Warning: Permanently added '10.128.0.127' (ECDSA) to the list of known hosts. 2019/10/26 11:51:34 fuzzer started 2019/10/26 11:51:35 dialing manager at 10.128.0.105:33655 2019/10/26 11:51:36 syscalls: 2533 2019/10/26 11:51:36 code coverage: enabled 2019/10/26 11:51:36 comparison tracing: enabled 2019/10/26 11:51:36 extra coverage: extra coverage is not supported by the kernel 2019/10/26 11:51:36 setuid sandbox: enabled 2019/10/26 11:51:36 namespace sandbox: enabled 2019/10/26 11:51:36 Android sandbox: /sys/fs/selinux/policy does not exist 2019/10/26 11:51:36 fault injection: enabled 2019/10/26 11:51:36 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/10/26 11:51:36 net packet injection: enabled 2019/10/26 11:51:36 net device setup: enabled 2019/10/26 11:51:36 concurrency sanitizer: enabled 2019/10/26 11:51:40 adding functions to KCSAN blacklist: '__ext4_new_inode' '__nf_conntrack_find_get' 'ep_poll' 'shmem_file_read_iter' 'find_next_bit' 'pipe_poll' 'rcu_gp_fqs_check_wake' '__nf_ct_refresh_acct' 'add_timer' 'taskstats_exit' 'tomoyo_supervisor' 'tcp_poll' 'find_get_pages_range_tag' 'generic_permission' 'mod_timer' 'pid_update_inode' 'tcp_add_backlog' 'ktime_get_real_seconds' 'do_nanosleep' 'tick_do_update_jiffies64' '__hrtimer_run_queues' 11:51:48 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x5) ioctl$KDADDIO(r0, 0x8925, 0x718000) 11:51:48 executing program 1: openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0) r1 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r1, 0xc0184900, &(0x7f0000000080)={0xa925, 0x1d, 0x0, 0xffffffffffffffff}) r3 = dup(r2) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, &(0x7f0000001480)={0x0, 0x0, r3}) dup(0xffffffffffffffff) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, 0x0) write(0xffffffffffffffff, 0x0, 0x0) openat$dlm_monitor(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$VIDIOC_ENUMAUDIO(0xffffffffffffffff, 0xc0345641, 0x0) getsockopt$inet_sctp6_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000100)=@assoc_value, 0x0) getsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, 0x0, 0x0) syzkaller login: [ 70.276957][ T7240] IPVS: ftp: loaded support on port[0] = 21 [ 70.373680][ T7240] chnl_net:caif_netlink_parms(): no params data found [ 70.427523][ T7240] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.434727][ T7240] bridge0: port 1(bridge_slave_0) entered disabled state [ 70.444149][ T7240] device bridge_slave_0 entered promiscuous mode [ 70.452161][ T7240] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.460574][ T7240] bridge0: port 2(bridge_slave_1) entered disabled state [ 70.468974][ T7240] device bridge_slave_1 entered promiscuous mode [ 70.512504][ T7240] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 70.537630][ T7240] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 70.571796][ T7240] team0: Port device team_slave_0 added [ 70.576621][ T7243] IPVS: ftp: loaded support on port[0] = 21 [ 70.578773][ T7240] team0: Port device team_slave_1 added 11:51:49 executing program 2: perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000040)=0xe, 0x0) r0 = bpf$MAP_CREATE(0xe00000000000000, &(0x7f0000000340)={0x9, 0x7, 0x7, 0x800}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000003c0)={r0, &(0x7f00000002c0), &(0x7f0000000380)}, 0x20) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$setstatus(r1, 0x4, 0x2000) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r2, 0x0, 0x80, 0x0, 0x298) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$sg(0x0, 0x0, 0x0) ioctl(0xffffffffffffffff, 0x2288, &(0x7f0000000300)) ioctl$int_in(0xffffffffffffffff, 0x0, 0x0) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000002140)={r0, 0x0, &(0x7f0000001140)=""/4096}, 0x20) [ 70.658523][ T7240] device hsr_slave_0 entered promiscuous mode [ 70.706078][ T7240] device hsr_slave_1 entered promiscuous mode [ 70.848122][ T7240] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.855317][ T7240] bridge0: port 2(bridge_slave_1) entered forwarding state [ 70.862643][ T7240] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.869730][ T7240] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.101627][ T7261] IPVS: ftp: loaded support on port[0] = 21 [ 71.126802][ T7240] 8021q: adding VLAN 0 to HW filter on device bond0 [ 71.134052][ T7243] chnl_net:caif_netlink_parms(): no params data found [ 71.250539][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 71.295693][ T17] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.325631][ T17] bridge0: port 2(bridge_slave_1) entered disabled state 11:51:49 executing program 3: prctl$PR_GET_PDEATHSIG(0x2, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ip6_flowlabel\x00') perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmmsg$inet(0xffffffffffffffff, &(0x7f00000039c0)=[{{0x0, 0x0, &(0x7f00000001c0)=[{0x0}], 0x1}}], 0x1, 0x0) preadv(r0, &(0x7f00000017c0), 0x3a8, 0x0) [ 71.356120][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 71.399897][ T7240] 8021q: adding VLAN 0 to HW filter on device team0 [ 71.492429][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 71.515932][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 71.524762][ T43] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.531923][ T43] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.599545][ T7243] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.616871][ T7243] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.667482][ T7243] device bridge_slave_0 entered promiscuous mode [ 71.700177][ T7243] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.755316][ T7243] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.763316][ T7243] device bridge_slave_1 entered promiscuous mode [ 71.793904][ T7268] ================================================================== [ 71.802034][ T7268] BUG: KCSAN: data-race in get_task_cred / get_task_cred [ 71.809064][ T7268] [ 71.811391][ T7268] write to 0xffff88812a1f5998 of 4 bytes by task 7255 on cpu 0: [ 71.819016][ T7268] get_task_cred+0xd2/0x120 [ 71.823518][ T7268] proc_pid_status+0x17c/0x1000 [ 71.828369][ T7268] proc_single_show+0x89/0xe0 [ 71.833037][ T7268] seq_read+0x350/0x960 [ 71.837189][ T7268] __vfs_read+0x67/0xc0 [ 71.841341][ T7268] vfs_read+0x143/0x2c0 [ 71.845486][ T7268] ksys_read+0xd5/0x1b0 [ 71.849630][ T7268] __x64_sys_read+0x4c/0x60 [ 71.854127][ T7268] do_syscall_64+0xcc/0x370 [ 71.858644][ T7268] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 71.864515][ T7268] [ 71.866842][ T7268] write to 0xffff88812a1f5998 of 4 bytes by task 7268 on cpu 1: [ 71.874464][ T7268] get_task_cred+0xd2/0x120 [ 71.878967][ T7268] proc_pid_status+0x17c/0x1000 [ 71.883808][ T7268] proc_single_show+0x89/0xe0 [ 71.888495][ T7268] seq_read+0x350/0x960 [ 71.892647][ T7268] __vfs_read+0x67/0xc0 [ 71.896795][ T7268] vfs_read+0x143/0x2c0 [ 71.900941][ T7268] ksys_read+0xd5/0x1b0 [ 71.905090][ T7268] __x64_sys_read+0x4c/0x60 [ 71.909590][ T7268] do_syscall_64+0xcc/0x370 [ 71.914088][ T7268] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 71.919962][ T7268] [ 71.922276][ T7268] Reported by Kernel Concurrency Sanitizer on: [ 71.928426][ T7268] CPU: 1 PID: 7268 Comm: ps Not tainted 5.4.0-rc3+ #0 [ 71.935173][ T7268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 71.945219][ T7268] ================================================================== [ 71.953268][ T7268] Kernel panic - not syncing: panic_on_warn set ... [ 71.959847][ T7268] CPU: 1 PID: 7268 Comm: ps Not tainted 5.4.0-rc3+ #0 [ 71.966595][ T7268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 71.976642][ T7268] Call Trace: [ 71.979931][ T7268] dump_stack+0xf5/0x159 [ 71.984173][ T7268] panic+0x210/0x640 [ 71.988068][ T7268] ? do_syscall_64+0xcc/0x370 [ 71.992739][ T7268] ? vprintk_func+0x8d/0x140 [ 71.997324][ T7268] kcsan_report.cold+0xc/0x10 [ 72.001998][ T7268] __kcsan_setup_watchpoint+0x32e/0x4a0 [ 72.007539][ T7268] __tsan_write4+0x32/0x40 [ 72.011952][ T7268] get_task_cred+0xd2/0x120 [ 72.016460][ T7268] proc_pid_status+0x17c/0x1000 [ 72.021313][ T7268] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 72.026941][ T7268] proc_single_show+0x89/0xe0 [ 72.031612][ T7268] seq_read+0x350/0x960 [ 72.035769][ T7268] __vfs_read+0x67/0xc0 [ 72.039920][ T7268] ? seq_hlist_start_head_rcu+0x60/0x60 [ 72.045465][ T7268] vfs_read+0x143/0x2c0 [ 72.049621][ T7268] ksys_read+0xd5/0x1b0 [ 72.053776][ T7268] __x64_sys_read+0x4c/0x60 [ 72.058277][ T7268] do_syscall_64+0xcc/0x370 [ 72.062778][ T7268] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 72.068665][ T7268] RIP: 0033:0x7f96e609e310 [ 72.073080][ T7268] Code: 73 01 c3 48 8b 0d 28 4b 2b 00 31 d2 48 29 c2 64 89 11 48 83 c8 ff eb ea 90 90 83 3d e5 a2 2b 00 00 75 10 b8 00 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 6e 8a 01 00 48 89 04 24 [ 72.092684][ T7268] RSP: 002b:00007ffd1ed94338 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 72.101094][ T7268] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f96e609e310 [ 72.109065][ T7268] RDX: 0000000000000fff RSI: 00007f96e656bd00 RDI: 0000000000000006 [ 72.117029][ T7268] RBP: 0000000000000fff R08: 0000000000000000 R09: 00007f96e636657b [ 72.124993][ T7268] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f96e656bd00 [ 72.132960][ T7268] R13: 0000000000000020 R14: 0000000000000005 R15: 0000000000000000 [ 72.142183][ T7268] Kernel Offset: disabled [ 72.146549][ T7268] Rebooting in 86400 seconds..