[ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.224' (ECDSA) to the list of known hosts. 2020/12/22 04:31:02 fuzzer started 2020/12/22 04:31:03 dialing manager at 10.128.0.105:33859 2020/12/22 04:31:03 syscalls: 3466 2020/12/22 04:31:03 code coverage: enabled 2020/12/22 04:31:03 comparison tracing: enabled 2020/12/22 04:31:03 extra coverage: enabled 2020/12/22 04:31:03 setuid sandbox: enabled 2020/12/22 04:31:03 namespace sandbox: enabled 2020/12/22 04:31:03 Android sandbox: /sys/fs/selinux/policy does not exist 2020/12/22 04:31:03 fault injection: enabled 2020/12/22 04:31:03 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/12/22 04:31:03 net packet injection: enabled 2020/12/22 04:31:03 net device setup: enabled 2020/12/22 04:31:03 concurrency sanitizer: enabled 2020/12/22 04:31:03 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/12/22 04:31:03 USB emulation: enabled 2020/12/22 04:31:03 hci packet injection: enabled 2020/12/22 04:31:03 wifi device emulation: enabled 2020/12/22 04:31:07 suppressing KCSAN reports in functions: 'alloc_pid' 'ext4_sync_file' 'ktime_get_real_seconds' 'blk_mq_sched_dispatch_requests' 'wbt_issue' '__mark_inode_dirty' 'do_select' '__ext4_update_other_inode_time' 'ext4_set_iomap' 'dd_has_work' 'audit_log_start' '__xa_clear_mark' 'ext4_mark_iloc_dirty' 'do_sys_poll' 'xas_find_marked' 'tick_sched_timer' 'tick_nohz_next_event' 'shmem_getpage_gfp' 'step_into' 'kvm_mmu_notifier_invalidate_range_end' 'ext4_mb_good_group' 'ext4_writepages' 'generic_file_buffered_read' '__add_to_page_cache_locked' 'futex_wait_queue_me' 'ext4_mb_find_by_goal' 'shmem_mknod' 'blk_mq_rq_ctx_init' 'kauditd_thread' 'ext4_mb_regular_allocator' '__io_cqring_fill_event' '__xa_set_mark' 'compact_finished' '__delete_from_page_cache' 'find_get_pages_range_tag' 'exit_signals' 'ext4_setattr' 'expire_timers' 'bpf_lru_pop_free' '_prb_read_valid' 'iptunnel_xmit' 'shmem_symlink' 'generic_write_end' '__filemap_fdatawrite_range' 'exit_mm' 'ext4_free_inodes_count' 'blk_mq_dispatch_rq_list' 'ext4_free_inode' '__writeback_single_inode' 'mark_buffer_dirty_inode' 'do_nanosleep' 'blk_mq_do_dispatch_sched' 'wbt_done' 'shmem_unlink' 'n_tty_receive_buf_common' 'kcm_rfree' 'pcpu_alloc' 'wg_packet_decrypt_worker' 'do_signal_stop' 'blk_mq_free_request' 'vfs_fsync_range' '__ext4_new_inode' 04:32:53 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x9, &(0x7f0000000040)=0x81, 0x4) mmap$IORING_OFF_SQES(&(0x7f00009fe000/0x600000)=nil, 0x600000, 0x9, 0x31, 0xffffffffffffffff, 0x10000000) getsockopt$inet_tcp_int(r0, 0x6, 0x9, 0x0, &(0x7f0000d12ffc)) 04:32:54 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r1, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="380000002400ffffff7f00000000400000000000", @ANYRES32=r2, @ANYBLOB="00000000ffffffff00000000090001006866736300000000080002"], 0x38}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001540)=@newtfilter={0x88c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {}, {0xe}}, [@filter_kind_options=@f_tcindex={{0xc, 0x1, 'tcindex\x00'}, {0x854, 0x2, [@TCA_TCINDEX_POLICE={0x850, 0x6, [@TCA_POLICE_PEAKRATE={0x404}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0xf9, 0x0, 0x0, 0x0, 0x0, 0x9}, {0x80, 0x0, 0x0, 0x0, 0x0, 0x8000}}}, @TCA_POLICE_AVRATE={0x8}, @TCA_POLICE_RATE={0x404}]}]}}, @TCA_RATE={0x6}]}, 0x88c}}, 0x0) r3 = socket(0x1000000010, 0x80002, 0x0) sendmmsg$alg(r3, &(0x7f0000000200), 0x10efe10675dec16, 0x0) syzkaller login: [ 141.329558][ T8482] ================================================================== [ 141.337681][ T8482] BUG: KCSAN: data-race in tomoyo_domain_quota_is_ok / tomoyo_merge_path_acl [ 141.346880][ T8482] [ 141.349197][ T8482] write to 0xffff88810cf08d5a of 2 bytes by task 8483 on cpu 1: [ 141.356845][ T8482] tomoyo_merge_path_acl+0x4c/0x70 [ 141.361960][ T8482] tomoyo_update_domain+0x337/0x3a0 [ 141.367163][ T8482] tomoyo_write_file+0x210/0x910 [ 141.372113][ T8482] tomoyo_supervisor+0xaad/0xb20 [ 141.377047][ T8482] tomoyo_path_perm+0x261/0x330 [ 141.381990][ T8482] tomoyo_path_truncate+0x18/0x20 [ 141.387016][ T8482] security_path_truncate+0x7f/0xd0 [ 141.392211][ T8482] do_sys_ftruncate+0x38d/0x530 [ 141.397054][ T8482] __x64_sys_ftruncate+0x2f/0x40 [ 141.401984][ T8482] do_syscall_64+0x39/0x80 [ 141.406404][ T8482] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 141.412829][ T8482] [ 141.415166][ T8482] read to 0xffff88810cf08d5a of 2 bytes by task 8482 on cpu 0: [ 141.422697][ T8482] tomoyo_domain_quota_is_ok+0xd7/0x2d0 [ 141.428241][ T8482] tomoyo_supervisor+0x1f4/0xb20 [ 141.433176][ T8482] tomoyo_path_number_perm+0x227/0x2d0 [ 141.438642][ T8482] tomoyo_path_chmod+0x23/0x30 [ 141.443408][ T8482] security_path_chmod+0x92/0xe0 [ 141.448336][ T8482] chmod_common+0xe6/0x280 [ 141.452748][ T8482] __x64_sys_fchmodat+0x9b/0x120 [ 141.457682][ T8482] do_syscall_64+0x39/0x80 [ 141.462107][ T8482] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 141.467999][ T8482] [ 141.470419][ T8482] Reported by Kernel Concurrency Sanitizer on: [ 141.476649][ T8482] CPU: 0 PID: 8482 Comm: syz-fuzzer Not tainted 5.10.0-syzkaller #0 [ 141.484650][ T8482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 141.494713][ T8482] ================================================================== [ 141.502787][ T8482] Kernel panic - not syncing: panic_on_warn set ... [ 141.509360][ T8482] CPU: 0 PID: 8482 Comm: syz-fuzzer Not tainted 5.10.0-syzkaller #0 [ 141.517333][ T8482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 04:32:54 executing program 2: r0 = getpid() write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYBLOB="560000007d020000004f007f0001040000007f0000000600000000000000000010880000000008006f7665726c6179dae1fad4ed3aa6030008006f7665726c61790054357bb3adfaf16711de570503f0c4e6398b8dec5fb2696e6465783d6f07000000000000004d257e65cfe07df4ade07f88c10049abc9273aa353bf7aee40da5e176a7515d451bbb007000000"], 0x56) io_submit(0x0, 0x5800, &(0x7f0000000540)=[&(0x7f00000000c0)={0xffffff7f, 0xff0f, 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x377140be6b5ef4c7}]) r1 = getpid() sched_setscheduler(r1, 0x0, &(0x7f0000000380)) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000}, 0xc, 0x0}, 0x1) sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = open(0x0, 0x0, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000380)=ANY=[], 0x15) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) ioctl$TIOCGLCKTRMIOS(r4, 0x5456, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="0f0836660f3a633ea466bad004ec9a13000000fb00f00fb18500000000670f01cb660f388054fe04660f3a0aef07cf66ba410066ed", 0x35}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_LAPIC(r5, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_SET_VAPIC_ADDR(r5, 0x4008ae93, &(0x7f0000000140)=0x5000) ioctl$KVM_RUN(r5, 0xae80, 0x0) [ 141.527560][ T8482] Call Trace: [ 141.530840][ T8482] dump_stack+0x116/0x15d [ 141.535200][ T8482] panic+0x1e7/0x5fa [ 141.539112][ T8482] ? vprintk_emit+0x2e2/0x360 [ 141.543878][ T8482] kcsan_report+0x67b/0x680 [ 141.548386][ T8482] ? kcsan_setup_watchpoint+0x47b/0x4e0 [ 141.553999][ T8482] ? tomoyo_domain_quota_is_ok+0xd7/0x2d0 [ 141.559724][ T8482] ? tomoyo_supervisor+0x1f4/0xb20 [ 141.564829][ T8482] ? tomoyo_path_number_perm+0x227/0x2d0 [ 141.570464][ T8482] ? tomoyo_path_chmod+0x23/0x30 [ 141.575400][ T8482] ? security_path_chmod+0x92/0xe0 [ 141.580508][ T8482] ? chmod_common+0xe6/0x280 [ 141.613160][ T8482] ? __x64_sys_fchmodat+0x9b/0x120 [ 141.618296][ T8482] ? do_syscall_64+0x39/0x80 [ 141.622895][ T8482] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 141.628972][ T8482] ? string+0x1f9/0x210 [ 141.633140][ T8482] ? vsnprintf+0xe3f/0xe80 [ 141.637581][ T8482] ? widen_string+0x3a/0x280 [ 141.642176][ T8482] kcsan_setup_watchpoint+0x47b/0x4e0 [ 141.647548][ T8482] ? tomoyo_profile+0x17/0x30 [ 141.652233][ T8482] tomoyo_domain_quota_is_ok+0xd7/0x2d0 [ 141.657872][ T8482] tomoyo_supervisor+0x1f4/0xb20 [ 141.663261][ T8482] ? snprintf+0x6f/0x90 [ 141.667507][ T8482] tomoyo_path_number_perm+0x227/0x2d0 [ 141.672981][ T8482] ? filename_lookup+0x2b6/0x380 [ 141.677939][ T8482] tomoyo_path_chmod+0x23/0x30 [ 141.682733][ T8482] security_path_chmod+0x92/0xe0 [ 141.687691][ T8482] chmod_common+0xe6/0x280 [ 141.692133][ T8482] __x64_sys_fchmodat+0x9b/0x120 [ 141.697080][ T8482] do_syscall_64+0x39/0x80 [ 141.701529][ T8482] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 141.707428][ T8482] RIP: 0033:0x4b3cdb [ 141.711407][ T8482] Code: ff e9 69 ff ff ff cc cc cc cc cc cc cc cc cc e8 bb a1 f8 ff 48 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 141.731029][ T8482] RSP: 002b:000000c02efbb888 EFLAGS: 00000212 ORIG_RAX: 000000000000010c [ 141.739452][ T8482] RAX: ffffffffffffffda RBX: 000000c00002e800 RCX: 00000000004b3cdb [ 141.747423][ T8482] RDX: 00000000000001ff RSI: 000000c02abda0c0 RDI: ffffffffffffff9c [ 141.755404][ T8482] RBP: 000000c02efbb8e0 R08: 00000000008ce901 R09: 0000000000000001 [ 141.763399][ T8482] R10: 000000c02abda0c0 R11: 0000000000000212 R12: ffffffffffffffff [ 141.771377][ T8482] R13: 0000000000000005 R14: 0000000000000004 R15: 00000000000000aa [ 141.779970][ T8482] Kernel Offset: disabled [ 141.784288][ T8482] Rebooting in 86400 seconds..