==================================================================
BUG: KASAN: use-after-free in __read_once_size include/linux/compiler.h:243 [inline] at addr ffff8801a8652810
BUG: KASAN: use-after-free in atomic_read arch/x86/include/asm/atomic.h:26 [inline] at addr ffff8801a8652810
BUG: KASAN: use-after-free in static_key_count include/linux/jump_label.h:174 [inline] at addr ffff8801a8652810
BUG: KASAN: use-after-free in static_key_false include/linux/jump_label.h:184 [inline] at addr ffff8801a8652810
BUG: KASAN: use-after-free in perf_sw_event include/linux/perf_event.h:1039 [inline] at addr ffff8801a8652810
BUG: KASAN: use-after-free in __do_page_fault+0xc80/0xd70 arch/x86/mm/fault.c:1438 at addr ffff8801a8652810
Read of size 8 by task syz-executor7/9020
CPU: 1 PID: 9020 Comm: syz-executor7 Not tainted 4.9.64-gfbb7468 #94
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 ffff8801d0d3fd88 ffffffff81d90429 ffff8801da155140 ffff8801a86527c0
 ffff8801a8652878 ffffed00350ca502 ffff8801a8652810 ffff8801d0d3fdb0
 ffffffff8153a3ac ffffed00350ca502 ffff8801da155140 0000000000000000
Call Trace:
 [<ffffffff81d90429>] __dump_stack lib/dump_stack.c:15 [inline]
 [<ffffffff81d90429>] dump_stack+0xc1/0x128 lib/dump_stack.c:51
 [<ffffffff8153a3ac>] kasan_object_err+0x1c/0x70 mm/kasan/report.c:160
 [<ffffffff8153a66c>] print_address_description mm/kasan/report.c:198 [inline]
 [<ffffffff8153a66c>] kasan_report_error mm/kasan/report.c:287 [inline]
 [<ffffffff8153a66c>] kasan_report.part.1+0x21c/0x500 mm/kasan/report.c:309
 [<ffffffff8153aa09>] kasan_report mm/kasan/report.c:330 [inline]
 [<ffffffff8153aa09>] __asan_report_load8_noabort+0x29/0x30 mm/kasan/report.c:330
 [<ffffffff810ddb10>] __read_once_size include/linux/compiler.h:243 [inline]
 [<ffffffff810ddb10>] atomic_read arch/x86/include/asm/atomic.h:26 [inline]
 [<ffffffff810ddb10>] static_key_count include/linux/jump_label.h:174 [inline]
 [<ffffffff810ddb10>] static_key_false include/linux/jump_label.h:184 [inline]
 [<ffffffff810ddb10>] perf_sw_event include/linux/perf_event.h:1039 [inline]
 [<ffffffff810ddb10>] __do_page_fault+0xc80/0xd70 arch/x86/mm/fault.c:1438
 [<ffffffff810ddc27>] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1460
 [<ffffffff838aa958>] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:1012
Object at ffff8801a86527c0, in cache vm_area_struct size: 184
Allocated:
PID = 9020
 save_stack_trace+0x16/0x20 arch/x86/kernel/stacktrace.c:57
 save_stack+0x43/0xd0 mm/kasan/kasan.c:495
 set_track mm/kasan/kasan.c:507 [inline]
 kasan_kmalloc+0xad/0xe0 mm/kasan/kasan.c:598
 kasan_slab_alloc+0x12/0x20 mm/kasan/kasan.c:537
 slab_post_alloc_hook mm/slab.h:417 [inline]
 slab_alloc_node mm/slub.c:2715 [inline]
 slab_alloc mm/slub.c:2723 [inline]
 kmem_cache_alloc+0xba/0x290 mm/slub.c:2728
 kmem_cache_zalloc include/linux/slab.h:626 [inline]
 mmap_region+0x587/0xfd0 mm/mmap.c:1662
 do_mmap+0x57b/0xbe0 mm/mmap.c:1473
 do_mmap_pgoff include/linux/mm.h:2018 [inline]
 vm_mmap_pgoff+0x16b/0x1b0 mm/util.c:305
 SYSC_mmap_pgoff mm/mmap.c:1523 [inline]
 SyS_mmap_pgoff+0xd0/0x560 mm/mmap.c:1481
 SYSC_mmap arch/x86/kernel/sys_x86_64.c:95 [inline]
 SyS_mmap+0x16/0x20 arch/x86/kernel/sys_x86_64.c:86
 entry_SYSCALL_64_fastpath+0x23/0xc6
Freed:
PID = 9024
 save_stack_trace+0x16/0x20 arch/x86/kernel/stacktrace.c:57
 save_stack+0x43/0xd0 mm/kasan/kasan.c:495
 set_track mm/kasan/kasan.c:507 [inline]
 kasan_slab_free+0x73/0xc0 mm/kasan/kasan.c:571
 slab_free_hook mm/slub.c:1355 [inline]
 slab_free_freelist_hook mm/slub.c:1377 [inline]
 slab_free mm/slub.c:2958 [inline]
 kmem_cache_free+0xb2/0x2e0 mm/slub.c:2980
 remove_vma+0x11d/0x160 mm/mmap.c:175
 remove_vma_list mm/mmap.c:2482 [inline]
 do_munmap+0x7ff/0xeb0 mm/mmap.c:2705
 mmap_region+0x14d/0xfd0 mm/mmap.c:1635
 do_mmap+0x57b/0xbe0 mm/mmap.c:1473
 do_mmap_pgoff include/linux/mm.h:2018 [inline]
 vm_mmap_pgoff+0x16b/0x1b0 mm/util.c:305
 SYSC_mmap_pgoff mm/mmap.c:1523 [inline]
 SyS_mmap_pgoff+0xd0/0x560 mm/mmap.c:1481
 SYSC_mmap arch/x86/kernel/sys_x86_64.c:95 [inline]
 SyS_mmap+0x16/0x20 arch/x86/kernel/sys_x86_64.c:86
 entry_SYSCALL_64_fastpath+0x23/0xc6
Memory state around the buggy address:
 ffff8801a8652700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
 ffff8801a8652780: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb
>ffff8801a8652800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fc
                         ^
 ffff8801a8652880: fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb fb
 ffff8801a8652900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc
==================================================================
binder: 9051:9054 ioctl 541c 20dd8ff4 returned -22
binder: 9051:9054 ioctl 54a3 0 returned -22
IPVS: Creating netns size=2536 id=22
binder_alloc: binder_alloc_mmap_handler: 9051 20000000-20400000 already mapped failed -16
binder: 9051:9070 ioctl 541c 20dd8ff4 returned -22
binder: 9051:9054 ioctl 54a3 0 returned -22
IPVS: Creating netns size=2536 id=23
9pnet_virtio: no channels available for device ./file0
9pnet_virtio: no channels available for device ./file0
IPVS: Creating netns size=2536 id=24
FAULT_FLAG_ALLOW_RETRY missing 30
FAULT_FLAG_ALLOW_RETRY missing 30
CPU: 0 PID: 9132 Comm: syz-executor6 Tainted: G    B           4.9.64-gfbb7468 #94
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 ffff8801d879f8b0 ffffffff81d90429 ffff8801d879fb90 0000000000000000
 ffff8801a91e2d10 ffff8801d879fa80 ffff8801a91e2c00 ffff8801d879faa8
 ffffffff8165e3c7 ffff8801a97f6000 ffff8801d879fa00 00000001d8dd6067
Call Trace:
 [<ffffffff81d90429>] __dump_stack lib/dump_stack.c:15 [inline]
 [<ffffffff81d90429>] dump_stack+0xc1/0x128 lib/dump_stack.c:51
 [<ffffffff8165e3c7>] handle_userfault+0xa37/0x1300 fs/userfaultfd.c:323
 [<ffffffff814cd6c1>] do_anonymous_page mm/memory.c:2747 [inline]
 [<ffffffff814cd6c1>] handle_pte_fault mm/memory.c:3488 [inline]
 [<ffffffff814cd6c1>] __handle_mm_fault mm/memory.c:3577 [inline]
 [<ffffffff814cd6c1>] handle_mm_fault+0x1fd1/0x2530 mm/memory.c:3614
 [<ffffffff810dd447>] __do_page_fault+0x5b7/0xd70 arch/x86/mm/fault.c:1396
 [<ffffffff810ddc27>] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1460
 [<ffffffff838aa958>] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:1012
 [<ffffffff838a9785>] entry_SYSCALL_64_fastpath+0x23/0xc6
CPU: 1 PID: 9141 Comm: syz-executor6 Tainted: G    B           4.9.64-gfbb7468 #94
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 ffff8801cb2ef930 ffffffff81d90429 ffff8801cb2efc10 0000000000000000
 ffff8801a91e2d10 ffff8801cb2efb00 ffff8801a91e2c00 ffff8801cb2efb28
 ffffffff8165e3c7 0000000000000000 ffff8801cb2efa80 00000001d8dd6067
Call Trace:
 [<ffffffff81d90429>] __dump_stack lib/dump_stack.c:15 [inline]
 [<ffffffff81d90429>] dump_stack+0xc1/0x128 lib/dump_stack.c:51
 [<ffffffff8165e3c7>] handle_userfault+0xa37/0x1300 fs/userfaultfd.c:323
 [<ffffffff814cd6c1>] do_anonymous_page mm/memory.c:2747 [inline]
 [<ffffffff814cd6c1>] handle_pte_fault mm/memory.c:3488 [inline]
 [<ffffffff814cd6c1>] __handle_mm_fault mm/memory.c:3577 [inline]
 [<ffffffff814cd6c1>] handle_mm_fault+0x1fd1/0x2530 mm/memory.c:3614
 [<ffffffff810dd447>] __do_page_fault+0x5b7/0xd70 arch/x86/mm/fault.c:1396
 [<ffffffff810ddc27>] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1460
 [<ffffffff838aa958>] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:1012
 [<ffffffff838a9785>] entry_SYSCALL_64_fastpath+0x23/0xc6
pktgen: kernel_thread() failed for cpu 0
pktgen: Cannot create thread for cpu 0 (-4)
pktgen: kernel_thread() failed for cpu 1
pktgen: Cannot create thread for cpu 1 (-4)
pktgen: Initialization failed for all threads
device lo left promiscuous mode
device gre0 entered promiscuous mode
device gre0 entered promiscuous mode
device gre0 entered promiscuous mode
device gre0 left promiscuous mode
netlink: 5 bytes leftover after parsing attributes in process `syz-executor1'.
device gre0 entered promiscuous mode
netlink: 5 bytes leftover after parsing attributes in process `syz-executor1'.
device gre0 entered promiscuous mode
device gre0 entered promiscuous mode
netlink: 6 bytes leftover after parsing attributes in process `syz-executor7'.
device gre0 entered promiscuous mode
netlink: 3 bytes leftover after parsing attributes in process `syz-executor2'.
netlink: 3 bytes leftover after parsing attributes in process `syz-executor2'.
netlink: 3 bytes leftover after parsing attributes in process `syz-executor2'.
TCP: request_sock_TCP: Possible SYN flooding on port 20018. Sending cookies.  Check SNMP counters.
device gre0 entered promiscuous mode
netlink: 3 bytes leftover after parsing attributes in process `syz-executor2'.
netlink: 3 bytes leftover after parsing attributes in process `syz-executor2'.
binder: 9622:9629 ioctl 541c 20dd8ff4 returned -22
binder: 9622:9629 ioctl 54a3 0 returned -22
binder_alloc: binder_alloc_mmap_handler: 9622 20000000-20400000 already mapped failed -16
binder: 9622:9629 ioctl 541c 20dd8ff4 returned -22
binder: 9622:9655 ioctl 54a3 0 returned -22
netlink: 16 bytes leftover after parsing attributes in process `syz-executor2'.
netlink: 16 bytes leftover after parsing attributes in process `syz-executor2'.
netlink: 2 bytes leftover after parsing attributes in process `syz-executor2'.
binder: 9685:9691 ioctl 5609 208daffa returned -22
netlink: 2 bytes leftover after parsing attributes in process `syz-executor2'.
binder: 9685:9704 ioctl 5609 208daffa returned -22
FAULT_FLAG_ALLOW_RETRY missing 30
CPU: 1 PID: 9695 Comm: syz-executor7 Tainted: G    B           4.9.64-gfbb7468 #94
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 ffff8801a89b74e0 ffffffff81d90429 ffff8801a89b77c0 0000000000000000
 ffff8801a91e5910 ffff8801a89b76b0 ffff8801a91e5800 ffff8801a89b76d8
 ffffffff8165e3c7 ffff880102408040 ffff8801a89b7630 00000001c7d94067
Call Trace:
 [<ffffffff81d90429>] __dump_stack lib/dump_stack.c:15 [inline]
 [<ffffffff81d90429>] dump_stack+0xc1/0x128 lib/dump_stack.c:51
 [<ffffffff8165e3c7>] handle_userfault+0xa37/0x1300 fs/userfaultfd.c:323
 [<ffffffff814cd6c1>] do_anonymous_page mm/memory.c:2747 [inline]
 [<ffffffff814cd6c1>] handle_pte_fault mm/memory.c:3488 [inline]
 [<ffffffff814cd6c1>] __handle_mm_fault mm/memory.c:3577 [inline]
 [<ffffffff814cd6c1>] handle_mm_fault+0x1fd1/0x2530 mm/memory.c:3614
 [<ffffffff810dd447>] __do_page_fault+0x5b7/0xd70 arch/x86/mm/fault.c:1396
 [<ffffffff810ddc27>] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1460
 [<ffffffff838aa958>] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:1012
 [<ffffffff8143127c>] generic_perform_write+0x1dc/0x500 mm/filemap.c:2731
 [<ffffffff81438e58>] __generic_file_write_iter+0x348/0x570 mm/filemap.c:2866
 [<ffffffff81439355>] generic_file_write_iter+0x2d5/0x600 mm/filemap.c:2894
 [<ffffffff8156a9ef>] new_sync_write fs/read_write.c:499 [inline]
 [<ffffffff8156a9ef>] __vfs_write+0x4bf/0x680 fs/read_write.c:512
 [<ffffffff8156c319>] vfs_write+0x189/0x530 fs/read_write.c:560
 [<ffffffff8156fe09>] SYSC_write fs/read_write.c:607 [inline]
 [<ffffffff8156fe09>] SyS_write+0xd9/0x1b0 fs/read_write.c:599
 [<ffffffff838a9785>] entry_SYSCALL_64_fastpath+0x23/0xc6
FAULT_FLAG_ALLOW_RETRY missing 30
CPU: 0 PID: 9705 Comm: syz-executor7 Tainted: G    B           4.9.64-gfbb7468 #94
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 ffff8801d0a574e0 ffffffff81d90429 ffff8801d0a577c0 0000000000000000
 ffff8801c67a9790 ffff8801d0a576b0 ffff8801c67a9680 ffff8801d0a576d8
 ffffffff8165e3c7 ffffffff810d3db6 ffff8801d0a57630 00000001c76ce067
Call Trace:
 [<ffffffff81d90429>] __dump_stack lib/dump_stack.c:15 [inline]
 [<ffffffff81d90429>] dump_stack+0xc1/0x128 lib/dump_stack.c:51
 [<ffffffff8165e3c7>] handle_userfault+0xa37/0x1300 fs/userfaultfd.c:323
 [<ffffffff814cd6c1>] do_anonymous_page mm/memory.c:2747 [inline]
 [<ffffffff814cd6c1>] handle_pte_fault mm/memory.c:3488 [inline]
 [<ffffffff814cd6c1>] __handle_mm_fault mm/memory.c:3577 [inline]
 [<ffffffff814cd6c1>] handle_mm_fault+0x1fd1/0x2530 mm/memory.c:3614
 [<ffffffff810dd447>] __do_page_fault+0x5b7/0xd70 arch/x86/mm/fault.c:1396
 [<ffffffff810ddc27>] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1460
 [<ffffffff838aa958>] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:1012
 [<ffffffff8143127c>] generic_perform_write+0x1dc/0x500 mm/filemap.c:2731
 [<ffffffff81438e58>] __generic_file_write_iter+0x348/0x570 mm/filemap.c:2866
 [<ffffffff81439355>] generic_file_write_iter+0x2d5/0x600 mm/filemap.c:2894
 [<ffffffff8156a9ef>] new_sync_write fs/read_write.c:499 [inline]
 [<ffffffff8156a9ef>] __vfs_write+0x4bf/0x680 fs/read_write.c:512
 [<ffffffff8156c319>] vfs_write+0x189/0x530 fs/read_write.c:560
 [<ffffffff8156fe09>] SYSC_write fs/read_write.c:607 [inline]
 [<ffffffff8156fe09>] SyS_write+0xd9/0x1b0 fs/read_write.c:599
 [<ffffffff838a9785>] entry_SYSCALL_64_fastpath+0x23/0xc6
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=9826 comm=syz-executor6
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=9826 comm=syz-executor6
Option '9˜ŸT§' to dns_resolver key: bad/missing value
Option '9˜ŸT§' to dns_resolver key: bad/missing value
FAULT_FLAG_ALLOW_RETRY missing 70
FAULT_FLAG_ALLOW_RETRY missing 30
CPU: 1 PID: 9907 Comm: syz-executor2 Tainted: G    B           4.9.64-gfbb7468 #94
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 ffff8801c6cb78b0 ffffffff81d90429 ffff8801c6cb7b90 0000000000000000
 ffff8801c67a9c10 ffff8801c6cb7a80 ffff8801c67a9b00 ffff8801c6cb7aa8
 ffffffff8165e3c7 ffffffff83897fe3 ffff8801c6cb7a00 00000001a811d067
Call Trace:
 [<ffffffff81d90429>] __dump_stack lib/dump_stack.c:15 [inline]
 [<ffffffff81d90429>] dump_stack+0xc1/0x128 lib/dump_stack.c:51
 [<ffffffff8165e3c7>] handle_userfault+0xa37/0x1300 fs/userfaultfd.c:323
 [<ffffffff814cd6c1>] do_anonymous_page mm/memory.c:2747 [inline]
 [<ffffffff814cd6c1>] handle_pte_fault mm/memory.c:3488 [inline]
 [<ffffffff814cd6c1>] __handle_mm_fault mm/memory.c:3577 [inline]
 [<ffffffff814cd6c1>] handle_mm_fault+0x1fd1/0x2530 mm/memory.c:3614
 [<ffffffff810dd447>] __do_page_fault+0x5b7/0xd70 arch/x86/mm/fault.c:1396
 [<ffffffff810ddc27>] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1460
 [<ffffffff838aa958>] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:1012
 [<ffffffff812b6b0c>] SyS_clock_adjtime+0x1c/0x30 kernel/time/posix-timers.c:1045
 [<ffffffff838a9785>] entry_SYSCALL_64_fastpath+0x23/0xc6
device gre0 entered promiscuous mode
9pnet_virtio: no channels available for device ./file0
CPU: 0 PID: 9918 Comm: syz-executor2 Tainted: G    B           4.9.64-gfbb7468 #94
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 ffff8801cce4fae0 ffffffff81d90429 ffff8801cce4fdc0 0000000000000000
 ffff8801c67a9c10 ffff8801cce4fcb0 ffff8801c67a9b00 ffff8801cce4fcd8
 ffffffff8165e3c7 0000000000000000 ffff8801cce4fc30 00000001a811d067
Call Trace:
 [<ffffffff81d90429>] __dump_stack lib/dump_stack.c:15 [inline]
 [<ffffffff81d90429>] dump_stack+0xc1/0x128 lib/dump_stack.c:51
 [<ffffffff8165e3c7>] handle_userfault+0xa37/0x1300 fs/userfaultfd.c:323
 [<ffffffff814cd6c1>] do_anonymous_page mm/memory.c:2747 [inline]
 [<ffffffff814cd6c1>] handle_pte_fault mm/memory.c:3488 [inline]
 [<ffffffff814cd6c1>] __handle_mm_fault mm/memory.c:3577 [inline]
 [<ffffffff814cd6c1>] handle_mm_fault+0x1fd1/0x2530 mm/memory.c:3614
 [<ffffffff810dd447>] __do_page_fault+0x5b7/0xd70 arch/x86/mm/fault.c:1396
 [<ffffffff810ddc27>] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1460
 [<ffffffff838aa958>] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:1012
device gre0 entered promiscuous mode
device gre0 entered promiscuous mode
IPVS: Creating netns size=2536 id=25
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=59136 sclass=netlink_route_socket pig=10151 comm=syz-executor7
SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pig=10157 comm=syz-executor3
SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pig=10157 comm=syz-executor3
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=59136 sclass=netlink_route_socket pig=10164 comm=syz-executor7
pktgen: kernel_thread() failed for cpu 0
pktgen: Cannot create thread for cpu 0 (-4)
pktgen: kernel_thread() failed for cpu 1
pktgen: Cannot create thread for cpu 1 (-4)
pktgen: Initialization failed for all threads
tmpfs: No value for mount option '‹¶K"WöË
O¢©S£d€Yl®'
device lo entered promiscuous mode
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=10322 comm=syz-executor0
device lo left promiscuous mode
device lo entered promiscuous mode
binder: 10348:10353 ioctl 4b45 20306000 returned -22
binder: 10348:10353 ioctl 4b45 20306000 returned -22
device gre0 entered promiscuous mode
binder: 10437:10440 ioctl 4c08 fffffffffffffffd returned -22
binder: 10437:10454 ioctl 4c08 fffffffffffffffd returned -22
binder: 10547:10552 ioctl 80404509 20a1d000 returned -22
binder_alloc: binder_alloc_mmap_handler: 10547 20f5a000-20f5c000 already mapped failed -16
binder: 10547:10568 ioctl 80404509 20a1d000 returned -22
binder_alloc: binder_alloc_mmap_handler: 10547 20f5a000-20f5c000 already mapped failed -16
Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
device lo entered promiscuous mode
qtaguid: iface_stat: iface_check_stats_reset_and_adjust(lo): iface reset its stats unexpectedly
SELinux: unrecognized netlink message: protocol=9 nlmsg_type=65535 sclass=netlink_audit_socket pig=10695 comm=syz-executor6
nla_parse: 9 callbacks suppressed
netlink: 1 bytes leftover after parsing attributes in process `syz-executor5'.
device lo entered promiscuous mode
device lo left promiscuous mode
SELinux: unrecognized netlink message: protocol=9 nlmsg_type=65535 sclass=netlink_audit_socket pig=10695 comm=syz-executor6
9pnet_virtio: no channels available for device ./file0
9pnet_virtio: no channels available for device ./file0
PF_BRIDGE: RTM_NEWNEIGH with invalid ifindex
FAULT_FLAG_ALLOW_RETRY missing 30
CPU: 0 PID: 10736 Comm: syz-executor3 Tainted: G    B           4.9.64-gfbb7468 #94
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 ffff8801d59f7940 ffffffff81d90429 ffff8801d59f7c20 0000000000000000
 ffff8801c8c4a890 ffff8801d59f7b10 ffff8801c8c4a780 ffff8801d59f7b38
 ffffffff8165e3c7 1ffff1003ab3ef2f ffff8801d59f7a90 00000001c582e067
Call Trace:
 [<ffffffff81d90429>] __dump_stack lib/dump_stack.c:15 [inline]
 [<ffffffff81d90429>] dump_stack+0xc1/0x128 lib/dump_stack.c:51
 [<ffffffff8165e3c7>] handle_userfault+0xa37/0x1300 fs/userfaultfd.c:323
 [<ffffffff814cd6c1>] do_anonymous_page mm/memory.c:2747 [inline]
 [<ffffffff814cd6c1>] handle_pte_fault mm/memory.c:3488 [inline]
 [<ffffffff814cd6c1>] __handle_mm_fault mm/memory.c:3577 [inline]
 [<ffffffff814cd6c1>] handle_mm_fault+0x1fd1/0x2530 mm/memory.c:3614
 [<ffffffff810dd447>] __do_page_fault+0x5b7/0xd70 arch/x86/mm/fault.c:1396
 [<ffffffff810ddc27>] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1460
 [<ffffffff838aa958>] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:1012
 [<ffffffff838a9785>] entry_SYSCALL_64_fastpath+0x23/0xc6
FAULT_FLAG_ALLOW_RETRY missing 30
CPU: 0 PID: 10706 Comm: syz-executor3 Tainted: G    B           4.9.64-gfbb7468 #94
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 ffff8801c8c6f970 ffffffff81d90429 ffff8801c8c6fc50 0000000000000000
 ffff8801c8c4a890 ffff8801c8c6fb40 ffff8801c8c4a780 ffff8801c8c6fb68
 ffffffff8165e3c7 ffffffff84186db4 ffff8801c8c6fac0 00000001c582e067
Call Trace:
 [<ffffffff81d90429>] __dump_stack lib/dump_stack.c:15 [inline]
 [<ffffffff81d90429>] dump_stack+0xc1/0x128 lib/dump_stack.c:51
 [<ffffffff8165e3c7>] handle_userfault+0xa37/0x1300 fs/userfaultfd.c:323
 [<ffffffff814cd6c1>] do_anonymous_page mm/memory.c:2747 [inline]
 [<ffffffff814cd6c1>] handle_pte_fault mm/memory.c:3488 [inline]
 [<ffffffff814cd6c1>] __handle_mm_fault mm/memory.c:3577 [inline]
 [<ffffffff814cd6c1>] handle_mm_fault+0x1fd1/0x2530 mm/memory.c:3614
 [<ffffffff810dd447>] __do_page_fault+0x5b7/0xd70 arch/x86/mm/fault.c:1396
 [<ffffffff810ddc27>] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1460
 [<ffffffff838aa958>] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:1012
 [<ffffffff838a9785>] entry_SYSCALL_64_fastpath+0x23/0xc6
FAULT_FLAG_ALLOW_RETRY missing 30
CPU: 0 PID: 10692 Comm: syz-executor3 Tainted: G    B           4.9.64-gfbb7468 #94
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 ffff8801c60a78a0 ffffffff81d90429 ffff8801c60a7b80 0000000000000000
 ffff8801c8c4a890 ffff8801c60a7a70 ffff8801c8c4a780 ffff8801c60a7a98
 ffffffff8165e3c7 ffff8801d6e84540 ffff8801c60a79f0 00000001c582e067
Call Trace:
 [<ffffffff81d90429>] __dump_stack lib/dump_stack.c:15 [inline]
 [<ffffffff81d90429>] dump_stack+0xc1/0x128 lib/dump_stack.c:51
 [<ffffffff8165e3c7>] handle_userfault+0xa37/0x1300 fs/userfaultfd.c:323
 [<ffffffff814cd6c1>] do_anonymous_page mm/memory.c:2747 [inline]
 [<ffffffff814cd6c1>] handle_pte_fault mm/memory.c:3488 [inline]
 [<ffffffff814cd6c1>] __handle_mm_fault mm/memory.c:3577 [inline]
 [<ffffffff814cd6c1>] handle_mm_fault+0x1fd1/0x2530 mm/memory.c:3614
 [<ffffffff810dd447>] __do_page_fault+0x5b7/0xd70 arch/x86/mm/fault.c:1396
 [<ffffffff810ddc27>] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1460
 [<ffffffff838aa958>] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:1012
 [<ffffffff838a9785>] entry_SYSCALL_64_fastpath+0x23/0xc6
device lo entered promiscuous mode
device lo left promiscuous mode
TCP: request_sock_TCP: Possible SYN flooding on port 20018. Sending cookies.  Check SNMP counters.
binder: 10785:10786 ioctl 5603 20e9affa returned -22
binder: 10785:10786 ioctl c02c5341 20019000 returned -22
binder: 10785:10786 ioctl 8933 201bd000 returned -22
binder: 10785:10786 ioctl c0bc5310 20612000 returned -22
binder: 10785:10786 ioctl 4b69 20fb7f68 returned -22
netlink: 1 bytes leftover after parsing attributes in process `syz-executor4'.
binder: 10785:10798 ioctl 5603 20e9affa returned -22
binder: 10785:10786 ioctl c02c5341 20019000 returned -22
binder: 10785:10786 ioctl 8933 201bd000 returned -22
binder: 10785:10786 ioctl c0bc5310 20612000 returned -22
netlink: 1 bytes leftover after parsing attributes in process `syz-executor4'.
device lo entered promiscuous mode
device lo left promiscuous mode
binder: 10935:10938 ioctl 5402 20f52000 returned -22
binder: 10935:10938 ioctl 4b36 0 returned -22
binder: 10935:10954 ioctl 5402 20f52000 returned -22
device lo entered promiscuous mode
binder: 10935:10954 ioctl 4b36 0 returned -22
device lo left promiscuous mode
FAULT_FLAG_ALLOW_RETRY missing 30
FAULT_FLAG_ALLOW_RETRY missing 30
CPU: 1 PID: 10944 Comm: syz-executor5 Tainted: G    B           4.9.64-gfbb7468 #94
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 ffff8801c7ec7830 ffffffff81d90429 ffff8801c7ec7b10 0000000000000000
 ffff8801c67a9490 ffff8801c7ec7a00 ffff8801c67a9380 ffff8801c7ec7a28
 ffffffff8165e3c7 ffff8801db321400 ffff8801c7ec7980 00000001d9ae6067
Call Trace:
 [<ffffffff81d90429>] __dump_stack lib/dump_stack.c:15 [inline]
 [<ffffffff81d90429>] dump_stack+0xc1/0x128 lib/dump_stack.c:51
 [<ffffffff8165e3c7>] handle_userfault+0xa37/0x1300 fs/userfaultfd.c:323
 [<ffffffff814cd6c1>] do_anonymous_page mm/memory.c:2747 [inline]
 [<ffffffff814cd6c1>] handle_pte_fault mm/memory.c:3488 [inline]
 [<ffffffff814cd6c1>] __handle_mm_fault mm/memory.c:3577 [inline]
 [<ffffffff814cd6c1>] handle_mm_fault+0x1fd1/0x2530 mm/memory.c:3614
 [<ffffffff810dd447>] __do_page_fault+0x5b7/0xd70 arch/x86/mm/fault.c:1396
 [<ffffffff810ddc27>] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1460
 [<ffffffff838aa958>] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:1012
 [<ffffffff82ecf7a8>] move_addr_to_kernel net/socket.c:1568 [inline]
 [<ffffffff82ecf7a8>] SYSC_connect+0x288/0x310 net/socket.c:1553
 [<ffffffff82ed1f34>] SyS_connect+0x24/0x30 net/socket.c:1543
 [<ffffffff838a9785>] entry_SYSCALL_64_fastpath+0x23/0xc6
FAULT_FLAG_ALLOW_RETRY missing 30
CPU: 1 PID: 10928 Comm: syz-executor5 Tainted: G    B           4.9.64-gfbb7468 #94
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 ffff8801c8fc7900 ffffffff81d90429 ffff8801c8fc7be0 0000000000000000
 ffff8801c67a9490 ffff8801c8fc7ad0 ffff8801c67a9380 ffff8801c8fc7af8
 ffffffff8165e3c7 ffff880100000000 ffff8801c8fc7a50 00000001d9ae6067
Call Trace:
 [<ffffffff81d90429>] __dump_stack lib/dump_stack.c:15 [inline]
 [<ffffffff81d90429>] dump_stack+0xc1/0x128 lib/dump_stack.c:51
 [<ffffffff8165e3c7>] handle_userfault+0xa37/0x1300 fs/userfaultfd.c:323
 [<ffffffff814cd6c1>] do_anonymous_page mm/memory.c:2747 [inline]
 [<ffffffff814cd6c1>] handle_pte_fault mm/memory.c:3488 [inline]
 [<ffffffff814cd6c1>] __handle_mm_fault mm/memory.c:3577 [inline]
 [<ffffffff814cd6c1>] handle_mm_fault+0x1fd1/0x2530 mm/memory.c:3614
 [<ffffffff810dd447>] __do_page_fault+0x5b7/0xd70 arch/x86/mm/fault.c:1396
 [<ffffffff810ddc27>] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1460
 [<ffffffff838aa958>] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:1012
 [<ffffffff81375084>] SYSC_seccomp kernel/seccomp.c:809 [inline]
 [<ffffffff81375084>] SyS_seccomp+0x24/0x30 kernel/seccomp.c:806
 [<ffffffff838a9785>] entry_SYSCALL_64_fastpath+0x23/0xc6
CPU: 1 PID: 10964 Comm: syz-executor5 Tainted: G    B           4.9.64-gfbb7468 #94
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 ffff8801d937f960 ffffffff81d90429 ffff8801d937fc40 0000000000000000
 ffff8801c67a9490 ffff8801d937fb30 ffff8801c67a9380 ffff8801d937fb58
 ffffffff8165e3c7 0000000000000000 ffff8801d937fab0 00000001d9ae6067
Call Trace:
 [<ffffffff81d90429>] __dump_stack lib/dump_stack.c:15 [inline]
 [<ffffffff81d90429>] dump_stack+0xc1/0x128 lib/dump_stack.c:51
 [<ffffffff8165e3c7>] handle_userfault+0xa37/0x1300 fs/userfaultfd.c:323
 [<ffffffff814cd6c1>] do_anonymous_page mm/memory.c:2747 [inline]
 [<ffffffff814cd6c1>] handle_pte_fault mm/memory.c:3488 [inline]
 [<ffffffff814cd6c1>] __handle_mm_fault mm/memory.c:3577 [inline]
 [<ffffffff814cd6c1>] handle_mm_fault+0x1fd1/0x2530 mm/memory.c:3614
 [<ffffffff810dd447>] __do_page_fault+0x5b7/0xd70 arch/x86/mm/fault.c:1396
 [<ffffffff810ddc27>] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1460
 [<ffffffff838aa958>] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:1012
 [<ffffffff838a9785>] entry_SYSCALL_64_fastpath+0x23/0xc6
binder: 11060:11070 ioctl c08c5335 20001f74 returned -22
binder: 11060:11083 ioctl c08c5335 20001f74 returned -22
IPVS: Creating netns size=2536 id=26