Warning: Permanently added '10.128.0.166' (ECDSA) to the list of known hosts. 2020/06/30 14:48:20 fuzzer started 2020/06/30 14:48:20 dialing manager at 10.128.0.105:41221 2020/06/30 14:48:20 syscalls: 3106 2020/06/30 14:48:20 code coverage: enabled 2020/06/30 14:48:20 comparison tracing: enabled 2020/06/30 14:48:20 extra coverage: enabled 2020/06/30 14:48:20 setuid sandbox: enabled 2020/06/30 14:48:20 namespace sandbox: enabled 2020/06/30 14:48:20 Android sandbox: /sys/fs/selinux/policy does not exist 2020/06/30 14:48:20 fault injection: enabled 2020/06/30 14:48:20 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/06/30 14:48:20 net packet injection: enabled 2020/06/30 14:48:20 net device setup: enabled 2020/06/30 14:48:20 concurrency sanitizer: enabled 2020/06/30 14:48:20 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/06/30 14:48:20 USB emulation: enabled 14:48:22 executing program 0: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@initdev={0xfe, 0x88, [], 0x0, 0x0}, @in6=@private1}, {@in=@remote, 0x0, 0x32}, @in, {}, {}, {}, 0x0, 0x0, 0xa, 0x1, 0x0, 0x8c0e946769b73622}, [@algo_crypt={0x48, 0x2, {{'cbc(aes)\x00'}}}]}, 0x138}}, 0x0) 14:48:22 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$inet6_int(r2, 0x88, 0xa, &(0x7f0000b67000), &(0x7f0000000140)=0xffffffffffffff45) syzkaller login: [ 32.888219][ T8665] IPVS: ftp: loaded support on port[0] = 21 [ 32.949308][ T8665] chnl_net:caif_netlink_parms(): no params data found [ 33.022429][ T8665] bridge0: port 1(bridge_slave_0) entered blocking state [ 33.053812][ T8665] bridge0: port 1(bridge_slave_0) entered disabled state [ 33.061224][ T8665] device bridge_slave_0 entered promiscuous mode [ 33.085238][ T8665] bridge0: port 2(bridge_slave_1) entered blocking state [ 33.092310][ T8665] bridge0: port 2(bridge_slave_1) entered disabled state [ 33.099987][ T8665] device bridge_slave_1 entered promiscuous mode [ 33.121047][ T8797] IPVS: ftp: loaded support on port[0] = 21 14:48:22 executing program 2: r0 = perf_event_open(&(0x7f0000001200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$setstatus(r0, 0x4, 0x2000) add_key$keyring(0x0, &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000000)='user\x00', &(0x7f0000000400)={'syz'}, &(0x7f00000001c0)="04", 0x1, 0xfffffffffffffffd) r2 = add_key$user(&(0x7f00000003c0)='user\x00', &(0x7f0000000440)={'syz'}, &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000040)={r2, r1, r2}, 0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)={'sha384-generic\x00\n\x00'}}) r3 = socket(0x10, 0x803, 0x0) getsockopt$SO_BINDTODEVICE(r3, 0x1, 0x22, &(0x7f0000000000), 0x20a154cc) sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="ac000000000101020000000000000000070000000c001080080003400001000008001540fffffffe08fb06400000001f0c00108008000240000073fc080015400000000408000840ffffffff60000180060003400002000006000340000200000c00028005000100110000000c00028005000100090000000c00028005000100110000001400018008000100ac1e0001080002007f000001236851dc06000340000300000c000280050001003a000000d83f5d37250ff98697489ddf39ac75275289"], 0xac}, 0x1, 0x0, 0x0, 0x800}, 0x4081) r4 = socket$netlink(0x10, 0x3, 0x15) r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140)='devlink\x00') sendmsg$DEVLINK_CMD_PORT_SET(r4, &(0x7f00000009c0)={0x0, 0xb, &(0x7f0000000980)={&(0x7f00000007c0)={0x14, r5, 0xffff}, 0x14}}, 0x0) sendmsg$DEVLINK_CMD_GET(r3, &(0x7f0000000140)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000100)={&(0x7f0000000480)={0x128, r5, 0x400, 0x70bd29, 0x25dfdbfb, {}, [@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, @nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, @nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, @pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, @pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, @nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, @nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, @nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, @pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}]}, 0x128}, 0x1, 0x0, 0x0, 0x4000080}, 0x44000) [ 33.133030][ T8665] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 33.157823][ T8665] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 33.198340][ T8665] team0: Port device team_slave_0 added [ 33.222801][ T8665] team0: Port device team_slave_1 added [ 33.238857][ T8797] chnl_net:caif_netlink_parms(): no params data found [ 33.251297][ T8665] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 33.259377][ T8665] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 33.286673][ T8665] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 33.310472][ T8665] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 33.323637][ T8665] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 33.373648][ T8665] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active 14:48:23 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000fedfff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000e3a333a0daf2f73451c0e17a606fe530cb7d7f933eda02ba18ad181867514fe60077d4dd90123d3ee7cf43548ee858e07d3be8ce3307c529a4ce6be614c2c794f72ebf5fe31789471702c9c2d5a9db90c8ac18143a5d904894ce42c48258f8dbe82e16cf8db95f5f068a9e0000000000000000000000007d8d90bdeff7e9965790d8000000000000000000000000000000000000001828a1bb7f00a15deb269d0a91985603763e4d70d404da006a3d6e6b9b96097934a42513a51e411abffd6903ef9b9727287e0a5e1c7faeaa0f527bcbe251502f16212b7fbb66b6b3721c2647215b48fdd7783d2d3215fb3e93df71fe9456b2880400e6b0829a4ff3ba7ebf469c90fee269d9f83a4187232a9137204752fabfa58b49952d710ddfccc0c6d995d1c7eb469930ed0df2d43facf1332531f1c066789478357a9536c97e8583213f6bd862fe310c3f9ffa1639f57d43be7f9cc6a6f4b1255a3db3e017138896634ac409cd3213a243b877eafcadd38aa83b70141e3043236d6d1cc9f60dd60c78754d4f1dc1e984ced8b9caf9c041e8ac300144f93e194598e8ed4caf27a87482b40af54376cfd0dba95e3c102bedc2fb87dae6754776c1912fad21d67c36e25a6d5754b44909ca00d0645c9dd11fcf93cdaf7b88323e08fd6ce6851ed4653d62c5d7ac9e2045f14cbe002b210bb9bc12ed57d98de44dc9dc30af9cd4fc571ae07b45f56db635a9209fba10bbb6ba2a3b738c65dd7b33823eb60b1abb5d0d11aec78432d5e1fd92ec513eccfdcb79c104cf6a75365edefdfd4cd9afa481f02bdf6d54d28d3dcb0000003400000000474d5b308d292b887661e4b93f75a976c1cd4b31f0c0a89349c072d917665094a0431d25178daf98320000e975e1d761a322d630da81d610d251b0bc0b2820bc5a905e3164d2d32343ce5a4aeffb771e8b86a22e6aa8ce09fcaeeccbca8324ff1c5fc1b228296362b16853f31b140227917b55b68fb691d66ce836809c9fd763b6a82e779fe690f68ef55953c1f45605d9d0cdd0"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000740)={r0, 0x8001a0, 0x1c, 0x5ac484bb51fa106a, &(0x7f0000000380)="4d50b441e692763513ef874565580000ffff00000000122e25d30800", 0x0, 0x403, 0x0, 0x22d}, 0x28) [ 33.417467][ T8934] IPVS: ftp: loaded support on port[0] = 21 [ 33.432924][ T8797] bridge0: port 1(bridge_slave_0) entered blocking state [ 33.446386][ T8797] bridge0: port 1(bridge_slave_0) entered disabled state [ 33.455241][ T8797] device bridge_slave_0 entered promiscuous mode [ 33.545214][ T8665] device hsr_slave_0 entered promiscuous mode 14:48:23 executing program 4: sendmsg$key(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00008feff0)={0x0}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000100)={0x4, 0x0, &(0x7f00008feff0)={&(0x7f0000000280)=ANY=[@ANYBLOB="020d0000100000002f3144e800000000030006000720000002004000c3060000000000f5000000000800120002ca0368b10000000000000030006c000203009f060203000000adb20200000000152c000000000000000001020014bb000300000000000000000000030005000000000002"], 0x80}}, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmmsg(r0, &(0x7f00000000c0), 0x4000676, 0x0) [ 33.593753][ T8665] device hsr_slave_1 entered promiscuous mode [ 33.683501][ T8797] bridge0: port 2(bridge_slave_1) entered blocking state [ 33.690597][ T8797] bridge0: port 2(bridge_slave_1) entered disabled state [ 33.714092][ T8797] device bridge_slave_1 entered promiscuous mode [ 33.761100][ T8981] IPVS: ftp: loaded support on port[0] = 21 [ 33.777279][ T8797] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 33.797323][ T9017] IPVS: ftp: loaded support on port[0] = 21 [ 33.824894][ T8797] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 33.843293][ T8934] chnl_net:caif_netlink_parms(): no params data found 14:48:23 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=@ipv6_newroute={0x2c, 0x18, 0x901, 0x0, 0x0, {}, [@RTA_MULTIPATH={0xc, 0x9, {0x8}}, @RTA_METRICS={0x4}]}, 0x2c}}, 0x0) [ 33.924967][ T8665] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 33.985566][ T8797] team0: Port device team_slave_0 added [ 34.003399][ T8665] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 34.047202][ T8665] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 34.095082][ T8665] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 34.157112][ T8797] team0: Port device team_slave_1 added [ 34.178150][ T8797] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 34.185384][ T8797] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 34.212271][ T8797] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 34.243786][ T25] ================================================================== [ 34.252368][ T25] BUG: KCSAN: data-race in copy_process / release_task [ 34.257719][ T8797] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 34.259200][ T25] [ 34.269337][ T25] write to 0xffffffff8927a410 of 4 bytes by task 9245 on cpu 1: [ 34.269826][ T8797] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 34.277142][ T25] release_task+0x6c8/0xb90 [ 34.277150][ T25] do_exit+0x1140/0x16e0 [ 34.277162][ T25] call_usermodehelper_exec_async+0x2da/0x2e0 [ 34.277172][ T25] ret_from_fork+0x1f/0x30 [ 34.277174][ T25] [ 34.277182][ T25] read to 0xffffffff8927a410 of 4 bytes by task 25 on cpu 0: [ 34.277192][ T25] copy_process+0xac4/0x3300 [ 34.277208][ T25] _do_fork+0xf1/0x660 [ 34.307233][ T8797] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 34.308409][ T25] kernel_thread+0x85/0xb0 [ 34.315685][ T9181] IPVS: ftp: loaded support on port[0] = 21 [ 34.318668][ T25] call_usermodehelper_exec_work+0x4f/0x1b0 [ 34.351283][ T8981] chnl_net:caif_netlink_parms(): no params data found [ 34.351896][ T25] process_one_work+0x3e1/0x9a0 [ 34.379160][ T9017] chnl_net:caif_netlink_parms(): no params data found [ 34.379828][ T25] worker_thread+0x665/0xbe0 [ 34.392166][ T25] kthread+0x20d/0x230 [ 34.396264][ T25] ret_from_fork+0x1f/0x30 [ 34.400653][ T25] [ 34.402963][ T25] Reported by Kernel Concurrency Sanitizer on: [ 34.409094][ T25] CPU: 0 PID: 25 Comm: kworker/u4:2 Not tainted 5.8.0-rc3-syzkaller #0 [ 34.417300][ T25] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 34.427600][ T25] Workqueue: events_unbound call_usermodehelper_exec_work [ 34.434702][ T25] ================================================================== [ 34.442733][ T25] Kernel panic - not syncing: panic_on_warn set ... [ 34.449293][ T25] CPU: 0 PID: 25 Comm: kworker/u4:2 Not tainted 5.8.0-rc3-syzkaller #0 [ 34.457499][ T25] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 34.467900][ T25] Workqueue: events_unbound call_usermodehelper_exec_work [ 34.474974][ T25] Call Trace: [ 34.478237][ T25] dump_stack+0x10f/0x19d [ 34.482535][ T25] panic+0x207/0x64a [ 34.486438][ T25] ? vprintk_emit+0x44a/0x4f0 [ 34.491085][ T25] kcsan_report+0x684/0x690 [ 34.495573][ T25] ? kcsan_setup_watchpoint+0x453/0x4d0 [ 34.501089][ T25] ? copy_process+0xac4/0x3300 [ 34.505823][ T25] ? _do_fork+0xf1/0x660 [ 34.510033][ T25] ? kernel_thread+0x85/0xb0 [ 34.514589][ T25] ? call_usermodehelper_exec_work+0x4f/0x1b0 [ 34.520642][ T25] ? process_one_work+0x3e1/0x9a0 [ 34.525634][ T25] ? worker_thread+0x665/0xbe0 [ 34.530366][ T25] ? kthread+0x20d/0x230 [ 34.534591][ T25] ? ret_from_fork+0x1f/0x30 [ 34.541243][ T25] ? debug_smp_processor_id+0x18/0x20 [ 34.546585][ T25] ? copy_creds+0x280/0x350 [ 34.551078][ T25] ? copy_creds+0x280/0x350 [ 34.555552][ T25] kcsan_setup_watchpoint+0x453/0x4d0 [ 34.560908][ T25] ? copy_creds+0x280/0x350 [ 34.565380][ T25] copy_process+0xac4/0x3300 [ 34.569946][ T25] ? check_preempt_wakeup+0x1cb/0x370 [ 34.575289][ T25] ? proc_cap_handler+0x280/0x280 [ 34.580284][ T25] _do_fork+0xf1/0x660 [ 34.584331][ T25] ? enqueue_entity+0x25a/0x480 [ 34.589164][ T25] ? proc_cap_handler+0x280/0x280 [ 34.594160][ T25] kernel_thread+0x85/0xb0 [ 34.598551][ T25] ? proc_cap_handler+0x280/0x280 [ 34.603547][ T25] call_usermodehelper_exec_work+0x4f/0x1b0 [ 34.609495][ T25] process_one_work+0x3e1/0x9a0 [ 34.614319][ T25] worker_thread+0x665/0xbe0 [ 34.618970][ T25] ? finish_task_switch+0x8b/0x270 [ 34.624061][ T25] ? process_one_work+0x9a0/0x9a0 [ 34.629057][ T25] kthread+0x20d/0x230 [ 34.633101][ T25] ? process_one_work+0x9a0/0x9a0 [ 34.638097][ T25] ? kthread_blkcg+0x80/0x80 [ 34.642658][ T25] ret_from_fork+0x1f/0x30 [ 34.648434][ T25] Kernel Offset: disabled [ 34.652745][ T25] Rebooting in 86400 seconds..