[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 35.207444][ T26] audit: type=1800 audit(1571698845.061:25): pid=7037 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2447 res=0 [ 35.244409][ T26] audit: type=1800 audit(1571698845.061:26): pid=7037 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2490 res=0 [ 35.264894][ T26] audit: type=1800 audit(1571698845.061:27): pid=7037 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2469 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.1.9' (ECDSA) to the list of known hosts. 2019/10/21 23:00:52 fuzzer started 2019/10/21 23:00:53 dialing manager at 10.128.0.105:39747 2019/10/21 23:00:53 syscalls: 2524 2019/10/21 23:00:53 code coverage: enabled 2019/10/21 23:00:53 comparison tracing: enabled 2019/10/21 23:00:53 extra coverage: extra coverage is not supported by the kernel 2019/10/21 23:00:53 setuid sandbox: enabled 2019/10/21 23:00:53 namespace sandbox: enabled 2019/10/21 23:00:53 Android sandbox: /sys/fs/selinux/policy does not exist 2019/10/21 23:00:53 fault injection: enabled 2019/10/21 23:00:53 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/10/21 23:00:53 net packet injection: enabled 2019/10/21 23:00:53 net device setup: enabled 2019/10/21 23:00:53 concurrency sanitizer: enabled syzkaller login: [ 43.906039][ C1] ================================================================== [ 43.914161][ C1] BUG: KCSAN: data-race in tick_sched_do_timer / tick_sched_do_timer [ 43.922241][ C1] [ 43.924596][ C1] write to 0xffffffff85cb2790 of 4 bytes by interrupt on cpu 0: [ 43.932206][ C1] tick_sched_do_timer+0xc0/0xe0 [ 43.938266][ C1] tick_sched_timer+0x43/0xe0 [ 43.942932][ C1] __hrtimer_run_queues+0x288/0x600 [ 43.948121][ C1] hrtimer_interrupt+0x22a/0x480 [ 43.953048][ C1] smp_apic_timer_interrupt+0xdc/0x280 [ 43.958484][ C1] apic_timer_interrupt+0xf/0x20 [ 43.963404][ C1] [ 43.965714][ C1] read to 0xffffffff85cb2790 of 4 bytes by interrupt on cpu 1: [ 43.973266][ C1] tick_sched_do_timer+0x33/0xe0 [ 43.978196][ C1] tick_sched_timer+0x43/0xe0 [ 43.982850][ C1] __hrtimer_run_queues+0x288/0x600 [ 43.988038][ C1] hrtimer_interrupt+0x22a/0x480 [ 43.993489][ C1] smp_apic_timer_interrupt+0xdc/0x280 [ 43.999059][ C1] apic_timer_interrupt+0xf/0x20 [ 44.003978][ C1] write_comp_data+0x1e/0x70 [ 44.008561][ C1] __read_once_size+0x25/0xe0 [ 44.013214][ C1] ktime_get_ts64+0x189/0x2c0 [ 44.017871][ C1] select_estimate_accuracy+0x71/0x200 [ 44.023384][ C1] do_select+0xad7/0x1020 [ 44.027713][ C1] core_sys_select+0x381/0x550 [ 44.032475][ C1] do_pselect.constprop.0+0x11d/0x160 [ 44.037822][ C1] [ 44.040262][ C1] Reported by Kernel Concurrency Sanitizer on: [ 44.046402][ C1] CPU: 1 PID: 7191 Comm: syz-fuzzer Not tainted 5.4.0-rc3+ #0 [ 44.053828][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 44.063903][ C1] ================================================================== [ 44.071976][ C1] Kernel panic - not syncing: panic_on_warn set ... [ 44.078544][ C1] CPU: 1 PID: 7191 Comm: syz-fuzzer Not tainted 5.4.0-rc3+ #0 [ 44.085973][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 44.096006][ C1] Call Trace: [ 44.099279][ C1] [ 44.102124][ C1] dump_stack+0xf5/0x159 [ 44.106347][ C1] panic+0x210/0x640 [ 44.110235][ C1] ? ktime_get_ts64+0x189/0x2c0 [ 44.115064][ C1] ? vprintk_func+0x8d/0x140 [ 44.119637][ C1] kcsan_report.cold+0xc/0x10 [ 44.124296][ C1] __kcsan_setup_watchpoint+0x32e/0x4a0 [ 44.129820][ C1] __tsan_read4+0x2c/0x30 [ 44.134131][ C1] tick_sched_do_timer+0x33/0xe0 [ 44.139050][ C1] tick_sched_timer+0x43/0xe0 [ 44.143707][ C1] __hrtimer_run_queues+0x288/0x600 [ 44.149072][ C1] ? tick_sched_do_timer+0xe0/0xe0 [ 44.154174][ C1] hrtimer_interrupt+0x22a/0x480 [ 44.159119][ C1] smp_apic_timer_interrupt+0xdc/0x280 [ 44.164567][ C1] ? do_IRQ+0xcb/0x180 [ 44.169000][ C1] apic_timer_interrupt+0xf/0x20 [ 44.173923][ C1] [ 44.176851][ C1] RIP: 0010:write_comp_data+0x1e/0x70 [ 44.182201][ C1] Code: 48 89 34 d1 48 89 11 5d c3 0f 1f 00 65 4c 8b 04 25 40 6c 01 00 65 8b 05 c8 a3 bb 7e a9 00 01 1f 00 75 51 41 8b 80 08 0a 00 00 <83> f8 03 75 45 49 8b 80 10 0a 00 00 45 8b 80 0c 0a 00 00 4c 8b 08 [ 44.201781][ C1] RSP: 0018:ffffc900016377d0 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13 [ 44.210168][ C1] RAX: 0000000000000000 RBX: 0000000000000001 RCX: ffffffff813c9df5 [ 44.218379][ C1] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000000000000005 [ 44.226343][ C1] RBP: ffffc900016377f0 R08: ffff88812a2ed080 R09: 0000ffff86040b97 [ 44.234295][ C1] R10: 00000000aaaaaaab R11: ffffffff86045c18 R12: ffffffff84e38d40 [ 44.242243][ C1] R13: 0000000000000002 R14: 0000000000000000 R15: ffffffffa251c786 [ 44.250203][ C1] ? __read_once_size+0x25/0xe0 [ 44.255061][ C1] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 44.260932][ C1] __read_once_size+0x25/0xe0 [ 44.265604][ C1] ktime_get_ts64+0x189/0x2c0 [ 44.270266][ C1] select_estimate_accuracy+0x71/0x200 [ 44.275736][ C1] ? __rcu_read_unlock+0x66/0x3c0 [ 44.280752][ C1] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 44.286646][ C1] do_select+0xad7/0x1020 [ 44.290961][ C1] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 44.296570][ C1] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 44.302284][ C1] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 44.307910][ C1] ? poll_initwait+0xa0/0xa0 [ 44.312479][ C1] ? __tsan_write8+0x32/0x40 [ 44.317067][ C1] ? rb_erase+0x2aa/0x990 [ 44.321392][ C1] ? __tsan_read8+0x2c/0x30 [ 44.325880][ C1] ? __tsan_read8+0x2c/0x30 [ 44.330360][ C1] ? _raw_spin_unlock_irqrestore+0x70/0x80 [ 44.336145][ C1] ? hrtimer_try_to_cancel+0x57/0x260 [ 44.341765][ C1] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 44.347383][ C1] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 44.353611][ C1] ? hrtimer_cancel+0x3b/0x50 [ 44.358282][ C1] ? __tsan_write4+0x32/0x40 [ 44.362877][ C1] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 44.368490][ C1] ? __rcu_read_unlock+0x66/0x3c0 [ 44.373495][ C1] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 44.379889][ C1] core_sys_select+0x381/0x550 [ 44.384649][ C1] ? __tsan_read8+0x2c/0x30 [ 44.389146][ C1] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 44.394866][ C1] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 44.400476][ C1] ? _copy_to_user+0x84/0xb0 [ 44.405049][ C1] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 44.410933][ C1] ? __tsan_write8+0x32/0x40 [ 44.415503][ C1] ? ktime_get_ts64+0x286/0x2c0 [ 44.420334][ C1] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 44.426043][ C1] ? timespec64_add_safe+0xae/0xd0 [ 44.432288][ C1] do_pselect.constprop.0+0x11d/0x160 [ 44.437753][ C1] __x64_sys_pselect6+0x12e/0x170 [ 44.442895][ C1] ? switch_fpu_return+0x11f/0x250 [ 44.448012][ C1] do_syscall_64+0xcc/0x370 [ 44.452522][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 44.458408][ C1] RIP: 0033:0x45ac23 [ 44.462284][ C1] Code: 48 89 44 24 08 bf 00 00 00 00 be 00 00 00 00 ba 00 00 00 00 41 ba 00 00 00 00 49 89 e0 41 b9 00 00 00 00 b8 0e 01 00 00 0f 05 <48> 8b 6c 24 10 48 83 c4 18 c3 cc cc cc b8 ba 00 00 00 0f 05 89 44 [ 44.481922][ C1] RSP: 002b:000000c42004ff08 EFLAGS: 00000202 ORIG_RAX: 000000000000010e [ 44.490430][ C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000045ac23 [ 44.498429][ C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 44.506434][ C1] RBP: 000000c42004ff18 R08: 000000c42004ff08 R09: 0000000000000000 [ 44.514401][ C1] R10: 0000000000000000 R11: 0000000000000202 R12: 000000000042f0a0 [ 44.522363][ C1] R13: 00000000000000f1 R14: 0000000000000011 R15: 0000000000000000 [ 44.531763][ C1] Kernel Offset: disabled [ 44.536090][ C1] Rebooting in 86400 seconds..