BUG: using __this_cpu_add() in preemptible [00000000] code: syz-executor.3/2412 caller is __this_cpu_preempt_check+0x1d/0x30 lib/smp_processor_id.c:62 CPU: 1 PID: 2412 Comm: syz-executor.3 Not tainted 4.4.174+ #4 0000000000000000 0453e1704f2d3a87 BUG: using __this_cpu_add() in preemptible [00000000] code: syz-executor.4/2413 caller is __this_cpu_preempt_check+0x1d/0x30 lib/smp_processor_id.c:62 ffff8801d22f7678 ffffffff81aad1a1 ffff8801bf208000 0000000000000001 ffffffff82a861e0 ffffffff8292c040 0000000000000001 ffff8801d22f76b8 ffffffff81b0ad83 ffff8800b59c0280 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x120 lib/dump_stack.c:51 [] check_preemption_disabled+0x1d3/0x200 lib/smp_processor_id.c:46 [] __this_cpu_preempt_check+0x1d/0x30 lib/smp_processor_id.c:62 [] tcp_try_coalesce net/ipv4/tcp_input.c:4293 [inline] [] tcp_try_coalesce+0x245/0x510 net/ipv4/tcp_input.c:4275 [] tcp_queue_rcv+0x127/0x6f0 net/ipv4/tcp_input.c:4539 [] tcp_send_rcvq+0x3de/0x4a0 net/ipv4/tcp_input.c:4585 [] tcp_sendmsg+0x2332/0x2ab0 net/ipv4/tcp.c:1134 [] inet_sendmsg+0x202/0x4d0 net/ipv4/af_inet.c:755 [] sock_sendmsg_nosec net/socket.c:638 [inline] [] sock_sendmsg+0xbe/0x110 net/socket.c:648 [] ___sys_sendmsg+0x369/0x890 net/socket.c:1975 [] __sys_sendmmsg+0x130/0x2e0 net/socket.c:2060 [] SYSC_sendmmsg net/socket.c:2090 [inline] [] SyS_sendmmsg+0x35/0x60 net/socket.c:2085 [] entry_SYSCALL_64_fastpath+0x1e/0x9a CPU: 0 PID: 2413 Comm: syz-executor.4 Not tainted 4.4.174+ #4 0000000000000000 bcabf2a34664a125 ffff8801bf217678 ffffffff81aad1a1 ffff8801bf2097c0 0000000000000000 ffffffff82a861e0 ffffffff8292c040 0000000000000002 ffff8801bf2176b8 ffffffff81b0ad83 ffff8800b68cea00 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x120 lib/dump_stack.c:51 [] check_preemption_disabled+0x1d3/0x200 lib/smp_processor_id.c:46 [] __this_cpu_preempt_check+0x1d/0x30 lib/smp_processor_id.c:62 [] tcp_try_coalesce net/ipv4/tcp_input.c:4293 [inline] [] tcp_try_coalesce+0x245/0x510 net/ipv4/tcp_input.c:4275 [] tcp_queue_rcv+0x127/0x6f0 net/ipv4/tcp_input.c:4539 [] tcp_send_rcvq+0x3de/0x4a0 net/ipv4/tcp_input.c:4585 BUG: using __this_cpu_add() in preemptible [00000000] code: syz-executor.3/2427 caller is __this_cpu_preempt_check+0x1d/0x30 lib/smp_processor_id.c:62 [] tcp_sendmsg+0x2332/0x2ab0 net/ipv4/tcp.c:1134 [] inet_sendmsg+0x202/0x4d0 net/ipv4/af_inet.c:755 [] sock_sendmsg_nosec net/socket.c:638 [inline] [] sock_sendmsg+0xbe/0x110 net/socket.c:648 [] ___sys_sendmsg+0x369/0x890 net/socket.c:1975 [] __sys_sendmmsg+0x130/0x2e0 net/socket.c:2060 [] SYSC_sendmmsg net/socket.c:2090 [inline] [] SyS_sendmmsg+0x35/0x60 net/socket.c:2085 [] entry_SYSCALL_64_fastpath+0x1e/0x9a CPU: 1 PID: 2427 Comm: syz-executor.3 Not tainted 4.4.174+ #4 0000000000000000 cffd6e5b4703100a ffff8801bf27f678 ffffffff81aad1a1 ffff8801d1d22f80 0000000000000001 ffffffff82a861e0 ffffffff8292c040 0000000000000001 ffff8801bf27f6b8 ffffffff81b0ad83 ffff8801d2332f00 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x120 lib/dump_stack.c:51 BUG: using __this_cpu_add() in preemptible [00000000] code: syz-executor.4/2431 caller is __this_cpu_preempt_check+0x1d/0x30 lib/smp_processor_id.c:62 [] check_preemption_disabled+0x1d3/0x200 lib/smp_processor_id.c:46 [] __this_cpu_preempt_check+0x1d/0x30 lib/smp_processor_id.c:62 [] tcp_try_coalesce net/ipv4/tcp_input.c:4293 [inline] [] tcp_try_coalesce+0x245/0x510 net/ipv4/tcp_input.c:4275 [] tcp_queue_rcv+0x127/0x6f0 net/ipv4/tcp_input.c:4539 [] tcp_send_rcvq+0x3de/0x4a0 net/ipv4/tcp_input.c:4585 [] tcp_sendmsg+0x2332/0x2ab0 net/ipv4/tcp.c:1134 [] inet_sendmsg+0x202/0x4d0 net/ipv4/af_inet.c:755 [] sock_sendmsg_nosec net/socket.c:638 [inline] [] sock_sendmsg+0xbe/0x110 net/socket.c:648 [] ___sys_sendmsg+0x369/0x890 net/socket.c:1975 [] __sys_sendmmsg+0x130/0x2e0 net/socket.c:2060 [] SYSC_sendmmsg net/socket.c:2090 [inline] [] SyS_sendmmsg+0x35/0x60 net/socket.c:2085 [] entry_SYSCALL_64_fastpath+0x1e/0x9a CPU: 0 PID: 2431 Comm: syz-executor.4 Not tainted 4.4.174+ #4 0000000000000000 4743ccd501f77f3e ffff8800b4eff678 ffffffff81aad1a1 ffff8801bf244740 0000000000000000 ffffffff82a861e0 ffffffff8292c040 0000000000000002 ffff8800b4eff6b8 ffffffff81b0ad83 ffff8801d2112500 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x120 lib/dump_stack.c:51 [] check_preemption_disabled+0x1d3/0x200 lib/smp_processor_id.c:46 [] __this_cpu_preempt_check+0x1d/0x30 lib/smp_processor_id.c:62 [] tcp_try_coalesce net/ipv4/tcp_input.c:4293 [inline] [] tcp_try_coalesce+0x245/0x510 net/ipv4/tcp_input.c:4275 [] tcp_queue_rcv+0x127/0x6f0 net/ipv4/tcp_input.c:4539 [] tcp_send_rcvq+0x3de/0x4a0 net/ipv4/tcp_input.c:4585 [] tcp_sendmsg+0x2332/0x2ab0 net/ipv4/tcp.c:1134 [] inet_sendmsg+0x202/0x4d0 net/ipv4/af_inet.c:755 [] sock_sendmsg_nosec net/socket.c:638 [inline] [] sock_sendmsg+0xbe/0x110 net/socket.c:648 [] ___sys_sendmsg+0x369/0x890 net/socket.c:1975 [] __sys_sendmmsg+0x130/0x2e0 net/socket.c:2060 [] SYSC_sendmmsg net/socket.c:2090 [inline] [] SyS_sendmmsg+0x35/0x60 net/socket.c:2085 [] entry_SYSCALL_64_fastpath+0x1e/0x9a BUG: using __this_cpu_add() in preemptible [00000000] code: syz-executor.4/2504 caller is __this_cpu_preempt_check+0x1d/0x30 lib/smp_processor_id.c:62 CPU: 0 PID: 2504 Comm: syz-executor.4 Not tainted 4.4.174+ #4 0000000000000000 d1e0bc696281acd2 ffff8800b4b5f678 ffffffff81aad1a1 ffff8801cf41af80 0000000000000000 ffffffff82a861e0 ffffffff8292c040 0000000000000002 ffff8800b4b5f6b8 ffffffff81b0ad83 ffff8801d1f91680 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x120 lib/dump_stack.c:51 [] check_preemption_disabled+0x1d3/0x200 lib/smp_processor_id.c:46 [] __this_cpu_preempt_check+0x1d/0x30 lib/smp_processor_id.c:62 [] tcp_try_coalesce net/ipv4/tcp_input.c:4293 [inline] [] tcp_try_coalesce+0x245/0x510 net/ipv4/tcp_input.c:4275 [] tcp_queue_rcv+0x127/0x6f0 net/ipv4/tcp_input.c:4539 [] tcp_send_rcvq+0x3de/0x4a0 net/ipv4/tcp_input.c:4585 [] tcp_sendmsg+0x2332/0x2ab0 net/ipv4/tcp.c:1134 [] inet_sendmsg+0x202/0x4d0 net/ipv4/af_inet.c:755 [] sock_sendmsg_nosec net/socket.c:638 [inline] [] sock_sendmsg+0xbe/0x110 net/socket.c:648 [] ___sys_sendmsg+0x369/0x890 net/socket.c:1975 [] __sys_sendmmsg+0x130/0x2e0 net/socket.c:2060 [] SYSC_sendmmsg net/socket.c:2090 [inline] [] SyS_sendmmsg+0x35/0x60 net/socket.c:2085 [] entry_SYSCALL_64_fastpath+0x1e/0x9a mmap: syz-executor.2 (2540) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.txt. netlink: 6 bytes leftover after parsing attributes in process `syz-executor.4'. SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket hid-generic 0000:0000:0000.0001: item fetching failed at offset -1190056287 hid-generic: probe of 0000:0000:0000.0001 failed with error -22 IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready qtaguid: iface_stat: create6(lo): no inet dev IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready qtaguid: iface_stat: create6(lo): no inet dev SELinux: unrecognized netlink message: protocol=0 nlmsg_type=12297 sclass=netlink_route_socket IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready qtaguid: iface_stat: create6(lo): no inet dev syz-executor.5 (2693) used greatest stack depth: 24224 bytes left Dead loop on virtual device ip6_vti0, fix it urgently! Dead loop on virtual device ip6_vti0, fix it urgently! Dead loop on virtual device ip6_vti0, fix it urgently! Dead loop on virtual device ip6_vti0, fix it urgently! Dead loop on virtual device ip6_vti0, fix it urgently! Dead loop on virtual device ip6_vti0, fix it urgently! syz-executor.0 (2740) used greatest stack depth: 23936 bytes left hid-generic 0000:0000:0000.0002: item fetching failed at offset -1190143407 hid-generic: probe of 0000:0000:0000.0002 failed with error -22 audit: type=1400 audit(1575225698.824:8): avc: denied { create } for pid=2861 comm="syz-executor.1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 hid-generic 0000:0000:0000.0003: item fetching failed at offset 2732561 hid-generic: probe of 0000:0000:0000.0003 failed with error -22