Warning: Permanently added '10.128.1.103' (ECDSA) to the list of known hosts. 2021/04/29 23:49:17 fuzzer started 2021/04/29 23:49:17 dialing manager at 10.128.0.163:41661 2021/04/29 23:49:18 syscalls: 1997 2021/04/29 23:49:18 code coverage: enabled 2021/04/29 23:49:18 comparison tracing: enabled 2021/04/29 23:49:18 extra coverage: enabled 2021/04/29 23:49:18 setuid sandbox: enabled 2021/04/29 23:49:18 namespace sandbox: enabled 2021/04/29 23:49:18 Android sandbox: enabled 2021/04/29 23:49:18 fault injection: enabled 2021/04/29 23:49:18 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2021/04/29 23:49:18 net packet injection: /dev/net/tun does not exist 2021/04/29 23:49:18 net device setup: enabled 2021/04/29 23:49:18 concurrency sanitizer: enabled 2021/04/29 23:49:18 devlink PCI setup: PCI device 0000:00:10.0 is not available 2021/04/29 23:49:18 USB emulation: /dev/raw-gadget does not exist 2021/04/29 23:49:18 hci packet injection: /dev/vhci does not exist 2021/04/29 23:49:18 wifi device emulation: /sys/class/mac80211_hwsim/ does not exist 2021/04/29 23:49:18 802.15.4 emulation: /sys/bus/platform/devices/mac802154_hwsim does not exist 2021/04/29 23:49:18 suppressing KCSAN reports in functions: 'blk_mq_rq_ctx_init' 'alloc_pid' 'xas_clear_mark' 'generic_write_end' '__blkdev_put' 'n_tty_receive_buf_common' 'do_signal_stop' '__ext4_new_inode' 'blk_mq_dispatch_rq_list' 'do_nanosleep' 'mm_update_next_owner' 'kauditd_thread' '__process_echoes' 'do_readlinkat' 'tick_nohz_next_event' 'step_into' 'fast_dput' 'ext4_free_inode' '__xa_clear_mark' 'tick_sched_timer' 'blk_mq_sched_dispatch_requests' 2021/04/29 23:49:18 fetching corpus: 0, signal 0/2000 (executing program) 2021/04/29 23:49:18 fetching corpus: 50, signal 12920/16597 (executing program) 2021/04/29 23:49:19 fetching corpus: 100, signal 26023/31041 (executing program) 2021/04/29 23:49:19 fetching corpus: 150, signal 34902/41131 (executing program) syzkaller login: [ 18.879828][ T1800] ================================================================== [ 18.881152][ T1800] BUG: KCSAN: data-race in complete_signal / futex_wait_queue_me [ 18.882390][ T1800] [ 18.882787][ T1800] write to 0xffff88810088f02c of 4 bytes by task 1791 on cpu 1: [ 18.883932][ T1800] futex_wait_queue_me+0x198/0x260 [ 18.884890][ T1800] futex_wait+0x143/0x430 [ 18.885549][ T1800] do_futex+0x9e8/0x1ee0 [ 18.886274][ T1800] __se_sys_futex+0x2a8/0x390 [ 18.886972][ T1800] __x64_sys_futex+0x74/0x80 [ 18.887618][ T1800] do_syscall_64+0x4a/0x90 [ 18.888346][ T1800] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 18.889383][ T1800] [ 18.889716][ T1800] read to 0xffff88810088f02c of 4 bytes by task 1800 on cpu 0: [ 18.890746][ T1800] complete_signal+0x7c/0x600 [ 18.891388][ T1800] __send_signal+0x680/0x760 [ 18.892173][ T1800] send_signal+0x281/0x390 [ 18.892813][ T1800] do_send_specific+0x13d/0x1c0 [ 18.894218][ T1800] __x64_sys_tgkill+0x108/0x140 [ 18.894901][ T1800] do_syscall_64+0x4a/0x90 [ 18.895543][ T1800] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 18.896369][ T1800] [ 18.896711][ T1800] Reported by Kernel Concurrency Sanitizer on: [ 18.897570][ T1800] CPU: 0 PID: 1800 Comm: syz-fuzzer Not tainted 5.12.0-syzkaller #0 [ 18.898656][ T1800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 18.900467][ T1800] ================================================================== 2021/04/29 23:49:19 fetching corpus: 200, signal 39526/46974 (executing program) 2021/04/29 23:49:19 fetching corpus: 250, signal 42617/51276 (executing program) 2021/04/29 23:49:19 fetching corpus: 300, signal 45440/55334 (executing program) 2021/04/29 23:49:19 fetching corpus: 350, signal 48000/59055 (executing program) 2021/04/29 23:49:19 fetching corpus: 400, signal 52666/64574 (executing program) 2021/04/29 23:49:19 fetching corpus: 450, signal 55753/68565 (executing program) 2021/04/29 23:49:19 fetching corpus: 500, signal 60251/73763 (executing program) 2021/04/29 23:49:19 fetching corpus: 550, signal 63210/77508 (executing program) 2021/04/29 23:49:19 fetching corpus: 600, signal 64747/79953 (executing program) 2021/04/29 23:49:19 fetching corpus: 650, signal 67208/83142 (executing program) 2021/04/29 23:49:19 fetching corpus: 700, signal 69190/85862 (executing program) 2021/04/29 23:49:19 fetching corpus: 750, signal 71846/89110 (executing program) 2021/04/29 23:49:19 fetching corpus: 800, signal 73283/91313 (executing program) 2021/04/29 23:49:19 fetching corpus: 850, signal 74544/93332 (executing program) 2021/04/29 23:49:19 fetching corpus: 900, signal 76050/95514 (executing program) 2021/04/29 23:49:19 fetching corpus: 950, signal 77446/97577 (executing program) 2021/04/29 23:49:19 fetching corpus: 1000, signal 79019/99739 (executing program) 2021/04/29 23:49:19 fetching corpus: 1050, signal 80485/101823 (executing program) 2021/04/29 23:49:19 fetching corpus: 1100, signal 82154/103919 (executing program) 2021/04/29 23:49:19 fetching corpus: 1150, signal 83857/106082 (executing program) 2021/04/29 23:49:19 fetching corpus: 1200, signal 85855/108362 (executing program) 2021/04/29 23:49:19 fetching corpus: 1250, signal 87843/110536 (executing program) 2021/04/29 23:49:19 fetching corpus: 1300, signal 89408/112455 (executing program) 2021/04/29 23:49:19 fetching corpus: 1350, signal 91281/114529 (executing program) 2021/04/29 23:49:19 fetching corpus: 1400, signal 92429/116110 (executing program) 2021/04/29 23:49:20 fetching corpus: 1450, signal 94532/118210 (executing program) 2021/04/29 23:49:20 fetching corpus: 1500, signal 95691/119724 (executing program) 2021/04/29 23:49:20 fetching corpus: 1550, signal 96517/121002 (executing program) 2021/04/29 23:49:20 fetching corpus: 1600, signal 98114/122682 (executing program) 2021/04/29 23:49:20 fetching corpus: 1650, signal 99241/124041 (executing program) 2021/04/29 23:49:20 fetching corpus: 1700, signal 100436/125418 (executing program) 2021/04/29 23:49:20 fetching corpus: 1750, signal 101579/126749 (executing program) 2021/04/29 23:49:20 fetching corpus: 1800, signal 102324/127840 (executing program) 2021/04/29 23:49:20 fetching corpus: 1850, signal 103331/129079 (executing program) 2021/04/29 23:49:20 fetching corpus: 1900, signal 104065/130083 (executing program) 2021/04/29 23:49:20 fetching corpus: 1950, signal 105554/131511 (executing program) 2021/04/29 23:49:20 fetching corpus: 2000, signal 106371/132529 (executing program) 2021/04/29 23:49:20 fetching corpus: 2050, signal 106910/133418 (executing program) 2021/04/29 23:49:20 fetching corpus: 2100, signal 107936/134525 (executing program) 2021/04/29 23:49:20 fetching corpus: 2150, signal 108836/135533 (executing program) 2021/04/29 23:49:20 fetching corpus: 2200, signal 109994/136639 (executing program) 2021/04/29 23:49:20 fetching corpus: 2250, signal 110716/137498 (executing program) 2021/04/29 23:49:20 fetching corpus: 2300, signal 111310/138292 (executing program) 2021/04/29 23:49:20 fetching corpus: 2350, signal 111841/139064 (executing program) 2021/04/29 23:49:20 fetching corpus: 2400, signal 113332/140175 (executing program) 2021/04/29 23:49:20 fetching corpus: 2450, signal 114337/141096 (executing program) 2021/04/29 23:49:20 fetching corpus: 2500, signal 115065/141923 (executing program) 2021/04/29 23:49:20 fetching corpus: 2550, signal 115733/142678 (executing program) 2021/04/29 23:49:20 fetching corpus: 2600, signal 116574/143482 (executing program) 2021/04/29 23:49:20 fetching corpus: 2650, signal 117629/144304 (executing program) 2021/04/29 23:49:20 fetching corpus: 2700, signal 118242/145026 (executing program) 2021/04/29 23:49:20 fetching corpus: 2750, signal 118879/145698 (executing program) 2021/04/29 23:49:20 fetching corpus: 2800, signal 119616/146378 (executing program) 2021/04/29 23:49:21 fetching corpus: 2850, signal 120522/147123 (executing program) 2021/04/29 23:49:21 fetching corpus: 2900, signal 121084/147708 (executing program) 2021/04/29 23:49:21 fetching corpus: 2950, signal 122234/148406 (executing program) 2021/04/29 23:49:21 fetching corpus: 3000, signal 122972/149004 (executing program) 2021/04/29 23:49:21 fetching corpus: 3050, signal 123795/149615 (executing program) 2021/04/29 23:49:21 fetching corpus: 3100, signal 124517/150211 (executing program) 2021/04/29 23:49:21 fetching corpus: 3150, signal 124998/150719 (executing program) 2021/04/29 23:49:21 fetching corpus: 3200, signal 125616/151209 (executing program) 2021/04/29 23:49:21 fetching corpus: 3250, signal 126140/151664 (executing program) 2021/04/29 23:49:21 fetching corpus: 3300, signal 126922/152169 (executing program) 2021/04/29 23:49:21 fetching corpus: 3350, signal 127371/152609 (executing program) 2021/04/29 23:49:21 fetching corpus: 3400, signal 128146/153116 (executing program) 2021/04/29 23:49:21 fetching corpus: 3450, signal 128770/153508 (executing program) 2021/04/29 23:49:21 fetching corpus: 3500, signal 129271/153922 (executing program) 2021/04/29 23:49:21 fetching corpus: 3550, signal 129944/154308 (executing program) 2021/04/29 23:49:21 fetching corpus: 3600, signal 130683/154680 (executing program) 2021/04/29 23:49:21 fetching corpus: 3650, signal 131137/155058 (executing program) 2021/04/29 23:49:21 fetching corpus: 3700, signal 131675/155412 (executing program) 2021/04/29 23:49:21 fetching corpus: 3750, signal 132222/155725 (executing program) 2021/04/29 23:49:21 fetching corpus: 3800, signal 132878/156031 (executing program) 2021/04/29 23:49:21 fetching corpus: 3850, signal 133362/156333 (executing program) 2021/04/29 23:49:21 fetching corpus: 3900, signal 133808/156393 (executing program) 2021/04/29 23:49:21 fetching corpus: 3950, signal 134591/156393 (executing program) 2021/04/29 23:49:21 fetching corpus: 4000, signal 135500/156393 (executing program) 2021/04/29 23:49:21 fetching corpus: 4050, signal 136236/156393 (executing program) 2021/04/29 23:49:21 fetching corpus: 4100, signal 136871/156401 (executing program) 2021/04/29 23:49:21 fetching corpus: 4150, signal 137385/156401 (executing program) 2021/04/29 23:49:21 fetching corpus: 4200, signal 137953/156401 (executing program) 2021/04/29 23:49:21 fetching corpus: 4250, signal 138597/156401 (executing program) 2021/04/29 23:49:21 fetching corpus: 4300, signal 139325/156402 (executing program) 2021/04/29 23:49:21 fetching corpus: 4350, signal 139718/156402 (executing program) 2021/04/29 23:49:22 fetching corpus: 4400, signal 140185/156402 (executing program) 2021/04/29 23:49:22 fetching corpus: 4450, signal 140675/156402 (executing program) 2021/04/29 23:49:22 fetching corpus: 4500, signal 141446/156402 (executing program) 2021/04/29 23:49:22 fetching corpus: 4550, signal 142576/156402 (executing program) 2021/04/29 23:49:22 fetching corpus: 4600, signal 143296/156402 (executing program) 2021/04/29 23:49:22 fetching corpus: 4650, signal 143863/156402 (executing program) 2021/04/29 23:49:22 fetching corpus: 4700, signal 144509/156402 (executing program) 2021/04/29 23:49:22 fetching corpus: 4750, signal 145075/156402 (executing program) 2021/04/29 23:49:22 fetching corpus: 4800, signal 145955/156402 (executing program) 2021/04/29 23:49:22 fetching corpus: 4850, signal 146492/156402 (executing program) 2021/04/29 23:49:22 fetching corpus: 4900, signal 146802/156402 (executing program) 2021/04/29 23:49:22 fetching corpus: 4950, signal 147241/156402 (executing program) 2021/04/29 23:49:22 fetching corpus: 5000, signal 147886/156402 (executing program) 2021/04/29 23:49:22 fetching corpus: 5050, signal 148281/156402 (executing program) 2021/04/29 23:49:22 fetching corpus: 5100, signal 148874/156402 (executing program) 2021/04/29 23:49:22 fetching corpus: 5150, signal 149405/156402 (executing program) 2021/04/29 23:49:22 fetching corpus: 5200, signal 150012/156402 (executing program) 2021/04/29 23:49:22 fetching corpus: 5250, signal 150427/156402 (executing program) 2021/04/29 23:49:22 fetching corpus: 5300, signal 150878/156402 (executing program) 2021/04/29 23:49:22 fetching corpus: 5350, signal 151152/156402 (executing program) 2021/04/29 23:49:22 fetching corpus: 5400, signal 151679/156402 (executing program) 2021/04/29 23:49:22 fetching corpus: 5450, signal 152178/156402 (executing program) 2021/04/29 23:49:22 fetching corpus: 5500, signal 152753/156402 (executing program) 2021/04/29 23:49:22 fetching corpus: 5550, signal 153467/156402 (executing program) 2021/04/29 23:49:22 fetching corpus: 5600, signal 153866/156402 (executing program) 2021/04/29 23:49:22 fetching corpus: 5650, signal 154193/156402 (executing program) 2021/04/29 23:49:22 fetching corpus: 5700, signal 154564/156402 (executing program) 2021/04/29 23:49:22 fetching corpus: 5738, signal 154826/156402 (executing program) 2021/04/29 23:49:22 fetching corpus: 5738, signal 154826/156402 (executing program) 2021/04/29 23:49:24 starting 6 fuzzer processes 23:49:24 executing program 0: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = memfd_create(&(0x7f0000000100)='\xb8.\xa5\xd7o\xe02\xe3\aC\xdb\xf6O\x16\xa3\xdd\xb0\x92hia\xf2\xc3\xa3\xd9\xee\xd9s\x92\f]#\x1a:\xdc\xdf\x8c\xdd\xcd\x13\x9d\x98\xf8I\x15\x87\xde\x9c\xa7\xf3\xa4%r\x93\xac\xa9\x03R\x8f9\xa7\xd1\x00bn\x1f\xf5\x00\x84\xd9\x1a\xf0\xc4\x9e\xc1\xbe=\xac\x88\xfb\x92\x10\x85\xe6\xb0\x8d\x997T)X?\x16\xc1\x02\x17A\xa5\xee\xb9\xea\x91\xc9\xff$\x06Yu\xeb\xda\xb5\rrN\x00'/128, 0x0) r2 = dup2(r0, r1) mmap(&(0x7f0000200000/0x400000)=nil, 0x400002, 0x0, 0x2011, r1, 0x0) ioctl$PERF_EVENT_IOC_RESET(r2, 0x2403, 0x0) 23:49:24 executing program 1: r0 = gettid() r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) read(r1, &(0x7f0000000080)=""/238, 0xee) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000040)={0x1}) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r1, 0xc058534f, &(0x7f0000000240)) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r1, 0x80045301, 0x0) tkill(r0, 0x7) 23:49:24 executing program 5: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) r1 = epoll_create(0x40) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000001340)) poll(&(0x7f0000000100)=[{r1}], 0x1, 0x0) 23:49:24 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000001240), 0x0, &(0x7f0000001400)={[{@fat=@gid={'gid', 0x3d, 0xffffffffffffffff}}]}) 23:49:24 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="3400000024002f01000000000000000000000000060004"], 0x34}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0xf1, 0x0) 23:49:24 executing program 4: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) dup3(r1, r0, 0x0) io_setup(0x40000000008, &(0x7f0000000240)=0x0) io_submit(r2, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x8, 0x7, 0x0, r0, 0x0}]) [ 24.067551][ T25] audit: type=1400 audit(1619740164.193:8): avc: denied { execmem } for pid=1805 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 24.150933][ T1811] cgroup: Unknown subsys name 'perf_event' [ 24.157352][ T1811] cgroup: Unknown subsys name 'net_cls' [ 24.249437][ T1813] cgroup: Unknown subsys name 'perf_event' [ 24.255448][ T1813] cgroup: Unknown subsys name 'net_cls' [ 24.280227][ T1816] cgroup: Unknown subsys name 'perf_event' [ 24.280461][ T1814] cgroup: Unknown subsys name 'perf_event' [ 24.286139][ T1816] cgroup: Unknown subsys name 'net_cls' [ 24.306377][ T1821] cgroup: Unknown subsys name 'perf_event' [ 24.306414][ T1820] cgroup: Unknown subsys name 'perf_event' [ 24.315132][ T1821] cgroup: Unknown subsys name 'net_cls' [ 24.323018][ T1814] cgroup: Unknown subsys name 'net_cls' [ 24.339595][ T1820] cgroup: Unknown subsys name 'net_cls' 23:49:28 executing program 0: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = memfd_create(&(0x7f0000000100)='\xb8.\xa5\xd7o\xe02\xe3\aC\xdb\xf6O\x16\xa3\xdd\xb0\x92hia\xf2\xc3\xa3\xd9\xee\xd9s\x92\f]#\x1a:\xdc\xdf\x8c\xdd\xcd\x13\x9d\x98\xf8I\x15\x87\xde\x9c\xa7\xf3\xa4%r\x93\xac\xa9\x03R\x8f9\xa7\xd1\x00bn\x1f\xf5\x00\x84\xd9\x1a\xf0\xc4\x9e\xc1\xbe=\xac\x88\xfb\x92\x10\x85\xe6\xb0\x8d\x997T)X?\x16\xc1\x02\x17A\xa5\xee\xb9\xea\x91\xc9\xff$\x06Yu\xeb\xda\xb5\rrN\x00'/128, 0x0) r2 = dup2(r0, r1) mmap(&(0x7f0000200000/0x400000)=nil, 0x400002, 0x0, 0x2011, r1, 0x0) ioctl$PERF_EVENT_IOC_RESET(r2, 0x2403, 0x0) 23:49:28 executing program 0: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = memfd_create(&(0x7f0000000100)='\xb8.\xa5\xd7o\xe02\xe3\aC\xdb\xf6O\x16\xa3\xdd\xb0\x92hia\xf2\xc3\xa3\xd9\xee\xd9s\x92\f]#\x1a:\xdc\xdf\x8c\xdd\xcd\x13\x9d\x98\xf8I\x15\x87\xde\x9c\xa7\xf3\xa4%r\x93\xac\xa9\x03R\x8f9\xa7\xd1\x00bn\x1f\xf5\x00\x84\xd9\x1a\xf0\xc4\x9e\xc1\xbe=\xac\x88\xfb\x92\x10\x85\xe6\xb0\x8d\x997T)X?\x16\xc1\x02\x17A\xa5\xee\xb9\xea\x91\xc9\xff$\x06Yu\xeb\xda\xb5\rrN\x00'/128, 0x0) r2 = dup2(r0, r1) mmap(&(0x7f0000200000/0x400000)=nil, 0x400002, 0x0, 0x2011, r1, 0x0) ioctl$PERF_EVENT_IOC_RESET(r2, 0x2403, 0x0) [ 28.212725][ T4515] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 28.243795][ T4529] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. 23:49:28 executing program 0: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = memfd_create(&(0x7f0000000100)='\xb8.\xa5\xd7o\xe02\xe3\aC\xdb\xf6O\x16\xa3\xdd\xb0\x92hia\xf2\xc3\xa3\xd9\xee\xd9s\x92\f]#\x1a:\xdc\xdf\x8c\xdd\xcd\x13\x9d\x98\xf8I\x15\x87\xde\x9c\xa7\xf3\xa4%r\x93\xac\xa9\x03R\x8f9\xa7\xd1\x00bn\x1f\xf5\x00\x84\xd9\x1a\xf0\xc4\x9e\xc1\xbe=\xac\x88\xfb\x92\x10\x85\xe6\xb0\x8d\x997T)X?\x16\xc1\x02\x17A\xa5\xee\xb9\xea\x91\xc9\xff$\x06Yu\xeb\xda\xb5\rrN\x00'/128, 0x0) r2 = dup2(r0, r1) mmap(&(0x7f0000200000/0x400000)=nil, 0x400002, 0x0, 0x2011, r1, 0x0) ioctl$PERF_EVENT_IOC_RESET(r2, 0x2403, 0x0) 23:49:28 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="3400000024002f01000000000000000000000000060004"], 0x34}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0xf1, 0x0) [ 28.276730][ T25] audit: type=1326 audit(1619740168.405:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=4539 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665f9 code=0x0 23:49:28 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="3400000024002f01000000000000000000000000060004"], 0x34}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0xf1, 0x0) 23:49:28 executing program 2: syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000001240), 0x0, &(0x7f0000001400)={[{@fat=@gid={'gid', 0x3d, 0xffffffffffffffff}}]}) [ 28.325473][ T4559] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. 23:49:28 executing program 0: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = memfd_create(&(0x7f0000000100)='\xb8.\xa5\xd7o\xe02\xe3\aC\xdb\xf6O\x16\xa3\xdd\xb0\x92hia\xf2\xc3\xa3\xd9\xee\xd9s\x92\f]#\x1a:\xdc\xdf\x8c\xdd\xcd\x13\x9d\x98\xf8I\x15\x87\xde\x9c\xa7\xf3\xa4%r\x93\xac\xa9\x03R\x8f9\xa7\xd1\x00bn\x1f\xf5\x00\x84\xd9\x1a\xf0\xc4\x9e\xc1\xbe=\xac\x88\xfb\x92\x10\x85\xe6\xb0\x8d\x997T)X?\x16\xc1\x02\x17A\xa5\xee\xb9\xea\x91\xc9\xff$\x06Yu\xeb\xda\xb5\rrN\x00'/128, 0x0) r2 = dup2(r0, r1) mmap(&(0x7f0000200000/0x400000)=nil, 0x400002, 0x0, 0x2011, r1, 0x0) ioctl$PERF_EVENT_IOC_RESET(r2, 0x2403, 0x0) [ 28.374512][ T4568] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. 23:49:28 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="3400000024002f01000000000000000000000000060004"], 0x34}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0xf1, 0x0) [ 28.478494][ T4593] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.