[[36minfo[39;49m] Using makefile-style concurrent boot in runlevel 2.
[   43.812254][   T26] audit: type=1800 audit(1575124684.917:21): pid=7418 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="bootlogs" dev="sda1" ino=2452 res=0
[   43.864660][   T26] audit: type=1800 audit(1575124684.927:22): pid=7418 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="motd" dev="sda1" ino=2480 res=0
[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.1.31' (ECDSA) to the list of known hosts.
2019/11/30 14:38:15 fuzzer started
2019/11/30 14:38:16 dialing manager at 10.128.0.105:44645
2019/11/30 14:38:17 syscalls: 2592
2019/11/30 14:38:17 code coverage: enabled
2019/11/30 14:38:17 comparison tracing: enabled
2019/11/30 14:38:17 extra coverage: extra coverage is not supported by the kernel
2019/11/30 14:38:17 setuid sandbox: enabled
2019/11/30 14:38:17 namespace sandbox: enabled
2019/11/30 14:38:17 Android sandbox: /sys/fs/selinux/policy does not exist
2019/11/30 14:38:17 fault injection: enabled
2019/11/30 14:38:17 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2019/11/30 14:38:17 net packet injection: enabled
2019/11/30 14:38:17 net device setup: enabled
2019/11/30 14:38:17 concurrency sanitizer: enabled
2019/11/30 14:38:17 devlink PCI setup: PCI device 0000:00:10.0 is not available
syzkaller login: [   65.177719][ T7586] KCSAN: could not find function: 'poll_schedule_timeout'
2019/11/30 14:38:29 adding functions to KCSAN blacklist: 'filemap_map_pages' 'timer_clear_idle' 'do_nanosleep' 'list_lru_count_one' 'mem_cgroup_select_victim_node' 'vm_area_dup' 'echo_char' 'pid_update_inode' 'copy_process' 'tcp_add_backlog' 'rcu_gp_fqs_check_wake' 'ext4_mb_find_by_goal' 'generic_write_end' '__splice_from_pipe' 'n_tty_receive_buf_common' 'xas_find_marked' '__filemap_fdatawrite_range' 'yama_ptracer_del' 'find_get_pages_range_tag' 'add_timer' 'ext4_free_inode' '__ext4_new_inode' 'audit_log_start' 'queue_access_lock' 'pcpu_alloc' 'kvm_mmu_notifier_invalidate_range_end' 'blk_mq_get_request' 'mm_update_next_owner' 'taskstats_exit' 'wbt_issue' 'tick_nohz_idle_stop_tick' 'ext4_mark_iloc_dirty' 'ext4_da_write_end' '__mark_inode_dirty' 'page_counter_try_charge' 'kauditd_thread' 'virtqueue_disable_cb' 'balance_dirty_pages' 'do_signal_stop' 'generic_file_read_iter' '__add_to_page_cache_locked' 'find_next_bit' 'xas_clear_mark' 'blk_mq_dispatch_rq_list' 'unix_notinflight' '__wb_calc_thresh' 'lruvec_lru_size' 'snd_ctl_notify' 'process_srcu' 'fsnotify' 'ext4_has_free_clusters' '__delete_from_page_cache' 'pipe_wait' 'futex_wait_queue_me' 'ext4_free_inodes_count' 'generic_fillattr' 'exit_signals' 'sit_tunnel_xmit' 'tomoyo_supervisor' 'run_timer_softirq' 'dd_has_work' 'ext4_nonda_switch' 'poll_schedule_timeout' 'blk_mq_sched_dispatch_requests' 'bio_endio' 'rcu_gp_fqs_loop' 'do_exit' '__hrtimer_run_queues' 'tick_do_update_jiffies64' 'mod_timer' 'generic_permission' 'ktime_get_real_seconds' 'do_syslog' 'p9_poll_workfn' 'ktime_get_seconds' 'ep_poll' 'do_wait' 'br_handle_frame_finish' 'inactive_list_is_low' '__dev_queue_xmit' '__snd_rawmidi_transmit_ack' 'pipe_poll' 'tick_sched_do_timer' 'blk_mq_run_hw_queue' 'l2tp_tunnel_del_work' 'lru_add_drain_all' 
14:42:04 executing program 0:

14:42:04 executing program 1:

[  283.619878][ T7591] IPVS: ftp: loaded support on port[0] = 21
[  283.711223][ T7591] chnl_net:caif_netlink_parms(): no params data found
[  283.783045][ T7591] bridge0: port 1(bridge_slave_0) entered blocking state
[  283.791550][ T7591] bridge0: port 1(bridge_slave_0) entered disabled state
[  283.799879][ T7591] device bridge_slave_0 entered promiscuous mode
[  283.813026][ T7594] IPVS: ftp: loaded support on port[0] = 21
[  283.819885][ T7591] bridge0: port 2(bridge_slave_1) entered blocking state
[  283.827201][ T7591] bridge0: port 2(bridge_slave_1) entered disabled state
[  283.835338][ T7591] device bridge_slave_1 entered promiscuous mode
[  283.857118][ T7591] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
14:42:05 executing program 2:

[  283.876824][ T7591] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  283.923066][ T7591] team0: Port device team_slave_0 added
[  283.929867][ T7591] team0: Port device team_slave_1 added
[  284.026723][ T7591] device hsr_slave_0 entered promiscuous mode
[  284.065267][ T7591] device hsr_slave_1 entered promiscuous mode
14:42:05 executing program 3:

[  284.218066][ T7594] chnl_net:caif_netlink_parms(): no params data found
[  284.288427][ T7597] IPVS: ftp: loaded support on port[0] = 21
[  284.317844][ T7591] bridge0: port 2(bridge_slave_1) entered blocking state
[  284.324986][ T7591] bridge0: port 2(bridge_slave_1) entered forwarding state
[  284.332372][ T7591] bridge0: port 1(bridge_slave_0) entered blocking state
[  284.339443][ T7591] bridge0: port 1(bridge_slave_0) entered forwarding state
[  284.478632][ T7594] bridge0: port 1(bridge_slave_0) entered blocking state
[  284.514678][ T7594] bridge0: port 1(bridge_slave_0) entered disabled state
[  284.535634][ T7594] device bridge_slave_0 entered promiscuous mode
[  284.561431][ T7621] IPVS: ftp: loaded support on port[0] = 21
14:42:05 executing program 4:
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x3, 0x88)
recvmmsg(r0, &(0x7f0000003b40)=[{{0x0, 0x45000000, 0x0}}], 0x300, 0x0, 0x0)
shutdown(r0, 0x0)

[  284.615682][ T7594] bridge0: port 2(bridge_slave_1) entered blocking state
[  284.622767][ T7594] bridge0: port 2(bridge_slave_1) entered disabled state
[  284.655350][ T7594] device bridge_slave_1 entered promiscuous mode
[  284.704851][ T7591] 8021q: adding VLAN 0 to HW filter on device bond0
[  284.736243][ T2981] bridge0: port 1(bridge_slave_0) entered disabled state
[  284.765151][ T2981] bridge0: port 2(bridge_slave_1) entered disabled state
[  284.777535][ T7614] ==================================================================
[  284.785652][ T7614] BUG: KCSAN: data-race in common_perm_cond / task_dump_owner
[  284.793086][ T7614] 
[  284.795421][ T7614] read to 0xffff88812b4062ec of 4 bytes by task 7619 on cpu 1:
[  284.802974][ T7614]  common_perm_cond+0x65/0x110
[  284.807744][ T7614]  apparmor_inode_getattr+0x2b/0x40
[  284.812950][ T7614]  security_inode_getattr+0x9b/0xd0
[  284.818155][ T7614]  vfs_getattr+0x2e/0x70
[  284.822392][ T7614]  vfs_statx+0x102/0x190
[  284.826636][ T7614]  __do_sys_newstat+0x51/0xb0
[  284.831306][ T7614]  __x64_sys_newstat+0x3a/0x50
[  284.836067][ T7614]  do_syscall_64+0xcc/0x370
[  284.840569][ T7614]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  284.846450][ T7614] 
[  284.848784][ T7614] write to 0xffff88812b4062ec of 4 bytes by task 7614 on cpu 0:
[  284.856407][ T7614]  task_dump_owner+0x237/0x260
[  284.861171][ T7614]  pid_update_inode+0x3c/0x70
[  284.865843][ T7614]  pid_revalidate+0x91/0xd0
[  284.870344][ T7614]  lookup_fast+0x6f2/0x700
[  284.874760][ T7614]  walk_component+0x6d/0xe70
[  284.879345][ T7614]  link_path_walk.part.0+0x5d3/0xa90
[  284.884627][ T7614]  path_openat+0x14f/0x36e0
[  284.889124][ T7614]  do_filp_open+0x11e/0x1b0
[  284.893622][ T7614]  do_sys_open+0x3b3/0x4f0
[  284.898044][ T7614]  __x64_sys_open+0x55/0x70
[  284.902550][ T7614]  do_syscall_64+0xcc/0x370
[  284.907061][ T7614]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  284.912936][ T7614] 
[  284.915254][ T7614] Reported by Kernel Concurrency Sanitizer on:
[  284.921396][ T7614] CPU: 0 PID: 7614 Comm: ps Not tainted 5.4.0-syzkaller #0
[  284.928614][ T7614] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  284.938666][ T7614] ==================================================================
[  284.946718][ T7614] Kernel panic - not syncing: panic_on_warn set ...
[  284.953298][ T7614] CPU: 0 PID: 7614 Comm: ps Not tainted 5.4.0-syzkaller #0
[  284.960486][ T7614] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  284.970537][ T7614] Call Trace:
[  284.973831][ T7614]  dump_stack+0x11d/0x181
[  284.978156][ T7614]  panic+0x210/0x640
[  284.982053][ T7614]  ? vprintk_func+0x8d/0x140
[  284.986650][ T7614]  kcsan_report.cold+0xc/0xd
[  284.991244][ T7614]  kcsan_setup_watchpoint+0x3fe/0x460
[  284.996630][ T7614]  __tsan_unaligned_write4+0xc4/0x100
[  285.002013][ T7614]  task_dump_owner+0x237/0x260
[  285.006779][ T7614]  ? __rcu_read_unlock+0x66/0x3c0
[  285.011802][ T7614]  pid_update_inode+0x3c/0x70
[  285.016481][ T7614]  pid_revalidate+0x91/0xd0
[  285.020989][ T7614]  lookup_fast+0x6f2/0x700
[  285.025415][ T7614]  walk_component+0x6d/0xe70
[  285.030005][ T7614]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  285.036244][ T7614]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  285.042485][ T7614]  ? security_inode_permission+0xa5/0xc0
[  285.048226][ T7614]  ? inode_permission+0xa0/0x3c0
[  285.053164][ T7614]  link_path_walk.part.0+0x5d3/0xa90
[  285.058454][ T7614]  path_openat+0x14f/0x36e0
[  285.062993][ T7614]  ? __read_once_size.constprop.0+0x12/0x20
[  285.068898][ T7614]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  285.075146][ T7614]  ? __virt_addr_valid+0x126/0x190
[  285.080261][ T7614]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  285.086500][ T7614]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  285.092742][ T7614]  ? __sanitizer_cov_trace_switch+0x49/0x80
[  285.098637][ T7614]  ? __read_once_size+0x41/0xe0
[  285.103526][ T7614]  do_filp_open+0x11e/0x1b0
[  285.108062][ T7614]  ? __alloc_fd+0x2ef/0x3b0
[  285.112597][ T7614]  do_sys_open+0x3b3/0x4f0
[  285.117022][ T7614]  __x64_sys_open+0x55/0x70
[  285.121527][ T7614]  do_syscall_64+0xcc/0x370
[  285.126048][ T7614]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  285.131938][ T7614] RIP: 0033:0x7fc71b929120
[  285.136363][ T7614] Code: 48 8b 15 1b 4d 2b 00 f7 d8 64 89 02 83 c8 ff c3 90 90 90 90 90 90 90 90 90 90 83 3d d5 a4 2b 00 00 75 10 b8 02 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 5e 8c 01 00 48 89 04 24
[  285.156118][ T7614] RSP: 002b:00007ffc52814e38 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  285.164526][ T7614] RAX: ffffffffffffffda RBX: 0000000000616760 RCX: 00007fc71b929120
[  285.172497][ T7614] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007fc71bdf7d00
[  285.180468][ T7614] RBP: 0000000000001000 R08: 0000000000000000 R09: 00007fc71bbf157b
[  285.188435][ T7614] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc71bdf6d00
[  285.196411][ T7614] R13: 0000000000000020 R14: 0000000000000005 R15: 0000000000000000
[  285.205922][ T7614] Kernel Offset: disabled
[  285.210248][ T7614] Rebooting in 86400 seconds..