Warning: Permanently added '10.128.0.67' (ECDSA) to the list of known hosts. 2020/06/06 13:32:40 fuzzer started 2020/06/06 13:32:41 dialing manager at 10.128.0.26:42333 2020/06/06 13:32:41 syscalls: 2953 2020/06/06 13:32:41 code coverage: enabled 2020/06/06 13:32:41 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled 2020/06/06 13:32:41 extra coverage: enabled 2020/06/06 13:32:41 setuid sandbox: enabled 2020/06/06 13:32:41 namespace sandbox: enabled 2020/06/06 13:32:41 Android sandbox: enabled 2020/06/06 13:32:41 fault injection: enabled 2020/06/06 13:32:41 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/06/06 13:32:41 net packet injection: enabled 2020/06/06 13:32:41 net device setup: enabled 2020/06/06 13:32:41 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2020/06/06 13:32:41 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/06/06 13:32:41 USB emulation: /dev/raw-gadget does not exist 13:34:54 executing program 0: perf_event_open(&(0x7f0000000000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x7ffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sg(&(0x7f0000000200)='/dev/sg#\x00', 0x0, 0x163882) pipe(0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000240)={0x53, 0x0, 0x9f, 0x0, @buffer={0x0, 0xc, 0x0}, &(0x7f0000000340)="054a3bb5e3382ba0f4bd92cebb4cd68334656099dff380034dfdb2341d1d38319c093ff0091fd3d94764d393348fa8679765b6a73f64385250c1e43bb0086cf005f6bc23771907137d497d5c33d716df004213825d4c6e3ab919f17bf0d56a10384d1b922941308af9429e22697bd623be18a9f1f336212160596785b45e5bdfc7e38cbef0d628fbbe99175efeb41950b1b0ec96dec6a681cf196ff943b1b8", &(0x7f0000000500)=""/109, 0x0, 0x0, 0xffffffffffffffff, &(0x7f00000001c0)}) dup(0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, 0x0, 0x0) sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000800}, 0x400c8c0) syzkaller login: [ 232.040531][ T32] audit: type=1400 audit(1591450494.436:8): avc: denied { execmem } for pid=8843 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 232.365214][ T8844] IPVS: ftp: loaded support on port[0] = 21 [ 232.624994][ T8844] chnl_net:caif_netlink_parms(): no params data found [ 232.842353][ T8844] bridge0: port 1(bridge_slave_0) entered blocking state [ 232.849896][ T8844] bridge0: port 1(bridge_slave_0) entered disabled state [ 232.860139][ T8844] device bridge_slave_0 entered promiscuous mode [ 232.873143][ T8844] bridge0: port 2(bridge_slave_1) entered blocking state [ 232.881303][ T8844] bridge0: port 2(bridge_slave_1) entered disabled state [ 232.890645][ T8844] device bridge_slave_1 entered promiscuous mode [ 232.941542][ T8844] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 232.956986][ T8844] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 233.006851][ T8844] team0: Port device team_slave_0 added [ 233.018136][ T8844] team0: Port device team_slave_1 added [ 233.059474][ T8844] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 233.067021][ T8844] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 233.093186][ T8844] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 233.108406][ T8844] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 233.116406][ T8844] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 233.142658][ T8844] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 233.353379][ T8844] device hsr_slave_0 entered promiscuous mode [ 233.597745][ T8844] device hsr_slave_1 entered promiscuous mode [ 233.992862][ T8844] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 234.174322][ T8844] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 234.434641][ T8844] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 234.663824][ T8844] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 234.976804][ T8844] 8021q: adding VLAN 0 to HW filter on device bond0 [ 235.009586][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 235.018837][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 235.040549][ T8844] 8021q: adding VLAN 0 to HW filter on device team0 [ 235.059114][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 235.069047][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 235.079472][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 235.086856][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 235.136685][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 235.146290][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 235.156219][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 235.165816][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 235.173068][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 235.182248][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 235.193248][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 235.204096][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 235.214542][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 235.225069][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 235.235397][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 235.254211][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 235.264402][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 235.274134][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 235.294943][ T8844] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 235.308026][ T8844] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 235.317457][ T3360] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 235.327281][ T3360] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 235.375922][ T3360] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 235.383630][ T3360] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 235.410826][ T8844] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 235.455919][ T3360] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 235.466082][ T3360] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 235.503087][ T3360] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 235.513634][ T3360] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 235.538716][ T8844] device veth0_vlan entered promiscuous mode [ 235.551045][ T3360] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 235.566632][ T3360] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 235.595363][ T8844] device veth1_vlan entered promiscuous mode [ 235.657834][ T3360] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 235.667866][ T3360] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 235.677199][ T3360] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 235.687442][ T3360] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 235.718881][ T8844] device veth0_macvtap entered promiscuous mode [ 235.741356][ T8844] device veth1_macvtap entered promiscuous mode [ 235.788361][ T8844] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 235.797408][ T3360] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 235.806950][ T3360] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 235.816226][ T3360] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 235.826218][ T3360] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 235.874309][ T8844] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 235.889756][ T3360] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 235.899805][ T3360] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready 13:34:58 executing program 0: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$inet6(0xa, 0x2, 0x0) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) mount$9p_unix(&(0x7f00000000c0)='\x00', &(0x7f0000000140)='.\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000000080)={'trans=unix,', {[{@version_9p2000='version=9p2000'}]}}) [ 236.586506][ T9072] ===================================================== [ 236.593539][ T9072] BUG: KMSAN: uninit-value in unix_find_other+0x30f/0xda0 [ 236.600665][ T9072] CPU: 1 PID: 9072 Comm: syz-executor.0 Not tainted 5.7.0-rc4-syzkaller #0 [ 236.609251][ T9072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 236.619314][ T9072] Call Trace: [ 236.622619][ T9072] dump_stack+0x1c9/0x220 [ 236.626958][ T9072] kmsan_report+0xf7/0x1e0 [ 236.631400][ T9072] __msan_warning+0x58/0xa0 [ 236.635933][ T9072] unix_find_other+0x30f/0xda0 [ 236.640722][ T9072] unix_stream_connect+0x7c5/0x2450 [ 236.646021][ T9072] ? security_socket_post_create+0x1ea/0x240 [ 236.652012][ T9072] ? kmsan_get_metadata+0x4f/0x180 [ 236.657146][ T9072] ? unix_bind+0x1bd0/0x1bd0 [ 236.661737][ T9072] p9_fd_create_unix+0x2cf/0x690 [ 236.666686][ T9072] ? kmsan_get_metadata+0x11d/0x180 [ 236.672061][ T9072] ? p9_pollwake+0x350/0x350 [ 236.676671][ T9072] p9_client_create+0xfdc/0x1dc0 [ 236.681654][ T9072] ? kmsan_get_metadata+0x11d/0x180 [ 236.687117][ T9072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 236.692926][ T9072] v9fs_session_init+0x2ab/0x2a10 [ 236.697966][ T9072] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 236.704058][ T9072] ? v9fs_mount+0xbf/0x1170 [ 236.708596][ T9072] v9fs_mount+0x150/0x1170 [ 236.713037][ T9072] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 236.719124][ T9072] legacy_get_tree+0x169/0x2e0 [ 236.723924][ T9072] ? xfs_fs_commit_blocks+0xda0/0xda0 [ 236.729312][ T9072] ? legacy_parse_monolithic+0x2c0/0x2c0 [ 236.734978][ T9072] vfs_get_tree+0xdd/0x580 [ 236.739846][ T9072] do_mount+0x3624/0x53a0 [ 236.744238][ T9072] __se_compat_sys_mount+0x3a8/0xa10 [ 236.749573][ T9072] __ia32_compat_sys_mount+0x62/0x80 [ 236.754869][ T9072] ? locks_show+0x580/0x580 [ 236.759510][ T9072] do_fast_syscall_32+0x3bf/0x6d0 [ 236.764595][ T9072] entry_SYSENTER_compat+0x68/0x77 [ 236.769730][ T9072] RIP: 0023:0xf7f54dd9 [ 236.773805][ T9072] Code: 90 e8 0b 00 00 00 f3 90 0f ae e8 eb f9 8d 74 26 00 89 3c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 236.794477][ T9072] RSP: 002b:00000000f5d4f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000015 [ 236.802892][ T9072] RAX: ffffffffffffffda RBX: 00000000200000c0 RCX: 0000000020000140 [ 236.810868][ T9072] RDX: 0000000020000180 RSI: 0000000000000000 RDI: 0000000020000080 [ 236.818842][ T9072] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 236.826811][ T9072] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 236.834783][ T9072] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 236.842782][ T9072] [ 236.845106][ T9072] Local variable ----sun_server@p9_fd_create_unix created at: [ 236.854830][ T9072] p9_fd_create_unix+0x8d/0x690 [ 236.859685][ T9072] p9_fd_create_unix+0x8d/0x690 [ 236.864528][ T9072] ===================================================== [ 236.871471][ T9072] Disabling lock debugging due to kernel taint [ 236.877617][ T9072] Kernel panic - not syncing: panic_on_warn set ... [ 236.884203][ T9072] CPU: 1 PID: 9072 Comm: syz-executor.0 Tainted: G B 5.7.0-rc4-syzkaller #0 [ 236.894168][ T9072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 236.904240][ T9072] Call Trace: [ 236.907541][ T9072] dump_stack+0x1c9/0x220 [ 236.911882][ T9072] panic+0x3d5/0xc3e [ 236.915796][ T9072] kmsan_report+0x1df/0x1e0 [ 236.920300][ T9072] __msan_warning+0x58/0xa0 [ 236.925664][ T9072] unix_find_other+0x30f/0xda0 [ 236.930529][ T9072] unix_stream_connect+0x7c5/0x2450 [ 236.935726][ T9072] ? security_socket_post_create+0x1ea/0x240 [ 236.941705][ T9072] ? kmsan_get_metadata+0x4f/0x180 [ 236.946835][ T9072] ? unix_bind+0x1bd0/0x1bd0 [ 236.951426][ T9072] p9_fd_create_unix+0x2cf/0x690 [ 236.956395][ T9072] ? kmsan_get_metadata+0x11d/0x180 [ 236.961596][ T9072] ? p9_pollwake+0x350/0x350 [ 236.966194][ T9072] p9_client_create+0xfdc/0x1dc0 [ 236.971171][ T9072] ? kmsan_get_metadata+0x11d/0x180 [ 236.976373][ T9072] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 236.982183][ T9072] v9fs_session_init+0x2ab/0x2a10 [ 236.987220][ T9072] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 236.993292][ T9072] ? v9fs_mount+0xbf/0x1170 [ 236.997812][ T9072] v9fs_mount+0x150/0x1170 [ 237.002236][ T9072] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 237.008319][ T9072] legacy_get_tree+0x169/0x2e0 [ 237.013086][ T9072] ? xfs_fs_commit_blocks+0xda0/0xda0 [ 237.018465][ T9072] ? legacy_parse_monolithic+0x2c0/0x2c0 [ 237.024094][ T9072] vfs_get_tree+0xdd/0x580 [ 237.028519][ T9072] do_mount+0x3624/0x53a0 [ 237.032864][ T9072] __se_compat_sys_mount+0x3a8/0xa10 [ 237.038165][ T9072] __ia32_compat_sys_mount+0x62/0x80 [ 237.043451][ T9072] ? locks_show+0x580/0x580 [ 237.047955][ T9072] do_fast_syscall_32+0x3bf/0x6d0 [ 237.052999][ T9072] entry_SYSENTER_compat+0x68/0x77 [ 237.058121][ T9072] RIP: 0023:0xf7f54dd9 [ 237.062189][ T9072] Code: 90 e8 0b 00 00 00 f3 90 0f ae e8 eb f9 8d 74 26 00 89 3c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 237.081793][ T9072] RSP: 002b:00000000f5d4f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000015 [ 237.090211][ T9072] RAX: ffffffffffffffda RBX: 00000000200000c0 RCX: 0000000020000140 [ 237.098177][ T9072] RDX: 0000000020000180 RSI: 0000000000000000 RDI: 0000000020000080 [ 237.106157][ T9072] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 237.114153][ T9072] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 237.122119][ T9072] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 237.131640][ T9072] Kernel Offset: 0x10000000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff) [ 237.143432][ T9072] Rebooting in 86400 seconds..