netlink: 64 bytes leftover after parsing attributes in process `syz-executor6'. BUG: using __this_cpu_add() in preemptible [00000000] code: syz-executor3/29734 caller is __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62 CPU: 0 PID: 29734 Comm: syz-executor3 Not tainted 4.4.104-ged884eb #2 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 4ee9038404ab4c56 ffff8801d29e75e0 ffffffff81cc9b0f 0000000000000000 ffffffff839fd4a0 ffff8801d29e7620 ffffffff81d28d18 ffffffff83cecfa0 1ffff1003a53cecb ffff8800b88d4900 ffff8800b88d4480 Call Trace: [] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline] [] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51 [] check_preemption_disabled+0x1b8/0x1f0 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:46 [] __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62 [] tcp_try_coalesce+0x200/0x4b0 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/tcp_input.c:4278 [] tcp_queue_rcv+0xfe/0x720 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/tcp_input.c:4485 [] tcp_send_rcvq+0x391/0x4a0 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/tcp_input.c:4531 [] tcp_sendmsg+0x1d1c/0x36a0 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/tcp.c:1134 [] inet_sendmsg+0x26c/0x430 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/af_inet.c:755 [] sock_sendmsg_nosec /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:625 [inline] [] sock_sendmsg+0xb5/0xf0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:635 [] ___sys_sendmsg+0x2bd/0x7d0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1961 [] __sys_sendmmsg+0xf5/0x260 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2046 [] SYSC_sendmmsg /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2076 [inline] [] SyS_sendmmsg+0xd/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2071 [] entry_SYSCALL_64_fastpath+0x16/0x76 BUG: using __this_cpu_add() in preemptible [00000000] code: syz-executor3/29734 caller is __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62 CPU: 0 PID: 29734 Comm: syz-executor3 Not tainted 4.4.104-ged884eb #2 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 4ee9038404ab4c56 ffff8801d29e75e0 ffffffff81cc9b0f 0000000000000000 ffffffff839fd4a0 ffff8801d29e7620 ffffffff81d28d18 ffffffff83cecfa0 1ffff1003a53cecb ffff8800b88d4240 ffff8800b88d4000 Call Trace: [] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline] [] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51 [] check_preemption_disabled+0x1b8/0x1f0 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:46 [] __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62 [] tcp_try_coalesce+0x200/0x4b0 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/tcp_input.c:4278 [] tcp_queue_rcv+0xfe/0x720 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/tcp_input.c:4485 [] tcp_send_rcvq+0x391/0x4a0 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/tcp_input.c:4531 [] tcp_sendmsg+0x1d1c/0x36a0 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/tcp.c:1134 [] inet_sendmsg+0x26c/0x430 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/af_inet.c:755 [] sock_sendmsg_nosec /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:625 [inline] [] sock_sendmsg+0xb5/0xf0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:635 [] ___sys_sendmsg+0x2bd/0x7d0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1961 [] __sys_sendmmsg+0xf5/0x260 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2046 [] SYSC_sendmmsg /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2076 [inline] [] SyS_sendmmsg+0xd/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2071 [] entry_SYSCALL_64_fastpath+0x16/0x76 Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable SELinux: unrecognized netlink message: protocol=4 nlmsg_type=41 sclass=netlink_tcpdiag_socket SELinux: unrecognized netlink message: protocol=4 nlmsg_type=41 sclass=netlink_tcpdiag_socket device syz0 entered promiscuous mode device gre0 entered promiscuous mode device gre0 left promiscuous mode binder_alloc: binder_alloc_mmap_handler: 30458 20000000-20002000 already mapped failed -16 binder: 30458:30459 got transaction to invalid handle binder: 30458:30459 transaction failed 29201/-22, size 96-56 line 3008 binder: 30458:30481 ERROR: BC_REGISTER_LOOPER called without request binder: 30458:30481 unknown command 0 binder_alloc: binder_alloc_mmap_handler: 30458 20f6c000-20f70000 already mapped failed -16 binder: 30458:30481 ioctl c0306201 2000a000 returned -22 binder: BINDER_SET_CONTEXT_MGR already set binder: 30458:30481 ioctl 40046207 0 returned -16 binder: 30458:30459 got transaction to invalid handle device gre0 entered promiscuous mode binder: 30458:30525 ERROR: BC_REGISTER_LOOPER called without request binder: 30458:30459 transaction failed 29201/-22, size 96-56 line 3008 binder: 30458:30525 BC_FREE_BUFFER u0000000000000000 no match binder: 30458:30525 ERROR: BC_ENTER_LOOPER called after BC_REGISTER_LOOPER binder: undelivered TRANSACTION_ERROR: 29201 binder: undelivered TRANSACTION_ERROR: 29201 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=6 sclass=netlink_route_socket device gre0 entered promiscuous mode SELinux: unrecognized netlink message: protocol=0 nlmsg_type=6 sclass=netlink_route_socket binder: 30706:30725 tried to acquire reference to desc 0, got 1 instead binder: 30706:30725 BC_REQUEST_DEATH_NOTIFICATION death notification already set binder: 30706:30739 IncRefs 0 refcount change on invalid ref 0 ret -22 device syz5 entered promiscuous mode device gre0 entered promiscuous mode binder: 30977:30985 ioctl c0046209 20001000 returned -22 nla_parse: 37 callbacks suppressed netlink: 73 bytes leftover after parsing attributes in process `syz-executor0'. binder: 30977:30996 ioctl c018620b 208dbfe8 returned -14 binder: 30977:30996 ioctl 40046205 100000001 returned -22 binder: 30977:31026 ioctl c018620b 208dbfe8 returned -14 binder: 31134:31138 ERROR: BC_REGISTER_LOOPER called without request binder: BINDER_SET_CONTEXT_MGR already set binder: 31134:31154 ioctl 40046207 0 returned -16 binder: 31134:31164 ERROR: BC_REGISTER_LOOPER called without request netlink: 11 bytes leftover after parsing attributes in process `syz-executor1'. SELinux: unrecognized netlink message: protocol=6 nlmsg_type=41 sclass=netlink_xfrm_socket netlink: 11 bytes leftover after parsing attributes in process `syz-executor1'. SELinux: unrecognized netlink message: protocol=6 nlmsg_type=41 sclass=netlink_xfrm_socket audit: type=1326 audit(1512768455.554:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=31236 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x452a39 code=0x0 audit: type=1326 audit(1512768455.714:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=31236 comm="syz-executor7" exe="/root/syz-executor7" sig=9 arch=c000003e syscall=202 compat=0 ip=0x452a39 code=0x0 netlink: 2 bytes leftover after parsing attributes in process `syz-executor3'. netlink: 2 bytes leftover after parsing attributes in process `syz-executor3'. netlink: 2 bytes leftover after parsing attributes in process `syz-executor3'. netlink: 2 bytes leftover after parsing attributes in process `syz-executor3'. device gre0 entered promiscuous mode netlink: 11 bytes leftover after parsing attributes in process `syz-executor3'. netlink: 11 bytes leftover after parsing attributes in process `syz-executor3'. device gre0 entered promiscuous mode device gre0 entered promiscuous mode loop: Write error at byte offset 0, length 4096. blk_update_request: I/O error, dev loop4, sector 0 Buffer I/O error on dev loop4, logical block 0, lost async page write loop: Write error at byte offset 0, length 4096. blk_update_request: I/O error, dev loop4, sector 0 Buffer I/O error on dev loop4, logical block 0, lost async page write loop: Write error at byte offset 4096, length 1024. blk_update_request: I/O error, dev loop4, sector 8 Buffer I/O error on dev loop4, logical block 1, lost async page write loop: Write error at byte offset 0, length 4096. blk_update_request: I/O error, dev loop4, sector 0 Buffer I/O error on dev loop4, logical block 0, lost async page write BUG: using __this_cpu_add() in preemptible [00000000] code: syz-executor6/31751 caller is __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62 CPU: 1 PID: 31751 Comm: syz-executor6 Not tainted 4.4.104-ged884eb #2 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 3a59e6f809db3255 ffff8800b2ec75e0 ffffffff81cc9b0f 0000000000000001 ffffffff839fd4a0 ffff8800b2ec7620 ffffffff81d28d18 ffffffff83cecfa0 1ffff100165d8ecb ffff8800b8b30000 ffff8800b8b31680 Call Trace: [] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline] [] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51 [] check_preemption_disabled+0x1b8/0x1f0 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:46 [] __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62 [] tcp_try_coalesce+0x200/0x4b0 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/tcp_input.c:4278 [] tcp_queue_rcv+0xfe/0x720 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/tcp_input.c:4485 [] tcp_send_rcvq+0x391/0x4a0 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/tcp_input.c:4531 [] tcp_sendmsg+0x1d1c/0x36a0 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/tcp.c:1134 [] inet_sendmsg+0x26c/0x430 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/af_inet.c:755 [] sock_sendmsg_nosec /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:625 [inline] [] sock_sendmsg+0xb5/0xf0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:635 [] ___sys_sendmsg+0x2bd/0x7d0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1961 [] __sys_sendmmsg+0xf5/0x260 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2046 [] SYSC_sendmmsg /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2076 [inline] [] SyS_sendmmsg+0xd/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2071 [] entry_SYSCALL_64_fastpath+0x16/0x76 loop: Write error at byte offset 0, length 4096. blk_update_request: I/O error, dev loop4, sector 0 Buffer I/O error on dev loop4, logical block 0, lost async page write loop: Write error at byte offset 4096, length 1024. blk_update_request: I/O error, dev loop4, sector 8 Buffer I/O error on dev loop4, logical block 1, lost async page write VFS: Dirty inode writeback failed for block device loop4 (err=-5). BUG: using __this_cpu_add() in preemptible [00000000] code: syz-executor5/31857 caller is __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62 CPU: 1 PID: 31857 Comm: syz-executor5 Not tainted 4.4.104-ged884eb #2 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 e9e8d0a90f28755e ffff8800b5c475e0 ffffffff81cc9b0f 0000000000000001 ffffffff839fd4a0 ffff8800b5c47620 ffffffff81d28d18 ffffffff83cecfa0 1ffff10016b88ecb ffff8800b8b30480 ffff8800b8b30b40 Call Trace: [] __dump_stack /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:15 [inline] [] dump_stack+0x8e/0xcf /syzkaller/managers/android-44-kasan-gce/kernel/lib/dump_stack.c:51 [] check_preemption_disabled+0x1b8/0x1f0 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:46 [] __this_cpu_preempt_check+0x13/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/lib/smp_processor_id.c:62 [] tcp_try_coalesce+0x200/0x4b0 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/tcp_input.c:4278 [] tcp_queue_rcv+0xfe/0x720 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/tcp_input.c:4485 [] tcp_send_rcvq+0x391/0x4a0 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/tcp_input.c:4531 [] tcp_sendmsg+0x1d1c/0x36a0 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/tcp.c:1134 [] inet_sendmsg+0x26c/0x430 /syzkaller/managers/android-44-kasan-gce/kernel/net/ipv4/af_inet.c:755 device gre0 entered promiscuous mode [] sock_sendmsg_nosec /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:625 [inline] [] sock_sendmsg+0xb5/0xf0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:635 [] ___sys_sendmsg+0x2bd/0x7d0 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:1961 [] __sys_sendmmsg+0xf5/0x260 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2046 [] SYSC_sendmmsg /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2076 [inline] [] SyS_sendmmsg+0xd/0x20 /syzkaller/managers/android-44-kasan-gce/kernel/net/socket.c:2071 [] entry_SYSCALL_64_fastpath+0x16/0x76 device syz5 entered promiscuous mode audit: type=1400 audit(1512768458.504:35): avc: denied { read } for pid=32063 comm="syz-executor7" path="socket:[43962]" dev="sockfs" ino=43962 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=257 sclass=netlink_route_socket device syz4 entered promiscuous mode SELinux: unrecognized netlink message: protocol=0 nlmsg_type=257 sclass=netlink_route_socket audit: type=1326 audit(1512768459.174:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=32271 comm="syz-executor1" exe="/root/syz-executor1" sig=9 arch=c000003e syscall=202 compat=0 ip=0x452a39 code=0x0 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=6 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=6 sclass=netlink_route_socket audit: type=1400 audit(1512768459.574:37): avc: denied { connect } for pid=32419 comm="syz-executor4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 binder: 32460:32473 ioctl c018620b 208dbfe8 returned -14 device gre0 entered promiscuous mode binder: 32460:32503 ioctl c018620b 208dbfe8 returned -14 binder: 32519:32523 ERROR: BC_REGISTER_LOOPER called without request binder: 32519:32523 got reply transaction with no transaction stack binder: 32519:32523 transaction failed 29201/-71, size 32-8 line 2924 binder: send failed reply for transaction 470 to 32519:32531 binder: 32519:32523 ioctl c0306201 2000dfd0 returned -14 binder: undelivered TRANSACTION_ERROR: 29201 binder: undelivered TRANSACTION_COMPLETE binder: 32519:32523 ERROR: BC_REGISTER_LOOPER called without request binder_alloc: 32519: binder_alloc_buf, no vma binder: undelivered TRANSACTION_ERROR: 29201 binder: 32519:32531 transaction failed 29189/-3, size 0-0 line 3131 binder: 32519:32523 got reply transaction with no transaction stack binder: 32519:32523 transaction failed 29201/-71, size 32-8 line 2924 binder: undelivered TRANSACTION_ERROR: 29201 device syz2 entered promiscuous mode binder: undelivered TRANSACTION_ERROR: 29189 Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable