syz-executor6: vmalloc: allocation failure: 17179402552 bytes[ 30.237819] ===================================== [ BUG: bad unlock balance detected! ] 4.9.68-gfb66dc2 #107 Not tainted ------------------------------------- syz-executor1/4450 is trying to release lock ( mrt_lock) at: but there are no more locks to release! other info that might help us debug this: 1 lock held by syz-executor1/4450: #0: (&p->lock){+.+.+.}, at: [] seq_read+0xdd/0x1290 fs/seq_file.c:178 stack backtrace: CPU: 1 PID: 4450 Comm: syz-executor1 Not tainted 4.9.68-gfb66dc2 #107 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801ab76f8e8 ffffffff81d90889 ffffffff849ae9f8 ffff8801ac2ab000 ffffffff834dfc54 ffffffff849ae9f8 ffff8801ac2ab888 ffff8801ab76f918 ffffffff812353f4 dffffc0000000000 ffffffff849ae9f8 00000000ffffffffCall Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] print_unlock_imbalance_bug+0x174/0x1a0 kernel/locking/lockdep.c:3398 [] __lock_release kernel/locking/lockdep.c:3540 [inline] [] lock_release+0x6f8/0xb80 kernel/locking/lockdep.c:3775 [] __raw_read_unlock include/linux/rwlock_api_smp.h:225 [inline] [] _raw_read_unlock+0x1a/0x50 kernel/locking/spinlock.c:255 [] ipmr_mfc_seq_stop+0xe4/0x140 net/ipv6/ip6mr.c:553 [] seq_read+0xa83/0x1290 fs/seq_file.c:283 [] proc_reg_read+0xef/0x170 fs/proc/inode.c:202 [] do_loop_readv_writev.part.17+0x141/0x1e0 fs/read_write.c:714 [] do_loop_readv_writev fs/read_write.c:880 [inline] [] do_readv_writev+0x520/0x750 fs/read_write.c:874 [] vfs_readv+0x84/0xc0 fs/read_write.c:898 [] do_readv+0xe6/0x250 fs/read_write.c:924 [] SYSC_readv fs/read_write.c:1011 [inline] [] SyS_readv+0x27/0x30 fs/read_write.c:1008 [] entry_SYSCALL_64_fastpath+0x23/0xc6 SELinux: unrecognized netlink message: protocol=6 nlmsg_type=0 sclass=netlink_xfrm_socket pig=4476 comm=syz-executor0 SELinux: unrecognized netlink message: protocol=6 nlmsg_type=0 sclass=netlink_xfrm_socket pig=4476 comm=syz-executor0 , mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) CPU: 0 PID: 4427 Comm: syz-executor6 Not tainted 4.9.68-gfb66dc2 #107 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801aa82f880 ffffffff81d90889 1ffff10035505f13 ffff8801aa820000 ffffffff83ab7dc0 0000000000000001 0000000000400000 ffff8801aa82f990 ffffffff8144eb82 024000c200000003 0000000041b58ab3 ffffffff84191625 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] warn_alloc+0x212/0x240 mm/page_alloc.c:3056 [] __vmalloc_node_range+0x3f5/0x5f0 mm/vmalloc.c:1722 [] __vmalloc_node mm/vmalloc.c:1744 [inline] [] __vmalloc_node_flags mm/vmalloc.c:1758 [inline] [] vmalloc+0x5b/0x70 mm/vmalloc.c:1773 [] xt_alloc_entry_offsets+0x41/0x60 net/netfilter/x_tables.c:722 [] translate_table+0x21a/0x1e80 net/ipv6/netfilter/ip6_tables.c:730 [] ? 0xffffffff810002b8 [] do_replace net/ipv6/netfilter/ip6_tables.c:1182 [inline] [] do_ip6t_set_ctl+0x2be/0x470 net/ipv6/netfilter/ip6_tables.c:1708 [] nf_sockopt net/netfilter/nf_sockopt.c:105 [inline] [] nf_setsockopt+0x67/0xc0 net/netfilter/nf_sockopt.c:114 [] ipv6_setsockopt+0x115/0x150 net/ipv6/ipv6_sockglue.c:911 [] tcp_setsockopt+0x82/0xd0 net/ipv4/tcp.c:2736 [] sock_common_setsockopt+0x95/0xd0 net/core/sock.c:2706 [] SYSC_setsockopt net/socket.c:1771 [inline] [] SyS_setsockopt+0x160/0x250 net/socket.c:1750 [] entry_SYSCALL_64_fastpath+0x23/0xc6 Mem-Info: active_anon:74594 inactive_anon:43 isolated_anon:0 active_file:3510 inactive_file:7260 isolated_file:0 unevictable:0 dirty:114 writeback:0 unstable:0 slab_reclaimable:5865 slab_unreclaimable:41482 mapped:22827 shmem:50 pagetables:806 bounce:0 free:1475746 free_pcp:472 free_cma:0 Node 0 active_anon:298376kB inactive_anon:172kB active_file:14040kB inactive_file:29040kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:91308kB dirty:480kB writeback:0kB shmem:200kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 57344kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no DMA free:15908kB min:160kB low:200kB high:240kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB slab_reclaimable:0kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 2910 6411 6411 DMA32 free:2981148kB min:30600kB low:38248kB high:45896kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2981844kB mlocked:0kB slab_reclaimable:0kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:696kB local_pcp:48kB free_cma:0kB lowmem_reserve[]: 0 0 3501 3501 Normal free:2905912kB min:36816kB low:46020kB high:55224kB active_anon:298376kB inactive_anon:172kB active_file:14040kB inactive_file:29040kB unevictable:0kB writepending:492kB present:4718592kB managed:3585220kB mlocked:0kB slab_reclaimable:23460kB slab_unreclaimable:165944kB kernel_stack:5632kB pagetables:3224kB bounce:0kB free_pcp:1168kB local_pcp:700kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB DMA32: 1*4kB (M) 1*8kB (M) 3*16kB (M) 3*32kB (M) 4*64kB (M) 3*128kB (M) 2*256kB (M) 2*512kB (M) 1*1024kB (M) 2*2048kB (M) 726*4096kB (M) = 2981148kB Normal: 96*4kB (UME) 1255*8kB (UME) 1581*16kB (UME) 773*32kB (UME) 508*64kB (UM) 474*128kB (UME) 159*256kB (UME) 18*512kB (UE) 1*1024kB (U) 5*2048kB (M) 657*4096kB (M) = 2905896kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 10828 total pagecache pages 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 1965979 pages RAM 0 pages HighMem/MovableOnly 320236 pages reserved syz-executor6: vmalloc: allocation failure: 17179402552 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) CPU: 1 PID: 4462 Comm: syz-executor6 Not tainted 4.9.68-gfb66dc2 #107 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801c4027880 ffffffff81d90889 1ffff10038804f13 ffff8801ac2cb000 ffffffff83ab7dc0 0000000000000001 0000000000400000 ffff8801c4027990 ffffffff8144eb82 024000c2cef1e245 0000000041b58ab3 ffffffff84191625 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] warn_alloc+0x212/0x240 mm/page_alloc.c:3056 [] __vmalloc_node_range+0x3f5/0x5f0 mm/vmalloc.c:1722 [] __vmalloc_node mm/vmalloc.c:1744 [inline] [] __vmalloc_node_flags mm/vmalloc.c:1758 [inline] [] vmalloc+0x5b/0x70 mm/vmalloc.c:1773 [] xt_alloc_entry_offsets+0x41/0x60 net/netfilter/x_tables.c:722 [] translate_table+0x21a/0x1e80 net/ipv6/netfilter/ip6_tables.c:730 [] ? 0xffffffff810002b8 [] do_replace net/ipv6/netfilter/ip6_tables.c:1182 [inline] [] do_ip6t_set_ctl+0x2be/0x470 net/ipv6/netfilter/ip6_tables.c:1708 [] nf_sockopt net/netfilter/nf_sockopt.c:105 [inline] [] nf_setsockopt+0x67/0xc0 net/netfilter/nf_sockopt.c:114 [] ipv6_setsockopt+0x115/0x150 net/ipv6/ipv6_sockglue.c:911 [] tcp_setsockopt+0x82/0xd0 net/ipv4/tcp.c:2736 [] sock_common_setsockopt+0x95/0xd0 net/core/sock.c:2706 [] SYSC_setsockopt net/socket.c:1771 [inline] [] SyS_setsockopt+0x160/0x250 net/socket.c:1750 [] entry_SYSCALL_64_fastpath+0x23/0xc6 Mem-Info: active_anon:74594 inactive_anon:43 isolated_anon:0 active_file:3510 inactive_file:7260 isolated_file:0 unevictable:0 dirty:126 writeback:0 unstable:0 slab_reclaimable:5866 slab_unreclaimable:41486 mapped:22827 shmem:50 pagetables:806 bounce:0 free:1475746 free_pcp:462 free_cma:0 Node 0 active_anon:298376kB inactive_anon:172kB active_file:14040kB inactive_file:29040kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:91308kB dirty:504kB writeback:0kB shmem:200kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 57344kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no pktgen: kernel_thread() failed for cpu 0 pktgen: Cannot create thread for cpu 0 (-4) pktgen: kernel_thread() failed for cpu 1 pktgen: Cannot create thread for cpu 1 (-4) pktgen: Initialization failed for all threads DMA free:15908kB min:160kB low:200kB high:240kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB slab_reclaimable:0kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 2910 6411 6411 DMA32 free:2981148kB min:30600kB low:38248kB high:45896kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2981844kB mlocked:0kB slab_reclaimable:0kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:696kB local_pcp:648kB free_cma:0kB lowmem_reserve[]: 0 0 3501 3501 Normal free:2905532kB min:36816kB low:46020kB high:55224kB active_anon:298376kB inactive_anon:172kB active_file:14040kB inactive_file:29040kB unevictable:0kB writepending:516kB present:4718592kB managed:3585220kB mlocked:0kB slab_reclaimable:23480kB slab_unreclaimable:166160kB kernel_stack:5600kB pagetables:3224kB bounce:0kB free_pcp:1240kB local_pcp:400kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB DMA32: 1*4kB (M) 1*8kB (M) 3*16kB (M) [ 31.606716] pktgen: kernel_thread() failed for cpu 0 pktgen: Cannot create thread for cpu 0 (-4) pktgen: kernel_thread() failed for cpu 1 pktgen: Cannot create thread for cpu 1 (-4) pktgen: Initialization failed for all threads 3*32kB (M) 4*64kB (M) 3*128kB (M) 2*256kB (M) 2*512kB (M) 1*1024kB (M) 2*2048kB (M) 726*4096kB (M) = 2981148kB Normal: 114*4kB (UME) 1260*8kB (UME) 1583*16kB (UM) 763*32kB (UME) 508*64kB (UM) 474*128kB (UME) 159*256kB (UME) 18*512kB (UE) 1*1024kB (U) 4*2048kB (M) 661*4096kB (M) = 2920056kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 10834 total pagecache pages 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 1965979 pages RAM 0 pages HighMem/MovableOnly 320236 pages reserved device lo entered promiscuous mode device lo left promiscuous mode audit_printk_skb: 51 callbacks suppressed audit: type=1400 audit(1513124254.650:32): avc: denied { write } for pid=4603 comm="syz-executor1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_connector_socket permissive=1 netlink: 2 bytes leftover after parsing attributes in process `syz-executor7'. IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE IPv6: NLM_F_CREATE should be set when creating new route IPv6: NLM_F_CREATE should be set when creating new route device ±BÞÓ*mqÐx”o‡3{© entered promiscuous mode device ±BÞÓ*mqÐx”o‡3{© left promiscuous mode device lo entered promiscuous mode device lo left promiscuous mode device ±BÞÓ*mqÐx”o‡3{© entered promiscuous mode device ±BÞÓ*mqÐx”o‡3{© left promiscuous mode netlink: 2 bytes leftover after parsing attributes in process `syz-executor7'. IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE IPv6: NLM_F_CREATE should be set when creating new route IPv6: NLM_F_CREATE should be set when creating new route IPv6: NLM_F_REPLACE set, but no existing node found! IPv6: NLM_F_REPLACE set, but no existing node found! device gre0 entered promiscuous mode device lo entered promiscuous mode device lo left promiscuous mode nla_parse: 2 callbacks suppressed netlink: 2 bytes leftover after parsing attributes in process `syz-executor7'. IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE IPv6: NLM_F_CREATE should be set when creating new route IPv6: NLM_F_CREATE should be set when creating new route device lo entered promiscuous mode device lo left promiscuous mode netlink: 2 bytes leftover after parsing attributes in process `syz-executor7'. IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE IPv6: NLM_F_CREATE should be set when creating new route IPv6: NLM_F_CREATE should be set when creating new route BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor5/4780 caller is __this_cpu_preempt_check+0x1c/0x20 lib/smp_processor_id.c:62 CPU: 1 PID: 4780 Comm: syz-executor5 Not tainted 4.9.68-gfb66dc2 #107 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801c829f6d8 ffffffff81d90889 0000000000000001 ffffffff83c17800 ffffffff83f42ec0 ffff8801c8290000 0000000000000003 ffff8801c829f718 ffffffff81df7854 ffff8801c829f730 ffffffff83f42ec0 dffffc0000000000 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] check_preemption_disabled+0x1d4/0x200 lib/smp_processor_id.c:46 [] __this_cpu_preempt_check+0x1c/0x20 lib/smp_processor_id.c:62 [] ipcomp_alloc_tfms net/xfrm/xfrm_ipcomp.c:286 [inline] [] ipcomp_init_state+0x188/0x930 net/xfrm/xfrm_ipcomp.c:363 [] ipcomp4_init_state+0xb0/0x7d0 net/ipv4/ipcomp.c:137 [] __xfrm_init_state+0x3e7/0xb30 net/xfrm/xfrm_state.c:2096 [] xfrm_init_state+0x1a/0x20 net/xfrm/xfrm_state.c:2122 [] pfkey_msg2xfrm_state net/key/af_key.c:1281 [inline] [] pfkey_add+0x1fb9/0x3470 net/key/af_key.c:1498 [] pfkey_process+0x61e/0x730 net/key/af_key.c:2826 [] pfkey_sendmsg+0x3a9/0x760 net/key/af_key.c:3670 [] sock_sendmsg_nosec net/socket.c:635 [inline] [] sock_sendmsg+0xca/0x110 net/socket.c:645 [] ___sys_sendmsg+0x6d1/0x7e0 net/socket.c:1968 [] __sys_sendmsg+0xd6/0x190 net/socket.c:2002 [] SYSC_sendmsg net/socket.c:2013 [inline] [] SyS_sendmsg+0x2d/0x50 net/socket.c:2009 [] entry_SYSCALL_64_fastpath+0x23/0xc6 audit: type=1400 audit(1513124255.410:33): avc: denied { write } for pid=4790 comm="syz-executor7" name="net" dev="proc" ino=14856 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=dir permissive=1 audit: type=1400 audit(1513124255.440:34): avc: denied { add_name } for pid=4790 comm="syz-executor7" name="pfkey" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=dir permissive=1 audit: type=1400 audit(1513124255.460:35): avc: denied { create } for pid=4790 comm="syz-executor7" name="pfkey" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:insmod_t:s0 tclass=file permissive=1 sock: sock_set_timeout: `syz-executor3' (pid 4840) tries to set negative timeout BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor5/4850 caller is __this_cpu_preempt_check+0x1c/0x20 lib/smp_processor_id.c:62 CPU: 0 PID: 4850 Comm: syz-executor5 Not tainted 4.9.68-gfb66dc2 #107 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801c9da76d8 ffffffff81d90889 0000000000000000 ffffffff83c17800 ffffffff83f42ec0 ffff8801cf66b000 0000000000000003 ffff8801c9da7718 ffffffff81df7854 ffff8801c9da7730 ffffffff83f42ec0 dffffc0000000000 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] check_preemption_disabled+0x1d4/0x200 lib/smp_processor_id.c:46 [] __this_cpu_preempt_check+0x1c/0x20 lib/smp_processor_id.c:62 [] ipcomp_alloc_tfms net/xfrm/xfrm_ipcomp.c:286 [inline] [] ipcomp_init_state+0x188/0x930 net/xfrm/xfrm_ipcomp.c:363 [] ipcomp4_init_state+0xb0/0x7d0 net/ipv4/ipcomp.c:137 [] __xfrm_init_state+0x3e7/0xb30 net/xfrm/xfrm_state.c:2096 [] xfrm_init_state+0x1a/0x20 net/xfrm/xfrm_state.c:2122 [] pfkey_msg2xfrm_state net/key/af_key.c:1281 [inline] [] pfkey_add+0x1fb9/0x3470 net/key/af_key.c:1498 audit: type=1400 audit(1513124255.780:36): avc: denied { accept } for pid=4842 comm="syz-executor4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 [] pfkey_process+0x61e/0x730 net/key/af_key.c:2826 [] pfkey_sendmsg+0x3a9/0x760 net/key/af_key.c:3670 sock: sock_set_timeout: `syz-executor3' (pid 4900) tries to set negative timeout [] sock_sendmsg_nosec net/socket.c:635 [inline] [] sock_sendmsg+0xca/0x110 net/socket.c:645 [] ___sys_sendmsg+0x6d1/0x7e0 net/socket.c:1968 [] __sys_sendmsg+0xd6/0x190 net/socket.c:2002 [] SYSC_sendmsg net/socket.c:2013 [inline] [] SyS_sendmsg+0x2d/0x50 net/socket.c:2009 [] entry_SYSCALL_64_fastpath+0x23/0xc6 BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor5/4850 caller is __this_cpu_preempt_check+0x1c/0x20 lib/smp_processor_id.c:62 CPU: 0 PID: 4850 Comm: syz-executor5 Not tainted 4.9.68-gfb66dc2 #107 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801c9da76d8 ffffffff81d90889 0000000000000000 ffffffff83c17800 ffffffff83f42ec0 ffff8801cf66b000 0000000000000003 ffff8801c9da7718 ffffffff81df7854 ffff8801c9da7730 ffffffff83f42ec0 dffffc0000000000 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] check_preemption_disabled+0x1d4/0x200 lib/smp_processor_id.c:46 [] __this_cpu_preempt_check+0x1c/0x20 lib/smp_processor_id.c:62 [] ipcomp_alloc_tfms net/xfrm/xfrm_ipcomp.c:286 [inline] [] ipcomp_init_state+0x188/0x930 net/xfrm/xfrm_ipcomp.c:363 [] ipcomp4_init_state+0xb0/0x7d0 net/ipv4/ipcomp.c:137 [] __xfrm_init_state+0x3e7/0xb30 net/xfrm/xfrm_state.c:2096 [] xfrm_init_state+0x1a/0x20 net/xfrm/xfrm_state.c:2122 [] pfkey_msg2xfrm_state net/key/af_key.c:1281 [inline] [] pfkey_add+0x1fb9/0x3470 net/key/af_key.c:1498 [] pfkey_process+0x61e/0x730 net/key/af_key.c:2826 [] pfkey_sendmsg+0x3a9/0x760 net/key/af_key.c:3670 [] sock_sendmsg_nosec net/socket.c:635 [inline] [] sock_sendmsg+0xca/0x110 net/socket.c:645 [] ___sys_sendmsg+0x6d1/0x7e0 net/socket.c:1968 [] __sys_sendmsg+0xd6/0x190 net/socket.c:2002 [] SYSC_sendmsg net/socket.c:2013 [inline] [] SyS_sendmsg+0x2d/0x50 net/socket.c:2009 [] entry_SYSCALL_64_fastpath+0x23/0xc6 device gre0 entered promiscuous mode BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor5/4942 caller is __this_cpu_preempt_check+0x1c/0x20 lib/smp_processor_id.c:62 CPU: 0 PID: 4942 Comm: syz-executor5 Not tainted 4.9.68-gfb66dc2 #107 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801cf3876d8 ffffffff81d90889 0000000000000000 ffffffff83c17800 ffffffff83f42ec0 ffff8801d051e000 0000000000000003 ffff8801cf387718 ffffffff81df7854 ffff8801cf387730 ffffffff83f42ec0 dffffc0000000000 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] check_preemption_disabled+0x1d4/0x200 lib/smp_processor_id.c:46 [] __this_cpu_preempt_check+0x1c/0x20 lib/smp_processor_id.c:62 [] ipcomp_alloc_tfms net/xfrm/xfrm_ipcomp.c:286 [inline] [] ipcomp_init_state+0x188/0x930 net/xfrm/xfrm_ipcomp.c:363 [] ipcomp4_init_state+0xb0/0x7d0 net/ipv4/ipcomp.c:137 [] __xfrm_init_state+0x3e7/0xb30 net/xfrm/xfrm_state.c:2096 [] xfrm_init_state+0x1a/0x20 net/xfrm/xfrm_state.c:2122 [] pfkey_msg2xfrm_state net/key/af_key.c:1281 [inline] [] pfkey_add+0x1fb9/0x3470 net/key/af_key.c:1498 [] pfkey_process+0x61e/0x730 net/key/af_key.c:2826 [] pfkey_sendmsg+0x3a9/0x760 net/key/af_key.c:3670 [] sock_sendmsg_nosec net/socket.c:635 [inline] [] sock_sendmsg+0xca/0x110 net/socket.c:645 [] ___sys_sendmsg+0x6d1/0x7e0 net/socket.c:1968 [] __sys_sendmsg+0xd6/0x190 net/socket.c:2002 [] SYSC_sendmsg net/socket.c:2013 [inline] [] SyS_sendmsg+0x2d/0x50 net/socket.c:2009 [] entry_SYSCALL_64_fastpath+0x23/0xc6 BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor5/4942 caller is __this_cpu_preempt_check+0x1c/0x20 lib/smp_processor_id.c:62 CPU: 0 PID: 4942 Comm: syz-executor5 Not tainted 4.9.68-gfb66dc2 #107 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801cf3876d8 ffffffff81d90889 0000000000000000 ffffffff83c17800 ffffffff83f42ec0 ffff8801d051e000 0000000000000003 ffff8801cf387718 ffffffff81df7854 ffff8801cf387730 ffffffff83f42ec0 dffffc0000000000 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] check_preemption_disabled+0x1d4/0x200 lib/smp_processor_id.c:46 [] __this_cpu_preempt_check+0x1c/0x20 lib/smp_processor_id.c:62 [] ipcomp_alloc_tfms net/xfrm/xfrm_ipcomp.c:286 [inline] [] ipcomp_init_state+0x188/0x930 net/xfrm/xfrm_ipcomp.c:363 [] ipcomp4_init_state+0xb0/0x7d0 net/ipv4/ipcomp.c:137 [] __xfrm_init_state+0x3e7/0xb30 net/xfrm/xfrm_state.c:2096 [] xfrm_init_state+0x1a/0x20 net/xfrm/xfrm_state.c:2122 [] pfkey_msg2xfrm_state net/key/af_key.c:1281 [inline] [] pfkey_add+0x1fb9/0x3470 net/key/af_key.c:1498 [] pfkey_process+0x61e/0x730 net/key/af_key.c:2826 [] pfkey_sendmsg+0x3a9/0x760 net/key/af_key.c:3670 [] sock_sendmsg_nosec net/socket.c:635 [inline] [] sock_sendmsg+0xca/0x110 net/socket.c:645 [] ___sys_sendmsg+0x6d1/0x7e0 net/socket.c:1968 [] __sys_sendmsg+0xd6/0x190 net/socket.c:2002 [] SYSC_sendmsg net/socket.c:2013 [inline] [] SyS_sendmsg+0x2d/0x50 net/socket.c:2009 [] entry_SYSCALL_64_fastpath+0x23/0xc6 device gre0 entered promiscuous mode device gre0 entered promiscuous mode netlink: 1 bytes leftover after parsing attributes in process `syz-executor1'. device gre0 entered promiscuous mode netlink: 1 bytes leftover after parsing attributes in process `syz-executor1'. device gre0 entered promiscuous mode device gre0 entered promiscuous mode netlink: 1 bytes leftover after parsing attributes in process `syz-executor1'. netlink: 1 bytes leftover after parsing attributes in process `syz-executor1'. netlink: 5 bytes leftover after parsing attributes in process `syz-executor0'. netlink: 5 bytes leftover after parsing attributes in process `syz-executor0'. device gre0 entered promiscuous mode netlink: 2 bytes leftover after parsing attributes in process `syz-executor1'. device gre0 entered promiscuous mode netlink: 2 bytes leftover after parsing attributes in process `syz-executor1'. IPv6: Can't replace route, no match found IPv6: Can't replace route, no match found device gre0 entered promiscuous mode device gre0 entered promiscuous mode device gre0 entered promiscuous mode sock: sock_set_timeout: `syz-executor2' (pid 5497) tries to set negative timeout tc_ctl_action: received NO action attribs tc_ctl_action: received NO action attribs device gre0 entered promiscuous mode 9pnet_virtio: no channels available for device H H H H H H H H H H H H H H H H H H H H H H H H H H H H H H H H H H H H H H H H H H H H H H H H H H H H H H 9pnet_virtio: no channels available for device H device gre0 entered promiscuous mode device lo entered promiscuous mode device lo left promiscuous mode device lo entered promiscuous mode device ±BÞÓ*mqÐx”o‡3{© entered promiscuous mode device ±BÞÓ*mqÐx”o‡3{© left promiscuous mode device gre0 entered promiscuous mode device lo left promiscuous mode device ±BÞÓ*mqÐx”o‡3{© entered promiscuous mode device ±BÞÓ*mqÐx”o‡3{© left promiscuous mode device gre0 entered promiscuous mode device gre0 entered promiscuous mode device gre0 entered promiscuous mode device gre0 entered promiscuous mode device lo entered promiscuous mode device lo left promiscuous mode device gre0 entered promiscuous mode device lo entered promiscuous mode device lo left promiscuous mode IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE IPv6: NLM_F_CREATE should be set when creating new route IPv6: NLM_F_CREATE should be set when creating new route audit_printk_skb: 59 callbacks suppressed audit: type=1400 audit(1513124259.700:40): avc: denied { getattr } for pid=6033 comm="syz-executor2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor1/6050 caller is __this_cpu_preempt_check+0x1c/0x20 lib/smp_processor_id.c:62 CPU: 0 PID: 6050 Comm: syz-executor1 Not tainted 4.9.68-gfb66dc2 #107 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801cf4076d8 ffffffff81d90889 0000000000000000 ffffffff83c17800 ffffffff83f42ec0 ffff8801cd48b000 0000000000000003 ffff8801cf407718 ffffffff81df7854 ffff8801cf407730 ffffffff83f42ec0 dffffc0000000000 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] check_preemption_disabled+0x1d4/0x200 lib/smp_processor_id.c:46 [] __this_cpu_preempt_check+0x1c/0x20 lib/smp_processor_id.c:62 [] ipcomp_alloc_tfms net/xfrm/xfrm_ipcomp.c:286 [inline] [] ipcomp_init_state+0x188/0x930 net/xfrm/xfrm_ipcomp.c:363 [] ipcomp4_init_state+0xb0/0x7d0 net/ipv4/ipcomp.c:137 [] __xfrm_init_state+0x3e7/0xb30 net/xfrm/xfrm_state.c:2096 [] xfrm_init_state+0x1a/0x20 net/xfrm/xfrm_state.c:2122 [] pfkey_msg2xfrm_state net/key/af_key.c:1281 [inline] [] pfkey_add+0x1fb9/0x3470 net/key/af_key.c:1498 [] pfkey_process+0x61e/0x730 net/key/af_key.c:2826 [] pfkey_sendmsg+0x3a9/0x760 net/key/af_key.c:3670 [] sock_sendmsg_nosec net/socket.c:635 [inline] [] sock_sendmsg+0xca/0x110 net/socket.c:645 [] ___sys_sendmsg+0x6d1/0x7e0 net/socket.c:1968 [] __sys_sendmsg+0xd6/0x190 net/socket.c:2002 [] SYSC_sendmsg net/socket.c:2013 [inline] [] SyS_sendmsg+0x2d/0x50 net/socket.c:2009 [] entry_SYSCALL_64_fastpath+0x23/0xc6 BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor1/6077 caller is __this_cpu_preempt_check+0x1c/0x20 lib/smp_processor_id.c:62 CPU: 1 PID: 6077 Comm: syz-executor1 Not tainted 4.9.68-gfb66dc2 #107 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801ccda76d8 ffffffff81d90889 0000000000000001 ffffffff83c17800 ffffffff83f42ec0 ffff8801d5931800 0000000000000003 ffff8801ccda7718 ffffffff81df7854 ffff8801ccda7730 ffffffff83f42ec0 dffffc0000000000 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] check_preemption_disabled+0x1d4/0x200 lib/smp_processor_id.c:46 [] __this_cpu_preempt_check+0x1c/0x20 lib/smp_processor_id.c:62 [] ipcomp_alloc_tfms net/xfrm/xfrm_ipcomp.c:286 [inline] [] ipcomp_init_state+0x188/0x930 net/xfrm/xfrm_ipcomp.c:363 [] ipcomp4_init_state+0xb0/0x7d0 net/ipv4/ipcomp.c:137 [] __xfrm_init_state+0x3e7/0xb30 net/xfrm/xfrm_state.c:2096 [] xfrm_init_state+0x1a/0x20 net/xfrm/xfrm_state.c:2122 [] pfkey_msg2xfrm_state net/key/af_key.c:1281 [inline] [] pfkey_add+0x1fb9/0x3470 net/key/af_key.c:1498 [] pfkey_process+0x61e/0x730 net/key/af_key.c:2826 [] pfkey_sendmsg+0x3a9/0x760 net/key/af_key.c:3670 [] sock_sendmsg_nosec net/socket.c:635 [inline] [] sock_sendmsg+0xca/0x110 net/socket.c:645 [] ___sys_sendmsg+0x6d1/0x7e0 net/socket.c:1968 [] __sys_sendmsg+0xd6/0x190 net/socket.c:2002 [] SYSC_sendmsg net/socket.c:2013 [inline] [] SyS_sendmsg+0x2d/0x50 net/socket.c:2009 [] entry_SYSCALL_64_fastpath+0x23/0xc6 BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor1/6080 caller is __this_cpu_preempt_check+0x1c/0x20 lib/smp_processor_id.c:62 CPU: 0 PID: 6080 Comm: syz-executor1 Not tainted 4.9.68-gfb66dc2 #107 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801ad80f6d8 ffffffff81d90889 0000000000000000 ffffffff83c17800 ffffffff83f42ec0 ffff8801c68ab000 0000000000000003 ffff8801ad80f718 ffffffff81df7854 ffff8801ad80f730 ffffffff83f42ec0 dffffc0000000000 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] check_preemption_disabled+0x1d4/0x200 lib/smp_processor_id.c:46 [] __this_cpu_preempt_check+0x1c/0x20 lib/smp_processor_id.c:62 [] ipcomp_alloc_tfms net/xfrm/xfrm_ipcomp.c:286 [inline] [] ipcomp_init_state+0x188/0x930 net/xfrm/xfrm_ipcomp.c:363 [] ipcomp4_init_state+0xb0/0x7d0 net/ipv4/ipcomp.c:137 [] __xfrm_init_state+0x3e7/0xb30 net/xfrm/xfrm_state.c:2096 [] xfrm_init_state+0x1a/0x20 net/xfrm/xfrm_state.c:2122 [] pfkey_msg2xfrm_state net/key/af_key.c:1281 [inline] [] pfkey_add+0x1fb9/0x3470 net/key/af_key.c:1498 [] pfkey_process+0x61e/0x730 net/key/af_key.c:2826 [] pfkey_sendmsg+0x3a9/0x760 net/key/af_key.c:3670 [] sock_sendmsg_nosec net/socket.c:635 [inline] [] sock_sendmsg+0xca/0x110 net/socket.c:645 [] ___sys_sendmsg+0x6d1/0x7e0 net/socket.c:1968 [] __sys_sendmsg+0xd6/0x190 net/socket.c:2002 [] SYSC_sendmsg net/socket.c:2013 [inline] [] SyS_sendmsg+0x2d/0x50 net/socket.c:2009 [] entry_SYSCALL_64_fastpath+0x23/0xc6 nla_parse: 8 callbacks suppressed netlink: 2 bytes leftover after parsing attributes in process `syz-executor4'. device gre0 entered promiscuous mode netlink: 2 bytes leftover after parsing attributes in process `syz-executor4'. SELinux: unrecognized netlink message: protocol=4 nlmsg_type=770 sclass=netlink_tcpdiag_socket pig=6138 comm=syz-executor2 netlink: 2 bytes leftover after parsing attributes in process `syz-executor4'. netlink: 2 bytes leftover after parsing attributes in process `syz-executor4'. SELinux: unrecognized netlink message: protocol=4 nlmsg_type=770 sclass=netlink_tcpdiag_socket pig=6152 comm=syz-executor2 device gre0 entered promiscuous mode device gre0 entered promiscuous mode BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor5/6207 caller is __this_cpu_preempt_check+0x1c/0x20 lib/smp_processor_id.c:62 CPU: 0 PID: 6207 Comm: syz-executor5 Not tainted 4.9.68-gfb66dc2 #107 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801cd4bf6d8 ffffffff81d90889 0000000000000000 ffffffff83c17800 ffffffff83f42ec0 ffff8801c62b3000 0000000000000003 ffff8801cd4bf718 ffffffff81df7854 ffff8801cd4bf730 ffffffff83f42ec0 dffffc0000000000 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] check_preemption_disabled+0x1d4/0x200 lib/smp_processor_id.c:46 [] __this_cpu_preempt_check+0x1c/0x20 lib/smp_processor_id.c:62 [] ipcomp_alloc_tfms net/xfrm/xfrm_ipcomp.c:286 [inline] [] ipcomp_init_state+0x188/0x930 net/xfrm/xfrm_ipcomp.c:363 [] ipcomp4_init_state+0xb0/0x7d0 net/ipv4/ipcomp.c:137 [] __xfrm_init_state+0x3e7/0xb30 net/xfrm/xfrm_state.c:2096 [] xfrm_init_state+0x1a/0x20 net/xfrm/xfrm_state.c:2122 [] pfkey_msg2xfrm_state net/key/af_key.c:1281 [inline] [] pfkey_add+0x1fb9/0x3470 net/key/af_key.c:1498 [] pfkey_process+0x61e/0x730 net/key/af_key.c:2826 [] pfkey_sendmsg+0x3a9/0x760 net/key/af_key.c:3670 [] sock_sendmsg_nosec net/socket.c:635 [inline] [] sock_sendmsg+0xca/0x110 net/socket.c:645 [] ___sys_sendmsg+0x6d1/0x7e0 net/socket.c:1968 [] __sys_sendmsg+0xd6/0x190 net/socket.c:2002 [] SYSC_sendmsg net/socket.c:2013 [inline] [] SyS_sendmsg+0x2d/0x50 net/socket.c:2009 [] entry_SYSCALL_64_fastpath+0x23/0xc6 device gre0 entered promiscuous mode BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor1/6322 caller is __this_cpu_preempt_check+0x1c/0x20 lib/smp_processor_id.c:62 CPU: 0 PID: 6322 Comm: syz-executor1 Not tainted 4.9.68-gfb66dc2 #107 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801c3adf6d8 ffffffff81d90889 0000000000000000 ffffffff83c17800 ffffffff83f42ec0 ffff8801c2946000 0000000000000003 ffff8801c3adf718 ffffffff81df7854 ffff8801c3adf730 ffffffff83f42ec0 dffffc0000000000 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] check_preemption_disabled+0x1d4/0x200 lib/smp_processor_id.c:46 [] __this_cpu_preempt_check+0x1c/0x20 lib/smp_processor_id.c:62 [] ipcomp_alloc_tfms net/xfrm/xfrm_ipcomp.c:286 [inline] [] ipcomp_init_state+0x188/0x930 net/xfrm/xfrm_ipcomp.c:363 [] ipcomp4_init_state+0xb0/0x7d0 net/ipv4/ipcomp.c:137 [] __xfrm_init_state+0x3e7/0xb30 net/xfrm/xfrm_state.c:2096 [] xfrm_init_state+0x1a/0x20 net/xfrm/xfrm_state.c:2122 [] pfkey_msg2xfrm_state net/key/af_key.c:1281 [inline] [] pfkey_add+0x1fb9/0x3470 net/key/af_key.c:1498 [] pfkey_process+0x61e/0x730 net/key/af_key.c:2826 [] pfkey_sendmsg+0x3a9/0x760 net/key/af_key.c:3670 [] sock_sendmsg_nosec net/socket.c:635 [inline] [] sock_sendmsg+0xca/0x110 net/socket.c:645 [] ___sys_sendmsg+0x6d1/0x7e0 net/socket.c:1968 [] __sys_sendmsg+0xd6/0x190 net/socket.c:2002 [] SYSC_sendmsg net/socket.c:2013 [inline] [] SyS_sendmsg+0x2d/0x50 net/socket.c:2009 [] entry_SYSCALL_64_fastpath+0x23/0xc6 BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor5/6330 caller is __this_cpu_preempt_check+0x1c/0x20 lib/smp_processor_id.c:62 CPU: 1 PID: 6330 Comm: syz-executor5 Not tainted 4.9.68-gfb66dc2 #107 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801cf5876d8 ffffffff81d90889 0000000000000001 ffffffff83c17800 ffffffff83f42ec0 ffff8801a950b000 0000000000000003 ffff8801cf587718 ffffffff81df7854 ffff8801cf587730 ffffffff83f42ec0 dffffc0000000000 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] check_preemption_disabled+0x1d4/0x200 lib/smp_processor_id.c:46 [] __this_cpu_preempt_check+0x1c/0x20 lib/smp_processor_id.c:62 [] ipcomp_alloc_tfms net/xfrm/xfrm_ipcomp.c:286 [inline] [] ipcomp_init_state+0x188/0x930 net/xfrm/xfrm_ipcomp.c:363 [] ipcomp4_init_state+0xb0/0x7d0 net/ipv4/ipcomp.c:137 [] __xfrm_init_state+0x3e7/0xb30 net/xfrm/xfrm_state.c:2096 [] xfrm_init_state+0x1a/0x20 net/xfrm/xfrm_state.c:2122 [] pfkey_msg2xfrm_state net/key/af_key.c:1281 [inline] [] pfkey_add+0x1fb9/0x3470 net/key/af_key.c:1498 [] pfkey_process+0x61e/0x730 net/key/af_key.c:2826 [] pfkey_sendmsg+0x3a9/0x760 net/key/af_key.c:3670 [] sock_sendmsg_nosec net/socket.c:635 [inline] [] sock_sendmsg+0xca/0x110 net/socket.c:645 [] ___sys_sendmsg+0x6d1/0x7e0 net/socket.c:1968 [] __sys_sendmsg+0xd6/0x190 net/socket.c:2002 [] SYSC_sendmsg net/socket.c:2013 [inline] [] SyS_sendmsg+0x2d/0x50 net/socket.c:2009 [] entry_SYSCALL_64_fastpath+0x23/0xc6 BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor1/6364 caller is __this_cpu_preempt_check+0x1c/0x20 lib/smp_processor_id.c:62 CPU: 0 PID: 6364 Comm: syz-executor1 Not tainted 4.9.68-gfb66dc2 #107 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801ac14f6d8 ffffffff81d90889 0000000000000000 ffffffff83c17800 ffffffff83f42ec0 ffff8801c94a3000 0000000000000003 ffff8801ac14f718 ffffffff81df7854 ffff8801ac14f730 ffffffff83f42ec0 dffffc0000000000 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] check_preemption_disabled+0x1d4/0x200 lib/smp_processor_id.c:46 [] __this_cpu_preempt_check+0x1c/0x20 lib/smp_processor_id.c:62 [] ipcomp_alloc_tfms net/xfrm/xfrm_ipcomp.c:286 [inline] [] ipcomp_init_state+0x188/0x930 net/xfrm/xfrm_ipcomp.c:363 [] ipcomp4_init_state+0xb0/0x7d0 net/ipv4/ipcomp.c:137 [] __xfrm_init_state+0x3e7/0xb30 net/xfrm/xfrm_state.c:2096 [] xfrm_init_state+0x1a/0x20 net/xfrm/xfrm_state.c:2122 [] pfkey_msg2xfrm_state net/key/af_key.c:1281 [inline] [] pfkey_add+0x1fb9/0x3470 net/key/af_key.c:1498 [] pfkey_process+0x61e/0x730 net/key/af_key.c:2826 [] pfkey_sendmsg+0x3a9/0x760 net/key/af_key.c:3670 [] sock_sendmsg_nosec net/socket.c:635 [inline] [] sock_sendmsg+0xca/0x110 net/socket.c:645 [] ___sys_sendmsg+0x6d1/0x7e0 net/socket.c:1968 [] __sys_sendmsg+0xd6/0x190 net/socket.c:2002 [] SYSC_sendmsg net/socket.c:2013 [inline] [] SyS_sendmsg+0x2d/0x50 net/socket.c:2009 [] entry_SYSCALL_64_fastpath+0x23/0xc6 device gre0 entered promiscuous mode BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor1/6451 caller is __this_cpu_preempt_check+0x1c/0x20 lib/smp_processor_id.c:62 CPU: 1 PID: 6451 Comm: syz-executor1 Not tainted 4.9.68-gfb66dc2 #107 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801a92676d8 ffffffff81d90889[ 39.581836] device gre0 entered promiscuous mode 0000000000000001 ffffffff83c17800 ffffffff83f42ec0 ffff8801a957b000 0000000000000003 ffff8801a9267718 ffffffff81df7854 ffff8801a9267730 ffffffff83f42ec0 dffffc0000000000 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] check_preemption_disabled+0x1d4/0x200 lib/smp_processor_id.c:46 [] __this_cpu_preempt_check+0x1c/0x20 lib/smp_processor_id.c:62 [] ipcomp_alloc_tfms net/xfrm/xfrm_ipcomp.c:286 [inline] [] ipcomp_init_state+0x188/0x930 net/xfrm/xfrm_ipcomp.c:363 [] ipcomp4_init_state+0xb0/0x7d0 net/ipv4/ipcomp.c:137 [] __xfrm_init_state+0x3e7/0xb30 net/xfrm/xfrm_state.c:2096 [] xfrm_init_state+0x1a/0x20 net/xfrm/xfrm_state.c:2122 [] pfkey_msg2xfrm_state net/key/af_key.c:1281 [inline] [] pfkey_add+0x1fb9/0x3470 net/key/af_key.c:1498 [] pfkey_process+0x61e/0x730 net/key/af_key.c:2826 [] pfkey_sendmsg+0x3a9/0x760 net/key/af_key.c:3670 [] sock_sendmsg_nosec net/socket.c:635 [inline] [] sock_sendmsg+0xca/0x110 net/socket.c:645 [] ___sys_sendmsg+0x6d1/0x7e0 net/socket.c:1968 [] __sys_sendmsg+0xd6/0x190 net/socket.c:2002 [] SYSC_sendmsg net/socket.c:2013 [inline] [] SyS_sendmsg+0x2d/0x50 net/socket.c:2009 [] entry_SYSCALL_64_fastpath+0x23/0xc6 BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor1/6485 caller is __this_cpu_preempt_check+0x1c/0x20 lib/smp_processor_id.c:62 CPU: 1 PID: 6485 Comm: syz-executor1 Not tainted 4.9.68-gfb66dc2 #107 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801d18cf6d8 ffffffff81d90889 0000000000000001 ffffffff83c17800 ffffffff83f42ec0 ffff8801a957e000 0000000000000003 ffff8801d18cf718 ffffffff81df7854 ffff8801d18cf730 ffffffff83f42ec0 dffffc0000000000 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] check_preemption_disabled+0x1d4/0x200 lib/smp_processor_id.c:46 [] __this_cpu_preempt_check+0x1c/0x20 lib/smp_processor_id.c:62 [] ipcomp_alloc_tfms net/xfrm/xfrm_ipcomp.c:286 [inline] [] ipcomp_init_state+0x188/0x930 net/xfrm/xfrm_ipcomp.c:363 [] ipcomp4_init_state+0xb0/0x7d0 net/ipv4/ipcomp.c:137 [] __xfrm_init_state+0x3e7/0xb30 net/xfrm/xfrm_state.c:2096 [] xfrm_init_state+0x1a/0x20 net/xfrm/xfrm_state.c:2122 [] pfkey_msg2xfrm_state net/key/af_key.c:1281 [inline] [] pfkey_add+0x1fb9/0x3470 net/key/af_key.c:1498 [] pfkey_process+0x61e/0x730 net/key/af_key.c:2826 [] pfkey_sendmsg+0x3a9/0x760 net/key/af_key.c:3670 [] sock_sendmsg_nosec net/socket.c:635 [inline] [] sock_sendmsg+0xca/0x110 net/socket.c:645 [] ___sys_sendmsg+0x6d1/0x7e0 net/socket.c:1968 [] __sys_sendmsg+0xd6/0x190 net/socket.c:2002 [] SYSC_sendmsg net/socket.c:2013 [inline] [] SyS_sendmsg+0x2d/0x50 net/socket.c:2009 [] entry_SYSCALL_64_fastpath+0x23/0xc6 device gre0 entered promiscuous mode