[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   35.102791][   T25] audit: type=1800 audit(1570706785.801:25): pid=6989 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2447 res=0
[   35.130225][   T25] audit: type=1800 audit(1570706785.801:26): pid=6989 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2490 res=0
[   35.170199][   T25] audit: type=1800 audit(1570706785.801:27): pid=6989 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2469 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.252' (ECDSA) to the list of known hosts.
2019/10/10 11:26:36 fuzzer started
2019/10/10 11:26:37 dialing manager at 10.128.0.105:34287
2019/10/10 11:26:37 syscalls: 2523
2019/10/10 11:26:37 code coverage: enabled
2019/10/10 11:26:37 comparison tracing: enabled
2019/10/10 11:26:37 extra coverage: extra coverage is not supported by the kernel
2019/10/10 11:26:37 setuid sandbox: enabled
2019/10/10 11:26:37 namespace sandbox: enabled
2019/10/10 11:26:37 Android sandbox: /sys/fs/selinux/policy does not exist
2019/10/10 11:26:37 fault injection: enabled
2019/10/10 11:26:37 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2019/10/10 11:26:37 net packet injection: enabled
2019/10/10 11:26:37 net device setup: enabled
2019/10/10 11:26:37 concurrency sanitizer: enabled
11:26:40 executing program 0:
syz_read_part_table(0x0, 0x6876b688bcd26e3, &(0x7f0000000080)=[{&(0x7f0000000000)="0201a9ffffff0a000000ff07000000ffffff81000800000000000000004000ffffff85000000e1000000887700720030b5829237c30000000000008000da55aa", 0x40, 0x1c0}])

syzkaller login: [   50.240680][ T7155] IPVS: ftp: loaded support on port[0] = 21
11:26:41 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x10, 0x50}, [@ldst={0x7}]}, &(0x7f0000003ff6)='G\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48)

[   50.331561][ T7155] chnl_net:caif_netlink_parms(): no params data found
[   50.358798][ T7137] ==================================================================
[   50.366920][ T7137] BUG: KCSAN: data-race in tomoyo_supervisor / tomoyo_supervisor
[   50.374713][ T7137] 
[   50.377039][ T7137] write to 0xffffffff860bff40 of 4 bytes by task 7140 on cpu 1:
[   50.384668][ T7137]  tomoyo_supervisor+0xcd3/0xd20
[   50.389604][ T7137]  tomoyo_path_permission+0x121/0x160
[   50.394966][ T7137]  tomoyo_check_open_permission+0x2b9/0x320
[   50.400851][ T7137]  tomoyo_file_open+0x75/0x90
[   50.405527][ T7137]  security_file_open+0x69/0x210
[   50.410463][ T7137]  do_dentry_open+0x20a/0x900
[   50.415087][ T7155] bridge0: port 1(bridge_slave_0) entered blocking state
[   50.415143][ T7137]  vfs_open+0x62/0x80
[   50.422370][ T7155] bridge0: port 1(bridge_slave_0) entered disabled state
[   50.426099][ T7137]  path_openat+0xf75/0x3530
[   50.426110][ T7137]  do_filp_open+0x11e/0x1b0
[   50.426120][ T7137]  do_sys_open+0x3b3/0x4f0
[   50.426130][ T7137]  __x64_sys_openat+0x62/0x80
[   50.426143][ T7137]  do_syscall_64+0xcf/0x2f0
[   50.426174][ T7137]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   50.434143][ T7155] device bridge_slave_0 entered promiscuous mode
[   50.437628][ T7137] 
[   50.437643][ T7137] read to 0xffffffff860bff40 of 4 bytes by task 7137 on cpu 0:
[   50.437657][ T7137]  tomoyo_supervisor+0xcbe/0xd20
[   50.437668][ T7137]  tomoyo_path_number_perm+0x323/0x3c0
[   50.437693][ T7137]  tomoyo_path_mkdir+0x6e/0xa0
[   50.443494][ T7155] bridge0: port 2(bridge_slave_1) entered blocking state
[   50.446655][ T7137]  security_path_mkdir+0xb8/0xf0
[   50.451389][ T7155] bridge0: port 2(bridge_slave_1) entered disabled state
[   50.455791][ T7137]  do_mkdirat+0xef/0x1f0
[   50.462582][ T7155] device bridge_slave_1 entered promiscuous mode
[   50.467954][ T7137]  __x64_sys_mkdirat+0x4d/0x60
[   50.467971][ T7137]  do_syscall_64+0xcf/0x2f0
[   50.467987][ T7137]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   50.468001][ T7137] 
[   50.486841][ T7155] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   50.488221][ T7137] Reported by Kernel Concurrency Sanitizer on:
[   50.488237][ T7137] CPU: 0 PID: 7137 Comm: syz-fuzzer Not tainted 5.3.0+ #0
[   50.488244][ T7137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   50.488249][ T7137] ==================================================================
[   50.488256][ T7137] Kernel panic - not syncing: panic_on_warn set ...
[   50.488269][ T7137] CPU: 0 PID: 7137 Comm: syz-fuzzer Not tainted 5.3.0+ #0
[   50.488288][ T7137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   50.494485][ T7155] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   50.500148][ T7137] Call Trace:
[   50.500172][ T7137]  dump_stack+0xf5/0x159
[   50.500190][ T7137]  panic+0x209/0x639
[   50.500209][ T7137]  ? vprintk_func+0x8d/0x140
[   50.500245][ T7137]  kcsan_report.cold+0xc/0x1b
[   50.520835][ T7155] team0: Port device team_slave_0 added
[   50.522710][ T7137]  __kcsan_setup_watchpoint+0x3ee/0x510
[   50.529419][ T7155] team0: Port device team_slave_1 added
[   50.532003][ T7137]  __tsan_read4+0x2c/0x30
[   50.654696][ T7137]  tomoyo_supervisor+0xcbe/0xd20
[   50.659625][ T7137]  tomoyo_path_number_perm+0x323/0x3c0
[   50.665071][ T7137]  ? __kcsan_setup_watchpoint+0x96/0x510
[   50.670687][ T7137]  tomoyo_path_mkdir+0x6e/0xa0
[   50.675440][ T7137]  security_path_mkdir+0xb8/0xf0
[   50.680357][ T7137]  do_mkdirat+0xef/0x1f0
[   50.684582][ T7137]  __x64_sys_mkdirat+0x4d/0x60
[   50.689324][ T7137]  do_syscall_64+0xcf/0x2f0
[   50.693846][ T7137]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   50.699723][ T7137] RIP: 0033:0x47c530
[   50.703598][ T7137] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30
[   50.723179][ T7137] RSP: 002b:000000c4202ff990 EFLAGS: 00000206 ORIG_RAX: 0000000000000102
[   50.731567][ T7137] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000047c530
[   50.739515][ T7137] RDX: 00000000000001c0 RSI: 000000c420096700 RDI: ffffffffffffff9c
[   50.747464][ T7137] RBP: 000000c4202ff9f0 R08: 0000000000000000 R09: 0000000000000000
[   50.755421][ T7137] R10: 0000000000000000 R11: 0000000000000206 R12: ffffffffffffffff
[   50.763419][ T7137] R13: 0000000000000039 R14: 0000000000000038 R15: 0000000000000100
[   50.772712][ T7137] Kernel Offset: disabled
[   50.777084][ T7137] Rebooting in 86400 seconds..