check_preemption_disabled: 30 callbacks suppressed BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor0/5501 caller is __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62 CPU: 1 PID: 5501 Comm: syz-executor0 Not tainted 4.4.105-g36205b7 #4 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 5db6a4e27cf278fd ffff8801d27176b8 ffffffff81cc9b4f 0000000000000001 ffffffff839fd4a0 ffff8801d27176f8 ffffffff81d28d58 ffffffff83d093a0 ffff8800b2110a60 dffffc0000000000 ffffffff83cff4e0 Call Trace: [] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline] [] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51 [] check_preemption_disabled+0x1b8/0x1f0 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:46 [] __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62 [] ipcomp_alloc_tfms /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:286 [inline] [] ipcomp_init_state+0x168/0x8e0 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:363 [] ipcomp4_init_state+0x9e/0x840 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/ipcomp.c:137 [] __xfrm_init_state+0x354/0xa40 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2058 [] xfrm_init_state+0xe/0x10 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2084 [] pfkey_msg2xfrm_state /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1281 [inline] [] pfkey_add+0x1e18/0x3d80 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1498 [] pfkey_process+0x58d/0x900 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:2826 [] pfkey_sendmsg+0x35b/0x6c0 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:3670 [] sock_sendmsg_nosec /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:625 [inline] [] sock_sendmsg+0xb5/0xf0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:635 [] ___sys_sendmsg+0x66d/0x7d0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1961 [] __sys_sendmsg+0xc3/0x160 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1995 [] SYSC_sendmsg /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2006 [inline] [] SyS_sendmsg+0xd/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2002 [] entry_SYSCALL_64_fastpath+0x16/0x76 BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor0/5501 caller is __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62 CPU: 1 PID: 5501 Comm: syz-executor0 Not tainted 4.4.105-g36205b7 #4 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 nla_parse: 26 callbacks suppressed netlink: 1 bytes leftover after parsing attributes in process `syz-executor5'. 0000000000000000 5db6a4e27cf278fd ffff8801d27176b8 ffffffff81cc9b4f 0000000000000001 ffffffff839fd4a0 ffff8801d27176f8 ffffffff81d28d58 ffffffff83d093a0 ffff8800b5f12450 dffffc0000000000 ffffffff83cff4e0 Call Trace: [] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline] [] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51 [] check_preemption_disabled+0x1b8/0x1f0 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:46 [] __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62 [] ipcomp_alloc_tfms /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:286 [inline] [] ipcomp_init_state+0x168/0x8e0 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:363 [] ipcomp4_init_state+0x9e/0x840 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/ipcomp.c:137 [] __xfrm_init_state+0x354/0xa40 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2058 [] xfrm_init_state+0xe/0x10 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2084 [] pfkey_msg2xfrm_state /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1281 [inline] [] pfkey_add+0x1e18/0x3d80 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1498 [] pfkey_process+0x58d/0x900 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:2826 [] pfkey_sendmsg+0x35b/0x6c0 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:3670 [] sock_sendmsg_nosec /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:625 [inline] [] sock_sendmsg+0xb5/0xf0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:635 [] ___sys_sendmsg+0x66d/0x7d0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1961 [] __sys_sendmsg+0xc3/0x160 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1995 [] SYSC_sendmsg /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2006 [inline] [] SyS_sendmsg+0xd/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2002 [] entry_SYSCALL_64_fastpath+0x16/0x76 netlink: 1 bytes leftover after parsing attributes in process `syz-executor5'. SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket netlink: 11 bytes leftover after parsing attributes in process `syz-executor3'. SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket netlink: 11 bytes leftover after parsing attributes in process `syz-executor3'. SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket netlink: 1 bytes leftover after parsing attributes in process `syz-executor6'. netlink: 1 bytes leftover after parsing attributes in process `syz-executor6'. netlink: 6 bytes leftover after parsing attributes in process `syz-executor2'. netlink: 6 bytes leftover after parsing attributes in process `syz-executor2'. SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket netlink: 6 bytes leftover after parsing attributes in process `syz-executor1'. SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket netlink: 6 bytes leftover after parsing attributes in process `syz-executor1'. SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor1/6357 caller is __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62 CPU: 1 PID: 6357 Comm: syz-executor1 Not tainted 4.4.105-g36205b7 #4 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 f7f88ab21c4cd17a ffff8801d5b4f6b8 ffffffff81cc9b4f 0000000000000001 ffffffff839fd4a0 ffff8801d5b4f6f8 ffffffff81d28d58 ffffffff83d093a0 ffff8801d25eca60 dffffc0000000000 ffffffff83cff4e0 Call Trace: [] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline] [] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51 [] check_preemption_disabled+0x1b8/0x1f0 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:46 [] __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62 [] ipcomp_alloc_tfms /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:286 [inline] [] ipcomp_init_state+0x168/0x8e0 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:363 [] ipcomp4_init_state+0x9e/0x840 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/ipcomp.c:137 [] __xfrm_init_state+0x354/0xa40 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2058 [] xfrm_init_state+0xe/0x10 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2084 [] pfkey_msg2xfrm_state /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1281 [inline] [] pfkey_add+0x1e18/0x3d80 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1498 [] pfkey_process+0x58d/0x900 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:2826 [] pfkey_sendmsg+0x35b/0x6c0 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:3670 [] sock_sendmsg_nosec /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:625 [inline] [] sock_sendmsg+0xb5/0xf0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:635 [] ___sys_sendmsg+0x66d/0x7d0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1961 [] __sys_sendmsg+0xc3/0x160 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1995 [] SYSC_sendmsg /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2006 [inline] [] SyS_sendmsg+0xd/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2002 [] entry_SYSCALL_64_fastpath+0x16/0x76 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket device gre0 entered promiscuous mode audit: type=1400 audit(1513081210.813:24): avc: denied { getopt } for pid=6438 comm="syz-executor1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_fib_lookup_socket permissive=1 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket device gre0 entered promiscuous mode SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1792 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1792 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket audit: type=1400 audit(1513081212.973:25): avc: denied { execute } for pid=7289 comm="syz-executor0" path="pipe:[15040]" dev="pipefs" ino=15040 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=fifo_file permissive=1 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket nla_parse: 24 callbacks suppressed netlink: 6 bytes leftover after parsing attributes in process `syz-executor1'. netlink: 6 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 6 bytes leftover after parsing attributes in process `syz-executor1'. netlink: 6 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 1 bytes leftover after parsing attributes in process `syz-executor1'. netlink: 1 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 1 bytes leftover after parsing attributes in process `syz-executor1'. netlink: 1 bytes leftover after parsing attributes in process `syz-executor7'. SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket netlink: 1 bytes leftover after parsing attributes in process `syz-executor3'. netlink: 1 bytes leftover after parsing attributes in process `syz-executor3'. device gre0 entered promiscuous mode device gre0 entered promiscuous mode SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket device gre0 entered promiscuous mode SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket mmap: syz-executor4 (8584) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.txt. SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket sg_write: data in/out 327644/32 bytes for SCSI command 0x4-- guessing data in; program syz-executor5 not setting count and/or reply_len properly sg_write: data in/out 327644/32 bytes for SCSI command 0x4-- guessing data in; program syz-executor1 not setting count and/or reply_len properly BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor4/8851 caller is __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62 CPU: 1 PID: 8851 Comm: syz-executor4 Not tainted 4.4.105-g36205b7 #4 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 c659e218d2851c5d ffff8801d720f6b8 ffffffff81cc9b4f 0000000000000001 ffffffff839fd4a0 ffff8801d720f6f8 ffffffff81d28d58 ffffffff83d093a0 ffff8801d272e980 dffffc0000000000 ffffffff83cff4e0 Call Trace: [] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline] [] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51 [] check_preemption_disabled+0x1b8/0x1f0 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:46 [] __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62 [] ipcomp_alloc_tfms /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:286 [inline] [] ipcomp_init_state+0x168/0x8e0 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_ipcomp.c:363 [] ipcomp4_init_state+0x9e/0x840 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/ipcomp.c:137 [] __xfrm_init_state+0x354/0xa40 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2058 [] xfrm_init_state+0xe/0x10 /syzkaller/managers/android-44-kasan-gce/kernel/net/xfrm/xfrm_state.c:2084 [] pfkey_msg2xfrm_state /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1281 [inline] [] pfkey_add+0x1e18/0x3d80 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:1498 [] pfkey_process+0x58d/0x900 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:2826 [] pfkey_sendmsg+0x35b/0x6c0 /syzkaller/managers/android-44-kasan-gce/kernel/net/key/af_key.c:3670 [] sock_sendmsg_nosec /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:625 [inline] [] sock_sendmsg+0xb5/0xf0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:635 [] ___sys_sendmsg+0x66d/0x7d0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1961 [] __sys_sendmsg+0xc3/0x160 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1995 [] SYSC_sendmsg /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2006 [inline] [] SyS_sendmsg+0xd/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2002 [] entry_SYSCALL_64_fastpath+0x16/0x76 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket