[ 43.875233][ T25] audit: type=1800 audit(1570258681.216:25): pid=7022 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2447 res=0 [ 43.914014][ T25] audit: type=1800 audit(1570258681.216:26): pid=7022 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2490 res=0 [ 43.948963][ T25] audit: type=1800 audit(1570258681.216:27): pid=7022 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2469 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [ 44.427136][ T7086] sshd (7086) used greatest stack depth: 10032 bytes left [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.59' (ECDSA) to the list of known hosts. 2019/10/05 06:58:12 fuzzer started 2019/10/05 06:58:13 dialing manager at 10.128.0.105:35709 2019/10/05 06:58:14 syscalls: 2523 2019/10/05 06:58:14 code coverage: enabled 2019/10/05 06:58:14 comparison tracing: enabled 2019/10/05 06:58:14 extra coverage: extra coverage is not supported by the kernel 2019/10/05 06:58:14 setuid sandbox: enabled 2019/10/05 06:58:14 namespace sandbox: enabled 2019/10/05 06:58:14 Android sandbox: /sys/fs/selinux/policy does not exist 2019/10/05 06:58:14 fault injection: enabled 2019/10/05 06:58:14 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/10/05 06:58:14 net packet injection: enabled 2019/10/05 06:58:14 net device setup: enabled 2019/10/05 06:58:14 concurrency sanitizer: enabled 06:58:17 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c00000021002d0800000000fbffffff0400000008000100af557b8baf1fcc657edd5d48", @ANYRES32], 0x1c}}, 0x0) r1 = socket(0x10, 0x80002, 0x8000000010) sendmmsg$alg(r1, &(0x7f0000000080), 0x492492492492751, 0x0) syzkaller login: [ 60.513383][ T7190] IPVS: ftp: loaded support on port[0] = 21 06:58:17 executing program 1: r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000005020000000000196cf5abed79ade3fe82e821bf457983cd2f299d21d1f0fe5cfb51cb7ff50ef419d4d5d4b941e7b1a73a7563602a9954d01e9f377d43a5053e2ffdd8"], 0x0, 0x26}, 0x20) bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x2, 0x4, 0x2, 0x1, 0x0, 0xffffffffffffffff, 0x0, [], 0x0, r0, 0x0, 0x1}, 0x3c) [ 60.595440][ T7190] chnl_net:caif_netlink_parms(): no params data found [ 60.636432][ T7190] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.643611][ T7190] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.665621][ T7190] device bridge_slave_0 entered promiscuous mode [ 60.673678][ T7190] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.694055][ T7190] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.705233][ T7190] device bridge_slave_1 entered promiscuous mode [ 60.751466][ T7190] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 60.786416][ T7190] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 60.829488][ T7190] team0: Port device team_slave_0 added [ 60.836494][ T7190] team0: Port device team_slave_1 added 06:58:18 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000300)='net\x00') socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getdents(r0, &(0x7f0000000100)=""/92, 0xa6) [ 60.907300][ T7190] device hsr_slave_0 entered promiscuous mode [ 60.944326][ T7190] device hsr_slave_1 entered promiscuous mode [ 61.030288][ T7190] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.037872][ T7190] bridge0: port 2(bridge_slave_1) entered forwarding state [ 61.045329][ T7190] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.052392][ T7190] bridge0: port 1(bridge_slave_0) entered forwarding state [ 61.102335][ T7193] IPVS: ftp: loaded support on port[0] = 21 [ 61.152534][ T7190] 8021q: adding VLAN 0 to HW filter on device bond0 06:58:18 executing program 3: r0 = socket$kcm(0x10, 0x400000003, 0x10) socket$inet6(0xa, 0x0, 0x0) setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") sendmsg$kcm(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001700)=[{&(0x7f0000000040)="2e0000002b008163e45ae08700000000160f0000000000bc4cc91b4dffbe45b7c4d65b2f0580cb7023072a556d1c", 0x2e}], 0x1}, 0x0) [ 61.200757][ T7190] 8021q: adding VLAN 0 to HW filter on device team0 [ 61.208784][ T3022] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 61.217458][ T3022] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.236464][ T3022] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.246302][ T3022] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 61.284824][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 61.293656][ T42] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.300783][ T42] bridge0: port 1(bridge_slave_0) entered forwarding state [ 61.311734][ T7196] IPVS: ftp: loaded support on port[0] = 21 [ 61.345831][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 61.366026][ T42] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.373135][ T42] bridge0: port 2(bridge_slave_1) entered forwarding state [ 61.460135][ T7201] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 61.466062][ T7200] IPVS: ftp: loaded support on port[0] = 21 [ 61.470517][ T7201] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 61.483652][ T7201] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 61.521605][ T7201] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 61.563408][ T7190] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 61.576098][ T7190] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 61.587064][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 61.611035][ T7193] chnl_net:caif_netlink_parms(): no params data found [ 61.633852][ T7190] 8021q: adding VLAN 0 to HW filter on device batadv0 06:58:19 executing program 4: mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x7, 0x31, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x7fffffff, 0x8, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200007, 0x0, 0x0, 0x0) [ 61.713482][ T7193] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.730532][ T7193] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.740898][ T7193] device bridge_slave_0 entered promiscuous mode [ 61.772673][ T7193] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.794213][ T7193] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.802355][ T7193] device bridge_slave_1 entered promiscuous mode [ 61.881253][ T7193] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 61.914961][ T7196] chnl_net:caif_netlink_parms(): no params data found [ 61.934705][ T7193] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 62.012903][ T7193] team0: Port device team_slave_0 added [ 62.044416][ T7200] chnl_net:caif_netlink_parms(): no params data found 06:58:19 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c00000021002d0800000000fbffffff0400000008000100af557b8baf1fcc657edd5d48", @ANYRES32], 0x1c}}, 0x0) r1 = socket(0x10, 0x80002, 0x8000000010) sendmmsg$alg(r1, &(0x7f0000000080), 0x492492492492751, 0x0) [ 62.064781][ T7193] team0: Port device team_slave_1 added [ 62.093406][ T7196] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.100691][ T7196] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.114845][ T7196] device bridge_slave_0 entered promiscuous mode [ 62.156803][ T7193] device hsr_slave_0 entered promiscuous mode [ 62.194407][ T7193] device hsr_slave_1 entered promiscuous mode [ 62.256046][ T7193] debugfs: Directory 'hsr0' with parent '/' already present! [ 62.265113][ T7196] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.272249][ T7196] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.280551][ T7196] device bridge_slave_1 entered promiscuous mode [ 62.300829][ T7216] IPVS: ftp: loaded support on port[0] = 21 06:58:19 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c00000021002d0800000000fbffffff0400000008000100af557b8baf1fcc657edd5d48", @ANYRES32], 0x1c}}, 0x0) r1 = socket(0x10, 0x80002, 0x8000000010) sendmmsg$alg(r1, &(0x7f0000000080), 0x492492492492751, 0x0) 06:58:19 executing program 5: open(0x0, 0x0, 0x0) r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x0, 0x1, 0x0, 0x3}, 0x0) r4 = open$dir(&(0x7f00000000c0)='./file0\x00', 0xca00, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) sendfile(r0, r4, 0x0, 0x7fffffa7) [ 62.332148][ T7193] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.339341][ T7193] bridge0: port 2(bridge_slave_1) entered forwarding state [ 62.346675][ T7193] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.353726][ T7193] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.393212][ T7196] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 62.405204][ T7196] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link 06:58:19 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c00000021002d0800000000fbffffff0400000008000100af557b8baf1fcc657edd5d48", @ANYRES32], 0x1c}}, 0x0) r1 = socket(0x10, 0x80002, 0x8000000010) sendmmsg$alg(r1, &(0x7f0000000080), 0x492492492492751, 0x0) [ 62.484535][ T7196] team0: Port device team_slave_0 added [ 62.500545][ T7200] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.508013][ T7200] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.529947][ T7200] device bridge_slave_0 entered promiscuous mode [ 62.548215][ T7196] team0: Port device team_slave_1 added [ 62.557225][ T7200] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.565105][ T7200] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.584286][ T7200] device bridge_slave_1 entered promiscuous mode 06:58:20 executing program 0: sendmmsg$inet(0xffffffffffffffff, &(0x7f0000003ec0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000003f80)=ANY=[@ANYBLOB="14"], 0x1}}], 0x1, 0x0) r0 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x476, 0x101002) write$evdev(r0, &(0x7f0000000100)=[{{0x0, 0x7530}}], 0xff49) [ 62.639405][ T7193] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.661606][ T7197] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.674717][ T7197] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.705540][ T7197] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 62.797093][ T7196] device hsr_slave_0 entered promiscuous mode [ 62.834513][ T7196] device hsr_slave_1 entered promiscuous mode [ 62.874151][ T7196] debugfs: Directory 'hsr0' with parent '/' already present! [ 62.888611][ T7200] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 62.891457][ T7226] IPVS: ftp: loaded support on port[0] = 21 06:58:20 executing program 0: sendmmsg$inet(0xffffffffffffffff, &(0x7f0000003ec0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000003f80)=ANY=[@ANYBLOB="14"], 0x1}}], 0x1, 0x0) r0 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x476, 0x101002) write$evdev(r0, &(0x7f0000000100)=[{{0x0, 0x7530}}], 0xff49) [ 62.930843][ T7200] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 62.973637][ T7193] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.991634][ T7216] chnl_net:caif_netlink_parms(): no params data found [ 63.010582][ T7197] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 63.021742][ T7197] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 63.031211][ T7200] team0: Port device team_slave_0 added [ 63.038849][ T7200] team0: Port device team_slave_1 added 06:58:20 executing program 0: sendmmsg$inet(0xffffffffffffffff, &(0x7f0000003ec0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000003f80)=ANY=[@ANYBLOB="14"], 0x1}}], 0x1, 0x0) r0 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x476, 0x101002) write$evdev(r0, &(0x7f0000000100)=[{{0x0, 0x7530}}], 0xff49) [ 63.126980][ T7200] device hsr_slave_0 entered promiscuous mode [ 63.164346][ T7200] device hsr_slave_1 entered promiscuous mode [ 63.204065][ T7200] debugfs: Directory 'hsr0' with parent '/' already present! [ 63.253887][ T7201] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 63.262894][ T7201] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 63.271509][ T7201] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.278586][ T7201] bridge0: port 1(bridge_slave_0) entered forwarding state 06:58:20 executing program 0: sendmmsg$inet(0xffffffffffffffff, &(0x7f0000003ec0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000003f80)=ANY=[@ANYBLOB="14"], 0x1}}], 0x1, 0x0) r0 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x476, 0x101002) write$evdev(r0, &(0x7f0000000100)=[{{0x0, 0x7530}}], 0xff49) [ 63.317181][ T7216] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.324950][ T7216] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.333155][ T7216] device bridge_slave_0 entered promiscuous mode [ 63.343836][ T7216] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.350997][ T7216] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.359621][ T7216] device bridge_slave_1 entered promiscuous mode [ 63.384555][ T7200] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.418471][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 63.438812][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 63.454310][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 63.462696][ T17] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.469845][ T17] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.478121][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 63.492724][ T7193] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 63.503539][ T7193] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 63.523772][ T7196] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.549556][ T7197] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 63.558471][ T7197] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 63.567587][ T7197] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 63.576564][ T7197] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 63.585801][ T7197] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 63.595031][ T7197] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 63.606082][ T7197] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 63.615405][ T7197] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 63.623750][ T7197] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 63.632489][ T7197] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 63.641156][ T7197] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 63.652025][ T7216] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 63.665804][ T7193] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.677579][ T7196] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.697910][ T7200] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.709217][ T7216] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 63.718882][ T7195] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 63.728375][ T7195] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 63.736700][ T7195] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 63.744970][ T7195] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 63.780484][ T7197] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 63.790532][ T7197] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 63.799042][ T7197] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.806320][ T7197] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.813941][ T7197] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 63.822542][ T7197] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 63.830929][ T7197] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.838002][ T7197] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.845896][ T7197] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 63.854479][ T7197] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 63.862883][ T7197] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.870124][ T7197] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.878137][ T7197] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 63.886960][ T7197] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 63.895430][ T7197] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 63.903678][ T7197] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.910772][ T7197] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.918396][ T7197] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 63.927138][ T7197] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 63.935972][ T7197] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 63.944586][ T7197] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 63.952925][ T7197] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 63.961721][ T7197] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 63.970054][ T7197] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 63.978715][ T7197] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 63.987074][ T7197] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 63.995652][ T7197] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 64.003877][ T7197] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 64.012433][ T7197] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 64.020339][ T7197] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 64.028239][ T7197] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 64.036170][ T7197] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 64.072116][ T7200] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 64.083509][ T7200] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 64.099460][ T7216] team0: Port device team_slave_0 added [ 64.106484][ T7216] team0: Port device team_slave_1 added [ 64.118374][ T7196] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 64.129601][ T7196] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 64.158205][ T7201] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 64.170549][ T7201] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 64.179329][ T7201] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 64.187819][ T7201] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready 06:58:21 executing program 1: r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000005020000000000196cf5abed79ade3fe82e821bf457983cd2f299d21d1f0fe5cfb51cb7ff50ef419d4d5d4b941e7b1a73a7563602a9954d01e9f377d43a5053e2ffdd8"], 0x0, 0x26}, 0x20) bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x2, 0x4, 0x2, 0x1, 0x0, 0xffffffffffffffff, 0x0, [], 0x0, r0, 0x0, 0x1}, 0x3c) [ 64.214960][ T7201] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 64.228742][ T7201] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 64.237548][ T7201] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 64.248831][ T7201] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 64.258099][ T7201] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 64.302738][ T7226] chnl_net:caif_netlink_parms(): no params data found [ 64.349590][ T7216] device hsr_slave_0 entered promiscuous mode [ 64.404402][ T7216] device hsr_slave_1 entered promiscuous mode [ 64.454117][ T7216] debugfs: Directory 'hsr0' with parent '/' already present! [ 64.462739][ T7196] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 64.480434][ T7200] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 64.538440][ T7226] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.545879][ T7226] bridge0: port 1(bridge_slave_0) entered disabled state [ 64.553706][ T7226] device bridge_slave_0 entered promiscuous mode [ 64.562443][ T7226] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.570240][ T7226] bridge0: port 2(bridge_slave_1) entered disabled state [ 64.578515][ T7226] device bridge_slave_1 entered promiscuous mode [ 64.598071][ T7216] 8021q: adding VLAN 0 to HW filter on device bond0 [ 64.632721][ T7197] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 64.671917][ T7197] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 64.682181][ T7226] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 64.694930][ T7226] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 64.724167][ T7216] 8021q: adding VLAN 0 to HW filter on device team0 [ 64.733408][ T7226] team0: Port device team_slave_0 added [ 64.764644][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 64.773491][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 64.783234][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.790452][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 64.803696][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready 06:58:22 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000300)='net\x00') socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getdents(r0, &(0x7f0000000100)=""/92, 0xa6) [ 64.813387][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 64.841521][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.848751][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 64.860504][ T7269] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.3'. [ 64.869926][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 64.899541][ T7226] team0: Port device team_slave_1 added [ 64.907211][ T3022] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 64.916977][ T7277] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.3'. [ 64.918234][ T3022] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 64.943893][ T3022] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 64.952831][ T3022] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 64.962523][ T7197] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready 06:58:22 executing program 3: r0 = socket$kcm(0x10, 0x400000003, 0x10) socket$inet6(0xa, 0x0, 0x0) setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") sendmsg$kcm(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001700)=[{&(0x7f0000000040)="2e0000002b008163e45ae08700000000160f0000000000bc4cc91b4dffbe45b7c4d65b2f0580cb7023072a556d1c", 0x2e}], 0x1}, 0x0) [ 64.999409][ T7216] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 65.010222][ T7216] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 65.086914][ T7226] device hsr_slave_0 entered promiscuous mode [ 65.124693][ T7226] device hsr_slave_1 entered promiscuous mode [ 65.154091][ T7226] debugfs: Directory 'hsr0' with parent '/' already present! [ 65.161782][ T7201] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 65.170317][ T7287] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.3'. [ 65.180449][ T7201] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 65.189251][ T7201] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 65.197640][ T7201] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 65.206691][ T7201] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 65.215526][ T7201] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 65.224356][ T7201] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 65.241287][ T7216] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.314464][ T7226] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.328468][ T7195] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 65.347779][ T7195] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 65.359821][ T7226] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.391263][ T7195] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 65.402723][ T7195] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 65.427076][ T7195] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.434182][ T7195] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.440688][ T7295] mmap: syz-executor.4 (7295) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst. [ 65.455001][ T7195] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 65.463952][ T7195] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 65.482853][ T7195] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.490032][ T7195] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.498592][ T7195] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 65.508257][ T7195] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 65.535482][ T7201] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 65.543863][ T7201] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 65.553376][ T7201] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 65.563862][ T7201] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 65.573593][ T7201] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready 06:58:22 executing program 4: mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x7, 0x31, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x7fffffff, 0x8, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200007, 0x0, 0x0, 0x0) 06:58:22 executing program 0: sendmmsg$inet(0xffffffffffffffff, &(0x7f0000003ec0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000003f80)=ANY=[@ANYBLOB="14"], 0x1}}], 0x1, 0x0) r0 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x476, 0x101002) write$evdev(r0, &(0x7f0000000100)=[{{0x0, 0x7530}}], 0xff49) 06:58:22 executing program 1: r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000005020000000000196cf5abed79ade3fe82e821bf457983cd2f299d21d1f0fe5cfb51cb7ff50ef419d4d5d4b941e7b1a73a7563602a9954d01e9f377d43a5053e2ffdd8"], 0x0, 0x26}, 0x20) bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x2, 0x4, 0x2, 0x1, 0x0, 0xffffffffffffffff, 0x0, [], 0x0, r0, 0x0, 0x1}, 0x3c) [ 65.583092][ T7201] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 65.591767][ T7201] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 65.601994][ T7226] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 65.630674][ T7201] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 65.680013][ T7226] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.956788][ T25] kauditd_printk_skb: 3 callbacks suppressed [ 65.956811][ T25] audit: type=1800 audit(1570258703.296:31): pid=7312 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16527 res=0 [ 66.052243][ T25] audit: type=1804 audit(1570258703.386:32): pid=7315 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir543229581/syzkaller.hhANPD/0/file0" dev="sda1" ino=16527 res=1 [ 66.088279][ T25] audit: type=1800 audit(1570258703.386:33): pid=7315 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16527 res=0 06:58:24 executing program 3: r0 = socket$kcm(0x10, 0x400000003, 0x10) socket$inet6(0xa, 0x0, 0x0) setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") sendmsg$kcm(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001700)=[{&(0x7f0000000040)="2e0000002b008163e45ae08700000000160f0000000000bc4cc91b4dffbe45b7c4d65b2f0580cb7023072a556d1c", 0x2e}], 0x1}, 0x0) 06:58:24 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000300)='net\x00') socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getdents(r0, &(0x7f0000000100)=""/92, 0xa6) 06:58:24 executing program 1: r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000005020000000000196cf5abed79ade3fe82e821bf457983cd2f299d21d1f0fe5cfb51cb7ff50ef419d4d5d4b941e7b1a73a7563602a9954d01e9f377d43a5053e2ffdd8"], 0x0, 0x26}, 0x20) bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x2, 0x4, 0x2, 0x1, 0x0, 0xffffffffffffffff, 0x0, [], 0x0, r0, 0x0, 0x1}, 0x3c) 06:58:24 executing program 0: sendmmsg$inet(0xffffffffffffffff, &(0x7f0000003ec0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000003f80)=ANY=[@ANYBLOB="14"], 0x1}}], 0x1, 0x0) r0 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x476, 0x101002) write$evdev(r0, &(0x7f0000000100)=[{{0x0, 0x7530}}], 0xff49) 06:58:24 executing program 4: mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x7, 0x31, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x7fffffff, 0x8, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200007, 0x0, 0x0, 0x0) 06:58:24 executing program 5: open(0x0, 0x0, 0x0) r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x0, 0x1, 0x0, 0x3}, 0x0) r4 = open$dir(&(0x7f00000000c0)='./file0\x00', 0xca00, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) sendfile(r0, r4, 0x0, 0x7fffffa7) [ 66.732341][ T25] audit: type=1800 audit(1570258704.066:34): pid=7312 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16527 res=0 06:58:24 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000300)='net\x00') socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getdents(r0, &(0x7f0000000100)=""/92, 0xa6) [ 66.887146][ T25] audit: type=1800 audit(1570258704.226:35): pid=7330 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16546 res=0 [ 66.910277][ T7332] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.3'. 06:58:24 executing program 1: open(0x0, 0x0, 0x0) r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x0, 0x1, 0x0, 0x3}, 0x0) r4 = open$dir(&(0x7f00000000c0)='./file0\x00', 0xca00, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) sendfile(r0, r4, 0x0, 0x7fffffa7) [ 67.046588][ T25] audit: type=1804 audit(1570258704.386:36): pid=7338 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir543229581/syzkaller.hhANPD/1/file0" dev="sda1" ino=16546 res=1 06:58:24 executing program 0: sendmmsg$inet(0xffffffffffffffff, &(0x7f0000003ec0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000003f80)=ANY=[@ANYBLOB="14"], 0x1}}], 0x1, 0x0) r0 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x476, 0x101002) write$evdev(r0, &(0x7f0000000100)=[{{0x0, 0x7530}}], 0xff49) 06:58:24 executing program 3: r0 = socket$kcm(0x10, 0x400000003, 0x10) socket$inet6(0xa, 0x0, 0x0) setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") sendmsg$kcm(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001700)=[{&(0x7f0000000040)="2e0000002b008163e45ae08700000000160f0000000000bc4cc91b4dffbe45b7c4d65b2f0580cb7023072a556d1c", 0x2e}], 0x1}, 0x0) [ 67.154769][ T25] audit: type=1800 audit(1570258704.386:37): pid=7338 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=16546 res=0 06:58:24 executing program 2: open(0x0, 0x0, 0x0) r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x0, 0x1, 0x0, 0x3}, 0x0) r4 = open$dir(&(0x7f00000000c0)='./file0\x00', 0xca00, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) sendfile(r0, r4, 0x0, 0x7fffffa7) [ 67.261185][ T25] audit: type=1800 audit(1570258704.526:38): pid=7341 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16547 res=0 [ 67.524571][ T7356] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.3'. 06:58:24 executing program 4: mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x7, 0x31, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x7fffffff, 0x8, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200007, 0x0, 0x0, 0x0) [ 67.581096][ T25] audit: type=1804 audit(1570258704.656:39): pid=7344 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir617133292/syzkaller.TGojkK/4/file0" dev="sda1" ino=16547 res=1 [ 67.841507][ T25] audit: type=1800 audit(1570258704.656:40): pid=7344 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=16547 res=0 06:58:25 executing program 3: open(0x0, 0x0, 0x0) r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x0, 0x1, 0x0, 0x3}, 0x0) r4 = open$dir(&(0x7f00000000c0)='./file0\x00', 0xca00, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) sendfile(r0, r4, 0x0, 0x7fffffa7) 06:58:25 executing program 5: open(0x0, 0x0, 0x0) r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x0, 0x1, 0x0, 0x3}, 0x0) r4 = open$dir(&(0x7f00000000c0)='./file0\x00', 0xca00, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) sendfile(r0, r4, 0x0, 0x7fffffa7) 06:58:25 executing program 0: r0 = socket$kcm(0x10, 0x400000003, 0x10) socket$inet6(0xa, 0x0, 0x0) setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") sendmsg$kcm(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001700)=[{&(0x7f0000000040)="2e0000002b008163e45ae08700000000160f0000000000bc4cc91b4dffbe45b7c4d65b2f0580cb7023072a556d1c", 0x2e}], 0x1}, 0x0) 06:58:25 executing program 1: open(0x0, 0x0, 0x0) r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x0, 0x1, 0x0, 0x3}, 0x0) r4 = open$dir(&(0x7f00000000c0)='./file0\x00', 0xca00, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) sendfile(r0, r4, 0x0, 0x7fffffa7) [ 68.195617][ T7372] netlink: 26 bytes leftover after parsing attributes in process `syz-executor.0'. 06:58:25 executing program 2: open(0x0, 0x0, 0x0) r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x0, 0x1, 0x0, 0x3}, 0x0) r4 = open$dir(&(0x7f00000000c0)='./file0\x00', 0xca00, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) sendfile(r0, r4, 0x0, 0x7fffffa7) 06:58:25 executing program 0: r0 = socket$kcm(0x10, 0x400000003, 0x10) socket$inet6(0xa, 0x0, 0x0) setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") sendmsg$kcm(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001700)=[{&(0x7f0000000040)="2e0000002b008163e45ae08700000000160f0000000000bc4cc91b4dffbe45b7c4d65b2f0580cb7023072a556d1c", 0x2e}], 0x1}, 0x0) [ 68.638400][ T7382] ================================================================== [ 68.646603][ T7382] BUG: KCSAN: data-race in ext4_es_lookup_extent / ext4_es_lookup_extent [ 68.655097][ T7382] [ 68.657521][ T7382] read to 0xffff8881264acc28 of 8 bytes by task 7375 on cpu 1: [ 68.665083][ T7382] ext4_es_lookup_extent+0x3ba/0x510 [ 68.670456][ T7382] ext4_map_blocks+0xc2/0xf70 [ 68.675139][ T7382] _ext4_get_block+0x12d/0x2b0 [ 68.679909][ T7382] ext4_dio_get_block+0x9f/0xb0 [ 68.684938][ T7382] do_direct_IO+0x1409/0x59b0 [ 68.689622][ T7382] do_blockdev_direct_IO+0x6b7/0x4cc0 [ 68.694998][ T7382] __blockdev_direct_IO+0x86/0xa0 [ 68.700037][ T7382] ext4_direct_IO+0x32f/0xf70 [ 68.704711][ T7382] generic_file_read_iter+0x1b0/0x1440 [ 68.710186][ T7382] ext4_file_read_iter+0xfa/0x240 [ 68.715206][ T7382] generic_file_splice_read+0x35c/0x500 [ 68.720752][ T7382] do_splice_to+0xf2/0x130 [ 68.725158][ T7382] splice_direct_to_actor+0x1a1/0x510 [ 68.730520][ T7382] do_splice_direct+0x161/0x1e0 [ 68.735350][ T7382] [ 68.737682][ T7382] write to 0xffff8881264acc28 of 8 bytes by task 7382 on cpu 0: [ 68.745299][ T7382] ext4_es_lookup_extent+0x3d3/0x510 [ 68.750571][ T7382] ext4_map_blocks+0xc2/0xf70 [ 68.755231][ T7382] _ext4_get_block+0x12d/0x2b0 [ 68.759982][ T7382] ext4_get_block_trans+0xf4/0x1d0 [ 68.765081][ T7382] ext4_dio_get_block_unwritten_sync+0x59/0xc0 [ 68.771233][ T7382] do_direct_IO+0x1409/0x59b0 [ 68.775905][ T7382] do_blockdev_direct_IO+0x6b7/0x4cc0 [ 68.781264][ T7382] __blockdev_direct_IO+0x86/0xa0 [ 68.786288][ T7382] ext4_direct_IO+0x6f5/0xf70 [ 68.790965][ T7382] generic_file_direct_write+0x14d/0x2e0 [ 68.796639][ T7382] __generic_file_write_iter+0x17e/0x380 [ 68.802269][ T7382] ext4_file_write_iter+0x1fc/0xa40 [ 68.807462][ T7382] do_iter_readv_writev+0x487/0x5b0 [ 68.812641][ T7382] [ 68.814987][ T7382] Reported by Kernel Concurrency Sanitizer on: [ 68.821145][ T7382] CPU: 0 PID: 7382 Comm: syz-executor.1 Not tainted 5.3.0+ #0 [ 68.828599][ T7382] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 68.838656][ T7382] ================================================================== [ 68.846703][ T7382] Kernel panic - not syncing: panic_on_warn set ... [ 68.853280][ T7382] CPU: 0 PID: 7382 Comm: syz-executor.1 Not tainted 5.3.0+ #0 [ 68.860813][ T7382] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 68.870854][ T7382] Call Trace: [ 68.874139][ T7382] dump_stack+0xf5/0x159 [ 68.878393][ T7382] panic+0x209/0x639 [ 68.882293][ T7382] ? vprintk_func+0x8d/0x140 [ 68.887488][ T7382] kcsan_report.cold+0x57/0xeb [ 68.892249][ T7382] __kcsan_setup_watchpoint+0x342/0x500 [ 68.897900][ T7382] __tsan_write8+0x32/0x40 [ 68.902310][ T7382] ext4_es_lookup_extent+0x3d3/0x510 [ 68.907588][ T7382] ext4_map_blocks+0xc2/0xf70 [ 68.912265][ T7382] ? scsi_queue_rq+0x24f/0x1800 [ 68.917126][ T7382] _ext4_get_block+0x12d/0x2b0 [ 68.921878][ T7382] ? __ext4_journal_start_sb+0xce/0x240 [ 68.927416][ T7382] ext4_get_block_trans+0xf4/0x1d0 [ 68.932618][ T7382] ext4_dio_get_block_unwritten_sync+0x59/0xc0 [ 68.938777][ T7382] do_direct_IO+0x1409/0x59b0 [ 68.943474][ T7382] ? should_fail+0xd4/0x45d [ 68.947970][ T7382] ? __tsan_read8+0x2c/0x30 [ 68.952580][ T7382] ? blk_start_plug+0x62/0x120 [ 68.957347][ T7382] do_blockdev_direct_IO+0x6b7/0x4cc0 [ 68.962864][ T7382] ? ___cache_free+0x2e/0x320 [ 68.967547][ T7382] ? write_end_fn+0xd0/0xd0 [ 68.972071][ T7382] ? ext4_dio_get_block_unwritten_async+0x1a0/0x1a0 [ 68.978665][ T7382] ? ext4_dio_get_block_unwritten_async+0x1a0/0x1a0 [ 68.985255][ T7382] ? ext4_dio_get_block_unwritten_async+0x1a0/0x1a0 [ 68.991875][ T7382] __blockdev_direct_IO+0x86/0xa0 [ 68.996891][ T7382] ? write_end_fn+0xd0/0xd0 [ 69.001395][ T7382] ext4_direct_IO+0x6f5/0xf70 [ 69.006067][ T7382] ? ext4_dio_get_block_unwritten_async+0x1a0/0x1a0 [ 69.012672][ T7382] generic_file_direct_write+0x14d/0x2e0 [ 69.018308][ T7382] __generic_file_write_iter+0x17e/0x380 [ 69.023955][ T7382] ext4_file_write_iter+0x1fc/0xa40 [ 69.030210][ T7382] do_iter_readv_writev+0x487/0x5b0 [ 69.035504][ T7382] do_iter_write+0x13b/0x3c0 [ 69.040178][ T7382] vfs_iter_write+0x5c/0x80 [ 69.044675][ T7382] iter_file_splice_write+0x4c0/0x7f0 [ 69.050048][ T7382] ? page_cache_pipe_buf_release+0x100/0x100 [ 69.056029][ T7382] direct_splice_actor+0xa0/0xc0 [ 69.060988][ T7382] splice_direct_to_actor+0x215/0x510 [ 69.066349][ T7382] ? generic_pipe_buf_nosteal+0x20/0x20 [ 69.071892][ T7382] do_splice_direct+0x161/0x1e0 [ 69.076749][ T7382] do_sendfile+0x384/0x7f0 [ 69.081163][ T7382] __x64_sys_sendfile64+0x12a/0x140 [ 69.086359][ T7382] do_syscall_64+0xcf/0x2f0 [ 69.090855][ T7382] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 69.096750][ T7382] RIP: 0033:0x459a59 [ 69.100638][ T7382] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 69.120315][ T7382] RSP: 002b:00007f4eefa32c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 69.128715][ T7382] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000459a59 [ 69.136683][ T7382] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000003 [ 69.144645][ T7382] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 69.152603][ T7382] R10: 000000007fffffa7 R11: 0000000000000246 R12: 00007f4eefa336d4 [ 69.160577][ T7382] R13: 00000000004c7489 R14: 00000000004dd038 R15: 00000000ffffffff [ 69.170224][ T7382] Kernel Offset: disabled [ 69.174680][ T7382] Rebooting in 86400 seconds..