[ 37.213031][ T25] audit: type=1800 audit(1571669956.821:22): pid=7183 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="motd" dev="sda1" ino=2480 res=0 [ 37.237599][ T25] audit: type=1800 audit(1571669956.821:23): pid=7183 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rsyslog" dev="sda1" ino=2475 res=0 [ 37.257954][ T25] audit: type=1800 audit(1571669956.821:24): pid=7183 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="sudo" dev="sda1" ino=2487 res=0 [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.132' (ECDSA) to the list of known hosts. 2019/10/21 14:59:27 fuzzer started 2019/10/21 14:59:29 dialing manager at 10.128.0.105:39747 2019/10/21 14:59:29 syscalls: 2524 2019/10/21 14:59:29 code coverage: enabled 2019/10/21 14:59:29 comparison tracing: enabled 2019/10/21 14:59:29 extra coverage: extra coverage is not supported by the kernel 2019/10/21 14:59:29 setuid sandbox: enabled 2019/10/21 14:59:29 namespace sandbox: enabled 2019/10/21 14:59:29 Android sandbox: /sys/fs/selinux/policy does not exist 2019/10/21 14:59:29 fault injection: enabled 2019/10/21 14:59:29 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/10/21 14:59:29 net packet injection: enabled 2019/10/21 14:59:29 net device setup: enabled 2019/10/21 14:59:29 concurrency sanitizer: enabled syzkaller login: [ 50.502355][ T7349] ================================================================== [ 50.510543][ T7349] BUG: KCSAN: data-race in tcp_poll / tcp_queue_rcv [ 50.517133][ T7349] [ 50.519585][ T7349] write to 0xffff888123a1d7b8 of 4 bytes by interrupt on cpu 1: [ 50.527247][ T7349] tcp_queue_rcv+0xe9/0x380 [ 50.531785][ T7349] tcp_rcv_established+0xbf1/0xf50 [ 50.536912][ T7349] tcp_v4_do_rcv+0x381/0x4e0 [ 50.541506][ T7349] tcp_v4_rcv+0x19dc/0x1bb0 [ 50.546056][ T7349] ip_protocol_deliver_rcu+0x4d/0x420 [ 50.551435][ T7349] ip_local_deliver_finish+0x110/0x140 [ 50.556914][ T7349] ip_local_deliver+0x133/0x210 [ 50.561780][ T7349] ip_rcv_finish+0x121/0x160 [ 50.566397][ T7349] ip_rcv+0x18f/0x1a0 [ 50.570390][ T7349] __netif_receive_skb_one_core+0xa7/0xe0 [ 50.576232][ T7349] __netif_receive_skb+0x37/0xf0 [ 50.581192][ T7349] netif_receive_skb_internal+0x59/0x190 [ 50.587282][ T7349] napi_gro_receive+0x28f/0x330 [ 50.592156][ T7349] receive_buf+0x284/0x30b0 [ 50.596661][ T7349] [ 50.599004][ T7349] read to 0xffff888123a1d7b8 of 4 bytes by task 7349 on cpu 0: [ 50.606664][ T7349] tcp_poll+0x204/0x6b0 [ 50.610815][ T7349] sock_poll+0xed/0x250 [ 50.615081][ T7349] ep_item_poll.isra.0+0x90/0x190 [ 50.621048][ T7349] ep_send_events_proc+0x113/0x590 [ 50.626159][ T7349] ep_scan_ready_list.constprop.0+0x189/0x500 [ 50.632230][ T7349] ep_poll+0xe3/0x900 [ 50.636210][ T7349] do_epoll_wait+0x162/0x180 [ 50.640815][ T7349] __x64_sys_epoll_pwait+0xcd/0x180 [ 50.646007][ T7349] do_syscall_64+0xcc/0x370 [ 50.650591][ T7349] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 50.656472][ T7349] [ 50.658794][ T7349] Reported by Kernel Concurrency Sanitizer on: [ 50.665066][ T7349] CPU: 0 PID: 7349 Comm: syz-fuzzer Not tainted 5.4.0-rc3+ #0 [ 50.672633][ T7349] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 50.682690][ T7349] ================================================================== [ 50.690801][ T7349] Kernel panic - not syncing: panic_on_warn set ... [ 50.697430][ T7349] CPU: 0 PID: 7349 Comm: syz-fuzzer Not tainted 5.4.0-rc3+ #0 [ 50.704874][ T7349] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 50.714919][ T7349] Call Trace: [ 50.718244][ T7349] dump_stack+0xf5/0x159 [ 50.722482][ T7349] panic+0x210/0x640 [ 50.726375][ T7349] ? do_syscall_64+0xcc/0x370 [ 50.731047][ T7349] ? vprintk_func+0x8d/0x140 [ 50.735631][ T7349] kcsan_report.cold+0xc/0x10 [ 50.740302][ T7349] __kcsan_setup_watchpoint+0x32e/0x4a0 [ 50.746121][ T7349] __tsan_read4+0x2c/0x30 [ 50.750578][ T7349] tcp_poll+0x204/0x6b0 [ 50.754908][ T7349] ? tcp_alloc_md5sig_pool+0x320/0x320 [ 50.760392][ T7349] sock_poll+0xed/0x250 [ 50.764571][ T7349] ? sock_read_iter+0x1e0/0x1e0 [ 50.769430][ T7349] ep_item_poll.isra.0+0x90/0x190 [ 50.774461][ T7349] ep_send_events_proc+0x113/0x590 [ 50.779585][ T7349] ? __schedule+0x319/0x640 [ 50.784081][ T7349] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 50.789999][ T7349] ep_scan_ready_list.constprop.0+0x189/0x500 [ 50.796063][ T7349] ? ep_loop_check_proc+0x2f0/0x2f0 [ 50.801255][ T7349] ep_poll+0xe3/0x900 [ 50.805246][ T7349] ? wake_up_q+0x70/0x70 [ 50.809529][ T7349] do_epoll_wait+0x162/0x180 [ 50.814129][ T7349] __x64_sys_epoll_pwait+0xcd/0x180 [ 50.819337][ T7349] do_syscall_64+0xcc/0x370 [ 50.823838][ T7349] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 50.830928][ T7349] RIP: 0033:0x45b300 [ 50.834831][ T7349] Code: 0f 05 89 44 24 20 c3 cc cc cc 8b 7c 24 08 48 8b 74 24 10 8b 54 24 18 44 8b 54 24 1c 49 c7 c0 00 00 00 00 b8 19 01 00 00 0f 05 <89> 44 24 20 c3 cc cc cc cc cc cc cc cc cc cc cc 8b 7c 24 08 48 c7 [ 50.854962][ T7349] RSP: 002b:000000c4203c1860 EFLAGS: 00000246 ORIG_RAX: 0000000000000119 [ 50.863874][ T7349] RAX: ffffffffffffffda RBX: 00000000ffffffff RCX: 000000000045b300 [ 50.871841][ T7349] RDX: 0000000000000080 RSI: 000000c4203c18a0 RDI: 0000000000000004 [ 50.880033][ T7349] RBP: 000000c4203c1ea0 R08: 0000000000000000 R09: 000000c420001b00 [ 50.888002][ T7349] R10: 00000000ffffffff R11: 0000000000000246 R12: 00000000000000a0 [ 50.896184][ T7349] R13: 00000000000000ff R14: 00007ff93e7006c8 R15: 0000000000000004 [ 50.906009][ T7349] Kernel Offset: disabled [ 50.910526][ T7349] Rebooting in 86400 seconds..