[ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.171' (ECDSA) to the list of known hosts. 2020/06/30 22:15:23 fuzzer started 2020/06/30 22:15:24 dialing manager at 10.128.0.105:33683 2020/06/30 22:15:24 syscalls: 3106 2020/06/30 22:15:24 code coverage: enabled 2020/06/30 22:15:24 comparison tracing: enabled 2020/06/30 22:15:24 extra coverage: enabled 2020/06/30 22:15:24 setuid sandbox: enabled 2020/06/30 22:15:24 namespace sandbox: enabled 2020/06/30 22:15:24 Android sandbox: /sys/fs/selinux/policy does not exist 2020/06/30 22:15:24 fault injection: enabled 2020/06/30 22:15:24 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/06/30 22:15:24 net packet injection: enabled 2020/06/30 22:15:24 net device setup: enabled 2020/06/30 22:15:24 concurrency sanitizer: enabled 2020/06/30 22:15:24 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/06/30 22:15:24 USB emulation: enabled 2020/06/30 22:15:24 suppressing KCSAN reports in functions: '__ext4_new_inode' 'do_epoll_wait' 'generic_write_end' 'blk_mq_dispatch_rq_list' 22:15:27 executing program 0: syz_emit_ethernet(0x1f, &(0x7f0000000080)={@link_local, @dev, @void, {@ipv6={0x86dd, @tipc_packet={0x0, 0x6, "c945ca", 0x0, 0x6, 0x0, @initdev={0xfe, 0x88, [], 0x0, 0x0}, @private0, {[@fragment, @hopopts={0x0, 0x0, [], [@enc_lim, @padn={0x1, 0x0, [0x0]}, @ra, @generic={0x0, 0x0, "8b4982cf8005100c09554f54ba3b4e7376408ba4915b4d814f9bd9cafc8af492678308ea9e78fb2a63f23430f2ff956cd75a97e358536f455d3697a856a04f28d256bd23d50ac3704856c7e6b642968b8cf5cb92b66d29711b1ca4"}, @calipso, @jumbo, @enc_lim, @enc_lim, @ra, @ra]}], @payload_named={{}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}}}}}}, 0x0) syzkaller login: [ 34.400712][ T8640] IPVS: ftp: loaded support on port[0] = 21 22:15:27 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)={0x64, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x12, 0x3, 'bitmap:ip,mac\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0x18, 0x7, 0x0, 0x1, [@IPSET_ATTR_CIDR={0x5}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x64}}, 0x0) [ 34.464330][ T8640] chnl_net:caif_netlink_parms(): no params data found [ 34.502054][ T8640] bridge0: port 1(bridge_slave_0) entered blocking state [ 34.509187][ T8640] bridge0: port 1(bridge_slave_0) entered disabled state [ 34.517126][ T8640] device bridge_slave_0 entered promiscuous mode [ 34.525305][ T8640] bridge0: port 2(bridge_slave_1) entered blocking state [ 34.532758][ T8640] bridge0: port 2(bridge_slave_1) entered disabled state [ 34.540156][ T8640] device bridge_slave_1 entered promiscuous mode [ 34.555145][ T8640] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 34.566120][ T8640] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 34.583934][ T8640] team0: Port device team_slave_0 added [ 34.590806][ T8640] team0: Port device team_slave_1 added [ 34.605008][ T8640] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 34.612314][ T8640] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 34.647070][ T8640] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 34.662832][ T8794] IPVS: ftp: loaded support on port[0] = 21 [ 34.674984][ T8640] batman_adv: batadv0: Adding interface: batadv_slave_1 22:15:27 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0) ioctl$sock_inet6_tcp_SIOCINQ(r0, 0x4c80, 0xfffffffffffffffe) [ 34.691637][ T8640] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 34.718355][ T8640] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 34.803590][ T8640] device hsr_slave_0 entered promiscuous mode 22:15:28 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x6) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000100)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x0, 0x2000000000903, 0x1}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev, 0x600, 0x0, 0x3, 0x1}, 0x20) [ 34.862083][ T8640] device hsr_slave_1 entered promiscuous mode [ 34.974445][ T8794] chnl_net:caif_netlink_parms(): no params data found [ 34.984958][ T8828] IPVS: ftp: loaded support on port[0] = 21 22:15:28 executing program 4: io_setup(0x1, &(0x7f0000000100)) io_setup(0x1ff, &(0x7f00000002c0)=0x0) io_destroy(r0) io_submit(r0, 0x0, 0x0) [ 35.092053][ T8640] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 35.124431][ T8794] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.131456][ T8794] bridge0: port 1(bridge_slave_0) entered disabled state [ 35.140382][ T8794] device bridge_slave_0 entered promiscuous mode [ 35.151309][ T8980] IPVS: ftp: loaded support on port[0] = 21 [ 35.157594][ T8640] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 35.204598][ T8640] netdevsim netdevsim0 netdevsim2: renamed from eth2 22:15:28 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x4, &(0x7f0000000000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x4f, 0x75}, [@call={0x27}]}, &(0x7f0000000040)='syzkaller\x00', 0x4, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffed8}, 0x3f) [ 35.311540][ T8794] bridge0: port 2(bridge_slave_1) entered blocking state [ 35.318695][ T8794] bridge0: port 2(bridge_slave_1) entered disabled state [ 35.326748][ T8794] device bridge_slave_1 entered promiscuous mode [ 35.343150][ T8640] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 35.392862][ T9008] IPVS: ftp: loaded support on port[0] = 21 [ 35.407225][ T8828] chnl_net:caif_netlink_parms(): no params data found [ 35.436223][ T8794] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 35.470506][ T8794] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 35.480659][ T9109] IPVS: ftp: loaded support on port[0] = 21 [ 35.482920][ T8640] bridge0: port 2(bridge_slave_1) entered blocking state [ 35.493568][ T8640] bridge0: port 2(bridge_slave_1) entered forwarding state [ 35.500753][ T8640] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.507839][ T8640] bridge0: port 1(bridge_slave_0) entered forwarding state [ 35.520292][ T8828] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.528168][ T8828] bridge0: port 1(bridge_slave_0) entered disabled state [ 35.535781][ T8828] device bridge_slave_0 entered promiscuous mode [ 35.544011][ T8828] bridge0: port 2(bridge_slave_1) entered blocking state [ 35.551029][ T8828] bridge0: port 2(bridge_slave_1) entered disabled state [ 35.558802][ T8828] device bridge_slave_1 entered promiscuous mode [ 35.575785][ T4734] bridge0: port 1(bridge_slave_0) entered disabled state [ 35.583834][ T4734] bridge0: port 2(bridge_slave_1) entered disabled state [ 35.622817][ T21] ================================================================== [ 35.630905][ T21] BUG: KCSAN: data-race in copy_process / copy_process [ 35.635496][ T9008] chnl_net:caif_netlink_parms(): no params data found [ 35.637726][ T21] [ 35.646763][ T21] write to 0xffffffff8927a410 of 4 bytes by task 5034 on cpu 0: [ 35.654376][ T21] copy_process+0x2e84/0x3300 [ 35.659029][ T21] _do_fork+0xf1/0x660 [ 35.663080][ T21] __x64_sys_clone+0xfb/0x120 [ 35.667737][ T21] do_syscall_64+0x51/0xb0 [ 35.672141][ T21] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 35.678017][ T21] [ 35.680323][ T21] read to 0xffffffff8927a410 of 4 bytes by task 21 on cpu 1: [ 35.685581][ T9008] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.687667][ T21] copy_process+0xac4/0x3300 [ 35.694923][ T9008] bridge0: port 1(bridge_slave_0) entered disabled state [ 35.699228][ T21] _do_fork+0xf1/0x660 [ 35.708808][ T9008] device bridge_slave_0 entered promiscuous mode [ 35.710254][ T21] kernel_thread+0x85/0xb0 [ 35.718497][ T9008] bridge0: port 2(bridge_slave_1) entered blocking state [ 35.720936][ T21] call_usermodehelper_exec_work+0x4f/0x1b0 [ 35.728707][ T9008] bridge0: port 2(bridge_slave_1) entered disabled state [ 35.733802][ T21] process_one_work+0x3e1/0x9a0 [ 35.733810][ T21] worker_thread+0x665/0xbe0 [ 35.733817][ T21] kthread+0x20d/0x230 [ 35.733826][ T21] ret_from_fork+0x1f/0x30 [ 35.733828][ T21] [ 35.733830][ T21] Reported by Kernel Concurrency Sanitizer on: [ 35.733839][ T21] CPU: 1 PID: 21 Comm: kworker/u4:1 Not tainted 5.8.0-rc3-syzkaller #0 [ 35.733848][ T21] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 35.743111][ T9008] device bridge_slave_1 entered promiscuous mode [ 35.745675][ T21] Workqueue: events_unbound call_usermodehelper_exec_work [ 35.758761][ T9008] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 35.760942][ T21] ================================================================== [ 35.768931][ T9008] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 35.775278][ T21] Kernel panic - not syncing: panic_on_warn set ... [ 35.775288][ T21] CPU: 1 PID: 21 Comm: kworker/u4:1 Not tainted 5.8.0-rc3-syzkaller #0 [ 35.775293][ T21] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 35.775306][ T21] Workqueue: events_unbound call_usermodehelper_exec_work [ 35.775315][ T21] Call Trace: [ 35.795539][ T9008] team0: Port device team_slave_0 added [ 35.798787][ T21] dump_stack+0x10f/0x19d [ 35.809801][ T9008] team0: Port device team_slave_1 added [ 35.815891][ T21] panic+0x207/0x64a [ 35.815903][ T21] ? vprintk_emit+0x44a/0x4f0 [ 35.815914][ T21] kcsan_report+0x684/0x690 [ 35.815930][ T21] ? kcsan_setup_watchpoint+0x453/0x4d0 [ 35.837114][ T9008] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 35.839667][ T21] ? copy_process+0xac4/0x3300 [ 35.850349][ T9008] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 35.856765][ T21] ? _do_fork+0xf1/0x660 [ 35.856776][ T21] ? kernel_thread+0x85/0xb0 [ 35.856785][ T21] ? call_usermodehelper_exec_work+0x4f/0x1b0 [ 35.856794][ T21] ? process_one_work+0x3e1/0x9a0 [ 35.856809][ T21] ? worker_thread+0x665/0xbe0 [ 35.862666][ T9008] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 35.865567][ T21] ? kthread+0x20d/0x230 [ 35.871095][ T9008] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 35.875365][ T21] ? ret_from_fork+0x1f/0x30 [ 35.875385][ T21] ? debug_smp_processor_id+0x18/0x20 [ 35.875400][ T21] ? copy_creds+0x280/0x350 [ 35.880731][ T9008] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 35.883898][ T21] ? copy_creds+0x280/0x350 [ 35.883910][ T21] kcsan_setup_watchpoint+0x453/0x4d0 [ 35.883921][ T21] ? copy_creds+0x280/0x350 [ 35.883936][ T21] copy_process+0xac4/0x3300 [ 35.890436][ T9008] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 35.893915][ T21] ? check_preempt_wakeup+0x1cb/0x370 [ 35.893926][ T21] ? proc_cap_handler+0x280/0x280 [ 35.893934][ T21] _do_fork+0xf1/0x660 [ 35.893943][ T21] ? enqueue_entity+0x25a/0x480 [ 35.893956][ T21] ? proc_cap_handler+0x280/0x280 [ 36.071110][ T21] kernel_thread+0x85/0xb0 [ 36.075492][ T21] ? proc_cap_handler+0x280/0x280 [ 36.080479][ T21] call_usermodehelper_exec_work+0x4f/0x1b0 [ 36.086343][ T21] process_one_work+0x3e1/0x9a0 [ 36.091161][ T21] worker_thread+0x665/0xbe0 [ 36.095718][ T21] ? finish_task_switch+0x8b/0x270 [ 36.100792][ T21] ? process_one_work+0x9a0/0x9a0 [ 36.105776][ T21] kthread+0x20d/0x230 [ 36.109808][ T21] ? process_one_work+0x9a0/0x9a0 [ 36.114794][ T21] ? kthread_blkcg+0x80/0x80 [ 36.119352][ T21] ret_from_fork+0x1f/0x30 [ 36.124868][ T21] Kernel Offset: disabled [ 36.129172][ T21] Rebooting in 86400 seconds..