[info] Using makefile-style concurrent boot in runlevel 2. [ 42.480532][ T26] audit: type=1800 audit(1576128248.349:21): pid=7412 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="bootlogs" dev="sda1" ino=2452 res=0 [ 42.533877][ T26] audit: type=1800 audit(1576128248.349:22): pid=7412 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="motd" dev="sda1" ino=2480 res=0 [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.1.8' (ECDSA) to the list of known hosts. 2019/12/12 05:24:19 fuzzer started 2019/12/12 05:24:21 dialing manager at 10.128.0.105:39821 2019/12/12 05:24:21 syscalls: 2689 2019/12/12 05:24:21 code coverage: enabled 2019/12/12 05:24:21 comparison tracing: enabled 2019/12/12 05:24:21 extra coverage: extra coverage is not supported by the kernel 2019/12/12 05:24:21 setuid sandbox: enabled 2019/12/12 05:24:21 namespace sandbox: enabled 2019/12/12 05:24:21 Android sandbox: /sys/fs/selinux/policy does not exist 2019/12/12 05:24:21 fault injection: enabled 2019/12/12 05:24:21 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/12/12 05:24:21 net packet injection: enabled 2019/12/12 05:24:21 net device setup: enabled 2019/12/12 05:24:21 concurrency sanitizer: enabled 2019/12/12 05:24:21 devlink PCI setup: PCI device 0000:00:10.0 is not available 2019/12/12 05:24:22 adding functions to KCSAN blacklist: 'ext4_free_inode' 'generic_write_end' 'tomoyo_supervisor' 'vm_area_dup' '__hrtimer_run_queues' 'xas_clear_mark' 'tcp_add_backlog' 'find_next_bit' 'lruvec_lru_size' 05:24:26 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) setsockopt$inet6_udp_int(r0, 0x11, 0x65, &(0x7f00000000c0)=0xb25, 0x12d) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x2, 0x4000000032, 0xffffffffffffffff, 0x0) sendmmsg(r0, &(0x7f0000000000), 0x25, 0x0) 05:24:26 executing program 1: r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x3e, &(0x7f00000000c0)=0x9, 0x4) sendmmsg(r0, &(0x7f0000004540)=[{{&(0x7f0000000000)=@sco, 0x80, 0x0}}], 0x1, 0x0) syzkaller login: [ 60.582892][ T7585] IPVS: ftp: loaded support on port[0] = 21 05:24:26 executing program 2: mkdir(&(0x7f0000000340)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) write$FUSE_NOTIFY_STORE(r0, &(0x7f0000000000)={0x29, 0x4, 0x0, {0x1, 0x0, 0x1, 0x0, [0x0]}}, 0x29) [ 60.723335][ T7588] IPVS: ftp: loaded support on port[0] = 21 [ 60.733470][ T7585] chnl_net:caif_netlink_parms(): no params data found [ 60.794634][ T7585] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.818757][ T7585] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.826584][ T7585] device bridge_slave_0 entered promiscuous mode [ 60.851995][ T7585] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.869549][ T7585] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.888781][ T7585] device bridge_slave_1 entered promiscuous mode [ 60.905849][ T7585] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 60.938199][ T7585] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 60.988435][ T7585] team0: Port device team_slave_0 added [ 61.001620][ T7585] team0: Port device team_slave_1 added [ 61.012824][ T7590] IPVS: ftp: loaded support on port[0] = 21 05:24:26 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff}) close(r0) socket(0x22, 0x2, 0x4) io_setup(0x4, &(0x7f0000000140)=0x0) io_submit(r1, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r0, 0x0, 0x7}]) [ 61.038609][ T7588] chnl_net:caif_netlink_parms(): no params data found [ 61.091370][ T7585] device hsr_slave_0 entered promiscuous mode [ 61.149669][ T7585] device hsr_slave_1 entered promiscuous mode [ 61.287597][ T7593] IPVS: ftp: loaded support on port[0] = 21 05:24:27 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x80003, 0x6b) getsockopt$inet6_opts(r2, 0x29, 0x5, 0x0, &(0x7f0000000100)=0xa4ffffff) [ 61.368482][ T7585] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.375639][ T7585] bridge0: port 2(bridge_slave_1) entered forwarding state [ 61.383019][ T7585] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.391005][ T7585] bridge0: port 1(bridge_slave_0) entered forwarding state [ 61.543980][ T7588] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.569742][ T7588] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.599765][ T7588] device bridge_slave_0 entered promiscuous mode [ 61.653672][ T7588] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.668937][ T7588] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.699985][ T7588] device bridge_slave_1 entered promiscuous mode [ 61.820058][ T7588] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 61.870097][ T7588] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 61.929908][ T2417] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.949015][ T2417] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.981901][ T7590] chnl_net:caif_netlink_parms(): no params data found [ 62.057634][ T7588] team0: Port device team_slave_0 added [ 62.081193][ T7585] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.083736][ T7620] IPVS: ftp: loaded support on port[0] = 21 [ 62.108398][ T7588] team0: Port device team_slave_1 added [ 62.138934][ T7590] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.146029][ T7590] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.169503][ T7590] device bridge_slave_0 entered promiscuous mode [ 62.223613][ T1069] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 62.249409][ T1069] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 62.257333][ T7590] bridge0: port 2(bridge_slave_1) entered blocking state 05:24:28 executing program 5: r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uhid\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ppoll(&(0x7f0000000080)=[{r0}], 0x1, &(0x7f00000000c0)={0x0, 0x989680}, 0x0, 0x0) [ 62.278700][ T7590] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.308853][ T7590] device bridge_slave_1 entered promiscuous mode [ 62.341094][ T7585] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.391024][ T7588] device hsr_slave_0 entered promiscuous mode [ 62.420577][ T7588] device hsr_slave_1 entered promiscuous mode [ 62.440269][ T7588] debugfs: Directory 'hsr0' with parent '/' already present! [ 62.593143][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 62.609478][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 62.667073][ T17] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.674204][ T17] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.749471][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 62.784488][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 62.798522][ T17] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.805639][ T17] bridge0: port 2(bridge_slave_1) entered forwarding state [ 62.830745][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 62.853553][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 62.880884][ T7639] ================================================================== [ 62.889010][ T7639] BUG: KCSAN: data-race in pipe_wait / put_pipe_info [ 62.895698][ T7639] [ 62.898011][ T7639] read to 0xffff888104c1704c of 4 bytes by task 7615 on cpu 0: [ 62.905534][ T7639] pipe_wait+0xd7/0x140 [ 62.909673][ T7639] pipe_read+0x3b1/0x5e0 [ 62.913941][ T7639] new_sync_read+0x389/0x4f0 [ 62.918506][ T7639] __vfs_read+0xb1/0xc0 [ 62.922643][ T7639] vfs_read+0x143/0x2c0 [ 62.926812][ T7639] ksys_read+0xd5/0x1b0 [ 62.930961][ T7639] __x64_sys_read+0x4c/0x60 [ 62.935449][ T7639] do_syscall_64+0xcc/0x370 [ 62.939942][ T7639] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 62.945911][ T7639] [ 62.948482][ T7639] write to 0xffff888104c1704c of 4 bytes by task 7639 on cpu 1: [ 62.956089][ T7639] put_pipe_info+0x4d/0xb0 [ 62.960502][ T7639] pipe_release+0x152/0x1b0 [ 62.965048][ T7639] __fput+0x1e1/0x520 [ 62.969017][ T7639] ____fput+0x1f/0x30 [ 62.973006][ T7639] task_work_run+0xf6/0x130 [ 62.977538][ T7639] exit_to_usermode_loop+0x2b4/0x2c0 [ 62.982861][ T7639] do_syscall_64+0x353/0x370 [ 62.987440][ T7639] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 62.993462][ T7639] [ 62.995790][ T7639] Reported by Kernel Concurrency Sanitizer on: [ 63.001939][ T7639] CPU: 1 PID: 7639 Comm: net.agent Not tainted 5.4.0-syzkaller #0 [ 63.009729][ T7639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 63.019783][ T7639] ================================================================== [ 63.027858][ T7639] Kernel panic - not syncing: panic_on_warn set ... [ 63.034484][ T7639] CPU: 1 PID: 7639 Comm: net.agent Not tainted 5.4.0-syzkaller #0 [ 63.042317][ T7639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 63.052419][ T7639] Call Trace: [ 63.055717][ T7639] dump_stack+0x11d/0x181 [ 63.060040][ T7639] panic+0x210/0x640 [ 63.063930][ T7639] ? vprintk_func+0x8d/0x140 [ 63.068572][ T7639] kcsan_report.cold+0xc/0xd [ 63.073180][ T7639] kcsan_setup_watchpoint+0x3fe/0x460 [ 63.078562][ T7639] __tsan_unaligned_write4+0xc4/0x100 [ 63.083969][ T7639] put_pipe_info+0x4d/0xb0 [ 63.088389][ T7639] pipe_release+0x152/0x1b0 [ 63.092917][ T7639] __fput+0x1e1/0x520 [ 63.096898][ T7639] ? put_pipe_info+0xb0/0xb0 [ 63.101476][ T7639] ____fput+0x1f/0x30 [ 63.105452][ T7639] task_work_run+0xf6/0x130 [ 63.109977][ T7639] exit_to_usermode_loop+0x2b4/0x2c0 [ 63.115263][ T7639] ? __x64_sys_dup2+0x76/0x160 [ 63.120023][ T7639] do_syscall_64+0x353/0x370 [ 63.124606][ T7639] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 63.130649][ T7639] RIP: 0033:0x7f1fc98a29b7 [ 63.135061][ T7639] Code: 73 01 c3 48 8b 0d 81 44 2b 00 31 d2 48 29 c2 64 89 11 48 83 c8 ff eb ea 90 90 90 90 90 90 90 90 90 90 90 b8 21 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 51 44 2b 00 31 d2 48 29 c2 64 [ 63.154682][ T7639] RSP: 002b:00007ffe0fbdfe18 EFLAGS: 00000246 ORIG_RAX: 0000000000000021 [ 63.163080][ T7639] RAX: 0000000000000001 RBX: 0000000000000001 RCX: 00007f1fc98a29b7 [ 63.171034][ T7639] RDX: 00000000004022f2 RSI: 0000000000000001 RDI: 000000000000000a [ 63.178995][ T7639] RBP: 0000000001179ae0 R08: 00007ffe0fbdfe60 R09: 0000000000000000 [ 63.186995][ T7639] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 63.195159][ T7639] R13: 00007ffe0fbe0040 R14: 0000000000000000 R15: 0000000000000000 [ 63.204415][ T7639] Kernel Offset: disabled [ 63.208783][ T7639] Rebooting in 86400 seconds..