[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   35.415376][   T26] audit: type=1800 audit(1572091994.992:25): pid=7081 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2447 res=0
[   35.435244][   T26] audit: type=1800 audit(1572091994.992:26): pid=7081 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2490 res=0
[   35.455199][   T26] audit: type=1800 audit(1572091994.992:27): pid=7081 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2469 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.171' (ECDSA) to the list of known hosts.
2019/10/26 12:13:26 fuzzer started
2019/10/26 12:13:28 dialing manager at 10.128.0.105:33655
2019/10/26 12:13:30 syscalls: 2533
2019/10/26 12:13:30 code coverage: enabled
2019/10/26 12:13:30 comparison tracing: enabled
2019/10/26 12:13:30 extra coverage: extra coverage is not supported by the kernel
2019/10/26 12:13:30 setuid sandbox: enabled
2019/10/26 12:13:30 namespace sandbox: enabled
2019/10/26 12:13:30 Android sandbox: /sys/fs/selinux/policy does not exist
2019/10/26 12:13:30 fault injection: enabled
2019/10/26 12:13:30 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2019/10/26 12:13:30 net packet injection: enabled
2019/10/26 12:13:30 net device setup: enabled
2019/10/26 12:13:30 concurrency sanitizer: enabled
syzkaller login: [   56.879959][ T7249] KCSAN: could not find function: 'poll_schedule_timeout'
2019/10/26 12:13:38 adding functions to KCSAN blacklist: 'task_dump_owner' '__skb_try_recv_from_queue' '__hrtimer_run_queues' 'do_nanosleep' 'tick_do_update_jiffies64' 'update_defense_level' 'ktime_get_seconds' 'ext4_mb_good_group' '__ext4_new_inode' 'ep_poll' 'kvm_arch_vcpu_load' 'vm_area_dup' 'ext4_free_inode' 'ext4_free_inodes_count' 'blk_mq_dispatch_rq_list' 'rcu_gp_fqs_check_wake' 'taskstats_exit' 'get_task_cred' 'mod_timer' 'generic_write_end' 'commit_echoes' 'pid_update_inode' 'tcp_poll' 'find_get_pages_range_tag' 'tcp_add_backlog' 'ktime_get_real_seconds' '__delete_from_page_cache' 'ext4_has_free_clusters' 'poll_schedule_timeout' 'run_timer_softirq' 'find_next_bit' '__nf_conntrack_find_get' 'shmem_file_read_iter' 'add_timer' 'common_perm_cond' 'tomoyo_supervisor' 'pipe_poll' '__nf_ct_refresh_acct' 'generic_permission' 'rcu_gp_fqs_loop' 
[   71.534857][    C1] ==================================================================
[   71.543102][    C1] BUG: KCSAN: data-race in tick_sched_do_timer / tick_sched_do_timer
[   71.551175][    C1] 
[   71.553501][    C1] read to 0xffffffff85cb2790 of 4 bytes by interrupt on cpu 0:
[   71.561391][    C1]  tick_sched_do_timer+0x33/0xe0
[   71.566355][    C1]  tick_sched_timer+0x43/0xe0
[   71.571043][    C1]  __hrtimer_run_queues+0x288/0x600
[   71.576235][    C1]  hrtimer_interrupt+0x22a/0x480
[   71.581181][    C1]  smp_apic_timer_interrupt+0xdc/0x280
[   71.586654][    C1]  apic_timer_interrupt+0xf/0x20
[   71.591592][    C1]  __kcsan_setup_watchpoint+0x96/0x4a0
[   71.597746][    C1]  __tsan_read8+0x2c/0x30
[   71.602073][    C1]  ipt_do_table+0x6df/0xe60
[   71.606578][    C1]  iptable_mangle_hook+0x7a/0x260
[   71.611598][    C1]  nf_hook_slow+0x83/0x160
[   71.616007][    C1]  ip_rcv+0x12f/0x1a0
[   71.619991][    C1]  __netif_receive_skb_one_core+0xa7/0xe0
[   71.625703][    C1]  __netif_receive_skb+0x37/0xf0
[   71.630636][    C1] 
[   71.632966][    C1] write to 0xffffffff85cb2790 of 4 bytes by interrupt on cpu 1:
[   71.640596][    C1]  tick_sched_do_timer+0xc0/0xe0
[   71.645547][    C1]  tick_sched_timer+0x43/0xe0
[   71.650221][    C1]  __hrtimer_run_queues+0x288/0x600
[   71.655416][    C1]  hrtimer_interrupt+0x22a/0x480
[   71.660732][    C1]  smp_apic_timer_interrupt+0xdc/0x280
[   71.666210][    C1]  apic_timer_interrupt+0xf/0x20
[   71.671161][    C1]  __kcsan_setup_watchpoint+0x59/0x4a0
[   71.676618][    C1]  __tsan_write4+0x32/0x40
[   71.681033][    C1]  tcp_event_data_recv+0x63b/0x990
[   71.686834][    C1]  tcp_rcv_established+0xbfe/0xf50
[   71.691945][    C1]  tcp_v4_do_rcv+0x381/0x4e0
[   71.696514][    C1]  __release_sock+0x135/0x1e0
[   71.701168][    C1]  release_sock+0x61/0x160
[   71.705557][    C1] 
[   71.707884][    C1] Reported by Kernel Concurrency Sanitizer on:
[   71.714018][    C1] CPU: 1 PID: 7247 Comm: syz-fuzzer Not tainted 5.4.0-rc3+ #0
[   71.721769][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   71.732012][    C1] ==================================================================
[   71.740492][    C1] Kernel panic - not syncing: panic_on_warn set ...
[   71.747238][    C1] CPU: 1 PID: 7247 Comm: syz-fuzzer Not tainted 5.4.0-rc3+ #0
[   71.754684][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   71.765697][    C1] Call Trace:
[   71.768974][    C1]  <IRQ>
[   71.771824][    C1]  dump_stack+0xf5/0x159
[   71.776140][    C1]  panic+0x210/0x640
[   71.780017][    C1]  ? tcp_event_data_recv+0x63b/0x990
[   71.785296][    C1]  ? vprintk_func+0x8d/0x140
[   71.789881][    C1]  kcsan_report.cold+0xc/0x10
[   71.794552][    C1]  __kcsan_setup_watchpoint+0x32e/0x4a0
[   71.800276][    C1]  __tsan_write4+0x32/0x40
[   71.804676][    C1]  tick_sched_do_timer+0xc0/0xe0
[   71.809595][    C1]  tick_sched_timer+0x43/0xe0
[   71.814428][    C1]  __hrtimer_run_queues+0x288/0x600
[   71.819609][    C1]  ? tick_sched_do_timer+0xe0/0xe0
[   71.824707][    C1]  hrtimer_interrupt+0x22a/0x480
[   71.829650][    C1]  smp_apic_timer_interrupt+0xdc/0x280
[   71.835090][    C1]  ? smp_reschedule_interrupt+0x71/0x1d0
[   71.840715][    C1]  apic_timer_interrupt+0xf/0x20
[   71.845627][    C1]  </IRQ>
[   71.848547][    C1] RIP: 0010:__kcsan_setup_watchpoint+0x59/0x4a0
[   71.854781][    C1] Code: 00 00 65 48 8b 04 25 40 6c 01 00 8b 90 ec 09 00 00 48 05 e8 09 00 00 85 d2 0f 8f 4b 02 00 00 8b 50 08 85 d2 0f 8f 14 02 00 00 <80> 78 0c 00 0f 85 0a 02 00 00 4c 89 f7 e8 75 06 00 00 84 c0 0f 85
[   71.875442][    C1] RSP: 0018:ffffc9000169b8b8 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13
[   71.883930][    C1] RAX: ffff88812a2379e8 RBX: 0000000000000001 RCX: 0000000000000003
[   71.892026][    C1] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff88812389850c
[   71.899999][    C1] RBP: ffffc9000169b8f8 R08: 0000000000000001 R09: 000088812389850f
[   71.908037][    C1] R10: 00000000aaaaaaab R11: ffffffff86045cd8 R12: 0000000000000004
[   71.915992][    C1] R13: 0000000000000002 R14: ffff88812389850c R15: ffff888123898518
[   71.923973][    C1]  ? __kcsan_setup_watchpoint+0x6b/0x4a0
[   71.929749][    C1]  ? __sanitizer_cov_trace_switch+0x49/0x80
[   71.935641][    C1]  ? __kcsan_setup_watchpoint+0x6b/0x4a0
[   71.941352][    C1]  __tsan_write4+0x32/0x40
[   71.946102][    C1]  tcp_event_data_recv+0x63b/0x990
[   71.951407][    C1]  tcp_rcv_established+0xbfe/0xf50
[   71.963701][    C1]  ? ipv4_dst_check+0xc6/0xf0
[   71.968380][    C1]  tcp_v4_do_rcv+0x381/0x4e0
[   71.972964][    C1]  __release_sock+0x135/0x1e0
[   71.977631][    C1]  release_sock+0x61/0x160
[   71.982037][    C1]  tcp_recvmsg+0x63b/0x1a30
[   71.986525][    C1]  inet_recvmsg+0xbb/0x250
[   71.991393][    C1]  ? __tsan_read8+0x2c/0x30
[   71.995873][    C1]  ? inet_sendpage+0x100/0x100
[   72.000626][    C1]  sock_recvmsg+0x92/0xb0
[   72.004941][    C1]  sock_read_iter+0x15f/0x1e0
[   72.009613][    C1]  new_sync_read+0x389/0x4f0
[   72.014186][    C1]  __vfs_read+0xb1/0xc0
[   72.018321][    C1]  vfs_read+0x143/0x2c0
[   72.022472][    C1]  ksys_read+0xd5/0x1b0
[   72.026702][    C1]  __x64_sys_read+0x4c/0x60
[   72.031186][    C1]  do_syscall_64+0xcc/0x370
[   72.035667][    C1]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   72.041550][    C1] RIP: 0033:0x47c530
[   72.045435][    C1] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30
[   72.067022][    C1] RSP: 002b:000000c4202e9810 EFLAGS: 00000202 ORIG_RAX: 0000000000000000
[   72.075421][    C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000047c530
[   72.083468][    C1] RDX: 0000000000001000 RSI: 000000c420318000 RDI: 0000000000000003
[   72.093006][    C1] RBP: 000000c4202e9868 R08: 0000000000000000 R09: 0000000000000000
[   72.101218][    C1] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000003
[   72.109352][    C1] R13: 000000c421cc8dd0 R14: 0000000000000002 R15: ffffffffffffffff
[   72.119110][    C1] Kernel Offset: disabled
[   72.123459][    C1] Rebooting in 86400 seconds..