[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 34.868589][ T26] audit: type=1800 audit(1570241204.400:25): pid=7034 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2447 res=0 [ 34.895660][ T26] audit: type=1800 audit(1570241204.400:26): pid=7034 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2490 res=0 [ 34.922291][ T26] audit: type=1800 audit(1570241204.400:27): pid=7034 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2469 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.19' (ECDSA) to the list of known hosts. 2019/10/05 02:06:57 fuzzer started 2019/10/05 02:06:59 dialing manager at 10.128.0.105:35709 2019/10/05 02:06:59 checking machine... 2019/10/05 02:06:59 checking revisions... 2019/10/05 02:06:59 testing simple program... syzkaller login: [ 49.845592][ T7201] IPVS: ftp: loaded support on port[0] = 21 2019/10/05 02:06:59 building call list... executing program [ 53.434158][ T7207] can: request_module (can-proto-0) failed. [ 53.446841][ T7207] can: request_module (can-proto-0) failed. 2019/10/05 02:07:08 syscalls: 2523 2019/10/05 02:07:08 code coverage: enabled 2019/10/05 02:07:08 comparison tracing: enabled 2019/10/05 02:07:08 extra coverage: extra coverage is not supported by the kernel 2019/10/05 02:07:08 setuid sandbox: enabled 2019/10/05 02:07:08 namespace sandbox: enabled 2019/10/05 02:07:08 Android sandbox: /sys/fs/selinux/policy does not exist 2019/10/05 02:07:08 fault injection: enabled 2019/10/05 02:07:08 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/10/05 02:07:08 net packet injection: enabled 2019/10/05 02:07:08 net device setup: enabled 2019/10/05 02:07:08 concurrency sanitizer: enabled 02:07:09 executing program 0: ioctl$sock_TIOCINQ(0xffffffffffffffff, 0x541b, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) symlink(0x0, 0x0) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r2, &(0x7f0000000280)=ANY=[@ANYBLOB="1500000065ffff0180000008003950323030302e4cc74502f987c2cec6504df6ead74ed8a60ab563e98b4b2a3d27a7082dbb78abd55fba3da80b856445ab100621d6234555c08dc540473753cd89e9b08e3f5972fe9ca162b123e192e8c89c9dd81c796f27f537cc5a3fb54aff8eaff4f6b59c41705b96a6711d4679079d00"/137], 0x15) r3 = dup(r2) write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) writev(r2, &(0x7f0000000540)=[{&(0x7f0000000180)="c32c4d225a5e6777c9ab742c2f0595abcaeca096aaef66ddc5933379732f564cec7e109d28eaedb31408480286270e4c1f35f7b43868d91c86c4813f80a0028662d92ee75ee1536676ad4f47b7647c5fbd6459879f848399fe6d5736bc8f4df2e098006f42badb210d796e59f292ea2092c98d38196c253d7d4f8e29c62fd3c5b7519ed83bf59efb9b598bc9fb5ca93f0863c17dc2006d1af20a1fd809163c72dfff9e47a15469b65ce08f4b5b2dbef9b31a2761acd4", 0xb6}, {&(0x7f0000000080)="e03ac3802fb2", 0x6}, {&(0x7f0000000340)="91e6388fb321d8", 0x7}, {&(0x7f00000003c0)="e6472ec3", 0x4}, {&(0x7f0000000400)}], 0x5) r4 = open(&(0x7f00004b8ff8)='./file0\x00', 0x28042, 0x0) fallocate(r4, 0x0, 0x0, 0x40007) umount2(&(0x7f0000000000)='./file0\x00', 0x0) [ 59.530235][ T7245] ================================================================== [ 59.538455][ T7245] BUG: KCSAN: data-race in ext4_es_lookup_extent / ext4_es_lookup_extent [ 59.546844][ T7245] [ 59.549164][ T7245] read to 0xffff888125c01c28 of 8 bytes by task 7206 on cpu 1: [ 59.556700][ T7245] ext4_es_lookup_extent+0x3ba/0x510 [ 59.561975][ T7245] ext4_map_blocks+0xc2/0xf70 [ 59.566637][ T7245] ext4_mpage_readpages+0x92b/0x1270 [ 59.571904][ T7245] ext4_readpages+0x92/0xc0 [ 59.576408][ T7245] read_pages+0xa2/0x2d0 [ 59.580641][ T7245] __do_page_cache_readahead+0x353/0x390 [ 59.586266][ T7245] ondemand_readahead+0x35d/0x710 [ 59.591275][ T7245] page_cache_async_readahead+0x22c/0x250 [ 59.597007][ T7245] generic_file_read_iter+0xffc/0x1440 [ 59.602455][ T7245] ext4_file_read_iter+0xfa/0x240 [ 59.607471][ T7245] new_sync_read+0x389/0x4f0 [ 59.612057][ T7245] __vfs_read+0xb1/0xc0 [ 59.616207][ T7245] integrity_kernel_read+0xa1/0xe0 [ 59.621336][ T7245] ima_calc_file_hash_tfm+0x1b5/0x260 [ 59.626704][ T7245] [ 59.629032][ T7245] write to 0xffff888125c01c28 of 8 bytes by task 7245 on cpu 0: [ 59.636651][ T7245] ext4_es_lookup_extent+0x3d3/0x510 [ 59.641928][ T7245] ext4_map_blocks+0xc2/0xf70 [ 59.646589][ T7245] ext4_getblk+0x30b/0x380 [ 59.650995][ T7245] ext4_bread_batch+0x8a/0x2e0 [ 59.655743][ T7245] __ext4_find_entry+0x32f/0x970 [ 59.660667][ T7245] ext4_lookup+0x35f/0x4f0 [ 59.665073][ T7245] __lookup_hash+0xcb/0x110 [ 59.669566][ T7245] filename_create+0x102/0x2d0 [ 59.674316][ T7245] do_mkdirat+0x65/0x1f0 [ 59.678546][ T7245] __x64_sys_mkdir+0x40/0x50 [ 59.683135][ T7245] do_syscall_64+0xcf/0x2f0 [ 59.687637][ T7245] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 59.693511][ T7245] [ 59.695826][ T7245] Reported by Kernel Concurrency Sanitizer on: [ 59.701983][ T7245] CPU: 0 PID: 7245 Comm: syz-executor.0 Not tainted 5.3.0+ #0 [ 59.709420][ T7245] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 59.719469][ T7245] ================================================================== [ 59.727520][ T7245] Kernel panic - not syncing: panic_on_warn set ... [ 59.734100][ T7245] CPU: 0 PID: 7245 Comm: syz-executor.0 Not tainted 5.3.0+ #0 [ 59.741552][ T7245] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 59.751590][ T7245] Call Trace: [ 59.754875][ T7245] dump_stack+0xf5/0x159 [ 59.759116][ T7245] panic+0x209/0x639 [ 59.763012][ T7245] ? vprintk_func+0x8d/0x140 [ 59.767613][ T7245] kcsan_report.cold+0x57/0xeb [ 59.772376][ T7245] __kcsan_setup_watchpoint+0x342/0x500 02:07:09 executing program 1: r0 = socket$inet6_sctp(0xa, 0x80000000000001, 0x84) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000107ff8)={0x0, 0x10040000}, 0x8) connect$inet6(r0, &(0x7f00008c0000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r1 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$setstatus(r1, 0x4, 0x42000) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f000081e000)={0x0, 0x3, 0x80000000000000d5, [0x0]}, 0x2de) [ 59.777921][ T7245] __tsan_write8+0x32/0x40 [ 59.782330][ T7245] ext4_es_lookup_extent+0x3d3/0x510 [ 59.787616][ T7245] ext4_map_blocks+0xc2/0xf70 [ 59.792298][ T7245] ext4_getblk+0x30b/0x380 [ 59.796709][ T7245] ext4_bread_batch+0x8a/0x2e0 [ 59.801463][ T7245] __ext4_find_entry+0x32f/0x970 [ 59.806389][ T7245] ? __tsan_write8+0x32/0x40 [ 59.810986][ T7245] ext4_lookup+0x35f/0x4f0 [ 59.815415][ T7245] __lookup_hash+0xcb/0x110 [ 59.819917][ T7245] filename_create+0x102/0x2d0 [ 59.824680][ T7245] do_mkdirat+0x65/0x1f0 [ 59.828926][ T7245] __x64_sys_mkdir+0x40/0x50 [ 59.833513][ T7245] do_syscall_64+0xcf/0x2f0 [ 59.838021][ T7245] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 59.843918][ T7245] RIP: 0033:0x458e77 [ 59.847807][ T7245] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 59.867405][ T7245] RSP: 002b:00007ffebbe32658 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 59.875828][ T7245] RAX: ffffffffffffffda RBX: 000000000003a2f8 RCX: 0000000000458e77 [ 59.883788][ T7245] RDX: 0000000000000002 RSI: 00000000000001c0 RDI: 00007ffebbe32830 [ 59.891749][ T7245] RBP: 0000000000000001 R08: 000000000000f8c0 R09: 0000000000002800 [ 59.899710][ T7245] R10: 0000000000000011 R11: 0000000000000246 R12: 00000000000000c2 [ 59.907679][ T7245] R13: 00007ffebbe32830 R14: 8421084210842109 R15: 00007ffebbe3283c [ 59.917198][ T7245] Kernel Offset: disabled [ 59.921522][ T7245] Rebooting in 86400 seconds..