Warning: Permanently added '10.128.0.175' (ECDSA) to the list of known hosts. 2020/01/20 21:45:59 fuzzer started 2020/01/20 21:46:01 dialing manager at 10.128.0.105:33755 2020/01/20 21:46:01 checking machine... 2020/01/20 21:46:01 checking revisions... 2020/01/20 21:46:01 testing simple program... syzkaller login: [ 63.460614][ T7984] IPVS: ftp: loaded support on port[0] = 21 2020/01/20 21:46:01 building call list... [ 63.857590][ T83] tipc: TX() has been purged, node left! executing program [ 66.808057][ T7979] can: request_module (can-proto-0) failed. [ 66.819864][ T7979] can: request_module (can-proto-0) failed. [ 66.831741][ T7979] can: request_module (can-proto-0) failed. 2020/01/20 21:46:14 syscalls: 2861 2020/01/20 21:46:14 code coverage: enabled 2020/01/20 21:46:14 comparison tracing: enabled 2020/01/20 21:46:14 extra coverage: enabled 2020/01/20 21:46:14 setuid sandbox: enabled 2020/01/20 21:46:14 namespace sandbox: enabled 2020/01/20 21:46:14 Android sandbox: /sys/fs/selinux/policy does not exist 2020/01/20 21:46:14 fault injection: enabled 2020/01/20 21:46:14 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/01/20 21:46:14 net packet injection: enabled 2020/01/20 21:46:14 net device setup: enabled 2020/01/20 21:46:14 concurrency sanitizer: enabled 2020/01/20 21:46:14 devlink PCI setup: PCI device 0000:00:10.0 is not available 21:46:15 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'sha384-ssse3\x00'}, 0x58) accept4(r0, 0x0, 0x0, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'essiv(xts-cast6-avx,sha224-avx)\x00'}, 0x58) [ 77.429938][ T8034] IPVS: ftp: loaded support on port[0] = 21 21:46:15 executing program 1: r0 = socket(0x10, 0x3, 0x0) close(r0) socket$kcm(0x29, 0x5, 0x0) setsockopt$sock_timeval(r0, 0x1, 0x14, &(0x7f00000000c0)={0x0, 0x2710}, 0x10) r1 = socket$inet_udplite(0x2, 0x2, 0x88) openat$mixer(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) close(r1) close(r2) pipe(&(0x7f0000000100)) splice(r0, 0x0, r2, 0x0, 0xc0, 0x0) [ 77.501264][ T8034] chnl_net:caif_netlink_parms(): no params data found [ 77.566104][ T8034] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.587628][ T8034] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.595316][ T8034] device bridge_slave_0 entered promiscuous mode [ 77.618636][ T8034] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.625765][ T8034] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.648096][ T8034] device bridge_slave_1 entered promiscuous mode [ 77.664671][ T8034] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 77.679563][ T8037] IPVS: ftp: loaded support on port[0] = 21 [ 77.689414][ T8034] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 77.720625][ T8034] team0: Port device team_slave_0 added [ 77.727890][ T8034] team0: Port device team_slave_1 added 21:46:15 executing program 2: mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000002, 0x800000000008031, 0xffffffffffffffff, 0x0) dup(0xffffffffffffffff) mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x3) move_pages(0x0, 0x1, &(0x7f0000000280)=[&(0x7f0000a5b000/0x2000)=nil], &(0x7f0000000240), 0x0, 0x0) mincore(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0) [ 77.763074][ T8034] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 77.770238][ T8034] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 77.796578][ T8034] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 77.831305][ T8034] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 77.838525][ T8034] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 77.865147][ T8034] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 77.886975][ T8037] chnl_net:caif_netlink_parms(): no params data found [ 77.960680][ T8034] device hsr_slave_0 entered promiscuous mode [ 78.008872][ T8034] device hsr_slave_1 entered promiscuous mode 21:46:16 executing program 3: r0 = syz_open_dev$sndctrl(&(0x7f0000000000)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_LIST(r0, 0x80045500, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0}) [ 78.066392][ T8040] IPVS: ftp: loaded support on port[0] = 21 [ 78.083065][ T8037] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.094357][ T8037] bridge0: port 1(bridge_slave_0) entered disabled state [ 78.102630][ T8037] device bridge_slave_0 entered promiscuous mode [ 78.125386][ T8037] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.148584][ T8037] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.168748][ T8037] device bridge_slave_1 entered promiscuous mode [ 78.229762][ T8037] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 78.258571][ T8037] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 78.315688][ T8042] IPVS: ftp: loaded support on port[0] = 21 [ 78.332567][ T8037] team0: Port device team_slave_0 added [ 78.378654][ T8037] team0: Port device team_slave_1 added [ 78.444161][ T8037] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 78.457608][ T8037] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. 21:46:16 executing program 4: syz_mount_image$gfs2(&(0x7f0000000000)='gfs2\x00', &(0x7f0000000380)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='lockproto=lock,locktable=/']) [ 78.488766][ T8037] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 78.528581][ T8037] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 78.535622][ T8037] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.595266][ T8037] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 78.612380][ T2612] ================================================================== [ 78.620618][ T2612] BUG: KCSAN: data-race in find_next_bit / rcu_report_exp_cpu_mult [ 78.628589][ T2612] [ 78.630924][ T2612] write to 0xffffffff85c7d080 of 8 bytes by interrupt on cpu 0: [ 78.638573][ T2612] rcu_report_exp_cpu_mult+0x4f/0xa0 [ 78.643862][ T2612] rcu_report_exp_rdp+0x6c/0x90 [ 78.648723][ T2612] rcu_exp_handler+0xe5/0x190 [ 78.653397][ T2612] flush_smp_call_function_queue+0x18c/0x2b0 [ 78.659384][ T2612] generic_smp_call_function_single_interrupt+0x1c/0x49 [ 78.666339][ T2612] smp_call_function_single_interrupt+0x3f/0x100 [ 78.672683][ T2612] call_function_single_interrupt+0xf/0x20 [ 78.678491][ T2612] get_task_policy.part.0+0x59/0x90 [ 78.683703][ T2612] alloc_pages_current+0x168/0x170 [ 78.688824][ T2612] __vmalloc_node_range+0x2d7/0x4c0 [ 78.694122][ T2612] vmalloc_user+0x65/0x80 [ 78.698460][ T2612] kcov_mmap+0x2e/0x150 [ 78.702617][ T2612] mmap_region+0x7df/0xd50 [ 78.707051][ T2612] do_mmap+0x6c8/0xba0 [ 78.711129][ T2612] vm_mmap_pgoff+0x12d/0x190 [ 78.715722][ T2612] ksys_mmap_pgoff+0x2d8/0x420 [ 78.720525][ T2612] __x64_sys_mmap+0x2e/0x40 [ 78.725036][ T2612] do_syscall_64+0xcc/0x3a0 [ 78.729731][ T2612] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 78.735630][ T2612] [ 78.737963][ T2612] read to 0xffffffff85c7d080 of 8 bytes by task 2612 on cpu 1: [ 78.745506][ T2612] find_next_bit+0x57/0xe0 [ 78.749926][ T2612] sync_rcu_exp_select_node_cpus+0x28e/0x510 [ 78.755917][ T2612] sync_rcu_exp_select_cpus+0x30c/0x590 [ 78.761465][ T2612] wait_rcu_exp_gp+0x25/0x40 [ 78.766147][ T2612] process_one_work+0x3d4/0x890 [ 78.771004][ T2612] worker_thread+0xa0/0x800 [ 78.775532][ T2612] kthread+0x1d4/0x200 [ 78.779604][ T2612] ret_from_fork+0x1f/0x30 [ 78.784004][ T2612] [ 78.786322][ T2612] Reported by Kernel Concurrency Sanitizer on: [ 78.792481][ T2612] CPU: 1 PID: 2612 Comm: kworker/1:2 Not tainted 5.5.0-rc1-syzkaller #0 [ 78.800798][ T2612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 78.810869][ T2612] Workqueue: rcu_gp wait_rcu_exp_gp [ 78.817105][ T2612] ================================================================== [ 78.825340][ T2612] Kernel panic - not syncing: panic_on_warn set ... [ 78.831937][ T2612] CPU: 1 PID: 2612 Comm: kworker/1:2 Not tainted 5.5.0-rc1-syzkaller #0 [ 78.840251][ T2612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 78.850319][ T2612] Workqueue: rcu_gp wait_rcu_exp_gp [ 78.855518][ T2612] Call Trace: [ 78.858815][ T2612] dump_stack+0x11d/0x181 [ 78.863162][ T2612] panic+0x210/0x640 [ 78.867073][ T2612] ? vprintk_func+0x8d/0x140 [ 78.871679][ T2612] kcsan_report.cold+0xc/0xd [ 78.876281][ T2612] kcsan_setup_watchpoint+0x3fe/0x460 [ 78.881665][ T2612] __tsan_read8+0xc6/0x100 [ 78.886086][ T2612] find_next_bit+0x57/0xe0 [ 78.890515][ T2612] sync_rcu_exp_select_node_cpus+0x28e/0x510 [ 78.896512][ T2612] sync_rcu_exp_select_cpus+0x30c/0x590 [ 78.902067][ T2612] wait_rcu_exp_gp+0x25/0x40 [ 78.906668][ T2612] process_one_work+0x3d4/0x890 [ 78.911535][ T2612] worker_thread+0xa0/0x800 [ 78.916043][ T2612] kthread+0x1d4/0x200 [ 78.920137][ T2612] ? rescuer_thread+0x6a0/0x6a0 [ 78.925003][ T2612] ? kthread_unpark+0xe0/0xe0 [ 78.929690][ T2612] ret_from_fork+0x1f/0x30 [ 78.935490][ T2612] Kernel Offset: disabled [ 78.939822][ T2612] Rebooting in 86400 seconds..