[ 42.527411][ T26] audit: type=1800 audit(1570557810.924:22): pid=7099 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="motd" dev="sda1" ino=2480 res=0 [ 42.554016][ T26] audit: type=1800 audit(1570557810.924:23): pid=7099 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rsyslog" dev="sda1" ino=2475 res=0 [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [ 43.159463][ T7165] sshd (7165) used greatest stack depth: 10032 bytes left [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.166' (ECDSA) to the list of known hosts. 2019/10/08 18:03:41 fuzzer started 2019/10/08 18:03:42 dialing manager at 10.128.0.105:35069 2019/10/08 18:03:43 syscalls: 2523 2019/10/08 18:03:43 code coverage: enabled 2019/10/08 18:03:43 comparison tracing: enabled 2019/10/08 18:03:43 extra coverage: extra coverage is not supported by the kernel 2019/10/08 18:03:43 setuid sandbox: enabled 2019/10/08 18:03:43 namespace sandbox: enabled 2019/10/08 18:03:43 Android sandbox: /sys/fs/selinux/policy does not exist 2019/10/08 18:03:43 fault injection: enabled 2019/10/08 18:03:43 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/10/08 18:03:43 net packet injection: enabled 2019/10/08 18:03:43 net device setup: enabled 2019/10/08 18:03:43 concurrency sanitizer: enabled 18:03:45 executing program 0: r0 = syz_open_dev$sndseq(&(0x7f00000003c0)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT(r0, 0xc0bc5351, &(0x7f0000000000)={0x200000, 0x0, 'client0\x00', 0x0, "823f9883208df195", "e5294969685a3f8d2a387d5bddd94d6bd4014ea097aad32f583a00084f8ca581"}) syzkaller login: [ 57.440809][ T7263] ================================================================== [ 57.448932][ T7263] BUG: KCSAN: data-race in ext4_es_lookup_extent / ext4_es_lookup_extent [ 57.457325][ T7263] [ 57.459114][ T7266] IPVS: ftp: loaded support on port[0] = 21 [ 57.459663][ T7263] write to 0xffff888218649428 of 8 bytes by task 7266 on cpu 0: [ 57.473148][ T7263] ext4_es_lookup_extent+0x3d3/0x510 [ 57.478425][ T7263] ext4_map_blocks+0xc2/0xf70 [ 57.483095][ T7263] ext4_getblk+0x30b/0x380 [ 57.487501][ T7263] ext4_bread_batch+0x8a/0x2e0 [ 57.492264][ T7263] __ext4_find_entry+0x32f/0x970 [ 57.497194][ T7263] ext4_lookup+0x35f/0x4f0 [ 57.501599][ T7263] __lookup_hash+0xcb/0x110 [ 57.506099][ T7263] filename_create+0x102/0x2d0 [ 57.510851][ T7263] do_mkdirat+0x65/0x1f0 [ 57.515084][ T7263] __x64_sys_mkdir+0x40/0x50 [ 57.519665][ T7263] do_syscall_64+0xcf/0x2f0 [ 57.524144][ T7263] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 57.530010][ T7263] [ 57.532332][ T7263] read to 0xffff888218649428 of 8 bytes by task 7263 on cpu 1: [ 57.539868][ T7263] ext4_es_lookup_extent+0x3ba/0x510 [ 57.545144][ T7263] ext4_map_blocks+0xc2/0xf70 [ 57.549806][ T7263] ext4_mpage_readpages+0x92b/0x1270 [ 57.549875][ T7266] chnl_net:caif_netlink_parms(): no params data found [ 57.555121][ T7263] ext4_readpages+0x92/0xc0 [ 57.566345][ T7263] read_pages+0xa2/0x2d0 [ 57.570582][ T7263] __do_page_cache_readahead+0x353/0x390 [ 57.576207][ T7263] ondemand_readahead+0x35d/0x710 [ 57.581220][ T7263] page_cache_async_readahead+0x22c/0x250 [ 57.586929][ T7263] generic_file_read_iter+0xffc/0x1440 [ 57.592384][ T7263] ext4_file_read_iter+0xfa/0x240 [ 57.593227][ T7266] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.597432][ T7263] new_sync_read+0x389/0x4f0 [ 57.597445][ T7263] __vfs_read+0xb1/0xc0 [ 57.597471][ T7263] integrity_kernel_read+0xa1/0xe0 [ 57.604564][ T7266] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.609024][ T7263] [ 57.609029][ T7263] Reported by Kernel Concurrency Sanitizer on: [ 57.609045][ T7263] CPU: 1 PID: 7263 Comm: syz-fuzzer Not tainted 5.3.0+ #0 [ 57.609052][ T7263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 57.609057][ T7263] ================================================================== [ 57.609075][ T7263] Kernel panic - not syncing: panic_on_warn set ... [ 57.619546][ T7266] device bridge_slave_0 entered promiscuous mode [ 57.625312][ T7263] CPU: 1 PID: 7263 Comm: syz-fuzzer Not tainted 5.3.0+ #0 [ 57.629226][ T7266] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.633753][ T7263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 57.641254][ T7266] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.650885][ T7263] Call Trace: [ 57.650910][ T7263] dump_stack+0xf5/0x159 [ 57.650940][ T7263] panic+0x209/0x639 [ 57.660483][ T7266] device bridge_slave_1 entered promiscuous mode [ 57.665745][ T7263] ? generic_file_read_iter+0xffc/0x1440 [ 57.688368][ T7266] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 57.696187][ T7263] ? vprintk_func+0x8d/0x140 [ 57.704838][ T7266] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 57.706472][ T7263] kcsan_report.cold+0xc/0x1b [ 57.725335][ T7266] team0: Port device team_slave_0 added [ 57.726605][ T7263] __kcsan_setup_watchpoint+0x3ee/0x510 [ 57.737519][ T7266] team0: Port device team_slave_1 added [ 57.740262][ T7263] ? __kcsan_setup_watchpoint+0x96/0x510 [ 57.776051][ T7263] __tsan_read8+0x2c/0x30 [ 57.780416][ T7263] ext4_es_lookup_extent+0x3ba/0x510 [ 57.785723][ T7263] ext4_map_blocks+0xc2/0xf70 [ 57.790389][ T7263] ext4_mpage_readpages+0x92b/0x1270 [ 57.795659][ T7263] ? __kcsan_setup_watchpoint+0x96/0x510 [ 57.801268][ T7263] ? __kcsan_setup_watchpoint+0x96/0x510 [ 57.806882][ T7263] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 57.812765][ T7263] ? ext4_invalidatepage+0x1e0/0x1e0 [ 57.818028][ T7263] ext4_readpages+0x92/0xc0 [ 57.822507][ T7263] ? ext4_invalidatepage+0x1e0/0x1e0 [ 57.827768][ T7263] read_pages+0xa2/0x2d0 [ 57.832259][ T7263] __do_page_cache_readahead+0x353/0x390 [ 57.837875][ T7263] ondemand_readahead+0x35d/0x710 [ 57.842883][ T7263] page_cache_async_readahead+0x22c/0x250 [ 57.848584][ T7263] generic_file_read_iter+0xffc/0x1440 [ 57.854030][ T7263] ext4_file_read_iter+0xfa/0x240 [ 57.859036][ T7263] new_sync_read+0x389/0x4f0 [ 57.863660][ T7263] __vfs_read+0xb1/0xc0 [ 57.867796][ T7263] integrity_kernel_read+0xa1/0xe0 [ 57.872887][ T7263] ima_calc_file_hash_tfm+0x1b5/0x260 [ 57.878235][ T7263] ? __kcsan_setup_watchpoint+0x96/0x510 [ 57.883846][ T7263] ? should_fail+0xd4/0x45d [ 57.888328][ T7263] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 57.894033][ T7263] ? widen_string+0x4a/0x1a0 [ 57.898602][ T7263] ? __kcsan_setup_watchpoint+0x96/0x510 [ 57.904213][ T7263] ? __kcsan_setup_watchpoint+0x96/0x510 [ 57.909827][ T7263] ? __kcsan_setup_watchpoint+0x96/0x510 [ 57.915439][ T7263] ? __kcsan_setup_watchpoint+0x96/0x510 [ 57.921046][ T7263] ? __kcsan_setup_watchpoint+0x96/0x510 [ 57.926657][ T7263] ? __kcsan_setup_watchpoint+0x96/0x510 [ 57.932264][ T7263] ? __kcsan_setup_watchpoint+0x96/0x510 [ 57.937982][ T7263] ? __tsan_read4+0x2c/0x30 [ 57.942470][ T7263] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 57.948793][ T7263] ? refcount_sub_and_test_checked+0xc8/0x190 [ 57.954840][ T7263] ? __kcsan_setup_watchpoint+0x96/0x510 [ 57.960452][ T7263] ? __tsan_read4+0x2c/0x30 [ 57.964939][ T7263] ima_calc_file_hash+0x158/0xf10 [ 57.969939][ T7263] ? __tsan_write8+0x32/0x40 [ 57.974505][ T7263] ? ext4_xattr_get+0x10b/0x5c0 [ 57.979332][ T7263] ? __rcu_read_unlock+0x62/0xe0 [ 57.984247][ T7263] ? __kcsan_setup_watchpoint+0x96/0x510 [ 57.989860][ T7263] ima_collect_measurement+0x384/0x3b0 [ 57.995303][ T7263] process_measurement+0x980/0xff0 [ 58.000393][ T7263] ? __kcsan_setup_watchpoint+0x96/0x510 [ 58.005998][ T7263] ? __kcsan_setup_watchpoint+0x96/0x510 [ 58.011610][ T7263] ? __tsan_read4+0x2c/0x30 [ 58.016090][ T7263] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 58.022339][ T7263] ? refcount_sub_and_test_checked+0xc8/0x190 [ 58.028381][ T7263] ? __kcsan_setup_watchpoint+0x96/0x510 [ 58.033993][ T7263] ? __kcsan_setup_watchpoint+0x96/0x510 [ 58.039603][ T7263] ima_file_check+0x7e/0xb0 [ 58.044085][ T7263] path_openat+0xfb1/0x3530 [ 58.048565][ T7263] ? __kcsan_setup_watchpoint+0x96/0x510 [ 58.054178][ T7263] do_filp_open+0x11e/0x1b0 [ 58.058672][ T7263] ? _raw_spin_unlock+0x4b/0x60 [ 58.063497][ T7263] ? __alloc_fd+0x316/0x4c0 [ 58.067983][ T7263] ? get_unused_fd_flags+0x93/0xc0 [ 58.073077][ T7263] do_sys_open+0x3b3/0x4f0 [ 58.077475][ T7263] __x64_sys_openat+0x62/0x80 [ 58.082132][ T7263] do_syscall_64+0xcf/0x2f0 [ 58.086618][ T7263] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 58.092484][ T7263] RIP: 0033:0x47c5aa [ 58.096356][ T7263] Code: e8 7b 6b fb ff 48 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 4c 8b 54 24 28 4c 8b 44 24 30 4c 8b 4c 24 38 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 40 ff ff ff ff 48 c7 44 24 48 [ 58.115946][ T7263] RSP: 002b:000000c420051850 EFLAGS: 00000206 ORIG_RAX: 0000000000000101 [ 58.124345][ T7263] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000047c5aa [ 58.132292][ T7263] RDX: 0000000000080002 RSI: 000000c420b0c400 RDI: ffffffffffffff9c [ 58.140238][ T7263] RBP: 000000c4200518d0 R08: 0000000000000000 R09: 0000000000000000 [ 58.148185][ T7263] R10: 00000000000001a4 R11: 0000000000000206 R12: ffffffffffffffff [ 58.156217][ T7263] R13: 0000000000000021 R14: 0000000000000020 R15: 0000000000000100 [ 58.165468][ T7263] Kernel Offset: disabled [ 58.169786][ T7263] Rebooting in 86400 seconds..