Warning: Permanently added '10.128.0.54' (ECDSA) to the list of known hosts. 2019/12/16 10:24:12 fuzzer started 2019/12/16 10:24:13 dialing manager at 10.128.0.105:39725 2019/12/16 10:24:19 syscalls: 2686 2019/12/16 10:24:19 code coverage: enabled 2019/12/16 10:24:19 comparison tracing: enabled 2019/12/16 10:24:19 extra coverage: enabled 2019/12/16 10:24:19 setuid sandbox: enabled 2019/12/16 10:24:19 namespace sandbox: enabled 2019/12/16 10:24:19 Android sandbox: /sys/fs/selinux/policy does not exist 2019/12/16 10:24:19 fault injection: enabled 2019/12/16 10:24:19 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/12/16 10:24:19 net packet injection: enabled 2019/12/16 10:24:19 net device setup: enabled 2019/12/16 10:24:19 concurrency sanitizer: enabled 2019/12/16 10:24:19 devlink PCI setup: PCI device 0000:00:10.0 is not available 2019/12/16 10:24:24 adding functions to KCSAN blacklist: 'generic_write_end' 'tick_do_update_jiffies64' 'kauditd_thread' 'do_try_to_free_pages' 'generic_fillattr' 'ext4_has_free_clusters' 'enqueue_timer' 'find_get_pages_range_tag' 'tomoyo_supervisor' 'vm_area_dup' 'do_nanosleep' 'xas_clear_mark' 'ext4_free_inode' 'ext4_nonda_switch' '__ext4_new_inode' 'tick_sched_do_timer' 'blk_mq_free_request' 'find_next_bit' 'process_srcu' '__mark_inode_dirty' 'xas_find_marked' 'do_syslog' 'rcu_gp_fqs_loop' 'can_receive' 'run_timer_softirq' 'mod_timer' 'pcpu_alloc' 'ext4_mb_find_by_goal' 'blk_mq_dispatch_rq_list' '__hrtimer_run_queues' 'taskstats_exit' 'wbt_done' 'add_timer' 'lruvec_lru_size' 'blk_mq_sched_dispatch_requests' 'ep_poll' 'rcu_gp_fqs_check_wake' 10:25:23 executing program 0: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x400000000120}, 0x0) getsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) sched_getattr(0x0, 0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r0, &(0x7f0000000040)=ANY=[@ANYPTR64], 0xff39) write$cgroup_pid(r1, &(0x7f0000000000), 0x10000000d) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, 0x0, 0x0) openat$vcs(0xffffffffffffff9c, 0x0, 0x40, 0x0) [ 131.733074][ T7866] IPVS: ftp: loaded support on port[0] = 21 10:25:24 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x72dd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x5, 0x0) bind$inet6(r0, &(0x7f00000006c0), 0x1c) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000180)=ANY=[@ANYRES32=0x0, @ANYBLOB="76ffffff7a3ac21c9eb09d00e5f704ecf4d919705060ef9014eb62f9af98d0e93478e62bc942c0cef67c3c31e7909ab1aaf16e59920d46319fe36dbee01ce5eabea1ffffc2335fea456ae0662f483313f46b453fdcca648763dc67ea996629593b36ae36dcad0f219c04ec703321d47e5587600a94633601bf5206cdfbab3db974c54dc984a92b72e12ed07505003cba58c9bf5b6483a04f4202e520da5f72aea04aecea92089057057e88dee1c7c9000000000000"], &(0x7f0000000140)=0xffc2) listen(0xffffffffffffffff, 0x4000000043) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r1, 0xc0505350, &(0x7f00000002c0)={{0xc0, 0x1}, {0x7, 0x30}, 0x20, 0x0, 0xdb}) r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x1, 0x0) write$sndseq(r2, &(0x7f0000000040), 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000280)={0x0, 0x0}) getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(0xffffffffffffffff, 0x84, 0x8, &(0x7f00000000c0), 0x0) accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet6(0x18, 0x0, 0x0) openat$dlm_control(0xffffffffffffff9c, 0x0, 0x8000, 0x0) [ 131.806036][ T7866] chnl_net:caif_netlink_parms(): no params data found [ 131.872827][ T7866] bridge0: port 1(bridge_slave_0) entered blocking state [ 131.896662][ T7866] bridge0: port 1(bridge_slave_0) entered disabled state [ 131.904589][ T7866] device bridge_slave_0 entered promiscuous mode [ 131.913011][ T7866] bridge0: port 2(bridge_slave_1) entered blocking state [ 131.936687][ T7866] bridge0: port 2(bridge_slave_1) entered disabled state [ 131.944654][ T7866] device bridge_slave_1 entered promiscuous mode [ 131.963097][ T7866] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 131.974118][ T7866] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 131.988684][ T7869] IPVS: ftp: loaded support on port[0] = 21 [ 131.993156][ T7866] team0: Port device team_slave_0 added [ 132.002722][ T7866] team0: Port device team_slave_1 added 10:25:24 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$unix(0x1, 0x10004000000002, 0x0) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) setsockopt$EBT_SO_SET_ENTRIES(r4, 0x0, 0x80, &(0x7f0000000100)=@nat={'Sat\x00\x00\x00\x00z\x00', 0x19, 0x4, 0x590, [0x200001c0, 0x0, 0x0, 0x20000500, 0x20000530], 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000190000000a00000000156e727000000000000000000000000000626f6e643000000000000000000000007465616d5f736c6176655f310000000062637366300000000000000000000000ffffffffffffffff007fffff0180c2000000ffffffffffff0000e0000000500100008801000073747000000000000000000000000000000000000000000000000000000000004800000000000000020000000200006e8700ffffffffffffffffffbc00000000000000003b0a000002000900efb5b7059b3fffffffff00004e234e21040071ac0600ff7f382803000500070000080100736e6174000000000000000000000000000000000000000000000000000000001000000000000000d1f9c15dee9e0000ffffffff000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0f0000feffffff00000000736e6174000000000000000000000001000000000000000000000000000000001000000000000000aaaaaaaaaa1a0000feffffff00000000030000004000000000117465616d3000000000000000000000006772657461703000000000000000000076657468315f746f5f626f6e64000000626f6e6430000000000000000000000052a1927247eaffff471600006a72dd4b319d0000ff3400000000e8000000500100008801000069703600000000000000000000000000000000000000000000000000000000005000000000000000fe8000000000000000000000000000bbfe8000000000000000000000000000aa000000ff00000000ffffffff00000000ffffffffff000000ffffffff00000000093b14044e204e234e214e24000000006172707265706c7900000000000000000000000000000000000000000000000010000000000000000180c20000010000feffffff0000000072656469726563740000000000000000000000000000000000000000000000000800000000000000fcffffff00000000646e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa0000ffffffff0000000000000000000000000000000000000000a30000000000000000000000d20000000000000002000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000002000000ffffffff02000000090000004a00000000020000000000000000000000000000000073797a5f74756e000000000000000000626f6e6430000000000000000000000069705f767469300000000000000000009f7f83bddffa0000ffffffffffffffffffffff0000ffffff0000c0000000c00000000801000068656c70657200000000000000000000000000000000000000000000000000002800000000000000010000006674702d32303030300000000000000000000000000000000000000000000000000000004552524f520000000000000000000000000000000000000000000000000000002000000000000000c3331f141f48b36a6e8a93c4f2796fab65c75e2fdab6f98342ae6b68a6b900000500000002000000e90d69705f76746930000000000000000000627269646765300000000000000000006966623000000000000000000000000076657468345f746f5f626f6e64000000aaaaaaaaaa11ff0200ffffffffffffffffffffff00ffffff0000b0000000b0000000e800000071756f746100000000000000000000000000000000000000000000000000000018000000000000000000000000000000010000000000000007000000000000006165706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaabb0000feffffff0000adcc000000"]}, 0x608) [ 132.059059][ T7866] device hsr_slave_0 entered promiscuous mode [ 132.167393][ T7866] device hsr_slave_1 entered promiscuous mode 10:25:24 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000040)={@remote}, 0x14) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000000)={@dev}, 0x14) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000180)={@remote}, 0x2ef) [ 132.233064][ T7871] IPVS: ftp: loaded support on port[0] = 21 [ 132.257928][ T7866] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 132.328897][ T7866] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 132.369078][ T7866] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 132.444024][ T7866] netdevsim netdevsim0 netdevsim3: renamed from eth3 10:25:24 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='auxv\x00') socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001a00)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = dup(r3) sendfile(r4, r0, 0x0, 0xf0d) [ 132.548646][ T7866] bridge0: port 2(bridge_slave_1) entered blocking state [ 132.556309][ T7866] bridge0: port 2(bridge_slave_1) entered forwarding state [ 132.563825][ T7866] bridge0: port 1(bridge_slave_0) entered blocking state [ 132.570894][ T7866] bridge0: port 1(bridge_slave_0) entered forwarding state [ 132.585681][ T7874] IPVS: ftp: loaded support on port[0] = 21 [ 132.651076][ T7869] chnl_net:caif_netlink_parms(): no params data found [ 132.760432][ T7871] chnl_net:caif_netlink_parms(): no params data found [ 132.775351][ T7877] IPVS: ftp: loaded support on port[0] = 21 [ 132.790302][ T7869] bridge0: port 1(bridge_slave_0) entered blocking state [ 132.797499][ T7869] bridge0: port 1(bridge_slave_0) entered disabled state [ 132.805245][ T7869] device bridge_slave_0 entered promiscuous mode [ 132.819610][ T7869] bridge0: port 2(bridge_slave_1) entered blocking state [ 132.827627][ T7869] bridge0: port 2(bridge_slave_1) entered disabled state [ 132.835353][ T7869] device bridge_slave_1 entered promiscuous mode 10:25:25 executing program 5: r0 = socket$inet6(0xa, 0x3, 0xff) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c) shutdown(r0, 0x1) sendmmsg(r0, &(0x7f0000004980)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000140)="54fbdc8d1cd63b1cf2f6ef45958f8a4bc8d8a65dbe4ebfc0185a95d476c245a4d558706640a6bca0", 0x28}], 0x1}}], 0x1, 0x0) [ 132.878087][ T2413] bridge0: port 1(bridge_slave_0) entered disabled state [ 132.897055][ T2413] bridge0: port 2(bridge_slave_1) entered disabled state [ 132.950651][ T7869] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 132.988672][ T7866] 8021q: adding VLAN 0 to HW filter on device bond0 [ 133.037419][ T7869] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 133.056152][ T7866] 8021q: adding VLAN 0 to HW filter on device team0 [ 133.071153][ T7871] bridge0: port 1(bridge_slave_0) entered blocking state [ 133.079275][ T7871] bridge0: port 1(bridge_slave_0) entered disabled state [ 133.087775][ T7871] device bridge_slave_0 entered promiscuous mode [ 133.101079][ T3608] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 133.109289][ T3608] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 133.141787][ T7871] bridge0: port 2(bridge_slave_1) entered blocking state [ 133.149634][ T7871] bridge0: port 2(bridge_slave_1) entered disabled state [ 133.157724][ T7871] device bridge_slave_1 entered promiscuous mode [ 133.182485][ T7869] team0: Port device team_slave_0 added [ 133.192667][ T7883] IPVS: ftp: loaded support on port[0] = 21 [ 133.200124][ T7874] chnl_net:caif_netlink_parms(): no params data found [ 133.220393][ T7871] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 133.230131][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 133.240543][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 133.249309][ T17] bridge0: port 1(bridge_slave_0) entered blocking state [ 133.256347][ T17] bridge0: port 1(bridge_slave_0) entered forwarding state [ 133.267592][ T7869] team0: Port device team_slave_1 added [ 133.280688][ T7877] chnl_net:caif_netlink_parms(): no params data found [ 133.291556][ T7871] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 133.336213][ T7871] team0: Port device team_slave_0 added [ 133.346516][ T7871] team0: Port device team_slave_1 added [ 133.359578][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 133.368410][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 133.377901][ T41] bridge0: port 2(bridge_slave_1) entered blocking state [ 133.384935][ T41] bridge0: port 2(bridge_slave_1) entered forwarding state [ 133.428947][ T7869] device hsr_slave_0 entered promiscuous mode [ 133.477188][ T7869] device hsr_slave_1 entered promiscuous mode [ 133.516860][ T7869] debugfs: Directory 'hsr0' with parent '/' already present! [ 133.526836][ T7874] bridge0: port 1(bridge_slave_0) entered blocking state [ 133.533991][ T7874] bridge0: port 1(bridge_slave_0) entered disabled state [ 133.542044][ T7874] device bridge_slave_0 entered promiscuous mode [ 133.550750][ T7874] bridge0: port 2(bridge_slave_1) entered blocking state [ 133.558596][ T7874] bridge0: port 2(bridge_slave_1) entered disabled state [ 133.566244][ T7874] device bridge_slave_1 entered promiscuous mode [ 133.606146][ T7869] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 133.639930][ T7876] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 133.653231][ T7877] bridge0: port 1(bridge_slave_0) entered blocking state [ 133.660503][ T7877] bridge0: port 1(bridge_slave_0) entered disabled state [ 133.669267][ T7877] device bridge_slave_0 entered promiscuous mode [ 133.683059][ T7877] bridge0: port 2(bridge_slave_1) entered blocking state [ 133.690191][ T7877] bridge0: port 2(bridge_slave_1) entered disabled state [ 133.698082][ T7877] device bridge_slave_1 entered promiscuous mode [ 133.705813][ T7869] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 133.775248][ T7869] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 133.839658][ T7874] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 133.861264][ T7877] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 133.918578][ T7871] device hsr_slave_0 entered promiscuous mode [ 133.957102][ T7871] device hsr_slave_1 entered promiscuous mode [ 134.006774][ T7871] debugfs: Directory 'hsr0' with parent '/' already present! [ 134.017807][ T7869] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 134.071428][ T7874] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 134.081492][ T7876] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 134.092253][ T7877] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 134.123105][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 134.132063][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 134.141328][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 134.159444][ T7877] team0: Port device team_slave_0 added [ 134.173334][ T7877] team0: Port device team_slave_1 added [ 134.205147][ T7874] team0: Port device team_slave_0 added [ 134.212374][ T7876] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 134.221710][ T7876] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 134.244387][ T7883] chnl_net:caif_netlink_parms(): no params data found [ 134.261503][ T7866] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 134.273445][ T7866] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 134.287891][ T7874] team0: Port device team_slave_1 added [ 134.309519][ T2413] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 134.320128][ T2413] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 134.328820][ T2413] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 134.337321][ T2413] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 134.345634][ T2413] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 134.408956][ T7877] device hsr_slave_0 entered promiscuous mode [ 134.457002][ T7877] device hsr_slave_1 entered promiscuous mode [ 134.496738][ T7877] debugfs: Directory 'hsr0' with parent '/' already present! [ 134.505581][ T7871] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 134.549117][ T7871] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 134.638847][ T7874] device hsr_slave_0 entered promiscuous mode [ 134.696956][ T7874] device hsr_slave_1 entered promiscuous mode [ 134.746773][ T7874] debugfs: Directory 'hsr0' with parent '/' already present! [ 134.772468][ T7871] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 134.818504][ T2413] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 134.826127][ T2413] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 134.836665][ T7866] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 134.848240][ T7871] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 134.926194][ T7874] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 134.983848][ T7883] bridge0: port 1(bridge_slave_0) entered blocking state [ 135.005771][ T7883] bridge0: port 1(bridge_slave_0) entered disabled state [ 135.015163][ T7883] device bridge_slave_0 entered promiscuous mode [ 135.023221][ T7877] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 135.090394][ T7869] 8021q: adding VLAN 0 to HW filter on device bond0 [ 135.110212][ T7869] 8021q: adding VLAN 0 to HW filter on device team0 [ 135.140797][ T7869] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 135.154720][ T7869] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 135.170695][ T7888] ================================================================== [ 135.181182][ T7888] BUG: KCSAN: data-race in iomap_dio_bio_actor / iomap_dio_bio_end_io [ 135.182296][ T7869] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 135.189319][ T7888] [ 135.189334][ T7888] read to 0xffff8880b7a42fa4 of 4 bytes by interrupt on cpu 1: [ 135.189353][ T7888] iomap_dio_bio_end_io+0x4c/0x2b0 [ 135.189377][ T7888] bio_endio+0x2fa/0x400 [ 135.216364][ T7888] blk_update_request+0x427/0x7b0 [ 135.221377][ T7888] scsi_end_request+0x6b/0x360 [ 135.226128][ T7888] scsi_io_completion+0x11d/0xc80 [ 135.231149][ T7888] scsi_finish_command+0x283/0x380 [ 135.236249][ T7888] scsi_softirq_done+0x259/0x280 [ 135.241174][ T7888] blk_done_softirq+0x1eb/0x250 [ 135.246188][ T7888] __do_softirq+0x115/0x33f [ 135.250823][ T7888] irq_exit+0xbb/0xe0 [ 135.254799][ T7888] do_IRQ+0x81/0x130 [ 135.258703][ T7888] ret_from_intr+0x0/0x21 [ 135.263070][ T7888] __tsan_read1+0x86/0x100 [ 135.267780][ T7888] format_decode+0xc8/0xb10 [ 135.272630][ T7888] vsnprintf+0xc9/0xb40 [ 135.276780][ T7888] snprintf+0x6f/0xa0 [ 135.280836][ T7888] tomoyo_realpath_from_path+0x3a7/0x4c0 [ 135.286477][ T7888] tomoyo_path_number_perm+0x10a/0x3c0 [ 135.292009][ T7888] tomoyo_file_ioctl+0x2c/0x40 [ 135.297744][ T7888] security_file_ioctl+0x6d/0xa0 [ 135.302678][ T7888] ksys_ioctl+0x64/0xe0 [ 135.306915][ T7888] __x64_sys_ioctl+0x4c/0x60 [ 135.311497][ T7888] do_syscall_64+0xcc/0x3a0 [ 135.316529][ T7888] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 135.322402][ T7888] [ 135.324744][ T7888] write to 0xffff8880b7a42fa4 of 4 bytes by task 7888 on cpu 0: [ 135.332373][ T7888] iomap_dio_bio_actor+0x6dc/0x960 [ 135.337483][ T7888] iomap_dio_actor+0x87/0x3a0 [ 135.342149][ T7888] iomap_apply+0x20d/0x6a0 [ 135.346555][ T7888] iomap_dio_rw+0x67e/0x9a0 [ 135.351056][ T7888] ext4_file_write_iter+0xc38/0xd40 [ 135.356243][ T7888] new_sync_write+0x388/0x4a0 [ 135.361892][ T7888] __vfs_write+0xb1/0xc0 [ 135.366155][ T7888] vfs_write+0x18a/0x390 [ 135.370470][ T7888] ksys_write+0xd5/0x1b0 [ 135.374698][ T7888] __x64_sys_write+0x4c/0x60 [ 135.379271][ T7888] do_syscall_64+0xcc/0x3a0 [ 135.383761][ T7888] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 135.389625][ T7888] [ 135.392017][ T7888] Reported by Kernel Concurrency Sanitizer on: [ 135.398345][ T7888] CPU: 0 PID: 7888 Comm: syz-executor.0 Not tainted 5.5.0-rc1-syzkaller #0 [ 135.407990][ T7888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 135.418043][ T7888] ================================================================== [ 135.426873][ T7888] Kernel panic - not syncing: panic_on_warn set ... [ 135.433727][ T7888] CPU: 0 PID: 7888 Comm: syz-executor.0 Not tainted 5.5.0-rc1-syzkaller #0 [ 135.442990][ T7888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 135.453862][ T7888] Call Trace: [ 135.457264][ T7888] dump_stack+0x11d/0x181 [ 135.461588][ T7888] panic+0x210/0x640 [ 135.465471][ T7888] ? vprintk_func+0x8d/0x140 [ 135.470049][ T7888] kcsan_report.cold+0xc/0xd [ 135.474645][ T7888] kcsan_setup_watchpoint+0x3fe/0x460 [ 135.480820][ T7888] __tsan_unaligned_write4+0xc7/0x110 [ 135.486181][ T7888] iomap_dio_bio_actor+0x6dc/0x960 [ 135.491425][ T7888] iomap_dio_actor+0x87/0x3a0 [ 135.497793][ T7888] iomap_apply+0x20d/0x6a0 [ 135.502212][ T7888] ? iomap_dio_bio_actor+0x960/0x960 [ 135.507498][ T7888] iomap_dio_rw+0x67e/0x9a0 [ 135.511988][ T7888] ? iomap_dio_bio_actor+0x960/0x960 [ 135.517513][ T7888] ? preempt_count_add+0x48/0xb0 [ 135.522657][ T7888] ext4_file_write_iter+0xc38/0xd40 [ 135.527859][ T7888] ? ext4_file_write_iter+0xc38/0xd40 [ 135.533232][ T7888] new_sync_write+0x388/0x4a0 [ 135.537902][ T7888] ? __rcu_read_unlock+0x66/0x3d0 [ 135.542931][ T7888] __vfs_write+0xb1/0xc0 [ 135.547164][ T7888] vfs_write+0x18a/0x390 [ 135.551409][ T7888] ksys_write+0xd5/0x1b0 [ 135.555753][ T7888] __x64_sys_write+0x4c/0x60 [ 135.560384][ T7888] do_syscall_64+0xcc/0x3a0 [ 135.564983][ T7888] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 135.570856][ T7888] RIP: 0033:0x45a909 [ 135.574737][ T7888] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 135.594514][ T7888] RSP: 002b:00007f71f48b9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 135.602912][ T7888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a909 [ 135.612540][ T7888] RDX: 000000010000000d RSI: 0000000020000000 RDI: 0000000000000005 [ 135.620499][ T7888] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 135.628565][ T7888] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f71f48ba6d4 [ 135.636703][ T7888] R13: 00000000004cbe2e R14: 00000000004e5ae8 R15: 00000000ffffffff [ 135.646454][ T7888] Kernel Offset: disabled [ 135.650873][ T7888] Rebooting in 86400 seconds..