[] entry_SYSCALL_64_fastpath+0x16/0x76 device lo entered promiscuous mode device lo left promiscuous mode BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor2/3613 caller is __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62 CPU: 0 PID: 3613 Comm: syz-executor2 Not tainted 4.4.105-g36205b7 #4 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 a1b0270723542378 ffff8800b90cf6b8 ffffffff81cc9b4f 0000000000000000 ffffffff839fd4a0 ffff8800b90cf6f8 ffffffff81d28d58 ffffffff83d093a0 ffff8800b9048000 dffffc0000000000 ffffffff83cff4e0 Call Trace: [] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline] [] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51 [] check_preemption_disabled+0x1b8/0x1f0 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:46 [] __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62 [] ipcomp_alloc_tfms /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:286 [inline] [] ipcomp_init_state+0x168/0x8e0 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:363 [] ipcomp4_init_state+0x9e/0x840 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/ipcomp.c:137 [] __xfrm_init_state+0x354/0xa40 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2058 [] xfrm_init_state+0xe/0x10 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2084 [] pfkey_msg2xfrm_state /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1281 [inline] [] pfkey_add+0x1e18/0x3d80 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1498 [] pfkey_process+0x58d/0x900 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:2826 [] pfkey_sendmsg+0x35b/0x6c0 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:3670 [] sock_sendmsg_nosec /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:625 [inline] [] sock_sendmsg+0xb5/0xf0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:635 [] ___sys_sendmsg+0x66d/0x7d0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1961 [] __sys_sendmsg+0xc3/0x160 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1995 [] SYSC_sendmsg /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2006 [inline] [] SyS_sendmsg+0xd/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2002 [] entry_SYSCALL_64_fastpath+0x16/0x76 device lo entered promiscuous mode device lo left promiscuous mode device lo entered promiscuous mode device lo left promiscuous mode BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor2/3635 caller is __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62 CPU: 0 PID: 3635 Comm: syz-executor2 Not tainted 4.4.105-g36205b7 #4 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 97fbcbfb8d7b4a70 ffff8800b63776b8 ffffffff81cc9b4f 0000000000000000 ffffffff839fd4a0 ffff8800b63776f8 ffffffff81d28d58 ffffffff83d093a0 ffff8800b904b3e0 dffffc0000000000 ffffffff83cff4e0 Call Trace: [] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline] [] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51 [] check_preemption_disabled+0x1b8/0x1f0 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:46 [] __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62 [] ipcomp_alloc_tfms /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:286 [inline] [] ipcomp_init_state+0x168/0x8e0 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:363 [] ipcomp4_init_state+0x9e/0x840 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/ipcomp.c:137 [] __xfrm_init_state+0x354/0xa40 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2058 [] xfrm_init_state+0xe/0x10 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2084 [] pfkey_msg2xfrm_state /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1281 [inline] [] pfkey_add+0x1e18/0x3d80 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1498 [] pfkey_process+0x58d/0x900 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:2826 [] pfkey_sendmsg+0x35b/0x6c0 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:3670 [] sock_sendmsg_nosec /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:625 [inline] [] sock_sendmsg+0xb5/0xf0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:635 [] ___sys_sendmsg+0x66d/0x7d0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1961 [] __sys_sendmsg+0xc3/0x160 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1995 [] SYSC_sendmsg /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2006 [inline] [] SyS_sendmsg+0xd/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2002 [] entry_SYSCALL_64_fastpath+0x16/0x76 BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor2/3635 caller is __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62 CPU: 0 PID: 3635 Comm: syz-executor2 Not tainted 4.4.105-g36205b7 #4 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 97fbcbfb8d7b4a70 ffff8800b63776b8 ffffffff81cc9b4f 0000000000000000 ffffffff839fd4a0 ffff8800b63776f8 ffffffff81d28d58 ffffffff83d093a0 ffff8800b9048530 dffffc0000000000 ffffffff83cff4e0 Call Trace: [] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline] [] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51 [] check_preemption_disabled+0x1b8/0x1f0 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:46 [] __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62 [] ipcomp_alloc_tfms /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:286 [inline] [] ipcomp_init_state+0x168/0x8e0 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:363 [] ipcomp4_init_state+0x9e/0x840 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/ipcomp.c:137 [] __xfrm_init_state+0x354/0xa40 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2058 [] xfrm_init_state+0xe/0x10 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2084 [] pfkey_msg2xfrm_state /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1281 [inline] [] pfkey_add+0x1e18/0x3d80 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1498 [] pfkey_process+0x58d/0x900 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:2826 [] pfkey_sendmsg+0x35b/0x6c0 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:3670 [] sock_sendmsg_nosec /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:625 [inline] [] sock_sendmsg+0xb5/0xf0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:635 [] ___sys_sendmsg+0x66d/0x7d0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1961 [] __sys_sendmsg+0xc3/0x160 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1995 [] SYSC_sendmsg /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2006 [inline] [] SyS_sendmsg+0xd/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2002 [] entry_SYSCALL_64_fastpath+0x16/0x76 sd 0:0:1:0: [sg0] tag#145 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#145 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 IPVS: Creating netns size=2552 id=4 IPVS: Creating netns size=2552 id=5 IPVS: Creating netns size=2552 id=6 IPVS: Creating netns size=2552 id=7 IPVS: Creating netns size=2552 id=8 netlink: 1 bytes leftover after parsing attributes in process `syz-executor5'. audit: type=1400 audit(1513083295.362:5): avc: denied { create } for pid=3705 comm="syz-executor3" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_iscsi_socket permissive=1 netlink: 1 bytes leftover after parsing attributes in process `syz-executor5'. sd 0:0:1:0: [sg0] tag#178 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor4/3753 caller is __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62 CPU: 0 PID: 3753 Comm: syz-executor4 Not tainted 4.4.105-g36205b7 #4 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 3f6afa973d6b13ec ffff8801d2daf6b8 ffffffff81cc9b4f 0000000000000000 ffffffff839fd4a0 ffff8801d2daf6f8 ffffffff81d28d58 ffffffff83d093a0 ffff8801d2fe73e0 dffffc0000000000 ffffffff83cff4e0 Call Trace: [] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline] [] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51 [] check_preemption_disabled+0x1b8/0x1f0 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:46 [] __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62 [] ipcomp_alloc_tfms /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:286 [inline] [] ipcomp_init_state+0x168/0x8e0 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:363 [] ipcomp4_init_state+0x9e/0x840 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/ipcomp.c:137 [] __xfrm_init_state+0x354/0xa40 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2058 [] xfrm_init_state+0xe/0x10 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2084 [] pfkey_msg2xfrm_state /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1281 [inline] [] pfkey_add+0x1e18/0x3d80 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1498 [] pfkey_process+0x58d/0x900 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:2826 [] pfkey_sendmsg+0x35b/0x6c0 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:3670 [] sock_sendmsg_nosec /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:625 [inline] [] sock_sendmsg+0xb5/0xf0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:635 [] ___sys_sendmsg+0x66d/0x7d0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1961 [] __sys_sendmsg+0xc3/0x160 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1995 [] SYSC_sendmsg /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2006 [inline] [] SyS_sendmsg+0xd/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2002 [] entry_SYSCALL_64_fastpath+0x16/0x76 BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor4/3753 caller is __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62 CPU: 0 PID: 3753 Comm: syz-executor4 Not tainted 4.4.105-g36205b7 #4 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 3f6afa973d6b13ec ffff8801d2daf6b8 ffffffff81cc9b4f 0000000000000000 ffffffff839fd4a0 ffff8801d2daf6f8 ffffffff81d28d58 ffffffff83d093a0 ffff8801d2fe54c0 dffffc0000000000 ffffffff83cff4e0 Call Trace: [] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline] [] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51 [] check_preemption_disabled+0x1b8/0x1f0 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:46 [] __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62 [] ipcomp_alloc_tfms /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:286 [inline] [] ipcomp_init_state+0x168/0x8e0 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:363 [] ipcomp4_init_state+0x9e/0x840 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/ipcomp.c:137 [] __xfrm_init_state+0x354/0xa40 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2058 [] xfrm_init_state+0xe/0x10 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2084 [] pfkey_msg2xfrm_state /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1281 [inline] [] pfkey_add+0x1e18/0x3d80 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1498 [] pfkey_process+0x58d/0x900 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:2826 [] pfkey_sendmsg+0x35b/0x6c0 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:3670 [] sock_sendmsg_nosec /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:625 [inline] [] sock_sendmsg+0xb5/0xf0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:635 [] ___sys_sendmsg+0x66d/0x7d0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1961 [] __sys_sendmsg+0xc3/0x160 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1995 [] SYSC_sendmsg /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2006 [inline] [] SyS_sendmsg+0xd/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2002 [] entry_SYSCALL_64_fastpath+0x16/0x76 sd 0:0:1:0: [sg0] tag#106 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK sd 0:0:1:0: [sg0] tag#106 CDB: Test Unit Ready sd 0:0:1:0: [sg0] tag#106 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#106 CDB[10]: 00 00 00 00 10 27 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#106 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#106 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#178 CDB: Test Unit Ready sd 0:0:1:0: [sg0] tag#178 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#178 CDB[10]: 00 00 00 00 10 27 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#178 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#178 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 capability: warning: `syz-executor3' uses 32-bit capabilities (legacy support in use) netlink: 1 bytes leftover after parsing attributes in process `syz-executor3'. sd 0:0:1:0: [sg0] tag#178 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK sd 0:0:1:0: [sg0] tag#178 CDB: Test Unit Ready sd 0:0:1:0: [sg0] tag#178 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#178 CDB[10]: 00 00 00 00 10 27 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#178 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#178 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 netlink: 1 bytes leftover after parsing attributes in process `syz-executor3'. sd 0:0:1:0: [sg0] tag#147 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK sd 0:0:1:0: [sg0] tag#147 CDB: Test Unit Ready sd 0:0:1:0: [sg0] tag#147 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#147 CDB[10]: 00 00 00 00 10 27 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#147 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#147 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 netlink: 1 bytes leftover after parsing attributes in process `syz-executor1'. netlink: 1 bytes leftover after parsing attributes in process `syz-executor1'. netlink: 1 bytes leftover after parsing attributes in process `syz-executor2'. netlink: 1 bytes leftover after parsing attributes in process `syz-executor2'. device lo entered promiscuous mode sd 0:0:1:0: [sg0] tag#199 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK device lo left promiscuous mode sd 0:0:1:0: [sg0] tag#199 CDB: Test Unit Ready sd 0:0:1:0: [sg0] tag#199 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#199 CDB[10]: 00 00 00 00 10 27 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#199 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#199 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#199 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK device lo entered promiscuous mode device lo left promiscuous mode sd 0:0:1:0: [sg0] tag#199 CDB: Test Unit Ready sd 0:0:1:0: [sg0] tag#199 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#199 CDB[10]: 00 00 00 00 10 27 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#199 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#199 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 netlink: 1 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 1 bytes leftover after parsing attributes in process `syz-executor2'. device lo entered promiscuous mode device lo left promiscuous mode device lo entered promiscuous mode device lo left promiscuous mode device lo entered promiscuous mode device lo left promiscuous mode device lo entered promiscuous mode device lo left promiscuous mode device lo entered promiscuous mode device lo left promiscuous mode device lo entered promiscuous mode device lo left promiscuous mode device lo entered promiscuous mode device lo left promiscuous mode device lo entered promiscuous mode device lo left promiscuous mode sd 0:0:1:0: [sg0] tag#198 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK sd 0:0:1:0: [sg0] tag#198 CDB: Test Unit Ready sd 0:0:1:0: [sg0] tag#198 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#198 CDB[10]: 00 00 00 00 10 27 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#198 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#198 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#198 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK sd 0:0:1:0: [sg0] tag#198 CDB: Test Unit Ready sd 0:0:1:0: [sg0] tag#198 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#198 CDB[10]: 00 00 00 00 10 27 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#198 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#198 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 handle_userfault: 11 callbacks suppressed FAULT_FLAG_ALLOW_RETRY missing 30 FAULT_FLAG_ALLOW_RETRY missing 30 CPU: 0 PID: 4608 Comm: syz-executor7 Not tainted 4.4.105-g36205b7 #4 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 609faca63b243f49 ffff8801d3207940 ffffffff81cc9b4f 1ffff1003a640f33 0000000000000030 ffff8801d3207ae0 ffffffff815db71b ffff8800bade11e0 ffff8800bade11e0 ffff8800bade11e0 ffff8801d3207ab8 Call Trace: [] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline] [] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51 [] handle_userfault+0x75b/0x1570 /syzkaller/managers/android-44-kasan-gce/kernel/fs/userfaultfd.c:316 [] do_anonymous_page /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:2731 [inline] [] handle_pte_fault /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3295 [inline] [] __handle_mm_fault /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3426 [inline] [] handle_mm_fault+0x2731/0x39b0 /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3455 [] __do_page_fault+0x2d0/0x910 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/mm/fault.c:1245 [] do_page_fault+0x22/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/mm/fault.c:1308 [] page_fault+0x28/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/entry/entry_64.S:985 [] SYSC_mq_timedsend /syzkaller/managers/android-44-kasan-gce/kernel/ipc/mqueue.c:975 [inline] [] SyS_mq_timedsend+0xe2/0xa70 /syzkaller/managers/android-44-kasan-gce/kernel/ipc/mqueue.c:958 [] entry_SYSCALL_64_fastpath+0x16/0x76 FAULT_FLAG_ALLOW_RETRY missing 70 CPU: 0 PID: 4623 Comm: syz-executor7 Not tainted 4.4.105-g36205b7 #4 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 0b48efac918ff187 ffff8800b215fbb0 ffffffff81cc9b4f 1ffff1001642bf81 0000000000000070 ffff8800b215fd50 ffffffff815db71b ffff8800bade11e0 ffff8800bade11e0 ffff8800bade11e0 ffff8800b215fd28 Call Trace: [] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline] [] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51 [] handle_userfault+0x75b/0x1570 /syzkaller/managers/android-44-kasan-gce/kernel/fs/userfaultfd.c:316 [] do_anonymous_page /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:2731 [inline] [] handle_pte_fault /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3295 [inline] [] __handle_mm_fault /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3426 [inline] [] handle_mm_fault+0x2731/0x39b0 /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3455 [] __do_page_fault+0x2d0/0x910 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/mm/fault.c:1245 [] do_page_fault+0x22/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/mm/fault.c:1308 [] page_fault+0x28/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/entry/entry_64.S:985 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=22203 sclass=netlink_route_socket CPU: 1 PID: 4618 Comm: syz-executor7 Not tainted 4.4.105-g36205b7 #4 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 9d0a341377118f29 ffff8800b3a9f9f0 ffffffff81cc9b4f 1ffff10016753f49 0000000000000030 ffff8800b3a9fb90 ffffffff815db71b ffff8800bade11e0[ 57.628140] FAULT_FLAG_ALLOW_RETRY missing 30 FAULT_FLAG_ALLOW_RETRY missing 30 ffff8800bade11e0 ffff8800bade11e0 ffff8800b3a9fb68 Call Trace: [] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline] [] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51 [] handle_userfault+0x75b/0x1570 /syzkaller/managers/android-44-kasan-gce/kernel/fs/userfaultfd.c:316 [] do_anonymous_page /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:2731 [inline] [] handle_pte_fault /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3295 [inline] [] __handle_mm_fault /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3426 [inline] [] handle_mm_fault+0x2731/0x39b0 /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3455 [] __do_page_fault+0x2d0/0x910 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/mm/fault.c:1245 [] do_page_fault+0x22/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/mm/fault.c:1308 [] page_fault+0x28/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/entry/entry_64.S:985 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=22203 sclass=netlink_route_socket [] entry_SYSCALL_64_fastpath+0x16/0x76 CPU: 0 PID: 4664 Comm: syz-executor6 Not tainted 4.4.105-g36205b7 #4 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 ed79d0ebbf754fc2 ffff8800b20ff9f0 ffffffff81cc9b4f 1ffff1001641ff49 0000000000000030 ffff8800b20ffb90 ffffffff815db71b ffff8800bade6de0 ffff8800bade6de0 ffff8800bade6de0 ffff8800b20ffb68 Call Trace: [] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline] [] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51 [] handle_userfault+0x75b/0x1570 /syzkaller/managers/android-44-kasan-gce/kernel/fs/userfaultfd.c:316 [] do_anonymous_page /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:2731 [inline] [] handle_pte_fault /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3295 [inline] [] __handle_mm_fault /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3426 [inline] [] handle_mm_fault+0x2731/0x39b0 /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3455 [] __do_page_fault+0x2d0/0x910 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/mm/fault.c:1245 [] do_page_fault+0x22/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/mm/fault.c:1308 [] page_fault+0x28/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/entry/entry_64.S:985 [] entry_SYSCALL_64_fastpath+0x16/0x76 CPU: 1 PID: 4657 Comm: syz-executor6 Not tainted 4.4.105-g36205b7 #4 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 ed7b3c07d2e2dc2b ffff8800b9607940 ffffffff81cc9b4f 1ffff100172c0f33 0000000000000030 ffff8800b9607ae0 ffffffff815db71b ffff8800bade6de0 ffff8800bade6de0 ffff8800bade6de0 ffff8800b9607ab8 Call Trace: [] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline] [] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51 [] handle_userfault+0x75b/0x1570 /syzkaller/managers/android-44-kasan-gce/kernel/fs/userfaultfd.c:316 [] do_anonymous_page /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:2731 [inline] [] handle_pte_fault /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3295 [inline] [] __handle_mm_fault /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3426 [inline] [] handle_mm_fault+0x2731/0x39b0 /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3455 [] __do_page_fault+0x2d0/0x910 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/mm/fault.c:1245 [] do_page_fault+0x22/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/mm/fault.c:1308 [] page_fault+0x28/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/entry/entry_64.S:985 [] SYSC_mq_timedsend /syzkaller/managers/android-44-kasan-gce/kernel/ipc/mqueue.c:975 [inline] [] SyS_mq_timedsend+0xe2/0xa70 /syzkaller/managers/android-44-kasan-gce/kernel/ipc/mqueue.c:958 [] entry_SYSCALL_64_fastpath+0x16/0x76 FAULT_FLAG_ALLOW_RETRY missing 30 FAULT_FLAG_ALLOW_RETRY missing 30 CPU: 1 PID: 4657 Comm: syz-executor6 Not tainted 4.4.105-g36205b7 #4 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 ed7b3c07d2e2dc2b ffff8800b9607940 ffffffff81cc9b4f 1ffff100172c0f33 0000000000000030 ffff8800b9607ae0 ffffffff815db71b ffff8800bade6de0 ffff8800bade6de0 ffff8800bade6de0 ffff8800b9607ab8 Call Trace: [] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline] [] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51 [] handle_userfault+0x75b/0x1570 /syzkaller/managers/android-44-kasan-gce/kernel/fs/userfaultfd.c:316 [] do_anonymous_page /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:2731 [inline] [] handle_pte_fault /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3295 [inline] [] __handle_mm_fault /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3426 [inline] [] handle_mm_fault+0x2731/0x39b0 /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3455 [] __do_page_fault+0x2d0/0x910 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/mm/fault.c:1245 [] do_page_fault+0x22/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/mm/fault.c:1308 [] page_fault+0x28/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/entry/entry_64.S:985 [] SYSC_mq_timedsend /syzkaller/managers/android-44-kasan-gce/kernel/ipc/mqueue.c:975 [inline] [] SyS_mq_timedsend+0xe2/0xa70 /syzkaller/managers/android-44-kasan-gce/kernel/ipc/mqueue.c:958 [] entry_SYSCALL_64_fastpath+0x16/0x76 FAULT_FLAG_ALLOW_RETRY missing 30 CPU: 1 PID: 4713 Comm: syz-executor2 Not tainted 4.4.105-g36205b7 #4 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 99e103f0754e024c ffff8801d2d979f0 ffffffff81cc9b4f 1ffff1003a5b2f49 0000000000000030 ffff8801d2d97b90 ffffffff815db71b ffff8800bade0660 ffff8800bade0660 ffff8800bade0660 ffff8801d2d97b68 Call Trace: [] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline] [] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51 [] handle_userfault+0x75b/0x1570 /syzkaller/managers/android-44-kasan-gce/kernel/fs/userfaultfd.c:316 [] do_anonymous_page /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:2731 [inline] [] handle_pte_fault /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3295 [inline] [] __handle_mm_fault /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3426 [inline] [] handle_mm_fault+0x2731/0x39b0 /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3455 [] __do_page_fault+0x2d0/0x910 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/mm/fault.c:1245 [] do_page_fault+0x22/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/mm/fault.c:1308 [] page_fault+0x28/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/entry/entry_64.S:985 [] entry_SYSCALL_64_fastpath+0x16/0x76 FAULT_FLAG_ALLOW_RETRY missing 30 CPU: 1 PID: 4707 Comm: syz-executor2 Not tainted 4.4.105-g36205b7 #4 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 7a18b62fdc24f560 ffff8801d620f940 ffffffff81cc9b4f 1ffff1003ac41f33 0000000000000030 ffff8801d620fae0 ffffffff815db71b ffff8800bade0660 ffff8800bade0660 ffff8800bade0660 ffff8801d620fab8 Call Trace: [] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline] [] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51 [] handle_userfault+0x75b/0x1570 /syzkaller/managers/android-44-kasan-gce/kernel/fs/userfaultfd.c:316 [] do_anonymous_page /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:2731 [inline] [] handle_pte_fault /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3295 [inline] [] __handle_mm_fault /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3426 [inline] [] handle_mm_fault+0x2731/0x39b0 /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3455 [] __do_page_fault+0x2d0/0x910 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/mm/fault.c:1245 [] do_page_fault+0x22/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/mm/fault.c:1308 [] page_fault+0x28/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/entry/entry_64.S:985 [] SYSC_mq_timedsend /syzkaller/managers/android-44-kasan-gce/kernel/ipc/mqueue.c:975 [inline] [] SyS_mq_timedsend+0xe2/0xa70 /syzkaller/managers/android-44-kasan-gce/kernel/ipc/mqueue.c:958 [] entry_SYSCALL_64_fastpath+0x16/0x76 FAULT_FLAG_ALLOW_RETRY missing 30 CPU: 1 PID: 4713 Comm: syz-executor2 Not tainted 4.4.105-g36205b7 #4 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 99e103f0754e024c ffff8801d2d979f0 ffffffff81cc9b4f 1ffff1003a5b2f49 0000000000000030 ffff8801d2d97b90 ffffffff815db71b ffff8800bade0660 ffff8800bade0660 ffff8800bade0660 ffff8801d2d97b68 Call Trace: [] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline] [] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51 [] handle_userfault+0x75b/0x1570 /syzkaller/managers/android-44-kasan-gce/kernel/fs/userfaultfd.c:316 [] do_anonymous_page /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:2731 [inline] [] handle_pte_fault /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3295 [inline] [] __handle_mm_fault /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3426 [inline] [] handle_mm_fault+0x2731/0x39b0 /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3455 [] __do_page_fault+0x2d0/0x910 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/mm/fault.c:1245 [] do_page_fault+0x22/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/mm/fault.c:1308 [] page_fault+0x28/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/entry/entry_64.S:985 [] entry_SYSCALL_64_fastpath+0x16/0x76 CPU: 1 PID: 4664 Comm: syz-executor6 Not tainted 4.4.105-g36205b7 #4 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 ed79d0ebbf754fc2 ffff8800b20ff9f0 ffffffff81cc9b4f 1ffff1001641ff49 0000000000000030 ffff8800b20ffb90 ffffffff815db71b ffff8800bade6de0 ffff8800bade6de0 ffff8800bade6de0 ffff8800b20ffb68 Call Trace: [] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline] [] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51 [] handle_userfault+0x75b/0x1570 /syzkaller/managers/android-44-kasan-gce/kernel/fs/userfaultfd.c:316 [] do_anonymous_page /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:2731 [inline] [] handle_pte_fault /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3295 [inline] [] __handle_mm_fault /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3426 [inline] [] handle_mm_fault+0x2731/0x39b0 /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3455 [] __do_page_fault+0x2d0/0x910 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/mm/fault.c:1245 [] do_page_fault+0x22/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/mm/fault.c:1308 [] page_fault+0x28/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/entry/entry_64.S:985 [] entry_SYSCALL_64_fastpath+0x16/0x76 nla_parse: 6 callbacks suppressed netlink: 1 bytes leftover after parsing attributes in process `syz-executor6'. device lo entered promiscuous mode device lo left promiscuous mode device lo entered promiscuous mode device lo left promiscuous mode netlink: 1 bytes leftover after parsing attributes in process `syz-executor6'. device lo entered promiscuous mode device lo left promiscuous mode device lo entered promiscuous mode device lo left promiscuous mode netlink: 1 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 1 bytes leftover after parsing attributes in process `syz-executor7'. device lo entered promiscuous mode device lo left promiscuous mode device lo entered promiscuous mode device lo left promiscuous mode syz-executor6 uses obsolete (PF_INET,SOCK_PACKET) binder: 5190:5211 BC_REQUEST_DEATH_NOTIFICATION invalid ref 4 binder: 5190:5211 DecRefs 0 refcount change on invalid ref 3 ret -22 binder: 5190:5196 BC_DEAD_BINDER_DONE 0000000000000002 not found binder: 5190:5196 BC_FREE_BUFFER u0000000000000000 no match binder: 5190:5211 got reply transaction with bad transaction stack, transaction 2 has target 5190:0 binder: tried to use weak ref as strong ref binder: 5190:5196 got transaction to invalid handle binder: 5190:5211 transaction failed 29201/-71, size 48-56 line 2939 binder: 5190:5196 transaction failed 29201/-22, size 0-32 line 3008 sd 0:0:1:0: [sg0] tag#270 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK sd 0:0:1:0: [sg0] tag#270 CDB: Test Unit Ready sd 0:0:1:0: [sg0] tag#270 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#270 CDB[10]: 00 00 00 00 10 27 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#270 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#270 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 binder_alloc: binder_alloc_mmap_handler: 5190 20000000-20002000 already mapped failed -16 binder: BINDER_SET_CONTEXT_MGR already set binder: 5190:5196 ioctl 40046207 0 returned -16 binder_alloc: 5190: binder_alloc_buf, no vma binder: 5190:5228 transaction failed 29189/-3, size 80-16 line 3131 binder: 5190:5236 BC_DEAD_BINDER_DONE 0000000000000002 not found binder: 5190:5236 BC_FREE_BUFFER u0000000000000000 no match binder: 5190:5236 got transaction to invalid handle binder: 5190:5236 transaction failed 29201/-22, size 0-32 line 3008 binder: release 5190:5211 transaction 2 out, still active binder: send failed reply for transaction 2, target dead binder: 5433:5450 got transaction with invalid offset (24, min 0 max 80) or object. netlink: 1 bytes leftover after parsing attributes in process `syz-executor7'. binder: 5433:5439 IncRefs 0 refcount change on invalid ref 2 ret -22 binder: 5433:5439 BC_REQUEST_DEATH_NOTIFICATION invalid ref 4 binder: 5433:5461 BC_DEAD_BINDER_DONE 0000000000000002 not found binder: 5433:5461 BC_FREE_BUFFER u0000000000000000 no match binder: 5433:5439 DecRefs 0 refcount change on invalid ref 3 ret -22 binder: 5433:5450 transaction failed 29201/-22, size 80-16 line 3194 binder: 5433:5461 unknown command 0 binder: 5433:5439 unknown command 0 binder: 5433:5439 ioctl c0306201 204ed000 returned -22 binder: BINDER_SET_CONTEXT_MGR already set binder_alloc: binder_alloc_mmap_handler: 5433 20000000-20002000 already mapped failed -16 binder: 5433:5439 ioctl 40046207 0 returned -16 netlink: 1 bytes leftover after parsing attributes in process `syz-executor6'. netlink: 1 bytes leftover after parsing attributes in process `syz-executor7'. binder: 5433:5461 ioctl c0306201 201f2fd0 returned -22 binder_alloc: 5433: binder_alloc_buf, no vma binder: 5433:5450 transaction failed 29189/-3, size 80-16 line 3131 binder: 5433:5461 IncRefs 0 refcount change on invalid ref 2 ret -22 binder: 5433:5479 BC_DEAD_BINDER_DONE 0000000000000002 not found binder: 5433:5479 BC_FREE_BUFFER u0000000000000000 no match binder: 5433:5461 BC_REQUEST_DEATH_NOTIFICATION invalid ref 4 binder: 5517:5530 BC_REQUEST_DEATH_NOTIFICATION invalid ref 4 binder: 5433:5479 got transaction to invalid handle binder: 5433:5461 DecRefs 0 refcount change on invalid ref 3 ret -22 binder: 5517:5522 BC_DEAD_BINDER_DONE 0000000000000002 not found binder: 5517:5522 BC_FREE_BUFFER u0000000000000000 no match binder: tried to use weak ref as strong ref binder: 5517:5522 got transaction to invalid handle binder: 5517:5522 transaction failed 29201/-22, size 0-32 line 3008 binder: 5517:5530 DecRefs 0 refcount change on invalid ref 3 ret -22 binder: 5517:5530 got reply transaction with bad transaction stack, transaction 15 has target 5517:0 binder: 5517:5530 transaction failed 29201/-71, size 48-56 line 2939 binder_alloc: binder_alloc_mmap_handler: 5517 20000000-20002000 already mapped failed -16 binder: BINDER_SET_CONTEXT_MGR already set binder: 5517:5522 ioctl 40046207 0 returned -16 binder_alloc: 5517: binder_alloc_buf, no vma binder: 5517:5530 transaction failed 29189/-3, size 80-16 line 3131 binder: 5517:5553 BC_DEAD_BINDER_DONE 0000000000000002 not found binder: 5517:5553 BC_FREE_BUFFER u0000000000000000 no match binder: 5517:5553 got transaction to invalid handle binder: 5517:5553 transaction failed 29201/-22, size 0-32 line 3008 netlink: 1 bytes leftover after parsing attributes in process `syz-executor6'. binder: release 5517:5530 transaction 15 out, still active binder: send failed reply for transaction 15, target dead binder: 5433:5479 transaction failed 29201/-22, size 0-32 line 3008 binder: 5433:5461 got reply transaction with no transaction stack binder: 5433:5461 transaction failed 29201/-71, size 48-56 line 2924 sd 0:0:1:0: [sg0] tag#293 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK sd 0:0:1:0: [sg0] tag#293 CDB: Test Unit Ready sd 0:0:1:0: [sg0] tag#293 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#293 CDB[10]: 00 00 00 00 10 27 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#293 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#293 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 binder: undelivered TRANSACTION_ERROR: 29189 sd 0:0:1:0: [sg0] tag#293 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK sd 0:0:1:0: [sg0] tag#293 CDB: Test Unit Ready binder: undelivered TRANSACTION_ERROR: 29201 sd 0:0:1:0: [sg0] tag#293 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#293 CDB[10]: 00 00 00 00 10 27 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#293 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#293 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 capability: warning: `syz-executor7' uses deprecated v2 capabilities in a way that may be insecure netlink: 1 bytes leftover after parsing attributes in process `syz-executor3'. netlink: 1 bytes leftover after parsing attributes in process `syz-executor3'. handle_userfault: 20 callbacks suppressed FAULT_FLAG_ALLOW_RETRY missing 30 CPU: 0 PID: 5805 Comm: syz-executor3 Not tainted 4.4.105-g36205b7 #4 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 b30ae8c869aa88c1 ffff8801d32c7940 ffffffff81cc9b4f 1ffff1003a658f33 0000000000000030 ffff8801d32c7ae0 ffffffff815db71b ffff8800b7e773a0 ffff8800b7e773a0 ffff8800b7e773a0 ffff8801d32c7ab8 Call Trace: [] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline] [] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51 [] handle_userfault+0x75b/0x1570 /syzkaller/managers/android-44-kasan-gce/kernel/fs/userfaultfd.c:316 FAULT_FLAG_ALLOW_RETRY missing 30 [] do_anonymous_page /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:2731 [inline] [] handle_pte_fault /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3295 [inline] [] __handle_mm_fault /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3426 [inline] [] handle_mm_fault+0x2731/0x39b0 /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3455 [] __do_page_fault+0x2d0/0x910 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/mm/fault.c:1245 [] do_page_fault+0x22/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/mm/fault.c:1308 [] page_fault+0x28/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/entry/entry_64.S:985 [] SYSC_mq_timedsend /syzkaller/managers/android-44-kasan-gce/kernel/ipc/mqueue.c:975 [inline] [] SyS_mq_timedsend+0xe2/0xa70 /syzkaller/managers/android-44-kasan-gce/kernel/ipc/mqueue.c:958