[ OK ] Started OpenBSD Secure Shell server. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.92' (ECDSA) to the list of known hosts. 2021/06/21 23:15:22 fuzzer started 2021/06/21 23:15:23 dialing manager at 10.128.0.163:43887 2021/06/21 23:15:24 syscalls: 1998 2021/06/21 23:15:24 code coverage: enabled 2021/06/21 23:15:24 comparison tracing: enabled 2021/06/21 23:15:24 extra coverage: enabled 2021/06/21 23:15:24 setuid sandbox: enabled 2021/06/21 23:15:24 namespace sandbox: enabled 2021/06/21 23:15:24 Android sandbox: enabled 2021/06/21 23:15:24 fault injection: enabled 2021/06/21 23:15:24 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2021/06/21 23:15:24 net packet injection: /dev/net/tun does not exist 2021/06/21 23:15:24 net device setup: enabled 2021/06/21 23:15:24 concurrency sanitizer: enabled 2021/06/21 23:15:24 devlink PCI setup: PCI device 0000:00:10.0 is not available 2021/06/21 23:15:24 USB emulation: /dev/raw-gadget does not exist 2021/06/21 23:15:24 hci packet injection: /dev/vhci does not exist 2021/06/21 23:15:24 wifi device emulation: /sys/class/mac80211_hwsim/ does not exist 2021/06/21 23:15:24 802.15.4 emulation: /sys/bus/platform/devices/mac802154_hwsim does not exist 2021/06/21 23:15:25 suppressing KCSAN reports in functions: 'exit_mm' 'blk_mq_rq_ctx_init' 'ps2_do_sendbyte' 'kauditd_thread' 'step_into' 'xas_clear_mark' '__xa_clear_mark' 'do_sys_poll' '_find_next_bit' 'ext4_writepages' 'generic_write_end' 'ext4_free_inodes_count' 'blk_mq_sched_dispatch_requests' 2021/06/21 23:15:25 fetching corpus: 0, signal 0/2000 (executing program) 2021/06/21 23:15:25 fetching corpus: 49, signal 17867/21398 (executing program) 2021/06/21 23:15:25 fetching corpus: 99, signal 23763/28882 (executing program) 2021/06/21 23:15:25 fetching corpus: 149, signal 27193/33817 (executing program) 2021/06/21 23:15:25 fetching corpus: 199, signal 34825/42582 (executing program) 2021/06/21 23:15:25 fetching corpus: 249, signal 39397/48347 (executing program) 2021/06/21 23:15:25 fetching corpus: 299, signal 42986/53072 (executing program) 2021/06/21 23:15:25 fetching corpus: 349, signal 46577/57759 (executing program) 2021/06/21 23:15:25 fetching corpus: 399, signal 49557/61808 (executing program) 2021/06/21 23:15:25 fetching corpus: 448, signal 51776/65109 (executing program) 2021/06/21 23:15:25 fetching corpus: 498, signal 54126/68442 (executing program) 2021/06/21 23:15:26 fetching corpus: 548, signal 57326/72507 (executing program) 2021/06/21 23:15:26 fetching corpus: 598, signal 60107/76116 (executing program) 2021/06/21 23:15:26 fetching corpus: 648, signal 62006/78952 (executing program) 2021/06/21 23:15:26 fetching corpus: 696, signal 64400/82116 (executing program) 2021/06/21 23:15:26 fetching corpus: 743, signal 68726/86748 (executing program) 2021/06/21 23:15:26 fetching corpus: 793, signal 71158/89815 (executing program) 2021/06/21 23:15:26 fetching corpus: 843, signal 73470/92685 (executing program) syzkaller login: [ 20.199659][ T0] ================================================================== [ 20.201968][ T0] BUG: KCSAN: data-race in tick_nohz_next_event / tick_sched_timer [ 20.203229][ T0] [ 20.203628][ T0] write to 0xffffffff83cbf1d0 of 4 bytes by interrupt on cpu 1: [ 20.205135][ T0] tick_sched_timer+0x1f5/0x210 [ 20.206214][ T0] __run_hrtimer+0x160/0x480 [ 20.207104][ T0] hrtimer_interrupt+0x380/0xaf0 [ 20.207994][ T0] __sysvec_apic_timer_interrupt+0x6f/0x1c0 [ 20.208976][ T0] sysvec_apic_timer_interrupt+0x64/0x80 [ 20.210697][ T0] asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 20.211802][ T0] memset_erms+0xe/0x10 [ 20.212746][ T0] kmem_cache_alloc+0x1e6/0x2f0 [ 20.213883][ T0] skb_clone+0x12c/0x1f0 [ 20.214654][ T0] dev_queue_xmit_nit+0x145/0x5f0 [ 20.215437][ T0] xmit_one+0x71/0x270 [ 20.216086][ T0] dev_hard_start_xmit+0x72/0x120 [ 20.217089][ T0] sch_direct_xmit+0x19c/0x5b0 [ 20.217962][ T0] __qdisc_run+0x119/0x180 [ 20.218969][ T0] __dev_queue_xmit+0x7a3/0x12a0 [ 20.221607][ T0] dev_queue_xmit+0x13/0x20 [ 20.226200][ T0] ip_finish_output2+0xa93/0xb10 [ 20.231153][ T0] ip_finish_output+0x2fa/0x490 [ 20.236010][ T0] ip_output+0xf6/0x1a0 [ 20.240171][ T0] ip_local_out+0x167/0x230 [ 20.244671][ T0] __ip_queue_xmit+0x97f/0x9a0 [ 20.249731][ T0] ip_queue_xmit+0x34/0x40 [ 20.254513][ T0] __tcp_transmit_skb+0x140a/0x19e0 [ 20.259912][ T0] __tcp_send_ack+0x20a/0x300 [ 20.264962][ T0] tcp_send_ack+0x23/0x30 [ 20.269329][ T0] tcp_cleanup_rbuf+0x1c4/0x310 [ 20.274373][ T0] tcp_recvmsg_locked+0x1129/0x1730 [ 20.279567][ T0] tcp_recvmsg+0x145/0x430 [ 20.283986][ T0] inet_recvmsg+0xa3/0x200 [ 20.288545][ T0] sock_read_iter+0x19e/0x1e0 [ 20.293235][ T0] vfs_read+0x565/0x5d0 [ 20.297570][ T0] ksys_read+0xce/0x180 [ 20.301714][ T0] __x64_sys_read+0x3e/0x50 [ 20.306216][ T0] do_syscall_64+0x4a/0x90 [ 20.310925][ T0] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 20.316807][ T0] [ 20.319117][ T0] read to 0xffffffff83cbf1d0 of 4 bytes by task 0 on cpu 0: [ 20.326386][ T0] tick_nohz_next_event+0x217/0x300 [ 20.331771][ T0] tick_nohz_get_sleep_length+0x121/0x280 [ 20.337586][ T0] menu_select+0x303/0x1050 [ 20.342303][ T0] cpuidle_select+0x3d/0x50 [ 20.346879][ T0] do_idle+0x16f/0x240 [ 20.350948][ T0] cpu_startup_entry+0x15/0x20 [ 20.355867][ T0] rest_init+0xc9/0xd0 [ 20.359975][ T0] arch_call_rest_init+0xa/0xb [ 20.364736][ T0] start_kernel+0x59e/0x623 [ 20.369509][ T0] secondary_startup_64_no_verify+0xb0/0xbb [ 20.375499][ T0] [ 20.377814][ T0] value changed: 0xffffffff -> 0x00000001 [ 20.383635][ T0] [ 20.386048][ T0] Reported by Kernel Concurrency Sanitizer on: [ 20.392183][ T0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.13.0-rc7-syzkaller #0 2021/06/21 23:15:26 fetching corpus: 893, signal 75714/95473 (executing program) [ 20.400144][ T0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 20.410342][ T0] ================================================================== 2021/06/21 23:15:26 fetching corpus: 943, signal 77250/97664 (executing program) 2021/06/21 23:15:26 fetching corpus: 993, signal 78868/99874 (executing program) 2021/06/21 23:15:27 fetching corpus: 1043, signal 80681/102184 (executing program) 2021/06/21 23:15:27 fetching corpus: 1093, signal 82006/104054 (executing program) 2021/06/21 23:15:27 fetching corpus: 1143, signal 84866/107015 (executing program) 2021/06/21 23:15:27 fetching corpus: 1193, signal 85867/108600 (executing program) 2021/06/21 23:15:27 fetching corpus: 1243, signal 87132/110419 (executing program) 2021/06/21 23:15:27 fetching corpus: 1293, signal 88932/112470 (executing program) 2021/06/21 23:15:27 fetching corpus: 1343, signal 90354/114269 (executing program) 2021/06/21 23:15:27 fetching corpus: 1393, signal 93081/116809 (executing program) 2021/06/21 23:15:27 fetching corpus: 1443, signal 94196/118303 (executing program) 2021/06/21 23:15:27 fetching corpus: 1492, signal 99037/122040 (executing program) 2021/06/21 23:15:28 fetching corpus: 1541, signal 100911/123928 (executing program) 2021/06/21 23:15:28 fetching corpus: 1591, signal 102366/125474 (executing program) 2021/06/21 23:15:28 fetching corpus: 1640, signal 103514/126842 (executing program) 2021/06/21 23:15:28 fetching corpus: 1689, signal 104736/128214 (executing program) 2021/06/21 23:15:28 fetching corpus: 1739, signal 105949/129541 (executing program) 2021/06/21 23:15:28 fetching corpus: 1789, signal 107315/130935 (executing program) 2021/06/21 23:15:28 fetching corpus: 1839, signal 108383/132130 (executing program) 2021/06/21 23:15:28 fetching corpus: 1889, signal 109610/133400 (executing program) 2021/06/21 23:15:28 fetching corpus: 1939, signal 110814/134540 (executing program) 2021/06/21 23:15:29 fetching corpus: 1989, signal 111641/135548 (executing program) 2021/06/21 23:15:29 fetching corpus: 2038, signal 112633/136557 (executing program) 2021/06/21 23:15:29 fetching corpus: 2088, signal 113469/137522 (executing program) 2021/06/21 23:15:29 fetching corpus: 2138, signal 114365/138503 (executing program) 2021/06/21 23:15:29 fetching corpus: 2188, signal 115052/139374 (executing program) 2021/06/21 23:15:29 fetching corpus: 2238, signal 116791/140608 (executing program) 2021/06/21 23:15:29 fetching corpus: 2288, signal 117482/141401 (executing program) 2021/06/21 23:15:29 fetching corpus: 2338, signal 118861/142474 (executing program) 2021/06/21 23:15:29 fetching corpus: 2388, signal 120051/143380 (executing program) 2021/06/21 23:15:29 fetching corpus: 2438, signal 121250/144265 (executing program) 2021/06/21 23:15:29 fetching corpus: 2487, signal 122251/145064 (executing program) 2021/06/21 23:15:30 fetching corpus: 2537, signal 123261/145859 (executing program) 2021/06/21 23:15:30 fetching corpus: 2586, signal 125345/146963 (executing program) 2021/06/21 23:15:30 fetching corpus: 2636, signal 126306/147693 (executing program) 2021/06/21 23:15:30 fetching corpus: 2686, signal 127248/148345 (executing program) 2021/06/21 23:15:30 fetching corpus: 2736, signal 127927/148958 (executing program) 2021/06/21 23:15:30 fetching corpus: 2786, signal 128556/149509 (executing program) 2021/06/21 23:15:30 fetching corpus: 2836, signal 129271/150041 (executing program) 2021/06/21 23:15:30 fetching corpus: 2886, signal 130751/150775 (executing program) 2021/06/21 23:15:30 fetching corpus: 2936, signal 131546/151307 (executing program) 2021/06/21 23:15:31 fetching corpus: 2986, signal 132601/151882 (executing program) 2021/06/21 23:15:31 fetching corpus: 3036, signal 133360/152323 (executing program) 2021/06/21 23:15:31 fetching corpus: 3085, signal 134242/152819 (executing program) 2021/06/21 23:15:31 fetching corpus: 3135, signal 134887/153263 (executing program) 2021/06/21 23:15:31 fetching corpus: 3185, signal 135493/153679 (executing program) 2021/06/21 23:15:31 fetching corpus: 3235, signal 136234/154085 (executing program) 2021/06/21 23:15:31 fetching corpus: 3285, signal 137383/154527 (executing program) 2021/06/21 23:15:31 fetching corpus: 3335, signal 137936/154871 (executing program) 2021/06/21 23:15:31 fetching corpus: 3385, signal 138758/155225 (executing program) 2021/06/21 23:15:32 fetching corpus: 3435, signal 139717/155565 (executing program) 2021/06/21 23:15:32 fetching corpus: 3485, signal 140298/155834 (executing program) 2021/06/21 23:15:32 fetching corpus: 3535, signal 141092/156125 (executing program) 2021/06/21 23:15:32 fetching corpus: 3585, signal 141727/156372 (executing program) 2021/06/21 23:15:32 fetching corpus: 3635, signal 142303/156598 (executing program) 2021/06/21 23:15:32 fetching corpus: 3685, signal 142772/156783 (executing program) 2021/06/21 23:15:32 fetching corpus: 3735, signal 143350/156993 (executing program) 2021/06/21 23:15:32 fetching corpus: 3785, signal 143840/157214 (executing program) 2021/06/21 23:15:32 fetching corpus: 3835, signal 144448/157388 (executing program) 2021/06/21 23:15:32 fetching corpus: 3885, signal 145105/157512 (executing program) 2021/06/21 23:15:33 fetching corpus: 3934, signal 145482/157512 (executing program) 2021/06/21 23:15:33 fetching corpus: 3984, signal 146132/157512 (executing program) 2021/06/21 23:15:33 fetching corpus: 4034, signal 146629/157527 (executing program) 2021/06/21 23:15:33 fetching corpus: 4084, signal 147250/157527 (executing program) 2021/06/21 23:15:33 fetching corpus: 4134, signal 148097/157527 (executing program) 2021/06/21 23:15:33 fetching corpus: 4184, signal 148808/157527 (executing program) 2021/06/21 23:15:33 fetching corpus: 4234, signal 149200/157527 (executing program) 2021/06/21 23:15:33 fetching corpus: 4284, signal 149693/157527 (executing program) 2021/06/21 23:15:33 fetching corpus: 4334, signal 150177/157527 (executing program) 2021/06/21 23:15:33 fetching corpus: 4384, signal 150584/157527 (executing program) 2021/06/21 23:15:33 fetching corpus: 4434, signal 151473/157527 (executing program) 2021/06/21 23:15:33 fetching corpus: 4484, signal 151990/157527 (executing program) 2021/06/21 23:15:33 fetching corpus: 4534, signal 152601/157527 (executing program) 2021/06/21 23:15:33 fetching corpus: 4584, signal 153038/157533 (executing program) 2021/06/21 23:15:33 fetching corpus: 4634, signal 153741/157555 (executing program) 2021/06/21 23:15:34 fetching corpus: 4684, signal 154228/157555 (executing program) 2021/06/21 23:15:34 fetching corpus: 4734, signal 154857/157555 (executing program) 2021/06/21 23:15:34 fetching corpus: 4784, signal 155488/157555 (executing program) 2021/06/21 23:15:34 fetching corpus: 4823, signal 156047/157561 (executing program) 2021/06/21 23:15:34 fetching corpus: 4824, signal 156052/157561 (executing program) 2021/06/21 23:15:34 fetching corpus: 4824, signal 156052/157561 (executing program) 2021/06/21 23:15:35 starting 6 fuzzer processes 23:15:35 executing program 0: r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = epoll_create1(0x0) r2 = epoll_create1(0x0) r3 = dup3(r0, r2, 0x0) r4 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000040)) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f00000001c0)={0x0, 0x3f00}) dup3(r3, r1, 0x0) 23:15:35 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)='fS\a', 0x3}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x34) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x18, r1, 0x0, 0x0) 23:15:35 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = syz_open_dev$loop(&(0x7f0000000040), 0x7f, 0x0) ioctl$BLKPG(r0, 0x80081272, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0}) 23:15:35 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000010400)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000000300)="7f000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x1002, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f00000000c0)='./file0\x00') open(&(0x7f0000000140)='./file0\x00', 0x125142, 0x0) r0 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x141042, 0x0) truncate(&(0x7f0000000040)='./file0\x00', 0x208721) sendfile(r1, r0, 0x0, 0xa198) 23:15:35 executing program 3: r0 = socket$inet(0x2, 0x6000000000000003, 0x6) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000200)='sit0\x00', 0x10) sendto$inet(r0, 0x0, 0x0, 0x404c0c0, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$incfs(0xffffffffffffffff, &(0x7f0000000000)='.log\x00', 0x210000, 0x80) ioctl$BTRFS_IOC_QGROUP_LIMIT(r1, 0x8030942b, &(0x7f0000000100)={0x3, {0x75, 0x6, 0x0, 0x2, 0x5}}) sendto$inet(r0, &(0x7f0000000080), 0xa4f0, 0x0, &(0x7f00000001c0), 0x10) 23:15:35 executing program 4: r0 = add_key$keyring(&(0x7f00000001c0), &(0x7f0000000200)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) keyctl$search(0xa, r0, &(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x3}, 0x0) [ 29.503410][ T25] audit: type=1400 audit(1624317335.772:8): avc: denied { execmem } for pid=1776 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 29.611202][ T1781] cgroup: Unknown subsys name 'perf_event' [ 29.617750][ T1781] cgroup: Unknown subsys name 'net_cls' [ 29.633875][ T1782] cgroup: Unknown subsys name 'perf_event' [ 29.640424][ T1783] cgroup: Unknown subsys name 'perf_event' [ 29.647175][ T1782] cgroup: Unknown subsys name 'net_cls' [ 29.654469][ T1783] cgroup: Unknown subsys name 'net_cls' [ 29.663335][ T1787] cgroup: Unknown subsys name 'perf_event' [ 29.670790][ T1789] cgroup: Unknown subsys name 'perf_event' [ 29.682659][ T1787] cgroup: Unknown subsys name 'net_cls' [ 29.686326][ T1793] cgroup: Unknown subsys name 'perf_event' [ 29.694311][ T1789] cgroup: Unknown subsys name 'net_cls' [ 29.699175][ T1793] cgroup: Unknown subsys name 'net_cls'