomp_alloc_tfms /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:286 [inline]
 [<ffffffff832a4598>] ipcomp_init_state+0x168/0x8e0 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:363
 [<ffffffff83206e7e>] ipcomp4_init_state+0x9e/0x840 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/ipcomp.c:137
 [<ffffffff83282524>] __xfrm_init_state+0x354/0xa40 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2058
 [<ffffffff83282c1e>] xfrm_init_state+0xe/0x10 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2084
 [<ffffffff8340f088>] pfkey_msg2xfrm_state /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1281 [inline]
 [<ffffffff8340f088>] pfkey_add+0x1e18/0x3d80 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1498
 [<ffffffff834134bd>] pfkey_process+0x58d/0x900 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:2826
 [<ffffffff83414feb>] pfkey_sendmsg+0x35b/0x6c0 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:3670
 [<ffffffff82d94005>] sock_sendmsg_nosec /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:625 [inline]
 [<ffffffff82d94005>] sock_sendmsg+0xb5/0xf0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:635
 [<ffffffff82d95add>] ___sys_sendmsg+0x66d/0x7d0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1961
 [<ffffffff82d97863>] __sys_sendmsg+0xc3/0x160 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1995
 [<ffffffff82d9790d>] SYSC_sendmsg /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2006 [inline]
 [<ffffffff82d9790d>] SyS_sendmsg+0xd/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2002
 [<ffffffff8374ab36>] entry_SYSCALL_64_fastpath+0x16/0x76
BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor0/4866
caller is __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
CPU: 1 PID: 4866 Comm: syz-executor0 Not tainted 4.4.105-g36205b7 #4
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 0000000000000000 55628082b881ede2 ffff8801d1b876b8 ffffffff81cc9b4f
 0000000000000001 ffffffff839fd4a0 ffff8801d1b876f8 ffffffff81d28d58
 ffffffff83d093a0 ffff8800b7088000 dffffc0000000000 ffffffff83cff4e0
Call Trace:
 [<ffffffff81cc9b4f>] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline]
 [<ffffffff81cc9b4f>] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51
 [<ffffffff81d28d58>] check_preemption_disabled+0x1b8/0x1f0 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:46
 [<ffffffff81d28dc3>] __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
 [<ffffffff832a4598>] ipcomp_alloc_tfms /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:286 [inline]
 [<ffffffff832a4598>] ipcomp_init_state+0x168/0x8e0 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:363
 [<ffffffff83206e7e>] ipcomp4_init_state+0x9e/0x840 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/ipcomp.c:137
 [<ffffffff83282524>] __xfrm_init_state+0x354/0xa40 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2058
 [<ffffffff83282c1e>] xfrm_init_state+0xe/0x10 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2084
 [<ffffffff8340f088>] pfkey_msg2xfrm_state /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1281 [inline]
 [<ffffffff8340f088>] pfkey_add+0x1e18/0x3d80 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1498
 [<ffffffff834134bd>] pfkey_process+0x58d/0x900 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:2826
 [<ffffffff83414feb>] pfkey_sendmsg+0x35b/0x6c0 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:3670
 [<ffffffff82d94005>] sock_sendmsg_nosec /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:625 [inline]
 [<ffffffff82d94005>] sock_sendmsg+0xb5/0xf0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:635
 [<ffffffff82d95add>] ___sys_sendmsg+0x66d/0x7d0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1961
 [<ffffffff82d97863>] __sys_sendmsg+0xc3/0x160 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1995
 [<ffffffff82d9790d>] SYSC_sendmsg /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2006 [inline]
 [<ffffffff82d9790d>] SyS_sendmsg+0xd/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2002
 [<ffffffff8374ab36>] entry_SYSCALL_64_fastpath+0x16/0x76
BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor3/4830
caller is __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
CPU: 0 PID: 4830 Comm: syz-executor3 Not tainted 4.4.105-g36205b7 #4
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 0000000000000000 617a0c208240efef ffff8800b57876b8 ffffffff81cc9b4f
 0000000000000000 ffffffff839fd4a0 ffff8800b57876f8 ffffffff81d28d58
 ffffffff83d093a0 ffff8800b708a980 dffffc0000000000 ffffffff83cff4e0
Call Trace:
 [<ffffffff81cc9b4f>] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline]
 [<ffffffff81cc9b4f>] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51
 [<ffffffff81d28d58>] check_preemption_disabled+0x1b8/0x1f0 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:46
 [<ffffffff81d28dc3>] __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
 [<ffffffff832a4598>] ipcomp_alloc_tfms /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:286 [inline]
 [<ffffffff832a4598>] ipcomp_init_state+0x168/0x8e0 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:363
 [<ffffffff83206e7e>] ipcomp4_init_state+0x9e/0x840 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/ipcomp.c:137
 [<ffffffff83282524>] __xfrm_init_state+0x354/0xa40 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2058
 [<ffffffff83282c1e>] xfrm_init_state+0xe/0x10 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2084
 [<ffffffff8340f088>] pfkey_msg2xfrm_state /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1281 [inline]
 [<ffffffff8340f088>] pfkey_add+0x1e18/0x3d80 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1498
 [<ffffffff834134bd>] pfkey_process+0x58d/0x900 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:2826
 [<ffffffff83414feb>] pfkey_sendmsg+0x35b/0x6c0 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:3670
 [<ffffffff82d94005>] sock_sendmsg_nosec /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:625 [inline]
 [<ffffffff82d94005>] sock_sendmsg+0xb5/0xf0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:635
 [<ffffffff82d95add>] ___sys_sendmsg+0x66d/0x7d0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1961
 [<ffffffff82d97863>] __sys_sendmsg+0xc3/0x160 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1995
 [<ffffffff82d9790d>] SYSC_sendmsg /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2006 [inline]
 [<ffffffff82d9790d>] SyS_sendmsg+0xd/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2002
 [<ffffffff8374ab36>] entry_SYSCALL_64_fastpath+0x16/0x76
netlink: 18 bytes leftover after parsing attributes in process `syz-executor4'.
netlink: 18 bytes leftover after parsing attributes in process `syz-executor4'.
BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor1/5022
caller is __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
CPU: 1 PID: 5022 Comm: syz-executor1 Not tainted 4.4.105-g36205b7 #4
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 0000000000000000 c94b6f5a5ce4bd27 ffff8801d1b2f6b8 ffffffff81cc9b4f
 0000000000000001 ffffffff839fd4a0 ffff8801d1b2f6f8 ffffffff81d28d58
 ffffffff83d093a0 ffff8800b7089f20 dffffc0000000000 ffffffff83cff4e0
Call Trace:
 [<ffffffff81cc9b4f>] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline]
 [<ffffffff81cc9b4f>] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51
 [<ffffffff81d28d58>] check_preemption_disabled+0x1b8/0x1f0 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:46
 [<ffffffff81d28dc3>] __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
 [<ffffffff832a4598>] ipcomp_alloc_tfms /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:286 [inline]
 [<ffffffff832a4598>] ipcomp_init_state+0x168/0x8e0 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:363
 [<ffffffff83206e7e>] ipcomp4_init_state+0x9e/0x840 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/ipcomp.c:137
 [<ffffffff83282524>] __xfrm_init_state+0x354/0xa40 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2058
 [<ffffffff83282c1e>] xfrm_init_state+0xe/0x10 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2084
 [<ffffffff8340f088>] pfkey_msg2xfrm_state /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1281 [inline]
 [<ffffffff8340f088>] pfkey_add+0x1e18/0x3d80 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1498
 [<ffffffff834134bd>] pfkey_process+0x58d/0x900 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:2826
 [<ffffffff83414feb>] pfkey_sendmsg+0x35b/0x6c0 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:3670
 [<ffffffff82d94005>] sock_sendmsg_nosec /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:625 [inline]
 [<ffffffff82d94005>] sock_sendmsg+0xb5/0xf0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:635
 [<ffffffff82d95add>] ___sys_sendmsg+0x66d/0x7d0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1961
 [<ffffffff82d97863>] __sys_sendmsg+0xc3/0x160 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1995
 [<ffffffff82d9790d>] SYSC_sendmsg /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2006 [inline]
 [<ffffffff82d9790d>] SyS_sendmsg+0xd/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2002
 [<ffffffff8374ab36>] entry_SYSCALL_64_fastpath+0x16/0x76
BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor1/5032
caller is __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
CPU: 1 PID: 5032 Comm: syz-executor1 Not tainted 4.4.105-g36205b7 #4
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 0000000000000000 d1d2c292ca6ca247 ffff8801d619f6b8 ffffffff81cc9b4f
 0000000000000001 ffffffff839fd4a0 ffff8801d619f6f8 ffffffff81d28d58
 ffffffff83d093a0 ffff8801d3184530 dffffc0000000000 ffffffff83cff4e0
Call Trace:
 [<ffffffff81cc9b4f>] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline]
 [<ffffffff81cc9b4f>] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51
 [<ffffffff81d28d58>] check_preemption_disabled+0x1b8/0x1f0 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:46
 [<ffffffff81d28dc3>] __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
 [<ffffffff832a4598>] ipcomp_alloc_tfms /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:286 [inline]
 [<ffffffff832a4598>] ipcomp_init_state+0x168/0x8e0 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:363
 [<ffffffff83206e7e>] ipcomp4_init_state+0x9e/0x840 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/ipcomp.c:137
 [<ffffffff83282524>] __xfrm_init_state+0x354/0xa40 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2058
 [<ffffffff83282c1e>] xfrm_init_state+0xe/0x10 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2084
 [<ffffffff8340f088>] pfkey_msg2xfrm_state /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1281 [inline]
 [<ffffffff8340f088>] pfkey_add+0x1e18/0x3d80 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1498
 [<ffffffff834134bd>] pfkey_process+0x58d/0x900 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:2826
 [<ffffffff83414feb>] pfkey_sendmsg+0x35b/0x6c0 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:3670
 [<ffffffff82d94005>] sock_sendmsg_nosec /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:625 [inline]
 [<ffffffff82d94005>] sock_sendmsg+0xb5/0xf0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:635
 [<ffffffff82d95add>] ___sys_sendmsg+0x66d/0x7d0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1961
 [<ffffffff82d97863>] __sys_sendmsg+0xc3/0x160 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1995
 [<ffffffff82d9790d>] SYSC_sendmsg /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2006 [inline]
 [<ffffffff82d9790d>] SyS_sendmsg+0xd/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2002
 [<ffffffff8374ab36>] entry_SYSCALL_64_fastpath+0x16/0x76
audit: type=1400 audit(1513084386.789:5): avc:  denied  { create } for  pid=5306 comm="syz-executor1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_crypto_socket permissive=1
BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor6/5442
caller is __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
CPU: 1 PID: 5442 Comm: syz-executor6 Not tainted 4.4.105-g36205b7 #4
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 0000000000000000 5c6b914572ab27c1 ffff8800b937f6b8 ffffffff81cc9b4f
 0000000000000001 ffffffff839fd4a0 ffff8800b937f6f8 ffffffff81d28d58
 ffffffff83d093a0 ffff8801da7673e0 dffffc0000000000 ffffffff83cff4e0
Call Trace:
 [<ffffffff81cc9b4f>] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline]
 [<ffffffff81cc9b4f>] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51
 [<ffffffff81d28d58>] check_preemption_disabled+0x1b8/0x1f0 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:46
 [<ffffffff81d28dc3>] __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
 [<ffffffff832a4598>] ipcomp_alloc_tfms /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:286 [inline]
 [<ffffffff832a4598>] ipcomp_init_state+0x168/0x8e0 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:363
 [<ffffffff83206e7e>] ipcomp4_init_state+0x9e/0x840 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/ipcomp.c:137
 [<ffffffff83282524>] __xfrm_init_state+0x354/0xa40 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2058
 [<ffffffff83282c1e>] xfrm_init_state+0xe/0x10 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2084
 [<ffffffff8340f088>] pfkey_msg2xfrm_state /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1281 [inline]
 [<ffffffff8340f088>] pfkey_add+0x1e18/0x3d80 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1498
 [<ffffffff834134bd>] pfkey_process+0x58d/0x900 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:2826
 [<ffffffff83414feb>] pfkey_sendmsg+0x35b/0x6c0 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:3670
 [<ffffffff82d94005>] sock_sendmsg_nosec /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:625 [inline]
 [<ffffffff82d94005>] sock_sendmsg+0xb5/0xf0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:635
 [<ffffffff82d95add>] ___sys_sendmsg+0x66d/0x7d0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1961
 [<ffffffff82d97863>] __sys_sendmsg+0xc3/0x160 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1995
 [<ffffffff82d9790d>] SYSC_sendmsg /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2006 [inline]
 [<ffffffff82d9790d>] SyS_sendmsg+0xd/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2002
 [<ffffffff8374ab36>] entry_SYSCALL_64_fastpath+0x16/0x76
BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor6/5502
caller is __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
CPU: 0 PID: 5502 Comm: syz-executor6 Not tainted 4.4.105-g36205b7 #4
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 0000000000000000 8b05feb853831eeb ffff8800b41d76b8 ffffffff81cc9b4f
 0000000000000000 ffffffff839fd4a0 ffff8800b41d76f8 ffffffff81d28d58
 ffffffff83d093a0 ffff8800b7088530 dffffc0000000000 ffffffff83cff4e0
Call Trace:
 [<ffffffff81cc9b4f>] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline]
 [<ffffffff81cc9b4f>] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51
 [<ffffffff81d28d58>] check_preemption_disabled+0x1b8/0x1f0 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:46
 [<ffffffff81d28dc3>] __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
 [<ffffffff832a4598>] ipcomp_alloc_tfms /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:286 [inline]
 [<ffffffff832a4598>] ipcomp_init_state+0x168/0x8e0 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:363
 [<ffffffff83206e7e>] ipcomp4_init_state+0x9e/0x840 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/ipcomp.c:137
 [<ffffffff83282524>] __xfrm_init_state+0x354/0xa40 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2058
 [<ffffffff83282c1e>] xfrm_init_state+0xe/0x10 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2084
 [<ffffffff8340f088>] pfkey_msg2xfrm_state /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1281 [inline]
 [<ffffffff8340f088>] pfkey_add+0x1e18/0x3d80 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1498
 [<ffffffff834134bd>] pfkey_process+0x58d/0x900 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:2826
 [<ffffffff83414feb>] pfkey_sendmsg+0x35b/0x6c0 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:3670
 [<ffffffff82d94005>] sock_sendmsg_nosec /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:625 [inline]
 [<ffffffff82d94005>] sock_sendmsg+0xb5/0xf0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:635
 [<ffffffff82d95add>] ___sys_sendmsg+0x66d/0x7d0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1961
 [<ffffffff82d97863>] __sys_sendmsg+0xc3/0x160 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1995
 [<ffffffff82d9790d>] SYSC_sendmsg /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2006 [inline]
 [<ffffffff82d9790d>] SyS_sendmsg+0xd/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2002
 [<ffffffff8374ab36>] entry_SYSCALL_64_fastpath+0x16/0x76
BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor1/5508
caller is __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
CPU: 1 PID: 5508 Comm: syz-executor1 Not tainted 4.4.105-g36205b7 #4
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 0000000000000000 dc474b5059fbaacc ffff8801d32876b8 ffffffff81cc9b4f
 0000000000000001 ffffffff839fd4a0 ffff8801d32876f8 ffffffff81d28d58
 ffffffff83d093a0 ffff8800b708aeb0 dffffc0000000000 ffffffff83cff4e0
Call Trace:
 [<ffffffff81cc9b4f>] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline]
 [<ffffffff81cc9b4f>] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51
 [<ffffffff81d28d58>] check_preemption_disabled+0x1b8/0x1f0 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:46
 [<ffffffff81d28dc3>] __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
 [<ffffffff832a4598>] ipcomp_alloc_tfms /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:286 [inline]
 [<ffffffff832a4598>] ipcomp_init_state+0x168/0x8e0 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:363
 [<ffffffff83206e7e>] ipcomp4_init_state+0x9e/0x840 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/ipcomp.c:137
 [<ffffffff83282524>] __xfrm_init_state+0x354/0xa40 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2058
 [<ffffffff83282c1e>] xfrm_init_state+0xe/0x10 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2084
 [<ffffffff8340f088>] pfkey_msg2xfrm_state /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1281 [inline]
 [<ffffffff8340f088>] pfkey_add+0x1e18/0x3d80 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1498
 [<ffffffff834134bd>] pfkey_process+0x58d/0x900 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:2826
 [<ffffffff83414feb>] pfkey_sendmsg+0x35b/0x6c0 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:3670
 [<ffffffff82d94005>] sock_sendmsg_nosec /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:625 [inline]
 [<ffffffff82d94005>] sock_sendmsg+0xb5/0xf0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:635
 [<ffffffff82d95add>] ___sys_sendmsg+0x66d/0x7d0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1961
 [<ffffffff82d97863>] __sys_sendmsg+0xc3/0x160 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1995
 [<ffffffff82d9790d>] SYSC_sendmsg /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2006 [inline]
 [<ffffffff82d9790d>] SyS_sendmsg+0xd/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2002
 [<ffffffff8374ab36>] entry_SYSCALL_64_fastpath+0x16/0x76
BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor1/5524
caller is __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
CPU: 1 PID: 5524 Comm: syz-executor1 Not tainted 4.4.105-g36205b7 #4
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 0000000000000000 6385ad5751067ed4 ffff8801d3c6f6b8 ffffffff81cc9b4f
 0000000000000001 ffffffff839fd4a0 ffff8801d3c6f6f8 ffffffff81d28d58
 ffffffff83d093a0 ffff8801d3186eb0 dffffc0000000000 ffffffff83cff4e0
Call Trace:
 [<ffffffff81cc9b4f>] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline]
 [<ffffffff81cc9b4f>] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51
 [<ffffffff81d28d58>] check_preemption_disabled+0x1b8/0x1f0 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:46
 [<ffffffff81d28dc3>] __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
 [<ffffffff832a4598>] ipcomp_alloc_tfms /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:286 [inline]
 [<ffffffff832a4598>] ipcomp_init_state+0x168/0x8e0 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:363
 [<ffffffff83206e7e>] ipcomp4_init_state+0x9e/0x840 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/ipcomp.c:137
 [<ffffffff83282524>] __xfrm_init_state+0x354/0xa40 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2058
 [<ffffffff83282c1e>] xfrm_init_state+0xe/0x10 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2084
 [<ffffffff8340f088>] pfkey_msg2xfrm_state /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1281 [inline]
 [<ffffffff8340f088>] pfkey_add+0x1e18/0x3d80 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1498
 [<ffffffff834134bd>] pfkey_process+0x58d/0x900 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:2826
 [<ffffffff83414feb>] pfkey_sendmsg+0x35b/0x6c0 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:3670
 [<ffffffff82d94005>] sock_sendmsg_nosec /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:625 [inline]
 [<ffffffff82d94005>] sock_sendmsg+0xb5/0xf0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:635
 [<ffffffff82d95add>] ___sys_sendmsg+0x66d/0x7d0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1961
 [<ffffffff82d97863>] __sys_sendmsg+0xc3/0x160 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1995
 [<ffffffff82d9790d>] SYSC_sendmsg /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2006 [inline]
 [<ffffffff82d9790d>] SyS_sendmsg+0xd/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2002
 [<ffffffff8374ab36>] entry_SYSCALL_64_fastpath+0x16/0x76
nla_parse: 8 callbacks suppressed
netlink: 4 bytes leftover after parsing attributes in process `syz-executor2'.
netlink: 18 bytes leftover after parsing attributes in process `syz-executor6'.
netlink: 18 bytes leftover after parsing attributes in process `syz-executor6'.
netlink: 4 bytes leftover after parsing attributes in process `syz-executor2'.
netlink: 18 bytes leftover after parsing attributes in process `syz-executor7'.
netlink: 18 bytes leftover after parsing attributes in process `syz-executor7'.
BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor3/5677
caller is __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
CPU: 1 PID: 5677 Comm: syz-executor3 Not tainted 4.4.105-g36205b7 #4
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 0000000000000000[   43.804291] netlink: 18 bytes leftover after parsing attributes in process `syz-executor5'.
netlink: 18 bytes leftover after parsing attributes in process `syz-executor5'.
 bd3958876706d3c0 ffff8800b79a76b8 ffffffff81cc9b4f
 0000000000000001 ffffffff839fd4a0 ffff8800b79a76f8 ffffffff81d28d58
 ffffffff83d093a0 ffff8800b70894c0 dffffc0000000000 ffffffff83cff4e0
Call Trace:
 [<ffffffff81cc9b4f>] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline]
 [<ffffffff81cc9b4f>] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51
 [<ffffffff81d28d58>] check_preemption_disabled+0x1b8/0x1f0 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:46
 [<ffffffff81d28dc3>] __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
 [<ffffffff832a4598>] ipcomp_alloc_tfms /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:286 [inline]
 [<ffffffff832a4598>] ipcomp_init_state+0x168/0x8e0 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:363
 [<ffffffff83206e7e>] ipcomp4_init_state+0x9e/0x840 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/ipcomp.c:137
 [<ffffffff83282524>] __xfrm_init_state+0x354/0xa40 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2058
 [<ffffffff83282c1e>] xfrm_init_state+0xe/0x10 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2084
 [<ffffffff8340f088>] pfkey_msg2xfrm_state /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1281 [inline]
 [<ffffffff8340f088>] pfkey_add+0x1e18/0x3d80 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1498
 [<ffffffff834134bd>] pfkey_process+0x58d/0x900 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:2826
 [<ffffffff83414feb>] pfkey_sendmsg+0x35b/0x6c0 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:3670
 [<ffffffff82d94005>] sock_sendmsg_nosec /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:625 [inline]
 [<ffffffff82d94005>] sock_sendmsg+0xb5/0xf0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:635
 [<ffffffff82d95add>] ___sys_sendmsg+0x66d/0x7d0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1961
 [<ffffffff82d97863>] __sys_sendmsg+0xc3/0x160 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1995
 [<ffffffff82d9790d>] SYSC_sendmsg /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2006 [inline]
 [<ffffffff82d9790d>] SyS_sendmsg+0xd/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2002
 [<ffffffff8374ab36>] entry_SYSCALL_64_fastpath+0x16/0x76
BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor3/5691
caller is __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
CPU: 0 PID: 5691 Comm: syz-executor3 Not tainted 4.4.105-g36205b7 #4
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 0000000000000000 ac947c2fcc51cc94 ffff8800b59ff6b8 ffffffff81cc9b4f
 0000000000000000 ffffffff839fd4a0 ffff8800b59ff6f8 ffffffff81d28d58
 ffffffff83d093a0 ffff8800b7088530 dffffc0000000000 ffffffff83cff4e0
Call Trace:
 [<ffffffff81cc9b4f>] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline]
 [<ffffffff81cc9b4f>] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51
 [<ffffffff81d28d58>] check_preemption_disabled+0x1b8/0x1f0 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:46
 [<ffffffff81d28dc3>] __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62
 [<ffffffff832a4598>] ipcomp_alloc_tfms /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:286 [inline]
 [<ffffffff832a4598>] ipcomp_init_state+0x168/0x8e0 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:363
 [<ffffffff83206e7e>] ipcomp4_init_state+0x9e/0x840 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/ipcomp.c:137
 [<ffffffff83282524>] __xfrm_init_state+0x354/0xa40 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2058
 [<ffffffff83282c1e>] xfrm_init_state+0xe/0x10 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2084
 [<ffffffff8340f088>] pfkey_msg2xfrm_state /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1281 [inline]
 [<ffffffff8340f088>] pfkey_add+0x1e18/0x3d80 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1498
 [<ffffffff834134bd>] pfkey_process+0x58d/0x900 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:2826
 [<ffffffff83414feb>] pfkey_sendmsg+0x35b/0x6c0 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:3670
 [<ffffffff82d94005>] sock_sendmsg_nosec /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:625 [inline]
 [<ffffffff82d94005>] sock_sendmsg+0xb5/0xf0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:635
 [<ffffffff82d95add>] ___sys_sendmsg+0x66d/0x7d0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1961
 [<ffffffff82d97863>] __sys_sendmsg+0xc3/0x160 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1995
 [<ffffffff82d9790d>] SYSC_sendmsg /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2006 [inline]
 [<ffffffff82d9790d>] SyS_sendmsg+0xd/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2002
 [<ffffffff8374ab36>] entry_SYSCALL_64_fastpath+0x16/0x76
netlink: 4 bytes leftover after parsing attributes in process `syz-executor3'.
netlink: 4 bytes leftover after parsing attributes in process `syz-executor3'.

Crashes (124):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2017/12/12 13:13 https://android.googlesource.com/kernel/common android-4.4 36205b7fa963 081721ff .config console log report ci-android-44-kasan-gce
2017/12/12 13:12 https://android.googlesource.com/kernel/common android-4.4 36205b7fa963 081721ff .config console log report ci-android-44-kasan-gce
2017/12/12 13:06 https://android.googlesource.com/kernel/common android-4.4 36205b7fa963 081721ff .config console log report ci-android-44-kasan-gce
2017/12/12 13:03 https://android.googlesource.com/kernel/common android-4.4 36205b7fa963 081721ff .config console log report ci-android-44-kasan-gce
2017/12/12 13:03 https://android.googlesource.com/kernel/common android-4.4 36205b7fa963 081721ff .config console log report ci-android-44-kasan-gce
2017/12/12 13:03 https://android.googlesource.com/kernel/common android-4.4 36205b7fa963 081721ff .config console log report ci-android-44-kasan-gce
2017/12/12 13:01 https://android.googlesource.com/kernel/common android-4.4 36205b7fa963 081721ff .config console log report ci-android-44-kasan-gce
2017/12/12 12:58 https://android.googlesource.com/kernel/common android-4.4 36205b7fa963 081721ff .config console log report ci-android-44-kasan-gce
2017/12/12 12:55 https://android.googlesource.com/kernel/common android-4.4 36205b7fa963 081721ff .config console log report ci-android-44-kasan-gce
2017/12/12 12:48 https://android.googlesource.com/kernel/common android-4.4 36205b7fa963 081721ff .config console log report ci-android-44-kasan-gce
2017/12/12 12:46 https://android.googlesource.com/kernel/common android-4.4 36205b7fa963 081721ff .config console log report ci-android-44-kasan-gce
2017/12/12 12:40 https://android.googlesource.com/kernel/common android-4.4 36205b7fa963 081721ff .config console log report ci-android-44-kasan-gce
2017/12/12 12:32 https://android.googlesource.com/kernel/common android-4.4 36205b7fa963 081721ff .config console log report ci-android-44-kasan-gce
2017/12/12 12:31 https://android.googlesource.com/kernel/common android-4.4 36205b7fa963 081721ff .config console log report ci-android-44-kasan-gce
2017/12/12 12:31 https://android.googlesource.com/kernel/common android-4.4 36205b7fa963 081721ff .config console log report ci-android-44-kasan-gce
2017/12/12 12:31 https://android.googlesource.com/kernel/common android-4.4 36205b7fa963 081721ff .config console log report ci-android-44-kasan-gce
2017/12/12 12:31 https://android.googlesource.com/kernel/common android-4.4 36205b7fa963 081721ff .config console log report ci-android-44-kasan-gce
2017/12/12 12:29 https://android.googlesource.com/kernel/common android-4.4 36205b7fa963 081721ff .config console log report ci-android-44-kasan-gce
2017/12/12 12:28 https://android.googlesource.com/kernel/common android-4.4 36205b7fa963 081721ff .config console log report ci-android-44-kasan-gce
2017/12/12 12:20 https://android.googlesource.com/kernel/common android-4.4 36205b7fa963 081721ff .config console log report ci-android-44-kasan-gce
2017/12/12 12:20 https://android.googlesource.com/kernel/common android-4.4 36205b7fa963 081721ff .config console log report ci-android-44-kasan-gce
2017/12/12 12:18 https://android.googlesource.com/kernel/common android-4.4 36205b7fa963 081721ff .config console log report ci-android-44-kasan-gce
2017/12/12 12:17 https://android.googlesource.com/kernel/common android-4.4 36205b7fa963 081721ff .config console log report ci-android-44-kasan-gce
2017/12/12 12:15 https://android.googlesource.com/kernel/common android-4.4 36205b7fa963 081721ff .config console log report ci-android-44-kasan-gce
2017/12/12 12:11 https://android.googlesource.com/kernel/common android-4.4 36205b7fa963 081721ff .config console log report ci-android-44-kasan-gce
2017/12/12 12:09 https://android.googlesource.com/kernel/common android-4.4 36205b7fa963 081721ff .config console log report ci-android-44-kasan-gce
2017/12/12 12:07 https://android.googlesource.com/kernel/common android-4.4 36205b7fa963 081721ff .config console log report ci-android-44-kasan-gce
2017/12/12 12:06 https://android.googlesource.com/kernel/common android-4.4 36205b7fa963 081721ff .config console log report ci-android-44-kasan-gce
2017/12/12 12:02 https://android.googlesource.com/kernel/common android-4.4 36205b7fa963 081721ff .config console log report ci-android-44-kasan-gce
2017/12/12 12:01 https://android.googlesource.com/kernel/common android-4.4 36205b7fa963 081721ff .config console log report ci-android-44-kasan-gce
2017/12/12 12:00 https://android.googlesource.com/kernel/common android-4.4 36205b7fa963 081721ff .config console log report ci-android-44-kasan-gce
2017/12/12 11:59 https://android.googlesource.com/kernel/common android-4.4 36205b7fa963 081721ff .config console log report ci-android-44-kasan-gce
2017/12/12 11:55 https://android.googlesource.com/kernel/common android-4.4 36205b7fa963 081721ff .config console log report ci-android-44-kasan-gce
2017/12/12 11:54 https://android.googlesource.com/kernel/common android-4.4 36205b7fa963 081721ff .config console log report ci-android-44-kasan-gce
2017/12/12 11:52 https://android.googlesource.com/kernel/common android-4.4 36205b7fa963 081721ff .config console log report ci-android-44-kasan-gce
2017/12/12 11:52 https://android.googlesource.com/kernel/common android-4.4 36205b7fa963 081721ff .config console log report ci-android-44-kasan-gce
2017/12/12 11:50 https://android.googlesource.com/kernel/common android-4.4 36205b7fa963 081721ff .config console log report ci-android-44-kasan-gce
2017/12/12 11:50 https://android.googlesource.com/kernel/common android-4.4 36205b7fa963 081721ff .config console log report ci-android-44-kasan-gce
2017/12/12 11:49 https://android.googlesource.com/kernel/common android-4.4 36205b7fa963 081721ff .config console log report ci-android-44-kasan-gce
2017/12/12 11:47 https://android.googlesource.com/kernel/common android-4.4 36205b7fa963 081721ff .config console log report ci-android-44-kasan-gce
* Struck through repros no longer work on HEAD.