Warning: Permanently added '10.128.0.5' (ECDSA) to the list of known hosts. 2020/06/30 03:16:31 fuzzer started 2020/06/30 03:16:31 dialing manager at 10.128.0.105:35597 2020/06/30 03:16:31 syscalls: 3106 2020/06/30 03:16:31 code coverage: enabled 2020/06/30 03:16:31 comparison tracing: enabled 2020/06/30 03:16:31 extra coverage: enabled 2020/06/30 03:16:31 setuid sandbox: enabled 2020/06/30 03:16:31 namespace sandbox: enabled 2020/06/30 03:16:31 Android sandbox: /sys/fs/selinux/policy does not exist 2020/06/30 03:16:31 fault injection: enabled 2020/06/30 03:16:31 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/06/30 03:16:31 net packet injection: enabled 2020/06/30 03:16:31 net device setup: enabled 2020/06/30 03:16:31 concurrency sanitizer: enabled 2020/06/30 03:16:31 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/06/30 03:16:31 USB emulation: enabled 03:16:32 executing program 0: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r0, 0x400448e2, 0x0) [ 32.694806][ T8644] IPVS: ftp: loaded support on port[0] = 21 [ 32.748906][ T8644] chnl_net:caif_netlink_parms(): no params data found [ 32.778528][ T8644] bridge0: port 1(bridge_slave_0) entered blocking state [ 32.785662][ T8644] bridge0: port 1(bridge_slave_0) entered disabled state 03:16:33 executing program 1: creat(&(0x7f0000000040)='./bus\x00', 0x0) unshare(0x6000400) r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000000)='./bus\x00', 0x46000812) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') preadv(r1, 0x0, 0x0, 0x0) [ 32.793181][ T8644] device bridge_slave_0 entered promiscuous mode [ 32.800956][ T8644] bridge0: port 2(bridge_slave_1) entered blocking state [ 32.808103][ T8644] bridge0: port 2(bridge_slave_1) entered disabled state [ 32.815835][ T8644] device bridge_slave_1 entered promiscuous mode [ 32.831989][ T8644] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 32.842988][ T8644] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 32.881799][ T8644] team0: Port device team_slave_0 added [ 32.896046][ T8644] team0: Port device team_slave_1 added [ 32.921641][ T8644] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 32.944390][ T8644] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 32.984616][ T8644] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 32.998312][ T8791] IPVS: ftp: loaded support on port[0] = 21 [ 33.005966][ T8644] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 33.012992][ T8644] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. 03:16:33 executing program 2: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@delneigh={0x30, 0x1d, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@NDA_LLADDR={0xa, 0x2, @dev}, @NDA_VLAN={0x6, 0x5, 0x2}]}, 0x30}}, 0x0) [ 33.042185][ T8644] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 33.115853][ T8644] device hsr_slave_0 entered promiscuous mode [ 33.134510][ T8644] device hsr_slave_1 entered promiscuous mode 03:16:33 executing program 3: open(&(0x7f0000000440)='./file0\x00', 0x110000141042, 0x0) sched_setaffinity(0x0, 0x3d31, &(0x7f0000000200)=0xa000000000000005) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x5fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount(&(0x7f0000000480)=ANY=[@ANYBLOB="5b643a3a5d2c303a3a363a00f980"], &(0x7f00000000c0)='./file0\x00', &(0x7f0000000040)='ceph\x00', 0x0, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 33.236917][ T8832] IPVS: ftp: loaded support on port[0] = 21 [ 33.278332][ T8791] chnl_net:caif_netlink_parms(): no params data found [ 33.370167][ T8791] bridge0: port 1(bridge_slave_0) entered blocking state [ 33.384396][ T8791] bridge0: port 1(bridge_slave_0) entered disabled state [ 33.391843][ T8791] device bridge_slave_0 entered promiscuous mode [ 33.420627][ T8644] netdevsim netdevsim0 netdevsim0: renamed from eth0 03:16:33 executing program 4: r0 = socket(0x2000000000000021, 0x2, 0x10000000000002) connect$rxrpc(r0, &(0x7f0000000040)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @broadcast}}, 0x24) sendmmsg(r0, &(0x7f0000005c00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000025c0)=ANY=[@ANYBLOB="18000000000000001001000001000000770000000bdf00409330b3e7d8aa94129a373d62c292b8c6ed127caa87f75478759207d10604ec95ff7bcb0d6b9b125ec85a366abe4f50111f0a03dbd1b4dea05a8b5b29e84e4fadaa6ebe736427e44dc6505d24234826a267f75c743db965041c09c59047f7f794fdffff80b6d724c8f356b5c28affffffffff8193b1a5c3438495d929ce2f1ae893afaf3f05d32d0bfa67b3da43ab981313e755223886b180a269917db5430ef9aec071e44cd19cb18e4e0528acd13471f44d80d21ed5de4b4ca31f4269a88115bece676d0fbf165b08c35178e5989379cc9df9e121a95731d088d6"], 0x18, 0x4800000000000000}}], 0x1, 0x0) sendmmsg(r0, &(0x7f0000005c00)=[{{0x0, 0xfffffffffffffd95, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000001001000001000000ec00000000000000477a5fd398b950096e0588994b6b142721052cbe8484fa39a75f7c2f0f402c57aa55f3bdedde5f35e4ddb85032862496753f0fd98a73b2fe7b0cd418935e4ef6abbf93fdbaf1ff0538e32fe500"/110], 0x18}}], 0x1, 0x0) sendmmsg(r0, &(0x7f0000005c00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[{0x18, 0x110, 0x1, 'w'}], 0x18}}], 0x1, 0x0) [ 33.481835][ T9010] IPVS: ftp: loaded support on port[0] = 21 [ 33.488042][ T8791] bridge0: port 2(bridge_slave_1) entered blocking state [ 33.498597][ T8791] bridge0: port 2(bridge_slave_1) entered disabled state [ 33.510618][ T8791] device bridge_slave_1 entered promiscuous mode [ 33.524299][ T8644] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 33.566169][ T8644] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 33.605699][ T8644] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 33.653429][ T8644] bridge0: port 2(bridge_slave_1) entered blocking state [ 33.660496][ T8644] bridge0: port 2(bridge_slave_1) entered forwarding state [ 33.667741][ T8644] bridge0: port 1(bridge_slave_0) entered blocking state [ 33.674851][ T8644] bridge0: port 1(bridge_slave_0) entered forwarding state [ 33.688046][ T8791] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link 03:16:33 executing program 5: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) timer_create(0x7, 0x0, &(0x7f0000000140)) timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}}, &(0x7f0000000080)) [ 33.702519][ T9096] IPVS: ftp: loaded support on port[0] = 21 [ 33.708940][ T8832] chnl_net:caif_netlink_parms(): no params data found [ 33.723683][ T8791] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 33.768857][ T8791] team0: Port device team_slave_0 added [ 33.794207][ T8791] team0: Port device team_slave_1 added [ 33.869850][ T4739] bridge0: port 1(bridge_slave_0) entered disabled state [ 33.877699][ T4739] bridge0: port 2(bridge_slave_1) entered disabled state [ 33.894423][ T9010] chnl_net:caif_netlink_parms(): no params data found [ 33.907605][ T8791] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 33.915104][ T8791] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 33.941838][ T8791] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 33.954940][ T8791] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 33.961907][ T8791] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 33.987940][ T8791] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 34.002805][ T9292] IPVS: ftp: loaded support on port[0] = 21 [ 34.035497][ T8791] device hsr_slave_0 entered promiscuous mode [ 34.064308][ T8791] device hsr_slave_1 entered promiscuous mode [ 34.124142][ T8791] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 34.131735][ T8791] Cannot create hsr debugfs directory [ 34.140497][ T8644] 8021q: adding VLAN 0 to HW filter on device bond0 [ 34.150630][ T9096] chnl_net:caif_netlink_parms(): no params data found [ 34.168409][ T8832] bridge0: port 1(bridge_slave_0) entered blocking state [ 34.175587][ T8832] bridge0: port 1(bridge_slave_0) entered disabled state [ 34.182983][ T8832] device bridge_slave_0 entered promiscuous mode [ 34.191738][ T8832] bridge0: port 2(bridge_slave_1) entered blocking state [ 34.199297][ T8832] bridge0: port 2(bridge_slave_1) entered disabled state [ 34.206854][ T8832] device bridge_slave_1 entered promiscuous mode [ 34.222377][ T8832] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 34.249293][ T8832] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 34.264759][ T7] ================================================================== [ 34.272844][ T7] BUG: KCSAN: data-race in copy_process / copy_process [ 34.279656][ T7] [ 34.281975][ T7] write to 0xffffffff8927a410 of 4 bytes by task 279 on cpu 1: [ 34.289485][ T7] copy_process+0x2e84/0x3300 [ 34.294132][ T7] _do_fork+0xf1/0x660 [ 34.298191][ T7] kernel_thread+0x85/0xb0 [ 34.302599][ T7] call_usermodehelper_exec_work+0x4f/0x1b0 [ 34.308461][ T7] process_one_work+0x3e1/0x9a0 [ 34.313278][ T7] worker_thread+0x665/0xbe0 [ 34.317836][ T7] kthread+0x20d/0x230 [ 34.321874][ T7] ret_from_fork+0x1f/0x30 [ 34.326253][ T7] [ 34.328551][ T7] read to 0xffffffff8927a410 of 4 bytes by task 7 on cpu 0: [ 34.335801][ T7] copy_process+0xac4/0x3300 [ 34.340360][ T7] _do_fork+0xf1/0x660 [ 34.344396][ T7] kernel_thread+0x85/0xb0 [ 34.348779][ T7] call_usermodehelper_exec_work+0x4f/0x1b0 [ 34.354638][ T7] process_one_work+0x3e1/0x9a0 [ 34.359474][ T7] worker_thread+0x665/0xbe0 [ 34.364033][ T7] kthread+0x20d/0x230 [ 34.368069][ T7] ret_from_fork+0x1f/0x30 [ 34.372446][ T7] [ 34.374740][ T7] Reported by Kernel Concurrency Sanitizer on: [ 34.380860][ T7] CPU: 0 PID: 7 Comm: kworker/u4:0 Not tainted 5.8.0-rc3-syzkaller #0 [ 34.388974][ T7] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 34.399002][ T7] Workqueue: events_unbound call_usermodehelper_exec_work [ 34.406073][ T7] ================================================================== [ 34.414100][ T7] Kernel panic - not syncing: panic_on_warn set ... [ 34.420653][ T7] CPU: 0 PID: 7 Comm: kworker/u4:0 Not tainted 5.8.0-rc3-syzkaller #0 [ 34.428767][ T7] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 34.438796][ T7] Workqueue: events_unbound call_usermodehelper_exec_work [ 34.445869][ T7] Call Trace: [ 34.449129][ T7] dump_stack+0x10f/0x19d [ 34.453425][ T7] panic+0x207/0x64a [ 34.457291][ T7] ? vprintk_emit+0x44a/0x4f0 [ 34.461939][ T7] kcsan_report+0x684/0x690 [ 34.466412][ T7] ? kcsan_setup_watchpoint+0x453/0x4d0 [ 34.471926][ T7] ? copy_process+0xac4/0x3300 [ 34.476657][ T7] ? _do_fork+0xf1/0x660 [ 34.480870][ T7] ? kernel_thread+0x85/0xb0 [ 34.485428][ T7] ? call_usermodehelper_exec_work+0x4f/0x1b0 [ 34.491472][ T7] ? process_one_work+0x3e1/0x9a0 [ 34.496465][ T7] ? worker_thread+0x665/0xbe0 [ 34.501207][ T7] ? kthread+0x20d/0x230 [ 34.505423][ T7] ? ret_from_fork+0x1f/0x30 [ 34.509993][ T7] ? debug_smp_processor_id+0x18/0x20 [ 34.515339][ T7] ? copy_creds+0x280/0x350 [ 34.519814][ T7] ? copy_creds+0x280/0x350 [ 34.524288][ T7] kcsan_setup_watchpoint+0x453/0x4d0 [ 34.529628][ T7] ? copy_creds+0x280/0x350 [ 34.534133][ T7] copy_process+0xac4/0x3300 [ 34.538715][ T7] ? check_preempt_wakeup+0x1cb/0x370 [ 34.544077][ T7] ? proc_cap_handler+0x280/0x280 [ 34.549087][ T7] _do_fork+0xf1/0x660 [ 34.553139][ T7] ? debug_smp_processor_id+0x18/0x20 [ 34.558482][ T7] ? delay_tsc+0x96/0xe0 [ 34.562697][ T7] ? proc_cap_handler+0x280/0x280 [ 34.567691][ T7] kernel_thread+0x85/0xb0 [ 34.572077][ T7] ? proc_cap_handler+0x280/0x280 [ 34.577116][ T7] call_usermodehelper_exec_work+0x4f/0x1b0 [ 34.582981][ T7] process_one_work+0x3e1/0x9a0 [ 34.587804][ T7] worker_thread+0x665/0xbe0 [ 34.592376][ T7] ? process_one_work+0x9a0/0x9a0 [ 34.597373][ T7] kthread+0x20d/0x230 [ 34.601414][ T7] ? process_one_work+0x9a0/0x9a0 [ 34.606409][ T7] ? kthread_blkcg+0x80/0x80 [ 34.610971][ T7] ret_from_fork+0x1f/0x30 [ 34.616599][ T7] Kernel Offset: disabled [ 34.620908][ T7] Rebooting in 86400 seconds..