Warning: Permanently added '10.128.0.115' (ECDSA) to the list of known hosts. 2019/10/15 16:18:21 fuzzer started 2019/10/15 16:18:22 dialing manager at 10.128.0.105:38903 2019/10/15 16:18:22 syscalls: 2523 2019/10/15 16:18:22 code coverage: enabled 2019/10/15 16:18:22 comparison tracing: enabled 2019/10/15 16:18:22 extra coverage: extra coverage is not supported by the kernel 2019/10/15 16:18:22 setuid sandbox: enabled 2019/10/15 16:18:22 namespace sandbox: enabled 2019/10/15 16:18:22 Android sandbox: /sys/fs/selinux/policy does not exist 2019/10/15 16:18:22 fault injection: enabled 2019/10/15 16:18:22 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/10/15 16:18:22 net packet injection: enabled 2019/10/15 16:18:22 net device setup: enabled 2019/10/15 16:18:22 concurrency sanitizer: enabled 16:18:26 executing program 0: socket$nl_netfilter(0x10, 0x3, 0xc) openat$vsock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vsock\x00', 0x400, 0x0) ioctl$KDMKTONE(0xffffffffffffffff, 0x4b30, 0x0) r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000640)='/dev/dsp\x00', 0x0, 0x0) ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(r2, 0x800442d4, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) mmap(&(0x7f0000ff0000/0x10000)=nil, 0x7fffdf00f000, 0xa, 0x10, r3, 0x0) r4 = openat$dlm_control(0xffffffffffffff9c, 0x0, 0x80000, 0x0) r5 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r5, 0x0, 0x482, &(0x7f0000000300)={0x100000011, @multicast2, 0x0, 0x1100, 'lblc\x00'}, 0x2c) r6 = socket(0xa, 0x4000000001, 0x0) setsockopt$IP_VS_SO_SET_ADD(r6, 0x0, 0x482, &(0x7f0000000000)={0x11, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x1000000, 'lblcr\x00'}, 0x2c) getsockopt$inet_pktinfo(r4, 0x0, 0x8, &(0x7f0000001580)={0x0, @dev, @broadcast}, &(0x7f00000015c0)=0xc) setsockopt$inet_pktinfo(r4, 0x0, 0x8, &(0x7f0000000300)={r7, @loopback, @remote}, 0xc) getsockopt$inet_pktinfo(r4, 0x0, 0x8, &(0x7f00000000c0)={0x0, @remote, @empty}, &(0x7f0000000100)=0xc) ioctl$sock_inet_SIOCGIFPFLAGS(r6, 0x8935, &(0x7f00000003c0)={'veth1_to_team\x00', 0x9}) setsockopt$inet_pktinfo(r6, 0x0, 0x8, &(0x7f0000000140)={r8, @remote, @loopback}, 0xc) ioctl$FICLONE(r3, 0x40049409, r5) r9 = syz_genetlink_get_family_id$team(&(0x7f0000000840)='team\x00') ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000000480)={'team0\x00', r8}) sendmsg$TEAM_CMD_PORT_LIST_GET(r5, &(0x7f0000000780)={&(0x7f0000000400), 0xc, &(0x7f0000000740)={&(0x7f0000000600)={0x124, r9, 0x400, 0x70bd26, 0x25dfdbfe, {}, [{{0x8, 0x1, r7}, {0xbc, 0x2, [{0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0x1}}, {0x8, 0x6, r10}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8}, {0x8, 0x4, 0x7}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8}, {0x8, 0x4, r7}}, {0x8}}}]}}, {{0x8, 0x1, r7}, {0x44, 0x2, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8}, {0x8, 0x4, r7}}, {0x8}}}]}}]}, 0x124}, 0x1, 0x0, 0x0, 0x40000}, 0x4000) socket$nl_route(0x10, 0x3, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1) getrandom(&(0x7f0000000400)=""/187, 0xbb, 0x3) r11 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r11, 0x0, 0x0, 0x20008005, &(0x7f0000db4ff0)={0x2, 0x4e20, @loopback}, 0x10) write(0xffffffffffffffff, &(0x7f00000000c0)="24000000200099f0003be90000ed190e020008160000100000ba1080", 0x1c) socket$nl_route(0x10, 0x3, 0x0) r12 = socket$nl_route(0x10, 0x3, 0x0) r13 = socket$netlink(0x10, 0x3, 0x0) r14 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r14, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0) accept(0xffffffffffffffff, &(0x7f0000000280)=@isdn, &(0x7f00000004c0)=0x80) getsockname$packet(r14, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r13, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r15}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0) sendmsg$nl_route_sched(r12, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="740000002400070500"/20, @ANYRES32=r15, @ANYBLOB="00000000ffffffff0000000008000100736671004800020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009b89aab49ad30a704aa4f574f493a554bd08b3abf111160c5ee6746a0e9a03b182760e556f17156f9573e220fca116b02eea61fbb4a67b003702e307c1651bbcb8c09d5de2a33ac580443bdc788b1f00f9a3155816be58d23eb1733453372067f9ab361101b5271e4c24642ba2bf25dd22514b92ed55e28140c751b8d4d2a22b00"], 0x74}}, 0x0) ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(0xffffffffffffffff, 0x800442d4, 0x0) r16 = socket(0x10, 0x2, 0x0) sendto(r16, &(0x7f0000000140)="120000001200e7ef007b1a3fcd00000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r16, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x249}, {&(0x7f00000000c0)=""/85, 0x4e4}, {&(0x7f0000000600)=""/4096, 0x1008}, {&(0x7f0000000400)=""/120, 0x78}, {&(0x7f0000000480)=""/60, 0xc6}, {&(0x7f0000000280)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x9a}, {&(0x7f0000000340)=""/22, 0x16}], 0x8, &(0x7f0000000180)=""/191, 0x1f9}}], 0x4000000000001de, 0x6, &(0x7f0000003700)={0x77359400}) r17 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r18 = ioctl$KVM_CREATE_VM(r17, 0xae01, 0x0) r19 = ioctl$KVM_CREATE_VCPU(r18, 0xae41, 0x0) ioctl$KVM_SET_GUEST_DEBUG(r19, 0x4048ae9b, &(0x7f00000002c0)={0xa0001, 0x0, [0x0, 0xffffffffffffffbd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r19, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) r20 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r21 = ioctl$KVM_CREATE_VM(r20, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r21, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r22 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r23 = ioctl$KVM_CREATE_VM(r22, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r23, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r23, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r23, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r24 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r25 = ioctl$KVM_CREATE_VM(r24, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r25, 0xae41, 0x0) syzkaller login: [ 53.831150][ T7300] ================================================================== [ 53.839341][ T7300] BUG: KCSAN: data-race in ext4_es_lookup_extent / ext4_es_lookup_extent [ 53.847732][ T7300] [ 53.850056][ T7300] read to 0xffff8882184fbc28 of 8 bytes by task 7302 on cpu 1: [ 53.857608][ T7300] ext4_es_lookup_extent+0x3ba/0x510 [ 53.862889][ T7300] ext4_map_blocks+0xc2/0xf70 [ 53.867819][ T7300] ext4_getblk+0x30b/0x380 [ 53.872247][ T7300] ext4_bread+0x4a/0x190 [ 53.876495][ T7300] __ext4_read_dirblock+0x3e/0x700 [ 53.881610][ T7300] ext4_add_entry+0x46b/0x8e0 [ 53.886411][ T7300] ext4_mkdir+0x515/0x820 [ 53.890736][ T7300] vfs_mkdir+0x283/0x390 [ 53.894970][ T7300] do_mkdirat+0x1ac/0x1f0 [ 53.899484][ T7300] __x64_sys_mkdir+0x40/0x50 [ 53.904110][ T7300] do_syscall_64+0xcf/0x2f0 [ 53.908656][ T7300] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 53.914536][ T7300] [ 53.916881][ T7300] write to 0xffff8882184fbc28 of 8 bytes by task 7300 on cpu 0: [ 53.924673][ T7300] ext4_es_lookup_extent+0x3d3/0x510 [ 53.929952][ T7300] ext4_map_blocks+0xc2/0xf70 [ 53.934622][ T7300] ext4_mpage_readpages+0x92b/0x1270 [ 53.939927][ T7300] ext4_readpages+0x92/0xc0 [ 53.944446][ T7300] read_pages+0xa2/0x2d0 [ 53.948702][ T7300] __do_page_cache_readahead+0x353/0x390 [ 53.954346][ T7300] ondemand_readahead+0x35d/0x710 [ 53.959363][ T7300] page_cache_async_readahead+0x22c/0x250 [ 53.965093][ T7300] generic_file_read_iter+0xffc/0x1440 [ 53.970546][ T7300] ext4_file_read_iter+0xfa/0x240 [ 53.975590][ T7300] new_sync_read+0x389/0x4f0 [ 53.980190][ T7300] __vfs_read+0xb1/0xc0 [ 53.984338][ T7300] integrity_kernel_read+0xa1/0xe0 [ 53.989429][ T7300] [ 53.991891][ T7300] Reported by Kernel Concurrency Sanitizer on: [ 53.998234][ T7300] CPU: 0 PID: 7300 Comm: syz-fuzzer Not tainted 5.3.0+ #0 [ 54.005447][ T7300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 54.015626][ T7300] ================================================================== [ 54.023692][ T7300] Kernel panic - not syncing: panic_on_warn set ... [ 54.030274][ T7300] CPU: 0 PID: 7300 Comm: syz-fuzzer Not tainted 5.3.0+ #0 [ 54.037370][ T7300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 54.047551][ T7300] Call Trace: [ 54.050845][ T7300] dump_stack+0xf5/0x159 [ 54.055094][ T7300] panic+0x209/0x639 [ 54.058985][ T7300] ? generic_file_read_iter+0xffc/0x1440 [ 54.064609][ T7300] ? vprintk_func+0x8d/0x140 [ 54.069194][ T7300] kcsan_report.cold+0xc/0x1b [ 54.073876][ T7300] __kcsan_setup_watchpoint+0x3ee/0x510 [ 54.079416][ T7300] ? __kcsan_setup_watchpoint+0x96/0x510 [ 54.085047][ T7300] __tsan_write8+0x32/0x40 [ 54.089467][ T7300] ext4_es_lookup_extent+0x3d3/0x510 [ 54.094754][ T7300] ext4_map_blocks+0xc2/0xf70 [ 54.099439][ T7300] ext4_mpage_readpages+0x92b/0x1270 [ 54.104753][ T7300] ? __kcsan_setup_watchpoint+0x96/0x510 [ 54.110379][ T7300] ? __kcsan_setup_watchpoint+0x96/0x510 [ 54.116023][ T7300] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 54.121996][ T7300] ? ext4_invalidatepage+0x1e0/0x1e0 [ 54.127315][ T7300] ext4_readpages+0x92/0xc0 [ 54.132089][ T7300] ? ext4_invalidatepage+0x1e0/0x1e0 [ 54.137372][ T7300] read_pages+0xa2/0x2d0 [ 54.141810][ T7300] __do_page_cache_readahead+0x353/0x390 [ 54.147464][ T7300] ondemand_readahead+0x35d/0x710 [ 54.152487][ T7300] page_cache_async_readahead+0x22c/0x250 [ 54.158230][ T7300] generic_file_read_iter+0xffc/0x1440 [ 54.163793][ T7300] ext4_file_read_iter+0xfa/0x240 [ 54.168823][ T7300] new_sync_read+0x389/0x4f0 [ 54.173516][ T7300] __vfs_read+0xb1/0xc0 [ 54.177669][ T7300] integrity_kernel_read+0xa1/0xe0 [ 54.182777][ T7300] ima_calc_file_hash_tfm+0x1b5/0x260 [ 54.188143][ T7300] ? __kcsan_setup_watchpoint+0x96/0x510 [ 54.193791][ T7300] ? should_fail+0xd4/0x45d [ 54.198327][ T7300] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 54.204044][ T7300] ? widen_string+0x4a/0x1a0 [ 54.208633][ T7300] ? __kcsan_setup_watchpoint+0x96/0x510 [ 54.214255][ T7300] ? __kcsan_setup_watchpoint+0x96/0x510 [ 54.219899][ T7300] ? __kcsan_setup_watchpoint+0x96/0x510 [ 54.225522][ T7300] ? __kcsan_setup_watchpoint+0x96/0x510 [ 54.231153][ T7300] ? __kcsan_setup_watchpoint+0x96/0x510 [ 54.236774][ T7300] ? __kcsan_setup_watchpoint+0x96/0x510 [ 54.242418][ T7300] ? __kcsan_setup_watchpoint+0x96/0x510 [ 54.248041][ T7300] ? __tsan_read4+0x2c/0x30 [ 54.252637][ T7300] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 54.258889][ T7300] ? refcount_sub_and_test_checked+0xc8/0x190 [ 54.265038][ T7300] ? __kcsan_setup_watchpoint+0x96/0x510 [ 54.270683][ T7300] ? __tsan_read4+0x2c/0x30 [ 54.275181][ T7300] ima_calc_file_hash+0x158/0xf10 [ 54.280194][ T7300] ? __tsan_write8+0x32/0x40 [ 54.284780][ T7300] ? ext4_xattr_get+0x10b/0x5c0 [ 54.289623][ T7300] ? __rcu_read_unlock+0x62/0xe0 [ 54.294556][ T7300] ? __kcsan_setup_watchpoint+0x96/0x510 [ 54.300188][ T7300] ima_collect_measurement+0x384/0x3b0 [ 54.305665][ T7300] process_measurement+0x980/0xff0 [ 54.310775][ T7300] ? __kcsan_setup_watchpoint+0x96/0x510 [ 54.316405][ T7300] ? __kcsan_setup_watchpoint+0x96/0x510 [ 54.322049][ T7300] ? __tsan_read4+0x2c/0x30 [ 54.326550][ T7300] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 54.332966][ T7300] ? refcount_sub_and_test_checked+0xc8/0x190 [ 54.339159][ T7300] ? __kcsan_setup_watchpoint+0x96/0x510 [ 54.344809][ T7300] ? __kcsan_setup_watchpoint+0x96/0x510 [ 54.350456][ T7300] ima_file_check+0x7e/0xb0 [ 54.354960][ T7300] path_openat+0xfb1/0x3530 [ 54.359455][ T7300] ? __kcsan_setup_watchpoint+0x96/0x510 [ 54.365091][ T7300] do_filp_open+0x11e/0x1b0 [ 54.369627][ T7300] ? _raw_spin_unlock+0x4b/0x60 [ 54.374509][ T7300] ? __alloc_fd+0x316/0x4c0 [ 54.379011][ T7300] ? get_unused_fd_flags+0x93/0xc0 [ 54.384116][ T7300] do_sys_open+0x3b3/0x4f0 [ 54.388528][ T7300] __x64_sys_openat+0x62/0x80 [ 54.393303][ T7300] do_syscall_64+0xcf/0x2f0 [ 54.397818][ T7300] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 54.403707][ T7300] RIP: 0033:0x47c5aa [ 54.407627][ T7300] Code: e8 7b 6b fb ff 48 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 4c 8b 54 24 28 4c 8b 44 24 30 4c 8b 4c 24 38 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 40 ff ff ff ff 48 c7 44 24 48 [ 54.427234][ T7300] RSP: 002b:000000c420b17850 EFLAGS: 00000206 ORIG_RAX: 0000000000000101 [ 54.435659][ T7300] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000047c5aa [ 54.443621][ T7300] RDX: 0000000000080002 RSI: 000000c420aae400 RDI: ffffffffffffff9c [ 54.451678][ T7300] RBP: 000000c420b178d0 R08: 0000000000000000 R09: 0000000000000000 [ 54.459646][ T7300] R10: 00000000000001a4 R11: 0000000000000206 R12: ffffffffffffffff [ 54.467616][ T7300] R13: 0000000000000021 R14: 0000000000000020 R15: 0000000000000100 [ 54.477069][ T7300] Kernel Offset: disabled [ 54.482118][ T7300] Rebooting in 86400 seconds..