Warning: Permanently added '10.128.10.23' (ECDSA) to the list of known hosts. 2019/11/05 00:18:51 fuzzer started 2019/11/05 00:18:53 dialing manager at 10.128.0.105:37793 2019/11/05 00:18:53 syscalls: 2553 2019/11/05 00:18:53 code coverage: enabled 2019/11/05 00:18:53 comparison tracing: enabled 2019/11/05 00:18:53 extra coverage: extra coverage is not supported by the kernel 2019/11/05 00:18:53 setuid sandbox: enabled 2019/11/05 00:18:53 namespace sandbox: enabled 2019/11/05 00:18:53 Android sandbox: /sys/fs/selinux/policy does not exist 2019/11/05 00:18:53 fault injection: enabled 2019/11/05 00:18:53 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/11/05 00:18:53 net packet injection: enabled 2019/11/05 00:18:53 net device setup: enabled 2019/11/05 00:18:53 concurrency sanitizer: enabled 2019/11/05 00:18:53 devlink PCI setup: PCI device 0000:00:10.0 is not available syzkaller login: [ 68.870180][ T8090] KCSAN: could not find function: 'poll_schedule_timeout' 2019/11/05 00:18:56 adding functions to KCSAN blacklist: 'tick_do_update_jiffies64' 'ktime_get_real_seconds' 'generic_write_end' 'rcu_gp_fqs_check_wake' '__hrtimer_run_queues' 'tcp_add_backlog' 'run_timer_softirq' 'generic_permission' 'blk_mq_sched_dispatch_requests' '__ext4_new_inode' 'ep_poll' 'tomoyo_supervisor' 'futex_wait_queue_me' 'ext4_free_inodes_count' 'tick_sched_do_timer' 'find_next_bit' 'ext4_nonda_switch' 'poll_schedule_timeout' 'ext4_free_inode' 'mod_timer' 'dd_has_work' 'atime_needs_update' 'do_nanosleep' 'vm_area_dup' 'pid_update_inode' 00:19:06 executing program 0: mkdir(&(0x7f0000000500)='./file0\x00', 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000001c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) preadv(r0, &(0x7f0000000200)=[{&(0x7f0000000140)=""/12, 0xfdad}], 0x1, 0xfebfffff) 00:19:06 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) dup2(0xffffffffffffffff, 0xffffffffffffffff) listen(r0, 0x80) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r4, 0x0, 0xded3740f62a47da, 0x20000004, &(0x7f00000002c0)={0xa, 0x4e22}, 0x1c) socket$inet(0x2, 0x0, 0x0) write(r4, &(0x7f0000000340), 0xffffffec) recvfrom$inet6(r4, &(0x7f0000001840)=""/31, 0x1f, 0x0, 0x0, 0x0) r5 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r5, 0x8914, &(0x7f0000000000)={'lo\x00'}) [ 79.669051][ T8093] IPVS: ftp: loaded support on port[0] = 21 [ 79.771497][ T8093] chnl_net:caif_netlink_parms(): no params data found [ 79.804443][ T8096] IPVS: ftp: loaded support on port[0] = 21 [ 79.841699][ T8093] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.848775][ T8093] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.862030][ T8093] device bridge_slave_0 entered promiscuous mode [ 79.880213][ T8093] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.889858][ T8093] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.897948][ T8093] device bridge_slave_1 entered promiscuous mode 00:19:06 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) close(r0) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000100)) io_setup(0x3, &(0x7f00000001c0)=0x0) io_submit(r1, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x471ff930586556f}]) [ 79.932184][ T8093] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 79.963700][ T8093] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 80.006335][ T8096] chnl_net:caif_netlink_parms(): no params data found [ 80.023870][ T8093] team0: Port device team_slave_0 added [ 80.031026][ T8093] team0: Port device team_slave_1 added [ 80.104078][ T8093] device hsr_slave_0 entered promiscuous mode [ 80.141047][ T8093] device hsr_slave_1 entered promiscuous mode [ 80.225162][ T8099] IPVS: ftp: loaded support on port[0] = 21 [ 80.231456][ T8096] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.238528][ T8096] bridge0: port 1(bridge_slave_0) entered disabled state 00:19:07 executing program 3: keyctl$set_reqkey_keyring(0x5, 0xfffffffffffffffd) r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000080)={'syz'}, 0x0, 0x0, 0xfffffffffffffffb) keyctl$describe(0x6, r0, 0x0, 0x2dc) [ 80.282803][ T8096] device bridge_slave_0 entered promiscuous mode [ 80.299658][ T8096] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.350783][ T8096] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.402319][ T8096] device bridge_slave_1 entered promiscuous mode [ 80.462814][ T8093] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.469984][ T8093] bridge0: port 2(bridge_slave_1) entered forwarding state [ 80.477391][ T8093] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.484570][ T8093] bridge0: port 1(bridge_slave_0) entered forwarding state [ 80.586080][ T8096] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 80.653116][ T8096] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 80.844046][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 80.890937][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.923187][ T8096] team0: Port device team_slave_0 added [ 80.939775][ T8125] IPVS: ftp: loaded support on port[0] = 21 [ 80.951051][ T8093] 8021q: adding VLAN 0 to HW filter on device bond0 [ 80.960607][ T8099] chnl_net:caif_netlink_parms(): no params data found [ 80.992006][ T8096] team0: Port device team_slave_1 added [ 81.038861][ T8093] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.077682][ T3504] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 81.091294][ T3504] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 00:19:08 executing program 4: mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x0, 0x800002172, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000004000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f0000000000/0x4000)=nil) [ 81.155476][ T8096] device hsr_slave_0 entered promiscuous mode [ 81.203224][ T8096] device hsr_slave_1 entered promiscuous mode [ 81.262752][ T8096] debugfs: Directory 'hsr0' with parent '/' already present! [ 81.283217][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 81.311797][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 81.320496][ T44] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.327654][ T44] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.481421][ T8099] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.488496][ T8099] bridge0: port 1(bridge_slave_0) entered disabled state [ 81.556024][ T8099] device bridge_slave_0 entered promiscuous mode [ 81.605249][ T8118] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 81.643604][ T8118] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 81.727711][ T8118] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.734989][ T8118] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.831427][ T8118] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 81.883940][ T8118] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 81.939170][ T8093] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 82.001384][ T8093] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 82.076434][ T8099] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.092722][ T8099] bridge0: port 2(bridge_slave_1) entered disabled state [ 82.141601][ T8099] device bridge_slave_1 entered promiscuous mode [ 82.212154][ T3504] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 82.223190][ T8133] IPVS: ftp: loaded support on port[0] = 21 [ 82.252821][ T3504] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 82.294910][ T3504] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 82.352790][ T3504] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 82.421696][ T3504] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 82.430571][ T3504] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready 00:19:09 executing program 5: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0xb, &(0x7f0000000500)=0x2, 0x4) setsockopt$inet6_udp_int(r0, 0x11, 0x1, &(0x7f0000000100)=0x3, 0x4) setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0x7, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4}, 0x1c) setsockopt$inet6_udp_int(r0, 0x11, 0x1, &(0x7f0000000080), 0x4) [ 82.481854][ T3504] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 82.490634][ T3504] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 82.582906][ T8099] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 82.632352][ T8093] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.640250][ T3504] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 82.669655][ T3504] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 82.695882][ T3504] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 82.750854][ T3504] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 82.760125][ T8099] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 82.835988][ T8125] chnl_net:caif_netlink_parms(): no params data found [ 82.931745][ T8099] team0: Port device team_slave_0 added [ 82.962098][ T8099] team0: Port device team_slave_1 added [ 83.059260][ T8165] IPVS: ftp: loaded support on port[0] = 21 [ 83.156048][ T8125] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.183237][ T8125] bridge0: port 1(bridge_slave_0) entered disabled state [ 83.221237][ T8125] device bridge_slave_0 entered promiscuous mode [ 83.251303][ T8125] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.258355][ T8125] bridge0: port 2(bridge_slave_1) entered disabled state [ 83.291568][ T8125] device bridge_slave_1 entered promiscuous mode [ 83.365676][ T8099] device hsr_slave_0 entered promiscuous mode [ 83.423695][ T8099] device hsr_slave_1 entered promiscuous mode [ 83.460701][ T8099] debugfs: Directory 'hsr0' with parent '/' already present! [ 83.499214][ T8096] 8021q: adding VLAN 0 to HW filter on device bond0 [ 83.614082][ T8096] 8021q: adding VLAN 0 to HW filter on device team0 [ 83.634142][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 83.642822][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 83.679289][ T8125] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 83.727385][ T8125] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 83.836029][ T3504] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 83.849835][ T3504] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 83.888329][ T3504] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.895442][ T3504] bridge0: port 1(bridge_slave_0) entered forwarding state [ 83.945219][ T3504] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 83.991566][ T3504] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 84.023820][ T3504] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.030920][ T3504] bridge0: port 2(bridge_slave_1) entered forwarding state [ 84.063856][ T3504] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 84.084632][ T3504] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 84.112132][ T3504] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 84.124521][ T3504] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready 00:19:11 executing program 0: mkdir(&(0x7f0000000500)='./file0\x00', 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000001c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) preadv(r0, &(0x7f0000000200)=[{&(0x7f0000000140)=""/12, 0xfdad}], 0x1, 0xfebfffff) [ 84.158342][ T8125] team0: Port device team_slave_0 added [ 84.167640][ T8133] chnl_net:caif_netlink_parms(): no params data found [ 84.186056][ T8096] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 84.250783][ T8096] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 84.301484][ T8118] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 84.331639][ T8118] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 84.351815][ T8118] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 84.391466][ T8118] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 84.424507][ T8118] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 84.450711][ T8184] ================================================================== [ 84.458857][ T8184] BUG: KCSAN: data-race in generic_fillattr / task_dump_owner [ 84.466309][ T8184] [ 84.468653][ T8184] write to 0xffff888125fe9570 of 4 bytes by task 8196 on cpu 0: [ 84.476308][ T8184] task_dump_owner+0x246/0x260 [ 84.481091][ T8184] pid_update_inode+0x3c/0x70 [ 84.485775][ T8184] pid_revalidate+0x91/0xd0 [ 84.490291][ T8184] lookup_fast+0x6f2/0x700 [ 84.494725][ T8184] walk_component+0x6d/0xe70 [ 84.499326][ T8184] link_path_walk.part.0+0x5d3/0xa90 [ 84.504644][ T8184] path_openat+0x14f/0x36e0 [ 84.509151][ T8184] do_filp_open+0x11e/0x1b0 [ 84.513663][ T8184] do_sys_open+0x3b3/0x4f0 [ 84.518098][ T8184] __x64_sys_open+0x55/0x70 [ 84.522641][ T8184] do_syscall_64+0xcc/0x370 [ 84.527154][ T8184] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 84.533040][ T8184] [ 84.535376][ T8184] read to 0xffff888125fe9570 of 4 bytes by task 8184 on cpu 1: [ 84.542929][ T8184] generic_fillattr+0xc7/0x1e0 [ 84.547699][ T8184] pid_getattr+0x74/0x1a0 [ 84.552039][ T8184] vfs_getattr_nosec+0x12e/0x170 [ 84.556981][ T8184] vfs_getattr+0x54/0x70 [ 84.561374][ T8184] vfs_statx+0x102/0x190 [ 84.565625][ T8184] __do_sys_newstat+0x51/0xb0 [ 84.570316][ T8184] __x64_sys_newstat+0x3a/0x50 [ 84.575271][ T8184] do_syscall_64+0xcc/0x370 [ 84.579793][ T8184] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 84.585761][ T8184] [ 84.588101][ T8184] Reported by Kernel Concurrency Sanitizer on: [ 84.594548][ T8184] CPU: 1 PID: 8184 Comm: ps Not tainted 5.4.0-rc6+ #0 [ 84.601318][ T8184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 84.612073][ T8184] ================================================================== [ 84.620133][ T8184] Kernel panic - not syncing: panic_on_warn set ... [ 84.626733][ T8184] CPU: 1 PID: 8184 Comm: ps Not tainted 5.4.0-rc6+ #0 [ 84.633494][ T8184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 84.643546][ T8184] Call Trace: [ 84.646939][ T8184] dump_stack+0xf5/0x159 [ 84.651189][ T8184] panic+0x210/0x640 [ 84.655098][ T8184] ? vprintk_func+0x8d/0x140 [ 84.659700][ T8184] kcsan_report.cold+0xc/0xe [ 84.664304][ T8184] kcsan_setup_watchpoint+0x3fe/0x410 [ 84.669702][ T8184] __tsan_read4+0x145/0x1f0 [ 84.674222][ T8184] generic_fillattr+0xc7/0x1e0 [ 84.678999][ T8184] pid_getattr+0x74/0x1a0 [ 84.683354][ T8184] vfs_getattr_nosec+0x12e/0x170 [ 84.688309][ T8184] ? task_dump_owner+0x260/0x260 [ 84.693263][ T8184] vfs_getattr+0x54/0x70 [ 84.697522][ T8184] vfs_statx+0x102/0x190 [ 84.701783][ T8184] __do_sys_newstat+0x51/0xb0 [ 84.706481][ T8184] __x64_sys_newstat+0x3a/0x50 [ 84.711260][ T8184] do_syscall_64+0xcc/0x370 [ 84.715804][ T8184] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 84.721699][ T8184] RIP: 0033:0x7fdf0aaa4c65 [ 84.726132][ T8184] Code: 00 00 00 e8 5d 01 00 00 48 83 c4 18 c3 90 90 90 90 90 90 90 90 83 ff 01 48 89 f0 77 18 48 89 c7 48 89 d6 b8 04 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 17 f3 c3 90 48 8b 05 a1 51 2b 00 64 c7 00 16 [ 84.745737][ T8184] RSP: 002b:00007ffebe6a87b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000004 [ 84.754160][ T8184] RAX: ffffffffffffffda RBX: 0000000000616760 RCX: 00007fdf0aaa4c65 [ 84.762160][ T8184] RDX: 00007fdf0af72c60 RSI: 00007fdf0af72c60 RDI: 0000000002187220 [ 84.770141][ T8184] RBP: 0000000000020062 R08: 00007fdf0ad5a5a0 R09: 0000000000000000 [ 84.778128][ T8184] R10: 1999999999999999 R11: 0000000000000246 R12: 0000000002187220 [ 84.786196][ T8184] R13: 00000000021871c0 R14: 0000000000000005 R15: 0000000000000000 [ 84.795822][ T8184] Kernel Offset: disabled [ 84.800379][ T8184] Rebooting in 86400 seconds..