[ 34.371391][ T26] audit: type=1800 audit(1570559428.823:25): pid=7075 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2447 res=0 [ 34.415385][ T26] audit: type=1800 audit(1570559428.823:26): pid=7075 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2490 res=0 [ 34.443888][ T26] audit: type=1800 audit(1570559428.823:27): pid=7075 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2469 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [ 34.747559][ T7141] sshd (7141) used greatest stack depth: 10032 bytes left [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.47' (ECDSA) to the list of known hosts. 2019/10/08 18:30:39 fuzzer started 2019/10/08 18:30:41 dialing manager at 10.128.0.105:35069 2019/10/08 18:30:41 syscalls: 2523 2019/10/08 18:30:41 code coverage: enabled 2019/10/08 18:30:41 comparison tracing: enabled 2019/10/08 18:30:41 extra coverage: extra coverage is not supported by the kernel 2019/10/08 18:30:41 setuid sandbox: enabled 2019/10/08 18:30:41 namespace sandbox: enabled 2019/10/08 18:30:41 Android sandbox: /sys/fs/selinux/policy does not exist 2019/10/08 18:30:41 fault injection: enabled 2019/10/08 18:30:41 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/10/08 18:30:41 net packet injection: enabled 2019/10/08 18:30:41 net device setup: enabled 2019/10/08 18:30:41 concurrency sanitizer: enabled 18:30:44 executing program 0: r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f00000000c0)='SEG6\x00') fcntl$setstatus(r0, 0x4, 0x42000) r1 = add_key(&(0x7f0000000040)='dns_resolver\x00', &(0x7f0000000080)={'syz'}, &(0x7f00000000c0)="8000", 0x2, 0xfffffffffffffffe) keyctl$read(0xb, r1, 0x0, 0x0) keyctl$read(0xb, 0x0, 0x0, 0x0) keyctl$dh_compute(0x17, &(0x7f00000002c0)={r1}, &(0x7f0000000300)=""/125, 0x7d, &(0x7f0000000400)={0x0}) ioctl$sock_inet_SIOCGARP(0xffffffffffffffff, 0x8954, &(0x7f0000000100)={{0x2, 0x4e23, @remote}, {0x0, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}, 0x10, {0x2, 0x4e22, @multicast1}, 'veth0_to_bridge\x00'}) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000900)='/dev/snapshot\x00', 0x0, 0x0) bind(0xffffffffffffffff, &(0x7f0000000080)=@generic={0x0, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000980)=0xc) setsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0) sendmsg$SEG6_CMD_SET_TUNSRC(0xffffffffffffffff, 0x0, 0x20000050) socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) gettid() syzkaller login: [ 50.085443][ T7237] ================================================================== [ 50.093587][ T7237] BUG: KCSAN: data-race in ext4_es_lookup_extent / ext4_es_lookup_extent [ 50.102003][ T7237] [ 50.104341][ T7237] read to 0xffff88821864e428 of 8 bytes by task 7248 on cpu 0: [ 50.111881][ T7237] ext4_es_lookup_extent+0x3ba/0x510 [ 50.117174][ T7237] ext4_map_blocks+0xc2/0xf70 [ 50.121865][ T7237] ext4_getblk+0x30b/0x380 [ 50.126283][ T7237] ext4_bread+0x4a/0x190 [ 50.130554][ T7237] __ext4_read_dirblock+0x3e/0x700 [ 50.135662][ T7237] ext4_add_entry+0x46b/0x8e0 [ 50.140337][ T7237] ext4_mkdir+0x515/0x820 [ 50.144669][ T7237] vfs_mkdir+0x283/0x390 [ 50.148937][ T7237] do_mkdirat+0x1ac/0x1f0 [ 50.153259][ T7237] __x64_sys_mkdir+0x40/0x50 [ 50.157848][ T7237] do_syscall_64+0xcf/0x2f0 [ 50.162365][ T7237] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 50.168253][ T7237] [ 50.170665][ T7237] write to 0xffff88821864e428 of 8 bytes by task 7237 on cpu 1: [ 50.178290][ T7237] ext4_es_lookup_extent+0x3d3/0x510 [ 50.183584][ T7237] ext4_map_blocks+0xc2/0xf70 [ 50.188256][ T7237] ext4_mpage_readpages+0x92b/0x1270 [ 50.193530][ T7237] ext4_readpages+0x92/0xc0 [ 50.198024][ T7237] read_pages+0xa2/0x2d0 [ 50.202282][ T7237] __do_page_cache_readahead+0x353/0x390 [ 50.207913][ T7237] ondemand_readahead+0x35d/0x710 [ 50.212932][ T7237] page_cache_async_readahead+0x22c/0x250 [ 50.218648][ T7237] generic_file_read_iter+0xffc/0x1440 [ 50.224102][ T7237] ext4_file_read_iter+0xfa/0x240 [ 50.229114][ T7237] new_sync_read+0x389/0x4f0 [ 50.233693][ T7237] __vfs_read+0xb1/0xc0 [ 50.237840][ T7237] integrity_kernel_read+0xa1/0xe0 [ 50.242931][ T7237] [ 50.245243][ T7237] Reported by Kernel Concurrency Sanitizer on: [ 50.251390][ T7237] CPU: 1 PID: 7237 Comm: syz-fuzzer Not tainted 5.3.0+ #0 [ 50.258476][ T7237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 50.273468][ T7237] ================================================================== [ 50.281511][ T7237] Kernel panic - not syncing: panic_on_warn set ... [ 50.288081][ T7237] CPU: 1 PID: 7237 Comm: syz-fuzzer Not tainted 5.3.0+ #0 [ 50.295170][ T7237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 50.305207][ T7237] Call Trace: [ 50.308486][ T7237] dump_stack+0xf5/0x159 [ 50.312728][ T7237] panic+0x209/0x639 [ 50.316612][ T7237] ? generic_file_read_iter+0xffc/0x1440 [ 50.322232][ T7237] ? vprintk_func+0x8d/0x140 [ 50.326814][ T7237] kcsan_report.cold+0xc/0x1b [ 50.331484][ T7237] __kcsan_setup_watchpoint+0x3ee/0x510 [ 50.337015][ T7237] ? __kcsan_setup_watchpoint+0x96/0x510 [ 50.342637][ T7237] __tsan_write8+0x32/0x40 [ 50.347045][ T7237] ext4_es_lookup_extent+0x3d3/0x510 [ 50.352322][ T7237] ext4_map_blocks+0xc2/0xf70 [ 50.356992][ T7237] ext4_mpage_readpages+0x92b/0x1270 [ 50.362279][ T7237] ? __kcsan_setup_watchpoint+0x96/0x510 [ 50.367899][ T7237] ? __kcsan_setup_watchpoint+0x96/0x510 [ 50.373518][ T7237] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 50.379398][ T7237] ? ext4_invalidatepage+0x1e0/0x1e0 [ 50.384680][ T7237] ext4_readpages+0x92/0xc0 [ 50.389173][ T7237] ? ext4_invalidatepage+0x1e0/0x1e0 [ 50.394444][ T7237] read_pages+0xa2/0x2d0 [ 50.398693][ T7237] __do_page_cache_readahead+0x353/0x390 [ 50.404322][ T7237] ondemand_readahead+0x35d/0x710 [ 50.409339][ T7237] page_cache_async_readahead+0x22c/0x250 [ 50.415067][ T7237] generic_file_read_iter+0xffc/0x1440 [ 50.420532][ T7237] ext4_file_read_iter+0xfa/0x240 [ 50.425567][ T7237] new_sync_read+0x389/0x4f0 [ 50.430166][ T7237] __vfs_read+0xb1/0xc0 [ 50.434324][ T7237] integrity_kernel_read+0xa1/0xe0 [ 50.439432][ T7237] ima_calc_file_hash_tfm+0x1b5/0x260 [ 50.444793][ T7237] ? __kcsan_setup_watchpoint+0x96/0x510 [ 50.450425][ T7237] ? __const_udelay+0x36/0x40 [ 50.455108][ T7237] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 50.460812][ T7237] ? widen_string+0x4a/0x1a0 [ 50.465391][ T7237] ? __kcsan_setup_watchpoint+0x96/0x510 [ 50.471008][ T7237] ? __kcsan_setup_watchpoint+0x96/0x510 [ 50.476630][ T7237] ? __kcsan_setup_watchpoint+0x96/0x510 [ 50.482261][ T7237] ? __kcsan_setup_watchpoint+0x96/0x510 [ 50.487877][ T7237] ? __kcsan_setup_watchpoint+0x96/0x510 [ 50.493495][ T7237] ? __kcsan_setup_watchpoint+0x96/0x510 [ 50.499114][ T7237] ? __kcsan_setup_watchpoint+0x96/0x510 [ 50.504742][ T7237] ? __tsan_read4+0x2c/0x30 [ 50.509233][ T7237] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 50.515463][ T7237] ? refcount_sub_and_test_checked+0xc8/0x190 [ 50.521538][ T7237] ? __kcsan_setup_watchpoint+0x96/0x510 [ 50.527159][ T7237] ? __tsan_read4+0x2c/0x30 [ 50.531664][ T7237] ima_calc_file_hash+0x158/0xf10 [ 50.536675][ T7237] ? __tsan_write8+0x32/0x40 [ 50.541254][ T7237] ? ext4_xattr_get+0x10b/0x5c0 [ 50.546093][ T7237] ? __rcu_read_unlock+0x62/0xe0 [ 50.551019][ T7237] ? __kcsan_setup_watchpoint+0x96/0x510 [ 50.556642][ T7237] ima_collect_measurement+0x384/0x3b0 [ 50.562100][ T7237] process_measurement+0x980/0xff0 [ 50.567215][ T7237] ? __kcsan_setup_watchpoint+0x96/0x510 [ 50.572842][ T7237] ? __kcsan_setup_watchpoint+0x96/0x510 [ 50.578561][ T7237] ? __tsan_read4+0x2c/0x30 [ 50.583064][ T7237] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 50.589302][ T7237] ? refcount_sub_and_test_checked+0xc8/0x190 [ 50.595371][ T7237] ? __kcsan_setup_watchpoint+0x96/0x510 [ 50.600992][ T7237] ? __kcsan_setup_watchpoint+0x96/0x510 [ 50.606628][ T7237] ima_file_check+0x7e/0xb0 [ 50.611124][ T7237] path_openat+0xfb1/0x3530 [ 50.615617][ T7237] ? __kcsan_setup_watchpoint+0x96/0x510 [ 50.621255][ T7237] do_filp_open+0x11e/0x1b0 [ 50.625749][ T7237] ? _raw_spin_unlock+0x4b/0x60 [ 50.630585][ T7237] ? __alloc_fd+0x316/0x4c0 [ 50.635080][ T7237] ? get_unused_fd_flags+0x93/0xc0 [ 50.640182][ T7237] do_sys_open+0x3b3/0x4f0 [ 50.644598][ T7237] __x64_sys_openat+0x62/0x80 [ 50.649270][ T7237] do_syscall_64+0xcf/0x2f0 [ 50.653765][ T7237] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 50.659652][ T7237] RIP: 0033:0x47c5aa [ 50.663536][ T7237] Code: e8 7b 6b fb ff 48 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 4c 8b 54 24 28 4c 8b 44 24 30 4c 8b 4c 24 38 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 40 ff ff ff ff 48 c7 44 24 48 [ 50.683221][ T7237] RSP: 002b:000000c420303850 EFLAGS: 00000206 ORIG_RAX: 0000000000000101 [ 50.691790][ T7237] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000047c5aa [ 50.699752][ T7237] RDX: 0000000000080002 RSI: 000000c420096700 RDI: ffffffffffffff9c [ 50.707710][ T7237] RBP: 000000c4203038d0 R08: 0000000000000000 R09: 0000000000000000 [ 50.715669][ T7237] R10: 00000000000001a4 R11: 0000000000000206 R12: ffffffffffffffff [ 50.723735][ T7237] R13: 0000000000000039 R14: 0000000000000038 R15: 0000000000000100 [ 50.733205][ T7237] Kernel Offset: disabled [ 50.737547][ T7237] Rebooting in 86400 seconds..