[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. [ 25.867109][ C1] random: crng init done [ 25.871403][ C1] random: 7 urandom warning(s) missed due to ratelimiting Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.25' (ECDSA) to the list of known hosts. 2020/10/13 21:11:46 fuzzer started 2020/10/13 21:11:46 dialing manager at 10.128.0.105:37837 2020/10/13 21:11:55 syscalls: 3432 2020/10/13 21:11:55 code coverage: enabled 2020/10/13 21:11:55 comparison tracing: enabled 2020/10/13 21:11:55 extra coverage: enabled 2020/10/13 21:11:55 setuid sandbox: enabled 2020/10/13 21:11:55 namespace sandbox: enabled 2020/10/13 21:11:55 Android sandbox: /sys/fs/selinux/policy does not exist 2020/10/13 21:11:55 fault injection: enabled 2020/10/13 21:11:55 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/10/13 21:11:55 net packet injection: enabled 2020/10/13 21:11:55 net device setup: enabled 2020/10/13 21:11:55 concurrency sanitizer: enabled 2020/10/13 21:11:55 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/10/13 21:11:55 USB emulation: enabled 2020/10/13 21:11:55 hci packet injection: enabled 2020/10/13 21:11:55 wifi device emulation: enabled 21:11:56 executing program 0: r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000090000082505a8a40700000001010902ef0001ff0000000904000012070103000905010200ffe000000905820241"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000400)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x20, 0x0, 0x1}}) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_open_dev$char_usb(0xc, 0xb4, 0x0) syz_usb_disconnect(r0) syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[], 0x0) 21:11:56 executing program 1: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/seq\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_SYSTEM_INFO(r0, 0xc0305302, &(0x7f0000000080)) 21:11:57 executing program 2: set_mempolicy(0x2, &(0x7f00000000c0)=0x2, 0x8) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @gtp={{0x8, 0x1, 'gtp\x00'}, {0x1c, 0x2, 0x0, 0x1, {{0x8}, {0x8}, [@IFLA_GTP_PDP_HASHSIZE={0x8, 0x3, 0x2}]}}}}]}, 0x48}}, 0x0) 21:11:57 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000003240)='nl80211\x00') sendmsg$NL80211_CMD_SET_TID_CONFIG(r0, &(0x7f0000000f40)={0x0, 0x0, &(0x7f0000000f00)={&(0x7f0000000940)={0x28, r1, 0x1, 0x0, 0x0, {{}, {@void, @void}}, [@NL80211_ATTR_TID_CONFIG={0x14, 0x11d, 0x0, 0x1, [{0x4}, {0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x10, 0xd, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x4}]}]}]}]}, 0x28}}, 0x0) syzkaller login: [ 45.606113][ T8721] ================================================================== [ 45.614259][ T8721] BUG: KCSAN: data-race in tomoyo_domain_quota_is_ok / tomoyo_merge_path_acl [ 45.623003][ T8721] [ 45.625349][ T8721] write to 0xffff88810996341a of 2 bytes by task 8722 on cpu 0: [ 45.632973][ T8721] tomoyo_merge_path_acl+0x4f/0x80 [ 45.638076][ T8721] tomoyo_update_domain+0x337/0x3a0 [ 45.643265][ T8721] tomoyo_write_file+0x210/0x910 [ 45.648190][ T8721] tomoyo_supervisor+0xac5/0xb30 [ 45.653140][ T8721] tomoyo_check_open_permission+0x2d0/0x370 [ 45.659043][ T8721] tomoyo_file_open+0xd0/0xe0 [ 45.663712][ T8721] security_file_open+0x3f/0x90 [ 45.668564][ T8721] do_dentry_open+0x22d/0x890 [ 45.673238][ T8721] vfs_open+0x43/0x50 [ 45.677213][ T8721] path_openat+0x1844/0x20a0 [ 45.681789][ T8721] do_filp_open+0xbd/0x1d0 [ 45.686195][ T8721] do_sys_openat2+0x33b/0x500 [ 45.690871][ T8721] __x64_sys_openat+0xef/0x110 [ 45.695624][ T8721] do_syscall_64+0x39/0x80 [ 45.700985][ T8721] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 45.706883][ T8721] [ 45.709220][ T8721] read to 0xffff88810996341a of 2 bytes by task 8721 on cpu 1: [ 45.716757][ T8721] tomoyo_domain_quota_is_ok+0xd7/0x2d0 [ 45.722291][ T8721] tomoyo_supervisor+0x1f4/0xb30 [ 45.727216][ T8721] tomoyo_path_number_perm+0x227/0x2d0 [ 45.732662][ T8721] tomoyo_path_chmod+0x23/0x30 [ 45.737439][ T8721] security_path_chmod+0x92/0xe0 [ 45.742379][ T8721] chmod_common+0xe6/0x280 [ 45.746789][ T8721] __x64_sys_fchmodat+0x9b/0x120 [ 45.751718][ T8721] do_syscall_64+0x39/0x80 [ 45.756151][ T8721] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 45.762043][ T8721] [ 45.764353][ T8721] Reported by Kernel Concurrency Sanitizer on: [ 45.770499][ T8721] CPU: 1 PID: 8721 Comm: syz-fuzzer Not tainted 5.9.0-syzkaller #0 [ 45.778400][ T8721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 45.788548][ T8721] ================================================================== [ 45.796633][ T8721] Kernel panic - not syncing: panic_on_warn set ... 21:11:57 executing program 4: r0 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040)='/dev/udmabuf\x00', 0x2) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcs\x00', 0x0, 0x0) ioctl$UDMABUF_CREATE_LIST(r0, 0x40087543, &(0x7f0000000080)={0x0, 0x3, [{r1}, {}, {}]}) [ 45.803244][ T8721] CPU: 1 PID: 8721 Comm: syz-fuzzer Not tainted 5.9.0-syzkaller #0 [ 45.811122][ T8721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 45.821190][ T8721] Call Trace: [ 45.824477][ T8721] dump_stack+0x10f/0x19d [ 45.828821][ T8721] panic+0x207/0x64a [ 45.832728][ T8721] ? vprintk_emit+0x44a/0x4f0 [ 45.837417][ T8721] kcsan_report+0x684/0x690 [ 45.841930][ T8721] ? kcsan_setup_watchpoint+0x4b9/0x540 [ 45.847473][ T8721] ? tomoyo_domain_quota_is_ok+0xd7/0x2d0 [ 45.853190][ T8721] ? tomoyo_supervisor+0x1f4/0xb30 [ 45.858291][ T8721] ? tomoyo_path_number_perm+0x227/0x2d0 [ 45.863912][ T8721] ? tomoyo_path_chmod+0x23/0x30 [ 45.868847][ T8721] ? security_path_chmod+0x92/0xe0 [ 45.873976][ T8721] ? chmod_common+0xe6/0x280 [ 45.878565][ T8721] ? __x64_sys_fchmodat+0x9b/0x120 [ 45.883683][ T8721] ? do_syscall_64+0x39/0x80 [ 45.888271][ T8721] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 45.894346][ T8721] ? tomoyo_profile+0x17/0x30 [ 45.899018][ T8721] ? tomoyo_profile+0x17/0x30 [ 45.903737][ T8721] kcsan_setup_watchpoint+0x4b9/0x540 [ 45.909118][ T8721] ? tomoyo_profile+0x17/0x30 [ 45.913821][ T8721] ? tomoyo_profile+0x17/0x30 [ 45.918494][ T8721] tomoyo_domain_quota_is_ok+0xd7/0x2d0 [ 45.924058][ T8721] tomoyo_supervisor+0x1f4/0xb30 [ 45.928987][ T8721] ? snprintf+0x6f/0x90 [ 45.933150][ T8721] tomoyo_path_number_perm+0x227/0x2d0 [ 45.938613][ T8721] ? filename_lookup+0x2b6/0x380 [ 45.943571][ T8721] tomoyo_path_chmod+0x23/0x30 [ 45.948333][ T8721] security_path_chmod+0x92/0xe0 [ 45.953269][ T8721] chmod_common+0xe6/0x280 [ 45.957683][ T8721] __x64_sys_fchmodat+0x9b/0x120 [ 45.962620][ T8721] do_syscall_64+0x39/0x80 [ 45.967030][ T8721] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 45.973107][ T8721] RIP: 0033:0x4b3cdb [ 45.976992][ T8721] Code: ff e9 69 ff ff ff cc cc cc cc cc cc cc cc cc e8 bb a1 f8 ff 48 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 45.996690][ T8721] RSP: 002b:000000c00ac3b888 EFLAGS: 00000212 ORIG_RAX: 000000000000010c [ 46.005114][ T8721] RAX: ffffffffffffffda RBX: 000000c00002c000 RCX: 00000000004b3cdb [ 46.013080][ T8721] RDX: 00000000000001ff RSI: 000000c00009e0f0 RDI: ffffffffffffff9c [ 46.021480][ T8721] RBP: 000000c00ac3b8e0 R08: 0000000000879f01 R09: 0000000000000001 [ 46.029537][ T8721] R10: 000000c00009e0f0 R11: 0000000000000212 R12: 0000000000000040 [ 46.037505][ T8721] R13: 0000000000000040 R14: 0000000000aff4fa R15: 0000000000000000 [ 46.046716][ T8721] Kernel Offset: disabled [ 46.051062][ T8721] Rebooting in 86400 seconds..