[info] Using makefile-style concurrent boot in runlevel 2. [ 40.158439][ T26] audit: type=1800 audit(1575590643.009:21): pid=7371 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="bootlogs" dev="sda1" ino=2452 res=0 [ 40.190928][ T26] audit: type=1800 audit(1575590643.009:22): pid=7371 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="motd" dev="sda1" ino=2480 res=0 [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.61' (ECDSA) to the list of known hosts. 2019/12/06 00:04:14 fuzzer started 2019/12/06 00:04:15 dialing manager at 10.128.0.105:45173 2019/12/06 00:04:15 syscalls: 2684 2019/12/06 00:04:15 code coverage: enabled 2019/12/06 00:04:15 comparison tracing: enabled 2019/12/06 00:04:15 extra coverage: extra coverage is not supported by the kernel 2019/12/06 00:04:15 setuid sandbox: enabled 2019/12/06 00:04:15 namespace sandbox: enabled 2019/12/06 00:04:15 Android sandbox: /sys/fs/selinux/policy does not exist 2019/12/06 00:04:15 fault injection: enabled 2019/12/06 00:04:15 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/12/06 00:04:15 net packet injection: enabled 2019/12/06 00:04:15 net device setup: enabled 2019/12/06 00:04:15 concurrency sanitizer: enabled 2019/12/06 00:04:15 devlink PCI setup: PCI device 0000:00:10.0 is not available 00:04:16 executing program 0: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000080)='cgroup.max.descendants\x00', 0x2, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) sendfile(r1, r1, 0x0, 0x8) 00:04:16 executing program 1: mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000016c0)='smaps_rollup\x00') readv(r0, &(0x7f0000001700)=[{&(0x7f0000001500)=""/179, 0xb3}], 0x1) syzkaller login: [ 53.707549][ T7541] IPVS: ftp: loaded support on port[0] = 21 [ 53.782611][ T7541] chnl_net:caif_netlink_parms(): no params data found [ 53.844383][ T7541] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.851471][ T7541] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.873786][ T7541] device bridge_slave_0 entered promiscuous mode [ 53.881166][ T7541] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.903170][ T7541] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.911175][ T7541] device bridge_slave_1 entered promiscuous mode [ 53.938986][ T7544] IPVS: ftp: loaded support on port[0] = 21 00:04:16 executing program 2: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000000)="250000002f008151e00f80ecdb4cb904024865160b00030025000000120000140e00090015", 0x25}], 0x1}, 0x0) [ 53.957819][ T7541] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 53.968589][ T7541] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 53.989334][ T7541] team0: Port device team_slave_0 added [ 53.997246][ T7541] team0: Port device team_slave_1 added [ 54.085171][ T7541] device hsr_slave_0 entered promiscuous mode [ 54.133423][ T7541] device hsr_slave_1 entered promiscuous mode 00:04:17 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(0x0, r2, 0x0) r3 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000400)=ANY=[@ANYBLOB="b7000000a5517f5fbfa30000000000000703000028feffff720af0fff8ffffff71a4f0ff00000000b7060000000000012e400300000000006506020001ed00007118540000000000c3640000000000006a0a00fe00000000850000002e000000b7000000000000009500000000000000023bc065b7a379d179fc9e94af69912435f1b6a693172e61917ad4b2ee1c8a2b4f8ef1e50beca090f32050e436fe275daf51efd601b6bf01c8e8b1b5e4fef3bef7054815ae98743d1ace4c46631256dd19aed0d600c095199fe3ff3128e599b0eaebbdbd7359a48f5b0afc646cb779299abc6dac46aa712f2e6388f3286c69669622208266f896ba2c9673c2efeec2dc565fef9ab79ff8abaa8a08f54a062107e9bb3e980fff675c8d3e91dfaa8f8d36c43a3ff4722b3ed22abcb63e0867b75690152af27711f0cbb9c06018d21bf3f87b8eb65323b4267a786d53442db8e48dbc5ce47d67d07441a7975d5e41b14fc0154a824e249952a8b61633ce068220"], &(0x7f00000001c0)='\x00\xf1)\r*\xbbzL\x8e7\x9e\xaa\xb3y\xb9\xfa!\xad!\xb4\xd4\x94\xa0\x86\xcf\x12#\xb4\xd3n$\x85\x06k\xb2\xf9\xd5\"\xfe\x86 \b\x7f\xe8\x8a\xcf\x89\x9b\xbaR]\xf5{J\x84\x15\xf9)\xf3\xc8\xd5`\xe6\xe6\x9eI\x02\xce\x1fI\xa8w\xc3#\xba\xf5\xe9\xea>\xc7\xab2,\xa0\x84t\xce\x04Tf\xc5\xfe`\'\x9b\xe2MH%\x93\x028\xcb\x0f\xdb\x16\xe2l\x80\xe6\xcd\xceW\x01SS-o`X\xf6\xa4\xc1|\xbe\xc4\xf0\xac1zp\xc9\x89\xef.\xa4\x91\xb4\xf3('}, 0x48) [ 54.340425][ T7541] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.347508][ T7541] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.354888][ T7541] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.362194][ T7541] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.427794][ T7546] IPVS: ftp: loaded support on port[0] = 21 [ 54.463628][ T7544] chnl_net:caif_netlink_parms(): no params data found [ 54.551836][ T7541] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.572663][ T7569] ================================================================== [ 54.580818][ T7569] BUG: KCSAN: data-race in generic_fillattr / task_dump_owner [ 54.588278][ T7569] [ 54.590611][ T7569] read to 0xffff8881288bbad0 of 4 bytes by task 7571 on cpu 0: [ 54.598170][ T7569] generic_fillattr+0xc7/0x1e0 [ 54.602934][ T7569] pid_getattr+0x74/0x1a0 [ 54.607265][ T7569] vfs_getattr_nosec+0x12e/0x170 [ 54.612197][ T7569] vfs_getattr+0x54/0x70 [ 54.616434][ T7569] vfs_statx+0x102/0x190 [ 54.620672][ T7569] __do_sys_newstat+0x51/0xb0 [ 54.625365][ T7569] __x64_sys_newstat+0x3a/0x50 [ 54.630133][ T7569] do_syscall_64+0xcc/0x370 [ 54.634630][ T7569] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 54.640854][ T7569] [ 54.643200][ T7569] write to 0xffff8881288bbad0 of 4 bytes by task 7569 on cpu 1: [ 54.650822][ T7569] task_dump_owner+0x246/0x260 [ 54.655576][ T7569] pid_update_inode+0x3c/0x70 [ 54.660240][ T7569] pid_revalidate+0x91/0xd0 [ 54.664731][ T7569] lookup_fast+0x6f2/0x700 [ 54.669132][ T7569] walk_component+0x6d/0xe70 [ 54.673708][ T7569] link_path_walk.part.0+0x5d3/0xa90 [ 54.678975][ T7569] path_openat+0x14f/0x36e0 [ 54.683465][ T7569] do_filp_open+0x11e/0x1b0 [ 54.687955][ T7569] do_sys_open+0x3b3/0x4f0 [ 54.692358][ T7569] __x64_sys_open+0x55/0x70 [ 54.696851][ T7569] do_syscall_64+0xcc/0x370 [ 54.701340][ T7569] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 54.707210][ T7569] [ 54.709521][ T7569] Reported by Kernel Concurrency Sanitizer on: [ 54.715660][ T7569] CPU: 1 PID: 7569 Comm: ps Not tainted 5.4.0-syzkaller #0 [ 54.722835][ T7569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 54.732881][ T7569] ================================================================== [ 54.740924][ T7569] Kernel panic - not syncing: panic_on_warn set ... [ 54.748453][ T7569] CPU: 1 PID: 7569 Comm: ps Not tainted 5.4.0-syzkaller #0 [ 54.755888][ T7569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 54.765926][ T7569] Call Trace: [ 54.769208][ T7569] dump_stack+0x11d/0x181 [ 54.773540][ T7569] panic+0x210/0x640 [ 54.777423][ T7569] ? vprintk_func+0x8d/0x140 [ 54.782092][ T7569] kcsan_report.cold+0xc/0xd [ 54.786687][ T7569] kcsan_setup_watchpoint+0x3fe/0x460 [ 54.792054][ T7569] __tsan_unaligned_write4+0xc4/0x100 [ 54.797412][ T7569] task_dump_owner+0x246/0x260 [ 54.802166][ T7569] ? __rcu_read_unlock+0x66/0x3c0 [ 54.807271][ T7569] pid_update_inode+0x3c/0x70 [ 54.811944][ T7569] pid_revalidate+0x91/0xd0 [ 54.816435][ T7569] lookup_fast+0x6f2/0x700 [ 54.820844][ T7569] walk_component+0x6d/0xe70 [ 54.825425][ T7569] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 54.831652][ T7569] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 54.837880][ T7569] ? security_inode_permission+0xa5/0xc0 [ 54.843503][ T7569] ? inode_permission+0xa0/0x3c0 [ 54.848431][ T7569] link_path_walk.part.0+0x5d3/0xa90 [ 54.854146][ T7569] path_openat+0x14f/0x36e0 [ 54.858644][ T7569] ? __read_once_size.constprop.0+0x12/0x20 [ 54.864537][ T7569] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 54.870774][ T7569] ? __virt_addr_valid+0x126/0x190 [ 54.875879][ T7569] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 54.882112][ T7569] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 54.888347][ T7569] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 54.894229][ T7569] ? __read_once_size+0x41/0xe0 [ 54.899076][ T7569] do_filp_open+0x11e/0x1b0 [ 54.903570][ T7569] ? __alloc_fd+0x2ef/0x3b0 [ 54.908072][ T7569] do_sys_open+0x3b3/0x4f0 [ 54.912484][ T7569] __x64_sys_open+0x55/0x70 [ 54.916985][ T7569] do_syscall_64+0xcc/0x370 [ 54.921491][ T7569] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 54.927368][ T7569] RIP: 0033:0x7f842e572120 [ 54.931884][ T7569] Code: 48 8b 15 1b 4d 2b 00 f7 d8 64 89 02 83 c8 ff c3 90 90 90 90 90 90 90 90 90 90 83 3d d5 a4 2b 00 00 75 10 b8 02 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 5e 8c 01 00 48 89 04 24 [ 54.951559][ T7569] RSP: 002b:00007ffe1e8f5318 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 54.959957][ T7569] RAX: ffffffffffffffda RBX: 0000000000616760 RCX: 00007f842e572120 [ 54.967925][ T7569] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007f842ea40d00 [ 54.975890][ T7569] RBP: 0000000000001000 R08: 0000000000000000 R09: 00007f842e83a57b [ 54.983856][ T7569] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f842ea3fd00 [ 54.991814][ T7569] R13: 0000000000000020 R14: 0000000000000005 R15: 0000000000000000 [ 55.001114][ T7569] Kernel Offset: disabled [ 55.005463][ T7569] Rebooting in 86400 seconds..