[   42.604888][   T25] audit: type=1800 audit(1575374229.239:21): pid=7488 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="bootlogs" dev="sda1" ino=2452 res=0
[   42.653251][   T25] audit: type=1800 audit(1575374229.239:22): pid=7488 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="motd" dev="sda1" ino=2480 res=0
[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   44.177678][ T7555] sshd (7555) used greatest stack depth: 10128 bytes left
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.91' (ECDSA) to the list of known hosts.
2019/12/03 11:57:21 fuzzer started
2019/12/03 11:57:22 dialing manager at 10.128.0.105:39819
2019/12/03 11:57:23 syscalls: 2682
2019/12/03 11:57:23 code coverage: enabled
2019/12/03 11:57:23 comparison tracing: enabled
2019/12/03 11:57:23 extra coverage: extra coverage is not supported by the kernel
2019/12/03 11:57:23 setuid sandbox: enabled
2019/12/03 11:57:23 namespace sandbox: enabled
2019/12/03 11:57:23 Android sandbox: /sys/fs/selinux/policy does not exist
2019/12/03 11:57:23 fault injection: enabled
2019/12/03 11:57:23 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2019/12/03 11:57:23 net packet injection: enabled
2019/12/03 11:57:23 net device setup: enabled
2019/12/03 11:57:23 concurrency sanitizer: enabled
2019/12/03 11:57:23 devlink PCI setup: PCI device 0000:00:10.0 is not available
syzkaller login: [   68.849395][ T7654] KCSAN: could not find function: 'poll_schedule_timeout'
2019/12/03 11:57:40 adding functions to KCSAN blacklist: '__hrtimer_run_queues' 'rcu_gp_fqs_check_wake' 'sbitmap_queue_clear' 'emulator_read_write_onepage' 'skb_dequeue' 'fat12_ent_put' 'ipip_tunnel_xmit' 'ext4_mark_iloc_dirty' 'do_mpage_readpage' 'kauditd_thread' 'ktime_get_seconds' '__process_echoes' '__dev_queue_xmit' 'tick_sched_do_timer' 'find_get_pages_range_tag' 'lruvec_lru_size' 'xas_clear_mark' 'generic_write_end' 'wbt_issue' 'do_nanosleep' 'do_signal_stop' 'dput' 'ext4_da_write_end' 'generic_fillattr' 'futex_wait_queue_me' 'shmem_add_to_page_cache' 'shmem_file_read_iter' 'snd_seq_prioq_cell_out' 'd_delete' 'find_next_bit' 'filemap_map_pages' 'dd_has_work' 'mm_update_next_owner' 'n_tty_receive_buf_common' 'generic_file_read_iter' '__writeback_single_inode' 'get_cpu_idle_time_us' 'atime_needs_update' 'mod_timer' 'do_wait' 'handle_userfault' 'ep_poll' 'ktime_get_real_seconds' 'pipe_wait' 'ext4_mb_good_group' '__perf_event_overflow' 'list_lru_count_one' 'page_counter_try_charge' 'pipe_poll' '__ext4_new_inode' 'blk_mq_get_request' 'bio_endio' 'blk_mq_dispatch_rq_list' 'audit_log_start' 'sit_tunnel_xmit' 'pcpu_alloc' 'tcp_add_backlog' 'tick_do_update_jiffies64' 'xas_find_marked' 'ext4_free_inodes_count' 'timer_clear_idle' '__find_get_block' 'l2tp_tunnel_del_work' 'ext4_has_free_clusters' 'run_timer_softirq' 'sixpack_receive_buf' '__rcu_read_unlock' 'process_srcu' 'page_counter_charge' 'ext4_mb_find_by_goal' 'vm_area_dup' 'snd_seq_check_queue' 'complete_signal' 'blk_mq_run_hw_queue' '__filemap_fdatawrite_range' 'copy_process' 'blk_mq_sched_dispatch_requests' 'do_syslog' 'echo_char' 'mem_cgroup_select_victim_node' 'ext4_ext_insert_extent' 'tomoyo_supervisor' 'poll_schedule_timeout' 'wbt_done' 'taskstats_exit' '__snd_rawmidi_transmit_ack' 'queue_access_lock' 'percpu_counter_add_batch' 'pid_update_inode' 'kcm_rfree' 'tick_nohz_idle_stop_tick' 'ip_finish_output2' 'blk_stat_add' '__add_to_page_cache_locked' 'fprop_fraction_percpu' '__skb_try_recv_from_queue' 'packet_do_bind' 'ext4_free_inode' 'add_timer' 'ext4_nonda_switch' 'rcu_gp_fqs_loop' 'icmp_global_allow' 
[  316.611501][ T7638] ==================================================================
[  316.619823][ T7638] BUG: KCSAN: data-race in hrtimer_wakeup / schedule_hrtimeout_range_clock
[  316.628394][ T7638] 
[  316.630707][ T7638] write to 0xffffc900016a3848 of 8 bytes by interrupt on cpu 1:
[  316.638318][ T7638]  hrtimer_wakeup+0x32/0x60
[  316.642800][ T7638]  __hrtimer_run_queues+0x274/0x5f0
[  316.647979][ T7638]  hrtimer_interrupt+0x22a/0x480
[  316.652899][ T7638]  smp_apic_timer_interrupt+0xdc/0x280
[  316.658361][ T7638]  apic_timer_interrupt+0xf/0x20
[  316.663305][ T7638]  native_safe_halt+0xe/0x10
[  316.667900][ T7638]  arch_cpu_idle+0xa/0x10
[  316.672271][ T7638]  default_idle_call+0x1e/0x40
[  316.677046][ T7638]  do_idle+0x1af/0x280
[  316.681130][ T7638]  cpu_startup_entry+0x1b/0x20
[  316.685915][ T7638]  start_secondary+0x168/0x1b0
[  316.690700][ T7638]  secondary_startup_64+0xa4/0xb0
[  316.695719][ T7638] 
[  316.698037][ T7638] read to 0xffffc900016a3848 of 8 bytes by task 7638 on cpu 0:
[  316.705582][ T7638]  schedule_hrtimeout_range_clock+0x109/0x1e0
[  316.711681][ T7638]  schedule_hrtimeout_range+0x34/0x50
[  316.717145][ T7638]  poll_schedule_timeout.constprop.0+0x75/0xc0
[  316.723299][ T7638]  do_select+0xd7f/0x1020
[  316.727639][ T7638]  core_sys_select+0x381/0x550
[  316.732410][ T7638]  do_pselect.constprop.0+0x11d/0x160
[  316.737788][ T7638]  __x64_sys_pselect6+0x12e/0x170
[  316.742823][ T7638]  do_syscall_64+0xcc/0x370
[  316.747332][ T7638]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  316.753209][ T7638] 
[  316.755529][ T7638] Reported by Kernel Concurrency Sanitizer on:
[  316.761712][ T7638] CPU: 0 PID: 7638 Comm: syz-fuzzer Not tainted 5.4.0-syzkaller #0
[  316.769610][ T7638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  316.779835][ T7638] ==================================================================
[  316.787896][ T7638] Kernel panic - not syncing: panic_on_warn set ...
[  316.794497][ T7638] CPU: 0 PID: 7638 Comm: syz-fuzzer Not tainted 5.4.0-syzkaller #0
[  316.802489][ T7638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  316.812654][ T7638] Call Trace:
[  316.815953][ T7638]  dump_stack+0x11d/0x181
[  316.820303][ T7638]  panic+0x210/0x640
[  316.824207][ T7638]  ? vprintk_func+0x8d/0x140
[  316.828815][ T7638]  kcsan_report.cold+0xc/0xd
[  316.833487][ T7638]  kcsan_setup_watchpoint+0x3fe/0x460
[  316.838875][ T7638]  __tsan_read8+0xc6/0x100
[  316.843312][ T7638]  schedule_hrtimeout_range_clock+0x109/0x1e0
[  316.849403][ T7638]  ? hrtimer_active+0x1a0/0x1a0
[  316.854263][ T7638]  schedule_hrtimeout_range+0x34/0x50
[  316.859660][ T7638]  poll_schedule_timeout.constprop.0+0x75/0xc0
[  316.865922][ T7638]  do_select+0xd7f/0x1020
[  316.870382][ T7638]  ? __rcu_read_unlock+0x66/0x3c0
[  316.875433][ T7638]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  316.881165][ T7638]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  316.887552][ T7638]  ? __rcu_read_unlock+0x66/0x3c0
[  316.892602][ T7638]  ? __rcu_read_unlock+0x66/0x3c0
[  316.897654][ T7638]  ? __rcu_read_unlock+0x66/0x3c0
[  316.902687][ T7638]  ? find_next_bit+0xcb/0xe0
[  316.907280][ T7638]  ? rb_erase+0x2aa/0x990
[  316.911612][ T7638]  ? __read_once_size.constprop.0+0x12/0x20
[  316.917522][ T7638]  ? timerqueue_del+0xa1/0x100
[  316.922315][ T7638]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  316.928571][ T7638]  ? __remove_hrtimer+0x7a/0x130
[  316.933518][ T7638]  ? _raw_spin_unlock_irqrestore+0x70/0x80
[  316.939346][ T7638]  ? hrtimer_try_to_cancel+0x57/0x260
[  316.944734][ T7638]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  316.950993][ T7638]  ? debug_smp_processor_id+0x4c/0x172
[  316.956461][ T7638]  ? delay_tsc+0x8f/0xc0
[  316.961336][ T7638]  ? __const_udelay+0x36/0x40
[  316.966028][ T7638]  ? __udelay+0x10/0x20
[  316.970205][ T7638]  core_sys_select+0x381/0x550
[  316.974983][ T7638]  ? __sanitizer_cov_trace_switch+0x49/0x80
[  316.980894][ T7638]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  316.986649][ T7638]  ? _copy_to_user+0x84/0xb0
[  316.991252][ T7638]  ? __sanitizer_cov_trace_switch+0x49/0x80
[  316.997156][ T7638]  ? __read_once_size+0x5a/0xe0
[  317.002028][ T7638]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  317.008629][ T7638]  ? ktime_get_ts64+0x286/0x2c0
[  317.013496][ T7638]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  317.019237][ T7638]  ? timespec64_add_safe+0xae/0xd0
[  317.024370][ T7638]  do_pselect.constprop.0+0x11d/0x160
[  317.029775][ T7638]  __x64_sys_pselect6+0x12e/0x170
[  317.034800][ T7638]  ? switch_fpu_return+0x11f/0x250
[  317.039924][ T7638]  do_syscall_64+0xcc/0x370
[  317.044453][ T7638]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  317.050346][ T7638] RIP: 0033:0x45ac23
[  317.054234][ T7638] Code: 48 89 44 24 08 bf 00 00 00 00 be 00 00 00 00 ba 00 00 00 00 41 ba 00 00 00 00 49 89 e0 41 b9 00 00 00 00 b8 0e 01 00 00 0f 05 <48> 8b 6c 24 10 48 83 c4 18 c3 cc cc cc b8 ba 00 00 00 0f 05 89 44
[  317.073838][ T7638] RSP: 002b:000000c42004ff08 EFLAGS: 00000202 ORIG_RAX: 000000000000010e
[  317.082268][ T7638] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 000000000045ac23
[  317.090248][ T7638] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  317.098233][ T7638] RBP: 000000c42004ff18 R08: 000000c42004ff08 R09: 0000000000000000
[  317.106222][ T7638] R10: 0000000000000000 R11: 0000000000000202 R12: 000000000042f0a0
[  317.114217][ T7638] R13: 00000000000000f1 R14: 0000000000000011 R15: 0000000000000000
[  317.123682][ T7638] Kernel Offset: disabled
[  317.128035][ T7638] Rebooting in 86400 seconds..