[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 35.043032][ T25] audit: type=1800 audit(1571089279.499:25): pid=7154 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2447 res=0 [ 35.079476][ T25] audit: type=1800 audit(1571089279.499:26): pid=7154 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2490 res=0 [ 35.137792][ T25] audit: type=1800 audit(1571089279.499:27): pid=7154 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2469 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.21' (ECDSA) to the list of known hosts. 2019/10/14 21:41:29 fuzzer started 2019/10/14 21:41:31 dialing manager at 10.128.0.105:33683 2019/10/14 21:41:31 syscalls: 2523 2019/10/14 21:41:31 code coverage: enabled 2019/10/14 21:41:31 comparison tracing: enabled 2019/10/14 21:41:31 extra coverage: extra coverage is not supported by the kernel 2019/10/14 21:41:31 setuid sandbox: enabled 2019/10/14 21:41:31 namespace sandbox: enabled 2019/10/14 21:41:31 Android sandbox: /sys/fs/selinux/policy does not exist 2019/10/14 21:41:31 fault injection: enabled 2019/10/14 21:41:31 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/10/14 21:41:31 net packet injection: enabled 2019/10/14 21:41:31 net device setup: enabled 2019/10/14 21:41:31 concurrency sanitizer: enabled 21:41:33 executing program 0: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00003e6fc8)={0x0, 0x0, &(0x7f00009c7000)={&(0x7f0000225fb0)=@newae={0x50, 0x1e, 0x1, 0x0, 0x0, {{@in6=@mcast1}}, [@replay_val={0x10}]}, 0x50}}, 0x0) syzkaller login: [ 49.604583][ T7322] IPVS: ftp: loaded support on port[0] = 21 21:41:34 executing program 1: r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fcntl$setstatus(r0, 0x4, 0x42000) r1 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x28001, 0x0) read(r1, &(0x7f0000000040)=""/87, 0x57) ioctl$int_in(r1, 0x800000c0045005, &(0x7f00000000c0)) [ 49.703253][ T7322] chnl_net:caif_netlink_parms(): no params data found [ 49.744415][ T7324] ================================================================== [ 49.752550][ T7324] BUG: KCSAN: data-race in ext4_es_lookup_extent / ext4_es_lookup_extent [ 49.760957][ T7324] [ 49.763288][ T7324] read to 0xffff888126b7cc28 of 8 bytes by task 7309 on cpu 1: [ 49.770829][ T7324] ext4_es_lookup_extent+0x3ba/0x510 [ 49.776107][ T7324] ext4_map_blocks+0xc2/0xf70 [ 49.780778][ T7324] ext4_mpage_readpages+0x92b/0x1270 [ 49.786055][ T7324] ext4_readpages+0x92/0xc0 [ 49.790554][ T7324] read_pages+0xa2/0x2d0 [ 49.794789][ T7324] __do_page_cache_readahead+0x353/0x390 [ 49.800413][ T7324] ondemand_readahead+0x35d/0x710 [ 49.805456][ T7324] page_cache_async_readahead+0x22c/0x250 [ 49.811166][ T7324] generic_file_read_iter+0xffc/0x1440 [ 49.816616][ T7324] ext4_file_read_iter+0xfa/0x240 [ 49.821740][ T7324] new_sync_read+0x389/0x4f0 [ 49.826327][ T7324] __vfs_read+0xb1/0xc0 [ 49.830478][ T7324] integrity_kernel_read+0xa1/0xe0 [ 49.835614][ T7324] ima_calc_file_hash_tfm+0x1b5/0x260 [ 49.840963][ T7324] [ 49.843289][ T7324] write to 0xffff888126b7cc28 of 8 bytes by task 7324 on cpu 0: [ 49.850913][ T7324] ext4_es_lookup_extent+0x3d3/0x510 [ 49.851784][ T7322] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.856201][ T7324] ext4_map_blocks+0xc2/0xf70 [ 49.867863][ T7324] ext4_getblk+0x30b/0x380 [ 49.872274][ T7324] ext4_bread+0x4a/0x190 [ 49.876512][ T7324] __ext4_read_dirblock+0x3e/0x700 [ 49.880534][ T7322] bridge0: port 1(bridge_slave_0) entered disabled state [ 49.881623][ T7324] ext4_add_entry+0x46b/0x8e0 [ 49.889582][ T7322] device bridge_slave_0 entered promiscuous mode [ 49.893274][ T7324] ext4_mkdir+0x515/0x820 [ 49.893286][ T7324] vfs_mkdir+0x283/0x390 [ 49.893298][ T7324] do_mkdirat+0x1ac/0x1f0 [ 49.893309][ T7324] __x64_sys_mkdir+0x40/0x50 [ 49.893324][ T7324] do_syscall_64+0xcf/0x2f0 [ 49.893340][ T7324] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 49.893355][ T7324] [ 49.911900][ T7322] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.912498][ T7324] Reported by Kernel Concurrency Sanitizer on: [ 49.917150][ T7322] bridge0: port 2(bridge_slave_1) entered disabled state [ 49.921783][ T7324] CPU: 0 PID: 7324 Comm: syz-executor.1 Not tainted 5.3.0+ #0 [ 49.921791][ T7324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 49.921796][ T7324] ================================================================== [ 49.921803][ T7324] Kernel panic - not syncing: panic_on_warn set ... [ 49.921816][ T7324] CPU: 0 PID: 7324 Comm: syz-executor.1 Not tainted 5.3.0+ #0 [ 49.921823][ T7324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 49.921839][ T7324] Call Trace: [ 49.928678][ T7322] device bridge_slave_1 entered promiscuous mode [ 49.930089][ T7324] dump_stack+0xf5/0x159 [ 49.985970][ T7322] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 49.989754][ T7324] panic+0x209/0x639 [ 50.022400][ T7322] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 50.022582][ T7324] ? do_mkdirat+0x1ac/0x1f0 [ 50.039953][ T7324] ? vprintk_func+0x8d/0x140 [ 50.044548][ T7324] kcsan_report.cold+0xc/0x1b [ 50.049230][ T7324] __kcsan_setup_watchpoint+0x3ee/0x510 [ 50.054790][ T7324] __tsan_write8+0x32/0x40 [ 50.059206][ T7324] ext4_es_lookup_extent+0x3d3/0x510 [ 50.060530][ T7322] team0: Port device team_slave_0 added [ 50.065189][ T7324] ext4_map_blocks+0xc2/0xf70 [ 50.075380][ T7324] ? __kcsan_setup_watchpoint+0x96/0x510 [ 50.081026][ T7324] ext4_getblk+0x30b/0x380 [ 50.081787][ T7322] team0: Port device team_slave_1 added [ 50.085442][ T7324] ? fscrypt_setup_filename+0x310/0x710 [ 50.096489][ T7324] ? __kcsan_setup_watchpoint+0x96/0x510 [ 50.102120][ T7324] ext4_bread+0x4a/0x190 [ 50.106356][ T7324] __ext4_read_dirblock+0x3e/0x700 [ 50.111466][ T7324] ext4_add_entry+0x46b/0x8e0 [ 50.116169][ T7324] ext4_mkdir+0x515/0x820 [ 50.120499][ T7324] vfs_mkdir+0x283/0x390 [ 50.124741][ T7324] do_mkdirat+0x1ac/0x1f0 [ 50.129069][ T7324] __x64_sys_mkdir+0x40/0x50 [ 50.133657][ T7324] do_syscall_64+0xcf/0x2f0 [ 50.138177][ T7324] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 50.144057][ T7324] RIP: 0033:0x458e77 [ 50.147948][ T7324] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 50.167549][ T7324] RSP: 002b:00007ffea8c53b78 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 50.175958][ T7324] RAX: ffffffffffffffda RBX: 000000000003a2f8 RCX: 0000000000458e77 [ 50.183915][ T7324] RDX: 0000000000000002 RSI: 00000000000001c0 RDI: 00007ffea8c53d50 [ 50.191874][ T7324] RBP: 0000000000000001 R08: 000000000000f8c0 R09: 00000000000024c0 [ 50.199845][ T7324] R10: 0000000000000011 R11: 0000000000000246 R12: 00000000000000c2 [ 50.207811][ T7324] R13: 00007ffea8c53d50 R14: 8421084210842109 R15: 00007ffea8c53d5c [ 50.217012][ T7324] Kernel Offset: disabled [ 50.221339][ T7324] Rebooting in 86400 seconds..