[ 66.243742][ T25] audit: type=1800 audit(1573197104.620:27): pid=7870 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2469 res=0 [ 66.281620][ T25] audit: type=1800 audit(1573197104.720:28): pid=7870 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2450 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 67.053493][ T25] audit: type=1800 audit(1573197105.490:29): pid=7870 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2465 res=0 [ 67.073509][ T25] audit: type=1800 audit(1573197105.500:30): pid=7870 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2456 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.106' (ECDSA) to the list of known hosts. 2019/11/08 07:11:56 fuzzer started 2019/11/08 07:11:58 dialing manager at 10.128.0.105:41185 2019/11/08 07:11:58 syscalls: 2553 2019/11/08 07:11:58 code coverage: enabled 2019/11/08 07:11:58 comparison tracing: enabled 2019/11/08 07:11:58 extra coverage: extra coverage is not supported by the kernel 2019/11/08 07:11:58 setuid sandbox: enabled 2019/11/08 07:11:58 namespace sandbox: enabled 2019/11/08 07:11:58 Android sandbox: /sys/fs/selinux/policy does not exist 2019/11/08 07:11:58 fault injection: enabled 2019/11/08 07:11:58 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/11/08 07:11:58 net packet injection: enabled 2019/11/08 07:11:58 net device setup: enabled 2019/11/08 07:11:58 concurrency sanitizer: enabled 2019/11/08 07:11:58 devlink PCI setup: PCI device 0000:00:10.0 is not available 2019/11/08 07:12:00 adding functions to KCSAN blacklist: '__hrtimer_run_queues' 'ktime_get_real_seconds' 'vm_area_dup' 'ep_poll' 'generic_permission' 'tomoyo_supervisor' 'run_timer_softirq' 'do_nanosleep' 'tcp_add_backlog' 07:12:01 executing program 0: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000180)={r0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x20) 07:12:02 executing program 1: r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm-control\x00', 0x1, 0x0) r1 = socket(0x1, 0x5, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0}, &(0x7f0000000200)=0x5) setreuid(0x0, r2) write$9p(r0, &(0x7f0000000000)="0600000000000000c9b9000f050000002a1ff7adf576f3790f68bc2c197cbf8d63735a09ab8383afd2de1a5587fe067fde18fa64249e1dabdd9514480a16f3733d18f833b3aacfcf04f7b0bdd78687423a6bff51b9f9218a249e3d00"/104, 0xb3) syzkaller login: [ 83.663405][ T8045] IPVS: ftp: loaded support on port[0] = 21 [ 83.748843][ T8045] chnl_net:caif_netlink_parms(): no params data found [ 83.782475][ T8045] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.789886][ T8045] bridge0: port 1(bridge_slave_0) entered disabled state [ 83.798436][ T8045] device bridge_slave_0 entered promiscuous mode [ 83.816669][ T8045] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.824087][ T8045] bridge0: port 2(bridge_slave_1) entered disabled state [ 83.831906][ T8045] device bridge_slave_1 entered promiscuous mode [ 83.863876][ T8045] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 83.875314][ T8045] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 83.896192][ T8048] IPVS: ftp: loaded support on port[0] = 21 [ 83.898401][ T8045] team0: Port device team_slave_0 added [ 83.909393][ T8045] team0: Port device team_slave_1 added 07:12:02 executing program 2: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="2c0000001600ff8e00000000000000000a00000018"], 0x1}}, 0x0) r0 = socket(0x10, 0x3, 0x0) recvmsg(r0, &(0x7f00000023c0)={0x0, 0x0, 0x0}, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x1}, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000240)={0x0, 0xffffffffffffff4a, &(0x7f0000000200)={&(0x7f0000000080)={0x18, 0x16, 0xa01}, 0x18}}, 0x0) [ 84.028197][ T8045] device hsr_slave_0 entered promiscuous mode [ 84.135948][ T8045] device hsr_slave_1 entered promiscuous mode 07:12:02 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") r1 = socket$xdp(0x2c, 0x3, 0x0) mmap$xdp(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x11, r1, 0x0) r2 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f0000000040)={&(0x7f0000000000)=""/2, 0x2000, 0x800}, 0x18) setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f00000001c0)=0x8, 0x2) mmap$xdp(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x11, r2, 0x100000000) [ 84.219418][ T8050] IPVS: ftp: loaded support on port[0] = 21 [ 84.426705][ T8045] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.434085][ T8045] bridge0: port 2(bridge_slave_1) entered forwarding state [ 84.441489][ T8045] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.448681][ T8045] bridge0: port 1(bridge_slave_0) entered forwarding state [ 84.677847][ T8048] chnl_net:caif_netlink_parms(): no params data found [ 84.706381][ T8045] 8021q: adding VLAN 0 to HW filter on device bond0 [ 84.764249][ T8045] 8021q: adding VLAN 0 to HW filter on device team0 [ 84.796594][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 84.805440][ T44] bridge0: port 1(bridge_slave_0) entered disabled state [ 84.836663][ T44] bridge0: port 2(bridge_slave_1) entered disabled state [ 84.897460][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 84.930287][ T8050] chnl_net:caif_netlink_parms(): no params data found [ 84.969568][ T8077] IPVS: ftp: loaded support on port[0] = 21 [ 84.986862][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 85.006472][ T44] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 85.036562][ T44] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.043850][ T44] bridge0: port 1(bridge_slave_0) entered forwarding state [ 85.081727][ T8060] ================================================================== [ 85.090040][ T8060] BUG: KCSAN: data-race in common_perm_cond / task_dump_owner [ 85.097496][ T8060] [ 85.099838][ T8060] write to 0xffff888125b7383c of 4 bytes by task 8074 on cpu 0: [ 85.107483][ T8060] task_dump_owner+0x237/0x260 [ 85.112260][ T8060] pid_update_inode+0x3c/0x70 [ 85.116951][ T8060] pid_revalidate+0x91/0xd0 [ 85.121467][ T8060] lookup_fast+0x6f2/0x700 [ 85.125898][ T8060] walk_component+0x6d/0xe70 [ 85.130521][ T8060] link_path_walk.part.0+0x5d3/0xa90 [ 85.135819][ T8060] path_openat+0x14f/0x36e0 [ 85.140333][ T8060] do_filp_open+0x11e/0x1b0 [ 85.144940][ T8060] do_sys_open+0x3b3/0x4f0 [ 85.149480][ T8060] __x64_sys_open+0x55/0x70 [ 85.153997][ T8060] do_syscall_64+0xcc/0x370 [ 85.158514][ T8060] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 85.164539][ T8060] [ 85.166878][ T8060] read to 0xffff888125b7383c of 4 bytes by task 8060 on cpu 1: [ 85.174435][ T8060] common_perm_cond+0x65/0x110 [ 85.179219][ T8060] apparmor_inode_getattr+0x2b/0x40 [ 85.184433][ T8060] security_inode_getattr+0x9b/0xd0 [ 85.189642][ T8060] vfs_getattr+0x2e/0x70 [ 85.193905][ T8060] vfs_statx+0x102/0x190 [ 85.198244][ T8060] __do_sys_newstat+0x51/0xb0 [ 85.202931][ T8060] __x64_sys_newstat+0x3a/0x50 [ 85.207758][ T8060] do_syscall_64+0xcc/0x370 [ 85.212284][ T8060] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 85.218171][ T8060] [ 85.220525][ T8060] Reported by Kernel Concurrency Sanitizer on: [ 85.226864][ T8060] CPU: 1 PID: 8060 Comm: ps Not tainted 5.4.0-rc6+ #0 [ 85.233627][ T8060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 85.243691][ T8060] ================================================================== [ 85.251761][ T8060] Kernel panic - not syncing: panic_on_warn set ... [ 85.258361][ T8060] CPU: 1 PID: 8060 Comm: ps Not tainted 5.4.0-rc6+ #0 [ 85.265249][ T8060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 85.275307][ T8060] Call Trace: [ 85.278623][ T8060] dump_stack+0xf5/0x159 [ 85.282884][ T8060] panic+0x210/0x640 [ 85.286912][ T8060] ? vprintk_func+0x8d/0x140 [ 85.291527][ T8060] kcsan_report.cold+0xc/0xe [ 85.296147][ T8060] kcsan_setup_watchpoint+0x3fe/0x410 [ 85.301544][ T8060] __tsan_read4+0x145/0x1f0 [ 85.306067][ T8060] common_perm_cond+0x65/0x110 [ 85.310894][ T8060] apparmor_inode_getattr+0x2b/0x40 [ 85.316110][ T8060] security_inode_getattr+0x9b/0xd0 [ 85.321389][ T8060] vfs_getattr+0x2e/0x70 [ 85.325828][ T8060] vfs_statx+0x102/0x190 [ 85.330098][ T8060] __do_sys_newstat+0x51/0xb0 [ 85.334946][ T8060] ? mem_cgroup_handle_over_high+0x50/0x180 [ 85.340865][ T8060] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 85.347115][ T8060] ? debug_smp_processor_id+0x4c/0x172 [ 85.352591][ T8060] __x64_sys_newstat+0x3a/0x50 [ 85.357376][ T8060] do_syscall_64+0xcc/0x370 [ 85.361995][ T8060] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 85.367899][ T8060] RIP: 0033:0x7f5b8a6a1c65 [ 85.372337][ T8060] Code: 00 00 00 e8 5d 01 00 00 48 83 c4 18 c3 90 90 90 90 90 90 90 90 83 ff 01 48 89 f0 77 18 48 89 c7 48 89 d6 b8 04 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 17 f3 c3 90 48 8b 05 a1 51 2b 00 64 c7 00 16 [ 85.392062][ T8060] RSP: 002b:00007ffc8e903ae8 EFLAGS: 00000246 ORIG_RAX: 0000000000000004 [ 85.400487][ T8060] RAX: ffffffffffffffda RBX: 0000000000616760 RCX: 00007f5b8a6a1c65 [ 85.408471][ T8060] RDX: 00007f5b8ab6fc60 RSI: 00007f5b8ab6fc60 RDI: 0000000001d18220 [ 85.416459][ T8060] RBP: 0000000000020062 R08: 00007f5b8a9575a0 R09: 0000000000000000 [ 85.424745][ T8060] R10: 1999999999999999 R11: 0000000000000246 R12: 0000000001d18220 [ 85.432731][ T8060] R13: 0000000001d181c0 R14: 0000000000000005 R15: 0000000000000000 [ 85.442531][ T8060] Kernel Offset: disabled [ 85.446869][ T8060] Rebooting in 86400 seconds..