[ 63.552837][ T26] audit: type=1800 audit(1572973516.164:27): pid=7790 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2469 res=0 [ 63.580669][ T26] audit: type=1800 audit(1572973516.164:28): pid=7790 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2450 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 64.513769][ T26] audit: type=1800 audit(1572973517.164:29): pid=7790 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2465 res=0 [ 64.533995][ T26] audit: type=1800 audit(1572973517.164:30): pid=7790 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2456 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.1.1' (ECDSA) to the list of known hosts. 2019/11/05 17:05:26 fuzzer started 2019/11/05 17:05:28 dialing manager at 10.128.0.105:43787 2019/11/05 17:05:33 syscalls: 2553 2019/11/05 17:05:33 code coverage: enabled 2019/11/05 17:05:33 comparison tracing: enabled 2019/11/05 17:05:33 extra coverage: extra coverage is not supported by the kernel 2019/11/05 17:05:33 setuid sandbox: enabled 2019/11/05 17:05:33 namespace sandbox: enabled 2019/11/05 17:05:33 Android sandbox: /sys/fs/selinux/policy does not exist 2019/11/05 17:05:33 fault injection: enabled 2019/11/05 17:05:33 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/11/05 17:05:33 net packet injection: enabled 2019/11/05 17:05:33 net device setup: enabled 2019/11/05 17:05:33 concurrency sanitizer: enabled 2019/11/05 17:05:33 devlink PCI setup: PCI device 0000:00:10.0 is not available syzkaller login: [ 81.803903][ T7956] KCSAN: could not find function: 'poll_schedule_timeout' 2019/11/05 17:05:42 adding functions to KCSAN blacklist: 'ext4_nonda_switch' 'bio_endio' 'ext4_free_inode' 'run_timer_softirq' 'poll_schedule_timeout' 'process_srcu' 'kauditd_thread' 'p9_poll_workfn' 'timer_clear_idle' 'pipe_wait' 'blk_mq_get_request' 'taskstats_exit' '__ext4_new_inode' 'inet_putpeer' 'atime_needs_update' 'alloc_empty_file' 'list_lru_count_one' 'tick_do_update_jiffies64' 'ktime_get_real_seconds' 'wbt_done' 'yama_ptracer_del' 'task_dump_owner' 'rcu_gp_fqs_loop' 'do_exit' 'pid_update_inode' 'find_next_bit' 'generic_write_end' 'do_nanosleep' 'blk_mq_free_request' 'lruvec_lru_size' 'find_get_pages_range_tag' 'virtqueue_disable_cb' '__hrtimer_run_queues' 'osq_lock' 'pipe_poll' 'echo_char' 'tick_sched_do_timer' 'generic_permission' 'blk_mq_sched_dispatch_requests' 'xas_clear_mark' 'n_tty_receive_buf_common' 'ktime_get_seconds' 'dd_has_work' 'kvm_arch_vcpu_load' 'futex_wait_queue_me' 'tomoyo_supervisor' 'mod_timer' 'ext4_free_inodes_count' 'do_syslog' 'get_task_cred' 'fsnotify' 'ext4_has_free_clusters' 'do_readlinkat' 'eth_header_cache' 'tcp_add_backlog' 'exit_signals' 'generic_fillattr' 'audit_log_start' 'blk_mq_dispatch_rq_list' 'tick_nohz_idle_stop_tick' 'add_timer' 'vm_area_dup' 'sit_tunnel_xmit' 'ep_poll' 'rcu_gp_fqs_check_wake' 17:07:27 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r1 = dup2(r0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r2 = socket$vsock_stream(0x28, 0x1, 0x0) setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r2, 0x28, 0x1, &(0x7f0000000080), 0x8) [ 194.832751][ T7945] ================================================================== [ 194.840941][ T7945] BUG: KCSAN: data-race in tomoyo_domain_quota_is_ok / tomoyo_merge_path_acl [ 194.849691][ T7945] [ 194.852034][ T7945] write to 0xffff88811f6a45da of 2 bytes by task 7954 on cpu 0: [ 194.859669][ T7945] tomoyo_merge_path_acl+0x6c/0xa0 [ 194.864788][ T7945] tomoyo_update_domain+0x323/0x450 [ 194.869980][ T7945] tomoyo_write_file+0x34e/0x580 [ 194.874909][ T7945] tomoyo_write_domain2+0xad/0x120 [ 194.880017][ T7945] tomoyo_supervisor+0xad7/0xd20 [ 194.884948][ T7945] tomoyo_path_permission+0x121/0x160 [ 194.890316][ T7945] tomoyo_check_open_permission+0x2b9/0x320 [ 194.896210][ T7945] tomoyo_file_open+0x75/0x90 [ 194.900886][ T7945] security_file_open+0x69/0x210 [ 194.905825][ T7945] do_dentry_open+0x20a/0x8f0 [ 194.910500][ T7945] vfs_open+0x62/0x80 [ 194.914483][ T7945] path_openat+0xf73/0x36e0 [ 194.918979][ T7945] do_filp_open+0x11e/0x1b0 [ 194.923475][ T7945] do_sys_open+0x3b3/0x4f0 [ 194.927883][ T7945] __x64_sys_openat+0x62/0x80 [ 194.932571][ T7945] do_syscall_64+0xcc/0x370 [ 194.937070][ T7945] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 194.942947][ T7945] [ 194.945276][ T7945] read to 0xffff88811f6a45da of 2 bytes by task 7945 on cpu 1: [ 194.952814][ T7945] tomoyo_domain_quota_is_ok+0x29c/0x2b0 [ 194.958442][ T7945] tomoyo_supervisor+0x22b/0xd20 [ 194.963379][ T7945] tomoyo_path_number_perm+0x323/0x3c0 [ 194.968836][ T7945] tomoyo_path_mkdir+0x6e/0xa0 [ 194.973599][ T7945] security_path_mkdir+0xb8/0xf0 [ 194.978530][ T7945] do_mkdirat+0xef/0x1f0 [ 194.982764][ T7945] __x64_sys_mkdirat+0x4d/0x60 [ 194.987527][ T7945] do_syscall_64+0xcc/0x370 [ 194.992029][ T7945] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 194.997899][ T7945] [ 195.000223][ T7945] Reported by Kernel Concurrency Sanitizer on: [ 195.006373][ T7945] CPU: 1 PID: 7945 Comm: syz-fuzzer Not tainted 5.4.0-rc6+ #0 [ 195.013819][ T7945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 195.023950][ T7945] ================================================================== [ 195.031999][ T7945] Kernel panic - not syncing: panic_on_warn set ... [ 195.038585][ T7945] CPU: 1 PID: 7945 Comm: syz-fuzzer Not tainted 5.4.0-rc6+ #0 [ 195.046999][ T7945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 195.057047][ T7945] Call Trace: [ 195.060337][ T7945] dump_stack+0xf5/0x159 [ 195.064576][ T7945] panic+0x210/0x640 [ 195.068470][ T7945] ? vprintk_func+0x8d/0x140 [ 195.073058][ T7945] kcsan_report.cold+0xc/0xe [ 195.077648][ T7945] kcsan_setup_watchpoint+0x3fe/0x410 [ 195.083019][ T7945] __tsan_read2+0x145/0x1f0 [ 195.087520][ T7945] tomoyo_domain_quota_is_ok+0x29c/0x2b0 [ 195.093161][ T7945] tomoyo_supervisor+0x22b/0xd20 [ 195.098121][ T7945] tomoyo_path_number_perm+0x323/0x3c0 [ 195.103617][ T7945] tomoyo_path_mkdir+0x6e/0xa0 [ 195.108386][ T7945] security_path_mkdir+0xb8/0xf0 [ 195.113324][ T7945] do_mkdirat+0xef/0x1f0 [ 195.117568][ T7945] __x64_sys_mkdirat+0x4d/0x60 [ 195.122332][ T7945] do_syscall_64+0xcc/0x370 [ 195.126838][ T7945] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 195.132720][ T7945] RIP: 0033:0x47c530 [ 195.136619][ T7945] Code: 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 49 c7 c2 00 00 00 00 49 c7 c0 00 00 00 00 49 c7 c1 00 00 00 00 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 195.156227][ T7945] RSP: 002b:000000c42004b990 EFLAGS: 00000206 ORIG_RAX: 0000000000000102 [ 195.164634][ T7945] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000047c530 [ 195.172695][ T7945] RDX: 00000000000001c0 RSI: 000000c42c0ca0c0 RDI: ffffffffffffff9c [ 195.180660][ T7945] RBP: 000000c42004b9f0 R08: 0000000000000000 R09: 0000000000000000 [ 195.188638][ T7945] R10: 0000000000000000 R11: 0000000000000206 R12: ffffffffffffffff [ 195.196606][ T7945] R13: 0000000000000007 R14: 0000000000000006 R15: 0000000000000100 [ 195.205968][ T7945] Kernel Offset: disabled [ 195.210293][ T7945] Rebooting in 86400 seconds..