proc: unrecognized mount option "µ" or missing value BUG: using __this_cpu_add() in preemptible [00000000] code: syz-executor1/5429 caller is __this_cpu_preempt_check+0x1c/0x20 lib/smp_processor_id.c:62 CPU: 0 PID: 5429 Comm: syz-executor1 Not tainted 4.4.113-g962d1f3 #2 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 17f5726a960af03f ffff8800ad68f800 ffffffff81d028ed 0000000000000000 ffffffff839fe3a0 ffffffff83cef6a0 ffff8801c749df00 0000000000000003 ffff8800ad68f840 ffffffff81d62834 ffffffff810002b8 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x124 lib/dump_stack.c:51 [] check_preemption_disabled+0x1d4/0x200 lib/smp_processor_id.c:46 [] ? 0xffffffff810002b8 [] __this_cpu_preempt_check+0x1c/0x20 lib/smp_processor_id.c:62 [] tcp_try_coalesce+0x249/0x4d0 net/ipv4/tcp_input.c:4278 [] tcp_queue_rcv+0x127/0x720 net/ipv4/tcp_input.c:4485 [] tcp_send_rcvq+0x39b/0x450 net/ipv4/tcp_input.c:4531 [] tcp_sendmsg+0x1e8f/0x2b10 net/ipv4/tcp.c:1134 [] inet_sendmsg+0x2bc/0x4c0 net/ipv4/af_inet.c:755 [] sock_sendmsg_nosec net/socket.c:625 [inline] [] sock_sendmsg+0xca/0x110 net/socket.c:635 [] SYSC_sendto+0x2c8/0x340 net/socket.c:1665 [] SyS_sendto+0x40/0x50 net/socket.c:1633 [] entry_SYSCALL_64_fastpath+0x1c/0x98 capability: warning: `syz-executor1' uses 32-bit capabilities (legacy support in use) proc: unrecognized mount option "µ" or missing value audit: type=1400 audit(1517387518.872:7): avc: denied { setattr } for pid=5477 comm="syz-executor1" name="comm" dev="proc" ino=12626 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=file permissive=1 audit: type=1400 audit(1517387519.382:8): avc: denied { set_context_mgr } for pid=5619 comm="syz-executor5" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=binder permissive=1 audit: type=1400 audit(1517387519.442:9): avc: denied { call } for pid=5619 comm="syz-executor5" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=binder permissive=1 binder_alloc: binder_alloc_mmap_handler: 5619 20265000-20279000 already mapped failed -16 binder: BINDER_SET_CONTEXT_MGR already set binder: 5619:5621 ioctl 40046207 0 returned -16 binder_alloc: 5619: binder_alloc_buf, no vma binder: 5619:5636 transaction failed 29189/-3, size 0-0 line 3128 audit: type=1400 audit(1517387519.522:10): avc: denied { create } for pid=5656 comm="syz-executor6" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 binder: undelivered TRANSACTION_ERROR: 29189 binder: 5684:5691 BC_FREE_BUFFER u0000000000000000 no match binder: 5684:5705 BC_FREE_BUFFER u0000000000000000 no match SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2174 sclass=netlink_route_socket binder_alloc: binder_alloc_mmap_handler: 5915 201a2000-201a5000 already mapped failed -16 binder_alloc: binder_alloc_mmap_handler: 5915 201a2000-201a5000 already mapped failed -16 binder: 5984:5994 Acquire 1 refcount change on invalid ref 0 ret -22 binder: 5984:5994 BC_REQUEST_DEATH_NOTIFICATION invalid ref 0 audit: type=1400 audit(1517387522.182:11): avc: denied { write } for pid=6005 comm="syz-executor2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 binder: 5984:6022 Acquire 1 refcount change on invalid ref 0 ret -22 binder: 5984:6022 BC_REQUEST_DEATH_NOTIFICATION invalid ref 0 audit: type=1400 audit(1517387522.482:12): avc: denied { read } for pid=6088 comm="syz-executor2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 audit_printk_skb: 9 callbacks suppressed audit: type=1400 audit(1517387523.032:16): avc: denied { write } for pid=6274 comm="syz-executor0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 TCP: request_sock_TCP: Possible SYN flooding on port 20010. Sending cookies. Check SNMP counters. audit: type=1400 audit(1517387523.692:17): avc: denied { create } for pid=6330 comm="syz-executor5" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_crypto_socket permissive=1 audit: type=1400 audit(1517387524.102:18): avc: denied { connect } for pid=6440 comm="syz-executor1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 SELinux: unrecognized netlink message: protocol=4 nlmsg_type=44 sclass=netlink_tcpdiag_socket netlink: 40 bytes leftover after parsing attributes in process `syz-executor1'. SELinux: unrecognized netlink message: protocol=4 nlmsg_type=44 sclass=netlink_tcpdiag_socket audit: type=1326 audit(1517387525.052:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=6681 comm="syz-executor1" exe="/root/syz-executor1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x453299 code=0x0 audit: type=1326 audit(1517387525.132:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=6681 comm="syz-executor1" exe="/root/syz-executor1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x453299 code=0x0 binder: 6817:6822 got reply transaction with no transaction stack skbuff: bad partial csum: csum=65534/0 len=48 binder: 6817:6822 transaction failed 29201/-71, size 32-0 line 2921 binder: undelivered TRANSACTION_ERROR: 29201 binder: 6817:6839 got reply transaction with no transaction stack binder: 6817:6839 transaction failed 29201/-71, size 32-0 line 2921 binder: undelivered TRANSACTION_ERROR: 29201 mmap: syz-executor4 (6956) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.txt. IPVS: Creating netns size=2552 id=9 pktgen: kernel_thread() failed for cpu 0 pktgen: Cannot create thread for cpu 0 (-4) pktgen: kernel_thread() failed for cpu 1 pktgen: Cannot create thread for cpu 1 (-4) pktgen: Initialization failed for all threads kasan: CONFIG_KASAN_INLINE enabled kasan: GPF could be caused by NULL-ptr deref or user memory accessgeneral protection fault: 0000 [#1] PREEMPT SMP KASAN Dumping ftrace buffer: (ftrace buffer empty) Modules linked in: CPU: 0 PID: 6977 Comm: syz-executor1 Not tainted 4.4.113-g962d1f3 #2 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 task: ffff8800b8c4c740 task.stack: ffff8801d7070000 RIP: 0010:[] [] __read_once_size include/linux/compiler.h:218 [inline] RIP: 0010:[] [] nfqnl_nf_hook_drop+0x190/0x3a0 net/netfilter/nfnetlink_queue.c:879 RSP: 0018:ffff8801d7077998 EFLAGS: 00010202 RAX: 0000000000000007 RBX: 0000000000000003 RCX: ffffffff82f9b839 RDX: 0000000000010000 RSI: ffffc90003bcf000 RDI: ffffffff847eb500 RBP: ffff8801d70779c8 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000000000000 R11: 1ffff1003ae0eefe R12: dffffc0000000000 R13: ffff8800b4e8af68 R14: 0000000000000038 R15: 00000000000000b8 FS: 00007fb0ab5f9700(0000) GS:ffff8801db200000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00000000006faad4 CR3: 00000000b5a3e000 CR4: 0000000000160670 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Stack: ffffffff82f9b7b0 ffffffff83cc6560 ffff8801c59c9e00 ffff8800b4e8af68 ffff8800b4e8af68 ffff8800b4e8af60 ffff8801d70779f8 ffffffff82f936fe ffffffff82f93640 ffffffff843e3760 ffff8801c59ca8b8 dffffc0000000000 Call Trace: [] nf_queue_nf_hook_drop+0xbe/0x1d0 net/netfilter/nf_queue.c:108 [] nf_unregister_net_hook+0x2ab/0x350 net/netfilter/core.c:154 [] nf_unregister_hook_list net/netfilter/core.c:434 [inline] [] netfilter_net_exit+0x40/0xb0 net/netfilter/core.c:466 [] ops_exit_list.isra.4+0xae/0x150 net/core/net_namespace.c:134 [] setup_net+0x221/0x3e0 net/core/net_namespace.c:303 [] copy_net_ns+0xd2/0x190 net/core/net_namespace.c:369 [] create_new_namespaces+0x2f6/0x610 kernel/nsproxy.c:95 [] copy_namespaces+0x291/0x320 kernel/nsproxy.c:150 [] copy_process+0x1d98/0x6120 kernel/fork.c:1506 [] _do_fork+0x151/0xe00 kernel/fork.c:1784 [] SYSC_clone kernel/fork.c:1893 [inline] [] SyS_clone+0x37/0x50 kernel/fork.c:1887 [] entry_SYSCALL_64_fastpath+0x1c/0x98 Code: f7 83 01 00 0f 84 d8 00 00 00 4d 8d 77 38 49 bc 00 00 00 00 00 fc ff df 49 81 c7 b8 00 00 00 e8 57 45 3c fe 4c 89 f0 48 c1 e8 03 <42> 80 3c 20 00 0f 85 f4 01 00 00 49 8b 1e e8 0d 97 2e fe 48 85 RIP [] __read_once_size include/linux/compiler.h:218 [inline] RIP [] nfqnl_nf_hook_drop+0x190/0x3a0 net/netfilter/nfnetlink_queue.c:879 RSP ---[ end trace 223f79e4a110bf51 ]---