SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1025 sclass=netlink_route_socket BUG: using __this_cpu_add() in preemptible [00000000] code: syz-executor6/7259 caller is __this_cpu_preempt_check+0x1c/0x20 lib/smp_processor_id.c:62 CPU: 1 PID: 7259 Comm: syz-executor6 Not tainted 4.4.113-g202e079 #1 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 4308765e31dd86ef ffff8801d991f6c8 ffffffff81d0278d 0000000000000001 ffffffff839fe3a0 ffffffff83cef6a0 ffff8801d90daf80 0000000000000003 ffff8801d991f708 ffffffff81d626d4 ffffffff810002b8 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x124 lib/dump_stack.c:51 [] check_preemption_disabled+0x1d4/0x200 lib/smp_processor_id.c:46 [] ? 0xffffffff810002b8 [] __this_cpu_preempt_check+0x1c/0x20 lib/smp_processor_id.c:62 [] tcp_try_coalesce+0x249/0x4d0 net/ipv4/tcp_input.c:4278 [] tcp_queue_rcv+0x127/0x720 net/ipv4/tcp_input.c:4485 [] tcp_send_rcvq+0x39b/0x450 net/ipv4/tcp_input.c:4531 [] tcp_sendmsg+0x1e8f/0x2b10 net/ipv4/tcp.c:1134 [] inet_sendmsg+0x2bc/0x4c0 net/ipv4/af_inet.c:755 [] sock_sendmsg_nosec net/socket.c:625 [inline] [] sock_sendmsg+0xca/0x110 net/socket.c:635 [] ___sys_sendmsg+0x6c1/0x7c0 net/socket.c:1962 [] __sys_sendmsg+0xd3/0x190 net/socket.c:1996 [] SYSC_sendmsg net/socket.c:2007 [inline] [] SyS_sendmsg+0x2d/0x50 net/socket.c:2003 [] entry_SYSCALL_64_fastpath+0x1c/0x98 BUG: using __this_cpu_add() in preemptible [00000000] code: syz-executor6/7263 caller is __this_cpu_preempt_check+0x1c/0x20 lib/smp_processor_id.c:62 CPU: 1 PID: 7263 Comm: syz-executor6 Not tainted 4.4.113-g202e079 #1 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 ae6550f4c7794192 ffff8801d96c76c8 ffffffff81d0278d 0000000000000001 ffffffff839fe3a0 ffffffff83cef6a0 ffff8801d90d8000 0000000000000003 ffff8801d96c7708 ffffffff81d626d4 ffffffff810002b8 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x124 lib/dump_stack.c:51 [] check_preemption_disabled+0x1d4/0x200 lib/smp_processor_id.c:46 netlink: 11 bytes leftover after parsing attributes in process `syz-executor7'. [] ? 0xffffffff810002b8 [] __this_cpu_preempt_check+0x1c/0x20 lib/smp_processor_id.c:62 [] tcp_try_coalesce+0x249/0x4d0 net/ipv4/tcp_input.c:4278 netlink: 11 bytes leftover after parsing attributes in process `syz-executor7'. [] tcp_queue_rcv+0x127/0x720 net/ipv4/tcp_input.c:4485 [] tcp_send_rcvq+0x39b/0x450 net/ipv4/tcp_input.c:4531 [] tcp_sendmsg+0x1e8f/0x2b10 net/ipv4/tcp.c:1134 [] inet_sendmsg+0x2bc/0x4c0 net/ipv4/af_inet.c:755 [] sock_sendmsg_nosec net/socket.c:625 [inline] [] sock_sendmsg+0xca/0x110 net/socket.c:635 [] ___sys_sendmsg+0x6c1/0x7c0 net/socket.c:1962 [] __sys_sendmsg+0xd3/0x190 net/socket.c:1996 [] SYSC_sendmsg net/socket.c:2007 [inline] [] SyS_sendmsg+0x2d/0x50 net/socket.c:2003 [] entry_SYSCALL_64_fastpath+0x1c/0x98 netlink: 11 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 11 bytes leftover after parsing attributes in process `syz-executor7'. sg_write: data in/out 700410/1 bytes for SCSI command 0xe2-- guessing data in; program syz-executor3 not setting count and/or reply_len properly FAULT_FLAG_ALLOW_RETRY missing 30 CPU: 1 PID: 7645 Comm: syz-executor7 Not tainted 4.4.113-g202e079 #1 audit: type=1400 audit(1517128873.574:14): avc: denied { bind } for pid=7652 comm="syz-executor1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 7108ed2de6229d7a ffff8801d9037a40 ffffffff81d0278d ffff8801d0675200 1ffff1003b206f55 ffff8801d9037bc8[ 50.655108] FAULT_FLAG_ALLOW_RETRY missing 30 0000000000000000 0000000000000000[ 50.665707] FAULT_FLAG_ALLOW_RETRY missing 30 ffff8801d9037bf0 ffffffff81605d55 ffffffff812363c0 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x124 lib/dump_stack.c:51 [] handle_userfault+0x715/0xf50 fs/userfaultfd.c:316 [] do_anonymous_page mm/memory.c:2731 [inline] [] handle_pte_fault mm/memory.c:3295 [inline] [] __handle_mm_fault mm/memory.c:3426 [inline] [] handle_mm_fault+0x2938/0x3190 mm/memory.c:3455 [] __do_page_fault+0x35b/0xa00 arch/x86/mm/fault.c:1245 [] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1308 [] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:1033 [] entry_SYSCALL_64_fastpath+0x1c/0x98 CPU: 0 PID: 7672 Comm: syz-executor1 Not tainted 4.4.113-g202e079 #1 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 5b864e4d9d5c84c3 ffff8800ba47f9f0 ffffffff81d0278d ffff8800b631f800 1ffff1001748ff4b ffff8800ba47fb78 0000000000000000 0000000000000000 ffff8800ba47fba0 ffffffff81605d55 ffffffff812363c0 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x124 lib/dump_stack.c:51 [] handle_userfault+0x715/0xf50 fs/userfaultfd.c:316 [] do_anonymous_page mm/memory.c:2731 [inline] [] handle_pte_fault mm/memory.c:3295 [inline] [] __handle_mm_fault mm/memory.c:3426 [inline] [] handle_mm_fault+0x2938/0x3190 mm/memory.c:3455 [] __do_page_fault+0x35b/0xa00 arch/x86/mm/fault.c:1245 [] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1308 [] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:1033 [] entry_SYSCALL_64_fastpath+0x1c/0x98 CPU: 1 PID: 7670 Comm: syz-executor6 Not tainted 4.4.113-g202e079 #1 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 424db167ec9e67ee ffff8800ba11f990 ffffffff81d0278d ffff8800b631f680 1ffff10017423f3f ffff8800ba11fb18 0000000000000000 0000000000000000 ffff8800ba11fb40 ffffffff81605d55 ffffffff812363c0 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x124 lib/dump_stack.c:51 [] handle_userfault+0x715/0xf50 fs/userfaultfd.c:316 [] do_anonymous_page mm/memory.c:2731 [inline] [] handle_pte_fault mm/memory.c:3295 [inline] [] __handle_mm_fault mm/memory.c:3426 [inline] [] handle_mm_fault+0x2938/0x3190 mm/memory.c:3455 [] __do_page_fault+0x35b/0xa00 arch/x86/mm/fault.c:1245 [] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1308 [] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:1033 [] entry_SYSCALL_64_fastpath+0x1c/0x98 audit: type=1400 audit(1517128874.154:15): avc: denied { setopt } for pid=7709 comm="syz-executor7" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 FAULT_FLAG_ALLOW_RETRY missing 30 CPU: 1 PID: 7713 Comm: syz-executor1 Not tainted 4.4.113-g202e079 #1 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 7c44d4a7d4a3a93d ffff8801cfdef9f0 ffffffff81d0278d ffff8801d0675680 1ffff10039fbdf4b ffff8801cfdefb78 0000000000000000 0000000000000000 ffff8801cfdefba0 ffffffff81605d55 ffffffff812363c0 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x124 lib/dump_stack.c:51 [] handle_userfault+0x715/0xf50 fs/userfaultfd.c:316 [] do_anonymous_page mm/memory.c:2731 [inline] [] handle_pte_fault mm/memory.c:3295 [inline] [] __handle_mm_fault mm/memory.c:3426 [inline] [] handle_mm_fault+0x2938/0x3190 mm/memory.c:3455 [] __do_page_fault+0x35b/0xa00 arch/x86/mm/fault.c:1245 [] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1308 [] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:1033 [] entry_SYSCALL_64_fastpath+0x1c/0x98 IPVS: Creating netns size=2552 id=11 pktgen: kernel_thread() failed for cpu 0 pktgen: Cannot create thread for cpu 0 (-4) pktgen: kernel_thread() failed for cpu 1 pktgen: Cannot create thread for cpu 1 (-4) pktgen: Initialization failed for all threads kasan: CONFIG_KASAN_INLINE enabled kasan: GPF could be caused by NULL-ptr deref or user memory accessgeneral protection fault: 0000 [#1] PREEMPT SMP KASAN Dumping ftrace buffer: (ftrace buffer empty) Modules linked in: CPU: 1 PID: 7732 Comm: syz-executor2 Not tainted 4.4.113-g202e079 #1 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 task: ffff8800bb0caf80 task.stack: ffff8800bb248000 RIP: 0010:[] [] __read_once_size include/linux/compiler.h:218 [inline] RIP: 0010:[] [] nfqnl_nf_hook_drop+0x190/0x3a0 net/netfilter/nfnetlink_queue.c:879 RSP: 0018:ffff8800bb24f998 EFLAGS: 00010202 RAX: 0000000000000007 RBX: 0000000000000003 RCX: ffffffff82f9b6d9 RDX: 0000000000010000 RSI: ffffc900026f8000 RDI: ffffffff847eb508 RBP: ffff8800bb24f9c8 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000000000000 R11: 1ffff10017649efe R12: dffffc0000000000 R13: ffff8800b1598968 R14: 0000000000000038 R15: 00000000000000b8 FS: 00007fd837388700(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f03158516d4 CR3: 00000001d9b8c000 CR4: 0000000000160670 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Stack: ffffffff82f9b650 ffffffff83cc6560 ffff8800ba6e9e00 ffff8800b1598968 ffff8800b1598968 ffff8800b1598960 ffff8800bb24f9f8 ffffffff82f9359e ffffffff82f934e0 ffffffff843e3760 ffff8800ba6ea8b8 dffffc0000000000 Call Trace: [] nf_queue_nf_hook_drop+0xbe/0x1d0 net/netfilter/nf_queue.c:108 [] nf_unregister_net_hook+0x2ab/0x350 net/netfilter/core.c:154 [] nf_unregister_hook_list net/netfilter/core.c:434 [inline] [] netfilter_net_exit+0x40/0xb0 net/netfilter/core.c:466 [] ops_exit_list.isra.4+0xae/0x150 net/core/net_namespace.c:134 [] setup_net+0x221/0x3e0 net/core/net_namespace.c:303 [] copy_net_ns+0xd2/0x190 net/core/net_namespace.c:369 [] create_new_namespaces+0x2f6/0x610 kernel/nsproxy.c:95 [] copy_namespaces+0x291/0x320 kernel/nsproxy.c:150 [] copy_process+0x1d98/0x6120 kernel/fork.c:1506 [] _do_fork+0x151/0xe00 kernel/fork.c:1784 [] SYSC_clone kernel/fork.c:1893 [inline] [] SyS_clone+0x37/0x50 kernel/fork.c:1887 [] entry_SYSCALL_64_fastpath+0x1c/0x98 Code: f9 83 01 00 0f 84 d8 00 00 00 4d 8d 77 38 49 bc 00 00 00 00 00 fc ff df 49 81 c7 b8 00 00 00 e8 47 45 3c fe 4c 89 f0 48 c1 e8 03 <42> 80 3c 20 00 0f 85 f4 01 00 00 49 8b 1e e8 fd 96 2e fe 48 85 RIP [] __read_once_size include/linux/compiler.h:218 [inline] RIP [] nfqnl_nf_hook_drop+0x190/0x3a0 net/netfilter/nfnetlink_queue.c:879 RSP ---[ end trace 744a6b9ef3e6dc09 ]---