[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 38.766568][ T26] audit: type=1800 audit(1572426591.057:25): pid=7034 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2447 res=0 [ 38.793564][ T26] audit: type=1800 audit(1572426591.067:26): pid=7034 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2490 res=0 [ 38.820452][ T26] audit: type=1800 audit(1572426591.067:27): pid=7034 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2469 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.179' (ECDSA) to the list of known hosts. 2019/10/30 09:09:59 fuzzer started 2019/10/30 09:10:01 dialing manager at 10.128.0.105:40771 2019/10/30 09:10:01 syscalls: 2540 2019/10/30 09:10:01 code coverage: enabled syzkaller login: [ 49.625467][ T7185] ================================================================== [ 49.633596][ T7185] BUG: KCSAN: data-race in tcp_ack / tcp_poll [ 49.639644][ T7185] [ 49.641961][ T7185] write to 0xffff8881216be188 of 4 bytes by interrupt on cpu 1: [ 49.649598][ T7185] tcp_ack+0xf2c/0x3170 [ 49.653745][ T7185] tcp_rcv_established+0xd3d/0xf50 [ 49.658861][ T7185] tcp_v4_do_rcv+0x381/0x4e0 [ 49.663443][ T7185] tcp_v4_rcv+0x19dc/0x1bb0 [ 49.667934][ T7185] ip_protocol_deliver_rcu+0x4d/0x420 [ 49.673290][ T7185] ip_local_deliver_finish+0x110/0x140 [ 49.678737][ T7185] ip_local_deliver+0x133/0x210 [ 49.683575][ T7185] ip_rcv_finish+0x121/0x160 [ 49.688148][ T7185] ip_rcv+0x18f/0x1a0 [ 49.693611][ T7185] __netif_receive_skb_one_core+0xa7/0xe0 [ 49.699323][ T7185] __netif_receive_skb+0x37/0xf0 [ 49.704251][ T7185] netif_receive_skb_internal+0x59/0x190 [ 49.709881][ T7185] napi_gro_receive+0x28f/0x330 [ 49.714717][ T7185] receive_buf+0x284/0x30b0 [ 49.719195][ T7185] [ 49.721517][ T7185] read to 0xffff8881216be188 of 4 bytes by task 7185 on cpu 0: [ 49.729050][ T7185] tcp_poll+0x422/0x6b0 [ 49.733195][ T7185] sock_poll+0xed/0x250 [ 49.737341][ T7185] do_select+0x7d0/0x1020 [ 49.741690][ T7185] core_sys_select+0x381/0x550 [ 49.746457][ T7185] kern_select+0x106/0x170 [ 49.750867][ T7185] __x64_sys_select+0x70/0x90 [ 49.755543][ T7185] do_syscall_64+0xcc/0x370 [ 49.760033][ T7185] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 49.765910][ T7185] [ 49.768225][ T7185] Reported by Kernel Concurrency Sanitizer on: [ 49.774371][ T7185] CPU: 0 PID: 7185 Comm: sshd Not tainted 5.4.0-rc3+ #0 [ 49.781294][ T7185] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 49.791337][ T7185] ================================================================== [ 49.799384][ T7185] Kernel panic - not syncing: panic_on_warn set ... [ 49.805974][ T7185] CPU: 0 PID: 7185 Comm: sshd Not tainted 5.4.0-rc3+ #0 [ 49.812891][ T7185] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 49.822944][ T7185] Call Trace: [ 49.826695][ T7185] dump_stack+0xf5/0x159 [ 49.831047][ T7185] panic+0x210/0x640 [ 49.834942][ T7185] ? vprintk_func+0x8d/0x140 [ 49.839528][ T7185] kcsan_report.cold+0xc/0x10 [ 49.844217][ T7185] __kcsan_setup_watchpoint+0x32e/0x4a0 [ 49.849759][ T7185] __tsan_read4+0x2c/0x30 [ 49.854082][ T7185] tcp_poll+0x422/0x6b0 [ 49.858237][ T7185] ? tcp_alloc_md5sig_pool+0x320/0x320 [ 49.863920][ T7185] sock_poll+0xed/0x250 [ 49.868091][ T7185] ? sock_read_iter+0x1e0/0x1e0 [ 49.872943][ T7185] do_select+0x7d0/0x1020 [ 49.877283][ T7185] ? poll_initwait+0xa0/0xa0 [ 49.881885][ T7185] ? poll_select_finish+0x440/0x440 [ 49.887073][ T7185] ? poll_select_finish+0x440/0x440 [ 49.892264][ T7185] ? poll_select_finish+0x440/0x440 [ 49.897455][ T7185] ? poll_select_finish+0x440/0x440 [ 49.903008][ T7185] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 49.908632][ T7185] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 49.914259][ T7185] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 49.920142][ T7185] ? __tsan_read8+0x2c/0x30 [ 49.924642][ T7185] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 49.930878][ T7185] ? timestamp_truncate+0x11b/0x160 [ 49.936069][ T7185] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 49.941693][ T7185] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 49.947317][ T7185] ? __tsan_read8+0x2c/0x30 [ 49.951829][ T7185] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 49.957818][ T7185] ? check_stack_object+0xda/0x110 [ 49.962930][ T7185] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 49.968560][ T7185] ? __tsan_read8+0x2c/0x30 [ 49.973054][ T7185] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 49.979286][ T7185] core_sys_select+0x381/0x550 [ 49.984053][ T7185] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 49.989673][ T7185] ? __tsan_read8+0x2c/0x30 [ 49.994167][ T7185] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 50.000056][ T7185] ? __tsan_write8+0x32/0x40 [ 50.004646][ T7185] ? ktime_get_ts64+0x286/0x2c0 [ 50.009495][ T7185] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 50.015207][ T7185] ? timespec64_add_safe+0xae/0xd0 [ 50.020315][ T7185] kern_select+0x106/0x170 [ 50.024735][ T7185] __x64_sys_select+0x70/0x90 [ 50.029410][ T7185] do_syscall_64+0xcc/0x370 [ 50.033906][ T7185] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 50.039787][ T7185] RIP: 0033:0x7ff2012d2dd3 [ 50.044194][ T7185] Code: 48 29 c2 64 89 11 48 83 c8 ff eb ea 90 90 90 90 90 90 90 90 90 90 90 83 3d 25 48 2b 00 00 75 13 49 89 ca b8 17 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 34 c3 48 83 ec 08 e8 ab 2f 01 00 48 89 04 24 [ 50.063968][ T7185] RSP: 002b:00007fff6f929de8 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 50.072373][ T7185] RAX: ffffffffffffffda RBX: 00007fff6f929e70 RCX: 00007ff2012d2dd3 [ 50.080341][ T7185] RDX: 000055cdc7233b20 RSI: 000055cdc7233b40 RDI: 000000000000000c [ 50.088300][ T7185] RBP: 000055cdc5d248dc R08: 00007fff6f929e10 R09: 0101010101010101 [ 50.096261][ T7185] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff6f929e78 [ 50.105629][ T7185] R13: 0000000000000000 R14: 00007fff6f929e68 R15: 00007fff6f929e6c [ 50.115069][ T7185] Kernel Offset: disabled [ 50.119386][ T7185] Rebooting in 86400 seconds..