Warning: Permanently added '10.128.0.214' (ECDSA) to the list of known hosts. 2019/10/04 12:20:20 fuzzer started 2019/10/04 12:20:22 dialing manager at 10.128.0.105:38119 2019/10/04 12:20:22 syscalls: 2523 2019/10/04 12:20:22 code coverage: enabled 2019/10/04 12:20:22 comparison tracing: enabled 2019/10/04 12:20:22 extra coverage: extra coverage is not supported by the kernel 2019/10/04 12:20:22 setuid sandbox: enabled 2019/10/04 12:20:22 namespace sandbox: enabled 2019/10/04 12:20:22 Android sandbox: /sys/fs/selinux/policy does not exist 2019/10/04 12:20:22 fault injection: enabled 2019/10/04 12:20:22 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/10/04 12:20:22 net packet injection: enabled 2019/10/04 12:20:22 net device setup: enabled 2019/10/04 12:20:22 concurrency sanitizer: enabled 12:20:25 executing program 0: r0 = socket(0x200000000000011, 0x4000000000080002, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x200000000000df8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r3, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, r3) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000140)={'ip6tnl0\x00', 0x0}) bind$packet(r0, &(0x7f00000001c0)={0x11, 0x800, r4, 0x1, 0x0, 0x6, @dev}, 0x14) sendmmsg(r0, &(0x7f0000000d00), 0x400004e, 0x0) syzkaller login: [ 54.879355][ T7314] IPVS: ftp: loaded support on port[0] = 21 12:20:25 executing program 1: syz_mount_image$gfs2(&(0x7f0000000680)='gfs2\x00', &(0x7f00000006c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000ac0)={[{@quota_quantum={'quota_quantum'}}]}) [ 54.962935][ T7314] chnl_net:caif_netlink_parms(): no params data found [ 55.013246][ T7314] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.020460][ T7314] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.037614][ T7314] device bridge_slave_0 entered promiscuous mode [ 55.046487][ T7314] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.053899][ T7314] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.061742][ T7314] device bridge_slave_1 entered promiscuous mode [ 55.092511][ T7314] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 55.123264][ T7314] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 55.164849][ T7314] team0: Port device team_slave_0 added [ 55.171610][ T7314] team0: Port device team_slave_1 added [ 55.254798][ T7314] device hsr_slave_0 entered promiscuous mode 12:20:26 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x2c, r3, 0x1, 0x0, 0x0, {}, [@SEG6_ATTR_SECRETLEN={0x8}, @SEG6_ATTR_ALGID={0x8}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x43d}]}, 0x2c}, 0x1, 0x6c}, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x3ded5adb) r4 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r4, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") splice(r0, 0x0, r2, 0x0, 0x200000011002, 0x0) [ 55.302852][ T7314] device hsr_slave_1 entered promiscuous mode [ 55.348975][ T7314] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.349163][ T7317] IPVS: ftp: loaded support on port[0] = 21 [ 55.356109][ T7314] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.356220][ T7314] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.378510][ T7314] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.517311][ T7314] 8021q: adding VLAN 0 to HW filter on device bond0 [ 55.545125][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 55.554166][ T43] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.573157][ T43] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.593102][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready 12:20:26 executing program 3: r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$setstatus(r0, 0x4, 0x42000) fstatfs(r0, &(0x7f0000000080)=""/179) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f0000000040)=0x2000000000000074, 0x4) bind$inet(r1, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) syz_open_dev$sndpcmc(0x0, 0x0, 0x0) sendto$inet(r1, &(0x7f0000000bc0)="3232ce2774e7a3797748648df71c7b4542839e347be35844e42ad67454cd5e140e0ab73493d6b6921681e5536dbc0f309747cc199a7f9a20d01e04d55fb1c26504e3e4738aac76780b5c2363a6dc4d10fe9adc2b363abf6981a31f6a58ef2103e7a145b11649eac6d4cc29a315faf899c2e35d08b1974199c08bf4798207b78d8dd89e727382318265acc85a4444869dfc22ba7fd79b455635a715fa1e705070e2857ef21a3076cdfc2c29b26547360add94ef9c349ae62f54", 0xb9, 0x0, 0x0, 0x0) sendto$inet(r1, &(0x7f0000000180)="20268a927f1f6588b967481241ba7860f46ef65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95c25a3a07e758044ab4ea6f7ae55d88fecf9221a7511bf746bec66ba5c0fe3ac47b61db6b4c41bd1a5259e62506cda287b857aac", 0x8293, 0x4000008, 0x0, 0x27) [ 55.627273][ T7314] 8021q: adding VLAN 0 to HW filter on device team0 [ 55.656933][ T7317] chnl_net:caif_netlink_parms(): no params data found [ 55.685162][ T7320] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 55.696037][ T7323] IPVS: ftp: loaded support on port[0] = 21 [ 55.704162][ T7320] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.711263][ T7320] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.725836][ T7320] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 55.735434][ T7320] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.742621][ T7320] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.789901][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 55.800564][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 55.836596][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 55.846658][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 55.855474][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 55.870344][ T7314] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 55.896616][ T7317] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.907404][ T7317] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.918130][ T7317] device bridge_slave_0 entered promiscuous mode [ 55.946494][ T7317] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.962119][ T7317] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.974345][ T7317] device bridge_slave_1 entered promiscuous mode [ 55.992690][ T7314] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 56.044255][ T7326] IPVS: ftp: loaded support on port[0] = 21 [ 56.090013][ T7299] ================================================================== [ 56.096457][ T7317] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 56.098239][ T7299] BUG: KCSAN: data-race in ext4_es_lookup_extent+0x3ba/0x510 and ext4_es_lookup_extent+0x3d3/0x510 [ 56.113967][ T7323] chnl_net:caif_netlink_parms(): no params data found [ 56.117784][ T7299] [ 56.126865][ T7299] write to 0xffff888126a68428 of 8 bytes by task 7329 on cpu 1: [ 56.130892][ T7317] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 56.134496][ T7299] ext4_es_lookup_extent+0x3d3/0x510 [ 56.134509][ T7299] ext4_map_blocks+0xc2/0xf70 [ 56.134520][ T7299] ext4_getblk+0x30b/0x380 [ 56.134543][ T7299] ext4_bread+0x4a/0x190 [ 56.162197][ T7299] __ext4_read_dirblock+0x3e/0x700 [ 56.167314][ T7299] htree_dirblock_to_tree+0x8c/0x560 [ 56.172593][ T7299] ext4_htree_fill_tree+0x179/0x6b0 [ 56.177792][ T7299] ext4_readdir+0x54d/0x1e30 [ 56.182399][ T7299] iterate_dir+0x312/0x380 [ 56.186819][ T7299] __x64_sys_getdents+0x14b/0x280 [ 56.191844][ T7299] do_syscall_64+0xcf/0x2f0 [ 56.196356][ T7299] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 56.198841][ T7317] team0: Port device team_slave_0 added [ 56.202231][ T7299] [ 56.202246][ T7299] read to 0xffff888126a68428 of 8 bytes by task 7299 on cpu 0: [ 56.202264][ T7299] ext4_es_lookup_extent+0x3ba/0x510 [ 56.202288][ T7299] ext4_map_blocks+0xc2/0xf70 [ 56.227377][ T7317] team0: Port device team_slave_1 added [ 56.227621][ T7299] ext4_mpage_readpages+0x92b/0x1270 [ 56.233441][ T7323] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.238516][ T7299] ext4_readpages+0x92/0xc0 [ 56.246091][ T7323] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.249999][ T7299] read_pages+0xa2/0x2d0 [ 56.258195][ T7323] device bridge_slave_0 entered promiscuous mode [ 56.261248][ T7299] __do_page_cache_readahead+0x353/0x390 [ 56.273158][ T7299] ondemand_readahead+0x35d/0x710 [ 56.278313][ T7299] page_cache_async_readahead+0x22c/0x250 [ 56.284025][ T7299] generic_file_read_iter+0xffc/0x1440 [ 56.289482][ T7299] ext4_file_read_iter+0xfa/0x240 [ 56.294507][ T7299] new_sync_read+0x389/0x4f0 [ 56.296738][ T7323] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.299652][ T7299] __vfs_read+0xb1/0xc0 [ 56.306886][ T7323] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.310821][ T7299] integrity_kernel_read+0xa1/0xe0 [ 56.319446][ T7323] device bridge_slave_1 entered promiscuous mode [ 56.322995][ T7299] [ 56.322999][ T7299] Reported by Kernel Concurrency Sanitizer on: [ 56.323016][ T7299] CPU: 0 PID: 7299 Comm: syz-fuzzer Not tainted 5.3.0+ #0 [ 56.323024][ T7299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 56.323040][ T7299] ================================================================== [ 56.363213][ T7299] Kernel panic - not syncing: panic_on_warn set ... [ 56.369787][ T7299] CPU: 0 PID: 7299 Comm: syz-fuzzer Not tainted 5.3.0+ #0 [ 56.376893][ T7299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 56.386926][ T7299] Call Trace: [ 56.390201][ T7299] dump_stack+0xf5/0x159 [ 56.394427][ T7299] panic+0x209/0x639 [ 56.398302][ T7299] ? vprintk_func+0x8d/0x140 [ 56.402876][ T7299] kcsan_report.cold+0x57/0xeb [ 56.407621][ T7299] __kcsan_setup_watchpoint+0x342/0x500 [ 56.413147][ T7299] __tsan_read8+0x2c/0x30 [ 56.417457][ T7299] ext4_es_lookup_extent+0x3ba/0x510 [ 56.422726][ T7299] ext4_map_blocks+0xc2/0xf70 [ 56.427400][ T7299] ext4_mpage_readpages+0x92b/0x1270 [ 56.432673][ T7299] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 56.438548][ T7299] ? ext4_invalidatepage+0x1e0/0x1e0 [ 56.443811][ T7299] ext4_readpages+0x92/0xc0 [ 56.448306][ T7299] ? ext4_invalidatepage+0x1e0/0x1e0 [ 56.453585][ T7299] read_pages+0xa2/0x2d0 [ 56.457825][ T7299] __do_page_cache_readahead+0x353/0x390 [ 56.463439][ T7299] ondemand_readahead+0x35d/0x710 [ 56.468443][ T7299] page_cache_async_readahead+0x22c/0x250 [ 56.474230][ T7299] generic_file_read_iter+0xffc/0x1440 [ 56.479678][ T7299] ext4_file_read_iter+0xfa/0x240 [ 56.484683][ T7299] new_sync_read+0x389/0x4f0 [ 56.489259][ T7299] __vfs_read+0xb1/0xc0 [ 56.493399][ T7299] integrity_kernel_read+0xa1/0xe0 [ 56.498494][ T7299] ima_calc_file_hash_tfm+0x1b5/0x260 [ 56.503847][ T7299] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 56.509547][ T7299] ? widen_string+0x4a/0x1a0 [ 56.514117][ T7299] ? __tsan_read1+0x2c/0x30 [ 56.518600][ T7299] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 56.524918][ T7299] ? __tsan_read4+0x2c/0x30 [ 56.529463][ T7299] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 56.535696][ T7299] ? refcount_sub_and_test_checked+0xc8/0x190 [ 56.541756][ T7299] ? __tsan_read4+0x2c/0x30 [ 56.546259][ T7299] ima_calc_file_hash+0x158/0xf10 [ 56.551267][ T7299] ? __tsan_write8+0x32/0x40 [ 56.555837][ T7299] ? ext4_xattr_get+0x10b/0x5c0 [ 56.560725][ T7299] ? __rcu_read_unlock+0x62/0xe0 [ 56.565665][ T7299] ima_collect_measurement+0x384/0x3b0 [ 56.571113][ T7299] process_measurement+0x980/0xff0 [ 56.576213][ T7299] ? __tsan_read4+0x2c/0x30 [ 56.580696][ T7299] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 56.586935][ T7299] ? refcount_sub_and_test_checked+0xc8/0x190 [ 56.592986][ T7299] ima_file_check+0x7e/0xb0 [ 56.597484][ T7299] path_openat+0xfb1/0x3530 [ 56.601994][ T7299] do_filp_open+0x11e/0x1b0 [ 56.606504][ T7299] ? _raw_spin_unlock+0x4b/0x60 [ 56.611520][ T7299] ? __alloc_fd+0x316/0x4c0 [ 56.616006][ T7299] ? get_unused_fd_flags+0x93/0xc0 [ 56.621181][ T7299] do_sys_open+0x3b3/0x4f0 [ 56.625580][ T7299] __x64_sys_openat+0x62/0x80 [ 56.630238][ T7299] do_syscall_64+0xcf/0x2f0 [ 56.634727][ T7299] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 56.640596][ T7299] RIP: 0033:0x47c5aa [ 56.644481][ T7299] Code: e8 7b 6b fb ff 48 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 4c 8b 54 24 28 4c 8b 44 24 30 4c 8b 4c 24 38 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 40 ff ff ff ff 48 c7 44 24 48 [ 56.664062][ T7299] RSP: 002b:000000c42004b850 EFLAGS: 00000206 ORIG_RAX: 0000000000000101 [ 56.672467][ T7299] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000047c5aa [ 56.680418][ T7299] RDX: 0000000000080002 RSI: 000000c420022940 RDI: ffffffffffffff9c [ 56.688381][ T7299] RBP: 000000c42004b8d0 R08: 0000000000000000 R09: 0000000000000000 [ 56.696328][ T7299] R10: 00000000000001a4 R11: 0000000000000206 R12: ffffffffffffffff [ 56.704366][ T7299] R13: 000000000000004b R14: 000000000000004a R15: 0000000000000100 [ 56.713839][ T7299] Kernel Offset: disabled [ 56.718171][ T7299] Rebooting in 86400 seconds..