autofs4:pid:5617:validate_dev_ioctl: invalid device control module version supplied for cmd(0x0000937e) BUG: Bad rss-counter state mm:00000000d1a5e39d idx:0 val:175 BUG: Bad rss-counter state mm:00000000d1a5e39d idx:1 val:540 BUG: non-zero pgtables_bytes on freeing mm: 45056 sock: sock_set_timeout: `syz-executor7' (pid 5662) tries to set negative timeout sock: sock_set_timeout: `syz-executor7' (pid 5662) tries to set negative timeout device lo entered promiscuous mode device lo entered promiscuous mode device  entered promiscuous mode device  left promiscuous mode device  entered promiscuous mode device  left promiscuous mode binder: 6082:6086 ERROR: BC_REGISTER_LOOPER called without request binder: 6086 RLIMIT_NICE not set binder_alloc: 6082: binder_alloc_buf, no vma binder: 6082:6086 transaction failed 29189/-3, size -9136452502804823694--6259034843114309523 line 2947 binder: BINDER_SET_CONTEXT_MGR already set binder: 6082:6102 ioctl 40046207 0 returned -16 binder: 6082:6086 ERROR: BC_REGISTER_LOOPER called without request binder_alloc: 6082: binder_alloc_buf, no vma binder: 6082:6102 transaction failed 29189/-3, size -9136452502804823694--6259034843114309523 line 2947 binder: 6086 RLIMIT_NICE not set binder: undelivered TRANSACTION_ERROR: 29189 binder: undelivered TRANSACTION_ERROR: 29189 QAT: Invalid ioctl QAT: Invalid ioctl device gre0 entered promiscuous mode device eql entered promiscuous mode netlink: 'syz-executor0': attribute type 16 has an invalid length. device eql entered promiscuous mode SELinux: unrecognized netlink message: protocol=0 nlmsg_type=6144 sclass=netlink_route_socket pig=6249 comm=syz-executor1 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=6258 comm=syz-executor6 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=61501 sclass=netlink_route_socket pig=6258 comm=syz-executor6 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=6144 sclass=netlink_route_socket pig=6249 comm=syz-executor1 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=6277 comm=syz-executor6 device gre0 entered promiscuous mode device gre0 entered promiscuous mode QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl kauditd_printk_skb: 77 callbacks suppressed audit: type=1400 audit(1513251473.657:546): avc: denied { write } for pid=6457 comm="syz-executor0" path="socket:[20991]" dev="sockfs" ino=20991 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_crypto_socket permissive=1 audit: type=1400 audit(1513251474.170:547): avc: denied { map } for pid=6582 comm="syz-executor3" path="socket:[21212]" dev="sockfs" ino=21212 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=key_socket permissive=1 binder: 6646:6649 BC_FREE_BUFFER u0000000000000000 no match binder: 6646:6668 BC_FREE_BUFFER u0000000000000000 no match encrypted_key: master key parameter '¥>' is invalid encrypted_key: insufficient parameters specified device gre0 entered promiscuous mode encrypted_key: master key parameter '¥>' is invalid encrypted_key: insufficient parameters specified device syz5 entered promiscuous mode device eql entered promiscuous mode binder: 6814:6816 Release 1 refcount change on invalid ref 2 ret -22 binder: 6814:6816 BC_FREE_BUFFER u0000000000000000 no match binder: 6814:6816 DecRefs 0 refcount change on invalid ref 4 ret -22 binder: 6814:6816 BC_REQUEST_DEATH_NOTIFICATION invalid ref 3 binder: 6814:6816 BC_DEAD_BINDER_DONE 0000000000000002 not found binder: 6816 RLIMIT_NICE not set binder: 6816 RLIMIT_NICE not set binder: 6814:6819 got reply transaction with bad transaction stack, transaction 59 has target 6814:0 binder: 6814:6819 transaction failed 29201/-71, size 32-8 line 2762 binder: 6814:6819 ioctl c0306201 2000dfd0 returned -14 binder: release 6814:6816 transaction 59 in, still active binder: send failed reply for transaction 59 to 6814:6819 binder: undelivered TRANSACTION_ERROR: 29201 binder: 6814:6816 Release 1 refcount change on invalid ref 2 ret -22 binder: 6814:6816 BC_FREE_BUFFER u0000000000000000 no match binder: 6814:6816 DecRefs 0 refcount change on invalid ref 4 ret -22 binder: 6814:6816 BC_REQUEST_DEATH_NOTIFICATION invalid ref 3 binder: 6814:6816 BC_DEAD_BINDER_DONE 0000000000000002 not found binder: 6816 RLIMIT_NICE not set binder: 6814:6819 got reply transaction with bad transaction stack, transaction 62 has target 6814:0 binder: 6814:6819 transaction failed 29201/-71, size 32-8 line 2762 binder: undelivered TRANSACTION_ERROR: 29189 binder: release 6814:6819 transaction 62 out, still active binder: undelivered TRANSACTION_COMPLETE binder: undelivered TRANSACTION_ERROR: 29201 binder: send failed reply for transaction 62, target dead audit: type=1400 audit(1513251474.964:548): avc: denied { accept } for pid=6895 comm="syz-executor1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 kvm: vcpu 0: requested 68374 ns lapic timer period limited to 500000 ns device gre0 entered promiscuous mode netlink: 'syz-executor7': attribute type 29 has an invalid length. device gre0 entered promiscuous mode kvm: vcpu 0: requested 68374 ns lapic timer period limited to 500000 ns nla_parse: 12 callbacks suppressed netlink: 5 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 'syz-executor7': attribute type 29 has an invalid length. netlink: 5 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 12 bytes leftover after parsing attributes in process `syz-executor6'. netlink: 12 bytes leftover after parsing attributes in process `syz-executor6'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor5'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor5'. selinux_nlmsg_perm: 1 callbacks suppressed SELinux: unrecognized netlink message: protocol=0 nlmsg_type=47638 sclass=netlink_route_socket pig=7071 comm=syz-executor3 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=47638 sclass=netlink_route_socket pig=7071 comm=syz-executor3 binder: 7117:7125 ioctl 40046205 1 returned -22 binder: 7117:7125 transaction failed 29189/-22, size 64-48 line 2832 QAT: Invalid ioctl device syz0 entered promiscuous mode device gre0 entered promiscuous mode binder: 7117:7151 ioctl 40046205 1 returned -22 QAT: Invalid ioctl binder: 7117:7125 transaction failed 29189/-22, size 64-48 line 2832 audit: type=1400 audit(1513251475.812:549): avc: denied { map } for pid=7179 comm="syz-executor6" path="socket:[24107]" dev="sockfs" ino=24107 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=rawip_socket permissive=1 kvm: vcpu 2: requested 10176 ns lapic timer period limited to 500000 ns kvm: vcpu 2: requested 10176 ns lapic timer period limited to 500000 ns binder: 7249:7254 ioctl c0046209 20001000 returned -22 device gre0 entered promiscuous mode binder: 7249:7269 ioctl c018620b 208dbfe8 returned -14 sctp: [Deprecated]: syz-executor2 (pid 7279) Use of struct sctp_assoc_value in delayed_ack socket option. Use struct sctp_sack_info instead binder: 7249:7269 ERROR: BC_REGISTER_LOOPER called without request binder: 7249:7269 IncRefs 0 refcount change on invalid ref 131 ret -22 binder: 7249:7269 DecRefs 0 refcount change on invalid ref 0 ret -22 binder: 7249:7269 unknown command 0 binder: 7249:7269 ioctl c0306201 20000000 returned -22 binder: 7249:7294 ioctl c018620b 208dbfe8 returned -14 audit: type=1400 audit(1513251476.208:550): avc: denied { map } for pid=7274 comm="syz-executor3" path="/dev/loop0" dev="devtmpfs" ino=13250 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:device_t:s0 tclass=file permissive=1 device gre0 entered promiscuous mode audit: type=1326 audit(1513251476.394:551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=7386 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452a39 code=0x7ffc0000 audit: type=1326 audit(1513251476.394:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=7386 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452a39 code=0x7ffc0000 audit: type=1326 audit(1513251476.394:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=7386 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=228 compat=0 ip=0x4557da code=0x7ffc0000 audit: type=1326 audit(1513251476.394:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=7386 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452a39 code=0x7ffc0000 audit: type=1326 audit(1513251476.394:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=7386 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452a39 code=0x7ffc0000 netlink: 5 bytes leftover after parsing attributes in process `syz-executor6'. netlink: 5 bytes leftover after parsing attributes in process `syz-executor6'. binder: 7509:7516 ERROR: BC_REGISTER_LOOPER called without request binder: 7509:7516 DecRefs 0 refcount change on invalid ref 0 ret -22 binder: 7509:7535 BC_FREE_BUFFER u0000020400000000 no match binder_alloc: 7509: binder_alloc_buf, no vma binder: 7509:7535 transaction failed 29189/-3, size 0-0 line 2947 RDS: rds_bind could not find a transport for 172.20.1.187, load rds_tcp or rds_rdma? binder: 7509:7516 unknown command 0 binder: 7509:7516 ioctl c0306201 20004000 returned -22 binder: BINDER_SET_CONTEXT_MGR already set binder: 7509:7535 ioctl 40046207 0 returned -16 binder: 7509:7516 ERROR: BC_REGISTER_LOOPER called without request binder: 7509:7516 DecRefs 0 refcount change on invalid ref 0 ret -22 binder: 7509:7516 BC_INCREFS_DONE u0000000000000000 no match binder: 7509:7516 ERROR: BC_ENTER_LOOPER called after BC_REGISTER_LOOPER binder: 7516 RLIMIT_NICE not set binder: 7509:7548 BC_FREE_BUFFER u0000020400000000 no match binder_alloc: 7509: binder_alloc_buf, no vma binder: 7509:7548 transaction failed 29189/-3, size 0-0 line 2947 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=7 sclass=netlink_route_socket pig=7570 comm=syz-executor5 binder: undelivered TRANSACTION_ERROR: 29189 binder: undelivered TRANSACTION_ERROR: 29189 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=7570 comm=syz-executor5 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=7 sclass=netlink_route_socket pig=7570 comm=syz-executor5 binder: 7586:7589 ERROR: BC_REGISTER_LOOPER called without request binder: 7586:7589 DecRefs 0 refcount change on invalid ref 0 ret -22 binder: 7586:7589 got transaction to invalid handle binder: 7586:7589 transaction failed 29201/-22, size 48-32 line 2832 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=7588 comm=syz-executor5 binder: 7586:7589 BC_FREE_BUFFER u0000020400000000 no match binder: 7586:7589 got transaction to invalid handle binder: 7586:7589 transaction failed 29201/-22, size 0-64 line 2832 binder: BINDER_SET_CONTEXT_MGR already set binder: 7586:7597 ioctl 40046207 0 returned -16 binder_alloc: 7586: binder_alloc_buf, no vma binder: 7586:7589 transaction failed 29189/-3, size 0-0 line 2947 binder: 7586:7597 ERROR: BC_REGISTER_LOOPER called without request binder: 7586:7597 DecRefs 0 refcount change on invalid ref 0 ret -22 binder: 7586:7597 got transaction to invalid handle binder: 7586:7597 transaction failed 29201/-22, size 48-32 line 2832 binder: 7586:7589 BC_FREE_BUFFER u0000020400000000 no match binder: 7586:7589 got transaction to invalid handle binder: 7586:7589 transaction failed 29201/-22, size 0-64 line 2832 binder: release 7586:7589 transaction 70 out, still active binder: undelivered TRANSACTION_COMPLETE binder: undelivered TRANSACTION_ERROR: 29201 binder: send failed reply for transaction 70, target dead binder: undelivered TRANSACTION_ERROR: 29201 binder: undelivered TRANSACTION_ERROR: 29189 netlink: 8 bytes leftover after parsing attributes in process `syz-executor3'. netlink: 8 bytes leftover after parsing attributes in process `syz-executor3'. QAT: Invalid ioctl QAT: Invalid ioctl device gre0 entered promiscuous mode device gre0 entered promiscuous mode QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl could not allocate digest TFM handle selinux! could not allocate digest TFM handle selinux! QAT: Invalid ioctl QAT: Invalid ioctl kauditd_printk_skb: 306 callbacks suppressed audit: type=1400 audit(1513251479.009:862): avc: denied { read } for pid=7924 comm="syz-executor7" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 device gre0 entered promiscuous mode QAT: Invalid ioctl QAT: Invalid ioctl audit: type=1326 audit(1513251479.181:863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=7956 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452a39 code=0x7ffc0000 audit: type=1326 audit(1513251479.181:864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=7956 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452a39 code=0x7ffc0000 audit: type=1326 audit(1513251479.207:865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=7956 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=41 compat=0 ip=0x452a39 code=0x7ffc0000 audit: type=1326 audit(1513251479.215:866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=7956 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452a39 code=0x7ffc0000 QAT: Stopping all acceleration devices. audit: type=1326 audit(1513251479.216:867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=7956 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452a39 code=0x7ffc0000 audit: type=1326 audit(1513251479.239:868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=7956 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=55 compat=0 ip=0x452a39 code=0x7ffc0000 audit: type=1326 audit(1513251479.239:869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=7956 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452a39 code=0x7ffc0000 audit: type=1326 audit(1513251479.240:870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=7956 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452a39 code=0x7ffc0000 QAT: Stopping all acceleration devices. audit: type=1326 audit(1513251479.264:871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=7956 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=72 compat=0 ip=0x452a39 code=0x7ffc0000 QAT: Invalid ioctl QAT: Invalid ioctl nla_parse: 18 callbacks suppressed netlink: 1 bytes leftover after parsing attributes in process `syz-executor5'. kvm_pmu: event creation failed -2 netlink: 1 bytes leftover after parsing attributes in process `syz-executor5'. netlink: 14 bytes leftover after parsing attributes in process `syz-executor4'. netlink: 14 bytes leftover after parsing attributes in process `syz-executor4'. device gre0 entered promiscuous mode netlink: 9 bytes leftover after parsing attributes in process `syz-executor7'. 9pnet_virtio: no channels available for device ./file0 netlink: 9 bytes leftover after parsing attributes in process `syz-executor7'. 9pnet_virtio: no channels available for device ./file0 netlink: 5 bytes leftover after parsing attributes in process `syz-executor0'. netlink: 5 bytes leftover after parsing attributes in process `syz-executor0'. device syz5 entered promiscuous mode binder: 8549:8553 got transaction with invalid offset (41, min 24 max 64) or object. netlink: 1 bytes leftover after parsing attributes in process `syz-executor3'. binder: BINDER_SET_CONTEXT_MGR already set binder: 8483:8489 ioctl 40046207 0 returned -16 binder: 8549:8563 ioctl c018620b 20001000 returned -14 netlink: 1 bytes leftover after parsing attributes in process `syz-executor3'. binder_alloc: binder_alloc_mmap_handler: 8549 20000000-20002000 already mapped failed -16 binder: BINDER_SET_CONTEXT_MGR already set binder: 8549:8563 ioctl 40046207 0 returned -16 binder_alloc: 8549: binder_alloc_buf, no vma binder: 8549:8583 transaction failed 29189/-3, size 64-16 line 2947 binder: 8549:8563 ioctl c018620b 20001000 returned -14 device  entered promiscuous mode device  left promiscuous mode device  entered promiscuous mode device  left promiscuous mode binder: 8549:8553 transaction failed 29201/-22, size 64-16 line 3010 binder: undelivered TRANSACTION_ERROR: 29189 binder: undelivered TRANSACTION_ERROR: 29201 QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl