[[0;32m  OK  [0m] Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch.
[[0;32m  OK  [0m] Started Getty on tty1.
[[0;32m  OK  [0m] Started Serial Getty on ttyS0.
[[0;32m  OK  [0m] Reached target Login Prompts.
[[0;32m  OK  [0m] Reached target Multi-User System.
[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.
         Starting Load/Save RF Kill Switch Status...
[[0;32m  OK  [0m] Started Load/Save RF Kill Switch Status.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.0.164' (ECDSA) to the list of known hosts.
2020/05/09 00:27:06 fuzzer started
2020/05/09 00:27:07 dialing manager at 10.128.0.105:44373
2020/05/09 00:27:07 syscalls: 3055
2020/05/09 00:27:07 code coverage: enabled
2020/05/09 00:27:07 comparison tracing: enabled
2020/05/09 00:27:07 extra coverage: enabled
2020/05/09 00:27:07 setuid sandbox: enabled
2020/05/09 00:27:07 namespace sandbox: enabled
2020/05/09 00:27:07 Android sandbox: /sys/fs/selinux/policy does not exist
2020/05/09 00:27:07 fault injection: enabled
2020/05/09 00:27:07 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2020/05/09 00:27:07 net packet injection: enabled
2020/05/09 00:27:07 net device setup: enabled
2020/05/09 00:27:07 concurrency sanitizer: enabled
2020/05/09 00:27:07 devlink PCI setup: PCI device 0000:00:10.0 is not available
2020/05/09 00:27:07 USB emulation: enabled
syzkaller login: [   53.480891][ T8933] KCSAN: could not find function: '_find_next_bit'
2020/05/09 00:27:10 adding functions to KCSAN blacklist: 'copy_process' 'io_sq_thread' 'decrypt_packet' 'generic_write_end' 'kcm_rfree' 'xas_clear_mark' 'run_timer_softirq' 'ep_poll' 'find_get_pages_range_tag' 'blk_mq_sched_dispatch_requests' 'ext4_free_inodes_count' '__add_to_page_cache_locked' 'shmem_file_read_iter' 'ext4_writepages' 'blk_mq_get_request' 'tick_sched_do_timer' '_find_next_bit' 'generic_fillattr' 'page_counter_charge' 'pcpu_alloc' 'do_signal_stop' 'echo_char' 'mod_timer' 'blk_mq_dispatch_rq_list' 'file_remove_privs' '__ext4_new_inode' 'kauditd_thread' 'ext4_mb_good_group' 
00:29:31 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000040)={'veth1\x00', &(0x7f0000000000)=ANY=[@ANYBLOB="0e17"]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  195.186110][ T8934] ==================================================================
[  195.194255][ T8934] BUG: KCSAN: data-race in atime_needs_update / propagate_one
[  195.201694][ T8934] 
[  195.204019][ T8934] write to 0xffff88821b743330 of 4 bytes by task 8937 on cpu 1:
[  195.211653][ T8934]  propagate_one+0x3b3/0x550
[  195.213979][ T8937] IPVS: ftp: loaded support on port[0] = 21
[  195.216237][ T8934]  propagate_mnt+0x22e/0x270
[  195.216252][ T8934]  attach_recursive_mnt+0x66d/0x8a0
[  195.216265][ T8934]  graft_tree+0x107/0x160
[  195.216279][ T8934]  do_add_mount.isra.0+0x102/0x190
[  195.216293][ T8934]  do_mount+0x12d5/0x1590
[  195.216307][ T8934]  __x64_sys_mount+0x12b/0x1a0
[  195.216331][ T8934]  do_syscall_64+0xc7/0x3b0
[  195.254861][ T8934]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  195.260739][ T8934] 
[  195.263064][ T8934] read to 0xffff88821b743330 of 4 bytes by task 8934 on cpu 0:
[  195.270609][ T8934]  atime_needs_update+0x13e/0x360
[  195.275637][ T8934]  touch_atime+0x63/0x150
[  195.279964][ T8934]  generic_file_read_iter+0x12fa/0x18c0
[  195.285505][ T8934]  ext4_file_read_iter+0x103/0x360
[  195.291763][ T8934]  new_sync_read+0x306/0x450
[  195.296361][ T8934]  __vfs_read+0x9e/0xb0
[  195.300602][ T8934]  integrity_kernel_read+0x97/0xe0
[  195.303815][ T8937] chnl_net:caif_netlink_parms(): no params data found
[  195.305713][ T8934]  ima_calc_file_hash_tfm+0x18f/0x240
[  195.317852][ T8934]  ima_calc_file_hash+0x147/0xeb0
[  195.322953][ T8934]  ima_collect_measurement+0x385/0x3b0
[  195.328411][ T8934]  process_measurement+0x91a/0x1000
[  195.333611][ T8934]  ima_file_check+0x7e/0xb0
[  195.338133][ T8934]  path_openat+0x176e/0x23d0
[  195.342744][ T8934]  do_filp_open+0x11e/0x1b0
[  195.347244][ T8934]  do_sys_openat2+0x52e/0x680
[  195.351918][ T8934]  do_sys_open+0xa2/0x110
[  195.356242][ T8934]  __x64_sys_openat+0x5d/0x70
[  195.359015][ T8937] bridge0: port 1(bridge_slave_0) entered blocking state
[  195.360913][ T8934]  do_syscall_64+0xc7/0x3b0
[  195.360929][ T8934]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  195.360932][ T8934] 
[  195.360935][ T8934] Reported by Kernel Concurrency Sanitizer on:
[  195.360950][ T8934] CPU: 0 PID: 8934 Comm: syz-fuzzer Not tainted 5.7.0-rc1-syzkaller #0
[  195.360958][ T8934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  195.360963][ T8934] ==================================================================
[  195.360971][ T8934] Kernel panic - not syncing: panic_on_warn set ...
[  195.360985][ T8934] CPU: 0 PID: 8934 Comm: syz-fuzzer Not tainted 5.7.0-rc1-syzkaller #0
[  195.361001][ T8934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  195.368938][ T8937] bridge0: port 1(bridge_slave_0) entered disabled state
[  195.372477][ T8934] Call Trace:
[  195.372501][ T8934]  dump_stack+0x11d/0x187
[  195.372521][ T8934]  panic+0x210/0x640
[  195.372549][ T8934]  ? vprintk_func+0x89/0x13a
[  195.387877][ T8937] device bridge_slave_0 entered promiscuous mode
[  195.395079][ T8934]  kcsan_report.cold+0xc/0x1a
[  195.395112][ T8934]  kcsan_setup_watchpoint+0x3fb/0x440
[  195.409077][ T8937] bridge0: port 2(bridge_slave_1) entered blocking state
[  195.413199][ T8934]  atime_needs_update+0x13e/0x360
[  195.413218][ T8934]  touch_atime+0x63/0x150
[  195.413238][ T8934]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  195.413262][ T8934]  generic_file_read_iter+0x12fa/0x18c0
[  195.421253][ T8937] bridge0: port 2(bridge_slave_1) entered disabled state
[  195.428225][ T8934]  ext4_file_read_iter+0x103/0x360
[  195.428254][ T8934]  new_sync_read+0x306/0x450
[  195.439971][ T8937] device bridge_slave_1 entered promiscuous mode
[  195.445308][ T8934]  __vfs_read+0x9e/0xb0
[  195.460293][ T8937] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  195.461341][ T8934]  integrity_kernel_read+0x97/0xe0
[  195.469349][ T8937] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  195.472291][ T8934]  ima_calc_file_hash_tfm+0x18f/0x240
[  195.472310][ T8934]  ? __this_cpu_preempt_check+0x3c/0x130
[  195.472337][ T8934]  ? widen_string+0x48/0x190
[  195.491574][ T8937] team0: Port device team_slave_0 added
[  195.494032][ T8934]  ? string_nocheck+0xe1/0x100
[  195.501603][ T8937] team0: Port device team_slave_1 added
[  195.505443][ T8934]  ? format_decode+0x19c/0xaa0
[  195.526336][ T8937] batman_adv: batadv0: Adding interface: batadv_slave_0
[  195.528508][ T8934]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  195.532660][ T8937] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  195.541624][ T8934]  ? tomoyo_profile+0x3f/0x50
[  195.541643][ T8934]  ? __rcu_read_unlock+0x77/0x390
[  195.541671][ T8934]  ? tomoyo_write_log2+0x64/0x580
[  195.549070][ T8937] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  195.555753][ T8934]  ? setuid_policy_lookup+0xdf/0x110
[  195.555769][ T8934]  ima_calc_file_hash+0x147/0xeb0
[  195.555792][ T8934]  ? up_read+0x42/0x90
[  195.564000][ T8937] batman_adv: batadv0: Adding interface: batadv_slave_1
[  195.566847][ T8934]  ? ext4_xattr_get+0x10b/0x600
[  195.572135][ T8937] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  195.576938][ T8934]  ima_collect_measurement+0x385/0x3b0
[  195.582496][ T8937] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  195.587241][ T8934]  process_measurement+0x91a/0x1000
[  195.729823][ T8934]  ? dquot_file_open+0x60/0x80
[  195.734570][ T8934]  ? ext4_file_open+0x109/0x440
[  195.739501][ T8934]  ? __rcu_read_unlock+0x77/0x390
[  195.744534][ T8934]  ? aa_get_task_label+0x1ee/0x370
[  195.749649][ T8934]  ima_file_check+0x7e/0xb0
[  195.754148][ T8934]  path_openat+0x176e/0x23d0
[  195.758743][ T8934]  ? preempt_schedule_irq+0x6e/0x80
[  195.765229][ T8934]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  195.771318][ T8934]  do_filp_open+0x11e/0x1b0
[  195.775810][ T8934]  ? _find_next_bit.constprop.0+0x126/0x160
[  195.782398][ T8934]  ? __read_once_size+0x2f/0xd0
[  195.787227][ T8934]  ? _raw_spin_unlock+0x38/0x60
[  195.792052][ T8934]  ? __alloc_fd+0x2f3/0x3b0
[  195.796556][ T8934]  do_sys_openat2+0x52e/0x680
[  195.801215][ T8934]  do_sys_open+0xa2/0x110
[  195.805524][ T8934]  __x64_sys_openat+0x5d/0x70
[  195.810197][ T8934]  do_syscall_64+0xc7/0x3b0
[  195.814692][ T8934]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  195.820560][ T8934] RIP: 0033:0x47c5aa
[  195.824453][ T8934] Code: e8 7b 6b fb ff 48 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 4c 8b 54 24 28 4c 8b 44 24 30 4c 8b 4c 24 38 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 40 ff ff ff ff 48 c7 44 24 48
[  195.844573][ T8934] RSP: 002b:000000c4328797d0 EFLAGS: 00000202 ORIG_RAX: 0000000000000101
[  195.852965][ T8934] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000047c5aa
[  195.860931][ T8934] RDX: 0000000000080002 RSI: 000000c432b96460 RDI: ffffffffffffff9c
[  195.868903][ T8934] RBP: 000000c432879850 R08: 0000000000000000 R09: 0000000000000000
[  195.876987][ T8934] R10: 00000000000001a4 R11: 0000000000000202 R12: ffffffffffffffff
[  195.884973][ T8934] R13: 0000000000000024 R14: 0000000000000023 R15: 0000000000000100
[  195.894360][ T8934] Kernel Offset: disabled
[  195.898700][ T8934] Rebooting in 86400 seconds..