Warning: Permanently added '10.128.10.28' (ECDSA) to the list of known hosts. 2019/11/20 22:13:29 fuzzer started 2019/11/20 22:13:30 dialing manager at 10.128.0.105:37585 2019/11/20 22:13:30 syscalls: 2566 2019/11/20 22:13:30 code coverage: enabled 2019/11/20 22:13:30 comparison tracing: enabled 2019/11/20 22:13:30 extra coverage: extra coverage is not supported by the kernel 2019/11/20 22:13:30 setuid sandbox: enabled 2019/11/20 22:13:30 namespace sandbox: enabled 2019/11/20 22:13:30 Android sandbox: /sys/fs/selinux/policy does not exist 2019/11/20 22:13:30 fault injection: enabled 2019/11/20 22:13:30 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/11/20 22:13:30 net packet injection: enabled 2019/11/20 22:13:30 net device setup: enabled 2019/11/20 22:13:30 concurrency sanitizer: enabled 2019/11/20 22:13:30 devlink PCI setup: PCI device 0000:00:10.0 is not available 2019/11/20 22:13:31 adding functions to KCSAN blacklist: '__hrtimer_run_queues' 'rcu_gp_fqs_check_wake' 'tcp_add_backlog' 'tomoyo_supervisor' 'generic_fillattr' 'futex_wait_queue_me' 22:13:33 executing program 0: r0 = syz_open_dev$sg(&(0x7f00000000c0)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r0, 0x0) ioctl$SG_NEXT_CMD_LEN(r0, 0x227e, &(0x7f0000000040)) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = socket$unix(0x1, 0x10004000000002, 0x0) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) msync(&(0x7f0000003000/0x1000)=nil, 0x1000, 0x3) 22:13:34 executing program 1: r0 = gettid() r1 = creat(&(0x7f0000000280)='./file0\x00', 0x1) write$binfmt_script(r1, &(0x7f00000005c0)=ANY=[@ANYBLOB='#! ./file0 @G'], 0xd) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close(r1) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) setxattr$security_capability(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000340)='security.capability\x00', &(0x7f0000000380)=@v2, 0x14, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) syzkaller login: [ 65.837074][ T7532] IPVS: ftp: loaded support on port[0] = 21 [ 65.860409][ T7534] IPVS: ftp: loaded support on port[0] = 21 22:13:34 executing program 2: recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0x80, 0x0}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/ip_vs\x00') preadv(r0, &(0x7f00000017c0), 0x33d, 0xf0ff7f00000000) [ 65.980121][ T7532] chnl_net:caif_netlink_parms(): no params data found [ 65.999194][ T7534] chnl_net:caif_netlink_parms(): no params data found [ 66.057019][ T7532] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.065138][ T7532] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.073651][ T7532] device bridge_slave_0 entered promiscuous mode [ 66.085810][ T7534] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.094511][ T7534] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.102563][ T7534] device bridge_slave_0 entered promiscuous mode [ 66.109493][ T7532] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.118105][ T7532] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.126197][ T7532] device bridge_slave_1 entered promiscuous mode [ 66.134447][ T7534] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.141491][ T7534] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.149942][ T7534] device bridge_slave_1 entered promiscuous mode [ 66.190995][ T7532] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 66.203475][ T7534] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 66.214861][ T7532] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 66.226116][ T7534] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 66.250985][ T7532] team0: Port device team_slave_0 added [ 66.264219][ T7534] team0: Port device team_slave_0 added [ 66.267346][ T7538] IPVS: ftp: loaded support on port[0] = 21 [ 66.271390][ T7534] team0: Port device team_slave_1 added [ 66.283913][ T7532] team0: Port device team_slave_1 added 22:13:34 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$can_raw(0x1d, 0x3, 0x1) getsockopt$bt_hci(r3, 0x65, 0x4, &(0x7f0000cbc000)=""/244, &(0x7f0000000000)=0x2) [ 66.365078][ T7532] device hsr_slave_0 entered promiscuous mode [ 66.442222][ T7532] device hsr_slave_1 entered promiscuous mode 22:13:34 executing program 4: r0 = socket$inet_sctp(0x2, 0x800000000000001, 0x84) sendto$inet(r0, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f0000000380)='\x00', 0x1, 0x0, &(0x7f00000000c0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) shutdown(r0, 0x1) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in6, 0x0, 0x0, 0x0, 0x0, 0x46}, 0x98) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000140), &(0x7f0000000180)=0xc) [ 66.534020][ T7534] device hsr_slave_0 entered promiscuous mode [ 66.572189][ T7534] device hsr_slave_1 entered promiscuous mode [ 66.642076][ T7534] debugfs: Directory 'hsr0' with parent '/' already present! [ 66.725437][ T7542] IPVS: ftp: loaded support on port[0] = 21 [ 66.725771][ T7540] IPVS: ftp: loaded support on port[0] = 21 [ 66.796034][ T7532] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.803281][ T7532] bridge0: port 2(bridge_slave_1) entered forwarding state [ 66.810634][ T7532] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.817745][ T7532] bridge0: port 1(bridge_slave_0) entered forwarding state [ 66.995093][ T45] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.042819][ T45] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.251208][ T7532] 8021q: adding VLAN 0 to HW filter on device bond0 [ 67.343029][ T7538] chnl_net:caif_netlink_parms(): no params data found [ 67.385053][ T7532] 8021q: adding VLAN 0 to HW filter on device team0 [ 67.393046][ T7580] ================================================================== [ 67.401170][ T7580] BUG: KCSAN: data-race in pid_update_inode / security_file_open [ 67.408900][ T7580] [ 67.411234][ T7580] read to 0xffff8881252e92e8 of 2 bytes by task 7585 on cpu 0: [ 67.418787][ T7580] security_file_open+0x11c/0x210 [ 67.423812][ T7580] do_dentry_open+0x211/0x970 [ 67.428484][ T7580] vfs_open+0x62/0x80 [ 67.432471][ T7580] path_openat+0xf73/0x36e0 [ 67.436977][ T7580] do_filp_open+0x11e/0x1b0 [ 67.441595][ T7580] do_sys_open+0x3b3/0x4f0 [ 67.446023][ T7580] __x64_sys_open+0x55/0x70 [ 67.450543][ T7580] do_syscall_64+0xcc/0x370 [ 67.455064][ T7580] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 67.460946][ T7580] [ 67.463276][ T7580] write to 0xffff8881252e92e8 of 2 bytes by task 7580 on cpu 1: [ 67.471692][ T7580] pid_update_inode+0x51/0x70 [ 67.476363][ T7580] pid_revalidate+0x91/0xd0 [ 67.480858][ T7580] lookup_fast+0x618/0x700 [ 67.485264][ T7580] path_openat+0x2ac/0x36e0 [ 67.489768][ T7580] do_filp_open+0x11e/0x1b0 [ 67.494278][ T7580] do_sys_open+0x3b3/0x4f0 [ 67.498699][ T7580] __x64_sys_open+0x55/0x70 [ 67.503209][ T7580] do_syscall_64+0xcc/0x370 [ 67.507717][ T7580] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 67.513600][ T7580] [ 67.515921][ T7580] Reported by Kernel Concurrency Sanitizer on: [ 67.522071][ T7580] CPU: 1 PID: 7580 Comm: ps Not tainted 5.4.0-rc7+ #0 [ 67.528832][ T7580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 67.538888][ T7580] ================================================================== [ 67.546957][ T7580] Kernel panic - not syncing: panic_on_warn set ... [ 67.553548][ T7580] CPU: 1 PID: 7580 Comm: ps Not tainted 5.4.0-rc7+ #0 [ 67.560301][ T7580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 67.570489][ T7580] Call Trace: [ 67.573782][ T7580] dump_stack+0x11d/0x181 [ 67.578114][ T7580] panic+0x210/0x640 [ 67.582011][ T7580] ? vprintk_func+0x8d/0x140 [ 67.586609][ T7580] kcsan_report.cold+0xc/0xd [ 67.591218][ T7580] kcsan_setup_watchpoint+0x3fe/0x460 [ 67.596611][ T7580] __tsan_unaligned_write2+0xc4/0x100 [ 67.602006][ T7580] pid_update_inode+0x51/0x70 [ 67.606689][ T7580] pid_revalidate+0x91/0xd0 [ 67.611196][ T7580] lookup_fast+0x618/0x700 [ 67.615620][ T7580] path_openat+0x2ac/0x36e0 [ 67.620137][ T7580] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 67.626388][ T7580] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 67.632294][ T7580] ? __read_once_size+0x41/0xe0 [ 67.637158][ T7580] do_filp_open+0x11e/0x1b0 [ 67.641663][ T7580] ? __alloc_fd+0x2ef/0x3b0 [ 67.646181][ T7580] do_sys_open+0x3b3/0x4f0 [ 67.650604][ T7580] __x64_sys_open+0x55/0x70 [ 67.655104][ T7580] do_syscall_64+0xcc/0x370 [ 67.659623][ T7580] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 67.665699][ T7580] RIP: 0033:0x7fec2b8aa120 [ 67.670125][ T7580] Code: 48 8b 15 1b 4d 2b 00 f7 d8 64 89 02 83 c8 ff c3 90 90 90 90 90 90 90 90 90 90 83 3d d5 a4 2b 00 00 75 10 b8 02 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 5e 8c 01 00 48 89 04 24 [ 67.689788][ T7580] RSP: 002b:00007fffe1d39bb8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 67.698203][ T7580] RAX: ffffffffffffffda RBX: 0000000000616760 RCX: 00007fec2b8aa120 [ 67.706174][ T7580] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007fec2bd78d00 [ 67.714143][ T7580] RBP: 0000000000001000 R08: 0000000000000000 R09: 00007fec2bb7257b [ 67.722136][ T7580] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fec2bd77d00 [ 67.730106][ T7580] R13: 0000000000000020 R14: 0000000000000005 R15: 0000000000000000 [ 67.739500][ T7580] Kernel Offset: disabled [ 67.743828][ T7580] Rebooting in 86400 seconds..