[info] Using makefile-style concurrent boot in runlevel 2. [ 42.857060][ T26] audit: type=1800 audit(1573799479.456:21): pid=7443 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="bootlogs" dev="sda1" ino=2452 res=0 [ 42.892536][ T26] audit: type=1800 audit(1573799479.456:22): pid=7443 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="motd" dev="sda1" ino=2480 res=0 [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.203' (ECDSA) to the list of known hosts. 2019/11/15 06:31:32 fuzzer started 2019/11/15 06:31:33 dialing manager at 10.128.0.105:44219 2019/11/15 06:31:36 syscalls: 2566 2019/11/15 06:31:36 code coverage: enabled 2019/11/15 06:31:36 comparison tracing: enabled 2019/11/15 06:31:36 extra coverage: extra coverage is not supported by the kernel 2019/11/15 06:31:36 setuid sandbox: enabled 2019/11/15 06:31:36 namespace sandbox: enabled 2019/11/15 06:31:36 Android sandbox: /sys/fs/selinux/policy does not exist 2019/11/15 06:31:36 fault injection: enabled 2019/11/15 06:31:36 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/11/15 06:31:36 net packet injection: enabled 2019/11/15 06:31:36 net device setup: enabled 2019/11/15 06:31:36 concurrency sanitizer: enabled 2019/11/15 06:31:36 devlink PCI setup: PCI device 0000:00:10.0 is not available 06:31:37 executing program 0: prlimit64(0x0, 0x0, 0x0, 0x0) creat(0x0, 0x0) r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$setstatus(r0, 0x4, 0x42000) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 06:31:37 executing program 1: r0 = gettid() setpgid(r0, 0x0) syzkaller login: [ 61.147366][ T7615] IPVS: ftp: loaded support on port[0] = 21 [ 61.238556][ T7615] chnl_net:caif_netlink_parms(): no params data found [ 61.295506][ T7615] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.312534][ T7615] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.320299][ T7615] device bridge_slave_0 entered promiscuous mode [ 61.328438][ T7615] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.335547][ T7615] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.343443][ T7615] device bridge_slave_1 entered promiscuous mode [ 61.359507][ T7618] IPVS: ftp: loaded support on port[0] = 21 [ 61.361672][ T7615] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 61.376514][ T7615] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link 06:31:38 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") r1 = socket$inet_udplite(0x2, 0x2, 0x88) close(r1) r2 = socket$xdp(0x2c, 0x3, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffff9c, 0x89e2, &(0x7f0000000040)={r1}) setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/38, 0x12c000, 0x800}, 0x18) setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f00000000c0)=0x8000, 0x4) setsockopt$XDP_RX_RING(r2, 0x11b, 0x2, &(0x7f0000003a80)=0x40, 0x4) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x11, 0x4, 0x4, 0xf59}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r3, &(0x7f00000001c0), &(0x7f0000000040)}, 0x20) close(r2) [ 61.404920][ T7615] team0: Port device team_slave_0 added [ 61.411629][ T7615] team0: Port device team_slave_1 added [ 61.524921][ T7615] device hsr_slave_0 entered promiscuous mode [ 61.582782][ T7615] device hsr_slave_1 entered promiscuous mode 06:31:38 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet6(r0, &(0x7f0000000d40)=[{{&(0x7f00000004c0)={0xa, 0x4e23, 0x0, @local, 0x6}, 0x1c, 0x0}}], 0x1, 0x0) [ 61.670517][ T7620] IPVS: ftp: loaded support on port[0] = 21 [ 61.737203][ T7618] chnl_net:caif_netlink_parms(): no params data found [ 61.909308][ T7618] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.934745][ T7618] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.960968][ T7618] device bridge_slave_0 entered promiscuous mode [ 62.015317][ T7618] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.023694][ T7618] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.052629][ T7618] device bridge_slave_1 entered promiscuous mode [ 62.068253][ T7646] IPVS: ftp: loaded support on port[0] = 21 [ 62.108912][ T7618] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 62.200370][ T7618] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 62.275070][ T7620] chnl_net:caif_netlink_parms(): no params data found [ 62.319606][ T7618] team0: Port device team_slave_0 added [ 62.353948][ T7618] team0: Port device team_slave_1 added 06:31:39 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0x1, 0x0) write$UHID_SET_REPORT_REPLY(r1, &(0x7f0000000080)={0xe, 0x0, 0x0, 0x0, 0x5c, "c52b8b31487d989585a8a147c9699c47b996000dbc30c69ee922fc04644a2ea97d1eb4ad568440c6c97a7bdac498cdc78d419badc9635130e640d3b8e13f716170534f2976b234f5e97bdb7edd63e42a8c4a85bfcc887c09076c6d23"}, 0x68) [ 62.435446][ T7620] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.462500][ T7620] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.473582][ T7620] device bridge_slave_0 entered promiscuous mode [ 62.513951][ T7620] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.521075][ T7620] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.553852][ T7620] device bridge_slave_1 entered promiscuous mode [ 62.634641][ T7618] device hsr_slave_0 entered promiscuous mode [ 62.662871][ T7618] device hsr_slave_1 entered promiscuous mode [ 62.692506][ T7618] debugfs: Directory 'hsr0' with parent '/' already present! [ 62.709318][ T7646] chnl_net:caif_netlink_parms(): no params data found [ 62.779394][ T7620] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 62.833077][ T7651] IPVS: ftp: loaded support on port[0] = 21 [ 62.854190][ T7620] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 62.893006][ T7] device bridge_slave_1 left promiscuous mode [ 62.899273][ T7] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.083258][ T7] device bridge_slave_0 left promiscuous mode [ 63.089614][ T7] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.167898][ T7636] ================================================================== [ 63.176059][ T7636] BUG: KCSAN: data-race in tomoyo_supervisor / tomoyo_supervisor [ 63.183767][ T7636] [ 63.186101][ T7636] read to 0xffffffff86142124 of 4 bytes by task 7638 on cpu 0: [ 63.193673][ T7636] tomoyo_supervisor+0x1b0/0xd20 [ 63.198612][ T7636] tomoyo_path_permission+0x121/0x160 [ 63.203986][ T7636] tomoyo_check_open_permission+0x2fd/0x320 [ 63.209876][ T7636] tomoyo_file_open+0x75/0x90 [ 63.214554][ T7636] security_file_open+0x69/0x210 [ 63.219497][ T7636] do_dentry_open+0x211/0x970 [ 63.224178][ T7636] vfs_open+0x62/0x80 [ 63.228166][ T7636] path_openat+0xf73/0x36e0 [ 63.232671][ T7636] do_filp_open+0x11e/0x1b0 [ 63.237202][ T7636] do_sys_open+0x3b3/0x4f0 [ 63.241621][ T7636] __x64_sys_open+0x55/0x70 [ 63.246137][ T7636] do_syscall_64+0xcc/0x370 [ 63.250641][ T7636] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 63.256667][ T7636] [ 63.259000][ T7636] write to 0xffffffff86142124 of 4 bytes by task 7636 on cpu 1: [ 63.266640][ T7636] tomoyo_supervisor+0x1c9/0xd20 [ 63.271584][ T7636] tomoyo_path_permission+0x121/0x160 [ 63.276967][ T7636] tomoyo_check_open_permission+0x2fd/0x320 [ 63.282861][ T7636] tomoyo_file_open+0x75/0x90 [ 63.287536][ T7636] security_file_open+0x69/0x210 [ 63.292475][ T7636] do_dentry_open+0x211/0x970 [ 63.297148][ T7636] vfs_open+0x62/0x80 [ 63.301129][ T7636] path_openat+0xf73/0x36e0 [ 63.305635][ T7636] do_filp_open+0x11e/0x1b0 [ 63.310135][ T7636] do_sys_open+0x3b3/0x4f0 [ 63.314566][ T7636] __x64_sys_open+0x55/0x70 [ 63.319073][ T7636] do_syscall_64+0xcc/0x370 [ 63.323576][ T7636] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 63.329454][ T7636] [ 63.331780][ T7636] Reported by Kernel Concurrency Sanitizer on: [ 63.337932][ T7636] CPU: 1 PID: 7636 Comm: ps Not tainted 5.4.0-rc7+ #0 [ 63.344689][ T7636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 63.354743][ T7636] ================================================================== [ 63.362824][ T7636] Kernel panic - not syncing: panic_on_warn set ... [ 63.369410][ T7636] CPU: 1 PID: 7636 Comm: ps Not tainted 5.4.0-rc7+ #0 [ 63.376160][ T7636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 63.386210][ T7636] Call Trace: [ 63.389502][ T7636] dump_stack+0x11d/0x181 [ 63.393834][ T7636] panic+0x210/0x640 [ 63.397733][ T7636] ? vprintk_func+0x8d/0x140 [ 63.402333][ T7636] kcsan_report.cold+0xc/0xd [ 63.406934][ T7636] kcsan_setup_watchpoint+0x3fe/0x460 [ 63.412310][ T7636] __tsan_unaligned_write4+0xc4/0x100 [ 63.417685][ T7636] tomoyo_supervisor+0x1c9/0xd20 [ 63.422630][ T7636] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 63.428353][ T7636] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 63.434615][ T7636] ? __read_once_size.constprop.0+0x12/0x20 [ 63.440523][ T7636] tomoyo_path_permission+0x121/0x160 [ 63.445895][ T7636] tomoyo_check_open_permission+0x2fd/0x320 [ 63.451801][ T7636] tomoyo_file_open+0x75/0x90 [ 63.456565][ T7636] security_file_open+0x69/0x210 [ 63.461511][ T7636] do_dentry_open+0x211/0x970 [ 63.466189][ T7636] ? security_inode_permission+0xa5/0xc0 [ 63.471823][ T7636] vfs_open+0x62/0x80 [ 63.475807][ T7636] path_openat+0xf73/0x36e0 [ 63.480326][ T7636] do_filp_open+0x11e/0x1b0 [ 63.484837][ T7636] ? __alloc_fd+0x2ef/0x3b0 [ 63.489356][ T7636] do_sys_open+0x3b3/0x4f0 [ 63.493784][ T7636] __x64_sys_open+0x55/0x70 [ 63.498298][ T7636] do_syscall_64+0xcc/0x370 [ 63.502805][ T7636] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 63.508693][ T7636] RIP: 0033:0x7fea2a004120 [ 63.513115][ T7636] Code: 48 8b 15 1b 4d 2b 00 f7 d8 64 89 02 83 c8 ff c3 90 90 90 90 90 90 90 90 90 90 83 3d d5 a4 2b 00 00 75 10 b8 02 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 5e 8c 01 00 48 89 04 24 [ 63.532719][ T7636] RSP: 002b:00007fff02efef78 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 63.541138][ T7636] RAX: ffffffffffffffda RBX: 0000000000616760 RCX: 00007fea2a004120 [ 63.549108][ T7636] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007fea2a4d2d00 [ 63.557072][ T7636] RBP: 0000000000001000 R08: 0000000000000000 R09: 00007fea2a2cca10 [ 63.565063][ T7636] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fea2a4d1d00 [ 63.573034][ T7636] R13: 0000000001edc1c0 R14: 0000000000000005 R15: 0000000000000000 [ 63.582340][ T7636] Kernel Offset: disabled [ 63.586670][ T7636] Rebooting in 86400 seconds..