[info] Using makefile-style concurrent boot in runlevel 2. [ 41.992083][ T26] audit: type=1800 audit(1576128071.538:21): pid=7488 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="bootlogs" dev="sda1" ino=2452 res=0 [ 42.042265][ T26] audit: type=1800 audit(1576128071.538:22): pid=7488 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="motd" dev="sda1" ino=2480 res=0 [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.130' (ECDSA) to the list of known hosts. 2019/12/12 05:21:22 fuzzer started 2019/12/12 05:21:24 dialing manager at 10.128.0.105:39821 2019/12/12 05:21:24 syscalls: 2689 2019/12/12 05:21:24 code coverage: enabled 2019/12/12 05:21:24 comparison tracing: enabled 2019/12/12 05:21:24 extra coverage: extra coverage is not supported by the kernel 2019/12/12 05:21:24 setuid sandbox: enabled 2019/12/12 05:21:24 namespace sandbox: enabled 2019/12/12 05:21:24 Android sandbox: /sys/fs/selinux/policy does not exist 2019/12/12 05:21:24 fault injection: enabled 2019/12/12 05:21:24 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/12/12 05:21:24 net packet injection: enabled 2019/12/12 05:21:24 net device setup: enabled 2019/12/12 05:21:24 concurrency sanitizer: enabled 2019/12/12 05:21:24 devlink PCI setup: PCI device 0000:00:10.0 is not available 2019/12/12 05:21:25 adding functions to KCSAN blacklist: '__hrtimer_run_queues' 'ext4_free_inode' 'xas_clear_mark' 'tcp_add_backlog' 'find_next_bit' 'generic_write_end' 'tomoyo_supervisor' 05:21:28 executing program 0: setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000540)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @initdev={0xfe, 0x88, [], 0x0, 0x0}}}}, 0x108) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) r1 = dup(r0) setsockopt$packet_int(r1, 0x107, 0x10000000000f, &(0x7f0000006ffc)=0x400000000008, 0x26d) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0x2, &(0x7f0000000140)=@raw=[@initr0], &(0x7f00000001c0)='GPL\x00', 0x0, 0x5b, &(0x7f0000000200)=""/91, 0x0, 0x3, [], 0x0, 0x6, 0xffffffffffffffff, 0x8, &(0x7f00000003c0), 0x8, 0x10, &(0x7f0000000400)={0x2, 0xe, 0x401, 0x6}, 0x10}, 0x70) r3 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r3, 0x107, 0xa, 0x0, 0x0) setsockopt$packet_tx_ring(r3, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6, 0x0, 0x0, 0x3}, 0x1c) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'batadv0\x00', 0x0}) bind$packet(r0, &(0x7f0000000640)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @link_local}, 0x14) sendto$inet6(r0, &(0x7f0000000300)="0503000006023e0001a00000c52cf7c25975e697b02f08066b2b2ff0dac8897c6b11876d886b143a301817ccd51cc5471d130a6632a88161b6fd8f24286a57c3fe257c3314a3974bb654697f", 0xfdfa, 0x0, 0x0, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x11eeff7f) syz_emit_ethernet(0x0, &(0x7f0000000100)=ANY=[], 0x0) syzkaller login: [ 59.335073][ T7663] IPVS: ftp: loaded support on port[0] = 21 05:21:28 executing program 1: r0 = socket$inet6(0xa, 0x80003, 0x80) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071") bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x17, 0x8, &(0x7f0000000140)=ANY=[@ANYBLOB="7a0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000bd120000000000008500000006000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x359}, 0x48) [ 59.406001][ T7663] chnl_net:caif_netlink_parms(): no params data found [ 59.455827][ T7663] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.480170][ T7663] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.488030][ T7663] device bridge_slave_0 entered promiscuous mode [ 59.500886][ T7663] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.508101][ T7663] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.516273][ T7663] device bridge_slave_1 entered promiscuous mode [ 59.534328][ T7663] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 59.545179][ T7663] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 59.564254][ T7663] team0: Port device team_slave_0 added [ 59.571532][ T7663] team0: Port device team_slave_1 added 05:21:29 executing program 2: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000001fd8)=@framed={{0x55, 0x0, 0x0, 0x0, 0x0, 0x25}}, &(0x7f0000000000)='PL \x00L\xf7\xd1*\xf1\x1c\xe9%7\xb5\xe3\x19\x1ef\xde]N\xc1\x8eL-\xf0\x14\x84\xa8mw\x84/bIF\xea\xe3\x10yL\x8c\x96\xff\x14f#.%\x95\x119\xbd\xa5\xd2\x99\x0eR?\x8e\xc3\b\x0f\xfc\x12$\xd8\xdcL\x84\xa9\xc8\xe8\xab1Wh\x06qU#\xfat\x9e\x86\x15\xc6\x10I\xb8\xb1\xbej\xa7t\a\x02\xccZ\xdd', 0x5, 0x252, &(0x7f000000cf3d)=""/195}, 0x48) [ 59.621165][ T7663] device hsr_slave_0 entered promiscuous mode [ 59.649617][ T7663] device hsr_slave_1 entered promiscuous mode [ 59.694785][ T7666] IPVS: ftp: loaded support on port[0] = 21 [ 59.773399][ T7663] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.780499][ T7663] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.788443][ T7663] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.795513][ T7663] bridge0: port 1(bridge_slave_0) entered forwarding state [ 59.808339][ T7670] ================================================================== [ 59.816488][ T7670] BUG: KCSAN: data-race in vm_area_dup / vma_interval_tree_insert_after [ 59.824811][ T7670] [ 59.827150][ T7670] write to 0xffff888122b5b6a8 of 8 bytes by task 7671 on cpu 0: [ 59.834884][ T7670] vma_interval_tree_insert_after+0x135/0x170 [ 59.840964][ T7670] dup_mm+0x53e/0xba0 [ 59.844953][ T7670] copy_process+0x36f3/0x3b50 [ 59.849632][ T7670] _do_fork+0xfe/0x6e0 [ 59.853697][ T7670] __x64_sys_clone+0x12b/0x160 [ 59.858463][ T7670] do_syscall_64+0xcc/0x370 [ 59.862966][ T7670] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 59.868847][ T7670] [ 59.871181][ T7670] read to 0xffff888122b5b640 of 200 bytes by task 7670 on cpu 1: [ 59.878900][ T7670] vm_area_dup+0x70/0xf0 [ 59.883143][ T7670] dup_mm+0x330/0xba0 [ 59.887123][ T7670] copy_process+0x36f3/0x3b50 [ 59.891802][ T7670] _do_fork+0xfe/0x6e0 [ 59.895868][ T7670] __x64_sys_clone+0x12b/0x160 [ 59.900665][ T7670] do_syscall_64+0xcc/0x370 [ 59.905197][ T7670] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 59.911071][ T7670] [ 59.913409][ T7670] Reported by Kernel Concurrency Sanitizer on: [ 59.919661][ T7670] CPU: 1 PID: 7670 Comm: net.agent Not tainted 5.4.0-syzkaller #0 [ 59.927443][ T7670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 59.937481][ T7670] ================================================================== [ 59.945529][ T7670] Kernel panic - not syncing: panic_on_warn set ... [ 59.952114][ T7670] CPU: 1 PID: 7670 Comm: net.agent Not tainted 5.4.0-syzkaller #0 [ 59.959897][ T7670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 59.969942][ T7670] Call Trace: [ 59.973245][ T7670] dump_stack+0x11d/0x181 [ 59.977570][ T7670] panic+0x210/0x640 [ 59.981459][ T7670] ? vprintk_func+0x8d/0x140 [ 59.986046][ T7670] kcsan_report.cold+0xc/0xd [ 59.990633][ T7670] kcsan_setup_watchpoint+0x3fe/0x460 [ 59.996016][ T7670] __tsan_read_range+0xc4/0x100 [ 60.000858][ T7670] vm_area_dup+0x70/0xf0 [ 60.005092][ T7670] dup_mm+0x330/0xba0 [ 60.009074][ T7670] copy_process+0x36f3/0x3b50 [ 60.013742][ T7670] ? debug_smp_processor_id+0x4c/0x172 [ 60.019204][ T7670] _do_fork+0xfe/0x6e0 [ 60.023282][ T7670] ? blkcg_maybe_throttle_current+0x472/0x610 [ 60.029343][ T7670] __x64_sys_clone+0x12b/0x160 [ 60.034101][ T7670] do_syscall_64+0xcc/0x370 [ 60.038611][ T7670] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 60.044503][ T7670] RIP: 0033:0x7f2ebdaa6f46 [ 60.048935][ T7670] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 14 25 10 00 00 00 31 d2 49 81 c2 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 31 01 00 00 85 c0 41 89 c4 0f 85 3b 01 00 [ 60.068549][ T7670] RSP: 002b:00007ffdcf1f52d0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 60.076956][ T7670] RAX: ffffffffffffffda RBX: 00007ffdcf1f52d0 RCX: 00007f2ebdaa6f46 [ 60.084930][ T7670] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 60.092901][ T7670] RBP: 00007ffdcf1f5310 R08: 0000000000000000 R09: 0000000000001df6 [ 60.100872][ T7670] R10: 00007f2ebdf9d9d0 R11: 0000000000000246 R12: 0000000000000000 [ 60.108837][ T7670] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 60.118303][ T7670] Kernel Offset: disabled [ 60.122636][ T7670] Rebooting in 86400 seconds..