[ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.39' (ECDSA) to the list of known hosts. 2020/05/20 15:13:44 fuzzer started 2020/05/20 15:13:44 dialing manager at 10.128.0.105:44971 2020/05/20 15:13:53 syscalls: 3055 2020/05/20 15:13:53 code coverage: enabled 2020/05/20 15:13:53 comparison tracing: enabled 2020/05/20 15:13:53 extra coverage: enabled 2020/05/20 15:13:53 setuid sandbox: enabled 2020/05/20 15:13:53 namespace sandbox: enabled 2020/05/20 15:13:53 Android sandbox: /sys/fs/selinux/policy does not exist 2020/05/20 15:13:53 fault injection: enabled 2020/05/20 15:13:53 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/05/20 15:13:53 net packet injection: enabled 2020/05/20 15:13:53 net device setup: enabled 2020/05/20 15:13:53 concurrency sanitizer: enabled 2020/05/20 15:13:53 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/05/20 15:13:53 USB emulation: enabled syzkaller login: [ 61.413887][ T8913] KCSAN: could not find function: '_find_next_bit' 2020/05/20 15:13:55 adding functions to KCSAN blacklist: 'ext4_ext_try_to_merge_right' 'ep_poll' 'alloc_pid' '__ext4_new_inode' 'blk_mq_dispatch_rq_list' '__find_get_block' 'add_timer' 'generic_write_end' 'pcpu_alloc' 'ktime_get_real_seconds' 'page_counter_charge' 'xas_clear_mark' 'find_get_pages_range_tag' 'do_signal_stop' 'n_tty_receive_buf_common' 'blk_mq_sched_dispatch_requests' 'generic_fillattr' 'get_cpu_idle_time_us' '_find_next_bit' 'echo_char' 'shmem_getpage_gfp' 'mod_timer' 'copy_process' 'ext4_free_inodes_count' [ 68.530146][ C0] ================================================================== [ 68.538793][ C0] BUG: KCSAN: data-race in tick_sched_do_timer / tick_sched_do_timer [ 68.547318][ C0] [ 68.549925][ C0] write to 0xffffffff8764e210 of 4 bytes by interrupt on cpu 1: [ 68.557955][ C0] tick_sched_do_timer+0xb4/0xd0 [ 68.563025][ C0] tick_sched_timer+0x3f/0xd0 [ 68.567871][ C0] __hrtimer_run_queues+0x271/0x600 [ 68.573157][ C0] hrtimer_interrupt+0x226/0x490 [ 68.578201][ C0] smp_apic_timer_interrupt+0xd8/0x270 [ 68.583663][ C0] apic_timer_interrupt+0xf/0x20 [ 68.588581][ C0] __tsan_read4+0x61/0x110 [ 68.593062][ C0] virtqueue_add+0x89c/0x1ab0 [ 68.597836][ C0] virtqueue_add_inbuf_ctx+0x4c/0x64 [ 68.603133][ C0] try_fill_recv+0x69a/0xe60 [ 68.607791][ C0] virtnet_poll+0x62d/0x790 [ 68.612285][ C0] net_rx_action+0x3ad/0xac0 [ 68.616988][ C0] __do_softirq+0x118/0x34a [ 68.621839][ C0] run_ksoftirqd+0x41/0x60 [ 68.626545][ C0] smpboot_thread_fn+0x374/0x4a0 [ 68.632408][ C0] kthread+0x203/0x230 [ 68.637029][ C0] ret_from_fork+0x1f/0x30 [ 68.641852][ C0] [ 68.644659][ C0] read to 0xffffffff8764e210 of 4 bytes by interrupt on cpu 0: [ 68.653309][ C0] tick_sched_do_timer+0x2e/0xd0 [ 68.658984][ C0] tick_sched_timer+0x3f/0xd0 [ 68.663763][ C0] __hrtimer_run_queues+0x271/0x600 [ 68.668946][ C0] hrtimer_interrupt+0x226/0x490 [ 68.673971][ C0] smp_apic_timer_interrupt+0xd8/0x270 [ 68.679411][ C0] apic_timer_interrupt+0xf/0x20 [ 68.685258][ C0] __tsan_read4+0xac/0x110 [ 68.690128][ C0] skb_try_coalesce+0x26d/0xb90 [ 68.695022][ C0] tcp_try_coalesce+0x219/0x430 [ 68.700378][ C0] tcp_queue_rcv+0x9b/0x380 [ 68.704862][ C0] tcp_rcv_established+0xba3/0xee0 [ 68.709951][ C0] tcp_v4_do_rcv+0x396/0x4f0 [ 68.714522][ C0] __release_sock+0x130/0x1e0 [ 68.719188][ C0] release_sock+0x5e/0x160 [ 68.723825][ C0] tcp_recvmsg+0x68e/0x1ba0 [ 68.728424][ C0] inet_recvmsg+0xc1/0x250 [ 68.732905][ C0] sock_recvmsg+0x8e/0xb0 [ 68.737517][ C0] sock_read_iter+0x185/0x230 [ 68.742168][ C0] new_sync_read+0x416/0x450 [ 68.746741][ C0] __vfs_read+0x9e/0xb0 [ 68.750874][ C0] vfs_read+0x13e/0x2b0 [ 68.755000][ C0] ksys_read+0x16a/0x1a0 [ 68.759215][ C0] __x64_sys_read+0x49/0x60 [ 68.763855][ C0] do_syscall_64+0xc7/0x3b0 [ 68.768345][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 68.774226][ C0] [ 68.776535][ C0] Reported by Kernel Concurrency Sanitizer on: [ 68.782673][ C0] CPU: 0 PID: 8903 Comm: syz-fuzzer Not tainted 5.7.0-rc1-syzkaller #0 [ 68.790895][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 68.800962][ C0] ================================================================== [ 68.809000][ C0] Kernel panic - not syncing: panic_on_warn set ... [ 68.815569][ C0] CPU: 0 PID: 8903 Comm: syz-fuzzer Not tainted 5.7.0-rc1-syzkaller #0 [ 68.823792][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 68.833842][ C0] Call Trace: [ 68.837100][ C0] [ 68.839933][ C0] dump_stack+0x11d/0x187 [ 68.844240][ C0] panic+0x210/0x640 [ 68.848116][ C0] ? vprintk_func+0x89/0x13a [ 68.852769][ C0] kcsan_report.cold+0xc/0x1a [ 68.857439][ C0] kcsan_setup_watchpoint+0x3fb/0x440 [ 68.862802][ C0] tick_sched_do_timer+0x2e/0xd0 [ 68.867728][ C0] tick_sched_timer+0x3f/0xd0 [ 68.872411][ C0] __hrtimer_run_queues+0x271/0x600 [ 68.877593][ C0] ? tick_sched_do_timer+0xd0/0xd0 [ 68.882680][ C0] hrtimer_interrupt+0x226/0x490 [ 68.887595][ C0] ? kvm_clock_read+0x14/0x30 [ 68.892339][ C0] smp_apic_timer_interrupt+0xd8/0x270 [ 68.897774][ C0] apic_timer_interrupt+0xf/0x20 [ 68.902684][ C0] [ 68.905601][ C0] RIP: 0010:__tsan_read4+0xac/0x110 [ 68.910790][ C0] Code: 05 c1 5d ac 7e 8b 50 04 85 d2 7f 28 8b 50 08 85 d2 7e 39 48 83 78 20 00 75 66 c3 65 48 8b 04 25 40 8c 01 00 8b 90 1c 0a 00 00 <48> 05 18 0a 00 00 85 d2 7e d8 65 8b 0d 2b c6 ac 7e 48 c1 e9 10 83 [ 68.930388][ C0] RSP: 0018:ffffc90000de7840 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13 [ 68.938783][ C0] RAX: ffff888129c29000 RBX: ffff888121d11ac0 RCX: ffffffff88af04a8 [ 68.946729][ C0] RDX: 0000000000000000 RSI: ffffffff84d867c9 RDI: ffff8881216eaebc [ 68.954676][ C0] RBP: ffff888121fb1600 R08: 0000000000000000 R09: 00008881216eaebc [ 68.962632][ C0] R10: 0000888121fb167e R11: 00008881216eaebf R12: 00000000000002d0 [ 68.970654][ C0] R13: ffff8881216eae00 R14: ffff8881216eae70 R15: ffffc90000de7a2f [ 68.978636][ C0] ? skb_try_coalesce+0x259/0xb90 [ 68.983640][ C0] skb_try_coalesce+0x26d/0xb90 [ 68.988492][ C0] ? __wake_up_common+0x76/0x180 [ 68.993508][ C0] tcp_try_coalesce+0x219/0x430 [ 68.998542][ C0] ? __sanitizer_cov_trace_switch+0x45/0x70 [ 69.005007][ C0] tcp_queue_rcv+0x9b/0x380 [ 69.009504][ C0] tcp_rcv_established+0xba3/0xee0 [ 69.014601][ C0] tcp_v4_do_rcv+0x396/0x4f0 [ 69.019398][ C0] __release_sock+0x130/0x1e0 [ 69.024747][ C0] release_sock+0x5e/0x160 [ 69.029137][ C0] tcp_recvmsg+0x68e/0x1ba0 [ 69.033626][ C0] inet_recvmsg+0xc1/0x250 [ 69.038053][ C0] ? apparmor_socket_recvmsg+0x38/0x40 [ 69.043502][ C0] ? inet_sendpage+0xf0/0xf0 [ 69.048120][ C0] sock_recvmsg+0x8e/0xb0 [ 69.052450][ C0] sock_read_iter+0x185/0x230 [ 69.057118][ C0] new_sync_read+0x416/0x450 [ 69.061693][ C0] __vfs_read+0x9e/0xb0 [ 69.065839][ C0] vfs_read+0x13e/0x2b0 [ 69.069971][ C0] ksys_read+0x16a/0x1a0 [ 69.074278][ C0] __x64_sys_read+0x49/0x60 [ 69.079471][ C0] do_syscall_64+0xc7/0x3b0 [ 69.083960][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 69.089842][ C0] RIP: 0033:0x47c530 [ 69.093729][ C0] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 69.113317][ C0] RSP: 002b:000000c4201ab810 EFLAGS: 00000202 ORIG_RAX: 0000000000000000 [ 69.121896][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000047c530 [ 69.129864][ C0] RDX: 0000000000001000 RSI: 000000c4203f4000 RDI: 0000000000000003 [ 69.137814][ C0] RBP: 000000c4201ab868 R08: 0000000000000000 R09: 0000000000000000 [ 69.145780][ C0] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000040 [ 69.153726][ C0] R13: ffffffffffffffff R14: 0000000000000002 R15: ffffffffffffffff [ 69.163105][ C0] Kernel Offset: disabled [ 69.167419][ C0] Rebooting in 86400 seconds..