[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 35.440963][ T25] audit: type=1800 audit(1571711132.919:25): pid=6929 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2447 res=0 [ 35.513671][ T25] audit: type=1800 audit(1571711132.919:26): pid=6929 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2490 res=0 [ 35.533918][ T25] audit: type=1800 audit(1571711132.919:27): pid=6929 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2469 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.15' (ECDSA) to the list of known hosts. 2019/10/22 02:25:40 fuzzer started 2019/10/22 02:25:41 dialing manager at 10.128.0.105:37053 2019/10/22 02:25:41 syscalls: 2524 2019/10/22 02:25:41 code coverage: enabled 2019/10/22 02:25:41 comparison tracing: enabled 2019/10/22 02:25:41 extra coverage: extra coverage is not supported by the kernel 2019/10/22 02:25:41 setuid sandbox: enabled 2019/10/22 02:25:41 namespace sandbox: enabled 2019/10/22 02:25:41 Android sandbox: /sys/fs/selinux/policy does not exist 2019/10/22 02:25:41 fault injection: enabled 2019/10/22 02:25:41 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/10/22 02:25:41 net packet injection: enabled 2019/10/22 02:25:41 net device setup: enabled 2019/10/22 02:25:41 concurrency sanitizer: enabled syzkaller login: [ 44.480092][ T7082] ================================================================== [ 44.488205][ T7082] BUG: KCSAN: data-race in tcp_poll / tcp_queue_rcv [ 44.494799][ T7082] [ 44.497140][ T7082] write to 0xffff8881293f05f8 of 4 bytes by interrupt on cpu 0: [ 44.504745][ T7082] tcp_queue_rcv+0xe9/0x380 [ 44.509223][ T7082] tcp_rcv_established+0xbf1/0xf50 [ 44.514308][ T7082] tcp_v4_do_rcv+0x381/0x4e0 [ 44.518885][ T7082] tcp_v4_rcv+0x19dc/0x1bb0 [ 44.523362][ T7082] ip_protocol_deliver_rcu+0x4d/0x420 [ 44.528708][ T7082] ip_local_deliver_finish+0x110/0x140 [ 44.534137][ T7082] ip_local_deliver+0x133/0x210 [ 44.538959][ T7082] ip_rcv_finish+0x121/0x160 [ 44.543558][ T7082] ip_rcv+0x18f/0x1a0 [ 44.547519][ T7082] __netif_receive_skb_one_core+0xa7/0xe0 [ 44.553214][ T7082] __netif_receive_skb+0x37/0xf0 [ 44.558128][ T7082] netif_receive_skb_internal+0x59/0x190 [ 44.563745][ T7082] napi_gro_receive+0x28f/0x330 [ 44.568579][ T7082] receive_buf+0x284/0x30b0 [ 44.573160][ T7082] [ 44.575466][ T7082] read to 0xffff8881293f05f8 of 4 bytes by task 7082 on cpu 1: [ 44.583004][ T7082] tcp_poll+0x204/0x6b0 [ 44.587134][ T7082] sock_poll+0xed/0x250 [ 44.591379][ T7082] ep_item_poll.isra.0+0x90/0x190 [ 44.596375][ T7082] ep_send_events_proc+0x113/0x590 [ 44.601463][ T7082] ep_scan_ready_list.constprop.0+0x189/0x500 [ 44.607513][ T7082] ep_poll+0xe3/0x900 [ 44.611471][ T7082] do_epoll_wait+0x162/0x180 [ 44.616045][ T7082] __x64_sys_epoll_pwait+0xcd/0x180 [ 44.621220][ T7082] do_syscall_64+0xcc/0x370 [ 44.625698][ T7082] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 44.631558][ T7082] [ 44.633863][ T7082] Reported by Kernel Concurrency Sanitizer on: [ 44.639992][ T7082] CPU: 1 PID: 7082 Comm: syz-fuzzer Not tainted 5.4.0-rc3+ #0 [ 44.647553][ T7082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 44.657591][ T7082] ================================================================== [ 44.665678][ T7082] Kernel panic - not syncing: panic_on_warn set ... [ 44.672243][ T7082] CPU: 1 PID: 7082 Comm: syz-fuzzer Not tainted 5.4.0-rc3+ #0 [ 44.679667][ T7082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 44.689710][ T7082] Call Trace: [ 44.692982][ T7082] dump_stack+0xf5/0x159 [ 44.697249][ T7082] panic+0x210/0x640 [ 44.701160][ T7082] ? do_syscall_64+0xcc/0x370 [ 44.705814][ T7082] ? vprintk_func+0x8d/0x140 [ 44.710381][ T7082] kcsan_report.cold+0xc/0x10 [ 44.715051][ T7082] __kcsan_setup_watchpoint+0x32e/0x4a0 [ 44.720577][ T7082] __tsan_read4+0x2c/0x30 [ 44.724938][ T7082] tcp_poll+0x204/0x6b0 [ 44.729081][ T7082] ? tcp_alloc_md5sig_pool+0x320/0x320 [ 44.734519][ T7082] sock_poll+0xed/0x250 [ 44.738703][ T7082] ? sock_read_iter+0x1e0/0x1e0 [ 44.743535][ T7082] ep_item_poll.isra.0+0x90/0x190 [ 44.748573][ T7082] ep_send_events_proc+0x113/0x590 [ 44.753697][ T7082] ? __schedule+0x319/0x640 [ 44.758175][ T7082] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 44.763789][ T7082] ep_scan_ready_list.constprop.0+0x189/0x500 [ 44.769833][ T7082] ? ep_loop_check_proc+0x2f0/0x2f0 [ 44.775008][ T7082] ep_poll+0xe3/0x900 [ 44.778969][ T7082] ? wake_up_q+0x70/0x70 [ 44.783192][ T7082] do_epoll_wait+0x162/0x180 [ 44.787759][ T7082] __x64_sys_epoll_pwait+0xcd/0x180 [ 44.792935][ T7082] do_syscall_64+0xcc/0x370 [ 44.797424][ T7082] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 44.803288][ T7082] RIP: 0033:0x45b300 [ 44.807163][ T7082] Code: 0f 05 89 44 24 20 c3 cc cc cc 8b 7c 24 08 48 8b 74 24 10 8b 54 24 18 44 8b 54 24 1c 49 c7 c0 00 00 00 00 b8 19 01 00 00 0f 05 <89> 44 24 20 c3 cc cc cc cc cc cc cc cc cc cc cc 8b 7c 24 08 48 c7 [ 44.826740][ T7082] RSP: 002b:00007ffde78849a0 EFLAGS: 00000246 ORIG_RAX: 0000000000000119 [ 44.835124][ T7082] RAX: ffffffffffffffda RBX: 00000000ffffffff RCX: 000000000045b300 [ 44.843069][ T7082] RDX: 0000000000000080 RSI: 00007ffde78849e0 RDI: 0000000000000004 [ 44.851016][ T7082] RBP: 00007ffde7884fe0 R08: 0000000000000000 R09: 0000000000000000 [ 44.858961][ T7082] R10: 00000000ffffffff R11: 0000000000000246 R12: 0000000000000004 [ 44.866909][ T7082] R13: ffffffffffffffff R14: 0000000000000002 R15: ffffffffffffffff [ 44.875604][ T7082] Kernel Offset: disabled [ 44.879927][ T7082] Rebooting in 86400 seconds..