[ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.87' (ECDSA) to the list of known hosts. 2020/11/10 22:08:52 fuzzer started 2020/11/10 22:08:52 dialing manager at 10.128.0.105:33699 2020/11/10 22:08:52 syscalls: 3448 2020/11/10 22:08:52 code coverage: enabled 2020/11/10 22:08:52 comparison tracing: enabled 2020/11/10 22:08:52 extra coverage: enabled 2020/11/10 22:08:52 setuid sandbox: enabled 2020/11/10 22:08:52 namespace sandbox: enabled 2020/11/10 22:08:52 Android sandbox: /sys/fs/selinux/policy does not exist 2020/11/10 22:08:52 fault injection: enabled 2020/11/10 22:08:52 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/11/10 22:08:52 net packet injection: enabled 2020/11/10 22:08:52 net device setup: enabled 2020/11/10 22:08:52 concurrency sanitizer: enabled 2020/11/10 22:08:52 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/11/10 22:08:52 USB emulation: enabled 2020/11/10 22:08:52 hci packet injection: enabled 2020/11/10 22:08:52 wifi device emulation: enabled 2020/11/10 22:08:54 suppressing KCSAN reports in functions: 'alloc_pid' 'blk_mq_sched_dispatch_requests' 'n_tty_receive_buf_common' 'do_select' '__ext4_new_inode' 'ext4_free_inode' 'wbt_issue' 'ext4_free_inodes_count' 'dd_has_work' 'generic_write_end' 'blk_mq_rq_ctx_init' 'do_signal_stop' '__io_cqring_fill_event' '__xa_clear_mark' '__writeback_single_inode' 22:09:07 executing program 0: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/seq\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r0, 0x40505330, &(0x7f0000000080)={{}, {0xe7}}) 22:09:07 executing program 1: io_setup(0x1, &(0x7f0000e4b000)=0x0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58) r2 = accept4(r1, 0x0, 0x0, 0x0) sendmsg$IPVS_CMD_SET_DEST(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[], 0x78}}, 0x0) io_submit(r0, 0x1, &(0x7f0000bd9fe0)=[&(0x7f0000617fc0)={0x0, 0x0, 0x0, 0x0, 0x0, r2, &(0x7f000007d000)="b3", 0x1}]) 22:09:07 executing program 2: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @empty}, 0x10) syz_emit_ethernet(0x8a, &(0x7f0000000140)={@broadcast, @random="e0d35b1004bb", @val={@void}, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x4, 0x0, 0x0, 0x3, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @loopback, @loopback}, "00006371ae9b1c01"}}}}}, 0x0) 22:09:07 executing program 3: r0 = socket(0x11, 0x800000003, 0x0) bind(r0, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r0, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000000)=0x14) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000100)=@newqdisc={0x78, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x4c, 0x2, {{0x5}}}}]}, 0x78}}, 0x0) 22:09:08 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) close(r0) r2 = socket$inet(0x2, 0x2, 0x0) bind$inet(r2, &(0x7f0000000240)={0x2, 0x4e20}, 0x10) sendto$inet(r2, 0x0, 0x0, 0x8084, &(0x7f0000319ff0)={0x2, 0x4e20}, 0x10) dup3(r2, r1, 0x0) write$binfmt_elf64(r1, &(0x7f0000000080)=ANY=[], 0x31) io_setup(0x8, &(0x7f00000002c0)=0x0) io_submit(r3, 0x1e0933b8, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x12f}]) 22:09:08 executing program 5: r0 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000780)) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0xc011, r2, 0x0) epoll_wait(r1, &(0x7f0000000080)=[{}], 0x1, 0x0) syzkaller login: [ 46.465936][ T8454] IPVS: ftp: loaded support on port[0] = 21 [ 46.529879][ T8454] chnl_net:caif_netlink_parms(): no params data found [ 46.560040][ T8454] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.567168][ T8454] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.575119][ T8454] device bridge_slave_0 entered promiscuous mode [ 46.582955][ T8454] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.590299][ T8454] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.597688][ T8454] device bridge_slave_1 entered promiscuous mode [ 46.612591][ T8454] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.622923][ T8454] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.639731][ T8454] team0: Port device team_slave_0 added [ 46.646342][ T8454] team0: Port device team_slave_1 added [ 46.684729][ T8456] IPVS: ftp: loaded support on port[0] = 21 [ 46.700327][ T8454] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.707288][ T8454] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.741822][ T8454] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.761274][ T8454] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.768263][ T8454] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.795390][ T8454] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.814747][ T8458] IPVS: ftp: loaded support on port[0] = 21 [ 46.835818][ T8454] device hsr_slave_0 entered promiscuous mode [ 46.842396][ T8454] device hsr_slave_1 entered promiscuous mode [ 46.986092][ T8460] IPVS: ftp: loaded support on port[0] = 21 [ 47.010495][ T8454] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 47.027163][ T8456] chnl_net:caif_netlink_parms(): no params data found [ 47.037461][ T8458] chnl_net:caif_netlink_parms(): no params data found [ 47.049324][ T8454] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 47.074419][ T8454] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 47.084249][ T8454] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 47.117613][ T8454] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.124678][ T8454] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.131912][ T8454] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.139081][ T8454] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.202179][ T8458] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.219921][ T8458] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.227466][ T8458] device bridge_slave_0 entered promiscuous mode [ 47.234688][ T8456] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.241806][ T8456] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.249409][ T8456] device bridge_slave_0 entered promiscuous mode [ 47.262275][ T8458] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.264922][ T8462] IPVS: ftp: loaded support on port[0] = 21 [ 47.276099][ T8458] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.283801][ T8458] device bridge_slave_1 entered promiscuous mode [ 47.319073][ T8456] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.329638][ T8456] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.337043][ T8456] device bridge_slave_1 entered promiscuous mode [ 47.379425][ T8460] chnl_net:caif_netlink_parms(): no params data found [ 47.389142][ T8464] IPVS: ftp: loaded support on port[0] = 21 [ 47.395553][ T8456] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 47.423360][ T8458] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 47.436600][ T8456] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 47.456822][ T8456] team0: Port device team_slave_0 added [ 47.464796][ T8456] team0: Port device team_slave_1 added [ 47.476299][ T8458] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 47.524648][ T8458] team0: Port device team_slave_0 added [ 47.538945][ T8962] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.546508][ T8962] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.557125][ T8458] team0: Port device team_slave_1 added [ 47.570451][ T8456] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 47.577441][ T8456] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.604198][ T8456] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 47.616696][ T8456] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 47.624196][ T8456] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.650701][ T8456] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.670465][ T8458] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 47.677489][ T8458] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.703866][ T8458] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 47.716201][ T8454] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.723347][ T8462] chnl_net:caif_netlink_parms(): no params data found [ 47.743845][ T8460] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.752676][ T8460] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.760668][ T8460] device bridge_slave_0 entered promiscuous mode [ 47.767749][ T8458] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 47.775392][ T8458] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.801707][ T8458] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.829684][ T8462] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.836746][ T8462] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.844674][ T8462] device bridge_slave_0 entered promiscuous mode [ 47.851769][ T8460] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.858922][ T8460] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.866346][ T8460] device bridge_slave_1 entered promiscuous mode [ 47.878417][ T8454] ================================================================== [ 47.886503][ T8454] BUG: KCSAN: data-race in tomoyo_supervisor / tomoyo_supervisor [ 47.894195][ T8454] [ 47.896514][ T8454] write to 0xffffffff883bac78 of 8 bytes by task 8464 on cpu 1: [ 47.904128][ T8454] tomoyo_supervisor+0x176/0xb20 [ 47.909168][ T8454] tomoyo_path_number_perm+0x227/0x2d0 [ 47.909791][ T8464] chnl_net:caif_netlink_parms(): no params data found [ 47.914615][ T8454] tomoyo_file_ioctl+0x1c/0x20 [ 47.926118][ T8454] security_file_ioctl+0x45/0x90 [ 47.931050][ T8454] __se_sys_ioctl+0x48/0x140 [ 47.935629][ T8454] __x64_sys_ioctl+0x3f/0x50 [ 47.940209][ T8454] do_syscall_64+0x39/0x80 [ 47.944616][ T8454] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 47.950484][ T8454] [ 47.952803][ T8454] write to 0xffffffff883bac78 of 8 bytes by task 8454 on cpu 0: [ 47.958251][ T8464] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.960423][ T8454] tomoyo_supervisor+0x176/0xb20 [ 47.960433][ T8454] tomoyo_path_number_perm+0x227/0x2d0 [ 47.960444][ T8454] tomoyo_file_ioctl+0x1c/0x20 [ 47.960453][ T8454] security_file_ioctl+0x45/0x90 [ 47.960470][ T8454] __se_sys_ioctl+0x48/0x140 [ 47.967650][ T8464] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.972389][ T8454] __x64_sys_ioctl+0x3f/0x50 [ 47.972400][ T8454] do_syscall_64+0x39/0x80 [ 47.972409][ T8454] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 47.972417][ T8454] [ 47.982320][ T8464] device bridge_slave_0 entered promiscuous mode [ 47.982589][ T8454] Reported by Kernel Concurrency Sanitizer on: [ 47.989436][ T8464] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.992069][ T8454] CPU: 0 PID: 8454 Comm: syz-executor.0 Not tainted 5.10.0-rc3-syzkaller #0 [ 47.999411][ T8464] bridge0: port 2(bridge_slave_1) entered disabled state [ 48.003622][ T8454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 48.008409][ T8464] device bridge_slave_1 entered promiscuous mode [ 48.013864][ T8454] ================================================================== [ 48.013869][ T8454] Kernel panic - not syncing: panic_on_warn set ... [ 48.013879][ T8454] CPU: 0 PID: 8454 Comm: syz-executor.0 Not tainted 5.10.0-rc3-syzkaller #0 [ 48.013883][ T8454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 48.013886][ T8454] Call Trace: [ 48.013903][ T8454] dump_stack+0x116/0x15d [ 48.013916][ T8454] panic+0x1e7/0x5fa [ 48.013929][ T8454] ? vprintk_emit+0x2f2/0x370 [ 48.013941][ T8454] kcsan_report+0x67b/0x680 [ 48.013953][ T8454] ? kcsan_setup_watchpoint+0x46a/0x4d0 [ 48.013961][ T8454] ? tomoyo_supervisor+0x176/0xb20 [ 48.013977][ T8454] ? tomoyo_path_number_perm+0x227/0x2d0 [ 48.029005][ T8464] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 48.035722][ T8454] ? tomoyo_file_ioctl+0x1c/0x20 [ 48.045998][ T8464] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 48.051458][ T8454] ? security_file_ioctl+0x45/0x90 [ 48.051472][ T8454] ? __se_sys_ioctl+0x48/0x140 [ 48.051482][ T8454] ? __x64_sys_ioctl+0x3f/0x50 [ 48.051501][ T8454] ? do_syscall_64+0x39/0x80 [ 48.073090][ T8464] team0: Port device team_slave_0 added [ 48.075871][ T8454] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 48.084461][ T8464] team0: Port device team_slave_1 added [ 48.091197][ T8454] ? format_decode+0x1d3/0x840 [ 48.091209][ T8454] ? format_decode+0x1d3/0x840 [ 48.091219][ T8454] ? string+0x1f9/0x210 [ 48.091231][ T8454] kcsan_setup_watchpoint+0x46a/0x4d0 [ 48.091242][ T8454] tomoyo_supervisor+0x176/0xb20 [ 48.091252][ T8454] ? snprintf+0x6f/0x90 [ 48.091263][ T8454] tomoyo_path_number_perm+0x227/0x2d0 [ 48.091278][ T8454] ? alloc_file_pseudo+0x109/0x130 [ 48.091288][ T8454] tomoyo_file_ioctl+0x1c/0x20 [ 48.091305][ T8454] security_file_ioctl+0x45/0x90 [ 48.117006][ T8464] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 48.117457][ T8454] __se_sys_ioctl+0x48/0x140 [ 48.122180][ T8464] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 48.127465][ T8454] __x64_sys_ioctl+0x3f/0x50 [ 48.133962][ T8464] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 48.138166][ T8454] do_syscall_64+0x39/0x80 [ 48.150311][ T8464] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 48.152069][ T8454] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 48.162020][ T8464] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 48.166141][ T8454] RIP: 0033:0x45dd27 [ 48.172382][ T8464] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 48.175616][ T8454] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 6d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 48.375152][ T8454] RSP: 002b:00007ffd6c5f8998 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 48.383534][ T8454] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000045dd27 [ 48.391478][ T8454] RDX: 00007ffd6c5f89a0 RSI: 0000000000008933 RDI: 0000000000000004 [ 48.399443][ T8454] RBP: 00000000004c337b R08: 000000000000000a R09: 00007ffd6c5f8ab0 [ 48.407386][ T8454] R10: 0000000000000016 R11: 0000000000000246 R12: 00000000004c337b [ 48.415347][ T8454] R13: 0000000000000000 R14: 0000000000000003 R15: 00007ffd6c5f8ab0 [ 48.423928][ T8454] Kernel Offset: disabled [ 48.428248][ T8454] Rebooting in 86400 seconds..