[ OK ] Started OpenBSD Secure Shell server. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.16' (ECDSA) to the list of known hosts. 2021/09/12 13:12:07 fuzzer started 2021/09/12 13:12:07 dialing manager at 10.128.0.163:42993 2021/09/12 13:12:08 syscalls: 1977 2021/09/12 13:12:08 code coverage: enabled 2021/09/12 13:12:08 comparison tracing: enabled 2021/09/12 13:12:08 extra coverage: enabled 2021/09/12 13:12:08 setuid sandbox: enabled 2021/09/12 13:12:08 namespace sandbox: enabled 2021/09/12 13:12:08 Android sandbox: enabled 2021/09/12 13:12:08 fault injection: enabled 2021/09/12 13:12:08 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2021/09/12 13:12:08 net packet injection: /dev/net/tun does not exist 2021/09/12 13:12:08 net device setup: enabled 2021/09/12 13:12:08 concurrency sanitizer: enabled 2021/09/12 13:12:08 devlink PCI setup: PCI device 0000:00:10.0 is not available 2021/09/12 13:12:08 USB emulation: /dev/raw-gadget does not exist 2021/09/12 13:12:08 hci packet injection: /dev/vhci does not exist 2021/09/12 13:12:08 wifi device emulation: /sys/class/mac80211_hwsim/ does not exist 2021/09/12 13:12:08 802.15.4 emulation: /sys/bus/platform/devices/mac802154_hwsim does not exist 2021/09/12 13:12:08 suppressing KCSAN reports in functions: 'next_uptodate_page' 'exit_mm' 'tick_nohz_next_event' 'audit_log_start' 'ext4_free_inodes_count' 'dd_has_work' 'do_notify_parent_cldstop' 'generic_write_end' 'io_wqe_enqueue' 'blk_mq_sched_dispatch_requests' 'do_sys_poll' 'tick_sched_timer' 'blk_mq_dispatch_rq_list' '__xa_clear_mark' 'xas_clear_mark' 2021/09/12 13:12:08 fetching corpus: 0, signal 0/2000 (executing program) 2021/09/12 13:12:08 fetching corpus: 50, signal 12585/16368 (executing program) 2021/09/12 13:12:08 fetching corpus: 100, signal 22905/28287 (executing program) 2021/09/12 13:12:08 fetching corpus: 150, signal 29456/36363 (executing program) 2021/09/12 13:12:08 fetching corpus: 200, signal 36250/44584 (executing program) 2021/09/12 13:12:08 fetching corpus: 250, signal 40935/50685 (executing program) 2021/09/12 13:12:09 fetching corpus: 300, signal 45234/56328 (executing program) 2021/09/12 13:12:09 fetching corpus: 350, signal 47742/60241 (executing program) 2021/09/12 13:12:09 fetching corpus: 400, signal 50476/64279 (executing program) 2021/09/12 13:12:09 fetching corpus: 450, signal 54285/69309 (executing program) 2021/09/12 13:12:09 fetching corpus: 500, signal 56371/72664 (executing program) 2021/09/12 13:12:09 fetching corpus: 550, signal 59538/76879 (executing program) 2021/09/12 13:12:09 fetching corpus: 600, signal 61053/79634 (executing program) 2021/09/12 13:12:09 fetching corpus: 650, signal 62929/82679 (executing program) 2021/09/12 13:12:09 fetching corpus: 700, signal 64818/85732 (executing program) 2021/09/12 13:12:09 fetching corpus: 750, signal 66158/88234 (executing program) 2021/09/12 13:12:09 fetching corpus: 800, signal 68212/91385 (executing program) 2021/09/12 13:12:09 fetching corpus: 850, signal 69990/94251 (executing program) 2021/09/12 13:12:09 fetching corpus: 900, signal 72325/97493 (executing program) 2021/09/12 13:12:09 fetching corpus: 950, signal 74592/100626 (executing program) 2021/09/12 13:12:09 fetching corpus: 1000, signal 76445/103458 (executing program) 2021/09/12 13:12:09 fetching corpus: 1050, signal 77747/105713 (executing program) 2021/09/12 13:12:09 fetching corpus: 1100, signal 79962/108727 (executing program) 2021/09/12 13:12:09 fetching corpus: 1150, signal 81644/111253 (executing program) 2021/09/12 13:12:09 fetching corpus: 1200, signal 83177/113658 (executing program) 2021/09/12 13:12:09 fetching corpus: 1250, signal 84615/115940 (executing program) 2021/09/12 13:12:09 fetching corpus: 1300, signal 86252/118366 (executing program) 2021/09/12 13:12:09 fetching corpus: 1350, signal 87730/120624 (executing program) 2021/09/12 13:12:09 fetching corpus: 1400, signal 88920/122696 (executing program) 2021/09/12 13:12:09 fetching corpus: 1450, signal 90112/124685 (executing program) 2021/09/12 13:12:09 fetching corpus: 1500, signal 91126/126530 (executing program) 2021/09/12 13:12:09 fetching corpus: 1550, signal 92700/128809 (executing program) 2021/09/12 13:12:09 fetching corpus: 1600, signal 94131/130882 (executing program) 2021/09/12 13:12:09 fetching corpus: 1650, signal 95483/132924 (executing program) 2021/09/12 13:12:09 fetching corpus: 1700, signal 96772/134880 (executing program) 2021/09/12 13:12:10 fetching corpus: 1750, signal 98225/136943 (executing program) 2021/09/12 13:12:10 fetching corpus: 1800, signal 98750/138369 (executing program) 2021/09/12 13:12:10 fetching corpus: 1850, signal 99979/140243 (executing program) 2021/09/12 13:12:10 fetching corpus: 1900, signal 100956/141888 (executing program) 2021/09/12 13:12:10 fetching corpus: 1950, signal 101956/143556 (executing program) 2021/09/12 13:12:10 fetching corpus: 2000, signal 102687/145069 (executing program) 2021/09/12 13:12:10 fetching corpus: 2050, signal 104659/147273 (executing program) 2021/09/12 13:12:10 fetching corpus: 2099, signal 105851/149016 (executing program) 2021/09/12 13:12:10 fetching corpus: 2149, signal 106971/150691 (executing program) 2021/09/12 13:12:10 fetching corpus: 2199, signal 107590/152052 (executing program) 2021/09/12 13:12:10 fetching corpus: 2249, signal 108481/153501 (executing program) 2021/09/12 13:12:10 fetching corpus: 2298, signal 109295/154936 (executing program) 2021/09/12 13:12:10 fetching corpus: 2348, signal 109952/156276 (executing program) 2021/09/12 13:12:10 fetching corpus: 2398, signal 111514/158061 (executing program) 2021/09/12 13:12:10 fetching corpus: 2448, signal 112482/159492 (executing program) 2021/09/12 13:12:10 fetching corpus: 2498, signal 113729/161128 (executing program) 2021/09/12 13:12:10 fetching corpus: 2547, signal 114781/162611 (executing program) 2021/09/12 13:12:10 fetching corpus: 2597, signal 115412/163887 (executing program) 2021/09/12 13:12:10 fetching corpus: 2647, signal 116331/165247 (executing program) 2021/09/12 13:12:10 fetching corpus: 2697, signal 118171/167022 (executing program) 2021/09/12 13:12:10 fetching corpus: 2747, signal 118770/168164 (executing program) 2021/09/12 13:12:10 fetching corpus: 2797, signal 119324/169321 (executing program) 2021/09/12 13:12:10 fetching corpus: 2847, signal 120488/170726 (executing program) 2021/09/12 13:12:10 fetching corpus: 2897, signal 121331/172000 (executing program) 2021/09/12 13:12:10 fetching corpus: 2947, signal 122295/173243 (executing program) 2021/09/12 13:12:10 fetching corpus: 2997, signal 122777/174305 (executing program) 2021/09/12 13:12:10 fetching corpus: 3047, signal 123482/175387 (executing program) 2021/09/12 13:12:10 fetching corpus: 3097, signal 124300/176598 (executing program) 2021/09/12 13:12:10 fetching corpus: 3147, signal 125159/177802 (executing program) 2021/09/12 13:12:11 fetching corpus: 3196, signal 125841/178876 (executing program) 2021/09/12 13:12:11 fetching corpus: 3246, signal 126598/179966 (executing program) 2021/09/12 13:12:11 fetching corpus: 3296, signal 127765/181180 (executing program) 2021/09/12 13:12:11 fetching corpus: 3346, signal 128664/182286 (executing program) 2021/09/12 13:12:11 fetching corpus: 3396, signal 129568/183440 (executing program) 2021/09/12 13:12:11 fetching corpus: 3446, signal 130580/184533 (executing program) 2021/09/12 13:12:11 fetching corpus: 3496, signal 131413/185632 (executing program) 2021/09/12 13:12:11 fetching corpus: 3546, signal 132316/186709 (executing program) 2021/09/12 13:12:11 fetching corpus: 3596, signal 132804/187610 (executing program) 2021/09/12 13:12:11 fetching corpus: 3646, signal 133166/188448 (executing program) 2021/09/12 13:12:11 fetching corpus: 3696, signal 133662/189344 (executing program) 2021/09/12 13:12:11 fetching corpus: 3746, signal 135297/190587 (executing program) 2021/09/12 13:12:11 fetching corpus: 3796, signal 136081/191526 (executing program) 2021/09/12 13:12:11 fetching corpus: 3846, signal 136707/192393 (executing program) 2021/09/12 13:12:11 fetching corpus: 3896, signal 138648/193585 (executing program) 2021/09/12 13:12:11 fetching corpus: 3946, signal 139743/194529 (executing program) 2021/09/12 13:12:11 fetching corpus: 3996, signal 140232/195337 (executing program) 2021/09/12 13:12:11 fetching corpus: 4046, signal 140886/196111 (executing program) 2021/09/12 13:12:11 fetching corpus: 4096, signal 141530/196915 (executing program) 2021/09/12 13:12:11 fetching corpus: 4146, signal 142569/197740 (executing program) 2021/09/12 13:12:11 fetching corpus: 4196, signal 143317/198545 (executing program) 2021/09/12 13:12:11 fetching corpus: 4246, signal 143931/199313 (executing program) 2021/09/12 13:12:11 fetching corpus: 4295, signal 144382/200052 (executing program) 2021/09/12 13:12:11 fetching corpus: 4345, signal 145172/200831 (executing program) 2021/09/12 13:12:11 fetching corpus: 4395, signal 145928/201614 (executing program) 2021/09/12 13:12:11 fetching corpus: 4445, signal 146501/202317 (executing program) 2021/09/12 13:12:11 fetching corpus: 4495, signal 147351/203039 (executing program) 2021/09/12 13:12:11 fetching corpus: 4545, signal 147962/203744 (executing program) 2021/09/12 13:12:12 fetching corpus: 4595, signal 148633/204418 (executing program) 2021/09/12 13:12:12 fetching corpus: 4645, signal 149002/205078 (executing program) 2021/09/12 13:12:12 fetching corpus: 4695, signal 149699/205767 (executing program) 2021/09/12 13:12:12 fetching corpus: 4745, signal 150468/206439 (executing program) 2021/09/12 13:12:12 fetching corpus: 4795, signal 150949/207044 (executing program) 2021/09/12 13:12:12 fetching corpus: 4845, signal 151374/207646 (executing program) 2021/09/12 13:12:12 fetching corpus: 4895, signal 152034/208256 (executing program) 2021/09/12 13:12:12 fetching corpus: 4945, signal 152863/208831 (executing program) 2021/09/12 13:12:12 fetching corpus: 4995, signal 153187/209426 (executing program) 2021/09/12 13:12:12 fetching corpus: 5045, signal 153533/210001 (executing program) 2021/09/12 13:12:12 fetching corpus: 5095, signal 154219/210609 (executing program) 2021/09/12 13:12:12 fetching corpus: 5145, signal 154928/211184 (executing program) 2021/09/12 13:12:12 fetching corpus: 5195, signal 155475/211772 (executing program) 2021/09/12 13:12:12 fetching corpus: 5245, signal 155952/212308 (executing program) 2021/09/12 13:12:12 fetching corpus: 5295, signal 156302/212413 (executing program) 2021/09/12 13:12:12 fetching corpus: 5345, signal 156586/212413 (executing program) 2021/09/12 13:12:12 fetching corpus: 5395, signal 157696/212413 (executing program) 2021/09/12 13:12:12 fetching corpus: 5445, signal 158110/212413 (executing program) 2021/09/12 13:12:12 fetching corpus: 5495, signal 158570/212413 (executing program) 2021/09/12 13:12:12 fetching corpus: 5545, signal 159149/212413 (executing program) 2021/09/12 13:12:12 fetching corpus: 5595, signal 159582/212413 (executing program) 2021/09/12 13:12:12 fetching corpus: 5645, signal 160004/212413 (executing program) 2021/09/12 13:12:12 fetching corpus: 5695, signal 160601/212413 (executing program) 2021/09/12 13:12:12 fetching corpus: 5745, signal 161018/212413 (executing program) 2021/09/12 13:12:12 fetching corpus: 5795, signal 161459/212413 (executing program) 2021/09/12 13:12:12 fetching corpus: 5845, signal 161843/212413 (executing program) 2021/09/12 13:12:12 fetching corpus: 5895, signal 162352/212413 (executing program) 2021/09/12 13:12:12 fetching corpus: 5945, signal 162877/212413 (executing program) 2021/09/12 13:12:12 fetching corpus: 5995, signal 163705/212413 (executing program) 2021/09/12 13:12:12 fetching corpus: 6045, signal 164028/212413 (executing program) 2021/09/12 13:12:12 fetching corpus: 6095, signal 164385/212413 (executing program) 2021/09/12 13:12:13 fetching corpus: 6144, signal 164935/212415 (executing program) 2021/09/12 13:12:13 fetching corpus: 6194, signal 165518/212427 (executing program) 2021/09/12 13:12:13 fetching corpus: 6244, signal 165985/212427 (executing program) 2021/09/12 13:12:13 fetching corpus: 6294, signal 166498/212427 (executing program) 2021/09/12 13:12:13 fetching corpus: 6344, signal 166868/212435 (executing program) 2021/09/12 13:12:13 fetching corpus: 6394, signal 167224/212435 (executing program) 2021/09/12 13:12:13 fetching corpus: 6443, signal 167632/212435 (executing program) 2021/09/12 13:12:13 fetching corpus: 6493, signal 168282/212435 (executing program) 2021/09/12 13:12:13 fetching corpus: 6543, signal 168745/212437 (executing program) 2021/09/12 13:12:13 fetching corpus: 6593, signal 169242/212437 (executing program) 2021/09/12 13:12:13 fetching corpus: 6643, signal 169584/212437 (executing program) 2021/09/12 13:12:13 fetching corpus: 6692, signal 170342/212437 (executing program) 2021/09/12 13:12:13 fetching corpus: 6742, signal 170715/212437 (executing program) 2021/09/12 13:12:13 fetching corpus: 6792, signal 171042/212437 (executing program) 2021/09/12 13:12:13 fetching corpus: 6842, signal 171376/212437 (executing program) 2021/09/12 13:12:13 fetching corpus: 6892, signal 171876/212437 (executing program) 2021/09/12 13:12:13 fetching corpus: 6942, signal 172305/212437 (executing program) 2021/09/12 13:12:13 fetching corpus: 6992, signal 172635/212437 (executing program) 2021/09/12 13:12:13 fetching corpus: 7042, signal 173037/212437 (executing program) 2021/09/12 13:12:13 fetching corpus: 7092, signal 173348/212437 (executing program) 2021/09/12 13:12:13 fetching corpus: 7142, signal 174160/212437 (executing program) 2021/09/12 13:12:13 fetching corpus: 7192, signal 174496/212437 (executing program) 2021/09/12 13:12:13 fetching corpus: 7242, signal 174778/212437 (executing program) 2021/09/12 13:12:13 fetching corpus: 7292, signal 175306/212437 (executing program) 2021/09/12 13:12:13 fetching corpus: 7342, signal 175986/212437 (executing program) 2021/09/12 13:12:13 fetching corpus: 7392, signal 176447/212437 (executing program) 2021/09/12 13:12:13 fetching corpus: 7442, signal 176886/212437 (executing program) 2021/09/12 13:12:13 fetching corpus: 7492, signal 177378/212437 (executing program) 2021/09/12 13:12:13 fetching corpus: 7542, signal 178041/212437 (executing program) 2021/09/12 13:12:13 fetching corpus: 7592, signal 178654/212438 (executing program) 2021/09/12 13:12:13 fetching corpus: 7642, signal 179013/212438 (executing program) 2021/09/12 13:12:13 fetching corpus: 7692, signal 179394/212438 (executing program) 2021/09/12 13:12:13 fetching corpus: 7742, signal 179718/212438 (executing program) 2021/09/12 13:12:14 fetching corpus: 7792, signal 180063/212438 (executing program) 2021/09/12 13:12:14 fetching corpus: 7842, signal 180290/212438 (executing program) 2021/09/12 13:12:14 fetching corpus: 7892, signal 180985/212438 (executing program) 2021/09/12 13:12:14 fetching corpus: 7942, signal 181295/212438 (executing program) 2021/09/12 13:12:14 fetching corpus: 7992, signal 181691/212438 (executing program) 2021/09/12 13:12:14 fetching corpus: 8042, signal 182251/212438 (executing program) 2021/09/12 13:12:14 fetching corpus: 8092, signal 182531/212438 (executing program) 2021/09/12 13:12:14 fetching corpus: 8142, signal 182762/212438 (executing program) 2021/09/12 13:12:14 fetching corpus: 8192, signal 183133/212438 (executing program) 2021/09/12 13:12:14 fetching corpus: 8242, signal 183660/212438 (executing program) 2021/09/12 13:12:14 fetching corpus: 8292, signal 183928/212438 (executing program) 2021/09/12 13:12:14 fetching corpus: 8342, signal 184415/212438 (executing program) 2021/09/12 13:12:14 fetching corpus: 8392, signal 184715/212438 (executing program) 2021/09/12 13:12:14 fetching corpus: 8442, signal 184999/212438 (executing program) 2021/09/12 13:12:14 fetching corpus: 8492, signal 185405/212438 (executing program) 2021/09/12 13:12:14 fetching corpus: 8542, signal 185779/212438 (executing program) 2021/09/12 13:12:14 fetching corpus: 8592, signal 186089/212438 (executing program) 2021/09/12 13:12:14 fetching corpus: 8642, signal 186369/212438 (executing program) 2021/09/12 13:12:14 fetching corpus: 8692, signal 186921/212438 (executing program) 2021/09/12 13:12:14 fetching corpus: 8742, signal 187168/212438 (executing program) 2021/09/12 13:12:14 fetching corpus: 8792, signal 187499/212438 (executing program) 2021/09/12 13:12:14 fetching corpus: 8842, signal 187770/212438 (executing program) 2021/09/12 13:12:14 fetching corpus: 8892, signal 188026/212438 (executing program) 2021/09/12 13:12:14 fetching corpus: 8942, signal 188372/212438 (executing program) 2021/09/12 13:12:14 fetching corpus: 8992, signal 188869/212438 (executing program) 2021/09/12 13:12:14 fetching corpus: 9042, signal 189082/212438 (executing program) 2021/09/12 13:12:14 fetching corpus: 9092, signal 189585/212438 (executing program) 2021/09/12 13:12:14 fetching corpus: 9142, signal 190253/212438 (executing program) 2021/09/12 13:12:14 fetching corpus: 9192, signal 190685/212438 (executing program) 2021/09/12 13:12:14 fetching corpus: 9242, signal 191192/212438 (executing program) 2021/09/12 13:12:14 fetching corpus: 9292, signal 191485/212438 (executing program) 2021/09/12 13:12:15 fetching corpus: 9342, signal 191772/212438 (executing program) 2021/09/12 13:12:15 fetching corpus: 9392, signal 192019/212438 (executing program) 2021/09/12 13:12:15 fetching corpus: 9442, signal 192365/212438 (executing program) 2021/09/12 13:12:15 fetching corpus: 9492, signal 192634/212438 (executing program) 2021/09/12 13:12:15 fetching corpus: 9542, signal 192964/212438 (executing program) 2021/09/12 13:12:15 fetching corpus: 9592, signal 194272/212438 (executing program) 2021/09/12 13:12:15 fetching corpus: 9642, signal 194634/212469 (executing program) 2021/09/12 13:12:15 fetching corpus: 9692, signal 195171/212469 (executing program) 2021/09/12 13:12:15 fetching corpus: 9742, signal 195533/212469 (executing program) 2021/09/12 13:12:15 fetching corpus: 9792, signal 195800/212469 (executing program) 2021/09/12 13:12:15 fetching corpus: 9842, signal 196025/212483 (executing program) 2021/09/12 13:12:15 fetching corpus: 9892, signal 196382/212483 (executing program) 2021/09/12 13:12:15 fetching corpus: 9942, signal 196830/212483 (executing program) 2021/09/12 13:12:15 fetching corpus: 9992, signal 197155/212483 (executing program) 2021/09/12 13:12:15 fetching corpus: 10042, signal 197405/212483 (executing program) 2021/09/12 13:12:15 fetching corpus: 10092, signal 197626/212484 (executing program) 2021/09/12 13:12:15 fetching corpus: 10142, signal 198251/212484 (executing program) 2021/09/12 13:12:15 fetching corpus: 10192, signal 198569/212484 (executing program) 2021/09/12 13:12:15 fetching corpus: 10242, signal 198914/212484 (executing program) 2021/09/12 13:12:15 fetching corpus: 10292, signal 199246/212484 (executing program) 2021/09/12 13:12:15 fetching corpus: 10342, signal 199617/212484 (executing program) 2021/09/12 13:12:15 fetching corpus: 10392, signal 200002/212484 (executing program) 2021/09/12 13:12:15 fetching corpus: 10442, signal 200371/212484 (executing program) 2021/09/12 13:12:15 fetching corpus: 10492, signal 200579/212484 (executing program) 2021/09/12 13:12:15 fetching corpus: 10542, signal 201026/212485 (executing program) 2021/09/12 13:12:15 fetching corpus: 10592, signal 201321/212485 (executing program) 2021/09/12 13:12:15 fetching corpus: 10642, signal 201587/212485 (executing program) 2021/09/12 13:12:15 fetching corpus: 10692, signal 201827/212485 (executing program) 2021/09/12 13:12:15 fetching corpus: 10742, signal 202181/212485 (executing program) 2021/09/12 13:12:15 fetching corpus: 10791, signal 202384/212485 (executing program) 2021/09/12 13:12:15 fetching corpus: 10841, signal 202625/212485 (executing program) 2021/09/12 13:12:15 fetching corpus: 10891, signal 202903/212485 (executing program) 2021/09/12 13:12:16 fetching corpus: 10941, signal 203328/212485 (executing program) 2021/09/12 13:12:16 fetching corpus: 10991, signal 203787/212485 (executing program) 2021/09/12 13:12:16 fetching corpus: 11041, signal 204082/212485 (executing program) 2021/09/12 13:12:16 fetching corpus: 11091, signal 204680/212485 (executing program) 2021/09/12 13:12:16 fetching corpus: 11141, signal 204966/212487 (executing program) 2021/09/12 13:12:16 fetching corpus: 11191, signal 205220/212487 (executing program) 2021/09/12 13:12:16 fetching corpus: 11241, signal 205637/212510 (executing program) 2021/09/12 13:12:16 fetching corpus: 11291, signal 205877/212510 (executing program) 2021/09/12 13:12:16 fetching corpus: 11341, signal 206118/212510 (executing program) 2021/09/12 13:12:16 fetching corpus: 11391, signal 206264/212510 (executing program) 2021/09/12 13:12:16 fetching corpus: 11441, signal 206480/212510 (executing program) 2021/09/12 13:12:16 fetching corpus: 11491, signal 206684/212510 (executing program) 2021/09/12 13:12:16 fetching corpus: 11541, signal 206907/212510 (executing program) 2021/09/12 13:12:16 fetching corpus: 11591, signal 207230/212510 (executing program) 2021/09/12 13:12:16 fetching corpus: 11641, signal 207631/212510 (executing program) 2021/09/12 13:12:16 fetching corpus: 11691, signal 207892/212510 (executing program) 2021/09/12 13:12:16 fetching corpus: 11741, signal 208160/212514 (executing program) 2021/09/12 13:12:16 fetching corpus: 11791, signal 208454/212514 (executing program) 2021/09/12 13:12:16 fetching corpus: 11841, signal 208884/212514 (executing program) 2021/09/12 13:12:16 fetching corpus: 11891, signal 209275/212514 (executing program) 2021/09/12 13:12:16 fetching corpus: 11941, signal 209682/212516 (executing program) 2021/09/12 13:12:16 fetching corpus: 11991, signal 210059/212516 (executing program) 2021/09/12 13:12:16 fetching corpus: 12041, signal 210306/212516 (executing program) 2021/09/12 13:12:16 fetching corpus: 12091, signal 210549/212516 (executing program) 2021/09/12 13:12:16 fetching corpus: 12100, signal 210621/212516 (executing program) 2021/09/12 13:12:16 fetching corpus: 12100, signal 210621/212516 (executing program) 2021/09/12 13:12:18 starting 6 fuzzer processes 13:12:18 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clock_adjtime(0x0, &(0x7f0000000000)={0x7}) 13:12:18 executing program 1: r0 = syz_io_uring_setup(0x2c6f, &(0x7f0000000cc0), &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000900), &(0x7f0000000940)) r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/attr/exec\x00', 0x2, 0x0) io_uring_register$IORING_REGISTER_FILES(r0, 0x13, &(0x7f00000000c0)=[r1, 0xffffffffffffffff], 0x2) 13:12:18 executing program 5: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x74, &(0x7f0000000140)="8de208f1679d9126a25750cb070000006083f3cf09690f0800000076751e3811ac9d0ddb00000000000027b236630a670057a74244a96187389fa2273b94ba06b9e4e3af9c6ff81d781d007fbe72f2f98608448dad202100dfe301745d4dc463ce5e06d54359b83bd82797e48adf8259a4270ef0"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x2d) tkill(r0, 0x38) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x18, r0, 0x0, 0x0) r1 = gettid() r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) tkill(r1, 0x3a) 13:12:18 executing program 2: unshare(0x400) r0 = memfd_create(&(0x7f00000003c0)='\xff\x00l\x1e\xa00x0}) clock_nanosleep(0x8, 0x0, &(0x7f00000000c0)={0x0, r4+10000000}, &(0x7f0000001780)) rmdir(&(0x7f0000000080)='./control\x00') mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syzkaller login: [ 38.067220][ T22] audit: type=1400 audit(1631452338.336:8): avc: denied { execmem } for pid=1102 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 38.146156][ T1108] cgroup: Unknown subsys name 'perf_event' [ 38.153306][ T1109] cgroup: Unknown subsys name 'perf_event' [ 38.159253][ T1109] cgroup: Unknown subsys name 'net_cls' [ 38.165325][ T1108] cgroup: Unknown subsys name 'net_cls' [ 38.208244][ T1112] cgroup: Unknown subsys name 'perf_event' [ 38.215720][ T1115] cgroup: Unknown subsys name 'perf_event' [ 38.220851][ T1112] cgroup: Unknown subsys name 'net_cls' [ 38.221705][ T1115] cgroup: Unknown subsys name 'net_cls' [ 38.233239][ T1116] cgroup: Unknown subsys name 'perf_event' [ 38.239640][ T1118] cgroup: Unknown subsys name 'perf_event' [ 38.245778][ T1116] cgroup: Unknown subsys name 'net_cls' [ 38.253480][ T1118] cgroup: Unknown subsys name 'net_cls' 13:12:22 executing program 5: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x74, &(0x7f0000000140)="8de208f1679d9126a25750cb070000006083f3cf09690f0800000076751e3811ac9d0ddb00000000000027b236630a670057a74244a96187389fa2273b94ba06b9e4e3af9c6ff81d781d007fbe72f2f98608448dad202100dfe301745d4dc463ce5e06d54359b83bd82797e48adf8259a4270ef0"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x2d) tkill(r0, 0x38) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x18, r0, 0x0, 0x0) r1 = gettid() r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) tkill(r1, 0x3a) 13:12:22 executing program 2: unshare(0x400) r0 = memfd_create(&(0x7f00000003c0)='\xff\x00l\x1e\xa00x0}) clock_nanosleep(0x8, 0x0, &(0x7f00000000c0)={0x0, r4+10000000}, &(0x7f0000001780)) rmdir(&(0x7f0000000080)='./control\x00') mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) 13:12:23 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clock_adjtime(0x0, &(0x7f0000000000)={0x7}) 13:12:23 executing program 1: r0 = syz_io_uring_setup(0x2c6f, &(0x7f0000000cc0), &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000900), &(0x7f0000000940)) r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/attr/exec\x00', 0x2, 0x0) io_uring_register$IORING_REGISTER_FILES(r0, 0x13, &(0x7f00000000c0)=[r1, 0xffffffffffffffff], 0x2) 13:12:23 executing program 2: r0 = openat(0xffffffffffffffff, &(0x7f0000000100)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = socket$inet(0x2, 0x3, 0x5) ioctl$sock_ifreq(r1, 0x8948, &(0x7f0000000040)={'ipvlan0\x00', @ifru_map}) 13:12:23 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendmmsg$inet(r0, &(0x7f0000008cc0)=[{{&(0x7f0000000cc0)={0x2, 0x0, @remote}, 0x10, &(0x7f0000001dc0)=[{&(0x7f0000000d00)="081a", 0x2}], 0x1}}, {{&(0x7f0000001e40)={0x2, 0x0, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000000040)=[@ip_retopts={{0x17, 0x0, 0x7, {[@ssrr={0x89, 0x0, 0x0, [@dev, @dev]}, @end, @timestamp_addr={0x44, 0x4}]}}}], 0x18}}], 0x2, 0x0) 13:12:23 executing program 5: r0 = socket(0x11, 0x3, 0x0) getsockopt$inet6_mtu(0xffffffffffffffff, 0x29, 0x17, &(0x7f0000000080), &(0x7f0000000180)=0x4) sendmsg(r0, &(0x7f0000000280)={&(0x7f00000000c0)=@hci={0x1f, 0x6488, 0x2}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000140)="f254294737bb0057", 0x68}], 0x1}, 0x0) 13:12:23 executing program 1: r0 = syz_io_uring_setup(0x2c6f, &(0x7f0000000cc0), &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000900), &(0x7f0000000940)) r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/attr/exec\x00', 0x2, 0x0) io_uring_register$IORING_REGISTER_FILES(r0, 0x13, &(0x7f00000000c0)=[r1, 0xffffffffffffffff], 0x2) 13:12:23 executing program 2: r0 = openat(0xffffffffffffffff, &(0x7f0000000100)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = socket$inet(0x2, 0x3, 0x5) ioctl$sock_ifreq(r1, 0x8948, &(0x7f0000000040)={'ipvlan0\x00', @ifru_map}) 13:12:23 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendmmsg$inet(r0, &(0x7f0000008cc0)=[{{&(0x7f0000000cc0)={0x2, 0x0, @remote}, 0x10, &(0x7f0000001dc0)=[{&(0x7f0000000d00)="081a", 0x2}], 0x1}}, {{&(0x7f0000001e40)={0x2, 0x0, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000000040)=[@ip_retopts={{0x17, 0x0, 0x7, {[@ssrr={0x89, 0x0, 0x0, [@dev, @dev]}, @end, @timestamp_addr={0x44, 0x4}]}}}], 0x18}}], 0x2, 0x0) 13:12:23 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r1 = signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8) mkdir(&(0x7f0000000140)='./control\x00', 0x0) close(r1) r2 = inotify_init1(0x0) fcntl$setstatus(r1, 0x4, 0x2c00) r3 = gettid() fcntl$setown(r1, 0x8, r3) rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8) rt_sigtimedwait(&(0x7f00000002c0)={[0xfffffffffffffff6]}, 0x0, 0x0, 0x8) inotify_add_watch(r2, &(0x7f0000000040)='./control\x00', 0xa0000000) clock_gettime(0x0, &(0x7f00000003c0)={0x0, 0x0}) clock_nanosleep(0x8, 0x0, &(0x7f00000000c0)={0x0, r4+10000000}, &(0x7f0000001780)) rmdir(&(0x7f0000000080)='./control\x00') mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) 13:12:23 executing program 5: r0 = socket(0x11, 0x3, 0x0) getsockopt$inet6_mtu(0xffffffffffffffff, 0x29, 0x17, &(0x7f0000000080), &(0x7f0000000180)=0x4) sendmsg(r0, &(0x7f0000000280)={&(0x7f00000000c0)=@hci={0x1f, 0x6488, 0x2}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000140)="f254294737bb0057", 0x68}], 0x1}, 0x0) 13:12:23 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r1 = signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8) mkdir(&(0x7f0000000140)='./control\x00', 0x0) close(r1) r2 = inotify_init1(0x0) fcntl$setstatus(r1, 0x4, 0x2c00) r3 = gettid() fcntl$setown(r1, 0x8, r3) rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8) rt_sigtimedwait(&(0x7f00000002c0)={[0xfffffffffffffff6]}, 0x0, 0x0, 0x8) inotify_add_watch(r2, &(0x7f0000000040)='./control\x00', 0xa0000000) clock_gettime(0x0, &(0x7f00000003c0)={0x0, 0x0}) clock_nanosleep(0x8, 0x0, &(0x7f00000000c0)={0x0, r4+10000000}, &(0x7f0000001780)) rmdir(&(0x7f0000000080)='./control\x00') mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) 13:12:24 executing program 2: r0 = openat(0xffffffffffffffff, &(0x7f0000000100)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = socket$inet(0x2, 0x3, 0x5) ioctl$sock_ifreq(r1, 0x8948, &(0x7f0000000040)={'ipvlan0\x00', @ifru_map}) 13:12:24 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r1 = signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8) mkdir(&(0x7f0000000140)='./control\x00', 0x0) close(r1) r2 = inotify_init1(0x0) fcntl$setstatus(r1, 0x4, 0x2c00) r3 = gettid() fcntl$setown(r1, 0x8, r3) rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8) rt_sigtimedwait(&(0x7f00000002c0)={[0xfffffffffffffff6]}, 0x0, 0x0, 0x8) inotify_add_watch(r2, &(0x7f0000000040)='./control\x00', 0xa0000000) clock_gettime(0x0, &(0x7f00000003c0)={0x0, 0x0}) clock_nanosleep(0x8, 0x0, &(0x7f00000000c0)={0x0, r4+10000000}, &(0x7f0000001780)) rmdir(&(0x7f0000000080)='./control\x00') mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) 13:12:24 executing program 5: r0 = socket(0x11, 0x3, 0x0) getsockopt$inet6_mtu(0xffffffffffffffff, 0x29, 0x17, &(0x7f0000000080), &(0x7f0000000180)=0x4) sendmsg(r0, &(0x7f0000000280)={&(0x7f00000000c0)=@hci={0x1f, 0x6488, 0x2}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000140)="f254294737bb0057", 0x68}], 0x1}, 0x0) 13:12:24 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x800, 0x0, 0x103, 0x1}, 0x20) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4) sendmsg$inet6(r0, &(0x7f0000000080)={&(0x7f00000000c0)={0xa, 0x4c20, 0x80000, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, 0x1c, 0x0, 0x0, &(0x7f0000000240)=[@tclass={{0x10}}], 0x10}, 0x0) 13:12:24 executing program 2: r0 = openat(0xffffffffffffffff, &(0x7f0000000100)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = socket$inet(0x2, 0x3, 0x5) ioctl$sock_ifreq(r1, 0x8948, &(0x7f0000000040)={'ipvlan0\x00', @ifru_map}) 13:12:24 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x121002) setreuid(0x0, 0xee01) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x5393, &(0x7f0000000080)={0x4d}) 13:12:24 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x800, 0x0, 0x103, 0x1}, 0x20) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4) sendmsg$inet6(r0, &(0x7f0000000080)={&(0x7f00000000c0)={0xa, 0x4c20, 0x80000, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, 0x1c, 0x0, 0x0, &(0x7f0000000240)=[@tclass={{0x10}}], 0x10}, 0x0) 13:12:24 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r1 = signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8) mkdir(&(0x7f0000000140)='./control\x00', 0x0) close(r1) r2 = inotify_init1(0x0) fcntl$setstatus(r1, 0x4, 0x2c00) r3 = gettid() fcntl$setown(r1, 0x8, r3) rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8) rt_sigtimedwait(&(0x7f00000002c0)={[0xfffffffffffffff6]}, 0x0, 0x0, 0x8) inotify_add_watch(r2, &(0x7f0000000040)='./control\x00', 0xa0000000) clock_gettime(0x0, &(0x7f00000003c0)={0x0, 0x0}) clock_nanosleep(0x8, 0x0, &(0x7f00000000c0)={0x0, r4+10000000}, &(0x7f0000001780)) rmdir(&(0x7f0000000080)='./control\x00') mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) 13:12:24 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000040), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x40, r1, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x5}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x2}, @NLBL_CIPSOV4_A_TAGLST={0x1c, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x1}, {0x5, 0x3, 0x1}, {0x5, 0x3, 0x5}]}]}, 0x40}}, 0x0) 13:12:24 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x121002) setreuid(0x0, 0xee01) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x5393, &(0x7f0000000080)={0x4d}) 13:12:24 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r1 = signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8) mkdir(&(0x7f0000000140)='./control\x00', 0x0) close(r1) r2 = inotify_init1(0x0) fcntl$setstatus(r1, 0x4, 0x2c00) r3 = gettid() fcntl$setown(r1, 0x8, r3) rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8) rt_sigtimedwait(&(0x7f00000002c0)={[0xfffffffffffffff6]}, 0x0, 0x0, 0x8) inotify_add_watch(r2, &(0x7f0000000040)='./control\x00', 0xa0000000) clock_gettime(0x0, &(0x7f00000003c0)={0x0, 0x0}) clock_nanosleep(0x8, 0x0, &(0x7f00000000c0)={0x0, r4+10000000}, &(0x7f0000001780)) rmdir(&(0x7f0000000080)='./control\x00') mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) 13:12:24 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000040), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x40, r1, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x5}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x2}, @NLBL_CIPSOV4_A_TAGLST={0x1c, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x1}, {0x5, 0x3, 0x1}, {0x5, 0x3, 0x5}]}]}, 0x40}}, 0x0) 13:12:24 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x800, 0x0, 0x103, 0x1}, 0x20) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4) sendmsg$inet6(r0, &(0x7f0000000080)={&(0x7f00000000c0)={0xa, 0x4c20, 0x80000, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, 0x1c, 0x0, 0x0, &(0x7f0000000240)=[@tclass={{0x10}}], 0x10}, 0x0) 13:12:25 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r1 = signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8) mkdir(&(0x7f0000000140)='./control\x00', 0x0) close(r1) r2 = inotify_init1(0x0) fcntl$setstatus(r1, 0x4, 0x2c00) r3 = gettid() fcntl$setown(r1, 0x8, r3) rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8) rt_sigtimedwait(&(0x7f00000002c0)={[0xfffffffffffffff6]}, 0x0, 0x0, 0x8) inotify_add_watch(r2, &(0x7f0000000040)='./control\x00', 0xa0000000) clock_gettime(0x0, &(0x7f00000003c0)={0x0, 0x0}) clock_nanosleep(0x8, 0x0, &(0x7f00000000c0)={0x0, r4+10000000}, &(0x7f0000001780)) rmdir(&(0x7f0000000080)='./control\x00') mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) 13:12:25 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x121002) setreuid(0x0, 0xee01) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x5393, &(0x7f0000000080)={0x4d}) 13:12:25 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000040), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x40, r1, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x5}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x2}, @NLBL_CIPSOV4_A_TAGLST={0x1c, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x1}, {0x5, 0x3, 0x1}, {0x5, 0x3, 0x5}]}]}, 0x40}}, 0x0) 13:12:25 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x800, 0x0, 0x103, 0x1}, 0x20) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4) sendmsg$inet6(r0, &(0x7f0000000080)={&(0x7f00000000c0)={0xa, 0x4c20, 0x80000, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, 0x1c, 0x0, 0x0, &(0x7f0000000240)=[@tclass={{0x10}}], 0x10}, 0x0) 13:12:25 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) preadv(r1, &(0x7f0000000400)=[{&(0x7f00000000c0)=""/8, 0x8}, {&(0x7f0000000100)=""/219, 0xdb}], 0x2, 0x0, 0x0) 13:12:25 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x121002) setreuid(0x0, 0xee01) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x5393, &(0x7f0000000080)={0x4d}) 13:12:25 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r1 = signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8) mkdir(&(0x7f0000000140)='./control\x00', 0x0) close(r1) r2 = inotify_init1(0x0) fcntl$setstatus(r1, 0x4, 0x2c00) r3 = gettid() fcntl$setown(r1, 0x8, r3) rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8) rt_sigtimedwait(&(0x7f00000002c0)={[0xfffffffffffffff6]}, 0x0, 0x0, 0x8) inotify_add_watch(r2, &(0x7f0000000040)='./control\x00', 0xa0000000) clock_gettime(0x0, &(0x7f00000003c0)={0x0, 0x0}) clock_nanosleep(0x8, 0x0, &(0x7f00000000c0)={0x0, r4+10000000}, &(0x7f0000001780)) rmdir(&(0x7f0000000080)='./control\x00') mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) 13:12:25 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000040), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x40, r1, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x5}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x2}, @NLBL_CIPSOV4_A_TAGLST={0x1c, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x1}, {0x5, 0x3, 0x1}, {0x5, 0x3, 0x5}]}]}, 0x40}}, 0x0) 13:12:25 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) preadv(r1, &(0x7f0000000400)=[{&(0x7f00000000c0)=""/8, 0x8}, {&(0x7f0000000100)=""/219, 0xdb}], 0x2, 0x0, 0x0) 13:12:25 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r1 = signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8) mkdir(&(0x7f0000000140)='./control\x00', 0x0) close(r1) r2 = inotify_init1(0x0) fcntl$setstatus(r1, 0x4, 0x2c00) r3 = gettid() fcntl$setown(r1, 0x8, r3) rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8) rt_sigtimedwait(&(0x7f00000002c0)={[0xfffffffffffffff6]}, 0x0, 0x0, 0x8) inotify_add_watch(r2, &(0x7f0000000040)='./control\x00', 0xa0000000) clock_gettime(0x0, &(0x7f00000003c0)={0x0, 0x0}) clock_nanosleep(0x8, 0x0, &(0x7f00000000c0)={0x0, r4+10000000}, &(0x7f0000001780)) rmdir(&(0x7f0000000080)='./control\x00') mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) 13:12:25 executing program 5: r0 = socket$inet6(0xa, 0x800000000000002, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="b80000001900010000ff2de2f15400007f0000010000000000000000009049a6fc0100e1ff000000000000000000000000000000000000000a"], 0xb8}}, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r2, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x30, &(0x7f00000000c0)={0x0, {{0xa, 0x0, 0x0, @private0}}, {{0xa, 0x0, 0x1000000, @private0}}}, 0x108) 13:12:25 executing program 2: r0 = openat$nvram(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) read(r0, &(0x7f00000001c0)=""/77, 0x4d) 13:12:25 executing program 2: r0 = openat$nvram(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) read(r0, &(0x7f00000001c0)=""/77, 0x4d) 13:12:25 executing program 5: r0 = socket$inet6(0xa, 0x800000000000002, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="b80000001900010000ff2de2f15400007f0000010000000000000000009049a6fc0100e1ff000000000000000000000000000000000000000a"], 0xb8}}, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r2, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x30, &(0x7f00000000c0)={0x0, {{0xa, 0x0, 0x0, @private0}}, {{0xa, 0x0, 0x1000000, @private0}}}, 0x108) 13:12:25 executing program 4: preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) open(&(0x7f0000000180)='./bus\x00', 0x141042, 0x18) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x10802, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fallocate(r0, 0x10, 0x8003, 0x8020001) r1 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x108) r2 = creat(&(0x7f0000000300)='./file0\x00', 0x0) write$P9_RREMOVE(r2, &(0x7f0000000280), 0x1033b) fdatasync(r2) ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000200)={0x0, r2}) 13:12:25 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) preadv(r1, &(0x7f0000000400)=[{&(0x7f00000000c0)=""/8, 0x8}, {&(0x7f0000000100)=""/219, 0xdb}], 0x2, 0x0, 0x0) 13:12:25 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) preadv(r1, &(0x7f0000000400)=[{&(0x7f00000000c0)=""/8, 0x8}, {&(0x7f0000000100)=""/219, 0xdb}], 0x2, 0x0, 0x0) 13:12:25 executing program 2: r0 = openat$nvram(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) read(r0, &(0x7f00000001c0)=""/77, 0x4d) 13:12:26 executing program 4: preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) open(&(0x7f0000000180)='./bus\x00', 0x141042, 0x18) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x10802, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fallocate(r0, 0x10, 0x8003, 0x8020001) r1 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x108) r2 = creat(&(0x7f0000000300)='./file0\x00', 0x0) write$P9_RREMOVE(r2, &(0x7f0000000280), 0x1033b) fdatasync(r2) ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000200)={0x0, r2}) 13:12:26 executing program 5: r0 = socket$inet6(0xa, 0x800000000000002, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="b80000001900010000ff2de2f15400007f0000010000000000000000009049a6fc0100e1ff000000000000000000000000000000000000000a"], 0xb8}}, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r2, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x30, &(0x7f00000000c0)={0x0, {{0xa, 0x0, 0x0, @private0}}, {{0xa, 0x0, 0x1000000, @private0}}}, 0x108) 13:12:26 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.memory_pressure\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0) ftruncate(r0, 0x8001) r1 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x33, 0x0, &(0x7f00000012c0)) [ 45.800228][ C1] hrtimer: interrupt took 94500 ns 13:12:26 executing program 4: preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) open(&(0x7f0000000180)='./bus\x00', 0x141042, 0x18) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x10802, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fallocate(r0, 0x10, 0x8003, 0x8020001) r1 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x108) r2 = creat(&(0x7f0000000300)='./file0\x00', 0x0) write$P9_RREMOVE(r2, &(0x7f0000000280), 0x1033b) fdatasync(r2) ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000200)={0x0, r2}) 13:12:26 executing program 2: r0 = openat$nvram(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) read(r0, &(0x7f00000001c0)=""/77, 0x4d) 13:12:26 executing program 0: r0 = socket(0x10, 0x3, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800002, 0x12, r1, 0x0) ioctl$sock_ifreq(r0, 0x89f3, &(0x7f0000000080)={'sit0\x00', @ifru_flags}) 13:12:26 executing program 5: r0 = socket$inet6(0xa, 0x800000000000002, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x1c) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="b80000001900010000ff2de2f15400007f0000010000000000000000009049a6fc0100e1ff000000000000000000000000000000000000000a"], 0xb8}}, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r2, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x30, &(0x7f00000000c0)={0x0, {{0xa, 0x0, 0x0, @private0}}, {{0xa, 0x0, 0x1000000, @private0}}}, 0x108) 13:12:26 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.memory_pressure\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0) ftruncate(r0, 0x8001) r1 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x33, 0x0, &(0x7f00000012c0)) 13:12:26 executing program 3: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000001280)='/sys/module/sky2', 0x0, 0x0) fsetxattr$security_selinux(r0, &(0x7f0000000000), &(0x7f0000000040)='system_u:object_r:systemd_logger_exec_t:s0\x00', 0x2b, 0x0) 13:12:26 executing program 5: r0 = socket(0x10, 0x80002, 0x0) bind$netlink(r0, &(0x7f0000177ff4)={0x10, 0x0, 0x1}, 0xc) write(r0, &(0x7f0000000140)="2600000022004701050000070000000000000020002b1f000a4a51f1ee839cd53400b017ca5b", 0x26) connect$netlink(r0, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000b4bffc), 0x4) write$binfmt_elf64(r0, 0x0, 0x0) recvfrom$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x2, 0x0, @dev}, 0x541000) 13:12:26 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.memory_pressure\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0) ftruncate(r0, 0x8001) r1 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x33, 0x0, &(0x7f00000012c0)) 13:12:26 executing program 0: r0 = socket(0x10, 0x3, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800002, 0x12, r1, 0x0) ioctl$sock_ifreq(r0, 0x89f3, &(0x7f0000000080)={'sit0\x00', @ifru_flags}) 13:12:26 executing program 2: r0 = syz_io_uring_setup(0x5de6, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000000380)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x1) r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x6, 0x11, r0, 0x10000000) syz_io_uring_submit(r1, r2, &(0x7f0000002d40)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r3, &(0x7f0000000340)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x0, @fd_index}, 0x0) r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_SYNC_FILE_RANGE, 0x0) syz_io_uring_submit(r1, r4, &(0x7f00000001c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0) syz_io_uring_submit(r1, r4, &(0x7f0000000240)=@IORING_OP_FADVISE, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_CLOSE, 0x0) syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_POLL_REMOVE, 0x0) syz_io_uring_submit(r1, r4, &(0x7f0000008880)=@IORING_OP_POLL_ADD, 0x0) io_uring_enter(r0, 0x6372, 0x0, 0x0, 0x0, 0x0) [ 45.901913][ T22] audit: type=1400 audit(1631452346.177:9): avc: denied { mac_admin } for pid=4112 comm="syz-executor.3" capability=33 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [ 45.932234][ T4117] SELinux: Context system_u:object_r:systemd_logger_exec_t:s0 is not valid (left unmapped). 13:12:26 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.memory_pressure\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0) ftruncate(r0, 0x8001) r1 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x33, 0x0, &(0x7f00000012c0)) 13:12:26 executing program 4: preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) open(&(0x7f0000000180)='./bus\x00', 0x141042, 0x18) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x10802, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fallocate(r0, 0x10, 0x8003, 0x8020001) r1 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x108) r2 = creat(&(0x7f0000000300)='./file0\x00', 0x0) write$P9_RREMOVE(r2, &(0x7f0000000280), 0x1033b) fdatasync(r2) ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000200)={0x0, r2}) 13:12:26 executing program 3: rseq(&(0x7f00000012c0), 0x20, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) 13:12:26 executing program 0: r0 = socket(0x10, 0x3, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800002, 0x12, r1, 0x0) ioctl$sock_ifreq(r0, 0x89f3, &(0x7f0000000080)={'sit0\x00', @ifru_flags}) 13:12:26 executing program 2: r0 = syz_io_uring_setup(0x5de6, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000000380)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x1) r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x6, 0x11, r0, 0x10000000) syz_io_uring_submit(r1, r2, &(0x7f0000002d40)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r3, &(0x7f0000000340)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x0, @fd_index}, 0x0) r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_SYNC_FILE_RANGE, 0x0) syz_io_uring_submit(r1, r4, &(0x7f00000001c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0) syz_io_uring_submit(r1, r4, &(0x7f0000000240)=@IORING_OP_FADVISE, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_CLOSE, 0x0) syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_POLL_REMOVE, 0x0) syz_io_uring_submit(r1, r4, &(0x7f0000008880)=@IORING_OP_POLL_ADD, 0x0) io_uring_enter(r0, 0x6372, 0x0, 0x0, 0x0, 0x0) 13:12:26 executing program 3: rseq(&(0x7f00000012c0), 0x20, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) [ 45.990319][ T22] audit: type=1400 audit(1631452346.217:10): avc: denied { associate } for pid=4112 comm="syz-executor.3" name="sky2" dev="sysfs" ino=472 scontext=system_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=filesystem permissive=1 srawcon="system_u:object_r:systemd_logger_exec_t:s0" 13:12:26 executing program 1: rseq(&(0x7f00000012c0), 0x20, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) 13:12:26 executing program 0: r0 = socket(0x10, 0x3, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800002, 0x12, r1, 0x0) ioctl$sock_ifreq(r0, 0x89f3, &(0x7f0000000080)={'sit0\x00', @ifru_flags}) [ 46.083440][ T22] audit: type=1326 audit(1631452346.317:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4136 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665f9 code=0x7ffc0000 [ 46.156829][ T22] audit: type=1326 audit(1631452346.317:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4136 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=436 compat=0 ip=0x4665f9 code=0x7ffc0000 [ 46.191082][ T22] audit: type=1326 audit(1631452346.317:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4136 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665f9 code=0x7ffc0000 [ 46.215958][ T22] audit: type=1326 audit(1631452346.317:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4136 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=257 compat=0 ip=0x4196e4 code=0x7ffc0000 [ 46.240100][ T22] audit: type=1326 audit(1631452346.317:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4136 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=308 compat=0 ip=0x467bd7 code=0x7ffc0000 [ 46.264171][ T22] audit: type=1326 audit(1631452346.317:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4136 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=41 compat=0 ip=0x4665f9 code=0x7ffc0000 [ 46.287947][ T22] audit: type=1326 audit(1631452346.317:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4136 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=308 compat=0 ip=0x467bd7 code=0x7ffc0000 [ 46.311840][ T22] audit: type=1326 audit(1631452346.317:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4136 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=3 compat=0 ip=0x41940b code=0x7ffc0000 13:12:27 executing program 5: r0 = socket(0x10, 0x80002, 0x0) bind$netlink(r0, &(0x7f0000177ff4)={0x10, 0x0, 0x1}, 0xc) write(r0, &(0x7f0000000140)="2600000022004701050000070000000000000020002b1f000a4a51f1ee839cd53400b017ca5b", 0x26) connect$netlink(r0, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000b4bffc), 0x4) write$binfmt_elf64(r0, 0x0, 0x0) recvfrom$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x2, 0x0, @dev}, 0x541000) 13:12:27 executing program 2: r0 = syz_io_uring_setup(0x5de6, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000000380)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x1) r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x6, 0x11, r0, 0x10000000) syz_io_uring_submit(r1, r2, &(0x7f0000002d40)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r3, &(0x7f0000000340)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x0, @fd_index}, 0x0) r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_SYNC_FILE_RANGE, 0x0) syz_io_uring_submit(r1, r4, &(0x7f00000001c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0) syz_io_uring_submit(r1, r4, &(0x7f0000000240)=@IORING_OP_FADVISE, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_CLOSE, 0x0) syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_POLL_REMOVE, 0x0) syz_io_uring_submit(r1, r4, &(0x7f0000008880)=@IORING_OP_POLL_ADD, 0x0) io_uring_enter(r0, 0x6372, 0x0, 0x0, 0x0, 0x0) 13:12:27 executing program 3: rseq(&(0x7f00000012c0), 0x20, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) 13:12:27 executing program 1: rseq(&(0x7f00000012c0), 0x20, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) 13:12:27 executing program 0: r0 = socket(0x11, 0x800000003, 0x0) bind(r0, &(0x7f0000000280)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a0dffc2c654"}, 0x80) sendto$inet(r0, &(0x7f0000000040)="c6ed9e6b53de6d9f4a41a52e03f2aab6", 0x1000e, 0x0, 0x0, 0x0) 13:12:27 executing program 4: unshare(0x40000400) r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$IPT_SO_GET_ENTRIES(r0, 0x0, 0x41, &(0x7f00000000c0)={'nat\x00', 0x4, "ebbf292c"}, &(0x7f0000000000)=0x2c) 13:12:27 executing program 1: rseq(&(0x7f00000012c0), 0x20, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) 13:12:27 executing program 3: rseq(&(0x7f00000012c0), 0x20, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) 13:12:27 executing program 2: r0 = syz_io_uring_setup(0x5de6, &(0x7f00000002c0), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000000380)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index}, 0x1) r3 = mmap$IORING_OFF_SQES(&(0x7f0000ee7000/0x3000)=nil, 0x3000, 0x6, 0x11, r0, 0x10000000) syz_io_uring_submit(r1, r2, &(0x7f0000002d40)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r3, &(0x7f0000000340)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x0, @fd_index}, 0x0) r4 = mmap$IORING_OFF_SQES(&(0x7f00000da000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x10000000) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_SYNC_FILE_RANGE, 0x0) syz_io_uring_submit(r1, r4, &(0x7f00000001c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r4, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE, 0x0) syz_io_uring_submit(r1, r4, &(0x7f0000000240)=@IORING_OP_FADVISE, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_CLOSE, 0x0) syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_POLL_REMOVE, 0x0) syz_io_uring_submit(r1, r4, &(0x7f0000008880)=@IORING_OP_POLL_ADD, 0x0) io_uring_enter(r0, 0x6372, 0x0, 0x0, 0x0, 0x0) 13:12:27 executing program 0: r0 = socket(0x11, 0x800000003, 0x0) bind(r0, &(0x7f0000000280)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a0dffc2c654"}, 0x80) sendto$inet(r0, &(0x7f0000000040)="c6ed9e6b53de6d9f4a41a52e03f2aab6", 0x1000e, 0x0, 0x0, 0x0) 13:12:27 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) prctl$PR_SET_NAME(0xf, &(0x7f0000000280)=' y<\xfc\x91\x10') seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x3, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x50000}]}) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) 13:12:27 executing program 4: unshare(0x40000400) r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$IPT_SO_GET_ENTRIES(r0, 0x0, 0x41, &(0x7f00000000c0)={'nat\x00', 0x4, "ebbf292c"}, &(0x7f0000000000)=0x2c) [ 46.993427][ T22] ================================================================== [ 47.001534][ T22] BUG: KCSAN: data-race in kauditd_thread / skb_queue_tail [ 47.008997][ T22] [ 47.011316][ T22] write to 0xffffffff84168b48 of 4 bytes by task 4205 on cpu 1: [ 47.018932][ T22] skb_queue_tail+0x80/0xa0 [ 47.023434][ T22] audit_log_end+0x171/0x1e0 [ 47.028028][ T22] audit_seccomp+0xd9/0xf0 [ 47.032441][ T22] __seccomp_filter+0xdf5/0xe40 [ 47.037298][ T22] __secure_computing+0xfb/0x140 [ 47.042231][ T22] syscall_trace_enter+0x120/0x290 [ 47.047380][ T22] syscall_enter_from_user_mode+0x1c/0x20 [ 47.053100][ T22] do_syscall_64+0x25/0xa0 [ 47.057519][ T22] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 47.063411][ T22] [ 47.065725][ T22] read to 0xffffffff84168b48 of 4 bytes by task 22 on cpu 0: [ 47.073087][ T22] kauditd_thread+0x4d7/0x6e0 [ 47.077763][ T22] kthread+0x262/0x280 [ 47.081832][ T22] ret_from_fork+0x1f/0x30 [ 47.086238][ T22] [ 47.088552][ T22] value changed: 0x00000000 -> 0x00000003 [ 47.094351][ T22] [ 47.096663][ T22] Reported by Kernel Concurrency Sanitizer on: [ 47.102802][ T22] CPU: 0 PID: 22 Comm: kauditd Not tainted 5.14.0-syzkaller #0 [ 47.110429][ T22] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 47.120477][ T22] ================================================================== [ 47.519917][ T22] ================================================================== [ 47.528544][ T22] BUG: KCSAN: data-race in kauditd_thread / skb_queue_tail [ 47.535755][ T22] [ 47.538080][ T22] write to 0xffffffff84168b48 of 4 bytes by task 4205 on cpu 0: [ 47.545708][ T22] skb_queue_tail+0x80/0xa0 [ 47.550299][ T22] audit_log_end+0x171/0x1e0 [ 47.554889][ T22] audit_seccomp+0xd9/0xf0 [ 47.559303][ T22] __seccomp_filter+0xdf5/0xe40 [ 47.564142][ T22] __secure_computing+0xfb/0x140 [ 47.569074][ T22] syscall_trace_enter+0x120/0x290 [ 47.574181][ T22] syscall_enter_from_user_mode+0x1c/0x20 [ 47.579897][ T22] do_syscall_64+0x25/0xa0 [ 47.584314][ T22] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 47.590212][ T22] [ 47.592524][ T22] read to 0xffffffff84168b48 of 4 bytes by task 22 on cpu 1: [ 47.599878][ T22] kauditd_thread+0x612/0x6e0 [ 47.604560][ T22] kthread+0x262/0x280 [ 47.608630][ T22] ret_from_fork+0x1f/0x30 [ 47.613039][ T22] 13:12:27 executing program 5: r0 = socket(0x10, 0x80002, 0x0) bind$netlink(r0, &(0x7f0000177ff4)={0x10, 0x0, 0x1}, 0xc) write(r0, &(0x7f0000000140)="2600000022004701050000070000000000000020002b1f000a4a51f1ee839cd53400b017ca5b", 0x26) connect$netlink(r0, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000b4bffc), 0x4) write$binfmt_elf64(r0, 0x0, 0x0) recvfrom$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x2, 0x0, @dev}, 0x541000) 13:12:27 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0) unshare(0x40040400) r1 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000080)={0x0, 0x0}, &(0x7f00000000c0)=0x5) setuid(r2) ioctl$SG_SET_RESERVED_SIZE(r0, 0x2284, 0x0) 13:12:27 executing program 2: r0 = socket(0x11, 0xa, 0x0) getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f0000000d00)) 13:12:27 executing program 0: r0 = socket(0x11, 0x800000003, 0x0) bind(r0, &(0x7f0000000280)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a0dffc2c654"}, 0x80) sendto$inet(r0, &(0x7f0000000040)="c6ed9e6b53de6d9f4a41a52e03f2aab6", 0x1000e, 0x0, 0x0, 0x0) 13:12:27 executing program 4: unshare(0x40000400) r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$IPT_SO_GET_ENTRIES(r0, 0x0, 0x41, &(0x7f00000000c0)={'nat\x00', 0x4, "ebbf292c"}, &(0x7f0000000000)=0x2c) 13:12:27 executing program 0: r0 = socket(0x11, 0x800000003, 0x0) bind(r0, &(0x7f0000000280)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a0dffc2c654"}, 0x80) sendto$inet(r0, &(0x7f0000000040)="c6ed9e6b53de6d9f4a41a52e03f2aab6", 0x1000e, 0x0, 0x0, 0x0) [ 47.615346][ T22] value changed: 0x00000001 -> 0x00000002 [ 47.621046][ T22] [ 47.623359][ T22] Reported by Kernel Concurrency Sanitizer on: [ 47.629496][ T22] CPU: 1 PID: 22 Comm: kauditd Not tainted 5.14.0-syzkaller #0 [ 47.637037][ T22] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 47.647102][ T22] ================================================================== 13:12:27 executing program 2: r0 = socket(0x11, 0xa, 0x0) getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f0000000d00)) 13:12:28 executing program 0: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0) pipe(&(0x7f0000003400)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) set_mempolicy(0x1, 0x0, 0x0) splice(r0, 0x0, r2, 0x0, 0x88000d0, 0x0) fcntl$setpipe(r1, 0x407, 0x20fffff) write$eventfd(r1, &(0x7f0000000240), 0xffffff14) 13:12:28 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0) unshare(0x40040400) r1 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000080)={0x0, 0x0}, &(0x7f00000000c0)=0x5) setuid(r2) ioctl$SG_SET_RESERVED_SIZE(r0, 0x2284, 0x0) 13:12:28 executing program 4: unshare(0x40000400) r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$IPT_SO_GET_ENTRIES(r0, 0x0, 0x41, &(0x7f00000000c0)={'nat\x00', 0x4, "ebbf292c"}, &(0x7f0000000000)=0x2c) [ 47.819356][ T22] ================================================================== [ 47.827637][ T22] BUG: KCSAN: data-race in kauditd_thread / skb_queue_tail [ 47.835052][ T22] [ 47.837373][ T22] write to 0xffffffff84168b48 of 4 bytes by task 4205 on cpu 0: [ 47.844996][ T22] skb_queue_tail+0x80/0xa0 [ 47.849506][ T22] audit_log_end+0x171/0x1e0 [ 47.854115][ T22] audit_seccomp+0xd9/0xf0 [ 47.858544][ T22] __seccomp_filter+0xdf5/0xe40 [ 47.863397][ T22] __secure_computing+0xfb/0x140 [ 47.868422][ T22] syscall_trace_enter+0x120/0x290 [ 47.873545][ T22] syscall_enter_from_user_mode+0x1c/0x20 [ 47.879267][ T22] do_syscall_64+0x25/0xa0 [ 47.883684][ T22] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 47.889840][ T22] [ 47.892150][ T22] read to 0xffffffff84168b48 of 4 bytes by task 22 on cpu 1: [ 47.899506][ T22] kauditd_thread+0x53c/0x6e0 [ 47.904196][ T22] kthread+0x262/0x280 [ 47.908269][ T22] ret_from_fork+0x1f/0x30 [ 47.912690][ T22] [ 47.915004][ T22] value changed: 0x00000000 -> 0x00000001 [ 47.920722][ T22] [ 47.923037][ T22] Reported by Kernel Concurrency Sanitizer on: [ 47.929174][ T22] CPU: 1 PID: 22 Comm: kauditd Not tainted 5.14.0-syzkaller #0 [ 47.936709][ T22] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 47.946760][ T22] ================================================================== 13:12:30 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) prctl$PR_SET_NAME(0xf, &(0x7f0000000280)=' y<\xfc\x91\x10') seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x3, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x50000}]}) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) 13:12:30 executing program 2: r0 = socket(0x11, 0xa, 0x0) getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f0000000d00)) 13:12:30 executing program 4: unshare(0x48040480) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl(r0, 0x937a, &(0x7f00000000c0)="0100000000000000180100000500000000000000000000002f") 13:12:30 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0) unshare(0x40040400) r1 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000080)={0x0, 0x0}, &(0x7f00000000c0)=0x5) setuid(r2) ioctl$SG_SET_RESERVED_SIZE(r0, 0x2284, 0x0) 13:12:30 executing program 0: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0) pipe(&(0x7f0000003400)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) set_mempolicy(0x1, 0x0, 0x0) splice(r0, 0x0, r2, 0x0, 0x88000d0, 0x0) fcntl$setpipe(r1, 0x407, 0x20fffff) write$eventfd(r1, &(0x7f0000000240), 0xffffff14) 13:12:30 executing program 5: r0 = socket(0x10, 0x80002, 0x0) bind$netlink(r0, &(0x7f0000177ff4)={0x10, 0x0, 0x1}, 0xc) write(r0, &(0x7f0000000140)="2600000022004701050000070000000000000020002b1f000a4a51f1ee839cd53400b017ca5b", 0x26) connect$netlink(r0, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000b4bffc), 0x4) write$binfmt_elf64(r0, 0x0, 0x0) recvfrom$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x2, 0x0, @dev}, 0x541000) 13:12:30 executing program 2: r0 = socket(0x11, 0xa, 0x0) getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f0000000d00)) 13:12:30 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0) unshare(0x40040400) r1 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000080)={0x0, 0x0}, &(0x7f00000000c0)=0x5) setuid(r2) ioctl$SG_SET_RESERVED_SIZE(r0, 0x2284, 0x0) 13:12:30 executing program 4: unshare(0x48040480) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl(r0, 0x937a, &(0x7f00000000c0)="0100000000000000180100000500000000000000000000002f") 13:12:30 executing program 2: unshare(0x48040480) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl(r0, 0x937a, &(0x7f00000000c0)="0100000000000000180100000500000000000000000000002f") 13:12:30 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) prctl$PR_SET_NAME(0xf, &(0x7f0000000280)=' y<\xfc\x91\x10') seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x3, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x50000}]}) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) 13:12:30 executing program 4: unshare(0x48040480) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl(r0, 0x937a, &(0x7f00000000c0)="0100000000000000180100000500000000000000000000002f") [ 50.334373][ T22] ================================================================== [ 50.342494][ T22] BUG: KCSAN: data-race in kauditd_thread / skb_queue_tail [ 50.349704][ T22] [ 50.352126][ T22] write to 0xffffffff84168b48 of 4 bytes by task 4295 on cpu 1: [ 50.359762][ T22] skb_queue_tail+0x80/0xa0 [ 50.364355][ T22] audit_log_end+0x171/0x1e0 [ 50.368935][ T22] audit_seccomp+0xd9/0xf0 [ 50.373333][ T22] __seccomp_filter+0xdf5/0xe40 [ 50.378165][ T22] __secure_computing+0xfb/0x140 [ 50.383088][ T22] syscall_trace_enter+0x120/0x290 [ 50.388195][ T22] syscall_enter_from_user_mode+0x1c/0x20 [ 50.393897][ T22] do_syscall_64+0x25/0xa0 [ 50.398385][ T22] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 50.404270][ T22] [ 50.406576][ T22] read to 0xffffffff84168b48 of 4 bytes by task 22 on cpu 0: [ 50.413927][ T22] kauditd_thread+0x4d7/0x6e0 [ 50.418590][ T22] kthread+0x262/0x280 [ 50.422663][ T22] ret_from_fork+0x1f/0x30 [ 50.427065][ T22] [ 50.429460][ T22] value changed: 0x00000000 -> 0x00000001 [ 50.435160][ T22] [ 50.437464][ T22] Reported by Kernel Concurrency Sanitizer on: [ 50.443591][ T22] CPU: 0 PID: 22 Comm: kauditd Not tainted 5.14.0-syzkaller #0 [ 50.451121][ T22] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 50.461162][ T22] ================================================================== [ 50.911500][ T22] kauditd_printk_skb: 55322 callbacks suppressed [ 50.911512][ T22] audit: type=1326 audit(1631452351.177:55341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4341 comm=20793CFC3C44624FE5C353EF7ED58A exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665f9 code=0x50000 [ 50.972301][ T22] audit: type=1326 audit(1631452351.217:55342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4294 comm=20793CFC3C44624FE5C353EF7ED58A exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665f9 code=0x50000 [ 51.023521][ T22] audit: type=1326 audit(1631452351.217:55343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4294 comm=20793CFC3C44624FE5C353EF7ED58A exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665f9 code=0x50000 [ 51.077976][ T22] audit: type=1326 audit(1631452351.217:55344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4294 comm=20793CFC3C44624FE5C353EF7ED58A exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665f9 code=0x50000 [ 51.161511][ T22] audit: type=1326 audit(1631452351.217:55345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4294 comm=20793CFC3C44624FE5C353EF7ED58A exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665f9 code=0x50000 [ 51.211534][ T22] audit: type=1326 audit(1631452351.217:55346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4294 comm=20793CFC3C44624FE5C353EF7ED58A exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665f9 code=0x50000 [ 51.259912][ T22] audit: type=1326 audit(1631452351.217:55347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4294 comm=20793CFC3C44624FE5C353EF7ED58A exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665f9 code=0x50000 [ 51.311555][ T22] audit: type=1326 audit(1631452351.217:55348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4294 comm=20793CFC3C44624FE5C353EF7ED58A exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665f9 code=0x50000 [ 51.381511][ T22] audit: type=1326 audit(1631452351.217:55349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4294 comm=20793CFC3C44624FE5C353EF7ED58A exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665f9 code=0x50000 [ 51.461533][ T22] audit: type=1326 audit(1631452351.217:55350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4294 comm=20793CFC3C44624FE5C353EF7ED58A exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665f9 code=0x50000 [ 51.603943][ T22] ================================================================== [ 51.612047][ T22] BUG: KCSAN: data-race in kauditd_thread / skb_queue_tail [ 51.619248][ T22] [ 51.621569][ T22] write to 0xffffffff84168b48 of 4 bytes by task 4343 on cpu 0: [ 51.629197][ T22] skb_queue_tail+0x80/0xa0 [ 51.633732][ T22] audit_log_end+0x171/0x1e0 [ 51.638333][ T22] audit_seccomp+0xd9/0xf0 [ 51.642744][ T22] __seccomp_filter+0xdf5/0xe40 [ 51.647591][ T22] __secure_computing+0xfb/0x140 [ 51.652529][ T22] syscall_trace_enter+0x120/0x290 [ 51.657652][ T22] syscall_enter_from_user_mode+0x1c/0x20 [ 51.663372][ T22] do_syscall_64+0x25/0xa0 [ 51.667789][ T22] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 51.673678][ T22] [ 51.675986][ T22] read to 0xffffffff84168b48 of 4 bytes by task 22 on cpu 1: [ 51.683331][ T22] kauditd_thread+0x53c/0x6e0 [ 51.688012][ T22] kthread+0x262/0x280 [ 51.692065][ T22] ret_from_fork+0x1f/0x30 [ 51.696464][ T22] [ 51.698779][ T22] value changed: 0x00000000 -> 0x00000001 [ 51.704487][ T22] [ 51.706802][ T22] Reported by Kernel Concurrency Sanitizer on: [ 51.712947][ T22] CPU: 1 PID: 22 Comm: kauditd Not tainted 5.14.0-syzkaller #0 [ 51.720487][ T22] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 51.730523][ T22] ================================================================== 13:12:33 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) prctl$PR_SET_NAME(0xf, &(0x7f0000000280)=' y<\xfc\x91\x10') seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x3, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x50000}]}) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) 13:12:33 executing program 2: unshare(0x48040480) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl(r0, 0x937a, &(0x7f00000000c0)="0100000000000000180100000500000000000000000000002f") 13:12:33 executing program 4: unshare(0x48040480) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl(r0, 0x937a, &(0x7f00000000c0)="0100000000000000180100000500000000000000000000002f") 13:12:33 executing program 0: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0) pipe(&(0x7f0000003400)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) set_mempolicy(0x1, 0x0, 0x0) splice(r0, 0x0, r2, 0x0, 0x88000d0, 0x0) fcntl$setpipe(r1, 0x407, 0x20fffff) write$eventfd(r1, &(0x7f0000000240), 0xffffff14) 13:12:33 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) prctl$PR_SET_NAME(0xf, &(0x7f0000000280)=' y<\xfc\x91\x10') seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x3, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x50000}]}) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 53.005282][ T22] ================================================================== [ 53.013394][ T22] BUG: KCSAN: data-race in kauditd_thread / skb_queue_tail [ 53.020598][ T22] [ 53.022930][ T22] write to 0xffffffff84168b48 of 4 bytes by task 4370 on cpu 0: [ 53.030546][ T22] skb_queue_tail+0x80/0xa0 [ 53.035054][ T22] audit_log_end+0x171/0x1e0 [ 53.039651][ T22] audit_seccomp+0xd9/0xf0 [ 53.044071][ T22] __seccomp_filter+0xdf5/0xe40 [ 53.048923][ T22] __secure_computing+0xfb/0x140 [ 53.053863][ T22] syscall_trace_enter+0x120/0x290 [ 53.058977][ T22] syscall_enter_from_user_mode+0x1c/0x20 [ 53.064790][ T22] do_syscall_64+0x25/0xa0 [ 53.069206][ T22] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 53.075098][ T22] [ 53.077497][ T22] read to 0xffffffff84168b48 of 4 bytes by task 22 on cpu 1: [ 53.084856][ T22] kauditd_thread+0x612/0x6e0 [ 53.089533][ T22] kthread+0x262/0x280 [ 53.093597][ T22] ret_from_fork+0x1f/0x30 [ 53.098021][ T22] 13:12:33 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000380), r0) sendmsg$NLBL_CALIPSO_C_ADD(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000003c0)={0x24, r2, 0x1, 0x0, 0x0, {0x1, 0x3}, [@NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}, @NLBL_CALIPSO_A_MTYPE={0x8}]}, 0x24}}, 0x0) 13:12:33 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) prctl$PR_SET_NAME(0xf, &(0x7f0000000280)=' y<\xfc\x91\x10') seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x3, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x50000}]}) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 53.100336][ T22] value changed: 0x00000001 -> 0x00000002 [ 53.106042][ T22] [ 53.108357][ T22] Reported by Kernel Concurrency Sanitizer on: [ 53.114493][ T22] CPU: 1 PID: 22 Comm: kauditd Not tainted 5.14.0-syzkaller #0 [ 53.122027][ T22] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 53.132081][ T22] ================================================================== 13:12:33 executing program 2: unshare(0x48040480) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl(r0, 0x937a, &(0x7f00000000c0)="0100000000000000180100000500000000000000000000002f") 13:12:33 executing program 4: r0 = socket$inet(0x10, 0x2000000002, 0x0) sendmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000180)="24000000240007041dfffd946fa201000100000001000000000000e5f1fffffff7fffe7e", 0x24}], 0x1}, 0x0) 13:12:33 executing program 4: r0 = socket$inet(0x10, 0x2000000002, 0x0) sendmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000180)="24000000240007041dfffd946fa201000100000001000000000000e5f1fffffff7fffe7e", 0x24}], 0x1}, 0x0) 13:12:33 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @multicast2}, 0x10) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000000)=0x1, 0x4) sendto$inet(r0, 0x0, 0xfffffffffffffef2, 0x20020001, &(0x7f0000000080)={0x2, 0x4e20}, 0x10) sendmmsg$inet(r0, &(0x7f0000004d80)=[{{0x0, 0x0, &(0x7f0000002bc0)=[{&(0x7f0000001fc0)="cd", 0x1}], 0x1}}], 0x1, 0x608d840) close(r0) 13:12:33 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @multicast2}, 0x10) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000000)=0x1, 0x4) sendto$inet(r0, 0x0, 0xfffffffffffffef2, 0x20020001, &(0x7f0000000080)={0x2, 0x4e20}, 0x10) sendmmsg$inet(r0, &(0x7f0000004d80)=[{{0x0, 0x0, &(0x7f0000002bc0)=[{&(0x7f0000001fc0)="cd", 0x1}], 0x1}}], 0x1, 0x608d840) close(r0) [ 55.842045][ T22] ================================================================== [ 55.850151][ T22] BUG: KCSAN: data-race in kauditd_thread / skb_queue_tail [ 55.857353][ T22] [ 55.859670][ T22] write to 0xffffffff84168b48 of 4 bytes by task 4384 on cpu 0: [ 55.867290][ T22] skb_queue_tail+0x80/0xa0 [ 55.871792][ T22] audit_log_end+0x171/0x1e0 [ 55.876387][ T22] audit_seccomp+0xd9/0xf0 [ 55.880798][ T22] __seccomp_filter+0xdf5/0xe40 [ 55.885650][ T22] __secure_computing+0xfb/0x140 [ 55.890595][ T22] syscall_trace_enter+0x120/0x290 [ 55.895702][ T22] syscall_enter_from_user_mode+0x1c/0x20 [ 55.901501][ T22] do_syscall_64+0x25/0xa0 [ 55.905912][ T22] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 55.911813][ T22] [ 55.914127][ T22] read to 0xffffffff84168b48 of 4 bytes by task 22 on cpu 1: [ 55.921483][ T22] kauditd_thread+0x4d7/0x6e0 [ 55.926167][ T22] kthread+0x262/0x280 [ 55.930242][ T22] ret_from_fork+0x1f/0x30 [ 55.934663][ T22] [ 55.936979][ T22] value changed: 0x00000000 -> 0x00000001 [ 55.942683][ T22] [ 55.944997][ T22] Reported by Kernel Concurrency Sanitizer on: [ 55.951132][ T22] CPU: 1 PID: 22 Comm: kauditd Not tainted 5.14.0-syzkaller #0 [ 55.958667][ T22] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 55.968713][ T22] ================================================================== [ 55.977860][ T22] kauditd_printk_skb: 54715 callbacks suppressed [ 55.977869][ T22] audit: type=1326 audit(1631452356.117:110068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4380 comm=20793CFC3C44624FE5C353EF7ED58A exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665f9 code=0x50000 [ 56.009677][ T22] audit: type=1326 audit(1631452356.117:110069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4380 comm=20793CFC3C44624FE5C353EF7ED58A exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665f9 code=0x50000 [ 56.035088][ T22] audit: type=1326 audit(1631452356.107:110041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4363 comm=20793CFC3C44624FE5C353EF7ED58A exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665f9 code=0x50000 [ 56.060828][ T22] audit: type=1326 audit(1631452356.117:110070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4363 comm=20793CFC3C44624FE5C353EF7ED58A exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665f9 code=0x50000 [ 56.086250][ T22] audit: type=1326 audit(1631452356.117:110071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4363 comm=20793CFC3C44624FE5C353EF7ED58A exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665f9 code=0x50000 [ 56.111734][ T22] audit: type=1326 audit(1631452356.117:110072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4363 comm=20793CFC3C44624FE5C353EF7ED58A exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665f9 code=0x50000 [ 56.136913][ T22] audit: type=1326 audit(1631452356.117:110073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4363 comm=20793CFC3C44624FE5C353EF7ED58A exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665f9 code=0x50000 [ 56.163395][ T22] audit: type=1326 audit(1631452356.117:110074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4363 comm=20793CFC3C44624FE5C353EF7ED58A exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665f9 code=0x50000 13:12:36 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) prctl$PR_SET_NAME(0xf, &(0x7f0000000280)=' y<\xfc\x91\x10') seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x3, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x50000}]}) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) 13:12:36 executing program 4: r0 = socket$inet(0x10, 0x2000000002, 0x0) sendmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000180)="24000000240007041dfffd946fa201000100000001000000000000e5f1fffffff7fffe7e", 0x24}], 0x1}, 0x0) 13:12:36 executing program 0: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0) pipe(&(0x7f0000003400)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) set_mempolicy(0x1, 0x0, 0x0) splice(r0, 0x0, r2, 0x0, 0x88000d0, 0x0) fcntl$setpipe(r1, 0x407, 0x20fffff) write$eventfd(r1, &(0x7f0000000240), 0xffffff14) 13:12:36 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @multicast2}, 0x10) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000000)=0x1, 0x4) sendto$inet(r0, 0x0, 0xfffffffffffffef2, 0x20020001, &(0x7f0000000080)={0x2, 0x4e20}, 0x10) sendmmsg$inet(r0, &(0x7f0000004d80)=[{{0x0, 0x0, &(0x7f0000002bc0)=[{&(0x7f0000001fc0)="cd", 0x1}], 0x1}}], 0x1, 0x608d840) close(r0) 13:12:36 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) prctl$PR_SET_NAME(0xf, &(0x7f0000000280)=' y<\xfc\x91\x10') seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x3, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x50000}]}) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) 13:12:36 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) prctl$PR_SET_NAME(0xf, &(0x7f0000000280)=' y<\xfc\x91\x10') seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x3, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x50000}]}) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 56.188814][ T22] audit: type=1326 audit(1631452356.117:110075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4363 comm=20793CFC3C44624FE5C353EF7ED58A exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665f9 code=0x50000 [ 56.214245][ T22] audit: type=1326 audit(1631452356.117:110076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4363 comm=20793CFC3C44624FE5C353EF7ED58A exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665f9 code=0x50000 13:12:36 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @multicast2}, 0x10) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000000)=0x1, 0x4) sendto$inet(r0, 0x0, 0xfffffffffffffef2, 0x20020001, &(0x7f0000000080)={0x2, 0x4e20}, 0x10) sendmmsg$inet(r0, &(0x7f0000004d80)=[{{0x0, 0x0, &(0x7f0000002bc0)=[{&(0x7f0000001fc0)="cd", 0x1}], 0x1}}], 0x1, 0x608d840) close(r0) 13:12:36 executing program 4: r0 = socket$inet(0x10, 0x2000000002, 0x0) sendmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000180)="24000000240007041dfffd946fa201000100000001000000000000e5f1fffffff7fffe7e", 0x24}], 0x1}, 0x0) 13:12:36 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @multicast2}, 0x10) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000000)=0x1, 0x4) sendto$inet(r0, 0x0, 0xfffffffffffffef2, 0x20020001, &(0x7f0000000080)={0x2, 0x4e20}, 0x10) sendmmsg$inet(r0, &(0x7f0000004d80)=[{{0x0, 0x0, &(0x7f0000002bc0)=[{&(0x7f0000001fc0)="cd", 0x1}], 0x1}}], 0x1, 0x608d840) close(r0) 13:12:36 executing program 2: r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x0, 0x0) fadvise64(r0, 0x0, 0x0, 0x5) 13:12:36 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @multicast2}, 0x10) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000000)=0x1, 0x4) sendto$inet(r0, 0x0, 0xfffffffffffffef2, 0x20020001, &(0x7f0000000080)={0x2, 0x4e20}, 0x10) sendmmsg$inet(r0, &(0x7f0000004d80)=[{{0x0, 0x0, &(0x7f0000002bc0)=[{&(0x7f0000001fc0)="cd", 0x1}], 0x1}}], 0x1, 0x608d840) close(r0) 13:12:36 executing program 2: r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x0, 0x0) fadvise64(r0, 0x0, 0x0, 0x5) [ 56.766719][ T22] ================================================================== [ 56.774821][ T22] BUG: KCSAN: data-race in kauditd_thread / skb_queue_tail [ 56.782030][ T22] [ 56.784343][ T22] write to 0xffffffff84168b48 of 4 bytes by task 4432 on cpu 0: [ 56.791961][ T22] skb_queue_tail+0x80/0xa0 [ 56.796459][ T22] audit_log_end+0x171/0x1e0 [ 56.801046][ T22] audit_seccomp+0xd9/0xf0 [ 56.805457][ T22] __seccomp_filter+0xdf5/0xe40 [ 56.810306][ T22] __secure_computing+0xfb/0x140 [ 56.815261][ T22] syscall_trace_enter+0x120/0x290 [ 56.820466][ T22] syscall_enter_from_user_mode+0x1c/0x20 [ 56.826193][ T22] do_syscall_64+0x25/0xa0 [ 56.830606][ T22] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 56.836498][ T22] [ 56.838811][ T22] read to 0xffffffff84168b48 of 4 bytes by task 22 on cpu 1: [ 56.847125][ T22] kauditd_thread+0x612/0x6e0 [ 56.851912][ T22] kthread+0x262/0x280 [ 56.855974][ T22] ret_from_fork+0x1f/0x30 [ 56.860467][ T22] [ 56.862779][ T22] value changed: 0x00000001 -> 0x00000002 [ 56.868481][ T22] [ 56.870807][ T22] Reported by Kernel Concurrency Sanitizer on: [ 56.876944][ T22] CPU: 1 PID: 22 Comm: kauditd Not tainted 5.14.0-syzkaller #0 [ 56.884483][ T22] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 56.894619][ T22] ==================================================================