Warning: Permanently added '10.128.1.62' (ECDSA) to the list of known hosts. 2020/07/01 18:07:03 fuzzer started 2020/07/01 18:07:03 dialing manager at 10.128.0.105:39825 2020/07/01 18:07:03 syscalls: 3106 2020/07/01 18:07:03 code coverage: enabled 2020/07/01 18:07:03 comparison tracing: enabled 2020/07/01 18:07:03 extra coverage: enabled 2020/07/01 18:07:03 setuid sandbox: enabled 2020/07/01 18:07:03 namespace sandbox: enabled 2020/07/01 18:07:03 Android sandbox: /sys/fs/selinux/policy does not exist 2020/07/01 18:07:03 fault injection: enabled 2020/07/01 18:07:03 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/07/01 18:07:03 net packet injection: enabled 2020/07/01 18:07:03 net device setup: enabled 2020/07/01 18:07:03 concurrency sanitizer: enabled 2020/07/01 18:07:03 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/07/01 18:07:03 USB emulation: enabled 2020/07/01 18:07:04 suppressing KCSAN reports in functions: '__ext4_new_inode' 'ext4_free_inode' 'do_epoll_wait' 'ext4_writepages' 'shmem_symlink' 'futex_wait_queue_me' '__xa_clear_mark' 'blk_mq_sched_dispatch_requests' 18:07:10 executing program 0: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x620000, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f00000000c0)={@map=r0, 0xffffffffffffffff, 0x7}, 0x10) syzkaller login: [ 37.778788][ T8684] IPVS: ftp: loaded support on port[0] = 21 [ 37.840760][ T8684] chnl_net:caif_netlink_parms(): no params data found [ 37.870749][ T8684] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.878074][ T8684] bridge0: port 1(bridge_slave_0) entered disabled state 18:07:10 executing program 1: perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prctl$PR_GET_DUMPABLE(0x3) socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10) r0 = socket(0x1e, 0x2, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000080)=@req={0x3fc}, 0xff37) r1 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc, 0x0, 0x2}, 0x10) sendmmsg(r1, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0) inotify_init1(0x0) [ 37.885883][ T8684] device bridge_slave_0 entered promiscuous mode [ 37.893469][ T8684] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.901484][ T8684] bridge0: port 2(bridge_slave_1) entered disabled state [ 37.910001][ T8684] device bridge_slave_1 entered promiscuous mode [ 37.925263][ T8684] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 37.936088][ T8684] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 37.952945][ T8684] team0: Port device team_slave_0 added [ 37.960223][ T8684] team0: Port device team_slave_1 added [ 37.973743][ T8684] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 37.980737][ T8684] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.007295][ T8684] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 38.019340][ T8684] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 38.026642][ T8684] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.053763][ T8684] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 38.072890][ T8838] IPVS: ftp: loaded support on port[0] = 21 18:07:11 executing program 2: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000040)={0x40000000, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x2, 0xd, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @dev}}, @sadb_x_policy={0x8, 0x12, 0x2, 0x2, 0x0, 0x0, 0x0, {0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @in6=@mcast1, @in=@loopback}}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, [], 0x0, 0x0}}}]}, 0xa0}}, 0x0) [ 38.144939][ T8684] device hsr_slave_0 entered promiscuous mode [ 38.173707][ T8684] device hsr_slave_1 entered promiscuous mode [ 38.272183][ T8862] IPVS: ftp: loaded support on port[0] = 21 18:07:11 executing program 3: r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x178, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000c00], 0x0, 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000190000000000000008006c6f00000000000000000000000000007465716c3000000000000000000000006970365f76746930000000000000000062637366300000000000000000000000ffffffffffff000000000000aaaaaaaaaa000000000000000000b8000000b8000000e80000006970000000000000000000000000000000000000000000000000000000000000200000000000001bac1414bbffffffff000000000000000000062d00000000002e00f4fd0bf400004155444954000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000ea09ffff00000000000000000000000000000000000000000001000000ffffffff00000000"]}, 0x1f0) [ 38.319447][ T7] ================================================================== [ 38.329133][ T7] BUG: KCSAN: data-race in copy_process / release_task [ 38.336130][ T7] [ 38.338448][ T7] write to 0xffffffff8927a410 of 4 bytes by task 8944 on cpu 1: [ 38.346068][ T7] release_task+0x6c8/0xb90 [ 38.350562][ T7] do_exit+0x1140/0x16e0 [ 38.354838][ T7] call_usermodehelper_exec_async+0x2da/0x2e0 [ 38.360896][ T7] ret_from_fork+0x1f/0x30 [ 38.365296][ T7] [ 38.367616][ T7] read to 0xffffffff8927a410 of 4 bytes by task 7 on cpu 0: [ 38.374889][ T7] copy_process+0xac4/0x3300 [ 38.379470][ T7] _do_fork+0xf1/0x660 [ 38.383530][ T7] kernel_thread+0x85/0xb0 [ 38.387935][ T7] call_usermodehelper_exec_work+0x4f/0x1b0 [ 38.393819][ T7] process_one_work+0x3e1/0x9a0 [ 38.398750][ T7] worker_thread+0x665/0xbe0 [ 38.403378][ T7] kthread+0x20d/0x230 [ 38.407432][ T7] ret_from_fork+0x1f/0x30 [ 38.411824][ T7] [ 38.414133][ T7] Reported by Kernel Concurrency Sanitizer on: [ 38.420285][ T7] CPU: 0 PID: 7 Comm: kworker/u4:0 Not tainted 5.8.0-rc3-syzkaller #0 [ 38.428508][ T7] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 38.438564][ T7] Workqueue: events_unbound call_usermodehelper_exec_work [ 38.445660][ T7] ================================================================== [ 38.453706][ T7] Kernel panic - not syncing: panic_on_warn set ... [ 38.460292][ T7] CPU: 0 PID: 7 Comm: kworker/u4:0 Not tainted 5.8.0-rc3-syzkaller #0 [ 38.468427][ T7] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 38.478486][ T7] Workqueue: events_unbound call_usermodehelper_exec_work [ 38.485585][ T7] Call Trace: [ 38.488869][ T7] dump_stack+0x10f/0x19d [ 38.493191][ T7] panic+0x207/0x64a [ 38.497080][ T7] ? vprintk_emit+0x44a/0x4f0 [ 38.501748][ T7] kcsan_report+0x684/0x690 [ 38.506242][ T7] ? kcsan_setup_watchpoint+0x453/0x4d0 [ 38.511773][ T7] ? copy_process+0xac4/0x3300 [ 38.516538][ T7] ? _do_fork+0xf1/0x660 [ 38.520780][ T7] ? kernel_thread+0x85/0xb0 [ 38.525368][ T7] ? call_usermodehelper_exec_work+0x4f/0x1b0 [ 38.531532][ T7] ? process_one_work+0x3e1/0x9a0 [ 38.536639][ T7] ? worker_thread+0x665/0xbe0 [ 38.541394][ T7] ? kthread+0x20d/0x230 [ 38.545629][ T7] ? ret_from_fork+0x1f/0x30 [ 38.550319][ T7] ? debug_smp_processor_id+0x18/0x20 [ 38.555687][ T7] ? copy_creds+0x280/0x350 [ 38.560239][ T7] ? copy_creds+0x280/0x350 [ 38.564737][ T7] kcsan_setup_watchpoint+0x453/0x4d0 [ 38.570104][ T7] ? copy_creds+0x280/0x350 [ 38.574601][ T7] copy_process+0xac4/0x3300 [ 38.579188][ T7] ? psi_task_change+0xae/0x140 [ 38.584037][ T7] ? proc_cap_handler+0x280/0x280 [ 38.589137][ T7] _do_fork+0xf1/0x660 [ 38.593207][ T7] ? check_preemption_disabled+0x51/0x140 [ 38.599006][ T7] ? proc_cap_handler+0x280/0x280 [ 38.604026][ T7] kernel_thread+0x85/0xb0 [ 38.608498][ T7] ? proc_cap_handler+0x280/0x280 [ 38.613553][ T7] call_usermodehelper_exec_work+0x4f/0x1b0 18:07:11 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000005c000/0x18000)=nil, &(0x7f0000000100)=[@text16={0x10, &(0x7f0000000180)="6426f30fc7fb2e660f6f96416bd9e0f4f23ef0f65316f2adbaf80c66b8bc3e6c8166efbafc0cb0faee74e0bad004b000ee0fc7a20000", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, &(0x7f0000000280)={'nat\x00', 0x0, 0x0, 0x0, [], 0x0, 0x0, 0x0}, &(0x7f0000000140)=0x78) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) dup(0xffffffffffffffff) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000049000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0xffffffffffffff11) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 38.619531][ T7] ? __list_del_entry_valid+0x54/0xc0 [ 38.624914][ T7] process_one_work+0x3e1/0x9a0 [ 38.629759][ T7] worker_thread+0x665/0xbe0 [ 38.634353][ T7] ? process_one_work+0x9a0/0x9a0 [ 38.639375][ T7] kthread+0x20d/0x230 [ 38.643476][ T7] ? process_one_work+0x9a0/0x9a0 [ 38.648492][ T7] ? kthread_blkcg+0x80/0x80 [ 38.653070][ T7] ret_from_fork+0x1f/0x30 [ 38.658975][ T7] Kernel Offset: disabled [ 38.663404][ T7] Rebooting in 86400 seconds..