binder_alloc: 5089: binder_alloc_buf, no vma binder: 5089:5103 transaction failed 29189/-3, size 0-64 line 3133 binder: undelivered TRANSACTION_ERROR: 29189 audit: type=1400 audit(1521638479.926:10): avc: denied { create } for pid=5171 comm="syz-executor7" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 ------------[ cut here ]------------ WARNING: CPU: 0 PID: 5210 at net/core/dev.c:2473 skb_warn_bad_offload+0x2af/0x390 net/core/dev.c:2468 audit: type=1400 audit(1521638480.056:11): avc: denied { dac_override } for pid=5214 comm="syz-executor5" capability=1 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 lo: caps=(0x000000a2803b7c69, 0x0000000000000000) len=2102 data_len=2040 gso_size=1992 gso_type=2 ip_summed=0 Kernel panic - not syncing: panic_on_warn set ... ------------[ cut here ]------------ WARNING: CPU: 1 PID: 5220 at net/core/dev.c:2473 skb_warn_bad_offload+0x2af/0x390 net/core/dev.c:2468 lo: caps=(0x000000a2803b7c69, 0x0000000000000000) len=2102 data_len=2040 gso_size=1992 gso_type=2 ip_summed=0 Modules linked in: CPU: 1 PID: 5220 Comm: syz-executor6 Not tainted 4.9.88-g71df7bb #60 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801b4fc70c0 ffffffff81d95f19 ffff8801b4fc7138 0000000000000000 ffffffff83ee36a0 ffffffff82f3737f 0000000000000009 ffff8801b4fc7108 ffffffff8113178f 0000000000000000 00000000000009a9 ffffed00369f8e23 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] __warn+0x19f/0x1e0 kernel/panic.c:550 [] warn_slowpath_fmt+0xc4/0x110 kernel/panic.c:565 [] skb_warn_bad_offload+0x2af/0x390 net/core/dev.c:2468 [] __skb_gso_segment+0x541/0x680 net/core/dev.c:2774 [] skb_gso_segment include/linux/netdevice.h:4000 [inline] [] validate_xmit_skb+0x44e/0x980 net/core/dev.c:3010 [] __dev_queue_xmit+0xb2c/0x20a0 net/core/dev.c:3435 [] dev_queue_xmit+0x17/0x20 net/core/dev.c:3476 [] neigh_hh_output include/net/neighbour.h:468 [inline] [] dst_neigh_output include/net/dst.h:468 [inline] [] ip6_finish_output2+0x1159/0x1d20 net/ipv6/ip6_output.c:119 [] ip6_finish_output+0x2e6/0x750 net/ipv6/ip6_output.c:145 [] NF_HOOK_COND include/linux/netfilter.h:246 [inline] [] ip6_output+0x1f3/0x6a0 net/ipv6/ip6_output.c:162 [] dst_output include/net/dst.h:507 [inline] [] ip6_local_out+0x95/0x170 net/ipv6/output_core.c:176 [] ip6_send_skb+0xa1/0x340 net/ipv6/ip6_output.c:1741 [] udp_v6_send_skb+0x301/0xeb0 net/ipv6/udp.c:974 [] udp_v6_push_pending_frames+0x22f/0x340 net/ipv6/udp.c:1007 [] udpv6_sendmsg+0x1f38/0x2540 net/ipv6/udp.c:1273 [] inet_sendmsg+0x2bc/0x4c0 net/ipv4/af_inet.c:770 [] sock_sendmsg_nosec net/socket.c:635 [inline] [] sock_sendmsg+0xca/0x110 net/socket.c:645 [] SYSC_sendto+0x2c8/0x340 net/socket.c:1670 [] SyS_sendto+0x40/0x50 net/socket.c:1638 [] do_syscall_64+0x1a4/0x490 arch/x86/entry/common.c:282 [] entry_SYSCALL_64_after_swapgs+0x5d/0xdb ---[ end trace 9a103e19854a33ac ]--- CPU: 0 PID: 5210 Comm: syz-executor6 Tainted: G W 4.9.88-g71df7bb #60 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801c955ef60 ffffffff81d95f19 ffffffff83a482a0 ffff8801c955f038 ffffffff83ee3600 ffffffff82f3737f 0000000000000009 ffff8801c955f028 ffffffff8142fa71 0000000041b58ab3 ffffffff8418bc48 ffffffff8142f8b5 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] panic+0x1bc/0x3a8 kernel/panic.c:179 [] __warn+0x1c4/0x1e0 kernel/panic.c:542 [] warn_slowpath_fmt+0xc4/0x110 kernel/panic.c:565 [] skb_warn_bad_offload+0x2af/0x390 net/core/dev.c:2468 [] __skb_gso_segment+0x541/0x680 net/core/dev.c:2774 [] skb_gso_segment include/linux/netdevice.h:4000 [inline] [] validate_xmit_skb+0x44e/0x980 net/core/dev.c:3010 [] __dev_queue_xmit+0xb2c/0x20a0 net/core/dev.c:3435 [] dev_queue_xmit+0x17/0x20 net/core/dev.c:3476 [] neigh_resolve_output+0x469/0x770 net/core/neighbour.c:1308 [] dst_neigh_output include/net/dst.h:470 [inline] [] ip6_finish_output2+0x930/0x1d20 net/ipv6/ip6_output.c:119 [] ip6_finish_output+0x2e6/0x750 net/ipv6/ip6_output.c:145 [] NF_HOOK_COND include/linux/netfilter.h:246 [inline] [] ip6_output+0x1f3/0x6a0 net/ipv6/ip6_output.c:162 [] dst_output include/net/dst.h:507 [inline] [] ip6_local_out+0x95/0x170 net/ipv6/output_core.c:176 [] ip6_send_skb+0xa1/0x340 net/ipv6/ip6_output.c:1741 [] udp_v6_send_skb+0x301/0xeb0 net/ipv6/udp.c:974 [] udp_v6_push_pending_frames+0x22f/0x340 net/ipv6/udp.c:1007 [] udpv6_sendmsg+0x1f38/0x2540 net/ipv6/udp.c:1273 [] inet_sendmsg+0x2bc/0x4c0 net/ipv4/af_inet.c:770 [] sock_sendmsg_nosec net/socket.c:635 [inline] [] sock_sendmsg+0xca/0x110 net/socket.c:645 [] SYSC_sendto+0x2c8/0x340 net/socket.c:1670 [] SyS_sendto+0x40/0x50 net/socket.c:1638 [] do_syscall_64+0x1a4/0x490 arch/x86/entry/common.c:282 [] entry_SYSCALL_64_after_swapgs+0x5d/0xdb Dumping ftrace buffer: (ftrace buffer empty) Kernel Offset: disabled Rebooting in 86400 seconds..