BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor6/7552 caller is __this_cpu_preempt_check+0x1c/0x20 lib/smp_processor_id.c:62 CPU: 0 PID: 7552 Comm: syz-executor6 Not tainted 4.9.68-gfb66dc2 #107 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801d8bb76d8 ffffffff81d90889 0000000000000000 ffffffff83c17800 ffffffff83f42ec0 ffff8801d8956000 0000000000000003 ffff8801d8bb7718 ffffffff81df7854 ffff8801d8bb7730 ffffffff83f42ec0 dffffc0000000000 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] check_preemption_disabled+0x1d4/0x200 lib/smp_processor_id.c:46 [] __this_cpu_preempt_check+0x1c/0x20 lib/smp_processor_id.c:62 [] ipcomp_alloc_tfms net/xfrm/xfrm_ipcomp.c:286 [inline] [] ipcomp_init_state+0x188/0x930 net/xfrm/xfrm_ipcomp.c:363 [] ipcomp4_init_state+0xb0/0x7d0 net/ipv4/ipcomp.c:137 [] __xfrm_init_state+0x3e7/0xb30 net/xfrm/xfrm_state.c:2096 [] xfrm_init_state+0x1a/0x20 net/xfrm/xfrm_state.c:2122 [] pfkey_msg2xfrm_state net/key/af_key.c:1281 [inline] [] pfkey_add+0x1fb9/0x3470 net/key/af_key.c:1498 [] pfkey_process+0x61e/0x730 net/key/af_key.c:2826 [] pfkey_sendmsg+0x3a9/0x760 net/key/af_key.c:3670 [] sock_sendmsg_nosec net/socket.c:635 [inline] [] sock_sendmsg+0xca/0x110 net/socket.c:645 [] ___sys_sendmsg+0x6d1/0x7e0 net/socket.c:1968 [] __sys_sendmsg+0xd6/0x190 net/socket.c:2002 [] SYSC_sendmsg net/socket.c:2013 [inline] [] SyS_sendmsg+0x2d/0x50 net/socket.c:2009 [] entry_SYSCALL_64_fastpath+0x23/0xc6 binder: 7608:7613 ERROR: BC_REGISTER_LOOPER called without request binder: 7608:7613 ioctl c0306201 20008fd0 returned -11 binder: 7608:7613 BC_DEAD_BINDER_DONE 0000000000000000 not found binder: 7608:7613 got reply transaction with no transaction stack binder: 7608:7613 transaction failed 29201/-71, size 48-16 line 2923 binder: 7608:7613 ERROR: BC_REGISTER_LOOPER called without request binder: 7608:7631 BC_DEAD_BINDER_DONE 0000000000000000 not found binder: 7608:7631 got reply transaction with no transaction stack binder: 7608:7631 transaction failed 29201/-71, size 48-16 line 2923 device eql entered promiscuous mode IPv6: Can't replace route, no match found SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=7785 comm=syz-executor3 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=7785 comm=syz-executor3 IPv6: Can't replace route, no match found audit: type=1400 audit(1513074463.676:44): avc: denied { create } for pid=7884 comm="syz-executor2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_connector_socket permissive=1 FAULT_FLAG_ALLOW_RETRY missing 30 CPU: 0 PID: 7892 Comm: syz-executor6 Not tainted 4.9.68-gfb66dc2 #107 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801a5d178b0 ffffffff81d90889 ffff8801a5d17b90 0000000000000000 ffff8801c6fb5910 ffff8801a5d17a80 ffff8801c6fb5800 ffff8801a5d17aa8 ffffffff8165e497 00000000000051b9 ffff8801d8dba0f0 ffff8801d8dba0a0 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] handle_userfault+0xa37/0x1300 fs/userfaultfd.c:323 [] do_anonymous_page mm/memory.c:2747 [inline] [] handle_pte_fault mm/memory.c:3488 [inline] [] __handle_mm_fault mm/memory.c:3577 [inline] [] handle_mm_fault+0x1fd1/0x2530 mm/memory.c:3614 [] __do_page_fault+0x5c2/0xd40 arch/x86/mm/fault.c:1406 [] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1469 [] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:1012 [] entry_SYSCALL_64_fastpath+0x23/0xc6 FAULT_FLAG_ALLOW_RETRY missing 30 CPU: 1 PID: 7892 Comm: syz-executor6 Not tainted 4.9.68-gfb66dc2 #107 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801a5d178b0 ffffffff81d90889 ffff8801a5d17b90 0000000000000000 ffff8801b698b790 ffff8801a5d17a80 ffff8801b698b680 ffff8801a5d17aa8 ffffffff8165e497 00000000000051b9 ffff8801d8dba0f0 ffff8801d8dba0a0 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] handle_userfault+0xa37/0x1300 fs/userfaultfd.c:323 [] do_anonymous_page mm/memory.c:2747 [inline] [] handle_pte_fault mm/memory.c:3488 [inline] [] __handle_mm_fault mm/memory.c:3577 [inline] [] handle_mm_fault+0x1fd1/0x2530 mm/memory.c:3614 [] __do_page_fault+0x5c2/0xd40 arch/x86/mm/fault.c:1406 [] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1469 [] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:1012 [] entry_SYSCALL_64_fastpath+0x23/0xc6 device gre0 entered promiscuous mode device gre0 entered promiscuous mode binder: 7960 invalid dec weak, ref 59 desc 0 s 1 w 0 binder: 7960:7961 BC_CLEAR_DEATH_NOTIFICATION death notification cookie mismatch 0000000000000000 != fffffffffffffffe binder: 7960:7961 got reply transaction with no transaction stack binder: 7960:7961 transaction failed 29201/-71, size 0-48 line 2923 binder: BINDER_SET_CONTEXT_MGR already set binder: 7960:7965 ioctl 40046207 0 returned -16 device gre0 entered promiscuous mode device gre0 entered promiscuous mode tc_dump_action: action bad kind tc_dump_action: action bad kind device gre0 entered promiscuous mode program syz-executor0 is using a deprecated SCSI ioctl, please convert it to SG_IO sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 device gre0 entered promiscuous mode program syz-executor0 is using a deprecated SCSI ioctl, please convert it to SG_IO sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 IPv6: NLM_F_REPLACE set, but no existing node found! IPVS: Creating netns size=2536 id=14 nla_parse: 13 callbacks suppressed netlink: 8 bytes leftover after parsing attributes in process `syz-executor0'. netlink: 8 bytes leftover after parsing attributes in process `syz-executor0'. device gre0 entered promiscuous mode binder: 8334:8337 ioctl c0046209 20001000 returned -22 binder: 8334:8337 ERROR: BC_REGISTER_LOOPER called without request binder: 8334:8337 IncRefs 0 refcount change on invalid ref 131 ret -22 binder: 8334:8337 DecRefs 0 refcount change on invalid ref 0 ret -22 sock: sock_set_timeout: `syz-executor4' (pid 8355) tries to set negative timeout binder: 8334:8337 unknown command 0 binder: 8334:8337 ioctl c0306201 20000000 returned -22 PF_BRIDGE: RTM_SETLINK with unknown ifindex PF_BRIDGE: RTM_SETLINK with unknown ifindex sock: sock_set_timeout: `syz-executor4' (pid 8387) tries to set negative timeout FAULT_FLAG_ALLOW_RETRY missing 30 FAULT_FLAG_ALLOW_RETRY missing 30 CPU: 1 PID: 8381 Comm: syz-executor6 Not tainted 4.9.68-gfb66dc2 #107 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801d89a7930 ffffffff81d90889 ffff8801d89a7c10 0000000000000000 ffff8801a613bc10 ffff8801d89a7b00 ffff8801a613bb00 ffff8801d89a7b28 ffffffff8165e497 00000000000051b9 ffff8801c3c108f0 ffff8801c3c108a0 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] handle_userfault+0xa37/0x1300 fs/userfaultfd.c:323 [] do_anonymous_page mm/memory.c:2747 [inline] [] handle_pte_fault mm/memory.c:3488 [inline] [] __handle_mm_fault mm/memory.c:3577 [inline] [] handle_mm_fault+0x1fd1/0x2530 mm/memory.c:3614 [] __do_page_fault+0x5c2/0xd40 arch/x86/mm/fault.c:1406 [] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1469 [] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:1012 [] entry_SYSCALL_64_fastpath+0x23/0xc6 keychord: keycode 25638 out of range keychord: keycode 25638 out of range netlink: 8 bytes leftover after parsing attributes in process `syz-executor0'. netlink: 8 bytes leftover after parsing attributes in process `syz-executor0'. CPU: 0 PID: 8393 Comm: syz-executor6 Not tainted 4.9.68-gfb66dc2 #107 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801cbfb78c0 ffffffff81d90889 ffff8801cbfb7ba0 0000000000000000 ffff8801a613bc10 ffff8801cbfb7a90 ffff8801a613bb00 ffff8801cbfb7ab8 ffffffff8165e497 00000000000051b9 ffff8801c20e50f0 ffff8801c20e50a0 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] handle_userfault+0xa37/0x1300 fs/userfaultfd.c:323 [] do_anonymous_page mm/memory.c:2747 [inline] [] handle_pte_fault mm/memory.c:3488 [inline] [] __handle_mm_fault mm/memory.c:3577 [inline] [] handle_mm_fault+0x1fd1/0x2530 mm/memory.c:3614 [] __do_page_fault+0x5c2/0xd40 arch/x86/mm/fault.c:1406 [] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1469 [] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:1012 [] entry_SYSCALL_64_fastpath+0x23/0xc6 pktgen: kernel_thread() failed for cpu 0 pktgen: Cannot create thread for cpu 0 (-4) pktgen: kernel_thread() failed for cpu 1 pktgen: Cannot create thread for cpu 1 (-4) pktgen: Initialization failed for all threads FAULT_FLAG_ALLOW_RETRY missing 30 CPU: 1 PID: 8393 Comm: syz-executor6 Not tainted 4.9.68-gfb66dc2 #107 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801cbfb78c0 ffffffff81d90889 ffff8801cbfb7ba0 0000000000000000 ffff8801a613b910 ffff8801cbfb7a90 ffff8801a613b800 ffff8801cbfb7ab8 ffffffff8165e497 00000000000051b9 ffff8801c20e50f0 ffff8801c20e50a0 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] handle_userfault+0xa37/0x1300 fs/userfaultfd.c:323 [] do_anonymous_page mm/memory.c:2747 [inline] [] handle_pte_fault mm/memory.c:3488 [inline] [] __handle_mm_fault mm/memory.c:3577 [inline] [] handle_mm_fault+0x1fd1/0x2530 mm/memory.c:3614 [] __do_page_fault+0x5c2/0xd40 arch/x86/mm/fault.c:1406 [] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1469 [] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:1012 [] entry_SYSCALL_64_fastpath+0x23/0xc6 pktgen: kernel_thread() failed for cpu 0 pktgen: Cannot create thread for cpu 0 (-4) pktgen: kernel_thread() failed for cpu 1 pktgen: Cannot create thread for cpu 1 (-4) pktgen: Initialization failed for all threads binder: 8493:8495 ioctl 40046205 d returned -22 device gre0 entered promiscuous mode binder: 8493:8495 ioctl 40046205 0 returned -22 binder: 8493:8495 ERROR: BC_REGISTER_LOOPER called without request binder: 8493:8495 ioctl c0306201 20008fd0 returned -14 binder: 8493:8495 got transaction with invalid offsets size, 20 binder: 8493:8495 transaction failed 29201/-22, size 0-20 line 3166 binder: 8493:8517 unknown command 1400526783 binder: 8493:8517 ioctl c0306201 20002fd0 returned -22 binder: 8493:8517 got reply transaction with no transaction stack binder: 8493:8517 transaction failed 29201/-71, size 24-8 line 2923 binder: 8493:8517 BC_FREE_BUFFER u0000000000000000 no match binder: 8493:8517 IncRefs 0 refcount change on invalid ref 4 ret -22 binder: 8493:8517 got transaction to invalid handle binder: 8493:8517 transaction failed 29201/-22, size 72-8 line 3007 binder: 8493:8517 ioctl c0306201 20005fd0 returned -14 binder: undelivered TRANSACTION_ERROR: 29201 binder: undelivered TRANSACTION_ERROR: 29201 binder: 8493:8535 ioctl 40046205 d returned -22 binder: 8493:8535 ioctl 40046205 0 returned -22 binder_alloc: binder_alloc_mmap_handler: 8493 20000000-20002000 already mapped failed -16 binder: BINDER_SET_CONTEXT_MGR already set binder: 8493:8517 ioctl 40046207 0 returned -16 binder: 8493:8517 ERROR: BC_REGISTER_LOOPER called without request binder: 8493:8517 Release 1 refcount change on invalid ref 4 ret -22 binder: 8493:8517 got transaction to invalid handle binder: 8493:8517 transaction failed 29201/-22, size 0-16 line 3007 binder_alloc: 8493: binder_alloc_buf, no vma binder: 8493:8517 transaction failed 29189/-3, size 0-20 line 3130 device gre0 entered promiscuous mode binder: 8493:8517 unknown command 1400526783 binder: 8493:8517 ioctl c0306201 20002fd0 returned -22 binder: 8493:8517 got reply transaction with no transaction stack binder: 8493:8517 transaction failed 29201/-71, size 24-8 line 2923 binder: 8493:8535 BC_FREE_BUFFER u0000000000000000 no match binder: 8493:8535 IncRefs 0 refcount change on invalid ref 4 ret -22 binder: 8493:8535 got transaction to invalid handle binder: 8493:8535 transaction failed 29201/-22, size 72-8 line 3007 binder: 8493:8535 ioctl c0306201 20005fd0 returned -14 mmap: syz-executor5 (8563): VmData 18923520 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data. binder: undelivered TRANSACTION_ERROR: 29201 binder: undelivered TRANSACTION_ERROR: 29201 binder: release 8595:8600 transaction 71 out, still active netlink: 17 bytes leftover after parsing attributes in process `syz-executor7'. PF_BRIDGE: RTM_SETLINK with unknown ifindex device lo entered promiscuous mode qtaguid: iface_stat: create(lo): no inet dev qtaguid: iface_stat: create6(lo): no inet dev IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready binder: unexpected work type, 4, not freed binder: unexpected work type, 4, not freed binder: undelivered TRANSACTION_COMPLETE binder: send failed reply for transaction 71, target dead binder: release 8595:8609 transaction 76 out, still active binder: unexpected work type, 4, not freed binder: unexpected work type, 4, not freed binder: undelivered TRANSACTION_COMPLETE binder: send failed reply for transaction 76, target dead qtaguid: iface_stat: create6(lo): no inet dev IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready qtaguid: iface_stat: create6(lo): no inet dev PF_BRIDGE: RTM_SETLINK with unknown ifindex IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready qtaguid: iface_stat: create6(lo): no inet dev binder: 8657:8659 got transaction with invalid offset (40, min 24 max 40) or object. sg_write: data in/out 327644/32 bytes for SCSI command 0x4-- guessing data in; program syz-executor3 not setting count and/or reply_len properly binder: 8657:8659 transaction failed 29201/-22, size 40-16 line 3193 audit: type=1400 audit(1513074467.686:45): avc: denied { net_bind_service } for pid=8679 comm="syz-executor6" capability=10 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 binder: BINDER_SET_CONTEXT_MGR already set binder: 8657:8672 ioctl 40046207 0 returned -16 binder_alloc: 8657: binder_alloc_buf, no vma binder: 8657:8672 transaction failed 29189/-3, size 40-16 line 3130 binder: undelivered TRANSACTION_ERROR: 29189 binder: undelivered TRANSACTION_ERROR: 29201 binder: 8690:8693 BC_INCREFS_DONE u4004630600000000 no match binder: BINDER_SET_CONTEXT_MGR already set binder: 8690:8693 ioctl 40046207 0 returned -16 device gre0 entered promiscuous mode netlink: 3 bytes leftover after parsing attributes in process `syz-executor5'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor5'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor5'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor5'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor5'. device lo entered promiscuous mode device gre0 entered promiscuous mode A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. IPVS: Creating netns size=2536 id=15 A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. IPVS: Creating netns size=2536 id=16 pktgen: kernel_thread() failed for cpu 0 pktgen: Cannot create thread for cpu 0 (-4) pktgen: kernel_thread() failed for cpu 1 pktgen: Cannot create thread for cpu 1 (-4) pktgen: Initialization failed for all threads pktgen: kernel_thread() failed for cpu 0 pktgen: Cannot create thread for cpu 0 (-4) BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor6/9056 caller is __this_cpu_preempt_check+0x1c/0x20 lib/smp_processor_id.c:62 CPU: 1 PID: 9056 Comm: syz-executor6 Not tainted 4.9.68-gfb66dc2 #107 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801b460f6d8 ffffffff81d90889 0000000000000001 ffffffff83c17800 ffffffff83f42ec0 ffff8801b6f68000 0000000000000003 ffff8801b460f718 ffffffff81df7854 ffff8801b460f730 ffffffff83f42ec0 dffffc0000000000 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] check_preemption_disabled+0x1d4/0x200 lib/smp_processor_id.c:46 [] __this_cpu_preempt_check+0x1c/0x20 lib/smp_processor_id.c:62 [] ipcomp_alloc_tfms net/xfrm/xfrm_ipcomp.c:286 [inline] [] ipcomp_init_state+0x188/0x930 net/xfrm/xfrm_ipcomp.c:363 [] ipcomp4_init_state+0xb0/0x7d0 net/ipv4/ipcomp.c:137 [] __xfrm_init_state+0x3e7/0xb30 net/xfrm/xfrm_state.c:2096 [] xfrm_init_state+0x1a/0x20 net/xfrm/xfrm_state.c:2122 [] pfkey_msg2xfrm_state net/key/af_key.c:1281 [inline] [] pfkey_add+0x1fb9/0x3470 net/key/af_key.c:1498 [] pfkey_process+0x61e/0x730 net/key/af_key.c:2826 [] pfkey_sendmsg+0x3a9/0x760 net/key/af_key.c:3670 [] sock_sendmsg_nosec net/socket.c:635 [inline] [] sock_sendmsg+0xca/0x110 net/socket.c:645 [] ___sys_sendmsg+0x6d1/0x7e0 net/socket.c:1968 [] __sys_sendmsg+0xd6/0x190 net/socket.c:2002 [] SYSC_sendmsg net/socket.c:2013 [inline] [] SyS_sendmsg+0x2d/0x50 net/socket.c:2009 [] entry_SYSCALL_64_fastpath+0x23/0xc6 BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor6/9056 caller is __this_cpu_preempt_check+0x1c/0x20 lib/smp_processor_id.c:62 CPU: 1 PID: 9056 Comm: syz-executor6 Not tainted 4.9.68-gfb66dc2 #107 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801b460f6d8 ffffffff81d90889 0000000000000001 ffffffff83c17800 ffffffff83f42ec0 ffff8801b6f68000 0000000000000003 ffff8801b460f718 ffffffff81df7854 ffff8801b460f730 ffffffff83f42ec0 dffffc0000000000 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] check_preemption_disabled+0x1d4/0x200 lib/smp_processor_id.c:46 [] __this_cpu_preempt_check+0x1c/0x20 lib/smp_processor_id.c:62 [] ipcomp_alloc_tfms net/xfrm/xfrm_ipcomp.c:286 [inline] [] ipcomp_init_state+0x188/0x930 net/xfrm/xfrm_ipcomp.c:363 [] ipcomp4_init_state+0xb0/0x7d0 net/ipv4/ipcomp.c:137 [] __xfrm_init_state+0x3e7/0xb30 net/xfrm/xfrm_state.c:2096 [] xfrm_init_state+0x1a/0x20 net/xfrm/xfrm_state.c:2122 [] pfkey_msg2xfrm_state net/key/af_key.c:1281 [inline] [] pfkey_add+0x1fb9/0x3470 net/key/af_key.c:1498 [] pfkey_process+0x61e/0x730 net/key/af_key.c:2826 [] pfkey_sendmsg+0x3a9/0x760 net/key/af_key.c:3670 [] sock_sendmsg_nosec net/socket.c:635 [inline] [] sock_sendmsg+0xca/0x110 net/socket.c:645 [] ___sys_sendmsg+0x6d1/0x7e0 net/socket.c:1968 [] __sys_sendmsg+0xd6/0x190 net/socket.c:2002 [] SYSC_sendmsg net/socket.c:2013 [inline] [] SyS_sendmsg+0x2d/0x50 net/socket.c:2009 [] entry_SYSCALL_64_fastpath+0x23/0xc6 pktgen: kernel_thread() failed for cpu 1 pktgen: Cannot create thread for cpu 1 (-4) pktgen: Initialization failed for all threads nla_parse: 8 callbacks suppressed netlink: 2 bytes leftover after parsing attributes in process `syz-executor2'. keychord: using input dev AT Translated Set 2 keyboard for fevent netlink: 2 bytes leftover after parsing attributes in process `syz-executor2'. binder: 9245:9247 BC_DEAD_BINDER_DONE 0000000000000000 not found binder: 9245:9247 got reply transaction with no transaction stack binder: 9245:9266 BC_DEAD_BINDER_DONE 0000000000000003 not found binder: 9245 invalid dec weak, ref 89 desc 0 s 1 w 0 binder: 9245:9266 DecRefs 0 refcount change on invalid ref 4 ret -22 binder: 9245:9266 BC_CLEAR_DEATH_NOTIFICATION death notification cookie mismatch 0000000000000000 != fffffffffffffffe binder: 9245:9266 got reply transaction with no transaction stack binder: 9245:9266 transaction failed 29201/-71, size 0-48 line 2923 binder: BINDER_SET_CONTEXT_MGR already set binder: 9245:9272 ioctl 40046207 0 returned -16 binder: 9245:9272 BC_REQUEST_DEATH_NOTIFICATION invalid ref 0 binder: 9245:9272 BC_DEAD_BINDER_DONE 0000000000000000 not found binder: 9245:9272 got reply transaction with no transaction stack binder: 9245:9272 transaction failed 29201/-71, size 72-40 line 2923 binder: 9294:9298 ioctl 40106410 20926ff0 returned -22 binder: 9294:9298 tried to acquire reference to desc 0, got 1 instead binder: BINDER_SET_CONTEXT_MGR already set binder: 9294:9300 ioctl 40046207 0 returned -16 binder: 9294:9300 tried to acquire reference to desc 0, got 1 instead binder: 9294:9300 BC_REQUEST_DEATH_NOTIFICATION death notification already set binder: BINDER_SET_CONTEXT_MGR already set binder: 9294:9300 ioctl 40046207 0 returned -16 binder: 9294:9300 ioctl 40106410 20926ff0 returned -22 netlink: 11 bytes leftover after parsing attributes in process `syz-executor6'. netlink: 11 bytes leftover after parsing attributes in process `syz-executor6'. binder: 9245:9247 transaction failed 29201/-71, size 72-40 line 2923 binder: 9489:9490 BC_CLEAR_DEATH_NOTIFICATION death notification not active binder: 9489:9490 BC_DEAD_BINDER_DONE 0000000000000003 not found binder: 9489:9490 got transaction to invalid handle binder: 9489:9490 transaction failed 29201/-22, size 24-16 line 3007 binder: 9489:9496 Acquire 1 refcount change on invalid ref 0 ret -22 binder: 9489:9490 BC_CLEAR_DEATH_NOTIFICATION invalid ref 0 binder: 9489:9490 unknown command 1986356271 binder: 9489:9490 ioctl c0306201 20003fd0 returned -22 binder: 9489:9541 BC_DEAD_BINDER_DONE 0000000000000003 not found binder: 9489:9541 Release 1 refcount change on invalid ref 0 ret -22 binder: 9489:9541 got transaction to invalid handle binder: 9489:9541 transaction failed 29201/-22, size 24-16 line 3007 sock: process `syz-executor5' is using obsolete setsockopt SO_BSDCOMPAT binder: 9638:9639 BC_DEAD_BINDER_DONE 0000000000000003 not found binder: 9638:9639 got transaction to invalid handle binder: 9638:9639 transaction failed 29201/-22, size 24-16 line 3007