[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   53.270414][   T27] kauditd_printk_skb: 7 callbacks suppressed
[   53.270431][   T27] audit: type=1800 audit(1577474925.284:29): pid=7894 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2465 res=0
[   53.296779][   T27] audit: type=1800 audit(1577474925.284:30): pid=7894 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2456 res=0

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.213' (ECDSA) to the list of known hosts.
2019/12/27 19:28:54 fuzzer started
2019/12/27 19:28:55 dialing manager at 10.128.0.105:38197
2019/12/27 19:28:56 syscalls: 2692
2019/12/27 19:28:56 code coverage: enabled
2019/12/27 19:28:56 comparison tracing: enabled
2019/12/27 19:28:56 extra coverage: enabled
2019/12/27 19:28:56 setuid sandbox: enabled
2019/12/27 19:28:56 namespace sandbox: enabled
2019/12/27 19:28:56 Android sandbox: /sys/fs/selinux/policy does not exist
2019/12/27 19:28:56 fault injection: enabled
2019/12/27 19:28:56 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2019/12/27 19:28:56 net packet injection: enabled
2019/12/27 19:28:56 net device setup: enabled
2019/12/27 19:28:56 concurrency sanitizer: enabled
2019/12/27 19:28:56 devlink PCI setup: PCI device 0000:00:10.0 is not available
syzkaller login: [   75.998365][ T8057] KCSAN: could not find function: 'poll_schedule_timeout'
2019/12/27 19:29:23 adding functions to KCSAN blacklist: 'n_tty_receive_buf_common' 'kcm_release' 'atime_needs_update' 'flush_signal_handlers' 'filemap_map_pages' 'rcu_gp_fqs_loop' 'inode_permission' 'generic_file_read_iter' 'process_srcu' 'page_counter_try_charge' 'd_instantiate_new' 'pid_update_inode' 'snd_seq_check_queue' '__alloc_fd' 'vti_tunnel_xmit' 'blk_stat_add' '__fsnotify_parent' '__wb_update_bandwidth' 'fasync_remove_entry' 'shmem_getpage_gfp' '__process_echoes' 'ipip_tunnel_xmit' '__get_user_pages' 'alloc_empty_file' 'echo_char' 'futex_wait_queue_me' 'ip6_tnl_start_xmit' '__put_unused_fd' 'free_pid' 'snd_seq_fifo_event_in' 'd_alloc_parallel' 'snd_seq_prioq_cell_out' '__synchronize_hardirq' '__page_set_anon_rmap' 'kauditd_thread' 'mod_timer' 'pcpu_alloc' '__dev_queue_xmit' 'ext4_writepages' 'queue_access_lock' 'audit_log_start' 'lookup_fast' 'yama_ptracer_del' 'add_timer_on' 'pipe_double_lock' 'ptrace_check_attach' 'install_new_memslots' 'wbt_done' 'tick_nohz_idle_stop_tick' 'sit_tunnel_xmit' 'hsr_register_frame_out' 'snd_pcm_oss_ioctl' 'snd_seq_timer_get_cur_tick' 'relay_switch_subbuf' 'rcu_gp_fqs_check_wake' 'ext4_has_free_clusters' 'ext4_nonda_switch' 'fsnotify' '__tty_hangup' 'get_signal' 'timer_clear_idle' 'ktime_get_real_seconds' 'evict' 'file_remove_privs' 'skb_dequeue' 'write_cache_pages' 'dd_has_work' 'has_bh_in_lru' 'find_next_bit' 'poll_schedule_timeout' 'blk_mq_run_hw_queue' 'vm_area_dup' 'unix_release_sock' '__lru_cache_add' 'fuse_get_req' 'perf_event_update_userpage' '__hrtimer_run_queues' 'blk_mq_dispatch_rq_list' 'delete_from_page_cache_batch' 'do_readlinkat' 'shmem_file_read_iter' 'ext4_mark_iloc_dirty' 'generic_permission' 'writeback_sb_inodes' 'add_timer' 'file_update_time' 'watchdog' '__rcu_read_unlock' 'del_timer' 'sixpack_receive_buf' 'commit_echoes' '__mark_inode_dirty' 'blk_mq_get_request' 'do_nanosleep' 'fat_time_unix2fat' 'sctp_association_free' '__fat_write_inode' 'other_inode_match' 'handle_userfault' 'xas_clear_mark' 'tick_do_update_jiffies64' '__dentry_kill' 'generic_fillattr' 'enqueue_timer' '__delete_from_page_cache' 'wbt_wait' 'kernfs_refresh_inode' 'ext4_free_inodes_count' 'lruvec_lru_size' 'virtqueue_disable_cb' '__perf_event_overflow' '__filemap_fdatawrite_range' 'rq_qos_wait' '__writeback_single_inode' 'ip_tunnel_xmit' 'can_receive' 'tick_sched_do_timer' 'ext4_free_inode' 'blk_mq_sched_dispatch_requests' 'do_syslog' '__d_instantiate' 'do_signal_stop' 'page_counter_charge' 'common_perm_cond' 'do_sendfile' 'generic_write_end' '__rb_insert_augmented' 'lru_add_drain_all' 'tomoyo_supervisor' 'wbt_issue' '__rb_rotate_set_parents' 'iomap_dio_bio_actor' 'xas_find_marked' 'exit_signals' 'do_exit' 'run_timer_softirq' 'taskstats_exit' '__ext4_new_inode' 'kvm_mmu_notifier_invalidate_range_end' 'copy_process' 'ext4_mb_find_by_goal' 'inotify_handle_event' 'find_get_pages_range_tag' '__rb_erase_color' 'ext4_mb_good_group' 'mm_update_next_owner' 'kcm_rcv_strparser' '__snd_rawmidi_transmit_ack' 'kcm_rfree' 'do_try_to_free_pages' 'd_delete' 'ktime_get_seconds' 'ep_poll' 'shmem_add_to_page_cache' 'ext4_set_iomap' 'ondemand_readahead' 'bio_endio' 'l2tp_tunnel_del_work' 'list_lru_count_one' 'padata_find_next' 'sbitmap_queue_clear' 'balance_dirty_pages' 'wbc_detach_inode' '__add_to_page_cache_locked' 'ext4_sync_file' 'can_send' 
[  298.678482][ T8046] ==================================================================
[  298.686799][ T8046] BUG: KCSAN: data-race in __acct_update_integrals / mmap_region
[  298.694523][ T8046] 
[  298.696983][ T8046] read to 0xffff8881218dba40 of 8 bytes by interrupt on cpu 0:
[  298.707512][ T8046]  __acct_update_integrals+0x1b1/0x1e0
[  298.713455][ T8046]  acct_account_cputime+0x4e/0x60
[  298.718499][ T8046]  account_user_time+0xb2/0xc0
[  298.723458][ T8046]  irqtime_account_process_tick.isra.0+0x14e/0x1b0
[  298.729977][ T8046]  account_process_tick+0x14e/0x190
[  298.736941][ T8046]  update_process_times+0x29/0x80
[  298.741988][ T8046]  tick_sched_handle+0x75/0x100
[  298.746890][ T8046]  tick_sched_timer+0x58/0xe0
[  298.751587][ T8046]  __hrtimer_run_queues+0x274/0x5f0
[  298.756960][ T8046]  hrtimer_interrupt+0x22a/0x480
[  298.762341][ T8046]  smp_apic_timer_interrupt+0xdc/0x280
[  298.767812][ T8046]  apic_timer_interrupt+0xf/0x20
[  298.773227][ T8046] 
[  298.775582][ T8046] write to 0xffff8881218dba40 of 8 bytes by task 8046 on cpu 1:
[  298.783332][ T8046]  mmap_region+0x328/0xd50
[  298.788457][ T8046]  do_mmap+0x6c8/0xba0
[  298.794538][ T8046]  vm_mmap_pgoff+0x12d/0x190
[  298.799409][ T8046]  ksys_mmap_pgoff+0x99/0x420
[  298.804473][ T8046]  __x64_sys_mmap+0x2e/0x40
[  298.809191][ T8046]  do_syscall_64+0xcc/0x3a0
[  298.813720][ T8046]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  298.819699][ T8046] 
[  298.822039][ T8046] Reported by Kernel Concurrency Sanitizer on:
[  298.828564][ T8046] CPU: 1 PID: 8046 Comm: syz-fuzzer Not tainted 5.5.0-rc1-syzkaller #0
[  298.836813][ T8046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  298.847337][ T8046] ==================================================================
[  298.857791][ T8046] Kernel panic - not syncing: panic_on_warn set ...
[  298.864914][ T8046] CPU: 1 PID: 8046 Comm: syz-fuzzer Not tainted 5.5.0-rc1-syzkaller #0
[  298.875106][ T8046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  298.885893][ T8046] Call Trace:
[  298.890255][ T8046]  dump_stack+0x11d/0x181
[  298.894597][ T8046]  panic+0x210/0x640
[  298.898700][ T8046]  ? vprintk_func+0x8d/0x140
[  298.903775][ T8046]  kcsan_report.cold+0xc/0xd
[  298.908385][ T8046]  kcsan_setup_watchpoint+0x3fe/0x460
[  298.913916][ T8046]  __tsan_unaligned_write8+0xc7/0x110
[  298.919391][ T8046]  mmap_region+0x328/0xd50
[  298.923821][ T8046]  do_mmap+0x6c8/0xba0
[  298.927927][ T8046]  vm_mmap_pgoff+0x12d/0x190
[  298.932657][ T8046]  ksys_mmap_pgoff+0x99/0x420
[  298.937362][ T8046]  ? debug_smp_processor_id+0x43/0x137
[  298.943043][ T8046]  __x64_sys_mmap+0x2e/0x40
[  298.947718][ T8046]  do_syscall_64+0xcc/0x3a0
[  298.953938][ T8046]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  298.960736][ T8046] RIP: 0033:0x45b014
[  298.964754][ T8046] Code: 03 cc cc cc cc cc 48 8b 7c 24 08 48 8b 74 24 10 8b 54 24 18 44 8b 54 24 1c 44 8b 44 24 20 44 8b 4c 24 24 b8 09 00 00 00 0f 05 <48> 3d 01 f0 ff ff 76 15 48 f7 d0 48 ff c0 48 c7 44 24 28 00 00 00
[  298.985883][ T8046] RSP: 002b:000000c42014dc20 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  298.994936][ T8046] RAX: ffffffffffffffda RBX: 0000000000000022 RCX: 000000000045b014
[  299.002912][ T8046] RDX: 0000000000000003 RSI: 0000000000100000 RDI: 000000c43f4e0000
[  299.011255][ T8046] RBP: 000000c42014dc90 R08: 00000000ffffffff R09: 0000000000000000
[  299.019786][ T8046] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000000
[  299.027798][ T8046] R13: 0000000000000001 R14: 0000000000000001 R15: 0000000000000001
[  299.037576][ T8046] Kernel Offset: disabled
[  299.042053][ T8046] Rebooting in 86400 seconds..