[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 35.668829][ T26] audit: type=1800 audit(1572315988.383:25): pid=7133 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2447 res=0 [ 35.704756][ T26] audit: type=1800 audit(1572315988.383:26): pid=7133 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2490 res=0 [ 35.725881][ T26] audit: type=1800 audit(1572315988.383:27): pid=7133 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2469 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.78' (ECDSA) to the list of known hosts. 2019/10/29 02:26:40 fuzzer started 2019/10/29 02:26:42 dialing manager at 10.128.0.105:45117 2019/10/29 02:26:42 syscalls: 2540 2019/10/29 02:26:42 code coverage: enabled 2019/10/29 02:26:42 comparison tracing: enabled 2019/10/29 02:26:42 extra coverage: extra coverage is not supported by the kernel 2019/10/29 02:26:42 setuid sandbox: enabled 2019/10/29 02:26:42 namespace sandbox: enabled 2019/10/29 02:26:42 Android sandbox: /sys/fs/selinux/policy does not exist 2019/10/29 02:26:42 fault injection: enabled 2019/10/29 02:26:42 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/10/29 02:26:42 net packet injection: enabled 2019/10/29 02:26:42 net device setup: enabled 2019/10/29 02:26:42 concurrency sanitizer: enabled syzkaller login: [ 62.993451][ T7305] KCSAN: could not find function: 'poll_schedule_timeout' 2019/10/29 02:27:06 adding functions to KCSAN blacklist: 'tick_sched_do_timer' 'd_shrink_add' '__snd_rawmidi_transmit_ack' 'kcm_rfree' 'add_timer' 'ipip_tunnel_xmit' 'rcu_gp_fqs_loop' '__tcp_select_window' 'task_dump_owner' 'do_nanosleep' 'tcp_poll' 'blk_mq_get_request' 'pipe_wait' '__nf_conntrack_find_get' 'tomoyo_supervisor' 'mm_update_next_owner' 'dd_has_work' 'list_lru_count_one' 'kvm_arch_vcpu_load' 'timer_clear_idle' 'futex_wait_queue_me' 'ktime_get_seconds' 'dput' 'ktime_get_real_seconds' 'ext4_free_inodes_count' 'tick_nohz_idle_stop_tick' 'n_tty_receive_buf_common' 'snd_seq_check_queue' 'pipe_poll' 'vti_tunnel_xmit' 'enqueue_timer' 'rcu_gp_fqs_check_wake' 'xas_clear_mark' 'wbc_detach_inode' 'wbt_issue' 'copy_process' 'tick_do_update_jiffies64' 'sit_tunnel_xmit' 'fsnotify' '__skb_recv_udp' 'find_next_bit' 'shmem_getpage_gfp' '__dev_queue_xmit' 'ext4_nonda_switch' 'wbt_done' 'virtqueue_disable_cb' 'p9_poll_workfn' 'osq_lock' 'ext4_mb_good_group' 'lookup_fast' 'echo_char' 'poll_schedule_timeout' 'generic_write_end' 'find_get_pages_range_tag' 'ext4_mark_iloc_dirty' 'generic_fillattr' 'inet_putpeer' 'tcp_chrono_stop' 'blk_mq_sched_dispatch_requests' 'wbt_wait' 'xas_find_marked' 'sk_stream_wait_memory' 'do_readlinkat' 'tcp_event_new_data_sent' '__alloc_file' 'install_new_memslots' 'tcp_add_backlog' 'run_timer_softirq' 'mod_timer' 'generic_permission' 'vm_area_dup' 'queue_access_lock' 'unix_release_sock' '__hrtimer_run_queues' 'ep_poll' 'ext4_free_inode' '__splice_from_pipe' 'taskstats_exit' 'update_defense_level' 'process_srcu' 'get_wchan' 'inactive_list_is_low' 'pid_update_inode' 'do_syslog' 'pcpu_alloc' 'ip_finish_output2' 'handle_mm_fault' 'batadv_tt_local_add' '__ext4_new_inode' 'do_exit' 'ext4_has_free_clusters' 'do_wait' 'alloc_pid' 'add_timer_on' 'mem_cgroup_select_victim_node' '__nf_ct_refresh_acct' 'blk_mq_dispatch_rq_list' 'blk_mq_run_hw_queue' 'shmem_file_read_iter' 'snd_ctl_notify' '__add_to_page_cache_locked' [ 241.854960][ C1] ================================================================== [ 241.863111][ C1] BUG: KCSAN: data-race in ktime_get_with_offset / timekeeping_advance [ 241.871413][ C1] [ 241.873823][ C1] write to 0xffffffff86040b08 of 280 bytes by interrupt on cpu 0: [ 241.881615][ C1] timekeeping_advance+0x893/0xd80 [ 241.886716][ C1] update_wall_time+0x19/0x20 [ 241.891388][ C1] tick_do_update_jiffies64+0x1ae/0x260 [ 241.897005][ C1] tick_sched_do_timer+0xd4/0xe0 [ 241.901931][ C1] tick_sched_timer+0x43/0xe0 [ 241.906601][ C1] __hrtimer_run_queues+0x288/0x600 [ 241.911785][ C1] hrtimer_interrupt+0x22a/0x480 [ 241.916716][ C1] smp_apic_timer_interrupt+0xdc/0x280 [ 241.922167][ C1] apic_timer_interrupt+0xf/0x20 [ 241.927091][ C1] __kcsan_setup_watchpoint+0x268/0x4a0 [ 241.932625][ C1] __tsan_read4+0x2c/0x30 [ 241.936932][ C1] ipt_do_table+0x92b/0xe60 [ 241.941454][ C1] iptable_raw_hook+0x4a/0x60 [ 241.946119][ C1] nf_hook_slow+0x83/0x160 [ 241.950517][ C1] [ 241.952837][ C1] read to 0xffffffff86040b18 of 8 bytes by interrupt on cpu 1: [ 241.960372][ C1] ktime_get_with_offset+0xe7/0x230 [ 241.965548][ C1] netif_receive_skb_internal+0x13e/0x190 [ 241.971252][ C1] napi_gro_receive+0x28f/0x330 [ 241.976080][ C1] receive_buf+0x284/0x30b0 [ 241.980584][ C1] virtnet_poll+0x436/0x7d0 [ 241.985068][ C1] net_rx_action+0x3ae/0xa90 [ 241.989636][ C1] __do_softirq+0x115/0x33f [ 241.994113][ C1] irq_exit+0xbb/0xe0 [ 241.998071][ C1] do_IRQ+0xa6/0x180 [ 242.001941][ C1] ret_from_intr+0x0/0x19 [ 242.006247][ C1] __kcsan_setup_watchpoint+0x6/0x4a0 [ 242.011593][ C1] __tsan_read4+0x2c/0x30 [ 242.016012][ C1] smpboot_thread_fn+0x13c/0x4a0 [ 242.020932][ C1] [ 242.023234][ C1] Reported by Kernel Concurrency Sanitizer on: [ 242.029364][ C1] CPU: 1 PID: 16 Comm: ksoftirqd/1 Not tainted 5.4.0-rc3+ #0 [ 242.036705][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 242.046738][ C1] ================================================================== [ 242.054782][ C1] Kernel panic - not syncing: panic_on_warn set ... [ 242.061353][ C1] CPU: 1 PID: 16 Comm: ksoftirqd/1 Not tainted 5.4.0-rc3+ #0 [ 242.068707][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 242.078751][ C1] Call Trace: [ 242.082012][ C1] [ 242.084864][ C1] dump_stack+0xf5/0x159 [ 242.089085][ C1] panic+0x210/0x640 [ 242.092961][ C1] ? do_IRQ+0xa6/0x180 [ 242.097024][ C1] ? vprintk_func+0x8d/0x140 [ 242.101799][ C1] kcsan_report.cold+0xc/0x10 [ 242.106495][ C1] __kcsan_setup_watchpoint+0x32e/0x4a0 [ 242.112042][ C1] __tsan_read8+0x2c/0x30 [ 242.116358][ C1] ktime_get_with_offset+0xe7/0x230 [ 242.121560][ C1] netif_receive_skb_internal+0x13e/0x190 [ 242.127273][ C1] napi_gro_receive+0x28f/0x330 [ 242.132117][ C1] receive_buf+0x284/0x30b0 [ 242.136600][ C1] ? __tsan_write8+0x32/0x40 [ 242.141497][ C1] ? virtqueue_get_buf_ctx+0x4fd/0x5c0 [ 242.147006][ C1] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 242.153167][ C1] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 242.158814][ C1] virtnet_poll+0x436/0x7d0 [ 242.163471][ C1] net_rx_action+0x3ae/0xa90 [ 242.168078][ C1] __do_softirq+0x115/0x33f [ 242.172591][ C1] irq_exit+0xbb/0xe0 [ 242.176830][ C1] do_IRQ+0xa6/0x180 [ 242.181270][ C1] common_interrupt+0xf/0xf [ 242.185752][ C1] [ 242.188679][ C1] RIP: 0010:__kcsan_setup_watchpoint+0x6/0x4a0 [ 242.194849][ C1] Code: 4c 89 ef e8 8c 0e 00 00 66 90 31 c0 eb b6 c3 bf 04 00 00 00 41 bf 02 00 00 00 e8 45 0b 00 00 eb c5 0f 1f 00 55 48 89 e5 41 57 <41> 56 49 89 fe 41 55 41 54 49 89 f4 53 89 d3 48 83 ec 18 66 0f 1f [ 242.214628][ C1] RSP: 0018:ffffc90000cf3e98 EFLAGS: 00000246 ORIG_RAX: ffffffffffffffde [ 242.223022][ C1] RAX: 0000000000000001 RBX: ffff88812b3a7080 RCX: 0000000000000003 [ 242.231232][ C1] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff88812b3492a0 [ 242.239275][ C1] RBP: ffffc90000cf3ea0 R08: 0000000000000000 R09: 000088812b3492a3 [ 242.247249][ C1] R10: 00000000aaaaaaab R11: ffffffff86045c60 R12: ffff88812b3492a0 [ 242.255220][ C1] R13: ffffffff85a73880 R14: ffff88812b3a7090 R15: 0000000000000000 [ 242.263206][ C1] __tsan_read4+0x2c/0x30 [ 242.267521][ C1] smpboot_thread_fn+0x13c/0x4a0 [ 242.272614][ C1] kthread+0x1d4/0x200 [ 242.276666][ C1] ? constant_test_bit.constprop.0+0x30/0x30 [ 242.283661][ C1] ? kthread_stop+0x2d0/0x2d0 [ 242.288618][ C1] ret_from_fork+0x1f/0x30 [ 242.295035][ C1] Kernel Offset: disabled [ 242.299465][ C1] Rebooting in 86400 seconds..