[   51.001671][   T26] audit: type=1800 audit(1572948822.310:30): pid=7820 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2456 res=0

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.10.55' (ECDSA) to the list of known hosts.
2019/11/05 10:13:52 fuzzer started
2019/11/05 10:13:54 dialing manager at 10.128.0.105:37793
2019/11/05 10:13:54 syscalls: 2553
2019/11/05 10:13:54 code coverage: enabled
2019/11/05 10:13:54 comparison tracing: enabled
2019/11/05 10:13:54 extra coverage: extra coverage is not supported by the kernel
2019/11/05 10:13:54 setuid sandbox: enabled
2019/11/05 10:13:54 namespace sandbox: enabled
2019/11/05 10:13:54 Android sandbox: /sys/fs/selinux/policy does not exist
2019/11/05 10:13:54 fault injection: enabled
2019/11/05 10:13:54 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2019/11/05 10:13:54 net packet injection: enabled
2019/11/05 10:13:54 net device setup: enabled
2019/11/05 10:13:54 concurrency sanitizer: enabled
2019/11/05 10:13:54 devlink PCI setup: PCI device 0000:00:10.0 is not available
syzkaller login: [   67.130131][ T7992] KCSAN: could not find function: '__mutex_lock'
[   74.454454][ T7992] KCSAN: could not find function: 'poll_schedule_timeout'
2019/11/05 10:14:11 adding functions to KCSAN blacklist: 'fanotify_handle_event' 'snapshot_refaults' 'blk_mq_run_hw_queue' 'do_nanosleep' 'tick_nohz_idle_stop_tick' 'find_group_orlov' 'kcm_rfree' 'rcu_gp_fqs_check_wake' 'find_get_pages_range_tag' 'xas_find_marked' '__skb_try_recv_from_queue' 'file_update_time' 'bio_chain' 'copy_process' 'add_timer_on' 'tick_sched_do_timer' 'wbt_issue' '__splice_from_pipe' 'taskstats_exit' 'ep_poll' '__mutex_lock' 'tomoyo_supervisor' 'xas_clear_mark' 'netlink_dump' 'atime_needs_update' 'copy_creds' 'd_lru_del' 'echo_char' 'task_dump_owner' 'mem_cgroup_select_victim_node' 'pipe_wait' '__xfrm_policy_check' 'packet_do_bind' 'generic_write_end' '__ext4_new_inode' 'kvm_arch_vcpu_load' 'blk_mq_get_request' 'ext4_da_write_end' 'fasync_remove_entry' 'run_timer_softirq' 'list_lru_count_one' 'ext4_free_inode' 'ext4_mb_good_group' 'ext4_mark_iloc_dirty' 'blk_mq_sched_dispatch_requests' 'get_task_cred' 'shmem_file_read_iter' '__add_to_page_cache_locked' 'mm_update_next_owner' '__hrtimer_run_queues' 'vm_area_dup' '__alloc_file' 'audit_log_start' 'p9_poll_workfn' '__mark_inode_dirty' '__snd_rawmidi_transmit_ack' 'ext4_mb_find_by_goal' 'pid_update_inode' 'kernfs_refresh_inode' 'ext4_free_inodes_count' 'do_exit' 'lruvec_lru_size' 'yama_ptracer_del' 'tcp_add_backlog' 'page_counter_try_charge' 'shmem_getpage_gfp' 'mod_timer' 'poll_schedule_timeout' 'do_syslog' '__rcu_read_unlock' '__find_get_block' 'ktime_get_real_seconds' 'pcpu_alloc' 'xprt_clear_locked' 'ip_tunnel_xmit' 'snd_ctl_notify' 'ktime_get_seconds' 'process_srcu' 'rcu_gp_fqs_loop' 'n_tty_receive_buf_common' 'wbc_attach_and_unlock_inode' '__dev_queue_xmit' 'dd_has_work' 'ext4_has_free_clusters' '__fput' 'pipe_poll' 'futex_wait_queue_me' 'wbt_done' 'inet_putpeer' '__delete_from_page_cache' 'generic_permission' 'generic_fillattr' 'add_timer' 'sctp_assoc_migrate' 'exit_signals' 'find_next_bit' 'enqueue_timer' 'icmp_global_allow' 'kvm_mmu_notifier_invalidate_range_end' 'virtqueue_enable_cb_delayed' 'blk_mq_dispatch_rq_list' 'timer_clear_idle' 'kauditd_thread' 'tick_do_update_jiffies64' 'drain_all_stock' 'osq_lock' 'commit_echoes' 'ext4_nonda_switch' 
[  323.254369][    C1] ==================================================================
[  323.262542][    C1] BUG: KCSAN: data-race in hrtimer_wakeup / schedule_hrtimeout_range_clock
[  323.271105][    C1] 
[  323.273423][    C1] read to 0xffffc90003d0b848 of 8 bytes by task 7977 on cpu 0:
[  323.280948][    C1]  schedule_hrtimeout_range_clock+0x109/0x1e0
[  323.287022][    C1]  schedule_hrtimeout_range+0x34/0x50
[  323.292404][    C1]  poll_schedule_timeout.constprop.0+0x75/0xc0
[  323.298752][    C1]  do_select+0xd7f/0x1020
[  323.303065][    C1]  core_sys_select+0x381/0x550
[  323.307837][    C1]  do_pselect.constprop.0+0x11d/0x160
[  323.313204][    C1]  __x64_sys_pselect6+0x12e/0x170
[  323.318221][    C1]  do_syscall_64+0xcc/0x370
[  323.322712][    C1]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  323.328597][    C1] 
[  323.330914][    C1] write to 0xffffc90003d0b848 of 8 bytes by interrupt on cpu 1:
[  323.338525][    C1]  hrtimer_wakeup+0x32/0x60
[  323.343057][    C1]  __hrtimer_run_queues+0x274/0x5f0
[  323.348236][    C1]  hrtimer_interrupt+0x22a/0x480
[  323.353174][    C1]  smp_apic_timer_interrupt+0xdc/0x280
[  323.358715][    C1]  apic_timer_interrupt+0xf/0x20
[  323.363634][    C1]  _raw_spin_unlock_irq+0x4e/0x80
[  323.368643][    C1]  finish_task_switch+0x7b/0x260
[  323.373578][    C1]  __schedule+0x319/0x640
[  323.377893][    C1]  schedule_idle+0x27/0x40
[  323.382299][    C1]  do_idle+0xc9/0x280
[  323.386264][    C1]  cpu_startup_entry+0x1b/0x20
[  323.391015][    C1]  start_secondary+0x208/0x260
[  323.395770][    C1]  secondary_startup_64+0xa4/0xb0
[  323.400777][    C1] 
[  323.403086][    C1] Reported by Kernel Concurrency Sanitizer on:
[  323.409226][    C1] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 5.4.0-rc6+ #0
[  323.417097][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  323.427135][    C1] ==================================================================
[  323.435176][    C1] Kernel panic - not syncing: panic_on_warn set ...
[  323.441747][    C1] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 5.4.0-rc6+ #0
[  323.448830][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  323.458865][    C1] Call Trace:
[  323.462144][    C1]  <IRQ>
[  323.465032][    C1]  dump_stack+0xf5/0x159
[  323.469263][    C1]  panic+0x210/0x640
[  323.473151][    C1]  ? vprintk_func+0x8d/0x140
[  323.477741][    C1]  kcsan_report.cold+0xc/0xe
[  323.482316][    C1]  kcsan_setup_watchpoint+0x3fe/0x410
[  323.487675][    C1]  __tsan_unaligned_write8+0x143/0x1f0
[  323.493120][    C1]  hrtimer_wakeup+0x32/0x60
[  323.497607][    C1]  __hrtimer_run_queues+0x274/0x5f0
[  323.502788][    C1]  ? hrtimer_active+0x1a0/0x1a0
[  323.507642][    C1]  hrtimer_interrupt+0x22a/0x480
[  323.512628][    C1]  smp_apic_timer_interrupt+0xdc/0x280
[  323.518083][    C1]  ? smp_reschedule_interrupt+0x71/0x1d0
[  323.523714][    C1]  apic_timer_interrupt+0xf/0x20
[  323.528649][    C1]  </IRQ>
[  323.531578][    C1] RIP: 0010:_raw_spin_unlock_irq+0x4e/0x80
[  323.537389][    C1] Code: 00 74 44 48 89 df c6 07 00 0f 1f 40 00 48 c7 c7 70 63 a5 85 e8 b3 34 bc fc 48 83 3d 8b e1 0e 01 00 74 26 fb 66 0f 1f 44 00 00 <bf> 01 00 00 00 e8 28 15 9d fc 65 8b 05 09 ea 6a 7b 85 c0 74 0c e8
[  323.557447][    C1] RSP: 0018:ffffc90000cd3de0 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff13
[  323.565844][    C1] RAX: 0000000000000043 RBX: ffff88812bf2a3c0 RCX: 0000ffffffffffff
[  323.574330][    C1] RDX: 0000000000000000 RSI: 0000000000000016 RDI: ffffffff85a56370
[  323.582373][    C1] RBP: ffffc90000cd3de8 R08: 0000ffff85a56370 R09: 00000000aaaaaaab
[  323.590326][    C1] R10: 0000ffff85a56377 R11: 0000000000000000 R12: ffff88812bf2a3c0
[  323.598365][    C1] R13: ffff88812b3a2040 R14: 0000000000000000 R15: 0000000000000001
[  323.606349][    C1]  finish_task_switch+0x7b/0x260
[  323.611299][    C1]  __schedule+0x319/0x640
[  323.615634][    C1]  schedule_idle+0x27/0x40
[  323.620049][    C1]  do_idle+0xc9/0x280
[  323.624040][    C1]  ? complete+0x44/0x50
[  323.628202][    C1]  cpu_startup_entry+0x1b/0x20
[  323.632970][    C1]  start_secondary+0x208/0x260
[  323.637746][    C1]  secondary_startup_64+0xa4/0xb0
[  323.644283][    C1] Kernel Offset: disabled
[  323.648646][    C1] Rebooting in 86400 seconds..