Warning: Permanently added '10.128.0.214' (ECDSA) to the list of known hosts. 2020/10/01 08:26:13 fuzzer started 2020/10/01 08:26:13 dialing manager at 10.128.0.105:36473 2020/10/01 08:26:13 syscalls: 3430 2020/10/01 08:26:13 code coverage: enabled 2020/10/01 08:26:13 comparison tracing: enabled 2020/10/01 08:26:13 extra coverage: enabled 2020/10/01 08:26:13 setuid sandbox: enabled 2020/10/01 08:26:13 namespace sandbox: enabled 2020/10/01 08:26:13 Android sandbox: /sys/fs/selinux/policy does not exist 2020/10/01 08:26:13 fault injection: enabled 2020/10/01 08:26:13 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/10/01 08:26:13 net packet injection: enabled 2020/10/01 08:26:13 net device setup: enabled 2020/10/01 08:26:13 concurrency sanitizer: enabled 2020/10/01 08:26:13 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/10/01 08:26:13 USB emulation: enabled 2020/10/01 08:26:13 hci packet injection: enabled 2020/10/01 08:26:13 wifi device emulation: enabled 2020/10/01 08:26:14 suppressing KCSAN reports in functions: 'blk_mq_sched_dispatch_requests' 'dd_has_work' '__xa_clear_mark' 'ext4_free_inode' '__ext4_new_inode' 08:26:17 executing program 0: r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000080)={0x18, 0x0, {0xfbfffffffffffffc, @local, 'ip_vti0\x00'}}, 0x1e) r1 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r1, &(0x7f0000000080)={0x18, 0x0, {0xfbfffffffffffffc, @broadcast, 'ip_vti0\x00'}}, 0x1e) r2 = socket$pppoe(0x18, 0x1, 0x0) r3 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r3, &(0x7f0000000000)={0x18, 0x0, {0x3, @local, 'ip6_vti0\x00'}}, 0x1e) r4 = socket$pppoe(0x18, 0x1, 0x0) r5 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r5, &(0x7f0000000000)={0x18, 0x0, {0x3, @local, 'ip6_vti0\x00'}}, 0x1e) dup2(r4, r5) dup2(r2, r3) 08:26:17 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="3c00000010008506000010000000000000000000", @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010003"], 0x3c}}, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x1, 0x803, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x6) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x8b6e0300, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x4c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x7a}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9, 0x1, 'vlan\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}]}}}, @IFLA_LINK={0x8, 0x5, r5}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x4c}}, 0x0) 08:26:17 executing program 2: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000002, 0x0) r0 = getpid() r1 = getpid() rt_tgsigqueueinfo(r1, r0, 0x16, &(0x7f0000000100)) ptrace(0x10, r0) ptrace$pokeuser(0x420b, r0, 0x0, 0x0) 08:26:17 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000140)='/dev/video#\x00', 0x8000000000000, 0x2) ioctl$vim2m_VIDIOC_QUERYBUF(r0, 0xc0145608, &(0x7f00000000c0)={0x0, 0xa, 0x1, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "c87400"}, 0x0, 0x0, @fd}) 08:26:18 executing program 4: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet_mptcp(0x2, 0x1, 0x106) preadv(0xffffffffffffffff, &(0x7f00000017c0), 0x3da, 0x0, 0x0) bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) connect$inet(r1, &(0x7f0000000480)={0x2, 0x4e24, @local}, 0x10) sendto$inet(r1, &(0x7f0000000100)="f6", 0xffffffe7, 0xc000, 0x0, 0x0) mmap(&(0x7f0000492000/0x1000)=nil, 0x1000, 0x0, 0x28011, r0, 0x0) 08:26:18 executing program 5: r0 = socket(0x1000000010, 0x80002, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r3, @ANYBLOB="0000151300000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000004007a2a30005000000", @ANYRES32=r3, @ANYBLOB="00000000ffffffff00000000090001006866736300000000080002"], 0x38}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000800)=@newtfilter={0x48, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {}, {0xffe0}}, [@filter_kind_options=@f_bpf={{0x8, 0x1, 'bpf\x00'}, {0x1c, 0x2, [@TCA_BPF_FLAGS={0x8}, @TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x4}, @TCA_BPF_FD={0x8}]}}]}, 0x48}}, 0x0) sendmmsg$alg(r0, &(0x7f0000000200), 0x6c50a96ae300b3, 0x0) syzkaller login: [ 37.092954][ T8712] IPVS: ftp: loaded support on port[0] = 21 [ 37.172543][ T8712] chnl_net:caif_netlink_parms(): no params data found [ 37.200990][ T8712] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.208268][ T8712] bridge0: port 1(bridge_slave_0) entered disabled state [ 37.217789][ T8712] device bridge_slave_0 entered promiscuous mode [ 37.225646][ T8712] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.233284][ T8712] bridge0: port 2(bridge_slave_1) entered disabled state [ 37.240903][ T8712] device bridge_slave_1 entered promiscuous mode [ 37.256777][ T8712] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 37.267541][ T8712] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 37.285227][ T8714] IPVS: ftp: loaded support on port[0] = 21 [ 37.285835][ T8712] team0: Port device team_slave_0 added [ 37.298195][ T8712] team0: Port device team_slave_1 added [ 37.333481][ T8712] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 37.340419][ T8712] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 37.367604][ T8712] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 37.392339][ T8712] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 37.400132][ T8712] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 37.426759][ T8712] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 37.441867][ T8716] IPVS: ftp: loaded support on port[0] = 21 [ 37.468054][ T8712] device hsr_slave_0 entered promiscuous mode [ 37.474402][ T8712] device hsr_slave_1 entered promiscuous mode [ 37.536973][ T8716] chnl_net:caif_netlink_parms(): no params data found [ 37.586870][ T8718] IPVS: ftp: loaded support on port[0] = 21 [ 37.633929][ T8714] chnl_net:caif_netlink_parms(): no params data found [ 37.665936][ T8716] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.665958][ T8716] bridge0: port 1(bridge_slave_0) entered disabled state [ 37.666266][ T8716] device bridge_slave_0 entered promiscuous mode [ 37.690035][ T8716] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.704792][ T8716] bridge0: port 2(bridge_slave_1) entered disabled state [ 37.713257][ T8716] device bridge_slave_1 entered promiscuous mode [ 37.740315][ T8712] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 37.766286][ T8720] IPVS: ftp: loaded support on port[0] = 21 [ 37.799514][ T8712] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 37.809777][ T8716] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 37.845247][ T8718] chnl_net:caif_netlink_parms(): no params data found [ 37.854882][ T8712] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 37.868304][ T8716] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 37.887572][ T8712] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 37.907971][ T8716] team0: Port device team_slave_0 added [ 37.917464][ T8716] team0: Port device team_slave_1 added [ 37.934917][ T8722] IPVS: ftp: loaded support on port[0] = 21 [ 37.944774][ T8714] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.951814][ T8714] bridge0: port 1(bridge_slave_0) entered disabled state [ 37.960876][ T8714] device bridge_slave_0 entered promiscuous mode [ 37.969939][ T8714] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.977169][ T8714] bridge0: port 2(bridge_slave_1) entered disabled state [ 37.985202][ T8714] device bridge_slave_1 entered promiscuous mode [ 38.000981][ T8712] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.008008][ T8712] bridge0: port 2(bridge_slave_1) entered forwarding state [ 38.015339][ T8712] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.015423][ T8342] ================================================================== [ 38.022369][ T8712] bridge0: port 1(bridge_slave_0) entered forwarding state [ 38.030410][ T8342] BUG: KCSAN: data-race in do_syslog / log_store [ 38.043847][ T8342] [ 38.046163][ T8342] write to 0xffffffff89513200 of 8 bytes by task 8712 on cpu 1: [ 38.047073][ T8714] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 38.053773][ T8342] log_store+0x7a2/0x7d0 [ 38.053784][ T8342] vprintk_store+0x5ba/0x700 [ 38.053800][ T8342] vprintk_emit+0x114/0x4f0 [ 38.064519][ T8714] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 38.066999][ T8342] vprintk_default+0x24/0x30 [ 38.080284][ T8714] team0: Port device team_slave_0 added [ 38.085011][ T8342] vprintk_func+0x13d/0x140 [ 38.085021][ T8342] printk+0x62/0x82 [ 38.085043][ T8342] br_set_state+0x159/0x290 [ 38.090602][ T8714] team0: Port device team_slave_1 added [ 38.095112][ T8342] br_stp_enable_port+0x57/0x110 [ 38.095120][ T8342] br_stp_enable_bridge+0x155/0x1a0 [ 38.095129][ T8342] br_dev_open+0x3b/0x50 [ 38.095146][ T8342] __dev_open+0x269/0x390 [ 38.108971][ T8714] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 38.113406][ T8342] __dev_change_flags+0x167/0x3f0 [ 38.113415][ T8342] dev_change_flags+0x55/0xc0 [ 38.113430][ T8342] do_setlink+0x736/0x2220 [ 38.119156][ T8714] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.123515][ T8342] rtnl_newlink+0xe62/0x1340 [ 38.123525][ T8342] rtnetlink_rcv_msg+0x71b/0x7b0 [ 38.123533][ T8342] netlink_rcv_skb+0x13e/0x240 [ 38.123553][ T8342] rtnetlink_rcv+0x18/0x20 [ 38.128610][ T8714] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 38.132065][ T8342] netlink_unicast+0x5e2/0x6b0 [ 38.140361][ T8714] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 38.143962][ T8342] netlink_sendmsg+0x6d8/0x7a0 [ 38.143973][ T8342] __sys_sendto+0x2ae/0x380 [ 38.143989][ T8342] __x64_sys_sendto+0x74/0x90 [ 38.149300][ T8714] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.153047][ T8342] do_syscall_64+0x39/0x80 [ 38.153058][ T8342] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 38.153060][ T8342] [ 38.153069][ T8342] read to 0xffffffff89513200 of 8 bytes by task 8342 on cpu 0: [ 38.153088][ T8342] do_syslog+0x344/0x1480 [ 38.180283][ T8714] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 38.183497][ T8342] kmsg_read+0x7a/0xa0 [ 38.183506][ T8342] proc_reg_read+0xde/0x1a0 [ 38.183520][ T8342] vfs_read+0x16d/0x5e0 [ 38.306742][ T8342] ksys_read+0xce/0x180 [ 38.310865][ T8342] __x64_sys_read+0x3e/0x50 [ 38.315337][ T8342] do_syscall_64+0x39/0x80 [ 38.319739][ T8342] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 38.325593][ T8342] [ 38.327905][ T8342] Reported by Kernel Concurrency Sanitizer on: [ 38.334025][ T8342] CPU: 0 PID: 8342 Comm: in:imklog Not tainted 5.9.0-rc7-syzkaller #0 [ 38.342147][ T8342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 38.352288][ T8342] ================================================================== [ 38.360318][ T8342] Kernel panic - not syncing: panic_on_warn set ... [ 38.366878][ T8342] CPU: 0 PID: 8342 Comm: in:imklog Not tainted 5.9.0-rc7-syzkaller #0 [ 38.374995][ T8342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 38.385019][ T8342] Call Trace: [ 38.388282][ T8342] dump_stack+0x10f/0x19d [ 38.392581][ T8342] panic+0x207/0x64a [ 38.396451][ T8342] ? vprintk_emit+0x44a/0x4f0 [ 38.401100][ T8342] kcsan_report+0x684/0x690 [ 38.405574][ T8342] ? kcsan_setup_watchpoint+0x41e/0x4a0 [ 38.411089][ T8342] ? do_syslog+0x344/0x1480 [ 38.415574][ T8342] ? kmsg_read+0x7a/0xa0 [ 38.419797][ T8342] ? proc_reg_read+0xde/0x1a0 [ 38.424454][ T8342] ? vfs_read+0x16d/0x5e0 [ 38.428752][ T8342] ? ksys_read+0xce/0x180 [ 38.433051][ T8342] ? __x64_sys_read+0x3e/0x50 [ 38.437716][ T8342] ? do_syscall_64+0x39/0x80 [ 38.442295][ T8342] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 38.448339][ T8342] ? try_to_wake_up+0x2d0/0x4a0 [ 38.453252][ T8342] kcsan_setup_watchpoint+0x41e/0x4a0 [ 38.458612][ T8342] do_syslog+0x344/0x1480 [ 38.462916][ T8342] ? init_wait_entry+0x30/0x30 [ 38.467650][ T8342] kmsg_read+0x7a/0xa0 [ 38.471687][ T8342] ? kmsg_open+0x20/0x20 [ 38.475897][ T8342] proc_reg_read+0xde/0x1a0 [ 38.480381][ T8342] ? vfs_read+0x15d/0x5e0 [ 38.484700][ T8342] ? proc_reg_llseek+0x180/0x180 [ 38.489621][ T8342] vfs_read+0x16d/0x5e0 [ 38.493751][ T8342] ? __rcu_read_unlock+0x4b/0x260 [ 38.498746][ T8342] ? __fget_light+0x219/0x260 [ 38.503394][ T8342] ksys_read+0xce/0x180 [ 38.507520][ T8342] __x64_sys_read+0x3e/0x50 [ 38.511993][ T8342] do_syscall_64+0x39/0x80 [ 38.516377][ T8342] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 38.522237][ T8342] RIP: 0033:0x7fc8234bb22d [ 38.526639][ T8342] Code: c1 20 00 00 75 10 b8 00 00 00 00 0f 05 48 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 4e fc ff ff 48 89 04 24 b8 00 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 97 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 38.546212][ T8342] RSP: 002b:00007fc820e57580 EFLAGS: 00000293 ORIG_RAX: 0000000000000000 [ 38.554604][ T8342] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc8234bb22d [ 38.562560][ T8342] RDX: 0000000000001fa0 RSI: 00007fc820e57da0 RDI: 0000000000000004 [ 38.570500][ T8342] RBP: 0000559eb7e929d0 R08: 0000000000000000 R09: 0000000000000000 [ 38.578439][ T8342] R10: 2ce33e6c02ce33e7 R11: 0000000000000293 R12: 00007fc820e57da0 [ 38.586379][ T8342] R13: 0000000000001fa0 R14: 0000000000001f9f R15: 00007fc820e57e44 [ 38.595670][ T8342] Kernel Offset: disabled [ 38.599992][ T8342] Rebooting in 86400 seconds..