Warning: Permanently added '10.128.0.236' (ECDSA) to the list of known hosts. 2019/12/07 19:40:41 fuzzer started 2019/12/07 19:40:43 dialing manager at 10.128.0.105:38631 2019/12/07 19:40:43 syscalls: 2689 2019/12/07 19:40:43 code coverage: enabled 2019/12/07 19:40:43 comparison tracing: enabled 2019/12/07 19:40:43 extra coverage: extra coverage is not supported by the kernel 2019/12/07 19:40:43 setuid sandbox: enabled 2019/12/07 19:40:43 namespace sandbox: enabled 2019/12/07 19:40:43 Android sandbox: /sys/fs/selinux/policy does not exist 2019/12/07 19:40:43 fault injection: enabled 2019/12/07 19:40:43 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/12/07 19:40:43 net packet injection: enabled 2019/12/07 19:40:43 net device setup: enabled 2019/12/07 19:40:43 concurrency sanitizer: enabled 2019/12/07 19:40:43 devlink PCI setup: PCI device 0000:00:10.0 is not available 2019/12/07 19:40:46 adding functions to KCSAN blacklist: '__splice_from_pipe' 'rcu_gp_fqs_check_wake' 'find_get_pages_range_tag' 'ext4_nonda_switch' 'tcp_add_backlog' 'taskstats_exit' 'generic_write_end' 'ep_poll' '__find_get_block' 'blk_mq_sched_dispatch_requests' 'tick_nohz_idle_stop_tick' 'shmem_getpage_gfp' '__hrtimer_run_queues' 'ep_insert' 'mod_timer' 'find_next_bit' 'tick_do_update_jiffies64' 'copy_process' 'tomoyo_supervisor' 'tick_sched_do_timer' 'ext4_ext_insert_extent' 19:40:56 executing program 0: r0 = syz_open_dev$radio(&(0x7f0000000040)='/dev/radio#\x00', 0x2, 0x2) ioctl$VIDIOC_S_HW_FREQ_SEEK(r0, 0x40305652, &(0x7f0000000080)) 19:40:57 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x7b, 0x11, 0x30}]}, &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f0000000200)=""/4096, 0x0, 0x0, [], 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) syzkaller login: [ 69.173478][ T7591] IPVS: ftp: loaded support on port[0] = 21 [ 69.275153][ T7591] chnl_net:caif_netlink_parms(): no params data found [ 69.342019][ T7591] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.355355][ T7591] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.363336][ T7591] device bridge_slave_0 entered promiscuous mode [ 69.376041][ T7594] IPVS: ftp: loaded support on port[0] = 21 [ 69.382734][ T7591] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.394144][ T7591] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.402256][ T7591] device bridge_slave_1 entered promiscuous mode 19:40:57 executing program 2: r0 = socket$inet6(0xa, 0x80003, 0x6b) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha384-ssse3\x00'}, 0x58) r2 = accept$alg(r1, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000004740)=[{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000000c0)}], 0x1}], 0x1, 0x0) [ 69.440815][ T7591] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.467152][ T7591] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.533590][ T7591] team0: Port device team_slave_0 added [ 69.542235][ T7594] chnl_net:caif_netlink_parms(): no params data found [ 69.552235][ T7591] team0: Port device team_slave_1 added 19:40:57 executing program 3: set_mempolicy(0x2, &(0x7f00000000c0)=0x2, 0x8) capset(0x0, 0x0) close(0xffffffffffffffff) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000480)='/proc/sys/net/ipv4/vs/sync_persist_mode\x00', 0x2, 0x0) write$cgroup_pid(r0, &(0x7f00000036c0), 0x12) openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$TUNSETSTEERINGEBPF(0xffffffffffffffff, 0xaf01, 0x0) [ 69.660604][ T7591] device hsr_slave_0 entered promiscuous mode [ 69.688836][ T7591] device hsr_slave_1 entered promiscuous mode [ 69.749100][ T7594] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.757326][ T7594] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.808933][ T7594] device bridge_slave_0 entered promiscuous mode [ 69.842075][ T7597] IPVS: ftp: loaded support on port[0] = 21 [ 69.869163][ T7594] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.876355][ T7594] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.904488][ T7594] device bridge_slave_1 entered promiscuous mode [ 69.927595][ T7591] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.934698][ T7591] bridge0: port 2(bridge_slave_1) entered forwarding state [ 69.941983][ T7591] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.949172][ T7591] bridge0: port 1(bridge_slave_0) entered forwarding state [ 70.064571][ T7620] IPVS: ftp: loaded support on port[0] = 21 [ 70.112268][ T7594] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 70.173009][ T7594] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 70.269340][ T7594] team0: Port device team_slave_0 added [ 70.311592][ T7594] team0: Port device team_slave_1 added [ 70.319888][ T7591] 8021q: adding VLAN 0 to HW filter on device bond0 [ 70.339918][ T2416] bridge0: port 1(bridge_slave_0) entered disabled state [ 70.354240][ T7615] ================================================================== [ 70.362461][ T7615] BUG: KCSAN: data-race in pid_update_inode / security_file_open [ 70.370169][ T7615] [ 70.372527][ T7615] read to 0xffff88812525ed68 of 2 bytes by task 7621 on cpu 0: [ 70.380183][ T7615] security_file_open+0x11c/0x210 [ 70.385211][ T7615] do_dentry_open+0x211/0x970 [ 70.389914][ T7615] vfs_open+0x62/0x80 [ 70.394098][ T7615] path_openat+0xf73/0x36e0 [ 70.398617][ T7615] do_filp_open+0x11e/0x1b0 [ 70.403383][ T7615] do_sys_open+0x3b3/0x4f0 [ 70.408089][ T7615] __x64_sys_open+0x55/0x70 [ 70.412705][ T7615] do_syscall_64+0xcc/0x370 [ 70.417209][ T7615] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 70.423085][ T7615] [ 70.425499][ T7615] write to 0xffff88812525ed68 of 2 bytes by task 7615 on cpu 1: [ 70.433261][ T7615] pid_update_inode+0x51/0x70 [ 70.437936][ T7615] pid_revalidate+0x91/0xd0 [ 70.442614][ T7615] lookup_fast+0x618/0x700 [ 70.447305][ T7615] path_openat+0x2ac/0x36e0 [ 70.451985][ T7615] do_filp_open+0x11e/0x1b0 [ 70.456568][ T7615] do_sys_open+0x3b3/0x4f0 [ 70.460986][ T7615] __x64_sys_open+0x55/0x70 [ 70.465504][ T7615] do_syscall_64+0xcc/0x370 [ 70.470097][ T7615] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 70.475971][ T7615] [ 70.478318][ T7615] Reported by Kernel Concurrency Sanitizer on: [ 70.484463][ T7615] CPU: 1 PID: 7615 Comm: ps Not tainted 5.4.0-syzkaller #0 [ 70.491840][ T7615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 70.501886][ T7615] ================================================================== [ 70.509960][ T7615] Kernel panic - not syncing: panic_on_warn set ... [ 70.516579][ T7615] CPU: 1 PID: 7615 Comm: ps Not tainted 5.4.0-syzkaller #0 [ 70.523788][ T7615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 70.533831][ T7615] Call Trace: [ 70.537125][ T7615] dump_stack+0x11d/0x181 [ 70.541458][ T7615] panic+0x210/0x640 [ 70.545398][ T7615] ? vprintk_func+0x8d/0x140 [ 70.550022][ T7615] kcsan_report.cold+0xc/0xd [ 70.555079][ T7615] kcsan_setup_watchpoint+0x3fe/0x460 [ 70.560468][ T7615] __tsan_unaligned_write2+0xc4/0x100 [ 70.565841][ T7615] pid_update_inode+0x51/0x70 [ 70.570653][ T7615] pid_revalidate+0x91/0xd0 [ 70.575160][ T7615] lookup_fast+0x618/0x700 [ 70.579594][ T7615] path_openat+0x2ac/0x36e0 [ 70.584107][ T7615] ? proc_pid_status+0xee1/0x1000 [ 70.589140][ T7615] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 70.595406][ T7615] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 70.601322][ T7615] ? __read_once_size+0x41/0xe0 [ 70.606182][ T7615] do_filp_open+0x11e/0x1b0 [ 70.610844][ T7615] ? __alloc_fd+0x2ef/0x3b0 [ 70.615377][ T7615] do_sys_open+0x3b3/0x4f0 [ 70.619966][ T7615] __x64_sys_open+0x55/0x70 [ 70.624600][ T7615] do_syscall_64+0xcc/0x370 [ 70.629138][ T7615] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 70.635023][ T7615] RIP: 0033:0x7f8d9b8bd120 [ 70.639444][ T7615] Code: 48 8b 15 1b 4d 2b 00 f7 d8 64 89 02 83 c8 ff c3 90 90 90 90 90 90 90 90 90 90 83 3d d5 a4 2b 00 00 75 10 b8 02 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 5e 8c 01 00 48 89 04 24 [ 70.659221][ T7615] RSP: 002b:00007ffc090edaf8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 70.667718][ T7615] RAX: ffffffffffffffda RBX: 0000000000616760 RCX: 00007f8d9b8bd120 [ 70.675687][ T7615] RDX: 00007ffc090edb32 RSI: 0000000000000000 RDI: 00007ffc090edb20 [ 70.684096][ T7615] RBP: 0000000000020000 R08: 0000000000000000 R09: 00007f8d9bb8555f [ 70.692211][ T7615] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006cf220 [ 70.700182][ T7615] R13: 0000000000000020 R14: 00007f8d9bf72010 R15: 0000000000000000 [ 70.709951][ T7615] Kernel Offset: disabled [ 70.714280][ T7615] Rebooting in 86400 seconds..