Warning: Permanently added '10.128.0.153' (ECDSA) to the list of known hosts.
2021/05/16 01:23:44 fuzzer started
2021/05/16 01:23:44 dialing manager at 10.128.0.163:36403
2021/05/16 01:23:45 syscalls: 1997
2021/05/16 01:23:45 code coverage: enabled
2021/05/16 01:23:45 comparison tracing: enabled
2021/05/16 01:23:45 extra coverage: enabled
2021/05/16 01:23:45 setuid sandbox: enabled
2021/05/16 01:23:45 namespace sandbox: enabled
2021/05/16 01:23:45 Android sandbox: enabled
2021/05/16 01:23:45 fault injection: enabled
2021/05/16 01:23:45 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2021/05/16 01:23:45 net packet injection: /dev/net/tun does not exist
2021/05/16 01:23:45 net device setup: enabled
2021/05/16 01:23:45 concurrency sanitizer: enabled
2021/05/16 01:23:45 devlink PCI setup: PCI device 0000:00:10.0 is not available
2021/05/16 01:23:45 USB emulation: /dev/raw-gadget does not exist
2021/05/16 01:23:45 hci packet injection: /dev/vhci does not exist
2021/05/16 01:23:45 wifi device emulation: /sys/class/mac80211_hwsim/ does not exist
2021/05/16 01:23:45 802.15.4 emulation: /sys/bus/platform/devices/mac802154_hwsim does not exist
2021/05/16 01:23:45 suppressing KCSAN reports in functions: 'exit_mm' 'blk_mq_dispatch_rq_list' '__xa_clear_mark' '__ext4_new_inode' 'n_tty_receive_buf_common' 'shmem_add_to_page_cache' 'dd_has_work' 'blk_mq_rq_ctx_init' 'blk_mq_sched_dispatch_requests' '_find_next_bit' 'generic_write_end' 
2021/05/16 01:23:45 fetching corpus: 0, signal 0/2000 (executing program)
2021/05/16 01:23:45 fetching corpus: 50, signal 14700/18206 (executing program)
2021/05/16 01:23:45 fetching corpus: 100, signal 23115/27980 (executing program)
2021/05/16 01:23:45 fetching corpus: 150, signal 28790/34917 (executing program)
2021/05/16 01:23:45 fetching corpus: 200, signal 33477/40794 (executing program)
2021/05/16 01:23:46 fetching corpus: 250, signal 40583/48694 (executing program)
2021/05/16 01:23:46 fetching corpus: 300, signal 43006/52158 (executing program)
2021/05/16 01:23:46 fetching corpus: 350, signal 47445/57293 (executing program)
2021/05/16 01:23:46 fetching corpus: 400, signal 53265/63512 (executing program)
2021/05/16 01:23:46 fetching corpus: 449, signal 57137/67914 (executing program)
2021/05/16 01:23:46 fetching corpus: 499, signal 60085/71371 (executing program)
2021/05/16 01:23:46 fetching corpus: 549, signal 62652/74489 (executing program)
2021/05/16 01:23:46 fetching corpus: 599, signal 65753/77873 (executing program)
2021/05/16 01:23:46 fetching corpus: 649, signal 67777/80325 (executing program)
2021/05/16 01:23:46 fetching corpus: 699, signal 70734/83464 (executing program)
2021/05/16 01:23:46 fetching corpus: 749, signal 72606/85646 (executing program)
2021/05/16 01:23:46 fetching corpus: 799, signal 75977/88897 (executing program)
2021/05/16 01:23:46 fetching corpus: 849, signal 77864/91014 (executing program)
2021/05/16 01:23:46 fetching corpus: 899, signal 79480/92775 (executing program)
syzkaller login: [   20.992270][ T1746] ==================================================================
[   20.993862][ T1746] BUG: KCSAN: data-race in futex_wait_queue_me / prepare_signal
[   20.994977][ T1746] 
[   20.995303][ T1746] write to 0xffff888100c1d02c of 4 bytes by task 1747 on cpu 0:
[   20.996372][ T1746]  futex_wait_queue_me+0x198/0x260
[   20.997136][ T1746]  futex_wait+0x143/0x430
[   20.997774][ T1746]  do_futex+0x9d8/0x1ee0
[   20.998435][ T1746]  __se_sys_futex+0x21c/0x380
[   20.999123][ T1746]  __x64_sys_futex+0x74/0x80
[   20.999784][ T1746]  do_syscall_64+0x4a/0x90
[   21.000636][ T1746]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   21.001577][ T1746] 
[   21.001925][ T1746] read to 0xffff888100c1d02c of 4 bytes by task 1746 on cpu 1:
[   21.002983][ T1746]  prepare_signal+0x952/0xeb0
[   21.003646][ T1746]  __send_signal+0x64/0x760
[   21.004276][ T1746]  send_signal+0x281/0x390
[   21.004932][ T1746]  do_send_specific+0x13d/0x1c0
[   21.005682][ T1746]  __x64_sys_tgkill+0x108/0x140
[   21.006442][ T1746]  do_syscall_64+0x4a/0x90
[   21.007166][ T1746]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   21.008403][ T1746] 
[   21.008757][ T1746] Reported by Kernel Concurrency Sanitizer on:
[   21.009637][ T1746] CPU: 1 PID: 1746 Comm: syz-fuzzer Not tainted 5.13.0-rc1-syzkaller #0
[   21.010833][ T1746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   21.012197][ T1746] ==================================================================
2021/05/16 01:23:46 fetching corpus: 949, signal 80711/94313 (executing program)
2021/05/16 01:23:46 fetching corpus: 999, signal 81746/95703 (executing program)
2021/05/16 01:23:46 fetching corpus: 1049, signal 83282/97358 (executing program)
2021/05/16 01:23:46 fetching corpus: 1099, signal 85347/99246 (executing program)
2021/05/16 01:23:46 fetching corpus: 1149, signal 88032/101467 (executing program)
2021/05/16 01:23:47 fetching corpus: 1199, signal 89903/103196 (executing program)
2021/05/16 01:23:47 fetching corpus: 1249, signal 90983/104320 (executing program)
2021/05/16 01:23:47 fetching corpus: 1299, signal 92591/105714 (executing program)
2021/05/16 01:23:47 fetching corpus: 1349, signal 93863/106892 (executing program)
2021/05/16 01:23:47 fetching corpus: 1399, signal 94595/107725 (executing program)
2021/05/16 01:23:47 fetching corpus: 1448, signal 96327/109016 (executing program)
2021/05/16 01:23:47 fetching corpus: 1498, signal 98012/110244 (executing program)
2021/05/16 01:23:47 fetching corpus: 1548, signal 99680/111427 (executing program)
2021/05/16 01:23:47 fetching corpus: 1598, signal 100696/112259 (executing program)
2021/05/16 01:23:47 fetching corpus: 1648, signal 101352/112875 (executing program)
2021/05/16 01:23:47 fetching corpus: 1698, signal 102480/113707 (executing program)
2021/05/16 01:23:47 fetching corpus: 1748, signal 103694/114497 (executing program)
2021/05/16 01:23:47 fetching corpus: 1797, signal 104604/115176 (executing program)
2021/05/16 01:23:47 fetching corpus: 1847, signal 105720/115895 (executing program)
2021/05/16 01:23:47 fetching corpus: 1896, signal 106493/116438 (executing program)
2021/05/16 01:23:47 fetching corpus: 1946, signal 106978/116856 (executing program)
2021/05/16 01:23:47 fetching corpus: 1994, signal 107869/117387 (executing program)
2021/05/16 01:23:48 fetching corpus: 2043, signal 109343/118108 (executing program)
2021/05/16 01:23:48 fetching corpus: 2093, signal 110102/118500 (executing program)
2021/05/16 01:23:48 fetching corpus: 2143, signal 110987/118950 (executing program)
2021/05/16 01:23:48 fetching corpus: 2193, signal 112005/119412 (executing program)
2021/05/16 01:23:48 fetching corpus: 2243, signal 113228/119868 (executing program)
2021/05/16 01:23:48 fetching corpus: 2293, signal 113936/120159 (executing program)
2021/05/16 01:23:48 fetching corpus: 2343, signal 114568/120444 (executing program)
2021/05/16 01:23:48 fetching corpus: 2393, signal 115538/120773 (executing program)
2021/05/16 01:23:48 fetching corpus: 2443, signal 116421/121056 (executing program)
2021/05/16 01:23:48 fetching corpus: 2493, signal 117254/121308 (executing program)
2021/05/16 01:23:48 fetching corpus: 2543, signal 117982/121494 (executing program)
2021/05/16 01:23:48 fetching corpus: 2593, signal 118936/121694 (executing program)
2021/05/16 01:23:48 fetching corpus: 2643, signal 119457/121822 (executing program)
2021/05/16 01:23:48 fetching corpus: 2693, signal 120239/121930 (executing program)
2021/05/16 01:23:48 fetching corpus: 2743, signal 121131/122055 (executing program)
2021/05/16 01:23:48 fetching corpus: 2751, signal 121288/122102 (executing program)
2021/05/16 01:23:48 fetching corpus: 2751, signal 121288/122114 (executing program)
2021/05/16 01:23:48 fetching corpus: 2751, signal 121288/122130 (executing program)
2021/05/16 01:23:48 fetching corpus: 2751, signal 121288/122143 (executing program)
2021/05/16 01:23:48 fetching corpus: 2752, signal 121290/122167 (executing program)
2021/05/16 01:23:48 fetching corpus: 2752, signal 121290/122171 (executing program)
2021/05/16 01:23:48 fetching corpus: 2752, signal 121290/122171 (executing program)
2021/05/16 01:23:50 starting 6 fuzzer processes
01:23:50 executing program 0:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10)
r1 = socket(0x400000000000010, 0x802, 0x0)
write(r1, &(0x7f00000000c0)="24000000200099f0003be90000ed190e020008160000100000ba1080080002007f196be0", 0x24)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$sock_int(r0, 0x1, 0x4, &(0x7f0000000080), 0x4)

01:23:50 executing program 1:
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000240))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
unshare(0x20020400)
fcntl$lock(r0, 0x6, &(0x7f0000002000)={0x1})
fcntl$lock(r0, 0x26, &(0x7f0000000080))
fcntl$lock(r0, 0x7, &(0x7f0000000100))
timer_create(0x0, &(0x7f0000000000)={0x0, 0x13}, &(0x7f0000000280)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x5, &(0x7f0000000500)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x50000}]})

01:23:50 executing program 5:
syz_mount_image$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)={[{@size={'size', 0x3d, [0x25]}}]})
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='hugetlbfs\x00', 0x0, &(0x7f0000000280))

01:23:50 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
pipe(&(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
vmsplice(r2, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1)
close(r2)
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000040)={0x7ff}, 0x10)
write(0xffffffffffffffff, &(0x7f0000000180)="1c0000002200", 0x6)
splice(r1, 0x0, r2, 0x0, 0x10000, 0x0)

01:23:50 executing program 3:
io_setup(0x152, &(0x7f0000000080)=<r0=>0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)={0x2a441}, 0x18)
io_submit(r0, 0x2, &(0x7f00000003c0)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0}, &(0x7f0000000380)={0x0, 0x0, 0x8, 0x0, 0x0, r2, 0x0}])

01:23:50 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = msgget$private(0x0, 0x0)
msgsnd(r1, &(0x7f0000000000)=ANY=[], 0x2000, 0x0)
msgsnd(r1, &(0x7f00000001c0)={0x3}, 0x8, 0x0)
msgctl$IPC_SET(r1, 0x1, &(0x7f0000000140)={{0x2, 0x0, 0x0, 0x0, 0xee01}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5})
msgrcv(r1, &(0x7f0000000000)={0x0, ""/12}, 0x14, 0x3, 0x3800)

[   24.490649][   T25] audit: type=1400 audit(1621128230.160:8): avc:  denied  { execmem } for  pid=1757 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
[   24.583704][ T1764] cgroup: Unknown subsys name 'perf_event'
[   24.610195][ T1764] cgroup: Unknown subsys name 'net_cls'
[   24.628538][ T1765] cgroup: Unknown subsys name 'perf_event'
[   24.637875][ T1765] cgroup: Unknown subsys name 'net_cls'
[   24.649331][ T1767] cgroup: Unknown subsys name 'perf_event'
[   24.655461][ T1767] cgroup: Unknown subsys name 'net_cls'
[   24.680035][ T1770] cgroup: Unknown subsys name 'perf_event'
[   24.686133][ T1770] cgroup: Unknown subsys name 'net_cls'
[   24.718205][ T1781] cgroup: Unknown subsys name 'perf_event'
[   24.724280][ T1781] cgroup: Unknown subsys name 'net_cls'
[   24.734414][ T1785] cgroup: Unknown subsys name 'perf_event'
[   24.744430][ T1785] cgroup: Unknown subsys name 'net_cls'
01:23:54 executing program 0:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10)
r1 = socket(0x400000000000010, 0x802, 0x0)
write(r1, &(0x7f00000000c0)="24000000200099f0003be90000ed190e020008160000100000ba1080080002007f196be0", 0x24)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$sock_int(r0, 0x1, 0x4, &(0x7f0000000080), 0x4)

01:23:54 executing program 3:
io_setup(0x152, &(0x7f0000000080)=<r0=>0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)={0x2a441}, 0x18)
io_submit(r0, 0x2, &(0x7f00000003c0)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0}, &(0x7f0000000380)={0x0, 0x0, 0x8, 0x0, 0x0, r2, 0x0}])

01:23:54 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
pipe(&(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
vmsplice(r2, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1)
close(r2)
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000040)={0x7ff}, 0x10)
write(0xffffffffffffffff, &(0x7f0000000180)="1c0000002200", 0x6)
splice(r1, 0x0, r2, 0x0, 0x10000, 0x0)

01:23:54 executing program 0:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10)
r1 = socket(0x400000000000010, 0x802, 0x0)
write(r1, &(0x7f00000000c0)="24000000200099f0003be90000ed190e020008160000100000ba1080080002007f196be0", 0x24)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$sock_int(r0, 0x1, 0x4, &(0x7f0000000080), 0x4)

01:23:54 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
pipe(&(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
vmsplice(r2, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1)
close(r2)
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000040)={0x7ff}, 0x10)
write(0xffffffffffffffff, &(0x7f0000000180)="1c0000002200", 0x6)
splice(r1, 0x0, r2, 0x0, 0x10000, 0x0)

01:23:54 executing program 0:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10)
r1 = socket(0x400000000000010, 0x802, 0x0)
write(r1, &(0x7f00000000c0)="24000000200099f0003be90000ed190e020008160000100000ba1080080002007f196be0", 0x24)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$sock_int(r0, 0x1, 0x4, &(0x7f0000000080), 0x4)

01:23:54 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
pipe(&(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
vmsplice(r2, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1)
close(r2)
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000040)={0x7ff}, 0x10)
write(0xffffffffffffffff, &(0x7f0000000180)="1c0000002200", 0x6)
splice(r1, 0x0, r2, 0x0, 0x10000, 0x0)

[   28.941069][ T4510] hugetlbfs: Bad value '%' for mount option 'size'
[   28.941069][ T4510]