audit: type=1400 audit(1549178839.097:51): avc: denied { node_bind } for pid=8747 comm="syz-executor1" src=20000 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:node_t:s0 tclass=dccp_socket permissive=1 BUG: please report to dccp@vger.kernel.org => prev = 0, last = 0 at net/dccp/ccids/lib/packet_history.c:422/tfrc_rx_hist_sample_rtt() CPU: 1 PID: 16 Comm: ksoftirqd/1 Not tainted 5.0.0-rc4+ #58 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x172/0x1f0 lib/dump_stack.c:113 tfrc_rx_hist_sample_rtt.cold+0x56/0x61 net/dccp/ccids/lib/packet_history.c:422 ccid3_hc_rx_packet_recv+0x5c6/0xeb0 net/dccp/ccids/ccid3.c:767 ccid_hc_rx_packet_recv net/dccp/ccid.h:185 [inline] dccp_deliver_input_to_ccids+0xee/0x280 net/dccp/input.c:180 dccp_rcv_established net/dccp/input.c:378 [inline] dccp_rcv_established+0x83/0xb0 net/dccp/input.c:368 dccp_v4_do_rcv+0x139/0x190 net/dccp/ipv4.c:659 sk_backlog_rcv include/net/sock.h:936 [inline] __sk_receive_skb+0x341/0xbf0 net/core/sock.c:473 dccp_v4_rcv+0xeaa/0x1bf1 net/dccp/ipv4.c:880 ip_protocol_deliver_rcu+0x60/0x8e0 net/ipv4/ip_input.c:208 ip_local_deliver_finish+0x23b/0x390 net/ipv4/ip_input.c:234 NF_HOOK include/linux/netfilter.h:289 [inline] NF_HOOK include/linux/netfilter.h:283 [inline] ip_local_deliver+0x1e9/0x520 net/ipv4/ip_input.c:255 dst_input include/net/dst.h:450 [inline] ip_rcv_finish+0x1f4/0x2f0 net/ipv4/ip_input.c:414 NF_HOOK include/linux/netfilter.h:289 [inline] NF_HOOK include/linux/netfilter.h:283 [inline] ip_rcv+0xe8/0x3f0 net/ipv4/ip_input.c:524 __netif_receive_skb_one_core+0x115/0x1a0 net/core/dev.c:4973 __netif_receive_skb+0x2c/0x1c0 net/core/dev.c:5083 process_backlog+0x206/0x750 net/core/dev.c:5923 napi_poll net/core/dev.c:6346 [inline] net_rx_action+0x4fa/0x1070 net/core/dev.c:6412 __do_softirq+0x266/0x95a kernel/softirq.c:292 run_ksoftirqd kernel/softirq.c:654 [inline] run_ksoftirqd+0x8e/0x110 kernel/softirq.c:646 smpboot_thread_fn+0x6ab/0xa10 kernel/smpboot.c:164 kthread+0x357/0x430 kernel/kthread.c:246 ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:352 audit: type=1400 audit(1549178839.097:52): avc: denied { name_connect } for pid=8747 comm="syz-executor1" dest=20000 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:port_t:s0 tclass=dccp_socket permissive=1 overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. overlayfs: failed to resolve 'A': -2 overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. overlayfs: failed to resolve 'A': -2 dccp_close: ABORT with 260 bytes unread audit: type=1400 audit(1549178840.677:53): avc: denied { map } for pid=8810 comm="syz-executor1" path="/dev/bus/usb/004/001" dev="devtmpfs" ino=16967 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:usb_device_t:s0 tclass=chr_file permissive=1 kernel msg: ebtables bug: please report to author: Wrong len argument nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. kernel msg: ebtables bug: please report to author: Wrong len argument ax25_connect(): syz-executor1 uses autobind, please contact jreuter@yaina.de ax25_connect(): syz-executor1 uses autobind, please contact jreuter@yaina.de REISERFS warning (device loop2): super-6507 reiserfs_parse_options: bad value autW for -oresize QAT: Invalid ioctl QAT: Invalid ioctl audit: type=1400 audit(1549178843.147:54): avc: denied { relabelto } for pid=8949 comm="syz-executor2" name="file0" dev="sda1" ino=16635 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:smartcard_device_t:s0 tclass=dir permissive=1 REISERFS warning (device loop2): super-6507 reiserfs_parse_options: bad value autW for -oresize REISERFS warning (device loop2): super-6507 reiserfs_parse_options: bad value autW for -oresize nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. REISERFS warning (device loop2): super-6507 reiserfs_parse_options: bad value autW for -oresize REISERFS warning (device loop2): super-6507 reiserfs_parse_options: bad value autW for -oresize netlink: 20 bytes leftover after parsing attributes in process `syz-executor0'. binder: 9097:9103 ioctl c0306201 0 returned -14 REISERFS warning (device loop2): super-6507 reiserfs_parse_options: bad value autW for -oresize binder: 9097:9120 ioctl c0306201 0 returned -14 Unknown ioctl -2143271653 Unknown ioctl -2143271653 binder: 9135:9137 ioctl c0306201 0 returned -14 REISERFS warning (device loop2): super-6507 reiserfs_parse_options: bad value autW for -oresize EXT4-fs warning (device sda1): ext4_group_add:1636: No reserved GDT blocks, can't resize nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. audit: type=1400 audit(1549178845.887:55): avc: denied { map_read map_write } for pid=9174 comm="syz-executor4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1 REISERFS warning (device loop2): super-6507 reiserfs_parse_options: bad value autW for -oresize REISERFS warning (device loop2): super-6507 reiserfs_parse_options: bad value autW for -oresize REISERFS warning (device loop2): super-6507 reiserfs_parse_options: bad value autW for -oresize hugetlbfs: Bad mount option: "nfs" hugetlbfs: Bad mount option: "nfs" REISERFS warning (device loop2): super-6507 reiserfs_parse_options: bad value autW for -oresize netlink: 'syz-executor1': attribute type 1 has an invalid length. audit: type=1400 audit(1549178847.327:56): avc: denied { ioctl } for pid=9285 comm="syz-executor1" path="socket:[33123]" dev="sockfs" ino=33123 ioctlcmd=0x8916 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 netlink: 'syz-executor1': attribute type 1 has an invalid length. REISERFS warning (device loop2): super-6507 reiserfs_parse_options: bad value autW for -oresize audit: type=1400 audit(1549178847.587:57): avc: denied { map } for pid=9307 comm="syz-executor4" path="/dev/dsp" dev="devtmpfs" ino=17335 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:sound_device_t:s0 tclass=chr_file permissive=1 nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. REISERFS warning (device loop2): super-6507 reiserfs_parse_options: bad value autW for -oresize overlayfs: unrecognized mount option "loweóh@r;¹r=./file0" or missing value REISERFS warning (device loop2): super-6507 reiserfs_parse_options: bad value autW for -oresize overlayfs: unrecognized mount option "loweóh@r;¹r=./file0" or missing value REISERFS warning (device loop2): super-6507 reiserfs_parse_options: bad value autW for -oresize raw_sendmsg: syz-executor5 forgot to set AF_INET. Fix it! REISERFS warning (device loop2): super-6507 reiserfs_parse_options: bad value autW for -oresize REISERFS warning (device loop2): super-6507 reiserfs_parse_options: bad value autW for -oresize