binder: 5505:5511 ioctl c0086423 204bcff8 returned -22 ================================================================== BUG: KASAN: wild-memory-access on address ffe7087451283000 Read of size 28 by task syz-executor1/5522 CPU: 1 PID: 5522 Comm: syz-executor1 Not tainted 4.9.52-gc30c69c #54 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801d12b79e8 ffffffff81d93149 ffe7087451283000 000000000000001c 0000000000000000 ffff8801cf852e40 ffe7087451283000 ffff8801d12b7a70 ffffffff8153d08f 0000000000000000 0000000000000001 ffffffff826648db Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] kasan_report_error mm/kasan/report.c:284 [inline] [] kasan_report.part.1+0x40f/0x500 mm/kasan/report.c:309 [] kasan_report+0x20/0x30 mm/kasan/report.c:296 [] check_memory_region_inline mm/kasan/kasan.c:308 [inline] [] check_memory_region+0x137/0x190 mm/kasan/kasan.c:315 [] kasan_check_read+0x11/0x20 mm/kasan/kasan.c:320 [] __copy_to_user arch/x86/include/asm/uaccess_64.h:182 [inline] [] sg_read_oxfer drivers/scsi/sg.c:1978 [inline] [] sg_read+0x124b/0x1400 drivers/scsi/sg.c:520 [] do_loop_readv_writev.part.17+0x141/0x1e0 fs/read_write.c:714 [] do_loop_readv_writev fs/read_write.c:880 [inline] [] do_readv_writev+0x520/0x750 fs/read_write.c:874 [] vfs_readv+0x84/0xc0 fs/read_write.c:898 [] do_readv+0xe6/0x250 fs/read_write.c:924 [] SYSC_readv fs/read_write.c:1011 [inline] [] SyS_readv+0x27/0x30 fs/read_write.c:1008 [] entry_SYSCALL_64_fastpath+0x23/0xc6 ================================================================== binder: 5506:5512 ioctl 2401 6 returned -22 binder: 5505:5523 ioctl c0086423 204bcff8 returned -22 binder: 5506:5512 ioctl 2401 6 returned -22 pktgen: kernel_thread() failed for cpu 0 pktgen: Cannot create thread for cpu 0 (-4) pktgen: kernel_thread() failed for cpu 1 pktgen: Cannot create thread for cpu 1 (-4) pktgen: Initialization failed for all threads pktgen: kernel_thread() failed for cpu 0 pktgen: Cannot create thread for cpu 0 (-4) pktgen: kernel_thread() failed for cpu 1 pktgen: Cannot create thread for cpu 1 (-4) pktgen: Initialization failed for all threads netlink: 3 bytes leftover after parsing attributes in process `syz-executor2'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor2'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor2'. netlink: 9 bytes leftover after parsing attributes in process `syz-executor4'. binder: 5773:5776 ioctl 5404 207dcfec returned -22 netlink: 9 bytes leftover after parsing attributes in process `syz-executor4'. binder: 5773:5805 ioctl 5404 207dcfec returned -22 binder: 5809:5810 ioctl 4b45 20099000 returned -22 selinux_nlmsg_perm: 3 callbacks suppressed SELinux: unrecognized netlink message: protocol=9 nlmsg_type=770 sclass=netlink_audit_socket pig=5827 comm=syz-executor6 binder: 5809:5826 ioctl 4b45 20099000 returned -22 SELinux: unrecognized netlink message: protocol=9 nlmsg_type=770 sclass=netlink_audit_socket pig=5835 comm=syz-executor6 SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pig=5845 comm=syz-executor4 SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pig=5845 comm=syz-executor4 SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pig=5845 comm=syz-executor4 SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pig=5845 comm=syz-executor4 SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pig=5845 comm=syz-executor4 SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pig=5845 comm=syz-executor4 SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pig=5845 comm=syz-executor4 SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pig=5845 comm=syz-executor4 binder: 5887:5894 ioctl c08c5336 20d23f74 returned -22 binder: 5887:5911 ioctl 5404 20d2a000 returned -22 binder: 5887:5911 ioctl 800454d7 20c8d000 returned -22 binder: 5887:5911 ioctl c08c5336 20d23f74 returned -22 binder: 5887:5911 ioctl 5404 20d2a000 returned -22 binder: 5887:5911 ioctl 800454d7 20c8d000 returned -22 sock: sock_set_timeout: `syz-executor1' (pid 5913) tries to set negative timeout sock: sock_set_timeout: `syz-executor1' (pid 5901) tries to set negative timeout PF_BRIDGE: RTM_SETLINK with unknown ifindex PF_BRIDGE: RTM_SETLINK with unknown ifindex tmpfs: Bad mount option q]g4G tmpfs: Bad mount option q]g4G qtaguid: iface_stat: iface_check_stats_reset_and_adjust(lo): iface reset its stats unexpectedly FAULT_FLAG_ALLOW_RETRY missing 30 FAULT_FLAG_ALLOW_RETRY missing 30 CPU: 0 PID: 6141 Comm: syz-executor5 Tainted: G B 4.9.52-gc30c69c #54 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801ce4ef9a0 ffffffff81d93149 ffff8801ce4efc80 0000000000000000 ffff8801c9aceb90 ffff8801ce4efb70 ffff8801c9acea80 ffff8801ce4efb98 ffffffff81660dc8 ffff8801ce4efaf0 ffff8801ce4efbb8 00000001d97ee067 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] handle_userfault+0xa48/0x1300 fs/userfaultfd.c:323 [] do_anonymous_page mm/memory.c:2747 [inline] [] handle_pte_fault mm/memory.c:3488 [inline] [] __handle_mm_fault mm/memory.c:3577 [inline] [] handle_mm_fault+0x1fd1/0x2530 mm/memory.c:3614 [] __do_page_fault+0x4eb/0xbd0 arch/x86/mm/fault.c:1397 [] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1460 [] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:1012 [] entry_SYSCALL_64_fastpath+0x23/0xc6 sd 0:0:1:0: [sg0] tag#455 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK sd 0:0:1:0: [sg0] tag#455 CDB: Test Unit Ready sd 0:0:1:0: [sg0] tag#455 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#455 CDB[10]: 00 00 00 00 10 27 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#455 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#455 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 TCP: request_sock_TCP: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. sd 0:0:1:0: [sg0] tag#455 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK sd 0:0:1:0: [sg0] tag#455 CDB: Test Unit Ready sd 0:0:1:0: [sg0] tag#455 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#455 CDB[10]: 00 00 00 00 10 27 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#455 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#455 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 IPVS: Creating netns size=2536 id=12 pktgen: kernel_thread() failed for cpu 1 pktgen: Cannot create thread for cpu 1 (-4) IPVS: Creating netns size=2536 id=13 CPU: 0 PID: 6160 Comm: syz-executor5 Tainted: G B 4.9.52-gc30c69c #54 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801ce64f8d0 ffffffff81d93149 ffff8801ce64fbb0 0000000000000000 ffff8801c9aceb90 ffff8801ce64faa0 ffff8801c9acea80 ffff8801ce64fac8 ffffffff81660dc8 ffff8801ce64fa20 0000000000000000 00000001d97ee067 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] handle_userfault+0xa48/0x1300 fs/userfaultfd.c:323 [] do_anonymous_page mm/memory.c:2747 [inline] [] handle_pte_fault mm/memory.c:3488 [inline] [] __handle_mm_fault mm/memory.c:3577 [inline] [] handle_mm_fault+0x1fd1/0x2530 mm/memory.c:3614 [] __do_page_fault+0x4eb/0xbd0 arch/x86/mm/fault.c:1397 [] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1460 [] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:1012 [] SyS_rt_sigtimedwait+0x2d/0x40 kernel/signal.c:2819 [] entry_SYSCALL_64_fastpath+0x23/0xc6 sd 0:0:1:0: [sg0] tag#455 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK sd 0:0:1:0: [sg0] tag#455 CDB: Test Unit Ready sd 0:0:1:0: [sg0] tag#455 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#455 CDB[10]: 00 00 00 00 10 27 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#455 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 keychord: using input dev AT Translated Set 2 keyboard for fevent sd 0:0:1:0: [sg0] tag#455 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#900 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK sd 0:0:1:0: [sg0] tag#900 CDB: Test Unit Ready sd 0:0:1:0: [sg0] tag#900 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#900 CDB[10]: 00 00 00 00 10 27 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#900 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#900 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 keychord: invalid keycode count 0 keychord: Insufficient bytes present for keycount 18 keychord: using input dev AT Translated Set 2 keyboard for fevent keychord: invalid keycode count 0 sd 0:0:1:0: [sg0] tag#455 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK sd 0:0:1:0: [sg0] tag#455 CDB: Test Unit Ready sd 0:0:1:0: [sg0] tag#455 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#455 CDB[10]: 00 00 00 00 10 27 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#455 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#455 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#455 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK sd 0:0:1:0: [sg0] tag#455 CDB: Test Unit Ready sd 0:0:1:0: [sg0] tag#455 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#455 CDB[10]: 00 00 00 00 10 27 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#455 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#455 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 device syz3 entered promiscuous mode PF_BRIDGE: RTM_SETLINK with unknown ifindex PF_BRIDGE: RTM_SETLINK with unknown ifindex device lo entered promiscuous mode device lo left promiscuous mode binder: 6520:6523 ioctl 5402 20000fdc returned -22 binder: 6520:6527 ioctl 5402 20000fdc returned -22 device gre0 entered promiscuous mode IPVS: Creating netns size=2536 id=14 pktgen: kernel_thread() failed for cpu 1 pktgen: Cannot create thread for cpu 1 (-4) IPVS: Creating netns size=2536 id=15 keychord: Insufficient bytes present for keycount 13560 keychord: Insufficient bytes present for keycount 13560 netlink: 13 bytes leftover after parsing attributes in process `syz-executor2'. netlink: 13 bytes leftover after parsing attributes in process `syz-executor2'. netlink: 4 bytes leftover after parsing attributes in process `syz-executor6'. netlink: 4 bytes leftover after parsing attributes in process `syz-executor6'. netlink: 8 bytes leftover after parsing attributes in process `syz-executor3'. netlink: 8 bytes leftover after parsing attributes in process `syz-executor3'. binder: 6748:6749 ioctl c010640c 20001000 returned -22 binder: 6748:6750 ioctl c010640c 20001000 returned -22 pktgen: kernel_thread() failed for cpu 0 pktgen: Cannot create thread for cpu 0 (-4) pktgen: kernel_thread() failed for cpu 1 pktgen: Cannot create thread for cpu 1 (-4) pktgen: Initialization failed for all threads pktgen: kernel_thread() failed for cpu 0 pktgen: Cannot create thread for cpu 0 (-4) pktgen: kernel_thread() failed for cpu 1 pktgen: Cannot create thread for cpu 1 (-4) pktgen: Initialization failed for all threads netlink: 3 bytes leftover after parsing attributes in process `syz-executor4'. netlink: 1 bytes leftover after parsing attributes in process `syz-executor3'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor4'. netlink: 1 bytes leftover after parsing attributes in process `syz-executor3'. IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready FAULT_FLAG_ALLOW_RETRY missing 70 CPU: 0 PID: 6896 Comm: syz-executor3 Tainted: G B 4.9.52-gc30c69c #54 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801a574fb50 ffffffff81d93149 ffff8801a574fe30 0000000000000000 ffff8801cb1bb490 ffff8801a574fd20 ffff8801cb1bb380 ffff8801a574fd48 ffffffff81660dc8 ffff8801a574fca0 0000000020001000 00000001cdc03067 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] handle_userfault+0xa48/0x1300 fs/userfaultfd.c:323 IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [] do_anonymous_page mm/memory.c:2747 [inline] [] handle_pte_fault mm/memory.c:3488 [inline] [] __handle_mm_fault mm/memory.c:3577 [inline] [] handle_mm_fault+0x1fd1/0x2530 mm/memory.c:3614 [] __do_page_fault+0x4eb/0xbd0 arch/x86/mm/fault.c:1397 [] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1460 [] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:1012 FAULT_FLAG_ALLOW_RETRY missing 70 CPU: 1 PID: 6913 Comm: syz-executor3 Tainted: G B 4.9.52-gc30c69c #54 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801a73cfb50 ffffffff81d93149 ffff8801a73cfe30 0000000000000000 ffff8801c9acf310 ffff8801a73cfd20 ffff8801c9acf200 ffff8801a73cfd48 ffffffff81660dc8 ffff8801a73cfca0 0000000020001000 00000001cbaad067 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] handle_userfault+0xa48/0x1300 fs/userfaultfd.c:323 [] do_anonymous_page mm/memory.c:2747 [inline] [] handle_pte_fault mm/memory.c:3488 [inline] [] __handle_mm_fault mm/memory.c:3577 [inline] [] handle_mm_fault+0x1fd1/0x2530 mm/memory.c:3614 [] __do_page_fault+0x4eb/0xbd0 arch/x86/mm/fault.c:1397 [] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1460 [] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:1012 FAULT_FLAG_ALLOW_RETRY missing 30 CPU: 0 PID: 6989 Comm: syz-executor0 Tainted: G B 4.9.52-gc30c69c #54 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801acaa7920 ffffffff81d93149 ffff8801acaa7c00 0000000000000000 ffff8801cb1ba590 ffff8801acaa7af0 ffff8801cb1ba480 ffff8801acaa7b18 ffffffff81660dc8 ffff8801acaa7a70 ffff8801acaa7998 00000001d0dfe067 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] handle_userfault+0xa48/0x1300 fs/userfaultfd.c:323 [] do_anonymous_page mm/memory.c:2747 [inline] [] handle_pte_fault mm/memory.c:3488 [inline] [] __handle_mm_fault mm/memory.c:3577 [inline] [] handle_mm_fault+0x1fd1/0x2530 mm/memory.c:3614 [] __do_page_fault+0x4eb/0xbd0 arch/x86/mm/fault.c:1397 [] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1460 [] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:1012 [] seccomp_prepare_filter kernel/seccomp.c:373 [inline] [] seccomp_prepare_user_filter kernel/seccomp.c:408 [inline] [] seccomp_set_mode_filter kernel/seccomp.c:741 [inline] [] do_seccomp+0x632/0x1810 kernel/seccomp.c:791 [] SYSC_seccomp kernel/seccomp.c:800 [inline] [] SyS_seccomp+0x24/0x30 kernel/seccomp.c:797 [] entry_SYSCALL_64_fastpath+0x23/0xc6 FAULT_FLAG_ALLOW_RETRY missing 30 CPU: 0 PID: 6989 Comm: syz-executor0 Tainted: G B 4.9.52-gc30c69c #54 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801acaa7920 ffffffff81d93149 ffff8801acaa7c00 0000000000000000 ffff8801cb1ba410 ffff8801acaa7af0 ffff8801cb1ba300 ffff8801acaa7b18 ffffffff81660dc8 ffff8801acaa7a70 ffff8801acaa7998 00000001d0dfe067 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] handle_userfault+0xa48/0x1300 fs/userfaultfd.c:323 [] do_anonymous_page mm/memory.c:2747 [inline] [] handle_pte_fault mm/memory.c:3488 [inline] [] __handle_mm_fault mm/memory.c:3577 [inline] [] handle_mm_fault+0x1fd1/0x2530 mm/memory.c:3614 [] __do_page_fault+0x4eb/0xbd0 arch/x86/mm/fault.c:1397 [] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1460 [] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:1012 [] seccomp_prepare_filter kernel/seccomp.c:373 [inline] [] seccomp_prepare_user_filter kernel/seccomp.c:408 [inline] [] seccomp_set_mode_filter kernel/seccomp.c:741 [inline] [] do_seccomp+0x632/0x1810 kernel/seccomp.c:791 [] SYSC_seccomp kernel/seccomp.c:800 [inline] [] SyS_seccomp+0x24/0x30 kernel/seccomp.c:797 [] entry_SYSCALL_64_fastpath+0x23/0xc6 pktgen: kernel_thread() failed for cpu 0 pktgen: Cannot create thread for cpu 0 (-4) pktgen: kernel_thread() failed for cpu 1 pktgen: Cannot create thread for cpu 1 (-4) pktgen: Initialization failed for all threads pktgen: kernel_thread() failed for cpu 0 pktgen: Cannot create thread for cpu 0 (-4) pktgen: kernel_thread() failed for cpu 1 pktgen: Cannot create thread for cpu 1 (-4) pktgen: Initialization failed for all threads TCP: request_sock_TCPv6: Possible SYN flooding on port 20017. Sending cookies. Check SNMP counters. keychord: using input dev AT Translated Set 2 keyboard for fevent IPVS: Creating netns size=2536 id=16 device gre0 entered promiscuous mode keychord: invalid keycode count 0 keychord: invalid keycode count 0 keychord: using input dev AT Translated Set 2 keyboard for fevent device gre0 entered promiscuous mode binder: 7418:7419 ioctl 4b3b 81 returned -22 binder: 7418:7420 ioctl 4b3b 81 returned -22 device gre0 left promiscuous mode device gre0 entered promiscuous mode devpts: called with bogus options devpts: called with bogus options IPVS: Creating netns size=2536 id=17 device gre0 entered promiscuous mode device gre0 left promiscuous mode device lo entered promiscuous mode device lo left promiscuous mode device lo entered promiscuous mode device lo left promiscuous mode binder_alloc: binder_alloc_mmap_handler: 7532 204f0000-204f4000 already mapped failed -16 binder_alloc: binder_alloc_mmap_handler: 7532 204f0000-204f4000 already mapped failed -16 pktgen: kernel_thread() failed for cpu 0 pktgen: Cannot create thread for cpu 0 (-4) pktgen: kernel_thread() failed for cpu 1 pktgen: Cannot create thread for cpu 1 (-4) pktgen: Initialization failed for all threads pktgen: kernel_thread() failed for cpu 0 pktgen: Cannot create thread for cpu 0 (-4) pktgen: kernel_thread() failed for cpu 1 pktgen: Cannot create thread for cpu 1 (-4) pktgen: Initialization failed for all threads device lo entered promiscuous mode device lo left promiscuous mode FAULT_FLAG_ALLOW_RETRY missing 30 CPU: 0 PID: 7651 Comm: syz-executor7 Tainted: G B 4.9.52-gc30c69c #54 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801ab84fa10 ffffffff81d93149 ffff8801ab84fcf0 0000000000000000 ffff8801cb1ba290 ffff8801ab84fbe0 ffff8801cb1ba180 ffff8801ab84fc08 ffffffff81660dc8 ffff8801ab84fb60 ffffffff812dff30 00000001cfaf8067 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] handle_userfault+0xa48/0x1300 fs/userfaultfd.c:323 [] do_anonymous_page mm/memory.c:2747 [inline] [] handle_pte_fault mm/memory.c:3488 [inline] [] __handle_mm_fault mm/memory.c:3577 [inline] [] handle_mm_fault+0x1fd1/0x2530 mm/memory.c:3614 [] __do_page_fault+0x4eb/0xbd0 arch/x86/mm/fault.c:1397 [] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1460 [] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:1012 [] SYSC_sigaltstack kernel/signal.c:3170 [inline] [] SyS_sigaltstack+0x6c/0x90 kernel/signal.c:3168 [] entry_SYSCALL_64_fastpath+0x23/0xc6 device gre0 entered promiscuous mode device lo entered promiscuous mode