[[0;32m  OK  [0m] Reached target Login Prompts.
[[0;32m  OK  [0m] Reached target Multi-User System.
[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.0.117' (ECDSA) to the list of known hosts.
2020/06/03 14:35:55 fuzzer started
2020/06/03 14:35:55 dialing manager at 10.128.0.105:40391
2020/06/03 14:35:56 syscalls: 3055
2020/06/03 14:35:56 code coverage: enabled
2020/06/03 14:35:56 comparison tracing: enabled
2020/06/03 14:35:56 extra coverage: enabled
2020/06/03 14:35:56 setuid sandbox: enabled
2020/06/03 14:35:56 namespace sandbox: enabled
2020/06/03 14:35:56 Android sandbox: /sys/fs/selinux/policy does not exist
2020/06/03 14:35:56 fault injection: enabled
2020/06/03 14:35:56 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2020/06/03 14:35:56 net packet injection: enabled
2020/06/03 14:35:56 net device setup: enabled
2020/06/03 14:35:56 concurrency sanitizer: enabled
2020/06/03 14:35:56 devlink PCI setup: PCI device 0000:00:10.0 is not available
2020/06/03 14:35:56 USB emulation: enabled
syzkaller login: [   50.068520][ T8905] KCSAN: could not find function: '_find_next_bit'
2020/06/03 14:35:59 adding functions to KCSAN blacklist: '__process_echoes' 'ep_poll' 'ext4_free_inodes_count' 'tick_nohz_idle_stop_tick' 'generic_fillattr' 'do_settimeofday64' 'run_timer_softirq' 'copy_process' '_find_next_bit' 'n_tty_receive_buf_common' 'mod_timer' 'add_timer' 'blk_mq_get_request' 'futex_wait_queue_me' 'page_counter_charge' 'alloc_pid' 'kauditd_thread' 'do_nanosleep' 'generic_write_end' 'wbt_issue' 'blk_mq_sched_dispatch_requests' 'ext4_mark_iloc_dirty' 'find_get_pages_range_tag' 'generic_file_read_iter' '__ext4_new_inode' 'xas_clear_mark' 'tick_nohz_next_event' 
[  115.578520][    C1] ==================================================================
[  115.586664][    C1] BUG: KCSAN: data-race in tick_sched_do_timer / tick_sched_do_timer
[  115.594711][    C1] 
[  115.597036][    C1] write to 0xffffffff8764e210 of 4 bytes by interrupt on cpu 0:
[  115.604668][    C1]  tick_sched_do_timer+0xb4/0xd0
[  115.609615][    C1]  tick_sched_timer+0x3f/0xd0
[  115.614294][    C1]  __hrtimer_run_queues+0x271/0x600
[  115.619583][    C1]  hrtimer_interrupt+0x226/0x490
[  115.624520][    C1]  smp_apic_timer_interrupt+0xd8/0x270
[  115.629982][    C1]  apic_timer_interrupt+0xf/0x20
[  115.634922][    C1]  write_comp_data+0x68/0x70
[  115.639516][    C1]  __sanitizer_cov_trace_switch+0x45/0x70
[  115.645232][    C1]  __read_once_size+0x20/0xd0
[  115.649912][    C1]  ktime_get+0x91/0x210
[  115.654343][    C1]  tcp_mstamp_refresh+0x19/0x70
[  115.659251][    C1]  tcp_rcv_established+0x81/0xee0
[  115.664277][    C1]  tcp_v4_do_rcv+0x396/0x4f0
[  115.668875][    C1]  tcp_v4_rcv+0x1c55/0x1e10
[  115.673387][    C1]  ip_protocol_deliver_rcu+0x4b/0x410
[  115.678765][    C1]  ip_local_deliver_finish+0xf3/0x120
[  115.684230][    C1]  ip_local_deliver+0x135/0x220
[  115.689176][    C1]  ip_sublist_rcv_finish+0xf0/0x140
[  115.694384][    C1]  ip_sublist_rcv+0x3f8/0x530
[  115.699063][    C1]  ip_list_rcv+0x2f3/0x321
[  115.703517][    C1]  __netif_receive_skb_list_core+0x368/0x5c0
[  115.709505][    C1]  netif_receive_skb_list_internal+0x5c7/0x810
[  115.715665][    C1]  gro_normal_list.part.0+0x37/0xa0
[  115.720896][    C1]  gro_normal_one+0x14c/0x160
[  115.725590][    C1]  napi_gro_receive+0x27d/0x2f0
[  115.730438][    C1]  receive_buf+0x24c/0x3420
[  115.735130][    C1]  virtnet_poll+0x343/0x790
[  115.739667][    C1]  net_rx_action+0x3ad/0xac0
[  115.744376][    C1]  __do_softirq+0x118/0x34a
[  115.748896][    C1]  run_ksoftirqd+0x41/0x60
[  115.753319][    C1]  smpboot_thread_fn+0x374/0x4a0
[  115.758252][    C1]  kthread+0x203/0x230
[  115.762321][    C1]  ret_from_fork+0x1f/0x30
[  115.766720][    C1] 
[  115.769047][    C1] read to 0xffffffff8764e210 of 4 bytes by interrupt on cpu 1:
[  115.776680][    C1]  tick_sched_do_timer+0x2e/0xd0
[  115.781629][    C1]  tick_sched_timer+0x3f/0xd0
[  115.786322][    C1]  __hrtimer_run_queues+0x271/0x600
[  115.791523][    C1]  hrtimer_interrupt+0x226/0x490
[  115.796463][    C1]  smp_apic_timer_interrupt+0xd8/0x270
[  115.801936][    C1]  apic_timer_interrupt+0xf/0x20
[  115.806892][    C1]  should_fail+0x1cf/0x2fd
[  115.811304][    C1]  get_futex_key+0x5e1/0xbe0
[  115.815881][    C1]  futex_wait_setup+0x6f/0x1c0
[  115.820629][    C1]  futex_wait+0x14a/0x3a0
[  115.824962][    C1]  do_futex+0xe2/0x15b0
[  115.829187][    C1]  __x64_sys_futex+0x2dc/0x410
[  115.833937][    C1]  do_syscall_64+0xc7/0x3b0
[  115.838491][    C1]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  115.844357][    C1] 
[  115.846662][    C1] Reported by Kernel Concurrency Sanitizer on:
[  115.852893][    C1] CPU: 1 PID: 8892 Comm: syz-fuzzer Not tainted 5.7.0-rc1-syzkaller #0
[  115.861633][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  115.871689][    C1] ==================================================================
[  115.879837][    C1] Kernel panic - not syncing: panic_on_warn set ...
[  115.886429][    C1] CPU: 1 PID: 8892 Comm: syz-fuzzer Not tainted 5.7.0-rc1-syzkaller #0
[  115.894780][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  115.904851][    C1] Call Trace:
[  115.908126][    C1]  <IRQ>
[  115.911070][    C1]  dump_stack+0x11d/0x187
[  115.915479][    C1]  panic+0x210/0x640
[  115.919400][    C1]  ? vprintk_func+0x89/0x13a
[  115.923991][    C1]  kcsan_report.cold+0xc/0x1a
[  115.928674][    C1]  kcsan_setup_watchpoint+0x3fb/0x440
[  115.934046][    C1]  tick_sched_do_timer+0x2e/0xd0
[  115.939061][    C1]  tick_sched_timer+0x3f/0xd0
[  115.943738][    C1]  __hrtimer_run_queues+0x271/0x600
[  115.948929][    C1]  ? tick_sched_do_timer+0xd0/0xd0
[  115.954057][    C1]  hrtimer_interrupt+0x226/0x490
[  115.958989][    C1]  ? kvm_clock_read+0x14/0x30
[  115.963696][    C1]  smp_apic_timer_interrupt+0xd8/0x270
[  115.969149][    C1]  apic_timer_interrupt+0xf/0x20
[  115.974081][    C1]  </IRQ>
[  115.977037][    C1] RIP: 0010:should_fail+0x1cf/0x2fd
[  115.982231][    C1] Code: 47 fe ff ff 48 89 ef e8 6f 66 c5 fe 8b 44 24 0c 85 c0 74 0b 8d 50 ff f0 41 0f b1 55 00 75 f1 41 bc 01 00 00 00 e9 a8 fe ff ff <48> 8d 6c 24 0c 65 4c 8b 2c 25 40 8c 01 00 49 81 c5 f4 09 00 00 48
[  116.002200][    C1] RSP: 0018:ffffc9000105bb40 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13
[  116.010612][    C1] RAX: 0000000080000000 RBX: ffffffff87289100 RCX: ffffffff813fe8c0
[  116.018570][    C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffffffff813fedb1
[  116.026720][    C1] RBP: 00007fffffffeffc R08: ffff888128d52080 R09: 0000888128d52c10
[  116.034703][    C1] R10: 0000ffff87289188 R11: 0000888128d52c17 R12: 0000000000000001
[  116.042707][    C1] R13: 00000000000008b8 R14: 0000000000000000 R15: 0000000001682000
[  116.050685][    C1]  ? get_futex_key+0xf0/0xbe0
[  116.055365][    C1]  ? get_futex_key+0x5e1/0xbe0
[  116.060129][    C1]  get_futex_key+0x5e1/0xbe0
[  116.064720][    C1]  futex_wait_setup+0x6f/0x1c0
[  116.069482][    C1]  futex_wait+0x14a/0x3a0
[  116.074033][    C1]  ? hrtimer_active+0x1b0/0x1b0
[  116.079079][    C1]  do_futex+0xe2/0x15b0
[  116.083316][    C1]  ? __this_cpu_preempt_check+0x3c/0x130
[  116.089461][    C1]  ? rcu_qs+0x3e/0xb0
[  116.094430][    C1]  ? rcu_note_context_switch+0xef/0x790
[  116.099965][    C1]  ? __sanitizer_cov_trace_switch+0x45/0x70
[  116.105860][    C1]  ? __read_once_size+0x45/0xd0
[  116.110708][    C1]  ? __list_add_valid+0x5e/0x70
[  116.115553][    C1]  __x64_sys_futex+0x2dc/0x410
[  116.120321][    C1]  ? debug_smp_processor_id+0x3f/0x129
[  116.125774][    C1]  do_syscall_64+0xc7/0x3b0
[  116.130302][    C1]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  116.136183][    C1] RIP: 0033:0x469093
[  116.140122][    C1] Code: 24 20 c3 cc cc cc cc 48 8b 7c 24 08 8b 74 24 10 8b 54 24 14 4c 8b 54 24 18 4c 8b 44 24 20 44 8b 4c 24 28 b8 ca 00 00 00 0f 05 <89> 44 24 30 c3 cc cc cc cc cc cc cc cc 8b 7c 24 08 48 8b 74 24 10
[  116.160164][    C1] RSP: 002b:000000c00004de98 EFLAGS: 00000286 ORIG_RAX: 00000000000000ca
[  116.168571][    C1] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000469093
[  116.176536][    C1] RDX: 0000000000000002 RSI: 0000000000000080 RDI: 00000000016828b8
[  116.184498][    C1] RBP: 000000c00004dee0 R08: 0000000000000000 R09: 0000000000000000
[  116.192456][    C1] R10: 0000000000000000 R11: 0000000000000286 R12: 0000000000439470
[  116.200413][    C1] R13: 0000000000000000 R14: 0000000000ab4e88 R15: 0000000000000000
[  116.210027][    C1] Kernel Offset: disabled
[  116.214413][    C1] Rebooting in 86400 seconds..