Warning: Permanently added '10.128.0.52' (ECDSA) to the list of known hosts. 2019/12/22 11:31:00 fuzzer started 2019/12/22 11:31:02 dialing manager at 10.128.0.105:34873 2019/12/22 11:31:02 syscalls: 2692 2019/12/22 11:31:02 code coverage: enabled 2019/12/22 11:31:02 comparison tracing: enabled 2019/12/22 11:31:02 extra coverage: enabled 2019/12/22 11:31:02 setuid sandbox: enabled 2019/12/22 11:31:02 namespace sandbox: enabled 2019/12/22 11:31:02 Android sandbox: /sys/fs/selinux/policy does not exist 2019/12/22 11:31:02 fault injection: enabled 2019/12/22 11:31:02 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/12/22 11:31:02 net packet injection: enabled 2019/12/22 11:31:02 net device setup: enabled 2019/12/22 11:31:02 concurrency sanitizer: enabled 2019/12/22 11:31:02 devlink PCI setup: PCI device 0000:00:10.0 is not available 2019/12/22 11:31:03 adding functions to KCSAN blacklist: 'ext4_free_inode' '__hrtimer_run_queues' 'fasync_remove_entry' 'ep_poll' '__ext4_new_inode' 'ext4_nonda_switch' 'ext4_has_free_clusters' 'tomoyo_supervisor' 11:31:07 executing program 0: r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffc) r1 = socket$unix(0x1, 0x1, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) add_key(&(0x7f00000005c0)='rxrpc_s\x00', 0x0, &(0x7f0000000640)="5942f4b7af71ba73", 0x8, r0) syzkaller login: [ 62.985541][ T7880] IPVS: ftp: loaded support on port[0] = 21 11:31:07 executing program 1: prctl$PR_MCE_KILL(0x21, 0x3, 0x0) [ 63.075187][ T7880] chnl_net:caif_netlink_parms(): no params data found [ 63.103846][ T7880] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.110956][ T7880] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.118706][ T7880] device bridge_slave_0 entered promiscuous mode [ 63.126677][ T7880] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.133771][ T7880] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.141923][ T7880] device bridge_slave_1 entered promiscuous mode [ 63.160279][ T7880] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 63.171301][ T7880] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 63.190670][ T7880] team0: Port device team_slave_0 added [ 63.197343][ T7880] team0: Port device team_slave_1 added [ 63.251594][ T7880] device hsr_slave_0 entered promiscuous mode 11:31:08 executing program 2: syz_emit_ethernet(0x6a, &(0x7f00000002c0)=ANY=[@ANYBLOB="ffffffffffff020000ff000008004500005c0000000000019078ac7014bbac1414110502907800000600400000000000000000210000ac14140dac141400082c00000000000000000000e000000200000000e080000100000000000000007f0000010000000000000000"], 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000040)={0x1}) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) socket$alg(0x26, 0x5, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) socket$inet6(0xa, 0x9, 0x7fc) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfdffffffffffffff, 0xffffffffffffffff, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000300)=0x6) r2 = bpf$PROG_LOAD(0x5, 0x0, 0xfffffffffffffdc1) ioctl(r2, 0x10000, &(0x7f0000000400)="153f6234488dd25d766070") socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000540)) r3 = socket(0xa, 0x3, 0x8) syz_open_dev$audion(&(0x7f00000001c0)='/dev/audio#\x00', 0x4, 0x80100) r4 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0xfff, 0x111600) ioctl$TIOCGSID(r4, 0x5429, &(0x7f0000000800)) ioctl$sock_inet_SIOCSIFFLAGS(r3, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x10}) ioctl$RTC_WKALM_RD(r4, 0x80287010, &(0x7f00000002c0)) setsockopt$IP_VS_SO_SET_DELDEST(r4, 0x0, 0x488, &(0x7f0000000080)={{0x6c, @remote, 0x4e24, 0x1, 'lblcr\x00', 0x1e, 0x0, 0x13}, {@remote, 0x4e21, 0x7, 0xffff, 0x400, 0x2}}, 0x44) memfd_create(&(0x7f0000000c40)='memory.events\x00\xf0\xb5zCw/Z3\xac\xa2\xd2\xc4\x1c~\xf9M\xe7\xd2R\xe9\x1f\x99 >\xa7\xfe\xb6\xcbQH\xf5\xee\xdfL\xbev\x98\'\x14\xbd\"\xcfT\xde\xe7\x11+\xa5\x9b\xbdMy\xc7\x9b\x9a\x8d\xf5\x978\xb8\x8e>X\xeaq\x9a\xc4\x90\x14\xf5\xae\x90\v\x06\x86\xd1\x1d\x82n\xfa7\xe7}\xc9\xf1u\xee\xb9\xf2\ar\xc8\xeb\x15\x93\xf7\xd5\x14\x8dD\x88\xe4\xca3\x032f\x11%s\xc28\x94\xb9\xd8\xa2\x86\x8c\xf9\xa3;G\x90\xef\xbf\xd9\xb5j}\xec\xc9\x1f&r\xb9I\xba`\xc0\xfen\xf0\xe8\x03\xf0\xee\x82\xbd5b=\xd9\xda^\xb7k`\xedz\x86P\xba\xc9\v\x1fgt\xbaN\xfe7)\xd5\xa4\xf9\xc0\xfa\f_\x15\xd5\xe2v\r)\xa6\xdc\xe3B\x17\xb2\xb2\a\xad\xe6\xa0*\x95\xb2\x91,^\xed3o\x1di\x14\x81>\xa8\xdcb\xe7\x8a\xfc', 0x0) write$binfmt_misc(r4, &(0x7f0000000c40)=ANY=[], 0x0) setsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000140)={0x0, 0x1, 0xffffffffffffffe3, 0x7, 0x1f, 0x6, 0x9cb, 0x8001, 0x7d, 0x2, 0x86}, 0xb) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r5, &(0x7f0000000080)={0x0, 0x3b, &(0x7f00000000c0)=[{&(0x7f0000000000)="2e00000022008151e00f80ecdb4cb904044865160b0011002f004c00000020140e000a0002009d0edc2976d153b4", 0x235}], 0x1}, 0x0) r6 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r6, &(0x7f0000000080)={0x0, 0x3b, &(0x7f00000000c0)=[{&(0x7f0000000000)="2e00000022008151e00f80ecdb4cb904044865160b0011002f004c00000020140e000a0002009d0edc2976d153b4", 0x235}], 0x1}, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x3b, &(0x7f00000000c0)=[{&(0x7f0000000000)="2e00000022008151e00f80ecdb4cb904044865160b0011002f004c00000020140e000a0002009d0edc2976d153b4", 0x235}], 0x1}, 0x0) sendmsg$key(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000004c0)=ANY=[]}}, 0x204c810) r7 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r7, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f00000003c0)=@ipv4_newrule={0x2c, 0x20, 0xf29, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, [@FRA_GENERIC_POLICY=@FRA_UID_RANGE={0xc}]}, 0x2c}}, 0x0) sendmsg$key(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000d40)=ANY=[@ANYBLOB="1c0b5bd1cf5925e3f57702796092712cd7b371a64937a2dc55cb9287bc77a51ff173fe677ae6d60ccbc48734bc72bad46481b4b6721ac9f0be174a8b04934e170ca6bed16351d8e8d4a4b4fe45f23286dbaa959a4cc2ea9d735d6e2fef0b5278b63e39e35ecd498cfcd210b31020f7c1d45cf003e82788189af5c66d498dc3be45cce568dfd943b2b54c581ef9123f14f13fb9b9f2e3e04c88935fa0b1521e420cddc62a05f33c5618479e5e54d6b5936f0c094538e1e8031d484f4d4a161f23effd93c4cff9e426966cdcaee25ddfac44847f6b95682def0b449bb997ae6e000000000000000000000000000000000000000000000000007a83e6021cc623786dc89e67673ea1d9f62dccab267f9116c90f2e4f17df8810cd683b06e8e3788daedcf86009c77c0395b97953771c16be85edbc9a73150d280be9f52f87557d25efe43492ee53c500000000000000000000000900000000000000000000000000000000000000b4533a064776ea1314c19c293eba285f65b83f960e29", @ANYRESDEC=r1], 0x174}}, 0x0) [ 63.323735][ T7880] device hsr_slave_1 entered promiscuous mode [ 63.395514][ T7883] IPVS: ftp: loaded support on port[0] = 21 [ 63.414226][ T7880] netdevsim netdevsim0 netdevsim0: renamed from eth0 11:31:08 executing program 3: r0 = socket(0x2000000000000021, 0x2, 0x10000000000002) setsockopt$RXRPC_EXCLUSIVE_CONNECTION(r0, 0x110, 0x3) connect$rxrpc(r0, &(0x7f0000000040)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @loopback}}, 0x24) sendmmsg(r0, &(0x7f0000005c00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000001001000001000000770000f200000000a6e217b91c3b0d873722b41a118fd58fa1f0a39ad9582203daa32c9831699acc52f141eeca2bd12d2f6fb54e5bff40e062a43f80b1babfd076d2502892250deee2728316e63e589ddf142e89365bd48cf76602c6f6aa76bc37284732bd1e191ddd3c9f310f827c195f3c4957c67a08466517ba136c8c9e01000000f8ffffffffffffff3e26b5ca26bb434dbd0e5085c294e577bb081876e63e7c2834533925db8b54b33da7b947aefca1f9c49c648d58d4f944264fcace71d5c798cd3c13d7083a7eb4c526e072a23bd24cccb38e4eff542520858c940fbb95979a564d73a7af107fd5ddaa491838873914a467c3ce28056833eb4559864317c0a1dac92d090f4f9093679791a2840f2851324acdf44a807e69a1bc25d265303004e8ead128a3d61c0063233501cfdf76d99dbc46b9c00203a9161b8a444001c386475c432c7a6e898885429063954ea0bdf9abc7b9322f3485d99ab38a3231ea08584795647ddb75c593933e824acdab292482735cd91572d0bc3f95b61e039183f5ed7cb75f2ba79296f73ca6f00a0f6ce5c2bc03957a77dbd229921124580fc4ddd4aa3f3752c7f2dca3da2ba7b772e01215f05dc1cf74ddf51af1a4ebba443374e09d5ff96db1a1a60368493ff364315b"], 0x18}}], 0x1, 0x4048000) close(r0) [ 63.543093][ T7880] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 63.636805][ T7885] IPVS: ftp: loaded support on port[0] = 21 [ 63.648563][ T7880] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 63.701879][ T7880] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 63.765283][ T7887] IPVS: ftp: loaded support on port[0] = 21 [ 63.787906][ T7880] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.794995][ T7880] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.802281][ T7880] bridge0: port 1(bridge_slave_0) entered blocking state 11:31:08 executing program 4: clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000400)={'\x00', 0x0}) r1 = memfd_create(&(0x7f0000000040)='\x00\x00/\x96_\xf9', 0x0) mmap(&(0x7f0000000000/0xaa2000)=nil, 0xaa2000, 0x5, 0x11, r1, 0x0) rt_sigaction(0x7, &(0x7f0000b4a000)={0xfffffffffffffffd, {0x4000001}, 0x0, 0x0}, 0x0, 0x8, &(0x7f0000000000)) syz_open_procfs(0x0, &(0x7f0000000100)='net/anycast6\x00') prctl$PR_SET_DUMPABLE(0x4, 0x0) syz_open_procfs(0x0, &(0x7f0000000300)='acreate\x00>\x95\xf4AJ\xe8\xef\xcb\xebc\"\xa3&K\r\xf8\x10\x81Y\xbe-\x92\x931\xcb{\xf9\x9f\xa3Ro9r\x99s\x95N\xe6\xa6\xcf1\x8a\x8cT\x97:3\x8c(a\xb5\x8f\xed\x13T@\x17\x1b6\xda\xa8\xa2\x9c \xc8\x1cvE\xb1T\xd2\x9a]\x9c\x9d\x13\a\xa2\x9a\xb0K\xd2d\x1eg\x8e\xc6\xc0\x94\x0e\xb0l\x95*\x82\xbf\xffS\xcf\xfd\x0f8\x92r\xcb\\\x06kG\\\xd1\xab\xd8\xeb\x8f\x92\x93\xac\xb1\x98\xc7\xd5:K.\xd50c\xbf\x04\x00M\xc2\x8f\x15%#SW5\x8b\xd3vF\xd8_\xf5\x02\r\xd4\xedLc\x89\x97\x1a\xa9\x05\xb1<\xf8\x95wUd\xd9\x1a\x00\xcd\x92\xa1\xac\x15tTZl.\xcc\xb8!l\v\xb6\xe5;\xd1\x9a\xd6') [ 63.809405][ T7880] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.829408][ T10] ================================================================== [ 63.837638][ T10] BUG: KCSAN: data-race in rcu_gp_fqs_check_wake / rcu_note_context_switch [ 63.846198][ T10] [ 63.848515][ T10] write to 0xffffffff85c7d190 of 8 bytes by task 7888 on cpu 1: [ 63.856134][ T10] rcu_note_context_switch+0x6f6/0x760 [ 63.861576][ T10] __schedule+0xa4/0x690 [ 63.865800][ T10] preempt_schedule_irq+0x57/0x90 [ 63.870850][ T10] restore_regs_and_return_to_kernel+0x0/0x25 [ 63.876940][ T10] __tsan_read1+0x18/0x100 [ 63.881339][ T10] link_path_walk.part.0+0x2d7/0xa90 [ 63.886603][ T10] path_openat+0x14f/0x3580 [ 63.891139][ T10] do_filp_open+0x11e/0x1b0 [ 63.895619][ T10] do_sys_open+0x3b3/0x4f0 [ 63.900035][ T10] __x64_sys_open+0x55/0x70 [ 63.904523][ T10] do_syscall_64+0xcc/0x3a0 [ 63.911265][ T10] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 63.917129][ T10] [ 63.919449][ T10] read to 0xffffffff85c7d190 of 8 bytes by task 10 on cpu 0: [ 63.926808][ T10] rcu_gp_fqs_check_wake+0x93/0xd0 [ 63.931898][ T10] rcu_gp_fqs_loop+0x1df/0x580 [ 63.936674][ T10] rcu_gp_kthread+0x143/0x230 [ 63.941331][ T10] kthread+0x1d4/0x200 [ 63.945388][ T10] ret_from_fork+0x1f/0x30 [ 63.949775][ T10] [ 63.952078][ T10] Reported by Kernel Concurrency Sanitizer on: [ 63.958211][ T10] CPU: 0 PID: 10 Comm: rcu_preempt Not tainted 5.5.0-rc1-syzkaller #0 [ 63.966337][ T10] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 63.976378][ T10] ================================================================== [ 63.984417][ T10] Kernel panic - not syncing: panic_on_warn set ... [ 63.990984][ T10] CPU: 0 PID: 10 Comm: rcu_preempt Not tainted 5.5.0-rc1-syzkaller #0 [ 63.999108][ T10] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 64.009139][ T10] Call Trace: [ 64.012409][ T10] dump_stack+0x11d/0x181 [ 64.016722][ T10] panic+0x210/0x640 [ 64.020601][ T10] ? vprintk_func+0x8d/0x140 [ 64.025218][ T10] kcsan_report.cold+0xc/0xd [ 64.029796][ T10] kcsan_setup_watchpoint+0x3fe/0x460 [ 64.035166][ T10] __tsan_read8+0xc6/0x100 [ 64.039570][ T10] rcu_gp_fqs_check_wake+0x93/0xd0 [ 64.044706][ T10] rcu_gp_fqs_loop+0x1df/0x580 [ 64.049461][ T10] rcu_gp_kthread+0x143/0x230 [ 64.054155][ T10] kthread+0x1d4/0x200 [ 64.058206][ T10] ? rcu_gp_cleanup+0x520/0x520 [ 64.063054][ T10] ? kthread_unpark+0xe0/0xe0 [ 64.067713][ T10] ret_from_fork+0x1f/0x30 [ 64.073310][ T10] Kernel Offset: disabled [ 64.077635][ T10] Rebooting in 86400 seconds..