[ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.10.19' (ECDSA) to the list of known hosts. 2020/06/19 23:51:26 fuzzer started 2020/06/19 23:51:26 dialing manager at 10.128.0.105:38669 2020/06/19 23:51:26 syscalls: 3092 2020/06/19 23:51:26 code coverage: enabled 2020/06/19 23:51:26 comparison tracing: enabled 2020/06/19 23:51:26 extra coverage: enabled 2020/06/19 23:51:26 setuid sandbox: enabled 2020/06/19 23:51:26 namespace sandbox: enabled 2020/06/19 23:51:26 Android sandbox: /sys/fs/selinux/policy does not exist 2020/06/19 23:51:26 fault injection: enabled 2020/06/19 23:51:26 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/06/19 23:51:26 net packet injection: enabled 2020/06/19 23:51:26 net device setup: enabled 2020/06/19 23:51:26 concurrency sanitizer: enabled 2020/06/19 23:51:26 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/06/19 23:51:26 USB emulation: enabled 2020/06/19 23:51:29 suppressing KCSAN reports in functions: '__delayacct_blkio_end' 'do_nanosleep' '__blk_mq_sched_dispatch_requests' '__xa_clear_mark' 'ext4_free_inodes_count' 'expire_timers' 'blk_mq_sched_dispatch_requests' '__ext4_update_other_inode_time' 'dd_has_work' 'do_epoll_wait' 'ext4_free_inode' 'complete_signal' 'find_get_pages_range_tag' 'alloc_pid' 'ext4_ext_insert_extent' 'xas_clear_mark' 'dput' 'fsnotify' 'wbt_issue' 'page_counter_charge' 'copy_process' 'shmem_file_read_iter' 'ext4_mark_iloc_dirty' 'audit_log_start' 'n_tty_receive_buf_common' 'futex_wait_queue_me' 'ext4_mb_find_by_goal' 'exit_mm' 'shmem_symlink' '__ext4_new_inode' 'io_sq_thread' 'blk_mq_dispatch_rq_list' 'generic_write_end' 'tick_nohz_stop_tick' 'snd_rawmidi_poll' 'blk_mq_rq_ctx_init' 'pcpu_alloc' 'do_signal_stop' 'do_select' '__mark_inode_dirty' 23:52:52 executing program 0: r0 = syz_open_dev$sg(&(0x7f0000000340)='/dev/sg#\x00', 0x0, 0x1a1c42) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae", 0x1}], 0x1) syzkaller login: [ 120.145746][ T8641] ================================================================== [ 120.153897][ T8641] BUG: KCSAN: data-race in atime_needs_update / propagate_one [ 120.157976][ T8647] IPVS: ftp: loaded support on port[0] = 21 [ 120.161349][ T8641] [ 120.169531][ T8641] write to 0xffff888217dee0b0 of 4 bytes by task 8647 on cpu 1: [ 120.177149][ T8641] propagate_one+0x32d/0x400 [ 120.181726][ T8641] propagate_mnt+0x2f8/0x640 [ 120.186305][ T8641] attach_recursive_mnt+0x519/0x1210 [ 120.191579][ T8641] do_mount+0x1aa8/0x1bd0 [ 120.195893][ T8641] __se_sys_mount+0xd3/0x100 [ 120.200510][ T8641] __x64_sys_mount+0x63/0x70 [ 120.205085][ T8641] do_syscall_64+0x71/0x120 [ 120.205193][ T8647] chnl_net:caif_netlink_parms(): no params data found [ 120.209577][ T8641] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 120.222168][ T8641] [ 120.224480][ T8641] read to 0xffff888217dee0b0 of 4 bytes by task 8641 on cpu 0: [ 120.232015][ T8641] atime_needs_update+0x133/0x370 [ 120.237213][ T8641] touch_atime+0x53/0x1a0 [ 120.239006][ T8647] bridge0: port 1(bridge_slave_0) entered blocking state [ 120.241532][ T8641] generic_file_buffered_read+0x167e/0x1750 [ 120.250050][ T8647] bridge0: port 1(bridge_slave_0) entered disabled state [ 120.255860][ T8641] generic_file_read_iter+0x7d/0x3e0 [ 120.255871][ T8641] ext4_file_read_iter+0x2dd/0x410 [ 120.255922][ T8641] __vfs_read+0x2d5/0x330 [ 120.263345][ T8647] device bridge_slave_0 entered promiscuous mode [ 120.268205][ T8641] integrity_kernel_read+0xb4/0x100 [ 120.274428][ T8647] bridge0: port 2(bridge_slave_1) entered blocking state [ 120.277588][ T8641] ima_calc_file_hash+0x9bf/0x13e0 [ 120.284048][ T8647] bridge0: port 2(bridge_slave_1) entered disabled state [ 120.289052][ T8641] ima_collect_measurement+0x168/0x310 [ 120.296423][ T8647] device bridge_slave_1 entered promiscuous mode [ 120.301125][ T8641] process_measurement+0x9fc/0x1040 [ 120.315767][ T8647] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 120.319902][ T8641] ima_file_check+0x75/0xa0 [ 120.326504][ T8647] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 120.334074][ T8641] path_openat+0x18a2/0x20e0 [ 120.334083][ T8641] do_filp_open+0xbd/0x1d0 [ 120.334097][ T8641] do_sys_openat2+0x33c/0x4a0 [ 120.346401][ T8647] team0: Port device team_slave_0 added [ 120.347568][ T8641] __x64_sys_openat+0xef/0x110 [ 120.353397][ T8647] team0: Port device team_slave_1 added [ 120.356538][ T8641] do_syscall_64+0x71/0x120 [ 120.368681][ T8647] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 120.371482][ T8641] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 120.377019][ T8647] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 120.381463][ T8641] [ 120.388380][ T8647] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 120.394221][ T8641] Reported by Kernel Concurrency Sanitizer on: [ 120.394233][ T8641] CPU: 0 PID: 8641 Comm: syz-fuzzer Not tainted 5.8.0-rc1-syzkaller #0 [ 120.394246][ T8641] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 120.421161][ T8647] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 120.422474][ T8641] ================================================================== [ 120.432968][ T8647] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 120.439065][ T8641] Kernel panic - not syncing: panic_on_warn set ... [ 120.439075][ T8641] CPU: 0 PID: 8641 Comm: syz-fuzzer Not tainted 5.8.0-rc1-syzkaller #0 [ 120.439086][ T8641] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 120.447297][ T8647] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 120.457400][ T8641] Call Trace: [ 120.457416][ T8641] dump_stack+0x10f/0x19d [ 120.457430][ T8641] panic+0x1f8/0x63a [ 120.545762][ T8641] ? vprintk_emit+0x44a/0x4f0 [ 120.550511][ T8641] kcsan_report+0x684/0x690 [ 120.555084][ T8641] ? kcsan_setup_watchpoint+0x453/0x4d0 [ 120.560614][ T8641] ? atime_needs_update+0x133/0x370 [ 120.565784][ T8641] ? touch_atime+0x53/0x1a0 [ 120.570260][ T8641] ? generic_file_buffered_read+0x167e/0x1750 [ 120.576407][ T8641] ? generic_file_read_iter+0x7d/0x3e0 [ 120.581837][ T8641] ? ext4_file_read_iter+0x2dd/0x410 [ 120.587109][ T8641] ? __vfs_read+0x2d5/0x330 [ 120.591585][ T8641] ? integrity_kernel_read+0xb4/0x100 [ 120.597020][ T8641] ? ima_calc_file_hash+0x9bf/0x13e0 [ 120.602378][ T8641] ? ima_collect_measurement+0x168/0x310 [ 120.608005][ T8641] ? process_measurement+0x9fc/0x1040 [ 120.613384][ T8641] ? ima_file_check+0x75/0xa0 [ 120.618062][ T8641] ? path_openat+0x18a2/0x20e0 [ 120.622795][ T8641] ? do_filp_open+0xbd/0x1d0 [ 120.627368][ T8641] ? do_sys_openat2+0x33c/0x4a0 [ 120.632236][ T8641] ? __x64_sys_openat+0xef/0x110 [ 120.637237][ T8641] ? do_syscall_64+0x71/0x120 [ 120.641897][ T8641] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 120.648037][ T8641] kcsan_setup_watchpoint+0x453/0x4d0 [ 120.653780][ T8641] ? __check_object_size+0x237/0x2f0 [ 120.659048][ T8641] atime_needs_update+0x133/0x370 [ 120.664049][ T8641] touch_atime+0x53/0x1a0 [ 120.668373][ T8641] generic_file_buffered_read+0x167e/0x1750 [ 120.674252][ T8641] generic_file_read_iter+0x7d/0x3e0 [ 120.679514][ T8641] ext4_file_read_iter+0x2dd/0x410 [ 120.684684][ T8641] __vfs_read+0x2d5/0x330 [ 120.688985][ T8641] integrity_kernel_read+0xb4/0x100 [ 120.694166][ T8641] ima_calc_file_hash+0x9bf/0x13e0 [ 120.699249][ T8641] ? __kmalloc+0x164/0x2d0 [ 120.703653][ T8641] ? should_fail+0x2a/0x250 [ 120.708269][ T8641] ? check_preemption_disabled+0x8f/0x1a0 [ 120.713980][ T8641] ? widen_string+0x3a/0x280 [ 120.718576][ T8641] ? constant_test_bit+0x25/0x30 [ 120.723509][ T8641] ? ext4_xattr_ibody_get+0x6e/0x610 [ 120.728768][ T8641] ? __rcu_read_unlock+0x34/0x260 [ 120.733777][ T8641] ? aa_get_newest_label+0x71/0x250 [ 120.739121][ T8641] ? apparmor_capable+0xfb/0x160 [ 120.744042][ T8641] ? ext4_xattr_get+0x268/0x560 [ 120.748877][ T8641] ? ima_match_policy+0xac0/0xb00 [ 120.753966][ T8641] ima_collect_measurement+0x168/0x310 [ 120.759660][ T8641] process_measurement+0x9fc/0x1040 [ 120.764927][ T8641] ? lockref_put_return+0xed/0x140 [ 120.770018][ T8641] ? dquot_file_open+0x68/0x80 [ 120.774765][ T8641] ? ext4_file_open+0x19f/0x3e0 [ 120.779588][ T8641] ? fsnotify_perm+0x1f6/0x250 [ 120.784935][ T8641] ? __rcu_read_unlock+0x4b/0x260 [ 120.789936][ T8641] ? aa_get_task_label+0x72/0xc0 [ 120.794989][ T8641] ? apparmor_task_getsecid+0x7e/0xa0 [ 120.800357][ T8641] ima_file_check+0x75/0xa0 [ 120.804943][ T8641] path_openat+0x18a2/0x20e0 [ 120.810047][ T8641] ? __ext4_mark_inode_dirty+0x2cf/0x3f0 [ 120.815882][ T8641] ? _raw_spin_unlock+0x2e/0x50 [ 120.820870][ T8641] ? __mark_inode_dirty+0x415/0x7d0 [ 120.826166][ T8641] do_filp_open+0xbd/0x1d0 [ 120.830664][ T8641] ? __check_object_size+0x237/0x2f0 [ 120.835952][ T8641] ? _raw_spin_unlock+0x2e/0x50 [ 120.840792][ T8641] ? __alloc_fd+0x33c/0x390 [ 120.845423][ T8641] do_sys_openat2+0x33c/0x4a0 [ 120.850102][ T8641] __x64_sys_openat+0xef/0x110 [ 120.855039][ T8641] do_syscall_64+0x71/0x120 [ 120.859542][ T8641] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 120.865513][ T8641] RIP: 0033:0x4b3d4a [ 120.869384][ T8641] Code: Bad RIP value. [ 120.873533][ T8641] RSP: 002b:000000c0000a3830 EFLAGS: 00000206 ORIG_RAX: 0000000000000101 [ 120.882012][ T8641] RAX: ffffffffffffffda RBX: 000000c00002e800 RCX: 00000000004b3d4a [ 120.889972][ T8641] RDX: 0000000000080002 RSI: 000000c016374420 RDI: ffffffffffffff9c [ 120.897925][ T8641] RBP: 000000c0000a38a8 R08: 0000000000000000 R09: 0000000000000000 [ 120.905886][ T8641] R10: 00000000000001a4 R11: 0000000000000206 R12: ffffffffffffffff [ 120.913858][ T8641] R13: 0000000000000022 R14: 0000000000000021 R15: 0000000000000100 [ 120.923406][ T8641] Kernel Offset: disabled [ 120.927780][ T8641] Rebooting in 86400 seconds..