[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 35.528553][ T25] audit: type=1800 audit(1571795197.495:25): pid=7052 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2447 res=0 [ 35.560921][ T25] audit: type=1800 audit(1571795197.505:26): pid=7052 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2490 res=0 [ 35.588126][ T25] audit: type=1800 audit(1571795197.505:27): pid=7052 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2469 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.174' (ECDSA) to the list of known hosts. 2019/10/23 01:46:48 fuzzer started 2019/10/23 01:46:49 dialing manager at 10.128.0.105:33369 2019/10/23 01:46:49 syscalls: 2524 2019/10/23 01:46:49 code coverage: enabled 2019/10/23 01:46:49 comparison tracing: enabled 2019/10/23 01:46:49 extra coverage: extra coverage is not supported by the kernel 2019/10/23 01:46:49 setuid sandbox: enabled 2019/10/23 01:46:49 namespace sandbox: enabled 2019/10/23 01:46:49 Android sandbox: /sys/fs/selinux/policy does not exist 2019/10/23 01:46:49 fault injection: enabled 2019/10/23 01:46:49 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/10/23 01:46:49 net packet injection: enabled 2019/10/23 01:46:49 net device setup: enabled 2019/10/23 01:46:49 concurrency sanitizer: enabled syzkaller login: [ 48.016148][ T7222] ================================================================== [ 48.024276][ T7222] BUG: KCSAN: data-race in tcp_poll / tcp_queue_rcv [ 48.030849][ T7222] [ 48.033181][ T7222] write to 0xffff8881210dce78 of 4 bytes by interrupt on cpu 1: [ 48.040890][ T7222] tcp_queue_rcv+0xe9/0x380 [ 48.045382][ T7222] tcp_rcv_established+0xbf1/0xf50 [ 48.050470][ T7222] tcp_v4_do_rcv+0x381/0x4e0 [ 48.055035][ T7222] tcp_v4_rcv+0x19dc/0x1bb0 [ 48.059513][ T7222] ip_protocol_deliver_rcu+0x4d/0x420 [ 48.064870][ T7222] ip_local_deliver_finish+0x110/0x140 [ 48.070322][ T7222] ip_local_deliver+0x133/0x210 [ 48.075162][ T7222] ip_rcv_finish+0x121/0x160 [ 48.079740][ T7222] ip_rcv+0x18f/0x1a0 [ 48.083711][ T7222] __netif_receive_skb_one_core+0xa7/0xe0 [ 48.089404][ T7222] __netif_receive_skb+0x37/0xf0 [ 48.094317][ T7222] netif_receive_skb_internal+0x59/0x190 [ 48.099924][ T7222] napi_gro_receive+0x28f/0x330 [ 48.104750][ T7222] receive_buf+0x284/0x30b0 [ 48.109231][ T7222] [ 48.111584][ T7222] read to 0xffff8881210dce78 of 4 bytes by task 7222 on cpu 0: [ 48.119101][ T7222] tcp_poll+0x204/0x6b0 [ 48.123235][ T7222] sock_poll+0xed/0x250 [ 48.127368][ T7222] ep_item_poll.isra.0+0x90/0x190 [ 48.132367][ T7222] ep_send_events_proc+0x113/0x590 [ 48.137456][ T7222] ep_scan_ready_list.constprop.0+0x189/0x500 [ 48.143498][ T7222] ep_poll+0xe3/0x900 [ 48.147459][ T7222] do_epoll_wait+0x162/0x180 [ 48.152027][ T7222] __x64_sys_epoll_pwait+0xcd/0x180 [ 48.157221][ T7222] do_syscall_64+0xcc/0x370 [ 48.161705][ T7222] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 48.167567][ T7222] [ 48.169869][ T7222] Reported by Kernel Concurrency Sanitizer on: [ 48.175998][ T7222] CPU: 0 PID: 7222 Comm: syz-fuzzer Not tainted 5.4.0-rc3+ #0 [ 48.183426][ T7222] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 48.193454][ T7222] ================================================================== [ 48.201491][ T7222] Kernel panic - not syncing: panic_on_warn set ... [ 48.208055][ T7222] CPU: 0 PID: 7222 Comm: syz-fuzzer Not tainted 5.4.0-rc3+ #0 [ 48.215493][ T7222] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 48.225521][ T7222] Call Trace: [ 48.228789][ T7222] dump_stack+0xf5/0x159 [ 48.233012][ T7222] panic+0x210/0x640 [ 48.236887][ T7222] ? do_syscall_64+0xcc/0x370 [ 48.241543][ T7222] ? vprintk_func+0x8d/0x140 [ 48.246119][ T7222] kcsan_report.cold+0xc/0x10 [ 48.250778][ T7222] __kcsan_setup_watchpoint+0x32e/0x4a0 [ 48.256300][ T7222] __tsan_read4+0x2c/0x30 [ 48.260620][ T7222] tcp_poll+0x204/0x6b0 [ 48.264754][ T7222] ? tcp_alloc_md5sig_pool+0x320/0x320 [ 48.270191][ T7222] sock_poll+0xed/0x250 [ 48.274325][ T7222] ? sock_read_iter+0x1e0/0x1e0 [ 48.279160][ T7222] ep_item_poll.isra.0+0x90/0x190 [ 48.284165][ T7222] ep_send_events_proc+0x113/0x590 [ 48.289259][ T7222] ? __schedule+0x319/0x640 [ 48.293739][ T7222] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 48.299352][ T7222] ep_scan_ready_list.constprop.0+0x189/0x500 [ 48.305396][ T7222] ? ep_loop_check_proc+0x2f0/0x2f0 [ 48.310572][ T7222] ep_poll+0xe3/0x900 [ 48.314533][ T7222] ? wake_up_q+0x70/0x70 [ 48.318754][ T7222] do_epoll_wait+0x162/0x180 [ 48.323323][ T7222] __x64_sys_epoll_pwait+0xcd/0x180 [ 48.328514][ T7222] do_syscall_64+0xcc/0x370 [ 48.332995][ T7222] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 48.338859][ T7222] RIP: 0033:0x45b300 [ 48.342735][ T7222] Code: 0f 05 89 44 24 20 c3 cc cc cc 8b 7c 24 08 48 8b 74 24 10 8b 54 24 18 44 8b 54 24 1c 49 c7 c0 00 00 00 00 b8 19 01 00 00 0f 05 <89> 44 24 20 c3 cc cc cc cc cc cc cc cc cc cc cc 8b 7c 24 08 48 c7 [ 48.362318][ T7222] RSP: 002b:000000c4202f9860 EFLAGS: 00000246 ORIG_RAX: 0000000000000119 [ 48.370702][ T7222] RAX: ffffffffffffffda RBX: 00000000ffffffff RCX: 000000000045b300 [ 48.378650][ T7222] RDX: 0000000000000080 RSI: 000000c4202f98a0 RDI: 0000000000000004 [ 48.386597][ T7222] RBP: 000000c4202f9ea0 R08: 0000000000000000 R09: 0000000000000000 [ 48.394548][ T7222] R10: 00000000ffffffff R11: 0000000000000246 R12: 0000000000000008 [ 48.402506][ T7222] R13: ffffffffffffffff R14: 0000000000000002 R15: ffffffffffffffff [ 48.411897][ T7222] Kernel Offset: disabled [ 48.416217][ T7222] Rebooting in 86400 seconds..