Warning: Permanently added '10.128.0.42' (ECDSA) to the list of known hosts. 2019/12/02 20:24:08 fuzzer started 2019/12/02 20:24:10 dialing manager at 10.128.0.26:38907 2019/12/02 20:24:10 syscalls: 2697 2019/12/02 20:24:10 code coverage: enabled 2019/12/02 20:24:10 comparison tracing: enabled 2019/12/02 20:24:10 extra coverage: extra coverage is not supported by the kernel 2019/12/02 20:24:10 setuid sandbox: enabled 2019/12/02 20:24:10 namespace sandbox: enabled 2019/12/02 20:24:10 Android sandbox: /sys/fs/selinux/policy does not exist 2019/12/02 20:24:10 fault injection: enabled 2019/12/02 20:24:10 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/12/02 20:24:10 net packet injection: enabled 2019/12/02 20:24:10 net device setup: enabled 2019/12/02 20:24:10 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2019/12/02 20:24:10 devlink PCI setup: PCI device 0000:00:10.0 is not available 20:24:11 executing program 0: r0 = fsopen(&(0x7f0000000040)='tmpfs\x00', 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x6, 0x0, 0x0, 0x0) fsmount(r0, 0x0, 0xb) 20:24:11 executing program 1: r0 = syz_open_dev$video(&(0x7f0000000100)='/dev/video#\x00', 0x2677, 0x0) ioctl$VIDIOC_G_PARM(r0, 0xc0cc5615, &(0x7f0000000180)={0x5, @output}) syzkaller login: [ 61.148867][ T8301] IPVS: ftp: loaded support on port[0] = 21 20:24:12 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video35\x00', 0x2, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f0000000100)='status\x00') r3 = getpid() rt_tgsigqueueinfo(r3, r3, 0x13, &(0x7f0000000180)) ptrace(0x10, r3) r4 = syz_open_procfs(0x0, &(0x7f0000000340)='fd/3\x00W\xf6Je|H\x10\x05\xf1\xab\xc4MJ\xcbP\xed@\xe8\xe39\xd2\xea\xaap\xf9\x1aTM\x1f\x8e\x86c\xb4T\xde\x10\xf6\xa1\x89\xea)6\xca\x00\xa2\x04\xe6}\xaa\xd4\xf6~\xd0\x04bq\xe5\xa2\x99t;zzV\x15\x9a\x1b\xb9\x87@\xe9#\x99\xd6\xb8\xa4\xb1T\xdd\xe0\x93\xd0\xd5\xd8\x0f\x11y\xef\xf1R\v\xd6\x81\x97\xa96,q\xd0\xb8\xde\xf6\x8153\x1a\x11VEG(\x93\x18\xf2\xbc\x17\x1f\xd7\x89F(G\x18S\xfb\x92\xd9\x0f\x8b\xc8A\xc8\xb4=Y;\xa8\xed\xd2\xa9\xa2\x87\xa0\xfb\r\xf7I1]:\xd1;h\xc6\xe2M\xf2\x005\x96\x9b\xd1\x92v\xf9\xba\xf4\x12\r\"^\xc2\xb2\x1d\n:mq\xc7\x00\x00\xa1\x7f\x92r\x95\x96\xda7\xea\x85\xc8\x8c\xa8^\xb7\x1f\x80\x05\x03\xbb\xef9C\xcb(\x9bF\vHFW\x04\x1d\xc7LkW\xb2\xe9\xdd\x17\xe8%\x86\xd1H\rR\xafX\x1f\xea\x00'/251) sendfile(r4, r2, 0x0, 0x1ff) [ 61.350447][ T8304] IPVS: ftp: loaded support on port[0] = 21 [ 61.367206][ T8301] chnl_net:caif_netlink_parms(): no params data found [ 61.462107][ T8301] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.470287][ T8301] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.478276][ T8301] device bridge_slave_0 entered promiscuous mode [ 61.493136][ T8306] IPVS: ftp: loaded support on port[0] = 21 [ 61.500866][ T8301] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.511695][ T8301] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.519947][ T8301] device bridge_slave_1 entered promiscuous mode [ 61.578968][ T8301] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 61.611597][ T8301] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 61.626024][ T8304] chnl_net:caif_netlink_parms(): no params data found 20:24:12 executing program 3: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r0, 0x107, 0x2000000000007, &(0x7f0000000000)=0x2, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f00000001c0)=@req3={0x10000, 0xff, 0x10000, 0xff}, 0x1c) r1 = socket$inet6(0xa, 0x400000000001, 0x0) r2 = dup(r1) setsockopt$sock_timeval(r1, 0x1, 0x15, &(0x7f0000000200)={0x0, 0x7530}, 0x10) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendto$inet6(r2, 0x0, 0x0, 0x20000008, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) r3 = open(&(0x7f0000000280)='./file0\x00', 0x110000141042, 0x0) setsockopt$inet6_int(r2, 0x29, 0x46, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$FUSE_IOCTL(r3, &(0x7f0000000080)={0x20, 0x0, 0x6, {0xd88, 0x4, 0xffffffff}}, 0x20) r5 = dup(r4) syz_genetlink_get_family_id$tipc2(&(0x7f0000000180)='TIPCv2\x00') write$9p(r5, &(0x7f00000002c0), 0x0) syz_genetlink_get_family_id$ipvs(0x0) getsockopt$inet_int(r3, 0x0, 0x0, 0x0, 0x0) sendmsg$IPVS_CMD_SET_DEST(0xffffffffffffffff, 0x0, 0x0) sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0) ioctl$EXT4_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) getsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) read(0xffffffffffffffff, 0x0, 0x1f3) setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, 0x0, 0x0) ftruncate(r3, 0x10099b3) sendfile(r1, r3, 0x0, 0x88000fc000000) [ 61.685832][ T8301] team0: Port device team_slave_0 added [ 61.722737][ T8301] team0: Port device team_slave_1 added [ 61.770900][ T8304] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.779234][ T8304] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.797242][ T8304] device bridge_slave_0 entered promiscuous mode 20:24:12 executing program 4: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) r1 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0xb, 0x12, r1, 0x0) ftruncate(r0, 0x48280) r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ftruncate(r2, 0x88001) r3 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ftruncate(r3, 0x88001) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\xe8\xee\xc9\x96\xc2;\xaf\t\xa8M*\xe4;~y\xb2\xb3\xba\b;/\xb6&\xa5\xaa\xcec\x1e\x8a;\xea;P\xb5w^2\f\xe5\xcc`\xa0\xce\xf0+\x19v\xb9I\xdf\xfe\x13\xd9\x1a\xd6;+\x16\x05\x1aul>\x82@\x0f\xdf\xcd\x99\x9a\x13\xe2[F\xf0\xc1\xfb\xae\xb5\xb5\x1f\xf3\xe9\xd5\xbf\x13k\xbc)\xa1nbx\x9c\x02\xa6p?\x12\x89\nAr\xe9Q\xb0\x80Q\x8e\xf2\xf0yX\x9b\x96\xa4\x8b\x01f\xe0\x04\xbd\x93K!\xa0D-\xfc\x12\x02\xe2\xb5WQ\xb4\xb1\xf2\x16)\xc8\b\xc2\x99\x9a\xd9\xa6p\xedK\xb5\x8b\xe8\xbf\xa0\xa1\x13\xd78Mt$\x06\xb6c\xd0Y\x05\xd1l\x98|\xff\xb5\v\x93\x7f\xbc\x1a\x7f\xa9state=0x0 ->cpu=1 [ 171.180421][ C0] rcu: RCU grace-period kthread stack dump: [ 171.186312][ C0] rcu_preempt R running task 29032 10 2 0x80004000 [ 171.194214][ C0] Call Trace: [ 171.197510][ C0] __schedule+0x9a0/0xcc0 [ 171.201933][ C0] schedule+0x181/0x210 [ 171.206076][ C0] schedule_timeout+0x14f/0x240 [ 171.210924][ C0] ? run_local_timers+0x120/0x120 [ 171.216114][ C0] rcu_gp_kthread+0xed8/0x1770 [ 171.220883][ C0] kthread+0x332/0x350 [ 171.224936][ C0] ? rcu_report_qs_rsp+0x140/0x140 [ 171.230040][ C0] ? kthread_blkcg+0xe0/0xe0 [ 171.234630][ C0] ret_from_fork+0x24/0x30 [ 171.239054][ C0] NMI backtrace for cpu 0 [ 171.243762][ C0] CPU: 0 PID: 8322 Comm: syz-executor.0 Not tainted 5.4.0-syzkaller #0 [ 171.252100][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 171.262782][ C0] Call Trace: [ 171.266061][ C0] [ 171.268925][ C0] dump_stack+0x1fb/0x318 [ 171.273262][ C0] nmi_cpu_backtrace+0xaf/0x1a0 [ 171.278110][ C0] ? nmi_trigger_cpumask_backtrace+0x16d/0x290 [ 171.284345][ C0] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 171.290415][ C0] nmi_trigger_cpumask_backtrace+0x174/0x290 [ 171.296384][ C0] arch_trigger_cpumask_backtrace+0x10/0x20 [ 171.302264][ C0] rcu_dump_cpu_stacks+0x15a/0x220 [ 171.307371][ C0] rcu_sched_clock_irq+0xe25/0x1ad0 [ 171.312591][ C0] ? trace_hardirqs_off+0x74/0x80 [ 171.317659][ C0] update_process_times+0x12d/0x180 [ 171.322946][ C0] tick_sched_timer+0x263/0x420 [ 171.327890][ C0] ? tick_setup_sched_timer+0x3d0/0x3d0 [ 171.333541][ C0] __hrtimer_run_queues+0x403/0x840 [ 171.338765][ C0] hrtimer_interrupt+0x38c/0xda0 [ 171.343737][ C0] ? debug_smp_processor_id+0x9/0x20 [ 171.349728][ C0] smp_apic_timer_interrupt+0x109/0x280 [ 171.355273][ C0] apic_timer_interrupt+0xf/0x20 [ 171.360192][ C0] [ 171.363137][ C0] RIP: 0010:free_thread_stack+0x124/0x590 [ 171.368842][ C0] Code: ff 48 c1 e8 06 48 83 e0 c0 48 bf 00 00 00 00 00 ea ff ff 48 01 c7 be 03 00 00 00 e8 06 a2 60 00 e9 5d 04 00 00 e8 5c 2d 2e 00 <48> 89 df 31 f6 e8 42 af 6e 00 43 80 3c 2e 00 74 08 4c 89 e7 e8 43 [ 171.388444][ C0] RSP: 0018:ffffc900026a7728 EFLAGS: 00000293 ORIG_RAX: ffffffffffffff13 [ 171.396957][ C0] RAX: ffffffff81486ea4 RBX: ffffea000243a9c0 RCX: ffff8880a4490200 [ 171.404913][ C0] RDX: 0000000000000000 RSI: 00000000fffffffc RDI: ffffea000243a9c0 [ 171.412870][ C0] RBP: ffffc900026a7760 R08: 000000000003a768 R09: ffffed10149fdab7 [ 171.420845][ C0] R10: ffffed10149fdab7 R11: 0000000000000000 R12: ffff8880a86a4720 [ 171.428804][ C0] R13: dffffc0000000000 R14: 1ffff110150d48e4 R15: ffff8880a4fed5a8 [ 171.436807][ C0] ? free_thread_stack+0x124/0x590 [ 171.441921][ C0] ? free_thread_stack+0x124/0x590 [ 171.447236][ C0] put_task_stack+0xa3/0x130 [ 171.451829][ C0] finish_task_switch+0x3f1/0x550 [ 171.456850][ C0] __schedule+0x9a8/0xcc0 [ 171.461356][ C0] preempt_schedule_irq+0xc1/0x140 [ 171.466541][ C0] retint_kernel+0x1b/0x2b [ 171.470975][ C0] RIP: 0010:rmqueue+0x1f57/0x2080 [ 171.476170][ C0] Code: 48 c1 e8 03 42 80 3c 28 00 74 0c 48 c7 c7 28 96 0a 89 e8 8c d2 07 00 48 83 3d ac 55 60 07 00 0f 84 1d 01 00 00 48 89 df 57 9d <0f> 1f 44 00 00 e9 eb e0 ff ff 0f 0b e9 9f e1 ff ff 4c 89 e7 be 0c [ 171.496036][ C0] RSP: 0000:ffffc900026a7978 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff13 [ 171.504697][ C0] RAX: 1ffffffff12152c5 RBX: 0000000000000286 RCX: ffffffff815c0597 [ 171.512671][ C0] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000286 [ 171.520641][ C0] RBP: ffffc900026a7ab8 R08: ffff8880a4490a58 R09: fffffbfff13c852d [ 171.528733][ C0] R10: fffffbfff13c852d R11: 0000000000000000 R12: ffff88812fffb6c0 [ 171.536694][ C0] R13: dffffc0000000000 R14: 0000000000000004 R15: ffffea0001b00000 [ 171.544760][ C0] ? mark_lock+0x107/0x1650 [ 171.549280][ C0] get_page_from_freelist+0x746/0xaa0 [ 171.554652][ C0] __alloc_pages_nodemask+0x264/0x5d0 [ 171.560108][ C0] alloc_pages_vma+0x94a/0xd50 [ 171.564866][ C0] do_huge_pmd_anonymous_page+0x883/0xe50 [ 171.570669][ C0] handle_mm_fault+0x2017/0x2890 [ 171.575616][ C0] do_user_addr_fault+0x589/0xaf0 [ 171.580732][ C0] __do_page_fault+0xd3/0x1f0 [ 171.585404][ C0] do_page_fault+0x99/0xb0 [ 171.589988][ C0] page_fault+0x39/0x40 [ 171.594149][ C0] RIP: 0033:0x4418d1 [ 171.598032][ C0] Code: 2e 0f 1f 84 00 00 00 00 00 48 83 fa 20 48 89 f8 73 77 f6 c2 01 74 0b 0f b6 0e 88 0f 48 ff c6 48 ff c7 f6 c2 02 74 12 0f b7 0e <66> 89 0f 48 83 c6 02 48 83 c7 02 0f 1f 40 00 f6 c2 04 74 0c 8b 0e [ 171.617884][ C0] RSP: 002b:00007ffeeb67b408 EFLAGS: 00010202 [ 171.624081][ C0] RAX: 0000000020000040 RBX: 0000000000000000 RCX: 0000000000006d74 [ 171.632058][ C0] RDX: 0000000000000006 RSI: 0000000000760020 RDI: 0000000020000040 [ 171.641334][ C0] RBP: 0000000000760000 R08: 0000000000000000 R09: 0000000000000004 [ 171.649294][ C0] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000001 [ 171.657785][ C0] R13: 00007ffeeb67b5f0 R14: 0000000000760008 R15: 00007ffeeb67b600