program: r0 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000100), 0x2) r1 = memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\xdenJ\xeb\x87\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38\x14\xcb\xfa\xb3j\x92\f\xe0\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf0\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x2) getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x6d, 0x0, 0x0) ftruncate(r1, 0xffff) fcntl$addseals(r1, 0x409, 0x7) r2 = ioctl$UDMABUF_CREATE(r0, 0x40187542, &(0x7f0000000140)={r1, 0x1, 0x0, 0x4000}) mmap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x200001a, 0x12, r2, 0xffffe000) pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r5 = socket$alg(0x26, 0x5, 0x0) bind$alg(r5, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'md5-generic\x00'}, 0x58) write$9p(r4, &(0x7f00000014c0)="ed81eace046c1a05e71568d0a0529ee2969e26b458896417047e561d670e2bf7e08d0090d0d67deb38ebcd366b1c35af582b237e265a61ba59a50e2cc03faf5c57e67dacc6191d6cc1881b77dcbab21e2ffbbd1f08464465b2d87d7bb610d55d40b20887d6d02465bf2bf70d0286aa120c12bbbcad0966bc7d30c0495c4a75eb1efffcc7b1544eeb45ef9052ef89517bdc596d4929870b9e2994c2d449d4e437c2a6b6916333edcb18d15f8206f5f4fcf7fdd34eb59833724c11abb547f4f043c1200b3f5024956c6fdf9f601328b3b8d2c4a53c19b8c80138ace22dce48999a190305c38e0541588247d5f48a56b459a518ed52a18ea70f44a4636957259bc751a4bdccfacfddec5c5916d525a337751a0a906b2d849a9b7608fd076b4e436c0153777025e6d220b95ce74094ec1ecee78d08413c669864d101e7a84a5e1323019072bfdc5ef92e8dce58d43816e44bd218c840f3f234c98bd6b7fc87ead52ea0a36fc78e3597a4c7a6662591a0cedeb320b7100dc97be1165e8a64b6fd781c6e25a203b717a0a788db06e4712b291e8d2ace17d764b2b2db9374bdcff2a4e1d59ed82971ad790ed21a8d5c4dd720b6641d7bf610400c198618de84be8acf7f6e3fd6fd20c1f15ee50103cee9e8c971e45c1f1a59095d0ea615756e4557a1aed4c6df42fe433ce9339b7fee0673e15f1835d21fa757ba98fb63d7b23cc9e1865dd6711f68f972d72ffd8cf283a2448bd76ee8eef30f0c49a9ab7ea49c97c82d3e2da6803e4d869af375f1352315ff303a2e9f58f822b7fd3dcd35b2caf6a2d8550ae37a9f48c8fb696404ed7d280690ae494d79abcbdadc3e29b23e274804d2cdbce6cdad0ef71bdef3a6574e25cd6bccc757c851f34d9b231ec4ce34bd98af6bb4b187e68ab4b4cce495f680ecacd14892a4c85d19d2f94c9708c624218881050bd69431f4d1743bf70b50778210d3dd92bee06fb6132be75095446d223561686da452c734a6cc457e26e10b689ddb9229fc8306867e6e8ea54a60195fd3e870e123d06ea8f4a3fe376765f897d37d08421008c909e1657df670c9c2ebaba406cec636529522d36a5ae6dda831c6d984312527b79c6cbfe9dbb3d3e774e605abe3ad3913897b7b28480b91cd4f4f9bf2e369bf39064ebe46d5a2bf7ebcaf193440f12e5e397b394512c1bf087e4f47f1435c850846570c9fcdcd5c1218ef57356c15484888b7373554ffd8e15fbd1edc5e27135248a96d23dbfb12a69292cebe44387daf231406f70b5e58bb528b803c74f5eeee7eef86b5b38cdf54940fad61ba52802656475fc8a46b40dd086d5a99ce4bca8665bd5c4bf3f3923a4cb0b1774c5a4d16065bdad24d7627e53b01e982207db21b4315bc2acfe2dcde84850c01342cb49ba62d0749958abc8b437d60123ff8fa35215bd03772f437589d79a81ce06b82b64318b4800b52bda1e3a110c181c5d6765faea8ec48dfa46777b135185a2e45e8a8fa51c0edaa9dbbb1e5ca62cbfd0642719722919eb751e86ffe2461d126680275f08259c6c4a833601cc84e075f998518d1779d1cc5fe89e904ad1e6362c57e7b1e870a2cc050fe56a4c7c51e5b095755d261e2b3f99b6fa98cfc4c82de6660d8e29de314111e28a5c3cdfc5e9d30a0662151d42dbd284f5d2be18a20ee9536b67a58eabaa009075a24bef7af33fd4b013285887ae29388e2da3a17809bf9d87e809c50f24a42b807b87d79cf14ab4063a27ef8961caae47deb6c9d33a7643dd0f7e2a0bfc563c88a55cd9fa6fd89cd6da07a9e515bafdd14c4836ce9d329ef069696c742c26cb96971563bdbc1da39c96eff05154fbfe0d7440a7d65d48c0b1d2bf3271229ea0d0553435e15dd34cc671689f70a4dc3fc8f9956ab859b6caf37149559f803b0e8bcec066672daef72e4db6d78ca908693de042296143db22ea7eb3cd184f96d3050c288df438a1961eb3a0862bd00a7c5e45c4fab73576e92d3d1fba9ee44c7eabe447fdfb542176daf96297286d48fdad8bef70dee8cfb6a1c9f666496edc5a79fa41d24e6a5f7dc8dc31925b716b322f7b2592b0cf77c86033867d98752c3f24601b7993f93ed4182eca4774b04f1d44ad676c2b14cc3cf546a9a8957efd7fc70fd27e1932196e32c56ad952d9f1af7d838b787f12624e014cc681f0a9239b74b6e5e51b7b35a8fad63e28abbd5fdb9691ae8a39528d7e194a4404d7b3d35fbe1c0c62afa18f0cf21da56c309ee076e921155778bc978dbf96e601e81c7d9067aefac95a380d18e0a074c084e2f5c4d616509e7d1f591328b995c79cb88316935eec5a45bebb411dd50d785b12961e5e185dbe20d8973c25c3cfaf50d5bbb58aaaebe1aa8799adf29f5629960402d36e9e2a651051e458d5d32f0ef362f07eff6a00cfe6d8711143b933d82299577aeab4cc28087ab2472fa14cd46e508140ac6bf787786154fd158641b1bd323c26d7f424d3a77a5f4c5241fcfb9896a2c969717d3d45fe2ed2af1a63ec746803f3427518848cf28574c5d8440673637a7741c962f67bbee7125129a55e2029d1a1b928686deecb18cd80f49b3d4d4fd8d0571e793b7b741693b83139cd7692522b2e64e5df9d15f55c0c7037b16896db792c45fb0fb741497e67b740cb27a31a5edcbfd5b9568cd6fd725a1ce8fcabae9c5beb8a0e4a8ac2f5aa18b9e71c98a6908ae3f6b2b78e8f7d13dd077eaae9b36663824e4f1c04255dbd9e5340542d0574bf1005a44b61529d2f3bf4f5b9d1128e922ef48182bf5902a69cbaaba7fbdc2e5f41936213c1fb6b8ff7865c17c96c5c871342c060ba00d0fac03778b468dcdf966166aebcff4a722a2530e0a5f9a0e81b1ff21037d8f12a45c4d92558d184404558f25c1615b4c09ca570ad5b50c27ded944756eedc704e50f77aaf77dea599e2775c13c5e3874755d7a74dd35c690601c4a1fc572daf30ec5b4c1ffd9c5d2d8dbe8a945047b11bea51e9df4c6402192b00d30f01a684281167499a8b5a3658fcb7ce7a12198f4acb2e3941644b3e8f05c294e1348c35c1c3b072b8a64c87353dfa75b360c808ec3fee2d819affe854ac97469664368b718ab939481d9b60ac8778e9c6fbb391d4f493a04b6cc1cd7d13b9d95fec487a433d940c79e8bf95e8a4e2bd61a0ebc281cc4c5447543b127f8d4babd920cf1319309d7fd16eadd7ca64e4c1639907e636a4ca7f884e602e578a8253112656ad3d11805ed6f4a8dd0f76357502721c31d70d74c3cc98495083ba4618e9349726f889d07da346a2cbad32b9bc5fc1a1239fff9ddbd900092f4205d9fed4752ae0acdda79954700f8330fa26a85966a679f172e956d4a69055c6af0afbc0928f1a50264e4e5e474057449e33856ff1972b49f0657dbcfdf5c188126fbe3a39093be074607c696b45fcf7b76e2073bc5d49c6c66eedc0088f2cee43a735e127876bb12d79bb9413fd1b06c99266e3bc599287e1c26a91dee9049cf28288a1184521f99c456ec7ee77209a2ce9733fecc335fc9d5a8cf925874bf1d42ef107fc63d17caa763370d00acb9d5373fe5357a03c26e6380c2acb22043b5ca323dd77ce55a3c4f80ac3b553d4dd7780269e7288e3cc79168608b807376f3e6ac707c1db2ed873b8207bc86477bfd54db83cab2ff2b6f0002c857cb2ff42b0757a2d09d2821e6037169031dcd8b5b36c78abd3cfad1ad21e883f5e10e79e40fc46d02267d0cfb64c0ebfb63ae0ab1f915711e6574fb6f5a6fb99af09ce44e8d59a744c71e57c416b14f59b939fb3ff7e73742dc04091c81bae5fc5c44bfecc695a77a15b8e3612127eeb5c65acaaacce4b9628e89346130749080826063617aca1789a3071a3ff3b5cf5fc05320154b10caaca979fed27c586d3132d06266cb1daa7bc229509bd10132345bccc79fc49e261cff540116ac7f7ce60b86f7834aa0a6299e321c6e02f8019b62bde9bb4367a2f8109a35a376533779572c0f88750e012e6fccc216075906ec85dffdc51fbdc77f3946ceb24c7ff74b6dae3f4fb7126d8fbbe3923447fd19b23447d643781e91324f0192", 0xb44) r6 = accept4$alg(r5, 0x0, 0x0, 0x80000) splice(r3, 0x0, r6, 0x0, 0x20000000000002, 0x2) [ 139.907961][ T5323] Bluetooth: hci0: command tx timeout [ 139.960221][ T5341] ------------[ cut here ]------------ [ 139.962761][ T5341] ((d_inode(path->dentry))->i_flags & (1 << 19)) && !(path->mnt->mnt_sb->s_iflags & 0x00000002) [ 139.962772][ T5341] WARNING: fs/exec.c:119 at path_noexec+0x1af/0x200, CPU#0: syz.0.0/5341 [ 139.971493][ T5341] Modules linked in: [ 139.973210][ T5341] CPU: 0 UID: 0 PID: 5341 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 139.977234][ T5341] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.981549][ T5341] RIP: 0010:path_noexec+0x1af/0x200 [ 139.983839][ T5341] Code: 02 31 ff 48 89 de e8 c0 64 82 ff d1 eb eb 07 e8 d7 5f 82 ff b3 01 89 d8 5b 41 5e 41 5f 5d c3 cc cc cc cc cc e8 c2 5f 82 ff 90 <0f> 0b 90 e9 48 ff ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c a6 [ 139.992248][ T5341] RSP: 0018:ffffc9000a567bd8 EFLAGS: 00010287 [ 139.994913][ T5341] RAX: ffffffff8242272e RBX: ffff888036fef940 RCX: 0000000000100000 [ 139.999495][ T5341] RDX: ffffc90020802000 RSI: 0000000000000062 RDI: 0000000000000063 [ 140.002966][ T5341] RBP: 0000000000080000 R08: ffff888000268000 R09: 0000000000000003 [ 140.006513][ T5341] R10: 0000000000000003 R11: 0000000000000002 R12: 0000000000000001 [ 140.009736][ T5341] R13: 1ffff920014acf90 R14: 0000000000000000 R15: dffffc0000000000 [ 140.013049][ T5341] FS: 00007f0d02c776c0(0000) GS:ffff88808ccea000(0000) knlGS:0000000000000000 [ 140.017119][ T5341] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.019678][ T5341] CR2: 00007f0d01f12440 CR3: 00000000123b6000 CR4: 0000000000352ef0 [ 140.023090][ T5341] Call Trace: [ 140.024509][ T5341] [ 140.026001][ T5341] do_mmap+0xa32/0x10c0 [ 140.027917][ T5341] ? __pfx_do_mmap+0x10/0x10 [ 140.029875][ T5341] ? down_write_killable+0x180/0x240 [ 140.032138][ T5341] ? __pfx_down_write_killable+0x10/0x10 [ 140.034401][ T5341] ? apparmor_mmap_file+0x23e/0x2b0 [ 140.036740][ T5341] vm_mmap_pgoff+0x2c9/0x4f0 [ 140.038737][ T5341] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 140.041010][ T5341] ? __fget_files+0x2a/0x420 [ 140.043069][ T5341] ? __fget_files+0x3a0/0x420 [ 140.045101][ T5341] ? __fget_files+0x2a/0x420 [ 140.047361][ T5341] ksys_mmap_pgoff+0x51e/0x760 [ 140.049461][ T5341] do_syscall_64+0xe2/0xf80 [ 140.051349][ T5341] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 140.054045][ T5341] ? trace_irq_disable+0x37/0x100 [ 140.056419][ T5341] ? clear_bhb_loop+0x60/0xb0 [ 140.058454][ T5341] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 140.061029][ T5341] RIP: 0033:0x7f0d01d9aeb9 [ 140.062953][ T5341] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 140.071126][ T5341] RSP: 002b:00007f0d02c77028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 140.074556][ T5341] RAX: ffffffffffffffda RBX: 00007f0d02015fa0 RCX: 00007f0d01d9aeb9 [ 140.078038][ T5341] RDX: 000000000200001a RSI: 0000000000001000 RDI: 0000200000002000 [ 140.081375][ T5341] RBP: 00007f0d01e08c1f R08: 0000000000000005 R09: 00000000ffffe000 [ 140.084584][ T5341] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000000 [ 140.088082][ T5341] R13: 00007f0d02016038 R14: 00007f0d02015fa0 R15: 00007ffcb672d5f8 [ 140.091820][ T5341] [ 140.093252][ T5341] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 140.096286][ T5341] CPU: 0 UID: 0 PID: 5341 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 140.100156][ T5341] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.104591][ T5341] Call Trace: [ 140.106060][ T5341] [ 140.107216][ T5341] vpanic+0x1e0/0x670 [ 140.108922][ T5341] panic+0xc5/0xd0 [ 140.110813][ T5341] ? __pfx_panic+0x10/0x10 [ 140.112881][ T5341] __warn+0x315/0x4a0 [ 140.114575][ T5341] ? path_noexec+0x1af/0x200 [ 140.116502][ T5341] ? path_noexec+0x1af/0x200 [ 140.118441][ T5341] __report_bug+0x29a/0x540 [ 140.120280][ T5341] ? path_noexec+0x1af/0x200 [ 140.122209][ T5341] ? __pfx___report_bug+0x10/0x10 [ 140.124312][ T5341] ? futex_unqueue+0x211/0x240 [ 140.126435][ T5341] ? arch_get_unmapped_area_topdown+0x264/0xb60 [ 140.129096][ T5341] ? path_noexec+0x1af/0x200 [ 140.131088][ T5341] report_bug+0x16a/0x220 [ 140.133023][ T5341] ? path_noexec+0x1af/0x200 [ 140.134974][ T5341] ? path_noexec+0x1b1/0x200 [ 140.137095][ T5341] handle_bug+0x98/0x200 [ 140.138924][ T5341] exc_invalid_op+0x1a/0x50 [ 140.140890][ T5341] asm_exc_invalid_op+0x1a/0x20 [ 140.142998][ T5341] RIP: 0010:path_noexec+0x1af/0x200 [ 140.145199][ T5341] Code: 02 31 ff 48 89 de e8 c0 64 82 ff d1 eb eb 07 e8 d7 5f 82 ff b3 01 89 d8 5b 41 5e 41 5f 5d c3 cc cc cc cc cc e8 c2 5f 82 ff 90 <0f> 0b 90 e9 48 ff ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c a6 [ 140.153323][ T5341] RSP: 0018:ffffc9000a567bd8 EFLAGS: 00010287 [ 140.155684][ T5341] RAX: ffffffff8242272e RBX: ffff888036fef940 RCX: 0000000000100000 [ 140.159360][ T5341] RDX: ffffc90020802000 RSI: 0000000000000062 RDI: 0000000000000063 [ 140.162677][ T5341] RBP: 0000000000080000 R08: ffff888000268000 R09: 0000000000000003 [ 140.165828][ T5341] R10: 0000000000000003 R11: 0000000000000002 R12: 0000000000000001 [ 140.169149][ T5341] R13: 1ffff920014acf90 R14: 0000000000000000 R15: dffffc0000000000 [ 140.172403][ T5341] ? path_noexec+0x1ae/0x200 [ 140.174369][ T5341] ? path_noexec+0x1ae/0x200 [ 140.176300][ T5341] do_mmap+0xa32/0x10c0 [ 140.178040][ T5341] ? __pfx_do_mmap+0x10/0x10 [ 140.179871][ T5341] ? down_write_killable+0x180/0x240 [ 140.182206][ T5341] ? __pfx_down_write_killable+0x10/0x10 [ 140.184706][ T5341] ? apparmor_mmap_file+0x23e/0x2b0 [ 140.186896][ T5341] vm_mmap_pgoff+0x2c9/0x4f0 [ 140.189057][ T5341] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 140.191465][ T5341] ? __fget_files+0x2a/0x420 [ 140.193645][ T5341] ? __fget_files+0x3a0/0x420 [ 140.195767][ T5341] ? __fget_files+0x2a/0x420 [ 140.197927][ T5341] ksys_mmap_pgoff+0x51e/0x760 [ 140.199951][ T5341] do_syscall_64+0xe2/0xf80 [ 140.201999][ T5341] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 140.204796][ T5341] ? trace_irq_disable+0x37/0x100 [ 140.207677][ T5341] ? clear_bhb_loop+0x60/0xb0 [ 140.210028][ T5341] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 140.212507][ T5341] RIP: 0033:0x7f0d01d9aeb9 [ 140.214601][ T5341] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 140.222185][ T5341] RSP: 002b:00007f0d02c77028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 140.225559][ T5341] RAX: ffffffffffffffda RBX: 00007f0d02015fa0 RCX: 00007f0d01d9aeb9 [ 140.228996][ T5341] RDX: 000000000200001a RSI: 0000000000001000 RDI: 0000200000002000 [ 140.232284][ T5341] RBP: 00007f0d01e08c1f R08: 0000000000000005 R09: 00000000ffffe000 [ 140.235583][ T5341] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000000 [ 140.239063][ T5341] R13: 00007f0d02016038 R14: 00007f0d02015fa0 R15: 00007ffcb672d5f8 [ 140.242576][ T5341] [ 140.244324][ T5341] Kernel Offset: disabled [ 140.246214][ T5341] Rebooting in 86400 seconds..