[ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. [ 23.546202][ T8454] bash (8454) used greatest stack depth: 10368 bytes left Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.134' (ECDSA) to the list of known hosts. 2020/08/20 00:47:18 fuzzer started 2020/08/20 00:47:18 dialing manager at 10.128.0.105:36537 2020/08/20 00:47:19 syscalls: 3325 2020/08/20 00:47:19 code coverage: enabled 2020/08/20 00:47:19 comparison tracing: enabled 2020/08/20 00:47:19 extra coverage: enabled 2020/08/20 00:47:19 setuid sandbox: enabled 2020/08/20 00:47:19 namespace sandbox: enabled 2020/08/20 00:47:19 Android sandbox: /sys/fs/selinux/policy does not exist 2020/08/20 00:47:19 fault injection: enabled 2020/08/20 00:47:19 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/08/20 00:47:19 net packet injection: enabled 2020/08/20 00:47:19 net device setup: enabled 2020/08/20 00:47:19 concurrency sanitizer: enabled 2020/08/20 00:47:19 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/08/20 00:47:19 USB emulation: enabled 2020/08/20 00:47:19 hci packet injection: enabled 2020/08/20 00:47:19 suppressing KCSAN reports in functions: 'ext4_free_inode' '__ext4_new_inode' '__xa_clear_mark' 'do_nanosleep' 'blk_mq_sched_dispatch_requests' 00:47:25 executing program 0: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000140)={0x70000000, {{0xa, 0x0, 0x0, @mcast2={0xff, 0x2, [0x0, 0x0, 0x9]}}}, {{0xa, 0x0, 0x0, @mcast2}}}, 0x108) 00:47:25 executing program 1: r0 = open(&(0x7f0000000040)='./file0\x00', 0x200c2, 0x0) r1 = inotify_init() inotify_add_watch(r1, &(0x7f0000000080)='.\x00', 0xfe) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xa3) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r0, &(0x7f00000001c0), 0xa198) 00:47:25 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000280)={0x8, 0x0, @ioapic}) 00:47:25 executing program 3: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x20002044dfc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = socket$unix(0x1, 0x5, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) listen(r0, 0x0) r1 = socket$unix(0x1, 0x5, 0x0) connect(r1, &(0x7f0000931ff4)=@un=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) r2 = gettid() r3 = gettid() sendmmsg$unix(r1, &(0x7f0000003f40)=[{&(0x7f0000000040)=@abs, 0x6e, 0x0, 0x0, &(0x7f0000001bc0)=[@rights={{0x14, 0x1, 0x1, [r1]}}, @cred={{0x1c, 0x1, 0x2, {r2}}}, @rights={{0x14, 0x1, 0x1, [r0]}}, @cred={{0x1c, 0x1, 0x2, {r3}}}], 0x70}], 0xfd, 0x0) perf_event_open(0x0, r2, 0x0, 0xffffffffffffffff, 0x9) 00:47:25 executing program 4: bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000080)='(\x00'}, 0x30) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)={0xb, 0x9, 0x209e20, 0x2, 0x1}, 0x3c) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000000)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/66}, 0x20) bpf$MAP_LOOKUP_ELEM(0x4, &(0x7f0000000100)={r0, &(0x7f0000000080), 0x0}, 0x20) 00:47:26 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x1a, 0x4}, 0x40) syzkaller login: [ 39.986590][ T8706] IPVS: ftp: loaded support on port[0] = 21 [ 40.060780][ T8706] chnl_net:caif_netlink_parms(): no params data found [ 40.089366][ T8706] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.096508][ T8706] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.104077][ T8706] device bridge_slave_0 entered promiscuous mode [ 40.112145][ T8706] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.131657][ T8706] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.151910][ T8706] device bridge_slave_1 entered promiscuous mode [ 40.166797][ T8706] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 40.179739][ T8706] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 40.195424][ T8708] IPVS: ftp: loaded support on port[0] = 21 [ 40.197518][ T8706] team0: Port device team_slave_0 added [ 40.209350][ T8706] team0: Port device team_slave_1 added [ 40.227265][ T8706] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 40.235553][ T8706] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 40.261860][ T8706] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 40.273755][ T8706] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 40.284310][ T8706] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 40.311033][ T8706] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 40.339860][ T8710] IPVS: ftp: loaded support on port[0] = 21 [ 40.378916][ T8706] device hsr_slave_0 entered promiscuous mode [ 40.385570][ T8706] device hsr_slave_1 entered promiscuous mode [ 40.454474][ T8710] chnl_net:caif_netlink_parms(): no params data found [ 40.466026][ T8708] chnl_net:caif_netlink_parms(): no params data found [ 40.555999][ T8708] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.563036][ T8708] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.570645][ T8708] device bridge_slave_0 entered promiscuous mode [ 40.577907][ T8706] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 40.588667][ T8706] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 40.610383][ T8706] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 40.628663][ T8708] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.635762][ T8708] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.647928][ T8708] device bridge_slave_1 entered promiscuous mode [ 40.663766][ T8710] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.674575][ T8716] IPVS: ftp: loaded support on port[0] = 21 [ 40.678043][ T8710] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.687940][ T8710] device bridge_slave_0 entered promiscuous mode [ 40.694840][ T8706] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 40.710090][ T8714] IPVS: ftp: loaded support on port[0] = 21 [ 40.710799][ T8708] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 40.727589][ T8710] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.736952][ T8710] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.744924][ T8710] device bridge_slave_1 entered promiscuous mode [ 40.765807][ T8708] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 40.813973][ T8708] team0: Port device team_slave_0 added [ 40.817351][ T8718] IPVS: ftp: loaded support on port[0] = 21 [ 40.837761][ T8706] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.844811][ T8706] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.852084][ T8706] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.859147][ T8706] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.868064][ T8710] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 40.877705][ T8708] team0: Port device team_slave_1 added [ 40.883971][ T8710] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 40.922172][ T8710] team0: Port device team_slave_0 added [ 40.958745][ T8708] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 40.965827][ T8708] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 40.992628][ T8708] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 41.004179][ T8710] team0: Port device team_slave_1 added [ 41.009948][ T8708] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 41.017297][ T8708] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 41.044289][ T8708] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 41.113946][ T8716] chnl_net:caif_netlink_parms(): no params data found [ 41.131045][ T8378] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.139059][ T8378] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.153984][ T8710] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 41.161535][ T8710] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 41.188444][ T8710] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 41.202805][ T8718] chnl_net:caif_netlink_parms(): no params data found [ 41.219013][ T8714] chnl_net:caif_netlink_parms(): no params data found [ 41.229157][ T8710] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 41.236753][ T8710] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 41.263060][ T8710] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 41.289273][ T8710] device hsr_slave_0 entered promiscuous mode [ 41.295701][ T8710] device hsr_slave_1 entered promiscuous mode [ 41.302021][ T8710] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 41.310466][ T8710] Cannot create hsr debugfs directory [ 41.332526][ T8708] device hsr_slave_0 entered promiscuous mode [ 41.339268][ T8708] device hsr_slave_1 entered promiscuous mode [ 41.345772][ T8708] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 41.353299][ T8708] Cannot create hsr debugfs directory [ 41.390116][ T8714] ================================================================== [ 41.398285][ T8714] BUG: KCSAN: data-race in pcpu_alloc / pcpu_balance_workfn [ 41.405529][ T8714] [ 41.407829][ T8714] write to 0xffffffff8952301c of 4 bytes by task 51 on cpu 1: [ 41.415288][ T8714] pcpu_balance_workfn+0xc6c/0xe30 [ 41.420382][ T8714] process_one_work+0x3e1/0x9a0 [ 41.425202][ T8714] worker_thread+0x665/0xbe0 [ 41.429758][ T8714] kthread+0x20d/0x230 [ 41.433795][ T8714] ret_from_fork+0x1f/0x30 [ 41.438193][ T8714] [ 41.440492][ T8714] read to 0xffffffff8952301c of 4 bytes by task 8714 on cpu 0: [ 41.448038][ T8714] pcpu_alloc+0xb36/0x1370 [ 41.452418][ T8714] __alloc_percpu+0x20/0x30 [ 41.456889][ T8714] wg_packet_queue_init+0x154/0x360 [ 41.462053][ T8714] wg_newlink+0x333/0x580 [ 41.466352][ T8714] rtnl_newlink+0xdaf/0x1340 [ 41.470925][ T8714] rtnetlink_rcv_msg+0x71b/0x7b0 [ 41.475833][ T8714] netlink_rcv_skb+0x13e/0x240 [ 41.480565][ T8714] rtnetlink_rcv+0x18/0x20 [ 41.484950][ T8714] netlink_unicast+0x5e2/0x6b0 [ 41.489696][ T8714] netlink_sendmsg+0x6d8/0x7a0 [ 41.494428][ T8714] __sys_sendto+0x2ae/0x380 [ 41.498896][ T8714] __x64_sys_sendto+0x74/0x90 [ 41.503538][ T8714] do_syscall_64+0x39/0x80 [ 41.507922][ T8714] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 41.513775][ T8714] [ 41.516070][ T8714] Reported by Kernel Concurrency Sanitizer on: [ 41.522198][ T8714] CPU: 0 PID: 8714 Comm: syz-executor.3 Not tainted 5.9.0-rc1-syzkaller #0 [ 41.530746][ T8714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 41.540770][ T8714] ================================================================== [ 41.548798][ T8714] Kernel panic - not syncing: panic_on_warn set ... [ 41.555352][ T8714] CPU: 0 PID: 8714 Comm: syz-executor.3 Not tainted 5.9.0-rc1-syzkaller #0 [ 41.563909][ T8714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 41.573941][ T8714] Call Trace: [ 41.577237][ T8714] dump_stack+0x10f/0x19d [ 41.581535][ T8714] panic+0x207/0x64a [ 41.585443][ T8714] ? vprintk_emit+0x44a/0x4f0 [ 41.590093][ T8714] kcsan_report+0x684/0x690 [ 41.594568][ T8714] ? kcsan_setup_watchpoint+0x41e/0x4a0 [ 41.600079][ T8714] ? pcpu_alloc+0xb36/0x1370 [ 41.604643][ T8714] ? __alloc_percpu+0x20/0x30 [ 41.609289][ T8714] ? wg_packet_queue_init+0x154/0x360 [ 41.614627][ T8714] ? wg_newlink+0x333/0x580 [ 41.619098][ T8714] ? rtnl_newlink+0xdaf/0x1340 [ 41.623828][ T8714] ? rtnetlink_rcv_msg+0x71b/0x7b0 [ 41.628911][ T8714] ? netlink_rcv_skb+0x13e/0x240 [ 41.633816][ T8714] ? rtnetlink_rcv+0x18/0x20 [ 41.638374][ T8714] ? netlink_unicast+0x5e2/0x6b0 [ 41.643280][ T8714] ? netlink_sendmsg+0x6d8/0x7a0 [ 41.648185][ T8714] ? __sys_sendto+0x2ae/0x380 [ 41.652836][ T8714] ? __x64_sys_sendto+0x74/0x90 [ 41.657654][ T8714] ? do_syscall_64+0x39/0x80 [ 41.662225][ T8714] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 41.668264][ T8714] kcsan_setup_watchpoint+0x41e/0x4a0 [ 41.673603][ T8714] pcpu_alloc+0xb36/0x1370 [ 41.677997][ T8714] __alloc_percpu+0x20/0x30 [ 41.682468][ T8714] ? wg_packet_rx_poll+0x1300/0x1300 [ 41.687827][ T8714] wg_packet_queue_init+0x154/0x360 [ 41.693014][ T8714] wg_newlink+0x333/0x580 [ 41.697317][ T8714] rtnl_newlink+0xdaf/0x1340 [ 41.701877][ T8714] ? find_next_bit+0xa7/0xf0 [ 41.706443][ T8714] ? __raw_callee_save___native_queued_spin_unlock+0x1e/0x1e [ 41.713783][ T8714] ? __rcu_read_unlock+0x4b/0x260 [ 41.718779][ T8714] ? debug_smp_processor_id+0x18/0x20 [ 41.724116][ T8714] ? osq_unlock+0x10/0xc0 [ 41.728413][ T8714] ? __mutex_lock+0x651/0x680 [ 41.733093][ T8714] ? bpf_lsm_capable+0x5/0x10 [ 41.737740][ T8714] ? ns_capable+0x86/0xb0 [ 41.742038][ T8714] ? rtnl_setlink+0x270/0x270 [ 41.746681][ T8714] rtnetlink_rcv_msg+0x71b/0x7b0 [ 41.751588][ T8714] ? jhash+0x2b0/0x2b0 [ 41.755625][ T8714] ? __rcu_read_unlock+0x4b/0x260 [ 41.760617][ T8714] ? netlink_deliver_tap+0x74/0x470 [ 41.765796][ T8714] ? netlink_attachskb+0x3f8/0x550 [ 41.770884][ T8714] ? apparmor_socket_sock_rcv_skb+0x72/0x80 [ 41.776746][ T8714] ? preempt_count_add+0x4e/0x90 [ 41.781651][ T8714] ? __rcu_read_unlock+0x4b/0x260 [ 41.786645][ T8714] ? sock_def_readable+0xca/0xe0 [ 41.791564][ T8714] ? netlink_unicast+0x540/0x6b0 [ 41.796470][ T8714] ? check_preemption_disabled+0x51/0x140 [ 41.802157][ T8714] ? check_preemption_disabled+0x51/0x140 [ 41.807846][ T8714] ? rhashtable_jhash2+0x13a/0x1a0 [ 41.812937][ T8714] ? __rcu_read_unlock+0x4b/0x260 [ 41.817944][ T8714] netlink_rcv_skb+0x13e/0x240 [ 41.822675][ T8714] ? rtnetlink_bind+0x60/0x60 [ 41.827320][ T8714] rtnetlink_rcv+0x18/0x20 [ 41.831706][ T8714] netlink_unicast+0x5e2/0x6b0 [ 41.836441][ T8714] netlink_sendmsg+0x6d8/0x7a0 [ 41.841176][ T8714] __sys_sendto+0x2ae/0x380 [ 41.845664][ T8714] ? check_preemption_disabled+0x51/0x140 [ 41.851362][ T8714] ? check_preemption_disabled+0x51/0x140 [ 41.857049][ T8714] __x64_sys_sendto+0x74/0x90 [ 41.861707][ T8714] do_syscall_64+0x39/0x80 [ 41.866191][ T8714] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 41.872050][ T8714] RIP: 0033:0x416fa7 [ 41.875918][ T8714] Code: 2c 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 81 19 00 00 c3 48 83 ec 08 e8 87 fa ff ff 48 89 04 24 49 89 ca b8 2c 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 cd fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 41.895490][ T8714] RSP: 002b:00007ffccf25f2f0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 41.903868][ T8714] RAX: ffffffffffffffda RBX: 00000000016a3700 RCX: 0000000000416fa7 [ 41.911807][ T8714] RDX: 000000000000003c RSI: 00000000016a3750 RDI: 0000000000000003 [ 41.919747][ T8714] RBP: 0000000000000000 R08: 00007ffccf25f300 R09: 000000000000000c [ 41.929249][ T8714] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 41.937201][ T8714] R13: 0000000000000000 R14: 00000000016a3750 R15: 0000000000000003 [ 41.946389][ T8714] Kernel Offset: disabled [ 41.950747][ T8714] Rebooting in 86400 seconds..