[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 37.654523][ T26] audit: type=1800 audit(1572869558.852:25): pid=7070 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2447 res=0 [ 37.674632][ T26] audit: type=1800 audit(1572869558.852:26): pid=7070 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2490 res=0 [ 37.697049][ T26] audit: type=1800 audit(1572869558.852:27): pid=7070 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2469 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.8' (ECDSA) to the list of known hosts. 2019/11/04 12:12:46 fuzzer started 2019/11/04 12:12:48 dialing manager at 10.128.0.105:43623 2019/11/04 12:12:48 syscalls: 2553 2019/11/04 12:12:48 code coverage: enabled 2019/11/04 12:12:48 comparison tracing: enabled 2019/11/04 12:12:48 extra coverage: extra coverage is not supported by the kernel 2019/11/04 12:12:48 setuid sandbox: enabled 2019/11/04 12:12:48 namespace sandbox: enabled 2019/11/04 12:12:48 Android sandbox: /sys/fs/selinux/policy does not exist 2019/11/04 12:12:48 fault injection: enabled 2019/11/04 12:12:48 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/11/04 12:12:48 net packet injection: enabled 2019/11/04 12:12:48 net device setup: enabled 2019/11/04 12:12:48 concurrency sanitizer: enabled 2019/11/04 12:12:48 devlink PCI setup: PCI device 0000:00:10.0 is not available 2019/11/04 12:12:53 adding functions to KCSAN blacklist: 'tcp_add_backlog' 'ext4_has_free_clusters' 'pid_update_inode' '__nf_ct_refresh_acct' 'rcu_gp_fqs_check_wake' 'pipe_poll' '__hrtimer_run_queues' 'find_next_bit' 'ep_poll' 'ktime_get_real_seconds' 'taskstats_exit' 'tick_do_update_jiffies64' 'do_nanosleep' 'generic_permission' 'generic_fillattr' 'add_timer' 'task_dump_owner' 'tomoyo_supervisor' '__tcp_select_window' 'tcp_poll' '__nf_conntrack_find_get' syzkaller login: [ 54.341876][ C0] ================================================================== [ 54.350120][ C0] BUG: KCSAN: data-race in tick_sched_do_timer / tick_sched_do_timer [ 54.358198][ C0] [ 54.360714][ C0] read to 0xffffffff85cb2790 of 4 bytes by interrupt on cpu 1: [ 54.368258][ C0] tick_sched_do_timer+0x33/0xe0 [ 54.373191][ C0] tick_sched_timer+0x43/0xe0 [ 54.377873][ C0] __hrtimer_run_queues+0x288/0x600 [ 54.383069][ C0] hrtimer_interrupt+0x22a/0x480 [ 54.388197][ C0] smp_apic_timer_interrupt+0xdc/0x280 [ 54.393720][ C0] apic_timer_interrupt+0xf/0x20 [ 54.398740][ C0] __kcsan_check_watchpoint+0xa2/0x180 [ 54.404177][ C0] __tsan_read8+0x15/0x30 [ 54.409721][ C0] ip_vs_out+0x82/0xd00 [ 54.413854][ C0] ip_vs_reply4+0x58/0x70 [ 54.418859][ C0] nf_hook_slow+0x83/0x160 [ 54.423252][ C0] ip_local_deliver+0x1e5/0x210 [ 54.428075][ C0] ip_rcv_finish+0x121/0x160 [ 54.432641][ C0] ip_rcv+0x18f/0x1a0 [ 54.436609][ C0] [ 54.439094][ C0] write to 0xffffffff85cb2790 of 4 bytes by interrupt on cpu 0: [ 54.446730][ C0] tick_sched_do_timer+0xc0/0xe0 [ 54.451671][ C0] tick_sched_timer+0x43/0xe0 [ 54.456347][ C0] __hrtimer_run_queues+0x288/0x600 [ 54.461543][ C0] hrtimer_interrupt+0x22a/0x480 [ 54.466472][ C0] smp_apic_timer_interrupt+0xdc/0x280 [ 54.471906][ C0] apic_timer_interrupt+0xf/0x20 [ 54.476822][ C0] __kcsan_setup_watchpoint+0x6/0x4a0 [ 54.482170][ C0] __tsan_read8+0x2c/0x30 [ 54.486491][ C0] tcp_recvmsg+0x15fb/0x1a30 [ 54.491177][ C0] inet_recvmsg+0xbb/0x250 [ 54.495570][ C0] sock_recvmsg+0x92/0xb0 [ 54.499889][ C0] sock_read_iter+0x15f/0x1e0 [ 54.504549][ C0] new_sync_read+0x389/0x4f0 [ 54.509127][ C0] [ 54.511428][ C0] Reported by Kernel Concurrency Sanitizer on: [ 54.517669][ C0] CPU: 0 PID: 7219 Comm: syz-fuzzer Not tainted 5.4.0-rc3+ #0 [ 54.525620][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 54.535648][ C0] ================================================================== [ 54.543686][ C0] Kernel panic - not syncing: panic_on_warn set ... [ 54.550339][ C0] CPU: 0 PID: 7219 Comm: syz-fuzzer Not tainted 5.4.0-rc3+ #0 [ 54.557768][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 54.567798][ C0] Call Trace: [ 54.571064][ C0] [ 54.573923][ C0] dump_stack+0xf5/0x159 [ 54.578146][ C0] panic+0x210/0x640 [ 54.582051][ C0] ? tcp_recvmsg+0x15fb/0x1a30 [ 54.586805][ C0] ? vprintk_func+0x8d/0x140 [ 54.591475][ C0] kcsan_report.cold+0xc/0x10 [ 54.596143][ C0] __kcsan_setup_watchpoint+0x32e/0x4a0 [ 54.601671][ C0] __tsan_write4+0x32/0x40 [ 54.606073][ C0] tick_sched_do_timer+0xc0/0xe0 [ 54.611003][ C0] tick_sched_timer+0x43/0xe0 [ 54.615698][ C0] __hrtimer_run_queues+0x288/0x600 [ 54.620893][ C0] ? tick_sched_do_timer+0xe0/0xe0 [ 54.625988][ C0] hrtimer_interrupt+0x22a/0x480 [ 54.630921][ C0] smp_apic_timer_interrupt+0xdc/0x280 [ 54.636359][ C0] ? smp_reschedule_interrupt+0x71/0x1d0 [ 54.641970][ C0] apic_timer_interrupt+0xf/0x20 [ 54.647243][ C0] [ 54.650163][ C0] RIP: 0010:__kcsan_setup_watchpoint+0x6/0x4a0 [ 54.657951][ C0] Code: 4c 89 ef e8 8c 0e 00 00 66 90 31 c0 eb b6 c3 bf 04 00 00 00 41 bf 02 00 00 00 e8 45 0b 00 00 eb c5 0f 1f 00 55 48 89 e5 41 57 <41> 56 49 89 fe 41 55 41 54 49 89 f4 53 89 d3 48 83 ec 18 66 0f 1f [ 54.677707][ C0] RSP: 0018:ffffc90002e0fad8 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13 [ 54.686103][ C0] RAX: 0000000000000001 RBX: 00000000000000c0 RCX: 0000000000000003 [ 54.694055][ C0] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffff8881248011c0 [ 54.702005][ C0] RBP: ffffc90002e0fae0 R08: 0000000000000000 R09: 00008881248011c7 [ 54.709957][ C0] R10: 00000000aaaaaaab R11: ffffffff86045c20 R12: ffff8881248011c0 [ 54.718087][ C0] R13: 15d3f48ba8c1f023 R14: ffff888124801100 R15: ffff8881293b4940 [ 54.726435][ C0] __tsan_read8+0x2c/0x30 [ 54.730774][ C0] tcp_recvmsg+0x15fb/0x1a30 [ 54.735380][ C0] inet_recvmsg+0xbb/0x250 [ 54.739799][ C0] ? __tsan_read8+0x2c/0x30 [ 54.744294][ C0] ? inet_sendpage+0x100/0x100 [ 54.749042][ C0] sock_recvmsg+0x92/0xb0 [ 54.753351][ C0] sock_read_iter+0x15f/0x1e0 [ 54.758130][ C0] new_sync_read+0x389/0x4f0 [ 54.762721][ C0] __vfs_read+0xb1/0xc0 [ 54.766995][ C0] vfs_read+0x143/0x2c0 [ 54.771147][ C0] ksys_read+0xd5/0x1b0 [ 54.775376][ C0] __x64_sys_read+0x4c/0x60 [ 54.779988][ C0] do_syscall_64+0xcc/0x370 [ 54.784489][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 54.790364][ C0] RIP: 0033:0x47c530 [ 54.794249][ C0] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 54.814039][ C0] RSP: 002b:000000c4203317d8 EFLAGS: 00000212 ORIG_RAX: 0000000000000000 [ 54.822439][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000047c530 [ 54.830389][ C0] RDX: 0000000000001000 RSI: 000000c4201b6000 RDI: 0000000000000003 [ 54.838354][ C0] RBP: 000000c420331830 R08: 0000000000000000 R09: 0000000000000000 [ 54.846313][ C0] R10: 0000000000000000 R11: 0000000000000212 R12: 0000000000000010 [ 54.854275][ C0] R13: ffffffffffffffff R14: 0000000000000002 R15: ffffffffffffffff [ 54.864200][ C0] Kernel Offset: disabled [ 54.868533][ C0] Rebooting in 86400 seconds..