[ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.24' (ECDSA) to the list of known hosts. 2020/10/12 08:36:11 fuzzer started 2020/10/12 08:36:12 dialing manager at 10.128.0.105:44495 2020/10/12 08:36:13 syscalls: 3432 2020/10/12 08:36:13 code coverage: enabled 2020/10/12 08:36:13 comparison tracing: enabled 2020/10/12 08:36:13 extra coverage: enabled 2020/10/12 08:36:13 setuid sandbox: enabled 2020/10/12 08:36:13 namespace sandbox: enabled 2020/10/12 08:36:13 Android sandbox: /sys/fs/selinux/policy does not exist 2020/10/12 08:36:13 fault injection: enabled 2020/10/12 08:36:13 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/10/12 08:36:13 net packet injection: enabled 2020/10/12 08:36:13 net device setup: enabled 2020/10/12 08:36:13 concurrency sanitizer: enabled 2020/10/12 08:36:13 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/10/12 08:36:13 USB emulation: enabled 2020/10/12 08:36:13 hci packet injection: enabled 2020/10/12 08:36:13 wifi device emulation: enabled 2020/10/12 08:36:15 suppressing KCSAN reports in functions: 'ext4_free_inode' 'blk_mq_rq_ctx_init' '__xa_clear_mark' 'blk_mq_sched_dispatch_requests' '__blk_mq_sched_dispatch_requests' 'alloc_pid' '__io_cqring_fill_event' 'do_select' 'find_get_pages_range_tag' 'do_exit' 'do_nanosleep' '__delayacct_blkio_end' '__writeback_single_inode' 'blk_mq_dispatch_rq_list' 'do_sys_poll' '__ext4_new_inode' 'generic_file_buffered_read' 'xas_clear_mark' 'dd_has_work' 'wbt_done' 'xas_find_marked' 08:36:30 executing program 0: syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00') preadv(0xffffffffffffffff, &(0x7f00000023c0)=[{&(0x7f00000013c0)=""/4089, 0xff9}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') rt_sigaction(0x1f, &(0x7f0000000480)={&(0x7f0000000200)="c4a3fd091b00c4a1e75189cfe700007c0cc4c1535fa1880000008f09c09b7000f3440f1efdc401fb2dcc41766cc4c199fa8a00000000f20f1aef", 0x0, 0x0}, 0x0, 0x8, &(0x7f0000000000)) preadv(r0, &(0x7f00000017c0), 0x218, 0x0, 0x0) 08:36:31 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40060, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000d9f4655fd9f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="0200000003", 0x5, 0x800}], 0x0, &(0x7f0000000040)) 08:36:31 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20) r1 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000000)={@local, 0x0, 0x0, 0xff, 0x100000000000001}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000040)={@remote, 0x0, 0x0, 0x2, 0x1}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f00000000c0)={@mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa4ffffff]}, 0x800, 0x2}, 0x20) syzkaller login: [ 51.403359][ T8718] ================================================================== [ 51.411473][ T8718] BUG: KCSAN: data-race in tomoyo_check_path_acl / tomoyo_merge_path_acl [ 51.419867][ T8718] [ 51.422185][ T8718] write to 0xffff88812159351a of 2 bytes by task 8694 on cpu 0: [ 51.429809][ T8718] tomoyo_merge_path_acl+0x4f/0x80 [ 51.434910][ T8718] tomoyo_update_domain+0x337/0x3a0 [ 51.440103][ T8718] tomoyo_write_file+0x210/0x910 [ 51.445032][ T8718] tomoyo_supervisor+0xac5/0xb30 [ 51.449963][ T8718] tomoyo_path_perm+0x261/0x330 [ 51.454807][ T8718] tomoyo_path_truncate+0x18/0x20 [ 51.459818][ T8718] security_path_truncate+0x7f/0xd0 [ 51.465002][ T8718] do_sys_ftruncate+0x2fa/0x3e0 [ 51.469847][ T8718] __x64_sys_ftruncate+0x2f/0x40 [ 51.474770][ T8718] do_syscall_64+0x39/0x80 [ 51.479174][ T8718] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 51.485039][ T8718] [ 51.487354][ T8718] read to 0xffff88812159351a of 2 bytes by task 8718 on cpu 1: [ 51.494885][ T8718] tomoyo_check_path_acl+0x1e/0xe0 [ 51.499986][ T8718] tomoyo_check_acl+0xcc/0x220 [ 51.504736][ T8718] tomoyo_execute_permission+0xa1/0x190 [ 51.510274][ T8718] tomoyo_find_next_domain+0x213/0x10e0 [ 51.515813][ T8718] tomoyo_bprm_check_security+0x96/0xd0 [ 51.521357][ T8718] security_bprm_check+0x3f/0x90 [ 51.526276][ T8718] exec_binprm+0x143/0x760 [ 51.530679][ T8718] bprm_execve+0x42d/0x610 [ 51.535082][ T8718] do_execveat_common+0x605/0x6d0 [ 51.540090][ T8718] __x64_sys_execve+0x56/0x70 [ 51.544751][ T8718] do_syscall_64+0x39/0x80 [ 51.549151][ T8718] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 51.555020][ T8718] [ 51.557333][ T8718] Reported by Kernel Concurrency Sanitizer on: [ 51.563471][ T8718] CPU: 1 PID: 8718 Comm: syz-fuzzer Not tainted 5.9.0-syzkaller #0 [ 51.571340][ T8718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 51.581378][ T8718] ================================================================== [ 51.589421][ T8718] Kernel panic - not syncing: panic_on_warn set ... [ 51.596009][ T8718] CPU: 1 PID: 8718 Comm: syz-fuzzer Not tainted 5.9.0-syzkaller #0 [ 51.603878][ T8718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 51.613934][ T8718] Call Trace: [ 51.617215][ T8718] dump_stack+0x10f/0x19d [ 51.621532][ T8718] panic+0x207/0x64a [ 51.625415][ T8718] ? vprintk_emit+0x44a/0x4f0 [ 51.630083][ T8718] kcsan_report+0x684/0x690 [ 51.634578][ T8718] ? kcsan_setup_watchpoint+0x41e/0x4a0 [ 51.640113][ T8718] ? tomoyo_check_path_acl+0x1e/0xe0 [ 51.645389][ T8718] ? tomoyo_check_acl+0xcc/0x220 [ 51.650315][ T8718] ? tomoyo_execute_permission+0xa1/0x190 [ 51.656020][ T8718] ? tomoyo_find_next_domain+0x213/0x10e0 [ 51.661728][ T8718] ? tomoyo_bprm_check_security+0x96/0xd0 [ 51.667436][ T8718] ? security_bprm_check+0x3f/0x90 [ 51.672533][ T8718] ? exec_binprm+0x143/0x760 [ 51.677106][ T8718] ? bprm_execve+0x42d/0x610 [ 51.681683][ T8718] ? do_execveat_common+0x605/0x6d0 [ 51.686864][ T8718] ? __x64_sys_execve+0x56/0x70 [ 51.691698][ T8718] ? do_syscall_64+0x39/0x80 [ 51.696272][ T8718] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 51.702342][ T8718] ? tomoyo_path_matches_pattern+0xf9/0x120 [ 51.708245][ T8718] ? tomoyo_path_matches_pattern+0xf9/0x120 [ 51.714144][ T8718] kcsan_setup_watchpoint+0x41e/0x4a0 [ 51.719504][ T8718] ? tomoyo_path_matches_pattern+0xf9/0x120 [ 51.725391][ T8718] tomoyo_check_path_acl+0x1e/0xe0 [ 51.730496][ T8718] tomoyo_check_acl+0xcc/0x220 [ 51.735245][ T8718] ? tomoyo_execute_permission+0x190/0x190 [ 51.741049][ T8718] tomoyo_execute_permission+0xa1/0x190 [ 51.746608][ T8718] tomoyo_find_next_domain+0x213/0x10e0 [ 51.752151][ T8718] tomoyo_bprm_check_security+0x96/0xd0 [ 51.757687][ T8718] security_bprm_check+0x3f/0x90 [ 51.762609][ T8718] exec_binprm+0x143/0x760 [ 51.767030][ T8718] bprm_execve+0x42d/0x610 [ 51.771435][ T8718] do_execveat_common+0x605/0x6d0 [ 51.776448][ T8718] __x64_sys_execve+0x56/0x70 [ 51.781114][ T8718] do_syscall_64+0x39/0x80 [ 51.785516][ T8718] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 51.791388][ T8718] RIP: 0033:0x4b3da6 [ 51.795304][ T8718] Code: 48 c7 44 24 50 00 00 00 00 e8 d6 a4 f8 ff c3 cc cc cc cc cc 48 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 1b 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 51.814896][ T8718] RSP: 002b:000000c00014f380 EFLAGS: 00000202 ORIG_RAX: 000000000000003b [ 51.823298][ T8718] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000004b3da6 [ 51.831255][ T8718] RDX: 000000c003cc52d0 RSI: 000000c0056d4240 RDI: 000000c005290580 [ 51.839218][ T8718] RBP: 000000c00014f520 R08: 0000000000000018 R09: 0000000000000000 [ 51.847174][ T8718] R10: 0000000000000000 R11: 0000000000000202 R12: 00000000004ab5d7 [ 51.855130][ T8718] R13: 000000000000000b R14: 000000000000000a R15: 00000000000000aa [ 51.863724][ T8718] Kernel Offset: disabled [ 51.868029][ T8718] Rebooting in 86400 seconds..