[ 35.978162][ T26] audit: type=1800 audit(1572108477.146:25): pid=7034 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2447 res=0 [ 36.031948][ T26] audit: type=1800 audit(1572108477.146:26): pid=7034 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2490 res=0 [ 36.071613][ T26] audit: type=1800 audit(1572108477.146:27): pid=7034 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2469 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [ 36.412550][ T7100] sshd (7100) used greatest stack depth: 10136 bytes left [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.35' (ECDSA) to the list of known hosts. 2019/10/26 16:48:07 fuzzer started 2019/10/26 16:48:09 dialing manager at 10.128.0.105:33655 2019/10/26 16:48:09 syscalls: 2533 2019/10/26 16:48:09 code coverage: enabled 2019/10/26 16:48:09 comparison tracing: enabled 2019/10/26 16:48:09 extra coverage: extra coverage is not supported by the kernel 2019/10/26 16:48:09 setuid sandbox: enabled 2019/10/26 16:48:09 namespace sandbox: enabled 2019/10/26 16:48:09 Android sandbox: /sys/fs/selinux/policy does not exist 2019/10/26 16:48:09 fault injection: enabled 2019/10/26 16:48:09 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/10/26 16:48:09 net packet injection: enabled 2019/10/26 16:48:09 net device setup: enabled 2019/10/26 16:48:09 concurrency sanitizer: enabled syzkaller login: [ 68.337172][ T7200] KCSAN: could not find function: 'poll_schedule_timeout' 2019/10/26 16:48:32 adding functions to KCSAN blacklist: 'virtnet_poll_tx' 'mem_cgroup_select_victim_node' '__hrtimer_run_queues' 'tick_do_update_jiffies64' 'task_dump_owner' '__skb_try_recv_from_queue' 'blk_mq_get_request' 'ep_poll' 'kvm_arch_vcpu_load' 'inet_putpeer' 'audit_log_start' '__skb_recv_udp' 'rcu_gp_fqs_check_wake' 'taskstats_exit' 'get_task_cred' 'ext4_free_inode' 'ext4_nonda_switch' 'queue_access_lock' 'find_get_pages_range_tag' 'fprop_fraction_percpu' 'get_task_mm' 'ktime_get_real_seconds' 'snd_seq_prioq_cell_out' 'shmem_file_read_iter' 'ext4_has_free_clusters' 'run_timer_softirq' 'wbt_done' '__alloc_file' 'wbt_issue' 'fsnotify' 'timer_clear_idle' 'tomoyo_supervisor' 'pipe_poll' '__nf_ct_refresh_acct' 'add_timer' 'common_perm_cond' 'ipip_tunnel_xmit' 'shmem_getpage_gfp' 'do_readlinkat' 'rcu_gp_fqs_loop' 'datagram_poll' 'pcpu_alloc' 'blk_mq_sched_dispatch_requests' 'mm_update_next_owner' 'do_nanosleep' 'echo_char' '__add_to_page_cache_locked' 'watchdog' 'ext4_da_write_end' 'dccp_rcv_close' 'sk_wait_data' '__dev_queue_xmit' '__ext4_new_inode' 'update_defense_level' 'ktime_get_seconds' 'ext4_mb_good_group' 'generic_fillattr' 'icmp_global_allow' 'osq_lock' 'process_srcu' 'vm_area_dup' 'ext4_free_inodes_count' 'blk_mq_dispatch_rq_list' '__snd_rawmidi_transmit_ack' 'do_exit' 'batadv_tt_local_add' 'snapshot_refaults' 'bio_endio' 'pid_update_inode' 'tcp_poll' 'mod_timer' 'generic_write_end' 'commit_echoes' 'filemap_map_pages' 'do_syslog' 'tcp_add_backlog' '__delete_from_page_cache' 'p9_poll_workfn' 'copy_process' 'fib6_ifup' 'xas_clear_mark' 'ext4_mark_iloc_dirty' 'find_next_bit' '__nf_conntrack_find_get' 'poll_schedule_timeout' 'sit_tunnel_xmit' 'vti_tunnel_xmit' 'dd_has_work' 'ext4_ext_insert_extent' 'xas_find_marked' 'futex_wait_queue_me' 'list_lru_add' 'generic_permission' 'tick_sched_do_timer' 'tick_nohz_idle_stop_tick' 'tcp_sendmsg_locked' [ 206.732598][ T7190] ================================================================== [ 206.741206][ T7190] BUG: KCSAN: data-race in __acct_update_integrals / mmap_region [ 206.748945][ T7190] [ 206.751280][ T7190] read to 0xffff888122e45c40 of 8 bytes by interrupt on cpu 0: [ 206.758831][ T7190] __acct_update_integrals+0x1b1/0x1e0 [ 206.764458][ T7190] acct_account_cputime+0x4e/0x60 [ 206.769504][ T7190] account_user_time+0xb2/0xc0 [ 206.774299][ T7190] irqtime_account_process_tick.isra.0+0x14e/0x1b0 [ 206.780789][ T7190] account_process_tick+0x14e/0x190 [ 206.785996][ T7190] update_process_times+0x29/0x80 [ 206.791021][ T7190] tick_sched_handle+0x75/0x100 [ 206.796313][ T7190] tick_sched_timer+0x58/0xe0 [ 206.800995][ T7190] __hrtimer_run_queues+0x288/0x600 [ 206.806445][ T7190] hrtimer_interrupt+0x22a/0x480 [ 206.811548][ T7190] smp_apic_timer_interrupt+0xdc/0x280 [ 206.817179][ T7190] apic_timer_interrupt+0xf/0x20 [ 206.822097][ T7190] [ 206.824420][ T7190] write to 0xffff888122e45c40 of 8 bytes by task 7190 on cpu 1: [ 206.832269][ T7190] mmap_region+0x328/0xd50 [ 206.837001][ T7190] do_mmap+0x6d4/0xba0 [ 206.841229][ T7190] vm_mmap_pgoff+0x12d/0x190 [ 206.845929][ T7190] ksys_mmap_pgoff+0x99/0x420 [ 206.850780][ T7190] __x64_sys_mmap+0x91/0xc0 [ 206.855285][ T7190] do_syscall_64+0xcc/0x370 [ 206.859778][ T7190] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 206.865754][ T7190] [ 206.868084][ T7190] Reported by Kernel Concurrency Sanitizer on: [ 206.874234][ T7190] CPU: 1 PID: 7190 Comm: syz-fuzzer Not tainted 5.4.0-rc3+ #0 [ 206.881668][ T7190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 206.891795][ T7190] ================================================================== [ 206.899848][ T7190] Kernel panic - not syncing: panic_on_warn set ... [ 206.906430][ T7190] CPU: 1 PID: 7190 Comm: syz-fuzzer Not tainted 5.4.0-rc3+ #0 [ 206.913869][ T7190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 206.923902][ T7190] Call Trace: [ 206.927187][ T7190] dump_stack+0xf5/0x159 [ 206.931501][ T7190] panic+0x210/0x640 [ 206.936350][ T7190] ? vprintk_func+0x8d/0x140 [ 206.941372][ T7190] kcsan_report.cold+0xc/0x10 [ 206.946342][ T7190] __kcsan_setup_watchpoint+0x32e/0x4a0 [ 206.952395][ T7190] __tsan_write8+0x32/0x40 [ 206.957053][ T7190] mmap_region+0x328/0xd50 [ 206.961554][ T7190] ? __tsan_read8+0x2c/0x30 [ 206.966696][ T7190] do_mmap+0x6d4/0xba0 [ 206.971325][ T7190] vm_mmap_pgoff+0x12d/0x190 [ 206.975915][ T7190] ksys_mmap_pgoff+0x99/0x420 [ 206.980746][ T7190] __x64_sys_mmap+0x91/0xc0 [ 206.985261][ T7190] do_syscall_64+0xcc/0x370 [ 206.989768][ T7190] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 206.995688][ T7190] RIP: 0033:0x45b014 [ 206.999590][ T7190] Code: 03 cc cc cc cc cc 48 8b 7c 24 08 48 8b 74 24 10 8b 54 24 18 44 8b 54 24 1c 44 8b 44 24 20 44 8b 4c 24 24 b8 09 00 00 00 0f 05 <48> 3d 01 f0 ff ff 76 15 48 f7 d0 48 ff c0 48 c7 44 24 28 00 00 00 [ 207.019278][ T7190] RSP: 002b:000000c42014bbc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 207.027698][ T7190] RAX: ffffffffffffffda RBX: 0000000000000022 RCX: 000000000045b014 [ 207.035664][ T7190] RDX: 0000000000000003 RSI: 0000000000008000 RDI: 000000c41f7d0000 [ 207.043878][ T7190] RBP: 000000c42014bc38 R08: 00000000ffffffff R09: 0000000000000000 [ 207.052081][ T7190] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000000 [ 207.060235][ T7190] R13: 0000000000000002 R14: 0000000000000002 R15: 0000000000000002 [ 207.069729][ T7190] Kernel Offset: disabled [ 207.074198][ T7190] Rebooting in 86400 seconds..