BUG: please report to dccp@vger.kernel.org => prev = 0, last = 0 at net/dccp/ccids/lib/packet_history.c:425/tfrc_rx_hist_sample_rtt() CPU: 0 PID: 6160 Comm: syz-executor1 Not tainted 4.15.0+ #222 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 tfrc_rx_hist_sample_rtt+0x407/0x4d0 net/dccp/ccids/lib/packet_history.c:422 ccid3_hc_rx_packet_recv+0x696/0xeb3 net/dccp/ccids/ccid3.c:765 ccid_hc_rx_packet_recv net/dccp/ccid.h:185 [inline] dccp_deliver_input_to_ccids+0xd9/0x250 net/dccp/input.c:180 dccp_rcv_established+0x88/0xb0 net/dccp/input.c:378 dccp_v4_do_rcv+0x135/0x160 net/dccp/ipv4.c:653 sk_backlog_rcv include/net/sock.h:908 [inline] __sk_receive_skb+0x33e/0xc10 net/core/sock.c:513 dccp_v4_rcv+0xf5f/0x1c80 net/dccp/ipv4.c:874 syz-executor6 (6162) used greatest stack depth: 13312 bytes left ip_local_deliver_finish+0x2f1/0xc50 net/ipv4/ip_input.c:216 NF_HOOK include/linux/netfilter.h:288 [inline] ip_local_deliver+0x1ce/0x6e0 net/ipv4/ip_input.c:257 dst_input include/net/dst.h:449 [inline] ip_rcv_finish+0xa36/0x2040 net/ipv4/ip_input.c:397 NF_HOOK include/linux/netfilter.h:288 [inline] ip_rcv+0xc5a/0x1840 net/ipv4/ip_input.c:493 __netif_receive_skb_core+0x1a41/0x3460 net/core/dev.c:4547 __netif_receive_skb+0x2c/0x1b0 net/core/dev.c:4612 process_backlog+0x203/0x740 net/core/dev.c:5292 napi_poll net/core/dev.c:5690 [inline] net_rx_action+0x792/0x1910 net/core/dev.c:5756 __do_softirq+0x2d7/0xb85 kernel/softirq.c:285 do_softirq_own_stack+0x2a/0x40 arch/x86/entry/entry_64.S:1042 do_softirq.part.19+0x14d/0x190 kernel/softirq.c:329 do_softirq kernel/softirq.c:177 [inline] __local_bh_enable_ip+0x1ee/0x230 kernel/softirq.c:182 local_bh_enable include/linux/bottom_half.h:32 [inline] rcu_read_unlock_bh include/linux/rcupdate.h:726 [inline] ip_finish_output2+0x962/0x1550 net/ipv4/ip_output.c:231 ip_finish_output+0x864/0xd10 net/ipv4/ip_output.c:317 NF_HOOK_COND include/linux/netfilter.h:277 [inline] ip_output+0x1d2/0x860 net/ipv4/ip_output.c:405 dst_output include/net/dst.h:443 [inline] ip_local_out+0x95/0x160 net/ipv4/ip_output.c:124 ip_queue_xmit+0x8c0/0x18e0 net/ipv4/ip_output.c:504 dccp_transmit_skb+0x9ac/0x10f0 net/dccp/output.c:142 dccp_xmit_packet+0x215/0x740 net/dccp/output.c:281 dccp_write_xmit+0x17d/0x1d0 net/dccp/output.c:363 dccp_sendmsg+0x95f/0xdc0 net/dccp/proto.c:813 inet_sendmsg+0x11f/0x5e0 net/ipv4/af_inet.c:764 sock_sendmsg_nosec net/socket.c:630 [inline] sock_sendmsg+0xca/0x110 net/socket.c:640 ___sys_sendmsg+0x767/0x8b0 net/socket.c:2046 __sys_sendmsg+0xe5/0x210 net/socket.c:2080 SYSC_sendmsg net/socket.c:2091 [inline] SyS_sendmsg+0x2d/0x50 net/socket.c:2087 do_syscall_64+0x282/0x940 arch/x86/entry/common.c:287 entry_SYSCALL_64_after_hwframe+0x26/0x9b RIP: 0033:0x453a59 RSP: 002b:00007f00358f7c68 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 00007f00358f86d4 RCX: 0000000000453a59 RDX: 00000000200080d4 RSI: 00000000203e5000 RDI: 0000000000000017 RBP: 000000000071bf58 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff R13: 00000000000004b0 R14: 00000000006f7120 R15: 0000000000000001 dccp_close: ABORT with 8218 bytes unread ip6t_srh: unknown srh match flags 7BD6 mip6: mip6_rthdr_init_state: spi is not 0: 3875799040 mip6: mip6_rthdr_init_state: spi is not 0: 3875799040 kauditd_printk_skb: 14 callbacks suppressed audit: type=1400 audit(1518322776.494:36): avc: denied { setopt } for pid=6312 comm="syz-executor7" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_crypto_socket permissive=1 xt_CT: netfilter: NOTRACK target is deprecated, use CT instead or upgrade iptables syz-executor0 uses obsolete (PF_INET,SOCK_PACKET) dccp_xmit_packet: Payload too large (65423) for featneg. dccp_close: ABORT with 65423 bytes unread audit: type=1400 audit(1518322777.018:37): avc: denied { create } for pid=6473 comm="syz-executor4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_fib_lookup_socket permissive=1 xt_connbytes: Forcing CT accounting to be enabled can: request_module (can-proto-3) failed. sctp: [Deprecated]: syz-executor3 (pid 6573) Use of int in maxseg socket option. Use struct sctp_assoc_value instead can: request_module (can-proto-3) failed. xt_dscp: dscp 7f out of range audit: type=1400 audit(1518322777.395:38): avc: denied { setopt } for pid=6581 comm="syz-executor7" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_fib_lookup_socket permissive=1 sctp: [Deprecated]: syz-executor3 (pid 6586) Use of int in maxseg socket option. Use struct sctp_assoc_value instead audit: type=1400 audit(1518322777.442:39): avc: denied { write } for pid=6581 comm="syz-executor7" path="socket:[16756]" dev="sockfs" ino=16756 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_fib_lookup_socket permissive=1 xt_dscp: dscp 7f out of range netlink: 12 bytes leftover after parsing attributes in process `syz-executor5'. audit: type=1400 audit(1518322777.678:40): avc: denied { net_broadcast } for pid=6651 comm="syz-executor4" capability=11 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 netlink: 12 bytes leftover after parsing attributes in process `syz-executor5'. ipt_CLUSTERIP: no config found for 0.0.15.255, need 'new' ipt_CLUSTERIP: no config found for 0.0.15.255, need 'new' dccp_close: ABORT with 1 bytes unread xt_CT: You must specify a L4 protocol, and not use inversions on it. xt_CT: You must specify a L4 protocol, and not use inversions on it. audit: type=1400 audit(1518322778.721:41): avc: denied { ioctl } for pid=6936 comm="syz-executor4" path="socket:[17145]" dev="sockfs" ino=17145 ioctlcmd=0x8935 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 netlink: 3 bytes leftover after parsing attributes in process `syz-executor4'. audit: type=1400 audit(1518322778.763:42): avc: denied { accept } for pid=6935 comm="syz-executor0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:unlabeled_t:s0 tclass=socket permissive=1 audit: type=1400 audit(1518322778.764:43): avc: denied { getopt } for pid=6935 comm="syz-executor0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:unlabeled_t:s0 tclass=socket permissive=1 xt_CT: You must specify a L4 protocol, and not use inversions on it. audit: type=1400 audit(1518322778.941:44): avc: denied { setopt } for pid=6981 comm="syz-executor7" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 do_dccp_getsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app do_dccp_getsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app SELinux: unrecognized netlink message: protocol=0 nlmsg_type=64625 sclass=netlink_route_socket pig=7083 comm=syz-executor1 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=64625 sclass=netlink_route_socket pig=7096 comm=syz-executor1 audit: type=1400 audit(1518322779.589:45): avc: denied { accept } for pid=7185 comm="syz-executor6" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 IPv4: Oversized IP packet from 127.0.0.1 x_tables: ip_tables: TPROXY target: used from hooks PREROUTING/INPUT/OUTPUT, but only usable from PREROUTING x_tables: ip_tables: TPROXY target: used from hooks PREROUTING/INPUT/OUTPUT, but only usable from PREROUTING ====================================================== WARNING: possible circular locking dependency detected 4.15.0+ #222 Not tainted ------------------------------------------------------ syz-executor7/7298 is trying to acquire lock: (rtnl_mutex){+.+.}, at: [<000000002db6a448>] rtnl_lock+0x17/0x20 net/core/rtnetlink.c:74 but task is already holding lock: (&xt[i].mutex){+.+.}, at: [<0000000059aaffea>] xt_find_table_lock+0x3e/0x3e0 net/netfilter/x_tables.c:1046 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #2 (&xt[i].mutex){+.+.}: __mutex_lock_common kernel/locking/mutex.c:756 [inline] __mutex_lock+0x16f/0x1a80 kernel/locking/mutex.c:893 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908 xt_find_table_lock+0x3e/0x3e0 net/netfilter/x_tables.c:1046 xt_request_find_table_lock+0x28/0xc0 net/netfilter/x_tables.c:1093 get_info+0x154/0x690 net/ipv6/netfilter/ip6_tables.c:989 do_arpt_get_ctl+0x2a9/0xa00 net/ipv4/netfilter/arp_tables.c:1481 nf_sockopt net/netfilter/nf_sockopt.c:104 [inline] nf_getsockopt+0x6a/0xc0 net/netfilter/nf_sockopt.c:122 ip_getsockopt+0x15c/0x220 net/ipv4/ip_sockglue.c:1571 tcp_getsockopt+0x82/0xd0 net/ipv4/tcp.c:3359 sock_common_getsockopt+0x95/0xd0 net/core/sock.c:2934 SYSC_getsockopt net/socket.c:1880 [inline] SyS_getsockopt+0x178/0x340 net/socket.c:1862 do_syscall_64+0x282/0x940 arch/x86/entry/common.c:287 entry_SYSCALL_64_after_hwframe+0x26/0x9b -> #1 (sk_lock-AF_INET){+.+.}: lock_sock_nested+0xc2/0x110 net/core/sock.c:2777 lock_sock include/net/sock.h:1463 [inline] do_ip_setsockopt.isra.12+0x1d9/0x3210 net/ipv4/ip_sockglue.c:646 ip_setsockopt+0x3a/0xa0 net/ipv4/ip_sockglue.c:1252 tcp_setsockopt+0x82/0xd0 net/ipv4/tcp.c:2905 sock_common_setsockopt+0x95/0xd0 net/core/sock.c:2975 SYSC_setsockopt net/socket.c:1849 [inline] SyS_setsockopt+0x189/0x360 net/socket.c:1828 do_syscall_64+0x282/0x940 arch/x86/entry/common.c:287 entry_SYSCALL_64_after_hwframe+0x26/0x9b -> #0 (rtnl_mutex){+.+.}: lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:3920 __mutex_lock_common kernel/locking/mutex.c:756 [inline] __mutex_lock+0x16f/0x1a80 kernel/locking/mutex.c:893 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908 rtnl_lock+0x17/0x20 net/core/rtnetlink.c:74 unregister_netdevice_notifier+0x91/0x4e0 net/core/dev.c:1673 tee_tg_destroy+0x61/0xc0 net/netfilter/xt_TEE.c:123 cleanup_entry+0x242/0x380 net/ipv6/netfilter/ip6_tables.c:673 __do_replace+0x7ac/0xa70 net/ipv6/netfilter/ip6_tables.c:1108 do_replace net/ipv6/netfilter/ip6_tables.c:1164 [inline] do_ip6t_set_ctl+0x40f/0x5f0 net/ipv6/netfilter/ip6_tables.c:1686 nf_sockopt net/netfilter/nf_sockopt.c:106 [inline] nf_setsockopt+0x67/0xc0 net/netfilter/nf_sockopt.c:115 ipv6_setsockopt+0x10b/0x130 net/ipv6/ipv6_sockglue.c:927 rawv6_setsockopt+0x4a/0xf0 net/ipv6/raw.c:1060 sock_common_setsockopt+0x95/0xd0 net/core/sock.c:2975 SYSC_setsockopt net/socket.c:1849 [inline] SyS_setsockopt+0x189/0x360 net/socket.c:1828 do_syscall_64+0x282/0x940 arch/x86/entry/common.c:287 entry_SYSCALL_64_after_hwframe+0x26/0x9b other info that might help us debug this: Chain exists of: rtnl_mutex --> sk_lock-AF_INET --> &xt[i].mutex Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(&xt[i].mutex); lock(sk_lock-AF_INET); lock(&xt[i].mutex); lock(rtnl_mutex); *** DEADLOCK *** 1 lock held by syz-executor7/7298: #0: (&xt[i].mutex){+.+.}, at: [<0000000059aaffea>] xt_find_table_lock+0x3e/0x3e0 net/netfilter/x_tables.c:1046 stack backtrace: CPU: 0 PID: 7298 Comm: syz-executor7 Not tainted 4.15.0+ #222 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 print_circular_bug.isra.38+0x2cd/0x2dc kernel/locking/lockdep.c:1223 check_prev_add kernel/locking/lockdep.c:1863 [inline] check_prevs_add kernel/locking/lockdep.c:1976 [inline] validate_chain kernel/locking/lockdep.c:2417 [inline] __lock_acquire+0x30a8/0x3e00 kernel/locking/lockdep.c:3431 lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:3920 __mutex_lock_common kernel/locking/mutex.c:756 [inline] __mutex_lock+0x16f/0x1a80 kernel/locking/mutex.c:893 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908 rtnl_lock+0x17/0x20 net/core/rtnetlink.c:74 unregister_netdevice_notifier+0x91/0x4e0 net/core/dev.c:1673 tee_tg_destroy+0x61/0xc0 net/netfilter/xt_TEE.c:123 cleanup_entry+0x242/0x380 net/ipv6/netfilter/ip6_tables.c:673 __do_replace+0x7ac/0xa70 net/ipv6/netfilter/ip6_tables.c:1108 do_replace net/ipv6/netfilter/ip6_tables.c:1164 [inline] do_ip6t_set_ctl+0x40f/0x5f0 net/ipv6/netfilter/ip6_tables.c:1686 nf_sockopt net/netfilter/nf_sockopt.c:106 [inline] nf_setsockopt+0x67/0xc0 net/netfilter/nf_sockopt.c:115 ipv6_setsockopt+0x10b/0x130 net/ipv6/ipv6_sockglue.c:927 rawv6_setsockopt+0x4a/0xf0 net/ipv6/raw.c:1060 sock_common_setsockopt+0x95/0xd0 net/core/sock.c:2975 SYSC_setsockopt net/socket.c:1849 [inline] SyS_setsockopt+0x189/0x360 net/socket.c:1828 do_syscall_64+0x282/0x940 arch/x86/entry/common.c:287 entry_SYSCALL_64_after_hwframe+0x26/0x9b RIP: 0033:0x453a59 RSP: 002b:00007fb5fa618c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 RAX: ffffffffffffffda RBX: 00007fb5fa6196d4 RCX: 0000000000453a59 RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000015 RBP: 000000000071bea0 R08: 00000000000003c0 R09: 0000000000000000 R10: 0000000020010c40 R11: 0000000000000246 R12: 00000000ffffffff R13: 00000000000004d4 R14: 00000000006f7480 R15: 0000000000000000 kernel msg: ebtables bug: please report to author: Entries_size never zero kernel msg: ebtables bug: please report to author: Entries_size never zero audit: type=1400 audit(1518322781.504:46): avc: denied { ioctl } for pid=7575 comm="syz-executor6" path="socket:[18906]" dev="sockfs" ino=18906 ioctlcmd=0x891b scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 netlink: 20 bytes leftover after parsing attributes in process `syz-executor6'. netlink: 20 bytes leftover after parsing attributes in process `syz-executor6'. ip6tnl0: Invalid MTU 547700704 requested, hw max 65392 ip6tnl0: Invalid MTU 547700704 requested, hw max 65392 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=7609 comm=syz-executor0 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=7628 comm=syz-executor0 BUG: sleeping function called from invalid context at mm/slab.h:420 in_atomic(): 1, irqs_disabled(): 0, pid: 7678, name: syz-executor4 INFO: lockdep is turned off. CPU: 1 PID: 7678 Comm: syz-executor4 Not tainted 4.15.0+ #222 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 ___might_sleep+0x2b2/0x470 kernel/sched/core.c:6128 __might_sleep+0x95/0x190 kernel/sched/core.c:6081 slab_pre_alloc_hook mm/slab.h:420 [inline] slab_alloc mm/slab.c:3365 [inline] kmem_cache_alloc+0x2a2/0x760 mm/slab.c:3539 rds_tcp_conn_alloc+0xa7/0x4e0 net/rds/tcp.c:296 __rds_conn_create+0x112f/0x1b50 net/rds/connection.c:227 rds_conn_create_outgoing+0x3f/0x50 net/rds/connection.c:309 rds_sendmsg+0xda3/0x2390 net/rds/send.c:1126 sock_sendmsg_nosec net/socket.c:630 [inline] sock_sendmsg+0xca/0x110 net/socket.c:640 SYSC_sendto+0x361/0x5c0 net/socket.c:1747 SyS_sendto+0x40/0x50 net/socket.c:1715 do_syscall_64+0x282/0x940 arch/x86/entry/common.c:287 entry_SYSCALL_64_after_hwframe+0x26/0x9b RIP: 0033:0x453a59 RSP: 002b:00007f2b4c227c68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 00007f2b4c2286d4 RCX: 0000000000453a59 RDX: 0000000000000000 RSI: 0000000020fc2000 RDI: 0000000000000013 RBP: 000000000071bea0 R08: 000000002069affb R09: 0000000000000010 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff R13: 00000000000004b9 R14: 00000000006f71f8 R15: 0000000000000000 xt_connbytes: Forcing CT accounting to be enabled audit: type=1400 audit(1518322782.589:47): avc: denied { bind } for pid=7842 comm="syz-executor5" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:unlabeled_t:s0 tclass=socket permissive=1 netlink: 200 bytes leftover after parsing attributes in process `syz-executor5'. xt_connbytes: Forcing CT accounting to be enabled netlink: 200 bytes leftover after parsing attributes in process `syz-executor5'. BUG: sleeping function called from invalid context at mm/slab.h:420 in_atomic(): 1, irqs_disabled(): 0, pid: 7937, name: syz-executor6 xt_CT: netfilter: NOTRACK target is deprecated, use CT instead or upgrade iptables INFO: lockdep is turned off. CPU: 1 PID: 7937 Comm: syz-executor6 Tainted: G W 4.15.0+ #222 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 ___might_sleep+0x2b2/0x470 kernel/sched/core.c:6128 __might_sleep+0x95/0x190 kernel/sched/core.c:6081 slab_pre_alloc_hook mm/slab.h:420 [inline] slab_alloc mm/slab.c:3365 [inline] kmem_cache_alloc_trace+0x299/0x740 mm/slab.c:3605 kmalloc include/linux/slab.h:512 [inline] kzalloc include/linux/slab.h:701 [inline] rds_loop_conn_alloc+0xc8/0x380 net/rds/loop.c:126 __rds_conn_create+0x112f/0x1b50 net/rds/connection.c:227 rds_conn_create_outgoing+0x3f/0x50 net/rds/connection.c:309 rds_sendmsg+0xda3/0x2390 net/rds/send.c:1126 sock_sendmsg_nosec net/socket.c:630 [inline] sock_sendmsg+0xca/0x110 net/socket.c:640 SYSC_sendto+0x361/0x5c0 net/socket.c:1747 SyS_sendto+0x40/0x50 net/socket.c:1715 do_syscall_64+0x282/0x940 arch/x86/entry/common.c:287 entry_SYSCALL_64_after_hwframe+0x26/0x9b RIP: 0033:0x453a59 RSP: 002b:00007fc7ae5a1c68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 00007fc7ae5a26d4 RCX: 0000000000453a59 RDX: 0000000000000001 RSI: 00000000200f7000 RDI: 0000000000000013 RBP: 000000000071bea0 R08: 0000000020dfcff0 R09: 0000000000000010 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff R13: 00000000000004b9 R14: 00000000006f71f8 R15: 0000000000000000 SELinux: unrecognized netlink message: protocol=6 nlmsg_type=27278 sclass=netlink_xfrm_socket pig=7977 comm=syz-executor2 SELinux: unrecognized netlink message: protocol=6 nlmsg_type=27278 sclass=netlink_xfrm_socket pig=7987 comm=syz-executor2 x_tables: ip_tables: icmp match: only valid for protocol 1 x_tables: ip_tables: icmp match: only valid for protocol 1 ieee80211 phy2: Selected rate control algorithm 'minstrel_ht' ieee80211 phy3: Selected rate control algorithm 'minstrel_ht' device syz5 entered promiscuous mode audit: type=1400 audit(1518322783.622:48): avc: denied { getattr } for pid=8093 comm="syz-executor3" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 xt_CT: You must specify a L4 protocol, and not use inversions on it. xt_CT: You must specify a L4 protocol, and not use inversions on it. xt_connbytes: Forcing CT accounting to be enabled device syz5 left promiscuous mode netlink: 'syz-executor7': attribute type 2 has an invalid length. Cannot find add_set index 0 as target netlink: 'syz-executor7': attribute type 2 has an invalid length. audit: type=1400 audit(1518322783.915:49): avc: denied { bind } for pid=8187 comm="syz-executor2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 audit: type=1400 audit(1518322784.183:50): avc: denied { create } for pid=8309 comm="syz-executor7" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_rdma_socket permissive=1 audit: type=1400 audit(1518322784.335:51): avc: denied { write } for pid=8367 comm="syz-executor1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_crypto_socket permissive=1 netlink: 'syz-executor0': attribute type 21 has an invalid length. audit: type=1400 audit(1518322784.374:52): avc: denied { read } for pid=8371 comm="syz-executor5" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 netlink: 'syz-executor0': attribute type 21 has an invalid length. SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=8414 comm=syz-executor7 netlink: 20 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 20 bytes leftover after parsing attributes in process `syz-executor7'. SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=8428 comm=syz-executor7 audit: type=1400 audit(1518322784.678:53): avc: denied { getopt } for pid=8499 comm="syz-executor3" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 netlink: 'syz-executor1': attribute type 1 has an invalid length. netlink: 'syz-executor1': attribute type 1 has an invalid length. audit: type=1400 audit(1518322785.037:54): avc: denied { ioctl } for pid=8661 comm="syz-executor1" path="socket:[21903]" dev="sockfs" ino=21903 ioctlcmd=0x89e2 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=sock_file permissive=1 netlink: 24 bytes leftover after parsing attributes in process `syz-executor5'.