[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 36.029613][ T25] audit: type=1800 audit(1571883329.902:25): pid=7022 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2447 res=0 [ 36.074765][ T25] audit: type=1800 audit(1571883329.902:26): pid=7022 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2490 res=0 [ 36.095686][ T25] audit: type=1800 audit(1571883329.902:27): pid=7022 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2469 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.78' (ECDSA) to the list of known hosts. 2019/10/24 02:15:41 fuzzer started 2019/10/24 02:15:43 dialing manager at 10.128.0.105:40369 2019/10/24 02:15:43 syscalls: 2524 2019/10/24 02:15:43 code coverage: enabled 2019/10/24 02:15:43 comparison tracing: enabled 2019/10/24 02:15:43 extra coverage: extra coverage is not supported by the kernel 2019/10/24 02:15:43 setuid sandbox: enabled 2019/10/24 02:15:43 namespace sandbox: enabled 2019/10/24 02:15:43 Android sandbox: /sys/fs/selinux/policy does not exist 2019/10/24 02:15:43 fault injection: enabled 2019/10/24 02:15:43 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/10/24 02:15:43 net packet injection: enabled 2019/10/24 02:15:43 net device setup: enabled 2019/10/24 02:15:43 concurrency sanitizer: enabled syzkaller login: [ 49.414981][ T7170] ================================================================== [ 49.423131][ T7170] BUG: KCSAN: data-race in tcp_ack / tcp_poll [ 49.429181][ T7170] [ 49.431501][ T7170] write to 0xffff888122d48a48 of 4 bytes by interrupt on cpu 1: [ 49.439114][ T7170] tcp_ack+0xf2c/0x3170 [ 49.443266][ T7170] tcp_rcv_established+0x37e/0xf50 [ 49.448364][ T7170] tcp_v4_do_rcv+0x381/0x4e0 [ 49.452943][ T7170] tcp_v4_rcv+0x19dc/0x1bb0 [ 49.457435][ T7170] ip_protocol_deliver_rcu+0x4d/0x420 [ 49.462790][ T7170] ip_local_deliver_finish+0x110/0x140 [ 49.468232][ T7170] ip_local_deliver+0x133/0x210 [ 49.473067][ T7170] ip_rcv_finish+0x121/0x160 [ 49.477643][ T7170] ip_rcv+0x18f/0x1a0 [ 49.481642][ T7170] __netif_receive_skb_one_core+0xa7/0xe0 [ 49.487355][ T7170] __netif_receive_skb+0x37/0xf0 [ 49.492285][ T7170] netif_receive_skb_internal+0x59/0x190 [ 49.497910][ T7170] napi_gro_receive+0x28f/0x330 [ 49.502764][ T7170] receive_buf+0x284/0x30b0 [ 49.507247][ T7170] [ 49.509565][ T7170] read to 0xffff888122d48a48 of 4 bytes by task 7170 on cpu 0: [ 49.517113][ T7170] tcp_poll+0x422/0x6b0 [ 49.521349][ T7170] sock_poll+0xed/0x250 [ 49.525493][ T7170] do_select+0x7d0/0x1020 [ 49.529812][ T7170] core_sys_select+0x381/0x550 [ 49.534560][ T7170] kern_select+0x106/0x170 [ 49.538965][ T7170] __x64_sys_select+0x70/0x90 [ 49.543630][ T7170] do_syscall_64+0xcc/0x370 [ 49.548122][ T7170] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 49.554009][ T7170] [ 49.556322][ T7170] Reported by Kernel Concurrency Sanitizer on: [ 49.562460][ T7170] CPU: 0 PID: 7170 Comm: sshd Not tainted 5.4.0-rc3+ #0 [ 49.569374][ T7170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 49.579427][ T7170] ================================================================== [ 49.587469][ T7170] Kernel panic - not syncing: panic_on_warn set ... [ 49.594041][ T7170] CPU: 0 PID: 7170 Comm: sshd Not tainted 5.4.0-rc3+ #0 [ 49.600957][ T7170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 49.610994][ T7170] Call Trace: [ 49.614278][ T7170] dump_stack+0xf5/0x159 [ 49.618514][ T7170] panic+0x210/0x640 [ 49.622415][ T7170] ? vprintk_func+0x8d/0x140 [ 49.626998][ T7170] kcsan_report.cold+0xc/0x10 [ 49.631663][ T7170] __kcsan_setup_watchpoint+0x32e/0x4a0 [ 49.637200][ T7170] __tsan_read4+0x2c/0x30 [ 49.641518][ T7170] tcp_poll+0x422/0x6b0 [ 49.645663][ T7170] ? tcp_alloc_md5sig_pool+0x320/0x320 [ 49.651111][ T7170] sock_poll+0xed/0x250 [ 49.655258][ T7170] ? sock_read_iter+0x1e0/0x1e0 [ 49.660094][ T7170] do_select+0x7d0/0x1020 [ 49.664422][ T7170] ? poll_initwait+0xa0/0xa0 [ 49.669001][ T7170] ? poll_select_finish+0x440/0x440 [ 49.674184][ T7170] ? tcp_push+0x1f3/0x3d0 [ 49.678506][ T7170] ? sock_zerocopy_put+0x78/0x90 [ 49.683433][ T7170] ? tcp_sendmsg_locked+0xbe4/0x1f30 [ 49.688707][ T7170] ? ipv4_dst_check+0xc6/0xf0 [ 49.693377][ T7170] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 49.698998][ T7170] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 49.704619][ T7170] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 49.710859][ T7170] ? __this_cpu_preempt_check+0x4a/0x170 [ 49.716478][ T7170] ? __local_bh_enable_ip+0x32/0x80 [ 49.721665][ T7170] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 49.727280][ T7170] ? _raw_spin_unlock_bh+0x44/0x50 [ 49.732381][ T7170] ? __tsan_read8+0x2c/0x30 [ 49.736870][ T7170] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 49.742494][ T7170] ? check_stack_object+0xda/0x110 [ 49.747613][ T7170] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 49.753230][ T7170] ? __tsan_read8+0x2c/0x30 [ 49.757729][ T7170] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 49.763961][ T7170] core_sys_select+0x381/0x550 [ 49.768720][ T7170] ? __kcsan_setup_watchpoint+0x6b/0x4a0 [ 49.774349][ T7170] ? __tsan_read8+0x2c/0x30 [ 49.778850][ T7170] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 49.784748][ T7170] ? __tsan_write8+0x32/0x40 [ 49.789328][ T7170] ? ktime_get_ts64+0x286/0x2c0 [ 49.794171][ T7170] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 49.799884][ T7170] ? timespec64_add_safe+0xae/0xd0 [ 49.804995][ T7170] kern_select+0x106/0x170 [ 49.809404][ T7170] __x64_sys_select+0x70/0x90 [ 49.814072][ T7170] do_syscall_64+0xcc/0x370 [ 49.818566][ T7170] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 49.824529][ T7170] RIP: 0033:0x7fa2e4935dd3 [ 49.828940][ T7170] Code: 48 29 c2 64 89 11 48 83 c8 ff eb ea 90 90 90 90 90 90 90 90 90 90 90 83 3d 25 48 2b 00 00 75 13 49 89 ca b8 17 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 34 c3 48 83 ec 08 e8 ab 2f 01 00 48 89 04 24 [ 49.848529][ T7170] RSP: 002b:00007fff77562298 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 49.856927][ T7170] RAX: ffffffffffffffda RBX: 00007fff77562320 RCX: 00007fa2e4935dd3 [ 49.864886][ T7170] RDX: 00005562293d6b20 RSI: 00005562293d6b40 RDI: 000000000000000c [ 49.872846][ T7170] RBP: 0000556228ec98dc R08: 00007fff775622c0 R09: 0101010101010101 [ 49.880822][ T7170] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff77562328 [ 49.888784][ T7170] R13: 0000000000000000 R14: 00007fff77562318 R15: 00007fff7756231c [ 49.897925][ T7170] Kernel Offset: disabled [ 49.902243][ T7170] Rebooting in 86400 seconds..