Warning: Permanently added '10.128.0.108' (ECDSA) to the list of known hosts. 2020/11/18 11:12:53 fuzzer started 2020/11/18 11:12:53 dialing manager at 10.128.0.105:38735 2020/11/18 11:12:55 syscalls: 3448 2020/11/18 11:12:55 code coverage: enabled 2020/11/18 11:12:55 comparison tracing: enabled 2020/11/18 11:12:55 extra coverage: enabled 2020/11/18 11:12:55 setuid sandbox: enabled 2020/11/18 11:12:55 namespace sandbox: enabled 2020/11/18 11:12:55 Android sandbox: /sys/fs/selinux/policy does not exist 2020/11/18 11:12:55 fault injection: enabled 2020/11/18 11:12:55 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/11/18 11:12:55 net packet injection: enabled 2020/11/18 11:12:55 net device setup: enabled 2020/11/18 11:12:55 concurrency sanitizer: enabled 2020/11/18 11:12:55 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/11/18 11:12:55 USB emulation: enabled 2020/11/18 11:12:55 hci packet injection: enabled 2020/11/18 11:12:55 wifi device emulation: enabled 2020/11/18 11:12:56 suppressing KCSAN reports in functions: '__xa_clear_mark' 'expire_timers' 'wbt_issue' '__ext4_new_inode' 'find_get_pages_range_tag' 'ext4_mb_good_group' 'futex_wait_queue_me' 'complete_signal' 'alloc_pid' 'blk_mq_sched_dispatch_requests' 'kauditd_thread' 'blk_mq_dispatch_rq_list' 'ext4_writepages' 'do_nanosleep' 'generic_write_end' 'blk_mq_rq_ctx_init' 'ext4_free_inode' 'ext4_free_inodes_count' 'do_sys_poll' 11:13:12 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000080)={{{@in6=@ipv4={[], [], @dev}, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {}, {}, 0x0, 0x0, 0x1}, {{@in, 0xfffffffd, 0x32}, 0x0, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x4, 0x0, 0xb7}}, 0xe8) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0) 11:13:12 executing program 1: bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x14, 0x4, 0x8, 0x400, 0x0, 0x1}, 0x3c) socket$inet6(0xa, 0x2, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000180)=0x1, 0x4) listen(r0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x5}, 0x40) bpf$MAP_CREATE(0x2, &(0x7f0000003000)={0x3, 0x0, 0x77fffb, 0x0, 0x10020000000, 0x0}, 0x2c) 11:13:13 executing program 2: r0 = socket$kcm(0x29, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000001180)={'tunl0\x00', &(0x7f0000001080)={'gretap0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @multicast2, @local}}}}) 11:13:13 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200)='nl80211\x00') ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000140)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x38, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_TX_RATES={0x10, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0xc, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HT={0x5, 0x2, [{0x0, 0x9}]}]}]}]}, 0x38}}, 0x0) 11:13:13 executing program 4: unshare(0x400) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) shutdown(r0, 0x0) 11:13:13 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet(0xa, 0x801, 0x84) connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(r0, 0x100000001) setsockopt$sock_int(r0, 0x1, 0x28, &(0x7f0000000080)=0x8, 0x4) r1 = accept4(r0, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xef}, 0xe) recvmmsg(r1, &(0x7f0000004300), 0x3a4, 0x0, 0x0) syzkaller login: [ 49.633534][ T8455] IPVS: ftp: loaded support on port[0] = 21 [ 49.684375][ T8455] chnl_net:caif_netlink_parms(): no params data found [ 49.723951][ T8455] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.731226][ T8455] bridge0: port 1(bridge_slave_0) entered disabled state [ 49.738683][ T8455] device bridge_slave_0 entered promiscuous mode [ 49.746703][ T8455] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.753859][ T8455] bridge0: port 2(bridge_slave_1) entered disabled state [ 49.762147][ T8455] device bridge_slave_1 entered promiscuous mode [ 49.779988][ T8455] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 49.790791][ T8455] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 49.803824][ T8457] IPVS: ftp: loaded support on port[0] = 21 [ 49.836593][ T8455] team0: Port device team_slave_0 added [ 49.844309][ T8455] team0: Port device team_slave_1 added [ 49.858792][ T8455] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 49.865763][ T8455] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 49.891788][ T8455] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 49.906219][ T8455] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 49.913212][ T8455] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 49.939998][ T8455] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 49.983590][ T8457] chnl_net:caif_netlink_parms(): no params data found [ 49.986461][ T8459] IPVS: ftp: loaded support on port[0] = 21 [ 49.997738][ T8455] device hsr_slave_0 entered promiscuous mode [ 50.009809][ T8455] device hsr_slave_1 entered promiscuous mode [ 50.055579][ T8457] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.062669][ T8457] bridge0: port 1(bridge_slave_0) entered disabled state [ 50.069995][ T8457] device bridge_slave_0 entered promiscuous mode [ 50.078607][ T8457] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.085643][ T8457] bridge0: port 2(bridge_slave_1) entered disabled state [ 50.094406][ T8457] device bridge_slave_1 entered promiscuous mode [ 50.133916][ T8457] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 50.158837][ T8461] IPVS: ftp: loaded support on port[0] = 21 [ 50.165892][ T8457] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 50.229403][ T8459] chnl_net:caif_netlink_parms(): no params data found [ 50.238091][ T8457] team0: Port device team_slave_0 added [ 50.246116][ T8455] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 50.262025][ T8463] ================================================================== [ 50.270222][ T8463] BUG: KCSAN: data-race in __hci_req_sync / hci_req_sync_complete [ 50.278006][ T8463] [ 50.280369][ T8463] write to 0xffff888136e82a70 of 4 bytes by task 8469 on cpu 0: [ 50.287981][ T8463] hci_req_sync_complete+0x5c/0x110 [ 50.293171][ T8463] hci_event_packet+0x3ab1/0xfed0 [ 50.298178][ T8463] hci_rx_work+0x324/0x480 [ 50.302586][ T8463] process_one_work+0x3e1/0x950 [ 50.307461][ T8463] worker_thread+0x635/0xb90 [ 50.312133][ T8463] kthread+0x1fa/0x220 [ 50.316183][ T8463] ret_from_fork+0x1f/0x30 [ 50.317995][ T8461] chnl_net:caif_netlink_parms(): no params data found [ 50.320577][ T8463] [ 50.329621][ T8463] read to 0xffff888136e82a70 of 4 bytes by task 8463 on cpu 1: [ 50.337145][ T8463] __hci_req_sync+0x159/0x420 [ 50.341801][ T8463] hci_req_sync+0x71/0x90 [ 50.346112][ T8463] hci_dev_cmd+0x244/0x590 [ 50.350510][ T8463] hci_sock_ioctl+0x2e3/0x630 [ 50.355167][ T8463] sock_do_ioctl+0x4d/0x210 [ 50.359654][ T8463] sock_ioctl+0x36e/0x5b0 [ 50.359937][ T8457] team0: Port device team_slave_1 added [ 50.363965][ T8463] __se_sys_ioctl+0xcb/0x140 [ 50.363975][ T8463] __x64_sys_ioctl+0x3f/0x50 [ 50.363991][ T8463] do_syscall_64+0x39/0x80 [ 50.373066][ T8455] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 50.374075][ T8463] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 50.395509][ T8463] [ 50.397813][ T8463] Reported by Kernel Concurrency Sanitizer on: [ 50.403941][ T8463] CPU: 1 PID: 8463 Comm: syz-executor.4 Not tainted 5.10.0-rc4-syzkaller #0 [ 50.412606][ T8463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 50.422652][ T8463] ================================================================== [ 50.430683][ T8463] Kernel panic - not syncing: panic_on_warn set ... [ 50.437327][ T8463] CPU: 1 PID: 8463 Comm: syz-executor.4 Not tainted 5.10.0-rc4-syzkaller #0 [ 50.445971][ T8463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 50.455994][ T8463] Call Trace: [ 50.459255][ T8463] dump_stack+0x116/0x15d [ 50.463730][ T8463] panic+0x1e7/0x5fa [ 50.467598][ T8463] ? vprintk_emit+0x2f2/0x370 [ 50.472245][ T8463] kcsan_report+0x67b/0x680 [ 50.476719][ T8463] ? kcsan_setup_watchpoint+0x46a/0x4d0 [ 50.482235][ T8463] ? __hci_req_sync+0x159/0x420 [ 50.487067][ T8463] ? hci_req_sync+0x71/0x90 [ 50.491536][ T8463] ? hci_dev_cmd+0x244/0x590 [ 50.496094][ T8463] ? hci_sock_ioctl+0x2e3/0x630 [ 50.500921][ T8463] ? sock_do_ioctl+0x4d/0x210 [ 50.505568][ T8463] ? sock_ioctl+0x36e/0x5b0 [ 50.510043][ T8463] ? __se_sys_ioctl+0xcb/0x140 [ 50.514794][ T8463] ? __x64_sys_ioctl+0x3f/0x50 [ 50.519536][ T8463] ? do_syscall_64+0x39/0x80 [ 50.524102][ T8463] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 50.530140][ T8463] ? __queue_work+0x7ca/0xa90 [ 50.534789][ T8463] kcsan_setup_watchpoint+0x46a/0x4d0 [ 50.540215][ T8463] __hci_req_sync+0x159/0x420 [ 50.544859][ T8463] ? init_wait_entry+0x30/0x30 [ 50.549596][ T8463] ? hci_encrypt_req+0x70/0x70 [ 50.554356][ T8463] hci_req_sync+0x71/0x90 [ 50.558652][ T8463] hci_dev_cmd+0x244/0x590 [ 50.563057][ T8463] hci_sock_ioctl+0x2e3/0x630 [ 50.567716][ T8463] sock_do_ioctl+0x4d/0x210 [ 50.572191][ T8463] ? emulate_vsyscall+0x5a4/0xd60 [ 50.577183][ T8463] ? __rcu_read_unlock+0x51/0x220 [ 50.582193][ T8463] ? sock_poll+0x1a0/0x1a0 [ 50.586586][ T8463] sock_ioctl+0x36e/0x5b0 [ 50.590887][ T8463] ? tomoyo_file_ioctl+0x1c/0x20 [ 50.595824][ T8463] ? sock_poll+0x1a0/0x1a0 [ 50.600223][ T8463] __se_sys_ioctl+0xcb/0x140 [ 50.604784][ T8463] __x64_sys_ioctl+0x3f/0x50 [ 50.609379][ T8463] do_syscall_64+0x39/0x80 [ 50.613765][ T8463] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 50.619625][ T8463] RIP: 0033:0x45dd27 [ 50.623490][ T8463] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 6d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 50.643065][ T8463] RSP: 002b:00007ffcd35adc48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 50.651482][ T8463] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045dd27 [ 50.659420][ T8463] RDX: 00007ffcd35adc60 RSI: 00000000400448dd RDI: 0000000000000003 [ 50.667385][ T8463] RBP: 00007ffcd35adc60 R08: 0000000000000000 R09: 00007f6c7a252700 [ 50.675325][ T8463] R10: 00007f6c7a2529d0 R11: 0000000000000246 R12: 0000000003523914 [ 50.683280][ T8463] R13: 00007ffcd35adf88 R14: 0000000000000000 R15: 0000000000000000 [ 50.691861][ T8463] Kernel Offset: disabled [ 50.696168][ T8463] Rebooting in 86400 seconds..