BUG: using __this_cpu_add() in preemptible [00000000] code: syz-executor7/16750 caller is __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62 CPU: 1 PID: 16750 Comm: syz-executor7 Not tainted 4.4.105-g8a53962 #3 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 e53b45f9f0fb88b0 ffff8801d7687740 ffffffff81cc9b0f 0000000000000001 ffffffff839fd4a0 ffff8801d7687780 ffffffff81d28d18 ffffffff83ced1a0 1ffff1003aed0ef7 ffff8801d1ba4d80 ffff8801d1ba5d40 Call Trace: [] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline] [] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51 [] check_preemption_disabled+0x1b8/0x1f0 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:46 [] __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62 [] tcp_try_coalesce+0x200/0x4b0 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/tcp_input.c:4278 [] tcp_queue_rcv+0xfe/0x720 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/tcp_input.c:4485 [] tcp_send_rcvq+0x391/0x4a0 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/tcp_input.c:4531 [] tcp_sendmsg+0x1d1c/0x36a0 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/tcp.c:1134 [] inet_sendmsg+0x26c/0x430 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/af_inet.c:755 [] sock_sendmsg_nosec /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:625 [inline] [] sock_sendmsg+0xb5/0xf0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:635 [] sock_write_iter+0x1ea/0x3d0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:834 [] new_sync_write /syzkaller/managers/android-44-kasan-gce/kernel/fs/read_write.c:478 [inline] [] __vfs_write+0x2a1/0x3f0 /syzkaller/managers/android-44-kasan-gce/kernel/fs/read_write.c:491 [] vfs_write+0x14b/0x520 /syzkaller/managers/android-44-kasan-gce/kernel/fs/read_write.c:538 [] SYSC_write /syzkaller/managers/android-44-kasan-gce/kernel/fs/read_write.c:585 [inline] [] SyS_write+0xd3/0x1c0 /syzkaller/managers/android-44-kasan-gce/kernel/fs/read_write.c:577 [] entry_SYSCALL_64_fastpath+0x16/0x76 netlink: 5 bytes leftover after parsing attributes in process `syz-executor2'. netlink: 8 bytes leftover after parsing attributes in process `syz-executor2'. netlink: 5 bytes leftover after parsing attributes in process `syz-executor2'. netlink: 8 bytes leftover after parsing attributes in process `syz-executor2'. device gre0 entered promiscuous mode SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket FAULT_FLAG_ALLOW_RETRY missing 30 FAULT_FLAG_ALLOW_RETRY missing 30 CPU: 0 PID: 16827 Comm: syz-executor4 Not tainted 4.4.105-g8a53962 #3 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 6f6a352c0d6df046 ffff8801d1c37980 ffffffff81cc9b0f 1ffff1003a386f3b 0000000000000030 ffff8801d1c37b20 ffffffff815db6db ffff8801d6251d60 ffff8801d6251d60 ffff8801d6251d60 ffff8801d1c37af8 Call Trace: [] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline] [] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51 [] handle_userfault+0x75b/0x1570 /syzkaller/managers/android-44-kasan-gce/kernel/fs/userfaultfd.c:316 [] do_anonymous_page /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:2731 [inline] [] handle_pte_fault /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3295 [inline] [] __handle_mm_fault /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3426 [inline] [] handle_mm_fault+0x2731/0x39b0 /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3455 [] __do_page_fault+0x2d0/0x910 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/mm/fault.c:1245 [] do_page_fault+0x22/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/mm/fault.c:1308 [] page_fault+0x28/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/entry/entry_64.S:985 [] entry_SYSCALL_64_fastpath+0x16/0x76 FAULT_FLAG_ALLOW_RETRY missing 30 CPU: 0 PID: 16819 Comm: syz-executor4 Not tainted 4.4.105-g8a53962 #3 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 9da4811393ee7f48 ffff8801d2e1f920 ffffffff81cc9b0f 1ffff1003a5c3f2f 0000000000000030 ffff8801d2e1fac0 ffffffff815db6db ffff8801d6251d60 ffff8801d6251d60 ffff8801d6251d60 ffff8801d2e1fa98 Call Trace: [] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline] [] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51 [] handle_userfault+0x75b/0x1570 /syzkaller/managers/android-44-kasan-gce/kernel/fs/userfaultfd.c:316 [] do_anonymous_page /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:2731 [inline] [] handle_pte_fault /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3295 [inline] [] __handle_mm_fault /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3426 [inline] [] handle_mm_fault+0x2731/0x39b0 /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3455 [] __do_page_fault+0x2d0/0x910 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/mm/fault.c:1245 [] do_page_fault+0x22/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/mm/fault.c:1308 [] page_fault+0x28/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/entry/entry_64.S:985 [] entry_SYSCALL_64_fastpath+0x16/0x76 CPU: 1 PID: 16837 Comm: syz-executor4 Not tainted 4.4.105-g8a53962 #3 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 9ee6c52e15e326e6 ffff8801d2c27970 ffffffff81cc9b0f 1ffff1003a584f39 0000000000000030 ffff8801d2c27b10 ffffffff815db6db ffff8801d6251d60 ffff8801d6251d60 ffff8801d6251d60 ffff8801d2c27ae8 Call Trace: [] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline] [] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51 [] handle_userfault+0x75b/0x1570 /syzkaller/managers/android-44-kasan-gce/kernel/fs/userfaultfd.c:316 [] do_anonymous_page /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:2731 [inline] [] handle_pte_fault /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3295 [inline] [] __handle_mm_fault /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3426 [inline] [] handle_mm_fault+0x2731/0x39b0 /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3455 [] __do_page_fault+0x2d0/0x910 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/mm/fault.c:1245 [] do_page_fault+0x22/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/mm/fault.c:1308 [] page_fault+0x28/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/entry/entry_64.S:985 [] entry_SYSCALL_64_fastpath+0x16/0x76 FAULT_FLAG_ALLOW_RETRY missing 30 FAULT_FLAG_ALLOW_RETRY missing 30 CPU: 1 PID: 16827 Comm: syz-executor4 Not tainted 4.4.105-g8a53962 #3 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 6f6a352c0d6df046 ffff8801d1c37920 ffffffff81cc9b0f 1ffff1003a386f2f 0000000000000030 ffff8801d1c37ac0 ffffffff815db6db ffff8801d6251d60 ffff8801d6251d60 ffff8801d6251d60 ffff8801d1c37a98 Call Trace: [] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline] [] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51 [] handle_userfault+0x75b/0x1570 /syzkaller/managers/android-44-kasan-gce/kernel/fs/userfaultfd.c:316 [] do_anonymous_page /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:2731 [inline] [] handle_pte_fault /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3295 [inline] [] __handle_mm_fault /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3426 [inline] [] handle_mm_fault+0x2731/0x39b0 /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3455 [] __do_page_fault+0x2d0/0x910 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/mm/fault.c:1245 [] do_page_fault+0x22/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/mm/fault.c:1308 [] page_fault+0x28/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/entry/entry_64.S:985 [] entry_SYSCALL_64_fastpath+0x16/0x76 FAULT_FLAG_ALLOW_RETRY missing 30 CPU: 1 PID: 16819 Comm: syz-executor4 Not tainted 4.4.105-g8a53962 #3 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 9da4811393ee7f48 ffff8801d2e1f970 ffffffff81cc9b0f 1ffff1003a5c3f39 0000000000000030 ffff8801d2e1fb10 ffffffff815db6db ffff8801d6251d60 ffff8801d6251d60 ffff8801d6251d60 ffff8801d2e1fae8 Call Trace: [] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline] [] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51 [] handle_userfault+0x75b/0x1570 /syzkaller/managers/android-44-kasan-gce/kernel/fs/userfaultfd.c:316 [] do_anonymous_page /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:2731 [inline] [] handle_pte_fault /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3295 [inline] [] __handle_mm_fault /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3426 [inline] [] handle_mm_fault+0x2731/0x39b0 /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3455 [] __do_page_fault+0x2d0/0x910 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/mm/fault.c:1245 [] do_page_fault+0x22/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/mm/fault.c:1308 [] page_fault+0x28/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/entry/entry_64.S:985 [] entry_SYSCALL_64_fastpath+0x16/0x76 FAULT_FLAG_ALLOW_RETRY missing 30 CPU: 1 PID: 16895 Comm: syz-executor2 Not tainted 4.4.105-g8a53962 #3 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 2ebf0562d8bb1fc4 ffff8800b7dd7980 ffffffff81cc9b0f 1ffff10016fbaf3b 0000000000000030 ffff8800b7dd7b20 ffffffff815db6db ffff8801d6256820 ffff8801d6256820 ffff8801d6256820 ffff8800b7dd7af8 Call Trace: [] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline] [] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51 [] handle_userfault+0x75b/0x1570 /syzkaller/managers/android-44-kasan-gce/kernel/fs/userfaultfd.c:316 [] do_anonymous_page /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:2731 [inline] [] handle_pte_fault /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3295 [inline] [] __handle_mm_fault /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3426 [inline] [] handle_mm_fault+0x2731/0x39b0 /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3455 [] __do_page_fault+0x2d0/0x910 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/mm/fault.c:1245 [] do_page_fault+0x22/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/mm/fault.c:1308 [] page_fault+0x28/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/entry/entry_64.S:985 [] entry_SYSCALL_64_fastpath+0x16/0x76 FAULT_FLAG_ALLOW_RETRY missing 30 CPU: 1 PID: 16882 Comm: syz-executor2 Not tainted 4.4.105-g8a53962 #3 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 deaf58d99574dee9 ffff8801d790f920 ffffffff81cc9b0f 1ffff1003af21f2f 0000000000000030 ffff8801d790fac0 ffffffff815db6db ffff8801d6256820 ffff8801d6256820 ffff8801d6256820 ffff8801d790fa98 Call Trace: [] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline] [] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51 [] handle_userfault+0x75b/0x1570 /syzkaller/managers/android-44-kasan-gce/kernel/fs/userfaultfd.c:316 [] do_anonymous_page /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:2731 [inline] [] handle_pte_fault /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3295 [inline] [] __handle_mm_fault /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3426 [inline] [] handle_mm_fault+0x2731/0x39b0 /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3455 [] __do_page_fault+0x2d0/0x910 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/mm/fault.c:1245 [] do_page_fault+0x22/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/mm/fault.c:1308 [] page_fault+0x28/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/entry/entry_64.S:985 [] entry_SYSCALL_64_fastpath+0x16/0x76 CPU: 1 PID: 16837 Comm: syz-executor4 Not tainted 4.4.105-g8a53962 #3 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 9ee6c52e15e326e6 ffff8801d2c27980 ffffffff81cc9b0f 1ffff1003a584f3b 0000000000000030 ffff8801d2c27b20 ffffffff815db6db ffff8801d6251d60 ffff8801d6251d60 ffff8801d6251d60 ffff8801d2c27af8 Call Trace: [] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline] [] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51 [] handle_userfault+0x75b/0x1570 /syzkaller/managers/android-44-kasan-gce/kernel/fs/userfaultfd.c:316 [] do_anonymous_page /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:2731 [inline] [] handle_pte_fault /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3295 [inline] [] __handle_mm_fault /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3426 [inline] [] handle_mm_fault+0x2731/0x39b0 /syzkaller/managers/android-44-kasan-gce/kernel/mm/memory.c:3455 [] __do_page_fault+0x2d0/0x910 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/mm/fault.c:1245 [] do_page_fault+0x22/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/mm/fault.c:1308 [] page_fault+0x28/0x30 /syzkaller/managers/android-44-kasan-gce/kernel/arch/x86/entry/entry_64.S:985 [] entry_SYSCALL_64_fastpath+0x16/0x76 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket netlink: 5 bytes leftover after parsing attributes in process `syz-executor3'. netlink: 5 bytes leftover after parsing attributes in process `syz-executor1'. netlink: 5 bytes leftover after parsing attributes in process `syz-executor3'. SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1792 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1792 sclass=netlink_route_socket netlink: 6 bytes leftover after parsing attributes in process `syz-executor7'. device gre0 entered promiscuous mode sock: sock_set_timeout: `syz-executor4' (pid 17615) tries to set negative timeout sock: sock_set_timeout: `syz-executor4' (pid 17639) tries to set negative timeout device gre0 entered promiscuous mode TCP: request_sock_TCP: Possible SYN flooding on port 20010. Sending cookies. Check SNMP counters. device gre0 entered promiscuous mode nla_parse: 3 callbacks suppressed netlink: 2 bytes leftover after parsing attributes in process `syz-executor4'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 2 bytes leftover after parsing attributes in process `syz-executor4'. netlink: 2 bytes leftover after parsing attributes in process `syz-executor4'. netlink: 2 bytes leftover after parsing attributes in process `syz-executor4'. netlink: 5 bytes leftover after parsing attributes in process `syz-executor5'. netlink: 5 bytes leftover after parsing attributes in process `syz-executor4'. netlink: 5 bytes leftover after parsing attributes in process `syz-executor4'. netlink: 5 bytes leftover after parsing attributes in process `syz-executor5'. device gre0 entered promiscuous mode PF_BRIDGE: RTM_SETLINK with unknown ifindex Option ' ä…õ ø' to dns_resolver key: bad/missing value PF_BRIDGE: RTM_SETLINK with unknown ifindex Option ' ä…õ ø' to dns_resolver key: bad/missing value TCP: request_sock_TCPv6: Possible SYN flooding on port 20030. Sending cookies. Check SNMP counters. TCP: request_sock_TCP: Possible SYN flooding on port 20022. Sending cookies. Check SNMP counters. TCP: request_sock_TCP: Possible SYN flooding on port 20010. Sending cookies. Check SNMP counters. TCP: request_sock_TCPv6: Possible SYN flooding on port 20026. Sending cookies. Check SNMP counters. SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=257 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=257 sclass=netlink_route_socket PF_BRIDGE: RTM_SETLINK with unknown ifindex Option ' ä…õ ø' to dns_resolver key: bad/missing value PF_BRIDGE: RTM_SETLINK with unknown ifindex Option ' ä…õ ø' to dns_resolver key: bad/missing value TCP: request_sock_TCP: Possible SYN flooding on port 20006. Sending cookies. Check SNMP counters.