============================= WARNING: suspicious RCU usage 4.15.0-rc8+ #271 Not tainted ----------------------------- ./include/linux/rcupdate.h:302 Illegal context switch in RCU read-side critical section! other info that might help us debug this: rcu_scheduler_active = 2, debug_locks = 0 5 locks held by syz-executor0/4743: #0: (&dup_mmap_sem){.+.+}, at: [<0000000065db6eb6>] dup_mmap kernel/fork.c:607 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<0000000065db6eb6>] dup_mm kernel/fork.c:1196 [inline] #0: (&dup_mmap_sem){.+.+}, at: [<0000000065db6eb6>] copy_mm+0x3c6/0x131b kernel/fork.c:1250 #1: (&mm->mmap_sem){++++}, at: [<00000000622f1e45>] dup_mmap kernel/fork.c:608 [inline] #1: (&mm->mmap_sem){++++}, at: [<00000000622f1e45>] dup_mm kernel/fork.c:1196 [inline] #1: (&mm->mmap_sem){++++}, at: [<00000000622f1e45>] copy_mm+0x3e2/0x131b kernel/fork.c:1250 #2: (&mm->mmap_sem/1){+.+.}, at: [<000000001d927511>] dup_mmap kernel/fork.c:617 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<000000001d927511>] dup_mm kernel/fork.c:1196 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [<000000001d927511>] copy_mm+0x43f/0x131b kernel/fork.c:1250 #3: (rcu_read_lock){....}, at: [<0000000044ebfd21>] arch_static_branch arch/x86/include/asm/jump_label.h:36 [inline] #3: (rcu_read_lock){....}, at: [<0000000044ebfd21>] static_key_false include/linux/jump_label.h:142 [inline] #3: (rcu_read_lock){....}, at: [<0000000044ebfd21>] netif_receive_skb_internal+0xa2/0x670 net/core/dev.c:4585 #4: (rcu_read_lock){....}, at: [<0000000025aacfd0>] __is_insn_slot_addr+0x0/0x330 kernel/kprobes.c:207 stack backtrace: CPU: 1 PID: 4743 Comm: syz-executor0 Not tainted 4.15.0-rc8+ #271 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 lockdep_rcu_suspicious+0x123/0x170 kernel/locking/lockdep.c:4585 rcu_preempt_sleep_check include/linux/rcupdate.h:301 [inline] ___might_sleep+0x385/0x470 kernel/sched/core.c:6025 __might_sleep+0x95/0x190 kernel/sched/core.c:6013 slab_pre_alloc_hook mm/slab.h:419 [inline] slab_alloc mm/slab.c:3368 [inline] kmem_cache_alloc+0x2a2/0x760 mm/slab.c:3542 ptlock_alloc+0x24/0x70 mm/memory.c:4692 ptlock_init include/linux/mm.h:1790 [inline] pgtable_page_ctor include/linux/mm.h:1824 [inline] pte_alloc_one+0x59/0x100 arch/x86/mm/pgtable.c:32 __pte_alloc+0x2a/0x310 mm/memory.c:648 copy_pte_range mm/memory.c:1073 [inline] copy_pmd_range mm/memory.c:1149 [inline] copy_pud_range mm/memory.c:1183 [inline] copy_p4d_range mm/memory.c:1205 [inline] copy_page_range+0x1918/0x27a0 mm/memory.c:1267 dup_mmap kernel/fork.c:715 [inline] dup_mm kernel/fork.c:1196 [inline] copy_mm+0xd68/0x131b kernel/fork.c:1250 copy_process.part.38+0x1ee9/0x4b20 kernel/fork.c:1752 copy_process kernel/fork.c:1565 [inline] _do_fork+0x1f7/0xfe0 kernel/fork.c:2044 SYSC_clone kernel/fork.c:2154 [inline] SyS_clone+0x37/0x50 kernel/fork.c:2148 do_syscall_64+0x273/0x920 arch/x86/entry/common.c:285 entry_SYSCALL64_slow_path+0x25/0x25 RIP: 0033:0x4515da RSP: 002b:0000000000a2f9e0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 0000000000a2f9e0 RCX: 00000000004515da RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 RBP: 0000000000a2fa20 R08: 0000000000000001 R09: 0000000000e69940 R10: 0000000000e69c10 R11: 0000000000000246 R12: 0000000000000001 R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000010 ============================================ WARNING: possible recursive locking detected 4.15.0-rc8+ #271 Not tainted -------------------------------------------- syz-executor2/8681 is trying to acquire lock: (&vq->mutex){+.+.}, at: [<0000000026fe9670>] vhost_dev_lock_vqs drivers/vhost/vhost.c:907 [inline] (&vq->mutex){+.+.}, at: [<0000000026fe9670>] vhost_process_iotlb_msg drivers/vhost/vhost.c:997 [inline] (&vq->mutex){+.+.}, at: [<0000000026fe9670>] vhost_chr_write_iter+0x278/0x1580 drivers/vhost/vhost.c:1046 but task is already holding lock: (&vq->mutex){+.+.}, at: [<0000000026fe9670>] vhost_dev_lock_vqs drivers/vhost/vhost.c:907 [inline] (&vq->mutex){+.+.}, at: [<0000000026fe9670>] vhost_process_iotlb_msg drivers/vhost/vhost.c:997 [inline] (&vq->mutex){+.+.}, at: [<0000000026fe9670>] vhost_chr_write_iter+0x278/0x1580 drivers/vhost/vhost.c:1046 other info that might help us debug this: Possible unsafe locking scenario: CPU0 ---- lock(&vq->mutex); lock(&vq->mutex); *** DEADLOCK *** May be due to missing lock nesting notation 1 lock held by syz-executor2/8681: #0: (&vq->mutex){+.+.}, at: [<0000000026fe9670>] vhost_dev_lock_vqs drivers/vhost/vhost.c:907 [inline] #0: (&vq->mutex){+.+.}, at: [<0000000026fe9670>] vhost_process_iotlb_msg drivers/vhost/vhost.c:997 [inline] #0: (&vq->mutex){+.+.}, at: [<0000000026fe9670>] vhost_chr_write_iter+0x278/0x1580 drivers/vhost/vhost.c:1046 stack backtrace: CPU: 0 PID: 8681 Comm: syz-executor2 Not tainted 4.15.0-rc8+ #271 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 print_deadlock_bug kernel/locking/lockdep.c:1756 [inline] check_deadlock kernel/locking/lockdep.c:1800 [inline] validate_chain kernel/locking/lockdep.c:2396 [inline] __lock_acquire+0xe8f/0x3e00 kernel/locking/lockdep.c:3426 lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:3914 __mutex_lock_common kernel/locking/mutex.c:756 [inline] __mutex_lock+0x16f/0x1a80 kernel/locking/mutex.c:893 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908 vhost_dev_lock_vqs drivers/vhost/vhost.c:907 [inline] vhost_process_iotlb_msg drivers/vhost/vhost.c:997 [inline] vhost_chr_write_iter+0x278/0x1580 drivers/vhost/vhost.c:1046 vhost_net_chr_write_iter+0x59/0x70 drivers/vhost/net.c:1353 call_write_iter include/linux/fs.h:1772 [inline] new_sync_write fs/read_write.c:469 [inline] __vfs_write+0x684/0x970 fs/read_write.c:482 vfs_write+0x189/0x510 fs/read_write.c:544 SYSC_write fs/read_write.c:589 [inline] SyS_write+0xef/0x220 fs/read_write.c:581 entry_SYSCALL_64_fastpath+0x29/0xa0 RIP: 0033:0x452ee9 RSP: 002b:00007f4498861c58 EFLAGS: 00000212 ORIG_RAX: 0000000000000001 RAX: ffffffffffffffda RBX: 00007f4498862700 RCX: 0000000000452ee9 RDX: 0000000000000068 RSI: 0000000020009000 RDI: 0000000000000013 RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000212 R12: 0000000000000000 R13: 0000000000a2f7cf R14: 00007f44988629c0 R15: 0000000000000000 binder: 8714 RLIMIT_NICE not set rfkill: input handler disabled rfkill: input handler enabled binder: 8707:8743 BC_REQUEST_DEATH_NOTIFICATION invalid ref 0 binder: 8707:8714 BC_CLEAR_DEATH_NOTIFICATION invalid ref 0 binder: 8714 RLIMIT_NICE not set binder: undelivered death notification, 0000000000000000 handle_userfault: 130 callbacks suppressed FAULT_FLAG_ALLOW_RETRY missing 30 CPU: 1 PID: 8762 Comm: syz-executor6 Not tainted 4.15.0-rc8+ #271 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 handle_userfault+0x12fa/0x24c0 fs/userfaultfd.c:427 do_anonymous_page mm/memory.c:3127 [inline] handle_pte_fault mm/memory.c:3941 [inline] __handle_mm_fault+0x32a3/0x3ce0 mm/memory.c:4067 handle_mm_fault+0x334/0x8d0 mm/memory.c:4104 __do_page_fault+0x5c9/0xc90 arch/x86/mm/fault.c:1430 do_page_fault+0xee/0x720 arch/x86/mm/fault.c:1505 page_fault+0x2c/0x60 arch/x86/entry/entry_64.S:1260 RIP: 0010:fault_in_pages_readable include/linux/pagemap.h:601 [inline] RIP: 0010:iov_iter_fault_in_readable+0x1a7/0x410 lib/iov_iter.c:421 RSP: 0018:ffff8801a675f928 EFLAGS: 00010246 RAX: 0000000000010000 RBX: 0000000020011fd2 RCX: ffffffff82587fc1 RDX: 00000000000000c3 RSI: ffffc900030ef000 RDI: ffff8801a675fd28 RBP: ffff8801a675fa08 R08: 1ffff10038228022 R09: 1ffff10034cebf22 R10: ffff8801a675f858 R11: ffffffff87f08fc8 R12: 1ffff10034cebf28 R13: ffff8801a675f9e0 R14: 0000000000000000 R15: ffff8801a675fd20 generic_perform_write+0x200/0x600 mm/filemap.c:3129 __generic_file_write_iter+0x366/0x5b0 mm/filemap.c:3264 generic_file_write_iter+0x399/0x790 mm/filemap.c:3292 call_write_iter include/linux/fs.h:1772 [inline] new_sync_write fs/read_write.c:469 [inline] __vfs_write+0x684/0x970 fs/read_write.c:482 vfs_write+0x189/0x510 fs/read_write.c:544 SYSC_write fs/read_write.c:589 [inline] SyS_write+0xef/0x220 fs/read_write.c:581 entry_SYSCALL_64_fastpath+0x29/0xa0 RIP: 0033:0x452ee9 RSP: 002b:00007fb2da34bc58 EFLAGS: 00000212 ORIG_RAX: 0000000000000001 RAX: ffffffffffffffda RBX: 000000000071bea0 RCX: 0000000000452ee9 RDX: 000000000000001c RSI: 0000000020011fd2 RDI: 0000000000000014 RBP: 0000000000000069 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000212 R12: 00000000006efa78 R13: 00000000ffffffff R14: 00007fb2da34c6d4 R15: 0000000000000000 FAULT_FLAG_ALLOW_RETRY missing 30 CPU: 0 PID: 8768 Comm: syz-executor6 Not tainted 4.15.0-rc8+ #271 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 handle_userfault+0x12fa/0x24c0 fs/userfaultfd.c:427 do_anonymous_page mm/memory.c:3127 [inline] handle_pte_fault mm/memory.c:3941 [inline] __handle_mm_fault+0x32a3/0x3ce0 mm/memory.c:4067 handle_mm_fault+0x334/0x8d0 mm/memory.c:4104 __do_page_fault+0x5c9/0xc90 arch/x86/mm/fault.c:1430 do_page_fault+0xee/0x720 arch/x86/mm/fault.c:1505 page_fault+0x2c/0x60 arch/x86/entry/entry_64.S:1260 RIP: 0010:fault_in_pages_readable include/linux/pagemap.h:601 [inline] RIP: 0010:iov_iter_fault_in_readable+0x1a7/0x410 lib/iov_iter.c:421 RSP: 0018:ffff8801c857f928 EFLAGS: 00010246 RAX: 0000000000010000 RBX: 0000000020011fd2 RCX: ffffffff82587fc1 RDX: 00000000000000b9 RSI: ffffc90003170000 RDI: ffff8801c857fd28 RBP: ffff8801c857fa08 R08: 0000000000000000 R09: 1ffff100390afee7 R10: ffff8801c857fa50 R11: ffff8801bdd626d0 R12: 1ffff100390aff28 R13: ffff8801c857f9e0 R14: 0000000000000000 R15: ffff8801c857fd20 generic_perform_write+0x200/0x600 mm/filemap.c:3129 __generic_file_write_iter+0x366/0x5b0 mm/filemap.c:3264 generic_file_write_iter+0x399/0x790 mm/filemap.c:3292 call_write_iter include/linux/fs.h:1772 [inline] new_sync_write fs/read_write.c:469 [inline] __vfs_write+0x684/0x970 fs/read_write.c:482 vfs_write+0x189/0x510 fs/read_write.c:544 SYSC_write fs/read_write.c:589 [inline] SyS_write+0xef/0x220 fs/read_write.c:581 entry_SYSCALL_64_fastpath+0x29/0xa0 RIP: 0033:0x452ee9 RSP: 002b:00007fb2da32ac58 EFLAGS: 00000212 ORIG_RAX: 0000000000000001 RAX: ffffffffffffffda RBX: 00007fb2da32b700 RCX: 0000000000452ee9 RDX: 000000000000001c RSI: 0000000020011fd2 RDI: 0000000000000014 RBP: 0000000000a2f850 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000212 R12: 0000000000000000 R13: 0000000000a2f7cf R14: 00007fb2da32b9c0 R15: 000000000000000b audit: type=1400 audit(1516530824.460:372): avc: denied { read } for pid=8912 comm="syz-executor6" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 binder: 8921 RLIMIT_NICE not set binder: BINDER_SET_CONTEXT_MGR already set binder: 8910:8937 ioctl 40046207 0 returned -16 binder_alloc: 8910: binder_alloc_buf, no vma binder: 8910:8937 transaction failed 29189/-3, size 0-0 line 2903 binder: undelivered TRANSACTION_ERROR: 29189 binder: 8921 RLIMIT_NICE not set binder: BINDER_SET_CONTEXT_MGR already set binder: 8910:8947 ioctl 40046207 0 returned -16 binder: 8910:8937 transaction failed 29189/-22, size 0-0 line 2788 binder: undelivered TRANSACTION_ERROR: 29189 binder: 9038:9049 got reply transaction with no transaction stack binder: 9038:9049 transaction failed 29201/-71, size 0-0 line 2703 binder: 9038:9068 got reply transaction with no transaction stack binder: 9038:9068 transaction failed 29201/-71, size 0-0 line 2703 binder: undelivered TRANSACTION_ERROR: 29201 binder: undelivered TRANSACTION_ERROR: 29201 audit: type=1400 audit(1516530825.109:373): avc: denied { map } for pid=9076 comm="syz-executor7" path="/dev/dsp" dev="devtmpfs" ino=8982 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:sound_device_t:s0 tclass=chr_file permissive=1 audit: type=1400 audit(1516530825.638:374): avc: denied { ipc_lock } for pid=9264 comm="syz-executor6" capability=14 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 9pnet_virtio: no channels available for device ./file0 9pnet_virtio: no channels available for device ./file0 binder: 9333:9335 ioctl 40046205 1f returned -22 binder: 9333:9350 ioctl 40046205 1f returned -22 sg_write: data in/out 341795055/294 bytes for SCSI command 0xbf-- guessing data in; program syz-executor6 not setting count and/or reply_len properly sg_write: data in/out 341795055/294 bytes for SCSI command 0xbf-- guessing data in; program syz-executor6 not setting count and/or reply_len properly TCP: request_sock_TCP: Possible SYN flooding on port 20006. Sending cookies. Check SNMP counters. binder: 9433:9435 ERROR: BC_REGISTER_LOOPER called without request binder: 9435 RLIMIT_NICE not set binder: 9435 RLIMIT_NICE not set binder: 9435 RLIMIT_NICE not set binder_alloc: 9433: binder_alloc_buf, no vma binder: 9433:9435 transaction failed 29189/-3, size 0-0 line 2903 binder: send failed reply for transaction 20 to 9433:9442 binder: undelivered TRANSACTION_ERROR: 29190 binder: 9433:9443 transaction failed 29189/-22, size 0-0 line 2788 binder: 9433:9435 ERROR: BC_REGISTER_LOOPER called without request binder: 9435 RLIMIT_NICE not set binder: 9433:9435 got reply transaction with no transaction stack binder: 9433:9435 transaction failed 29201/-71, size 0-0 line 2703 binder: undelivered TRANSACTION_COMPLETE binder: undelivered TRANSACTION_ERROR: 29189 binder: undelivered TRANSACTION_ERROR: 29201 binder: undelivered TRANSACTION_ERROR: 29189 audit: type=1326 audit(1516530826.640:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=9476 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452ee9 code=0x7ffc0000 audit: type=1326 audit(1516530826.641:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=9476 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=257 compat=0 ip=0x452ee9 code=0x7ffc0000 audit: type=1326 audit(1516530826.641:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=9476 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452ee9 code=0x7ffc0000 audit: type=1326 audit(1516530826.644:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=9476 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=193 compat=0 ip=0x452ee9 code=0x7ffc0000 audit: type=1326 audit(1516530826.665:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=9476 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452ee9 code=0x7ffc0000 openvswitch: netlink: Message has 4 unknown bytes. openvswitch: netlink: Message has 4 unknown bytes. QAT: Invalid ioctl binder: BINDER_SET_CONTEXT_MGR already set binder: 9631:9633 ioctl 40046207 0 returned -16 binder_alloc: 9631: binder_alloc_buf, no vma binder: 9631:9648 transaction failed 29189/-3, size 24-8 line 2903 binder: undelivered TRANSACTION_ERROR: 29189 binder: release 9631:9633 transaction 25 out, still active binder: undelivered TRANSACTION_COMPLETE binder: send failed reply for transaction 25, target dead netlink: 8 bytes leftover after parsing attributes in process `syz-executor1'. mmap: syz-executor0 (9700): VmData 34820096 exceed data ulimit 5. Update limits or use boot option ignore_rlimit_data. sit: non-ECT from 0.0.0.0 with TOS=0x2 kauditd_printk_skb: 30 callbacks suppressed audit: type=1400 audit(1516530828.148:410): avc: denied { map } for pid=9918 comm="syz-executor2" path="/dev/sg0" dev="devtmpfs" ino=8932 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:scsi_generic_device_t:s0 tclass=chr_file permissive=1 sit: non-ECT from 0.0.0.0 with TOS=0x2 TCP: request_sock_TCP: Possible SYN flooding on port 20017. Sending cookies. Check SNMP counters. binder: 9993:9997 got new transaction with bad transaction stack, transaction 29 has target 9993:0 binder: 9993:9997 transaction failed 29201/-71, size 0-0 line 2815 binder: 10017:10018 ERROR: BC_REGISTER_LOOPER called without request binder: 10018 RLIMIT_NICE not set binder: 10018 RLIMIT_NICE not set binder: 10018 RLIMIT_NICE not set binder: BINDER_SET_CONTEXT_MGR already set binder: 9993:10036 ioctl 40046207 0 returned -16 binder_alloc: 9993: binder_alloc_buf, no vma binder: 9993:10031 transaction failed 29189/-3, size 40-8 line 2903 binder: undelivered TRANSACTION_ERROR: 29189 binder: undelivered TRANSACTION_COMPLETE binder: 10017:10037 ERROR: BC_REGISTER_LOOPER called without request binder: 10037 RLIMIT_NICE not set binder: release 9993:9997 transaction 29 out, still active binder: unexpected work type, 4, not freed binder: undelivered TRANSACTION_COMPLETE binder: undelivered TRANSACTION_ERROR: 29201 binder: send failed reply for transaction 29, target dead binder: 10017:10040 got reply transaction with no transaction stack binder: 10017:10040 transaction failed 29201/-71, size 0-0 line 2703 binder: 10037 RLIMIT_NICE not set binder: release 10017:10030 transaction 38 out, still active binder: undelivered TRANSACTION_COMPLETE binder: undelivered TRANSACTION_ERROR: 29201 binder: release 10017:10037 transaction 38 in, still active binder: send failed reply for transaction 38, target dead audit: type=1326 audit(1516530828.969:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=10106 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452ee9 code=0x7ffc0000 audit: type=1326 audit(1516530828.973:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=10106 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452ee9 code=0x7ffc0000 audit: type=1326 audit(1516530828.973:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=10106 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=269 compat=0 ip=0x452ee9 code=0x7ffc0000 audit: type=1326 audit(1516530828.973:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=10106 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452ee9 code=0x7ffc0000 audit: type=1326 audit(1516530828.973:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=10106 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452ee9 code=0x7ffc0000 audit: type=1326 audit(1516530828.973:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=10106 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=9 compat=0 ip=0x452ee9 code=0x7ffc0000 audit: type=1326 audit(1516530828.973:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=10106 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452ee9 code=0x7ffc0000 audit: type=1326 audit(1516530828.973:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=10106 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=2 compat=0 ip=0x452ee9 code=0x7ffc0000 audit: type=1326 audit(1516530828.973:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=10106 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452ee9 code=0x7ffc0000 do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app binder: 10420 invalid dec weak, ref 43 desc 1 s 1 w 0 QAT: Invalid ioctl binder: 10420:10430 ioctl ae9a 0 returned -22 binder: 10420:10430 ioctl 4b2f b4f returned -22 binder: 10420:10430 ioctl 4b48 20758ffc returned -22 binder: BINDER_SET_CONTEXT_MGR already set binder: 10420:10430 ioctl 40046207 0 returned -16 binder_alloc: 10420: binder_alloc_buf, no vma binder: 10420:10430 transaction failed 29189/-3, size 40-8 line 2903 QAT: Invalid ioctl binder: 10420:10430 ioctl ae9a 0 returned -22 binder: 10420:10430 ioctl 4b2f b4f returned -22 binder: 10420:10430 ioctl 4b48 20758ffc returned -22 binder: undelivered TRANSACTION_ERROR: 29189 binder: release 10420:10430 transaction 41 out, still active binder: unexpected work type, 4, not freed binder: undelivered TRANSACTION_COMPLETE binder: send failed reply for transaction 41, target dead do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app irq bypass consumer (token 00000000aa88ae68) registration fails: -16