, 0x0, 0x0, 0x0, &(0x7f000000c000)=ANY=[@ANYRES32=0xee00], 0x130}}], 0x1, 0x0)

02:05:55 executing program 0:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x0)
pipe2(&(0x7f0000000d00)={<r1=>0xffffffffffffffff}, 0x0)
dup2(r1, r0)

02:05:55 executing program 3:
r0 = io_uring_setup(0x26af, &(0x7f0000000200))
r1 = eventfd(0x0)
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r0, 0x7, &(0x7f0000000280)=r1, 0x1)

02:05:55 executing program 5:
r0 = io_uring_setup(0x1e, &(0x7f0000000080))
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
r1 = io_uring_setup(0x1e, &(0x7f0000000080))
io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
r2 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r1, 0xa, 0x0, r2)

02:05:56 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000), 0xffff, 0x100100)
preadv(r0, &(0x7f0000000340)=[{&(0x7f00000000c0)=""/228, 0xe4}], 0x1, 0x0, 0x0)

02:05:56 executing program 0:
io_uring_setup(0x1e, &(0x7f0000000080)={0x0, 0x10006989, 0x8})

02:05:56 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001c80)={<r0=>0xffffffffffffffff})
recvfrom$unix(r0, 0x0, 0x0, 0x10002, 0x0, 0x0)

02:05:56 executing program 3:
r0 = io_uring_setup(0x1e, &(0x7f0000000080))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0x5, 0x7, 0x0)

02:05:56 executing program 5:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001c80)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmmsg$unix(r0, &(0x7f0000016400)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f000000c000)=ANY=[], 0x130}}], 0x1, 0x0)

02:05:56 executing program 0:
r0 = socket(0x23, 0x5, 0x0)
sendmsg$nl_crypto(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x110}}, 0x80)

02:05:56 executing program 4:
io_setup(0x1b, &(0x7f0000000000)=<r0=>0x0)
pipe2(&(0x7f0000000d00)={<r1=>0xffffffffffffffff}, 0x0)
io_submit(r0, 0x1, &(0x7f0000000480)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0xffffffffffffffff, 0x1000000}])

02:05:57 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0)
pipe2(&(0x7f0000000d00)={<r1=>0xffffffffffffffff}, 0x0)
dup2(r1, r0)

02:05:57 executing program 3:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x1, &(0x7f00000000c0)=[{0x20}]})

02:05:57 executing program 5:
pipe2(&(0x7f0000000080)={<r0=>0xffffffffffffffff}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
dup2(r0, r1)

02:05:57 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001c80)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
recvmmsg$unix(r0, &(0x7f000000f040)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f000000cac0)}}], 0x1, 0x60, 0x0)

02:05:57 executing program 4:
io_uring_setup(0x0, &(0x7f0000000080))
bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x5, 0x8, 0x1000, 0xfff}, 0x40)

02:05:57 executing program 2:
openat$drirender128(0xffffffffffffff9c, &(0x7f0000000000), 0x105801, 0x0)

02:05:57 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_CONN_TIMEOUT(r0, 0x10f, 0x82, &(0x7f0000000100), 0x4)

02:05:57 executing program 0:
r0 = io_uring_setup(0x1e, &(0x7f0000000080))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0xb, 0x0, 0x0)

02:05:57 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f00000002c0)=""/40)

02:05:58 executing program 2:
r0 = io_uring_setup(0x1e, &(0x7f0000000080))
r1 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0xa, 0x0, r1)

02:05:58 executing program 1:
socketpair(0x2c, 0x3, 0x6, &(0x7f0000000000))

02:05:58 executing program 5:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$UI_SET_EVBIT(r0, 0x400c55cb, 0x0)

02:05:58 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001c80)={<r0=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)

02:05:58 executing program 0:
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
write$UHID_INPUT2(r0, &(0x7f00000001c0), 0x6)

02:05:58 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001c80)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmmsg$unix(r0, &(0x7f0000016400)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f000000c000)=ANY=[@ANYBLOB="1c0000000000000001000000020000", @ANYRES32=0xee00], 0x130}}], 0x1, 0x0)

02:05:58 executing program 1:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendto$unix(r0, &(0x7f00000002c0)="ef", 0x1, 0x0, 0x0, 0x0)

02:06:00 executing program 4:
io_uring_setup(0x0, &(0x7f0000000080))
bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x5, 0x8, 0x1000, 0xfff}, 0x40)

02:06:00 executing program 3:
syz_open_dev$dri(&(0x7f0000000000), 0x4000010001, 0x185400)

02:06:00 executing program 5:
r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000340)=[{&(0x7f00000000c0)=""/228, 0xe4}], 0x1, 0x0, 0x0)

02:06:00 executing program 2:
perf_event_open(&(0x7f0000000380)={0x2, 0x80, 0xde, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000000d40)=ANY=[@ANYBLOB="850000006d00000025000000000000009500000000000000afcd48d6494d614dcc6fabec470db2c61612ba392176dd2963228e1d4c500dc4ef2fad96ed406f21caf593836d9ea2cfb0e60436e054258c4686b066707de94a4f4d5fc79c987d669ffa4aaca0f9d9924be41a9169bdfaf16d1c0b15390bb8dd7f165789ecaec4daee84309e7a23c19a39484809539fca4e0b6ec015a7d55545a34eff9dbdfaa55c59e88254f54077f75cb6803d99bf1683537a8ea0244d35b213bda80cc172afd80e361bedd8b8cc57255a5e3d77ac463920e231b7ae0da8616d2b7958f91f5d82a175ed60ab386d94af98af1da2b59525f8fe3b28d7e53c78fbfe5ab0255f347160ec8343e1494da484ebad0407d9440b69ad9f19ab8b4b380a00d72bc0480f949c479757306720399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfccb22953af67ebfd6ce41c40901cbd39d98b9d41a902e5111f2cc5e46ac1c60a9b10c074bfbcd4b09012175400000000010000004aaa026d570ecb5e8cddbed65ff76ff61c5552417fd703f7f14d8b78a602ca3cdf6a662d8bc9c89c9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e559d17879570c8ad943e392957b4f979ea17117a13201bafe4f0f6ea5a6c957ada0c548552b571bed564c0a2fcb6da006b5d0fe4886a9edee77f69863766e214f02000000782910671bc219f85dd06a24c37e588959f34d2c5f649b85e5b0baada5f1aaad5704ffb43452d49da960f10d5786e2d1638f90b79c7f8526a13702d613dc88670f3478182136c74d163716bacc720d0a00000000e7dfd27e69d71a19da16f2c3e683176d47c2599d03008c05c8ce9edd1ef5cc236934ac483b8bf80794ecb7ac00ce453c14d29dab6dcf1855a1ab3d7c2ee8d43e479f3a17a4ac213bfa477f3da41564aac29d6dcb10e4e4dfc5cfbdef1d4cea020000000000000062b8ca086734223cf718c6bb21eae7eca3cb1baa3105a33cfc2cd90adf3720d13cd114695fea0cd01735e2d3a16d3c1ac6713c630445402b02e35e48f049b44631062d465506ceec6947c78fd2bb24c288d719668a712d529d9d0ba7b0db4cca204c6fae33f60c01559eafbed82203bf45781e3681c0ec1d041e18dde1ae9033946a7acf61d1c3bd1c988aabea18a402a93e156bcf4a4043bfe7575a977b0e0a76647f949edd8e86b58702e5edc98405db78242b542ab94182db71a0d5a0354ca532c6b40ef2bc36bcac5f7328eb4399aa35ecfed552652f93f6216f5a2fdc7e88481ece6c1711e3782e94371fb9a2dbadc38dc824cb73062c6418260b2512b5f43aa55b47a49df79e05b69c2ce1885a69895e6ab069ef77dfcfc45a0a1320fa09239b76123626f27a1b3ee62a6e4b5c1c97aa347c380a3d56484fe3a18ce2952b9a2c727a35095c2d72e89f7489afe6c00480483e59a8971fc87a28d13a82a06da1d5770bfb1106522bfad1dfba9831a3f889b51dc6be5b"], &(0x7f0000000000)='GPL\x00', 0x5, 0x252, &(0x7f000000cf3d)=""/195}, 0x48)

02:06:00 executing program 0:
io_uring_setup(0x50d0, &(0x7f0000000340)={0x0, 0x5e3, 0x8})

02:06:00 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000080), 0xffff, 0x40000)
preadv(r0, &(0x7f0000000340)=[{&(0x7f00000000c0)=""/228, 0xe4}], 0x1, 0x0, 0x0)

02:06:00 executing program 0:
r0 = io_uring_setup(0x1e, &(0x7f0000000080))
r1 = eventfd(0x0)
io_uring_register$IORING_REGISTER_EVENTFD(r0, 0x4, &(0x7f0000000100)=r1, 0x1)

02:06:00 executing program 5:
add_key$user(&(0x7f0000000000), 0x0, 0x0, 0x0, 0xfffffffffffffffd)
add_key$user(&(0x7f0000000180), 0x0, 0x0, 0x0, 0xffffffffffffffff)

02:06:00 executing program 1:
r0 = io_uring_setup(0x26af, &(0x7f0000000200))
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)

02:06:01 executing program 3:
io_uring_setup(0x33e3, &(0x7f0000000000)={0x0, 0x0, 0x2, 0x0, 0xfffffffd})

02:06:01 executing program 2:
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2)
write$binfmt_aout(r0, 0x0, 0x0)

02:06:01 executing program 0:
r0 = landlock_create_ruleset(&(0x7f0000000000)={0x1001}, 0x8, 0x0)
write$binfmt_aout(r0, 0x0, 0x0)

02:06:03 executing program 4:
r0 = io_uring_setup(0x1e, &(0x7f0000000080))
r1 = io_uring_setup(0x1e, &(0x7f0000000080))
r2 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0x2, 0x0, r2)

02:06:03 executing program 1:
bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x5, 0x8, 0x1000, 0xfff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x3}, 0x40)

02:06:03 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmmsg$unix(r0, &(0x7f0000007980)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001780)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xffffffffffffffff}}}], 0x20}}], 0x1, 0x0)

02:06:03 executing program 5:
io_uring_setup(0x33e3, &(0x7f0000000000)={0x0, 0x0, 0x2})
r0 = io_uring_setup(0x1e, &(0x7f0000000080)={0x0, 0xf89c, 0x2, 0x2, 0x14a})
ioctl$BLKFRASET(0xffffffffffffffff, 0x1264, 0x0)
io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x2, 0x0, 0x0, r0})

02:06:03 executing program 2:
io_setup(0x8, &(0x7f0000000040)=<r0=>0x0)
pipe2(&(0x7f0000000d00)={<r1=>0xffffffffffffffff}, 0x0)
io_submit(r0, 0x1, &(0x7f00000011c0)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x7, 0x0, r1, &(0x7f00000001c0)="c9dd1f0b2be1e9ffa218639161d2f0a293276fa898d2f31cb35ab0de993fd3b0176c85ccba1a5c0ddb0239bb3888e1791b359c9ea2125eecdb57415ca0bad524cbb738e0413f909ca654e8e40e451b36b23d11f6a6cb1606642f6d4cb78138ac7492386fa9a81ed7fe44c8182d930eb18dcbcc78a80bea72892e1137686f8080dd1331f3912f1ccb155a96b59e8cc450fe2e77dca83c2a6140ee5507481259b0cdc37ad57e5bce277bbe565c37a4755f6ac755e9a0e849f07b08256d5327b196b4d6b5f964a63fb61a1f7af42d849a2d4d18a829db1429d60508a07a5d70dffeffd15a4ce8f8bffc2e6b0bd7dbcad3adca6007417708f54e7f73189181c5af01343e8985eb1b64620929954f660aa9690a01a073bbde25464226c67c400386c0aa3e56dfaa9cb77894160f4a80ba1f985171f6168474c283e6bfcad69bb0035eb0b0b7ec076c2a5ebd3a489e9a1b4d96c6c9e390a6f1eebf439b7e92eb9ae41178656a0d4deeeb20ad3b532e8e41c3f0539a48f30a40b11f24e5d7bfceab49e47dd88ff401b26c5e2ae77b48250efa8750a611c7bd4aa696c531dba909ec249806db679504319da410f6319842f6265111ce6d7de89feca62c2a8ca4ec60f36cdef427118f1a5f052c085ac6684732032af77c5c4c341c912c5a9a53aeef00c7e6aa647bb121c280cd01c7f53868ff3398742180f4da2f9b7027933a85b7563da37767b2256d2b2fdb58af21f93f0ab2dc5d18adedc4daebb485b7edeeb028c0338cc4e1dcc4df1893193e5bb13a11dbfd0c0ec81175800886ece9b480e3573e0c024064533c688844f57e3a85d86e80d32fd7787d14777fbe33c54e50257c1774e5d50e718ff191d8a72ddf65db3c7838e80d03e0410a9e7b5d1aed6d62f1db5dd967030e674e8d215ea10f48b02464191a773107609e48b56b431c03fa33c53e888652064ee64ceaad16eaee2522d7d618d20d611a3702d37e42e9197ba39be4493d17260676ebeaf442ba37fa128137ab6dcf1c798ce9333d3fc335e9c710165beb0d8c690032ebc31038df723ffff65d860cb7db82026e23080f089219cdf71249a0dcc202aa59c683cadefb16c105f860089a6e5ea73700c50249abd6bf8891567c532d7af50a2e79e57189dd75d8dcb6a0f6069ae42034939bcb903910ad5858f7c1d071af7491c4c47f5391219f1444b86c498ae8fb5d86ffff35daa3bf5db4c393e17680a954822c58fa8e8718145991ed96d533b89f246ee2ec9ce7b68fc7b79f98b99fb58ba79ba78dfa424c53efec77d0ea354ceb343dc04b0fd515d0077e9e32be5b83fe0add385091f98f21192c44f50d2ae869400184d3369b3c402620fc4c3be53e26acd12add6bf7362c3d4758d7259bd1c1b4116681de905ac7a06e8189d8b7d0ae8664d2307118b62822a85733ffc564c76c1925040b46da", 0x401}])

02:06:03 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001c80)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
dup2(r1, r0)

02:06:03 executing program 0:
r0 = io_uring_setup(0x1e, &(0x7f0000000080))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0x11, 0x2, 0x0)

02:06:03 executing program 5:
io_uring_setup(0xffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x10})

02:06:03 executing program 3:
openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000480), 0x40000, 0x0)

02:06:03 executing program 2:
syz_open_dev$usbmon(&(0x7f0000001100), 0x8, 0x60000)

02:06:03 executing program 4:
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000540), 0xffffffffffffffff)

02:06:04 executing program 5:
syz_open_dev$usbmon(&(0x7f0000001100), 0x0, 0x0)
ioctl$MON_IOCT_RING_SIZE(0xffffffffffffffff, 0x9204, 0x0)

02:06:04 executing program 2:
openat$dlm_monitor(0xffffffffffffff9c, 0x0, 0x0, 0x0)
clock_gettime(0x0, &(0x7f00000005c0))

02:06:06 executing program 1:
timerfd_create(0x2, 0x0)

02:06:06 executing program 3:
r0 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000480), 0x0, 0x0)
sendmsg$L2TP_CMD_SESSION_GET(r0, 0x0, 0x0)

02:06:06 executing program 0:
getsockname$inet(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000380), 0xffffffffffffffff)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)

02:06:06 executing program 4:
openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)

02:06:06 executing program 5:
syz_open_dev$usbfs(&(0x7f0000000280), 0x1, 0x0)

02:06:06 executing program 2:
socket$inet_sctp(0x2, 0x5, 0x84)
openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
socket$nl_generic(0x10, 0x3, 0x10)
clock_gettime(0x0, &(0x7f00000005c0)={<r0=>0x0})
pselect6(0x40, &(0x7f0000000500)={0x64ed}, &(0x7f0000000540)={0x2}, &(0x7f0000000580)={0x101}, &(0x7f0000000600)={r0}, &(0x7f0000000680)={&(0x7f0000000640)={[0x9]}, 0x8})

02:06:06 executing program 5:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/ip_vs\x00')

02:06:06 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_EEE_GET(r0, &(0x7f0000000880)={0x0, 0x0, 0x0}, 0x0)

02:06:06 executing program 3:
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKINFO_GET(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0)

02:06:06 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0003040000000403010811d456c3bbeb3531d68c1bcc10b2e8"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:06:06 executing program 1:
r0 = syz_open_dev$usbmon(&(0x7f0000001100), 0x0, 0x0)
ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x117b62)

02:06:06 executing program 3:
r0 = syz_io_uring_setup(0x77b, &(0x7f0000001500), &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ee7000/0x4000)=nil, &(0x7f00000014c0)=<r1=>0x0, &(0x7f0000000000)=<r2=>0x0)
r3 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0)
io_uring_enter(r0, 0x450e, 0x0, 0x0, 0x0, 0x0)

02:06:06 executing program 5:
r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040)=0x7ff)
syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)

02:06:06 executing program 0:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000600)={'wpan0\x00'})

02:06:07 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
getsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000300), &(0x7f0000000340)=0x4)

[  344.402957][ T7446] usb 5-1: new high-speed USB device number 2 using dummy_hcd
02:06:07 executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_EEE_GET(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={0x0}}, 0x0)

02:06:07 executing program 3:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000680)={'batadv_slave_0\x00'})

[  344.647419][ T7446] usb 5-1: Using ep0 maxpacket: 16
[  344.779246][ T7446] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  344.789889][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  344.801411][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  344.811380][ T7446] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  344.821393][ T7446] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
02:06:07 executing program 0:
openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000200), 0x22400, 0x0)

02:06:07 executing program 2:
timer_create(0x0, &(0x7f0000002400)={0x0, 0x39, 0x0, @thr={0x0, 0x0}}, &(0x7f0000002440))

02:06:07 executing program 1:
pselect6(0x0, 0x0, 0x0, &(0x7f0000000580), &(0x7f0000000600), &(0x7f0000000680)={&(0x7f0000000640)={[0x9]}, 0x8})

02:06:07 executing program 5:
r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040)=0x7ff)
syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)

[  345.124147][ T7446] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  345.133477][ T7446] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  345.141623][ T7446] usb 5-1: Manufacturer: syz
[  345.236049][ T7446] usb 5-1: config 0 descriptor??
[  345.683607][ T7446] rc_core: IR keymap rc-hauppauge not found
[  345.689632][ T7446] Registered IR keymap rc-empty
[  345.695933][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  345.772610][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  345.803520][ T7446] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  345.818859][ T7446] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input15
[  345.883529][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  345.912830][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  345.942738][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  345.975818][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  346.012491][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  346.047737][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  346.083476][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  346.112316][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  346.150581][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  346.182276][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  346.215588][ T7446] mceusb 5-1:0.0: Registered ࠁ with mce emulator interface version 1
[  346.224239][ T7446] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  346.263826][ T7446] usb 5-1: USB disconnect, device number 2
[  346.895681][ T7446] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  347.151979][ T7446] usb 5-1: Using ep0 maxpacket: 16
[  347.294999][ T7446] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  347.308529][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  347.320589][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  347.330511][ T7446] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  347.340426][ T7446] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  347.543238][ T7446] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  347.552994][ T7446] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  347.561236][ T7446] usb 5-1: Manufacturer: syz
02:06:10 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0003040000000403010811d456c3bbeb3531d68c1bcc10b2e8"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:06:10 executing program 2:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000540), 0x600140)

02:06:10 executing program 3:
ioctl$MON_IOCH_MFLUSH(0xffffffffffffffff, 0x9208, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x0)

02:06:10 executing program 1:
clock_gettime(0x0, &(0x7f00000005c0)={0x0, <r0=>0x0})
pselect6(0x40, &(0x7f0000000500)={0x64ed}, &(0x7f0000000540), &(0x7f0000000580), &(0x7f0000000600)={0x0, r0+10000000}, &(0x7f0000000680)={&(0x7f0000000640)={[0x9]}, 0x8})

02:06:10 executing program 0:
syz_open_dev$ndb(&(0x7f0000000100), 0x0, 0x404000)

02:06:10 executing program 5:
r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040)=0x7ff)
syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)

[  347.694139][ T7446] usb 5-1: config 0 descriptor??
[  347.807480][ T7446] usb 5-1: can't set config #0, error -71
[  347.939231][ T7446] usb 5-1: USB disconnect, device number 3
02:06:10 executing program 5:
r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040)=0x7ff)
syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)

02:06:10 executing program 3:
socket$netlink(0x10, 0x3, 0x7)

02:06:10 executing program 0:
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
sendmmsg$nfc_llcp(r0, &(0x7f00000001c0)=[{0x0, 0x0, 0x0}], 0x1, 0x0)

02:06:11 executing program 2:
r0 = getpgid(0x0)
process_vm_writev(r0, &(0x7f00000194c0)=[{&(0x7f0000000340)=""/147, 0x93}], 0x1, &(0x7f0000000300)=[{&(0x7f0000000400)=""/102400, 0x19000}], 0x1, 0x0)

02:06:11 executing program 1:
add_key(&(0x7f0000000000)='logon\x00', &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000080)="e7", 0x1, 0xfffffffffffffffb)

02:06:11 executing program 0:
socket(0xa, 0x3, 0x40)

[  349.092181][ T2842] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  349.332168][ T2842] usb 5-1: Using ep0 maxpacket: 16
[  349.463735][ T2842] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  349.474794][ T2842] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  349.486901][ T2842] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  349.496856][ T2842] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  349.506924][ T2842] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  349.903806][ T2842] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  349.913552][ T2842] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  349.921698][ T2842] usb 5-1: Manufacturer: syz
[  349.937074][ T2842] usb 5-1: config 0 descriptor??
[  350.362205][ T2842] rc_core: IR keymap rc-hauppauge not found
[  350.368337][ T2842] Registered IR keymap rc-empty
[  350.374340][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  350.452458][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  350.514149][ T2842] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  350.529384][ T2842] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input16
[  350.742478][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  350.807411][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  350.882799][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  350.932154][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  350.985693][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  351.042203][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  351.102615][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  351.153104][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  351.190143][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  351.306100][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  351.353369][ T2842] mceusb 5-1:0.0: Registered ࠁ with mce emulator interface version 1
[  351.361971][ T2842] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  351.466740][ T2842] usb 5-1: USB disconnect, device number 4
02:06:14 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0003040000000403010811d456c3bbeb3531d68c1bcc10b2e8"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:06:14 executing program 2:
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
sendmsg$nfc_llcp(r0, &(0x7f0000001f40)={&(0x7f0000001740)={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "7f1ac716c82172b7d0b5f6014d4c6b2083f40c505240b2a9de478afeda6fd82966688ff5b30e12a63359324f7b101edf0e088d4e380a814438218c610af7bc"}, 0x60, &(0x7f0000001e80)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, 0x0, 0xf0ff7f}, 0x0)

02:06:14 executing program 5:
syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)

02:06:14 executing program 1:
request_key(&(0x7f0000000040)='logon\x00', &(0x7f0000000080)={'syz', 0x3}, &(0x7f00000000c0)='$[@\x01\x00\x00\x00\v', 0xfffffffffffffffc)

02:06:14 executing program 3:
r0 = socket$xdp(0x2c, 0x3, 0x0)
mmap$xdp(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, 0x12, r0, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_UNLABEL_C_STATICLISTDEF(r1, 0x0, 0x0)

02:06:14 executing program 0:
r0 = syz_open_dev$loop(&(0x7f0000000080), 0x0, 0x0)
ioctl$BLKSECTGET(r0, 0x1267, 0x0)

02:06:14 executing program 1:
syz_open_dev$loop(&(0x7f00000000c0), 0x0, 0x82)

02:06:14 executing program 0:
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
sendmmsg$nfc_llcp(r0, &(0x7f0000001a40)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000001700)={0x28, 0x0, 0x0, "095b7f3b5a4770623aec72f36f4f5129c7"}, 0x28}], 0x1, 0x0)

02:06:14 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0)
ioctl$BLKIOMIN(r0, 0xc0101282, 0x0)

02:06:14 executing program 3:
openat$vcs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_FREEZE(r0, 0x400c620e, &(0x7f0000000040)={0x0, 0x1})

02:06:14 executing program 5:
syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)

02:06:15 executing program 1:
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000100)={0x0, 0x1000000, 0x800}, 0x20)

[  352.514443][ T7446] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  352.560155][T10009] binder: 10008:10009 ioctl 400c620e 20000040 returned -22
[  352.604753][T10012] binder: 10008:10012 ioctl 400c620e 20000040 returned -22
[  352.783452][ T7446] usb 5-1: Using ep0 maxpacket: 16
[  352.924341][ T7446] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  352.938088][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  352.950197][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  352.960112][ T7446] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  352.970030][ T7446] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  353.323988][ T7446] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  353.333544][ T7446] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  353.341700][ T7446] usb 5-1: Manufacturer: syz
[  353.382868][ T7446] usb 5-1: config 0 descriptor??
[  353.762314][ T7446] rc_core: IR keymap rc-hauppauge not found
[  353.768338][ T7446] Registered IR keymap rc-empty
[  353.773747][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  353.802123][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  353.839248][ T7446] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  353.854520][ T7446] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input17
[  353.924242][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  353.952724][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  353.992289][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  354.023217][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  354.053533][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  354.112635][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  354.152988][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  354.182909][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  354.212026][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  354.242906][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  354.294999][ T7446] mceusb 5-1:0.0: Registered ࠁ with mce emulator interface version 1
[  354.303501][ T7446] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  354.377983][ T7446] usb 5-1: USB disconnect, device number 5
02:06:17 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0003040000000403010811d456c3bbeb3531d68c1bcc10b2e8"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:06:17 executing program 0:
bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x195, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x40)

02:06:17 executing program 5:
syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)

02:06:17 executing program 2:
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x78)

02:06:17 executing program 3:
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000080)=0x200, 0x4)

02:06:17 executing program 1:
r0 = socket$xdp(0x2c, 0x3, 0x0)
getsockopt$XDP_STATISTICS(r0, 0x11b, 0x7, &(0x7f0000000100), &(0x7f0000000140)=0x30)

02:06:17 executing program 3:
socket(0x0, 0x10000a, 0x0)

02:06:17 executing program 2:
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x1a, 0x4, 0x0, &(0x7f0000000080)='syzkaller\x00', 0xb62, 0x3, &(0x7f00000000c0)=""/3, 0x0, 0x0, '\x00', 0x0, 0x5, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)

02:06:17 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f00000026c0)={0x2, 0x3, &(0x7f00000024c0)=@framed, &(0x7f0000002580)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x78)

02:06:17 executing program 0:
r0 = syz_open_dev$loop(&(0x7f0000000180), 0x0, 0x0)
ioctl$BLKROSET(r0, 0x125d, 0x0)

02:06:17 executing program 5:
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000000040)=0x7ff)
syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)

02:06:18 executing program 3:
process_vm_writev(0x0, &(0x7f00000000c0)=[{&(0x7f0000000000)=""/109, 0x6d}], 0x1, &(0x7f0000000580)=[{&(0x7f0000000280)=""/117, 0x75}, {0x0}], 0x2, 0x0)

[  355.672462][ T8283] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  355.912948][ T8283] usb 5-1: Using ep0 maxpacket: 16
[  356.033879][ T8283] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  356.044417][ T8283] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  356.056067][ T8283] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  356.066017][ T8283] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  356.076046][ T8283] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  356.294046][ T8283] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  356.303387][ T8283] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  356.311529][ T8283] usb 5-1: Manufacturer: syz
[  356.343822][ T8283] usb 5-1: config 0 descriptor??
[  356.692061][ T8283] rc_core: IR keymap rc-hauppauge not found
[  356.698180][ T8283] Registered IR keymap rc-empty
[  356.703779][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  356.742303][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  356.779985][ T8283] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  356.838230][ T8283] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input18
[  356.868534][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  356.903720][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  356.932394][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  356.963657][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  357.001427][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  357.040793][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  357.072539][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  357.111184][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  357.143255][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  357.172707][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  357.206149][ T8283] mceusb 5-1:0.0: Registered ࠁ with mce emulator interface version 1
[  357.215166][ T8283] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  357.292734][ T8283] usb 5-1: USB disconnect, device number 6
02:06:20 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0003040000000403010811d456c3bbeb3531d68c1bcc10b2e8"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)

02:06:20 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000180), 0x0, 0x0)
ioctl$BLKROSET(r0, 0x125d, &(0x7f00000001c0))

02:06:20 executing program 1:
r0 = getpgid(0x0)
process_vm_writev(r0, &(0x7f0000001280)=[{&(0x7f0000000000)=""/180, 0xb4}, {&(0x7f00000000c0)=""/156, 0x9c}], 0x2, &(0x7f0000001440)=[{&(0x7f0000001340)=""/193, 0xc1}], 0x1, 0x0)

02:06:20 executing program 5:
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000000040)=0x7ff)
syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)

02:06:20 executing program 0:
mmap$xdp(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, 0x5f5b6778b1b1ee77, 0xffffffffffffffff, 0x0)

02:06:20 executing program 3:
r0 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0)
ioctl$BLKIOMIN(r0, 0x1265, 0x0)

02:06:20 executing program 0:
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
accept4$nfc_llcp(r0, 0x0, 0x0, 0x0)

02:06:20 executing program 5:
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000000040)=0x7ff)
syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)

02:06:20 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x12, 0x2, &(0x7f0000000000)=@raw=[@map={0x18, 0x0, 0x1, 0x0, 0x1}], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)

02:06:20 executing program 2:
r0 = socket$xdp(0x2c, 0x3, 0x0)
mmap$xdp(&(0x7f0000ffb000/0x2000)=nil, 0x1ffff000, 0x0, 0x12, r0, 0x0)

02:06:20 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events\x00', 0x7a05, 0x1700)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40086602, &(0x7f0000000040))
write$cgroup_type(r0, &(0x7f0000000000), 0x248800)

[  358.522281][ T7446] usb 5-1: new high-speed USB device number 7 using dummy_hcd
02:06:21 executing program 5:
r0 = syz_open_dev$sndctrl(0x0, 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040)=0x7ff)
syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)

[  358.782343][ T7446] usb 5-1: Using ep0 maxpacket: 16
[  358.922331][ T7446] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  358.933098][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  358.944632][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  358.954659][ T7446] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  358.964655][ T7446] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  359.244158][ T7446] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  359.253497][ T7446] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  359.261662][ T7446] usb 5-1: Manufacturer: syz
[  359.291399][ T7446] usb 5-1: config 0 descriptor??
[  359.611985][ T7446] rc_core: IR keymap rc-hauppauge not found
[  359.618109][ T7446] Registered IR keymap rc-empty
[  359.624279][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  359.655402][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  359.699078][ T7446] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  359.714129][ T7446] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input19
[  359.790146][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  359.833486][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  359.863379][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  359.892240][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  359.940308][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  359.972798][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  360.021224][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  360.053739][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  360.090654][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  360.122388][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  360.156898][ T7446] mceusb 5-1:0.0: Registered ࠁ with mce emulator interface version 1
[  360.165862][ T7446] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  360.216417][ T7446] usb 5-1: USB disconnect, device number 7
02:06:22 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0003040000000403010811d456c3bbeb3531d68c1bcc10b2e8"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)

02:06:22 executing program 1:
setfsuid(0xee01)
add_key$keyring(&(0x7f00000004c0), &(0x7f0000000500)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)

02:06:22 executing program 0:
r0 = gettid()
process_vm_writev(r0, &(0x7f0000000700)=[{&(0x7f0000000000)=""/236, 0xec}, {&(0x7f0000000100)=""/221, 0xdd}, {0x0}, {&(0x7f0000000280)=""/235, 0xeb}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, &(0x7f0000003b00)=[{&(0x7f00000007c0)=""/234, 0xea}, {&(0x7f00000008c0)=""/185, 0xb9}, {&(0x7f0000000a40)=""/4096, 0x1000}], 0x3, 0x0)

02:06:22 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x4, 0x2, &(0x7f0000000000)=@raw=[@map], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x78)

02:06:22 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_unlabel(0x0, 0xffffffffffffffff)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000380), r0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000580), r1)
sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r2, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={0x0, 0xb8}}, 0x0)
sendmsg$IEEE802154_DISASSOCIATE_REQ(0xffffffffffffffff, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_UNLABEL_C_STATICLISTDEF(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0xc8}, 0x1, 0x0, 0x0, 0x20004040}, 0x0)

02:06:22 executing program 5:
r0 = syz_open_dev$sndctrl(0x0, 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040)=0x7ff)
syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)

02:06:23 executing program 3:
process_vm_writev(0x0, &(0x7f00000000c0)=[{&(0x7f0000000000)=""/109, 0x6d}], 0x1, 0x0, 0x0, 0x0)

02:06:23 executing program 0:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r0, 0x40045201, &(0x7f0000000040)=0x80000000)

02:06:23 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000bc0), 0x0, 0x0)
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
read$usbfs(r0, &(0x7f0000000c00)=""/4096, 0x1000)

02:06:23 executing program 5:
r0 = syz_open_dev$sndctrl(0x0, 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040)=0x7ff)
syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)

02:06:23 executing program 2:
setsockopt$XDP_RX_RING(0xffffffffffffffff, 0x11b, 0x2, &(0x7f0000000040), 0xfffffffffffffec9)

02:06:23 executing program 0:
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x4, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2}, 0x40)

[  361.222421][ T7446] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  361.472112][ T7446] usb 5-1: Using ep0 maxpacket: 16
[  361.593774][ T7446] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  361.604231][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  361.615935][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  361.625853][ T7446] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  361.635759][ T7446] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  361.777862][ T7446] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  361.787332][ T7446] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  361.795712][ T7446] usb 5-1: Manufacturer: syz
[  361.842112][ T7446] usb 5-1: config 0 descriptor??
[  362.193153][ T7446] rc_core: IR keymap rc-hauppauge not found
[  362.199181][ T7446] Registered IR keymap rc-empty
[  362.204737][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  362.250271][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  362.294549][ T7446] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  362.309759][ T7446] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input20
[  362.383044][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  362.413345][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  362.443132][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  362.472317][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  362.513012][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  362.542592][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  362.574103][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  362.602219][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  362.639041][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  362.672826][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  362.705127][ T7446] mceusb 5-1:0.0: Registered ࠁ with mce emulator interface version 1
[  362.713731][ T7446] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  362.753045][ T7446] usb 5-1: USB disconnect, device number 8
02:06:25 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0003040000000403010811d456c3bbeb3531d68c1bcc10b2e8"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)

02:06:25 executing program 5:
syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000000040)=0x7ff)
syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)

02:06:25 executing program 3:
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder1\x00', 0x802, 0x0)

02:06:25 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0)
ioctl$BLKIOMIN(r0, 0x1278, 0x0)

02:06:25 executing program 1:
r0 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0)
ioctl$BLKGETSIZE64(r0, 0x80081272, &(0x7f0000000040))

02:06:25 executing program 0:
r0 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0)
ioctl$BLKIOMIN(r0, 0x1274, 0x0)

02:06:25 executing program 0:
perf_event_open$cgroup(&(0x7f0000000140)={0x2, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

02:06:25 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0)
ioctl$BLKIOMIN(r0, 0x40086602, 0x0)

02:06:25 executing program 5:
syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000000040)=0x7ff)
syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)

02:06:25 executing program 3:
r0 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0)
ioctl$BLKIOMIN(r0, 0x301, 0x0)

02:06:25 executing program 1:
bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0xa, 0x0, 0x0, 0xffffffff}, 0x40)

[  363.691658][ T8283] usb 5-1: new high-speed USB device number 9 using dummy_hcd
02:06:26 executing program 1:
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
sendmsg$nfc_llcp(r0, &(0x7f0000001f40)={0x0, 0x0, 0x0}, 0x0)

[  363.934652][ T8283] usb 5-1: Using ep0 maxpacket: 16
[  364.054463][ T8283] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  364.065045][ T8283] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  364.076721][ T8283] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  364.086823][ T8283] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  364.099824][ T8283] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  364.202324][ T8283] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  364.211577][ T8283] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  364.220485][ T8283] usb 5-1: Manufacturer: syz
[  364.260083][ T8283] usb 5-1: config 0 descriptor??
[  364.622113][ T8283] rc_core: IR keymap rc-hauppauge not found
[  364.628231][ T8283] Registered IR keymap rc-empty
[  364.633749][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  364.668950][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  364.704009][ T8283] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  364.755124][ T8283] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input21
[  364.791252][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  364.822819][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  364.852990][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  364.883171][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  364.913056][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  364.953228][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  364.982489][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  365.012857][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  365.070305][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  365.105312][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  365.146066][ T8283] mceusb 5-1:0.0: Registered ࠁ with mce emulator interface version 1
[  365.154907][ T8283] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  365.201900][ T8283] usb 5-1: USB disconnect, device number 9
02:06:27 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:06:27 executing program 0:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f0000000000)=ANY=[@ANYBLOB="0500000001000074"])

02:06:27 executing program 5:
syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000000040)=0x7ff)
syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)

02:06:27 executing program 2:
bpf$PROG_LOAD(0x5, &(0x7f0000001680)={0xe, 0x2, &(0x7f0000001480)=@raw=[@btf_id], &(0x7f00000014c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)

02:06:27 executing program 3:
bpf$MAP_CREATE(0x6, 0x0, 0x0)
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1a, 0x9, &(0x7f00000001c0)=@framed={{}, [@btf_id={0x18, 0x7, 0x3, 0x0, 0x2}, @alu={0x0, 0x0, 0x0, 0x1, 0x7, 0xffffffffffffffc0, 0x4}, @generic={0x6, 0x4, 0x4}, @exit, @call]}, &(0x7f0000000080)='GPL\x00', 0x7, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, &(0x7f00000000c0)={0x0, 0x2}, 0x8, 0x10, 0x0}, 0x78)

02:06:27 executing program 1:
openat$vcs(0xffffffffffffff9c, &(0x7f0000000bc0), 0x0, 0x0)
r0 = socket$xdp(0x2c, 0x3, 0x0)
mmap$xdp(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r0, 0x0)

02:06:28 executing program 0:
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/custom0\x00', 0x0, 0x0)

02:06:28 executing program 3:
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
ioctl$IOC_PR_RELEASE(0xffffffffffffffff, 0x401070ca, 0x0)

02:06:28 executing program 1:
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000100)={&(0x7f0000000000)=""/201, 0x1000000, 0x800}, 0x20)

02:06:28 executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$SEG6_CMD_GET_TUNSRC(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010025bd7000fddbdf250400000008"], 0x40}}, 0x0)

02:06:28 executing program 5:
r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, 0x0)
syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)

02:06:28 executing program 0:
r0 = socket$xdp(0x2c, 0x3, 0x0)
getsockopt$XDP_MMAP_OFFSETS(r0, 0x11b, 0x1, &(0x7f0000000200), &(0x7f0000001640)=0x80)
mmap$xdp(&(0x7f0000ffb000/0x2000)=nil, 0x7fffdf004000, 0x0, 0x12, r0, 0x0)

[  366.112468][ T8283] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  366.171697][T10268] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.2'.
[  366.274621][T10270] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.2'.
[  366.356526][ T8283] usb 5-1: Using ep0 maxpacket: 16
[  366.484921][ T8283] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  366.496292][ T8283] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  366.507876][ T8283] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  366.517892][ T8283] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  366.527897][ T8283] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  366.744836][ T8283] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  366.754296][ T8283] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  366.764858][ T8283] usb 5-1: Manufacturer: syz
[  366.828815][ T8283] usb 5-1: config 0 descriptor??
02:06:31 executing program 3:
setfsuid(0xee01)
setreuid(0x0, 0xee01)

02:06:31 executing program 5:
r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, 0x0)
syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)

02:06:31 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:06:31 executing program 0:
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd37b70eb44a8e34b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)

02:06:31 executing program 2:
socket(0x0, 0x8080b, 0x0)

02:06:31 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000bc0), 0x0, 0x0)
mmap$xdp(&(0x7f0000ff8000/0x8000)=nil, 0x8000, 0x0, 0x12, r0, 0x0)

02:06:31 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x7, 0x800000000000201}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x7}, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000e98a6f2b00"})
r2 = syz_open_pts(r1, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000001c0)=0x2)
read(r2, 0x0, 0x2000)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000002c0))
timer_create(0x0, &(0x7f0000000080)={0x0, 0x12}, &(0x7f0000000400))
timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
timer_create(0x0, &(0x7f0000000340)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000140)=<r3=>0x0)
timer_settime(r3, 0x0, &(0x7f0000000180)={{0x77359400}, {0x0, 0x1c9c380}}, 0x0)
ioctl$KDADDIO(r2, 0x4b34, 0x0)

[  369.014444][ T8283] rc_core: IR keymap rc-hauppauge not found
[  369.020664][ T8283] Registered IR keymap rc-empty
[  369.026214][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:06:31 executing program 5:
r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, 0x0)
syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)

02:06:31 executing program 1:
r0 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0)
ioctl$BLKIOMIN(r0, 0x127c, 0x0)

[  369.145781][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:06:31 executing program 3:
openat$urandom(0xffffffffffffff9c, &(0x7f0000000140), 0x4e002, 0x0)

[  369.189485][ T8283] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  369.204989][ T8283] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input22
02:06:31 executing program 0:
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
sendmsg$nfc_llcp(r0, &(0x7f0000001f40)={&(0x7f0000001740)={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "7f1ac716c82172b7d0b5f6014d4c6b2083f40c505240b2a9de478afeda6fd82966688ff5b30e12a63359324f7b101edf0e088d4e380a814438218c610af7bc"}, 0x60, &(0x7f0000001e80)=[{0x0}, {0x0, 0xf0ff7f00000000}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}, 0x0)

[  369.437755][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  369.480735][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  369.516116][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  369.616465][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  369.682285][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  369.752582][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  369.812905][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:06:32 executing program 0:
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
sendmsg$nfc_llcp(r0, &(0x7f0000001f40)={&(0x7f0000001740)={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "7f1ac716c82172b7d0b5f6014d4c6b2083f40c505240b2a9de478afeda6fd82966688ff5b30e12a63359324f7b101edf0e088d4e380a814438218c610af7bc"}, 0x200017a0, &(0x7f0000001e80)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}, 0x0)

02:06:32 executing program 3:
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='comm\x00')
ioctl(r0, 0x5452, &(0x7f0000000080))

[  369.935730][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  369.973349][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  370.032457][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  370.106132][ T8283] mceusb 5-1:0.0: Registered  with mce emulator interface version 1
[  370.114508][ T8283] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  370.251660][ T8283] usb 5-1: USB disconnect, device number 10
[  370.822306][ T8283] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  371.063977][ T8283] usb 5-1: Using ep0 maxpacket: 16
[  371.184339][ T8283] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  371.194865][ T8283] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  371.207155][ T8283] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  371.217079][ T8283] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  371.227126][ T8283] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  371.412648][ T8283] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  371.422147][ T8283] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  371.430306][ T8283] usb 5-1: Manufacturer: syz
[  371.478011][ T8283] usb 5-1: config 0 descriptor??
02:06:35 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:06:35 executing program 2:
r0 = socket$xdp(0x2c, 0x3, 0x0)
mmap$xdp(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, 0x10, r0, 0x8000000000000000)

02:06:35 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$SEG6_CMD_GET_TUNSRC(r0, &(0x7f0000000180)={&(0x7f0000000040), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010025bd7000fddbdf2504d4d6146753366bc420000014000100fe80ff03000000c9b0155100030000aa0800040044000000050006"], 0x40}}, 0x0)
sendmsg$SEG6_CMD_DUMPHMAC(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0xc0040000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r1, 0x300, 0x70bd29, 0x25dfdbfc, {}, [@SEG6_ATTR_SECRETLEN={0x5}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x4000040)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000bc0), 0x0, 0x0)
ioctl$MON_IOCX_MFETCH(r2, 0xc0109207, 0x0)
openat$vcs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r2, 0x8108551b, &(0x7f0000000040)={0x1, 0x0, "50b8a06e70b31e0b3e7bcf977c9a28dce157e8e3b0da723a55b836ee3564b58fdc19d884af0198aaf112d2d7bcf1b5c4b9f3b842aa956dda2cd7f1656ca3723c4eec6a02bb25c3ea01db6d1981d3614370e2008d228ae5c1fa3056b376f5ae49e0bdf9556fc4be50910372443369bda33f1f139d5709c8a0608f035058cbea65985cb3ee4061e520d6b845033c4494936baeb9acf4fc031b224f718b9cbec8b082960473108be00c75abe802dc0cc63bc034026e5cb5a6adae1d04ed3c36028c0e82cfaf70f570cc7aa751c4fa66bdaf4ba472174cce7e888d1469af03a6789a02e1d634da80cffd3dcefff81f8a1c51bb143a7c8dc769c18f8d5a10a9f521a8"})
r3 = openat$urandom(0xffffffffffffff9c, &(0x7f00000001c0), 0x2081, 0x0)
ioctl$RNDZAPENTCNT(r3, 0x5204, &(0x7f0000000240)=0xfff)
syz_open_dev$loop(&(0x7f0000000000), 0x800, 0x588a0)
syz_open_dev$usbfs(&(0x7f0000000180), 0x7, 0x400000)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000280), 0xc000, 0x0)

02:06:35 executing program 5:
r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040))
syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)

02:06:35 executing program 0:
r0 = socket$xdp(0x2c, 0x3, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x180000000)

02:06:35 executing program 3:
r0 = socket$inet6(0xa, 0x803, 0x2)
connect$inet6(r0, &(0x7f0000000280)={0xa, 0x0, 0x0, @local, 0xb}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000540)={{{@in=@multicast1, @in=@private, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {}, {}, 0x0, 0x0, 0x80000000000001}, {{@in6=@empty, 0x0, 0x6c}, 0x0, @in6=@empty, 0x0, 0x4, 0x0, 0x2}}, 0xe8)
sendmmsg(r0, &(0x7f0000008440)=[{{0x0, 0x1aa, 0x0, 0x0, 0x0, 0x0, 0x6010000}, 0xffffffe0}], 0x400000000000107, 0x0)

[  373.091910][T10356] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.1'.
[  373.222670][ T8283] rc_core: IR keymap rc-hauppauge not found
[  373.228695][ T8283] Registered IR keymap rc-empty
[  373.234148][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:06:35 executing program 0:
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000000040)=0x10, 0x4)

[  373.320393][T10359] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.1'.
[  373.340701][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:06:36 executing program 2:
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$search(0xa, r0, &(0x7f0000000080)='keyring\x00', &(0x7f00000000c0)={'syz', 0x1}, r0)

02:06:36 executing program 5:
r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040))
syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)

[  373.468890][ T8283] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  373.484121][ T8283] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input23
02:06:36 executing program 1:
syz_open_dev$usbmon(&(0x7f0000000000), 0x3000000, 0x4000)

[  373.852556][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  373.943152][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  374.023856][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  374.156806][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  374.278493][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:06:37 executing program 0:
r0 = socket$xdp(0x2c, 0x3, 0x0)
mmap$xdp(&(0x7f0000ffb000/0x2000)=nil, 0x7fffffffffffffff, 0x0, 0x10, r0, 0x0)

[  374.392973][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  374.474708][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:06:37 executing program 5:
r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040))
syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)

[  374.583658][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  374.686906][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  374.749106][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  374.904012][ T8283] mceusb 5-1:0.0: Registered  with mce emulator interface version 1
[  374.912558][ T8283] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  375.102448][ T8283] usb 5-1: USB disconnect, device number 11
[  375.652764][ T8283] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  375.902682][ T8283] usb 5-1: Using ep0 maxpacket: 16
[  376.053111][ T8283] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  376.063794][ T8283] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  376.075463][ T8283] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  376.087706][ T8283] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  376.098147][ T8283] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  376.362791][ T8283] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  376.372347][ T8283] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  376.380501][ T8283] usb 5-1: Manufacturer: syz
[  376.485206][ T8283] usb 5-1: config 0 descriptor??
02:06:39 executing program 4:
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000180)={0x24, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0003040000000403010811d456c3bbeb3531d68c1bcc10b2e8"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(0xffffffffffffffff, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:06:39 executing program 2:
bpf$PROG_LOAD(0x5, &(0x7f00000011c0)={0xb, 0x9, 0x0, &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)

02:06:39 executing program 1:
r0 = add_key$keyring(&(0x7f00000004c0), &(0x7f0000000500)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$link(0x8, r0, r0)

02:06:39 executing program 3:
bpf$MAP_CREATE(0x6, 0x0, 0x0)
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000bc0), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1a, 0x4, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff801}, [@exit]}, &(0x7f0000000080)='GPL\x00', 0x7, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, &(0x7f00000000c0)={0x0, 0x2}, 0x8, 0x10, 0x0}, 0x78)

02:06:39 executing program 0:
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xb, 0x1, &(0x7f0000000000)=@raw=[@alu], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)

02:06:39 executing program 5:
r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040)=0x7ff)
syz_open_dev$sndpcmp(0x0, 0x0, 0xa2c65)

[  376.862645][ T8283] rc_core: IR keymap rc-hauppauge not found
[  376.868753][ T8283] Registered IR keymap rc-empty
[  376.874156][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  376.956200][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:06:39 executing program 0:
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
sendmsg$nfc_llcp(r0, &(0x7f0000001f40)={&(0x7f0000001740)={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "7f1ac716c82172b7d0b5f6014d4c6b2083f40c505240b2a9de478afeda6fd82966688ff5b30e12a63359324f7b101edf0e088d4e380a814438218c610af7bc"}, 0x60, &(0x7f0000001e80)=[{0x0, 0xf0ff7f00000000}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}, 0x0)

[  377.009912][ T8283] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  377.025178][ T8283] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input24
02:06:39 executing program 5:
r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040)=0x7ff)
syz_open_dev$sndpcmp(0x0, 0x0, 0xa2c65)

02:06:39 executing program 2:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000bc0), 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x13, r0, 0x0)

02:06:39 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0xf, 0x1, &(0x7f0000000680)=@raw=[@generic], &(0x7f00000006c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)

02:06:39 executing program 1:
r0 = add_key$keyring(&(0x7f00000004c0), &(0x7f0000000500)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
r1 = add_key$keyring(&(0x7f00000004c0), &(0x7f0000000500)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$unlink(0x9, r0, r1)

[  377.260331][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  377.318199][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  377.365978][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  377.442937][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  377.472814][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  377.535233][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  377.602432][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  377.677881][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  377.766777][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:06:40 executing program 0:
bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1a, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x3}, 0x40)

[  377.841593][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:06:40 executing program 4:
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000180)={0x24, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0003040000000403010811d456c3bbeb3531d68c1bcc10b2e8"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(0xffffffffffffffff, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:06:40 executing program 5:
r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040)=0x7ff)
syz_open_dev$sndpcmp(0x0, 0x0, 0xa2c65)

02:06:40 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000240), r0)
sendmsg$IEEE802154_ASSOCIATE_RESP(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_STATUS={0x5}]}, 0x1c}}, 0x0)

[  377.935647][ T8283] mceusb 5-1:0.0: Registered  with mce emulator interface version 1
[  377.943964][ T8283] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
02:06:40 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x7, 0x1, &(0x7f0000000040)=@raw=[@call], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)

02:06:40 executing program 1:
r0 = socket$xdp(0x2c, 0x3, 0x0)
mmap$xdp(&(0x7f0000fef000/0x11000)=nil, 0x11000, 0x1f0ff1f, 0x12, r0, 0x0)

[  378.189966][ T8283] usb 5-1: USB disconnect, device number 12
02:06:41 executing program 0:
bpf$MAP_CREATE(0x6, 0x0, 0x10)

02:06:41 executing program 5:
r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040)=0x7ff)
syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0x0)

02:06:41 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
sendmsg$sock(r0, &(0x7f0000000280)={&(0x7f0000000000)=@phonet, 0x80, 0x0}, 0x0)

02:06:41 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0xa, 0x2, &(0x7f0000000400)=@raw=[@initr0], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)

02:06:41 executing program 1:
bpf$MAP_CREATE(0x22, 0x0, 0x0)

[  378.812307][ T7446] Bluetooth: hci4: command 0x0406 tx timeout
[  378.818520][ T7446] Bluetooth: hci5: command 0x0406 tx timeout
[  378.874822][ T7446] Bluetooth: hci0: command 0x0406 tx timeout
[  378.881030][ T7446] Bluetooth: hci2: command 0x0406 tx timeout
[  378.954289][ T7446] Bluetooth: hci1: command 0x0406 tx timeout
[  378.987180][ T7446] Bluetooth: hci3: command 0x0406 tx timeout
02:06:41 executing program 3:
r0 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0)
ioctl$BLKIOMIN(r0, 0x1262, 0x0)

02:06:41 executing program 4:
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000180)={0x24, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0003040000000403010811d456c3bbeb3531d68c1bcc10b2e8"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(0xffffffffffffffff, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:06:41 executing program 0:
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x16, 0x0, 0x0, 0x300000}, 0x40)

02:06:41 executing program 2:
bpf$MAP_CREATE(0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x146, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x2}, 0x40)

02:06:42 executing program 1:
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, 0x0, 0x1400}, 0x40)

02:06:42 executing program 3:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$SEG6_CMD_GET_TUNSRC(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x24, r1, 0x1, 0x0, 0x0, {}, [@SEG6_ATTR_SECRETLEN={0x5}, @SEG6_ATTR_SECRETLEN={0x5}]}, 0x24}}, 0x0)

02:06:42 executing program 2:
bpf$MAP_CREATE(0x15, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x40)

02:06:42 executing program 0:
r0 = syz_open_dev$loop(&(0x7f0000000040), 0x0, 0x0)
ioctl$BLKPBSZGET(r0, 0x127b, &(0x7f0000000080))

02:06:42 executing program 5:
r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040)=0x7ff)
syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0x0)

02:06:42 executing program 1:
r0 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0)
ioctl$BLKIOMIN(r0, 0x40101283, 0x0)

02:06:42 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, 0x0, 0x0)
sched_setattr(r0, &(0x7f00000000c0)={0x38, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x9}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
unshare(0x62020400)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f00000008c0)=ANY=[@ANYBLOB="2321202e2f66696c6530206c6f00966f380f64a1e3d75d627d1fa159ad34909d60d298000900202759175d1563ca52dd984f43891be784e2058077d27c448d4b144278cb7548c2ee63bf3c3e591afc1f394f4281891836c571406eb4b673b00000080200080000daefec45ecd549b29bfe8d903f00e9e47e673ac1b2616a96bba7e2c0dcf95108eb167f5411d30d37e62266cf8eab640f747082aed2158e2b63f6bfe1343ea62da563ded7abea1ff873329c5646d518fe0e8f20010000792efc2a82a5a17035c87bf7efabe899eb77238a741c80fcb095a2a7d72c595d45388358f546dc882df5b0b55edb1ab6aa14e2b90d685e4a01000000000000001be06fdbc891251cb5bfb690b4c27f5d2fb3e7c92794cf496fdf0495b506841f483edac504209488eb27d43b367fd9992d1b7c478dd4b925aa51a04b100393e1cce76d8027f0a5ed280da80f26b1f3ff300c82255f928b44b9d9e7f2e4c16923dc8741b9c70d92fa1111b51f039ddd1b6adfac67e3a053d38ae16e97eaf5a0270be9a0f12066aa6ecfb569b664bc920bd5381608b35f3aa4210a79c4260a574d4da8c40b9f016ff4ab26b6170250c3214ea18622d704f1c021edffee24c8398c4230d16444e0495088a2f2599a662424f18196f750acca803a21b49423cb5e9f2703e393b982bfcfc4e3f7034f68f272ca8f66bb2f9f2aaf1a20a5a03f254da58698fa342731c70c3ccc40e88aac2edee4c7f59c6ba43021e91424b3056db56ded0c7493d8a3802759b905bb747cbebc7a0af3f570f89f7e1bd00b1c5120287b472a2b242a5d2921243a7b295e5b205d202d20dd206c6f00966f380f64a1e3d75d627d1fa159ad34909d60d298000900202759175d1563ca52dd984f43891be784e2058077d27c448d4b144278cb7548c2ee63bf3c3e591afc1f394f4281891836c571406eb4b673b00000080200080000daefec45ecd549b29bfe8d903f00e9e47e673ac1b2616a96bba7e2c0dcf95108eb167f5411d30d37e62266cf8eab640f747082aed2158e2b63f6bfe1343ea62da563ded7abea1ff873329c5646d518fe0e8f20010000792efc2a82a5a17035c87bf7efabe899eb77238a741c80fcb095a2a7d72c595d45388358f546dc882df5b0b55edb1ab6aa14033381122548eda4ba556e04276c1be06fdbc891251cb5bfb690b4c27f5d2fb3e7c92794cf496fdf0495b506841f483edac504209488eb27d43b367fd9992d1b7c478dd4b925aa51a04b100393e1cce76d8027f0a5ed280da80f26b1f3ff300c82255f928b44b9d9e7f2e4c16923dc8741b9c70d92fa1111b51f039ddd1b6adfac67e3a053d38ae16e97eaf5a0270be9a0f12066aa6ecfb569b66479c4260a574d4da8c40b9f016ff4ab26b6170250c3214ea18622d704f1c021edffee24c8398c4230d16444e0495088a2f2599a662424f18196f750acca803a21b49423cb5e9f2703e393b982bfcfc4e3f7034f68f272ca8f66bb2f9f2aaf1a20a5a03f254da58698fa342731c70c3ccc40e88aac2edee4c7f59c6ba43021e91424b3056db56ded0c7493d8a3802759b905bb747cbebc7a0af3f570f89f7e1bd00b1c510a864e4a352e7dbfa106d9fab2ab22f48949357c0c494cec25bb70d84b5d008a68db48a0a806c81cb8627af5720e135ca4fdfbfbfecab1f26850fadf8437c749f5b66f73c1d6225a26132533b55cd54c2335e2bbd3743a615b33ebe175ce938582cb2feb7d6e4aac89394395ca7a91f9807717a2c9e15f76a32ecd4a3e9a6036566e87864b090af8edb9c48ff7673f42f265efbf7e8a6a5705f233d87df37f0415af7c8c7b9192d3acd7cd77c551c716a9ae8eedbf52ec096e531c5b1557472c1e5f56a5147d7a0abe0041bf8f5c4c"], 0x55a)
r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000480)='ns/mnt\x00')
setns(r2, 0x0)

02:06:42 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0003040000000403010811d456c3bbeb3531d68c1bcc10b2e8"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:06:43 executing program 2:
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000040)=0x8000, 0x4)

02:06:43 executing program 0:
r0 = socket$xdp(0x2c, 0x3, 0x0)
mmap$xdp(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2, 0x11, r0, 0x0)

02:06:43 executing program 1:
r0 = gettid()
process_vm_writev(r0, &(0x7f0000000700)=[{&(0x7f0000000000)=""/236, 0xec}, {&(0x7f0000000100)=""/221, 0xdd}, {&(0x7f0000000280)=""/235, 0xeb}], 0x3, &(0x7f0000003b00)=[{&(0x7f00000007c0)=""/234, 0xea}, {&(0x7f00000008c0)=""/185, 0xb9}, {&(0x7f0000000980)=""/137, 0x89}, {&(0x7f0000000a40)=""/4096, 0x1000}], 0x4, 0x0)

02:06:43 executing program 2:
r0 = socket$xdp(0x2c, 0x3, 0x0)
mmap$xdp(&(0x7f0000ffb000/0x2000)=nil, 0x7fffdf004000, 0x0, 0x12, r0, 0x0)

02:06:43 executing program 0:
r0 = socket$xdp(0x2c, 0x3, 0x0)
mmap$xdp(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x2, 0x12, r0, 0x0)

02:06:44 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000240), r0)
sendmsg$IEEE802154_ASSOCIATE_RESP(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)={0x14, r2, 0x1}, 0x14}}, 0x0)

02:06:44 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0003040000000403010811d456c3bbeb3531d68c1bcc10b2e8"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:06:44 executing program 5:
r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040)=0x7ff)
syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0x0)

02:06:44 executing program 2:
r0 = gettid()
sched_setparam(r0, &(0x7f0000000000)=0x1ff)

02:06:44 executing program 0:
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, 0x0)

02:06:44 executing program 3:
mmap$xdp(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x7070, 0xffffffffffffffff, 0x0)

02:06:44 executing program 1:
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
sendmmsg$nfc_llcp(r0, 0x0, 0x0, 0x0)

02:06:45 executing program 2:
clone(0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x1)

02:06:45 executing program 0:
r0 = socket$xdp(0x2c, 0x3, 0x0)
mmap$xdp(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0xf0ff1f, 0x12, r0, 0x0)

02:06:45 executing program 3:
r0 = socket$xdp(0x2c, 0x3, 0x0)
mmap$xdp(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, 0x12, r0, 0x8000000)

02:06:45 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0003040000000403010811d456c3bbeb3531d68c1bcc10b2e8"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:06:45 executing program 1:
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0x40)

02:06:45 executing program 5:
r0 = socket$xdp(0x2c, 0x3, 0x0)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000bc0), 0x0, 0x0)
mmap$xdp(&(0x7f0000ffa000/0x2000)=nil, 0x2000, 0x0, 0x100010, r1, 0x0)
mmap$xdp(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, 0x12, r0, 0x0)

02:06:45 executing program 0:
r0 = syz_open_dev$usbmon(&(0x7f0000000040), 0x0, 0x0)
read$usbmon(r0, 0x0, 0x0)

02:06:45 executing program 2:
sched_setparam(0x0, &(0x7f0000000080)=0x6)

02:06:45 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x18, 0x3, &(0x7f0000000280)=@framed, &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x78)

02:06:46 executing program 1:
request_key(&(0x7f0000000040)='keyring\x00', &(0x7f0000000080)={'syz', 0x1}, &(0x7f00000000c0)='/dev/full\x00', 0xffffffffffffffff)

02:06:46 executing program 5:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000040000000000000000850000000e000000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000400)='sys_exit\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x100000000000000, &(0x7f00000000c0)={0x19, 0x4, 0x4, 0x2}, 0x40)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r1, &(0x7f0000000280), &(0x7f0000000100)=@udp6}, 0x20)

02:06:46 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0003040000000403010811d456c3bbeb3531d68c1bcc10b2e8"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:06:46 executing program 3:
bpf$MAP_CREATE(0x8, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x40)

02:06:46 executing program 2:
bpf$MAP_CREATE(0x23, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x40)

02:06:46 executing program 1:
setfsuid(0xee01)
add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc)

02:06:47 executing program 5:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000040000000000000000850000000e000000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000400)='sys_exit\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x100000000000000, &(0x7f00000000c0)={0x19, 0x4, 0x4, 0x2}, 0x40)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r1, &(0x7f0000000280), &(0x7f0000000100)=@udp6}, 0x20)

02:06:47 executing program 3:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_FREEZE(r0, 0x400c620e, &(0x7f0000000040))

02:06:47 executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_FREEZE(r0, 0x400c620e, &(0x7f0000000040)={0x0, 0x0, 0xffff0001})

02:06:47 executing program 2:
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x1d, 0x1, &(0x7f0000000040)=@raw=[@func], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x78)

02:06:47 executing program 1:
r0 = socket$xdp(0x2c, 0x3, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x10, r0, 0x0)

[  384.673413][ T8283] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  384.872309][ T8283] usb 5-1: device descriptor read/64, error 18
[  385.097180][T10611] binder: 10606:10611 ioctl 400c620e 20000040 returned -22
[  385.117386][T10613] binder: 10605:10613 ioctl 400c620e 20000040 returned -22
02:06:47 executing program 5:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000040000000000000000850000000e000000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000400)='sys_exit\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x100000000000000, &(0x7f00000000c0)={0x19, 0x4, 0x4, 0x2}, 0x40)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r1, &(0x7f0000000280), &(0x7f0000000100)=@udp6}, 0x20)

[  385.143548][ T8283] usb 5-1: new high-speed USB device number 14 using dummy_hcd
02:06:47 executing program 2:
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x1a, 0x4, 0x0, &(0x7f0000000080)='syzkaller\x00', 0xb62, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000140), 0x8, 0x10, 0x0}, 0x78)

02:06:47 executing program 1:
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000001000)={&(0x7f0000000000)=""/4096, 0x4000, 0xc00, 0x0, 0x1}, 0x20)

[  385.332348][ T8283] usb 5-1: device descriptor read/64, error 18
[  385.455644][ T8283] usb usb5-port1: attempt power cycle
[  385.873194][ T8283] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  386.084215][ T8283] usb 5-1: device descriptor read/8, error -61
[  386.352255][ T8283] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  386.525748][ T8283] usb 5-1: device descriptor read/8, error -61
[  386.658178][ T8283] usb usb5-port1: unable to enumerate USB device
02:06:49 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0003040000000403010811d456c3bbeb3531d68c1bcc10b2e8"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:06:49 executing program 3:
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
connect$nfc_llcp(r0, &(0x7f00000001c0)={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "aae3fe0b0c0fa039c2cafb1d9009108c303cffcd3532aaafba5b7865fd3e3f118ec6d6fbf8003bf86e9c16dd6c25b240334f7c2600136b64a9784e470c395a"}, 0x60)

02:06:49 executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_FREEZE(r0, 0x400c620e, &(0x7f0000000040)={0x0, 0x0, 0xffff0001})

02:06:49 executing program 1:
bpf$MAP_CREATE(0x18, 0x0, 0x0)

02:06:49 executing program 5:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000040000000000000000850000000e000000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000400)='sys_exit\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x100000000000000, &(0x7f00000000c0)={0x19, 0x4, 0x4, 0x2}, 0x40)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r1, &(0x7f0000000280), &(0x7f0000000100)=@udp6}, 0x20)

02:06:49 executing program 2:
syz_open_dev$usbfs(0x0, 0x0, 0x0)
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000bc0), 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000240), r0)

[  387.386884][T10632] binder: 10631:10632 ioctl 400c620e 20000040 returned -22
02:06:50 executing program 5:
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
sendmsg$nfc_llcp(r0, &(0x7f0000001f40)={&(0x7f0000001740)={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "7f1ac716c82172b7d0b5f6014d4c6b2083f40c505240b2a9de478afeda6fd82966688ff5b30e12a63359324f7b101edf0e088d4e380a814438218c610af7bc"}, 0x60, &(0x7f0000001e80)=[{0x0, 0xffffff7f00000000}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}, 0x0)

02:06:50 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r0, 0x89f7, &(0x7f0000000080)={'syztnl0\x00', 0x0})

02:06:50 executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_FREEZE(r0, 0x400c620e, &(0x7f0000000040)={0x0, 0x0, 0xffff0001})

02:06:50 executing program 2:
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x1a, 0x4, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)

02:06:50 executing program 3:
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, 0x0, 0x4161a70babeca98b)

[  388.072297][ T2842] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  388.137715][T10648] binder: 10645:10648 ioctl 400c620e 20000040 returned -22
02:06:50 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0)
ioctl$BLKIOMIN(r0, 0x40101288, 0x0)

[  388.266163][ T2842] usb 5-1: device descriptor read/64, error 18
[  388.543391][ T2842] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  388.737436][ T2842] usb 5-1: device descriptor read/64, error 18
[  388.863284][ T2842] usb usb5-port1: attempt power cycle
[  389.272261][ T2842] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  389.444291][ T2842] usb 5-1: device descriptor read/8, error -61
[  389.713086][ T2842] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  389.884572][ T2842] usb 5-1: device descriptor read/8, error -61
[  390.006338][ T2842] usb usb5-port1: unable to enumerate USB device
02:06:53 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0003040000000403010811d456c3bbeb3531d68c1bcc10b2e8"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:06:53 executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_FREEZE(r0, 0x400c620e, &(0x7f0000000040)={0x0, 0x0, 0xffff0001})

02:06:53 executing program 3:
r0 = gettid()
ptrace$PTRACE_SECCOMP_GET_FILTER(0x420c, r0, 0x0, 0x0)

02:06:53 executing program 2:
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
recvmsg(r0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, &(0x7f0000002680)=""/142, 0x8e}, 0x1)

02:06:53 executing program 1:
setresuid(0x0, 0xee01, 0x0)
r0 = socket$inet6_udp(0x1c, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x1b, &(0x7f00000000c0), 0x4)
bind(r0, &(0x7f0000000840)=@in6={0x1c, 0x1c, 0x3}, 0x1c)

02:06:53 executing program 5:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
sendmsg$inet_sctp(r0, &(0x7f0000000400)={&(0x7f0000000000)=@in6={0x1c, 0x1c, 0x1}, 0x1c, 0x0, 0x0, &(0x7f0000000380)=[@authinfo={0x10}], 0x10}, 0x0)

02:06:53 executing program 5:
r0 = socket$inet6_sctp(0x1c, 0x5, 0x84)
r1 = dup(r0)
getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0xa, &(0x7f0000000200), &(0x7f0000000140)=0x98)

02:06:53 executing program 3:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0xa, &(0x7f0000000040)={0x0, @in, 0x0, 0x0, 0x294}, 0x98)
connect$inet(r0, &(0x7f0000000100)={0x10, 0x2}, 0x10)
getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0xa, &(0x7f0000000140), &(0x7f0000000000)=0x98)

02:06:53 executing program 2:
r0 = socket$inet6_sctp(0x1c, 0x5, 0x84)
r1 = socket$inet6_sctp(0x1c, 0x5, 0x84)
connect$inet6(r1, &(0x7f0000000200)={0xfffffd14, 0x1c, 0x3}, 0x1c)
r2 = dup2(r1, r0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x105, &(0x7f0000000040)=ANY=[@ANYBLOB='h', @ANYRES32=<r3=>0x0], &(0x7f0000001700)=0x8)
setsockopt$inet_sctp_SCTP_ASSOCINFO(r2, 0x84, 0x2, &(0x7f0000000000)={r3}, 0x14)

[  391.235260][T10675] binder: 10665:10675 ioctl 400c620e 20000040 returned -22
02:06:54 executing program 0:
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
connect$inet(r0, &(0x7f0000000400)={0x10, 0x2}, 0x10)

02:06:54 executing program 1:
r0 = socket$inet6_sctp(0x1c, 0x5, 0x84)
r1 = socket$inet6_sctp(0x1c, 0x1, 0x84)
r2 = dup2(r1, r0)
getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x29, &(0x7f0000000000), &(0x7f0000000100)=0x8)

02:06:54 executing program 3:
r0 = socket$inet6_sctp(0x1c, 0x1, 0x84)
r1 = socket(0x1c, 0x1, 0x0)
dup2(r0, r1)
setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x32, &(0x7f0000000040), 0x8)

[  391.990894][ T7446] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  392.117415][ T1201] ieee802154 phy0 wpan0: encryption failed: -22
[  392.124013][ T1201] ieee802154 phy1 wpan1: encryption failed: -22
[  392.322064][ T7446] usb 5-1: device descriptor read/64, error 18
[  392.592577][ T7446] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  392.813028][ T7446] usb 5-1: device descriptor read/64, error 18
[  392.932715][ T7446] usb usb5-port1: attempt power cycle
[  393.382142][ T7446] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  393.563602][ T7446] usb 5-1: device descriptor read/8, error -61
[  393.862221][ T7446] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  394.042243][ T7446] usb 5-1: device descriptor read/8, error -61
[  394.163302][ T7446] usb usb5-port1: unable to enumerate USB device
02:06:57 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0003040000000403010811d456c3bbeb3531d68c1bcc10b2e8"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:06:57 executing program 5:
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x8002, &(0x7f00000004c0), 0x98)

02:06:57 executing program 0:
r0 = socket$inet6_sctp(0x1c, 0x5, 0x84)
bind$inet6(r0, &(0x7f0000000000)={0x1c, 0x1c, 0x2}, 0x1c)

02:06:57 executing program 2:
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
sendmsg$inet_sctp(r0, &(0x7f0000000580)={&(0x7f0000000080)=@in6={0x1c, 0x1c}, 0x1c, 0x0, 0x0, &(0x7f00000004c0)=[@authinfo={0x10}], 0x10}, 0x0)

02:06:57 executing program 1:
clone3(&(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

02:06:57 executing program 3:
io_setup(0x7, &(0x7f0000000580))
io_setup(0x19, &(0x7f0000000340))

02:06:57 executing program 2:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x3, 0x0, 0x0)

02:06:57 executing program 5:
clone3(&(0x7f0000001380)={0x20801000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000001340)=[0x0], 0x1}, 0x58)

02:06:57 executing program 3:
socket(0x25, 0x1, 0x0)

02:06:57 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x48b, &(0x7f00000001c0)={0x0, 'batadv_slave_0\x00'}, 0x18)

02:06:57 executing program 0:
openat$drirender128(0xffffffffffffff9c, &(0x7f00000000c0), 0x838042, 0x0)

[  395.312966][ T7446] usb 5-1: new high-speed USB device number 25 using dummy_hcd
02:06:57 executing program 2:
openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000), 0x20040, 0x0)

[  395.519260][ T7446] usb 5-1: device descriptor read/64, error 18
[  395.792734][ T7446] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  395.992984][ T7446] usb 5-1: device descriptor read/64, error 18
[  396.116022][ T7446] usb usb5-port1: attempt power cycle
[  396.532259][ T7446] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  396.713606][ T7446] usb 5-1: device descriptor read/8, error -61
[  396.982516][ T7446] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  397.162747][ T7446] usb 5-1: device descriptor read/8, error -61
[  397.293453][ T7446] usb usb5-port1: unable to enumerate USB device
02:07:00 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0003040000000403010811d456c3bbeb3531d68c1bcc10b2e8"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:07:00 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
recvmmsg(r0, 0x0, 0x0, 0x0, &(0x7f0000002c80)={0x0, 0x3938700})

02:07:00 executing program 3:
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000380), 0x200001, 0x0)
ioctl$DRM_IOCTL_AGP_FREE(r0, 0x40206435, 0x0)

02:07:00 executing program 0:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_drop_memb(r0, 0x107, 0x2, &(0x7f0000000040)={0x0, 0x1, 0x6, @broadcast}, 0x10)

02:07:00 executing program 5:
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
io_setup(0x1, &(0x7f0000000180))

02:07:00 executing program 2:
openat$cachefiles(0xffffffffffffff9c, &(0x7f0000002140), 0x0, 0x0)
fork()
socketpair(0x0, 0x0, 0x0, &(0x7f0000001900))

02:07:00 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000000), 0xff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, 0x0)

02:07:00 executing program 1:
r0 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
ioctl$SIOCAX25GETINFO(r0, 0x89ed, &(0x7f0000000000))

02:07:00 executing program 3:
io_setup(0x1, &(0x7f0000000180))

02:07:00 executing program 5:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000000)={0x44, {{0xa, 0x0, 0x0, @mcast1}}}, 0x90)

02:07:01 executing program 2:
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)

02:07:01 executing program 1:
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$sock_inet_SIOCDELRT(r0, 0x890c, 0x0)

[  398.842555][ T2842] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  399.032277][ T2842] usb 5-1: device descriptor read/64, error 18
[  399.302973][ T2842] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  399.502414][ T2842] usb 5-1: device descriptor read/64, error 18
[  399.622868][ T2842] usb usb5-port1: attempt power cycle
[  400.032312][ T2842] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  400.215019][ T2842] usb 5-1: device descriptor read/8, error -61
[  400.482372][ T2842] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  400.658662][ T2842] usb 5-1: device descriptor read/8, error -61
[  400.782411][ T2842] usb usb5-port1: unable to enumerate USB device
02:07:04 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0003040000000403010811d456c3bbeb3531d68c1bcc10b2e8"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:07:04 executing program 0:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000000))

02:07:04 executing program 3:
fork()
socket$packet(0x11, 0x2, 0x300)
getpgid(0x0)

02:07:04 executing program 5:
clone(0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)="87")

02:07:04 executing program 2:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x19, 0x0, 0x0)

02:07:04 executing program 1:
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, 0x0, 0x13c4)

02:07:04 executing program 1:
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(0xffffffffffffffff, 0x50009418, 0x0)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)

02:07:04 executing program 2:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x32, &(0x7f0000002740)={0x0, {{0xa, 0x0, 0x0, @empty}}}, 0x90)

02:07:04 executing program 0:
r0 = syz_open_dev$I2C(&(0x7f0000000000), 0x0, 0x0)
ioctl$I2C_SMBUS(r0, 0x720, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x0})

02:07:04 executing program 3:
clone3(&(0x7f0000001140)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r0 = fork()
clone3(&(0x7f0000001380)={0x20801000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000001340)=[r0], 0x1}, 0x58)

02:07:04 executing program 5:
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000840), 0x2, 0x0)
write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000940)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)

02:07:04 executing program 0:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x23, &(0x7f0000002740)={0x0, {{0xa, 0x0, 0x0, @empty}}}, 0x90)

[  402.252447][ T7446] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  402.452451][ T7446] usb 5-1: device descriptor read/64, error 18
[  402.723636][ T7446] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  402.911989][ T7446] usb 5-1: device descriptor read/64, error 18
[  403.032522][ T7446] usb usb5-port1: attempt power cycle
[  403.441969][ T7446] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  403.613657][ T7446] usb 5-1: device descriptor read/8, error -61
[  403.882436][ T7446] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  404.063874][ T7446] usb 5-1: device descriptor read/8, error -61
[  404.183695][ T7446] usb usb5-port1: unable to enumerate USB device
02:07:07 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b14201040000010902380001000000"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0003040000000403010811d456c3bbeb3531d68c1bcc10b2e8"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:07:07 executing program 1:
openat$dlm_control(0xffffffffffffff9c, 0x0, 0x168c2, 0x0)

02:07:07 executing program 2:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ifreq(r0, 0x89b1, &(0x7f0000000040)={'geneve1\x00', @ifru_data=0x0})

02:07:07 executing program 5:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x38, &(0x7f0000002740)={0x0, {{0xa, 0x0, 0x0, @empty}}}, 0x90)

02:07:07 executing program 0:
syz_usb_connect$hid(0x7, 0x3f, &(0x7f00000000c0)=ANY=[], 0x0)

02:07:07 executing program 3:
socketpair(0x28, 0x0, 0x400000, &(0x7f0000000000))

02:07:07 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x1e, &(0x7f0000000240), 0x4)

02:07:07 executing program 2:
r0 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000000), 0x2)
ioctl$UDMABUF_CREATE(r0, 0x40187542, &(0x7f0000000040))

02:07:07 executing program 3:
r0 = socket$rds(0x15, 0x5, 0x0)
setsockopt$RDS_GET_MR(r0, 0x114, 0x2, &(0x7f00000000c0)={{0x0}, 0x0}, 0x20)

02:07:07 executing program 5:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
recvmmsg(r0, &(0x7f0000005500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x60, 0x0)

02:07:08 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r0, 0x89fb, &(0x7f0000000440)={'ip6gre0\x00', 0x0})

[  405.652277][ T2842] usb 5-1: new high-speed USB device number 37 using dummy_hcd
02:07:08 executing program 0:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x3b, &(0x7f0000002740)={0x0, {{0xa, 0x0, 0x0, @empty}}}, 0x90)

[  405.904068][ T2842] usb 5-1: Using ep0 maxpacket: 16
[  406.033367][ T2842] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  406.043702][ T2842] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  406.146341][ T2842] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  406.155738][ T2842] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  406.164144][ T2842] usb 5-1: Manufacturer: syz
[  406.218164][ T2842] usb 5-1: config 0 descriptor??
02:07:10 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b14201040000010902380001000000"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0003040000000403010811d456c3bbeb3531d68c1bcc10b2e8"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:07:10 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_START_REQ(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c000000e96b95"], 0x1c}}, 0x0)

02:07:10 executing program 5:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x6, &(0x7f0000000240), 0x4)

02:07:10 executing program 3:
io_setup(0x1, &(0x7f0000000180)=<r0=>0x0)
io_submit(r0, 0x1, &(0x7f0000001400)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])

02:07:10 executing program 0:
syz_mount_image$erofs(0x0, 0x0, 0x0, 0x2, &(0x7f0000001640)=[{&(0x7f00000000c0)="e2", 0x1}, {&(0x7f0000000240)='\b', 0x1, 0x1000}], 0x0, 0x0)

02:07:10 executing program 1:
syz_mount_image$erofs(0x0, &(0x7f0000000080)='./file0/file0\x00', 0x0, 0x4, &(0x7f0000001640)=[{&(0x7f00000000c0)="e2", 0x1, 0x7ff}, {&(0x7f0000000240)='\b', 0x1, 0x1000}, {&(0x7f0000000280)='$', 0x1}, {&(0x7f0000000640)="cf97db5efbf5ccb89190af363eaec8e04c02a2d7aa94ce65e0748f70d941bc7ca56f310abdccfc23a39b792b654ed60574b3d109bb93692e45278c142f77a2b79d3c57ffc4c9d143b769a2e4ef692825ef5c601b3bad1641575df2b407d1d9cbe84007e27d95434de35b97eb66dbd9a91a5f35afe93bc37cf07e965926eff482b84095a185dcf8ad8174fe945be1fd6ff679b3dd50566af00a7dc3b8018661c976d0c402667c1a4d0ea2a9bb7165df3d9d6ec35400b35fbd7ef43c49c7d3009990b019acb3ec7aa5b6e073a1f9d46f64a60ece48462946e8d979993aadd38c8510856da72d4f62da5382bb4dac0068152476371ccd7d467bd72719088ef73dc7eacd9ed2c0afdbcdebd7ffc65b0f2dd02f456c2f47175085978fa7cb3f6bce53aa8f94e8012d1fc175457a91546f048c3333b9b13ff9a095dd5b8c21a622fa39dec77b11c1d3e0300af415dd24777e538cbb9376b9b9b2caa34c5cb8058250c695e301a9fe1aced158202002fcd4f8fd26ceeb3b4801ec276bd66638df73cc4074c1fbb31f2e9ec38e275868a5b7cebffcde88832787a9bc6fc64430a3c7a9ffb9bf3420e497bf4646c23cc5612a6a418e5d44df0961a1df8b6530c1dfe1379024da6011c7864f0a6de38d54f45f7bb3667e506130e0d4444bde34733276723fd92eea1ac3d95bdc471574ea3694521734f0c85512b9a5b6fb07eb13004739de7d9efdb640fdad0bd5f1df87e94b23b492a529d100e734d20a50e8702580b546b4ac08fefbcecc90b53c0457f3c3b15fadf9308fb5e47c4c49e535a17e2f69174cf11730fa7224e1d2332f06b7db2f24d19c51839948e690777c3fac773b324eea67198f6c8571445b52829b66ce639dc837baab3dcd7faf45e791fa43b8519d6c58d8a808452490c3e502cc87b57840f446cbb646895ce3ea1a3c88df476e6cfc53de4c4cf8ca612512aa3399cbec985b1ada6fcefad817a3387644973af55281963fc2754caf853a2250969cb98a51ef5a89494c8a023f89033cb443e8e233f4fb20d63e288d55b94a72905530e568b88d0b3a712dca665a0bce7570975ec9e7f9f22fd22c07b358a5c35d79e085d64d40f3fe69a0bb2bff113aa65ae9e5b365ab51dcbe7b8cebb27df1e14595e45b5582f44f2842b6a50a4f77b12b7f48c2e51ba15edf17bfcfcf0533e1a1e7448e8e840de4ae41eefb09ec3bbefef5a219f2706e12337516d16777439abba50b6294569661a7bd0a08d3021ec10734210e2c5d20bbd95d8ef5f4bf78e569474584d0260918a2a8da02eb4f06a9ee81ef56076f588d8a27b967d800f860005e9bfa288fca9705ffc36dad82cab0b6e991827c5cc3d98a9dcb3138c43a73188f381c216cd288c362741a5ca05b300969f9ff13eb0da978eb4e9166e26be16c12a8de127d7f475ee8e4fd1cfd7a1557fe2f9f28edaef0d23174102896d12fa0dbd8ed262cd9fb90730b93198866a23eb070a9b1ad51ba84b8ab280f8d662e06d69d4b32b50d81bc92c0d8c9e7f02457b7d4be8a3f9cb828841ffebb7e39ae457d977db2ae70b31884cebbd7ba183429dbc5c22d8c3a4ee25c4cc4ece873250a21a934be1b416ff96847202150e7681b71ebbf0e9c55922f734dc045d85a1184b894cf075decd6a056aad8db2a60f714d35f9275e857038ac68aac351b56bd841da6c0f359f3f1d670b831e417ac6f9b33ac8562421e361d77431ec02f1d307e1a865ab9370801a7094c1118c9be7d2c6a2da474fa15dbcde8f237ff5f6ce2e581a9ed46dea25432d4ce39aca26a4b29da7fa432f0c9cb4028490a0fc73114e144978ab9035d7debab4817489fda686a952d5a8365ee4e483ff946b6691e035bc90260043af79e4586f8342c4b41aa17e90a9247528c4baa4ae87a223c7745553d208d4c967a0de6f3ea790989f4aa45a4467e77a4dd43e0203826609a189215aeb11303218aa4ee9d874cd6278fce0eefd50ee010f8ffeb8653fa9e13312dfeffcd414203eb7ed5e6195710bd898590cd7a79eaa8bcccee602679dd0f0b02de5961ee1683cc054479c2949971d954b227379831626b2666ec421fa827b26814a79541dcf8a3c5f327801720def12464a028b3b7daf3e25e35ff41d191af28c572effecb7d12b883a7ebdd8705085b64d4d8b15d9e6b2c7cec3ca739a4036aa9c4d5a733fc88cfca0396f68cd977e8fd72c613e77ddde71ab7dc81db8212f3f7a2b24fc756eeb1b0bc5955e6119a286c54c8164c12e46f8994185f16982dadbdbfc71d0fc699ea338f4704779d52ce4384dc487afa864d3f5a031310dbb994851e916dab50a06db7ecb351afc73c5643855863c155dc0e5d9ac697d93c5696a4ac3b07c4ed92b492ac5e1de18e3889e4d3be5880debb1402f4e4d4d6496bcf03284b2c275b5cd450bc1cfd34f54435dda41c8f7a51d1ae61913daf7d0d96e4755c5bf6b472d2658eae0d646f9090cdda0066a4dd328bd33940e8c5ef7aef76ddf86f3011a4b09438080ddb6b3189c4fb250465e622819d7e0d5320f9ddc38c790a95cc0a5090429d341d20bee6149e9d564a37e95232a5460e225725a909f60284cd7f4bf07e84f167c8f44b9a003f5e24472649dc31bb9aa2f359b453f37faa16420ff4ee67174458cdc40180e456883c63fa0ed892da137c9956cca9b13312db0e964cd77872f887714cb2ea432329b37815d3999ee8adb03269bbcecb972046e65d9db8f3219555cef3e21be66d7faf3e825a50383dff7b26815959d48dc604600aeefbeca108ed6eee5ecaf3b1744aa7c2d1059e3df488e27c984c8859e48fb81fb004f6c04ce9dd13d60cdba5d44b6b3c07ac72beebe2a8ab77a1bd8ecca841a8a7c9b160b95298f8837900804357725ad9cd709ef55e81eaea7634671d5d131be8b227c61641a2ed91d33176b3b1a3c62f7677f62edf54c548704f2945339727308d1725cdc625423516ce6e962b38845a3ed2ddb9f0a89986fac3c6b14d2213a45b94b56285807a5fbcaf585482c89fad601be30381ff066804eb8d1b5ee497f696a75cddaa7226304391afa6d8eef61329be9329d4094dcfc5de3bc6db023f6bc14a4fa40705197a55f637ece85c326f82287db6adb4e48c0fc9a32c47cc4d48f43b6ccc47809e1fac271812a34dda0575482cfc0b007ec9175e79cf05b7521371725529a8d99244d5a3cbdf3df279748c12535a1280b74f2ca280510f532f2a9961046a4aff893ab02aa1618b00c28763deb4559e276e42ee4903a88e849ab535a2c15a115cb5e02eac110c3aec8e6dba61895753f01ffa28b7a7d30fa7573801db05a43c43c456d83d2929acd77559bb615166b58c14bd258cab67065b49290ad30be6c7cb13cb0fbebfecb5b3083525f913c3b6a67a5723492862e94fd3f03da2b81721a2beed7ca389e46595cee9293cee6aff0198d03a3a943373583ae691adb0faf2c954e8cf043c5f0e024b1c9d7ce5f29860ba6d6ed4a14e2ff85121d6996dd68371b665706652e08f41da25", 0x9c1, 0xf23}], 0x0, 0x0)

[  408.259309][ T7446] usb 5-1: USB disconnect, device number 37
[  408.482824][T10917] loop1: detected capacity change from 0 to 16
02:07:11 executing program 1:
pselect6(0x0, 0x0, &(0x7f0000000300), 0x0, 0x0, 0x0)

02:07:11 executing program 2:
clone3(&(0x7f0000000700)={0x100e1000, 0x0, 0x0, 0x0, {}, &(0x7f0000000540)=""/187, 0xbb, &(0x7f0000000600)=""/159, &(0x7f00000006c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0], 0x7}, 0x58)

[  408.689294][T10923] loop0: detected capacity change from 0 to 16
02:07:11 executing program 3:
clone3(&(0x7f0000000240)={0x0, &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080), {0x39}, &(0x7f00000000c0)=""/72, 0x48, &(0x7f0000000140)=""/133, &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5}, 0x58)

02:07:11 executing program 5:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x3a, 0x0, 0x0)

[  408.857583][T10923] loop0: detected capacity change from 0 to 16
02:07:11 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x11, &(0x7f0000000240), 0x4)

[  409.242467][ T2842] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  409.483646][ T2842] usb 5-1: Using ep0 maxpacket: 16
[  409.603851][ T2842] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  409.614298][ T2842] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
02:07:12 executing program 5:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$FUSE_NOTIFY_DELETE(r0, &(0x7f0000000040)={0x2e, 0x6, 0x0, {0x0, 0x0, 0x5, 0x0, '):/].'}}, 0x2e)

[  409.786860][ T2842] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  409.796228][ T2842] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  409.804601][ T2842] usb 5-1: Manufacturer: syz
[  409.904546][ T2842] usb 5-1: config 0 descriptor??
[  411.842948][ T7446] usb 5-1: USB disconnect, device number 38
02:07:14 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b14201040000010902380001000000"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0003040000000403010811d456c3bbeb3531d68c1bcc10b2e8"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:07:14 executing program 0:
socketpair(0x10, 0x0, 0x0, &(0x7f0000001900))

02:07:14 executing program 3:
modify_ldt$write(0x1, &(0x7f0000000000)={0x1f00}, 0x10)

02:07:14 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x90)

02:07:14 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x15, &(0x7f0000000240), 0x4)

02:07:14 executing program 5:
r0 = getpgid(0x0)
ptrace$getsig(0x4202, r0, 0x0, 0x0)

02:07:14 executing program 3:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x49, &(0x7f0000002740)={0x0, {{0xa, 0x0, 0x0, @empty}}}, 0x90)

02:07:15 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_MCAST_LEAVE_GROUP(r0, 0x0, 0x2d, &(0x7f0000000000)={0x0, {{0x2, 0x0, @loopback}}}, 0x88)

02:07:15 executing program 5:
fork()
clone3(&(0x7f0000000700)={0x100e1000, &(0x7f0000000480), 0x0, &(0x7f0000000500), {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

02:07:15 executing program 2:
bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x3, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x3}, 0x40)

02:07:15 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x13, &(0x7f0000002740)={0x0, {{0xa, 0x0, 0x0, @empty}}}, 0x90)

[  413.053115][ T7446] usb 5-1: new high-speed USB device number 39 using dummy_hcd
02:07:15 executing program 0:
setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0)
setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0)
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f00000004c0), 0x9050, &(0x7f0000000980)=ANY=[])

[  413.292868][ T7446] usb 5-1: Using ep0 maxpacket: 16
[  413.415378][ T7446] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  413.425826][ T7446] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  413.624384][ T7446] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  413.633932][ T7446] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  413.642379][ T7446] usb 5-1: Manufacturer: syz
[  413.689641][ T7446] usb 5-1: config 0 descriptor??
[  413.730151][T10999] =======================================================
[  413.730151][T10999] WARNING: The mand mount option has been deprecated and
[  413.730151][T10999]          and is ignored by this kernel. Remove the mand
[  413.730151][T10999]          option from the mount to silence this warning.
[  413.730151][T10999] =======================================================
02:07:18 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0003040000000403010811d456c3bbeb3531d68c1bcc10b2e8"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:07:18 executing program 3:
clone3(&(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000780)}, 0x58)

02:07:18 executing program 1:
syz_mount_image$erofs(0x0, 0x0, 0x0, 0x1, &(0x7f0000001640)=[{&(0x7f0000000280)='$', 0x1}], 0x0, 0x0)

02:07:18 executing program 2:
clone3(&(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
fork()
clone3(&(0x7f0000000700)={0x100e1000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

02:07:18 executing program 5:
clone3(&(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, {}, &(0x7f00000000c0)=""/72, 0x48, 0x0, 0x0}, 0x58)

02:07:18 executing program 0:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000100)={0x1, &(0x7f00000000c0)=[{0x0, 0x7, 0x0, 0x100}]})

[  415.560759][   T26] usb 5-1: USB disconnect, device number 39
02:07:18 executing program 0:
r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_TLV_READ(r0, 0xc008551a, &(0x7f0000000140)=ANY=[@ANYBLOB="02091a0310"])

02:07:18 executing program 5:
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @empty}, 0x10)

02:07:18 executing program 3:
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000380)=@req={0xca1, 0x6}, 0x10)

02:07:18 executing program 1:
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000001c0), 0x802, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, 0x0, 0x0)

02:07:18 executing program 2:
socket$nl_generic(0x10, 0x3, 0x10)
pselect6(0x40, &(0x7f0000000000), &(0x7f0000000040)={0x1}, 0x0, 0x0, 0x0)

[  416.572778][ T2842] usb 5-1: new high-speed USB device number 40 using dummy_hcd
02:07:19 executing program 0:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x39, &(0x7f0000002740)={0x0, {{0xa, 0x0, 0x0, @empty}}}, 0x90)

[  416.853455][ T2842] usb 5-1: Using ep0 maxpacket: 16
[  416.973610][ T2842] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  416.984067][ T2842] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  416.994201][ T2842] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  417.164644][ T2842] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  417.173996][ T2842] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  417.182433][ T2842] usb 5-1: Manufacturer: syz
[  417.259502][ T2842] usb 5-1: config 0 descriptor??
02:07:21 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0003040000000403010811d456c3bbeb3531d68c1bcc10b2e8"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:07:21 executing program 5:
clone3(&(0x7f0000000400)={0x2e00ac000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
fork()
clone3(&(0x7f0000000700)={0x100e1000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

02:07:21 executing program 3:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x1b, &(0x7f0000000240), 0x4)

02:07:21 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x3a, &(0x7f0000002740)={0x0, {{0xa, 0x0, 0x0, @empty}}}, 0x90)

02:07:21 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x6)
sendmsg$BATADV_CMD_GET_ORIGINATORS(r0, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000a00)={&(0x7f00000009c0)={0x14}, 0x14}}, 0x0)

02:07:21 executing program 2:
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000000)={0x28, 0x0, 0xffffffff}, 0x10)

[  419.215130][   T26] usb 5-1: USB disconnect, device number 40
02:07:22 executing program 0:
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$sock_ifreq(r0, 0x0, 0x0)

02:07:22 executing program 3:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x23, 0x0, 0x0)

02:07:22 executing program 1:
r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(r0, 0x0, &(0x7f00000002c0)='sync\x00', 0x0, 0x0)

02:07:22 executing program 2:
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x0, 0x0}}, 0x20)

02:07:22 executing program 5:
r0 = fork()
clone3(&(0x7f0000001380)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000001340)=[r0], 0x1}, 0x58)

[  420.376598][ T8283] usb 5-1: new high-speed USB device number 41 using dummy_hcd
02:07:23 executing program 0:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x21, &(0x7f0000002740)={0x0, {{0xa, 0x0, 0x0, @empty}}}, 0x90)

[  420.632560][ T8283] usb 5-1: Using ep0 maxpacket: 16
[  420.753434][ T8283] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  420.763996][ T8283] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  420.774156][ T8283] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  420.985000][ T8283] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  420.994516][ T8283] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  421.002874][ T8283] usb 5-1: Manufacturer: syz
[  421.117760][ T8283] usb 5-1: config 0 descriptor??
02:07:25 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0003040000000403010811d456c3bbeb3531d68c1bcc10b2e8"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:07:25 executing program 3:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x2d, &(0x7f0000002740)={0x0, {{0xa, 0x0, 0x0, @empty}}}, 0x90)

02:07:25 executing program 1:
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000380)=@req={0x0, 0x0, 0x0, 0x6f}, 0x10)

02:07:25 executing program 2:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000280)={'filter\x00', 0x7, 0x4, 0x3f0, 0x110, 0x1f8, 0x1f8, 0x308, 0x308, 0x308, 0x4, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@local, @local, @remote}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28}}, {{@arp={@remote, @broadcast, 0x0, 0x0, 0x0, 0x0, {@mac=@local}, {@mac=@dev, {[0x0, 0x0, 0x0, 0xff]}}, 0x5a18, 0x6, 0x0, 0x0, 0x0, 0x0, 'nr0\x00', 'wlan0\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@local, @empty, @empty, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x440)
getsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x0, &(0x7f0000000000), &(0x7f0000000040)=0x4)
socket$inet_mptcp(0x2, 0x1, 0x106)

02:07:25 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x3, &(0x7f0000000240), 0x4)

02:07:25 executing program 5:
openat$vcsa(0xffffffffffffff9c, &(0x7f0000000180), 0x100800, 0x0)

[  422.884176][ T8283] usb 5-1: USB disconnect, device number 41
02:07:25 executing program 0:
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000180)=0xffffffffffffffff, 0x4)

02:07:25 executing program 1:
rt_sigaction(0x3b, 0x0, 0x0, 0x8, &(0x7f00000001c0))

02:07:25 executing program 5:
syz_mount_image$erofs(0x0, &(0x7f0000002880)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$fuse(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x1000001, 0x0)

02:07:25 executing program 3:
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000480)={0x0, {0x2, 0x0, @broadcast}, {0x2, 0x0, @empty}, {0x2, 0x0, @broadcast}, 0x116, 0x0, 0x0, 0x0, 0xffff, &(0x7f0000000440)='macvlan1\x00'})

02:07:25 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0xf)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0)

02:07:26 executing program 1:
setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0)
clone(0x0, 0x0, &(0x7f0000000040), &(0x7f0000000380), &(0x7f00000003c0)="87c945f44ed5fd20e74a7a454f1c243fc97d87")

[  423.884692][ T2842] usb 5-1: new high-speed USB device number 42 using dummy_hcd
[  424.132549][ T2842] usb 5-1: Using ep0 maxpacket: 16
[  424.263331][ T2842] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  424.273762][ T2842] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  424.283916][ T2842] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  424.434204][ T2842] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  424.443661][ T2842] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  424.452092][ T2842] usb 5-1: Manufacturer: syz
[  424.517321][ T2842] usb 5-1: config 0 descriptor??
02:07:29 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0003040000000403010811d456c3bbeb3531d68c1bcc10b2e8"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:07:29 executing program 2:
clone(0x0, &(0x7f00000002c0)="e832ed283fa8e13cd529f9208054083c70993038b36dc19c02344a0443fcbca29e2ba68aed91e6096af5cf7e601df9045e55c2ab9a3399d8221800bfa8028b89861ed0d13aedf2e80019dd0e", 0x0, 0x0, &(0x7f00000003c0)="87c945f44ed5fd20e74a7a454f1c243fc97d8749a8d86e4d47971d19077ed3f1ed")

02:07:29 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x10, &(0x7f0000000240), 0x4)

02:07:29 executing program 5:
clone(0x82184000, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000100)="ec")

02:07:29 executing program 3:
pselect6(0x0, 0x0, &(0x7f0000000300), &(0x7f0000000340), 0x0, 0x0)

02:07:29 executing program 1:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000100)={0x0, 0x0})

[  426.378392][ T7446] usb 5-1: USB disconnect, device number 42
02:07:29 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$EBT_SO_GET_INIT_INFO(r0, 0x0, 0x82, &(0x7f0000000400)={'filter\x00'}, &(0x7f0000000480)=0x78)

02:07:29 executing program 1:
r0 = socket$inet6_dccp(0xa, 0x6, 0x0)
io_setup(0x2, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000006c0)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0}])

02:07:29 executing program 2:
clone(0x102200180, 0x0, 0x0, 0x0, 0x0)

02:07:29 executing program 5:
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000002400)={'batadv_slave_0\x00'})

02:07:29 executing program 2:
socket$inet6(0xa, 0x0, 0x401)

[  427.333687][ T2842] usb 5-1: new high-speed USB device number 43 using dummy_hcd
02:07:30 executing program 0:
clone3(&(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, {}, &(0x7f00000000c0)=""/72, 0x48, 0x0, &(0x7f0000000200)=[0x0], 0x1}, 0x58)

[  427.572049][ T2842] usb 5-1: Using ep0 maxpacket: 16
[  427.702326][ T2842] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  427.712873][ T2842] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  427.724439][ T2842] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  427.964131][ T2842] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  427.973538][ T2842] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  427.981679][ T2842] usb 5-1: Manufacturer: syz
[  428.023747][ T2842] usb 5-1: config 0 descriptor??
02:07:32 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0003040000000403010811d456c3bbeb3531d68c1bcc10b2e8"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:07:32 executing program 1:
io_setup(0x1, &(0x7f0000000180)=<r0=>0x0)
io_submit(r0, 0x1, &(0x7f0000001400)=[0x0])

02:07:32 executing program 3:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_buf(r0, 0x6, 0x1f, &(0x7f0000000000)="bd97f4437a476d39", 0x8)

02:07:32 executing program 5:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x49, 0x0, 0x0)

02:07:32 executing program 2:
modify_ldt$write(0x1, &(0x7f0000000000)={0x1000000}, 0x10)

02:07:32 executing program 0:
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2b}}, 0x10)

[  429.933469][ T7446] usb 5-1: USB disconnect, device number 43
02:07:32 executing program 0:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x33, &(0x7f0000002740)={0x0, {{0xa, 0x0, 0x0, @empty}}}, 0x90)

02:07:32 executing program 5:
syz_mount_image$fuse(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$erofs(&(0x7f00000028c0), &(0x7f0000002900)='./file0/file0\x00', 0x0, 0x5, &(0x7f0000003dc0)=[{&(0x7f0000002940)="a0e804c5530c4f5847aaae2c46a6e429e6", 0x11, 0x4}, {&(0x7f0000002980)="3e3b440398", 0x5}, {&(0x7f00000029c0)="0c698bd13ca1dd783e3238ec6f338fc8bfd43212e30cf531efde97e7748f2caa8a006d9a28a6340ae74f1da0b855f92e8c0228cf9d4fbbc4cc50ff2126bb37d124ff046cffbd9ce1dec8b2a10ad03cad2a82f343f574a248a0aed6f27e7f70a9152415a3b7a23b4d82cb158b2d30b124569f9536c21c019f0bed22683b877364e4880972ec55a001764d7598cfa7485f8ddcad6cf28dd5b3743f488b247a2f775e2a064293f426ba2d90fba76f2473ff3703ea0c86ff5155b8eeb514283563f546235c83ba70ab1b9dc615867c245ca1b0af02e0a986", 0xd6, 0x8c3}, {&(0x7f0000002ac0)="ae2204a86aa7717093605be6195f2e4272db4a8f89ffe6f80eaf4cb68ed91e1357adbb6b628204d7175523357a53c79b8c635336c11b09b076a49d9d47e82cb6c28cecdb905d1ae5f2837c5ffaebc6f2c198e80f01baff7b87", 0x59, 0x8000}, {0x0, 0x0, 0x3ff}], 0x2010010, &(0x7f0000003ec0)={[{@noacl}, {}, {@noacl}, {@nouser_xattr}], [{@smackfstransmute={'smackfstransmute', 0x3d, '\xb6\xc2'}}]})

02:07:32 executing program 2:
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)

02:07:33 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_ifreq(r0, 0x89a2, &(0x7f0000000080)={'wg2\x00', @ifru_hwaddr=@random})

02:07:33 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$EBT_SO_GET_INIT_INFO(r0, 0x0, 0x82, 0x0, &(0x7f0000000480))

02:07:33 executing program 0:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$SIOCAX25DELUID(r0, 0x89e2, 0x0)

[  430.749586][T11258] loop5: detected capacity change from 0 to 128
[  430.765243][ T7446] usb 5-1: new high-speed USB device number 44 using dummy_hcd
[  430.931588][T11258] erofs: Unknown parameter 'smackfstransmute'
[  431.013221][ T7446] usb 5-1: Using ep0 maxpacket: 16
[  431.134718][ T7446] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  431.145096][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  431.156676][ T7446] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  431.384806][ T7446] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  431.394411][ T7446] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  431.402869][ T7446] usb 5-1: Manufacturer: syz
[  431.447397][ T7446] usb 5-1: config 0 descriptor??
02:07:36 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0003040000000403010811d456c3bbeb3531d68c1bcc10b2e8"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:07:36 executing program 2:
r0 = socket$inet6_dccp(0xa, 0x6, 0x0)
io_setup(0x2, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000006c0)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x2, 0x0, r0, &(0x7f00000000c0)}])

02:07:36 executing program 3:
r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
fcntl$getown(r0, 0x9)

02:07:36 executing program 5:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
recvfrom$inet(r0, 0x0, 0x0, 0x40000103, 0x0, 0x0)

02:07:36 executing program 0:
semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000040)=[0xfffb])

02:07:36 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r0, 0x89fb, &(0x7f00000000c0)={'ip6tnl0\x00', 0x0})

[  433.433859][ T7446] usb 5-1: USB disconnect, device number 44
02:07:36 executing program 2:
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @multicast1}, 0x10)

02:07:36 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000240), r0)
sendmsg$NLBL_UNLABEL_C_STATICADD(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)={0x58, r1, 0xe1824c75c1d89a35, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_ACPTFLG={0x5}, @NLBL_UNLABEL_A_SECCTX={0x28, 0x7, 'system_u:object_r:sulogin_exec_t:s0\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @private1}]}, 0x58}}, 0x0)

02:07:36 executing program 0:
syz_mount_image$erofs(0x0, 0x0, 0x0, 0x5, &(0x7f0000001640)=[{&(0x7f00000000c0)="e2", 0x1, 0x7ff}, {&(0x7f0000000240)='\b', 0x1, 0x1000}, {&(0x7f0000000280)='$', 0x1}, {&(0x7f0000000340)="ee", 0x1}, {0x0}], 0x0, 0x0)

02:07:36 executing program 5:
pselect6(0x40, &(0x7f0000004600)={0x80}, &(0x7f0000004640)={0x6}, &(0x7f0000004680)={0x7, 0x0, 0x10001, 0x10001, 0x80000000, 0x3, 0x80000001}, &(0x7f00000046c0)={0x0, 0x3938700}, &(0x7f0000004740)={&(0x7f0000004700), 0x8})

02:07:36 executing program 3:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_REMOVE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[], 0x37fe0}}, 0x0)

02:07:37 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_GETPARAMS(r0, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={0x0}}, 0x0)

[  434.554660][ T2842] usb 5-1: new high-speed USB device number 45 using dummy_hcd
[  434.606522][T11320] loop0: detected capacity change from 0 to 16
[  434.764975][T11320] loop0: detected capacity change from 0 to 16
[  434.822663][ T2842] usb 5-1: Using ep0 maxpacket: 16
[  434.943608][ T2842] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  434.954383][ T2842] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  434.965915][ T2842] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  435.193801][ T2842] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  435.203407][ T2842] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  435.211548][ T2842] usb 5-1: Manufacturer: syz
[  435.269764][ T2842] usb 5-1: config 0 descriptor??
02:07:39 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0003040000000403010811d456c3bbeb3531d68c1bcc10b2e8"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:07:39 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000240), r0)
sendmsg$NLBL_UNLABEL_C_STATICADD(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)={0x58, r1, 0xe1824c75c1d89a35, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_ACPTFLG={0x5}, @NLBL_UNLABEL_A_SECCTX={0x28, 0x7, 'system_u:object_r:sulogin_exec_t:s0\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @private1}]}, 0x58}}, 0x0)

02:07:39 executing program 5:
syz_mount_image$tmpfs(0x0, 0x0, 0x0, 0x2, &(0x7f0000000740)=[{&(0x7f0000000540)='(', 0x1}, {&(0x7f0000000580)="105504f816ed28a00be305f583e8dcc26dbb2b", 0x13, 0x3}], 0x0, 0x0)

02:07:39 executing program 3:
chmod(&(0x7f0000000000)='./file0\x00', 0x0)
readlink(&(0x7f0000000640)='./file1\x00', 0x0, 0x0)

02:07:39 executing program 0:
io_setup(0x7, &(0x7f0000000580)=<r0=>0x0)
io_pgetevents(r0, 0xffffffff, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, &(0x7f0000000540)={&(0x7f00000001c0), 0x8})

02:07:39 executing program 2:
openat$null(0xffffffffffffff9c, &(0x7f0000000040), 0x80c2, 0x0)

[  437.155560][ T2842] usb 5-1: USB disconnect, device number 45
02:07:40 executing program 2:
recvmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0xc0010001, 0x0)

02:07:40 executing program 0:
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="4fec9af65f848965ca2962d86ceb6ea59668e893755cbf700f4c704c5d8c2089e96a3a6b63c969100734225124f7419a6b1bbfd9a1650df46c2046384c09c6685cd0284de8e89994009c1f61f0ea94e9d9")
r3 = perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x8a202, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00'})
r5 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r5, 0x8914, &(0x7f00000000c0)={'syzkaller1\x00', {0x2, 0x0, @initdev}})
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00'})
write$binfmt_misc(r1, &(0x7f0000000340)=ANY=[], 0xfffffecc)
perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r3, 0x81f8943c, &(0x7f0000000340))
splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0)

02:07:40 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000200)={0x38, 0x2, 0x0, 0x4, 0x9, 0x20000001, 0x8000000000000, 0x0, 0x1}, 0x0)
getpid()
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0)
pipe(&(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmmsg(0xffffffffffffffff, &(0x7f00000073c0)=[{{0x0, 0x0, &(0x7f00000027c0)=[{&(0x7f0000002c00)=""/4096, 0x1000}], 0x1, 0x0, 0xffffffffffffffde}}], 0x1, 0x0, 0x0)
fcntl$setpipe(r2, 0x407, 0x0)
socket$packet(0x11, 0x0, 0x300)
write(r2, &(0x7f0000000340), 0x41395527)
socket$packet(0x11, 0x0, 0x300)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x0, 0x6}, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000300)='cpuset\x00')
preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0)

02:07:40 executing program 1:
syz_open_dev$MSR(&(0x7f0000000400), 0x40, 0x0)

02:07:40 executing program 5:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$IPT_SO_GET_INFO(r0, 0x0, 0x40, &(0x7f0000000000)={'raw\x00'}, &(0x7f0000000080)=0x54)

[  438.042862][ T2842] usb 5-1: new high-speed USB device number 46 using dummy_hcd
02:07:40 executing program 2:
openat$null(0xffffffffffffff9c, &(0x7f0000000e40), 0x1, 0x0)

[  438.302628][ T2842] usb 5-1: Using ep0 maxpacket: 16
[  438.427117][ T2842] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  438.437946][ T2842] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  438.449485][ T2842] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  438.654097][ T2842] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  438.663474][ T2842] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  438.671639][ T2842] usb 5-1: Manufacturer: syz
[  438.793238][ T2842] usb 5-1: config 0 descriptor??
02:07:43 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0003040000000403010811d456c3bbeb3531d68c1bcc10b2e8"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:07:43 executing program 1:
open$dir(0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000001f00)='setgroups\x00')

02:07:43 executing program 5:
syz_mount_image$vfat(&(0x7f0000001440), 0x0, 0x0, 0x0, 0x0, 0x100000000000000, &(0x7f0000002940))

02:07:43 executing program 2:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x2, 0x0)

02:07:43 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9}, 0x0)
getpid()
sched_setattr(0x0, &(0x7f0000000200)={0x38, 0x1, 0x0, 0x4, 0x9}, 0x0)
pipe(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmmsg(0xffffffffffffffff, &(0x7f00000073c0)=[{{0x0, 0x0, &(0x7f00000027c0)=[{&(0x7f0000002c00)=""/4096, 0x1000}], 0x1, 0x0, 0xffffffffffffffde}}], 0x1, 0x10120, 0x0)
fcntl$setpipe(r1, 0x407, 0x0)
write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527)
vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1}, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000300)='mounts\x00')
preadv(r2, &(0x7f00000017c0), 0x375, 0x0, 0x0)

02:07:43 executing program 0:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmmsg$unix(r0, &(0x7f00000bd000), 0x318, 0x0)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f00000003c0))
recvmmsg(r0, &(0x7f0000000380)=[{{&(0x7f0000000280)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @dev}}}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/43, 0x2b}, {&(0x7f0000000300)=""/121, 0x79}, {&(0x7f0000000400)=""/187, 0xbb}, {&(0x7f00000005c0)=""/217, 0xd9}, {&(0x7f00000006c0)=""/154, 0x9a}, {&(0x7f00000007c0)=""/171, 0xab}], 0x6, &(0x7f0000000880)=""/4096, 0x1000}, 0x800}], 0x1, 0x10001, 0x0)
ioctl$VHOST_SET_VRING_ERR(0xffffffffffffffff, 0x4008af22, &(0x7f0000000040))
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000180)={0x0, 0x0, 0x0, &(0x7f0000000540)=""/78, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000780)={0x1, 0x0, 0x0, &(0x7f00000000c0)=""/159, 0x0})
socket$nl_route(0x10, 0x3, 0x0)
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000080)=0x1)

[  440.713130][ T7446] usb 5-1: USB disconnect, device number 46
02:07:43 executing program 5:
syz_mount_image$tmpfs(&(0x7f0000000480), &(0x7f00000004c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)={[{@huge_advise}, {@nr_inodes={'nr_inodes', 0x3d, [0x0]}}]})

02:07:43 executing program 2:
syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001340)={[], [{@context={'context', 0x3d, 'root'}}]})

02:07:43 executing program 1:
capset(&(0x7f0000000080)={0x20080522}, 0x0)

02:07:44 executing program 0:
r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
setsockopt$inet6_tcp_buf(r0, 0x6, 0x0, 0x0, 0x0)

[  441.869156][T11436] tmpfs: Bad value for 'nr_inodes'
[  441.889850][ T8283] usb 5-1: new high-speed USB device number 47 using dummy_hcd
[  441.905653][T11436] tmpfs: Bad value for 'nr_inodes'
02:07:44 executing program 1:
r0 = syz_open_procfs(0x0, &(0x7f0000001f00)='setgroups\x00')
bind$vsock_stream(r0, 0x0, 0x0)

[  441.965773][T11438] tmpfs: Unknown parameter 'context'
[  441.979244][T11438] tmpfs: Unknown parameter 'context'
02:07:44 executing program 5:
syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000300), 0x20, &(0x7f0000003600)={[], [{@uid_eq={'uid', 0x3d, 0xffffffffffffffff}}]})

[  442.133386][ T8283] usb 5-1: Using ep0 maxpacket: 16
[  442.282897][ T8283] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  442.293302][ T8283] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  442.304893][ T8283] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  442.582509][ T8283] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  442.592008][ T8283] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  442.600210][ T8283] usb 5-1: Manufacturer: syz
[  442.704377][ T8283] usb 5-1: config 0 descriptor??
[  444.443425][ T8283] usb 5-1: USB disconnect, device number 47
02:07:47 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0003040000000403010811d456c3bbeb3531d68c1bcc10b2e8"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:07:47 executing program 2:
mount$fuseblk(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000004e40)={&(0x7f0000004e00)='./file0\x00'}, 0x10)

02:07:47 executing program 3:
syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='mode=0'])

02:07:47 executing program 0:
syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000027c0)=ANY=[@ANYBLOB='='])

02:07:47 executing program 1:
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000040), 0x14)
socketpair(0x3a, 0x0, 0x0, &(0x7f00000001c0))

02:07:47 executing program 5:
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9}, 0x0)
pipe(0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000073c0)=[{{0x0, 0x0, &(0x7f00000027c0)=[{&(0x7f0000002c00)=""/4096, 0x1000}], 0x1, 0x0, 0xffffffffffffffde}}], 0x1, 0x0, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
socket$packet(0x11, 0x0, 0x300)
r0 = syz_open_procfs(0x0, &(0x7f0000000300)='cpuset\x00')
preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0x0)

02:07:47 executing program 3:
nanosleep(&(0x7f0000004e40)={0x0, 0x3938700}, 0x0)

02:07:47 executing program 1:
syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB=',fscontext'])

02:07:47 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$sock_timeval(r0, 0x1, 0x0, 0x0, &(0x7f0000000040))

[  444.943062][T11479] tmpfs: Unknown parameter ''
[  444.964760][T11479] tmpfs: Unknown parameter ''
02:07:47 executing program 5:
mount$fuseblk(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0)

02:07:47 executing program 0:
syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='mode=00'])

[  445.382915][ T7446] usb 5-1: new high-speed USB device number 48 using dummy_hcd
02:07:48 executing program 3:
syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000027c0)=ANY=[@ANYBLOB='uid=', @ANYRESHEX, @ANYBLOB='='])

[  445.627256][T11491] tmpfs: Unknown parameter 'fscontext'
[  445.633314][ T7446] usb 5-1: Using ep0 maxpacket: 16
[  445.679159][T11491] tmpfs: Unknown parameter 'fscontext'
[  445.753755][ T7446] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  445.764453][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  445.776900][ T7446] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  446.024175][ T7446] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  446.033692][ T7446] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  446.042100][ T7446] usb 5-1: Manufacturer: syz
[  446.091343][T11495] tmpfs: Bad value for 'uid'
[  446.102120][ T7446] usb 5-1: config 0 descriptor??
[  446.123483][T11495] tmpfs: Bad value for 'uid'
02:07:50 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb9010200090502"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0003040000000403010811d456c3bbeb3531d68c1bcc10b2e8"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:07:50 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_SET_BACKOFF_EXPONENT(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000900)={&(0x7f0000000880)={0x14, 0x0, 0x4}, 0x14}}, 0x0)

02:07:50 executing program 2:
syz_mount_image$tmpfs(&(0x7f0000000480), &(0x7f00000004c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)={[{@huge_advise}]})

02:07:50 executing program 0:
syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)

02:07:50 executing program 1:
unlinkat(0xffffffffffffffff, &(0x7f0000001f80)='./file0\x00', 0x0)

02:07:50 executing program 3:
syz_mount_image$vfat(0x0, 0x0, 0x0, 0x2, &(0x7f0000005d40)=[{&(0x7f0000004900)='w', 0x1}, {&(0x7f0000004a40)='!', 0x1, 0x80000001}], 0x0, 0x0)

[  447.958934][ T7446] usb 5-1: USB disconnect, device number 48
02:07:50 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_GETPARAMS(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)

02:07:51 executing program 1:
clock_getres(0x3, &(0x7f00000045c0))

02:07:51 executing program 0:
futimesat(0xffffffffffffffff, 0x0, &(0x7f0000002c80))

[  448.353038][T11520] loop3: detected capacity change from 0 to 264192
02:07:51 executing program 2:
syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB=',fscontextme'])

[  448.537666][T11520] loop3: detected capacity change from 0 to 264192
02:07:51 executing program 3:
pselect6(0x40, &(0x7f0000004600), 0x0, 0x0, &(0x7f00000046c0)={0x0, 0x3938700}, 0x0)

02:07:51 executing program 1:
syz_mount_image$vfat(0x0, 0x0, 0x0, 0x4, &(0x7f0000001380)=[{&(0x7f00000001c0)="d3", 0x1, 0x8000}, {&(0x7f0000000240)="555db564c1becaa6d8381127d0624fbdc003dbbef0b3902b3435c45ed759130388749fb3e97067c601fc49a9b27a7d136553d1a1e9e31e2094a439ac2aa08efbb2c9b5ecb16f71f0175b64c74f27a56f14de7b2ecec81c93a030c5b1809bbbbba7d3e96e2a789da0815bb4da0527fdd878380c4a5dc6fd504a2be5781962f6afe272a46a77ca018f986eb038cfa2add27f4cff7902cd5326acef1b337c9af2140aebb8e816e900e6e276ecb9640485d9b2250956edef139e80a6e8f81a9dabdb5f07c71e688b984e390252c861843f76dd641ec43157d92845b8f2abca2fd333c5d46b30c40a4f4db96f246b02fb5996bb34edab42fc4ebb27824f41e66b46e414f79029e857f6de588ecd3beaa1384e370a117912543181f57674b72cda7a621daf1a1044e30b08acbdd119c476d6f73a032e3ce1107dcc013a6cccfb8c8262d21f4dd0b033d5f46e4cf8975e338e4493a662b9f4b6c34c37f3411dfcb208d3ad15b9b601afa3f9dbbdbe5e628aaa8ac0a8e732ff19cdf0eeae250628017fd1a26bc5a87ba2fd87589cbffb4525ab7d0220a667d8f2950e38362f9ec5a6633557e45c0c54e9a4e48792f122f840ba7f1b34bd052cc901988034cc6597af93526b52e6dd8172925aeeaeaf86e6069b44744d1611fafc0ee809cb0b3528ed2ddd8c1852ee7b312ae71971d74e0b79ea4c0bcf617d2a5478191c36c38d46d802ca4f21a7d9733aee30eb9d019914276e60fa3e5c952fd7b25026916ce797af362d5666d8d98f27f67da7eee37682b7e586ae2fd8fc221d819b63264096384f9a61c08c65a7b053f902751d105e75b54fd9c0012b1a39381516c93f434d220033e3a1480a2378be5d9c85491b12804c6fc8d789d3aa6a92dad72ea01c96b7758d33ff5f5bd1a366dfcfec3758d781a514e425740daf8c99c3922b9249ea9bd3215e46b80c57d649e3ac699cfd7fc66a167813d3122ad4717d44144c4371beb4fb615205a3e87ec96a82f4340fd18d95880b8b789c44a47fc3dd85d427c9e9ddb67eb618b78ddbfb8ca756b904dbd7d6c0ac298c9154bbcf57d7d635a554e8fe8ef538c4b878662b3a5b9009ef2892cbb2b5ef597795c886d86fd7d3951c36bf02ce67c15dc420c825ec537959ce6bd6251491752a0931694f3b35999aaea556eaab5a19609c07726a3b0a8792439192e65696ad37a7a3ff0f2184c45ef7c9bb9a64d0512a137130166ea5977a2dee5a4f6aedb3c21d78aa405212fa0047ecfbae8c77f19a188d759b869400b9e00c8d6dc7362e9c3ce12032e009580454630408e6047344bde2618d31de242aa71d2918b404a872010e9a961aa0abbafa31ce3ec48dcd8914da786a5902d3aaa5fc693ebc0a3a38a2014bb95831193b37d30c662a77502117e7a1061b7945d06cef945bb99e5d7f907f7109c4dd8658c9823b0b17918698e63e60b3df69c7579d94a27daa29f6c9e44167c3bb8f5c6f87d8251d1e07d637f9085be1c71d875a7c22d203761b7dd257c12fb02fb75fae82bc99b4b12de363a53b5b5069ad0ce8a62890a2f67bbb978bf17f8c8771ce14d81b945c35773d87abe19230fabe865e731e381c94a22de659eb24803d00127e11dd2588a5d1c58c51446e27e741f67083fed2815cbc50eebc350e10feadd596f230a7ef2e549bd64d90db22a8fe1ab67a0ab3ddc8e82f8d7ef6f878577021714ca8510dbafd0ecceabf6c361c64bbbd3b46a196154e6177f3a7b54f99f91e69621b899c3e1b650cdb08e11ba6908af0bddde7f18c9f84ffadb1aa3332adc2306b4010f2a271abb556da621d7361db061e3499b31feba4b06d58bca4c72bad3915518f04d0b0ccde47aeabeab8f09e2efd1c6030a896a31adb78cb38679c44504359d850ba8fd30bae534dd606e9bb3a86587c46dd3ebe381e759233279e5261d0a4b685daba3334fdb62cda1c9161f7a7a3cd494c8eeed35032ba0107ce54a295332106845500f207211010d3b65ae0eae80239191bfbcfbeba93aa5d81dba416d9e97edb761dedf52ea04a1b863f19278416fe85dc8b43794d9ffda76d5c118036a417ad191343ffae0c671eeeeb4f5fa7f7bcfa6dbf2b459500bf49166503aa36f52e0e07e87a0569433ce499b3fe76f08951d26cb8a2eefc3bc124fe94de54c1e5cef5ffe342e20f3fdc1256d76a4e9558c5f64be3acc3f0717dbd1e1cd538ec735d41ed74b98be5c215a79bd652357e904c0e0be86edf9267041cd12cd60109838ba8f9b7bb017c7fe6b2ad6cb140d8b591ee180e648a1f5d12b38d4185bdc16494d763d6a5777f28719ceef5f0f5732261aed0831775657ae76a7901e9cfccc1ec5022c5e8dbab13821f8e29d0c567379722012858b336d240c83265dd9c839cb466fd7ea10a1a0afd576a6982cda67ce0f9970ea8de74ba27bbea9b1835bce14c75c36337250c7d9abb2dcbd030b85238badb006d2e232f4a68306dfc2c852f9d8dc0fa1070b3bde7003f87e8027cb752eb5ef5a4b0147a41e9ba2fa52f1ee0b7a56e420632ca1fe3bf3eb50ee9079fadb7258d6238db87964d34c723129fa312c20517ce6c30278de179db571cd98389aba365686140355c0fc504386ebf1bce677417c477c0ae0d94a6c2eab3e9fb102a2cf9646cacb0b19475ddd7f150cb570399cd643eed3cd0748e935fba5675847f7c1444fd3324f09d49280b428578f2117bafcbc5214f32d809a7fe062ffd6a82f43ca060a7e47b1e63df6d2a9eb7f227f50dd6ab010cd829846deb3519c97af225369d169d4d319baacb3a26842c569b2dcc0b5f0a4fd7b81de142bc02052ddb6497b369df0d85690fd0600451bfd68ebacd088f3f340300c21157e52fbf49b8898fb8cb035e1a69dce49dc2ebfb93c8084bebd3505e96c729d3572a451d669331b1bc53d2c7c6511c5036448d1e4cc7ca698c104442a585388327cb0a5b9d7f81315d636cef70a3477c868e11089190931e6ad2a47c1af5c3c47b29f710ee3a201705c1b382d20c298516ac98b8f0100e6edc73ab88c3076cdf2b6d4915c2a2e6469155b06bfaee9164cb4b2eb3b771f4359f29c049cb8b739c5e8ad2d187fdf9ea8f5e2d256b0404dfa90789bba56439af3d1de08e96298a151f45df30a60a365998f50814c0656a092aad9aada1dec9cbad1c3f0ee920919ac0ad48e5da271f444171d9f2ba50b906b00e7def564fa14c735f7d612c1392e096c83be9e1d8b613813e6180fc36669faddb82e32546362b99d2d600b584d35eb1443eccf42bd7b02a608e781a80624108130c92922af668d6c8d16d82f41ced80ee97c6d928c73898af408faad6f335b0acfaa7e95e7992a1102053f0af2a2f7e034564f3f08638ce7e4ce566d42569f39a09aeb65c7d2649cfe0964211c2386e1e4b456f169d70a7b7fb42d6f7ce90f2cb115bd8c7bab4b2c17c3d4c73cae880a5cfb75f5bd65d96e05e1c599090ac0a1da5a139fb15be62500c3bba12c6ee9392039ae5d25d9d1beace91220b0662067011363340d89b988532d9884ff9cac480231e2d1ef30dc9e1402fac33499cdd46263bf656d6ea0a63c00ccac4f8b70ce00ce8714a8c41ad1a43f97f90f3000b347f2e10d6e58dbe834b39a980a452d5c7a5fdd64b7dd342361f089c5f4f0d853570956721f7e20f34b065313762a4fe0b183a6df7c1aad2b6d656d692c57df1d1ad6d5594f6d0c7d8e3438f6de74b1adf6b435f73ed315ea56f3bbdcc94c8f16afed92dfb3c720b1fdde2ad8fa87c9439b76f41e70e39791c96a7e85f61f87dfc3d980d3a802981ecfaa1c80e7bf65bfc27aedb59f917181eb0ece193ef517692ae6048f379402f3a5d79121c550bd5012d93dc59121a7f15d2de48e497dd9b2b4af4aaf4413911c77291988feb32d04f86d3d9198669f048f02cc819b3c515f234db8f22539337892b0bba1fcfa727b017ad39f040664838892c10cfa4a1bf969bb14caaf9ca5f8da8d9220aa51245eb64253946307d83c7970c9f148ace006f7547db9f172bef814509282dfa10bbce1b4bbc86663953e9266ab5ea3e13b37bfa6e890e44340a4f18026a69735b462dbb8e460ca7770e2858e07af60d95269dc3918a969e870434a624bf902b450d2f36f30504ac66d29a97f76310d1b190a0cb4a993850e4014b89199c044ce1e714c316c0d57218d9c27ba477bb432ca256a4100c55ec9a283972a09c0cc36e54bcf6a251cf2b48bf7b20c34e388649a6dfb0e4f0597f5cea5fac15ef0b1c06fbe671b90a4765e8f10c0a4888671fddfde1ab5e9b93ce382a6c863da09302336ae4aa9336657fea7396a6859c4accdac4cc5150a84eafa2b65474433ed7be3733c2308183a94815b42d1ecae5286cac835622976511e1c903b5a1205b99de4e4f238ea265ceade00c30b0f13c72cad756e10911a19370719d14f6f12faea24bf4bf646cb91650f14e4e4898935d697f8fc55bcc652c9965fb5a6202601e49e25ccb9a99dd076ae0be233c42840f9eb17b7dc59d14fde6bc9b82ffc92ec5b5cfbda9da39415be3229bd7a15fac61823eb3958219aab6a539f0bd060b125f065e0c0e990484fa874a3f97742f6d30d5b5d85296239d8e4137689c5ece53f6b51a825e4ef2cbfe92f9798107947451039903387e7ef38a71e7d4ebadd257045d7ada248f87b894aae756da5967d190e479c61945f286b0a6ae25d00fb9a2f156a2dcf2602daabb692eb88833bc28d6b459627db7da76c5e359dc26bfb759d05b3cfc092afbb1ec7ad211f4e2693a0e5ef44183fe1dc5b962e469383b6a110c19f1876d8f4302e2f9b8aa264106c0d34f62e18f71b016b2e0b07ff6276aa23970af6af4eb941296aa1d2d92660217eaed4952d1127539f4325962042d65707e1f5a7f96c882247b373aa6c2edb5b46cd9684bb8186447858fed72b3da0cc91fbdc86b6e24c925512eb361499d80011ff42dfccfa0249a22828b7ee6bb34c09876e2e50f469c274af514d10093c1de24a845ba4ea8e82b1ce39445029ba398c032ebaec74f3e5365a34aa94f90258e9b3000d17e359cdca42ed220c97bf67495fe3835bcbb97c2b2f8652a46945df1283afc818cd650862a18548e649d22c744ddaf3fd437c122dbadd466e66f481f79ad581da868c58e8024a43e973182fc3c42c9d9eb17358344a3d57a10bdd7b4dee7ddbed8be3791b185af0d1e6a7fde7e0a82251211f55a5ec894dd9ec10d930ee5f3068c8c51a5f45fadd2ceb3c19bf5393c6ce0747744e6d43f8912f66ad73b55753c89a86a1594edd44f9cb31c6356b7cd28af24d17a9877de3bba4b6e69339f4d8ec73b89f5bfb7290ec44cfd9f4a0151f896697d2b040340afbb283f435f49f25faaad5a9a0e079097d1c9c28793f466ee9587ea430e3e7e6ce66247051bfee68030e0faf5f89f9407af5ba28494f93c0e6a83b99763ef6e6995f9e827494ad78bcce0592503e961028814e754a642bd5ad07fa24f192391d595f81274cbdde0e8bd522b4c93c282bf14b9c64c7df4887dad2f205939677b7f98ff0313e0b608e21fde9de529f3c9a689c95fc90b80c3d01e0668f3fbe03d3840db925692d76d00dced87ba3db8a5bb9d551bddef4ae1fd30883e3d20c671a1b537edd0f9ea7bbf6bfe3930a7ca3d78c57d0777f02cdde3cbccab4d0f4d97fa90a373f0b2b9995d995f3a845b48f6d46325eea8dae209417a5b4d209fdce4bc75c663e88c9454230b0ca3715d5e6545dc2099bd62b9c989282cd1d6d149ad5284867d2e61fc3f", 0xffa, 0x7}, {&(0x7f0000001240)="c2", 0x1, 0xa74a}, {&(0x7f00000012c0)="01", 0x1, 0x8000}], 0x0, 0x0)

[  448.933450][ T8283] usb 5-1: new high-speed USB device number 49 using dummy_hcd
[  449.155726][T11543] tmpfs: Unknown parameter 'fscontextme'
[  449.172127][ T8283] usb 5-1: Using ep0 maxpacket: 16
[  449.238617][T11543] tmpfs: Unknown parameter 'fscontextme'
[  449.296123][ T8283] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  449.306824][ T8283] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  449.318364][ T8283] usb 5-1: config 0 interface 0 altsetting 0 has a duplicate endpoint with address 0x2, skipping
[  449.329152][ T8283] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  449.440641][T11546] loop1: detected capacity change from 0 to 167
[  449.554984][ T8283] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  449.564607][ T8283] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  449.569927][T11546] loop1: detected capacity change from 0 to 167
[  449.573004][ T8283] usb 5-1: Manufacturer: syz
[  449.645951][ T8283] usb 5-1: config 0 descriptor??
02:07:54 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb9010200090502"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0003040000000403010811d456c3bbeb3531d68c1bcc10b2e8"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:07:54 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
getsockopt$EBT_SO_GET_INIT_INFO(r0, 0x0, 0x82, 0x0, 0x0)

02:07:54 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
r2 = socket$inet(0x2, 0x2, 0x0)
sched_setattr(r0, &(0x7f0000000000)={0x38, 0x2, 0x10000058, 0x800, 0x5, 0x0, 0x1ff, 0x5, 0x0, 0xe3}, 0x0)
utimes(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)={{0x77359400}})
bind(r2, &(0x7f0000000080)=@in={0x2, 0x4e20}, 0x7c)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000b00), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_SET(r3, &(0x7f0000000f40)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000140)={0x3c, r4, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_MEDIA={0x28, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}]}, 0x3c}}, 0x0)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000100)='bridge0\x00', 0x10)
sendto$inet(r2, &(0x7f0000000200)='X', 0x1, 0x0, &(0x7f0000000280)={0x2, 0x8004e20}, 0x10)
recvmmsg(r2, &(0x7f00000004c0)=[{{&(0x7f0000000400)=@ethernet={0x0, @dev}, 0x0, &(0x7f0000000480)}}], 0x6fdaec, 0x22, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x410000, 0x0)

02:07:54 executing program 2:
syz_mount_image$tmpfs(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$vfat(0x0, 0x0, 0x0, 0x6, &(0x7f0000002880)=[{&(0x7f00000014c0)="e4d91cead793d2e31fa8b4f1a082e28c7bc569180f4d8b2dcf83ac07aeec9a718c48e678d56c0967febcb12df5e1cf7848f0c731cad915a6911d23a48a80964e8236b654d8c5590117c947c21a7ea8adc44f14b192f954c7a7a92e2181eb8e5955da7bd45aa6c0a6dc8219e47ad4548c8966458da404f6e44e4681ebbdb3809fe739ac72e966dca9b6fea6d2e0373dc6af3abb0b2056023710ebfcb1700f0d9190254277160c77e08022b35a7a9ba43d21ec5d0779f646ffb0", 0xb9, 0x40}, {&(0x7f0000001580)="6bd4d45221379c7b8553a8e1fe09e97fab5383270601ad5ef93d064d763833223b2ef1f35917162212dce732347f8d9c30fbce959c3639c90294c30cd202a2bfc38a7d334711618f6090d5a54b90bd5c66d454bc3c34886bcdbb9798b2711b458e055499a0ac38a0abeb5c3e19445d8785099f08586a49d2f1321158c382ba891e48f80743a73db861477c28f305623cac13367f9d15c9640f2e5441b432fb94dd58919252400ed49178635f0ab45131f64af9a5854d47d81364da5de16f440868e363297fc077b19ce6fbd835ee34a4bfdc4a883c2bc6daa0b79d1cb257f34039f5ed68c3cf5f7bb3d1f2fab2c59d13d4cb6b58e3aaa39db7bc7cd5af1b9c227d5d69adc90a40059ffee7172c749cbb59f76c54a7aa403b6e1c99615ddff4b4ab2ea7d2aca693cc37c25e6aa1549ce8e705601249063d2a881cfd83561f16b0e8afa26e73ccb54c2c51503c01a99d7d6abfafabdf8960c27b1bfe9793c3f5714792af68e924f1b5232f62ba778bc584d4457b158b526f31c5889b387c81b75fc53bf6ca5f23da616ab03224ad0a236415240454ab038c17d44b1e0ffad6250bf19eb4b9622a908ecd273ea2cce1027e40e4077d2cc4cd57bb094dd06872b20ee22440da75fd96379f442fb4728701622b0c6ee4c0cd43ad67f1bec1323706feec81f6c831e9ef15ef524a97717aff9d6e5a77d9f71c253af6882b98ba58a1202cb8453fad6f3409e2456081cb936ae2a4691a1d2e69f17ab211e84df4d52b9a612bd7a4926e5a7af67a3df06394f0dfb15c9eb6e03e36b90eaed86ae182d5bf9b4280fbb787282a888f96f4c955d057525ed09c6ca0720d1c50e8cf5ebb9508513e12d1e37c04e61524fdfda07c43a0c4cabab5699783ebf32a7dd8f3aaad00b2c539d52ca174810eacbad0b8091ee85a93d1930099eddcf62dbc04274fcae6ef92574c650c92eca7a9f06aa0b8338be0465af0eeea955e4a64bff013e7279184957da8296565784217476715c6f93818812c9945bed0876ab19df2372c1020ab2313b18cfd85a4f5e319b2c79574b311230094ddfa4efe444393feca6c0fdcf500ecca1906f1b6b25ae7364d0c8a986b265eca8df447476ebda242f1109bd3c608939adda51a8e61adea1e3c287aea77abb413cf5848fa329496f04757d529d59ec462853fb9ea8a01a98a307f96a98a069a63a65b25e0e70465451066774eb4bc0c99a6ada5120c04681444fa77ef00be93b97b23b77302af865add9431eecf6b9d675cfd63bbad51941f2d9093950613d883dc6acbfc9e0b2f10f0ceba0697fd01445fb6e6192e466abeaec4cd34a69e3e37d5c6ce0e08a640842e95297a1e8fae4415df9fb98eac1f377cd86cfbd700aa09fa99962a00de4fc3e8cc25be730e4c8cbd20203a379cd54afd5b912544af78beb418155aef14f31388eca06551c5dc62bf6e891b2682e65fe0cceb4fc0fd7d198ee75dacbf002a50a8001a6cbcac01d3c8232ce78c9d7214c9f273c7e034ec53672052817f1f6e1d554226676c6d74e5fdbf6d374c7c2b086a47f443834c77bc7eab79af72b69a63e3d19fc362cf4648d3da640725478630d97b491cb7cfd93a0298275724f4515cea7094d91ad7622528d59eaded409feaefcd74e24a6d217da593b6726a86bb76a1034f2ed8860e8f0a0494548c3400f966c0250c6567996ee5d2c402691616c87a44cd1e73b96f22b3daace43305a3e1017136ed44d84518dc98cb92e30b8512e22ad91fc010d5d7aa6f1ba4d6bbae08cd07b4805244a24c25aafd1668f4a1fc9ac74280b89bfbddcb4705bc04e07f94cbbb7881acacb6ca4d54ccd380e673fa47075d70e43ea5a77ef35f9fc306673f16a13833eee845479299ab96982990a941d9131eebf3e67951edc5486599d236b2c9f6388a6d0252e04bbeb17be07af5747a23ea43701791c270612c0a59ede76f6d6a0beac09ad43d1a21d3c5c78a7741744e0f244a69b6e01d2688050e128e84655b0b85cfeb327d70d0d0418431e741c4f749800fcfa7bd5e7d41731311ecf538acda3573eab5eb2fe47b59f27a105fde0edac87101401b8ae4d007d12b5ac3f233cddc0672eb456b4eaf93ba60817632600559e23fa116405378e4782ab3a275c0df329893b142766cbab006cc9ed6870e4c7d548901030bc32b5cd3b34fc168fbe81ff6d3d1a49a560d634564ad2af43696105af1cbaaed0e5b809f1ef0d3b40234708f479f40151d607d13ca500c3c60ab423a750368b2d3e3336d748d04d2fe57cd63b29a916748b55c59ad5a22532f47fe67d0c1c06967e534623f5bc260c9e4e7c18aa5781f1c212d35aa95e78ada26b7eb9463f76902ae7037dc536ab43c2e43109ed1d7329ea6a8742b67d0abccc779f9b4e9f1eba81c4d6d8c9c2e35087b96f7cb4e52360eeff70d76f5bd95fb0fa97bbbbd904f3709c3df23538ba8fac6a9a2ac04d843e208c4582e15cb57cb4ea53f2c9ac1e4193cf033a44f4fea14ab727a5fe434cdb3befe9feeccb6f2a4986641289eb6d7cbf8eeb0ff325ffc9473b417c26ed4c70e2d41729b2e938e866fa18f1887ac507f8a130726651f60e27b6f5673cd647580f16606b2011aacd3c3454567f20e5bbaf41c2c1b9757c0bdb3f0e4869bae65c83cd8d46a0f544653b7f2c9417ee297234c95dbed79169ad4dbf3b4321e168d3de7cba85c87631fd0ae228c690999d8bfe0279475c1371fbdc80ffd3326fca3ff9bd701e01d2c7dd22722298af0bf9c7b03407aaade31c6e357357c4c9435b09d23fcc8620116521f4bebad888dbeb4631849e4f5e66328a0e5cf444ff8d8b123fcd14e5764c8d9b71e1112598c21ffcce817d7e6b37a2663501d9171a90b91b55bc0211ae513463394ba42221c43b20e26d10f8be30463ccd90b51f613cd9a5324eb69c15f106ed65de5b558def9b89716ff6ccd5f20c75c6375147a5ef2faff124473889c977f653b5daef7890eb8ee646991b95577da8c065cd8f7aa697a166bfae9caf21f660c3b0779e689a77190250f8c232b77502f73aec69ae51838a48791fa89176e4c31e536e580dd0b24e9bd86ea982f3b6554403e6a2caa1fb7383df3f2e581fd98cb000284009bd9d08633094c8ee5f02bd4a08ad4c41b570751d75dedd5cd31600ee2be053e0cfe9c95d1853c232561e036060d765300addbd5904ef37add703d4e57d164a84761da5f9333ada1c1190408fb2fafe430bfbfa6745c433eb75e46eddd4ad17a6294b3ae02c84dbd491a1bc1ca8c8691755351a2063448044978ff727655c60f866305a417030ebc4c080b3480ff92b93022dcc15b6e2e8298b6ec1502a2a1af3b430c36ef46e9c2d887ac2ad8b6bc932c56c176ec04585e6f471b73f3478476ad813473051cfa1c2aeeb3d9c152c9e8ba50b69fd298abbab7b9febfd102c74d463597c3b78eb760a87850c7a03ba9b2e4538c1650c338ebb3db0f289986a65d3a06daab55690f893d41ba4bbce48920ae01a20c5f07735be22c44e3c769cb53a6b27b54e7b34a66eb68053b0296f123559a3b83607ae2c48645328f59937680ecd96cbbfd25c3b4b2fc2e065d54048ba4eb6176379514cace3feb2b2a25b9a0a3cd3ac3e6ef0721707e429e235a9666b01231d7abca2b4ed49b3a67ad7715144f2ab76aebeb2a2e687118e542baa4bfe738860275655a738525c0294593581edb30eec4d93255e1fcbf1a3c3293144bbaccf867f61160ced61ebb40e51bd9d9d7de65e847fc903b63d314f57e443e984448d4585f6edd5a2c98c510bf76aaa8e273e8cc9f3f660adb7e166234e57c25404035aa072b1754f828dd8b244e3333c09d41f180e17d8d628d681585727d50c6b51c45a63e3401a8a34ef55235ca13c72092c71ceb2a9ed2325cb7918e03b06cdf5702e5e13c62d43899ea72e717ce2f7983f90a4b121100ec9a72cdc4bf219fa311a9afef0a44b24ac82e09e255a0647472947f8323fabbfa148cb6ffead5f8ab1f1220d4c4d553d08c245c2899a3654ca8035de7ed50b0b4d2407524ca16c12aff48b8df65079ea5c070b6a663ec21c2981a3623061c8c892dbc58f57789de9ad763211d710d4043adf886040e76e06e7bfb3043cfaae9f2e085cd6bac4e2c29816b1c8f01dab463458a4a4553c4fc49edeb5c6d2a296238cc46105130dbcabe34443bcdc1ffc1c7931805d695b8694d7725f0f0edefdca453b642e1e25f8a82132ef5d840edd57e015b5c0ae82bd2fb292161a15a5ef05c7c10481c1e85647dc06460c8a6e258d1f12db958db4ae603a20f919d41e5db250039261c9afc21bc90d3bd4236c5ed0f1533f97421fa27794f6713be7948866d968413930203a10681d19cf2df0627ffdddbf58252918873ff06c56b3ab03d580c8fbb4e4cee3da1d0097d3fac7496e2432bd4eca4b7ef2de6fd6d7c941804cdac1dc5bb3107d78239d0af4beed45b78b558e112961b57195ebe52293ee28b82e2d0531c6bbe89114626c55c92a345235a8dfde27ffc78e3936c5647be694ccd488745ef043bfd824b6351b7e0b04f226112d969700b0cb8830e7790afbebedc03c6ab1921508562b46d3651bfc40d97e538d11bbab93ef06a5b2a8614a3c0e9737f9f9aa22c74a653888f3ffb87f7b66c3c86f3c400f84c4960a3c7d281606e332613367e1c8b1caeaa3aa8f23a0db8b02588594f5b9962ad10b53ad0995355259aa677c4e7b043bff6a547c021ebd563e8badda6c92434ce9ebcc691b23983b66e69f933be70df76e4e802ce0fe8d6437e76d31c7c68c19ada549051ac60305511ef930d445b00d795ec78c14763cdfbb5001a5c967c4917b853d345a9cf6f046b57cce78ec6762b7f9217fe91b218a73ef9ecc0d00b3115a30db3ad43571764cfb1c8f84127782b4c4cbc4e5c0f0c3eff2da8db25fe969d828657d36d397ddeba0851f34ea6e31ba42be89def026bd58acaba8f01be005de5b106fba8b6ed1db2a47e6ae7e2bf5b86ea2c60c9060573bdc5f35f9e766192b0f6ba685ebfc4fc7d8db7cf8ebe2d90842e65c69449f38738fda8eee76902419f9b2897cede606ff3066bb9daddac90a3e9f628a61754b082a48ea396e2d964219800a6b07d68e5ab04d8620b47e4982f6663a8e9832ab170c7454319c213ef07822ae8a934e9106a9a11cf3d38f895581d8a553ebc75644f85118d34beab68ea5365c047b4f9510e48021efe9cfe1bb3aa33d96da9ac4bf9eea95d6f02c57df1ebcdc73beabfa7638c45dafe71db3a93e3ba2743269b4338bc567fe76f0d7599c9e1d55229bb2a03bb5fb0b3a837664dcd742c2fe5eed5c0cc9e6c4a6704a26ecd6acb2871e43b28a7357919130426224144a941cc107b1a94247ae3ca762cb2cea896ac964f8db9acc92f5d21c2c5e367d76ab88021d6d6e6fec2db47413b0715dd2485714db933511ef874491e7078f05beda466c399410ec125f8ca4707bb29fd99e88f8ad4501d46bb173d3662f36094879d67eaa46c9fc9d95b5791453cf639e40958b651c4a64562ce3570be2aaf7464f562e50e99c3ea6c68a0e6094b93ed23a994e20f0ac64af83d777da10d311487ab1d17e20cecefcc42326b9cd77a3ce512f15f1bb5f22168ce4f78aa66f4b9ddb0122e3d1e36a9c242bf0cb58f23346788737bac33cbc99adae846a262128a28381f25712a1d17f52cfdc0f0ba20131dfb9ee95a2d8cb42c33c193843485cbfc7d41192335146706844b29a834d6ee87005930e02de28c65a25bf6c3796f1c05a5b9d44e", 0xffe, 0x4}, {0x0, 0x0, 0x4}, {&(0x7f0000002600)="cd2dfddfef4e6c952ccbd177105a5346434356d1d814047dc54a15308af241bb933bfd4464b49869e1db17dc9e3a0ed8c5041303c3e7e54ffa1327cb9a033a2325683da2d0e2fa363a2ae23f802d90dc6311992398d82f06e7fa3a5564d319797223fed7cb", 0x65}, {0x0, 0x0, 0x2}, {&(0x7f0000002780)='i', 0x1, 0xfffffffffffffffc}], 0x1000060, &(0x7f0000002940)={[{@shortname_lower}, {@uni_xlateno}, {@iocharset={'iocharset', 0x3d, 'cp852'}}, {@utf8}], [{@fsname={'fsname', 0x3d, ',]$!+'}}, {@seclabel}, {@smackfsroot={'smackfsroot', 0x3d, 'context'}}, {@rootcontext={'rootcontext', 0x3d, 'user_u'}}, {@permit_directio}, {@fsmagic={'fsmagic', 0x3d, 0xffff}}, {@dont_measure}, {@rootcontext={'rootcontext', 0x3d, 'unconfined_u'}}]})

02:07:54 executing program 3:
socket$inet(0x2, 0xa, 0x40)

02:07:54 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000680), r0)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r0, &(0x7f0000000780)={&(0x7f0000000640), 0xc, &(0x7f0000000740)={&(0x7f00000006c0)={0x14}, 0x14}}, 0x0)

[  451.635022][ T8283] usb 5-1: USB disconnect, device number 49
[  451.942591][T11583] loop2: detected capacity change from 0 to 264192
02:07:54 executing program 2:
syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002480)={[], [{@rootcontext={'rootcontext', 0x3d, 'staff_u'}}]})

02:07:54 executing program 0:
prlimit64(0x0, 0x0, 0x0, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000200)={0x38}, 0x0)
getpid()
pipe(&(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmmsg(0xffffffffffffffff, &(0x7f00000073c0)=[{{0x0, 0x0, &(0x7f00000027c0)=[{&(0x7f0000002c00)=""/4096, 0x1000}], 0x1, 0x0, 0xffffffffffffffde}}], 0x1, 0x0, 0x0)
fcntl$setpipe(r2, 0x407, 0x0)
socket$packet(0x11, 0x0, 0x300)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38}, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000300)='mounts\x00')
preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0)

02:07:54 executing program 3:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)

[  452.184780][T11590] tipc: MTU too low for tipc bearer
[  452.224570][T11590] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
02:07:54 executing program 1:
syz_mount_image$fuse(&(0x7f0000000100), &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={{}, 0x2c, {}, 0x2c, {}, 0x2c, {'group_id', 0x3d, 0xee00}})

[  452.394753][T11592] tipc: MTU too low for tipc bearer
02:07:55 executing program 5:
syz_mount_image$tmpfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000001080), 0x0, 0x0)
syz_mount_image$vfat(0x0, 0x0, 0x0, 0x2, &(0x7f0000002880)=[{&(0x7f0000001580)="6bd4d45221379c7b8553a8e1fe09e97fab5383270601ad5ef93d064d763833223b2ef1f35917162212dce732347f8d9c30fbce959c3639c90294c30cd202a2bfc38a7d334711618f6090d5a54b90bd5c66d454bc3c34886bcdbb9798b2711b458e055499a0ac38a0abeb5c3e19445d8785099f08586a49d2f1321158c382ba891e48f80743a73db861477c28f305623cac13367f9d15c9640f2e5441b432fb94dd58919252400ed49178635f0ab45131f64af9a5854d47d81364da5de16f440868e363297fc077b19ce6fbd835ee34a4bfdc4a883c2bc6daa0b79d1cb257f34039f5ed68c3cf5f7bb3d1f2fab2c59d13d4cb6b58e3aaa39db7bc7cd5af1b9c227d5d69adc90a40059ffee7172c749cbb59f76c54a7aa403b6e1c99615ddff4b4ab2ea7d2aca693cc37c25e6aa1549ce8e705601249063d2a881cfd83561f16b0e8afa26e73ccb54c2c51503c01a99d7d6abfafabdf8960c27b1bfe9793c3f5714792af68e924f1b5232f62ba778bc584d4457b158b526f31c5889b387c81b75fc53bf6ca5f23da616ab03224ad0a236415240454ab038c17d44b1e0ffad6250bf19eb4b9622a908ecd273ea2cce1027e40e4077d2cc4cd57bb094dd06872b20ee22440da75fd96379f442fb4728701622b0c6ee4c0cd43ad67f1bec1323706feec81f6c831e9ef15ef524a97717aff9d6e5a77d9f71c253af6882b98ba58a1202cb8453fad6f3409e2456081cb936ae2a4691a1d2e69f17ab211e84df4d52b9a612bd7a4926e5a7af67a3df06394f0dfb15c9eb6e03e36b90eaed86ae182d5bf9b4280fbb787282a888f96f4c955d057525ed09c6ca0720d1c50e8cf5ebb9508513e12d1e37c04e61524fdfda07c43a0c4cabab5699783ebf32a7dd8f3aaad00b2c539d52ca174810eacbad0b8091ee85a93d1930099eddcf62dbc04274fcae6ef92574c650c92eca7a9f06aa0b8338be0465af0eeea955e4a64bff013e7279184957da8296565784217476715c6f93818812c9945bed0876ab19df2372c1020ab2313b18cfd85a4f5e319b2c79574b311230094ddfa4efe444393feca6c0fdcf500ecca1906f1b6b25ae7364d0c8a986b265eca8df447476ebda242f1109bd3c608939adda51a8e61adea1e3c287aea77abb413cf5848fa329496f04757d529d59ec462853fb9ea8a01a98a307f96a98a069a63a65b25e0e70465451066774eb4bc0c99a6ada5120c04681444fa77ef00be93b97b23b77302af865add9431eecf6b9d675cfd63bbad51941f2d9093950613d883dc6acbfc9e0b2f10f0ceba0697fd01445fb6e6192e466abeaec4cd34a69e3e37d5c6ce0e08a640842e95297a1e8fae4415df9fb98eac1f377cd86cfbd700aa09fa99962a00de4fc3e8cc25be730e4c8cbd20203a379cd54afd5b912544af78beb418155aef14f31388eca06551c5dc62bf6e891b2682e65fe0cceb4fc0fd7d198ee75dacbf002a50a8001a6cbcac01d3c8232ce78c9d7214c9f273c7e034ec53672052817f1f6e1d554226676c6d74e5fdbf6d374c7c2b086a47f443834c77bc7eab79af72b69a63e3d19fc362cf4648d3da640725478630d97b491cb7cfd93a0298275724f4515cea7094d91ad7622528d59eaded409feaefcd74e24a6d217da593b6726a86bb76a1034f2ed8860e8f0a0494548c3400f966c0250c6567996ee5d2c402691616c87a44cd1e73b96f22b3daace43305a3e1017136ed44d84518dc98cb92e30b8512e22ad91fc010d5d7aa6f1ba4d6bbae08cd07b4805244a24c25aafd1668f4a1fc9ac74280b89bfbddcb4705bc04e07f94cbbb7881acacb6ca4d54ccd380e673fa47075d70e43ea5a77ef35f9fc306673f16a13833eee845479299ab96982990a941d9131eebf3e67951edc5486599d236b2c9f6388a6d0252e04bbeb17be07af5747a23ea43701791c270612c0a59ede76f6d6a0beac09ad43d1a21d3c5c78a7741744e0f244a69b6e01d2688050e128e84655b0b85cfeb327d70d0d0418431e741c4f749800fcfa7bd5e7d41731311ecf538acda3573eab5eb2fe47b59f27a105fde0edac87101401b8ae4d007d12b5ac3f233cddc0672eb456b4eaf93ba60817632600559e23fa116405378e4782ab3a275c0df329893b142766cbab006cc9ed6870e4c7d548901030bc32b5cd3b34fc168fbe81ff6d3d1a49a560d634564ad2af43696105af1cbaaed0e5b809f1ef0d3b40234708f479f40151d607d13ca500c3c60ab423a750368b2d3e3336d748d04d2fe57cd63b29a916748b55c59ad5a22532f47fe67d0c1c06967e534623f5bc260c9e4e7c18aa5781f1c212d35aa95e78ada26b7eb9463f76902ae7037dc536ab43c2e43109ed1d7329ea6a8742b67d0abccc779f9b4e9f1eba81c4d6d8c9c2e35087b96f7cb4e52360eeff70d76f5bd95fb0fa97bbbbd904f3709c3df23538ba8fac6a9a2ac04d843e208c4582e15cb57cb4ea53f2c9ac1e4193cf033a44f4fea14ab727a5fe434cdb3befe9feeccb6f2a4986641289eb6d7cbf8eeb0ff325ffc9473b417c26ed4c70e2d41729b2e938e866fa18f1887ac507f8a130726651f60e27b6f5673cd647580f16606b2011aacd3c3454567f20e5bbaf41c2c1b9757c0bdb3f0e4869bae65c83cd8d46a0f544653b7f2c9417ee297234c95dbed79169ad4dbf3b4321e168d3de7cba85c87631fd0ae228c690999d8bfe0279475c1371fbdc80ffd3326fca3ff9bd701e01d2c7dd22722298af0bf9c7b03407aaade31c6e357357c4c9435b09d23fcc8620116521f4bebad888dbeb4631849e4f5e66328a0e5cf444ff8d8b123fcd14e5764c8d9b71e1112598c21ffcce817d7e6b37a2663501d9171a90b91b55bc0211ae513463394ba42221c43b20e26d10f8be30463ccd90b51f613cd9a5324eb69c15f106ed65de5b558def9b89716ff6ccd5f20c75c6375147a5ef2faff124473889c977f653b5daef7890eb8ee646991b95577da8c065cd8f7aa697a166bfae9caf21f660c3b0779e689a77190250f8c232b77502f73aec69ae51838a48791fa89176e4c31e536e580dd0b24e9bd86ea982f3b6554403e6a2caa1fb7383df3f2e581fd98cb000284009bd9d08633094c8ee5f02bd4a08ad4c41b570751d75dedd5cd31600ee2be053e0cfe9c95d1853c232561e036060d765300addbd5904ef37add703d4e57d164a84761da5f9333ada1c1190408fb2fafe430bfbfa6745c433eb75e46eddd4ad17a6294b3ae02c84dbd491a1bc1ca8c8691755351a2063448044978ff727655c60f866305a417030ebc4c080b3480ff92b93022dcc15b6e2e8298b6ec1502a2a1af3b430c36ef46e9c2d887ac2ad8b6bc932c56c176ec04585e6f471b73f3478476ad813473051cfa1c2aeeb3d9c152c9e8ba50b69fd298abbab7b9febfd102c74d463597c3b78eb760a87850c7a03ba9b2e4538c1650c338ebb3db0f289986a65d3a06daab55690f893d41ba4bbce48920ae01a20c5f07735be22c44e3c769cb53a6b27b54e7b34a66eb68053b0296f123559a3b83607ae2c48645328f59937680ecd96cbbfd25c3b4b2fc2e065d54048ba4eb6176379514cace3feb2b2a25b9a0a3cd3ac3e6ef0721707e429e235a9666b01231d7abca2b4ed49b3a67ad7715144f2ab76aebeb2a2e687118e542baa4bfe738860275655a738525c0294593581edb30eec4d93255e1fcbf1a3c3293144bbaccf867f61160ced61ebb40e51bd9d9d7de65e847fc903b63d314f57e443e984448d4585f6edd5a2c98c510bf76aaa8e273e8cc9f3f660adb7e166234e57c25404035aa072b1754f828dd8b244e3333c09d41f180e17d8d628d681585727d50c6b51c45a63e3401a8a34ef55235ca13c72092c71ceb2a9ed2325cb7918e03b06cdf5702e5e13c62d43899ea72e717ce2f7983f90a4b121100ec9a72cdc4bf219fa311a9afef0a44b24ac82e09e255a0647472947f8323fabbfa148cb6ffead5f8ab1f1220d4c4d553d08c245c2899a3654ca8035de7ed50b0b4d2407524ca16c12aff48b8df65079ea5c070b6a663ec21c2981a3623061c8c892dbc58f57789de9ad763211d710d4043adf886040e76e06e7bfb3043cfaae9f2e085cd6bac4e2c29816b1c8f01dab463458a4a4553c4fc49edeb5c6d2a296238cc46105130dbcabe34443bcdc1ffc1c7931805d695b8694d7725f0f0edefdca453b642e1e25f8a82132ef5d840edd57e015b5c0ae82bd2fb292161a15a5ef05c7c10481c1e85647dc06460c8a6e258d1f12db958db4ae603a20f919d41e5db250039261c9afc21bc90d3bd4236c5ed0f1533f97421fa27794f6713be7948866d968413930203a10681d19cf2df0627ffdddbf58252918873ff06c56b3ab03d580c8fbb4e4cee3da1d0097d3fac7496e2432bd4eca4b7ef2de6fd6d7c941804cdac1dc5bb3107d78239d0af4beed45b78b558e112961b57195ebe52293ee28b82e2d0531c6bbe89114626c55c92a345235a8dfde27ffc78e3936c5647be694ccd488745ef043bfd824b6351b7e0b04f226112d969700b0cb8830e7790afbebedc03c6ab1921508562b46d3651bfc40d97e538d11bbab93ef06a5b2a8614a3c0e9737f9f9aa22c74a653888f3ffb87f7b66c3c86f3c400f84c4960a3c7d281606e332613367e1c8b1caeaa3aa8f23a0db8b02588594f5b9962ad10b53ad0995355259aa677c4e7b043bff6a547c021ebd563e8badda6c92434ce9ebcc691b23983b66e69f933be70df76e4e802ce0fe8d6437e76d31c7c68c19ada549051ac60305511ef930d445b00d795ec78c14763cdfbb5001a5c967c4917b853d345a9cf6f046b57cce78ec6762b7f9217fe91b218a73ef9ecc0d00b3115a30db3ad43571764cfb1c8f84127782b4c4cbc4e5c0f0c3eff2da8db25fe969d828657d36d397ddeba0851f34ea6e31ba42be89def026bd58acaba8f01be005de5b106fba8b6ed1db2a47e6ae7e2bf5b86ea2c60c9060573bdc5f35f9e766192b0f6ba685ebfc4fc7d8db7cf8ebe2d90842e65c69449f38738fda8eee76902419f9b2897cede606ff3066bb9daddac90a3e9f628a61754b082a48ea396e2d964219800a6b07d68e5ab04d8620b47e4982f6663a8e9832ab170c7454319c213ef07822ae8a934e9106a9a11cf3d38f895581d8a553ebc75644f85118d34beab68ea5365c047b4f9510e48021efe9cfe1bb3aa33d96da9ac4bf9eea95d6f02c57df1ebcdc73beabfa7638c45dafe71db3a93e3ba2743269b4338bc567fe76f0d7599c9e1d55229bb2a03bb5fb0b3a837664dcd742c2fe5eed5c0cc9e6c4a6704a26ecd6acb2871e43b28a7357919130426224144a941cc107b1a94247ae3ca762cb2cea896ac964f8db9acc92f5d21c2c5e367d76ab88021d6d6e6fec2db47413b0715dd2485714db933511ef874491e7078f05beda466c399410ec125f8ca4707bb29fd99e88f8ad4501d46bb173d3662f36094879d67eaa46c9fc9d95b5791453cf639e40958b651c4a64562ce3570be2aaf7464f562e50e99c3ea6c68a0e6094b93ed23a994e20f0ac64af83d777da10d311487ab1d17e20cecefcc42326b9cd77a3ce512f15f1bb5f22168ce4f78aa66f4b9ddb0122e3d1e36a9c242bf0cb58f23346788737bac33cbc99adae846a262128a28381f25712a1d17f52cfdc0f0ba20131dfb9ee95a2d8cb42c33c193843485cbfc7d41192335146706844b29a834d6ee87005930e02de28c65a25bf6c3796f1c05a5b9d4", 0xffd, 0x4}, {&(0x7f0000002780)="692fa1f5d2", 0x5, 0xfffffffffffffffc}], 0x0, 0x0)
utimensat(0xffffffffffffffff, 0x0, 0x0, 0x0)
nanosleep(0x0, 0x0)

[  452.676894][ T8283] usb 5-1: new high-speed USB device number 50 using dummy_hcd
02:07:55 executing program 3:
syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB=','])

[  452.824520][T11604] fuse: Bad value for 'fd'
[  452.838974][T11604] fuse: Bad value for 'fd'
[  452.953943][ T8283] usb 5-1: Using ep0 maxpacket: 16
[  453.084814][ T8283] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  453.095300][ T8283] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  453.106911][ T8283] usb 5-1: config 0 interface 0 altsetting 0 has a duplicate endpoint with address 0x2, skipping
[  453.117777][ T8283] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  453.354912][ T8283] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  453.364546][ T8283] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  453.372959][ T8283] usb 5-1: Manufacturer: syz
[  453.463785][ T8283] usb 5-1: config 0 descriptor??
[  453.539248][ T1201] ieee802154 phy0 wpan0: encryption failed: -22
[  453.546307][ T1201] ieee802154 phy1 wpan1: encryption failed: -22
[  455.235106][ T7446] usb 5-1: USB disconnect, device number 50
02:07:57 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb9010200090502"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0003040000000403010811d456c3bbeb3531d68c1bcc10b2e8"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:07:57 executing program 1:
mount$fuseblk(0x0, 0x0, 0x0, 0x0, &(0x7f0000004a00)={{}, 0x2c, {}, 0x2c, {}, 0x2c, {'group_id', 0x3d, 0xee00}})

02:07:57 executing program 2:
ioctl$LOOP_SET_CAPACITY(0xffffffffffffffff, 0x4c07)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r0 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000080)='.pending_reads\x00', 0x622080, 0x0)
ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x80000001)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000140)={0x28, 0x0, 0x0, @local}, 0x10)
r1 = syz_open_dev$mouse(&(0x7f0000000300), 0x9, 0x428100)
readlinkat(r1, &(0x7f0000000340)='./file0\x00', &(0x7f0000000380)=""/242, 0xf2)
syz_mount_image$tmpfs(&(0x7f0000000480), &(0x7f00000004c0)='./file1\x00', 0x7, 0x1, &(0x7f0000000540)=[{&(0x7f0000000500)="8772d7d8fd775cd52fc16a586cd1308898196d985e62c5440659c42a4943a553c99be6b24ff3775a5f32bc09cc9c", 0x2e, 0x49d}], 0x1800822, &(0x7f0000000580)={[{@huge_always}, {@huge_advise}, {@nr_inodes={'nr_inodes', 0x3d, [0x36, 0x37, 0x39, 0x35, 0xf63ae232828b796f, 0x38, 0x39, 0x65]}}, {@nr_inodes={'nr_inodes', 0x3d, [0x0]}}], [{@rootcontext={'rootcontext', 0x3d, 'root'}}, {@fowner_lt}, {@measure}, {@smackfshat={'smackfshat', 0x3d, '&+\'--$.-([\','}}, {@pcr={'pcr', 0x3d, 0x3d}}, {@smackfsdef={'smackfsdef', 0x3d, '}%&'}}]})

02:07:57 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100)={[{@shortname_win95}, {@shortname_winnt}, {@utf8no}]})

02:07:57 executing program 5:
r0 = socket$inet(0x2, 0x1, 0x0)
getsockopt$sock_linger(r0, 0xffff, 0x80, 0x0, 0x0)

02:07:57 executing program 0:
r0 = socket$inet(0x2, 0x1, 0x0)
r1 = dup2(r0, r0)
close(r1)
fchown(r1, 0x0, 0x0)

[  455.697922][T11642] loop2: detected capacity change from 0 to 4
02:07:58 executing program 0:
r0 = msgget$private(0x0, 0x20000003c4)
msgrcv(r0, &(0x7f0000001c80)={0x0, ""/242}, 0xfa, 0x1, 0x1000)
msgsnd(r0, &(0x7f0000000280)=ANY=[@ANYRESDEC], 0x0, 0x0)
msgsnd(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0100000000000000879eb016506a73893dfd865e70bf6696dc6dc55332c90dd34929aea8e633cf2ffcf83c41dab5b5514858bbae38a77897e76c92d5db24fa86e697b61b7457702f9afa93"], 0x50, 0x800)

02:07:58 executing program 1:
r0 = gettid()
capset(&(0x7f0000000080)={0x20080522, r0}, &(0x7f00000000c0))

02:07:58 executing program 5:
syz_mount_image$vfat(0x0, 0x0, 0x0, 0x1, &(0x7f0000002880)=[{&(0x7f0000002780)="692fa1f5d2", 0x5, 0xfffffffffffffffc}], 0x0, 0x0)

[  455.937694][T11650] FAT-fs (loop3): bogus number of reserved sectors
[  455.944641][T11650] FAT-fs (loop3): Can't find a valid FAT filesystem
02:07:58 executing program 2:
socketpair(0x3a, 0x0, 0x0, &(0x7f00000001c0))

[  456.146434][T11650] FAT-fs (loop3): bogus number of reserved sectors
[  456.157606][T11650] FAT-fs (loop3): Can't find a valid FAT filesystem
[  456.302187][ T8283] usb 5-1: new high-speed USB device number 51 using dummy_hcd
02:07:58 executing program 3:
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SNDCTL_SEQ_OUTOFBAND(r0, 0x40085112, &(0x7f0000000080)=@e)

02:07:59 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
sendto$inet6(r0, &(0x7f0000000440)="7800000018001f05b9409b0dffff38000212be0402000605040003034300040003000000fac8388827a685a168d0bf46d32345653600648dcaaf6c26c291214549935ade4a460c89b6ec0cff3959547f509058ba86c902000000000000000400160012000a000000000000000000000000f6b4f8eca0faed", 0x78, 0x0, 0x0, 0x0)

[  456.543036][ T8283] usb 5-1: Using ep0 maxpacket: 16
[  456.632605][T11672] loop5: detected capacity change from 0 to 264192
[  456.712810][ T8283] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  456.723185][ T8283] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  456.734748][ T8283] usb 5-1: config 0 interface 0 altsetting 0 has a duplicate endpoint with address 0x2, skipping
[  456.745628][ T8283] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  457.036363][T11681] netlink: 'syz-executor.0': attribute type 4 has an invalid length.
[  457.082077][ T8283] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  457.091405][ T8283] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  457.099786][ T8283] usb 5-1: Manufacturer: syz
[  457.218028][ T8283] usb 5-1: config 0 descriptor??
02:08:01 executing program 2:
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f00000000c0))
ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000000)=0x9)

02:08:01 executing program 1:
mount_setattr(0xffffffffffffffff, 0x0, 0x8a00, 0x0, 0x0)

02:08:01 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000180)={0x24, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0003040000000403010811d456c3bbeb3531d68c1bcc10b2e8"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:08:01 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="cd80", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000600)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x3}, {0x0, [0x0]}}, 0x0, 0x1b}, 0x20)
tkill(r0, 0x40)
wait4(0x0, 0x0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
r1 = gettid()
rt_sigqueueinfo(r1, 0xc, &(0x7f00000002c0))

02:08:01 executing program 3:
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x8d)

02:08:01 executing program 0:
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$ARPT_SO_GET_INFO(r0, 0x0, 0x60, &(0x7f0000000000), &(0x7f0000000080)=0x44)

[  458.879945][ T8283] usb 5-1: USB disconnect, device number 51
02:08:01 executing program 1:
fork()
perf_event_open(0x0, 0x0, 0x9, 0xffffffffffffffff, 0xe)

02:08:01 executing program 3:
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SNDCTL_SYNTH_INFO(r0, 0xc08c5102, 0x0)

02:08:02 executing program 5:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0x2800, 0x4)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7654}]}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='veno\x00', 0x5)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x1c}}, 0x10)
sendmsg$inet(r0, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1}, 0x0)

02:08:02 executing program 0:
bpf$MAP_UPDATE_ELEM(0xc, 0x0, 0x0)

02:08:02 executing program 2:
add_key$keyring(0x0, &(0x7f0000000080)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffa)
getresuid(&(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180))

02:08:02 executing program 1:
r0 = shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffc000/0x3000)=nil)
shmctl$SHM_LOCK(r0, 0x3)

[  459.952092][ T7446] usb 5-1: new high-speed USB device number 52 using dummy_hcd
02:08:02 executing program 0:
r0 = socket(0x18, 0x2, 0x0)
setsockopt(r0, 0x29, 0x3e, &(0x7f0000000080)='*\x00\x00\x00', 0x4)

02:08:02 executing program 3:
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SNDCTL_SYNTH_INFO(r0, 0xc08c5102, 0x0)

[  460.192136][ T7446] usb 5-1: Using ep0 maxpacket: 16
[  460.314072][ T7446] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  460.324522][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  460.336905][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  460.346894][ T7446] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  460.356886][ T7446] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  460.774945][ T7446] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  460.784428][ T7446] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  460.792894][ T7446] usb 5-1: Manufacturer: syz
[  460.868808][ T7446] usb 5-1: config 0 descriptor??
02:08:05 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000180)={0x24, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0003040000000403010811d456c3bbeb3531d68c1bcc10b2e8"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:08:05 executing program 2:
r0 = socket(0x18, 0x2, 0x0)
setsockopt(r0, 0x29, 0x2a, &(0x7f0000000080)='*\x00\x00\x00', 0x4)

02:08:05 executing program 5:
r0 = socket(0x18, 0x2, 0x0)
setsockopt(r0, 0x29, 0x18, &(0x7f0000000080)='*\x00\x00\x00', 0x4)

02:08:05 executing program 1:
r0 = socket(0x18, 0x2, 0x0)
setsockopt(r0, 0x29, 0x2b, &(0x7f0000000080)='*\x00\x00\x00', 0x4)

02:08:05 executing program 0:
connect$unix(0xffffffffffffffff, &(0x7f0000001980)=@file={0x0, './file0\x00'}, 0xa)

02:08:05 executing program 3:
mlock2(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0)

[  462.793392][ T7446] rc_core: IR keymap rc-hauppauge not found
[  462.799423][ T7446] Registered IR keymap rc-empty
[  462.804977][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:08:05 executing program 5:
r0 = socket$packet(0x11, 0x2, 0x300)
sendmmsg(r0, &(0x7f0000005180)=[{{&(0x7f0000000000)=@pppoe={0x18, 0x0, {0x0, @dev, 'syz_tun\x00'}}, 0x80, 0x0}}], 0x1, 0x0)

02:08:05 executing program 3:
futex(0x0, 0x6, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f0000000040), 0xc, 0x1, 0x0, &(0x7f0000000240), 0x0)

02:08:05 executing program 0:
r0 = socket(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000002fc0)={0x0, 0x0, &(0x7f0000002600)=[{&(0x7f0000000000)={0x14, 0x12, 0xe01, 0x0, 0x0, "", [@nested={0x4}]}, 0x14}], 0x1}, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f00000000c0), r0)

02:08:05 executing program 1:
pkey_mprotect(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0xffffffffffffffff)

02:08:05 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2, &(0x7f0000000240)=0x3, 0x4)

[  462.955292][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  463.035186][ T7446] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  463.050336][ T7446] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input25
[  463.234822][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  463.279058][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  463.314354][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:08:06 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000002fc0)={0x0, 0x0, &(0x7f0000000e80)=[{&(0x7f0000000380)={0x1c, 0x20, 0x1, 0x0, 0x0, "", [@generic="3ebe8fbe8bb86c7566"]}, 0x1c}], 0x1}, 0x0)

[  463.388190][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  463.470147][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  463.542260][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  463.589648][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  463.659886][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  463.704545][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  463.761606][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  463.847114][ T7446] mceusb 5-1:0.0: Registered  with mce emulator interface version 1
[  463.855539][ T7446] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  463.984302][ T7446] usb 5-1: USB disconnect, device number 52
[  464.582726][ T7446] usb 5-1: new high-speed USB device number 53 using dummy_hcd
[  464.822751][ T7446] usb 5-1: Using ep0 maxpacket: 16
[  464.954316][ T7446] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  464.967909][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  464.980296][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  464.990260][ T7446] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  465.000230][ T7446] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  465.094057][ T7446] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  465.103641][ T7446] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  465.112024][ T7446] usb 5-1: Manufacturer: syz
[  465.173055][ T7446] usb 5-1: config 0 descriptor??
02:08:09 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000180)={0x24, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0003040000000403010811d456c3bbeb3531d68c1bcc10b2e8"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:08:09 executing program 5:
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000800)='ns/ipc\x00')

02:08:09 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000002fc0)={0x0, 0x0, &(0x7f0000002600)=[{&(0x7f0000000000)={0x14, 0x16, 0xe01, 0x0, 0x0, "", [@nested={0x4}]}, 0x14}], 0x1}, 0x0)

02:08:09 executing program 0:
unlinkat(0xffffffffffffffff, 0x0, 0x82872f5872b818c5)

02:08:09 executing program 1:
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000100)={0xffffffffffffffff, 0x0, 0x0}, 0x10)

02:08:09 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000140)=@nat={'nat\x00', 0x1b, 0x5, 0x4a0, 0x1d0, 0x2e0, 0xffffffff, 0x2e0, 0x1d0, 0x408, 0x408, 0xffffffff, 0x408, 0x408, 0x5, 0x0, {[{{@uncond, 0x0, 0xd0, 0xf8, 0x0, {}, [@common=@addrtype={{0x30}}, @common=@unspec=@mac={{0x30}, {@random="4ce6ceb4013c"}}]}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x0, 0x7f}}}, {{@ip={@remote, @multicast1, 0x0, 0x0, 'wg2\x00', 'team_slave_0\x00'}, 0x0, 0xa0, 0xd8, 0x0, {}, [@common=@addrtype={{0x30}}]}, @MASQUERADE={0x38, 'MASQUERADE\x00', 0x0, {0x1, {0x5, @dev, @broadcast, @icmp_id, @icmp_id}}}}, {{@ip={@dev, @broadcast, 0x0, 0x0, 'batadv_slave_1\x00', 'gretap0\x00'}, 0x0, 0xd8, 0x110, 0x0, {}, [@common=@inet=@socket2={{0x28}}, @common=@set={{0x40}}]}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @rand_addr, @port, @gre_key}}}}, {{@ip={@local, @loopback, 0x0, 0x0, 'wg0\x00', 'bridge_slave_0\x00'}, 0x0, 0xc8, 0x128, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'veth1_to_bridge\x00'}}]}, @common=@CLUSTERIP={0x60}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x500)

[  466.712017][ T7446] rc_core: IR keymap rc-hauppauge not found
[  466.718296][ T7446] Registered IR keymap rc-empty
[  466.723925][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  466.763281][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:08:09 executing program 3:
rt_sigaction(0x13, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0, 0x8, &(0x7f00000001c0))

02:08:09 executing program 0:
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r1 = socket$inet6(0xa, 0x3, 0x1)
r2 = dup3(r1, r0, 0x0)
recvmmsg$unix(r2, &(0x7f000000f840)=[{{0x0, 0x0, &(0x7f00000000c0)=[{0x0}, {0x0, 0x48}, {&(0x7f000000c1c0)=""/210, 0xd2}], 0x3}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0)
sendmmsg$unix(r0, &(0x7f0000001940)=[{{&(0x7f0000000000)=@abs, 0x6e, &(0x7f0000000380)=[{&(0x7f0000000100)="fe", 0x1}], 0x1}}], 0x1, 0x0)

[  466.808165][ T7446] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  466.824509][ T7446] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input26
02:08:09 executing program 5:
semget(0x1, 0x3, 0xcf9731a511ba1646)
keyctl$unlink(0x9, 0x0, 0xfffffffffffffffa)
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb)
r1 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x2}, 0x0, 0x0, r0)
r2 = add_key(&(0x7f0000000240)='asymmetric\x00', &(0x7f0000000280)={'syz', 0x3}, &(0x7f0000000440)="4111fe62a7449099a886de09944755eb4af4f5b8b325cfc73802df95a26f0d8237263f6bb7c9e71f4f0acd7db2490001c6706c164c8acb52298bd3cf0d5386f77fdb538e251e4f6823f5b4b7a386787ecdf8b702c4870e1ba0e022d5abd3cc93adf0", 0x62, 0xffffffffffffffff)
r3 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb)
add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x2}, 0x0, 0x0, r3)
r4 = geteuid()
keyctl$get_persistent(0x16, r4, r2)
r5 = add_key$keyring(&(0x7f0000000540), &(0x7f0000000580)={'syz', 0x3}, 0x0, 0x0, r1)
keyctl$search(0xa, r3, &(0x7f00000004c0)='pkcs7_test\x00', &(0x7f0000000500)={'syz', 0x3}, r5)
keyctl$search(0xa, r0, &(0x7f0000000340)='ceph\x00', &(0x7f0000000380)={'syz', 0x3}, r2)
socketpair(0x21, 0x4, 0x4, &(0x7f0000000200)={<r6=>0xffffffffffffffff})
r7 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb)
add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x2}, 0x0, 0x0, r7)
add_key$keyring(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffa)
keyctl$KEYCTL_MOVE(0x1e, 0x0, 0xfffffffffffffffb, r7, 0x0)
sendmsg$NL80211_CMD_DEL_INTERFACE(r6, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000000c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="20000000c55bd97b4e51290e1921270884e181b43e5084417282cb5132ed46fc64fd89e18ded948d60d0c37fa2ee409bf05496aa5f3a66262a20545a08e70cf0efbabc4e7e66b8b6936cf7578842cf673559e888934c261979fe969f3f819bf7fb0e99ce910680317f6ac61a504ad6", @ANYRES16=0x0, @ANYRESHEX=r6, @ANYRESDEC, @ANYBLOB="6d30f146e8ca398358208d5db3ee0336344029e40069f3a6ddf88053019b6aff860117a17ce18f8ca9b05b00800000a8c9b9bc6451f760fa2b6bbd55"], 0x1c}, 0x1, 0x0, 0x0, 0x4c000}, 0x24008000)
ioctl$sock_ipv6_tunnel_SIOCDEL6RD(r6, 0x89fa, &(0x7f00000006c0)={'syztnl2\x00', &(0x7f00000003c0)={'ip6gre0\x00', 0x0, 0x29, 0xe4, 0x81, 0xe6e3, 0x20, @private1={0xfc, 0x1, '\x00', 0x1}, @remote, 0x0, 0x40, 0x5, 0x1}})
add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f0000000180)={'syz', 0x2}, &(0x7f00000001c0)='t', 0x1, r7)

02:08:09 executing program 1:
timer_create(0x0, &(0x7f00000003c0)={0x0, 0x0, 0x4}, 0x0)

02:08:09 executing program 2:
get_mempolicy(&(0x7f00000000c0), 0x0, 0x0, &(0x7f0000ffb000/0x3000)=nil, 0x2)

[  467.092937][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  467.123851][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  467.188836][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  467.232614][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  467.273608][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  467.352812][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  467.430757][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  467.489905][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:08:10 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={&(0x7f0000000000), 0xc, &(0x7f0000000280)={&(0x7f0000000080)=@deltaction={0x14, 0x31, 0xae46b21942a02d09}, 0x14}}, 0x0)

[  467.563164][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  467.651579][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  467.738366][ T7446] mceusb 5-1:0.0: Registered  with mce emulator interface version 1
[  467.746707][ T7446] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  468.005076][ T7446] usb 5-1: USB disconnect, device number 53
[  468.492175][ T7446] usb 5-1: new high-speed USB device number 54 using dummy_hcd
[  468.733568][ T7446] usb 5-1: Using ep0 maxpacket: 16
[  468.856291][ T7446] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  468.866712][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  468.878326][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  468.888442][ T7446] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  468.899368][ T7446] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  469.003852][ T7446] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  469.013309][ T7446] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  469.021453][ T7446] usb 5-1: Manufacturer: syz
[  469.084895][ T7446] usb 5-1: config 0 descriptor??
02:08:12 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:08:12 executing program 1:
r0 = socket(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000002fc0)={0x0, 0x0, &(0x7f0000000e80)=[{&(0x7f0000000380)={0x14, 0x20, 0x1, 0x0, 0x0, "", [@generic='>']}, 0x14}], 0x1}, 0x0)

02:08:12 executing program 2:
r0 = socket$packet(0x11, 0x2, 0x300)
sendmmsg(r0, &(0x7f0000003980)=[{{&(0x7f0000000000)=@phonet={0x23, 0x0, 0x0, 0x8}, 0x80, 0x0}}, {{&(0x7f0000000100)=@pppol2tpv3in6={0x18, 0x1, {0x0, r0, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x80, 0x0}}], 0x2, 0x0)

02:08:12 executing program 5:
rt_sigpending(0xffffffffffffffff, 0x0)

02:08:12 executing program 0:
r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, 0x0)

02:08:12 executing program 3:
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb)
r1 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x2}, 0x0, 0x0, r0)
r2 = add_key$keyring(&(0x7f0000000380), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, r1)
keyctl$restrict_keyring(0x1d, r2, 0x0, 0x0)

[  470.603622][ T7446] rc_core: IR keymap rc-hauppauge not found
[  470.609647][ T7446] Registered IR keymap rc-empty
[  470.615124][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:08:13 executing program 0:
syz_open_dev$loop(&(0x7f00000000c0), 0x0, 0x80)

02:08:13 executing program 5:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_int(r0, 0x6, 0xa, 0x0, &(0x7f0000000080))

[  470.717726][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:08:13 executing program 2:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000003c0))

02:08:13 executing program 3:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x1, 0x2000}, 0x4)

[  470.814219][ T7446] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  470.830087][ T7446] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input27
02:08:13 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000140)=@mangle={'mangle\x00', 0x1f, 0x6, 0x4a8, 0x0, 0x290, 0x350, 0x350, 0x290, 0x410, 0x410, 0x410, 0x410, 0x410, 0x6, 0x0, {[{{@uncond, 0x0, 0x98, 0xc0, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @ECN={0x28}}, {{@uncond, 0x0, 0xc0, 0xf0, 0x0, {}, [@inet=@rpfilter={{0x28}}, @inet=@rpfilter={{0x28}}]}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @loopback}}}, {{@uncond, 0x0, 0xb0, 0xe0, 0x0, {}, [@common=@set={{0x40}}]}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @broadcast}}}, {{@uncond, 0x0, 0x98, 0xc0, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @ECN={0x28}}, {{@ip={@loopback, @rand_addr, 0x0, 0x0, 'ip6erspan0\x00', 'team0\x00'}, 0x0, 0x98, 0xc0, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @ECN={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x508)

[  471.015447][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  471.052248][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  471.110297][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  471.169673][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  471.231416][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  471.262427][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  471.306504][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:08:14 executing program 0:
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$cgroup_pressure(r0, 0x0, 0x0)

[  471.399277][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  471.449535][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  471.511320][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  471.578617][ T7446] mceusb 5-1:0.0: Registered  with mce emulator interface version 1
[  471.587042][ T7446] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  471.763849][ T7446] usb 5-1: USB disconnect, device number 54
[  472.262158][ T7446] usb 5-1: new high-speed USB device number 55 using dummy_hcd
[  472.502101][ T7446] usb 5-1: Using ep0 maxpacket: 16
[  472.623638][ T7446] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  472.634105][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  472.648877][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  472.659340][ T7446] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  472.669367][ T7446] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  472.773792][ T7446] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  472.783407][ T7446] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  472.791593][ T7446] usb 5-1: Manufacturer: syz
[  472.814057][ T7446] usb 5-1: config 0 descriptor??
02:08:16 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:08:16 executing program 5:
r0 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$apparmor_exec(r0, 0x0, 0x0)

02:08:16 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000080), r0)
sendmsg$netlink(r0, &(0x7f0000002fc0)={0x0, 0x0, &(0x7f0000002600)=[{&(0x7f0000000000)={0x14, 0x12, 0xe01, 0x0, 0x0, "", [@nested={0x4}]}, 0x14}], 0x1}, 0x0)

02:08:16 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg(r0, &(0x7f00000058c0)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000100)='2', 0x1}], 0x1}}], 0x1, 0x0)
recvmmsg(r1, &(0x7f00000011c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)

02:08:16 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
select(0x40, &(0x7f00000003c0)={0x8}, 0x0, 0x0, &(0x7f00000004c0)={0x77359400})
setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000900)=0x1, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r0)

02:08:16 executing program 0:
r0 = socket$packet(0x11, 0x2, 0x300)
sendmmsg(r0, &(0x7f0000003980)=[{{&(0x7f0000000000)=@phonet={0x23, 0x0, 0x0, 0x8}, 0x80, 0x0}}, {{&(0x7f0000000100)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x80, 0x0}}], 0x2, 0x0)

[  474.492538][ T7446] rc_core: IR keymap rc-hauppauge not found
[  474.498570][ T7446] Registered IR keymap rc-empty
[  474.504135][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  474.565284][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  474.657569][ T7446] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  474.672974][ T7446] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input28
02:08:17 executing program 1:
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
mmap$perf(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x6, 0x10, r0, 0xfffffffffffff000)

02:08:17 executing program 5:
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_netfilter(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="88000000110085"], 0x88}}, 0x0)

02:08:17 executing program 2:
r0 = socket$packet(0x11, 0x2, 0x300)
sendmmsg(r0, &(0x7f0000005180)=[{{&(0x7f0000000000)=@vsock={0x28, 0x0, 0x2711, @my=0x0}, 0x80, 0x0}}], 0x1, 0x0)

02:08:17 executing program 0:
migrate_pages(0xffffffffffffffff, 0x8001, 0x0, &(0x7f0000000100))

02:08:17 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000140)=@raw={'raw\x00', 0x9, 0x3, 0x218, 0x0, 0xffffffff, 0xffffffff, 0xb8, 0xffffffff, 0x180, 0xffffffff, 0xffffffff, 0x180, 0xffffffff, 0x3, 0x0, {[{{@ip={@loopback, @multicast2, 0xff, 0x0, 'veth0_to_bridge\x00', 'veth0_to_team\x00', {}, {}, 0x0, 0x0, 0x24}, 0x0, 0x98, 0xb8, 0x0, {}, [@common=@inet=@ecn={{0x28}, {0x1, 0x1, 0xff, 0x3}}]}, @unspec=@NOTRACK={0x20}}, {{@ip={@remote, @dev, 0x0, 0x0, 'macvtap0\x00', 'veth1_vlan\x00', {}, {}, 0x84}, 0x0, 0xa0, 0xc8, 0x0, {}, [@common=@addrtype={{0x30}, {0x0, 0x8, 0x1, 0x1}}]}, @common=@unspec=@NFQUEUE0={0x28, 'NFQUEUE\x00', 0x0, {0x6}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x278)

[  474.982717][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  475.034049][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  475.078657][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  475.120439][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  475.162778][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  475.227929][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  475.321730][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  475.384930][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  475.432578][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  475.483819][T11950] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.5'.
[  475.501030][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:08:18 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000100)={0x2, &(0x7f00000000c0)=[{}, {}]})

[  475.574044][ T7446] mceusb 5-1:0.0: Registered  with mce emulator interface version 1
[  475.582550][ T7446] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  475.783053][ T7446] usb 5-1: USB disconnect, device number 55
[  476.292408][ T7446] usb 5-1: new high-speed USB device number 56 using dummy_hcd
[  476.545657][ T7446] usb 5-1: Using ep0 maxpacket: 16
[  476.662788][ T7446] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  476.673237][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  476.684819][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  476.694756][ T7446] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  476.704704][ T7446] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  476.792378][ T7446] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  476.801712][ T7446] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  476.810159][ T7446] usb 5-1: Manufacturer: syz
[  476.858822][ T7446] usb 5-1: config 0 descriptor??
02:08:20 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:08:20 executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmmsg(r0, &(0x7f0000008800)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0)

02:08:20 executing program 0:
r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = socket$inet6(0xa, 0x3, 0x1)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
dup3(r1, r0, 0x0)

02:08:20 executing program 5:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg(r0, &(0x7f0000001380)=[{{&(0x7f0000000000)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random="32ea321867d5"}, 0x80, 0x0}}], 0x1, 0x20000000)

02:08:20 executing program 3:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmmsg(r0, &(0x7f0000008800)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000cc0)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, 0x80, 0x0}}], 0x2, 0x0)

02:08:20 executing program 1:
r0 = socket$packet(0x11, 0x2, 0x300)
recvmmsg(r0, &(0x7f000000f7c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
sendmmsg(r0, &(0x7f00000000c0)=[{{&(0x7f0000000000)=@phonet={0x23, 0x0, 0x0, 0x8}, 0x80, 0x0}}], 0x1, 0x0)

02:08:21 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newchain={0x1048, 0x64, 0x0, 0x0, 0x0, {}, [@filter_kind_options=@f_tcindex={{0xc}, {0x1018, 0x2, [@TCA_TCINDEX_POLICE={0x1014, 0x6, [@TCA_POLICE_PEAKRATE={0x404}, @TCA_POLICE_RATE={0x404}, @TCA_POLICE_PEAKRATE={0x404}, @TCA_POLICE_PEAKRATE={0x404}]}]}}]}, 0x1048}}, 0x0)

[  478.487126][ T7446] rc_core: IR keymap rc-hauppauge not found
[  478.493497][ T7446] Registered IR keymap rc-empty
[  478.498705][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:08:21 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_drop_memb(r0, 0x107, 0x2, &(0x7f0000000040)={0x0, 0x1, 0x6}, 0x10)

[  478.656176][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:08:21 executing program 5:
r0 = socket$packet(0x11, 0x2, 0x300)
getsockopt$packet_int(r0, 0x107, 0xf, 0x0, &(0x7f0000000100))

02:08:21 executing program 0:
r0 = inotify_init()
inotify_add_watch(r0, 0x0, 0x1000000)

02:08:21 executing program 2:
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x6}, 0x4)

[  478.733704][ T7446] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  478.864943][ T7446] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input29
[  478.966009][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  479.016003][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  479.054951][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  479.124750][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  479.226508][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  479.326489][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  479.372588][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  479.425250][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:08:22 executing program 2:
capset(&(0x7f0000000080)={0x19980330}, &(0x7f0000000100))

[  479.479602][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  479.550776][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  479.601604][ T7446] mceusb 5-1:0.0: Registered  with mce emulator interface version 1
[  479.614605][ T7446] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  479.786016][ T7446] usb 5-1: USB disconnect, device number 56
[  479.990243][T12025] capability: warning: `syz-executor.2' uses 32-bit capabilities (legacy support in use)
[  480.252636][ T7446] usb 5-1: new high-speed USB device number 57 using dummy_hcd
[  480.493155][ T7446] usb 5-1: Using ep0 maxpacket: 16
[  480.613659][ T7446] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  480.624103][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  480.638847][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  480.649338][ T7446] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  480.659336][ T7446] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  480.754137][ T7446] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  480.763586][ T7446] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  480.771999][ T7446] usb 5-1: Manufacturer: syz
[  480.793148][ T7446] usb 5-1: config 0 descriptor??
02:08:24 executing program 3:
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000700)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
recvmmsg(r0, &(0x7f0000003d80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000040, 0x0)

02:08:24 executing program 0:
semctl$IPC_STAT(0x0, 0x0, 0x2, &(0x7f0000000340)=""/98)

02:08:24 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x14, 0x0, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:08:24 executing program 5:
r0 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$apparmor_exec(r0, 0x0, 0x0)

02:08:24 executing program 2:
io_setup(0x4, &(0x7f0000000080)=<r0=>0x0)
io_destroy(r0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/meminfo\x00', 0x0, 0x0)
io_setup(0xa00, &(0x7f0000000000))
clock_gettime(0x6, 0x0)
io_setup(0xeea1, &(0x7f0000000180))
openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/asound/timers\x00', 0x0, 0x0)
io_destroy(0x0)
ioctl$TUNSETVNETLE(0xffffffffffffffff, 0x400454dc, 0x0)

02:08:24 executing program 1:
r0 = getpgid(0x0)
migrate_pages(r0, 0x2, 0x0, &(0x7f00000000c0)=0x7a1)

02:08:25 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0xfe1f}}, 0x0)

[  482.383564][ T7446] rc_core: IR keymap rc-hauppauge not found
[  482.389686][ T7446] Registered IR keymap rc-empty
[  482.395868][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:08:25 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000900)=0x1, 0x4)
getsockopt$inet6_tcp_int(r0, 0x6, 0x2, 0x0, &(0x7f00000000c0))

02:08:25 executing program 5:
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={{}, 0x2c, {}, 0x2c, {'user_id', 0x3d, 0xffffffffffffffff}})
migrate_pages(0x0, 0x7, &(0x7f0000000000)=0x2, &(0x7f0000000040)=0xfffffffffffff801)

02:08:25 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000002fc0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)={0x68, 0x0, 0x0, 0x0, 0x0, "", [@generic="048fb98fce9b935413f62105224fcc1157a775308f00b78667e10e37e79be3dfb18552883cde07d33ad7f1bbccea74cc0897af60b01498b4bd75dcdb7f098dc8b7be758e72eb57760cecd2dc49a72b1c35d4e47e7c"]}, 0x68}], 0x1, 0x0, 0x1d}, 0x50)

[  482.536728][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  482.635096][ T7446] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  482.650208][ T7446] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input30
[  482.830617][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:08:25 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_sco_SCO_OPTIONS(r0, 0x11, 0x1, 0x0, &(0x7f0000000240))

[  482.902558][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  482.972391][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  483.013141][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:08:25 executing program 1:
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000b80)=@bpf_lsm={0x1d, 0x2, &(0x7f0000000580)=ANY=[@ANYBLOB="b3009ba11832b4146d511aaf"], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)

[  483.094862][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:08:25 executing program 5:
r0 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x20)

02:08:25 executing program 0:
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
accept4$netrom(r0, 0x0, 0x0, 0x0)

[  483.198340][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  483.235203][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  483.276284][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  483.335538][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  483.386655][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  483.463634][ T7446] mceusb 5-1:0.0: Registered  with mce emulator interface version 1
[  483.471976][ T7446] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  483.630858][ T7446] usb 5-1: USB disconnect, device number 57
[  484.193505][ T7446] usb 5-1: new high-speed USB device number 58 using dummy_hcd
[  484.432373][ T7446] usb 5-1: Using ep0 maxpacket: 16
[  484.553638][ T7446] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  484.564119][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  484.575770][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  484.585714][ T7446] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  484.595694][ T7446] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  484.683749][ T7446] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  484.693306][ T7446] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  484.701458][ T7446] usb 5-1: Manufacturer: syz
[  484.731521][ T7446] usb 5-1: config 0 descriptor??
02:08:28 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x14, 0x0, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:08:28 executing program 3:
openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)

02:08:28 executing program 2:
bpf$BPF_BTF_LOAD(0x11, 0x0, 0x0)

02:08:28 executing program 5:
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25SCALLUSERDATA(r0, 0x89e5, 0x0)

02:08:28 executing program 1:
socketpair(0x22, 0x2, 0x1, &(0x7f00000000c0))

02:08:28 executing program 0:
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockname(r0, 0x0, &(0x7f0000000400))

[  486.342528][ T7446] rc_core: IR keymap rc-hauppauge not found
[  486.348542][ T7446] Registered IR keymap rc-empty
[  486.353980][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:08:29 executing program 2:
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000005c0)={0x0, &(0x7f0000000540)=""/113, 0x0, 0x71}, 0x20)

02:08:29 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETFILTEREBPF(r0, 0x800454e1, 0x0)

02:08:29 executing program 5:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x1, &(0x7f0000000000)=@raw=[@jmp], &(0x7f0000000040)='syzkaller\x00', 0x4, 0x97, &(0x7f0000000080)=""/151, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)

[  486.582785][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:08:29 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000001c0)='GPL\x00', 0x7, 0xbf, &(0x7f0000000200)=""/191, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)

02:08:29 executing program 3:
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$sock_inet_tcp_SIOCOUTQ(r0, 0x5411, &(0x7f0000000340))

[  486.653088][ T7446] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  486.785528][ T7446] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input31
[  486.870999][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  486.955286][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  486.992781][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  487.022937][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:08:29 executing program 2:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETOBJ(r0, &(0x7f0000002900)={0x0, 0x0, &(0x7f00000028c0)={&(0x7f0000002880)=ANY=[@ANYBLOB="28000000130a05"], 0x28}}, 0x0)

[  487.075884][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  487.189060][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  487.248055][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  487.322115][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  487.374582][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  487.449017][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  487.495059][ T7446] mceusb 5-1:0.0: Registered  with mce emulator interface version 1
[  487.504192][ T7446] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  487.624754][T12138] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'.
[  487.686763][ T7446] usb 5-1: USB disconnect, device number 58
[  488.234952][ T7446] usb 5-1: new high-speed USB device number 59 using dummy_hcd
[  488.482893][ T7446] usb 5-1: Using ep0 maxpacket: 16
[  488.603629][ T7446] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  488.614178][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  488.625761][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  488.635696][ T7446] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  488.645652][ T7446] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  488.734876][ T7446] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  488.744583][ T7446] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  488.752963][ T7446] usb 5-1: Manufacturer: syz
[  488.845655][ T7446] usb 5-1: config 0 descriptor??
02:08:32 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x14, 0x0, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:08:32 executing program 3:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x16, 0x3, &(0x7f00000001c0)=@framed, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)

02:08:32 executing program 0:
socketpair(0x37, 0x0, 0x0, &(0x7f0000000340))

02:08:32 executing program 1:
getsockname$ax25(0xffffffffffffffff, 0x0, 0x0)

02:08:32 executing program 5:
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000200)={0xffffffffffffffff, 0x0, 0x0}, 0x20)

02:08:32 executing program 2:
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
writev(r1, &(0x7f0000000080)=[{&(0x7f00000000c0)="580000001400ad", 0x7}], 0x1)
write$binfmt_elf64(r1, &(0x7f0000000800)=ANY=[], 0xa)
close(r2)
socket(0x10, 0x3, 0x6)
writev(r1, &(0x7f0000000600)=[{&(0x7f0000000380)="f98ac693ce69", 0x6}], 0x1)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x0)
write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0xfef0)
splice(r0, 0x0, r2, 0x0, 0x80000001, 0x0)

02:08:33 executing program 5:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_QUEUE_SEQ(r0, 0x6, 0x24, &(0x7f0000000040), 0x4)

[  490.352518][ T7446] rc_core: IR keymap rc-hauppauge not found
[  490.363260][ T7446] Registered IR keymap rc-empty
[  490.368464][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:08:33 executing program 1:
socketpair(0x18, 0x0, 0x2, &(0x7f0000000340))

[  490.432178][T12160] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  490.441626][T12160] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
02:08:33 executing program 0:
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000b80)=@bpf_lsm={0x1d, 0x2, &(0x7f0000000580)=ANY=[@ANYBLOB="b3009ba11832b4146d"], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)

[  490.488750][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  490.557417][ T7446] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  490.577171][ T7446] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input32
02:08:33 executing program 3:
bpf$MAP_CREATE(0x0, &(0x7f0000000380)={0x16, 0x0, 0x1f, 0x3f, 0x220}, 0x40)

02:08:33 executing program 2:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x1b, 0x3, &(0x7f00000001c0)=@framed, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)

[  490.789718][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  490.823320][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  490.856420][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  490.905941][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  490.968388][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:08:33 executing program 1:
r0 = socket$l2tp(0x2, 0x2, 0x73)
sendto$l2tp(r0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xc}}, 0x10)

[  491.054082][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  491.125706][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  491.190602][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  491.243539][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  491.308515][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  491.400174][ T7446] mceusb 5-1:0.0: Registered  with mce emulator interface version 1
[  491.408480][ T7446] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  491.606433][ T7446] usb 5-1: USB disconnect, device number 59
[  492.122148][ T7446] usb 5-1: new high-speed USB device number 60 using dummy_hcd
[  492.366749][ T7446] usb 5-1: Using ep0 maxpacket: 16
[  492.496743][ T7446] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  492.510513][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  492.522521][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  492.532824][ T7446] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  492.542769][ T7446] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  492.632764][ T7446] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  492.642207][ T7446] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  492.650353][ T7446] usb 5-1: Manufacturer: syz
[  492.665316][ T7446] usb 5-1: config 0 descriptor??
02:08:36 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x14, 0x0, &(0x7f00000001c0)=ANY=[], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:08:36 executing program 5:
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='bbr\x00', 0x4)

02:08:36 executing program 3:
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f00000000c0), 0x14)

02:08:36 executing program 0:
r0 = socket$l2tp6(0xa, 0x2, 0x73)
getsockname$l2tp6(r0, 0x0, &(0x7f00000003c0)=0xfc000000)

02:08:36 executing program 2:
socket(0x1e, 0x0, 0x8)

02:08:36 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_udp_encap(r0, 0x11, 0x64, &(0x7f0000000400)=0x5, 0x4)

[  494.333112][ T7446] rc_core: IR keymap rc-hauppauge not found
[  494.339278][ T7446] Registered IR keymap rc-empty
[  494.344905][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:08:37 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bind$l2tp6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1}, 0x20)

02:08:37 executing program 5:
bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1b, 0x0, 0x0, 0x0, 0x508}, 0x40)

[  494.546702][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:08:37 executing program 3:
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={0x0, 0x0, 0x18}, 0x10)

02:08:37 executing program 2:
socketpair(0x23, 0x0, 0x5, &(0x7f0000000040))

02:08:37 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$inet6_mreq(r0, 0x29, 0x0, 0x0, 0x0)

[  494.693770][ T7446] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  494.709117][ T7446] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input33
[  494.896038][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  494.939657][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  494.972727][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  495.003423][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:08:37 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$L2TP_CMD_SESSION_CREATE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000002d00)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000520000008df"], 0x24}}, 0x0)

[  495.049941][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  495.118012][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  495.201995][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  495.250555][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  495.329532][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  495.380372][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  495.451256][ T7446] mceusb 5-1:0.0: Registered  with mce emulator interface version 1
[  495.460135][ T7446] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  495.745271][ T7446] usb 5-1: USB disconnect, device number 60
[  496.052821][T12255] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'.
[  496.113679][T12258] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'.
[  496.400445][ T7446] usb 5-1: new high-speed USB device number 61 using dummy_hcd
[  496.642025][ T7446] usb 5-1: Using ep0 maxpacket: 16
[  496.763632][ T7446] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  496.774211][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  496.785814][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  496.795845][ T7446] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  496.805886][ T7446] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  496.903580][ T7446] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  496.916431][ T7446] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  496.925426][ T7446] usb 5-1: Manufacturer: syz
[  496.941696][ T7446] usb 5-1: config 0 descriptor??
02:08:40 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x14, 0x0, &(0x7f00000001c0)=ANY=[], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:08:40 executing program 5:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x1, &(0x7f0000000000)=@raw=[@exit], &(0x7f0000000040)='syzkaller\x00', 0x4, 0x97, &(0x7f0000000080)=""/151, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000001c0), 0x10}, 0x78)

02:08:40 executing program 1:
pipe(&(0x7f0000006d80))
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)

02:08:40 executing program 3:
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000440)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@func_proto={0x0, 0x3, 0x0, 0xd, 0x0, [{0x8, 0x2}, {0xf}, {0x0, 0x2}]}]}}, &(0x7f0000000380)=""/135, 0x3e, 0x87, 0x1}, 0x20)

02:08:40 executing program 2:
r0 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}}, 0x20)

02:08:40 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
recvmsg$can_j1939(r0, &(0x7f0000000b00)={0x0, 0x0, 0x0}, 0x0)
syz_genetlink_get_family_id$fou(&(0x7f0000000080), r0)

[  498.492217][ T7446] rc_core: IR keymap rc-hauppauge not found
[  498.498383][ T7446] Registered IR keymap rc-empty
[  498.504420][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:08:41 executing program 2:
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)

[  498.623666][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:08:41 executing program 5:
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
write$nbd(r0, 0x0, 0x0)

02:08:41 executing program 3:
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000440)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x2c, 0x2c, 0x2, [@func_proto={0x0, 0x4, 0x0, 0xd, 0x0, [{0x8}, {0xf}, {}, {0x8}]}]}}, &(0x7f0000000380)=""/135, 0x46, 0x87, 0x1}, 0x20)

02:08:41 executing program 1:
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x0}, 0x10)

02:08:41 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000300)={&(0x7f0000000100), 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x1c, r1, 0x1, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}]}, 0x1c}}, 0x0)

[  498.719584][ T7446] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  498.735424][ T7446] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input34
[  498.901271][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  498.932644][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  498.988934][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  499.037377][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  499.100278][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  499.158042][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  499.271225][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  499.364132][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:08:42 executing program 2:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETFILTEREBPF(r0, 0x400454da, 0x0)

[  499.484015][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  499.512492][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  499.545674][ T7446] mceusb 5-1:0.0: Registered  with mce emulator interface version 1
[  499.554601][ T7446] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  499.746607][ T7446] usb 5-1: USB disconnect, device number 61
[  500.272484][ T7446] usb 5-1: new high-speed USB device number 62 using dummy_hcd
[  500.525219][ T7446] usb 5-1: Using ep0 maxpacket: 16
[  500.643775][ T7446] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  500.654666][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  500.666270][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  500.676352][ T7446] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  500.686796][ T7446] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  500.783761][ T7446] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  500.793268][ T7446] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  500.804591][ T7446] usb 5-1: Manufacturer: syz
[  500.832598][ T7446] usb 5-1: config 0 descriptor??
02:08:44 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x14, 0x0, &(0x7f00000001c0)=ANY=[], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:08:44 executing program 3:
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
getsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, 0x0, &(0x7f0000000140))

02:08:44 executing program 1:
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000380)={0x0, 0x0, 0x8}, 0xc)

02:08:44 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$L2TP_CMD_SESSION_CREATE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, r1, 0x1}, 0x14}}, 0x0)
recvmsg$can_j1939(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000a00)=[{0x0}, {0x0}], 0x2, &(0x7f0000000a80)=""/77, 0x4d}, 0x142)

02:08:44 executing program 5:
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
setsockopt$WPAN_SECURITY(r0, 0x0, 0x7, &(0x7f00000000c0), 0x4)

02:08:44 executing program 2:
socket(0x0, 0x583cdd5b6f918219, 0x0)

[  502.512536][ T7446] rc_core: IR keymap rc-hauppauge not found
[  502.518563][ T7446] Registered IR keymap rc-empty
[  502.524277][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  502.658336][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:08:45 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x14, r1, 0x1}, 0x14}}, 0x0)

[  502.710595][ T7446] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  502.725669][ T7446] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input35
02:08:45 executing program 2:
r0 = socket(0x11, 0x2, 0x0)
getpeername$inet6(r0, 0x0, 0x0)

02:08:45 executing program 0:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0x9}, 0x1c)

02:08:45 executing program 3:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000500)=ANY=[@ANYBLOB="6c00000002030108000000000000000005000009080004400000002a080001000300002a080004400000001308000100000000100800010002"], 0x6c}}, 0x0)

02:08:45 executing program 1:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_DELETE(r0, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000900)={&(0x7f0000000b40)={0x50, 0x2, 0x2, 0x5, 0x0, 0x0, {0xa}, [@CTA_EXPECT_TUPLE={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @remote}, {0x14, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x50}}, 0x0)

[  502.983698][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  503.033371][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  503.080148][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  503.127396][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  503.170035][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  503.203099][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  503.256135][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  503.351396][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  503.416587][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:08:46 executing program 0:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendto$inet6(r0, &(0x7f0000000180)="52215d5aef3d057721b479cc4ba1e0af60d7452cb6fbad6745fa513a97c873b0a19d4af1e397a9c70ed3fa2317bcd3068af2e287acc00725bb8aa1eafb75745a469505064c2fa41ed8e15f2d4324068987d6b9787e90da1222be3857e2edfd6c30f846fdaedb41d4982e167240077e944078d9c18eb3f32dfbb4063f706f48a08c137d8a6f48224545bc1647f3c313eff78aa685c992d62dbf57abcf630e10c70d48f2ef29cf4794b9a7fe3909633885d81fd4e3258ab139814cfe66e992f5e61caf1596afac00eed65e6e4e954596159f8e35e4a6ab624d4d566b8c47e48faaf600ba9e635e2805756ea15e054ad24eb85a608276078091f7a3553460e2fb9ae6787862d4ce04b484dc1cc7ae021a07d603797e2d54b3e652cfcdf6da082de3927026e795c2f2b400f89e1e1f714cc9545ec2c7d9a80978e6bf654d3459184697a5f7a19ec13b219103ef1d74fe5c482a092dd76178ef8e87cb7207ba25b3d0d0ba7121341840e9a2738e0c43394798e715788b5e21443e8995a27b8a785ebbb7488c6d45475b4b7ce8a5a6e74a2dac87b9b0747be967f0457c3cc5d1fc0e2d138b4fc2b15300c7af1f22d6efded2d28ed5f3bfb27ba1efff27574906250377e45d8a9cb71db683f3793665c54b92a2f195f82b0e8e6d03f7dca1e884a6dc653ac24c1647ef43807d0757020a8d00e0a4ea4c82f5995c3fe75a5e2e396169acde3d954ae967617f78f43178fb17e3cb8d715066d5213655696e726dc1a21b4c57fcd39372edd23ae23c72e7550b099648dc7fa90507d91b0f232ff8514945266b53ef4b6fbecc0da98c2f7d2e50d1d59c5b557b58f8fde0fdfb8b2867b0f3ae6a87641c1466f011430097bda89ad413a815e7281ce18085e4f3ae26d4b7eae93631075c2307e9531184b9b9385e7ee9ad9ad0382d4c6c16d61dd2a11c5ba474428cbffca41f083fd2a5a980e9d7869504cd04ce538c652285e77604c3ec4a03cad5d3a19bf350391e169a985085ba43f0be1f184faa4ab237f9b8a6d40deb1fb56f20677431d4b3c00e2494ac9795d4efe04816a81d1d02d829d7bb111b540e2997da76523c2d15e7e593679271e641cbb320bad49aa1e2cc775a1b0af1fe007ba2080012d60f0db3d7bd07b257b8bada8ce1793ed53b1f904ec8bacce5b6ff96037ae2072d0c4f89b18135432397fd80ccd66552ef4fc4b0fec1905f2aebb74d15bd2a4a5cad81bd1ac2392b81b8c9b2e3069270c84d42e010f672c5d67d6683cffd7dea0f96817e8211ce9721813e47f8f9e0052d80cf1376d1ed1350a4168ea43b6ffa686efe19c53b469f78a4cf7e6f64207593ae8f0b44ac63a59da8565075ef39e69376079614f3ba3e0b853119436031c3e031dacfc0912511af40728c7d2b6460aaf6c69adda0a0f102ba72d866e49b51db21192ffdd3f691bac4a95f3fa3fa69a9e5cc21faffc699e4ede3e41c578cf2f32c2d3d3f2f9a8d96e9cb9f554fd7d88b1d945c03dc20669d93ef9573ce178e7fd906ea55c041ae8ebdf27d27a3", 0xfffffffffffffc1f, 0x86, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

[  503.500050][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  503.599675][ T7446] mceusb 5-1:0.0: Registered  with mce emulator interface version 1
[  503.608244][ T7446] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  503.702951][T12360] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.3'.
[  503.791010][ T7446] usb 5-1: USB disconnect, device number 62
[  504.292422][ T7446] usb 5-1: new high-speed USB device number 63 using dummy_hcd
[  504.532454][ T7446] usb 5-1: Using ep0 maxpacket: 16
[  504.653713][ T7446] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  504.664561][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  504.676150][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  504.686284][ T7446] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  504.699537][ T7446] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  504.798006][ T7446] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  504.807569][ T7446] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  504.815985][ T7446] usb 5-1: Manufacturer: syz
[  504.840496][ T7446] usb 5-1: config 0 descriptor??
02:08:48 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x14, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:08:48 executing program 2:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f00000000c0), 0x8)
getsockopt$inet6_opts(r0, 0x29, 0x39, 0x0, &(0x7f0000000080))

02:08:48 executing program 5:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_int(r0, 0x6, 0x7, 0x0, &(0x7f0000000000))

02:08:48 executing program 3:
r0 = socket(0x2, 0x2, 0x0)
getsockname$inet6(r0, 0x0, &(0x7f0000000080))

02:08:48 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x7}, 0x1c)
sendmsg$inet6(r0, &(0x7f00000016c0)={0x0, 0x0, 0x0}, 0x0)

02:08:48 executing program 0:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x1, 0x0, @private2}, 0x1c)
getpeername$inet6(r0, 0x0, 0x0)

[  506.533126][ T7446] rc_core: IR keymap rc-hauppauge not found
[  506.543904][ T7446] Registered IR keymap rc-empty
[  506.549091][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  506.680490][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  506.720062][ T7446] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  506.735175][ T7446] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input36
02:08:49 executing program 0:
r0 = socket(0x11, 0x2, 0x0)
sendmsg$inet6(r0, &(0x7f0000001640)={&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev}, 0x1c, 0x0}, 0x0)

02:08:49 executing program 5:
r0 = socket(0xa, 0x3, 0xc4)
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r0, &(0x7f00000013c0)={&(0x7f0000000000), 0xc, &(0x7f0000001380)={0x0}}, 0x0)

02:08:49 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c)

02:08:49 executing program 3:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000140)={'batadv_slave_1\x00', <r1=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000180)={@private1, 0x0, r1})

02:08:49 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000500)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)

[  507.035665][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  507.092218][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  507.129699][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  507.162558][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  507.215375][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  507.275782][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  507.321650][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  507.388063][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  507.449071][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  507.562479][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  507.638280][ T7446] mceusb 5-1:0.0: Registered  with mce emulator interface version 1
[  507.646724][ T7446] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
02:08:50 executing program 0:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, 0xfffffffffffffecb)

[  507.862260][ T7446] usb 5-1: USB disconnect, device number 63
[  508.522281][ T7446] usb 5-1: new high-speed USB device number 64 using dummy_hcd
[  508.772242][ T7446] usb 5-1: Using ep0 maxpacket: 16
[  508.896242][ T7446] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  508.906744][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  508.918351][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  508.928354][ T7446] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  508.938448][ T7446] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  509.043806][ T7446] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  509.053348][ T7446] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  509.061588][ T7446] usb 5-1: Manufacturer: syz
[  509.075870][ T7446] usb 5-1: config 0 descriptor??
02:08:52 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x14, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:08:52 executing program 2:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendto$inet6(r0, &(0x7f0000000180)="52215d5aef3d057721b479cc4ba1e0af60d7452cb6fbad6745fa513a97c873b0a19d4af1e397a9c70ed3fa2317bcd3068af2e287acc00725bb8aa1eafb75745a469505064c2fa41ed8e15f2d4324068987d6b9787e90da1222be3857e2edfd6c30f846fdaedb41d4982e167240077e944078d9c18eb3f32dfbb4063f706f48a08c137d8a6f48224545bc1647f3c313eff78aa685c992d62dbf57abcf630e10c70d48f2ef29cf4794b9a7fe3909633885d81fd4e3258ab139814cfe66e992f5e61caf1596afac00eed65e6e4e954596159f8e35e4a6ab624d4d566b8c47e48faaf600ba9e635e2805756ea15e054ad24eb85a608276078091f7a3553460e2fb9ae6787862d4ce04b484dc1cc7ae021a07d603797e2d54b3e652cfcdf6da082de3927026e795c2f2b400f89e1e1f714cc9545ec2c7d9a80978e6bf654d3459184697a5f7a19ec13b219103ef1d74fe5c482a092dd76178ef8e87cb7207ba25b3d0d0ba7121341840e9a2738e0c43394798e715788b5e21443e8995a27b8a785ebbb7488c6d45475b4b7ce8a5a6e74a2dac87b9b0747be967f0457c3cc5d1fc0e2d138b4fc2b15300c7af1f22d6efded2d28ed5f3bfb27ba1efff27574906250377e45d8a9cb71db683f3793665c54b92a2f195f82b0e8e6d03f7dca1e884a6dc653ac24c1647ef43807d0757020a8d00e0a4ea4c82f5995c3fe75a5e2e396169acde3d954ae967617f78f43178fb17e3cb8d715066d5213655696e726dc1a21b4c57fcd39372edd23ae23c72e7550b099648dc7fa90507d91b0f232ff8514945266b53ef4b6fbecc0da98c2f7d2e50d1d59c5b557b58f8fde0fdfb8b2867b0f3ae6a87641c1466f011430097bda89ad413a815e7281ce18085e4f3ae26d4b7eae93631075c2307e9531184b9b9385e7ee9ad9ad0382d4c6c16d61dd2a11c5ba474428cbffca41f083fd2a5a980e9d7869504cd04ce538c652285e77604c3ec4a03cad5d3a19bf350391e169a985085ba43f0be1f184faa4ab237f9b8a6d40deb1fb56f20677431d4b3c00e2494ac9795d4efe04816a81d1d02d829d7bb111b540e2997da76523c2d15e7e593679271e641cbb320bad49aa1e2cc775a1b0af1fe007ba2080012d60f0db3d7bd07b257b8bada8ce1793ed53b1f904ec8bacce5b6ff96037ae2072d0c4f89b18135432397fd80ccd66552ef4fc4b0fec1905f2aebb74d15bd2a4a5cad81bd1ac2392b81b8c9b2e3069270c84d42e010f672c5d67d6683cffd7dea0f96817e8211ce9721813e47f8f9e0052d80cf1376d1ed1350a4168ea43b6ffa686efe19c53b469f78a4cf7e6f64207593ae8f0b44ac63a59da8565075ef39e69376079614f3ba3e0b853119436031c3e031dacfc0912511af40728c7d2b6460aaf6c69adda0a0f102ba72d866e49b51db21192ffdd3f691bac4a95f3fa3fa69a9e5cc21faffc699e4ede3e41c578cf2f32c2d3d3f2f9a8d96e9cb9f554fd7d88b1d945c03dc20669d93ef9573ce178e7fd906ea55c041ae8ebdf27d27a328688155b927e751d247ccc55beae385707c636df3a9e8e0bb96add0763b1616bfcdb46fc8b8e276bda743f678299e7b934b81b217ef2f8784dc46cd10c68576787f43022f7f53f84c7ece6cc64303780384c42ba5a4ae7b6317dc47ec923744689fd23b295c42f4ff3ee4264171e3209468f7496bf9a5eea2f793270e56e28c798665a4f18fa20255fd7ab0516c379d0c1a67195afb443ac77129f4bc6320a08439ac34435e897aca839098ee0c5db558b0cdc1cce46d7ebcfb9677fcfe976388bb591bf4bed97dbdce1750c977640df686cecc6bb398ffc3b3e3e7b8b8b7bef37f422d4a43d7d7801f48dada89be6e9e82233d558e14a9b12e52bc495fb6da4248623299140ee96cd94462add3c53d4c4686842de2fea263ee9cdaeff2c459d8aca97954d93d4f732d7dee9b295bd1ea596f973c4013fd81afa644711a329e8d695a8e66efad3739dc9501a89da7ffb44eba63937e470ec43134ce02c9bde580319113b55725e3be87afdac8b8689d9658ef96eb281ed25429299c74562f0e6bf116780785bbdf1924b05cd9f25d74fd41d3a885028615c72b7be1342069b4881bb1e897dc0c12d2e8f2673bb55c01a5b2b97c47ba2f778d1b27a6269248ccafc11ecbdb9220b41e35a065f56c62b7d81b69e926386b3d225a766da03e669df38afcd66280a6523ece391400fb19e981d3b11dfd0bd5fce92f60ba6757b423cf4878ead8322eb59bb3e9c494b043522c1d697c6296e8047a279dedc2ec76c0a6f52b52a628e2c53c47db80be0b4a504bccd9d7b69308d8dd0916488ef17833a9767703f33f1c34641e4395dae4e8492d0d436178bbafefe5c899877fcf40cf6836a3738a7acf1a5591f790b8e54f2d61e39e84bd9d37e17a6b572616decf276a4bc8b74fcd9fdb7a981fa1c612d1c359eca42d68360d40bb60f2c0225f69d5f440440327d9fbd3939697412437996d394d47578c4657702aaf2fdffa73f9c5a077ede3d889ae2fb5724169180ab3dd34a70b8ac48081c2abb15cafbcd7f8dc3e3ec05b79c93bc03b9c0bc7d9d8dc72b85ba456d2a7bb6ec367c2f578209b9e232e08f57b86869f7f79c84ec7c40d0dd39c0945cf46b0eab1312ae6c32c13cb0d85385d3b3c14a5d39277676526f96d4675c296063e28a6781f2e933976ca3dd08ef9231a8d6b89f825e4f1d24d5f17b5ccb4cc9108e9ce62b6db8df590bf2a919040dd7687a51cc8292a475a450d8c15eebbd156881d3208f26ce6837d3f27da0b5cf25efbecaa0ef75af24f71afba81d9e204f762cb208a20dc91bbf8b15f2db47a0a1c166e461c50629a5dca5e1e23afa3d7826fe7c004c8659a0be21d199eca61fcaeb22915f7d98af7976210901e8f0ed80bf65c0259de0fb5bf47181ece4a201310805f9ae65b0d36a1194cf61d12e7465effde03ecb67e3fe8438d658e69433b33deb98d56b6cffeabd4214150dcaa4fafabfe13baa71feee11091bdcff268e4d8effacf2051971f5225e3ebe7776f5e96a679360049ff18a5cbc3edf8434c2416ad906674b1342e8f52604c1182abf72fef8a54b958df4b4986702f5f2eb78cfec0bd84814b7b6f3d38e2eb48fb0ca2735e8c20436617ed33d105b482414061fa394d5a79e4722bf2cdce8bf3b4e2138667d3cab42540e9e3c8a55930f8ddd5431497303fcdb6b675a442df6c7016f3c6cc05530eb6d8e16a9d99c655c7232e5252893d52fc591e805a107efd3c4f1e99e594a4814effa0d6678a7adbe6475ea6abd2d69a797fd5c8910b720b7378884a1dc01bfbd81b30950aef403661160e2059d2729a84f7a27781b0c6b2d5c0d0818a4ee43d8695c971a49ac2b83ec082d95edbb386fc1037f994edc664db7d2d6559b1a5807c0053f74b02222aa8d3e828d267b5d30b11d9f1823d7c489c991ecbd21b53cd37a7ac4f2bf1837a1978277eb58f09cd81a6a70f569444cb697386d2afab6eb6ac313e9b5003f071815947df87035fb2bbcd7c132d3f4b2944d7479f22dfc679a878aba1bc0b9f19edd8fda1f2f0cbef9816123643df5a26e4c46fde2de2f9e61a5aab4734cfd36fac4d8c7a6ce8cd7d39fd3326772aafb510997ab67084922fbee2dc9bbf82eb8a5a2fad198690a29cdc414f1285210b54beeb3fc171cc5df6770a3bce7af13827857e949fb864dd6c5d7379fbf42913efda39987e071ad73bff1e0385949b4e9113d16f83aba046bdc87d2d2b8135b851c716cb793561349295b2d07f12b3bc1185ee8dadc4f498018eb2a26c43411f3411ee31e706d5536b514bfa1c7ee7cbe58cd8ccfd8560710a9c365281716c4260246927d37cc94ab1ed6f87b7a1146337344e4c75cd7ecbc04ecc84647f3ceb68e0dff0ee58be03a9b1d47348d71a378e7669eef42f895478aed607fe02081c21c5e507ed2b47a923cfe36099a6723e89dd71c32f9bb26445618a98e3292017cf7c4fc1ea068c2c33952731052c2bacf0f57194b304cafe77a2e9d5aa694a769f6c6db614ed5044c7dcc52417b7df510331932f5358", 0xb49, 0x0, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @local, 0x5}, 0x1c)

02:08:52 executing program 5:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_int(r0, 0x29, 0x43, &(0x7f0000000000), 0x4)

02:08:52 executing program 3:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$inet6(r0, &(0x7f0000000100)={&(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c, 0x0, 0x0, 0x0, 0xfffffffffffffdf9}, 0x0)

02:08:53 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f00000000c0)=ANY=[], 0x4)

02:08:53 executing program 0:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$inet6(r0, &(0x7f0000001280)={&(0x7f0000000040)={0xa, 0x4e24, 0x0, @remote}, 0x1c, 0x0, 0x0, &(0x7f0000001240)=[@tclass={{0x14}}], 0x18}, 0x0)

[  510.642715][ T7446] rc_core: IR keymap rc-hauppauge not found
[  510.648739][ T7446] Registered IR keymap rc-empty
[  510.654347][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:08:53 executing program 2:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_int(r0, 0x29, 0x1a, &(0x7f0000000240), 0x4)

[  510.747334][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:08:53 executing program 3:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
getsockopt$inet6_int(r0, 0x29, 0x4a, 0x0, &(0x7f0000000080))

[  510.813899][ T7446] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  510.828964][ T7446] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input37
02:08:53 executing program 0:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$inet6(r0, &(0x7f0000000100)={&(0x7f0000000000)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c, &(0x7f0000000380)=[{&(0x7f0000000040)="d1", 0x1}], 0x1, &(0x7f0000000400)=[@hopopts_2292={{0x18}}], 0x18}, 0x0)

02:08:53 executing program 1:
r0 = socket(0x1, 0x2, 0x0)
sendmsg$IPSET_CMD_GET_BYNAME(r0, &(0x7f00000000c0)={&(0x7f0000000000), 0xc, &(0x7f0000000080)={0x0, 0x38}}, 0x0)

02:08:53 executing program 5:
socketpair(0x1, 0x3, 0x0, &(0x7f0000000340))

[  511.083426][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  511.117805][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  511.163695][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  511.231678][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  511.280488][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  511.331628][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  511.380772][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  511.422886][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:08:54 executing program 2:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$inet6(r0, &(0x7f0000000040)={&(0x7f00000000c0)={0xa, 0x4e25, 0x0, @rand_addr=' \x01\x00'}, 0x1c, 0x0}, 0x0)

[  511.490048][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  511.563747][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  511.622293][ T7446] mceusb 5-1:0.0: Registered  with mce emulator interface version 1
[  511.630458][ T7446] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  511.809644][ T7446] usb 5-1: USB disconnect, device number 64
[  512.322169][ T7446] usb 5-1: new high-speed USB device number 65 using dummy_hcd
[  512.562140][ T7446] usb 5-1: Using ep0 maxpacket: 16
[  512.684384][ T7446] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  512.694894][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  512.706503][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  512.716437][ T7446] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  512.726390][ T7446] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  512.833774][ T7446] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  512.843268][ T7446] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  512.851416][ T7446] usb 5-1: Manufacturer: syz
[  512.870673][ T7446] usb 5-1: config 0 descriptor??
02:08:56 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x14, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:08:56 executing program 3:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c)
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000001800)={0x0, 0x1, 0x6, @multicast}, 0x10)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xedf, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x4, 0x80, 0x7, 0x0, 0x20, 0x3, 0x0, 0x8, 0x4, 0x4, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x9153, 0x2, @perf_config_ext={0x80000000, 0x4b}, 0x402a, 0x7, 0x7, 0x7, 0x0, 0x3, 0xfff, 0x0, 0x2000000, 0x0, 0x8000}, 0x0, 0xf, r1, 0x1)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendto$inet6(r0, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x1802, @rand_addr, 0xf401}, 0x1c)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000800), 0x100, 0x0)
r2 = syz_mount_image$squashfs(&(0x7f0000000040), &(0x7f0000000780)='./file0\x00', 0x7, 0x5, &(0x7f0000001640)=[{0x0, 0x0, 0x7fffffff}, {0x0, 0x0, 0x100000001}, {0x0}, {&(0x7f0000001480), 0x0, 0x9}, {&(0x7f0000001580)="dddcb2ead7dc287df26ddf7c964e18f940b9cbdaf18bcbe508e6f3e360c4b2fa84e133d5b8d32c9f18e066c3816ff78969c9472a3c0f2d7be30266b6206c77c64002cc70aabeae7aaf42a1e2665875a8879329243129b352a96a7481244740790ce8b23432e8509e88977ab4d20e03bb44b4df964b125acd9b20a47dec01781748731d5bb7ea34f029", 0x89, 0x2}], 0x0, &(0x7f0000000b40)=ANY=[@ANYRESDEC=0xee01, @ANYBLOB="2c646f6e71dea78ab9f32a745f686173682c6d6561737572652c009225cbfe3b7ad8195deb0499cd965553fbb486f4fded739909de665042370c84367abffb7380eb08fe36120e8329adf445dce4f89e9b5441ea055f989e8f9cefb1cfef84285e2db3e98095d685a3b22e51e212ecd19b43249d41ce07352a7edccbc2cea6cd4567d39116a9ac25e41bcccd2cf56ba02bee59823a4a", @ANYRES16, @ANYRESDEC, @ANYBLOB="326dbabcc8ccf677f1d5149ad992019bed70e34856ef0c45a6d066efea9ea7d73f299c1e827da595c80380d8bda54774"])
ioctl$FAT_IOCTL_SET_ATTRIBUTES(r2, 0x40047211, &(0x7f00000017c0)=0x1)
r3 = eventfd(0x3f)
r4 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000680), 0x100, 0x0)
io_submit(0x0, 0x4, &(0x7f0000000700)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x3, 0x4, 0xffffffffffffffff, &(0x7f00000003c0)="acf578fc5134f1f418c0226971a5065a53ebd21fd347c0eb8bb71759e55164ae80a5d8e9002ee145846ca769e47cb773556d9d0df3797aa0787a56fc9bbeff367a1215c0b49ce22035d183c54725142f1c12d7173843de12d62d4e015a87c1f3c6bf054a36fa589469637469ffa28af4d5026f61df3101dce6cca29f3df9947e315afd43393c879d1b6fd1862834d3a9d876659dece54c434b5a003b7e32c033", 0xa0, 0xffffffffffffff80, 0x0, 0x1}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x3, r2, &(0x7f0000000480)="227df6ab75024d5a0a989a03487da78ac86a3e6cbfb0e025526f87b608629673a86fe408e1655ec0d7a566cd118a3374480b50aa02cbc30033944b6befc735931f3e106be04d131fd42dd2ff12089168325a3cdcb1ec350899edf02e6328437eea22b186bf7d8b2d3d56c1a951c621cf96f2b2c8f1fb2e3733f4f3c5b66b7a2e2873e4b0b6b011263d2dc4662ba43cba77b4befd286db1fed08b2f15652696706fb996b3f477b6f199af7c1b96e2632195718828c960e7a3e6957966", 0xbc, 0x0, 0x0, 0x2}, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x3, 0x40, 0xffffffffffffffff, &(0x7f0000000540)="4cfee9ef2ff5c28a57b3d9347c241646ff33d10913cdf5f2af71ce48dced48b0c7c89f41a01e0d9b30436c2c1db8a58caa3cdc82c787d1d7f0fcd785a68581f901de8210851ce2e2bf7bac943ba7ff546b19f2a7474a098f0a026b66ac392cd223152e2fd14359db8202ae97236a7b42ed8dc5b4cdafc32fa4fad042cf2b3a57b13723398d6efbd5460f633fa16a4206f51452df", 0x94, 0x8, 0x0, 0x0, r3}, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x3, 0x8987, 0xffffffffffffffff, &(0x7f0000000600)="042bdf1ae885fade315b444dcb4e5d0855482f21f480e39202daf6f5d03244635a59ebe603dcd5cc619b3b24cb47a2d54d2c191f69aba3d4c0b450b7755b4af9193980b199524edc60b115dee24d5971b123bb818fa1e9", 0x57, 0x8, 0x0, 0x2, r4}])

02:08:56 executing program 0:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0xfffffffffffffdef)

02:08:56 executing program 1:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_DELETE(r0, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000900)={&(0x7f0000000b40)={0x18, 0x2, 0x2, 0x5, 0x0, 0x0, {}, [@CTA_EXPECT_TUPLE={0x4}]}, 0x18}}, 0x0)

02:08:56 executing program 5:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_int(r0, 0x29, 0x13, &(0x7f0000000340)=0x1000002, 0x4)

02:08:56 executing program 2:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_buf(r0, 0x29, 0x2a, &(0x7f00000000c0)="25666ca3215a716d9865cd00a4b53339c485597102e87c821d264a032bef59b9e651c2b9a046708b83f60b8d0b4ef3a2e3b22eaafaa22e1f24ca76fe177d2b53decf64c32675a1f958cbeca4f84ae5ffd8cf861186f66aa1d1747149daa17efcce5f49f09a6247e08f75d3b8aee289f6eb16a47e63ac3ea5c8dd591527d72ab6eed3c78ff5403238", 0x88)

02:08:57 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_buf(r0, 0x6, 0x1c, 0x0, &(0x7f0000000180))

02:08:57 executing program 5:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f00000000c0), 0x8)
getsockopt$inet6_opts(r0, 0x29, 0x3b, 0x0, &(0x7f0000000000))

[  514.623211][ T7446] rc_core: IR keymap rc-hauppauge not found
[  514.633958][ T7446] Registered IR keymap rc-empty
[  514.639156][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:08:57 executing program 2:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendto$inet6(r0, 0x0, 0x0, 0x24008800, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

02:08:57 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000001cc0)=ANY=[], 0x8)
setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, 0x0, 0x0)

[  514.665553][T12508] loop3: detected capacity change from 0 to 264192
[  514.749372][T12508] squashfs: Unknown parameter '00000000000000060929'
[  514.799376][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  514.823855][ T7446] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  514.826058][ T7446] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input38
[  514.880920][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  514.903255][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  514.942388][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  514.995248][ T1201] ieee802154 phy0 wpan0: encryption failed: -22
[  514.995442][ T1201] ieee802154 phy1 wpan1: encryption failed: -22
02:08:58 executing program 0:
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$link(0x3, r0, 0x0)
keyctl$read(0x5, r0, 0x0, 0x0)

[  514.999197][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:08:58 executing program 5:
keyctl$KEYCTL_PKEY_SIGN(0xa, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="5f60fdd352775b9230619f1ed314a6e622cad7e54fe03ee890523f59277482e1"], 0x0, 0x0)

[  515.022091][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  515.052514][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  515.083342][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  515.116357][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  515.142279][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  515.172513][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  515.205126][ T7446] mceusb 5-1:0.0: Registered  with mce emulator interface version 1
[  515.205226][ T7446] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  515.245104][ T7446] usb 5-1: USB disconnect, device number 65
[  515.769602][ T7446] usb 5-1: new high-speed USB device number 66 using dummy_hcd
[  516.008739][ T7446] usb 5-1: Using ep0 maxpacket: 16
[  516.136306][ T7446] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  516.146830][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  516.158945][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  516.168942][ T7446] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  516.178893][ T7446] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  516.353889][ T7446] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  516.363250][ T7446] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  516.374883][ T7446] usb 5-1: Manufacturer: syz
[  516.434216][ T7446] usb 5-1: config 0 descriptor??
02:09:00 executing program 1:
r0 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000000)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
r1 = add_key$fscrypt_v1(&(0x7f0000000100), &(0x7f0000000180)={'fscrypt:', @desc4}, &(0x7f00000001c0)={0x0, "db7cfb53e4f0f7206b395631f3aa33ce3e9d618f835f8914ec948043b13f669bdde24d26d04702a3f2e1abc98091321671371f5f358e19aefd81ffefb4b6ea51"}, 0x48, r0)
keyctl$update(0x2, r1, &(0x7f0000000440)='d', 0x1)

02:09:00 executing program 2:
keyctl$link(0xc, 0x0, 0x0)

02:09:00 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x14, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0003040000000403010811d456"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:09:00 executing program 0:
r0 = gettid()
process_vm_writev(r0, &(0x7f0000000c80)=[{&(0x7f0000000840)=""/202, 0xca}, {&(0x7f0000000940)=""/71, 0x47}, {&(0x7f00000009c0)=""/224, 0xe0}, {&(0x7f0000000ac0)=""/51, 0x33}, {&(0x7f0000000b00)=""/209, 0xd1}], 0x5, &(0x7f0000001300)=[{&(0x7f0000000d00)=""/123, 0x7b}, {0x0}], 0x2, 0x0)

02:09:00 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000080), 0xfffffffffffffffe, 0x201b0)
r1 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x8801)
ioctl$BLKIOOPT(0xffffffffffffffff, 0x1279, &(0x7f0000000080))
ioctl$LOOP_SET_FD(r1, 0x4c00, r0)
syz_open_dev$evdev(&(0x7f0000000000), 0x8, 0x1)

02:09:00 executing program 3:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c)
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000001800)={0x0, 0x1, 0x6, @multicast}, 0x10)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xedf, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x4, 0x80, 0x7, 0x0, 0x20, 0x3, 0x0, 0x8, 0x4, 0x4, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x9153, 0x2, @perf_config_ext={0x80000000, 0x4b}, 0x402a, 0x7, 0x7, 0x7, 0x0, 0x3, 0xfff, 0x0, 0x2000000, 0x0, 0x8000}, 0x0, 0xf, r1, 0x1)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendto$inet6(r0, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x1802, @rand_addr, 0xf401}, 0x1c)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000800), 0x100, 0x0)
r2 = syz_mount_image$squashfs(&(0x7f0000000040), &(0x7f0000000780)='./file0\x00', 0x7, 0x5, &(0x7f0000001640)=[{0x0, 0x0, 0x7fffffff}, {0x0, 0x0, 0x100000001}, {0x0}, {&(0x7f0000001480), 0x0, 0x9}, {&(0x7f0000001580)="dddcb2ead7dc287df26ddf7c964e18f940b9cbdaf18bcbe508e6f3e360c4b2fa84e133d5b8d32c9f18e066c3816ff78969c9472a3c0f2d7be30266b6206c77c64002cc70aabeae7aaf42a1e2665875a8879329243129b352a96a7481244740790ce8b23432e8509e88977ab4d20e03bb44b4df964b125acd9b20a47dec01781748731d5bb7ea34f029", 0x89, 0x2}], 0x0, &(0x7f0000000b40)=ANY=[@ANYRESDEC=0xee01, @ANYBLOB="2c646f6e71dea78ab9f32a745f686173682c6d6561737572652c009225cbfe3b7ad8195deb0499cd965553fbb486f4fded739909de665042370c84367abffb7380eb08fe36120e8329adf445dce4f89e9b5441ea055f989e8f9cefb1cfef84285e2db3e98095d685a3b22e51e212ecd19b43249d41ce07352a7edccbc2cea6cd4567d39116a9ac25e41bcccd2cf56ba02bee59823a4a", @ANYRES16, @ANYRESDEC, @ANYBLOB="326dbabcc8ccf677f1d5149ad992019bed70e34856ef0c45a6d066efea9ea7d73f299c1e827da595c80380d8bda54774"])
ioctl$FAT_IOCTL_SET_ATTRIBUTES(r2, 0x40047211, &(0x7f00000017c0)=0x1)
r3 = eventfd(0x3f)
r4 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000680), 0x100, 0x0)
io_submit(0x0, 0x4, &(0x7f0000000700)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x3, 0x4, 0xffffffffffffffff, &(0x7f00000003c0)="acf578fc5134f1f418c0226971a5065a53ebd21fd347c0eb8bb71759e55164ae80a5d8e9002ee145846ca769e47cb773556d9d0df3797aa0787a56fc9bbeff367a1215c0b49ce22035d183c54725142f1c12d7173843de12d62d4e015a87c1f3c6bf054a36fa589469637469ffa28af4d5026f61df3101dce6cca29f3df9947e315afd43393c879d1b6fd1862834d3a9d876659dece54c434b5a003b7e32c033", 0xa0, 0xffffffffffffff80, 0x0, 0x1}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x3, r2, &(0x7f0000000480)="227df6ab75024d5a0a989a03487da78ac86a3e6cbfb0e025526f87b608629673a86fe408e1655ec0d7a566cd118a3374480b50aa02cbc30033944b6befc735931f3e106be04d131fd42dd2ff12089168325a3cdcb1ec350899edf02e6328437eea22b186bf7d8b2d3d56c1a951c621cf96f2b2c8f1fb2e3733f4f3c5b66b7a2e2873e4b0b6b011263d2dc4662ba43cba77b4befd286db1fed08b2f15652696706fb996b3f477b6f199af7c1b96e2632195718828c960e7a3e6957966", 0xbc, 0x0, 0x0, 0x2}, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x3, 0x40, 0xffffffffffffffff, &(0x7f0000000540)="4cfee9ef2ff5c28a57b3d9347c241646ff33d10913cdf5f2af71ce48dced48b0c7c89f41a01e0d9b30436c2c1db8a58caa3cdc82c787d1d7f0fcd785a68581f901de8210851ce2e2bf7bac943ba7ff546b19f2a7474a098f0a026b66ac392cd223152e2fd14359db8202ae97236a7b42ed8dc5b4cdafc32fa4fad042cf2b3a57b13723398d6efbd5460f633fa16a4206f51452df", 0x94, 0x8, 0x0, 0x0, r3}, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x3, 0x8987, 0xffffffffffffffff, &(0x7f0000000600)="042bdf1ae885fade315b444dcb4e5d0855482f21f480e39202daf6f5d03244635a59ebe603dcd5cc619b3b24cb47a2d54d2c191f69aba3d4c0b450b7755b4af9193980b199524edc60b115dee24d5971b123bb818fa1e9", 0x57, 0x8, 0x0, 0x2, r4}])

02:09:00 executing program 2:
syz_open_dev$evdev(&(0x7f0000000040), 0xe1f, 0x105041)

[  518.292039][ T7446] rc_core: IR keymap rc-hauppauge not found
[  518.298069][ T7446] Registered IR keymap rc-empty
[  518.303490][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:09:01 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_DISABLE_BEARER(r0, &(0x7f0000000040)={0x0, 0x0, 0xffffffffffffffff}, 0x0)

[  518.366836][T12571] loop3: detected capacity change from 0 to 264192
02:09:01 executing program 1:
syz_mount_image$msdos(0x0, 0x0, 0x0, 0x5, &(0x7f0000000740)=[{&(0x7f0000000300)='2', 0x1}, {&(0x7f0000000380)='q', 0x1, 0x6c68}, {&(0x7f0000000480)="bd", 0x1}, {&(0x7f0000000540)="1f", 0x1, 0x100000000}, {&(0x7f0000000640)='{', 0x1}], 0x0, 0x0)

[  518.490433][T12571] squashfs: Unknown parameter '00000000000000060929'
[  518.500581][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:09:01 executing program 5:
setgroups(0x5, &(0x7f0000000300)=[0x0, 0x0, 0x0, 0xee00, 0x0])

[  518.561665][ T7446] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  518.578262][ T7446] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input39
02:09:01 executing program 3:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c)
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000001800)={0x0, 0x1, 0x6, @multicast}, 0x10)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xedf, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x4, 0x80, 0x7, 0x0, 0x20, 0x3, 0x0, 0x8, 0x4, 0x4, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x9153, 0x2, @perf_config_ext={0x80000000, 0x4b}, 0x402a, 0x7, 0x7, 0x7, 0x0, 0x3, 0xfff, 0x0, 0x2000000, 0x0, 0x8000}, 0x0, 0xf, r1, 0x1)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendto$inet6(r0, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x1802, @rand_addr, 0xf401}, 0x1c)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000800), 0x100, 0x0)
r2 = syz_mount_image$squashfs(&(0x7f0000000040), &(0x7f0000000780)='./file0\x00', 0x7, 0x5, &(0x7f0000001640)=[{0x0, 0x0, 0x7fffffff}, {0x0, 0x0, 0x100000001}, {0x0}, {&(0x7f0000001480), 0x0, 0x9}, {&(0x7f0000001580)="dddcb2ead7dc287df26ddf7c964e18f940b9cbdaf18bcbe508e6f3e360c4b2fa84e133d5b8d32c9f18e066c3816ff78969c9472a3c0f2d7be30266b6206c77c64002cc70aabeae7aaf42a1e2665875a8879329243129b352a96a7481244740790ce8b23432e8509e88977ab4d20e03bb44b4df964b125acd9b20a47dec01781748731d5bb7ea34f029", 0x89, 0x2}], 0x0, &(0x7f0000000b40)=ANY=[@ANYRESDEC=0xee01, @ANYBLOB="2c646f6e71dea78ab9f32a745f686173682c6d6561737572652c009225cbfe3b7ad8195deb0499cd965553fbb486f4fded739909de665042370c84367abffb7380eb08fe36120e8329adf445dce4f89e9b5441ea055f989e8f9cefb1cfef84285e2db3e98095d685a3b22e51e212ecd19b43249d41ce07352a7edccbc2cea6cd4567d39116a9ac25e41bcccd2cf56ba02bee59823a4a", @ANYRES16, @ANYRESDEC, @ANYBLOB="326dbabcc8ccf677f1d5149ad992019bed70e34856ef0c45a6d066efea9ea7d73f299c1e827da595c80380d8bda54774"])
ioctl$FAT_IOCTL_SET_ATTRIBUTES(r2, 0x40047211, &(0x7f00000017c0)=0x1)
r3 = eventfd(0x3f)
r4 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000680), 0x100, 0x0)
io_submit(0x0, 0x4, &(0x7f0000000700)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x3, 0x4, 0xffffffffffffffff, &(0x7f00000003c0)="acf578fc5134f1f418c0226971a5065a53ebd21fd347c0eb8bb71759e55164ae80a5d8e9002ee145846ca769e47cb773556d9d0df3797aa0787a56fc9bbeff367a1215c0b49ce22035d183c54725142f1c12d7173843de12d62d4e015a87c1f3c6bf054a36fa589469637469ffa28af4d5026f61df3101dce6cca29f3df9947e315afd43393c879d1b6fd1862834d3a9d876659dece54c434b5a003b7e32c033", 0xa0, 0xffffffffffffff80, 0x0, 0x1}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x3, r2, &(0x7f0000000480)="227df6ab75024d5a0a989a03487da78ac86a3e6cbfb0e025526f87b608629673a86fe408e1655ec0d7a566cd118a3374480b50aa02cbc30033944b6befc735931f3e106be04d131fd42dd2ff12089168325a3cdcb1ec350899edf02e6328437eea22b186bf7d8b2d3d56c1a951c621cf96f2b2c8f1fb2e3733f4f3c5b66b7a2e2873e4b0b6b011263d2dc4662ba43cba77b4befd286db1fed08b2f15652696706fb996b3f477b6f199af7c1b96e2632195718828c960e7a3e6957966", 0xbc, 0x0, 0x0, 0x2}, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x3, 0x40, 0xffffffffffffffff, &(0x7f0000000540)="4cfee9ef2ff5c28a57b3d9347c241646ff33d10913cdf5f2af71ce48dced48b0c7c89f41a01e0d9b30436c2c1db8a58caa3cdc82c787d1d7f0fcd785a68581f901de8210851ce2e2bf7bac943ba7ff546b19f2a7474a098f0a026b66ac392cd223152e2fd14359db8202ae97236a7b42ed8dc5b4cdafc32fa4fad042cf2b3a57b13723398d6efbd5460f633fa16a4206f51452df", 0x94, 0x8, 0x0, 0x0, r3}, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x3, 0x8987, 0xffffffffffffffff, &(0x7f0000000600)="042bdf1ae885fade315b444dcb4e5d0855482f21f480e39202daf6f5d03244635a59ebe603dcd5cc619b3b24cb47a2d54d2c191f69aba3d4c0b450b7755b4af9193980b199524edc60b115dee24d5971b123bb818fa1e9", 0x57, 0x8, 0x0, 0x2, r4}])

[  518.836367][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  518.890281][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  518.961946][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  519.016353][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:09:01 executing program 2:
keyctl$set_timeout(0x5, 0x0, 0xfffffffffffffff9)

02:09:01 executing program 0:
syz_io_uring_setup(0x3953, &(0x7f0000000080)={0x0, 0x0, 0x7, 0x3}, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140))

[  519.108103][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  519.154711][T12597] loop1: detected capacity change from 0 to 108
[  519.176211][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:09:01 executing program 5:
add_key(&(0x7f0000000000)='asymmetric\x00', 0x0, &(0x7f00000002c0)="1e", 0x1, 0xffffffffffffffff)

[  519.249901][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  519.269834][T12597] loop1: detected capacity change from 0 to 108
[  519.296219][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  519.349585][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  519.453280][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  519.556971][ T7446] mceusb 5-1:0.0: Registered  with mce emulator interface version 1
[  519.565256][ T7446] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  519.737701][T12607] loop3: detected capacity change from 0 to 264192
[  519.824330][ T7446] usb 5-1: USB disconnect, device number 66
[  520.066409][T12607] squashfs: Unknown parameter '00000000000000060929'
[  520.493286][ T7446] usb 5-1: new high-speed USB device number 67 using dummy_hcd
[  520.732414][ T7446] usb 5-1: Using ep0 maxpacket: 16
[  520.853775][ T7446] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  520.864250][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  520.879159][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  520.889555][ T7446] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  520.899507][ T7446] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  521.053817][ T7446] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  521.063475][ T7446] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  521.071635][ T7446] usb 5-1: Manufacturer: syz
[  521.095192][ T7446] usb 5-1: config 0 descriptor??
[  521.432554][ T7446] rc_core: IR keymap rc-hauppauge not found
[  521.438586][ T7446] Registered IR keymap rc-empty
[  521.444024][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  521.474011][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  521.504180][ T7446] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  521.519435][ T7446] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input40
[  521.591667][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  521.622321][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  521.652602][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  521.682253][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  521.725719][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  521.809962][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  521.845083][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  521.902534][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  521.972601][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  522.056884][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  522.134583][ T7446] mceusb 5-1:0.0: Registered ࠁ with mce emulator interface version 1
[  522.143250][ T7446] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  522.283398][ T7446] usb 5-1: USB disconnect, device number 67
02:09:04 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x14, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='\x00'], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:09:04 executing program 1:
r0 = add_key$keyring(&(0x7f0000000140), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffb)
add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040), &(0x7f00000000c0)={0x0, "07b8a6e8a50c48b776224c970512605497be3fef208905499036b1e93bdd8c4c59dc300d6295d547e3db170338c55d5b38d2427fa802df5e1014b370b712ca6e"}, 0x48, r0)
keyctl$read(0xb, r0, &(0x7f0000000280)=""/196, 0xc4)

02:09:05 executing program 0:
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd)
r1 = add_key$fscrypt_v1(&(0x7f0000000100), &(0x7f0000000140)={'fscrypt:', @desc2}, &(0x7f0000000180)={0x0, "a7a3f671f31d313a180a25a5bab0b98555c9333e2327dda6b3b62540d89a282e62f08c7d2493245aa088652e8a4c0f568520d176c219968cb9e855a2915ccbad"}, 0x48, r0)
keyctl$set_timeout(0xf, r1, 0x7f)

02:09:05 executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r0, &(0x7f0000001d40)={&(0x7f0000000000), 0xc, &(0x7f0000001d00)={&(0x7f0000000940)={0x30, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_HEADER={0x4}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0x18, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_MASK={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0xc63b}]}]}, 0x30}}, 0x0)

02:09:05 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_UPDATE_OWE_INFO(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x33fe0}}, 0x0)

02:09:05 executing program 3:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c)
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000001800)={0x0, 0x1, 0x6, @multicast}, 0x10)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xedf, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x4, 0x80, 0x7, 0x0, 0x20, 0x3, 0x0, 0x8, 0x4, 0x4, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x9153, 0x2, @perf_config_ext={0x80000000, 0x4b}, 0x402a, 0x7, 0x7, 0x7, 0x0, 0x3, 0xfff, 0x0, 0x2000000, 0x0, 0x8000}, 0x0, 0xf, r1, 0x1)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendto$inet6(r0, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x1802, @rand_addr, 0xf401}, 0x1c)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000800), 0x100, 0x0)
r2 = syz_mount_image$squashfs(&(0x7f0000000040), &(0x7f0000000780)='./file0\x00', 0x7, 0x5, &(0x7f0000001640)=[{0x0, 0x0, 0x7fffffff}, {0x0, 0x0, 0x100000001}, {0x0}, {&(0x7f0000001480), 0x0, 0x9}, {&(0x7f0000001580)="dddcb2ead7dc287df26ddf7c964e18f940b9cbdaf18bcbe508e6f3e360c4b2fa84e133d5b8d32c9f18e066c3816ff78969c9472a3c0f2d7be30266b6206c77c64002cc70aabeae7aaf42a1e2665875a8879329243129b352a96a7481244740790ce8b23432e8509e88977ab4d20e03bb44b4df964b125acd9b20a47dec01781748731d5bb7ea34f029", 0x89, 0x2}], 0x0, &(0x7f0000000b40)=ANY=[@ANYRESDEC=0xee01, @ANYBLOB="2c646f6e71dea78ab9f32a745f686173682c6d6561737572652c009225cbfe3b7ad8195deb0499cd965553fbb486f4fded739909de665042370c84367abffb7380eb08fe36120e8329adf445dce4f89e9b5441ea055f989e8f9cefb1cfef84285e2db3e98095d685a3b22e51e212ecd19b43249d41ce07352a7edccbc2cea6cd4567d39116a9ac25e41bcccd2cf56ba02bee59823a4a", @ANYRES16, @ANYRESDEC, @ANYBLOB="326dbabcc8ccf677f1d5149ad992019bed70e34856ef0c45a6d066efea9ea7d73f299c1e827da595c80380d8bda54774"])
ioctl$FAT_IOCTL_SET_ATTRIBUTES(r2, 0x40047211, &(0x7f00000017c0)=0x1)
r3 = eventfd(0x3f)
r4 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000680), 0x100, 0x0)
io_submit(0x0, 0x4, &(0x7f0000000700)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x3, 0x4, 0xffffffffffffffff, &(0x7f00000003c0)="acf578fc5134f1f418c0226971a5065a53ebd21fd347c0eb8bb71759e55164ae80a5d8e9002ee145846ca769e47cb773556d9d0df3797aa0787a56fc9bbeff367a1215c0b49ce22035d183c54725142f1c12d7173843de12d62d4e015a87c1f3c6bf054a36fa589469637469ffa28af4d5026f61df3101dce6cca29f3df9947e315afd43393c879d1b6fd1862834d3a9d876659dece54c434b5a003b7e32c033", 0xa0, 0xffffffffffffff80, 0x0, 0x1}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x3, r2, &(0x7f0000000480)="227df6ab75024d5a0a989a03487da78ac86a3e6cbfb0e025526f87b608629673a86fe408e1655ec0d7a566cd118a3374480b50aa02cbc30033944b6befc735931f3e106be04d131fd42dd2ff12089168325a3cdcb1ec350899edf02e6328437eea22b186bf7d8b2d3d56c1a951c621cf96f2b2c8f1fb2e3733f4f3c5b66b7a2e2873e4b0b6b011263d2dc4662ba43cba77b4befd286db1fed08b2f15652696706fb996b3f477b6f199af7c1b96e2632195718828c960e7a3e6957966", 0xbc, 0x0, 0x0, 0x2}, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x3, 0x40, 0xffffffffffffffff, &(0x7f0000000540)="4cfee9ef2ff5c28a57b3d9347c241646ff33d10913cdf5f2af71ce48dced48b0c7c89f41a01e0d9b30436c2c1db8a58caa3cdc82c787d1d7f0fcd785a68581f901de8210851ce2e2bf7bac943ba7ff546b19f2a7474a098f0a026b66ac392cd223152e2fd14359db8202ae97236a7b42ed8dc5b4cdafc32fa4fad042cf2b3a57b13723398d6efbd5460f633fa16a4206f51452df", 0x94, 0x8, 0x0, 0x0, r3}, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x3, 0x8987, 0xffffffffffffffff, &(0x7f0000000600)="042bdf1ae885fade315b444dcb4e5d0855482f21f480e39202daf6f5d03244635a59ebe603dcd5cc619b3b24cb47a2d54d2c191f69aba3d4c0b450b7755b4af9193980b199524edc60b115dee24d5971b123bb818fa1e9", 0x57, 0x8, 0x0, 0x2, r4}])

02:09:05 executing program 5:
add_key(&(0x7f00000000c0)='user\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000140)="f2", 0x1, 0xfffffffffffffffc)

[  522.862427][T12660] loop3: detected capacity change from 0 to 264192
02:09:05 executing program 0:
request_key(&(0x7f00000008c0)='keyring\x00', &(0x7f0000000900)={'syz', 0x0}, 0x0, 0x0)

02:09:05 executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_UPDATE_OWE_INFO(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[], 0x33fe0}}, 0x0)

02:09:05 executing program 1:
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$read(0x5, r0, 0x0, 0x0)
r1 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc)
keyctl$read(0xb, r1, 0x0, 0x0)

[  523.059121][T12660] squashfs: Unknown parameter '00000000000000060929'
02:09:06 executing program 3:
keyctl$KEYCTL_PKEY_DECRYPT(0x1a, &(0x7f0000000340), 0xffffffffffffffff, 0x0, 0x0)

02:09:06 executing program 0:
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$read(0xb, r0, &(0x7f0000000080)=""/4, 0x4)

[  523.652336][ T7446] usb 5-1: new high-speed USB device number 68 using dummy_hcd
[  523.945876][ T7446] usb 5-1: Using ep0 maxpacket: 16
[  524.063801][ T7446] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  524.074348][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  524.086093][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  524.096185][ T7446] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  524.106127][ T7446] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  524.197704][ T7446] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  524.207164][ T7446] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  524.215598][ T7446] usb 5-1: Manufacturer: syz
[  524.295545][ T7446] usb 5-1: config 0 descriptor??
02:09:08 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x14, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='\x00'], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:09:08 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000180)={0x0}}, 0x0)

02:09:08 executing program 2:
add_key$fscrypt_v1(&(0x7f0000000100), 0x0, 0x0, 0xfffff, 0x0)

02:09:08 executing program 1:
r0 = syz_io_uring_setup(0x2f11, &(0x7f0000000180), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000006c0)=<r1=>0x0)
r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0xb, 0x12, r0, 0x0)
syz_io_uring_submit(r2, r1, &(0x7f0000001640)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x2f0d, &(0x7f0000000180), &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200), &(0x7f0000000240))

02:09:08 executing program 3:
setgroups(0x2, &(0x7f00000000c0)=[0x0, 0xffffffffffffffff])

02:09:08 executing program 0:
r0 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080)={0x0, "51f3c7ef9af17734d4f880aa644dacdfb9270da0b35d4a9f74114312d338eb66cf9083f01f533f7c90903516c8565a0776b531eff9bc64c170e0acf5a66ad0b1"}, 0x48, 0xfffffffffffffffd)
keyctl$KEYCTL_PKEY_SIGN(0x1b, &(0x7f0000000100)={r0}, &(0x7f0000000140)={'enc=', 'oaep', ' hash=', {'sha512-arm64\x00'}}, 0x0, 0x0)

[  526.492258][ T7446] rc_core: IR keymap rc-hauppauge not found
[  526.498409][ T7446] Registered IR keymap rc-empty
[  526.508532][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  526.668479][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:09:09 executing program 2:
r0 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000200)={'fscrypt:', @desc2}, &(0x7f0000000240)={0x0, "5006c6c4444eebde6dfb1aa79bbf245e625659d39697e91f6c7e1ab8bc25432d0934370ca47481b7e0051619f091c2b365e38b0cf82fe6c5c4f50147e1e3dc5d"}, 0x48, 0xfffffffffffffffe)
keyctl$link(0x1d, r0, 0xffffffffffffffff)

02:09:09 executing program 3:
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd)
add_key(&(0x7f0000000280)='asymmetric\x00', 0x0, &(0x7f0000000300)="87b7", 0x2, r0)

[  526.759079][ T7446] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  526.774289][ T7446] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input41
02:09:09 executing program 5:
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd)
request_key(&(0x7f0000000200)='keyring\x00', &(0x7f0000000240)={'syz', 0x0}, 0x0, r0)

02:09:09 executing program 0:
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000080)='./file0/../file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

02:09:09 executing program 1:
keyctl$KEYCTL_MOVE(0x2, 0x0, 0xfffffffffffffff8, 0xfffffffffffffff8, 0x0)

[  527.102570][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  527.142521][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  527.190203][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  527.257810][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  527.302581][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  527.357411][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  527.393937][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  527.481183][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  527.517341][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:09:10 executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_DEL_PMK(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x14, 0x0, 0x1, 0x0, 0x0, {{}, {@void, @void}}}, 0x14}}, 0x0)

[  527.589046][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  527.661996][ T7446] mceusb 5-1:0.0: Registered  with mce emulator interface version 1
[  527.670241][ T7446] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  527.912943][ T7446] usb 5-1: USB disconnect, device number 68
[  528.433278][ T7446] usb 5-1: new high-speed USB device number 69 using dummy_hcd
[  528.672088][ T7446] usb 5-1: Using ep0 maxpacket: 16
[  528.793752][ T7446] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  528.804388][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  528.816170][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  528.826225][ T7446] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  528.836299][ T7446] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  528.924376][ T7446] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  528.933856][ T7446] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  528.942334][ T7446] usb 5-1: Manufacturer: syz
[  528.952450][ T7446] usb 5-1: config 0 descriptor??
02:09:12 executing program 3:
r0 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
r1 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc2}, &(0x7f0000000100)={0x0, "b8be331a170e5eff077573795ffb568f4f0d517052573cefca8ff90baa88a44daf4b8932180ea0e1614c7f2588ef3c6978de04c149c6bc88f495b96f91d65875"}, 0x48, r0)
r2 = add_key$keyring(&(0x7f00000001c0), &(0x7f0000000200)={'syz', 0x3}, 0x0, 0x0, r0)
keyctl$link(0x8, r2, r1)

02:09:12 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0)
sendmsg$NLBL_MGMT_C_REMOVE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, r1, 0x921, 0x0, 0x0, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @broadcast}]}, 0x1c}}, 0x0)

02:09:12 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f0000000400)={&(0x7f0000000340), 0xfffffecb, &(0x7f0000000580)={&(0x7f0000000180)=ANY=[@ANYBLOB="14010000659256ab7cff45acb7f86d9924753a789deb12aacc3c6eeafdd419e9de37b278e2554a0e595100086b2403ffafcb35e34e174bf7f9b97bec3a6cc1f060b474dcaa9e4e", @ANYRESDEC, @ANYRESHEX], 0x114}}, 0x2804c881)

02:09:12 executing program 5:
r0 = request_key(&(0x7f0000000140)='keyring\x00', &(0x7f0000000080)={'syz', 0x1}, 0x0, 0x0)
keyctl$read(0xb, r0, &(0x7f0000000100)=""/25, 0x19)

02:09:12 executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_UPDATE_OWE_INFO(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB='\"'], 0x208}}, 0x0)

02:09:12 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x14, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='\x00'], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

[  530.482195][ T7446] rc_core: IR keymap rc-hauppauge not found
[  530.488230][ T7446] Registered IR keymap rc-empty
[  530.494585][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:09:13 executing program 0:
rt_sigtimedwait(0x0, 0x0, &(0x7f0000000180)={0x0, 0x3938700}, 0x0)
r0 = gettid()
process_vm_writev(r0, &(0x7f0000000c80)=[{&(0x7f0000000840)=""/202, 0xca}, {&(0x7f0000000940)=""/71, 0x47}, {&(0x7f00000009c0)=""/224, 0xe0}, {&(0x7f0000000ac0)=""/51, 0x33}, {&(0x7f0000000b00)=""/209, 0xd1}], 0x5, &(0x7f0000001300)=[{&(0x7f0000000d00)=""/123, 0x7b}, {&(0x7f0000000d80)=""/183, 0xb7}, {&(0x7f0000000ec0)=""/110, 0x6e}, {0x0}, {0x0}, {&(0x7f0000001000)=""/189, 0xbd}, {&(0x7f00000010c0)=""/159, 0x9f}, {0x0}, {0x0}], 0x9, 0x0)

[  530.642512][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  530.698134][ T7446] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
02:09:13 executing program 2:
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$link(0x1d, r0, 0x0)

02:09:13 executing program 5:
add_key$keyring(&(0x7f0000000140), 0x0, 0x0, 0x0, 0xffffffffffffffff)
r0 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc)
keyctl$set_timeout(0xf, r0, 0x0)

[  530.867975][ T7446] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input42
02:09:13 executing program 1:
syz_io_uring_setup(0x1a9b, &(0x7f0000000080)={0x0, 0x200028df, 0x8}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000000100), &(0x7f00000001c0))

02:09:13 executing program 3:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000140), r0)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)={0x40, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_SECCTX={0x24, 0x7, 'system_u:object_r:ssh_exec_t:s0\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @loopback}]}, 0x40}}, 0x0)

[  530.999899][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  531.062377][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  531.125110][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  531.192728][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  531.233638][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  531.303747][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  531.370013][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  531.452157][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  531.508182][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:09:14 executing program 0:
r0 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb)
r1 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, r0)
keyctl$KEYCTL_RESTRICT_KEYRING(0xf, r1, 0x0, 0x0)

[  531.596013][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:09:14 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
ioctl$EVIOCGABS20(r0, 0x80184560, 0x0)

[  531.695259][ T7446] mceusb 5-1:0.0: Registered  with mce emulator interface version 1
[  531.704198][ T7446] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
02:09:14 executing program 5:
r0 = add_key$fscrypt_v1(&(0x7f00000000c0), &(0x7f0000000100)={'fscrypt:', @desc1}, &(0x7f0000000140)={0x0, "c4139e7d191aa02ec5770ff2fc8f9e68a1c9280541eb8efc166900f5578e7e9dd89d3caf0000148b5ec467bacc63014f791b41b80792864fdeba98850449a0a5"}, 0x48, 0xfffffffffffffffc)
keyctl$set_timeout(0xf, r0, 0x0)

[  531.902555][ T7446] usb 5-1: USB disconnect, device number 69
02:09:14 executing program 3:
keyctl$link(0xd, 0x0, 0xffffffffffffffff)

02:09:14 executing program 1:
openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x66200, 0x0)

[  532.450186][ T7446] usb 5-1: new high-speed USB device number 70 using dummy_hcd
02:09:15 executing program 5:
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

[  532.693070][ T7446] usb 5-1: Using ep0 maxpacket: 16
[  532.815057][ T7446] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  532.825577][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  532.837181][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  532.847238][ T7446] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  532.860335][ T7446] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  533.003010][ T7446] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  533.012470][ T7446] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  533.020670][ T7446] usb 5-1: Manufacturer: syz
[  533.114249][ T7446] usb 5-1: config 0 descriptor??
02:09:17 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x14, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00030400000004"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:09:17 executing program 0:
syz_io_uring_setup(0x3953, &(0x7f0000000080), &(0x7f0000000000/0x4000)=nil, &(0x7f0000000000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140))

02:09:17 executing program 3:
syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x105041)

02:09:17 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
ioctl$EVIOCGABS20(r0, 0x80184560, 0x0)

02:09:17 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_ifreq(r0, 0x8924, &(0x7f0000000040)={'gre0\x00', @ifru_mtu})

02:09:17 executing program 5:
r0 = socket(0x2, 0x3, 0x8)
connect$can_bcm(r0, &(0x7f0000000000), 0x10)

[  534.752516][ T7446] rc_core: IR keymap rc-hauppauge not found
[  534.758741][ T7446] Registered IR keymap rc-empty
[  534.764655][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  534.871593][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:09:17 executing program 1:
r0 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000000)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
r1 = add_key$keyring(&(0x7f0000000380), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, r0)
keyctl$chown(0x4, r1, 0xee00, 0x0)
add_key$keyring(&(0x7f00000005c0), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, r1)

02:09:17 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_ifreq(r0, 0x8923, &(0x7f00000003c0)={'team_slave_1\x00', @ifru_map})

02:09:17 executing program 2:
keyctl$search(0xc, 0x0, &(0x7f0000000000)='asymmetric\x00', 0x0, 0x0)

[  534.957011][ T7446] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  534.972595][ T7446] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input43
02:09:17 executing program 3:
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSPTLCK(r0, 0x40045431, 0x0)

02:09:17 executing program 5:
waitid(0x0, 0x0, &(0x7f0000000000), 0x2, 0x0)
waitid(0x0, 0x0, &(0x7f0000000140), 0x0, 0x0)

[  535.230860][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  535.282284][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  535.322623][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  535.397590][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  535.485974][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  535.523539][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  535.577720][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  535.643231][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  535.700985][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  535.782283][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:09:18 executing program 0:
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd)
add_key$fscrypt_v1(&(0x7f0000000100), &(0x7f0000000140)={'fscrypt:', @desc2}, &(0x7f0000000180)={0x0, "a7a3f671f31d313a180a25a5bab0b98555c9333e2327dda6b3b62540d89a282e62f08c7d2493245aa088652e8a4c0f568520d176c219968cb9e855a2915ccbad"}, 0x48, r0)
r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, r0)
keyctl$unlink(0x9, r1, r0)

[  535.854489][ T7446] mceusb 5-1:0.0: Registered  with mce emulator interface version 1
[  535.862765][ T7446] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  536.096107][ T7446] usb 5-1: USB disconnect, device number 70
[  536.636804][ T7446] usb 5-1: new high-speed USB device number 71 using dummy_hcd
[  536.882380][ T7446] usb 5-1: Using ep0 maxpacket: 16
[  537.004579][ T7446] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  537.015133][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  537.026815][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  537.036765][ T7446] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  537.046780][ T7446] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  537.143804][ T7446] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  537.156485][ T7446] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  537.165373][ T7446] usb 5-1: Manufacturer: syz
[  537.191988][ T7446] usb 5-1: config 0 descriptor??
02:09:21 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x14, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00030400000004"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:09:21 executing program 3:
syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYRESDEC=0x0])

02:09:21 executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_UPDATE_OWE_INFO(r0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x300}, 0x0)

02:09:21 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_UPDATE_OWE_INFO(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB='\"'], 0x22}}, 0x0)

02:09:21 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0xb8, 0x0, 0x100, 0x70bd26, 0x25dfdbfe, {}, [@NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @private0={0xfc, 0x0, '\x00', 0x1}}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @ipv4={'\x00', '\xff\xff', @multicast2}}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @NLBL_UNLABEL_A_SECCTX={0x23, 0x7, 'system_u:object_r:var_log_t:s0\x00'}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_SECCTX={0x27, 0x7, 'system_u:object_r:dhcpd_state_t:s0\x00'}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'wg0\x00'}]}, 0xb8}, 0x1, 0x0, 0x0, 0x6048080}, 0x880)

02:09:21 executing program 0:
keyctl$KEYCTL_MOVE(0xb, 0x0, 0xfffffffffffffff8, 0xfffffffffffffff8, 0x0)

[  539.052684][ T7446] rc_core: IR keymap rc-hauppauge not found
[  539.058956][ T7446] Registered IR keymap rc-empty
[  539.064743][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  539.097020][T12890] fuse: Bad value for 'fd'
[  539.158421][T12890] fuse: Bad value for 'fd'
02:09:21 executing program 0:
r0 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000200)={'fscrypt:', @desc2}, &(0x7f0000000240)={0x0, "5006c6c4444eebde6dfb1aa79bbf245e625659d39697e91f6c7e1ab8bc25432d0934370ca47481b7e0051619f091c2b365e38b0cf82fe6c5c4f50147e1e3dc5d"}, 0x48, 0xfffffffffffffffe)
keyctl$link(0x15, r0, 0xffffffffffffffff)

02:09:21 executing program 1:
syz_io_uring_setup(0x2f0d, &(0x7f0000000180), &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200), 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001640)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0xe4, &(0x7f0000000000)={0x0, 0xf9f7, 0x8}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000080), &(0x7f00000000c0))
syz_io_uring_setup(0x2f11, &(0x7f0000000180), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000006c0)=<r0=>0x0)
syz_io_uring_setup(0x3a7d, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x262}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000000480), &(0x7f00000004c0))
syz_io_uring_submit(0x0, r0, &(0x7f0000001640)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, 0x0}, 0x0)

02:09:21 executing program 2:
keyctl$chown(0x4, 0x0, 0xee00, 0xee00)

[  539.228996][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:09:21 executing program 3:
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001640)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0xe4, &(0x7f0000000000)={0x0, 0xf9f7, 0x8}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000080), &(0x7f00000000c0))
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)

[  539.318885][ T7446] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  539.334961][ T7446] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input44
02:09:22 executing program 5:
clock_gettime(0x2, &(0x7f00000005c0))

[  539.559323][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  539.600968][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  539.672781][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  539.733622][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  539.768930][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  539.856630][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  539.894343][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  539.970259][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  540.036006][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:09:22 executing program 0:
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$link(0x9, r0, r0)

[  540.108834][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  540.193034][ T7446] mceusb 5-1:0.0: Registered  with mce emulator interface version 1
[  540.201206][ T7446] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  540.414051][ T7446] usb 5-1: USB disconnect, device number 71
[  540.962096][ T7446] usb 5-1: new high-speed USB device number 72 using dummy_hcd
[  541.203501][ T7446] usb 5-1: Using ep0 maxpacket: 16
[  541.329130][ T7446] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  541.339755][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  541.354787][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  541.365472][ T7446] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  541.375488][ T7446] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  541.500275][ T7446] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  541.509694][ T7446] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  541.518180][ T7446] usb 5-1: Manufacturer: syz
[  541.541491][ T7446] usb 5-1: config 0 descriptor??
02:09:25 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x14, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00030400000004"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:09:25 executing program 1:
r0 = syz_io_uring_setup(0x4a42, &(0x7f0000000080), &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000140))
mmap$IORING_OFF_CQ_RING(&(0x7f0000fec000/0x14000)=nil, 0x14000, 0x0, 0x1c013, r0, 0x8000000)

02:09:25 executing program 5:
perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x100}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$ETHTOOL_MSG_FEATURES_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYRES32, @ANYRES16, @ANYBLOB="cde15784f38a546fe7822d"], 0xe8}}, 0x0)
clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000380)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0, 0x29}, {&(0x7f0000001880)=""/102388, 0xfff7}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x40)
wait4(0x0, 0x0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
r1 = gettid()
rt_sigqueueinfo(r1, 0x10, &(0x7f00000002c0))

02:09:25 executing program 2:
keyctl$link(0xa, 0x0, 0xffffffffffffffff)

02:09:25 executing program 3:
keyctl$KEYCTL_MOVE(0xa, 0x0, 0xfffffffffffffff8, 0xfffffffffffffff8, 0x0)

02:09:25 executing program 0:
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000400), 0x6880, 0x0)

02:09:25 executing program 5:
clock_gettime(0x0, &(0x7f0000000400)={<r0=>0x0})
pselect6(0x40, &(0x7f0000000340), &(0x7f0000000380)={0x5}, 0x0, &(0x7f0000000440)={r0}, 0x0)

[  543.275932][T12954] ptrace attach of "/root/syz-executor.5 exec"[12951] was attempted by "/root/syz-executor.5 exec"[12954]
[  543.293875][ T7446] rc_core: IR keymap rc-hauppauge not found
[  543.304607][ T7446] Registered IR keymap rc-empty
[  543.309807][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:09:25 executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_UPDATE_OWE_INFO(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x208}, 0x1, 0x0, 0x2}, 0x0)

02:09:26 executing program 3:
r0 = gettid()
process_vm_writev(r0, &(0x7f0000000880)=[{&(0x7f0000000540)=""/5, 0x5}, {&(0x7f0000000600)=""/126, 0x7e}, {&(0x7f0000000680)=""/103, 0x67}, {&(0x7f0000000700)=""/104, 0x68}], 0x4, &(0x7f0000002d80)=[{&(0x7f0000000a80)=""/4096, 0x1000}], 0x1, 0x0)

02:09:26 executing program 1:
openat$vcsu(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x2, &(0x7f0000000100)=ANY=[@ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000020000,', @ANYRESDEC=0x0, @ANYBLOB=',g'])

[  543.448517][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:09:26 executing program 0:
syz_io_uring_setup(0xb22, &(0x7f0000002500), &(0x7f0000581000/0x3000)=nil, &(0x7f0000bbb000/0x3000)=nil, &(0x7f0000002580), 0x0)
syz_io_uring_setup(0x1fa, &(0x7f0000000300), &(0x7f0000400000/0xc00000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000380), &(0x7f00000003c0))

[  543.530877][ T7446] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  543.547446][ T7446] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input45
[  543.725537][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  543.768759][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  543.825919][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  543.891035][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  543.967960][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:09:26 executing program 2:
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x0, 0x989680}, 0x0)

[  544.043822][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  544.102688][T12972] fuse: Unknown parameter '0xffffffffffffffff'
[  544.124304][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  544.174141][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  544.237948][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  544.278803][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  544.340654][ T7446] mceusb 5-1:0.0: Registered  with mce emulator interface version 1
[  544.348987][ T7446] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  544.478369][ T7446] usb 5-1: USB disconnect, device number 72
[  545.033354][ T7446] usb 5-1: new high-speed USB device number 73 using dummy_hcd
[  545.283169][ T7446] usb 5-1: Using ep0 maxpacket: 16
[  545.403601][ T7446] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  545.414063][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  545.425670][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  545.435698][ T7446] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  545.445687][ T7446] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  545.574724][ T7446] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  545.584176][ T7446] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  545.592828][ T7446] usb 5-1: Manufacturer: syz
[  545.610058][ T7446] usb 5-1: config 0 descriptor??
02:09:29 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x14, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00030400000004030108"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:09:29 executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r0, &(0x7f0000001d40)={0x0, 0x0, &(0x7f0000001d00)={&(0x7f0000000940)={0x14, r1, 0x1}, 0x14}}, 0x0)

02:09:29 executing program 3:
keyctl$KEYCTL_MOVE(0x18, 0x0, 0xfffffffffffffff8, 0xfffffffffffffff8, 0x0)

02:09:29 executing program 1:
r0 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc)
r1 = add_key$fscrypt_v1(&(0x7f0000000140), &(0x7f0000000200), &(0x7f0000000240)={0x0, "df3d12d8674a5be8654c6a16b96bb772fffad7fe284541e0dcd6013f563152e3d08efa49b2823b1e1c47bf8b9485e358626adbc2df4161024c2a25963abe0166"}, 0x48, r0)
keyctl$chown(0x4, r1, 0xffffffffffffffff, 0x0)

02:09:29 executing program 0:
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
syz_io_uring_setup(0x7802, &(0x7f00000000c0)={0x0, 0x0, 0x21, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000140))

02:09:29 executing program 5:
r0 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc)
r1 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc2}, &(0x7f0000000100)={0x0, "b8be331a170e5eff077573795ffb568f4f0d517052573cefca8ff90baa88a44daf4b8932180ea0e1614c7f2588ef3c6978de04c149c6bc88f495b96f91d65875"}, 0x48, r0)
keyctl$invalidate(0x15, r1)

[  547.452685][ T7446] rc_core: IR keymap rc-hauppauge not found
[  547.458871][ T7446] Registered IR keymap rc-empty
[  547.464309][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:09:30 executing program 3:
add_key(&(0x7f0000000000)='.request_key_auth\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffa)

02:09:30 executing program 5:
syz_io_uring_setup(0x0, &(0x7f0000000080)={0x0, 0x0, 0x25369368740dd6b3}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000000), &(0x7f0000000100))

02:09:30 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x5, &(0x7f0000000080), 0x4)

02:09:30 executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r0, &(0x7f00000013c0)={0x0, 0x0, &(0x7f0000001380)={&(0x7f0000000180)={0xec4, 0x0, 0x0, 0x0, 0x25dfdbfe, {{}, {@val={0x8}, @val={0xc}}}, [@NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_FRAME={0xe7c, 0x33, @data_frame={@no_qos=@type10={{}, {}, @initial, @device_a, @device_b}, @a_msdu=[{@device_b}, {@device_b, @broadcast, 0x1b, "25c80ae130de8c1b53c9bda959e7d0e9f31f9326e6c4a6358f17cf"}, {@broadcast, @broadcast, 0xc7, "5407428fe753118824c03b688c15365f68de8645f08c31f984b2117b9242a97de0afb22514a652fe9ef23a900b52b4c8a2426a4111aac2ae7f255c235beae48d9b9e20392aca754dcdc1cca4c06d27094bfd198d625ce43b22d6258099b465650e1397015a5513f949e69b01fb77af34f93b4795dbdb56c4c72ca3a3e75a1bb620dc287b9932217789975e05271a01f9532246b83a60b2920e7fd32eeeca2b1e9006efc27374ce958dfbb2ad622f1a01fd3fffd2acc53614325946a4f1da5bb9f6b0581eb09562"}, {@device_b, @device_b, 0xd3b, "d2b331523f274cf97ff31c13db3007519a0a21706fc7878ab0418e2884ae340dc6c0d9d334736459e34adb027ac0ffaaa660b6631b5168b88dfac77af5a7ba2c5e62e9be473b70b91dc45e5ba522604fe1cd6b88e50b962539aff13429546521f9b93f088ef2c46effd6c57d83b26a02430cd8d4707eab545f0cb7111a811cc79b4a2c5e1d8295ba8dcf8eba69742b379692ba6ac7ca78adba32421728e8475ae0f709acda2797844c64dc6598c71daeb9266fb745af72912ba7c5d88501c36c789b2bb7c9721baea6c90828408e352fe8c7b96ad3ed180eb0658b2d1a34eab509fbcdb43b5a4b0a403af94b4e2b2a7a42a0076b6a92e3028aa29d93500df93f413619079e3f414f88cb1bcb54444ef3d816d4389f7236a68cfeb521111434c14b9dbe452e89b4a4b66666940f2c6a0301543da71b3b5e9f4f7863c2cda8cd061af046003faa68b3540862c6ca3a5758d6c4308bb450306b59f58b171dcf920d59e8e364891fbc94dcae4b5e12b9f38346c1c320386d7edfc1c9946fd66b8354f663a0ffba3524e1e477dbe94744d29761f71380665f127c0e9e58b27aa5dcb84dccf223494d0f693aec2cc7c93964da9c8974ea5c8d4dab2b9f627b58d35828016eee11f9aff1833cee5545fee2251e565c28c655eaac46791c16d6e90c32f59c0fd00568ec7a7a6b94a1ad0440b4846a6f61dbc8d25ca56054334232ea2c26f1f2d401a6b227bfdee06764c0f4b0e1995ded3ae3c7bada81a943a562b34a750ed910275be52b71073f91c3a1e542228c76bc4e4b1d4b281985fbf390c2dacd321b553ae61b0e0a64858c961b134dbfe175a93cb197c81848b62baefd148a2a0c071770b3014ab05f7509664824212d187a59532b11a96dd56ad7cf0c47c6b9432094f8939cc7612a9dcb0e30d61629b4acc7bc5023eeb1dbabf2d190027130fa4ab55bbbd7182f406cf9fed4dbf4bd85b955d82fdf7349182c20551b2f5a5e94db9103dc21fb4d82f11ce62dc2d59c35da425f90a503508ff3ff70c61ba9c16983bb4549eaa5391507d6804a1543c888577a98cfe19a34adaeacc9964c9a947b731c3c025f57a80a3dbacc0a4f99e64c61aa19b018435366a3b9ed658360287cc514b7acff7660a38ad2833397e2333dc743e31573f4dbd6926cacf88c9b4c1d592af7a896288c6212d1491eba3c1d6d3a87c0cdca1d98ad0119dda315528ef5fa7d487bf2e651e4648180f24b086341e03fb6e2eaa8d6ae15971b7a7ce66dcad6bf88dcdfb560d33cfee7fc774ac80e80c7b034f23b16da8d5f99b7fddc3019fbad0666b8d642ba3e72bc0ce75b47f52bd66aacec427125cc8317ce67e84da6681ddef7ec734ff7648a330f0fb2a11f57fcc9705a01bc161660f351b016ccffd6d9fc95b486e7c86bdc47b598b20ab87d0322a55c67b3d86eba512527cd91957b7ac3e6df4ad520d9757502fa26361ef05d79ca500a82476cb8129f63789a543b73a3c9a19c8042bce8b7cf8ba2b785a58c6aa15946ef7dba61bc8f658d7f420ecdacd08fed5f70773f71ecac1005bb7f34f2ca043c88e1965503344be02e0f423b2e72f589fb791566d9d154f6ecebe234610f36cc68fa2709e4333dc1163c51089a9c0e5baf153fd83800bc9e72e386240aa52808cfe6ce308ea9d6447de463bbadcb42fca09c66237aad04bcbea6c3375e9e2ed11ff9e6ec6fd19712674f0d9b8a6cf69ca2e72e32cb3bef9400c8ffbb48efa15949bacf33977ad5c9f5c1b450906637bc2c59e22590c967daca78c792292083666193ba3c6c4926c9ad556ed9bff9be8ba81fd26c8e2c19e5524aea53aaa359286302412f91a45d58ba12aff4399ac59d8c736452e5d475ffae74969b0349cdf22b74412dafd2784c0c3a41ebd65547935cf6533aacd1d32e16d6bda69d8d6ac49a0d1c41d5bd86418b78d8bc375221ad46c59b635f53cd312d8fb95cec47b648f09f3202cc5d317c73b20099e161859770f3cdaa3d7c1670fede80341d0e90e9314182ebd0c49b09bccb0e7ecda1ceb46ae1b7184e49e5f4b1b76b248877e8dbaaa2b544c78f0093b2b8230cb350857fb5847a67debadafa53488ec37e7414cc4ab77e4aad48225d5fd788879828a5012c86b8b6300ec59ed87588648582a24e96bab97bdc8ea697f4c626cdf8e2f7c520a005774954a46dbed82cd985ac3c30b174a3e93af615678bbb67c94b9617a920c78d753ea057ff78120f7964949b82b3a3d458a496ea41ff844e9330b7d0b4ba965088e248848305893e639032bcfa6bcab0a55fd39e65c39151818c7cd740e574829243d0e3bd5f7cd65186875ca4f5b37ead03c3cb688569025d258de3368aac88e9d257ffe802183e6a3b3ba775142a54893aa20995b30cac2c04adfbf05aa981f3d77dd4a0c43c000148d1de57960136bb4c992a1303f3f39a967e00e454bf098f151b86ec7e95ed851ce91dee7add8e5f9b1c7cf136a45129608ccfc3e28a90b74a6ae69440e6fb932dc03074e7fab6475f075242823b313530c77f43eafdde3329e04b643eb7fd846b27b417be078c7449e0670cbdcc74b6457b48de17e0a76f252a8b16308b77b0b9ecef6163effb24f0146a4cc02c639fe09c51c7dc95c865210b70b5bac61677b3b31d324874d3bdd2091131d87362fe5c4fbe641a3d363fd279b9f1afaee5fb24e6a53b4226a31437a1299dd00f700feb4c24e9185906638279c279dd1b0405a7f27f0eaaccd937bb4ba40b23440414bf82ce036b6864005b0ed1206b70b249ba6f7196fd77ea57b05ebe60199cf837536a7f241d3164960e1acb57a3bd50dfe14cc7f18386c2d5ec4798fa9e7f2ecee6a2808de14888cbdbb18c7acfb7d86f38f07601056475617ce673a2604e64c835fc759b569f13059045fb04faee60baad18a229e6a041a5c32973fd1d62c4b0d5f1a76a9b396e6b2f23daba544b8ff22a5a489396962a55b74787eaedb8130fd85fed1be71ca62b33b5b342c24991e82183ebe8829611a4f3c8a3657be1940f5aab793ed24dec1c127677d00a044ce8aa997f70d9bd267036e7e145ad177730913c8fc602cf9ce2b48ea0a1b0df88d5a487cfd88cecb1aafa6dbbc2fe2baf35bd77a73aa5fb55bc7f40cea99561a795477c7d3acd1c0dc4d4f97394b1bcf13fc592af570b80092e27941c1eddefed7fbeb00e74d89bdf675ad98250c1a61b756cc483529d0b70942dec309b13dde96a0a8d1795b736d1c26ee5463f867be3dd1c33e1d0aa86574ddf518738df6050ad9a13530b9c8d5a5f9fbb58fff8ed88f638aefdf6e8ef2f57c14a15f2920be7e19af2df21472a990a87ab14105ea675f07ef91e2b1d274d75bf9ddbc7d1e84b41cf09d3d5169e63053286f8357ef37ec1b0a0c6d6e560c93a853e2de21d796500370ec238465ec135fd7983349c7eba9263f2779750802d4c9ac1fd11d024c7301c809df2b6fdf48cf71fda61ce137e6972f54fac6e5551d3b66b22768914a263e9dba9efae79b927c69172a71cf85f04e405e19777045cdf3e8deb234296b716266bcdf27daf9440d05032ec2d4dffd9cce39926cedeff62e01d535f6cc5acc368ecd22e1e77432be0d1f853df17f1a9ecd89183fd1c362cd13f05b1b039c59e4c8ecade4795de08ab9db1a0d5d798a3171937703d0123697a6a12fcbd48cd6943ff9f807daac41c9f5944b471c1dacd831b80c069cff574bb1425e4c73715ade1f4fa238f9288ca5c33403c1636b1803d45a5297529a3f44a2e8af324deae2cda52caac7627058d64f83b4a44e1293bf1de785e72b5c9f158d733d8802c70e4ecac850e2d7ad5e49322aceac9e433a08f0a9c850e5c282842aa629daa5ffba0ec5dddd14280f9459b5ad09e571d24fd0e621a7b3c9b96cb9e3d627cab69e0099d6375ba559e7592c71fd2983abac64952b531cfc21a9149ce70f2e2cbb623a3609bbb26137f88f9cf9bdf518a1bfb693a0f2678297434c36bae7a8db587ac39256a125f9f0be00b2645d4b66ea2798b30fce5d55e51c3059cc7bc8e90c3575753268e0f0c1c697d43fcbad4a2d9bd392dc6523c8ced3ff208cff557915b2be45b9bb037f63b9264590154ac60ab1532e1c2c5a5aae7e0671be36c1f9d66e34c94915041b6d08942afa32d82e1acd5e6dad749b29ba67fc7d87aebce552bc2c42dd000c0880bbf509c6de8927ef61cefde0ad7a3357bf095826fea7dd3152503a963dfb32372625bae3ae0e0902921ac41b333c3310cba7e83c83ced17bd1e5c0cd09b60dafed093442172fffb66fb44fc15fac63b82ea1054c430a3bc01ebe3caf0a8e7ccb6a68968a9d2c0f54a1f9599b0472a7b65533f64f11169662d7fe445e4fed5f1e29bfa54de569786148b903e06018a63fbea1e981268174d26b89ff6fdef6384f3919456cfb4e9dc8f9c233aed4d5cee0b7e499b975c269a4f9c252600f470b4cf191fc30123d46f830418bcec1eae532d6864a35eb304e6254962c1aca00d3a88f08b05cc8441f7350afb66cb018d43da3903acc2a0eacaae1618e67958c75c60c21e211c2e5c8f2ff946dfad916a8f7e7f7a65c252b0ca94a4fde4d92e6735be454cc9c3ab01b4859663484e8d54dcc666ac89382e04bf3f55fcfe0b5faaeb37991f77bf1380cf41f8103a842e0e15a3ef296a78f9f22c6c4be8f18224284111677e3200aff987f0a17bed6675b743f5dee834cb467c20f1eb0cf3768189aa75aaef99359069878b2b8d475f5f3b7088ae3a38b75a0201661e29f4b4c15729d98eb2"}]}}]}, 0xec4}}, 0x0)

02:09:30 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f00000000c0)=0x9, 0x4)
sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r0, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={0x0}}, 0x0)

[  547.609542][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  547.684731][ T7446] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  547.701216][ T7446] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input46
[  547.882698][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  547.915882][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  547.967443][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  548.038327][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  548.101259][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  548.187797][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:09:30 executing program 1:
openat$nvram(0xffffffffffffff9c, &(0x7f0000009f40), 0x0, 0x0)

[  548.271637][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  548.375998][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  548.422044][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  548.486451][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  548.563367][ T7446] mceusb 5-1:0.0: Registered  with mce emulator interface version 1
[  548.571538][ T7446] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  548.680098][ T7446] usb 5-1: USB disconnect, device number 73
[  549.232144][ T7446] usb 5-1: new high-speed USB device number 74 using dummy_hcd
[  549.483135][ T7446] usb 5-1: Using ep0 maxpacket: 16
[  549.603845][ T7446] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  549.614337][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  549.625926][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  549.635948][ T7446] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  549.649074][ T7446] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  549.775232][ T7446] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  549.784589][ T7446] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  549.792959][ T7446] usb 5-1: Manufacturer: syz
[  549.834532][ T7446] usb 5-1: config 0 descriptor??
[  550.192975][ T7446] rc_core: IR keymap rc-hauppauge not found
[  550.198996][ T7446] Registered IR keymap rc-empty
[  550.204601][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  550.242361][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  550.276921][ T7446] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  550.318219][ T7446] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input47
[  550.359735][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  550.403244][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  550.432554][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  550.463047][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  550.502607][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  550.533434][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  550.562357][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  550.604098][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  550.636280][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  550.676540][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  550.714951][ T7446] mceusb 5-1:0.0: Registered ࠁ with mce emulator interface version 1
[  550.723668][ T7446] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  550.767317][ T7446] usb 5-1: USB disconnect, device number 74
02:09:33 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x14, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00030400000004"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:09:33 executing program 2:
clock_gettime(0x7, &(0x7f0000000780))

02:09:33 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r0, &(0x7f00000013c0)={0x0, 0x0, &(0x7f0000001380)={&(0x7f0000000180)={0xec4, 0x0, 0x0, 0x0, 0x0, {{}, {@val={0x8}, @val={0xc}}}, [@NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_FRAME={0xe7c, 0x33, @data_frame={@no_qos=@type10={{}, {}, @initial, @device_a, @device_b, {0xa}}, @a_msdu=[{@device_b}, {@device_b, @broadcast, 0x1b, "25c80ae130de8c1b53c9bda959e7d0e9f31f9326e6c4a6358f17cf"}, {@broadcast, @broadcast, 0xc7, "5407428fe753118824c03b688c15365f68de8645f08c31f984b2117b9242a97de0afb22514a652fe9ef23a900b52b4c8a2426a4111aac2ae7f255c235beae48d9b9e20392aca754dcdc1cca4c06d27094bfd198d625ce43b22d6258099b465650e1397015a5513f949e69b01fb77af34f93b4795dbdb56c4c72ca3a3e75a1bb620dc287b9932217789975e05271a01f9532246b83a60b2920e7fd32eeeca2b1e9006efc27374ce958dfbb2ad622f1a01fd3fffd2acc53614325946a4f1da5bb9f6b0581eb09562"}, {@device_b, @device_b, 0xd3b, "d2b331523f274cf97ff31c13db3007519a0a21706fc7878ab0418e2884ae340dc6c0d9d334736459e34adb027ac0ffaaa660b6631b5168b88dfac77af5a7ba2c5e62e9be473b70b91dc45e5ba522604fe1cd6b88e50b962539aff13429546521f9b93f088ef2c46effd6c57d83b26a02430cd8d4707eab545f0cb7111a811cc79b4a2c5e1d8295ba8dcf8eba69742b379692ba6ac7ca78adba32421728e8475ae0f709acda2797844c64dc6598c71daeb9266fb745af72912ba7c5d88501c36c789b2bb7c9721baea6c90828408e352fe8c7b96ad3ed180eb0658b2d1a34eab509fbcdb43b5a4b0a403af94b4e2b2a7a42a0076b6a92e3028aa29d93500df93f413619079e3f414f88cb1bcb54444ef3d816d4389f7236a68cfeb521111434c14b9dbe452e89b4a4b66666940f2c6a0301543da71b3b5e9f4f7863c2cda8cd061af046003faa68b3540862c6ca3a5758d6c4308bb450306b59f58b171dcf920d59e8e364891fbc94dcae4b5e12b9f38346c1c320386d7edfc1c9946fd66b8354f663a0ffba3524e1e477dbe94744d29761f71380665f127c0e9e58b27aa5dcb84dccf223494d0f693aec2cc7c93964da9c8974ea5c8d4dab2b9f627b58d35828016eee11f9aff1833cee5545fee2251e565c28c655eaac46791c16d6e90c32f59c0fd00568ec7a7a6b94a1ad0440b4846a6f61dbc8d25ca56054334232ea2c26f1f2d401a6b227bfdee06764c0f4b0e1995ded3ae3c7bada81a943a562b34a750ed910275be52b71073f91c3a1e542228c76bc4e4b1d4b281985fbf390c2dacd321b553ae61b0e0a64858c961b134dbfe175a93cb197c81848b62baefd148a2a0c071770b3014ab05f7509664824212d187a59532b11a96dd56ad7cf0c47c6b9432094f8939cc7612a9dcb0e30d61629b4acc7bc5023eeb1dbabf2d190027130fa4ab55bbbd7182f406cf9fed4dbf4bd85b955d82fdf7349182c20551b2f5a5e94db9103dc21fb4d82f11ce62dc2d59c35da425f90a503508ff3ff70c61ba9c16983bb4549eaa5391507d6804a1543c888577a98cfe19a34adaeacc9964c9a947b731c3c025f57a80a3dbacc0a4f99e64c61aa19b018435366a3b9ed658360287cc514b7acff7660a38ad2833397e2333dc743e31573f4dbd6926cacf88c9b4c1d592af7a896288c6212d1491eba3c1d6d3a87c0cdca1d98ad0119dda315528ef5fa7d487bf2e651e4648180f24b086341e03fb6e2eaa8d6ae15971b7a7ce66dcad6bf88dcdfb560d33cfee7fc774ac80e80c7b034f23b16da8d5f99b7fddc3019fbad0666b8d642ba3e72bc0ce75b47f52bd66aacec427125cc8317ce67e84da6681ddef7ec734ff7648a330f0fb2a11f57fcc9705a01bc161660f351b016ccffd6d9fc95b486e7c86bdc47b598b20ab87d0322a55c67b3d86eba512527cd91957b7ac3e6df4ad520d9757502fa26361ef05d79ca500a82476cb8129f63789a543b73a3c9a19c8042bce8b7cf8ba2b785a58c6aa15946ef7dba61bc8f658d7f420ecdacd08fed5f70773f71ecac1005bb7f34f2ca043c88e1965503344be02e0f423b2e72f589fb791566d9d154f6ecebe234610f36cc68fa2709e4333dc1163c51089a9c0e5baf153fd83800bc9e72e386240aa52808cfe6ce308ea9d6447de463bbadcb42fca09c66237aad04bcbea6c3375e9e2ed11ff9e6ec6fd19712674f0d9b8a6cf69ca2e72e32cb3bef9400c8ffbb48efa15949bacf33977ad5c9f5c1b450906637bc2c59e22590c967daca78c792292083666193ba3c6c4926c9ad556ed9bff9be8ba81fd26c8e2c19e5524aea53aaa359286302412f91a45d58ba12aff4399ac59d8c736452e5d475ffae74969b0349cdf22b74412dafd2784c0c3a41ebd65547935cf6533aacd1d32e16d6bda69d8d6ac49a0d1c41d5bd86418b78d8bc375221ad46c59b635f53cd312d8fb95cec47b648f09f3202cc5d317c73b20099e161859770f3cdaa3d7c1670fede80341d0e90e9314182ebd0c49b09bccb0e7ecda1ceb46ae1b7184e49e5f4b1b76b248877e8dbaaa2b544c78f0093b2b8230cb350857fb5847a67debadafa53488ec37e7414cc4ab77e4aad48225d5fd788879828a5012c86b8b6300ec59ed87588648582a24e96bab97bdc8ea697f4c626cdf8e2f7c520a005774954a46dbed82cd985ac3c30b174a3e93af615678bbb67c94b9617a920c78d753ea057ff78120f7964949b82b3a3d458a496ea41ff844e9330b7d0b4ba965088e248848305893e639032bcfa6bcab0a55fd39e65c39151818c7cd740e574829243d0e3bd5f7cd65186875ca4f5b37ead03c3cb688569025d258de3368aac88e9d257ffe802183e6a3b3ba775142a54893aa20995b30cac2c04adfbf05aa981f3d77dd4a0c43c000148d1de57960136bb4c992a1303f3f39a967e00e454bf098f151b86ec7e95ed851ce91dee7add8e5f9b1c7cf136a45129608ccfc3e28a90b74a6ae69440e6fb932dc03074e7fab6475f075242823b313530c77f43eafdde3329e04b643eb7fd846b27b417be078c7449e0670cbdcc74b6457b48de17e0a76f252a8b16308b77b0b9ecef6163effb24f0146a4cc02c639fe09c51c7dc95c865210b70b5bac61677b3b31d324874d3bdd2091131d87362fe5c4fbe641a3d363fd279b9f1afaee5fb24e6a53b4226a31437a1299dd00f700feb4c24e9185906638279c279dd1b0405a7f27f0eaaccd937bb4ba40b23440414bf82ce036b6864005b0ed1206b70b249ba6f7196fd77ea57b05ebe60199cf837536a7f241d3164960e1acb57a3bd50dfe14cc7f18386c2d5ec4798fa9e7f2ecee6a2808de14888cbdbb18c7acfb7d86f38f07601056475617ce673a2604e64c835fc759b569f13059045fb04faee60baad18a229e6a041a5c32973fd1d62c4b0d5f1a76a9b396e6b2f23daba544b8ff22a5a489396962a55b74787eaedb8130fd85fed1be71ca62b33b5b342c24991e82183ebe8829611a4f3c8a3657be1940f5aab793ed24dec1c127677d00a044ce8aa997f70d9bd267036e7e145ad177730913c8fc602cf9ce2b48ea0a1b0df88d5a487cfd88cecb1aafa6dbbc2fe2baf35bd77a73aa5fb55bc7f40cea99561a795477c7d3acd1c0dc4d4f97394b1bcf13fc592af570b80092e27941c1eddefed7fbeb00e74d89bdf675ad98250c1a61b756cc483529d0b70942dec309b13dde96a0a8d1795b736d1c26ee5463f867be3dd1c33e1d0aa86574ddf518738df6050ad9a13530b9c8d5a5f9fbb58fff8ed88f638aefdf6e8ef2f57c14a15f2920be7e19af2df21472a990a87ab14105ea675f07ef91e2b1d274d75bf9ddbc7d1e84b41cf09d3d5169e63053286f8357ef37ec1b0a0c6d6e560c93a853e2de21d796500370ec238465ec135fd7983349c7eba9263f2779750802d4c9ac1fd11d024c7301c809df2b6fdf48cf71fda61ce137e6972f54fac6e5551d3b66b22768914a263e9dba9efae79b927c69172a71cf85f04e405e19777045cdf3e8deb234296b716266bcdf27daf9440d05032ec2d4dffd9cce39926cedeff62e01d535f6cc5acc368ecd22e1e77432be0d1f853df17f1a9ecd89183fd1c362cd13f05b1b039c59e4c8ecade4795de08ab9db1a0d5d798a3171937703d0123697a6a12fcbd48cd6943ff9f807daac41c9f5944b471c1dacd831b80c069cff574bb1425e4c73715ade1f4fa238f9288ca5c33403c1636b1803d45a5297529a3f44a2e8af324deae2cda52caac7627058d64f83b4a44e1293bf1de785e72b5c9f158d733d8802c70e4ecac850e2d7ad5e49322aceac9e433a08f0a9c850e5c282842aa629daa5ffba0ec5dddd14280f9459b5ad09e571d24fd0e621a7b3c9b96cb9e3d627cab69e0099d6375ba559e7592c71fd2983abac64952b531cfc21a9149ce70f2e2cbb623a3609bbb26137f88f9cf9bdf518a1bfb693a0f2678297434c36bae7a8db587ac39256a125f9f0be00b2645d4b66ea2798b30fce5d55e51c3059cc7bc8e90c3575753268e0f0c1c697d43fcbad4a2d9bd392dc6523c8ced3ff208cff557915b2be45b9bb037f63b9264590154ac60ab1532e1c2c5a5aae7e0671be36c1f9d66e34c94915041b6d08942afa32d82e1acd5e6dad749b29ba67fc7d87aebce552bc2c42dd000c0880bbf509c6de8927ef61cefde0ad7a3357bf095826fea7dd3152503a963dfb32372625bae3ae0e0902921ac41b333c3310cba7e83c83ced17bd1e5c0cd09b60dafed093442172fffb66fb44fc15fac63b82ea1054c430a3bc01ebe3caf0a8e7ccb6a68968a9d2c0f54a1f9599b0472a7b65533f64f11169662d7fe445e4fed5f1e29bfa54de569786148b903e06018a63fbea1e981268174d26b89ff6fdef6384f3919456cfb4e9dc8f9c233aed4d5cee0b7e499b975c269a4f9c252600f470b4cf191fc30123d46f830418bcec1eae532d6864a35eb304e6254962c1aca00d3a88f08b05cc8441f7350afb66cb018d43da3903acc2a0eacaae1618e67958c75c60c21e211c2e5c8f2ff946dfad916a8f7e7f7a65c252b0ca94a4fde4d92e6735be454cc9c3ab01b4859663484e8d54dcc666ac89382e04bf3f55fcfe0b5faaeb37991f77bf1380cf41f8103a842e0e15a3ef296a78f9f22c6c4be8f18224284111677e3200aff987f0a17bed6675b743f5dee834cb467c20f1eb0cf3768189aa75aaef99359069878b2b8d475f5f3b7088ae3a38b75a0201661e29f4b4c15729d98eb2"}]}}]}, 0xec4}}, 0x0)

02:09:33 executing program 5:
mount$fuseblk(&(0x7f000000a3c0), &(0x7f000000a400)='./file1\x00', &(0x7f000000a440), 0x0, &(0x7f000000a480)={{}, 0x2c, {}, 0x2c, {'user_id', 0x3d, 0xee00}})

02:09:33 executing program 3:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r0, &(0x7f0000002040)={&(0x7f0000001f40)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000002000)={0x0}}, 0x0)

02:09:33 executing program 1:
add_key$fscrypt_provisioning(&(0x7f0000000000), 0x0, &(0x7f0000000080), 0x8, 0x0)

02:09:34 executing program 0:
futex(&(0x7f000000a300), 0x0, 0x2, &(0x7f000000a340), 0x0, 0x0)

02:09:34 executing program 1:
r0 = socket$packet(0x11, 0x2, 0x300)
recvmmsg(r0, &(0x7f0000006ac0)=[{{&(0x7f0000000100)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @private2}}}, 0x80, 0x0}}], 0x1, 0x10001, 0x0)

02:09:34 executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, 0x0, &(0x7f0000000040))

02:09:34 executing program 5:
clock_adjtime(0x0, &(0x7f0000000580))

02:09:34 executing program 3:
lstat(&(0x7f0000000040)='.\x00', 0x0)

02:09:34 executing program 5:
lstat(&(0x7f0000009e80)='./file0\x00', 0x0)

[  552.105344][ T7446] usb 5-1: new high-speed USB device number 75 using dummy_hcd
[  552.352072][ T7446] usb 5-1: Using ep0 maxpacket: 16
[  552.472537][ T7446] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  552.483414][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  552.495320][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  552.505288][ T7446] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  552.518435][ T7446] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  552.873094][ T7446] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  552.882579][ T7446] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  552.890730][ T7446] usb 5-1: Manufacturer: syz
[  552.953529][ T7446] usb 5-1: config 0 descriptor??
02:09:37 executing program 0:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
recvmmsg(r0, &(0x7f0000005fc0)=[{{0x0, 0x0, &(0x7f00000002c0)=[{0x0}, {0x0}], 0x2}}], 0x1, 0x0, 0x0)

02:09:37 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x14, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00030400000004"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:09:37 executing program 1:
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000600)={[0x5]}, 0x8})

02:09:37 executing program 3:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r0, &(0x7f00000013c0)={0x0, 0x0, &(0x7f0000001380)={&(0x7f0000000180)={0xec4, 0x0, 0x0, 0x0, 0x0, {{}, {@val={0x8}, @val={0xc}}}, [@NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_FRAME={0xe7c, 0x33, @data_frame={@no_qos=@type10={{}, {}, @initial, @device_a, @device_b}, @a_msdu=[{@device_b}, {@device_b, @broadcast, 0x1b, "25c80ae130de8c1b53c9bda959e7d0e9f31f9326e6c4a6358f17cf"}, {@broadcast, @broadcast, 0xc7, "5407428fe753118824c03b688c15365f68de8645f08c31f984b2117b9242a97de0afb22514a652fe9ef23a900b52b4c8a2426a4111aac2ae7f255c235beae48d9b9e20392aca754dcdc1cca4c06d27094bfd198d625ce43b22d6258099b465650e1397015a5513f949e69b01fb77af34f93b4795dbdb56c4c72ca3a3e75a1bb620dc287b9932217789975e05271a01f9532246b83a60b2920e7fd32eeeca2b1e9006efc27374ce958dfbb2ad622f1a01fd3fffd2acc53614325946a4f1da5bb9f6b0581eb09562"}, {@device_b, @device_b, 0xd3b, "d2b331523f274cf97ff31c13db3007519a0a21706fc7878ab0418e2884ae340dc6c0d9d334736459e34adb027ac0ffaaa660b6631b5168b88dfac77af5a7ba2c5e62e9be473b70b91dc45e5ba522604fe1cd6b88e50b962539aff13429546521f9b93f088ef2c46effd6c57d83b26a02430cd8d4707eab545f0cb7111a811cc79b4a2c5e1d8295ba8dcf8eba69742b379692ba6ac7ca78adba32421728e8475ae0f709acda2797844c64dc6598c71daeb9266fb745af72912ba7c5d88501c36c789b2bb7c9721baea6c90828408e352fe8c7b96ad3ed180eb0658b2d1a34eab509fbcdb43b5a4b0a403af94b4e2b2a7a42a0076b6a92e3028aa29d93500df93f413619079e3f414f88cb1bcb54444ef3d816d4389f7236a68cfeb521111434c14b9dbe452e89b4a4b66666940f2c6a0301543da71b3b5e9f4f7863c2cda8cd061af046003faa68b3540862c6ca3a5758d6c4308bb450306b59f58b171dcf920d59e8e364891fbc94dcae4b5e12b9f38346c1c320386d7edfc1c9946fd66b8354f663a0ffba3524e1e477dbe94744d29761f71380665f127c0e9e58b27aa5dcb84dccf223494d0f693aec2cc7c93964da9c8974ea5c8d4dab2b9f627b58d35828016eee11f9aff1833cee5545fee2251e565c28c655eaac46791c16d6e90c32f59c0fd00568ec7a7a6b94a1ad0440b4846a6f61dbc8d25ca56054334232ea2c26f1f2d401a6b227bfdee06764c0f4b0e1995ded3ae3c7bada81a943a562b34a750ed910275be52b71073f91c3a1e542228c76bc4e4b1d4b281985fbf390c2dacd321b553ae61b0e0a64858c961b134dbfe175a93cb197c81848b62baefd148a2a0c071770b3014ab05f7509664824212d187a59532b11a96dd56ad7cf0c47c6b9432094f8939cc7612a9dcb0e30d61629b4acc7bc5023eeb1dbabf2d190027130fa4ab55bbbd7182f406cf9fed4dbf4bd85b955d82fdf7349182c20551b2f5a5e94db9103dc21fb4d82f11ce62dc2d59c35da425f90a503508ff3ff70c61ba9c16983bb4549eaa5391507d6804a1543c888577a98cfe19a34adaeacc9964c9a947b731c3c025f57a80a3dbacc0a4f99e64c61aa19b018435366a3b9ed658360287cc514b7acff7660a38ad2833397e2333dc743e31573f4dbd6926cacf88c9b4c1d592af7a896288c6212d1491eba3c1d6d3a87c0cdca1d98ad0119dda315528ef5fa7d487bf2e651e4648180f24b086341e03fb6e2eaa8d6ae15971b7a7ce66dcad6bf88dcdfb560d33cfee7fc774ac80e80c7b034f23b16da8d5f99b7fddc3019fbad0666b8d642ba3e72bc0ce75b47f52bd66aacec427125cc8317ce67e84da6681ddef7ec734ff7648a330f0fb2a11f57fcc9705a01bc161660f351b016ccffd6d9fc95b486e7c86bdc47b598b20ab87d0322a55c67b3d86eba512527cd91957b7ac3e6df4ad520d9757502fa26361ef05d79ca500a82476cb8129f63789a543b73a3c9a19c8042bce8b7cf8ba2b785a58c6aa15946ef7dba61bc8f658d7f420ecdacd08fed5f70773f71ecac1005bb7f34f2ca043c88e1965503344be02e0f423b2e72f589fb791566d9d154f6ecebe234610f36cc68fa2709e4333dc1163c51089a9c0e5baf153fd83800bc9e72e386240aa52808cfe6ce308ea9d6447de463bbadcb42fca09c66237aad04bcbea6c3375e9e2ed11ff9e6ec6fd19712674f0d9b8a6cf69ca2e72e32cb3bef9400c8ffbb48efa15949bacf33977ad5c9f5c1b450906637bc2c59e22590c967daca78c792292083666193ba3c6c4926c9ad556ed9bff9be8ba81fd26c8e2c19e5524aea53aaa359286302412f91a45d58ba12aff4399ac59d8c736452e5d475ffae74969b0349cdf22b74412dafd2784c0c3a41ebd65547935cf6533aacd1d32e16d6bda69d8d6ac49a0d1c41d5bd86418b78d8bc375221ad46c59b635f53cd312d8fb95cec47b648f09f3202cc5d317c73b20099e161859770f3cdaa3d7c1670fede80341d0e90e9314182ebd0c49b09bccb0e7ecda1ceb46ae1b7184e49e5f4b1b76b248877e8dbaaa2b544c78f0093b2b8230cb350857fb5847a67debadafa53488ec37e7414cc4ab77e4aad48225d5fd788879828a5012c86b8b6300ec59ed87588648582a24e96bab97bdc8ea697f4c626cdf8e2f7c520a005774954a46dbed82cd985ac3c30b174a3e93af615678bbb67c94b9617a920c78d753ea057ff78120f7964949b82b3a3d458a496ea41ff844e9330b7d0b4ba965088e248848305893e639032bcfa6bcab0a55fd39e65c39151818c7cd740e574829243d0e3bd5f7cd65186875ca4f5b37ead03c3cb688569025d258de3368aac88e9d257ffe802183e6a3b3ba775142a54893aa20995b30cac2c04adfbf05aa981f3d77dd4a0c43c000148d1de57960136bb4c992a1303f3f39a967e00e454bf098f151b86ec7e95ed851ce91dee7add8e5f9b1c7cf136a45129608ccfc3e28a90b74a6ae69440e6fb932dc03074e7fab6475f075242823b313530c77f43eafdde3329e04b643eb7fd846b27b417be078c7449e0670cbdcc74b6457b48de17e0a76f252a8b16308b77b0b9ecef6163effb24f0146a4cc02c639fe09c51c7dc95c865210b70b5bac61677b3b31d324874d3bdd2091131d87362fe5c4fbe641a3d363fd279b9f1afaee5fb24e6a53b4226a31437a1299dd00f700feb4c24e9185906638279c279dd1b0405a7f27f0eaaccd937bb4ba40b23440414bf82ce036b6864005b0ed1206b70b249ba6f7196fd77ea57b05ebe60199cf837536a7f241d3164960e1acb57a3bd50dfe14cc7f18386c2d5ec4798fa9e7f2ecee6a2808de14888cbdbb18c7acfb7d86f38f07601056475617ce673a2604e64c835fc759b569f13059045fb04faee60baad18a229e6a041a5c32973fd1d62c4b0d5f1a76a9b396e6b2f23daba544b8ff22a5a489396962a55b74787eaedb8130fd85fed1be71ca62b33b5b342c24991e82183ebe8829611a4f3c8a3657be1940f5aab793ed24dec1c127677d00a044ce8aa997f70d9bd267036e7e145ad177730913c8fc602cf9ce2b48ea0a1b0df88d5a487cfd88cecb1aafa6dbbc2fe2baf35bd77a73aa5fb55bc7f40cea99561a795477c7d3acd1c0dc4d4f97394b1bcf13fc592af570b80092e27941c1eddefed7fbeb00e74d89bdf675ad98250c1a61b756cc483529d0b70942dec309b13dde96a0a8d1795b736d1c26ee5463f867be3dd1c33e1d0aa86574ddf518738df6050ad9a13530b9c8d5a5f9fbb58fff8ed88f638aefdf6e8ef2f57c14a15f2920be7e19af2df21472a990a87ab14105ea675f07ef91e2b1d274d75bf9ddbc7d1e84b41cf09d3d5169e63053286f8357ef37ec1b0a0c6d6e560c93a853e2de21d796500370ec238465ec135fd7983349c7eba9263f2779750802d4c9ac1fd11d024c7301c809df2b6fdf48cf71fda61ce137e6972f54fac6e5551d3b66b22768914a263e9dba9efae79b927c69172a71cf85f04e405e19777045cdf3e8deb234296b716266bcdf27daf9440d05032ec2d4dffd9cce39926cedeff62e01d535f6cc5acc368ecd22e1e77432be0d1f853df17f1a9ecd89183fd1c362cd13f05b1b039c59e4c8ecade4795de08ab9db1a0d5d798a3171937703d0123697a6a12fcbd48cd6943ff9f807daac41c9f5944b471c1dacd831b80c069cff574bb1425e4c73715ade1f4fa238f9288ca5c33403c1636b1803d45a5297529a3f44a2e8af324deae2cda52caac7627058d64f83b4a44e1293bf1de785e72b5c9f158d733d8802c70e4ecac850e2d7ad5e49322aceac9e433a08f0a9c850e5c282842aa629daa5ffba0ec5dddd14280f9459b5ad09e571d24fd0e621a7b3c9b96cb9e3d627cab69e0099d6375ba559e7592c71fd2983abac64952b531cfc21a9149ce70f2e2cbb623a3609bbb26137f88f9cf9bdf518a1bfb693a0f2678297434c36bae7a8db587ac39256a125f9f0be00b2645d4b66ea2798b30fce5d55e51c3059cc7bc8e90c3575753268e0f0c1c697d43fcbad4a2d9bd392dc6523c8ced3ff208cff557915b2be45b9bb037f63b9264590154ac60ab1532e1c2c5a5aae7e0671be36c1f9d66e34c94915041b6d08942afa32d82e1acd5e6dad749b29ba67fc7d87aebce552bc2c42dd000c0880bbf509c6de8927ef61cefde0ad7a3357bf095826fea7dd3152503a963dfb32372625bae3ae0e0902921ac41b333c3310cba7e83c83ced17bd1e5c0cd09b60dafed093442172fffb66fb44fc15fac63b82ea1054c430a3bc01ebe3caf0a8e7ccb6a68968a9d2c0f54a1f9599b0472a7b65533f64f11169662d7fe445e4fed5f1e29bfa54de569786148b903e06018a63fbea1e981268174d26b89ff6fdef6384f3919456cfb4e9dc8f9c233aed4d5cee0b7e499b975c269a4f9c252600f470b4cf191fc30123d46f830418bcec1eae532d6864a35eb304e6254962c1aca00d3a88f08b05cc8441f7350afb66cb018d43da3903acc2a0eacaae1618e67958c75c60c21e211c2e5c8f2ff946dfad916a8f7e7f7a65c252b0ca94a4fde4d92e6735be454cc9c3ab01b4859663484e8d54dcc666ac89382e04bf3f55fcfe0b5faaeb37991f77bf1380cf41f8103a842e0e15a3ef296a78f9f22c6c4be8f18224284111677e3200aff987f0a17bed6675b743f5dee834cb467c20f1eb0cf3768189aa75aaef99359069878b2b8d475f5f3b7088ae3a38b75a0201661e29f4b4c15729d98eb2"}]}}]}, 0xec4}, 0x1, 0x0, 0x0, 0x905}, 0x0)

02:09:37 executing program 5:
r0 = getpgrp(0xffffffffffffffff)
sched_rr_get_interval(r0, &(0x7f0000000000))

02:09:37 executing program 2:
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000001c80), 0xffffffffffffffff)

[  555.032508][ T7446] rc_core: IR keymap rc-hauppauge not found
[  555.038775][ T7446] Registered IR keymap rc-empty
[  555.044291][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:09:37 executing program 5:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
recvmmsg(r0, 0x0, 0x0, 0x0, 0x0)

[  555.090207][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:09:37 executing program 3:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0)

02:09:37 executing program 2:
openat$cgroup_netprio_ifpriomap(0xffffffffffffffff, 0xffffffffffffffff, 0x2, 0x0)

[  555.170066][ T7446] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  555.190806][ T7446] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input48
[  555.425921][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  555.467327][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  555.538851][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  555.602468][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  555.653345][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  555.702713][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  555.757261][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  555.800916][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  555.845891][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  555.914115][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:09:38 executing program 5:
openat$drirender128(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
syz_open_dev$dri(&(0x7f0000000180), 0x0, 0x101002)

02:09:38 executing program 0:
inotify_add_watch(0xffffffffffffffff, 0x0, 0x70000260)

02:09:38 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NBD_CMD_STATUS(r0, &(0x7f0000001940)={0x0, 0x0, &(0x7f0000001900)={0x0}}, 0x11)

[  556.033330][ T7446] mceusb 5-1:0.0: Registered  with mce emulator interface version 1
[  556.041690][ T7446] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
02:09:38 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={<r0=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000000780)={0x0, 0x0, 0x0}, 0x0)

[  556.244182][ T7446] usb 5-1: USB disconnect, device number 75
[  556.772509][ T7446] usb 5-1: new high-speed USB device number 76 using dummy_hcd
[  557.022955][ T7446] usb 5-1: Using ep0 maxpacket: 16
[  557.142294][ T7446] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  557.152872][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  557.164458][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  557.174518][ T7446] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  557.184567][ T7446] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  557.273000][ T7446] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  557.282756][ T7446] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  557.290924][ T7446] usb 5-1: Manufacturer: syz
[  557.349341][ T7446] usb 5-1: config 0 descriptor??
02:09:41 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x14, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00030400000004"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:09:41 executing program 3:
futex(0x0, 0xb, 0x0, &(0x7f0000000080), &(0x7f00000000c0), 0x0)

02:09:41 executing program 5:
r0 = getpgrp(0x0)
get_robust_list(r0, 0x0, &(0x7f0000000080))

02:09:41 executing program 2:
clock_gettime(0x6, &(0x7f0000000780))

02:09:41 executing program 0:
futex(&(0x7f0000000040), 0x5, 0x0, 0x0, &(0x7f0000000100)=0x1, 0x1)

02:09:41 executing program 1:
getgroups(0x1, &(0x7f0000000000)=[0xffffffffffffffff])

[  559.283171][ T7446] rc_core: IR keymap rc-hauppauge not found
[  559.289207][ T7446] Registered IR keymap rc-empty
[  559.294770][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:09:41 executing program 5:
syz_read_part_table(0x0, 0x6, &(0x7f0000000600)=[{&(0x7f0000000040)="92941734c17470acaf8914f1195e33b35b19ff1c1b7594", 0x17, 0x3}, {0x0, 0x0, 0xfffffffffffffffe}, {0x0}, {&(0x7f00000002c0)="995934493f0b3428f2d2a03606ad9e1f472200c99c430eeeddeb17f25a81a02f885f210230974e5120123a1f2e1dc2f9d65bae40ab54655081dbb69f7a7c8c34f1d56b20d4285c58f9468b705cfbb97bbdca3f49e43511de1034b3b11f42fc45c6dcf7f41c9b8c0791bc26c779fe87e1d5483e24e7020246ad66f3e5a2e4c10a0299814ee0c5cb8e1b3237f00bc0a1007896b1bb5200b3e95ca36a364da7c25324a021", 0xa3, 0x5}, {0x0}, {0x0, 0x0, 0x2}])

[  559.458156][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  559.545027][ T7446] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  559.560086][ T7446] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input49
02:09:42 executing program 0:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r0, &(0x7f0000002040)={&(0x7f0000001f40), 0xc, 0x0}, 0x0)

02:09:42 executing program 3:
mount$fuseblk(&(0x7f000000a3c0), &(0x7f000000a400)='./file1\x00', 0x0, 0x0, 0x0)

02:09:42 executing program 1:
add_key$fscrypt_provisioning(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000080), 0x8, 0x0)

02:09:42 executing program 2:
syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)={{}, 0x2c, {'rootmode', 0x3d, 0x1000}, 0x2c, {}, 0x2c, {}, 0x2c, {[], [{@fowner_gt}]}})

[  559.807562][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  559.867915][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  559.912905][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  559.982214][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  560.067028][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  560.120951][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  560.180495][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  560.221537][T13195] loop5: detected capacity change from 0 to 264192
[  560.265468][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  560.328473][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  560.367774][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  560.433723][T13195] loop5: detected capacity change from 0 to 264192
[  560.455609][ T7446] mceusb 5-1:0.0: Registered  with mce emulator interface version 1
[  560.463985][ T7446] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
02:09:43 executing program 5:
syz_read_part_table(0x0, 0x7, &(0x7f0000000600)=[{0x0, 0x0, 0x3}, {&(0x7f0000000080), 0x0, 0x6}, {&(0x7f0000000100), 0x0, 0xfffffffffffffffe}, {&(0x7f0000000200)="2d1d425633997d378e6b5753d251aaa4deda4de6e16f19bfe5444647e90c31cf25a2c897480e81b7cacb205c82e7bf1e9ee6a5da3479a291147142234b721130ec2413ecbf5b4beb5e13c83014530df90c03440e0736484bd9a810d898a3a79b05fb1448853c263fd2c457a8f601120f12c36dcf58acea5849f9df8d", 0x7c, 0x86}, {&(0x7f00000002c0), 0x0, 0x5}, {0x0}, {0x0}])

[  560.684822][ T7446] usb 5-1: USB disconnect, device number 76
[  560.754174][T13211] fuse: Bad value for 'fd'
[  560.767116][T13211] fuse: Bad value for 'fd'
[  561.312406][ T7446] usb 5-1: new high-speed USB device number 77 using dummy_hcd
[  561.562659][ T7446] usb 5-1: Using ep0 maxpacket: 16
[  561.682990][ T7446] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  561.693429][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  561.705006][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  561.714949][ T7446] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  561.724999][ T7446] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  561.862637][ T7446] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  561.872061][ T7446] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  561.880219][ T7446] usb 5-1: Manufacturer: syz
[  561.905369][ T7446] usb 5-1: config 0 descriptor??
02:09:46 executing program 0:
syz_read_part_table(0x0, 0x2, &(0x7f0000000600)=[{0x0, 0x0, 0xfffffffffffffffe}, {&(0x7f0000000380)}])

02:09:46 executing program 3:
clock_gettime(0x0, &(0x7f0000000780))
getrusage(0xffffffffffffffff, &(0x7f0000000000))

02:09:46 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x14, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="000304000000040301"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:09:46 executing program 1:
syz_mount_image$ext4(&(0x7f0000000a80)='ext4\x00', &(0x7f0000000ac0)='./file0\x00', 0x0, 0x0, &(0x7f0000000e80), 0x0, &(0x7f0000001000))

02:09:46 executing program 5:
openat$nvram(0xffffffffffffff9c, &(0x7f0000000780), 0x4683, 0x0)

02:09:46 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0))

[  563.723124][ T7446] rc_core: IR keymap rc-hauppauge not found
[  563.729295][ T7446] Registered IR keymap rc-empty
[  563.735284][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  563.855842][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  563.906322][T13242] loop0: detected capacity change from 0 to 264192
[  563.958670][ T7446] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  563.974053][ T7446] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input50
[  564.060508][T13246] EXT4-fs (loop1): VFS: Can't find ext4 filesystem
02:09:46 executing program 3:
r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000009f40), 0x0, 0x0)
ioctl$KVM_GET_DEBUGREGS(0xffffffffffffffff, 0x8080aea1, 0x0)
sendmsg$AUDIT_MAKE_EQUIV(r0, &(0x7f00000000c0)={&(0x7f0000000000), 0xc, &(0x7f0000000080)={0x0, 0x28}, 0x1, 0x0, 0x0, 0x40000}, 0x4040004)
fork()
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(0xffffffffffffffff, &(0x7f00000013c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000001380)={&(0x7f0000000180)={0x11d0, 0x0, 0x100, 0x70bd25, 0x25dfdbfe, {{}, {@val={0x8}, @val={0xc, 0x99, {0x0, 0x4f}}}}, [@NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x88a8}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_FRAME={0x1158, 0x33, @data_frame={@no_qos=@type10={{0x0, 0x2, 0x3, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1}, {0x7}, @initial, @device_a, @device_b, {0x0, 0x7f}}, @a_msdu=[{@device_b}, {@device_b, @broadcast, 0x1d, "25c80ae130de8c1b53c9bda959e7d0e9f31f9326e6c4a6358f17cf3136"}, {@broadcast, @broadcast, 0xc8, "5407428fe753118824c03b688c15365f68de8645f08c31f984b2117b9242a97de0afb22514a652fe9ef23a900b52b4c8a2426a4111aac2ae7f255c235beae48d9b9e20392aca754dcdc1cca4c06d27094bfd198d625ce43b22d6258099b465650e1397015a5513f949e69b01fb77af34f93b4795dbdb56c4c72ca3a3e75a1bb620dc287b9932217789975e05271a01f9532246b83a60b2920e7fd32eeeca2b1e9006efc27374ce958dfbb2ad622f1a01fd3fffd2acc53614325946a4f1da5bb9f6b0581eb0956223"}, {@device_b, @device_b, 0x1000, "d2b331523f274cf97ff31c13db3007519a0a21706fc7878ab0418e2884ae340dc6c0d9d334736459e34adb027ac0ffaaa660b6631b5168b88dfac77af5a7ba2c5e62e9be473b70b91dc45e5ba522604fe1cd6b88e50b962539aff13429546521f9b93f088ef2c46effd6c57d83b26a02430cd8d4707eab545f0cb7111a811cc79b4a2c5e1d8295ba8dcf8eba69742b379692ba6ac7ca78adba32421728e8475ae0f709acda2797844c64dc6598c71daeb9266fb745af72912ba7c5d88501c36c789b2bb7c9721baea6c90828408e352fe8c7b96ad3ed180eb0658b2d1a34eab509fbcdb43b5a4b0a403af94b4e2b2a7a42a0076b6a92e3028aa29d93500df93f413619079e3f414f88cb1bcb54444ef3d816d4389f7236a68cfeb521111434c14b9dbe452e89b4a4b66666940f2c6a0301543da71b3b5e9f4f7863c2cda8cd061af046003faa68b3540862c6ca3a5758d6c4308bb450306b59f58b171dcf920d59e8e364891fbc94dcae4b5e12b9f38346c1c320386d7edfc1c9946fd66b8354f663a0ffba3524e1e477dbe94744d29761f71380665f127c0e9e58b27aa5dcb84dccf223494d0f693aec2cc7c93964da9c8974ea5c8d4dab2b9f627b58d35828016eee11f9aff1833cee5545fee2251e565c28c655eaac46791c16d6e90c32f59c0fd00568ec7a7a6b94a1ad0440b4846a6f61dbc8d25ca56054334232ea2c26f1f2d401a6b227bfdee06764c0f4b0e1995ded3ae3c7bada81a943a562b34a750ed910275be52b71073f91c3a1e542228c76bc4e4b1d4b281985fbf390c2dacd321b553ae61b0e0a64858c961b134dbfe175a93cb197c81848b62baefd148a2a0c071770b3014ab05f7509664824212d187a59532b11a96dd56ad7cf0c47c6b9432094f8939cc7612a9dcb0e30d61629b4acc7bc5023eeb1dbabf2d190027130fa4ab55bbbd7182f406cf9fed4dbf4bd85b955d82fdf7349182c20551b2f5a5e94db9103dc21fb4d82f11ce62dc2d59c35da425f90a503508ff3ff70c61ba9c16983bb4549eaa5391507d6804a1543c888577a98cfe19a34adaeacc9964c9a947b731c3c025f57a80a3dbacc0a4f99e64c61aa19b018435366a3b9ed658360287cc514b7acff7660a38ad2833397e2333dc743e31573f4dbd6926cacf88c9b4c1d592af7a896288c6212d1491eba3c1d6d3a87c0cdca1d98ad0119dda315528ef5fa7d487bf2e651e4648180f24b086341e03fb6e2eaa8d6ae15971b7a7ce66dcad6bf88dcdfb560d33cfee7fc774ac80e80c7b034f23b16da8d5f99b7fddc3019fbad0666b8d642ba3e72bc0ce75b47f52bd66aacec427125cc8317ce67e84da6681ddef7ec734ff7648a330f0fb2a11f57fcc9705a01bc161660f351b016ccffd6d9fc95b486e7c86bdc47b598b20ab87d0322a55c67b3d86eba512527cd91957b7ac3e6df4ad520d9757502fa26361ef05d79ca500a82476cb8129f63789a543b73a3c9a19c8042bce8b7cf8ba2b785a58c6aa15946ef7dba61bc8f658d7f420ecdacd08fed5f70773f71ecac1005bb7f34f2ca043c88e1965503344be02e0f423b2e72f589fb791566d9d154f6ecebe234610f36cc68fa2709e4333dc1163c51089a9c0e5baf153fd83800bc9e72e386240aa52808cfe6ce308ea9d6447de463bbadcb42fca09c66237aad04bcbea6c3375e9e2ed11ff9e6ec6fd19712674f0d9b8a6cf69ca2e72e32cb3bef9400c8ffbb48efa15949bacf33977ad5c9f5c1b450906637bc2c59e22590c967daca78c792292083666193ba3c6c4926c9ad556ed9bff9be8ba81fd26c8e2c19e5524aea53aaa359286302412f91a45d58ba12aff4399ac59d8c736452e5d475ffae74969b0349cdf22b74412dafd2784c0c3a41ebd65547935cf6533aacd1d32e16d6bda69d8d6ac49a0d1c41d5bd86418b78d8bc375221ad46c59b635f53cd312d8fb95cec47b648f09f3202cc5d317c73b20099e161859770f3cdaa3d7c1670fede80341d0e90e9314182ebd0c49b09bccb0e7ecda1ceb46ae1b7184e49e5f4b1b76b248877e8dbaaa2b544c78f0093b2b8230cb350857fb5847a67debadafa53488ec37e7414cc4ab77e4aad48225d5fd788879828a5012c86b8b6300ec59ed87588648582a24e96bab97bdc8ea697f4c626cdf8e2f7c520a005774954a46dbed82cd985ac3c30b174a3e93af615678bbb67c94b9617a920c78d753ea057ff78120f7964949b82b3a3d458a496ea41ff844e9330b7d0b4ba965088e248848305893e639032bcfa6bcab0a55fd39e65c39151818c7cd740e574829243d0e3bd5f7cd65186875ca4f5b37ead03c3cb688569025d258de3368aac88e9d257ffe802183e6a3b3ba775142a54893aa20995b30cac2c04adfbf05aa981f3d77dd4a0c43c000148d1de57960136bb4c992a1303f3f39a967e00e454bf098f151b86ec7e95ed851ce91dee7add8e5f9b1c7cf136a45129608ccfc3e28a90b74a6ae69440e6fb932dc03074e7fab6475f075242823b313530c77f43eafdde3329e04b643eb7fd846b27b417be078c7449e0670cbdcc74b6457b48de17e0a76f252a8b16308b77b0b9ecef6163effb24f0146a4cc02c639fe09c51c7dc95c865210b70b5bac61677b3b31d324874d3bdd2091131d87362fe5c4fbe641a3d363fd279b9f1afaee5fb24e6a53b4226a31437a1299dd00f700feb4c24e9185906638279c279dd1b0405a7f27f0eaaccd937bb4ba40b23440414bf82ce036b6864005b0ed1206b70b249ba6f7196fd77ea57b05ebe60199cf837536a7f241d3164960e1acb57a3bd50dfe14cc7f18386c2d5ec4798fa9e7f2ecee6a2808de14888cbdbb18c7acfb7d86f38f07601056475617ce673a2604e64c835fc759b569f13059045fb04faee60baad18a229e6a041a5c32973fd1d62c4b0d5f1a76a9b396e6b2f23daba544b8ff22a5a489396962a55b74787eaedb8130fd85fed1be71ca62b33b5b342c24991e82183ebe8829611a4f3c8a3657be1940f5aab793ed24dec1c127677d00a044ce8aa997f70d9bd267036e7e145ad177730913c8fc602cf9ce2b48ea0a1b0df88d5a487cfd88cecb1aafa6dbbc2fe2baf35bd77a73aa5fb55bc7f40cea99561a795477c7d3acd1c0dc4d4f97394b1bcf13fc592af570b80092e27941c1eddefed7fbeb00e74d89bdf675ad98250c1a61b756cc483529d0b70942dec309b13dde96a0a8d1795b736d1c26ee5463f867be3dd1c33e1d0aa86574ddf518738df6050ad9a13530b9c8d5a5f9fbb58fff8ed88f638aefdf6e8ef2f57c14a15f2920be7e19af2df21472a990a87ab14105ea675f07ef91e2b1d274d75bf9ddbc7d1e84b41cf09d3d5169e63053286f8357ef37ec1b0a0c6d6e560c93a853e2de21d796500370ec238465ec135fd7983349c7eba9263f2779750802d4c9ac1fd11d024c7301c809df2b6fdf48cf71fda61ce137e6972f54fac6e5551d3b66b22768914a263e9dba9efae79b927c69172a71cf85f04e405e19777045cdf3e8deb234296b716266bcdf27daf9440d05032ec2d4dffd9cce39926cedeff62e01d535f6cc5acc368ecd22e1e77432be0d1f853df17f1a9ecd89183fd1c362cd13f05b1b039c59e4c8ecade4795de08ab9db1a0d5d798a3171937703d0123697a6a12fcbd48cd6943ff9f807daac41c9f5944b471c1dacd831b80c069cff574bb1425e4c73715ade1f4fa238f9288ca5c33403c1636b1803d45a5297529a3f44a2e8af324deae2cda52caac7627058d64f83b4a44e1293bf1de785e72b5c9f158d733d8802c70e4ecac850e2d7ad5e49322aceac9e433a08f0a9c850e5c282842aa629daa5ffba0ec5dddd14280f9459b5ad09e571d24fd0e621a7b3c9b96cb9e3d627cab69e0099d6375ba559e7592c71fd2983abac64952b531cfc21a9149ce70f2e2cbb623a3609bbb26137f88f9cf9bdf518a1bfb693a0f2678297434c36bae7a8db587ac39256a125f9f0be00b2645d4b66ea2798b30fce5d55e51c3059cc7bc8e90c3575753268e0f0c1c697d43fcbad4a2d9bd392dc6523c8ced3ff208cff557915b2be45b9bb037f63b9264590154ac60ab1532e1c2c5a5aae7e0671be36c1f9d66e34c94915041b6d08942afa32d82e1acd5e6dad749b29ba67fc7d87aebce552bc2c42dd000c0880bbf509c6de8927ef61cefde0ad7a3357bf095826fea7dd3152503a963dfb32372625bae3ae0e0902921ac41b333c3310cba7e83c83ced17bd1e5c0cd09b60dafed093442172fffb66fb44fc15fac63b82ea1054c430a3bc01ebe3caf0a8e7ccb6a68968a9d2c0f54a1f9599b0472a7b65533f64f11169662d7fe445e4fed5f1e29bfa54de569786148b903e06018a63fbea1e981268174d26b89ff6fdef6384f3919456cfb4e9dc8f9c233aed4d5cee0b7e499b975c269a4f9c252600f470b4cf191fc30123d46f830418bcec1eae532d6864a35eb304e6254962c1aca00d3a88f08b05cc8441f7350afb66cb018d43da3903acc2a0eacaae1618e67958c75c60c21e211c2e5c8f2ff946dfad916a8f7e7f7a65c252b0ca94a4fde4d92e6735be454cc9c3ab01b4859663484e8d54dcc666ac89382e04bf3f55fcfe0b5faaeb37991f77bf1380cf41f8103a842e0e15a3ef296a78f9f22c6c4be8f18224284111677e3200aff987f0a17bed6675b743f5dee834cb467c20f1eb0cf3768189aa75aaef99359069878b2b8d475f5f3b7088ae3a38b75a0201661e29f4b4c15729d98eb23e6baaa3d1146f0b5527cdb17d163c600548b180a0ff32fdbef61360dc77044de57ae8e74295b8d6354c791ee5e99285ce3e8fd95b1bbc2983cf4cbeb934398fa9781522a65fb07a5ea682ff5efe8e8d53c25b14044e8c5d21f4db0eaaac587d00669643c388e843de38b6e5b59b52cbee1674c0b7bb1354e190e588a622e2d97cb96fb25cdfc685bfa97ed84e1526603035e3486897d12af49990442566081650b6ba0fb194252fd448bdfb506afe7199638d69ac920526e13b44b719d5f48c96530a78e8495b2af2c82559a331a6eaed1c7e830facf44bdfcc199929a6518d2314abd7a5419d2cbf263ab39665f32db7d623a726a5e7375ee2c0393a401bf25baab65668fcab1a3eef7bfcda14e9e2766e0e67a4bcf73afbfd0f9a6824a0a50ad708a7cac095ccad06218ec52fb6693ff7e34f15c179fdba34226a0081e3e76324d515ede7acfb308459afbaa453d1a1128f62495fffa7774e0a07f2f092e45c07ab38a4a172c74a6e50ca1928f6f3145d8d30925fad0e44d2a96bb5ceba16cc12ebe343bcd4d041003e39b60e86863730bd56d8a541873260b7b9613fa12c2db576da7e729338f6f626d31f5e6ab5d8f0a184bdc7ac0ca92c101a5c13891f8ec7bf1d99a5d9e4d472a5d4359950594fe903d40c8c463f0321305a18e97e70ad981d3208a5103d9a6c21f6609052dac552196b16fa3d9c381fd125ea30846beccb57f2e91eb522bb8df1d6dd2a6a866b559de2c2b4e59c9c6218bc0d42921be3266896584638e4a071b5538f470dd47050532899b6cc88422f90cb036f1f509ecf606ada404fc05d1a6f92f3aebb1c9ebe26d67c0c10a1b0f1dc83884856913d4bb56076b96a54cf44ff881d2f51982c0d884c38d79f30be5ecf2d411d76dc6efc44d0c64b36e35bbdf18e54485388545beb47ffffe657a08dbef76eef9d2ffe4c5364b6891fa02eb46015b8f0ccf5ee89c97b290bcfb42cd204d08078db6a1b6f33650d"}, {@broadcast, @broadcast, 0x9, "c5b6afdf7835028877"}]}}, @NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x886c}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x8863}, @NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x8809}, @NL80211_ATTR_MAC={0xa}]}, 0x11d0}, 0x1, 0x0, 0x0, 0x905}, 0x20000000)

02:09:46 executing program 5:
futex(&(0x7f0000000040), 0x5, 0x0, 0x0, &(0x7f0000000100), 0x1)

[  564.229881][T13242] loop0: detected capacity change from 0 to 264192
[  564.272955][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  564.294999][T13246] EXT4-fs (loop1): VFS: Can't find ext4 filesystem
02:09:46 executing program 2:
sched_rr_get_interval(0x0, &(0x7f0000000000))
clock_gettime(0x0, &(0x7f0000000780))

[  564.329490][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:09:47 executing program 0:
syz_read_part_table(0x0, 0x2, &(0x7f0000000600)=[{0x0, 0x0, 0xfffffffffffffffe}, {&(0x7f0000000380)}])

[  564.418724][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:09:47 executing program 1:
select(0x0, 0x0, 0x0, &(0x7f0000000740), &(0x7f00000007c0))

[  564.498431][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  564.536698][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  564.602739][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  564.648889][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  564.733795][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  564.798253][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  564.875098][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  564.981504][ T7446] mceusb 5-1:0.0: Registered  with mce emulator interface version 1
[  564.989845][ T7446] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
02:09:47 executing program 3:
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_UPDATE_FT_IES(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r0, &(0x7f0000002040)={&(0x7f0000001f40)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000002000)={0x0}}, 0x0)

[  565.198627][ T7446] usb 5-1: USB disconnect, device number 77
02:09:47 executing program 5:
clock_gettime(0x4, 0x0)
pselect6(0x0, 0x0, &(0x7f0000000180)={0x0, 0x0, 0x1f, 0x0, 0x8b, 0x0, 0x7ff, 0x7}, 0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
select(0x40, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x190e}, &(0x7f0000000080)={0x3, 0xffffffff, 0x0, 0x0, 0x4, 0x0, 0x0, 0x8001}, 0x0, 0x0)
waitid(0x1, 0x0, 0x0, 0x0, 0x0)

[  565.403391][T13293] loop0: detected capacity change from 0 to 264192
02:09:48 executing program 2:
pipe(&(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
syz_genetlink_get_family_id$batadv(&(0x7f00000005c0), r0)

[  565.702378][ T7446] usb 5-1: new high-speed USB device number 78 using dummy_hcd
[  565.801086][   T24] audit: type=1326 audit(1638929388.405:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=13297 comm="syz-executor.5" exe="/root/syz-executor.5" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf6ec3549 code=0x0
[  565.947137][ T7446] usb 5-1: Using ep0 maxpacket: 16
[  566.074623][ T7446] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  566.085344][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  566.096957][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  566.106935][ T7446] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  566.117039][ T7446] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  566.224599][ T7446] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  566.237324][ T7446] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  566.246278][ T7446] usb 5-1: Manufacturer: syz
[  566.263811][ T7446] usb 5-1: config 0 descriptor??
[  566.603341][ T7446] rc_core: IR keymap rc-hauppauge not found
[  566.609463][ T7446] Registered IR keymap rc-empty
[  566.614881][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  566.687334][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  566.725077][ T7446] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  566.768692][ T7446] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input51
[  566.826274][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  566.862451][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  566.892303][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  566.922161][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  566.959518][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  566.992383][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  567.022509][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  567.057460][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  567.093654][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  567.122575][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  567.161150][ T7446] mceusb 5-1:0.0: Registered 
 with mce emulator interface version 1
[  567.170136][ T7446] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  567.189454][ T7446] usb 5-1: USB disconnect, device number 78
02:09:50 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000c40)={'wlan0\x00'})

02:09:50 executing program 0:
syz_read_part_table(0x0, 0x2, &(0x7f0000000600)=[{0x0, 0x0, 0xfffffffffffffffe}, {&(0x7f0000000380)}])

02:09:50 executing program 2:
openat$procfs(0xffffffffffffff9c, &(0x7f0000002200)='/proc/timer_list\x00', 0x0, 0x0)

02:09:50 executing program 3:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xfe, &(0x7f0000000280)="0ecaccf3113224a13ebc29c689540e16a107fc4226cf3315b4c00d4abaf699a2d836c9db9dc89ca281acb3b037d5bcac7cf0689b3fd7b62d77591f79e289e027c9dd3315998d318f6d5a4d705645f2826f5578f1046f598c300434d8c15f17d0047bd4bd69625deeff806e68fe310c34d27096593cd72e8e2f2ec400912defb8178379e0a590c30c8f18d0a46b1f83974534039d27c9a312c2c240b88195a9f36673a3e003ec58e3436dc8217d089f4c29b0d075d2a7a525da970fd16d2fc41b29b970be8b16caee42f91c631bd88726dfd67abd1802469ccf5a8b314470d66eb2dd414c6ba2d6f16bfc6d0eb4c0550c8984388f74ea4e012007ee55d6f8"}}], 0x1c)
wait4(0x0, 0x0, 0x80000000, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x17)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
r1 = gettid()
tkill(r1, 0x40)

02:09:50 executing program 5:
openat$nvram(0xffffffffffffff9c, &(0x7f00000008c0), 0x0, 0x0)

02:09:50 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x14, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0003040000000403"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:09:50 executing program 1:
syz_open_dev$dri(&(0x7f0000000740), 0x0, 0x200240)

02:09:50 executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$dri(&(0x7f00000006c0), 0x2, 0x0)
syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r0, &(0x7f0000000c00)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000bc0)={0x0}}, 0x0)

02:09:50 executing program 5:
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/cgroups\x00', 0x0, 0x0)

02:09:50 executing program 3:
clone(0x2102407ff3, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0x0, <r0=>0x0})
r1 = syz_open_procfs(0x0, &(0x7f0000000240)='ns\x00')
fchdir(r1)
r2 = socket$inet(0x2, 0x1, 0x0)
write$binfmt_elf64(r2, 0x0, 0xfc30)
wait4(0xffffffffffffffff, 0x0, 0x80000008, 0x0)
sendmmsg(r0, &(0x7f0000008600)=[{{0x0, 0x0, &(0x7f0000003140)}}, {{&(0x7f00000072c0)=@un=@file={0x1, './file0\x00'}, 0xa, &(0x7f0000007380), 0x0, &(0x7f0000000600)}}], 0x2, 0x0)

[  568.075029][T13346] loop0: detected capacity change from 0 to 264192
02:09:50 executing program 0:
syz_read_part_table(0x0, 0x2, &(0x7f0000000600)=[{0x0, 0x0, 0xfffffffffffffffe}, {&(0x7f0000000380)}])

02:09:51 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$BATADV_CMD_GET_VLAN(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={0x0}}, 0x0)
sendmsg$IPVS_CMD_NEW_SERVICE(r0, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={0x0}}, 0x0)

[  568.720716][ T2842] usb 5-1: new high-speed USB device number 79 using dummy_hcd
02:09:51 executing program 1:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000500), 0x101000, 0x0)

02:09:51 executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$FOU_CMD_GET(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14}, 0x14}}, 0x0)

[  568.988928][ T2842] usb 5-1: Using ep0 maxpacket: 16
02:09:51 executing program 3:
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000540)='/sys/module/hid', 0x10001, 0x0)

[  569.057718][T13366] loop0: detected capacity change from 0 to 264192
[  569.115837][ T2842] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  569.126883][ T2842] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  569.138432][ T2842] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  569.148547][ T2842] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  569.158535][ T2842] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
02:09:52 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_MPATH(r0, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f00000009c0)={0x28, 0x0, 0x174c75ca1c580d71, 0x0, 0x0, {{}, {@val={0x8}, @val={0xc}}}}, 0x28}}, 0x0)

[  569.574065][ T2842] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  569.583466][ T2842] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  569.592194][ T2842] usb 5-1: Manufacturer: syz
02:09:52 executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$BATADV_CMD_GET_VLAN(r0, &(0x7f0000000900)={0x0, 0x0, 0x0}, 0x0)

[  569.759990][ T2842] usb 5-1: config 0 descriptor??
[  570.222184][ T2842] rc_core: IR keymap rc-hauppauge not found
[  570.231617][ T2842] Registered IR keymap rc-empty
[  570.237467][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  570.327217][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  570.383012][ T2842] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  570.398072][ T2842] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input52
[  570.475356][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  570.513613][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  570.543452][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  570.572484][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  570.602438][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  570.632350][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  570.673026][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  570.702843][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  570.733707][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  570.786229][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  570.825462][ T2842] mceusb 5-1:0.0: Registered  with mce emulator interface version 1
[  570.834137][ T2842] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  571.043684][ T2842] usb 5-1: USB disconnect, device number 79
02:09:53 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x14, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0003040000000403"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:09:53 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$BATADV_CMD_GET_VLAN(r0, 0x0, 0x0)

02:09:53 executing program 0:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_SET_TX_POWER(r0, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000f80)={0x14, 0x0, 0x1}, 0x14}}, 0x0)

02:09:53 executing program 3:
select(0x40, &(0x7f0000000040), &(0x7f0000000080), 0x0, &(0x7f0000000100))

02:09:53 executing program 5:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x131, &(0x7f0000000280)="0ecaccf3113224a13ebc29c689540e16a107fc4226cf3315b4c00d4abaf699a2d836c9db9dc89ca281acb3b037d5bcac7cf0689b3fd7b62d77591f79e289e027c9dd3315998d318f6d5a4d705645f2826f5578f1046f598c300434d8c15f17d0047bd4bd69625deeff806e68fe310c34d27096593cd72e8e2f2ec400912defb8178379e0a590c30c8f18d0a46b1f83974534039d27c9a312c2c240b88195a9f36673a3e003ec58e3436dc8217d089f4c29b0d075d2a7a525da970fd16d2fc41b29b970be8b16caee42f91c631bd88726dfd67abd1802469ccf5a8b314470d66eb2dd414c6ba2d6f16bfc6d0eb4c0550c8984388f74ea4e012007ee55d6f8f64e2a43b1f98ccea9b91f800ceb8dee9ce7e983a5a4aed34f959f1a08e5c45999a07e5ad1ed0d96de0bf83a300598953a3a38"}}], 0x1c)
wait4(0x0, 0x0, 0x80000000, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x17)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
r1 = gettid()
tkill(r1, 0x40)

02:09:53 executing program 2:
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000300)='/sys/block/loop2', 0x0, 0x0)
sendmsg$BATADV_CMD_GET_BLA_CLAIM(r0, 0x0, 0x0)

02:09:54 executing program 1:
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/ipc\x00')

02:09:54 executing program 0:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x10e, &(0x7f0000000280)="0ecaccf3113224a13ebc29c689540e16a107fc4226cf3315b4c00d4abaf699a2d836c9db9dc89ca281acb3b037d5bcac7cf0689b3fd7b62d77591f79e289e027c9dd3315998d318f6d5a4d705645f2826f5578f1046f598c300434d8c15f17d0047bd4bd69625deeff806e68fe310c34d27096593cd72e8e2f2ec400912defb8178379e0a590c30c8f18d0a46b1f83974534039d27c9a312c2c240b88195a9f36673a3e003ec58e3436dc8217d089f4c29b0d075d2a7a525da970fd16d2fc41b29b970be8b16caee42f91c631bd88726dfd67abd1802469ccf5a8b314470d66eb2dd414c6ba2d6f16bfc6d0eb4c0550c8984388f74ea4e012007ee55d6f8f64e2a43b1f98ccea9b91f800ceb8dee"}}], 0x1c)
wait4(0x0, 0x0, 0x80000000, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x17)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
r1 = gettid()
tkill(r1, 0x40)

02:09:54 executing program 2:
openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/module/virtio_blk', 0x108300, 0x0)

02:09:54 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_SET_TX_POWER(r0, 0x0, 0x0)

02:09:54 executing program 3:
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000000)={@map, 0xffffffffffffffff, 0x0, 0x8}, 0x14)

[  572.413694][ T2842] usb 5-1: new high-speed USB device number 80 using dummy_hcd
02:09:55 executing program 5:
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000002340)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x2, [@int={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x34}]}}, &(0x7f0000001340)=""/4096, 0x2a, 0x1000, 0x1}, 0x20)

[  572.672262][ T2842] usb 5-1: Using ep0 maxpacket: 16
[  572.793044][ T2842] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  572.803915][ T2842] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  572.815466][ T2842] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  572.825373][ T2842] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  572.835286][ T2842] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  572.952476][ T2842] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  572.961965][ T2842] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  572.970127][ T2842] usb 5-1: Manufacturer: syz
[  573.060614][ T2842] usb 5-1: config 0 descriptor??
[  573.432209][ T2842] rc_core: IR keymap rc-hauppauge not found
[  573.438242][ T2842] Registered IR keymap rc-empty
[  573.444131][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  573.488488][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  573.524469][ T2842] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  573.539756][ T2842] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input53
[  573.601024][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  573.642600][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  573.682692][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  573.713359][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  573.743974][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  573.772926][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  573.814346][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  573.843113][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  573.872175][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  573.902216][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  573.938887][ T2842] mceusb 5-1:0.0: Registered  with mce emulator interface version 1
[  573.947372][ T2842] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  574.021422][ T2842] usb 5-1: USB disconnect, device number 80
02:09:56 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x14, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0003040000000403"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:09:56 executing program 1:
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x1d, 0x0, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)

02:09:56 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)=ANY=[], 0xe0}, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x2c2000, 0x0)
sendmsg$unix(r0, &(0x7f0000000f80)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[@rights={{0x14, 0x1, 0x1, [r2]}}], 0x18}, 0x0)

02:09:56 executing program 3:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)

02:09:56 executing program 2:
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000002a80)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, &(0x7f0000002b80)=""/202, 0x26, 0xca, 0x1}, 0x20)

02:09:56 executing program 5:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f00000007c0)={<r0=>0xffffffffffffffff})
sendmsg$tipc(r0, &(0x7f0000002a40)={0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f0000000840)='R', 0x1}, {&(0x7f0000000900)='-', 0x1}], 0x2}, 0x0)

02:09:57 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETCARRIER(r0, 0x400454e2, 0x0)

02:09:57 executing program 2:
bpf$MAP_CREATE(0x0, &(0x7f0000000400)={0x1b}, 0x40)

02:09:57 executing program 3:
bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x13, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x40)

02:09:57 executing program 5:
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000a80)={&(0x7f0000000800)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0x2, [@union={0x0, 0x1, 0x0, 0x5, 0x0, 0x0, [{0x20000008}]}, @datasec={0x0, 0x0, 0x0, 0xf, 0x1, [], "86"}, @datasec={0x0, 0x0, 0x0, 0xf, 0x3, [], "bf7b65"}]}}, &(0x7f0000000580)=""/244, 0x4e, 0xf4, 0x1}, 0x20)

[  575.481354][ T2842] usb 5-1: new high-speed USB device number 81 using dummy_hcd
02:09:58 executing program 1:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0xe0}, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000010780), 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000010780), 0x0, 0x0)
sendmsg$unix(r0, &(0x7f0000000f80)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[@rights={{0x14, 0x1, 0x1, [r2]}}], 0x18}, 0x0)

02:09:58 executing program 2:
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000027b80)={0x18, 0xd, &(0x7f0000027940)=@framed={{}, [@exit, @btf_id={0x18, 0x0, 0x3, 0x0, 0x1}, @ldst={0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, @alu={0x4, 0x0, 0xc, 0x1, 0x0, 0x2}, @map_val, @map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x33}, @func={0x85, 0x0, 0x1, 0x0, 0x5}]}, &(0x7f0000027a00)='GPL\x00', 0x7ff, 0x90, &(0x7f0000027a40)=""/144, 0x40f00, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)

[  575.743335][ T2842] usb 5-1: Using ep0 maxpacket: 16
[  575.874881][ T2842] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  575.885451][ T2842] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  575.897038][ T2842] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  575.907016][ T2842] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  575.917072][ T2842] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  576.105749][ T2842] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  576.115267][ T2842] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  576.124028][ T2842] usb 5-1: Manufacturer: syz
[  576.218975][ T2842] usb 5-1: config 0 descriptor??
[  576.420852][ T1201] ieee802154 phy0 wpan0: encryption failed: -22
[  576.427482][ T1201] ieee802154 phy1 wpan1: encryption failed: -22
[  576.602834][ T2842] rc_core: IR keymap rc-hauppauge not found
[  576.608855][ T2842] Registered IR keymap rc-empty
[  576.614673][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  576.688761][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  576.725494][ T2842] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  576.816058][ T2842] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input54
[  576.845044][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  576.891041][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  576.923325][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  576.953587][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  576.983328][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  577.023328][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  577.062944][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  577.092637][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  577.124059][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  577.152246][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  577.185089][ T2842] mceusb 5-1:0.0: Registered  with mce emulator interface version 1
[  577.196631][ T2842] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  577.250811][ T2842] usb 5-1: USB disconnect, device number 81
02:10:00 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
unlink(&(0x7f0000000180)='./file0\x00')

02:10:00 executing program 0:
bpf$OBJ_GET_PROG(0x7, &(0x7f0000003e40)={&(0x7f0000003e00)='./file0\x00'}, 0x10)

02:10:00 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x14, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="000304000000040301"], 0x0, 0x0}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:10:00 executing program 1:
perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)

02:10:00 executing program 3:
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000880)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmsg(r0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=[{0x18, 0x1, 0x1, "1f"}], 0x18}, 0x0)

02:10:00 executing program 2:
openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x48440, 0x0)

02:10:00 executing program 0:
perf_event_open$cgroup(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xbc7ed7a5305af213, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

02:10:00 executing program 3:
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000a80)={&(0x7f0000000800)={{0xeb9f, 0x1, 0x0, 0x18, 0x6000000, 0xc, 0xc, 0x2, [@union]}}, &(0x7f0000000580)=""/244, 0x26, 0xf4, 0x1}, 0x20)

02:10:00 executing program 5:
r0 = perf_event_open$cgroup(&(0x7f0000000080)={0x2, 0x80, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f0000000000)='(^(%[^}\x00')

02:10:00 executing program 2:
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000002a80)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@struct={0x0, 0x1, 0x0, 0x4, 0x0, 0x0, [{}]}]}}, &(0x7f0000002b80)=""/202, 0x32, 0xca, 0x1}, 0x20)

02:10:00 executing program 1:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0x100000, &(0x7f0000000080)=@framed={{}, [@jmp]}, &(0x7f00000000c0)='GPL\x00', 0x0, 0xb9, &(0x7f0000000100)=""/185, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)

02:10:01 executing program 0:
syz_open_procfs$namespace(0x0, &(0x7f0000004a80)='ns/pid\x00')

[  578.502325][ T8283] usb 5-1: new high-speed USB device number 82 using dummy_hcd
02:10:01 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000000740)={0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000400)="acec605da571e6c3afcf33780bba3f5488c93773f53d18d5989c0ba6da9244c30ba83c5f2fd0de29bf04126494842b67f15a8bb0a75de3d7b16d48c1be7fb0d285e5d515b6b700970c674316cce12b4dab57dd45c08326e2deba3069271c0ca5bcc1b4f275bf53360dd815fbdb395008", 0x70}, {&(0x7f00000000c0)="e8d29b79fc11d84974a3b4daee493132f1e8c3b6f52aa941bf7a4bebce6ad7f2fb36640145423ece39f3c2192dab5fd3f0ed44ab3e972603914c3d48353196255af54c0e168bd5b0d967dbc0ceb2980b4afefad2ef6ed236c715a8291ae3328447cdfba4f4f5c9f5feb2e3277adb5602b811d3807e0b7baf4693588f9d32226bd764ceaa2a869a9d4756d8a0c023cd9080aacdcb5cb72b54f79b0efc009c6ca09487b6ba1a15d79469bf690d3e20f82f183068c1be303542c04c446c0c13d8c6beefc889759e3d762f94d76aed4aa124ff7df26a70ac165283f68d3d3c8c11089818e0dde746ea649bb6ff43", 0xec}], 0x2}, 0x0)
recvmsg(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/8, 0x8}], 0x1}, 0x160)

[  578.752444][ T8283] usb 5-1: Using ep0 maxpacket: 16
[  578.883722][ T8283] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  578.894372][ T8283] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  578.905949][ T8283] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  578.916039][ T8283] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  578.926150][ T8283] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  579.284694][ T8283] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  579.294171][ T8283] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  579.302657][ T8283] usb 5-1: Manufacturer: syz
[  579.331112][ T8283] usb 5-1: config 0 descriptor??
[  579.703232][ T8283] rc_core: IR keymap rc-hauppauge not found
[  579.709263][ T8283] Registered IR keymap rc-empty
[  579.714655][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  579.759280][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  579.799707][ T8283] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  579.838558][ T8283] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input55
[  579.910200][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  579.943854][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  579.977859][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  580.015958][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  580.052504][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  580.092566][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  580.125633][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  580.172196][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  580.202336][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  580.236395][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  580.275542][ T8283] mceusb 5-1:0.0: Registered 
 with mce emulator interface version 1
[  580.283877][ T8283] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  580.355150][ T8283] usb 5-1: USB disconnect, device number 82
02:10:03 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x14, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="000304000000040301"], 0x0, 0x0}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:10:03 executing program 1:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x8003, &(0x7f0000000080)=@framed={{}, [@jmp={0x5, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffc0}]}, &(0x7f00000000c0)='GPL\x00', 0x3, 0xb9, &(0x7f0000000100)=""/185, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)

02:10:03 executing program 5:
perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

02:10:03 executing program 2:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=@framed={{}, [@jmp]}, &(0x7f0000000040)='GPL\x00', 0x4, 0xfd, &(0x7f0000000080)=""/253, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)

02:10:03 executing program 3:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000080)=@framed={{}, [@jmp={0x5, 0x0, 0x8}]}, &(0x7f00000000c0)='GPL\x00', 0x3, 0xb9, &(0x7f0000000100)=""/185, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)

02:10:03 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001740)={0x9, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000001c0)='GPL\x00', 0x0, 0x23, &(0x7f0000000200)=""/35, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)

02:10:03 executing program 2:
mount$bpf(0x1025ba957f0000, 0x0, 0x0, 0x0, 0x0)

02:10:03 executing program 5:
socketpair(0x25, 0x5, 0x2, &(0x7f0000002480))

02:10:03 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = gettid()
r2 = getpid()
sendmsg$unix(r0, &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000c40)=[@cred={{0x1c, 0x1, 0x2, {r1, 0xee01, 0xee00}}}, @cred={{0x1c, 0x1, 0x2, {r2}}}], 0x40}, 0x0)

02:10:03 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000000740)={0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000400)="acec605da571e6c3af", 0x9}], 0x1}, 0x0)
recvmsg(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000280)=[{0x0}, {&(0x7f00000001c0)=""/145, 0x91}], 0x2}, 0x0)

02:10:03 executing program 1:
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20000, 0x0)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
recvmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)

[  581.467931][ T7446] usb 5-1: new high-speed USB device number 83 using dummy_hcd
02:10:04 executing program 5:
openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000001e40)='devices.allow\x00', 0x2, 0x0)

[  581.752929][ T7446] usb 5-1: Using ep0 maxpacket: 16
[  581.874243][ T7446] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  581.885020][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  581.896600][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  581.906778][ T7446] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  581.916813][ T7446] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  582.007770][ T7446] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  582.017307][ T7446] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  582.025787][ T7446] usb 5-1: Manufacturer: syz
[  582.048705][ T7446] usb 5-1: config 0 descriptor??
[  582.382203][ T7446] rc_core: IR keymap rc-hauppauge not found
[  582.388524][ T7446] Registered IR keymap rc-empty
[  582.394294][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  582.432543][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  582.464737][ T7446] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  582.495321][ T7446] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input56
[  582.560715][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  582.593069][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  582.624885][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  582.662432][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  582.692712][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  582.728493][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  582.762150][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  582.855935][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  582.892636][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  582.922276][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  582.985039][ T7446] mceusb 5-1:0.0: Registered 
 with mce emulator interface version 1
[  582.993605][ T7446] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  583.085092][ T7446] usb 5-1: USB disconnect, device number 83
02:10:05 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x14, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="000304000000040301"], 0x0, 0x0}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:10:05 executing program 0:
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x10000)
ioctl$TUNSETGROUP(0xffffffffffffffff, 0x400454ce, 0x0)
ioctl$TUNGETDEVNETNS(0xffffffffffffffff, 0x54e3, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000027b80)={0x18, 0xb, &(0x7f0000027940)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x6}, [@exit, @ldst, @alu={0x4, 0x0, 0xc, 0x0, 0x7}, @generic={0x1f}, @map_val, @func={0x85, 0x0, 0x1, 0x0, 0x5}, @ldst={0x0, 0x2, 0x3, 0x0, 0x2, 0x4, 0xffffffffffffffff}]}, &(0x7f0000027a00)='GPL\x00', 0x7ff, 0x90, &(0x7f0000027a40)=""/144, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)

02:10:05 executing program 2:
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000003040)={&(0x7f0000002ec0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x5, [@typedef={0x3}]}, {0x0, [0x0, 0x0, 0x51]}}, &(0x7f0000002f40)=""/208, 0x29, 0xd0, 0x1}, 0x20)

02:10:05 executing program 3:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000015ac0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xca07562477ce1997, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)

02:10:05 executing program 1:
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000a80)={&(0x7f0000000800)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0x2, [@union={0x0, 0x1, 0x0, 0x5, 0x0, 0x0, [{0x2}]}, @datasec={0x0, 0x0, 0x0, 0xf, 0x1, [], "86"}, @datasec={0x0, 0x0, 0x0, 0xf, 0x3, [], "bf7b65"}]}}, &(0x7f0000000580)=""/244, 0x4e, 0xf4, 0x1}, 0x20)

02:10:05 executing program 5:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000027b80)={0x18, 0x3, &(0x7f0000027940)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffd}}, &(0x7f0000027a00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)

02:10:06 executing program 0:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x8, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$PROG_BIND_MAP(0x23, &(0x7f00000000c0)={r0}, 0xc)

02:10:06 executing program 3:
ioctl$TUNGETDEVNETNS(0xffffffffffffffff, 0x54e3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000027b80)={0x18, 0x4, &(0x7f0000027940)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, [@generic]}, &(0x7f0000027a00)='GPL\x00', 0x7ff, 0x90, &(0x7f0000027a40)=""/144, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000027b00)={0x0, 0x2}, 0x8, 0x10, 0x0}, 0x78)

02:10:06 executing program 5:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x8, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000000)={r0, 0x1}, 0xc)

02:10:06 executing program 2:
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000002400)={0x0, 0x0, 0x0, 0x0}, 0x38)

02:10:06 executing program 1:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000065c0)={0x18, 0x1, &(0x7f00000054c0)=@raw=[@alu], &(0x7f0000005500)='syzkaller\x00', 0x0, 0x1000, &(0x7f0000005540)=""/4096, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)

[  584.185532][ T7446] usb 5-1: new high-speed USB device number 84 using dummy_hcd
02:10:06 executing program 3:
bpf$MAP_UPDATE_BATCH(0x8, &(0x7f0000002400)={0x0, 0x0, 0x0, 0x0}, 0x38)

[  584.433497][ T7446] usb 5-1: Using ep0 maxpacket: 16
[  584.554660][ T7446] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  584.565155][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  584.576765][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  584.586757][ T7446] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  584.596777][ T7446] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  584.894803][ T7446] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  584.904322][ T7446] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  584.912726][ T7446] usb 5-1: Manufacturer: syz
[  584.986795][ T7446] usb 5-1: config 0 descriptor??
[  585.373322][ T7446] rc_core: IR keymap rc-hauppauge not found
[  585.379348][ T7446] Registered IR keymap rc-empty
[  585.384744][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  585.422761][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  585.454641][ T7446] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  585.507563][ T7446] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input57
[  585.549721][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  585.583661][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  585.633854][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  585.662706][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  585.693490][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  585.726397][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  585.763905][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  585.795718][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  585.832213][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  585.862414][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  585.902387][ T7446] mceusb 5-1:0.0: Registered 
 with mce emulator interface version 1
[  585.910625][ T7446] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  585.959644][ T7446] usb 5-1: USB disconnect, device number 84
02:10:09 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x14, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="000304000000040301"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:10:09 executing program 0:
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000a80)={&(0x7f0000000800)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x30, 0x30, 0x2, [@func_proto={0x0, 0x1, 0x0, 0xd, 0x0, [{0xc, 0x2}]}, @datasec={0x0, 0x0, 0x0, 0xf, 0x1, [], "86"}, @datasec={0x0, 0x0, 0x0, 0xf, 0x3, [], "bf7b65"}]}}, &(0x7f0000000580)=""/244, 0x4a, 0xf4, 0x1}, 0x20)

02:10:09 executing program 2:
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc4380, 0x0)

02:10:09 executing program 5:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x8, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x8, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)

02:10:09 executing program 1:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getpid()
sendmsg$unix(r0, &(0x7f0000000f80)={0x0, 0x0, 0x0}, 0x0)
close(r1)

02:10:09 executing program 3:
bpf$MAP_CREATE(0x0, &(0x7f00000015c0)={0x7, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x5, 0x1}, 0x40)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001fc0)=@bpf_ext={0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
syz_open_procfs$namespace(0x0, &(0x7f0000004a80)='ns/pid\x00')
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, 0x0, 0x0)

02:10:09 executing program 1:
socketpair(0x25, 0x5, 0x56, &(0x7f0000002480))

02:10:09 executing program 3:
bpf$MAP_UPDATE_BATCH(0x23, &(0x7f0000002400)={0x0, 0x0, 0x0, 0x0}, 0x38)

02:10:09 executing program 2:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x4, 0x3, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)

02:10:09 executing program 0:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)

02:10:09 executing program 5:
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, &(0x7f0000004d80)={0x0, 0x0, 0x0, 0x0}, 0x38)

[  587.652279][ T8283] usb 5-1: new high-speed USB device number 85 using dummy_hcd
[  587.916536][ T8283] usb 5-1: Using ep0 maxpacket: 16
02:10:10 executing program 3:
mkdir(&(0x7f0000000000)='./file0\x00', 0x55f52c0a951b85a7)

[  588.054192][ T8283] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  588.064672][ T8283] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  588.076259][ T8283] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  588.086229][ T8283] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  588.096179][ T8283] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  588.544846][ T8283] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  588.554769][ T8283] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  588.563119][ T8283] usb 5-1: Manufacturer: syz
[  588.769239][ T8283] usb 5-1: config 0 descriptor??
[  589.222028][ T8283] rc_core: IR keymap rc-hauppauge not found
[  589.228063][ T8283] Registered IR keymap rc-empty
[  589.233883][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  589.302256][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  589.333526][ T8283] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  589.348611][ T8283] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input58
[  589.419414][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  589.452878][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  589.482333][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  589.512335][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  589.552702][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  589.597027][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  589.632536][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  589.703098][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  589.744998][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  589.796521][ T8283] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  589.860352][ T8283] mceusb 5-1:0.0: Registered 
 with mce emulator interface version 1
[  589.868795][ T8283] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  590.010685][ T8283] usb 5-1: USB disconnect, device number 85
02:10:12 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x14, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="000304000000040301"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:10:12 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f0000001e40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x78)

02:10:12 executing program 0:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r0, &(0x7f0000001940)={0x0, 0x0, 0x0}, 0x0)
recvmsg$unix(r1, &(0x7f0000001600)={0x0, 0x0, &(0x7f0000001480)=[{&(0x7f0000000000)=""/173, 0xad}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, &(0x7f0000001640)=ANY=[], 0x90}, 0x0)

02:10:12 executing program 2:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
bind$inet(r0, &(0x7f0000000000)={0x10, 0x2}, 0x10)
connect$inet(r0, &(0x7f0000000900)={0x10, 0x2}, 0x10)
sendmsg(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f00000009c0)="fb1ef6bcc4abc44c5466fd04efa30c8d404f2ccebd9ebf5af85388be2821f051c7b5d7dfecc963ae9cb0506fba4f12930e90f5c2c87a92f65f45b9b2a0d15560d7aa9463b9856d5af20dad77851ae811971841835d5fb5ef205a30526c8413221b605d3ed7c25e46695a03d22be78cedacf9197f631965f53cbd00bd2fe922bfadae55d1619bcd06ff8bc2e226ddaf3282d26227fdcb63dc7f", 0x99}], 0x1}, 0x0)

02:10:12 executing program 5:
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
sendmsg(r0, &(0x7f00000006c0)={&(0x7f00000003c0)=@in6={0x1c, 0x1c, 0x2}, 0x1c, 0x0, 0x0, &(0x7f00000005c0)=ANY=[], 0xf0}, 0x0)

02:10:12 executing program 3:
r0 = socket(0x2, 0x3, 0x0)
getsockopt$inet_mreqn(r0, 0x0, 0x7, 0x0, &(0x7f0000000040))

02:10:13 executing program 5:
pipe2(&(0x7f00000003c0)={<r0=>0xffffffffffffffff}, 0x0)
getpeername(r0, 0x0, &(0x7f0000000100))

02:10:13 executing program 0:
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
recvmsg(r0, &(0x7f0000000380)={0x0, 0x1002, 0x0}, 0x83)

02:10:13 executing program 1:
r0 = socket$unix(0x1, 0x1, 0x0)
getsockopt$sock_int(r0, 0xffff, 0x1, 0x0, &(0x7f0000000480))

02:10:13 executing program 2:
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_opts(r0, 0x0, 0x200000000000c, &(0x7f0000000140)="e800f876223f800001000000", 0xc)
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_opts(r1, 0x0, 0x200000000000c, &(0x7f0000000140)="e000f876223f804001000000", 0xc)
dup2(r0, r1)

02:10:13 executing program 3:
getpid()
getsockopt$sock_cred(0xffffffffffffffff, 0xffff, 0x1022, 0x0, 0x0)

[  591.325197][ T2842] usb 5-1: new high-speed USB device number 86 using dummy_hcd
02:10:14 executing program 5:
connect(0xffffffffffffff9c, 0x0, 0x0)

[  591.582227][ T2842] usb 5-1: Using ep0 maxpacket: 16
[  591.739835][ T2842] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  591.750386][ T2842] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  591.762199][ T2842] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  591.772193][ T2842] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  591.782161][ T2842] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  592.204659][ T2842] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  592.214599][ T2842] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  592.222984][ T2842] usb 5-1: Manufacturer: syz
[  592.286251][ T2842] usb 5-1: config 0 descriptor??
[  592.647646][ T2842] rc_core: IR keymap rc-hauppauge not found
[  592.657615][ T2842] Registered IR keymap rc-empty
[  592.663420][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  592.702755][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  592.734417][ T2842] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  592.749574][ T2842] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input59
[  592.852692][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  592.910789][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  592.970895][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  593.028471][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  593.075241][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  593.112647][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  593.157943][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  593.192377][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  593.222930][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  593.252575][ T2842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  593.288181][ T2842] mceusb 5-1:0.0: Registered 
 with mce emulator interface version 1
[  593.296846][ T2842] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  593.345447][ T2842] usb 5-1: USB disconnect, device number 86
02:10:16 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x14, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="000304000000040301"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:10:16 executing program 0:
sendmsg$unix(0xffffffffffffff9c, 0x0, 0x0)

02:10:16 executing program 1:
pipe2(&(0x7f0000000000)={<r0=>0xffffffffffffffff}, 0x0)
recvfrom$inet6(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

02:10:16 executing program 2:
r0 = shmget(0x3, 0x3000, 0x0, &(0x7f0000ffd000/0x3000)=nil)
shmctl$SHM_LOCK(r0, 0x3)

02:10:16 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
setsockopt$sock_timeval(r0, 0xffff, 0x0, 0x0, 0x0)

02:10:16 executing program 5:
getsockname$inet6(0xffffffffffffff9c, 0x0, 0x0)

02:10:16 executing program 1:
syz_emit_ethernet(0x169, &(0x7f0000000440)={@remote, @local, @val, {@ipv6}}, 0x0)
r0 = msgget$private(0x0, 0x0)
r1 = msgget$private(0x0, 0xa0)
msgsnd(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="01000000000000002e1100b0df6d7fcf409def1a1fc1ed341c5533b89b0603ae37c860fe2c09c110ff00f47709d664539e1e381f35071f061ac0e16f328dca5d39656da02489672db6d19f37405111e97aa9984400000000000000b99730931041cfd6c2df99a9d60031c125814bb6ee11e303000000b33d0000000049e8c5692e654008369fae4a97ef248e1cd1f0ef5b1dd462fcf5fa3b57806356cdb615f058b0fed6706a4d152ed0cea438f8387c3440ba6ba9cc08452fc06250db61cf3bcacfe9d34b6a31de9d05a5615416a1494b33fcc83dfb7508e85ddaaeede21ae222dc0600000000000000d27e8a15b700000000000000000000000080000000cd846e9ea6030000006814a576b24813ddfa8130a04b4ad6d8791c698df63e5e23fa327326484829f3f7769669e3250281ccb84d770e0000034e0c84bcc6e7661742ee3cb4072c8730c89424d90f12263892bf810538d3ed9cd4830d410bc89a4da441f08e40dd2598b043c7bed00c2aeb601822d2f8f8c25d16c2c30a367750aacf31e834ce1ef0c13e7ff9cbf451e6607a2eb838d46418ad67464a99f985aa661a4767640b6e0b6942f404d1ee014388b7eb5f3da77c60a86c7a71f9c5676d19506e6697010018e283e8cc04c6be85c35de6035af307adc074db60105ffd324aa3561a973568db7b434e496961ee50b3b9ef87331b30d84918a617bdffe81730a76e5abe21f8864c3954eb28470dbfe7b5f214f522615028275328aac846fd24a72574f79a66f2b1fa53ae442b4c2e4b52a97610a5cc"], 0x44b, 0x800)
msgsnd(r0, &(0x7f0000000400)=ANY=[@ANYBLOB="025c000000000000ac145a7400000b"], 0xf, 0x0)
msgsnd(r1, 0x0, 0x4a4, 0x0)
msgctl$IPC_RMID(r0, 0x0)
msgget$private(0x0, 0x420)
r2 = getuid()
setreuid(0xee00, r2)
r3 = getuid()
r4 = msgget$private(0x0, 0xfffffffffffffffd)
msgrcv(r4, &(0x7f00000001c0)=ANY=[@ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000379cfd46000000000000000000000000000000000000000000000000000080000000000000000000eee10000000000000000000000000000000000000000000000000200000000000000000000000000e10f0000000000c433a74d76ca566936385f00"/229], 0xf5, 0x1, 0x0)
msgrcv(r4, &(0x7f0000000000)=ANY=[@ANYRESDEC=r3], 0x1024, 0x0, 0x1000)
msgsnd(r4, &(0x7f0000000c40)=ANY=[@ANYBLOB="01040000000000006a7715654efe871cafd76aa1f42cea9f4002eccfc71401377cad389c4f76700e21ea2cdcd9cd825e18cbc647000022c5d92cd672bf8af95a41ad28e68af18951239c57fb9ec635488cb9cdf45811b290efaf3c5d518de658356ce7888bc657021846619e637d97761a0476f6b0f1f4a14c6523e5fef1ea452fcd38aed8a4fce400fc7c831a7418f363bca3f999e1f5141a3898cc8d3f3f4bb04b731cb084542e16c2eb931a11c92b9877722265eba7f8ec5212bfc96c9017d3f1f5950f2778a9332a6ef5d465a8bf45859f98096837403c39fb94a4010000000000000032e9f09cc6b60efe3019c871e77e39eab0797c4745f7417153a85fbd1eae7234ca5a833671cde4de0caf5bcaea9da4822395e093946eeba13d657d7d075ab35c09b2faaa910fcedbaea66e00000000d631d26bc07aea019d5809000000000000000000009bed7b8ab2c205ba520f22d2"], 0x149, 0x0)

02:10:16 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
setsockopt$sock_timeval(r0, 0xffff, 0x1006, &(0x7f0000000040)={0x0, 0x9}, 0x10)

02:10:16 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
setsockopt$sock_timeval(r0, 0xffff, 0x1006, 0x0, 0x0)

02:10:16 executing program 3:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
connect$inet6(r0, 0x0, 0x0)

02:10:17 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0)
sched_setattr(0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10)
r4 = perf_event_open(&(0x7f0000000480)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r5 = dup2(r3, r4)
sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x70d7, 0x4, 0x8, 0x5, 0x7}, 0x0)
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r5, 0xc0506617, &(0x7f0000000300)={@id={0x2, 0x0, @a}, 0x40, 0x0, '\x00', @a})

02:10:17 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=@ipv6_getaddrlabel={0x30, 0x4a, 0x1, 0x0, 0x0, {0xa, 0x0, 0x80}, [@IFAL_ADDRESS={0x14, 0x1, @mcast2}]}, 0x30}}, 0x0)

[  594.753049][ T7446] usb 5-1: new high-speed USB device number 87 using dummy_hcd
[  595.002326][ T7446] usb 5-1: Using ep0 maxpacket: 16
[  595.132466][ T7446] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  595.143602][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  595.155183][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  595.165186][ T7446] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  595.175251][ T7446] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  595.427237][ T7446] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  595.437152][ T7446] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  595.445638][ T7446] usb 5-1: Manufacturer: syz
[  595.547173][ T7446] usb 5-1: config 0 descriptor??
[  595.982324][ T7446] rc_core: IR keymap rc-hauppauge not found
[  595.988349][ T7446] Registered IR keymap rc-empty
[  595.993887][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  596.031528][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  596.074486][ T7446] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  596.089582][ T7446] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input60
[  596.173782][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  596.202991][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  596.233428][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  596.278607][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  596.320453][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  596.352227][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  596.382528][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  596.412581][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  596.452596][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  596.516393][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  596.585656][ T7446] mceusb 5-1:0.0: Registered 
 with mce emulator interface version 1
[  596.594236][ T7446] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  596.723456][ T7446] usb 5-1: USB disconnect, device number 87
02:10:19 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
io_setup(0x8, &(0x7f0000000600)=<r2=>0x0)
pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
io_submit(r2, 0x1, &(0x7f0000000140)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x0, r3, 0x0}])
splice(r1, 0x0, r3, 0x0, 0x10000, 0x0)
write(r0, &(0x7f0000000300)="9a", 0x1)

02:10:19 executing program 3:
r0 = getpgid(0x0)
perf_event_open(&(0x7f0000000140)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50f, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0x0, 0xffffffffffffffff, 0x0)
pipe(&(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write$binfmt_misc(r2, &(0x7f0000000000)=ANY=[], 0x4240a543)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000500)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
recvfrom(r4, &(0x7f0000000040)=""/184, 0xffffffc9, 0x40012584, 0x0, 0xfffffe53)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
splice(r1, 0x0, r3, 0x0, 0x6cc253fb, 0x0)

02:10:19 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x14, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="000304000000040301"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(0xffffffffffffffff, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

02:10:19 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
sched_setattr(r0, &(0x7f0000000080)={0x38, 0x3, 0x10000009, 0x4, 0x101, 0x40}, 0x0)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000000)='bridge0\x00', 0x10)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000005c0)=@filter={'filter\x00', 0x42, 0x4, 0x260, 0xffffffff, 0x1c8, 0x98, 0x0, 0xffffffff, 0xffffffff, 0x1c8, 0x1c8, 0x1c8, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x0, 0x70, 0x98}, @REJECT={0x28}}, {{@ip={@rand_addr, @multicast2, 0x0, 0x0, 'veth1_macvtap\x00', 'ip6_vti0\x00', {}, {}, 0x6}, 0x0, 0x70, 0x98}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x7}}}, {{@uncond, 0x0, 0x70, 0x98}, @REJECT={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2c0)

02:10:19 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0)
sched_setattr(0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10)
r4 = perf_event_open(&(0x7f0000000480)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r5 = dup2(r3, r4)
sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x70d7, 0x4, 0x8, 0x5, 0x7}, 0x0)
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r5, 0xc0506617, &(0x7f0000000300)={@id={0x2, 0x0, @a}, 0x40, 0x0, '\x00', @a})

02:10:19 executing program 1:
syz_emit_ethernet(0x169, &(0x7f0000000440)={@remote, @local, @val, {@ipv6}}, 0x0)
r0 = msgget$private(0x0, 0x0)
r1 = msgget$private(0x0, 0xa0)
msgsnd(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="01000000000000002e1100b0df6d7fcf409def1a1fc1ed341c5533b89b0603ae37c860fe2c09c110ff00f47709d664539e1e381f35071f061ac0e16f328dca5d39656da02489672db6d19f37405111e97aa9984400000000000000b99730931041cfd6c2df99a9d60031c125814bb6ee11e303000000b33d0000000049e8c5692e654008369fae4a97ef248e1cd1f0ef5b1dd462fcf5fa3b57806356cdb615f058b0fed6706a4d152ed0cea438f8387c3440ba6ba9cc08452fc06250db61cf3bcacfe9d34b6a31de9d05a5615416a1494b33fcc83dfb7508e85ddaaeede21ae222dc0600000000000000d27e8a15b700000000000000000000000080000000cd846e9ea6030000006814a576b24813ddfa8130a04b4ad6d8791c698df63e5e23fa327326484829f3f7769669e3250281ccb84d770e0000034e0c84bcc6e7661742ee3cb4072c8730c89424d90f12263892bf810538d3ed9cd4830d410bc89a4da441f08e40dd2598b043c7bed00c2aeb601822d2f8f8c25d16c2c30a367750aacf31e834ce1ef0c13e7ff9cbf451e6607a2eb838d46418ad67464a99f985aa661a4767640b6e0b6942f404d1ee014388b7eb5f3da77c60a86c7a71f9c5676d19506e6697010018e283e8cc04c6be85c35de6035af307adc074db60105ffd324aa3561a973568db7b434e496961ee50b3b9ef87331b30d84918a617bdffe81730a76e5abe21f8864c3954eb28470dbfe7b5f214f522615028275328aac846fd24a72574f79a66f2b1fa53ae442b4c2e4b52a97610a5cc"], 0x44b, 0x800)
msgsnd(r0, &(0x7f0000000400)=ANY=[@ANYBLOB="025c000000000000ac145a7400000b"], 0xf, 0x0)
msgsnd(r1, 0x0, 0x4a4, 0x0)
msgctl$IPC_RMID(r0, 0x0)
msgget$private(0x0, 0x420)
r2 = getuid()
setreuid(0xee00, r2)
r3 = getuid()
r4 = msgget$private(0x0, 0xfffffffffffffffd)
msgrcv(r4, &(0x7f00000001c0)=ANY=[@ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000379cfd46000000000000000000000000000000000000000000000000000080000000000000000000eee10000000000000000000000000000000000000000000000000200000000000000000000000000e10f0000000000c433a74d76ca566936385f00"/229], 0xf5, 0x1, 0x0)
msgrcv(r4, &(0x7f0000000000)=ANY=[@ANYRESDEC=r3], 0x1024, 0x0, 0x1000)
msgsnd(r4, &(0x7f0000000c40)=ANY=[@ANYBLOB="01040000000000006a7715654efe871cafd76aa1f42cea9f4002eccfc71401377cad389c4f76700e21ea2cdcd9cd825e18cbc647000022c5d92cd672bf8af95a41ad28e68af18951239c57fb9ec635488cb9cdf45811b290efaf3c5d518de658356ce7888bc657021846619e637d97761a0476f6b0f1f4a14c6523e5fef1ea452fcd38aed8a4fce400fc7c831a7418f363bca3f999e1f5141a3898cc8d3f3f4bb04b731cb084542e16c2eb931a11c92b9877722265eba7f8ec5212bfc96c9017d3f1f5950f2778a9332a6ef5d465a8bf45859f98096837403c39fb94a4010000000000000032e9f09cc6b60efe3019c871e77e39eab0797c4745f7417153a85fbd1eae7234ca5a833671cde4de0caf5bcaea9da4822395e093946eeba13d657d7d075ab35c09b2faaa910fcedbaea66e00000000d631d26bc07aea019d5809000000000000000000009bed7b8ab2c205ba520f22d2"], 0x149, 0x0)

02:10:20 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)={0x28, r1, 0x1, 0x0, 0x0, {0x15}, [@TIPC_NLA_BEARER={0x4, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x28}}, 0x0)

[  597.942379][ T7446] usb 5-1: new high-speed USB device number 88 using dummy_hcd
[  598.132194][T13861] netlink: 9 bytes leftover after parsing attributes in process `syz-executor.0'.
[  598.183734][ T7446] usb 5-1: Using ep0 maxpacket: 16
02:10:20 executing program 3:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000003702000020febfff6a0af0fff8fffff769a4f0ff00000000b70600001218d1fe2d640500000000007504020000ffffffdc0a000040000000b704000010000020720700fe00000000850000002f000000b70000000a00000095000000000000006458c2c62fca868f0399d909a63396c113940c19aab9d607000000cb3924b6b14809000000253730e711f5969f62c28b22edf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa8a23f1740637c48468766af54043000000ec44631ac2622cdcae18c3d14bfbe96dd87235b44174f7c034318508f49f09781dc7a2cfbb9a0f119e31975f551558055dc2dc2739e2e735d0ab961dac07f4f6d8aa1c3f16765d427c0e01000000f74c16737d50d2a44eacf2b734b0289c7a3a16eeca71296746681dd1046a36bf61af491e4fa734318e0d72b8dbbc2b2b869af2f87903000000b6ecc7de09a2257e908cd92e664fa7aba7f07474863333fba3eadd8efbd5dae6c024585d972b1bf8c4e872bba38160be9e92b6ddb90fc51b894917b50876b5708e64e70f7d8225da90ce9bc019084873ed07c0c59c4ba053fe77e0d37ccc3318da2e9fefaf025527e734ed1de5d11e3f56ca3b03dc121086071d1f26821a428d28eefa22ead6a3dab9388da53263b81ebe6be197a48a63440000a356240c4e2df57457000100000000000000000000008d2516510b29804b3cc034c19cef0c773f01064709edd63a185cbab8456c25283b9514b220fe401503ff536478088eb9fd932a0703a7bf9ea40429b2d49177824f210a69f8e5227fd32e7d5a2c7ecf57ac64509224b52e746d631637e596e5a55d2c805bf725b9d14756c8cfa292aae07f7c5b91de7bfe232d872866cf9fe063317741a0db9081d4393a7f9bcc0917d60a11b4a9ece831660ce625de441cef915eba31255d163f7033045ceb97f8ea006efc5b84f75ca1fb74c9faef444eb12f46b435de87feb2f7f2d7fb659395e4b38178b5c67e6ac100000000000000001b2e77bd5de136fa1bec1a26c622bb9662d9ee70147acc5605aa2318855cb8b918000000c5f265dcb5dce05f94ea051c4e8dcdf37d01ad7aff64f84ce32b841c799f47c294fe9b23ce9725285fc50f1dd3f5e264023082eed752704c1f598151aa7d29a74777d1f658f50c27b60198770ff8ebef9df1b750d56d4d195ad7a267c46b3ed33b5bca13cafc304dc6da78d20f029742d8d2f36acfdd331081ca00c1d5c8b7bed2ef603d6e7f1764246aab2d7d531559a971939a038055ac28625ec837f824ff537cd67993a3589be73a18680da50287b9e962b1a0235c290346a21ca5de55c49c78e411c791617000ef8df75411a5d30000000000000000000000004deb8d49806823655735bd6deb49edb2e42f4ed9e6e9080366660b847bf03c145f6796921d26dcf29e9a6c808459e82cbb0000000000"], &(0x7f0000000280)='GPL\x00'}, 0x48)

[  598.209122][T13862] netlink: 9 bytes leftover after parsing attributes in process `syz-executor.0'.
[  598.303542][ T7446] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  598.314252][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  598.325815][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  598.335787][ T7446] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
02:10:20 executing program 5:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000caefb8)={0x8, 0x3, &(0x7f0000001640)=ANY=[@ANYBLOB="850000006100000054000000000000009500000000000000ef0285b72eae795b11ad261777db751896c5df696334e2d836395560230500ef286f21c974d520c247fd200861e50b2dd5e5f6b23909a23ee27007dae2a0fd08dbf92809a931196df3be84781f7ecafa0a4bcf7e01a23999fdfb4b490f6cfe5edf3850576acb265f56d62ee288a85dfe7c79e969b738dbc61171dfd8f5e33fbf1ee05bc5bdeb164dc2458455e3ba438c9109dd001ad93df3fc235bed50ffce5ea79cfc8cf7d53a031691362ba21394bd614ec41f636ec0e299e370f5630dcfab526519a36f963679457241bc05a307f8be0c828a43ed21ecdd1ee2b9b7ae315e5b515c71c39bf4b45f5e3f7cd3f6404fc93cf55949f0c3a7b87f86120153725784e98975e8617ffc7e8cc497f437853d9c04b195fa52848dd1555796b3cdf2527d7929631cca05e27c28566d2c47699bc6c3f5f766c3cb8cd6a4a46895dc5b44d224a0b3c2ca8087486aead10034d94d32ad677b28b10ed58f8de2d5a8d25c7cae49ba35be16888ea8da622daf5f0f02d9c08752113ab1ec6bde50940e9bf33f91a6c5056aabc04eedfeb6535540e5c027ffac3d4df6589cb47171bfbb564a2350564f4bdbcf4e048f2b34570d5ef2bb8e9274d5d40af156b5602fcf668a2b5ee01bb49b0afe0c774b562378fc3dbf8be42828b4cb3d6cf6930f5c4c71563e4eb0d341dc742bdb802b498fef8490b52ad16e1308000000ef3ffba81085ce4a028c7af46774b391e2124fcd93ff05c21ad0da384ff0017957481ee790b301e3e817c3b651bb99090189eed2862f89e6b5ca8e62a5f5ff0dc6ed83392fd551d0eedc491b3df83509d2fa1023eb77b8a13de09e22a7f19088bcbd8f47ad5a964ab6bbb94784d31b397229ae3fb66ffe0e9913d32301c844e58fd43db6b3693b404e0000000000000000"], &(0x7f0000281ffc)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x185}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000200)="e8", 0x0}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000200)={r0, 0xc0, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)

[  598.345824][ T7446] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
02:10:21 executing program 1:
syz_emit_ethernet(0x169, &(0x7f0000000440)={@remote, @local, @val, {@ipv6}}, 0x0)
r0 = msgget$private(0x0, 0x0)
r1 = msgget$private(0x0, 0xa0)
msgsnd(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="01000000000000002e1100b0df6d7fcf409def1a1fc1ed341c5533b89b0603ae37c860fe2c09c110ff00f47709d664539e1e381f35071f061ac0e16f328dca5d39656da02489672db6d19f37405111e97aa9984400000000000000b99730931041cfd6c2df99a9d60031c125814bb6ee11e303000000b33d0000000049e8c5692e654008369fae4a97ef248e1cd1f0ef5b1dd462fcf5fa3b57806356cdb615f058b0fed6706a4d152ed0cea438f8387c3440ba6ba9cc08452fc06250db61cf3bcacfe9d34b6a31de9d05a5615416a1494b33fcc83dfb7508e85ddaaeede21ae222dc0600000000000000d27e8a15b700000000000000000000000080000000cd846e9ea6030000006814a576b24813ddfa8130a04b4ad6d8791c698df63e5e23fa327326484829f3f7769669e3250281ccb84d770e0000034e0c84bcc6e7661742ee3cb4072c8730c89424d90f12263892bf810538d3ed9cd4830d410bc89a4da441f08e40dd2598b043c7bed00c2aeb601822d2f8f8c25d16c2c30a367750aacf31e834ce1ef0c13e7ff9cbf451e6607a2eb838d46418ad67464a99f985aa661a4767640b6e0b6942f404d1ee014388b7eb5f3da77c60a86c7a71f9c5676d19506e6697010018e283e8cc04c6be85c35de6035af307adc074db60105ffd324aa3561a973568db7b434e496961ee50b3b9ef87331b30d84918a617bdffe81730a76e5abe21f8864c3954eb28470dbfe7b5f214f522615028275328aac846fd24a72574f79a66f2b1fa53ae442b4c2e4b52a97610a5cc"], 0x44b, 0x800)
msgsnd(r0, &(0x7f0000000400)=ANY=[@ANYBLOB="025c000000000000ac145a7400000b"], 0xf, 0x0)
msgsnd(r1, 0x0, 0x4a4, 0x0)
msgctl$IPC_RMID(r0, 0x0)
msgget$private(0x0, 0x420)
r2 = getuid()
setreuid(0xee00, r2)
r3 = getuid()
r4 = msgget$private(0x0, 0xfffffffffffffffd)
msgrcv(r4, &(0x7f00000001c0)=ANY=[@ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000379cfd46000000000000000000000000000000000000000000000000000080000000000000000000eee10000000000000000000000000000000000000000000000000200000000000000000000000000e10f0000000000c433a74d76ca566936385f00"/229], 0xf5, 0x1, 0x0)
msgrcv(r4, &(0x7f0000000000)=ANY=[@ANYRESDEC=r3], 0x1024, 0x0, 0x1000)
msgsnd(r4, &(0x7f0000000c40)=ANY=[@ANYBLOB="01040000000000006a7715654efe871cafd76aa1f42cea9f4002eccfc71401377cad389c4f76700e21ea2cdcd9cd825e18cbc647000022c5d92cd672bf8af95a41ad28e68af18951239c57fb9ec635488cb9cdf45811b290efaf3c5d518de658356ce7888bc657021846619e637d97761a0476f6b0f1f4a14c6523e5fef1ea452fcd38aed8a4fce400fc7c831a7418f363bca3f999e1f5141a3898cc8d3f3f4bb04b731cb084542e16c2eb931a11c92b9877722265eba7f8ec5212bfc96c9017d3f1f5950f2778a9332a6ef5d465a8bf45859f98096837403c39fb94a4010000000000000032e9f09cc6b60efe3019c871e77e39eab0797c4745f7417153a85fbd1eae7234ca5a833671cde4de0caf5bcaea9da4822395e093946eeba13d657d7d075ab35c09b2faaa910fcedbaea66e00000000d631d26bc07aea019d5809000000000000000000009bed7b8ab2c205ba520f22d2"], 0x149, 0x0)

02:10:21 executing program 0:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=@newsa={0x23c, 0x10, 0x713, 0x0, 0x0, {{@in=@remote, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, {@in6=@private0, 0x0, 0x32}, @in=@multicast2, {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @algo_auth_trunc={0x104, 0x14, {{'md5\x00'}, 0x5c0, 0x0, "c085301b2d1f505edcf5d387e33f41b0faf33dee478a6c6a318ad2469e85a89ec51483a30e7df2c1fbf7082d2d40ef525efe998987ab9d3a9c331049aec8af3ad5a0fb4b2300939c541488ff1edbadcb187779600ab2b2551b30401daaa842cfbe26e64ce3470c0842f46a7c13212692e4ae5f4c9c5cb89f8da144b5ba3ecd633b7ef9a9989759f0a8fe86cac46ac708af29b4c5893712ab99dba20820a5a4ee9c12b45f716023fdd8c093d437ef8f01d17b0c9be2698b24"}}]}, 0x23c}}, 0x0)

[  598.669168][ T7446] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  598.678549][ T7446] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  598.687006][ T7446] usb 5-1: Manufacturer: syz
[  598.788124][T13851] not chained 10000 origins
[  598.792782][T13851] CPU: 1 PID: 13851 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0
[  598.801594][T13851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  598.811679][T13851] Call Trace:
[  598.814979][T13851]  <TASK>
[  598.817924][T13851]  dump_stack_lvl+0x1ff/0x28e
[  598.822652][T13851]  dump_stack+0x25/0x28
[  598.826844][T13851]  kmsan_internal_chain_origin+0x7a/0x110
[  598.832712][T13851]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  598.838836][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  598.844001][T13851]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  598.849866][T13851]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  598.855532][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  598.860699][T13851]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  598.866568][T13851]  ? should_fail+0x75/0x9c0
[  598.871232][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  598.876406][T13851]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  598.882706][T13851]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  598.888833][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  598.893992][T13851]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  598.899848][T13851]  __msan_chain_origin+0xbf/0x140
[  598.904919][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  598.910196][T13851]  get_compat_msghdr+0x108/0x2c0
[  598.915176][T13851]  ? __sys_recvmmsg+0x51c/0x6f0
[  598.920106][T13851]  do_recvmmsg+0x1063/0x2120
[  598.924721][T13851]  ? psi_group_change+0x10fa/0x1630
[  598.930027][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  598.935192][T13851]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  598.941046][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  598.946203][T13851]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  598.952500][T13851]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  598.959056][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  598.963774][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  598.970177][T13851]  __do_fast_syscall_32+0x96/0xf0
[  598.975243][T13851]  do_fast_syscall_32+0x34/0x70
[  598.980134][T13851]  do_SYSENTER_32+0x1b/0x20
[  598.984669][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  598.991098][T13851] RIP: 0023:0xf6e8f549
[  598.995201][T13851] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  599.014844][T13851] RSP: 002b:00000000f5e685fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  599.023287][T13851] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  599.031280][T13851] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  599.039267][T13851] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  599.047252][T13851] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  599.055238][T13851] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  599.063253][T13851]  </TASK>
[  599.070408][T13851] Uninit was stored to memory at:
[  599.076071][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  599.081233][T13851]  get_compat_msghdr+0x108/0x2c0
[  599.086342][T13851]  do_recvmmsg+0x1063/0x2120
[  599.090968][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  599.095849][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  599.102408][T13851]  __do_fast_syscall_32+0x96/0xf0
[  599.107507][T13851]  do_fast_syscall_32+0x34/0x70
[  599.112603][T13851]  do_SYSENTER_32+0x1b/0x20
[  599.117151][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  599.123676][T13851] 
[  599.126007][T13851] Uninit was stored to memory at:
[  599.131099][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  599.136448][T13851]  get_compat_msghdr+0x108/0x2c0
[  599.141431][T13851]  do_recvmmsg+0x1063/0x2120
[  599.146240][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  599.150955][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  599.157526][T13851]  __do_fast_syscall_32+0x96/0xf0
[  599.162833][T13851]  do_fast_syscall_32+0x34/0x70
[  599.167748][T13851]  do_SYSENTER_32+0x1b/0x20
[  599.172528][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  599.178940][T13851] 
[  599.181271][T13851] Uninit was stored to memory at:
[  599.186567][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  599.191916][T13851]  get_compat_msghdr+0x108/0x2c0
[  599.196906][T13851]  do_recvmmsg+0x1063/0x2120
[  599.201531][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  599.206431][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  599.212996][T13851]  __do_fast_syscall_32+0x96/0xf0
[  599.218072][T13851]  do_fast_syscall_32+0x34/0x70
[  599.223082][T13851]  do_SYSENTER_32+0x1b/0x20
[  599.227633][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  599.234549][T13851] 
[  599.236888][T13851] Uninit was stored to memory at:
[  599.242169][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  599.247353][T13851]  get_compat_msghdr+0x108/0x2c0
[  599.252537][T13851]  do_recvmmsg+0x1063/0x2120
[  599.257173][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  599.262138][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  599.268528][T13851]  __do_fast_syscall_32+0x96/0xf0
[  599.273790][T13851]  do_fast_syscall_32+0x34/0x70
[  599.278689][T13851]  do_SYSENTER_32+0x1b/0x20
[  599.283448][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  599.289867][T13851] 
[  599.292372][T13851] Uninit was stored to memory at:
[  599.297465][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  599.302815][T13851]  get_compat_msghdr+0x108/0x2c0
[  599.307802][T13851]  do_recvmmsg+0x1063/0x2120
[  599.312612][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  599.317329][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  599.323919][T13851]  __do_fast_syscall_32+0x96/0xf0
[  599.328996][T13851]  do_fast_syscall_32+0x34/0x70
[  599.334187][T13851]  do_SYSENTER_32+0x1b/0x20
[  599.338743][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  599.345303][T13851] 
[  599.347650][T13851] Uninit was stored to memory at:
[  599.352931][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  599.358090][T13851]  get_compat_msghdr+0x108/0x2c0
[  599.363266][T13851]  do_recvmmsg+0x1063/0x2120
[  599.367897][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  599.372794][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  599.379179][T13851]  __do_fast_syscall_32+0x96/0xf0
[  599.384464][T13851]  do_fast_syscall_32+0x34/0x70
[  599.389370][T13851]  do_SYSENTER_32+0x1b/0x20
[  599.394113][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  599.400495][T13851] 
[  599.401574][T13870] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  599.403000][T13851] Uninit was stored to memory at:
[  599.403077][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  599.403132][T13851]  get_compat_msghdr+0x108/0x2c0
[  599.403183][T13851]  do_recvmmsg+0x1063/0x2120
[  599.403222][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  599.403262][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  599.403321][T13851]  __do_fast_syscall_32+0x96/0xf0
[  599.403371][T13851]  do_fast_syscall_32+0x34/0x70
[  599.453680][T13851]  do_SYSENTER_32+0x1b/0x20
[  599.458234][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  599.464804][T13851] 
[  599.467143][T13851] Local variable msg_sys created at:
[  599.472615][T13851]  do_recvmmsg+0xc1/0x2120
[  599.477073][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  599.559388][ T7446] usb 5-1: config 0 descriptor??
02:10:22 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0)
pipe(&(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000480)="b0a3cdef47f59ec515de0fcb5dfc761cf7120c4312b2054efdc0cf574f65329a05d03a24674b1d94d072b4bd702c576dc1d6e4fef97bdd899d359dadcfe32ba24fb1e152533e4df2c20324dda85d95c102000000d81d2b9bea7f9e468b3da19d62e9913b2f7cd488de25886811470818af91afd3bce1422670d6f2d054d8b16374e3617a22b1c70e7e3104b814e24e6e7b62256ae8faaae5f59f840c029418a34c", 0xffffff47)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
mkdir(&(0x7f0000000540)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
symlink(&(0x7f0000000140)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//../file0\x00', &(0x7f00000003c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//../file0\x00')
creat(&(0x7f0000000080)='./file1\x00', 0x124)
sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000001340)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x78}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
truncate(&(0x7f0000000240)='./file0\x00', 0xc)
unlink(&(0x7f0000000040)='./file0\x00')
open(&(0x7f00000000c0)='./file0\x00', 0x3fd, 0x0)

[  600.022428][ T7446] rc_core: IR keymap rc-hauppauge not found
[  600.033377][ T7446] Registered IR keymap rc-empty
[  600.038653][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  600.122816][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  600.179476][ T7446] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  600.194590][ T7446] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input61
02:10:22 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
setrlimit(0xc, &(0x7f0000000100)={0x3, 0xd3})
r0 = getpid()
capget(0x0, &(0x7f0000000500))
sched_setattr(r0, &(0x7f00000000c0)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
sched_setattr(0x0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5, 0xfffffffffffffffc, 0x0, 0x0, 0x2}, 0x0)
ftruncate(r3, 0x800)
lseek(r3, 0x200, 0x0)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x4000, 0x0)
sendfile(r3, r4, 0x0, 0x8400fffffffa)
creat(&(0x7f0000000080)='./bus\x00', 0x0)
sched_setattr(r0, &(0x7f0000000180)={0x38, 0x0, 0x10000007, 0x3, 0x800, 0x1f, 0x7fff, 0x2, 0x7f, 0xfffffff7}, 0x0)

[  600.446189][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  600.491649][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  600.526589][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:10:23 executing program 1:
syz_emit_ethernet(0x169, &(0x7f0000000440)={@remote, @local, @val, {@ipv6}}, 0x0)
r0 = msgget$private(0x0, 0x0)
r1 = msgget$private(0x0, 0xa0)
msgsnd(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="01000000000000002e1100b0df6d7fcf409def1a1fc1ed341c5533b89b0603ae37c860fe2c09c110ff00f47709d664539e1e381f35071f061ac0e16f328dca5d39656da02489672db6d19f37405111e97aa9984400000000000000b99730931041cfd6c2df99a9d60031c125814bb6ee11e303000000b33d0000000049e8c5692e654008369fae4a97ef248e1cd1f0ef5b1dd462fcf5fa3b57806356cdb615f058b0fed6706a4d152ed0cea438f8387c3440ba6ba9cc08452fc06250db61cf3bcacfe9d34b6a31de9d05a5615416a1494b33fcc83dfb7508e85ddaaeede21ae222dc0600000000000000d27e8a15b700000000000000000000000080000000cd846e9ea6030000006814a576b24813ddfa8130a04b4ad6d8791c698df63e5e23fa327326484829f3f7769669e3250281ccb84d770e0000034e0c84bcc6e7661742ee3cb4072c8730c89424d90f12263892bf810538d3ed9cd4830d410bc89a4da441f08e40dd2598b043c7bed00c2aeb601822d2f8f8c25d16c2c30a367750aacf31e834ce1ef0c13e7ff9cbf451e6607a2eb838d46418ad67464a99f985aa661a4767640b6e0b6942f404d1ee014388b7eb5f3da77c60a86c7a71f9c5676d19506e6697010018e283e8cc04c6be85c35de6035af307adc074db60105ffd324aa3561a973568db7b434e496961ee50b3b9ef87331b30d84918a617bdffe81730a76e5abe21f8864c3954eb28470dbfe7b5f214f522615028275328aac846fd24a72574f79a66f2b1fa53ae442b4c2e4b52a97610a5cc"], 0x44b, 0x800)
msgsnd(r0, &(0x7f0000000400)=ANY=[@ANYBLOB="025c000000000000ac145a7400000b"], 0xf, 0x0)
msgsnd(r1, 0x0, 0x4a4, 0x0)
msgctl$IPC_RMID(r0, 0x0)
msgget$private(0x0, 0x420)
r2 = getuid()
setreuid(0xee00, r2)
r3 = getuid()
r4 = msgget$private(0x0, 0xfffffffffffffffd)
msgrcv(r4, &(0x7f00000001c0)=ANY=[@ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000379cfd46000000000000000000000000000000000000000000000000000080000000000000000000eee10000000000000000000000000000000000000000000000000200000000000000000000000000e10f0000000000c433a74d76ca566936385f00"/229], 0xf5, 0x1, 0x0)
msgrcv(r4, &(0x7f0000000000)=ANY=[@ANYRESDEC=r3], 0x1024, 0x0, 0x1000)
msgsnd(r4, &(0x7f0000000c40)=ANY=[@ANYBLOB="01040000000000006a7715654efe871cafd76aa1f42cea9f4002eccfc71401377cad389c4f76700e21ea2cdcd9cd825e18cbc647000022c5d92cd672bf8af95a41ad28e68af18951239c57fb9ec635488cb9cdf45811b290efaf3c5d518de658356ce7888bc657021846619e637d97761a0476f6b0f1f4a14c6523e5fef1ea452fcd38aed8a4fce400fc7c831a7418f363bca3f999e1f5141a3898cc8d3f3f4bb04b731cb084542e16c2eb931a11c92b9877722265eba7f8ec5212bfc96c9017d3f1f5950f2778a9332a6ef5d465a8bf45859f98096837403c39fb94a4010000000000000032e9f09cc6b60efe3019c871e77e39eab0797c4745f7417153a85fbd1eae7234ca5a833671cde4de0caf5bcaea9da4822395e093946eeba13d657d7d075ab35c09b2faaa910fcedbaea66e00000000d631d26bc07aea019d5809000000000000000000009bed7b8ab2c205ba520f22d2"], 0x149, 0x0)

02:10:23 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x14, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="000304000000040301"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(0xffffffffffffffff, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

[  600.586343][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  600.684631][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:10:23 executing program 3:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000700)=@mangle={'mangle\x00', 0x64, 0x6, 0x620, 0x2f8, 0x1b8, 0xd0, 0xc2020000, 0x1b8, 0x550, 0x550, 0x550, 0x550, 0x550, 0x6, 0x0, {[{{@ipv6={@private1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], [], 'tunl0\x00', 'xfrm0\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@MARK={0x28}}, {{@ipv6={@mcast1, @local, [], [], 'macvtap0\x00', 'ip6tnl0\x00'}, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv6=@local}}}, {{@uncond, 0x0, 0xf8, 0x140, 0x0, {}, [@common=@icmp6={{0x28}, {0x0, "ef0d"}}, @inet=@rpfilter={{0x28}}]}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @ipv4=@private}}}, {{@uncond, 0x0, 0xd8, 0x100, 0x0, {}, [@common=@frag={{0x30}}]}, @inet=@TOS={0x28}}, {{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @remote, [], [], 'batadv_slave_0\x00', 'syzkaller0\x00'}, 0x0, 0x118, 0x158, 0x0, {}, [@common=@dst={{0x48}}, @inet=@rpfilter={{0x28}}]}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@dev}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x680)

[  600.787006][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  600.917618][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  600.976858][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  601.056977][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  601.102977][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  601.182739][ T7446] mceusb 5-1:0.0: Registered 
 with mce emulator interface version 1
[  601.191093][ T7446] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  601.287552][   T24] audit: type=1804 audit(1638929423.895:19): pid=13915 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir070679094/syzkaller.l9n6F3/250/bus" dev="sda1" ino=15654 res=1 errno=0
[  601.314945][   T24] audit: type=1800 audit(1638929423.895:20): pid=13915 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=15654 res=0 errno=0
[  601.408649][ T7446] usb 5-1: USB disconnect, device number 88
02:10:24 executing program 5:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000006ffc)=0x400200, 0x4)
r1 = socket(0x10, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000240)={'erspan0\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000000040)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @dev}, 0x14)
sendto$inet6(r0, &(0x7f0000000280)="41030e00cf2b480201020200c52cf7c25975e005b02f0800eb2b2ff0dac8897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305f80a88161b6fd8f24286a57c3feffff", 0xfc13, 0x800, 0x0, 0x2f)

[  601.701388][   T24] audit: type=1804 audit(1638929423.965:21): pid=13911 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir070679094/syzkaller.l9n6F3/250/bus" dev="sda1" ino=15654 res=1 errno=0
[  601.992000][ T7446] usb 5-1: new high-speed USB device number 89 using dummy_hcd
[  602.232490][ T7446] usb 5-1: Using ep0 maxpacket: 16
[  602.348548][T13915] not chained 20000 origins
[  602.353321][T13915] CPU: 0 PID: 13915 Comm: syz-executor.0 Not tainted 5.16.0-rc3-syzkaller #0
[  602.354183][ T7446] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  602.362125][T13915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  602.362154][T13915] Call Trace:
[  602.362169][T13915]  <TASK>
[  602.362183][T13915]  dump_stack_lvl+0x1ff/0x28e
[  602.362247][T13915]  dump_stack+0x25/0x28
[  602.362294][T13915]  kmsan_internal_chain_origin+0x7a/0x110
[  602.362363][T13915]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  602.372618][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  602.382463][T13915]  ? kmsan_get_metadata+0xa4/0x120
[  602.382537][T13915]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  602.382604][T13915]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  602.382668][T13915]  ? kmsan_get_metadata+0xa4/0x120
[  602.382727][T13915]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  602.382791][T13915]  ? should_fail+0x75/0x9c0
[  602.382850][T13915]  ? kmsan_get_metadata+0xa4/0x120
[  602.382907][T13915]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  602.382972][T13915]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  602.383039][T13915]  ? kmsan_get_metadata+0xa4/0x120
[  602.383097][T13915]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  602.383158][T13915]  __msan_chain_origin+0xbf/0x140
[  602.383217][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  602.383291][T13915]  get_compat_msghdr+0x108/0x2c0
[  602.383348][T13915]  ? __sys_recvmmsg+0x51c/0x6f0
[  602.383395][T13915]  do_recvmmsg+0x1063/0x2120
[  602.383456][T13915]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  602.383539][T13915]  ? kmsan_get_metadata+0xa4/0x120
[  602.383597][T13915]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  602.383664][T13915]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  602.383730][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  602.383785][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  602.383859][T13915]  __do_fast_syscall_32+0x96/0xf0
[  602.383916][T13915]  do_fast_syscall_32+0x34/0x70
[  602.383966][T13915]  do_SYSENTER_32+0x1b/0x20
[  602.384015][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  602.384069][T13915] RIP: 0023:0xf6e9a549
[  602.384100][T13915] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  602.384145][T13915] RSP: 002b:00000000f5c315fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  602.384189][T13915] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  602.384220][T13915] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  602.384250][T13915] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  602.384278][T13915] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  602.384306][T13915] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  602.384347][T13915]  </TASK>
[  602.387318][T13915] Uninit was stored to memory at:
[  602.389141][ T7446] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  602.392539][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  602.392603][T13915]  get_compat_msghdr+0x108/0x2c0
[  602.397329][ T7446] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  602.401447][T13915]  do_recvmmsg+0x1063/0x2120
[  602.401494][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  602.407321][ T7446] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  602.413424][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  602.413490][T13915]  __do_fast_syscall_32+0x96/0xf0
[  602.709676][T13915]  do_fast_syscall_32+0x34/0x70
[  602.714725][T13915]  do_SYSENTER_32+0x1b/0x20
[  602.719280][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  602.727718][T13915] 
[  602.730048][T13915] Uninit was stored to memory at:
[  602.735283][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  602.740442][T13915]  get_compat_msghdr+0x108/0x2c0
[  602.745587][T13915]  do_recvmmsg+0x1063/0x2120
[  602.750221][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  602.755083][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  602.761467][T13915]  __do_fast_syscall_32+0x96/0xf0
[  602.766702][T13915]  do_fast_syscall_32+0x34/0x70
[  602.771601][T13915]  do_SYSENTER_32+0x1b/0x20
[  602.776310][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  602.782853][T13915] 
[  602.785186][T13915] Uninit was stored to memory at:
[  602.790274][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  602.795578][T13915]  get_compat_msghdr+0x108/0x2c0
[  602.797926][ T7446] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  602.800558][T13915]  do_recvmmsg+0x1063/0x2120
[  602.800608][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  602.809854][ T7446] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  602.814349][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  602.814414][T13915]  __do_fast_syscall_32+0x96/0xf0
[  602.819096][ T7446] usb 5-1: Manufacturer: syz
[  602.827117][T13915]  do_fast_syscall_32+0x34/0x70
[  602.827167][T13915]  do_SYSENTER_32+0x1b/0x20
[  602.852676][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  602.859060][T13915] 
[  602.861391][T13915] Uninit was stored to memory at:
[  602.866659][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  602.872037][T13915]  get_compat_msghdr+0x108/0x2c0
[  602.877029][T13915]  do_recvmmsg+0x1063/0x2120
[  602.881658][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  602.886525][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  602.893062][T13915]  __do_fast_syscall_32+0x96/0xf0
[  602.898135][T13915]  do_fast_syscall_32+0x34/0x70
[  602.903241][T13915]  do_SYSENTER_32+0x1b/0x20
[  602.907833][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  602.914381][T13915] 
[  602.916739][T13915] Uninit was stored to memory at:
[  602.921976][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  602.927132][T13915]  get_compat_msghdr+0x108/0x2c0
[  602.932270][T13915]  do_recvmmsg+0x1063/0x2120
[  602.936905][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  602.941624][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  602.948176][T13915]  __do_fast_syscall_32+0x96/0xf0
[  602.953410][T13915]  do_fast_syscall_32+0x34/0x70
[  602.958311][T13915]  do_SYSENTER_32+0x1b/0x20
[  602.963014][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  602.969396][T13915] 
[  602.971891][T13915] Uninit was stored to memory at:
[  602.976986][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  602.982330][T13915]  get_compat_msghdr+0x108/0x2c0
[  602.987318][T13915]  do_recvmmsg+0x1063/0x2120
[  602.992094][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  602.996820][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  603.003347][T13915]  __do_fast_syscall_32+0x96/0xf0
[  603.008419][T13915]  do_fast_syscall_32+0x34/0x70
[  603.013469][T13915]  do_SYSENTER_32+0x1b/0x20
[  603.018014][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  603.018916][ T7446] usb 5-1: config 0 descriptor??
[  603.024811][T13915] 
[  603.024820][T13915] Uninit was stored to memory at:
[  603.024892][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  603.042443][T13915]  get_compat_msghdr+0x108/0x2c0
[  603.047582][T13915]  do_recvmmsg+0x1063/0x2120
[  603.052368][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  603.057089][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  603.063629][T13915]  __do_fast_syscall_32+0x96/0xf0
[  603.068709][T13915]  do_fast_syscall_32+0x34/0x70
[  603.073765][T13915]  do_SYSENTER_32+0x1b/0x20
[  603.078318][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  603.084937][T13915] 
[  603.087285][T13915] Local variable msg_sys created at:
[  603.092710][T13915]  do_recvmmsg+0xc1/0x2120
[  603.097170][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  603.382051][ T7446] rc_core: IR keymap rc-hauppauge not found
[  603.388223][ T7446] Registered IR keymap rc-empty
[  603.393784][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  603.424078][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  603.455332][ T7446] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  603.484677][T13851] not chained 30000 origins
[  603.489256][T13851] CPU: 0 PID: 13851 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0
[  603.498070][T13851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  603.508165][T13851] Call Trace:
[  603.511470][T13851]  <TASK>
[  603.514423][T13851]  dump_stack_lvl+0x1ff/0x28e
[  603.519160][T13851]  dump_stack+0x25/0x28
[  603.523354][T13851]  kmsan_internal_chain_origin+0x7a/0x110
[  603.529132][T13851]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  603.529745][ T7446] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input62
[  603.535255][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  603.535319][T13851]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  603.535387][T13851]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  603.535452][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  603.535512][T13851]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  603.576154][T13851]  ? should_fail+0x75/0x9c0
[  603.580734][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  603.586081][T13851]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  603.592389][T13851]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  603.598518][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  603.603684][T13851]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  603.609551][T13851]  __msan_chain_origin+0xbf/0x140
[  603.614627][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  603.619807][T13851]  get_compat_msghdr+0x108/0x2c0
[  603.624807][T13851]  ? __sys_recvmmsg+0x51c/0x6f0
[  603.629703][T13851]  do_recvmmsg+0x1063/0x2120
[  603.634335][T13851]  ? psi_group_change+0x10fa/0x1630
[  603.639622][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  603.644806][T13851]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  603.650677][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  603.655846][T13851]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  603.662150][T13851]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  603.668714][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  603.673449][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  603.679844][T13851]  __do_fast_syscall_32+0x96/0xf0
[  603.684925][T13851]  do_fast_syscall_32+0x34/0x70
[  603.689832][T13851]  do_SYSENTER_32+0x1b/0x20
[  603.694382][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  603.700765][T13851] RIP: 0023:0xf6e8f549
[  603.704861][T13851] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  603.724717][T13851] RSP: 002b:00000000f5e685fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  603.733183][T13851] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  603.741622][T13851] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  603.749628][T13851] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  603.757650][T13851] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  603.765656][T13851] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  603.773674][T13851]  </TASK>
[  603.780909][T13851] Uninit was stored to memory at:
[  603.787271][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  603.792605][T13851]  get_compat_msghdr+0x108/0x2c0
[  603.797615][T13851]  do_recvmmsg+0x1063/0x2120
[  603.802394][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  603.807115][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  603.813653][T13851]  __do_fast_syscall_32+0x96/0xf0
[  603.818778][T13851]  do_fast_syscall_32+0x34/0x70
[  603.823839][T13851]  do_SYSENTER_32+0x1b/0x20
[  603.828397][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  603.834941][T13851] 
[  603.837283][T13851] Uninit was stored to memory at:
[  603.842528][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  603.847689][T13851]  get_compat_msghdr+0x108/0x2c0
[  603.852821][T13851]  do_recvmmsg+0x1063/0x2120
[  603.857466][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  603.862399][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  603.868855][T13851]  __do_fast_syscall_32+0x96/0xf0
[  603.874085][T13851]  do_fast_syscall_32+0x34/0x70
[  603.878991][T13851]  do_SYSENTER_32+0x1b/0x20
[  603.883703][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  603.890087][T13851] 
[  603.892579][T13851] Uninit was stored to memory at:
[  603.897676][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  603.902997][T13851]  get_compat_msghdr+0x108/0x2c0
[  603.907995][T13851]  do_recvmmsg+0x1063/0x2120
[  603.912777][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  603.917493][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  603.924053][T13851]  __do_fast_syscall_32+0x96/0xf0
[  603.929123][T13851]  do_fast_syscall_32+0x34/0x70
[  603.934649][T13851]  do_SYSENTER_32+0x1b/0x20
[  603.939200][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  603.945724][T13851] 
[  603.948089][T13851] Uninit was stored to memory at:
[  603.953338][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  603.958495][T13851]  get_compat_msghdr+0x108/0x2c0
[  603.963641][T13851]  do_recvmmsg+0x1063/0x2120
[  603.968288][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  603.973153][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  603.979541][T13851]  __do_fast_syscall_32+0x96/0xf0
[  603.984775][T13851]  do_fast_syscall_32+0x34/0x70
[  603.989676][T13851]  do_SYSENTER_32+0x1b/0x20
[  603.994388][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  604.000770][T13851] 
[  604.003259][T13851] Uninit was stored to memory at:
[  604.008352][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  604.013665][T13851]  get_compat_msghdr+0x108/0x2c0
[  604.018654][T13851]  do_recvmmsg+0x1063/0x2120
[  604.023441][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  604.028158][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  604.034692][T13851]  __do_fast_syscall_32+0x96/0xf0
[  604.039767][T13851]  do_fast_syscall_32+0x34/0x70
[  604.044871][T13851]  do_SYSENTER_32+0x1b/0x20
[  604.049430][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  604.055972][T13851] 
[  604.058332][T13851] Uninit was stored to memory at:
[  604.063588][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  604.068775][T13851]  get_compat_msghdr+0x108/0x2c0
[  604.073912][T13851]  do_recvmmsg+0x1063/0x2120
[  604.078546][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  604.083414][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  604.089800][T13851]  __do_fast_syscall_32+0x96/0xf0
[  604.095055][T13851]  do_fast_syscall_32+0x34/0x70
[  604.099948][T13851]  do_SYSENTER_32+0x1b/0x20
[  604.104649][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  604.111116][T13851] 
[  604.113618][T13851] Uninit was stored to memory at:
[  604.118711][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  604.124025][T13851]  get_compat_msghdr+0x108/0x2c0
[  604.129010][T13851]  do_recvmmsg+0x1063/0x2120
[  604.133793][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  604.138513][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  604.145083][T13851]  __do_fast_syscall_32+0x96/0xf0
[  604.150164][T13851]  do_fast_syscall_32+0x34/0x70
[  604.155239][T13851]  do_SYSENTER_32+0x1b/0x20
[  604.159791][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  604.166340][T13851] 
[  604.168677][T13851] Local variable msg_sys created at:
[  604.174139][T13851]  do_recvmmsg+0xc1/0x2120
[  604.178597][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  604.197510][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  604.232140][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  604.268372][T13851] not chained 40000 origins
[  604.273047][T13851] CPU: 0 PID: 13851 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0
[  604.281852][T13851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  604.291933][T13851] Call Trace:
[  604.295225][T13851]  <TASK>
[  604.298163][T13851]  dump_stack_lvl+0x1ff/0x28e
[  604.302887][T13851]  dump_stack+0x25/0x28
[  604.307079][T13851]  kmsan_internal_chain_origin+0x7a/0x110
[  604.312849][T13851]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  604.318964][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  604.324125][T13851]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  604.329999][T13851]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  604.335598][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  604.340759][T13851]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  604.346619][T13851]  ? should_fail+0x75/0x9c0
[  604.351168][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  604.356375][T13851]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  604.362669][T13851]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  604.368786][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  604.373954][T13851]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  604.379851][T13851]  __msan_chain_origin+0xbf/0x140
[  604.384936][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  604.390124][T13851]  get_compat_msghdr+0x108/0x2c0
[  604.395111][T13851]  ? __sys_recvmmsg+0x51c/0x6f0
[  604.399997][T13851]  do_recvmmsg+0x1063/0x2120
[  604.404622][T13851]  ? psi_group_change+0x10fa/0x1630
[  604.409883][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  604.415047][T13851]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  604.420902][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  604.426057][T13851]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  604.432355][T13851]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  604.438999][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  604.443900][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  604.450283][T13851]  __do_fast_syscall_32+0x96/0xf0
[  604.455353][T13851]  do_fast_syscall_32+0x34/0x70
[  604.460240][T13851]  do_SYSENTER_32+0x1b/0x20
[  604.464776][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  604.471142][T13851] RIP: 0023:0xf6e8f549
[  604.475235][T13851] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  604.494883][T13851] RSP: 002b:00000000f5e685fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  604.503329][T13851] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  604.511324][T13851] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  604.519315][T13851] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  604.527305][T13851] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  604.535303][T13851] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  604.543308][T13851]  </TASK>
[  604.549329][T13851] Uninit was stored to memory at:
[  604.554826][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  604.558661][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  604.559984][T13851]  get_compat_msghdr+0x108/0x2c0
[  604.572408][T13851]  do_recvmmsg+0x1063/0x2120
[  604.577036][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  604.581823][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  604.588203][T13851]  __do_fast_syscall_32+0x96/0xf0
[  604.592020][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  604.593343][T13851]  do_fast_syscall_32+0x34/0x70
[  604.605329][T13851]  do_SYSENTER_32+0x1b/0x20
[  604.609877][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  604.616458][T13851] 
[  604.618788][T13851] Uninit was stored to memory at:
[  604.622162][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  604.624026][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  604.636145][T13851]  get_compat_msghdr+0x108/0x2c0
[  604.641132][T13851]  do_recvmmsg+0x1063/0x2120
[  604.645913][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  604.650629][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  604.656184][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  604.657160][T13851]  __do_fast_syscall_32+0x96/0xf0
[  604.669341][T13851]  do_fast_syscall_32+0x34/0x70
[  604.674390][T13851]  do_SYSENTER_32+0x1b/0x20
[  604.678936][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  604.685476][T13851] 
[  604.687807][T13851] Uninit was stored to memory at:
[  604.692213][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  604.693039][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  604.705588][T13851]  get_compat_msghdr+0x108/0x2c0
[  604.710578][T13851]  do_recvmmsg+0x1063/0x2120
[  604.715364][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  604.720075][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  604.722216][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  604.726601][T13851]  __do_fast_syscall_32+0x96/0xf0
[  604.738689][T13851]  do_fast_syscall_32+0x34/0x70
[  604.743745][T13851]  do_SYSENTER_32+0x1b/0x20
[  604.748292][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  604.754837][T13851] 
[  604.757169][T13851] Uninit was stored to memory at:
[  604.762410][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  604.765049][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  604.767563][T13851]  get_compat_msghdr+0x108/0x2c0
[  604.767617][T13851]  do_recvmmsg+0x1063/0x2120
[  604.784423][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  604.789143][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  604.795705][T13851]  __do_fast_syscall_32+0x96/0xf0
[  604.800779][T13851]  do_fast_syscall_32+0x34/0x70
[  604.802178][ T7446] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  604.805825][T13851]  do_SYSENTER_32+0x1b/0x20
[  604.817403][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  604.823943][T13851] 
[  604.826281][T13851] Uninit was stored to memory at:
[  604.831367][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  604.836701][T13851]  get_compat_msghdr+0x108/0x2c0
[  604.841800][T13851]  do_recvmmsg+0x1063/0x2120
[  604.846432][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  604.847845][ T7446] mceusb 5-1:0.0: Registered 
 with mce emulator interface version 1
[  604.851145][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  604.859407][ T7446] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  604.865749][T13851]  __do_fast_syscall_32+0x96/0xf0
[  604.865801][T13851]  do_fast_syscall_32+0x34/0x70
[  604.865849][T13851]  do_SYSENTER_32+0x1b/0x20
[  604.888791][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  604.895346][T13851] 
[  604.897685][T13851] Uninit was stored to memory at:
[  604.902910][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  604.908075][T13851]  get_compat_msghdr+0x108/0x2c0
[  604.913237][T13851]  do_recvmmsg+0x1063/0x2120
[  604.917864][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  604.922749][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  604.929138][T13851]  __do_fast_syscall_32+0x96/0xf0
[  604.934379][T13851]  do_fast_syscall_32+0x34/0x70
[  604.939281][T13851]  do_SYSENTER_32+0x1b/0x20
[  604.943996][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  604.950379][T13851] 
[  604.952871][T13851] Uninit was stored to memory at:
[  604.958059][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  604.962830][ T7446] usb 5-1: USB disconnect, device number 89
[  604.963366][T13851]  get_compat_msghdr+0x108/0x2c0
[  604.974211][T13851]  do_recvmmsg+0x1063/0x2120
[  604.978837][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  604.983725][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  604.990109][T13851]  __do_fast_syscall_32+0x96/0xf0
[  604.995351][T13851]  do_fast_syscall_32+0x34/0x70
[  605.000258][T13851]  do_SYSENTER_32+0x1b/0x20
[  605.004969][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  605.011357][T13851] 
[  605.013854][T13851] Local variable msg_sys created at:
[  605.019147][T13851]  do_recvmmsg+0xc1/0x2120
[  605.023768][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  605.139197][T13908] not chained 50000 origins
[  605.144057][T13908] CPU: 1 PID: 13908 Comm: syz-executor.0 Not tainted 5.16.0-rc3-syzkaller #0
[  605.152863][T13908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  605.162946][T13908] Call Trace:
[  605.166238][T13908]  <TASK>
[  605.169183][T13908]  dump_stack_lvl+0x1ff/0x28e
[  605.173997][T13908]  dump_stack+0x25/0x28
[  605.178188][T13908]  kmsan_internal_chain_origin+0x7a/0x110
[  605.183970][T13908]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  605.190097][T13908]  ? kmsan_get_metadata+0xa4/0x120
[  605.195259][T13908]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  605.201214][T13908]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  605.206943][T13908]  ? kmsan_get_metadata+0xa4/0x120
[  605.212120][T13908]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  605.217995][T13908]  ? should_fail+0x75/0x9c0
[  605.222553][T13908]  ? kmsan_get_metadata+0xa4/0x120
[  605.227722][T13908]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  605.234025][T13908]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  605.240158][T13908]  ? kmsan_get_metadata+0xa4/0x120
[  605.245326][T13908]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  605.251196][T13908]  __msan_chain_origin+0xbf/0x140
[  605.256270][T13908]  __get_compat_msghdr+0x6e1/0x9d0
[  605.261446][T13908]  get_compat_msghdr+0x108/0x2c0
[  605.266438][T13908]  ? __sys_recvmmsg+0x51c/0x6f0
[  605.271332][T13908]  do_recvmmsg+0x1063/0x2120
[  605.275969][T13908]  ? kmsan_get_metadata+0xa4/0x120
[  605.281137][T13908]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  605.287429][T13908]  ? kmsan_get_metadata+0xa4/0x120
[  605.292591][T13908]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  605.298882][T13908]  ? fput+0x82/0x320
[  605.302887][T13908]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  605.309442][T13908]  __sys_recvmmsg+0x51c/0x6f0
[  605.314167][T13908]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  605.320571][T13908]  __do_fast_syscall_32+0x96/0xf0
[  605.325638][T13908]  do_fast_syscall_32+0x34/0x70
[  605.330543][T13908]  do_SYSENTER_32+0x1b/0x20
[  605.335089][T13908]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  605.341513][T13908] RIP: 0023:0xf6e9a549
[  605.345623][T13908] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  605.365273][T13908] RSP: 002b:00000000f5e735fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  605.373724][T13908] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  605.381719][T13908] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  605.389713][T13908] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  605.397702][T13908] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  605.405708][T13908] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  605.413712][T13908]  </TASK>
[  605.420782][T13908] Uninit was stored to memory at:
[  605.426529][T13908]  __get_compat_msghdr+0x6e1/0x9d0
[  605.431694][T13908]  get_compat_msghdr+0x108/0x2c0
[  605.436797][T13908]  do_recvmmsg+0x1063/0x2120
[  605.441426][T13908]  __sys_recvmmsg+0x51c/0x6f0
[  605.446270][T13908]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  605.452779][T13908]  __do_fast_syscall_32+0x96/0xf0
[  605.457852][T13908]  do_fast_syscall_32+0x34/0x70
[  605.462887][T13908]  do_SYSENTER_32+0x1b/0x20
[  605.467436][T13908]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  605.473943][T13908] 
[  605.476295][T13908] Uninit was stored to memory at:
[  605.481386][T13908]  __get_compat_msghdr+0x6e1/0x9d0
[  605.486675][T13908]  get_compat_msghdr+0x108/0x2c0
[  605.491664][T13908]  do_recvmmsg+0x1063/0x2120
[  605.496455][T13908]  __sys_recvmmsg+0x51c/0x6f0
[  605.501159][T13908]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  605.507675][T13908]  __do_fast_syscall_32+0x96/0xf0
[  605.512899][T13908]  do_fast_syscall_32+0x34/0x70
[  605.517797][T13908]  do_SYSENTER_32+0x1b/0x20
[  605.522542][T13908]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  605.528925][T13908] 
[  605.531258][T13908] Uninit was stored to memory at:
[  605.536567][T13908]  __get_compat_msghdr+0x6e1/0x9d0
[  605.541926][T13908]  get_compat_msghdr+0x108/0x2c0
[  605.546917][T13908]  do_recvmmsg+0x1063/0x2120
[  605.551542][T13908]  __sys_recvmmsg+0x51c/0x6f0
[  605.556443][T13908]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  605.563025][T13908]  __do_fast_syscall_32+0x96/0xf0
[  605.568100][T13908]  do_fast_syscall_32+0x34/0x70
[  605.573189][T13908]  do_SYSENTER_32+0x1b/0x20
[  605.577745][T13908]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  605.584331][T13908] 
[  605.586664][T13908] Uninit was stored to memory at:
[  605.591936][T13908]  __get_compat_msghdr+0x6e1/0x9d0
[  605.597094][T13908]  get_compat_msghdr+0x108/0x2c0
[  605.602278][T13908]  do_recvmmsg+0x1063/0x2120
[  605.606907][T13908]  __sys_recvmmsg+0x51c/0x6f0
[  605.611617][T13908]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  605.618180][T13908]  __do_fast_syscall_32+0x96/0xf0
[  605.623456][T13908]  do_fast_syscall_32+0x34/0x70
[  605.628357][T13908]  do_SYSENTER_32+0x1b/0x20
[  605.633076][T13908]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  605.639457][T13908] 
[  605.641960][T13908] Uninit was stored to memory at:
[  605.647055][T13908]  __get_compat_msghdr+0x6e1/0x9d0
[  605.652406][T13908]  get_compat_msghdr+0x108/0x2c0
[  605.657391][T13908]  do_recvmmsg+0x1063/0x2120
[  605.662194][T13908]  __sys_recvmmsg+0x51c/0x6f0
[  605.666905][T13908]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  605.673401][T13908]  __do_fast_syscall_32+0x96/0xf0
[  605.678467][T13908]  do_fast_syscall_32+0x34/0x70
[  605.683578][T13908]  do_SYSENTER_32+0x1b/0x20
[  605.688123][T13908]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  605.694708][T13908] 
[  605.697040][T13908] Uninit was stored to memory at:
[  605.702328][T13908]  __get_compat_msghdr+0x6e1/0x9d0
[  605.707489][T13908]  get_compat_msghdr+0x108/0x2c0
[  605.712690][T13908]  do_recvmmsg+0x1063/0x2120
[  605.717319][T13908]  __sys_recvmmsg+0x51c/0x6f0
[  605.722228][T13908]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  605.728614][T13908]  __do_fast_syscall_32+0x96/0xf0
[  605.733884][T13908]  do_fast_syscall_32+0x34/0x70
[  605.738783][T13908]  do_SYSENTER_32+0x1b/0x20
[  605.743546][T13908]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  605.749928][T13908] 
[  605.752476][T13908] Uninit was stored to memory at:
[  605.757579][T13908]  __get_compat_msghdr+0x6e1/0x9d0
[  605.762912][T13908]  get_compat_msghdr+0x108/0x2c0
[  605.767988][T13908]  do_recvmmsg+0x1063/0x2120
[  605.772807][T13908]  __sys_recvmmsg+0x51c/0x6f0
[  605.777525][T13908]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  605.784110][T13908]  __do_fast_syscall_32+0x96/0xf0
[  605.789179][T13908]  do_fast_syscall_32+0x34/0x70
[  605.794264][T13908]  do_SYSENTER_32+0x1b/0x20
[  605.798812][T13908]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  605.805394][T13908] 
[  605.807729][T13908] Local variable msg_sys created at:
[  605.813208][T13908]  do_recvmmsg+0xc1/0x2120
[  605.818967][T13908]  __sys_recvmmsg+0x51c/0x6f0
[  606.092177][T13915] not chained 60000 origins
[  606.096723][T13915] CPU: 1 PID: 13915 Comm: syz-executor.0 Not tainted 5.16.0-rc3-syzkaller #0
[  606.105519][T13915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  606.115606][T13915] Call Trace:
[  606.118901][T13915]  <TASK>
[  606.121851][T13915]  dump_stack_lvl+0x1ff/0x28e
[  606.126582][T13915]  dump_stack+0x25/0x28
[  606.130777][T13915]  kmsan_internal_chain_origin+0x7a/0x110
[  606.136556][T13915]  ? kmsan_get_metadata+0xa4/0x120
[  606.141723][T13915]  ? kmsan_get_metadata+0xa4/0x120
[  606.146890][T13915]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  606.152766][T13915]  ? __perf_event_task_sched_out+0x380a/0x38c0
[  606.159077][T13915]  ? kmsan_get_metadata+0xa4/0x120
[  606.164249][T13915]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  606.170126][T13915]  ? should_fail+0x75/0x9c0
[  606.174684][T13915]  ? kmsan_get_metadata+0xa4/0x120
[  606.179852][T13915]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  606.186156][T13915]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  606.192284][T13915]  ? kmsan_get_metadata+0xa4/0x120
[  606.197453][T13915]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  606.203326][T13915]  __msan_chain_origin+0xbf/0x140
[  606.208406][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  606.213583][T13915]  get_compat_msghdr+0x108/0x2c0
[  606.218575][T13915]  ? __sys_recvmmsg+0x51c/0x6f0
[  606.223472][T13915]  do_recvmmsg+0x1063/0x2120
[  606.228147][T13915]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  606.234028][T13915]  ? kmsan_get_metadata+0xa4/0x120
[  606.239189][T13915]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  606.245493][T13915]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  606.252062][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  606.256791][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  606.263209][T13915]  __do_fast_syscall_32+0x96/0xf0
[  606.268284][T13915]  do_fast_syscall_32+0x34/0x70
[  606.274055][T13915]  do_SYSENTER_32+0x1b/0x20
[  606.278607][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  606.284990][T13915] RIP: 0023:0xf6e9a549
[  606.289085][T13915] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  606.308776][T13915] RSP: 002b:00000000f5c315fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  606.317239][T13915] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  606.325338][T13915] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  606.333338][T13915] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  606.341338][T13915] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  606.349340][T13915] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  606.357361][T13915]  </TASK>
[  606.365201][T13915] Uninit was stored to memory at:
[  606.370343][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  606.379764][T13915]  get_compat_msghdr+0x108/0x2c0
[  606.385304][T13915]  do_recvmmsg+0x1063/0x2120
[  606.389938][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  606.394847][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  606.401239][T13915]  __do_fast_syscall_32+0x96/0xf0
[  606.406522][T13915]  do_fast_syscall_32+0x34/0x70
[  606.411428][T13915]  do_SYSENTER_32+0x1b/0x20
[  606.416168][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  606.422751][T13915] 
[  606.425088][T13915] Uninit was stored to memory at:
[  606.430263][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  606.436056][T13915]  get_compat_msghdr+0x108/0x2c0
[  606.441045][T13915]  do_recvmmsg+0x1063/0x2120
[  606.445870][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  606.450588][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  606.457183][T13915]  __do_fast_syscall_32+0x96/0xf0
[  606.462448][T13915]  do_fast_syscall_32+0x34/0x70
[  606.467356][T13915]  do_SYSENTER_32+0x1b/0x20
[  606.472083][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  606.478498][T13915] 
[  606.480830][T13915] Uninit was stored to memory at:
[  606.486138][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  606.491310][T13915]  get_compat_msghdr+0x108/0x2c0
[  606.496515][T13915]  do_recvmmsg+0x1063/0x2120
[  606.501150][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  606.506060][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  606.512643][T13915]  __do_fast_syscall_32+0x96/0xf0
[  606.517717][T13915]  do_fast_syscall_32+0x34/0x70
[  606.522793][T13915]  do_SYSENTER_32+0x1b/0x20
[  606.527341][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  606.533917][T13915] 
[  606.536276][T13915] Uninit was stored to memory at:
[  606.541370][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  606.546761][T13915]  get_compat_msghdr+0x108/0x2c0
[  606.551931][T13915]  do_recvmmsg+0x1063/0x2120
[  606.556566][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  606.561295][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  606.567890][T13915]  __do_fast_syscall_32+0x96/0xf0
[  606.573137][T13915]  do_fast_syscall_32+0x34/0x70
[  606.578036][T13915]  do_SYSENTER_32+0x1b/0x20
[  606.582850][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  606.589226][T13915] 
[  606.591557][T13915] Uninit was stored to memory at:
[  606.596857][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  606.602183][T13915]  get_compat_msghdr+0x108/0x2c0
[  606.607169][T13915]  do_recvmmsg+0x1063/0x2120
[  606.611989][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  606.616701][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  606.623280][T13915]  __do_fast_syscall_32+0x96/0xf0
[  606.628355][T13915]  do_fast_syscall_32+0x34/0x70
[  606.633435][T13915]  do_SYSENTER_32+0x1b/0x20
[  606.638160][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  606.644740][T13915] 
[  606.647077][T13915] Uninit was stored to memory at:
[  606.652354][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  606.657518][T13915]  get_compat_msghdr+0x108/0x2c0
[  606.662708][T13915]  do_recvmmsg+0x1063/0x2120
[  606.667342][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  606.672246][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  606.678635][T13915]  __do_fast_syscall_32+0x96/0xf0
[  606.683961][T13915]  do_fast_syscall_32+0x34/0x70
[  606.688860][T13915]  do_SYSENTER_32+0x1b/0x20
[  606.693613][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  606.699994][T13915] 
[  606.702531][T13915] Uninit was stored to memory at:
[  606.707660][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  606.713012][T13915]  get_compat_msghdr+0x108/0x2c0
[  606.717995][T13915]  do_recvmmsg+0x1063/0x2120
[  606.722896][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  606.727613][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  606.734191][T13915]  __do_fast_syscall_32+0x96/0xf0
[  606.739262][T13915]  do_fast_syscall_32+0x34/0x70
[  606.744786][T13915]  do_SYSENTER_32+0x1b/0x20
[  606.749333][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  606.755907][T13915] 
[  606.758241][T13915] Local variable msg_sys created at:
[  606.763737][T13915]  do_recvmmsg+0xc1/0x2120
[  606.768281][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  606.955989][T13908] not chained 70000 origins
[  606.960598][T13908] CPU: 1 PID: 13908 Comm: syz-executor.0 Not tainted 5.16.0-rc3-syzkaller #0
[  606.969407][T13908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  606.979499][T13908] Call Trace:
[  606.982804][T13908]  <TASK>
[  606.985757][T13908]  dump_stack_lvl+0x1ff/0x28e
[  606.990579][T13908]  dump_stack+0x25/0x28
[  606.994778][T13908]  kmsan_internal_chain_origin+0x7a/0x110
[  607.000568][T13908]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  607.006788][T13908]  ? kmsan_get_metadata+0xa4/0x120
[  607.011960][T13908]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  607.018005][T13908]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  607.023633][T13908]  ? kmsan_get_metadata+0xa4/0x120
[  607.028816][T13908]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  607.034693][T13908]  ? should_fail+0x75/0x9c0
[  607.039294][T13908]  ? kmsan_get_metadata+0xa4/0x120
[  607.044467][T13908]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  607.050779][T13908]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  607.056918][T13908]  ? kmsan_get_metadata+0xa4/0x120
[  607.062087][T13908]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  607.067956][T13908]  __msan_chain_origin+0xbf/0x140
[  607.073041][T13908]  __get_compat_msghdr+0x6e1/0x9d0
[  607.078224][T13908]  get_compat_msghdr+0x108/0x2c0
[  607.083219][T13908]  ? __sys_recvmmsg+0x51c/0x6f0
[  607.088115][T13908]  do_recvmmsg+0x1063/0x2120
[  607.092761][T13908]  ? kmsan_get_metadata+0xa4/0x120
[  607.097938][T13908]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  607.104246][T13908]  ? kmsan_get_metadata+0xa4/0x120
[  607.109419][T13908]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  607.115728][T13908]  ? fput+0x82/0x320
[  607.119674][T13908]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  607.126280][T13908]  __sys_recvmmsg+0x51c/0x6f0
[  607.131018][T13908]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  607.137419][T13908]  __do_fast_syscall_32+0x96/0xf0
[  607.142533][T13908]  do_fast_syscall_32+0x34/0x70
[  607.147434][T13908]  do_SYSENTER_32+0x1b/0x20
[  607.151990][T13908]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  607.160030][T13908] RIP: 0023:0xf6e9a549
[  607.164121][T13908] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  607.183779][T13908] RSP: 002b:00000000f5e735fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  607.192349][T13908] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  607.200366][T13908] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  607.208377][T13908] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  607.216382][T13908] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  607.224392][T13908] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  607.232412][T13908]  </TASK>
[  607.239345][T13908] Uninit was stored to memory at:
[  607.245041][T13908]  __get_compat_msghdr+0x6e1/0x9d0
[  607.250207][T13908]  get_compat_msghdr+0x108/0x2c0
[  607.255313][T13908]  do_recvmmsg+0x1063/0x2120
[  607.259944][T13908]  __sys_recvmmsg+0x51c/0x6f0
[  607.264800][T13908]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  607.271188][T13908]  __do_fast_syscall_32+0x96/0xf0
[  607.276395][T13908]  do_fast_syscall_32+0x34/0x70
[  607.281295][T13908]  do_SYSENTER_32+0x1b/0x20
[  607.285977][T13908]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  607.292568][T13908] 
[  607.294903][T13908] Uninit was stored to memory at:
[  607.300022][T13908]  __get_compat_msghdr+0x6e1/0x9d0
[  607.305306][T13908]  get_compat_msghdr+0x108/0x2c0
[  607.310290][T13908]  do_recvmmsg+0x1063/0x2120
[  607.315044][T13908]  __sys_recvmmsg+0x51c/0x6f0
[  607.319845][T13908]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  607.326471][T13908]  __do_fast_syscall_32+0x96/0xf0
[  607.331552][T13908]  do_fast_syscall_32+0x34/0x70
[  607.336656][T13908]  do_SYSENTER_32+0x1b/0x20
[  607.341204][T13908]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  607.347864][T13908] 
[  607.350198][T13908] Uninit was stored to memory at:
[  607.355461][T13908]  __get_compat_msghdr+0x6e1/0x9d0
[  607.360628][T13908]  get_compat_msghdr+0x108/0x2c0
[  607.365819][T13908]  do_recvmmsg+0x1063/0x2120
[  607.370452][T13908]  __sys_recvmmsg+0x51c/0x6f0
[  607.375366][T13908]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  607.382056][T13908]  __do_fast_syscall_32+0x96/0xf0
[  607.387136][T13908]  do_fast_syscall_32+0x34/0x70
[  607.392221][T13908]  do_SYSENTER_32+0x1b/0x20
[  607.396771][T13908]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  607.403336][T13908] 
[  607.405672][T13908] Uninit was stored to memory at:
[  607.410766][T13908]  __get_compat_msghdr+0x6e1/0x9d0
[  607.416128][T13908]  get_compat_msghdr+0x108/0x2c0
[  607.421119][T13908]  do_recvmmsg+0x1063/0x2120
[  607.425950][T13908]  __sys_recvmmsg+0x51c/0x6f0
[  607.430669][T13908]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  607.437259][T13908]  __do_fast_syscall_32+0x96/0xf0
[  607.442470][T13908]  do_fast_syscall_32+0x34/0x70
[  607.447375][T13908]  do_SYSENTER_32+0x1b/0x20
[  607.452080][T13908]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  607.458466][T13908] 
[  607.460797][T13908] Uninit was stored to memory at:
[  607.466099][T13908]  __get_compat_msghdr+0x6e1/0x9d0
[  607.471262][T13908]  get_compat_msghdr+0x108/0x2c0
[  607.476474][T13908]  do_recvmmsg+0x1063/0x2120
[  607.481109][T13908]  __sys_recvmmsg+0x51c/0x6f0
[  607.486025][T13908]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  607.492536][T13908]  __do_fast_syscall_32+0x96/0xf0
[  607.497603][T13908]  do_fast_syscall_32+0x34/0x70
[  607.502685][T13908]  do_SYSENTER_32+0x1b/0x20
[  607.507239][T13908]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  607.513812][T13908] 
[  607.516150][T13908] Uninit was stored to memory at:
[  607.521238][T13908]  __get_compat_msghdr+0x6e1/0x9d0
[  607.526605][T13908]  get_compat_msghdr+0x108/0x2c0
[  607.531594][T13908]  do_recvmmsg+0x1063/0x2120
[  607.536421][T13908]  __sys_recvmmsg+0x51c/0x6f0
[  607.541136][T13908]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  607.547723][T13908]  __do_fast_syscall_32+0x96/0xf0
[  607.552972][T13908]  do_fast_syscall_32+0x34/0x70
[  607.557873][T13908]  do_SYSENTER_32+0x1b/0x20
[  607.562598][T13908]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  607.568975][T13908] 
[  607.571306][T13908] Uninit was stored to memory at:
[  607.576540][T13908]  __get_compat_msghdr+0x6e1/0x9d0
[  607.581695][T13908]  get_compat_msghdr+0x108/0x2c0
[  607.586804][T13908]  do_recvmmsg+0x1063/0x2120
[  607.591434][T13908]  __sys_recvmmsg+0x51c/0x6f0
[  607.596351][T13908]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  607.602927][T13908]  __do_fast_syscall_32+0x96/0xf0
[  607.608001][T13908]  do_fast_syscall_32+0x34/0x70
[  607.613099][T13908]  do_SYSENTER_32+0x1b/0x20
[  607.617645][T13908]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  607.624222][T13908] 
[  607.626555][T13908] Local variable msg_sys created at:
[  607.632019][T13908]  do_recvmmsg+0xc1/0x2120
[  607.636481][T13908]  __sys_recvmmsg+0x51c/0x6f0
[  607.920236][T13851] not chained 80000 origins
[  607.924936][T13851] CPU: 1 PID: 13851 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0
[  607.933748][T13851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  607.943843][T13851] Call Trace:
[  607.947153][T13851]  <TASK>
[  607.950112][T13851]  dump_stack_lvl+0x1ff/0x28e
[  607.954847][T13851]  dump_stack+0x25/0x28
[  607.959053][T13851]  kmsan_internal_chain_origin+0x7a/0x110
[  607.964846][T13851]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  607.970981][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  607.976163][T13851]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  607.982046][T13851]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  607.987669][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  607.992841][T13851]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  607.998719][T13851]  ? should_fail+0x75/0x9c0
[  608.003287][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  608.008459][T13851]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  608.014764][T13851]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  608.020900][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  608.026076][T13851]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  608.031984][T13851]  __msan_chain_origin+0xbf/0x140
[  608.037079][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  608.042263][T13851]  get_compat_msghdr+0x108/0x2c0
[  608.047265][T13851]  ? __sys_recvmmsg+0x51c/0x6f0
[  608.052163][T13851]  do_recvmmsg+0x1063/0x2120
[  608.056789][T13851]  ? psi_group_change+0x10fa/0x1630
[  608.062096][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  608.067299][T13851]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  608.073176][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  608.078348][T13851]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  608.084662][T13851]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  608.091233][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  608.095965][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  608.102372][T13851]  __do_fast_syscall_32+0x96/0xf0
[  608.107451][T13851]  do_fast_syscall_32+0x34/0x70
[  608.112359][T13851]  do_SYSENTER_32+0x1b/0x20
[  608.116911][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  608.123289][T13851] RIP: 0023:0xf6e8f549
[  608.127389][T13851] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  608.147050][T13851] RSP: 002b:00000000f5e685fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  608.155548][T13851] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  608.163593][T13851] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  608.171691][T13851] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  608.179699][T13851] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  608.188154][T13851] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  608.196178][T13851]  </TASK>
[  608.204225][T13851] Uninit was stored to memory at:
[  608.209339][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  608.215267][T13851]  get_compat_msghdr+0x108/0x2c0
[  608.220301][T13851]  do_recvmmsg+0x1063/0x2120
[  608.225065][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  608.229785][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  608.236300][T13851]  __do_fast_syscall_32+0x96/0xf0
[  608.241371][T13851]  do_fast_syscall_32+0x34/0x70
[  608.246403][T13851]  do_SYSENTER_32+0x1b/0x20
[  608.250954][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  608.257472][T13851] 
[  608.259810][T13851] Uninit was stored to memory at:
[  608.265033][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  608.270189][T13851]  get_compat_msghdr+0x108/0x2c0
[  608.275313][T13851]  do_recvmmsg+0x1063/0x2120
[  608.279940][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  608.284800][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  608.291188][T13851]  __do_fast_syscall_32+0x96/0xf0
[  608.296474][T13851]  do_fast_syscall_32+0x34/0x70
[  608.301392][T13851]  do_SYSENTER_32+0x1b/0x20
[  608.306121][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  608.312700][T13851] 
[  608.315040][T13851] Uninit was stored to memory at:
[  608.320209][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  608.325570][T13851]  get_compat_msghdr+0x108/0x2c0
[  608.330561][T13851]  do_recvmmsg+0x1063/0x2120
[  608.335461][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  608.340180][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  608.346800][T13851]  __do_fast_syscall_32+0x96/0xf0
[  608.352081][T13851]  do_fast_syscall_32+0x34/0x70
[  608.356990][T13851]  do_SYSENTER_32+0x1b/0x20
[  608.361542][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  608.368224][T13851] 
[  608.370565][T13851] Uninit was stored to memory at:
[  608.376211][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  608.381379][T13851]  get_compat_msghdr+0x108/0x2c0
[  608.386568][T13851]  do_recvmmsg+0x1063/0x2120
[  608.391206][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  608.396170][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  608.402771][T13851]  __do_fast_syscall_32+0x96/0xf0
[  608.407848][T13851]  do_fast_syscall_32+0x34/0x70
[  608.412939][T13851]  do_SYSENTER_32+0x1b/0x20
[  608.417482][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  608.424124][T13851] 
[  608.426461][T13851] Uninit was stored to memory at:
[  608.431558][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  608.436918][T13851]  get_compat_msghdr+0x108/0x2c0
[  608.442085][T13851]  do_recvmmsg+0x1063/0x2120
[  608.446716][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  608.451437][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  608.458048][T13851]  __do_fast_syscall_32+0x96/0xf0
[  608.463279][T13851]  do_fast_syscall_32+0x34/0x70
[  608.468179][T13851]  do_SYSENTER_32+0x1b/0x20
[  608.472922][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  608.479312][T13851] 
[  608.481647][T13851] Uninit was stored to memory at:
[  608.486960][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  608.492298][T13851]  get_compat_msghdr+0x108/0x2c0
[  608.497281][T13851]  do_recvmmsg+0x1063/0x2120
[  608.502093][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  608.506819][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  608.513421][T13851]  __do_fast_syscall_32+0x96/0xf0
[  608.518496][T13851]  do_fast_syscall_32+0x34/0x70
[  608.523590][T13851]  do_SYSENTER_32+0x1b/0x20
[  608.528139][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  608.534721][T13851] 
[  608.537087][T13851] Uninit was stored to memory at:
[  608.542374][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  608.547554][T13851]  get_compat_msghdr+0x108/0x2c0
[  608.552788][T13851]  do_recvmmsg+0x1063/0x2120
[  608.557419][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  608.562344][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  608.568745][T13851]  __do_fast_syscall_32+0x96/0xf0
[  608.574062][T13851]  do_fast_syscall_32+0x34/0x70
[  608.578965][T13851]  do_SYSENTER_32+0x1b/0x20
[  608.583720][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  608.590108][T13851] 
[  608.592638][T13851] Local variable msg_sys created at:
[  608.597932][T13851]  do_recvmmsg+0xc1/0x2120
[  608.602590][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  609.408875][T13915] not chained 90000 origins
[  609.413656][T13915] CPU: 1 PID: 13915 Comm: syz-executor.0 Not tainted 5.16.0-rc3-syzkaller #0
[  609.422468][T13915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  609.432575][T13915] Call Trace:
[  609.435956][T13915]  <TASK>
[  609.438903][T13915]  dump_stack_lvl+0x1ff/0x28e
[  609.443629][T13915]  dump_stack+0x25/0x28
[  609.447831][T13915]  kmsan_internal_chain_origin+0x7a/0x110
[  609.453612][T13915]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  609.459745][T13915]  ? kmsan_get_metadata+0xa4/0x120
[  609.464935][T13915]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  609.470806][T13915]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  609.476420][T13915]  ? kmsan_get_metadata+0xa4/0x120
[  609.481593][T13915]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  609.487461][T13915]  ? should_fail+0x75/0x9c0
[  609.492014][T13915]  ? kmsan_get_metadata+0xa4/0x120
[  609.497181][T13915]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  609.503489][T13915]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  609.509616][T13915]  ? kmsan_get_metadata+0xa4/0x120
[  609.514778][T13915]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  609.520636][T13915]  __msan_chain_origin+0xbf/0x140
[  609.525727][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  609.530904][T13915]  get_compat_msghdr+0x108/0x2c0
[  609.535897][T13915]  ? __sys_recvmmsg+0x51c/0x6f0
[  609.540886][T13915]  do_recvmmsg+0x1063/0x2120
[  609.545527][T13915]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  609.551402][T13915]  ? kmsan_get_metadata+0xa4/0x120
[  609.556568][T13915]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  609.562872][T13915]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  609.569431][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  609.574158][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  609.580558][T13915]  __do_fast_syscall_32+0x96/0xf0
[  609.585627][T13915]  do_fast_syscall_32+0x34/0x70
[  609.590517][T13915]  do_SYSENTER_32+0x1b/0x20
[  609.595058][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  609.601436][T13915] RIP: 0023:0xf6e9a549
[  609.605524][T13915] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  609.625174][T13915] RSP: 002b:00000000f5c315fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  609.633623][T13915] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  609.638802][T13851] not chained 100000 origins
[  609.641616][T13915] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  609.654173][T13915] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  609.662161][T13915] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  609.670168][T13915] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  609.678166][T13915]  </TASK>
[  609.681627][T13851] CPU: 0 PID: 13851 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0
[  609.685448][T13915] Uninit was stored to memory at:
[  609.690423][T13851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  609.696089][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  609.705493][T13851] Call Trace:
[  609.705509][T13851]  <TASK>
[  609.705524][T13851]  dump_stack_lvl+0x1ff/0x28e
[  609.705586][T13851]  dump_stack+0x25/0x28
[  609.710706][T13915]  get_compat_msghdr+0x108/0x2c0
[  609.713976][T13851]  kmsan_internal_chain_origin+0x7a/0x110
[  609.714042][T13851]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  609.717012][T13915]  do_recvmmsg+0x1063/0x2120
[  609.721688][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  609.721751][T13851]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  609.725929][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  609.730855][T13851]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  609.736746][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  609.742704][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  609.742766][T13851]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  609.747375][T13915]  __do_fast_syscall_32+0x96/0xf0
[  609.752485][T13851]  ? should_fail+0x75/0x9c0
[  609.752548][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  609.758472][T13915]  do_fast_syscall_32+0x34/0x70
[  609.763119][T13851]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  609.763188][T13851]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  609.768759][T13915]  do_SYSENTER_32+0x1b/0x20
[  609.775073][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  609.775136][T13851]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  609.780262][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  609.786056][T13851]  __msan_chain_origin+0xbf/0x140
[  609.786119][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  609.791159][T13915] 
[  609.791168][T13915] Uninit was stored to memory at:
[  609.795666][T13851]  get_compat_msghdr+0x108/0x2c0
[  609.795727][T13851]  ? __sys_recvmmsg+0x51c/0x6f0
[  609.800894][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  609.805697][T13851]  do_recvmmsg+0x1063/0x2120
[  609.805743][T13851]  ? psi_group_change+0x10fa/0x1630
[  609.805820][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  609.812105][T13915]  get_compat_msghdr+0x108/0x2c0
[  609.818076][T13851]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  609.822674][T13915]  do_recvmmsg+0x1063/0x2120
[  609.827672][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  609.833552][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  609.839781][T13851]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  609.844884][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  609.849892][T13851]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  609.852289][T13915]  __do_fast_syscall_32+0x96/0xf0
[  609.857259][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  609.862278][T13915]  do_fast_syscall_32+0x34/0x70
[  609.867028][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  609.872201][T13915]  do_SYSENTER_32+0x1b/0x20
[  609.876696][T13851]  __do_fast_syscall_32+0x96/0xf0
[  609.881961][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  609.886965][T13851]  do_fast_syscall_32+0x34/0x70
[  609.891976][T13915] 
[  609.897674][T13851]  do_SYSENTER_32+0x1b/0x20
[  609.902430][T13915] Uninit was stored to memory at:
[  609.907429][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  609.912242][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  609.918309][T13851] RIP: 0023:0xf6e8f549
[  609.924731][T13915]  get_compat_msghdr+0x108/0x2c0
[  609.931118][T13851] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  609.936657][T13915]  do_recvmmsg+0x1063/0x2120
[  609.941309][T13851] RSP: 002b:00000000f5e685fc EFLAGS: 00000296
[  609.946244][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  609.952459][T13851]  ORIG_RAX: 0000000000000151
[  609.952477][T13851] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  609.952510][T13851] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  609.952540][T13851] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  609.952573][T13851] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  609.957062][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  609.962067][T13851] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  609.962111][T13851]  </TASK>
[  609.962351][T13851] Uninit was stored to memory at:
[  609.968477][T13915]  __do_fast_syscall_32+0x96/0xf0
[  609.973441][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  609.975723][T13915]  do_fast_syscall_32+0x34/0x70
[  609.980207][T13851]  get_compat_msghdr+0x108/0x2c0
[  609.985311][T13915]  do_SYSENTER_32+0x1b/0x20
[  609.991601][T13851]  do_recvmmsg+0x1063/0x2120
[  609.996790][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  610.000823][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  610.005843][T13915] 
[  610.025491][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  610.030095][T13915] Uninit was stored to memory at:
[  610.030165][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  610.036218][T13851]  __do_fast_syscall_32+0x96/0xf0
[  610.040897][T13915]  get_compat_msghdr+0x108/0x2c0
[  610.045746][T13851]  do_fast_syscall_32+0x34/0x70
[  610.053717][T13915]  do_recvmmsg+0x1063/0x2120
[  610.061659][T13851]  do_SYSENTER_32+0x1b/0x20
[  610.069722][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  610.077651][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  610.084061][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  610.092092][T13851] 
[  610.092100][T13851] Uninit was stored to memory at:
[  610.092170][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  610.095134][T13915]  __do_fast_syscall_32+0x96/0xf0
[  610.100140][T13851]  get_compat_msghdr+0x108/0x2c0
[  610.105246][T13915]  do_fast_syscall_32+0x34/0x70
[  610.110342][T13851]  do_recvmmsg+0x1063/0x2120
[  610.115288][T13915]  do_SYSENTER_32+0x1b/0x20
[  610.120190][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  610.124777][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  610.129331][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  610.135737][T13915] 
[  610.140372][T13851]  __do_fast_syscall_32+0x96/0xf0
[  610.142778][T13915] Uninit was stored to memory at:
[  610.149065][T13851]  do_fast_syscall_32+0x34/0x70
[  610.154232][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  610.159247][T13851]  do_SYSENTER_32+0x1b/0x20
[  610.164350][T13915]  get_compat_msghdr+0x108/0x2c0
[  610.169254][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  610.174182][T13915]  do_recvmmsg+0x1063/0x2120
[  610.178733][T13851] 
[  610.178740][T13851] Uninit was stored to memory at:
[  610.178811][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  610.183332][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  610.187976][T13851]  get_compat_msghdr+0x108/0x2c0
[  610.194380][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  610.200677][T13851]  do_recvmmsg+0x1063/0x2120
[  610.203124][T13915]  __do_fast_syscall_32+0x96/0xf0
[  610.208126][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  610.213336][T13915]  do_fast_syscall_32+0x34/0x70
[  610.218338][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  610.223380][T13915]  do_SYSENTER_32+0x1b/0x20
[  610.228192][T13851]  __do_fast_syscall_32+0x96/0xf0
[  610.232864][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  610.237325][T13851]  do_fast_syscall_32+0x34/0x70
[  610.242082][T13915] 
[  610.248377][T13851]  do_SYSENTER_32+0x1b/0x20
[  610.254876][T13915] Uninit was stored to memory at:
[  610.257171][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  610.262348][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  610.267273][T13851] 
[  610.267281][T13851] Uninit was stored to memory at:
[  610.272201][T13915]  get_compat_msghdr+0x108/0x2c0
[  610.277332][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  610.281876][T13915]  do_recvmmsg+0x1063/0x2120
[  610.286865][T13851]  get_compat_msghdr+0x108/0x2c0
[  610.293275][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  610.297825][T13851]  do_recvmmsg+0x1063/0x2120
[  610.300140][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  610.305223][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  610.310336][T13915]  __do_fast_syscall_32+0x96/0xf0
[  610.315073][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  610.320016][T13915]  do_fast_syscall_32+0x34/0x70
[  610.326402][T13851]  __do_fast_syscall_32+0x96/0xf0
[  610.330995][T13915]  do_SYSENTER_32+0x1b/0x20
[  610.336095][T13851]  do_fast_syscall_32+0x34/0x70
[  610.340777][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  610.345702][T13851]  do_SYSENTER_32+0x1b/0x20
[  610.352120][T13915] 
[  610.356588][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  610.361598][T13915] Uninit was stored to memory at:
[  610.361672][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  610.368002][T13851] 
[  610.372848][T13915]  get_compat_msghdr+0x108/0x2c0
[  610.375140][T13851] Uninit was stored to memory at:
[  610.375210][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  610.379623][T13915]  do_recvmmsg+0x1063/0x2120
[  610.384711][T13851]  get_compat_msghdr+0x108/0x2c0
[  610.391041][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  610.396243][T13851]  do_recvmmsg+0x1063/0x2120
[  610.398573][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  610.403657][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  610.408606][T13915]  __do_fast_syscall_32+0x96/0xf0
[  610.413876][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  610.418467][T13915]  do_fast_syscall_32+0x34/0x70
[  610.423466][T13851]  __do_fast_syscall_32+0x96/0xf0
[  610.428166][T13915]  do_SYSENTER_32+0x1b/0x20
[  610.432815][T13851]  do_fast_syscall_32+0x34/0x70
[  610.439143][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  610.443878][T13851]  do_SYSENTER_32+0x1b/0x20
[  610.448917][T13915] 
[  610.448926][T13915] Local variable msg_sys created at:
[  610.455333][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  610.460189][T13915]  do_recvmmsg+0xc1/0x2120
[  610.465306][T13851] 
[  610.465317][T13851] Uninit was stored to memory at:
[  610.465391][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  610.469803][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  610.474736][T13851]  get_compat_msghdr+0x108/0x2c0
[  610.634420][T13851]  do_recvmmsg+0x1063/0x2120
[  610.639060][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  610.643960][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  610.650359][T13851]  __do_fast_syscall_32+0x96/0xf0
[  610.655527][T13851]  do_fast_syscall_32+0x34/0x70
[  610.660420][T13851]  do_SYSENTER_32+0x1b/0x20
[  610.665068][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  610.671450][T13851] 
[  610.673876][T13851] Uninit was stored to memory at:
[  610.678966][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  610.684216][T13851]  get_compat_msghdr+0x108/0x2c0
[  610.689203][T13851]  do_recvmmsg+0x1063/0x2120
[  610.693918][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  610.698625][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  610.705105][T13851]  __do_fast_syscall_32+0x96/0xf0
[  610.710191][T13851]  do_fast_syscall_32+0x34/0x70
[  610.715169][T13851]  do_SYSENTER_32+0x1b/0x20
[  610.719709][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  610.726176][T13851] 
[  610.728505][T13851] Local variable msg_sys created at:
[  610.733894][T13851]  do_recvmmsg+0xc1/0x2120
[  610.738342][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  610.939484][T13851] not chained 110000 origins
[  610.944430][T13851] CPU: 0 PID: 13851 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0
[  610.953327][T13851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  610.963404][T13851] Call Trace:
[  610.966715][T13851]  <TASK>
[  610.969658][T13851]  dump_stack_lvl+0x1ff/0x28e
[  610.974393][T13851]  dump_stack+0x25/0x28
[  610.978606][T13851]  kmsan_internal_chain_origin+0x7a/0x110
[  610.984383][T13851]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  610.990509][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  610.995683][T13851]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  611.001555][T13851]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  611.007161][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  611.012329][T13851]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  611.018194][T13851]  ? should_fail+0x75/0x9c0
[  611.022758][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  611.027936][T13851]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  611.034261][T13851]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  611.040661][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  611.045831][T13851]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  611.051721][T13851]  __msan_chain_origin+0xbf/0x140
[  611.056799][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  611.061998][T13851]  get_compat_msghdr+0x108/0x2c0
[  611.067000][T13851]  ? __sys_recvmmsg+0x51c/0x6f0
[  611.071901][T13851]  do_recvmmsg+0x1063/0x2120
[  611.076529][T13851]  ? psi_group_change+0x10fa/0x1630
[  611.081794][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  611.086967][T13851]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  611.092842][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  611.098004][T13851]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  611.104310][T13851]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  611.110871][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  611.115597][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  611.122011][T13851]  __do_fast_syscall_32+0x96/0xf0
[  611.127092][T13851]  do_fast_syscall_32+0x34/0x70
[  611.131984][T13851]  do_SYSENTER_32+0x1b/0x20
[  611.136527][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  611.142903][T13851] RIP: 0023:0xf6e8f549
[  611.146997][T13851] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  611.166657][T13851] RSP: 002b:00000000f5e685fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  611.175138][T13851] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  611.183147][T13851] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  611.191145][T13851] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  611.199143][T13851] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  611.207140][T13851] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  611.215175][T13851]  </TASK>
[  611.221202][T13851] Uninit was stored to memory at:
[  611.226863][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  611.232128][T13851]  get_compat_msghdr+0x108/0x2c0
[  611.237116][T13851]  do_recvmmsg+0x1063/0x2120
[  611.241833][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  611.246551][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  611.253404][T13851]  __do_fast_syscall_32+0x96/0xf0
[  611.258478][T13851]  do_fast_syscall_32+0x34/0x70
[  611.263458][T13851]  do_SYSENTER_32+0x1b/0x20
[  611.267998][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  611.274479][T13851] 
[  611.276816][T13851] Uninit was stored to memory at:
[  611.282018][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  611.287176][T13851]  get_compat_msghdr+0x108/0x2c0
[  611.292246][T13851]  do_recvmmsg+0x1063/0x2120
[  611.296871][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  611.301581][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  611.308063][T13851]  __do_fast_syscall_32+0x96/0xf0
[  611.313283][T13851]  do_fast_syscall_32+0x34/0x70
[  611.318210][T13851]  do_SYSENTER_32+0x1b/0x20
[  611.322915][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  611.329294][T13851] 
[  611.331621][T13851] Uninit was stored to memory at:
[  611.336876][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  611.342353][T13851]  get_compat_msghdr+0x108/0x2c0
[  611.347336][T13851]  do_recvmmsg+0x1063/0x2120
[  611.352114][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  611.356837][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  611.363382][T13851]  __do_fast_syscall_32+0x96/0xf0
[  611.368459][T13851]  do_fast_syscall_32+0x34/0x70
[  611.373510][T13851]  do_SYSENTER_32+0x1b/0x20
[  611.378147][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  611.384686][T13851] 
[  611.387019][T13851] Uninit was stored to memory at:
[  611.392264][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  611.397419][T13851]  get_compat_msghdr+0x108/0x2c0
[  611.402554][T13851]  do_recvmmsg+0x1063/0x2120
[  611.407179][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  611.412029][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  611.418419][T13851]  __do_fast_syscall_32+0x96/0xf0
[  611.423684][T13851]  do_fast_syscall_32+0x34/0x70
[  611.428585][T13851]  do_SYSENTER_32+0x1b/0x20
[  611.433213][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  611.439612][T13851] 
[  611.442078][T13851] Uninit was stored to memory at:
[  611.447177][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  611.452486][T13851]  get_compat_msghdr+0x108/0x2c0
[  611.457575][T13851]  do_recvmmsg+0x1063/0x2120
[  611.462346][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  611.467096][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  611.473655][T13851]  __do_fast_syscall_32+0x96/0xf0
[  611.478731][T13851]  do_fast_syscall_32+0x34/0x70
[  611.483793][T13851]  do_SYSENTER_32+0x1b/0x20
[  611.488349][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  611.494890][T13851] 
[  611.497236][T13851] Uninit was stored to memory at:
[  611.502457][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  611.507618][T13851]  get_compat_msghdr+0x108/0x2c0
[  611.512751][T13851]  do_recvmmsg+0x1063/0x2120
[  611.517380][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  611.522242][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  611.528626][T13851]  __do_fast_syscall_32+0x96/0xf0
[  611.533869][T13851]  do_fast_syscall_32+0x34/0x70
[  611.538765][T13851]  do_SYSENTER_32+0x1b/0x20
[  611.543416][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  611.549792][T13851] 
[  611.552221][T13851] Uninit was stored to memory at:
[  611.557314][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  611.562571][T13851]  get_compat_msghdr+0x108/0x2c0
[  611.567557][T13851]  do_recvmmsg+0x1063/0x2120
[  611.572267][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  611.576981][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  611.583455][T13851]  __do_fast_syscall_32+0x96/0xf0
[  611.588526][T13851]  do_fast_syscall_32+0x34/0x70
[  611.593512][T13851]  do_SYSENTER_32+0x1b/0x20
[  611.598159][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  611.604795][T13851] 
[  611.607132][T13851] Local variable msg_sys created at:
[  611.612509][T13851]  do_recvmmsg+0xc1/0x2120
[  611.616964][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  611.729061][T13851] not chained 120000 origins
[  611.733967][T13851] CPU: 0 PID: 13851 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0
[  611.742779][T13851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  611.752870][T13851] Call Trace:
[  611.756181][T13851]  <TASK>
[  611.759135][T13851]  dump_stack_lvl+0x1ff/0x28e
[  611.763867][T13851]  dump_stack+0x25/0x28
[  611.768067][T13851]  kmsan_internal_chain_origin+0x7a/0x110
[  611.773847][T13851]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  611.780155][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  611.785331][T13851]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  611.791206][T13851]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  611.796818][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  611.801992][T13851]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  611.807865][T13851]  ? should_fail+0x75/0x9c0
[  611.812427][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  611.817656][T13851]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  611.823964][T13851]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  611.830097][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  611.835282][T13851]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  611.841155][T13851]  __msan_chain_origin+0xbf/0x140
[  611.846243][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  611.851426][T13851]  get_compat_msghdr+0x108/0x2c0
[  611.856425][T13851]  ? __sys_recvmmsg+0x51c/0x6f0
[  611.861327][T13851]  do_recvmmsg+0x1063/0x2120
[  611.865958][T13851]  ? psi_group_change+0x10fa/0x1630
[  611.871227][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  611.876403][T13851]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  611.882321][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  611.887500][T13851]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  611.893809][T13851]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  611.900375][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  611.905108][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  611.911505][T13851]  __do_fast_syscall_32+0x96/0xf0
[  611.916585][T13851]  do_fast_syscall_32+0x34/0x70
[  611.921514][T13851]  do_SYSENTER_32+0x1b/0x20
[  611.926061][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  611.932442][T13851] RIP: 0023:0xf6e8f549
[  611.936633][T13851] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  611.956380][T13851] RSP: 002b:00000000f5e685fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  611.964932][T13851] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  611.972941][T13851] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  611.980946][T13851] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  611.988946][T13851] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  611.996950][T13851] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  612.004972][T13851]  </TASK>
[  612.011204][T13851] Uninit was stored to memory at:
[  612.016789][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  612.022037][T13851]  get_compat_msghdr+0x108/0x2c0
[  612.027024][T13851]  do_recvmmsg+0x1063/0x2120
[  612.031649][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  612.036462][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  612.042961][T13851]  __do_fast_syscall_32+0x96/0xf0
[  612.048034][T13851]  do_fast_syscall_32+0x34/0x70
[  612.053027][T13851]  do_SYSENTER_32+0x1b/0x20
[  612.057571][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  612.064077][T13851] 
[  612.066411][T13851] Uninit was stored to memory at:
[  612.071504][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  612.076822][T13851]  get_compat_msghdr+0x108/0x2c0
[  612.081944][T13851]  do_recvmmsg+0x1063/0x2120
[  612.086573][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  612.091288][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  612.097854][T13851]  __do_fast_syscall_32+0x96/0xf0
[  612.103062][T13851]  do_fast_syscall_32+0x34/0x70
[  612.107962][T13851]  do_SYSENTER_32+0x1b/0x20
[  612.112676][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  612.119056][T13851] 
[  612.121412][T13851] Uninit was stored to memory at:
[  612.126690][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  612.131992][T13851]  get_compat_msghdr+0x108/0x2c0
[  612.136979][T13851]  do_recvmmsg+0x1063/0x2120
[  612.141609][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  612.146512][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  612.153087][T13851]  __do_fast_syscall_32+0x96/0xf0
[  612.158163][T13851]  do_fast_syscall_32+0x34/0x70
[  612.163151][T13851]  do_SYSENTER_32+0x1b/0x20
[  612.167703][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  612.174196][T13851] 
[  612.176530][T13851] Uninit was stored to memory at:
[  612.181686][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  612.186950][T13851]  get_compat_msghdr+0x108/0x2c0
[  612.192022][T13851]  do_recvmmsg+0x1063/0x2120
[  612.196656][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  612.201375][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  612.207943][T13851]  __do_fast_syscall_32+0x96/0xf0
[  612.213179][T13851]  do_fast_syscall_32+0x34/0x70
[  612.218079][T13851]  do_SYSENTER_32+0x1b/0x20
[  612.222787][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  612.229176][T13851] 
[  612.231508][T13851] Uninit was stored to memory at:
[  612.236780][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  612.242141][T13851]  get_compat_msghdr+0x108/0x2c0
[  612.247391][T13851]  do_recvmmsg+0x1063/0x2120
[  612.252214][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  612.256934][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  612.263507][T13851]  __do_fast_syscall_32+0x96/0xf0
[  612.268588][T13851]  do_fast_syscall_32+0x34/0x70
[  612.273722][T13851]  do_SYSENTER_32+0x1b/0x20
[  612.278272][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  612.284749][T13851] 
[  612.287085][T13851] Uninit was stored to memory at:
[  612.292381][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  612.297541][T13851]  get_compat_msghdr+0x108/0x2c0
[  612.302716][T13851]  do_recvmmsg+0x1063/0x2120
[  612.307346][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  612.312204][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  612.318596][T13851]  __do_fast_syscall_32+0x96/0xf0
[  612.323764][T13851]  do_fast_syscall_32+0x34/0x70
[  612.328662][T13851]  do_SYSENTER_32+0x1b/0x20
[  612.333382][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  612.339766][T13851] 
[  612.342256][T13851] Uninit was stored to memory at:
[  612.347356][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  612.352714][T13851]  get_compat_msghdr+0x108/0x2c0
[  612.357707][T13851]  do_recvmmsg+0x1063/0x2120
[  612.362497][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  612.367392][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  612.373951][T13851]  __do_fast_syscall_32+0x96/0xf0
[  612.379029][T13851]  do_fast_syscall_32+0x34/0x70
[  612.384106][T13851]  do_SYSENTER_32+0x1b/0x20
[  612.388657][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  612.395217][T13851] 
[  612.397555][T13851] Local variable msg_sys created at:
[  612.403006][T13851]  do_recvmmsg+0xc1/0x2120
[  612.407460][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  612.641351][T13851] not chained 130000 origins
[  612.646195][T13851] CPU: 0 PID: 13851 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0
[  612.655004][T13851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  612.665100][T13851] Call Trace:
[  612.668399][T13851]  <TASK>
[  612.671374][T13851]  dump_stack_lvl+0x1ff/0x28e
[  612.676103][T13851]  dump_stack+0x25/0x28
[  612.680302][T13851]  kmsan_internal_chain_origin+0x7a/0x110
[  612.686080][T13851]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  612.692212][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  612.697381][T13851]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  612.703253][T13851]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  612.708860][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  612.714030][T13851]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  612.719899][T13851]  ? should_fail+0x75/0x9c0
[  612.724573][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  612.729743][T13851]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  612.736046][T13851]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  612.742181][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  612.747361][T13851]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  612.753314][T13851]  __msan_chain_origin+0xbf/0x140
[  612.758394][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  612.763574][T13851]  get_compat_msghdr+0x108/0x2c0
[  612.768571][T13851]  ? __sys_recvmmsg+0x51c/0x6f0
[  612.773462][T13851]  do_recvmmsg+0x1063/0x2120
[  612.778102][T13851]  ? psi_group_change+0x10fa/0x1630
[  612.783376][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  612.788550][T13851]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  612.794414][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  612.799590][T13851]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  612.805904][T13851]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  612.812474][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  612.817224][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  612.823624][T13851]  __do_fast_syscall_32+0x96/0xf0
[  612.828704][T13851]  do_fast_syscall_32+0x34/0x70
[  612.833604][T13851]  do_SYSENTER_32+0x1b/0x20
[  612.838157][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  612.844537][T13851] RIP: 0023:0xf6e8f549
[  612.848634][T13851] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  612.868324][T13851] RSP: 002b:00000000f5e685fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  612.876792][T13851] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  612.884804][T13851] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  612.892817][T13851] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  612.900822][T13851] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  612.908827][T13851] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  612.916852][T13851]  </TASK>
[  612.925233][T13851] Uninit was stored to memory at:
[  612.933607][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  612.938784][T13851]  get_compat_msghdr+0x108/0x2c0
[  612.944382][T13851]  do_recvmmsg+0x1063/0x2120
[  612.949029][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  612.953847][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  612.960239][T13851]  __do_fast_syscall_32+0x96/0xf0
[  612.965489][T13851]  do_fast_syscall_32+0x34/0x70
[  612.970393][T13851]  do_SYSENTER_32+0x1b/0x20
[  612.975100][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  612.981485][T13851] 
[  612.983987][T13851] Uninit was stored to memory at:
[  612.989083][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  612.994431][T13851]  get_compat_msghdr+0x108/0x2c0
[  612.999428][T13851]  do_recvmmsg+0x1063/0x2120
[  613.004223][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  613.008949][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  613.015518][T13851]  __do_fast_syscall_32+0x96/0xf0
[  613.020596][T13851]  do_fast_syscall_32+0x34/0x70
[  613.025672][T13851]  do_SYSENTER_32+0x1b/0x20
[  613.030247][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  613.036813][T13851] 
[  613.039149][T13851] Uninit was stored to memory at:
[  613.044398][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  613.049555][T13851]  get_compat_msghdr+0x108/0x2c0
[  613.054729][T13851]  do_recvmmsg+0x1063/0x2120
[  613.059365][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  613.064267][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  613.070671][T13851]  __do_fast_syscall_32+0x96/0xf0
[  613.075915][T13851]  do_fast_syscall_32+0x34/0x70
[  613.080819][T13851]  do_SYSENTER_32+0x1b/0x20
[  613.085534][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  613.092077][T13851] 
[  613.094417][T13851] Uninit was stored to memory at:
[  613.099519][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  613.104839][T13851]  get_compat_msghdr+0x108/0x2c0
[  613.109828][T13851]  do_recvmmsg+0x1063/0x2120
[  613.114617][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  613.119420][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  613.125972][T13851]  __do_fast_syscall_32+0x96/0xf0
[  613.131047][T13851]  do_fast_syscall_32+0x34/0x70
[  613.136092][T13851]  do_SYSENTER_32+0x1b/0x20
[  613.140640][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  613.147188][T13851] 
[  613.149528][T13851] Uninit was stored to memory at:
[  613.154783][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  613.159972][T13851]  get_compat_msghdr+0x108/0x2c0
[  613.165118][T13851]  do_recvmmsg+0x1063/0x2120
[  613.169747][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  613.174627][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  613.181015][T13851]  __do_fast_syscall_32+0x96/0xf0
[  613.186281][T13851]  do_fast_syscall_32+0x34/0x70
[  613.191181][T13851]  do_SYSENTER_32+0x1b/0x20
[  613.195976][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  613.202541][T13851] 
[  613.204875][T13851] Uninit was stored to memory at:
[  613.209974][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  613.215329][T13851]  get_compat_msghdr+0x108/0x2c0
[  613.220323][T13851]  do_recvmmsg+0x1063/0x2120
[  613.225136][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  613.229856][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  613.236415][T13851]  __do_fast_syscall_32+0x96/0xf0
[  613.241497][T13851]  do_fast_syscall_32+0x34/0x70
[  613.246571][T13851]  do_SYSENTER_32+0x1b/0x20
[  613.251121][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  613.257674][T13851] 
[  613.260009][T13851] Uninit was stored to memory at:
[  613.265274][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  613.270435][T13851]  get_compat_msghdr+0x108/0x2c0
[  613.275592][T13851]  do_recvmmsg+0x1063/0x2120
[  613.280220][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  613.285115][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  613.291938][T13851]  __do_fast_syscall_32+0x96/0xf0
[  613.297015][T13851]  do_fast_syscall_32+0x34/0x70
[  613.302075][T13851]  do_SYSENTER_32+0x1b/0x20
[  613.306637][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  613.313203][T13851] 
[  613.315554][T13851] Local variable msg_sys created at:
[  613.320845][T13851]  do_recvmmsg+0xc1/0x2120
[  613.325467][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  613.724139][T13915] not chained 140000 origins
[  613.728782][T13915] CPU: 0 PID: 13915 Comm: syz-executor.0 Not tainted 5.16.0-rc3-syzkaller #0
[  613.737595][T13915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  613.747690][T13915] Call Trace:
[  613.750992][T13915]  <TASK>
[  613.753943][T13915]  dump_stack_lvl+0x1ff/0x28e
[  613.758687][T13915]  dump_stack+0x25/0x28
[  613.762888][T13915]  kmsan_internal_chain_origin+0x7a/0x110
[  613.768668][T13915]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  613.774793][T13915]  ? kmsan_get_metadata+0xa4/0x120
[  613.779960][T13915]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  613.785921][T13915]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  613.791527][T13915]  ? kmsan_get_metadata+0xa4/0x120
[  613.796701][T13915]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  613.802573][T13915]  ? should_fail+0x75/0x9c0
[  613.807147][T13915]  ? kmsan_get_metadata+0xa4/0x120
[  613.812310][T13915]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  613.818617][T13915]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  613.824767][T13915]  ? kmsan_get_metadata+0xa4/0x120
[  613.829937][T13915]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  613.835803][T13915]  __msan_chain_origin+0xbf/0x140
[  613.840971][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  613.846152][T13915]  get_compat_msghdr+0x108/0x2c0
[  613.851146][T13915]  ? __sys_recvmmsg+0x51c/0x6f0
[  613.856039][T13915]  do_recvmmsg+0x1063/0x2120
[  613.860685][T13915]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  613.866566][T13915]  ? kmsan_get_metadata+0xa4/0x120
[  613.871735][T13915]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  613.878041][T13915]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  613.884611][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  613.889348][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  613.895743][T13915]  __do_fast_syscall_32+0x96/0xf0
[  613.900819][T13915]  do_fast_syscall_32+0x34/0x70
[  613.905724][T13915]  do_SYSENTER_32+0x1b/0x20
[  613.910271][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  613.916652][T13915] RIP: 0023:0xf6e9a549
[  613.920746][T13915] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  613.940398][T13915] RSP: 002b:00000000f5c315fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  613.948862][T13915] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  613.956875][T13915] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  613.964885][T13915] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  613.972888][T13915] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  613.980919][T13915] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  613.989024][T13915]  </TASK>
[  613.995159][T13915] Uninit was stored to memory at:
[  614.000264][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  614.006015][T13915]  get_compat_msghdr+0x108/0x2c0
[  614.011012][T13915]  do_recvmmsg+0x1063/0x2120
[  614.015814][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  614.020626][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  614.027182][T13915]  __do_fast_syscall_32+0x96/0xf0
[  614.032399][T13915]  do_fast_syscall_32+0x34/0x70
[  614.037304][T13915]  do_SYSENTER_32+0x1b/0x20
[  614.041996][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  614.048380][T13915] 
[  614.050717][T13915] Uninit was stored to memory at:
[  614.056138][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  614.061427][T13915]  get_compat_msghdr+0x108/0x2c0
[  614.066587][T13915]  do_recvmmsg+0x1063/0x2120
[  614.071229][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  614.076104][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  614.082746][T13915]  __do_fast_syscall_32+0x96/0xf0
[  614.087819][T13915]  do_fast_syscall_32+0x34/0x70
[  614.092860][T13915]  do_SYSENTER_32+0x1b/0x20
[  614.097408][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  614.103947][T13915] 
[  614.106283][T13915] Uninit was stored to memory at:
[  614.111377][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  614.116698][T13915]  get_compat_msghdr+0x108/0x2c0
[  614.121682][T13915]  do_recvmmsg+0x1063/0x2120
[  614.126470][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  614.131268][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  614.137813][T13915]  __do_fast_syscall_32+0x96/0xf0
[  614.143041][T13915]  do_fast_syscall_32+0x34/0x70
[  614.147951][T13915]  do_SYSENTER_32+0x1b/0x20
[  614.152648][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  614.159027][T13915] 
[  614.161358][T13915] Uninit was stored to memory at:
[  614.166684][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  614.172032][T13915]  get_compat_msghdr+0x108/0x2c0
[  614.177022][T13915]  do_recvmmsg+0x1063/0x2120
[  614.181661][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  614.186563][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  614.193191][T13915]  __do_fast_syscall_32+0x96/0xf0
[  614.198267][T13915]  do_fast_syscall_32+0x34/0x70
[  614.203333][T13915]  do_SYSENTER_32+0x1b/0x20
[  614.207900][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  614.214452][T13915] 
[  614.216788][T13915] Uninit was stored to memory at:
[  614.222032][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  614.227192][T13915]  get_compat_msghdr+0x108/0x2c0
[  614.232331][T13915]  do_recvmmsg+0x1063/0x2120
[  614.236962][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  614.241678][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  614.248210][T13915]  __do_fast_syscall_32+0x96/0xf0
[  614.253446][T13915]  do_fast_syscall_32+0x34/0x70
[  614.258343][T13915]  do_SYSENTER_32+0x1b/0x20
[  614.263042][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  614.269423][T13915] 
[  614.271895][T13915] Uninit was stored to memory at:
[  614.276997][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  614.282317][T13915]  get_compat_msghdr+0x108/0x2c0
[  614.287304][T13915]  do_recvmmsg+0x1063/0x2120
[  614.292074][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  614.296789][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  614.303346][T13915]  __do_fast_syscall_32+0x96/0xf0
[  614.308419][T13915]  do_fast_syscall_32+0x34/0x70
[  614.313474][T13915]  do_SYSENTER_32+0x1b/0x20
[  614.318025][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  614.324564][T13915] 
[  614.326897][T13915] Uninit was stored to memory at:
[  614.332141][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  614.337294][T13915]  get_compat_msghdr+0x108/0x2c0
[  614.342431][T13915]  do_recvmmsg+0x1063/0x2120
[  614.347061][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  614.351919][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  614.358307][T13915]  __do_fast_syscall_32+0x96/0xf0
[  614.363535][T13915]  do_fast_syscall_32+0x34/0x70
[  614.368438][T13915]  do_SYSENTER_32+0x1b/0x20
[  614.373147][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  614.379529][T13915] 
[  614.382032][T13915] Local variable msg_sys created at:
[  614.387326][T13915]  do_recvmmsg+0xc1/0x2120
[  614.391935][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  614.497845][T13851] not chained 150000 origins
[  614.502861][T13851] CPU: 1 PID: 13851 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0
[  614.511764][T13851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  614.521874][T13851] Call Trace:
[  614.525175][T13851]  <TASK>
[  614.528126][T13851]  dump_stack_lvl+0x1ff/0x28e
[  614.532857][T13851]  dump_stack+0x25/0x28
[  614.537057][T13851]  kmsan_internal_chain_origin+0x7a/0x110
[  614.542836][T13851]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  614.548970][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  614.554155][T13851]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  614.560029][T13851]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  614.565642][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  614.570815][T13851]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  614.576688][T13851]  ? should_fail+0x75/0x9c0
[  614.581253][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  614.586428][T13851]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  614.592738][T13851]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  614.598872][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  614.604045][T13851]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  614.609918][T13851]  __msan_chain_origin+0xbf/0x140
[  614.615029][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  614.620210][T13851]  get_compat_msghdr+0x108/0x2c0
[  614.625208][T13851]  ? __sys_recvmmsg+0x51c/0x6f0
[  614.630109][T13851]  do_recvmmsg+0x1063/0x2120
[  614.634745][T13851]  ? psi_group_change+0x10fa/0x1630
[  614.640018][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  614.645199][T13851]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  614.651070][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  614.656250][T13851]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  614.662564][T13851]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  614.669133][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  614.673864][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  614.680265][T13851]  __do_fast_syscall_32+0x96/0xf0
[  614.685351][T13851]  do_fast_syscall_32+0x34/0x70
[  614.690261][T13851]  do_SYSENTER_32+0x1b/0x20
[  614.694843][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  614.701226][T13851] RIP: 0023:0xf6e8f549
[  614.705322][T13851] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  614.724990][T13851] RSP: 002b:00000000f5e685fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  614.733455][T13851] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  614.741471][T13851] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  614.749476][T13851] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  614.757473][T13851] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  614.765470][T13851] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  614.773480][T13851]  </TASK>
[  614.781231][T13851] Uninit was stored to memory at:
[  614.787600][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  614.792893][T13851]  get_compat_msghdr+0x108/0x2c0
[  614.797889][T13851]  do_recvmmsg+0x1063/0x2120
[  614.802745][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  614.807466][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  614.814046][T13851]  __do_fast_syscall_32+0x96/0xf0
[  614.819119][T13851]  do_fast_syscall_32+0x34/0x70
[  614.824182][T13851]  do_SYSENTER_32+0x1b/0x20
[  614.828732][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  614.835299][T13851] 
[  614.837633][T13851] Uninit was stored to memory at:
[  614.842909][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  614.848076][T13851]  get_compat_msghdr+0x108/0x2c0
[  614.853249][T13851]  do_recvmmsg+0x1063/0x2120
[  614.857879][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  614.862776][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  614.869169][T13851]  __do_fast_syscall_32+0x96/0xf0
[  614.874429][T13851]  do_fast_syscall_32+0x34/0x70
[  614.879324][T13851]  do_SYSENTER_32+0x1b/0x20
[  614.884078][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  614.890459][T13851] 
[  614.892979][T13851] Uninit was stored to memory at:
[  614.898076][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  614.903430][T13851]  get_compat_msghdr+0x108/0x2c0
[  614.908412][T13851]  do_recvmmsg+0x1063/0x2120
[  614.913227][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  614.917943][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  614.924515][T13851]  __do_fast_syscall_32+0x96/0xf0
[  614.929584][T13851]  do_fast_syscall_32+0x34/0x70
[  614.934665][T13851]  do_SYSENTER_32+0x1b/0x20
[  614.939211][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  614.945794][T13851] 
[  614.948127][T13851] Uninit was stored to memory at:
[  614.953413][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  614.958574][T13851]  get_compat_msghdr+0x108/0x2c0
[  614.963767][T13851]  do_recvmmsg+0x1063/0x2120
[  614.968395][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  614.973294][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  614.979681][T13851]  __do_fast_syscall_32+0x96/0xf0
[  614.984927][T13851]  do_fast_syscall_32+0x34/0x70
[  614.989830][T13851]  do_SYSENTER_32+0x1b/0x20
[  614.994568][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  615.000951][T13851] 
[  615.003481][T13851] Uninit was stored to memory at:
[  615.008574][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  615.013916][T13851]  get_compat_msghdr+0x108/0x2c0
[  615.018911][T13851]  do_recvmmsg+0x1063/0x2120
[  615.023737][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  615.028451][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  615.035038][T13851]  __do_fast_syscall_32+0x96/0xf0
[  615.040110][T13851]  do_fast_syscall_32+0x34/0x70
[  615.045218][T13851]  do_SYSENTER_32+0x1b/0x20
[  615.049765][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  615.056341][T13851] 
[  615.058694][T13851] Uninit was stored to memory at:
[  615.063990][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  615.069261][T13851]  get_compat_msghdr+0x108/0x2c0
[  615.074456][T13851]  do_recvmmsg+0x1063/0x2120
[  615.079091][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  615.084013][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  615.090404][T13851]  __do_fast_syscall_32+0x96/0xf0
[  615.095700][T13851]  do_fast_syscall_32+0x34/0x70
[  615.100596][T13851]  do_SYSENTER_32+0x1b/0x20
[  615.105343][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  615.111920][T13851] 
[  615.114254][T13851] Uninit was stored to memory at:
[  615.119345][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  615.124709][T13851]  get_compat_msghdr+0x108/0x2c0
[  615.129787][T13851]  do_recvmmsg+0x1063/0x2120
[  615.134636][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  615.139351][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  615.146394][T13851]  __do_fast_syscall_32+0x96/0xf0
[  615.151503][T13851]  do_fast_syscall_32+0x34/0x70
[  615.156614][T13851]  do_SYSENTER_32+0x1b/0x20
[  615.161163][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  615.167744][T13851] 
[  615.170076][T13851] Local variable msg_sys created at:
[  615.175536][T13851]  do_recvmmsg+0xc1/0x2120
[  615.179990][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  615.288501][T13851] not chained 160000 origins
[  615.293520][T13851] CPU: 1 PID: 13851 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0
[  615.302324][T13851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  615.312435][T13851] Call Trace:
[  615.315728][T13851]  <TASK>
[  615.318675][T13851]  dump_stack_lvl+0x1ff/0x28e
[  615.323409][T13851]  dump_stack+0x25/0x28
[  615.327612][T13851]  kmsan_internal_chain_origin+0x7a/0x110
[  615.333395][T13851]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  615.339519][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  615.344711][T13851]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  615.350582][T13851]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  615.356183][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  615.361353][T13851]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  615.367236][T13851]  ? should_fail+0x75/0x9c0
[  615.371796][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  615.376958][T13851]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  615.383264][T13851]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  615.389391][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  615.394559][T13851]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  615.400427][T13851]  __msan_chain_origin+0xbf/0x140
[  615.405508][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  615.410684][T13851]  get_compat_msghdr+0x108/0x2c0
[  615.415670][T13851]  ? __sys_recvmmsg+0x51c/0x6f0
[  615.420557][T13851]  do_recvmmsg+0x1063/0x2120
[  615.425183][T13851]  ? psi_group_change+0x10fa/0x1630
[  615.430452][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  615.435628][T13851]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  615.441489][T13851]  ? kmsan_get_metadata+0xa4/0x120
[  615.446825][T13851]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  615.453223][T13851]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  615.459809][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  615.464540][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  615.470934][T13851]  __do_fast_syscall_32+0x96/0xf0
[  615.476026][T13851]  do_fast_syscall_32+0x34/0x70
[  615.480932][T13851]  do_SYSENTER_32+0x1b/0x20
[  615.485480][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  615.491861][T13851] RIP: 0023:0xf6e8f549
[  615.495958][T13851] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  615.515615][T13851] RSP: 002b:00000000f5e685fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  615.524080][T13851] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  615.532086][T13851] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  615.540082][T13851] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  615.548094][T13851] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  615.556115][T13851] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  615.564127][T13851]  </TASK>
[  615.570997][T13851] Uninit was stored to memory at:
[  615.576965][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  615.582247][T13851]  get_compat_msghdr+0x108/0x2c0
[  615.587224][T13851]  do_recvmmsg+0x1063/0x2120
[  615.591960][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  615.596666][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  615.603265][T13851]  __do_fast_syscall_32+0x96/0xf0
[  615.608339][T13851]  do_fast_syscall_32+0x34/0x70
[  615.613430][T13851]  do_SYSENTER_32+0x1b/0x20
[  615.617996][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  615.624582][T13851] 
[  615.626913][T13851] Uninit was stored to memory at:
[  615.632199][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  615.637354][T13851]  get_compat_msghdr+0x108/0x2c0
[  615.642525][T13851]  do_recvmmsg+0x1063/0x2120
[  615.647145][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  615.652037][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  615.658441][T13851]  __do_fast_syscall_32+0x96/0xf0
[  615.663710][T13851]  do_fast_syscall_32+0x34/0x70
[  615.668603][T13851]  do_SYSENTER_32+0x1b/0x20
[  615.673352][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  615.679728][T13851] 
[  615.682246][T13851] Uninit was stored to memory at:
[  615.687686][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  615.693016][T13851]  get_compat_msghdr+0x108/0x2c0
[  615.698005][T13851]  do_recvmmsg+0x1063/0x2120
[  615.702819][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  615.707525][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  615.714118][T13851]  __do_fast_syscall_32+0x96/0xf0
[  615.719195][T13851]  do_fast_syscall_32+0x34/0x70
[  615.724297][T13851]  do_SYSENTER_32+0x1b/0x20
[  615.728846][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  615.735429][T13851] 
[  615.737762][T13851] Uninit was stored to memory at:
[  615.743039][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  615.748198][T13851]  get_compat_msghdr+0x108/0x2c0
[  615.753380][T13851]  do_recvmmsg+0x1063/0x2120
[  615.758010][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  615.760453][T13915] not chained 170000 origins
[  615.762897][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  615.762961][T13851]  __do_fast_syscall_32+0x96/0xf0
[  615.763011][T13851]  do_fast_syscall_32+0x34/0x70
[  615.767619][T13915] CPU: 0 PID: 13915 Comm: syz-executor.0 Not tainted 5.16.0-rc3-syzkaller #0
[  615.774037][T13851]  do_SYSENTER_32+0x1b/0x20
[  615.778930][T13915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  615.783865][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  615.792504][T13915] Call Trace:
[  615.792520][T13915]  <TASK>
[  615.792537][T13915]  dump_stack_lvl+0x1ff/0x28e
[  615.792599][T13915]  dump_stack+0x25/0x28
[  615.797091][T13851] 
[  615.797099][T13851] Uninit was stored to memory at:
[  615.797173][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  615.807135][T13915]  kmsan_internal_chain_origin+0x7a/0x110
[  615.807201][T13915]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  615.813638][T13851]  get_compat_msghdr+0x108/0x2c0
[  615.816820][T13915]  ? kmsan_get_metadata+0xa4/0x120
[  615.819737][T13851]  do_recvmmsg+0x1063/0x2120
[  615.824396][T13915]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  615.824467][T13915]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  615.828629][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  615.830945][T13915]  ? kmsan_get_metadata+0xa4/0x120
[  615.836043][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  615.841040][T13915]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  615.846862][T13851]  __do_fast_syscall_32+0x96/0xf0
[  615.852815][T13915]  ? should_fail+0x75/0x9c0
[  615.852877][T13915]  ? kmsan_get_metadata+0xa4/0x120
[  615.857821][T13851]  do_fast_syscall_32+0x34/0x70
[  615.862913][T13915]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  615.862982][T13915]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  615.867579][T13851]  do_SYSENTER_32+0x1b/0x20
[  615.873371][T13915]  ? kmsan_get_metadata+0xa4/0x120
[  615.873434][T13915]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  615.878989][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  615.883650][T13915]  __msan_chain_origin+0xbf/0x140
[  615.883714][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  615.888836][T13851] 
[  615.888845][T13851] Uninit was stored to memory at:
[  615.888914][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  615.895166][T13915]  get_compat_msghdr+0x108/0x2c0
[  615.895228][T13915]  ? __sys_recvmmsg+0x51c/0x6f0
[  615.901028][T13851]  get_compat_msghdr+0x108/0x2c0
[  615.906037][T13915]  do_recvmmsg+0x1063/0x2120
[  615.906100][T13915]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  615.910613][T13851]  do_recvmmsg+0x1063/0x2120
[  615.915809][T13915]  ? kmsan_get_metadata+0xa4/0x120
[  615.915871][T13915]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  615.920742][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  615.926975][T13915]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  615.927043][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  615.927101][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  615.933265][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  615.937673][T13915]  __do_fast_syscall_32+0x96/0xf0
[  615.942852][T13851]  __do_fast_syscall_32+0x96/0xf0
[  615.948544][T13915]  do_fast_syscall_32+0x34/0x70
[  615.954942][T13851]  do_fast_syscall_32+0x34/0x70
[  615.959856][T13915]  do_SYSENTER_32+0x1b/0x20
[  615.965044][T13851]  do_SYSENTER_32+0x1b/0x20
[  615.967265][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  615.972363][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  615.977363][T13915] RIP: 0023:0xf6e9a549
[  615.982377][T13851] 
[  615.987115][T13915] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  615.992177][T13851] Uninit was stored to memory at:
[  615.996625][T13915] RSP: 002b:00000000f5c315fc EFLAGS: 00000296
[  616.002625][T13851]  __get_compat_msghdr+0x6e1/0x9d0
[  616.007000][T13915]  ORIG_RAX: 0000000000000151
[  616.007017][T13915] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  616.012201][T13851]  get_compat_msghdr+0x108/0x2c0
[  616.018349][T13915] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  616.023112][T13851]  do_recvmmsg+0x1063/0x2120
[  616.029494][T13915] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  616.034257][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  616.040468][T13915] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  616.046948][T13851]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  616.051834][T13915] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  616.051881][T13915]  </TASK>
[  616.055722][T13915] Uninit was stored to memory at:
[  616.056942][T13851]  __do_fast_syscall_32+0x96/0xf0
[  616.062414][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  616.066747][T13851]  do_fast_syscall_32+0x34/0x70
[  616.071240][T13915]  get_compat_msghdr+0x108/0x2c0
[  616.075833][T13851]  do_SYSENTER_32+0x1b/0x20
[  616.082222][T13915]  do_recvmmsg+0x1063/0x2120
[  616.082265][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  616.088578][T13851]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  616.092707][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  616.095037][T13851] 
[  616.095046][T13851] Local variable msg_sys created at:
[  616.095060][T13851]  do_recvmmsg+0xc1/0x2120
[  616.114740][T13915]  __do_fast_syscall_32+0x96/0xf0
[  616.119764][T13851]  __sys_recvmmsg+0x51c/0x6f0
[  616.125894][T13915]  do_fast_syscall_32+0x34/0x70
[  616.278291][T13915]  do_SYSENTER_32+0x1b/0x20
[  616.283014][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  616.289399][T13915] 
[  616.291879][T13915] Uninit was stored to memory at:
[  616.296973][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  616.302299][T13915]  get_compat_msghdr+0x108/0x2c0
[  616.307285][T13915]  do_recvmmsg+0x1063/0x2120
[  616.312044][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  616.316763][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  616.323304][T13915]  __do_fast_syscall_32+0x96/0xf0
[  616.328374][T13915]  do_fast_syscall_32+0x34/0x70
[  616.333427][T13915]  do_SYSENTER_32+0x1b/0x20
[  616.337971][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  616.344519][T13915] 
[  616.346853][T13915] Uninit was stored to memory at:
[  616.352092][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  616.357256][T13915]  get_compat_msghdr+0x108/0x2c0
[  616.362393][T13915]  do_recvmmsg+0x1063/0x2120
[  616.367018][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  616.371880][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  616.378265][T13915]  __do_fast_syscall_32+0x96/0xf0
[  616.383505][T13915]  do_fast_syscall_32+0x34/0x70
[  616.388398][T13915]  do_SYSENTER_32+0x1b/0x20
[  616.393094][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  616.399477][T13915] 
[  616.401975][T13915] Uninit was stored to memory at:
[  616.407067][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  616.412379][T13915]  get_compat_msghdr+0x108/0x2c0
[  616.417361][T13915]  do_recvmmsg+0x1063/0x2120
[  616.422131][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  616.426844][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  616.433364][T13915]  __do_fast_syscall_32+0x96/0xf0
[  616.438435][T13915]  do_fast_syscall_32+0x34/0x70
[  616.443413][T13915]  do_SYSENTER_32+0x1b/0x20
[  616.447990][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  616.454649][T13915] 
[  616.456984][T13915] Uninit was stored to memory at:
[  616.462222][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  616.467377][T13915]  get_compat_msghdr+0x108/0x2c0
[  616.472521][T13915]  do_recvmmsg+0x1063/0x2120
[  616.477179][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  616.482070][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  616.488459][T13915]  __do_fast_syscall_32+0x96/0xf0
[  616.493705][T13915]  do_fast_syscall_32+0x34/0x70
[  616.498607][T13915]  do_SYSENTER_32+0x1b/0x20
[  616.503317][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  616.509699][T13915] 
[  616.512260][T13915] Uninit was stored to memory at:
[  616.517351][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  616.522681][T13915]  get_compat_msghdr+0x108/0x2c0
[  616.527696][T13915]  do_recvmmsg+0x1063/0x2120
[  616.532424][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  616.537139][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
02:10:39 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0)
sched_setattr(0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10)
r4 = perf_event_open(&(0x7f0000000480)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r5 = dup2(r3, r4)
sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x70d7, 0x4, 0x8, 0x5, 0x7}, 0x0)
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r5, 0xc0506617, &(0x7f0000000300)={@id={0x2, 0x0, @a}, 0x40, 0x0, '\x00', @a})

02:10:39 executing program 3:
r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000000), 0x301001, 0x0)
signalfd(r0, &(0x7f0000000040), 0x8)

02:10:39 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = creat(&(0x7f0000000140)='./bus\x00', 0x0)
io_setup(0x202, &(0x7f00000003c0)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x3a5, 0x2, 0x1, 0x0, r0, 0x0}])

02:10:39 executing program 1:
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000002300), 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000040))
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000080)=0x3)

02:10:39 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x14, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="000304000000040301"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(0xffffffffffffffff, 0x82, 0xe9, &(0x7f0000000100)=ANY=[])

[  616.543663][T13915]  __do_fast_syscall_32+0x96/0xf0
[  616.548737][T13915]  do_fast_syscall_32+0x34/0x70
[  616.553778][T13915]  do_SYSENTER_32+0x1b/0x20
[  616.558325][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  616.564972][T13915] 
[  616.567316][T13915] Uninit was stored to memory at:
[  616.572564][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  616.577727][T13915]  get_compat_msghdr+0x108/0x2c0
[  616.582863][T13915]  do_recvmmsg+0x1063/0x2120
[  616.587502][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  616.592386][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  616.598769][T13915]  __do_fast_syscall_32+0x96/0xf0
[  616.604004][T13915]  do_fast_syscall_32+0x34/0x70
[  616.608898][T13915]  do_SYSENTER_32+0x1b/0x20
[  616.613599][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  616.619984][T13915] 
[  616.622458][T13915] Local variable msg_sys created at:
[  616.627753][T13915]  do_recvmmsg+0xc1/0x2120
[  616.632403][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  616.789118][T13971] loop5: detected capacity change from 0 to 16
02:10:39 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000440)=ANY=[@ANYBLOB="61124c000000000061134c0000000000bf2000000000000007030000151b00093d030100000000009500000000000000bc26000000000000bf67000000000000070600000fff07006706000003000000160600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cbf843dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe703057593d5cbcd6a12176efc246beef484bd66a2ee0cced3c0a037b8bdcd855cb40be258e1f778bc66d5242a57fa866fdce74af0f7c7ccc831046d281b11a6c775d9289bc996260ea61e61b578db4c93768e92c4ba2100f476c0cdfb205248ed39248013fc4c1bc6458e8bfc17f82d47d95453556a41989ef64f34ae"], &(0x7f0000000100)='GPL\x00'}, 0x48)

[  617.082237][ T8339] usb 5-1: new high-speed USB device number 90 using dummy_hcd
02:10:39 executing program 5:
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x9}, 0x1c)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000240)=ANY=[@ANYBLOB="3c020401"], 0x18)
sendmmsg(r0, &(0x7f0000006d00)=[{{0x0, 0x1002002, 0x0}}], 0xc6, 0x0)

[  617.322375][ T8339] usb 5-1: Using ep0 maxpacket: 16
[  617.443927][ T8339] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  617.454892][ T8339] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  617.466512][ T8339] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  617.476513][ T8339] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  617.486524][ T8339] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  617.606477][T13989] not chained 180000 origins
[  617.611127][T13989] CPU: 0 PID: 13989 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0
[  617.619938][T13989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  617.630045][T13989] Call Trace:
[  617.633347][T13989]  <TASK>
[  617.636288][T13989]  dump_stack_lvl+0x1ff/0x28e
[  617.641018][T13989]  dump_stack+0x25/0x28
[  617.645222][T13989]  kmsan_internal_chain_origin+0x7a/0x110
[  617.650996][T13989]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  617.657112][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  617.662282][T13989]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  617.668147][T13989]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  617.673748][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  617.678905][T13989]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  617.684763][T13989]  ? should_fail+0x75/0x9c0
[  617.689313][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  617.694471][T13989]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  617.700764][T13989]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  617.706881][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  617.712038][T13989]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  617.717894][T13989]  __msan_chain_origin+0xbf/0x140
[  617.722963][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  617.728147][T13989]  get_compat_msghdr+0x108/0x2c0
[  617.733128][T13989]  ? __sys_recvmmsg+0x51c/0x6f0
[  617.738016][T13989]  do_recvmmsg+0x1063/0x2120
[  617.742648][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  617.747817][T13989]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  617.754104][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  617.759264][T13989]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  617.765555][T13989]  ? fput+0x82/0x320
[  617.769488][T13989]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  617.776058][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  617.780782][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  617.787172][T13989]  __do_fast_syscall_32+0x96/0xf0
[  617.792237][T13989]  do_fast_syscall_32+0x34/0x70
[  617.797125][T13989]  do_SYSENTER_32+0x1b/0x20
[  617.801678][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  617.808047][T13989] RIP: 0023:0xf6e8f549
[  617.812140][T13989] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  617.831786][T13989] RSP: 002b:00000000f5e685fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  617.840231][T13989] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  617.848224][T13989] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  617.856223][T13989] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  617.864212][T13989] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  617.872203][T13989] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  617.880208][T13989]  </TASK>
[  617.886491][T13989] Uninit was stored to memory at:
[  617.891597][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  617.897686][T13989]  get_compat_msghdr+0x108/0x2c0
[  617.902783][T13989]  do_recvmmsg+0x1063/0x2120
[  617.907417][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  617.912235][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  617.918623][T13989]  __do_fast_syscall_32+0x96/0xf0
[  617.923799][T13989]  do_fast_syscall_32+0x34/0x70
[  617.928713][T13989]  do_SYSENTER_32+0x1b/0x20
[  617.933367][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  617.939759][T13989] 
[  617.942181][T13989] Uninit was stored to memory at:
[  617.947301][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  617.952547][T13989]  get_compat_msghdr+0x108/0x2c0
[  617.955230][ T8339] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  617.957529][T13989]  do_recvmmsg+0x1063/0x2120
[  617.957574][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  617.966824][ T8339] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  617.971331][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  617.976213][ T8339] usb 5-1: Manufacturer: syz
[  617.984175][T13989]  __do_fast_syscall_32+0x96/0xf0
[  617.984229][T13989]  do_fast_syscall_32+0x34/0x70
[  618.005246][T13989]  do_SYSENTER_32+0x1b/0x20
[  618.009795][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  618.016341][T13989] 
[  618.018680][T13989] Uninit was stored to memory at:
[  618.023955][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  618.029122][T13989]  get_compat_msghdr+0x108/0x2c0
[  618.034279][T13989]  do_recvmmsg+0x1063/0x2120
[  618.038903][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  618.043835][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  618.050303][T13989]  __do_fast_syscall_32+0x96/0xf0
[  618.055520][T13989]  do_fast_syscall_32+0x34/0x70
[  618.060417][T13989]  do_SYSENTER_32+0x1b/0x20
[  618.065129][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  618.071544][T13989] 
[  618.074048][T13989] Uninit was stored to memory at:
[  618.079148][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  618.084466][T13989]  get_compat_msghdr+0x108/0x2c0
[  618.089448][T13989]  do_recvmmsg+0x1063/0x2120
[  618.094238][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  618.098980][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  618.105529][T13989]  __do_fast_syscall_32+0x96/0xf0
[  618.110602][T13989]  do_fast_syscall_32+0x34/0x70
[  618.115662][T13989]  do_SYSENTER_32+0x1b/0x20
[  618.120290][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  618.126817][T13989] 
[  618.129159][T13989] Uninit was stored to memory at:
[  618.134505][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  618.139673][T13989]  get_compat_msghdr+0x108/0x2c0
[  618.144827][T13989]  do_recvmmsg+0x1063/0x2120
[  618.149452][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  618.154321][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  618.160707][T13989]  __do_fast_syscall_32+0x96/0xf0
[  618.165926][T13989]  do_fast_syscall_32+0x34/0x70
[  618.171014][T13989]  do_SYSENTER_32+0x1b/0x20
[  618.175715][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  618.182233][T13989] 
[  618.184574][T13989] Uninit was stored to memory at:
[  618.189677][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  618.194979][T13989]  get_compat_msghdr+0x108/0x2c0
[  618.199973][T13989]  do_recvmmsg+0x1063/0x2120
[  618.204770][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  618.209485][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  618.216035][T13989]  __do_fast_syscall_32+0x96/0xf0
[  618.221110][T13989]  do_fast_syscall_32+0x34/0x70
[  618.223508][ T8339] usb 5-1: config 0 descriptor??
[  618.226155][T13989]  do_SYSENTER_32+0x1b/0x20
[  618.235635][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  618.242149][T13989] 
[  618.244489][T13989] Uninit was stored to memory at:
[  618.249601][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  618.254909][T13989]  get_compat_msghdr+0x108/0x2c0
[  618.259898][T13989]  do_recvmmsg+0x1063/0x2120
[  618.264696][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  618.269416][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  618.275953][T13989]  __do_fast_syscall_32+0x96/0xf0
[  618.281028][T13989]  do_fast_syscall_32+0x34/0x70
[  618.286093][T13989]  do_SYSENTER_32+0x1b/0x20
[  618.290647][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  618.297192][T13989] 
[  618.299544][T13989] Local variable msg_sys created at:
[  618.304984][T13989]  do_recvmmsg+0xc1/0x2120
[  618.309445][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  618.632304][ T8339] rc_core: IR keymap rc-hauppauge not found
[  618.638328][ T8339] Registered IR keymap rc-empty
[  618.644225][ T8339] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  618.684568][ T8339] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  618.726850][ T8339] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  618.742156][ T8339] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input63
[  618.861593][ T8339] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  618.906820][ T8339] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  618.942228][ T8339] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  618.973561][ T8339] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  619.004228][ T8339] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  619.018082][T13915] not chained 190000 origins
[  619.022945][T13915] CPU: 1 PID: 13915 Comm: syz-executor.0 Not tainted 5.16.0-rc3-syzkaller #0
[  619.031756][T13915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  619.041844][T13915] Call Trace:
[  619.045145][T13915]  <TASK>
[  619.048093][T13915]  dump_stack_lvl+0x1ff/0x28e
[  619.052828][T13915]  dump_stack+0x25/0x28
[  619.057030][T13915]  kmsan_internal_chain_origin+0x7a/0x110
[  619.062815][T13915]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  619.068949][T13915]  ? kmsan_get_metadata+0xa4/0x120
[  619.074126][T13915]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  619.079999][T13915]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  619.085608][T13915]  ? kmsan_get_metadata+0xa4/0x120
[  619.090778][T13915]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  619.096661][T13915]  ? should_fail+0x75/0x9c0
[  619.101221][T13915]  ? kmsan_get_metadata+0xa4/0x120
[  619.106398][T13915]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  619.112709][T13915]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  619.118846][T13915]  ? kmsan_get_metadata+0xa4/0x120
[  619.124023][T13915]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  619.129902][T13915]  __msan_chain_origin+0xbf/0x140
[  619.134989][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  619.140172][T13915]  get_compat_msghdr+0x108/0x2c0
[  619.145172][T13915]  ? __sys_recvmmsg+0x51c/0x6f0
[  619.150069][T13915]  do_recvmmsg+0x1063/0x2120
[  619.154747][T13915]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  619.160632][T13915]  ? kmsan_get_metadata+0xa4/0x120
[  619.165803][T13915]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  619.172123][T13915]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  619.178699][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  619.183436][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  619.189843][T13915]  __do_fast_syscall_32+0x96/0xf0
[  619.194922][T13915]  do_fast_syscall_32+0x34/0x70
[  619.199824][T13915]  do_SYSENTER_32+0x1b/0x20
[  619.204403][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  619.210787][T13915] RIP: 0023:0xf6e9a549
[  619.214885][T13915] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  619.234541][T13915] RSP: 002b:00000000f5c315fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  619.243043][T13915] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  619.251066][T13915] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  619.259078][T13915] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  619.267086][T13915] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  619.275101][T13915] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  619.283122][T13915]  </TASK>
[  619.290098][T13915] Uninit was stored to memory at:
[  619.296794][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  619.302101][T13915]  get_compat_msghdr+0x108/0x2c0
[  619.307089][T13915]  do_recvmmsg+0x1063/0x2120
[  619.311842][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  619.316593][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  619.323123][T13915]  __do_fast_syscall_32+0x96/0xf0
[  619.328199][T13915]  do_fast_syscall_32+0x34/0x70
[  619.333240][T13915]  do_SYSENTER_32+0x1b/0x20
[  619.337808][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  619.344319][T13915] 
[  619.346655][T13915] Uninit was stored to memory at:
[  619.351880][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  619.357045][T13915]  get_compat_msghdr+0x108/0x2c0
[  619.362209][T13915]  do_recvmmsg+0x1063/0x2120
[  619.366845][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  619.371557][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  619.378170][T13915]  __do_fast_syscall_32+0x96/0xf0
[  619.383387][T13915]  do_fast_syscall_32+0x34/0x70
[  619.388309][T13915]  do_SYSENTER_32+0x1b/0x20
[  619.393072][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  619.399456][T13915] 
[  619.401990][T13915] Uninit was stored to memory at:
[  619.407105][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  619.412465][T13915]  get_compat_msghdr+0x108/0x2c0
[  619.417452][T13915]  do_recvmmsg+0x1063/0x2120
[  619.422271][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  619.426993][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  619.433571][T13915]  __do_fast_syscall_32+0x96/0xf0
[  619.438663][T13915]  do_fast_syscall_32+0x34/0x70
[  619.443749][T13915]  do_SYSENTER_32+0x1b/0x20
[  619.448304][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  619.454877][T13915] 
[  619.457223][T13915] Uninit was stored to memory at:
[  619.462502][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  619.467663][T13915]  get_compat_msghdr+0x108/0x2c0
[  619.472837][T13915]  do_recvmmsg+0x1063/0x2120
[  619.477464][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  619.482373][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  619.488759][T13915]  __do_fast_syscall_32+0x96/0xf0
[  619.494036][T13915]  do_fast_syscall_32+0x34/0x70
[  619.498934][T13915]  do_SYSENTER_32+0x1b/0x20
[  619.503683][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  619.510090][T13915] 
[  619.512619][T13915] Uninit was stored to memory at:
[  619.517733][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  619.523176][T13915]  get_compat_msghdr+0x108/0x2c0
[  619.528178][T13915]  do_recvmmsg+0x1063/0x2120
[  619.533005][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  619.537717][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  619.544293][T13915]  __do_fast_syscall_32+0x96/0xf0
[  619.549390][T13915]  do_fast_syscall_32+0x34/0x70
[  619.554482][T13915]  do_SYSENTER_32+0x1b/0x20
[  619.559065][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  619.565649][T13915] 
[  619.567982][T13915] Uninit was stored to memory at:
[  619.573315][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  619.578478][T13915]  get_compat_msghdr+0x108/0x2c0
[  619.583674][T13915]  do_recvmmsg+0x1063/0x2120
[  619.588300][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  619.593221][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  619.599603][T13915]  __do_fast_syscall_32+0x96/0xf0
[  619.604890][T13915]  do_fast_syscall_32+0x34/0x70
[  619.609790][T13915]  do_SYSENTER_32+0x1b/0x20
[  619.614550][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  619.620948][T13915] 
[  619.623537][T13915] Uninit was stored to memory at:
[  619.628635][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  619.634001][T13915]  get_compat_msghdr+0x108/0x2c0
[  619.638982][T13915]  do_recvmmsg+0x1063/0x2120
[  619.643815][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  619.648529][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  619.655105][T13915]  __do_fast_syscall_32+0x96/0xf0
[  619.660188][T13915]  do_fast_syscall_32+0x34/0x70
[  619.665288][T13915]  do_SYSENTER_32+0x1b/0x20
[  619.669826][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  619.676389][T13915] 
[  619.678733][T13915] Local variable msg_sys created at:
[  619.684215][T13915]  do_recvmmsg+0xc1/0x2120
[  619.688672][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  619.714181][ T8339] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  619.742036][ T8339] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  619.772466][ T8339] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  619.805861][ T8339] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  619.842557][ T8339] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  619.881900][ T8339] mceusb 5-1:0.0: Registered 
 with mce emulator interface version 1
[  619.890140][ T8339] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  619.952130][ T8339] usb 5-1: USB disconnect, device number 90
[  620.127688][T13915] not chained 200000 origins
[  620.132525][T13915] CPU: 1 PID: 13915 Comm: syz-executor.0 Not tainted 5.16.0-rc3-syzkaller #0
[  620.141329][T13915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  620.151431][T13915] Call Trace:
[  620.154737][T13915]  <TASK>
[  620.157683][T13915]  dump_stack_lvl+0x1ff/0x28e
[  620.162594][T13915]  dump_stack+0x25/0x28
[  620.166790][T13915]  kmsan_internal_chain_origin+0x7a/0x110
[  620.172572][T13915]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  620.178698][T13915]  ? kmsan_get_metadata+0xa4/0x120
[  620.183867][T13915]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  620.189738][T13915]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  620.195338][T13915]  ? kmsan_get_metadata+0xa4/0x120
[  620.200512][T13915]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  620.206383][T13915]  ? should_fail+0x75/0x9c0
[  620.210940][T13915]  ? kmsan_get_metadata+0xa4/0x120
[  620.216105][T13915]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  620.222408][T13915]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  620.228551][T13915]  ? kmsan_get_metadata+0xa4/0x120
[  620.233723][T13915]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  620.239594][T13915]  __msan_chain_origin+0xbf/0x140
[  620.245731][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  620.250924][T13915]  get_compat_msghdr+0x108/0x2c0
[  620.255919][T13915]  ? __sys_recvmmsg+0x51c/0x6f0
[  620.260813][T13915]  do_recvmmsg+0x1063/0x2120
[  620.265456][T13915]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  620.271341][T13915]  ? kmsan_get_metadata+0xa4/0x120
[  620.276518][T13915]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  620.282820][T13915]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  620.289387][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  620.294116][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  620.300519][T13915]  __do_fast_syscall_32+0x96/0xf0
[  620.305588][T13915]  do_fast_syscall_32+0x34/0x70
[  620.310496][T13915]  do_SYSENTER_32+0x1b/0x20
[  620.315046][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  620.321421][T13915] RIP: 0023:0xf6e9a549
[  620.325517][T13915] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  620.345168][T13915] RSP: 002b:00000000f5c315fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  620.353625][T13915] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  620.361629][T13915] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  620.369658][T13915] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  620.377665][T13915] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  620.385761][T13915] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  620.393779][T13915]  </TASK>
[  620.400655][T13915] Uninit was stored to memory at:
[  620.409714][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  620.415367][T13915]  get_compat_msghdr+0x108/0x2c0
[  620.420355][T13915]  do_recvmmsg+0x1063/0x2120
[  620.425098][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  620.429814][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  620.436398][T13915]  __do_fast_syscall_32+0x96/0xf0
[  620.441470][T13915]  do_fast_syscall_32+0x34/0x70
[  620.446559][T13915]  do_SYSENTER_32+0x1b/0x20
[  620.451111][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  620.457694][T13915] 
[  620.460032][T13915] Uninit was stored to memory at:
[  620.465298][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  620.470458][T13915]  get_compat_msghdr+0x108/0x2c0
[  620.475681][T13915]  do_recvmmsg+0x1063/0x2120
[  620.480315][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  620.485235][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  620.491625][T13915]  __do_fast_syscall_32+0x96/0xf0
[  620.496877][T13915]  do_fast_syscall_32+0x34/0x70
[  620.501964][T13915]  do_SYSENTER_32+0x1b/0x20
[  620.506530][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  620.513096][T13915] 
[  620.515432][T13915] Uninit was stored to memory at:
[  620.520520][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  620.525876][T13915]  get_compat_msghdr+0x108/0x2c0
[  620.530865][T13915]  do_recvmmsg+0x1063/0x2120
[  620.535697][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  620.540445][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  620.547042][T13915]  __do_fast_syscall_32+0x96/0xf0
[  620.552309][T13915]  do_fast_syscall_32+0x34/0x70
[  620.557227][T13915]  do_SYSENTER_32+0x1b/0x20
[  620.561927][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  620.568333][T13915] 
[  620.570670][T13915] Uninit was stored to memory at:
[  620.575960][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  620.581122][T13915]  get_compat_msghdr+0x108/0x2c0
[  620.586322][T13915]  do_recvmmsg+0x1063/0x2120
[  620.590956][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  620.595875][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  620.602438][T13915]  __do_fast_syscall_32+0x96/0xf0
[  620.607511][T13915]  do_fast_syscall_32+0x34/0x70
[  620.612599][T13915]  do_SYSENTER_32+0x1b/0x20
[  620.617146][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  620.623747][T13915] 
[  620.626084][T13915] Uninit was stored to memory at:
[  620.631185][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  620.636537][T13915]  get_compat_msghdr+0x108/0x2c0
[  620.641539][T13915]  do_recvmmsg+0x1063/0x2120
[  620.646458][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  620.651280][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  620.657865][T13915]  __do_fast_syscall_32+0x96/0xf0
[  620.663113][T13915]  do_fast_syscall_32+0x34/0x70
[  620.668016][T13915]  do_SYSENTER_32+0x1b/0x20
[  620.672751][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  620.679132][T13915] 
[  620.681462][T13915] Uninit was stored to memory at:
[  620.686755][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  620.692082][T13915]  get_compat_msghdr+0x108/0x2c0
[  620.697105][T13915]  do_recvmmsg+0x1063/0x2120
[  620.701939][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  620.706661][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  620.713235][T13915]  __do_fast_syscall_32+0x96/0xf0
[  620.718302][T13915]  do_fast_syscall_32+0x34/0x70
[  620.723398][T13915]  do_SYSENTER_32+0x1b/0x20
[  620.727942][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  620.734515][T13915] 
[  620.736851][T13915] Uninit was stored to memory at:
[  620.742119][T13915]  __get_compat_msghdr+0x6e1/0x9d0
[  620.747281][T13915]  get_compat_msghdr+0x108/0x2c0
[  620.749175][T13989] not chained 210000 origins
[  620.752423][T13915]  do_recvmmsg+0x1063/0x2120
[  620.752468][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  620.757047][T13989] CPU: 0 PID: 13989 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0
[  620.761615][T13915]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  620.766273][T13989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  620.766298][T13989] Call Trace:
[  620.766314][T13989]  <TASK>
[  620.766328][T13989]  dump_stack_lvl+0x1ff/0x28e
[  620.766387][T13989]  dump_stack+0x25/0x28
[  620.775233][T13915]  __do_fast_syscall_32+0x96/0xf0
[  620.781454][T13989]  kmsan_internal_chain_origin+0x7a/0x110
[  620.791626][T13915]  do_fast_syscall_32+0x34/0x70
[  620.794794][T13989]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  620.794860][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  620.797789][T13915]  do_SYSENTER_32+0x1b/0x20
[  620.802452][T13989]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  620.802523][T13989]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  620.806701][T13915]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  620.811710][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  620.811773][T13989]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  620.817511][T13915] 
[  620.817520][T13915] Local variable msg_sys created at:
[  620.822362][T13989]  ? should_fail+0x75/0x9c0
[  620.822425][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  620.828512][T13915]  do_recvmmsg+0xc1/0x2120
[  620.833628][T13989]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  620.833697][T13989]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  620.838211][T13915]  __sys_recvmmsg+0x51c/0x6f0
[  620.844004][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  620.844066][T13989]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  620.916516][T13989]  __msan_chain_origin+0xbf/0x140
[  620.921604][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  620.926793][T13989]  get_compat_msghdr+0x108/0x2c0
[  620.931788][T13989]  ? __sys_recvmmsg+0x51c/0x6f0
[  620.936697][T13989]  do_recvmmsg+0x1063/0x2120
[  620.941347][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  620.946532][T13989]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  620.952838][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  620.958006][T13989]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  620.964402][T13989]  ? fput+0x82/0x320
[  620.968352][T13989]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  620.974920][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  620.979650][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  620.986046][T13989]  __do_fast_syscall_32+0x96/0xf0
[  620.991131][T13989]  do_fast_syscall_32+0x34/0x70
[  620.996036][T13989]  do_SYSENTER_32+0x1b/0x20
[  621.000593][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  621.007235][T13989] RIP: 0023:0xf6e8f549
[  621.011335][T13989] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  621.030987][T13989] RSP: 002b:00000000f5e685fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  621.039457][T13989] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  621.047569][T13989] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  621.055579][T13989] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  621.063596][T13989] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  621.071596][T13989] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  621.079620][T13989]  </TASK>
[  621.087154][T13989] Uninit was stored to memory at:
[  621.093180][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  621.098345][T13989]  get_compat_msghdr+0x108/0x2c0
[  621.103500][T13989]  do_recvmmsg+0x1063/0x2120
[  621.108131][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  621.112998][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  621.119395][T13989]  __do_fast_syscall_32+0x96/0xf0
[  621.124610][T13989]  do_fast_syscall_32+0x34/0x70
[  621.129506][T13989]  do_SYSENTER_32+0x1b/0x20
[  621.134218][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  621.140601][T13989] 
[  621.143100][T13989] Uninit was stored to memory at:
[  621.148238][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  621.153562][T13989]  get_compat_msghdr+0x108/0x2c0
[  621.158577][T13989]  do_recvmmsg+0x1063/0x2120
[  621.163402][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  621.168120][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  621.174687][T13989]  __do_fast_syscall_32+0x96/0xf0
[  621.179758][T13989]  do_fast_syscall_32+0x34/0x70
[  621.184825][T13989]  do_SYSENTER_32+0x1b/0x20
[  621.189378][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  621.195914][T13989] 
[  621.198352][T13989] Uninit was stored to memory at:
[  621.203597][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  621.208761][T13989]  get_compat_msghdr+0x108/0x2c0
[  621.214349][T13989]  do_recvmmsg+0x1063/0x2120
[  621.218984][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  621.223844][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  621.230233][T13989]  __do_fast_syscall_32+0x96/0xf0
[  621.235463][T13989]  do_fast_syscall_32+0x34/0x70
[  621.240362][T13989]  do_SYSENTER_32+0x1b/0x20
[  621.245070][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  621.251458][T13989] 
[  621.253950][T13989] Uninit was stored to memory at:
[  621.259044][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  621.264351][T13989]  get_compat_msghdr+0x108/0x2c0
[  621.269341][T13989]  do_recvmmsg+0x1063/0x2120
[  621.274119][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  621.278833][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  621.285371][T13989]  __do_fast_syscall_32+0x96/0xf0
[  621.290448][T13989]  do_fast_syscall_32+0x34/0x70
[  621.295518][T13989]  do_SYSENTER_32+0x1b/0x20
[  621.300068][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  621.306605][T13989] 
[  621.308943][T13989] Uninit was stored to memory at:
[  621.314121][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  621.319275][T13989]  get_compat_msghdr+0x108/0x2c0
[  621.324388][T13989]  do_recvmmsg+0x1063/0x2120
[  621.329012][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  621.333873][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  621.340262][T13989]  __do_fast_syscall_32+0x96/0xf0
[  621.345487][T13989]  do_fast_syscall_32+0x34/0x70
[  621.350389][T13989]  do_SYSENTER_32+0x1b/0x20
[  621.355098][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  621.361477][T13989] 
[  621.363969][T13989] Uninit was stored to memory at:
[  621.369063][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  621.374378][T13989]  get_compat_msghdr+0x108/0x2c0
[  621.379370][T13989]  do_recvmmsg+0x1063/0x2120
[  621.384162][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  621.388879][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  621.395500][T13989]  __do_fast_syscall_32+0x96/0xf0
[  621.400582][T13989]  do_fast_syscall_32+0x34/0x70
[  621.405647][T13989]  do_SYSENTER_32+0x1b/0x20
[  621.410193][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  621.416771][T13989] 
[  621.419111][T13989] Uninit was stored to memory at:
[  621.424365][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  621.429520][T13989]  get_compat_msghdr+0x108/0x2c0
[  621.434682][T13989]  do_recvmmsg+0x1063/0x2120
[  621.439312][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  621.444186][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  621.450573][T13989]  __do_fast_syscall_32+0x96/0xf0
[  621.455834][T13989]  do_fast_syscall_32+0x34/0x70
[  621.460732][T13989]  do_SYSENTER_32+0x1b/0x20
[  621.465438][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  621.471970][T13989] 
[  621.474310][T13989] Local variable msg_sys created at:
02:10:43 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x40, 0x0)
ioctl$FS_IOC_ENABLE_VERITY(r3, 0x40806685, &(0x7f0000000240)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0})
socketpair(0x0, 0x0, 0x0, &(0x7f00000006c0)={<r4=>0xffffffffffffffff})
r5 = accept4$bt_l2cap(r4, 0x0, &(0x7f0000000040), 0x800)
sendfile(0xffffffffffffffff, r5, 0x0, 0xffffffffffffff80)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x38}}, 0x0)
recvmmsg(r6, 0x0, 0x0, 0x1, 0x0)

02:10:43 executing program 1:
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000002300), 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000040))
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000080)=0x3)

02:10:43 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000440)=ANY=[@ANYBLOB="61124c000000000061134c0000000000bf2000000000000007030000151b00093d030100000000009500000000000000bc26000000000000bf67000000000000070600000fff07006706000003000000160600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cbf843dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe703057593d5cbcd6a12176efc246beef484bd66a2ee0cced3c0a037b8bdcd855cb40be258e1f778bc66d5242a57fa866fdce74af0f7c7ccc831046d281b11a6c775d9289bc996260ea61e61b578db4c93768e92c4ba2100f476c0cdfb205248ed39248013fc4c1bc6458e8bfc17f82d47d95453556a41989ef64f34ae"], &(0x7f0000000100)='GPL\x00'}, 0x48)

02:10:43 executing program 5:
r0 = socket$inet6(0xa, 0x2, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x4a0a0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @dev}, 0x1c)
setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f0000000040), 0x4)

02:10:43 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x14, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="000304000000040301"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, 0x0)

[  621.479635][T13989]  do_recvmmsg+0xc1/0x2120
[  621.484249][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  621.975982][ T8339] usb 5-1: new high-speed USB device number 91 using dummy_hcd
[  622.232253][ T8339] usb 5-1: Using ep0 maxpacket: 16
[  622.352445][ T8339] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  622.363393][ T8339] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  622.374912][ T8339] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  622.384861][ T8339] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  622.394864][ T8339] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  622.573917][ T8339] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  622.583264][ T8339] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  622.591416][ T8339] usb 5-1: Manufacturer: syz
[  622.654390][ T8339] usb 5-1: config 0 descriptor??
[  622.690932][T13989] not chained 220000 origins
[  622.696046][T13989] CPU: 1 PID: 13989 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0
[  622.704860][T13989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  622.714947][T13989] Call Trace:
[  622.718247][T13989]  <TASK>
[  622.721195][T13989]  dump_stack_lvl+0x1ff/0x28e
[  622.725924][T13989]  dump_stack+0x25/0x28
[  622.730126][T13989]  kmsan_internal_chain_origin+0x7a/0x110
[  622.735905][T13989]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  622.742032][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  622.747218][T13989]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  622.753092][T13989]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  622.758696][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  622.763861][T13989]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  622.769732][T13989]  ? should_fail+0x75/0x9c0
[  622.774291][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  622.779462][T13989]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  622.785771][T13989]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  622.791905][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  622.797070][T13989]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  622.802937][T13989]  __msan_chain_origin+0xbf/0x140
[  622.808021][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  622.814852][T13989]  get_compat_msghdr+0x108/0x2c0
[  622.819846][T13989]  ? __sys_recvmmsg+0x51c/0x6f0
[  622.824739][T13989]  do_recvmmsg+0x1063/0x2120
[  622.829391][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  622.834571][T13989]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  622.840868][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  622.846034][T13989]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  622.852336][T13989]  ? fput+0x82/0x320
[  622.856281][T13989]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  622.862849][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  622.867578][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  622.873977][T13989]  __do_fast_syscall_32+0x96/0xf0
[  622.879055][T13989]  do_fast_syscall_32+0x34/0x70
[  622.883956][T13989]  do_SYSENTER_32+0x1b/0x20
[  622.888507][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  622.894929][T13989] RIP: 0023:0xf6e8f549
[  622.899030][T13989] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  622.918691][T13989] RSP: 002b:00000000f5e685fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  622.927155][T13989] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  622.935168][T13989] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  622.943185][T13989] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  622.951192][T13989] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  622.959199][T13989] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  622.967223][T13989]  </TASK>
[  622.974123][T13989] Uninit was stored to memory at:
[  622.979330][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  622.985195][T13989]  get_compat_msghdr+0x108/0x2c0
[  622.990182][T13989]  do_recvmmsg+0x1063/0x2120
[  622.994932][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  622.999642][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  623.006231][T13989]  __do_fast_syscall_32+0x96/0xf0
[  623.011309][T13989]  do_fast_syscall_32+0x34/0x70
[  623.016422][T13989]  do_SYSENTER_32+0x1b/0x20
[  623.020981][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  623.027561][T13989] 
[  623.029897][T13989] Uninit was stored to memory at:
[  623.035167][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  623.040323][T13989]  get_compat_msghdr+0x108/0x2c0
[  623.045602][T13989]  do_recvmmsg+0x1063/0x2120
[  623.050235][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  623.055179][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  623.061565][T13989]  __do_fast_syscall_32+0x96/0xf0
[  623.067171][T13989]  do_fast_syscall_32+0x34/0x70
[  623.072250][T13989]  do_SYSENTER_32+0x1b/0x20
[  623.076798][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  623.084261][T13989] 
[  623.086597][T13989] Uninit was stored to memory at:
[  623.091687][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  623.097029][T13989]  get_compat_msghdr+0x108/0x2c0
[  623.102195][T13989]  do_recvmmsg+0x1063/0x2120
[  623.106815][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  623.111535][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  623.118127][T13989]  __do_fast_syscall_32+0x96/0xf0
[  623.123382][T13989]  do_fast_syscall_32+0x34/0x70
[  623.128280][T13989]  do_SYSENTER_32+0x1b/0x20
[  623.133013][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  623.139394][T13989] 
[  623.141900][T13989] Uninit was stored to memory at:
[  623.146990][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  623.152367][T13989]  get_compat_msghdr+0x108/0x2c0
[  623.157355][T13989]  do_recvmmsg+0x1063/0x2120
[  623.162159][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  623.166874][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  623.173465][T13989]  __do_fast_syscall_32+0x96/0xf0
[  623.178550][T13989]  do_fast_syscall_32+0x34/0x70
[  623.183628][T13989]  do_SYSENTER_32+0x1b/0x20
[  623.188174][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  623.194753][T13989] 
[  623.197093][T13989] Uninit was stored to memory at:
[  623.202429][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  623.207591][T13989]  get_compat_msghdr+0x108/0x2c0
[  623.212758][T13989]  do_recvmmsg+0x1063/0x2120
[  623.217476][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  623.222316][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  623.228697][T13989]  __do_fast_syscall_32+0x96/0xf0
[  623.233969][T13989]  do_fast_syscall_32+0x34/0x70
[  623.238878][T13989]  do_SYSENTER_32+0x1b/0x20
[  623.243622][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  623.250007][T13989] 
[  623.252533][T13989] Uninit was stored to memory at:
[  623.257631][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  623.262966][T13989]  get_compat_msghdr+0x108/0x2c0
[  623.267954][T13989]  do_recvmmsg+0x1063/0x2120
[  623.272760][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  623.277497][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  623.284091][T13989]  __do_fast_syscall_32+0x96/0xf0
[  623.289165][T13989]  do_fast_syscall_32+0x34/0x70
[  623.294256][T13989]  do_SYSENTER_32+0x1b/0x20
[  623.298815][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  623.305392][T13989] 
[  623.307728][T13989] Uninit was stored to memory at:
[  623.313023][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  623.318186][T13989]  get_compat_msghdr+0x108/0x2c0
[  623.323378][T13989]  do_recvmmsg+0x1063/0x2120
[  623.328012][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  623.332906][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  623.339291][T13989]  __do_fast_syscall_32+0x96/0xf0
[  623.344551][T13989]  do_fast_syscall_32+0x34/0x70
[  623.349451][T13989]  do_SYSENTER_32+0x1b/0x20
[  623.354201][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  623.360587][T13989] 
[  623.363128][T13989] Local variable msg_sys created at:
[  623.368517][T13989]  do_recvmmsg+0xc1/0x2120
[  623.373146][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  623.602365][ T8339] rc_core: IR keymap rc-hauppauge not found
[  623.608469][ T8339] Registered IR keymap rc-empty
[  623.614191][ T8339] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  623.640641][T14036] not chained 230000 origins
[  623.645554][T14036] CPU: 0 PID: 14036 Comm: syz-executor.0 Not tainted 5.16.0-rc3-syzkaller #0
[  623.654449][T14036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  623.664541][T14036] Call Trace:
[  623.667848][T14036]  <TASK>
[  623.670797][T14036]  dump_stack_lvl+0x1ff/0x28e
[  623.675541][T14036]  dump_stack+0x25/0x28
[  623.675795][ T8339] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  623.679733][T14036]  kmsan_internal_chain_origin+0x7a/0x110
[  623.679803][T14036]  ? kmsan_get_metadata+0xa4/0x120
[  623.679861][T14036]  ? kmsan_get_metadata+0xa4/0x120
[  623.679919][T14036]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  623.679985][T14036]  ? __perf_event_task_sched_out+0x380a/0x38c0
[  623.680053][T14036]  ? kmsan_get_metadata+0xa4/0x120
[  623.680110][T14036]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  623.680176][T14036]  ? should_fail+0x75/0x9c0
[  623.680237][T14036]  ? kmsan_get_metadata+0xa4/0x120
[  623.680298][T14036]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  623.680363][T14036]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  623.680426][T14036]  ? kmsan_get_metadata+0xa4/0x120
[  623.680484][T14036]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  623.680553][T14036]  __msan_chain_origin+0xbf/0x140
[  623.680611][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  623.680683][T14036]  get_compat_msghdr+0x108/0x2c0
[  623.680740][T14036]  ? __sys_recvmmsg+0x51c/0x6f0
[  623.680787][T14036]  do_recvmmsg+0x1063/0x2120
[  623.680846][T14036]  ? kmsan_get_metadata+0xa4/0x120
[  623.680916][T14036]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  623.680982][T14036]  ? kmsan_get_metadata+0xa4/0x120
[  623.681042][T14036]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  623.681106][T14036]  ? fput+0x82/0x320
[  623.681159][T14036]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  623.681224][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  623.681280][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  623.681349][T14036]  __do_fast_syscall_32+0x96/0xf0
[  623.681404][T14036]  do_fast_syscall_32+0x34/0x70
[  623.681454][T14036]  do_SYSENTER_32+0x1b/0x20
[  623.681508][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  623.681565][T14036] RIP: 0023:0xf6e9a549
[  623.681598][T14036] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  623.681644][T14036] RSP: 002b:00000000f5e735fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  623.681689][T14036] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  623.681721][T14036] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  623.681750][T14036] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  623.681778][T14036] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  623.681805][T14036] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  623.681845][T14036]  </TASK>
[  623.685671][T14036] Uninit was stored to memory at:
[  623.742063][ T8339] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  623.747428][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  623.755742][ T8339] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input64
[  623.758610][T14036]  get_compat_msghdr+0x108/0x2c0
[  623.971998][T14036]  do_recvmmsg+0x1063/0x2120
[  623.976633][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  623.981525][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  623.988064][T14036]  __do_fast_syscall_32+0x96/0xf0
[  623.993290][T14036]  do_fast_syscall_32+0x34/0x70
[  623.998188][T14036]  do_SYSENTER_32+0x1b/0x20
[  624.002879][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  624.009264][T14036] 
[  624.011595][T14036] Uninit was stored to memory at:
[  624.016841][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  624.022139][T14036]  get_compat_msghdr+0x108/0x2c0
[  624.027133][T14036]  do_recvmmsg+0x1063/0x2120
[  624.031908][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  624.036626][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  624.043252][T14036]  __do_fast_syscall_32+0x96/0xf0
[  624.048468][T14036]  do_fast_syscall_32+0x34/0x70
[  624.053519][T14036]  do_SYSENTER_32+0x1b/0x20
[  624.058069][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  624.064618][T14036] 
[  624.066977][T14036] Uninit was stored to memory at:
[  624.072224][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  624.077383][T14036]  get_compat_msghdr+0x108/0x2c0
[  624.082520][T14036]  do_recvmmsg+0x1063/0x2120
[  624.087148][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  624.091999][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  624.098382][T14036]  __do_fast_syscall_32+0x96/0xf0
[  624.103614][T14036]  do_fast_syscall_32+0x34/0x70
[  624.108518][T14036]  do_SYSENTER_32+0x1b/0x20
[  624.113230][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  624.119626][T14036] 
[  624.122106][T14036] Uninit was stored to memory at:
[  624.127203][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  624.132515][T14036]  get_compat_msghdr+0x108/0x2c0
[  624.137507][T14036]  do_recvmmsg+0x1063/0x2120
[  624.142321][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  624.147143][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  624.153683][T14036]  __do_fast_syscall_32+0x96/0xf0
[  624.158755][T14036]  do_fast_syscall_32+0x34/0x70
[  624.163798][T14036]  do_SYSENTER_32+0x1b/0x20
[  624.168349][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  624.174868][T14036] 
[  624.177198][T14036] Uninit was stored to memory at:
[  624.182496][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  624.187658][T14036]  get_compat_msghdr+0x108/0x2c0
[  624.192790][T14036]  do_recvmmsg+0x1063/0x2120
[  624.197418][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  624.202283][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  624.208666][T14036]  __do_fast_syscall_32+0x96/0xf0
[  624.213894][T14036]  do_fast_syscall_32+0x34/0x70
[  624.218802][T14036]  do_SYSENTER_32+0x1b/0x20
[  624.223513][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  624.229906][T14036] 
[  624.232391][T14036] Uninit was stored to memory at:
[  624.237492][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  624.242835][T14036]  get_compat_msghdr+0x108/0x2c0
[  624.247915][T14036]  do_recvmmsg+0x1063/0x2120
[  624.252697][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  624.257418][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  624.263963][T14036]  __do_fast_syscall_32+0x96/0xf0
[  624.269037][T14036]  do_fast_syscall_32+0x34/0x70
[  624.274091][T14036]  do_SYSENTER_32+0x1b/0x20
[  624.278643][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  624.285169][T14036] 
[  624.287510][T14036] Uninit was stored to memory at:
[  624.292770][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  624.297931][T14036]  get_compat_msghdr+0x108/0x2c0
[  624.303018][T14036]  do_recvmmsg+0x1063/0x2120
[  624.307652][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  624.312451][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  624.318843][T14036]  __do_fast_syscall_32+0x96/0xf0
[  624.324160][T14036]  do_fast_syscall_32+0x34/0x70
[  624.329057][T14036]  do_SYSENTER_32+0x1b/0x20
[  624.333756][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  624.340135][T14036] 
[  624.342633][T14036] Local variable msg_sys created at:
[  624.347932][T14036]  do_recvmmsg+0xc1/0x2120
[  624.352538][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  624.368788][ T8339] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  624.412599][ T8339] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  624.454769][ T8339] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  624.513089][ T8339] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  624.537725][T14036] not chained 240000 origins
[  624.542583][T14036] CPU: 0 PID: 14036 Comm: syz-executor.0 Not tainted 5.16.0-rc3-syzkaller #0
[  624.551390][T14036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  624.561478][T14036] Call Trace:
[  624.564341][ T8339] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  624.564781][T14036]  <TASK>
[  624.564797][T14036]  dump_stack_lvl+0x1ff/0x28e
[  624.579524][T14036]  dump_stack+0x25/0x28
[  624.583730][T14036]  kmsan_internal_chain_origin+0x7a/0x110
[  624.589504][T14036]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  624.595669][T14036]  ? kmsan_get_metadata+0xa4/0x120
[  624.600839][T14036]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  624.606747][T14036]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  624.608069][ T8339] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  624.612347][T14036]  ? kmsan_get_metadata+0xa4/0x120
[  624.612413][T14036]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  624.612481][T14036]  ? should_fail+0x75/0x9c0
[  624.612542][T14036]  ? kmsan_get_metadata+0xa4/0x120
[  624.612608][T14036]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  624.612675][T14036]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  624.651218][ T8339] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  624.652572][T14036]  ? kmsan_get_metadata+0xa4/0x120
[  624.652640][T14036]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  624.652707][T14036]  __msan_chain_origin+0xbf/0x140
[  624.652769][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  624.680895][T14036]  get_compat_msghdr+0x108/0x2c0
[  624.682142][ T8339] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  624.685891][T14036]  ? __sys_recvmmsg+0x51c/0x6f0
[  624.685944][T14036]  do_recvmmsg+0x1063/0x2120
[  624.702472][T14036]  ? kmsan_get_metadata+0xa4/0x120
[  624.707662][T14036]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  624.713976][T14036]  ? kmsan_get_metadata+0xa4/0x120
[  624.719153][T14036]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  624.723841][ T8339] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  624.725484][T14036]  ? fput+0x82/0x320
[  624.725544][T14036]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  624.743120][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  624.747855][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  624.754256][T14036]  __do_fast_syscall_32+0x96/0xf0
[  624.759335][T14036]  do_fast_syscall_32+0x34/0x70
[  624.764241][T14036]  do_SYSENTER_32+0x1b/0x20
[  624.768792][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  624.773789][ T8339] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  624.775170][T14036] RIP: 0023:0xf6e9a549
[  624.775204][T14036] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  624.775251][T14036] RSP: 002b:00000000f5e735fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  624.775298][T14036] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  624.822613][T14036] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  624.830623][T14036] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  624.838586][ T8339] mceusb 5-1:0.0: Registered 
 with mce emulator interface version 1
[  624.838629][T14036] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  624.838688][ T8339] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  624.846715][T14036] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  624.846759][T14036]  </TASK>
[  624.849869][T14036] Uninit was stored to memory at:
[  624.879983][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  624.885233][T14036]  get_compat_msghdr+0x108/0x2c0
[  624.890221][T14036]  do_recvmmsg+0x1063/0x2120
[  624.895020][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  624.899737][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  624.906292][T14036]  __do_fast_syscall_32+0x96/0xf0
[  624.911389][T14036]  do_fast_syscall_32+0x34/0x70
[  624.916701][T14036]  do_SYSENTER_32+0x1b/0x20
[  624.921256][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  624.927795][T14036] 
[  624.930150][T14036] Uninit was stored to memory at:
[  624.935437][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  624.940602][T14036]  get_compat_msghdr+0x108/0x2c0
[  624.945769][T14036]  do_recvmmsg+0x1063/0x2120
[  624.950399][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  624.955275][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  624.961666][T14036]  __do_fast_syscall_32+0x96/0xf0
[  624.966898][T14036]  do_fast_syscall_32+0x34/0x70
[  624.971944][T14036]  do_SYSENTER_32+0x1b/0x20
[  624.976496][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  624.983048][T14036] 
[  624.985389][T14036] Uninit was stored to memory at:
[  624.990481][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  624.995810][T14036]  get_compat_msghdr+0x108/0x2c0
[  625.000801][T14036]  do_recvmmsg+0x1063/0x2120
[  625.005580][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  625.010297][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  625.016846][T14036]  __do_fast_syscall_32+0x96/0xf0
[  625.022068][T14036]  do_fast_syscall_32+0x34/0x70
[  625.026966][T14036]  do_SYSENTER_32+0x1b/0x20
[  625.028555][ T8339] usb 5-1: USB disconnect, device number 91
[  625.031537][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  625.031600][T14036] 
[  625.031608][T14036] Uninit was stored to memory at:
[  625.031679][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  625.056491][T14036]  get_compat_msghdr+0x108/0x2c0
[  625.061491][T14036]  do_recvmmsg+0x1063/0x2120
[  625.066278][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  625.071001][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  625.077577][T14036]  __do_fast_syscall_32+0x96/0xf0
[  625.082807][T14036]  do_fast_syscall_32+0x34/0x70
[  625.087708][T14036]  do_SYSENTER_32+0x1b/0x20
[  625.092400][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  625.098792][T14036] 
[  625.101127][T14036] Uninit was stored to memory at:
[  625.106385][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  625.111542][T14036]  get_compat_msghdr+0x108/0x2c0
[  625.116688][T14036]  do_recvmmsg+0x1063/0x2120
[  625.121328][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  625.126222][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  625.132759][T14036]  __do_fast_syscall_32+0x96/0xf0
[  625.137919][T14036]  do_fast_syscall_32+0x34/0x70
[  625.142958][T14036]  do_SYSENTER_32+0x1b/0x20
[  625.147510][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  625.154051][T14036] 
[  625.156383][T14036] Uninit was stored to memory at:
[  625.161473][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  625.166986][T14036]  get_compat_msghdr+0x108/0x2c0
[  625.172128][T14036]  do_recvmmsg+0x1063/0x2120
[  625.176762][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  625.181484][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  625.188074][T14036]  __do_fast_syscall_32+0x96/0xf0
[  625.193310][T14036]  do_fast_syscall_32+0x34/0x70
[  625.198216][T14036]  do_SYSENTER_32+0x1b/0x20
[  625.202942][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  625.209335][T14036] 
[  625.211670][T14036] Uninit was stored to memory at:
[  625.216942][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  625.222259][T14036]  get_compat_msghdr+0x108/0x2c0
[  625.227246][T14036]  do_recvmmsg+0x1063/0x2120
[  625.232039][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  625.236752][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  625.243298][T14036]  __do_fast_syscall_32+0x96/0xf0
[  625.248373][T14036]  do_fast_syscall_32+0x34/0x70
[  625.253460][T14036]  do_SYSENTER_32+0x1b/0x20
[  625.258198][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  625.264784][T14036] 
[  625.267120][T14036] Local variable msg_sys created at:
[  625.272562][T14036]  do_recvmmsg+0xc1/0x2120
[  625.277033][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  625.438197][T13989] not chained 250000 origins
[  625.443467][T13989] CPU: 1 PID: 13989 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0
[  625.452401][T13989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  625.462498][T13989] Call Trace:
[  625.465813][T13989]  <TASK>
[  625.468760][T13989]  dump_stack_lvl+0x1ff/0x28e
[  625.473489][T13989]  dump_stack+0x25/0x28
[  625.477685][T13989]  kmsan_internal_chain_origin+0x7a/0x110
[  625.483461][T13989]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  625.489587][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  625.494764][T13989]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  625.500645][T13989]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  625.506251][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  625.511413][T13989]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  625.517279][T13989]  ? should_fail+0x75/0x9c0
[  625.521835][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  625.526999][T13989]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  625.533306][T13989]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  625.539462][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  625.544634][T13989]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  625.550498][T13989]  __msan_chain_origin+0xbf/0x140
[  625.555590][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  625.560766][T13989]  get_compat_msghdr+0x108/0x2c0
[  625.565753][T13989]  ? __sys_recvmmsg+0x51c/0x6f0
[  625.570644][T13989]  do_recvmmsg+0x1063/0x2120
[  625.575287][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  625.580459][T13989]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  625.586759][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  625.591921][T13989]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  625.598225][T13989]  ? fput+0x82/0x320
[  625.602165][T13989]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  625.608729][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  625.613455][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  625.615105][T14036] not chained 260000 origins
[  625.619846][T13989]  __do_fast_syscall_32+0x96/0xf0
[  625.629436][T13989]  do_fast_syscall_32+0x34/0x70
[  625.634326][T13989]  do_SYSENTER_32+0x1b/0x20
[  625.638858][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  625.645219][T13989] RIP: 0023:0xf6e8f549
[  625.649299][T13989] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  625.668935][T13989] RSP: 002b:00000000f5e685fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  625.677390][T13989] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  625.685382][T13989] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  625.693368][T13989] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  625.701354][T13989] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  625.709338][T13989] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  625.717337][T13989]  </TASK>
[  625.720366][T14036] CPU: 0 PID: 14036 Comm: syz-executor.0 Not tainted 5.16.0-rc3-syzkaller #0
[  625.720498][T13989] Uninit was stored to memory at:
[  625.729165][T14036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  625.729191][T14036] Call Trace:
[  625.729206][T14036]  <TASK>
[  625.729221][T14036]  dump_stack_lvl+0x1ff/0x28e
[  625.729282][T14036]  dump_stack+0x25/0x28
[  625.734400][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  625.744317][T14036]  kmsan_internal_chain_origin+0x7a/0x110
[  625.744385][T14036]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  625.747701][T13989]  get_compat_msghdr+0x108/0x2c0
[  625.750645][T14036]  ? kmsan_get_metadata+0xa4/0x120
[  625.755404][T13989]  do_recvmmsg+0x1063/0x2120
[  625.759447][T14036]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  625.764643][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  625.770271][T14036]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  625.776435][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  625.781259][T14036]  ? kmsan_get_metadata+0xa4/0x120
[  625.786630][T13989]  __do_fast_syscall_32+0x96/0xf0
[  625.791217][T14036]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  625.797114][T13989]  do_fast_syscall_32+0x34/0x70
[  625.801680][T14036]  ? should_fail+0x75/0x9c0
[  625.801743][T14036]  ? kmsan_get_metadata+0xa4/0x120
[  625.807303][T13989]  do_SYSENTER_32+0x1b/0x20
[  625.813619][T14036]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  625.813688][T14036]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  625.818822][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  625.823834][T14036]  ? kmsan_get_metadata+0xa4/0x120
[  625.823896][T14036]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  625.829717][T13989] 
[  625.829726][T13989] Uninit was stored to memory at:
[  625.834556][T14036]  __msan_chain_origin+0xbf/0x140
[  625.834620][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  625.839193][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  625.844247][T14036]  get_compat_msghdr+0x108/0x2c0
[  625.844309][T14036]  ? __sys_recvmmsg+0x51c/0x6f0
[  625.848815][T13989]  get_compat_msghdr+0x108/0x2c0
[  625.855041][T14036]  do_recvmmsg+0x1063/0x2120
[  625.855106][T14036]  ? kmsan_get_metadata+0xa4/0x120
[  625.861186][T13989]  do_recvmmsg+0x1063/0x2120
[  625.867509][T14036]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  625.867578][T14036]  ? kmsan_get_metadata+0xa4/0x120
[  625.872766][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  625.878491][T14036]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  625.880815][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  625.885829][T14036]  ? fput+0x82/0x320
[  625.885885][T14036]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  625.890933][T13989]  __do_fast_syscall_32+0x96/0xf0
[  625.896053][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  625.896114][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  625.901242][T13989]  do_fast_syscall_32+0x34/0x70
[  625.906175][T14036]  __do_fast_syscall_32+0x96/0xf0
[  625.906233][T14036]  do_fast_syscall_32+0x34/0x70
[  625.906285][T14036]  do_SYSENTER_32+0x1b/0x20
[  625.911120][T13989]  do_SYSENTER_32+0x1b/0x20
[  625.916045][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  625.916104][T14036] RIP: 0023:0xf6e9a549
[  625.916135][T14036] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  625.920731][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  625.925827][T14036] RSP: 002b:00000000f5e735fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  625.925874][T14036] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  625.925906][T14036] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  625.925936][T14036] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  625.930502][T13989] 
[  625.930511][T13989] Uninit was stored to memory at:
[  625.936724][T14036] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  625.936754][T14036] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  625.936796][T14036]  </TASK>
[  625.942593][T14036] Uninit was stored to memory at:
[  625.946751][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  625.953884][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  625.959339][T13989]  get_compat_msghdr+0x108/0x2c0
[  625.963311][T14036]  get_compat_msghdr+0x108/0x2c0
[  625.969812][T13989]  do_recvmmsg+0x1063/0x2120
[  625.974900][T14036]  do_recvmmsg+0x1063/0x2120
[  625.979579][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  625.985966][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  625.990824][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  625.995920][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  626.000786][T13989]  __do_fast_syscall_32+0x96/0xf0
[  626.005347][T14036]  __do_fast_syscall_32+0x96/0xf0
[  626.009871][T13989]  do_fast_syscall_32+0x34/0x70
[  626.016257][T14036]  do_fast_syscall_32+0x34/0x70
[  626.020332][T13989]  do_SYSENTER_32+0x1b/0x20
[  626.040008][T14036]  do_SYSENTER_32+0x1b/0x20
[  626.046531][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  626.054880][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  626.062959][T13989] 
[  626.070902][T14036] 
[  626.070910][T14036] Uninit was stored to memory at:
[  626.070985][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  626.078965][T13989] Uninit was stored to memory at:
[  626.081261][T14036]  get_compat_msghdr+0x108/0x2c0
[  626.086403][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  626.094369][T14036]  do_recvmmsg+0x1063/0x2120
[  626.094412][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  626.102550][T13989]  get_compat_msghdr+0x108/0x2c0
[  626.105537][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  626.110544][T13989]  do_recvmmsg+0x1063/0x2120
[  626.115711][T14036]  __do_fast_syscall_32+0x96/0xf0
[  626.120827][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  626.125822][T14036]  do_fast_syscall_32+0x34/0x70
[  626.130764][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  626.135407][T14036]  do_SYSENTER_32+0x1b/0x20
[  626.140000][T13989]  __do_fast_syscall_32+0x96/0xf0
[  626.144739][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  626.149420][T13989]  do_fast_syscall_32+0x34/0x70
[  626.155803][T14036] 
[  626.155811][T14036] Uninit was stored to memory at:
[  626.155882][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  626.162225][T13989]  do_SYSENTER_32+0x1b/0x20
[  626.167216][T14036]  get_compat_msghdr+0x108/0x2c0
[  626.172325][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  626.177133][T14036]  do_recvmmsg+0x1063/0x2120
[  626.182075][T13989] 
[  626.186549][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  626.191036][T13989] Uninit was stored to memory at:
[  626.191109][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  626.197425][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  626.203847][T13989]  get_compat_msghdr+0x108/0x2c0
[  626.206149][T14036]  __do_fast_syscall_32+0x96/0xf0
[  626.208463][T13989]  do_recvmmsg+0x1063/0x2120
[  626.213544][T14036]  do_fast_syscall_32+0x34/0x70
[  626.218667][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  626.223745][T14036]  do_SYSENTER_32+0x1b/0x20
[  626.228686][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  626.233855][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  626.238448][T13989]  __do_fast_syscall_32+0x96/0xf0
[  626.243178][T14036] 
[  626.243187][T14036] Uninit was stored to memory at:
[  626.243258][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  626.248122][T13989]  do_fast_syscall_32+0x34/0x70
[  626.254524][T14036]  get_compat_msghdr+0x108/0x2c0
[  626.259123][T13989]  do_SYSENTER_32+0x1b/0x20
[  626.264205][T14036]  do_recvmmsg+0x1063/0x2120
[  626.268884][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  626.273790][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  626.273831][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  626.280122][T13989] 
[  626.280131][T13989] Uninit was stored to memory at:
[  626.284687][T14036]  __do_fast_syscall_32+0x96/0xf0
[  626.289776][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  626.296117][T14036]  do_fast_syscall_32+0x34/0x70
[  626.300973][T13989]  get_compat_msghdr+0x108/0x2c0
[  626.303362][T14036]  do_SYSENTER_32+0x1b/0x20
[  626.308392][T13989]  do_recvmmsg+0x1063/0x2120
[  626.313575][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  626.318088][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  626.323105][T14036] 
[  626.323114][T14036] Uninit was stored to memory at:
[  626.323186][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  626.329444][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  626.334141][T14036]  get_compat_msghdr+0x108/0x2c0
[  626.336463][T13989]  __do_fast_syscall_32+0x96/0xf0
[  626.341143][T14036]  do_recvmmsg+0x1063/0x2120
[  626.346259][T13989]  do_fast_syscall_32+0x34/0x70
[  626.351332][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  626.357747][T13989]  do_SYSENTER_32+0x1b/0x20
[  626.362721][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  626.367752][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  626.372401][T14036]  __do_fast_syscall_32+0x96/0xf0
[  626.377264][T13989] 
[  626.377273][T13989] Uninit was stored to memory at:
[  626.382014][T14036]  do_fast_syscall_32+0x34/0x70
[  626.386587][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  626.392917][T14036]  do_SYSENTER_32+0x1b/0x20
[  626.399246][T13989]  get_compat_msghdr+0x108/0x2c0
[  626.404325][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  626.406659][T13989]  do_recvmmsg+0x1063/0x2120
[  626.411665][T14036] 
[  626.411674][T14036] Uninit was stored to memory at:
[  626.416864][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  626.421812][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  626.426692][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  626.431178][T14036]  get_compat_msghdr+0x108/0x2c0
[  626.435849][T13989]  __do_fast_syscall_32+0x96/0xf0
[  626.442221][T14036]  do_recvmmsg+0x1063/0x2120
[  626.442263][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  626.446911][T13989]  do_fast_syscall_32+0x34/0x70
[  626.453297][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  626.455653][T13989]  do_SYSENTER_32+0x1b/0x20
[  626.460659][T14036]  __do_fast_syscall_32+0x96/0xf0
[  626.465764][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  626.470839][T14036]  do_fast_syscall_32+0x34/0x70
[  626.475767][T13989] 
[  626.480663][T14036]  do_SYSENTER_32+0x1b/0x20
[  626.485246][T13989] Local variable msg_sys created at:
[  626.489799][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  626.496205][T13989]  do_recvmmsg+0xc1/0x2120
[  626.500846][T14036] 
[  626.500853][T14036] Uninit was stored to memory at:
[  626.503254][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  626.508300][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  626.719557][T14036]  get_compat_msghdr+0x108/0x2c0
[  626.724701][T14036]  do_recvmmsg+0x1063/0x2120
[  626.729359][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  626.734234][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  626.740621][T14036]  __do_fast_syscall_32+0x96/0xf0
[  626.745857][T14036]  do_fast_syscall_32+0x34/0x70
[  626.750749][T14036]  do_SYSENTER_32+0x1b/0x20
[  626.755451][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  626.761984][T14036] 
[  626.764319][T14036] Local variable msg_sys created at:
[  626.769610][T14036]  do_recvmmsg+0xc1/0x2120
[  626.774222][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  627.363753][T14036] not chained 270000 origins
[  627.371819][T14036] CPU: 1 PID: 14036 Comm: syz-executor.0 Not tainted 5.16.0-rc3-syzkaller #0
[  627.380646][T14036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  627.390733][T14036] Call Trace:
[  627.394134][T14036]  <TASK>
[  627.397083][T14036]  dump_stack_lvl+0x1ff/0x28e
[  627.401820][T14036]  dump_stack+0x25/0x28
[  627.406023][T14036]  kmsan_internal_chain_origin+0x7a/0x110
[  627.411814][T14036]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  627.417972][T14036]  ? kmsan_get_metadata+0xa4/0x120
[  627.423148][T14036]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  627.429024][T14036]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  627.434634][T14036]  ? kmsan_get_metadata+0xa4/0x120
[  627.439810][T14036]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  627.445695][T14036]  ? should_fail+0x75/0x9c0
[  627.450264][T14036]  ? kmsan_get_metadata+0xa4/0x120
[  627.455436][T14036]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  627.461750][T14036]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  627.467884][T14036]  ? kmsan_get_metadata+0xa4/0x120
[  627.473059][T14036]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  627.478929][T14036]  __msan_chain_origin+0xbf/0x140
[  627.484011][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  627.489198][T14036]  get_compat_msghdr+0x108/0x2c0
[  627.494199][T14036]  ? __sys_recvmmsg+0x51c/0x6f0
[  627.499098][T14036]  do_recvmmsg+0x1063/0x2120
[  627.503741][T14036]  ? kmsan_get_metadata+0xa4/0x120
[  627.508922][T14036]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  627.515224][T14036]  ? kmsan_get_metadata+0xa4/0x120
[  627.520394][T14036]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  627.526703][T14036]  ? fput+0x82/0x320
[  627.530645][T14036]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  627.537227][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  627.541958][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  627.548361][T14036]  __do_fast_syscall_32+0x96/0xf0
[  627.553446][T14036]  do_fast_syscall_32+0x34/0x70
[  627.558355][T14036]  do_SYSENTER_32+0x1b/0x20
[  627.562904][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  627.569284][T14036] RIP: 0023:0xf6e9a549
[  627.573375][T14036] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  627.593031][T14036] RSP: 002b:00000000f5e735fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  627.601511][T14036] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  627.609517][T14036] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  627.617527][T14036] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  627.625534][T14036] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  627.633541][T14036] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  627.641564][T14036]  </TASK>
[  627.648786][T14036] Uninit was stored to memory at:
[  627.654379][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  627.659544][T14036]  get_compat_msghdr+0x108/0x2c0
[  627.664717][T14036]  do_recvmmsg+0x1063/0x2120
[  627.669349][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  627.674265][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  627.680650][T14036]  __do_fast_syscall_32+0x96/0xf0
[  627.685926][T14036]  do_fast_syscall_32+0x34/0x70
[  627.690827][T14036]  do_SYSENTER_32+0x1b/0x20
[  627.695582][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  627.702151][T14036] 
[  627.704486][T14036] Uninit was stored to memory at:
[  627.709667][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  627.715030][T14036]  get_compat_msghdr+0x108/0x2c0
[  627.720022][T14036]  do_recvmmsg+0x1063/0x2120
[  627.724862][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  627.729581][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  627.736191][T14036]  __do_fast_syscall_32+0x96/0xf0
[  627.741269][T14036]  do_fast_syscall_32+0x34/0x70
[  627.746401][T14036]  do_SYSENTER_32+0x1b/0x20
[  627.750959][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  627.757554][T14036] 
[  627.759890][T14036] Uninit was stored to memory at:
[  627.765217][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  627.770375][T14036]  get_compat_msghdr+0x108/0x2c0
[  627.775561][T14036]  do_recvmmsg+0x1063/0x2120
[  627.780219][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  627.785130][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  627.791516][T14036]  __do_fast_syscall_32+0x96/0xf0
[  627.796876][T14036]  do_fast_syscall_32+0x34/0x70
[  627.802043][T14036]  do_SYSENTER_32+0x1b/0x20
[  627.806591][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  627.813161][T14036] 
[  627.815502][T14036] Uninit was stored to memory at:
[  627.820595][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  627.825957][T14036]  get_compat_msghdr+0x108/0x2c0
[  627.830946][T14036]  do_recvmmsg+0x1063/0x2120
[  627.835774][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  627.840576][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  627.847168][T14036]  __do_fast_syscall_32+0x96/0xf0
[  627.852450][T14036]  do_fast_syscall_32+0x34/0x70
[  627.857354][T14036]  do_SYSENTER_32+0x1b/0x20
[  627.862067][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  627.868448][T14036] 
[  627.870782][T14036] Uninit was stored to memory at:
[  627.876076][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  627.881274][T14036]  get_compat_msghdr+0x108/0x2c0
[  627.886489][T14036]  do_recvmmsg+0x1063/0x2120
[  627.891115][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  627.896037][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  627.902613][T14036]  __do_fast_syscall_32+0x96/0xf0
[  627.907716][T14036]  do_fast_syscall_32+0x34/0x70
[  627.912799][T14036]  do_SYSENTER_32+0x1b/0x20
[  627.917347][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  627.923991][T14036] 
[  627.926327][T14036] Uninit was stored to memory at:
[  627.931421][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  627.936824][T14036]  get_compat_msghdr+0x108/0x2c0
[  627.941997][T14036]  do_recvmmsg+0x1063/0x2120
[  627.946635][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  627.951369][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  627.957983][T14036]  __do_fast_syscall_32+0x96/0xf0
[  627.963229][T14036]  do_fast_syscall_32+0x34/0x70
[  627.968133][T14036]  do_SYSENTER_32+0x1b/0x20
[  627.972880][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  627.979271][T14036] 
[  627.981609][T14036] Uninit was stored to memory at:
[  627.986922][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  627.992251][T14036]  get_compat_msghdr+0x108/0x2c0
[  627.997243][T14036]  do_recvmmsg+0x1063/0x2120
[  628.002047][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  628.006846][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  628.013427][T14036]  __do_fast_syscall_32+0x96/0xf0
[  628.018503][T14036]  do_fast_syscall_32+0x34/0x70
[  628.023576][T14036]  do_SYSENTER_32+0x1b/0x20
[  628.028123][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  628.034700][T14036] 
[  628.037038][T14036] Local variable msg_sys created at:
[  628.042537][T14036]  do_recvmmsg+0xc1/0x2120
[  628.047143][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  628.253890][T14036] not chained 280000 origins
[  628.258546][T14036] CPU: 1 PID: 14036 Comm: syz-executor.0 Not tainted 5.16.0-rc3-syzkaller #0
[  628.267390][T14036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  628.277482][T14036] Call Trace:
[  628.280779][T14036]  <TASK>
[  628.283728][T14036]  dump_stack_lvl+0x1ff/0x28e
[  628.288459][T14036]  dump_stack+0x25/0x28
[  628.292658][T14036]  kmsan_internal_chain_origin+0x7a/0x110
[  628.298441][T14036]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  628.304574][T14036]  ? kmsan_get_metadata+0xa4/0x120
[  628.309751][T14036]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  628.315626][T14036]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  628.321243][T14036]  ? kmsan_get_metadata+0xa4/0x120
[  628.326420][T14036]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  628.332303][T14036]  ? should_fail+0x75/0x9c0
[  628.336866][T14036]  ? kmsan_get_metadata+0xa4/0x120
[  628.342044][T14036]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  628.348349][T14036]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  628.354485][T14036]  ? kmsan_get_metadata+0xa4/0x120
[  628.359694][T14036]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  628.365560][T14036]  __msan_chain_origin+0xbf/0x140
[  628.370642][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  628.375822][T14036]  get_compat_msghdr+0x108/0x2c0
[  628.380823][T14036]  ? __sys_recvmmsg+0x51c/0x6f0
[  628.385733][T14036]  do_recvmmsg+0x1063/0x2120
[  628.390383][T14036]  ? kmsan_get_metadata+0xa4/0x120
[  628.395564][T14036]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  628.401868][T14036]  ? kmsan_get_metadata+0xa4/0x120
[  628.407036][T14036]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  628.413368][T14036]  ? fput+0x82/0x320
[  628.417315][T14036]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  628.423880][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  628.428611][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  628.435005][T14036]  __do_fast_syscall_32+0x96/0xf0
[  628.440097][T14036]  do_fast_syscall_32+0x34/0x70
[  628.445005][T14036]  do_SYSENTER_32+0x1b/0x20
[  628.449563][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  628.455946][T14036] RIP: 0023:0xf6e9a549
[  628.460173][T14036] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  628.479829][T14036] RSP: 002b:00000000f5e735fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  628.488293][T14036] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  628.496306][T14036] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  628.504312][T14036] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  628.512315][T14036] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  628.520323][T14036] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  628.528363][T14036]  </TASK>
[  628.535279][T14036] Uninit was stored to memory at:
[  628.540394][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  628.546198][T14036]  get_compat_msghdr+0x108/0x2c0
[  628.551182][T14036]  do_recvmmsg+0x1063/0x2120
[  628.555923][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  628.560641][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  628.567269][T14036]  __do_fast_syscall_32+0x96/0xf0
[  628.572593][T14036]  do_fast_syscall_32+0x34/0x70
[  628.577492][T14036]  do_SYSENTER_32+0x1b/0x20
[  628.582278][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  628.588658][T14036] 
[  628.590991][T14036] Uninit was stored to memory at:
[  628.596342][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  628.601502][T14036]  get_compat_msghdr+0x108/0x2c0
[  628.606756][T14036]  do_recvmmsg+0x1063/0x2120
[  628.611388][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  628.616362][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  628.623018][T14036]  __do_fast_syscall_32+0x96/0xf0
[  628.628101][T14036]  do_fast_syscall_32+0x34/0x70
[  628.633282][T14036]  do_SYSENTER_32+0x1b/0x20
[  628.637831][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  628.644399][T14036] 
[  628.646730][T14036] Uninit was stored to memory at:
[  628.651986][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  628.657149][T14036]  get_compat_msghdr+0x108/0x2c0
[  628.662358][T14036]  do_recvmmsg+0x1063/0x2120
[  628.666984][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  628.671889][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  628.678273][T14036]  __do_fast_syscall_32+0x96/0xf0
[  628.683477][T14036]  do_fast_syscall_32+0x34/0x70
[  628.688459][T14036]  do_SYSENTER_32+0x1b/0x20
[  628.693128][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  628.699506][T14036] 
[  628.701960][T14036] Uninit was stored to memory at:
[  628.707061][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  628.712359][T14036]  get_compat_msghdr+0x108/0x2c0
[  628.717346][T14036]  do_recvmmsg+0x1063/0x2120
[  628.722085][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  628.726881][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  628.733404][T14036]  __do_fast_syscall_32+0x96/0xf0
[  628.738478][T14036]  do_fast_syscall_32+0x34/0x70
[  628.743498][T14036]  do_SYSENTER_32+0x1b/0x20
[  628.748053][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  628.754561][T14036] 
[  628.756898][T14036] Uninit was stored to memory at:
[  628.762189][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  628.767348][T14036]  get_compat_msghdr+0x108/0x2c0
[  628.772454][T14036]  do_recvmmsg+0x1063/0x2120
[  628.777081][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  628.781899][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  628.788292][T14036]  __do_fast_syscall_32+0x96/0xf0
[  628.793492][T14036]  do_fast_syscall_32+0x34/0x70
[  628.798387][T14036]  do_SYSENTER_32+0x1b/0x20
[  628.803051][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  628.809429][T14036] 
[  628.811875][T14036] Uninit was stored to memory at:
[  628.816964][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  628.822244][T14036]  get_compat_msghdr+0x108/0x2c0
[  628.827229][T14036]  do_recvmmsg+0x1063/0x2120
[  628.831974][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  628.836691][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  628.843190][T14036]  __do_fast_syscall_32+0x96/0xf0
[  628.848262][T14036]  do_fast_syscall_32+0x34/0x70
[  628.853281][T14036]  do_SYSENTER_32+0x1b/0x20
[  628.857827][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  628.864326][T14036] 
[  628.866664][T14036] Uninit was stored to memory at:
[  628.871873][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  628.877033][T14036]  get_compat_msghdr+0x108/0x2c0
[  628.882149][T14036]  do_recvmmsg+0x1063/0x2120
[  628.886771][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  628.891482][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  628.898070][T14036]  __do_fast_syscall_32+0x96/0xf0
[  628.903242][T14036]  do_fast_syscall_32+0x34/0x70
[  628.908140][T14036]  do_SYSENTER_32+0x1b/0x20
[  628.912815][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  628.919193][T14036] 
[  628.921524][T14036] Local variable msg_sys created at:
[  628.926953][T14036]  do_recvmmsg+0xc1/0x2120
[  628.931402][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  629.217918][T14036] not chained 290000 origins
[  629.224294][T14036] CPU: 1 PID: 14036 Comm: syz-executor.0 Not tainted 5.16.0-rc3-syzkaller #0
[  629.233105][T14036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  629.243195][T14036] Call Trace:
[  629.246494][T14036]  <TASK>
[  629.249458][T14036]  dump_stack_lvl+0x1ff/0x28e
[  629.254189][T14036]  dump_stack+0x25/0x28
[  629.258386][T14036]  kmsan_internal_chain_origin+0x7a/0x110
[  629.264166][T14036]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  629.270298][T14036]  ? kmsan_get_metadata+0xa4/0x120
[  629.275479][T14036]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  629.281364][T14036]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  629.286981][T14036]  ? kmsan_get_metadata+0xa4/0x120
[  629.292159][T14036]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  629.298046][T14036]  ? should_fail+0x75/0x9c0
[  629.302610][T14036]  ? kmsan_get_metadata+0xa4/0x120
[  629.307784][T14036]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  629.314086][T14036]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  629.320224][T14036]  ? kmsan_get_metadata+0xa4/0x120
[  629.325401][T14036]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  629.331274][T14036]  __msan_chain_origin+0xbf/0x140
[  629.336356][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  629.341547][T14036]  get_compat_msghdr+0x108/0x2c0
[  629.346547][T14036]  ? __sys_recvmmsg+0x51c/0x6f0
[  629.351622][T14036]  do_recvmmsg+0x1063/0x2120
[  629.356275][T14036]  ? kmsan_get_metadata+0xa4/0x120
[  629.361471][T14036]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  629.367783][T14036]  ? kmsan_get_metadata+0xa4/0x120
[  629.372956][T14036]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  629.379347][T14036]  ? fput+0x82/0x320
[  629.383294][T14036]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  629.389859][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  629.394594][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  629.400991][T14036]  __do_fast_syscall_32+0x96/0xf0
[  629.406070][T14036]  do_fast_syscall_32+0x34/0x70
[  629.410963][T14036]  do_SYSENTER_32+0x1b/0x20
[  629.415512][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  629.421900][T14036] RIP: 0023:0xf6e9a549
[  629.425994][T14036] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  629.445654][T14036] RSP: 002b:00000000f5e735fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  629.454117][T14036] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  629.462128][T14036] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  629.470131][T14036] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  629.478227][T14036] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  629.486239][T14036] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  629.494259][T14036]  </TASK>
[  629.501159][T14036] Uninit was stored to memory at:
[  629.506839][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  629.512120][T14036]  get_compat_msghdr+0x108/0x2c0
[  629.517163][T14036]  do_recvmmsg+0x1063/0x2120
[  629.521912][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  629.526623][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  629.533197][T14036]  __do_fast_syscall_32+0x96/0xf0
[  629.538271][T14036]  do_fast_syscall_32+0x34/0x70
[  629.543303][T14036]  do_SYSENTER_32+0x1b/0x20
[  629.547857][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  629.554398][T14036] 
[  629.556765][T14036] Uninit was stored to memory at:
[  629.561990][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  629.567152][T14036]  get_compat_msghdr+0x108/0x2c0
[  629.572269][T14036]  do_recvmmsg+0x1063/0x2120
[  629.576893][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  629.581609][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  629.588117][T14036]  __do_fast_syscall_32+0x96/0xf0
[  629.593333][T14036]  do_fast_syscall_32+0x34/0x70
[  629.598232][T14036]  do_SYSENTER_32+0x1b/0x20
[  629.602908][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  629.609287][T14036] 
[  629.611616][T14036] Uninit was stored to memory at:
[  629.616836][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  629.622121][T14036]  get_compat_msghdr+0x108/0x2c0
[  629.627108][T14036]  do_recvmmsg+0x1063/0x2120
[  629.631851][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  629.636558][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  629.643063][T14036]  __do_fast_syscall_32+0x96/0xf0
[  629.648135][T14036]  do_fast_syscall_32+0x34/0x70
[  629.653183][T14036]  do_SYSENTER_32+0x1b/0x20
[  629.657731][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  629.664230][T14036] 
[  629.666562][T14036] Uninit was stored to memory at:
[  629.671654][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  629.676929][T14036]  get_compat_msghdr+0x108/0x2c0
[  629.682022][T14036]  do_recvmmsg+0x1063/0x2120
[  629.686648][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  629.691362][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  629.697875][T14036]  __do_fast_syscall_32+0x96/0xf0
[  629.703038][T14036]  do_fast_syscall_32+0x34/0x70
[  629.707930][T14036]  do_SYSENTER_32+0x1b/0x20
[  629.712625][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  629.719006][T14036] 
[  629.721332][T14036] Uninit was stored to memory at:
[  629.726549][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  629.731818][T14036]  get_compat_msghdr+0x108/0x2c0
[  629.736823][T14036]  do_recvmmsg+0x1063/0x2120
[  629.741446][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  629.746291][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  629.752795][T14036]  __do_fast_syscall_32+0x96/0xf0
[  629.757862][T14036]  do_fast_syscall_32+0x34/0x70
[  629.762873][T14036]  do_SYSENTER_32+0x1b/0x20
[  629.767420][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  629.773932][T14036] 
[  629.776266][T14036] Uninit was stored to memory at:
[  629.781354][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  629.786646][T14036]  get_compat_msghdr+0x108/0x2c0
[  629.791634][T14036]  do_recvmmsg+0x1063/0x2120
[  629.796362][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  629.801097][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  629.807615][T14036]  __do_fast_syscall_32+0x96/0xf0
[  629.812780][T14036]  do_fast_syscall_32+0x34/0x70
[  629.817676][T14036]  do_SYSENTER_32+0x1b/0x20
[  629.822342][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  629.829244][T14036] 
[  629.831581][T14036] Uninit was stored to memory at:
[  629.836814][T14036]  __get_compat_msghdr+0x6e1/0x9d0
[  629.842178][T14036]  get_compat_msghdr+0x108/0x2c0
[  629.847164][T14036]  do_recvmmsg+0x1063/0x2120
[  629.851991][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  629.856702][T14036]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  629.863211][T14036]  __do_fast_syscall_32+0x96/0xf0
[  629.868369][T14036]  do_fast_syscall_32+0x34/0x70
[  629.873391][T14036]  do_SYSENTER_32+0x1b/0x20
[  629.877941][T14036]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  629.884434][T14036] 
[  629.886768][T14036] Local variable msg_sys created at:
[  629.892171][T14036]  do_recvmmsg+0xc1/0x2120
[  629.896624][T14036]  __sys_recvmmsg+0x51c/0x6f0
[  630.042931][T13989] not chained 300000 origins
[  630.047565][T13989] CPU: 1 PID: 13989 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0
[  630.056549][T13989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  630.066635][T13989] Call Trace:
[  630.069935][T13989]  <TASK>
[  630.072907][T13989]  dump_stack_lvl+0x1ff/0x28e
[  630.077638][T13989]  dump_stack+0x25/0x28
[  630.081836][T13989]  kmsan_internal_chain_origin+0x7a/0x110
[  630.087617][T13989]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  630.093742][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  630.098911][T13989]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  630.104792][T13989]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  630.110403][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  630.115578][T13989]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  630.121453][T13989]  ? should_fail+0x75/0x9c0
[  630.126019][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  630.131188][T13989]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  630.137578][T13989]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  630.143711][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  630.148880][T13989]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  630.154744][T13989]  __msan_chain_origin+0xbf/0x140
[  630.159825][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  630.165003][T13989]  get_compat_msghdr+0x108/0x2c0
[  630.169998][T13989]  ? __sys_recvmmsg+0x51c/0x6f0
[  630.174899][T13989]  do_recvmmsg+0x1063/0x2120
[  630.179552][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  630.184815][T13989]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  630.191118][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  630.196301][T13989]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  630.202604][T13989]  ? fput+0x82/0x320
[  630.206556][T13989]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  630.213221][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  630.217955][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  630.224356][T13989]  __do_fast_syscall_32+0x96/0xf0
[  630.229433][T13989]  do_fast_syscall_32+0x34/0x70
[  630.234337][T13989]  do_SYSENTER_32+0x1b/0x20
[  630.238885][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  630.245261][T13989] RIP: 0023:0xf6e8f549
[  630.249354][T13989] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  630.269010][T13989] RSP: 002b:00000000f5e685fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  630.277480][T13989] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  630.285498][T13989] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  630.293514][T13989] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  630.301529][T13989] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  630.309538][T13989] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  630.317563][T13989]  </TASK>
[  630.324271][T13989] Uninit was stored to memory at:
[  630.329400][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  630.335222][T13989]  get_compat_msghdr+0x108/0x2c0
[  630.340244][T13989]  do_recvmmsg+0x1063/0x2120
[  630.345057][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  630.349769][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  630.356345][T13989]  __do_fast_syscall_32+0x96/0xf0
[  630.361414][T13989]  do_fast_syscall_32+0x34/0x70
[  630.366513][T13989]  do_SYSENTER_32+0x1b/0x20
[  630.371068][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  630.377648][T13989] 
[  630.379993][T13989] Uninit was stored to memory at:
[  630.385281][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  630.390439][T13989]  get_compat_msghdr+0x108/0x2c0
[  630.395626][T13989]  do_recvmmsg+0x1063/0x2120
[  630.400250][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  630.405080][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  630.411469][T13989]  __do_fast_syscall_32+0x96/0xf0
[  630.416932][T13989]  do_fast_syscall_32+0x34/0x70
[  630.421939][T13989]  do_SYSENTER_32+0x1b/0x20
[  630.426485][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  630.433056][T13989] 
[  630.435392][T13989] Uninit was stored to memory at:
[  630.440481][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  630.445844][T13989]  get_compat_msghdr+0x108/0x2c0
[  630.450829][T13989]  do_recvmmsg+0x1063/0x2120
[  630.455677][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  630.460391][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  630.466967][T13989]  __do_fast_syscall_32+0x96/0xf0
[  630.472229][T13989]  do_fast_syscall_32+0x34/0x70
[  630.477128][T13989]  do_SYSENTER_32+0x1b/0x20
[  630.481868][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  630.488255][T13989] 
[  630.490591][T13989] Uninit was stored to memory at:
[  630.495886][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  630.501043][T13989]  get_compat_msghdr+0x108/0x2c0
[  630.506240][T13989]  do_recvmmsg+0x1063/0x2120
[  630.510871][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  630.515789][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  630.522352][T13989]  __do_fast_syscall_32+0x96/0xf0
[  630.527425][T13989]  do_fast_syscall_32+0x34/0x70
[  630.532590][T13989]  do_SYSENTER_32+0x1b/0x20
[  630.537135][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  630.543894][T13989] 
[  630.546228][T13989] Uninit was stored to memory at:
[  630.551323][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  630.556669][T13989]  get_compat_msghdr+0x108/0x2c0
[  630.561658][T13989]  do_recvmmsg+0x1063/0x2120
[  630.566468][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  630.571185][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  630.577777][T13989]  __do_fast_syscall_32+0x96/0xf0
[  630.583013][T13989]  do_fast_syscall_32+0x34/0x70
[  630.587909][T13989]  do_SYSENTER_32+0x1b/0x20
[  630.592657][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  630.599033][T13989] 
[  630.601377][T13989] Uninit was stored to memory at:
[  630.606676][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  630.612005][T13989]  get_compat_msghdr+0x108/0x2c0
[  630.616998][T13989]  do_recvmmsg+0x1063/0x2120
[  630.621636][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  630.626530][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  630.633110][T13989]  __do_fast_syscall_32+0x96/0xf0
[  630.638177][T13989]  do_fast_syscall_32+0x34/0x70
[  630.643245][T13989]  do_SYSENTER_32+0x1b/0x20
[  630.647873][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  630.654453][T13989] 
[  630.656794][T13989] Uninit was stored to memory at:
[  630.662056][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  630.667212][T13989]  get_compat_msghdr+0x108/0x2c0
[  630.672375][T13989]  do_recvmmsg+0x1063/0x2120
[  630.677003][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  630.681894][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  630.688280][T13989]  __do_fast_syscall_32+0x96/0xf0
[  630.693558][T13989]  do_fast_syscall_32+0x34/0x70
[  630.698457][T13989]  do_SYSENTER_32+0x1b/0x20
[  630.703203][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  630.709579][T13989] 
[  630.712091][T13989] Local variable msg_sys created at:
[  630.717382][T13989]  do_recvmmsg+0xc1/0x2120
[  630.722022][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  631.078897][T13989] not chained 310000 origins
[  631.084204][T13989] CPU: 1 PID: 13989 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0
[  631.093017][T13989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  631.103105][T13989] Call Trace:
[  631.106404][T13989]  <TASK>
[  631.109395][T13989]  dump_stack_lvl+0x1ff/0x28e
[  631.114125][T13989]  dump_stack+0x25/0x28
[  631.118321][T13989]  kmsan_internal_chain_origin+0x7a/0x110
[  631.124100][T13989]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  631.130230][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  631.135399][T13989]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  631.141273][T13989]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  631.146878][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  631.152081][T13989]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  631.157952][T13989]  ? should_fail+0x75/0x9c0
[  631.162513][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  631.167688][T13989]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  631.173998][T13989]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  631.180130][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  631.185315][T13989]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  631.191312][T13989]  __msan_chain_origin+0xbf/0x140
[  631.196410][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  631.201599][T13989]  get_compat_msghdr+0x108/0x2c0
[  631.206598][T13989]  ? __sys_recvmmsg+0x51c/0x6f0
[  631.211492][T13989]  do_recvmmsg+0x1063/0x2120
[  631.216143][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  631.221324][T13989]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  631.227628][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  631.232894][T13989]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  631.239198][T13989]  ? fput+0x82/0x320
[  631.243148][T13989]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  631.249715][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  631.254538][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  631.261028][T13989]  __do_fast_syscall_32+0x96/0xf0
[  631.266118][T13989]  do_fast_syscall_32+0x34/0x70
[  631.271022][T13989]  do_SYSENTER_32+0x1b/0x20
[  631.275573][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  631.281978][T13989] RIP: 0023:0xf6e8f549
[  631.286079][T13989] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  631.305734][T13989] RSP: 002b:00000000f5e685fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  631.314230][T13989] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  631.322240][T13989] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  631.330247][T13989] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  631.338252][T13989] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  631.346251][T13989] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  631.354274][T13989]  </TASK>
[  631.357610][T13989] Uninit was stored to memory at:
[  631.362815][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  631.367968][T13989]  get_compat_msghdr+0x108/0x2c0
[  631.373081][T13989]  do_recvmmsg+0x1063/0x2120
[  631.377697][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  631.382681][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  631.389077][T13989]  __do_fast_syscall_32+0x96/0xf0
[  631.394309][T13989]  do_fast_syscall_32+0x34/0x70
[  631.399208][T13989]  do_SYSENTER_32+0x1b/0x20
[  631.403883][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  631.410261][T13989] 
[  631.412706][T13989] Uninit was stored to memory at:
[  631.417806][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  631.423155][T13989]  get_compat_msghdr+0x108/0x2c0
[  631.428143][T13989]  do_recvmmsg+0x1063/0x2120
[  631.432988][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  631.437701][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  631.444287][T13989]  __do_fast_syscall_32+0x96/0xf0
[  631.449360][T13989]  do_fast_syscall_32+0x34/0x70
[  631.454442][T13989]  do_SYSENTER_32+0x1b/0x20
[  631.458984][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  631.465552][T13989] 
[  631.467888][T13989] Uninit was stored to memory at:
[  631.473172][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  631.478332][T13989]  get_compat_msghdr+0x108/0x2c0
[  631.483497][T13989]  do_recvmmsg+0x1063/0x2120
[  631.488124][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  631.493032][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  631.499416][T13989]  __do_fast_syscall_32+0x96/0xf0
[  631.504678][T13989]  do_fast_syscall_32+0x34/0x70
[  631.509574][T13989]  do_SYSENTER_32+0x1b/0x20
[  631.514321][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  631.520695][T13989] 
[  631.523482][T13989] Uninit was stored to memory at:
[  631.528573][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  631.533923][T13989]  get_compat_msghdr+0x108/0x2c0
[  631.539351][T13989]  do_recvmmsg+0x1063/0x2120
[  631.544275][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  631.548995][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  631.555594][T13989]  __do_fast_syscall_32+0x96/0xf0
[  631.560671][T13989]  do_fast_syscall_32+0x34/0x70
[  631.565759][T13989]  do_SYSENTER_32+0x1b/0x20
[  631.570308][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  631.576899][T13989] 
[  631.579231][T13989] Uninit was stored to memory at:
[  631.584515][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  631.589671][T13989]  get_compat_msghdr+0x108/0x2c0
[  631.594848][T13989]  do_recvmmsg+0x1063/0x2120
[  631.599489][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  631.604405][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  631.610790][T13989]  __do_fast_syscall_32+0x96/0xf0
[  631.616060][T13989]  do_fast_syscall_32+0x34/0x70
[  631.620964][T13989]  do_SYSENTER_32+0x1b/0x20
[  631.625701][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  631.632256][T13989] 
[  631.634587][T13989] Uninit was stored to memory at:
[  631.639678][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  631.645035][T13989]  get_compat_msghdr+0x108/0x2c0
[  631.650024][T13989]  do_recvmmsg+0x1063/0x2120
[  631.654854][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  631.659570][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  631.666144][T13989]  __do_fast_syscall_32+0x96/0xf0
[  631.671218][T13989]  do_fast_syscall_32+0x34/0x70
[  631.676313][T13989]  do_SYSENTER_32+0x1b/0x20
[  631.680858][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  631.687442][T13989] 
[  631.689776][T13989] Uninit was stored to memory at:
[  631.695151][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  631.700569][T13989]  get_compat_msghdr+0x108/0x2c0
[  631.705749][T13989]  do_recvmmsg+0x1063/0x2120
[  631.710374][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  631.715286][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  631.721671][T13989]  __do_fast_syscall_32+0x96/0xf0
[  631.726939][T13989]  do_fast_syscall_32+0x34/0x70
[  631.731987][T13989]  do_SYSENTER_32+0x1b/0x20
[  631.736528][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  631.743096][T13989] 
[  631.745431][T13989] Local variable msg_sys created at:
[  631.750720][T13989]  do_recvmmsg+0xc1/0x2120
[  631.755374][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  632.037815][T13989] not chained 320000 origins
[  632.042741][T13989] CPU: 1 PID: 13989 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0
[  632.051544][T13989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  632.061713][T13989] Call Trace:
[  632.065010][T13989]  <TASK>
[  632.067953][T13989]  dump_stack_lvl+0x1ff/0x28e
[  632.072684][T13989]  dump_stack+0x25/0x28
[  632.076879][T13989]  kmsan_internal_chain_origin+0x7a/0x110
[  632.082652][T13989]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  632.088774][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  632.093950][T13989]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  632.099825][T13989]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  632.105439][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  632.110614][T13989]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  632.116491][T13989]  ? should_fail+0x75/0x9c0
[  632.121050][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  632.126221][T13989]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  632.132525][T13989]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  632.138742][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  632.143915][T13989]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  632.149788][T13989]  __msan_chain_origin+0xbf/0x140
[  632.154904][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  632.160089][T13989]  get_compat_msghdr+0x108/0x2c0
[  632.165082][T13989]  ? __sys_recvmmsg+0x51c/0x6f0
[  632.169979][T13989]  do_recvmmsg+0x1063/0x2120
[  632.174652][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  632.179832][T13989]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  632.186223][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  632.191398][T13989]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  632.197709][T13989]  ? fput+0x82/0x320
[  632.201656][T13989]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  632.208221][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  632.212974][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  632.219480][T13989]  __do_fast_syscall_32+0x96/0xf0
[  632.224566][T13989]  do_fast_syscall_32+0x34/0x70
[  632.229473][T13989]  do_SYSENTER_32+0x1b/0x20
[  632.234027][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  632.240413][T13989] RIP: 0023:0xf6e8f549
[  632.244508][T13989] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  632.264162][T13989] RSP: 002b:00000000f5e685fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  632.272626][T13989] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  632.280634][T13989] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  632.288635][T13989] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  632.296648][T13989] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  632.304716][T13989] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  632.312861][T13989]  </TASK>
[  632.319683][T13989] Uninit was stored to memory at:
[  632.325398][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  632.330555][T13989]  get_compat_msghdr+0x108/0x2c0
[  632.335724][T13989]  do_recvmmsg+0x1063/0x2120
[  632.340350][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  632.345206][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  632.351604][T13989]  __do_fast_syscall_32+0x96/0xf0
[  632.356822][T13989]  do_fast_syscall_32+0x34/0x70
[  632.361839][T13989]  do_SYSENTER_32+0x1b/0x20
[  632.366392][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  632.372974][T13989] 
[  632.375318][T13989] Uninit was stored to memory at:
[  632.380409][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  632.385710][T13989]  get_compat_msghdr+0x108/0x2c0
[  632.390702][T13989]  do_recvmmsg+0x1063/0x2120
[  632.395466][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  632.400178][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  632.406691][T13989]  __do_fast_syscall_32+0x96/0xf0
[  632.411870][T13989]  do_fast_syscall_32+0x34/0x70
[  632.416767][T13989]  do_SYSENTER_32+0x1b/0x20
[  632.421311][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  632.427824][T13989] 
[  632.430163][T13989] Uninit was stored to memory at:
[  632.435362][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  632.440521][T13989]  get_compat_msghdr+0x108/0x2c0
[  632.445633][T13989]  do_recvmmsg+0x1063/0x2120
[  632.450259][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  632.455081][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  632.461461][T13989]  __do_fast_syscall_32+0x96/0xf0
[  632.466655][T13989]  do_fast_syscall_32+0x34/0x70
[  632.471551][T13989]  do_SYSENTER_32+0x1b/0x20
[  632.476238][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  632.482782][T13989] 
[  632.485118][T13989] Uninit was stored to memory at:
[  632.490235][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  632.495529][T13989]  get_compat_msghdr+0x108/0x2c0
[  632.500528][T13989]  do_recvmmsg+0x1063/0x2120
[  632.505372][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  632.510086][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  632.516602][T13989]  __do_fast_syscall_32+0x96/0xf0
[  632.521676][T13989]  do_fast_syscall_32+0x34/0x70
[  632.526698][T13989]  do_SYSENTER_32+0x1b/0x20
[  632.531247][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  632.537773][T13989] 
[  632.540104][T13989] Uninit was stored to memory at:
[  632.545297][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  632.550449][T13989]  get_compat_msghdr+0x108/0x2c0
[  632.555565][T13989]  do_recvmmsg+0x1063/0x2120
[  632.560206][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  632.565044][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  632.571427][T13989]  __do_fast_syscall_32+0x96/0xf0
[  632.576632][T13989]  do_fast_syscall_32+0x34/0x70
[  632.581532][T13989]  do_SYSENTER_32+0x1b/0x20
[  632.586223][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  632.592733][T13989] 
[  632.595063][T13989] Uninit was stored to memory at:
[  632.600154][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  632.605443][T13989]  get_compat_msghdr+0x108/0x2c0
[  632.610429][T13989]  do_recvmmsg+0x1063/0x2120
[  632.615179][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  632.619892][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  632.626401][T13989]  __do_fast_syscall_32+0x96/0xf0
[  632.631472][T13989]  do_fast_syscall_32+0x34/0x70
[  632.636500][T13989]  do_SYSENTER_32+0x1b/0x20
[  632.641084][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  632.647608][T13989] 
[  632.649940][T13989] Uninit was stored to memory at:
[  632.655131][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  632.660290][T13989]  get_compat_msghdr+0x108/0x2c0
[  632.665410][T13989]  do_recvmmsg+0x1063/0x2120
[  632.670031][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  632.674860][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  632.681241][T13989]  __do_fast_syscall_32+0x96/0xf0
[  632.686440][T13989]  do_fast_syscall_32+0x34/0x70
[  632.691330][T13989]  do_SYSENTER_32+0x1b/0x20
[  632.695998][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  632.702502][T13989] 
[  632.704837][T13989] Local variable msg_sys created at:
[  632.710127][T13989]  do_recvmmsg+0xc1/0x2120
[  632.714704][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  632.933508][T13989] not chained 330000 origins
[  632.938145][T13989] CPU: 1 PID: 13989 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0
[  632.946951][T13989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  632.957037][T13989] Call Trace:
[  632.960336][T13989]  <TASK>
[  632.963281][T13989]  dump_stack_lvl+0x1ff/0x28e
[  632.968273][T13989]  dump_stack+0x25/0x28
[  632.972493][T13989]  kmsan_internal_chain_origin+0x7a/0x110
[  632.978307][T13989]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  632.984436][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  632.989601][T13989]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  632.995471][T13989]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  633.001081][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  633.006255][T13989]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  633.012126][T13989]  ? should_fail+0x75/0x9c0
[  633.016687][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  633.021855][T13989]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  633.028160][T13989]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  633.034295][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  633.039464][T13989]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  633.045336][T13989]  __msan_chain_origin+0xbf/0x140
[  633.050416][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  633.055601][T13989]  get_compat_msghdr+0x108/0x2c0
[  633.060592][T13989]  ? __sys_recvmmsg+0x51c/0x6f0
[  633.065489][T13989]  do_recvmmsg+0x1063/0x2120
[  633.070145][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  633.075322][T13989]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  633.081624][T13989]  ? kmsan_get_metadata+0xa4/0x120
[  633.086790][T13989]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  633.093096][T13989]  ? fput+0x82/0x320
[  633.097042][T13989]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  633.103610][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  633.108342][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  633.114748][T13989]  __do_fast_syscall_32+0x96/0xf0
[  633.119826][T13989]  do_fast_syscall_32+0x34/0x70
[  633.124727][T13989]  do_SYSENTER_32+0x1b/0x20
[  633.129276][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  633.135653][T13989] RIP: 0023:0xf6e8f549
[  633.139746][T13989] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  633.159401][T13989] RSP: 002b:00000000f5e685fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  633.167859][T13989] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  633.175875][T13989] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  633.183882][T13989] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  633.191887][T13989] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  633.199889][T13989] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  633.207909][T13989]  </TASK>
[  633.216468][T13989] Uninit was stored to memory at:
[  633.216557][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  633.216614][T13989]  get_compat_msghdr+0x108/0x2c0
[  633.232930][T13989]  do_recvmmsg+0x1063/0x2120
[  633.237556][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  633.242387][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  633.248773][T13989]  __do_fast_syscall_32+0x96/0xf0
[  633.253968][T13989]  do_fast_syscall_32+0x34/0x70
[  633.258866][T13989]  do_SYSENTER_32+0x1b/0x20
[  633.263537][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  633.269921][T13989] 
[  633.272367][T13989] Uninit was stored to memory at:
[  633.277459][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  633.282802][T13989]  get_compat_msghdr+0x108/0x2c0
[  633.287784][T13989]  do_recvmmsg+0x1063/0x2120
[  633.292531][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  633.297239][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  633.303743][T13989]  __do_fast_syscall_32+0x96/0xf0
[  633.308838][T13989]  do_fast_syscall_32+0x34/0x70
[  633.313863][T13989]  do_SYSENTER_32+0x1b/0x20
[  633.318414][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  633.324913][T13989] 
[  633.327240][T13989] Uninit was stored to memory at:
[  633.332442][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  633.337595][T13989]  get_compat_msghdr+0x108/0x2c0
[  633.342782][T13989]  do_recvmmsg+0x1063/0x2120
[  633.347408][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  633.352248][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  633.358634][T13989]  __do_fast_syscall_32+0x96/0xf0
[  633.363837][T13989]  do_fast_syscall_32+0x34/0x70
[  633.368739][T13989]  do_SYSENTER_32+0x1b/0x20
[  633.373421][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  633.379805][T13989] 
[  633.382271][T13989] Uninit was stored to memory at:
[  633.387365][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  633.392654][T13989]  get_compat_msghdr+0x108/0x2c0
[  633.397640][T13989]  do_recvmmsg+0x1063/0x2120
[  633.402378][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  633.407158][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  633.413767][T13989]  __do_fast_syscall_32+0x96/0xf0
[  633.418839][T13989]  do_fast_syscall_32+0x34/0x70
[  633.423873][T13989]  do_SYSENTER_32+0x1b/0x20
[  633.428422][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  633.434941][T13989] 
[  633.437316][T13989] Uninit was stored to memory at:
[  633.442595][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  633.447850][T13989]  get_compat_msghdr+0x108/0x2c0
[  633.452961][T13989]  do_recvmmsg+0x1063/0x2120
[  633.457588][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  633.462470][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  633.468855][T13989]  __do_fast_syscall_32+0x96/0xf0
[  633.474050][T13989]  do_fast_syscall_32+0x34/0x70
[  633.478968][T13989]  do_SYSENTER_32+0x1b/0x20
[  633.483625][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  633.490002][T13989] 
[  633.492455][T13989] Uninit was stored to memory at:
[  633.497556][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  633.502840][T13989]  get_compat_msghdr+0x108/0x2c0
[  633.507824][T13989]  do_recvmmsg+0x1063/0x2120
[  633.512573][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  633.517282][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  633.523789][T13989]  __do_fast_syscall_32+0x96/0xf0
[  633.528860][T13989]  do_fast_syscall_32+0x34/0x70
[  633.533889][T13989]  do_SYSENTER_32+0x1b/0x20
[  633.538434][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  633.544937][T13989] 
[  633.547270][T13989] Uninit was stored to memory at:
[  633.552473][T13989]  __get_compat_msghdr+0x6e1/0x9d0
[  633.557629][T13989]  get_compat_msghdr+0x108/0x2c0
[  633.562755][T13989]  do_recvmmsg+0x1063/0x2120
[  633.567386][T13989]  __sys_recvmmsg+0x51c/0x6f0
[  633.572234][T13989]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  633.578621][T13989]  __do_fast_syscall_32+0x96/0xf0
02:10:56 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0)
sched_setattr(0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10)
r4 = perf_event_open(&(0x7f0000000480)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r5 = dup2(r3, r4)
sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x70d7, 0x4, 0x8, 0x5, 0x7}, 0x0)
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r5, 0xc0506617, &(0x7f0000000300)={@id={0x2, 0x0, @a}, 0x40, 0x0, '\x00', @a})

[  633.583818][T13989]  do_fast_syscall_32+0x34/0x70
[  633.588714][T13989]  do_SYSENTER_32+0x1b/0x20
[  633.593377][T13989]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  633.599746][T13989] 
[  633.602197][T13989] Local variable msg_sys created at:
[  633.607490][T13989]  do_recvmmsg+0xc1/0x2120
[  633.612070][T13989]  __sys_recvmmsg+0x51c/0x6f0
02:10:56 executing program 5:
r0 = socket$inet6(0xa, 0x2, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x4a0a0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @dev}, 0x1c)
setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f0000000040), 0x4)

02:10:56 executing program 1:
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000002300), 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000040))
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000080)=0x3)

02:10:56 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000440)=ANY=[@ANYBLOB="61124c000000000061134c0000000000bf2000000000000007030000151b00093d030100000000009500000000000000bc26000000000000bf67000000000000070600000fff07006706000003000000160600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cbf843dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe703057593d5cbcd6a12176efc246beef484bd66a2ee0cced3c0a037b8bdcd855cb40be258e1f778bc66d5242a57fa866fdce74af0f7c7ccc831046d281b11a6c775d9289bc996260ea61e61b578db4c93768e92c4ba2100f476c0cdfb205248ed39248013fc4c1bc6458e8bfc17f82d47d95453556a41989ef64f34ae"], &(0x7f0000000100)='GPL\x00'}, 0x48)

02:10:56 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x14, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="000304000000040301"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, 0x0)

02:10:56 executing program 0:
r0 = openat$sysfs(0xffffff9c, &(0x7f0000000080)='/sys/block/loop0', 0x20001, 0x0)
writev(r0, &(0x7f0000000040)=[{&(0x7f00000000c0)="7a24a60e32b9f7f793a702fe44393a0a", 0x10}], 0x1)

02:10:56 executing program 0:
openat$ppp(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r2 = dup2(r0, r1)
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000000), 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r2}})

02:10:56 executing program 5:
r0 = socket$inet6(0xa, 0x2, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x4a0a0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @dev}, 0x1c)
setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f0000000040), 0x4)

02:10:56 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000440)=ANY=[@ANYBLOB="61124c000000000061134c0000000000bf2000000000000007030000151b00093d030100000000009500000000000000bc26000000000000bf67000000000000070600000fff07006706000003000000160600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cbf843dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe703057593d5cbcd6a12176efc246beef484bd66a2ee0cced3c0a037b8bdcd855cb40be258e1f778bc66d5242a57fa866fdce74af0f7c7ccc831046d281b11a6c775d9289bc996260ea61e61b578db4c93768e92c4ba2100f476c0cdfb205248ed39248013fc4c1bc6458e8bfc17f82d47d95453556a41989ef64f34ae"], &(0x7f0000000100)='GPL\x00'}, 0x48)

02:10:56 executing program 1:
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000002300), 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000040))
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000080)=0x3)

[  634.222479][T13896] usb 5-1: new high-speed USB device number 92 using dummy_hcd
[  634.484930][T13896] usb 5-1: Using ep0 maxpacket: 16
[  634.623837][T13896] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  634.634267][T13896] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  634.648181][T13896] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  634.658466][T13896] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  634.668462][T13896] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
02:10:57 executing program 3:
bpf$PROG_LOAD(0x5, 0x0, 0x0)

02:10:57 executing program 5:
r0 = socket$inet6(0xa, 0x2, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x4a0a0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @dev}, 0x1c)
setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f0000000040), 0x4)

[  635.054269][T13896] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  635.063647][T13896] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  635.072021][T13896] usb 5-1: Manufacturer: syz
[  635.221530][T13896] usb 5-1: config 0 descriptor??
[  635.667865][T13896] rc_core: IR keymap rc-hauppauge not found
[  635.674122][T13896] Registered IR keymap rc-empty
[  635.679314][T13896] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  635.755669][T13896] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  635.811048][T13896] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  635.826386][T13896] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input65
[  635.945004][T14085] not chained 340000 origins
[  635.949651][T14085] CPU: 1 PID: 14085 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0
[  635.958466][T14085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  635.968555][T14085] Call Trace:
[  635.971858][T14085]  <TASK>
[  635.974809][T14085]  dump_stack_lvl+0x1ff/0x28e
[  635.979571][T14085]  dump_stack+0x25/0x28
[  635.983866][T14085]  kmsan_internal_chain_origin+0x7a/0x110
[  635.989655][T14085]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  635.995789][T14085]  ? kmsan_get_metadata+0xa4/0x120
[  636.000966][T14085]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  636.006848][T14085]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  636.012458][T14085]  ? kmsan_get_metadata+0xa4/0x120
[  636.017635][T14085]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  636.023512][T14085]  ? should_fail+0x75/0x9c0
[  636.028091][T14085]  ? kmsan_get_metadata+0xa4/0x120
[  636.033268][T14085]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  636.039580][T14085]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  636.045711][T14085]  ? kmsan_get_metadata+0xa4/0x120
[  636.050873][T14085]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  636.056733][T14085]  __msan_chain_origin+0xbf/0x140
[  636.061813][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  636.066985][T14085]  get_compat_msghdr+0x108/0x2c0
[  636.071974][T14085]  ? __sys_recvmmsg+0x51c/0x6f0
[  636.076869][T14085]  do_recvmmsg+0x1063/0x2120
[  636.081507][T14085]  ? kmsan_get_metadata+0xa4/0x120
[  636.086683][T14085]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  636.092978][T14085]  ? kmsan_get_metadata+0xa4/0x120
[  636.098139][T14085]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  636.104434][T14085]  ? fput+0x82/0x320
[  636.108372][T14085]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  636.114926][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  636.119649][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  636.126036][T14085]  __do_fast_syscall_32+0x96/0xf0
[  636.131125][T14085]  do_fast_syscall_32+0x34/0x70
[  636.136017][T14085]  do_SYSENTER_32+0x1b/0x20
[  636.140554][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  636.146933][T14085] RIP: 0023:0xf6e8f549
[  636.151037][T14085] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  636.170703][T14085] RSP: 002b:00000000f5e685fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  636.179171][T14085] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  636.187175][T14085] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  636.195190][T14085] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  636.203182][T14085] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  636.211179][T14085] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  636.219188][T14085]  </TASK>
[  636.226257][T14085] Uninit was stored to memory at:
[  636.231463][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  636.237639][T14085]  get_compat_msghdr+0x108/0x2c0
[  636.242755][T14085]  do_recvmmsg+0x1063/0x2120
[  636.247384][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  636.252235][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  636.258630][T14085]  __do_fast_syscall_32+0x96/0xf0
[  636.263838][T14085]  do_fast_syscall_32+0x34/0x70
[  636.268737][T14085]  do_SYSENTER_32+0x1b/0x20
[  636.273421][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  636.279828][T14085] 
[  636.282291][T14085] Uninit was stored to memory at:
[  636.287385][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  636.292705][T14085]  get_compat_msghdr+0x108/0x2c0
[  636.297697][T14085]  do_recvmmsg+0x1063/0x2120
[  636.302456][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  636.307169][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  636.313698][T14085]  __do_fast_syscall_32+0x96/0xf0
[  636.318765][T14085]  do_fast_syscall_32+0x34/0x70
[  636.323793][T14085]  do_SYSENTER_32+0x1b/0x20
[  636.328341][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  636.334898][T14085] 
[  636.337237][T14085] Uninit was stored to memory at:
[  636.342513][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  636.347675][T14085]  get_compat_msghdr+0x108/0x2c0
[  636.352842][T14085]  do_recvmmsg+0x1063/0x2120
[  636.357469][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  636.362365][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  636.368748][T14085]  __do_fast_syscall_32+0x96/0xf0
[  636.374012][T14085]  do_fast_syscall_32+0x34/0x70
[  636.378914][T14085]  do_SYSENTER_32+0x1b/0x20
[  636.383645][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  636.390070][T14085] 
[  636.392580][T14085] Uninit was stored to memory at:
[  636.397682][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  636.403020][T14085]  get_compat_msghdr+0x108/0x2c0
[  636.408014][T14085]  do_recvmmsg+0x1063/0x2120
[  636.412826][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  636.417543][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  636.424127][T14085]  __do_fast_syscall_32+0x96/0xf0
[  636.429205][T14085]  do_fast_syscall_32+0x34/0x70
[  636.434295][T14085]  do_SYSENTER_32+0x1b/0x20
[  636.438851][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  636.445435][T14085] 
[  636.447773][T14085] Uninit was stored to memory at:
[  636.453096][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  636.458356][T14085]  get_compat_msghdr+0x108/0x2c0
[  636.463532][T14085]  do_recvmmsg+0x1063/0x2120
[  636.468167][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  636.473054][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  636.479446][T14085]  __do_fast_syscall_32+0x96/0xf0
[  636.484806][T14085]  do_fast_syscall_32+0x34/0x70
[  636.489706][T14085]  do_SYSENTER_32+0x1b/0x20
[  636.494432][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  636.500817][T14085] 
[  636.503337][T14085] Uninit was stored to memory at:
[  636.508440][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  636.513785][T14085]  get_compat_msghdr+0x108/0x2c0
[  636.518773][T14085]  do_recvmmsg+0x1063/0x2120
[  636.523592][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  636.528336][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  636.534917][T14085]  __do_fast_syscall_32+0x96/0xf0
[  636.539996][T14085]  do_fast_syscall_32+0x34/0x70
[  636.545082][T14085]  do_SYSENTER_32+0x1b/0x20
[  636.549639][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  636.556217][T14085] 
[  636.558555][T14085] Uninit was stored to memory at:
[  636.563835][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  636.568993][T14085]  get_compat_msghdr+0x108/0x2c0
[  636.574167][T14085]  do_recvmmsg+0x1063/0x2120
[  636.578804][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  636.583705][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  636.590095][T14085]  __do_fast_syscall_32+0x96/0xf0
[  636.595384][T14085]  do_fast_syscall_32+0x34/0x70
[  636.600281][T14085]  do_SYSENTER_32+0x1b/0x20
[  636.605008][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  636.611401][T14085] 
[  636.614007][T14085] Local variable msg_sys created at:
[  636.619299][T14085]  do_recvmmsg+0xc1/0x2120
[  636.623927][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  636.637047][T13896] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  636.673214][T13896] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  636.742332][T13896] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  636.772124][T13896] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  636.812507][T13896] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  636.852753][T13896] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  636.882947][T13896] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  636.922378][T13896] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  636.960653][T13896] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  636.994998][T13896] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  637.045298][T13896] mceusb 5-1:0.0: Registered 
 with mce emulator interface version 1
[  637.053733][T13896] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  637.134299][T13896] usb 5-1: USB disconnect, device number 92
[  637.284284][T14085] not chained 350000 origins
[  637.288918][T14085] CPU: 0 PID: 14085 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0
[  637.297725][T14085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  637.307817][T14085] Call Trace:
[  637.311115][T14085]  <TASK>
[  637.314060][T14085]  dump_stack_lvl+0x1ff/0x28e
[  637.318791][T14085]  dump_stack+0x25/0x28
[  637.322988][T14085]  kmsan_internal_chain_origin+0x7a/0x110
[  637.328769][T14085]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  637.334900][T14085]  ? kmsan_get_metadata+0xa4/0x120
[  637.340077][T14085]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  637.345950][T14085]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  637.351566][T14085]  ? kmsan_get_metadata+0xa4/0x120
[  637.356737][T14085]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  637.362615][T14085]  ? should_fail+0x75/0x9c0
[  637.367176][T14085]  ? kmsan_get_metadata+0xa4/0x120
[  637.372351][T14085]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  637.378652][T14085]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  637.384789][T14085]  ? kmsan_get_metadata+0xa4/0x120
[  637.389959][T14085]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  637.395822][T14085]  __msan_chain_origin+0xbf/0x140
[  637.400903][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  637.406088][T14085]  get_compat_msghdr+0x108/0x2c0
[  637.411085][T14085]  ? __sys_recvmmsg+0x51c/0x6f0
[  637.415980][T14085]  do_recvmmsg+0x1063/0x2120
[  637.420646][T14085]  ? kmsan_get_metadata+0xa4/0x120
[  637.425823][T14085]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  637.432126][T14085]  ? kmsan_get_metadata+0xa4/0x120
[  637.437293][T14085]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  637.443601][T14085]  ? fput+0x82/0x320
[  637.447546][T14085]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  637.454137][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  637.458871][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  637.465271][T14085]  __do_fast_syscall_32+0x96/0xf0
[  637.470362][T14085]  do_fast_syscall_32+0x34/0x70
[  637.475351][T14085]  do_SYSENTER_32+0x1b/0x20
[  637.479897][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  637.486274][T14085] RIP: 0023:0xf6e8f549
[  637.490374][T14085] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  637.510032][T14085] RSP: 002b:00000000f5e685fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  637.518500][T14085] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  637.526519][T14085] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  637.534525][T14085] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  637.542528][T14085] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  637.551835][T14085] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  637.559859][T14085]  </TASK>
[  637.567468][T14085] Uninit was stored to memory at:
[  637.573452][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  637.578622][T14085]  get_compat_msghdr+0x108/0x2c0
[  637.583782][T14085]  do_recvmmsg+0x1063/0x2120
[  637.588417][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  637.593292][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  637.600031][T14085]  __do_fast_syscall_32+0x96/0xf0
[  637.605268][T14085]  do_fast_syscall_32+0x34/0x70
[  637.610380][T14085]  do_SYSENTER_32+0x1b/0x20
[  637.615085][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  637.621463][T14085] 
[  637.623949][T14085] Uninit was stored to memory at:
[  637.629134][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  637.634472][T14085]  get_compat_msghdr+0x108/0x2c0
[  637.639466][T14085]  do_recvmmsg+0x1063/0x2120
[  637.644261][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  637.648977][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  637.655531][T14085]  __do_fast_syscall_32+0x96/0xf0
[  637.660604][T14085]  do_fast_syscall_32+0x34/0x70
[  637.665669][T14085]  do_SYSENTER_32+0x1b/0x20
[  637.670244][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  637.676784][T14085] 
[  637.679118][T14085] Uninit was stored to memory at:
[  637.684373][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  637.689533][T14085]  get_compat_msghdr+0x108/0x2c0
[  637.694680][T14085]  do_recvmmsg+0x1063/0x2120
[  637.699314][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  637.704196][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  637.710612][T14085]  __do_fast_syscall_32+0x96/0xf0
[  637.715839][T14085]  do_fast_syscall_32+0x34/0x70
[  637.720833][T14085]  do_SYSENTER_32+0x1b/0x20
[  637.725575][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  637.732116][T14085] 
[  637.734454][T14085] Uninit was stored to memory at:
[  637.739558][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  637.744879][T14085]  get_compat_msghdr+0x108/0x2c0
[  637.749867][T14085]  do_recvmmsg+0x1063/0x2120
[  637.754660][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  637.759376][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  637.765923][T14085]  __do_fast_syscall_32+0x96/0xf0
[  637.770999][T14085]  do_fast_syscall_32+0x34/0x70
[  637.776038][T14085]  do_SYSENTER_32+0x1b/0x20
[  637.780583][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  637.787157][T14085] 
[  637.789493][T14085] Uninit was stored to memory at:
[  637.794744][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  637.799908][T14085]  get_compat_msghdr+0x108/0x2c0
[  637.805062][T14085]  do_recvmmsg+0x1063/0x2120
[  637.809689][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  637.814550][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  637.820959][T14085]  __do_fast_syscall_32+0x96/0xf0
[  637.826207][T14085]  do_fast_syscall_32+0x34/0x70
[  637.831104][T14085]  do_SYSENTER_32+0x1b/0x20
[  637.835809][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  637.842353][T14085] 
[  637.844688][T14085] Uninit was stored to memory at:
[  637.849782][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  637.855078][T14085]  get_compat_msghdr+0x108/0x2c0
[  637.859095][ T1201] ieee802154 phy0 wpan0: encryption failed: -22
[  637.860056][T14085]  do_recvmmsg+0x1063/0x2120
[  637.860102][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  637.866717][ T1201] ieee802154 phy1 wpan1: encryption failed: -22
[  637.871148][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  637.888510][T14085]  __do_fast_syscall_32+0x96/0xf0
[  637.893751][T14085]  do_fast_syscall_32+0x34/0x70
[  637.898655][T14085]  do_SYSENTER_32+0x1b/0x20
[  637.903385][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  637.909770][T14085] 
[  637.912261][T14085] Uninit was stored to memory at:
[  637.917355][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  637.922679][T14085]  get_compat_msghdr+0x108/0x2c0
[  637.927671][T14085]  do_recvmmsg+0x1063/0x2120
[  637.932512][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  637.937242][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  637.943802][T14085]  __do_fast_syscall_32+0x96/0xf0
[  637.948879][T14085]  do_fast_syscall_32+0x34/0x70
[  637.953938][T14085]  do_SYSENTER_32+0x1b/0x20
[  637.958497][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  637.965049][T14085] 
[  637.967386][T14085] Local variable msg_sys created at:
[  637.972838][T14085]  do_recvmmsg+0xc1/0x2120
[  637.977294][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  638.386168][T14085] not chained 360000 origins
[  638.390810][T14085] CPU: 0 PID: 14085 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0
[  638.399626][T14085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  638.409719][T14085] Call Trace:
[  638.413027][T14085]  <TASK>
[  638.415981][T14085]  dump_stack_lvl+0x1ff/0x28e
[  638.420720][T14085]  dump_stack+0x25/0x28
[  638.424923][T14085]  kmsan_internal_chain_origin+0x7a/0x110
[  638.430709][T14085]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  638.436842][T14085]  ? kmsan_get_metadata+0xa4/0x120
[  638.442011][T14085]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  638.447927][T14085]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  638.453541][T14085]  ? kmsan_get_metadata+0xa4/0x120
[  638.458715][T14085]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  638.464590][T14085]  ? should_fail+0x75/0x9c0
[  638.469152][T14085]  ? kmsan_get_metadata+0xa4/0x120
[  638.474328][T14085]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  638.480650][T14085]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  638.486791][T14085]  ? kmsan_get_metadata+0xa4/0x120
[  638.491978][T14085]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  638.497856][T14085]  __msan_chain_origin+0xbf/0x140
[  638.502950][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  638.508130][T14085]  get_compat_msghdr+0x108/0x2c0
[  638.513133][T14085]  ? __sys_recvmmsg+0x51c/0x6f0
[  638.518032][T14085]  do_recvmmsg+0x1063/0x2120
[  638.522681][T14085]  ? kmsan_get_metadata+0xa4/0x120
[  638.527866][T14085]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  638.534167][T14085]  ? kmsan_get_metadata+0xa4/0x120
[  638.539339][T14085]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  638.545648][T14085]  ? fput+0x82/0x320
[  638.549609][T14085]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  638.556178][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  638.560913][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  638.567319][T14085]  __do_fast_syscall_32+0x96/0xf0
[  638.572400][T14085]  do_fast_syscall_32+0x34/0x70
[  638.577309][T14085]  do_SYSENTER_32+0x1b/0x20
[  638.581872][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  638.588257][T14085] RIP: 0023:0xf6e8f549
[  638.592356][T14085] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  638.612014][T14085] RSP: 002b:00000000f5e685fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  638.620484][T14085] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  638.628507][T14085] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  638.636517][T14085] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  638.644537][T14085] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  638.652546][T14085] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  638.660569][T14085]  </TASK>
[  638.669351][T14085] Uninit was stored to memory at:
[  638.675394][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  638.680569][T14085]  get_compat_msghdr+0x108/0x2c0
[  638.685757][T14085]  do_recvmmsg+0x1063/0x2120
[  638.690394][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  638.695290][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  638.701864][T14085]  __do_fast_syscall_32+0x96/0xf0
[  638.706977][T14085]  do_fast_syscall_32+0x34/0x70
[  638.712044][T14085]  do_SYSENTER_32+0x1b/0x20
[  638.716634][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  638.723173][T14085] 
[  638.725507][T14085] Uninit was stored to memory at:
[  638.730609][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  638.735908][T14085]  get_compat_msghdr+0x108/0x2c0
[  638.740902][T14085]  do_recvmmsg+0x1063/0x2120
[  638.745708][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  638.750430][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  638.756997][T14085]  __do_fast_syscall_32+0x96/0xf0
[  638.762271][T14085]  do_fast_syscall_32+0x34/0x70
[  638.767171][T14085]  do_SYSENTER_32+0x1b/0x20
[  638.771879][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  638.778261][T14085] 
[  638.780592][T14085] Uninit was stored to memory at:
[  638.785865][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  638.791027][T14085]  get_compat_msghdr+0x108/0x2c0
[  638.796197][T14085]  do_recvmmsg+0x1063/0x2120
[  638.800831][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  638.805746][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  638.812290][T14085]  __do_fast_syscall_32+0x96/0xf0
[  638.817367][T14085]  do_fast_syscall_32+0x34/0x70
[  638.822415][T14085]  do_SYSENTER_32+0x1b/0x20
[  638.826962][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  638.833431][T14085] 
[  638.835766][T14085] Uninit was stored to memory at:
[  638.840879][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  638.846139][T14085]  get_compat_msghdr+0x108/0x2c0
[  638.851124][T14085]  do_recvmmsg+0x1063/0x2120
[  638.855857][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  638.860574][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  638.867064][T14085]  __do_fast_syscall_32+0x96/0xf0
[  638.872272][T14085]  do_fast_syscall_32+0x34/0x70
[  638.877164][T14085]  do_SYSENTER_32+0x1b/0x20
[  638.881818][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  638.888213][T14085] 
[  638.890548][T14085] Uninit was stored to memory at:
[  638.895744][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  638.900904][T14085]  get_compat_msghdr+0x108/0x2c0
[  638.905990][T14085]  do_recvmmsg+0x1063/0x2120
[  638.910622][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  638.915436][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  638.921914][T14085]  __do_fast_syscall_32+0x96/0xf0
[  638.926985][T14085]  do_fast_syscall_32+0x34/0x70
[  638.931970][T14085]  do_SYSENTER_32+0x1b/0x20
[  638.936514][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  638.942991][T14085] 
[  638.945324][T14085] Uninit was stored to memory at:
[  638.950414][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  638.955668][T14085]  get_compat_msghdr+0x108/0x2c0
[  638.960666][T14085]  do_recvmmsg+0x1063/0x2120
[  638.965390][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  638.970111][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  638.976600][T14085]  __do_fast_syscall_32+0x96/0xf0
[  638.981673][T14085]  do_fast_syscall_32+0x34/0x70
[  638.986658][T14085]  do_SYSENTER_32+0x1b/0x20
[  638.991207][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  638.997692][T14085] 
[  639.000027][T14085] Uninit was stored to memory at:
[  639.005215][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  639.010375][T14085]  get_compat_msghdr+0x108/0x2c0
[  639.015463][T14085]  do_recvmmsg+0x1063/0x2120
[  639.020443][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  639.025263][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  639.031814][T14085]  __do_fast_syscall_32+0x96/0xf0
[  639.036885][T14085]  do_fast_syscall_32+0x34/0x70
[  639.041876][T14085]  do_SYSENTER_32+0x1b/0x20
[  639.046421][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  639.052980][T14085] 
[  639.055314][T14085] Local variable msg_sys created at:
[  639.060604][T14085]  do_recvmmsg+0xc1/0x2120
[  639.065241][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  639.616695][T14085] not chained 370000 origins
[  639.621340][T14085] CPU: 1 PID: 14085 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0
[  639.630152][T14085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  639.640243][T14085] Call Trace:
[  639.643543][T14085]  <TASK>
[  639.646491][T14085]  dump_stack_lvl+0x1ff/0x28e
[  639.651222][T14085]  dump_stack+0x25/0x28
[  639.655423][T14085]  kmsan_internal_chain_origin+0x7a/0x110
[  639.661205][T14085]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  639.667340][T14085]  ? kmsan_get_metadata+0xa4/0x120
[  639.672509][T14085]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  639.678387][T14085]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  639.684000][T14085]  ? kmsan_get_metadata+0xa4/0x120
[  639.689183][T14085]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  639.695057][T14085]  ? should_fail+0x75/0x9c0
[  639.701014][T14085]  ? kmsan_get_metadata+0xa4/0x120
[  639.706199][T14085]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  639.712510][T14085]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  639.718644][T14085]  ? kmsan_get_metadata+0xa4/0x120
[  639.723848][T14085]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  639.729718][T14085]  __msan_chain_origin+0xbf/0x140
[  639.734798][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  639.739989][T14085]  get_compat_msghdr+0x108/0x2c0
[  639.745012][T14085]  ? __sys_recvmmsg+0x51c/0x6f0
[  639.749917][T14085]  do_recvmmsg+0x1063/0x2120
[  639.754566][T14085]  ? kmsan_get_metadata+0xa4/0x120
[  639.759747][T14085]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  639.766051][T14085]  ? kmsan_get_metadata+0xa4/0x120
[  639.771259][T14085]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  639.777566][T14085]  ? fput+0x82/0x320
[  639.781515][T14085]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  639.788086][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  639.792821][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  639.799225][T14085]  __do_fast_syscall_32+0x96/0xf0
[  639.804306][T14085]  do_fast_syscall_32+0x34/0x70
[  639.809208][T14085]  do_SYSENTER_32+0x1b/0x20
[  639.813757][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  639.820139][T14085] RIP: 0023:0xf6e8f549
[  639.824235][T14085] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  639.843893][T14085] RSP: 002b:00000000f5e685fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  639.852360][T14085] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  639.860375][T14085] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  639.868389][T14085] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  639.876398][T14085] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  639.884409][T14085] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  639.892435][T14085]  </TASK>
[  639.899793][T14085] Uninit was stored to memory at:
[  639.905473][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  639.910632][T14085]  get_compat_msghdr+0x108/0x2c0
[  639.915748][T14085]  do_recvmmsg+0x1063/0x2120
[  639.920378][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  639.925227][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  639.931617][T14085]  __do_fast_syscall_32+0x96/0xf0
[  639.936848][T14085]  do_fast_syscall_32+0x34/0x70
[  639.941870][T14085]  do_SYSENTER_32+0x1b/0x20
[  639.946420][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  639.952937][T14085] 
[  639.955279][T14085] Uninit was stored to memory at:
[  639.960373][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  639.965686][T14085]  get_compat_msghdr+0x108/0x2c0
[  639.970676][T14085]  do_recvmmsg+0x1063/0x2120
[  639.975429][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  639.980146][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  639.986743][T14085]  __do_fast_syscall_32+0x96/0xf0
[  639.991943][T14085]  do_fast_syscall_32+0x34/0x70
[  639.996842][T14085]  do_SYSENTER_32+0x1b/0x20
[  640.001394][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  640.007940][T14085] 
[  640.010274][T14085] Uninit was stored to memory at:
[  640.015477][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  640.020640][T14085]  get_compat_msghdr+0x108/0x2c0
[  640.025757][T14085]  do_recvmmsg+0x1063/0x2120
[  640.030387][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  640.035223][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  640.041605][T14085]  __do_fast_syscall_32+0x96/0xf0
[  640.046929][T14085]  do_fast_syscall_32+0x34/0x70
[  640.051944][T14085]  do_SYSENTER_32+0x1b/0x20
[  640.056585][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  640.063100][T14085] 
[  640.065434][T14085] Uninit was stored to memory at:
[  640.070522][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  640.075822][T14085]  get_compat_msghdr+0x108/0x2c0
[  640.080818][T14085]  do_recvmmsg+0x1063/0x2120
[  640.085597][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  640.090316][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  640.096838][T14085]  __do_fast_syscall_32+0x96/0xf0
[  640.102029][T14085]  do_fast_syscall_32+0x34/0x70
[  640.106928][T14085]  do_SYSENTER_32+0x1b/0x20
[  640.111484][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  640.118022][T14085] 
[  640.120367][T14085] Uninit was stored to memory at:
[  640.125554][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  640.130716][T14085]  get_compat_msghdr+0x108/0x2c0
[  640.135838][T14085]  do_recvmmsg+0x1063/0x2120
[  640.140468][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  640.145315][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  640.151829][T14085]  __do_fast_syscall_32+0x96/0xf0
[  640.156907][T14085]  do_fast_syscall_32+0x34/0x70
[  640.161926][T14085]  do_SYSENTER_32+0x1b/0x20
[  640.166478][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  640.173004][T14085] 
[  640.175339][T14085] Uninit was stored to memory at:
[  640.180434][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  640.185745][T14085]  get_compat_msghdr+0x108/0x2c0
[  640.190763][T14085]  do_recvmmsg+0x1063/0x2120
[  640.195526][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  640.200258][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  640.206769][T14085]  __do_fast_syscall_32+0x96/0xf0
[  640.211957][T14085]  do_fast_syscall_32+0x34/0x70
[  640.216853][T14085]  do_SYSENTER_32+0x1b/0x20
[  640.221398][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  640.227912][T14085] 
[  640.230244][T14085] Uninit was stored to memory at:
[  640.235447][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  640.240612][T14085]  get_compat_msghdr+0x108/0x2c0
[  640.245725][T14085]  do_recvmmsg+0x1063/0x2120
[  640.252397][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  640.257116][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  640.263732][T14085]  __do_fast_syscall_32+0x96/0xf0
[  640.268799][T14085]  do_fast_syscall_32+0x34/0x70
[  640.273845][T14085]  do_SYSENTER_32+0x1b/0x20
[  640.278397][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  640.284906][T14085] 
[  640.287253][T14085] Local variable msg_sys created at:
[  640.292682][T14085]  do_recvmmsg+0xc1/0x2120
[  640.297136][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  640.640715][T14085] not chained 380000 origins
[  640.645658][T14085] CPU: 1 PID: 14085 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0
[  640.654470][T14085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  640.664586][T14085] Call Trace:
[  640.667888][T14085]  <TASK>
[  640.670843][T14085]  dump_stack_lvl+0x1ff/0x28e
[  640.675596][T14085]  dump_stack+0x25/0x28
[  640.679799][T14085]  kmsan_internal_chain_origin+0x7a/0x110
[  640.685585][T14085]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  640.691720][T14085]  ? kmsan_get_metadata+0xa4/0x120
[  640.696901][T14085]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  640.702773][T14085]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  640.708384][T14085]  ? kmsan_get_metadata+0xa4/0x120
[  640.713555][T14085]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  640.721433][T14085]  ? should_fail+0x75/0x9c0
[  640.726000][T14085]  ? kmsan_get_metadata+0xa4/0x120
[  640.731187][T14085]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  640.737502][T14085]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  640.743637][T14085]  ? kmsan_get_metadata+0xa4/0x120
[  640.748809][T14085]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  640.754680][T14085]  __msan_chain_origin+0xbf/0x140
[  640.759781][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  640.764998][T14085]  get_compat_msghdr+0x108/0x2c0
[  640.770008][T14085]  ? __sys_recvmmsg+0x51c/0x6f0
[  640.774916][T14085]  do_recvmmsg+0x1063/0x2120
[  640.779573][T14085]  ? kmsan_get_metadata+0xa4/0x120
[  640.784758][T14085]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  640.791079][T14085]  ? kmsan_get_metadata+0xa4/0x120
[  640.796270][T14085]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  640.802615][T14085]  ? fput+0x82/0x320
[  640.806567][T14085]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  640.813136][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  640.817879][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  640.824457][T14085]  __do_fast_syscall_32+0x96/0xf0
[  640.829539][T14085]  do_fast_syscall_32+0x34/0x70
[  640.834448][T14085]  do_SYSENTER_32+0x1b/0x20
[  640.838997][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  640.845381][T14085] RIP: 0023:0xf6e8f549
[  640.849478][T14085] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  640.869134][T14085] RSP: 002b:00000000f5e685fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  640.877595][T14085] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  640.885607][T14085] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  640.893613][T14085] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  640.901618][T14085] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  640.909625][T14085] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  640.917649][T14085]  </TASK>
[  640.924350][T14085] Uninit was stored to memory at:
[  640.929473][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  640.935231][T14085]  get_compat_msghdr+0x108/0x2c0
[  640.940219][T14085]  do_recvmmsg+0x1063/0x2120
[  640.944960][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  640.949669][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  640.956253][T14085]  __do_fast_syscall_32+0x96/0xf0
[  640.961330][T14085]  do_fast_syscall_32+0x34/0x70
[  640.966428][T14085]  do_SYSENTER_32+0x1b/0x20
[  640.970978][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  640.977589][T14085] 
[  640.979931][T14085] Uninit was stored to memory at:
[  640.985240][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  640.990397][T14085]  get_compat_msghdr+0x108/0x2c0
[  640.995595][T14085]  do_recvmmsg+0x1063/0x2120
[  641.000225][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  641.005083][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  641.011473][T14085]  __do_fast_syscall_32+0x96/0xf0
[  641.016684][T14085]  do_fast_syscall_32+0x34/0x70
[  641.021583][T14085]  do_SYSENTER_32+0x1b/0x20
[  641.026270][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  641.032780][T14085] 
[  641.035118][T14085] Uninit was stored to memory at:
[  641.040207][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  641.045494][T14085]  get_compat_msghdr+0x108/0x2c0
[  641.050480][T14085]  do_recvmmsg+0x1063/0x2120
[  641.055231][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  641.059941][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  641.066458][T14085]  __do_fast_syscall_32+0x96/0xf0
[  641.071529][T14085]  do_fast_syscall_32+0x34/0x70
[  641.076638][T14085]  do_SYSENTER_32+0x1b/0x20
[  641.081186][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  641.087689][T14085] 
[  641.090022][T14085] Uninit was stored to memory at:
[  641.095238][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  641.100405][T14085]  get_compat_msghdr+0x108/0x2c0
[  641.105570][T14085]  do_recvmmsg+0x1063/0x2120
[  641.110198][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  641.115045][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  641.121906][T14085]  __do_fast_syscall_32+0x96/0xf0
[  641.126981][T14085]  do_fast_syscall_32+0x34/0x70
[  641.132008][T14085]  do_SYSENTER_32+0x1b/0x20
[  641.136561][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  641.143065][T14085] 
[  641.145407][T14085] Uninit was stored to memory at:
[  641.150498][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  641.155870][T14085]  get_compat_msghdr+0x108/0x2c0
[  641.160859][T14085]  do_recvmmsg+0x1063/0x2120
[  641.165618][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  641.170347][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  641.176982][T14085]  __do_fast_syscall_32+0x96/0xf0
[  641.182188][T14085]  do_fast_syscall_32+0x34/0x70
[  641.187085][T14085]  do_SYSENTER_32+0x1b/0x20
[  641.191639][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  641.198151][T14085] 
[  641.200487][T14085] Uninit was stored to memory at:
[  641.205733][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  641.210893][T14085]  get_compat_msghdr+0x108/0x2c0
[  641.216022][T14085]  do_recvmmsg+0x1063/0x2120
[  641.220653][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  641.225515][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  641.232130][T14085]  __do_fast_syscall_32+0x96/0xf0
[  641.237202][T14085]  do_fast_syscall_32+0x34/0x70
[  641.242246][T14085]  do_SYSENTER_32+0x1b/0x20
[  641.246796][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  641.253309][T14085] 
[  641.255642][T14085] Uninit was stored to memory at:
[  641.260755][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  641.266058][T14085]  get_compat_msghdr+0x108/0x2c0
[  641.271056][T14085]  do_recvmmsg+0x1063/0x2120
[  641.276085][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  641.280804][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  641.287320][T14085]  __do_fast_syscall_32+0x96/0xf0
[  641.292503][T14085]  do_fast_syscall_32+0x34/0x70
[  641.297404][T14085]  do_SYSENTER_32+0x1b/0x20
[  641.302084][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  641.308460][T14085] 
[  641.310791][T14085] Local variable msg_sys created at:
[  641.316222][T14085]  do_recvmmsg+0xc1/0x2120
[  641.320676][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  641.565171][T14085] not chained 390000 origins
[  641.569813][T14085] CPU: 0 PID: 14085 Comm: syz-executor.2 Not tainted 5.16.0-rc3-syzkaller #0
[  641.578623][T14085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  641.588715][T14085] Call Trace:
[  641.592017][T14085]  <TASK>
[  641.594966][T14085]  dump_stack_lvl+0x1ff/0x28e
[  641.599875][T14085]  dump_stack+0x25/0x28
[  641.604073][T14085]  kmsan_internal_chain_origin+0x7a/0x110
[  641.609853][T14085]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  641.615991][T14085]  ? kmsan_get_metadata+0xa4/0x120
[  641.621173][T14085]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  641.627054][T14085]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  641.632666][T14085]  ? kmsan_get_metadata+0xa4/0x120
[  641.637845][T14085]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  641.643721][T14085]  ? should_fail+0x75/0x9c0
[  641.648309][T14085]  ? kmsan_get_metadata+0xa4/0x120
[  641.653476][T14085]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  641.659786][T14085]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  641.665926][T14085]  ? kmsan_get_metadata+0xa4/0x120
[  641.671105][T14085]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  641.676988][T14085]  __msan_chain_origin+0xbf/0x140
[  641.682078][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  641.687265][T14085]  get_compat_msghdr+0x108/0x2c0
[  641.692293][T14085]  ? __sys_recvmmsg+0x51c/0x6f0
[  641.697189][T14085]  do_recvmmsg+0x1063/0x2120
[  641.701850][T14085]  ? kmsan_get_metadata+0xa4/0x120
[  641.707029][T14085]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  641.713335][T14085]  ? kmsan_get_metadata+0xa4/0x120
[  641.718506][T14085]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  641.724818][T14085]  ? fput+0x82/0x320
[  641.728770][T14085]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  641.735342][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  641.740098][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  641.746500][T14085]  __do_fast_syscall_32+0x96/0xf0
[  641.751593][T14085]  do_fast_syscall_32+0x34/0x70
[  641.756503][T14085]  do_SYSENTER_32+0x1b/0x20
[  641.761070][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  641.767475][T14085] RIP: 0023:0xf6e8f549
[  641.771603][T14085] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  641.791263][T14085] RSP: 002b:00000000f5e685fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  641.799728][T14085] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  641.807745][T14085] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  641.815771][T14085] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  641.823781][T14085] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  641.831816][T14085] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  641.839843][T14085]  </TASK>
[  641.846680][T14085] Uninit was stored to memory at:
[  641.852456][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  641.857624][T14085]  get_compat_msghdr+0x108/0x2c0
[  641.862797][T14085]  do_recvmmsg+0x1063/0x2120
[  641.867428][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  641.872393][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  641.878811][T14085]  __do_fast_syscall_32+0x96/0xf0
[  641.884084][T14085]  do_fast_syscall_32+0x34/0x70
[  641.888993][T14085]  do_SYSENTER_32+0x1b/0x20
[  641.893694][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  641.900076][T14085] 
[  641.902508][T14085] Uninit was stored to memory at:
[  641.907628][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  641.912878][T14085]  get_compat_msghdr+0x108/0x2c0
[  641.917868][T14085]  do_recvmmsg+0x1063/0x2120
[  641.922583][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  641.927293][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  641.933879][T14085]  __do_fast_syscall_32+0x96/0xf0
[  641.938989][T14085]  do_fast_syscall_32+0x34/0x70
[  641.944059][T14085]  do_SYSENTER_32+0x1b/0x20
[  641.948635][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  641.955189][T14085] 
[  641.957530][T14085] Uninit was stored to memory at:
[  641.962790][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  641.967954][T14085]  get_compat_msghdr+0x108/0x2c0
[  641.973148][T14085]  do_recvmmsg+0x1063/0x2120
[  641.977774][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  641.982645][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  641.989034][T14085]  __do_fast_syscall_32+0x96/0xf0
[  641.994265][T14085]  do_fast_syscall_32+0x34/0x70
[  641.999164][T14085]  do_SYSENTER_32+0x1b/0x20
[  642.003886][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  642.010269][T14085] 
[  642.012692][T14085] Uninit was stored to memory at:
[  642.017788][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  642.023035][T14085]  get_compat_msghdr+0x108/0x2c0
[  642.028016][T14085]  do_recvmmsg+0x1063/0x2120
[  642.032734][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  642.037448][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  642.043999][T14085]  __do_fast_syscall_32+0x96/0xf0
[  642.049155][T14085]  do_fast_syscall_32+0x34/0x70
[  642.054156][T14085]  do_SYSENTER_32+0x1b/0x20
[  642.058732][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  642.065217][T14085] 
[  642.067554][T14085] Uninit was stored to memory at:
[  642.072750][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  642.077910][T14085]  get_compat_msghdr+0x108/0x2c0
[  642.083016][T14085]  do_recvmmsg+0x1063/0x2120
[  642.087646][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  642.092463][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  642.098855][T14085]  __do_fast_syscall_32+0x96/0xf0
[  642.104013][T14085]  do_fast_syscall_32+0x34/0x70
[  642.108908][T14085]  do_SYSENTER_32+0x1b/0x20
[  642.113613][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  642.120003][T14085] 
[  642.122431][T14085] Uninit was stored to memory at:
[  642.127527][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  642.132804][T14085]  get_compat_msghdr+0x108/0x2c0
[  642.137790][T14085]  do_recvmmsg+0x1063/0x2120
[  642.142516][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  642.147238][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  642.153724][T14085]  __do_fast_syscall_32+0x96/0xf0
[  642.158799][T14085]  do_fast_syscall_32+0x34/0x70
[  642.163786][T14085]  do_SYSENTER_32+0x1b/0x20
[  642.168334][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  642.174810][T14085] 
[  642.177144][T14085] Uninit was stored to memory at:
[  642.182328][T14085]  __get_compat_msghdr+0x6e1/0x9d0
[  642.187486][T14085]  get_compat_msghdr+0x108/0x2c0
[  642.192557][T14085]  do_recvmmsg+0x1063/0x2120
[  642.197200][T14085]  __sys_recvmmsg+0x51c/0x6f0
[  642.202038][T14085]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  642.208437][T14085]  __do_fast_syscall_32+0x96/0xf0
[  642.213673][T14085]  do_fast_syscall_32+0x34/0x70
[  642.218586][T14085]  do_SYSENTER_32+0x1b/0x20
[  642.223241][T14085]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  642.229629][T14085] 
[  642.232062][T14085] Local variable msg_sys created at:
[  642.237358][T14085]  do_recvmmsg+0xc1/0x2120
[  642.241900][T14085]  __sys_recvmmsg+0x51c/0x6f0
02:11:05 executing program 2:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_mreqn(r0, 0x0, 0x20, &(0x7f0000000040)={@broadcast, @remote}, 0xc)

02:11:05 executing program 1:
r0 = socket(0xa, 0x3, 0x6)
getsockopt$bt_BT_SECURITY(r0, 0x29, 0x12, 0x0, 0x20000000)

02:11:05 executing program 0:
openat$ppp(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r2 = dup2(r0, r1)
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000000), 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r2}})

02:11:05 executing program 3:
bpf$PROG_LOAD(0x5, 0x0, 0x0)

02:11:05 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=@ipv4_newrule={0x38, 0x20, 0x705, 0x0, 0x0, {}, [@FRA_GENERIC_POLICY=@FRA_FWMASK={0x8, 0x10, 0x2}, @FRA_GENERIC_POLICY=@FRA_OIFNAME={0x5, 0x11, 'team_slave_1\x00'}]}, 0x38}}, 0x0)

02:11:05 executing program 4:
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb68faffb901020009050276"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x14, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="000304000000040301"], 0x0, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x0, 0x9f}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xe9, 0x0)

[  642.685508][T14141] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'.
02:11:05 executing program 3:
bpf$PROG_LOAD(0x5, 0x0, 0x0)

02:11:05 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
recvmmsg(r0, &(0x7f00000067c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x1, 0x0)

[  642.954148][ T8339] usb 5-1: new high-speed USB device number 93 using dummy_hcd
02:11:05 executing program 5:
r0 = socket(0x1e, 0x4, 0x0)
connect$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x10)
recvmmsg(0xffffffffffffffff, &(0x7f0000004880)=[{{0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000140)=""/9, 0x9}], 0x1}}], 0x1, 0x0, 0x0)
sendmmsg(r0, &(0x7f0000000080), 0x1a1, 0x0)

02:11:05 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)

[  643.202290][ T8339] usb 5-1: Using ep0 maxpacket: 16
02:11:05 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x0, 0x16, &(0x7f0000000440)=ANY=[@ANYBLOB="61124c000000000061134c0000000000bf2000000000000007030000151b00093d030100000000009500000000000000bc26000000000000bf67000000000000070600000fff07006706000003000000160600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cbf843dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe703057593d5cbcd6a12176efc246beef484bd66a2ee0cced3c0a037b8bdcd855cb40be258e1f778bc66d5242a57fa866fdce74af0f7c7ccc831046d281b11a6c775d9289bc996260ea61e61b578db4c93768e92c4ba2100f476c0cdfb205248ed39248013fc4c1bc6458e8bfc17f82d47d95453556a41989ef64f34ae"], &(0x7f0000000100)='GPL\x00'}, 0x48)

02:11:05 executing program 1:
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000380)='./bus\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000000)=@v2={0x2, @aes256, 0x0, '\x00', @a})
mkdir(&(0x7f0000000240)='./file1\x00', 0x0)
lsetxattr$security_capability(&(0x7f0000000040)='./file0\x00', &(0x7f0000000300), &(0x7f0000000340)=@v3, 0x18, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='upperdir=./bus,workdir=./file1,lowerdir=.'])
chdir(&(0x7f0000000440)='./bus/file0\x00')
creat(&(0x7f00000003c0)='./file0\x00', 0x0)

[  643.323954][ T8339] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  643.334700][ T8339] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11
[  643.349438][ T8339] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  643.359927][ T8339] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  643.369894][ T8339] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
02:11:06 executing program 0:
openat$ppp(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r2 = dup2(r0, r1)
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000000), 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r2}})

02:11:06 executing program 2:
r0 = epoll_create1(0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000000)={0x9000001d})
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000080)={0x4a})

02:11:06 executing program 5:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000000)=0x9, 0x4)

02:11:06 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x0, 0x16, &(0x7f0000000440)=ANY=[@ANYBLOB="61124c000000000061134c0000000000bf2000000000000007030000151b00093d030100000000009500000000000000bc26000000000000bf67000000000000070600000fff07006706000003000000160600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cbf843dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe703057593d5cbcd6a12176efc246beef484bd66a2ee0cced3c0a037b8bdcd855cb40be258e1f778bc66d5242a57fa866fdce74af0f7c7ccc831046d281b11a6c775d9289bc996260ea61e61b578db4c93768e92c4ba2100f476c0cdfb205248ed39248013fc4c1bc6458e8bfc17f82d47d95453556a41989ef64f34ae"], &(0x7f0000000100)='GPL\x00'}, 0x48)

[  643.758574][ T8339] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  643.768018][ T8339] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  643.776408][ T8339] usb 5-1: Manufacturer: syz
[  643.879848][ T8339] usb 5-1: config 0 descriptor??
[  644.039374][T14168] overlayfs: filesystem on './bus' not supported as upperdir
02:11:06 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000240)={'bridge0\x00', <r4=>0x0})
bind$packet(r2, &(0x7f0000000040)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @dev}, 0x14)
sendto$inet6(r2, &(0x7f0000000280)="4103092c8b03480401020200c52cf7c25975e005b02f0800eb2b2ff0dac8897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305f80a88161b6fd8f24286a57c3feffff", 0xfc13, 0x800, 0x0, 0x2f)
ppoll(&(0x7f0000000080)=[{r1}], 0x1, &(0x7f0000000100), 0x0, 0x0)

[  644.363062][ T8339] rc_core: IR keymap rc-hauppauge not found
[  644.373873][ T8339] Registered IR keymap rc-empty
[  644.379089][ T8339] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  644.464261][ T8339] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  644.563916][ T8339] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  644.584053][ T8339] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input66
[  644.796751][ T8339] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  644.835607][ T8339] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:11:07 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @link_local, @void, {@ipv4={0x800, @tipc={{0x7, 0x4, 0x0, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @dev={0xac, 0x14, 0x14, 0x36}, {[@cipso={0x86, 0x6}]}}, @payload_direct={{{{0x20, 0x0, 0x0, 0x0, 0x0, 0x8}}}}}}}}, 0x0)

02:11:07 executing program 1:
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000380)='./bus\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000000)=@v2={0x2, @aes256, 0x0, '\x00', @a})
mkdir(&(0x7f0000000240)='./file1\x00', 0x0)
lsetxattr$security_capability(&(0x7f0000000040)='./file0\x00', &(0x7f0000000300), &(0x7f0000000340)=@v3, 0x18, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='upperdir=./bus,workdir=./file1,lowerdir=.'])
chdir(&(0x7f0000000440)='./bus/file0\x00')
creat(&(0x7f00000003c0)='./file0\x00', 0x0)

02:11:07 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x0, 0x16, &(0x7f0000000440)=ANY=[@ANYBLOB="61124c000000000061134c0000000000bf2000000000000007030000151b00093d030100000000009500000000000000bc26000000000000bf67000000000000070600000fff07006706000003000000160600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cbf843dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe703057593d5cbcd6a12176efc246beef484bd66a2ee0cced3c0a037b8bdcd855cb40be258e1f778bc66d5242a57fa866fdce74af0f7c7ccc831046d281b11a6c775d9289bc996260ea61e61b578db4c93768e92c4ba2100f476c0cdfb205248ed39248013fc4c1bc6458e8bfc17f82d47d95453556a41989ef64f34ae"], &(0x7f0000000100)='GPL\x00'}, 0x48)

02:11:07 executing program 0:
openat$ppp(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r2 = dup2(r0, r1)
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000000), 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r2}})

02:11:07 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000240)={'bridge0\x00', <r4=>0x0})
bind$packet(r2, &(0x7f0000000040)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @dev}, 0x14)
sendto$inet6(r2, &(0x7f0000000280)="4103092c8b03480401020200c52cf7c25975e005b02f0800eb2b2ff0dac8897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305f80a88161b6fd8f24286a57c3feffff", 0xfc13, 0x800, 0x0, 0x2f)
ppoll(&(0x7f0000000080)=[{r1}], 0x1, &(0x7f0000000100), 0x0, 0x0)

[  644.917826][ T8339] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  644.971620][ T8339] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  645.056957][ T8339] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  645.142802][ T8339] mceusb 5-1:0.0: Error: mce write submit urb error = -90
02:11:07 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74)

[  645.198502][ T8339] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  645.272684][ T8339] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  645.331129][ T8339] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  645.399520][ T8339] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  645.501177][ T8339] mceusb 5-1:0.0: Registered 
 with mce emulator interface version 1
[  645.510038][ T8339] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
02:11:08 executing program 1:
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000380)='./bus\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000000)=@v2={0x2, @aes256, 0x0, '\x00', @a})
mkdir(&(0x7f0000000240)='./file1\x00', 0x0)
lsetxattr$security_capability(&(0x7f0000000040)='./file0\x00', &(0x7f0000000300), &(0x7f0000000340)=@v3, 0x18, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='upperdir=./bus,workdir=./file1,lowerdir=.'])
chdir(&(0x7f0000000440)='./bus/file0\x00')
creat(&(0x7f00000003c0)='./file0\x00', 0x0)

02:11:08 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000240)={'bridge0\x00', <r4=>0x0})
bind$packet(r2, &(0x7f0000000040)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @dev}, 0x14)
sendto$inet6(r2, &(0x7f0000000280)="4103092c8b03480401020200c52cf7c25975e005b02f0800eb2b2ff0dac8897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305f80a88161b6fd8f24286a57c3feffff", 0xfc13, 0x800, 0x0, 0x2f)
ppoll(&(0x7f0000000080)=[{r1}], 0x1, &(0x7f0000000100), 0x0, 0x0)

[  645.759376][ T8339] usb 5-1: USB disconnect, device number 93
02:11:08 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74)

02:11:08 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000240)={'bridge0\x00', <r4=>0x0})
bind$packet(r2, &(0x7f0000000040)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @dev}, 0x14)
sendto$inet6(r2, &(0x7f0000000280)="4103092c8b03480401020200c52cf7c25975e005b02f0800eb2b2ff0dac8897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305f80a88161b6fd8f24286a57c3feffff", 0xfc13, 0x800, 0x0, 0x2f)
ppoll(&(0x7f0000000080)=[{r1}], 0x1, &(0x7f0000000100), 0x0, 0x0)

02:11:08 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000240)={'bridge0\x00', <r4=>0x0})
bind$packet(r2, &(0x7f0000000040)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @dev}, 0x14)
sendto$inet6(r2, &(0x7f0000000280)="4103092c8b03480401020200c52cf7c25975e005b02f0800eb2b2ff0dac8897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305f80a88161b6fd8f24286a57c3feffff", 0xfc13, 0x800, 0x0, 0x2f)
ppoll(&(0x7f0000000080)=[{r1}], 0x1, &(0x7f0000000100), 0x0, 0x0)

[  646.391382][T14194] not chained 400000 origins
[  646.396668][T14194] CPU: 0 PID: 14194 Comm: syz-executor.5 Not tainted 5.16.0-rc3-syzkaller #0
[  646.405490][T14194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  646.415583][T14194] Call Trace:
[  646.418884][T14194]  <TASK>
[  646.421831][T14194]  dump_stack_lvl+0x1ff/0x28e
[  646.426563][T14194]  dump_stack+0x25/0x28
[  646.430794][T14194]  kmsan_internal_chain_origin+0x7a/0x110
[  646.436665][T14194]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  646.442796][T14194]  ? kmsan_get_metadata+0xa4/0x120
[  646.447964][T14194]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  646.453843][T14194]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  646.459450][T14194]  ? kmsan_get_metadata+0xa4/0x120
[  646.464617][T14194]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  646.470490][T14194]  ? should_fail+0x75/0x9c0
[  646.475048][T14194]  ? kmsan_get_metadata+0xa4/0x120
[  646.480235][T14194]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  646.486633][T14194]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  646.492763][T14194]  ? kmsan_get_metadata+0xa4/0x120
[  646.497932][T14194]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  646.503803][T14194]  __msan_chain_origin+0xbf/0x140
[  646.508877][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  646.514076][T14194]  get_compat_msghdr+0x108/0x2c0
[  646.519059][T14194]  ? __sys_recvmmsg+0x51c/0x6f0
[  646.523953][T14194]  do_recvmmsg+0x1063/0x2120
[  646.528597][T14194]  ? kmsan_get_metadata+0xa4/0x120
[  646.533768][T14194]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  646.540060][T14194]  ? kmsan_get_metadata+0xa4/0x120
[  646.545230][T14194]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  646.551608][T14194]  ? fput+0x82/0x320
[  646.555558][T14194]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  646.562130][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  646.566853][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  646.573243][T14194]  __do_fast_syscall_32+0x96/0xf0
[  646.578326][T14194]  do_fast_syscall_32+0x34/0x70
[  646.583218][T14194]  do_SYSENTER_32+0x1b/0x20
[  646.587764][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  646.594136][T14194] RIP: 0023:0xf6ec3549
[  646.598312][T14194] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  646.617957][T14194] RSP: 002b:00000000f5e9c5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  646.626404][T14194] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  646.634400][T14194] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  646.642391][T14194] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  646.650383][T14194] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  646.658375][T14194] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  646.666385][T14194]  </TASK>
[  646.672822][T14194] Uninit was stored to memory at:
[  646.677923][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  646.683553][T14194]  get_compat_msghdr+0x108/0x2c0
[  646.688546][T14194]  do_recvmmsg+0x1063/0x2120
[  646.693292][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  646.698014][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  646.704499][T14194]  __do_fast_syscall_32+0x96/0xf0
[  646.709576][T14194]  do_fast_syscall_32+0x34/0x70
[  646.714573][T14194]  do_SYSENTER_32+0x1b/0x20
[  646.719475][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  646.725966][T14194] 
[  646.728299][T14194] Uninit was stored to memory at:
[  646.733487][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  646.738646][T14194]  get_compat_msghdr+0x108/0x2c0
[  646.743765][T14194]  do_recvmmsg+0x1063/0x2120
[  646.748404][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  646.753220][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  646.759609][T14194]  __do_fast_syscall_32+0x96/0xf0
[  646.764871][T14194]  do_fast_syscall_32+0x34/0x70
[  646.769771][T14194]  do_SYSENTER_32+0x1b/0x20
[  646.774504][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  646.780884][T14194] 
[  646.783370][T14194] Uninit was stored to memory at:
[  646.788465][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  646.793780][T14194]  get_compat_msghdr+0x108/0x2c0
[  646.798784][T14194]  do_recvmmsg+0x1063/0x2120
[  646.803591][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  646.808308][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  646.814847][T14194]  __do_fast_syscall_32+0x96/0xf0
[  646.819928][T14194]  do_fast_syscall_32+0x34/0x70
[  646.824973][T14194]  do_SYSENTER_32+0x1b/0x20
[  646.829530][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  646.836066][T14194] 
[  646.838403][T14194] Uninit was stored to memory at:
[  646.843640][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  646.848802][T14194]  get_compat_msghdr+0x108/0x2c0
[  646.853960][T14194]  do_recvmmsg+0x1063/0x2120
[  646.858593][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  646.863463][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  646.869940][T14194]  __do_fast_syscall_32+0x96/0xf0
[  646.875186][T14194]  do_fast_syscall_32+0x34/0x70
[  646.880092][T14194]  do_SYSENTER_32+0x1b/0x20
[  646.884806][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  646.891191][T14194] 
[  646.893680][T14194] Uninit was stored to memory at:
[  646.898778][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  646.904100][T14194]  get_compat_msghdr+0x108/0x2c0
[  646.909092][T14194]  do_recvmmsg+0x1063/0x2120
[  646.913888][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  646.918607][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  646.925162][T14194]  __do_fast_syscall_32+0x96/0xf0
[  646.930238][T14194]  do_fast_syscall_32+0x34/0x70
[  646.935291][T14194]  do_SYSENTER_32+0x1b/0x20
[  646.939837][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  646.946372][T14194] 
[  646.948703][T14194] Uninit was stored to memory at:
[  646.953962][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  646.959128][T14194]  get_compat_msghdr+0x108/0x2c0
[  646.964289][T14194]  do_recvmmsg+0x1063/0x2120
[  646.968923][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  646.973803][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  646.980191][T14194]  __do_fast_syscall_32+0x96/0xf0
[  646.985404][T14194]  do_fast_syscall_32+0x34/0x70
[  646.990304][T14194]  do_SYSENTER_32+0x1b/0x20
[  646.995050][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  647.001438][T14194] 
[  647.003918][T14194] Uninit was stored to memory at:
[  647.009014][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  647.014322][T14194]  get_compat_msghdr+0x108/0x2c0
[  647.019313][T14194]  do_recvmmsg+0x1063/0x2120
[  647.024108][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  647.028828][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  647.035367][T14194]  __do_fast_syscall_32+0x96/0xf0
02:11:09 executing program 1:
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000380)='./bus\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000000)=@v2={0x2, @aes256, 0x0, '\x00', @a})
mkdir(&(0x7f0000000240)='./file1\x00', 0x0)
lsetxattr$security_capability(&(0x7f0000000040)='./file0\x00', &(0x7f0000000300), &(0x7f0000000340)=@v3, 0x18, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='upperdir=./bus,workdir=./file1,lowerdir=.'])
chdir(&(0x7f0000000440)='./bus/file0\x00')
creat(&(0x7f00000003c0)='./file0\x00', 0x0)

[  647.040441][T14194]  do_fast_syscall_32+0x34/0x70
[  647.045478][T14194]  do_SYSENTER_32+0x1b/0x20
[  647.050028][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  647.056569][T14194] 
[  647.058905][T14194] Local variable msg_sys created at:
[  647.064351][T14194]  do_recvmmsg+0xc1/0x2120
[  647.068802][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  648.372016][T14194] not chained 410000 origins
[  648.376665][T14194] CPU: 1 PID: 14194 Comm: syz-executor.5 Not tainted 5.16.0-rc3-syzkaller #0
[  648.385476][T14194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  648.395571][T14194] Call Trace:
[  648.398880][T14194]  <TASK>
[  648.401839][T14194]  dump_stack_lvl+0x1ff/0x28e
[  648.406575][T14194]  dump_stack+0x25/0x28
[  648.410781][T14194]  kmsan_internal_chain_origin+0x7a/0x110
[  648.416572][T14194]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  648.422699][T14194]  ? kmsan_get_metadata+0xa4/0x120
[  648.427857][T14194]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  648.433719][T14194]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  648.439315][T14194]  ? kmsan_get_metadata+0xa4/0x120
[  648.444473][T14194]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  648.450346][T14194]  ? should_fail+0x75/0x9c0
[  648.454896][T14194]  ? kmsan_get_metadata+0xa4/0x120
[  648.460052][T14194]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  648.466365][T14194]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  648.472492][T14194]  ? kmsan_get_metadata+0xa4/0x120
[  648.477763][T14194]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  648.483650][T14194]  __msan_chain_origin+0xbf/0x140
[  648.488733][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  648.493909][T14194]  get_compat_msghdr+0x108/0x2c0
[  648.498894][T14194]  ? __sys_recvmmsg+0x51c/0x6f0
[  648.503781][T14194]  do_recvmmsg+0x1063/0x2120
[  648.508420][T14194]  ? kmsan_get_metadata+0xa4/0x120
[  648.513591][T14194]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  648.519906][T14194]  ? kmsan_get_metadata+0xa4/0x120
[  648.525065][T14194]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  648.531361][T14194]  ? fput+0x82/0x320
[  648.535299][T14194]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  648.541855][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  648.546586][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  648.552970][T14194]  __do_fast_syscall_32+0x96/0xf0
[  648.558038][T14194]  do_fast_syscall_32+0x34/0x70
[  648.562927][T14194]  do_SYSENTER_32+0x1b/0x20
[  648.567464][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  648.573839][T14194] RIP: 0023:0xf6ec3549
[  648.577926][T14194] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  648.597574][T14194] RSP: 002b:00000000f5e9c5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  648.606022][T14194] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  648.614017][T14194] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  648.622007][T14194] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  648.629997][T14194] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  648.638337][T14194] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  648.646350][T14194]  </TASK>
[  648.653150][T14194] Uninit was stored to memory at:
[  648.658263][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  648.664015][T14194]  get_compat_msghdr+0x108/0x2c0
[  648.669037][T14194]  do_recvmmsg+0x1063/0x2120
[  648.673797][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  648.678512][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  648.685105][T14194]  __do_fast_syscall_32+0x96/0xf0
[  648.690184][T14194]  do_fast_syscall_32+0x34/0x70
[  648.695264][T14194]  do_SYSENTER_32+0x1b/0x20
[  648.699812][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  648.706382][T14194] 
[  648.708720][T14194] Uninit was stored to memory at:
[  648.713994][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  648.719156][T14194]  get_compat_msghdr+0x108/0x2c0
[  648.724322][T14194]  do_recvmmsg+0x1063/0x2120
[  648.728952][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  648.733844][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  648.740317][T14194]  __do_fast_syscall_32+0x96/0xf0
[  648.745591][T14194]  do_fast_syscall_32+0x34/0x70
[  648.750492][T14194]  do_SYSENTER_32+0x1b/0x20
[  648.755262][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  648.761646][T14194] 
[  648.764177][T14194] Uninit was stored to memory at:
[  648.769270][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  648.774613][T14194]  get_compat_msghdr+0x108/0x2c0
[  648.779686][T14194]  do_recvmmsg+0x1063/0x2120
[  648.784432][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  648.789143][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  648.795726][T14194]  __do_fast_syscall_32+0x96/0xf0
[  648.800798][T14194]  do_fast_syscall_32+0x34/0x70
[  648.805884][T14194]  do_SYSENTER_32+0x1b/0x20
[  648.810436][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  648.817009][T14194] 
[  648.819341][T14194] Uninit was stored to memory at:
[  648.824647][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  648.829815][T14194]  get_compat_msghdr+0x108/0x2c0
[  648.835087][T14194]  do_recvmmsg+0x1063/0x2120
[  648.839723][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  648.844635][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  648.851024][T14194]  __do_fast_syscall_32+0x96/0xf0
[  648.856295][T14194]  do_fast_syscall_32+0x34/0x70
[  648.861193][T14194]  do_SYSENTER_32+0x1b/0x20
[  648.865938][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  648.872493][T14194] 
[  648.874829][T14194] Uninit was stored to memory at:
[  648.879923][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  648.885277][T14194]  get_compat_msghdr+0x108/0x2c0
[  648.890266][T14194]  do_recvmmsg+0x1063/0x2120
[  648.895093][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  648.899834][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  648.906400][T14194]  __do_fast_syscall_32+0x96/0xf0
[  648.911559][T14194]  do_fast_syscall_32+0x34/0x70
[  648.916663][T14194]  do_SYSENTER_32+0x1b/0x20
[  648.921207][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  648.927765][T14194] 
[  648.930095][T14194] Uninit was stored to memory at:
[  648.935346][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  648.940504][T14194]  get_compat_msghdr+0x108/0x2c0
[  648.945731][T14194]  do_recvmmsg+0x1063/0x2120
[  648.950365][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  648.955329][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  648.961963][T14194]  __do_fast_syscall_32+0x96/0xf0
[  648.967048][T14194]  do_fast_syscall_32+0x34/0x70
[  648.972225][T14194]  do_SYSENTER_32+0x1b/0x20
[  648.976774][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  648.983412][T14194] 
[  648.985752][T14194] Uninit was stored to memory at:
[  648.990867][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  648.996279][T14194]  get_compat_msghdr+0x108/0x2c0
[  649.001259][T14194]  do_recvmmsg+0x1063/0x2120
[  649.006080][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  649.010797][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  649.017445][T14194]  __do_fast_syscall_32+0x96/0xf0
[  649.022760][T14194]  do_fast_syscall_32+0x34/0x70
[  649.027679][T14194]  do_SYSENTER_32+0x1b/0x20
[  649.032418][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  649.038814][T14194] 
[  649.041173][T14194] Local variable msg_sys created at:
[  649.046717][T14194]  do_recvmmsg+0xc1/0x2120
[  649.051167][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  649.475402][T14194] not chained 420000 origins
[  649.480050][T14194] CPU: 0 PID: 14194 Comm: syz-executor.5 Not tainted 5.16.0-rc3-syzkaller #0
[  649.488950][T14194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  649.499042][T14194] Call Trace:
[  649.502343][T14194]  <TASK>
[  649.505288][T14194]  dump_stack_lvl+0x1ff/0x28e
[  649.510026][T14194]  dump_stack+0x25/0x28
[  649.514220][T14194]  kmsan_internal_chain_origin+0x7a/0x110
[  649.519999][T14194]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  649.526133][T14194]  ? kmsan_get_metadata+0xa4/0x120
[  649.531296][T14194]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  649.537161][T14194]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  649.542778][T14194]  ? kmsan_get_metadata+0xa4/0x120
[  649.547942][T14194]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  649.553812][T14194]  ? should_fail+0x75/0x9c0
[  649.558367][T14194]  ? kmsan_get_metadata+0xa4/0x120
[  649.563619][T14194]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  649.569920][T14194]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  649.576049][T14194]  ? kmsan_get_metadata+0xa4/0x120
[  649.581215][T14194]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  649.587083][T14194]  __msan_chain_origin+0xbf/0x140
[  649.592162][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  649.597372][T14194]  get_compat_msghdr+0x108/0x2c0
[  649.602362][T14194]  ? __sys_recvmmsg+0x51c/0x6f0
[  649.607253][T14194]  do_recvmmsg+0x1063/0x2120
[  649.611901][T14194]  ? kmsan_get_metadata+0xa4/0x120
[  649.617092][T14194]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  649.623397][T14194]  ? kmsan_get_metadata+0xa4/0x120
[  649.628572][T14194]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  649.634878][T14194]  ? fput+0x82/0x320
[  649.638833][T14194]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  649.645395][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  649.650132][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  649.656533][T14194]  __do_fast_syscall_32+0x96/0xf0
[  649.661611][T14194]  do_fast_syscall_32+0x34/0x70
[  649.666514][T14194]  do_SYSENTER_32+0x1b/0x20
[  649.671100][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  649.677478][T14194] RIP: 0023:0xf6ec3549
[  649.681570][T14194] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  649.701229][T14194] RSP: 002b:00000000f5e9c5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  649.709702][T14194] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  649.717730][T14194] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  649.725741][T14194] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  649.733744][T14194] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  649.741751][T14194] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  649.749767][T14194]  </TASK>
[  649.755790][T14194] Uninit was stored to memory at:
[  649.760906][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  649.766640][T14194]  get_compat_msghdr+0x108/0x2c0
[  649.771639][T14194]  do_recvmmsg+0x1063/0x2120
[  649.776368][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  649.781087][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  649.787625][T14194]  __do_fast_syscall_32+0x96/0xf0
[  649.792785][T14194]  do_fast_syscall_32+0x34/0x70
[  649.797680][T14194]  do_SYSENTER_32+0x1b/0x20
[  649.802315][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  649.808695][T14194] 
[  649.811031][T14194] Uninit was stored to memory at:
[  649.816293][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  649.821483][T14194]  get_compat_msghdr+0x108/0x2c0
[  649.826638][T14194]  do_recvmmsg+0x1063/0x2120
[  649.831285][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  649.836209][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  649.842771][T14194]  __do_fast_syscall_32+0x96/0xf0
[  649.847847][T14194]  do_fast_syscall_32+0x34/0x70
[  649.852899][T14194]  do_SYSENTER_32+0x1b/0x20
[  649.857445][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  649.864000][T14194] 
[  649.866341][T14194] Uninit was stored to memory at:
[  649.871520][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  649.876855][T14194]  get_compat_msghdr+0x108/0x2c0
[  649.882002][T14194]  do_recvmmsg+0x1063/0x2120
[  649.886638][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  649.891350][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  649.897877][T14194]  __do_fast_syscall_32+0x96/0xf0
[  649.903100][T14194]  do_fast_syscall_32+0x34/0x70
[  649.907998][T14194]  do_SYSENTER_32+0x1b/0x20
[  649.912758][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  649.919137][T14194] 
[  649.921472][T14194] Uninit was stored to memory at:
[  649.926741][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  649.932053][T14194]  get_compat_msghdr+0x108/0x2c0
[  649.937042][T14194]  do_recvmmsg+0x1063/0x2120
[  649.941671][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  649.946539][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  649.953093][T14194]  __do_fast_syscall_32+0x96/0xf0
[  649.958169][T14194]  do_fast_syscall_32+0x34/0x70
[  649.963271][T14194]  do_SYSENTER_32+0x1b/0x20
[  649.967824][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  649.974370][T14194] 
[  649.976712][T14194] Uninit was stored to memory at:
[  649.981946][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  649.987143][T14194]  get_compat_msghdr+0x108/0x2c0
[  649.992283][T14194]  do_recvmmsg+0x1063/0x2120
[  649.996912][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  650.001627][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  650.008181][T14194]  __do_fast_syscall_32+0x96/0xf0
[  650.013399][T14194]  do_fast_syscall_32+0x34/0x70
[  650.018295][T14194]  do_SYSENTER_32+0x1b/0x20
[  650.022996][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  650.029384][T14194] 
[  650.031862][T14194] Uninit was stored to memory at:
[  650.036958][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  650.042458][T14194]  get_compat_msghdr+0x108/0x2c0
[  650.047586][T14194]  do_recvmmsg+0x1063/0x2120
[  650.052359][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  650.057076][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  650.063626][T14194]  __do_fast_syscall_32+0x96/0xf0
[  650.068700][T14194]  do_fast_syscall_32+0x34/0x70
[  650.073749][T14194]  do_SYSENTER_32+0x1b/0x20
[  650.078300][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  650.084850][T14194] 
[  650.087185][T14194] Uninit was stored to memory at:
[  650.092424][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  650.097593][T14194]  get_compat_msghdr+0x108/0x2c0
[  650.102720][T14194]  do_recvmmsg+0x1063/0x2120
[  650.107347][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  650.112230][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  650.118616][T14194]  __do_fast_syscall_32+0x96/0xf0
[  650.123840][T14194]  do_fast_syscall_32+0x34/0x70
[  650.128735][T14194]  do_SYSENTER_32+0x1b/0x20
[  650.133437][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  650.139821][T14194] 
[  650.142319][T14194] Local variable msg_sys created at:
[  650.147613][T14194]  do_recvmmsg+0xc1/0x2120
[  650.152219][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  650.431059][T14194] not chained 430000 origins
[  650.435983][T14194] CPU: 0 PID: 14194 Comm: syz-executor.5 Not tainted 5.16.0-rc3-syzkaller #0
[  650.444800][T14194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  650.454892][T14194] Call Trace:
[  650.458277][T14194]  <TASK>
[  650.461224][T14194]  dump_stack_lvl+0x1ff/0x28e
[  650.465956][T14194]  dump_stack+0x25/0x28
[  650.470157][T14194]  kmsan_internal_chain_origin+0x7a/0x110
[  650.475937][T14194]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  650.482067][T14194]  ? kmsan_get_metadata+0xa4/0x120
[  650.487242][T14194]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  650.493113][T14194]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  650.498722][T14194]  ? kmsan_get_metadata+0xa4/0x120
[  650.503917][T14194]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  650.509789][T14194]  ? should_fail+0x75/0x9c0
[  650.514349][T14194]  ? kmsan_get_metadata+0xa4/0x120
[  650.519521][T14194]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  650.525832][T14194]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  650.531961][T14194]  ? kmsan_get_metadata+0xa4/0x120
[  650.537136][T14194]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  650.543024][T14194]  __msan_chain_origin+0xbf/0x140
[  650.548108][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  650.553291][T14194]  get_compat_msghdr+0x108/0x2c0
[  650.558290][T14194]  ? __sys_recvmmsg+0x51c/0x6f0
[  650.563186][T14194]  do_recvmmsg+0x1063/0x2120
[  650.567831][T14194]  ? kmsan_get_metadata+0xa4/0x120
[  650.573009][T14194]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  650.579313][T14194]  ? kmsan_get_metadata+0xa4/0x120
[  650.584487][T14194]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  650.590795][T14194]  ? fput+0x82/0x320
[  650.594739][T14194]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  650.602169][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  650.606901][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  650.613308][T14194]  __do_fast_syscall_32+0x96/0xf0
[  650.618385][T14194]  do_fast_syscall_32+0x34/0x70
[  650.623290][T14194]  do_SYSENTER_32+0x1b/0x20
[  650.627836][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  650.634215][T14194] RIP: 0023:0xf6ec3549
[  650.638310][T14194] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  650.657967][T14194] RSP: 002b:00000000f5e9c5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  650.666455][T14194] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  650.674474][T14194] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  650.682488][T14194] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  650.690499][T14194] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  650.698508][T14194] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  650.706528][T14194]  </TASK>
[  650.712631][T14194] Uninit was stored to memory at:
[  650.720575][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  650.726160][T14194]  get_compat_msghdr+0x108/0x2c0
[  650.731152][T14194]  do_recvmmsg+0x1063/0x2120
[  650.735874][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  650.740595][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  650.747161][T14194]  __do_fast_syscall_32+0x96/0xf0
[  650.752380][T14194]  do_fast_syscall_32+0x34/0x70
[  650.757313][T14194]  do_SYSENTER_32+0x1b/0x20
[  650.762000][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  650.768380][T14194] 
[  650.770728][T14194] Uninit was stored to memory at:
[  650.775993][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  650.781155][T14194]  get_compat_msghdr+0x108/0x2c0
[  650.786310][T14194]  do_recvmmsg+0x1063/0x2120
[  650.790943][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  650.795821][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  650.802371][T14194]  __do_fast_syscall_32+0x96/0xf0
[  650.807442][T14194]  do_fast_syscall_32+0x34/0x70
[  650.812509][T14194]  do_SYSENTER_32+0x1b/0x20
[  650.817077][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  650.823623][T14194] 
[  650.825957][T14194] Uninit was stored to memory at:
[  650.831044][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  650.836361][T14194]  get_compat_msghdr+0x108/0x2c0
[  650.841349][T14194]  do_recvmmsg+0x1063/0x2120
[  650.846141][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  650.850857][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  650.857399][T14194]  __do_fast_syscall_32+0x96/0xf0
[  650.862639][T14194]  do_fast_syscall_32+0x34/0x70
[  650.867531][T14194]  do_SYSENTER_32+0x1b/0x20
[  650.872305][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  650.878677][T14194] 
[  650.881024][T14194] Uninit was stored to memory at:
[  650.886281][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  650.891438][T14194]  get_compat_msghdr+0x108/0x2c0
[  650.896589][T14194]  do_recvmmsg+0x1063/0x2120
[  650.901215][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  650.906099][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  650.912640][T14194]  __do_fast_syscall_32+0x96/0xf0
[  650.917717][T14194]  do_fast_syscall_32+0x34/0x70
[  650.922757][T14194]  do_SYSENTER_32+0x1b/0x20
[  650.927302][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  650.933839][T14194] 
[  650.936171][T14194] Uninit was stored to memory at:
[  650.941267][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  650.946599][T14194]  get_compat_msghdr+0x108/0x2c0
[  650.951590][T14194]  do_recvmmsg+0x1063/0x2120
[  650.956384][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  650.961098][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  650.967662][T14194]  __do_fast_syscall_32+0x96/0xf0
[  650.972891][T14194]  do_fast_syscall_32+0x34/0x70
[  650.977791][T14194]  do_SYSENTER_32+0x1b/0x20
[  650.982494][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  650.988870][T14194] 
[  650.991637][T14194] Uninit was stored to memory at:
[  650.996897][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  651.002467][T14194]  get_compat_msghdr+0x108/0x2c0
[  651.007458][T14194]  do_recvmmsg+0x1063/0x2120
[  651.012234][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  651.016946][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  651.023477][T14194]  __do_fast_syscall_32+0x96/0xf0
[  651.028554][T14194]  do_fast_syscall_32+0x34/0x70
[  651.033608][T14194]  do_SYSENTER_32+0x1b/0x20
[  651.038157][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  651.044789][T14194] 
[  651.047121][T14194] Uninit was stored to memory at:
[  651.052356][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  651.057516][T14194]  get_compat_msghdr+0x108/0x2c0
[  651.062656][T14194]  do_recvmmsg+0x1063/0x2120
[  651.067285][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  651.072132][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  651.078516][T14194]  __do_fast_syscall_32+0x96/0xf0
[  651.083772][T14194]  do_fast_syscall_32+0x34/0x70
[  651.088665][T14194]  do_SYSENTER_32+0x1b/0x20
[  651.093346][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  651.099746][T14194] 
[  651.102235][T14194] Local variable msg_sys created at:
[  651.107531][T14194]  do_recvmmsg+0xc1/0x2120
[  651.112117][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  651.402176][T14194] not chained 440000 origins
[  651.406816][T14194] CPU: 0 PID: 14194 Comm: syz-executor.5 Not tainted 5.16.0-rc3-syzkaller #0
[  651.415621][T14194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  651.425708][T14194] Call Trace:
[  651.429006][T14194]  <TASK>
[  651.431980][T14194]  dump_stack_lvl+0x1ff/0x28e
[  651.436708][T14194]  dump_stack+0x25/0x28
[  651.440903][T14194]  kmsan_internal_chain_origin+0x7a/0x110
[  651.446684][T14194]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  651.452809][T14194]  ? kmsan_get_metadata+0xa4/0x120
[  651.457977][T14194]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  651.463848][T14194]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  651.469451][T14194]  ? kmsan_get_metadata+0xa4/0x120
[  651.474624][T14194]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  651.480499][T14194]  ? should_fail+0x75/0x9c0
[  651.485058][T14194]  ? kmsan_get_metadata+0xa4/0x120
[  651.490224][T14194]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  651.496524][T14194]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  651.502657][T14194]  ? kmsan_get_metadata+0xa4/0x120
[  651.507824][T14194]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  651.513693][T14194]  __msan_chain_origin+0xbf/0x140
[  651.518770][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  651.523951][T14194]  get_compat_msghdr+0x108/0x2c0
[  651.528948][T14194]  ? __sys_recvmmsg+0x51c/0x6f0
[  651.533862][T14194]  do_recvmmsg+0x1063/0x2120
[  651.538514][T14194]  ? kmsan_get_metadata+0xa4/0x120
[  651.543687][T14194]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  651.550249][T14194]  ? kmsan_get_metadata+0xa4/0x120
[  651.555420][T14194]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  651.561730][T14194]  ? fput+0x82/0x320
[  651.565676][T14194]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  651.572241][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  651.576972][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  651.583371][T14194]  __do_fast_syscall_32+0x96/0xf0
[  651.588450][T14194]  do_fast_syscall_32+0x34/0x70
[  651.593700][T14194]  do_SYSENTER_32+0x1b/0x20
[  651.598247][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  651.604631][T14194] RIP: 0023:0xf6ec3549
[  651.608725][T14194] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  651.628385][T14194] RSP: 002b:00000000f5e9c5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  651.636853][T14194] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  651.644861][T14194] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  651.652870][T14194] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  651.660877][T14194] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  651.668878][T14194] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  651.676895][T14194]  </TASK>
[  651.683159][T14194] Uninit was stored to memory at:
[  651.688269][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  651.694012][T14194]  get_compat_msghdr+0x108/0x2c0
[  651.699007][T14194]  do_recvmmsg+0x1063/0x2120
[  651.703797][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  651.708508][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  651.715053][T14194]  __do_fast_syscall_32+0x96/0xf0
[  651.720395][T14194]  do_fast_syscall_32+0x34/0x70
[  651.725894][T14194]  do_SYSENTER_32+0x1b/0x20
[  651.730440][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  651.736992][T14194] 
[  651.739380][T14194] Uninit was stored to memory at:
[  651.744624][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  651.749804][T14194]  get_compat_msghdr+0x108/0x2c0
[  651.754947][T14194]  do_recvmmsg+0x1063/0x2120
[  651.759582][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  651.764467][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  651.770863][T14194]  __do_fast_syscall_32+0x96/0xf0
[  651.776095][T14194]  do_fast_syscall_32+0x34/0x70
[  651.780996][T14194]  do_SYSENTER_32+0x1b/0x20
[  651.785721][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  651.793045][T14194] 
[  651.795385][T14194] Uninit was stored to memory at:
[  651.800485][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  651.805818][T14194]  get_compat_msghdr+0x108/0x2c0
[  651.810812][T14194]  do_recvmmsg+0x1063/0x2120
[  651.815630][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  651.820367][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  651.826965][T14194]  __do_fast_syscall_32+0x96/0xf0
[  651.832127][T14194]  do_fast_syscall_32+0x34/0x70
[  651.837024][T14194]  do_SYSENTER_32+0x1b/0x20
[  651.841593][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  651.848077][T14194] 
[  651.850409][T14194] Uninit was stored to memory at:
[  651.855594][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  651.860749][T14194]  get_compat_msghdr+0x108/0x2c0
[  651.865836][T14194]  do_recvmmsg+0x1063/0x2120
[  651.870542][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  651.875354][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  651.881845][T14194]  __do_fast_syscall_32+0x96/0xf0
[  651.886914][T14194]  do_fast_syscall_32+0x34/0x70
[  651.891896][T14194]  do_SYSENTER_32+0x1b/0x20
[  651.896440][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  651.902899][T14194] 
[  651.905235][T14194] Uninit was stored to memory at:
[  651.910325][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  651.915666][T14194]  get_compat_msghdr+0x108/0x2c0
[  651.920657][T14194]  do_recvmmsg+0x1063/0x2120
[  651.925449][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  651.930161][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  651.936723][T14194]  __do_fast_syscall_32+0x96/0xf0
[  651.941943][T14194]  do_fast_syscall_32+0x34/0x70
[  651.946838][T14194]  do_SYSENTER_32+0x1b/0x20
[  651.951385][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  651.957923][T14194] 
[  651.960254][T14194] Uninit was stored to memory at:
[  651.965513][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  651.970674][T14194]  get_compat_msghdr+0x108/0x2c0
[  651.975838][T14194]  do_recvmmsg+0x1063/0x2120
[  651.980465][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  651.985349][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  651.991893][T14194]  __do_fast_syscall_32+0x96/0xf0
[  651.996968][T14194]  do_fast_syscall_32+0x34/0x70
[  652.001949][T14194]  do_SYSENTER_32+0x1b/0x20
[  652.006491][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  652.012970][T14194] 
[  652.015303][T14194] Uninit was stored to memory at:
[  652.022208][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  652.027374][T14194]  get_compat_msghdr+0x108/0x2c0
[  652.032463][T14194]  do_recvmmsg+0x1063/0x2120
[  652.037091][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  652.041894][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  652.048371][T14194]  __do_fast_syscall_32+0x96/0xf0
[  652.053552][T14194]  do_fast_syscall_32+0x34/0x70
[  652.058452][T14194]  do_SYSENTER_32+0x1b/0x20
[  652.063112][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  652.069506][T14194] 
[  652.071927][T14194] Local variable msg_sys created at:
[  652.077239][T14194]  do_recvmmsg+0xc1/0x2120
[  652.081787][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  652.410209][T14194] not chained 450000 origins
[  652.415021][T14194] CPU: 0 PID: 14194 Comm: syz-executor.5 Not tainted 5.16.0-rc3-syzkaller #0
[  652.423835][T14194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  652.433929][T14194] Call Trace:
[  652.437238][T14194]  <TASK>
[  652.440192][T14194]  dump_stack_lvl+0x1ff/0x28e
[  652.444936][T14194]  dump_stack+0x25/0x28
[  652.449158][T14194]  kmsan_internal_chain_origin+0x7a/0x110
[  652.454940][T14194]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  652.461070][T14194]  ? kmsan_get_metadata+0xa4/0x120
[  652.466242][T14194]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  652.472110][T14194]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  652.477804][T14194]  ? kmsan_get_metadata+0xa4/0x120
[  652.482974][T14194]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  652.488847][T14194]  ? should_fail+0x75/0x9c0
[  652.493409][T14194]  ? kmsan_get_metadata+0xa4/0x120
[  652.498605][T14194]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  652.504905][T14194]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  652.511032][T14194]  ? kmsan_get_metadata+0xa4/0x120
[  652.516200][T14194]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  652.522066][T14194]  __msan_chain_origin+0xbf/0x140
[  652.527143][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  652.532323][T14194]  get_compat_msghdr+0x108/0x2c0
[  652.537314][T14194]  ? __sys_recvmmsg+0x51c/0x6f0
[  652.542205][T14194]  do_recvmmsg+0x1063/0x2120
[  652.546844][T14194]  ? kmsan_get_metadata+0xa4/0x120
[  652.552017][T14194]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  652.558320][T14194]  ? kmsan_get_metadata+0xa4/0x120
[  652.563571][T14194]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  652.569873][T14194]  ? fput+0x82/0x320
[  652.573818][T14194]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  652.580383][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  652.585113][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  652.591533][T14194]  __do_fast_syscall_32+0x96/0xf0
[  652.596781][T14194]  do_fast_syscall_32+0x34/0x70
[  652.601678][T14194]  do_SYSENTER_32+0x1b/0x20
[  652.606222][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  652.612599][T14194] RIP: 0023:0xf6ec3549
[  652.616688][T14194] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  652.636370][T14194] RSP: 002b:00000000f5e9c5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  652.644835][T14194] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  652.652843][T14194] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  652.660848][T14194] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  652.668850][T14194] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  652.676855][T14194] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  652.684877][T14194]  </TASK>
[  652.691047][T14194] Uninit was stored to memory at:
[  652.696622][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  652.701875][T14194]  get_compat_msghdr+0x108/0x2c0
[  652.706862][T14194]  do_recvmmsg+0x1063/0x2120
[  652.711490][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  652.716383][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  652.722868][T14194]  __do_fast_syscall_32+0x96/0xf0
[  652.727943][T14194]  do_fast_syscall_32+0x34/0x70
[  652.732923][T14194]  do_SYSENTER_32+0x1b/0x20
[  652.737492][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  652.743977][T14194] 
[  652.746313][T14194] Uninit was stored to memory at:
[  652.751403][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  652.756675][T14194]  get_compat_msghdr+0x108/0x2c0
[  652.761770][T14194]  do_recvmmsg+0x1063/0x2120
[  652.766400][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  652.771120][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  652.777608][T14194]  __do_fast_syscall_32+0x96/0xf0
[  652.782782][T14194]  do_fast_syscall_32+0x34/0x70
[  652.787675][T14194]  do_SYSENTER_32+0x1b/0x20
[  652.792320][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  652.798874][T14194] 
[  652.801208][T14194] Uninit was stored to memory at:
[  652.806482][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  652.811644][T14194]  get_compat_msghdr+0x108/0x2c0
[  652.816737][T14194]  do_recvmmsg+0x1063/0x2120
[  652.821365][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  652.826176][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  652.832650][T14194]  __do_fast_syscall_32+0x96/0xf0
[  652.837720][T14194]  do_fast_syscall_32+0x34/0x70
[  652.842716][T14194]  do_SYSENTER_32+0x1b/0x20
[  652.847286][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  652.853769][T14194] 
[  652.856104][T14194] Uninit was stored to memory at:
[  652.861200][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  652.866447][T14194]  get_compat_msghdr+0x108/0x2c0
[  652.871534][T14194]  do_recvmmsg+0x1063/0x2120
[  652.876258][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  652.880973][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  652.887486][T14194]  __do_fast_syscall_32+0x96/0xf0
[  652.892657][T14194]  do_fast_syscall_32+0x34/0x70
[  652.897561][T14194]  do_SYSENTER_32+0x1b/0x20
[  652.902199][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  652.908579][T14194] 
[  652.910914][T14194] Uninit was stored to memory at:
[  652.916116][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  652.921278][T14194]  get_compat_msghdr+0x108/0x2c0
[  652.926364][T14194]  do_recvmmsg+0x1063/0x2120
[  652.930994][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  652.935811][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  652.942373][T14194]  __do_fast_syscall_32+0x96/0xf0
[  652.947461][T14194]  do_fast_syscall_32+0x34/0x70
[  652.952453][T14194]  do_SYSENTER_32+0x1b/0x20
[  652.957013][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  652.963491][T14194] 
[  652.965828][T14194] Uninit was stored to memory at:
[  652.970920][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  652.976179][T14194]  get_compat_msghdr+0x108/0x2c0
[  652.981169][T14194]  do_recvmmsg+0x1063/0x2120
[  652.985888][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  652.990601][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  652.997095][T14194]  __do_fast_syscall_32+0x96/0xf0
[  653.002262][T14194]  do_fast_syscall_32+0x34/0x70
[  653.007164][T14194]  do_SYSENTER_32+0x1b/0x20
[  653.011818][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  653.018258][T14194] 
[  653.020590][T14194] Uninit was stored to memory at:
[  653.025784][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  653.030943][T14194]  get_compat_msghdr+0x108/0x2c0
[  653.036023][T14194]  do_recvmmsg+0x1063/0x2120
[  653.040652][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  653.045477][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  653.051957][T14194]  __do_fast_syscall_32+0x96/0xf0
[  653.057031][T14194]  do_fast_syscall_32+0x34/0x70
[  653.062018][T14194]  do_SYSENTER_32+0x1b/0x20
[  653.066568][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  653.073045][T14194] 
[  653.075380][T14194] Local variable msg_sys created at:
[  653.080694][T14194]  do_recvmmsg+0xc1/0x2120
[  653.085243][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  653.989640][T14194] not chained 460000 origins
[  653.997388][T14194] CPU: 1 PID: 14194 Comm: syz-executor.5 Not tainted 5.16.0-rc3-syzkaller #0
[  654.006218][T14194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  654.016317][T14194] Call Trace:
[  654.019602][T14194]  <TASK>
[  654.022533][T14194]  dump_stack_lvl+0x1ff/0x28e
[  654.027239][T14194]  dump_stack+0x25/0x28
[  654.031406][T14194]  kmsan_internal_chain_origin+0x7a/0x110
[  654.037159][T14194]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  654.043266][T14194]  ? kmsan_get_metadata+0xa4/0x120
[  654.048495][T14194]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  654.054345][T14194]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  654.059926][T14194]  ? kmsan_get_metadata+0xa4/0x120
[  654.065064][T14194]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  654.070901][T14194]  ? should_fail+0x75/0x9c0
[  654.075431][T14194]  ? kmsan_get_metadata+0xa4/0x120
[  654.080579][T14194]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  654.086852][T14194]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  654.092952][T14194]  ? kmsan_get_metadata+0xa4/0x120
[  654.098124][T14194]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  654.103969][T14194]  __msan_chain_origin+0xbf/0x140
[  654.109018][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  654.114165][T14194]  get_compat_msghdr+0x108/0x2c0
[  654.119145][T14194]  ? __sys_recvmmsg+0x51c/0x6f0
[  654.124010][T14194]  do_recvmmsg+0x1063/0x2120
[  654.128640][T14194]  ? kmsan_get_metadata+0xa4/0x120
[  654.133796][T14194]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  654.140065][T14194]  ? kmsan_get_metadata+0xa4/0x120
[  654.145202][T14194]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  654.151475][T14194]  ? fput+0x82/0x320
[  654.155393][T14194]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  654.161941][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  654.166643][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  654.173004][T14194]  __do_fast_syscall_32+0x96/0xf0
[  654.178049][T14194]  do_fast_syscall_32+0x34/0x70
[  654.183030][T14194]  do_SYSENTER_32+0x1b/0x20
[  654.187553][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  654.194091][T14194] RIP: 0023:0xf6ec3549
[  654.198195][T14194] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  654.217859][T14194] RSP: 002b:00000000f5e9c5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  654.226297][T14194] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  654.234277][T14194] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  654.242255][T14194] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  654.250232][T14194] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  654.258232][T14194] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  654.266221][T14194]  </TASK>
[  654.274803][T14194] Uninit was stored to memory at:
[  654.279912][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  654.286017][T14194]  get_compat_msghdr+0x108/0x2c0
[  654.291016][T14194]  do_recvmmsg+0x1063/0x2120
[  654.295853][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  654.300595][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  654.307189][T14194]  __do_fast_syscall_32+0x96/0xf0
[  654.312394][T14194]  do_fast_syscall_32+0x34/0x70
[  654.317297][T14194]  do_SYSENTER_32+0x1b/0x20
[  654.322006][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  654.328385][T14194] 
[  654.330712][T14194] Uninit was stored to memory at:
[  654.335992][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  654.341156][T14194]  get_compat_msghdr+0x108/0x2c0
[  654.346356][T14194]  do_recvmmsg+0x1063/0x2120
[  654.350991][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  654.355902][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  654.362585][T14194]  __do_fast_syscall_32+0x96/0xf0
[  654.367664][T14194]  do_fast_syscall_32+0x34/0x70
[  654.372748][T14194]  do_SYSENTER_32+0x1b/0x20
[  654.377297][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  654.383876][T14194] 
[  654.386212][T14194] Uninit was stored to memory at:
[  654.391308][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  654.396672][T14194]  get_compat_msghdr+0x108/0x2c0
[  654.401666][T14194]  do_recvmmsg+0x1063/0x2120
[  654.406491][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  654.411209][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  654.417789][T14194]  __do_fast_syscall_32+0x96/0xf0
[  654.423027][T14194]  do_fast_syscall_32+0x34/0x70
[  654.427927][T14194]  do_SYSENTER_32+0x1b/0x20
[  654.432667][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  654.439043][T14194] 
[  654.441372][T14194] Uninit was stored to memory at:
[  654.446663][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  654.452075][T14194]  get_compat_msghdr+0x108/0x2c0
[  654.457066][T14194]  do_recvmmsg+0x1063/0x2120
[  654.461903][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  654.466622][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  654.473205][T14194]  __do_fast_syscall_32+0x96/0xf0
[  654.478301][T14194]  do_fast_syscall_32+0x34/0x70
[  654.483376][T14194]  do_SYSENTER_32+0x1b/0x20
[  654.487935][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  654.494538][T14194] 
[  654.496890][T14194] Uninit was stored to memory at:
[  654.502207][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  654.507370][T14194]  get_compat_msghdr+0x108/0x2c0
[  654.512539][T14194]  do_recvmmsg+0x1063/0x2120
[  654.517175][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  654.522136][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  654.528520][T14194]  __do_fast_syscall_32+0x96/0xf0
[  654.533712][T14194]  do_fast_syscall_32+0x34/0x70
[  654.538615][T14194]  do_SYSENTER_32+0x1b/0x20
[  654.543391][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  654.549769][T14194] 
[  654.552299][T14194] Uninit was stored to memory at:
[  654.557398][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  654.562795][T14194]  get_compat_msghdr+0x108/0x2c0
[  654.567788][T14194]  do_recvmmsg+0x1063/0x2120
[  654.572641][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  654.577353][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  654.583982][T14194]  __do_fast_syscall_32+0x96/0xf0
[  654.589052][T14194]  do_fast_syscall_32+0x34/0x70
[  654.594219][T14194]  do_SYSENTER_32+0x1b/0x20
[  654.598762][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  654.605356][T14194] 
[  654.607688][T14194] Uninit was stored to memory at:
[  654.613025][T14194]  __get_compat_msghdr+0x6e1/0x9d0
[  654.618184][T14194]  get_compat_msghdr+0x108/0x2c0
[  654.623406][T14194]  do_recvmmsg+0x1063/0x2120
[  654.628032][T14194]  __sys_recvmmsg+0x51c/0x6f0
[  654.632967][T14194]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  654.639352][T14194]  __do_fast_syscall_32+0x96/0xf0
[  654.644645][T14194]  do_fast_syscall_32+0x34/0x70
[  654.649564][T14194]  do_SYSENTER_32+0x1b/0x20
[  654.654307][T14194]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  654.660688][T14194] 
[  654.663254][T14194] Local variable msg_sys created at:
[  654.668549][T14194]  do_recvmmsg+0xc1/0x2120
[  654.673233][T14194]  __sys_recvmmsg+0x51c/0x6f0
02:11:17 executing program 5:
perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x0, 0x0)
r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
io_setup(0x1, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x45, &(0x7f0000000540)=[&(0x7f00000000c0)={0x101010, 0x400000000000, 0x0, 0x1, 0x0, r1, &(0x7f0000000000), 0x377140be6b5ef4c7}])

02:11:17 executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ff9000/0x7000)=nil, 0x7000, 0x1, 0x11, r0, 0x0)
r1 = open(&(0x7f0000000780)='./bus\x00', 0x14117e, 0x0)
mmap$binder(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x1, 0x11, r1, 0x0)

02:11:17 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74)

02:11:17 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x8, 0x0, 0x0, 0x0, 0x71, 0x11, 0xa}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x16}, @exit={0x95, 0x0, 0xc2}], {0x95, 0x0, 0x1200}}, &(0x7f0000000080)='GPL\x00', 0x3, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)

02:11:17 executing program 4:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240), &(0x7f0000000280)=0x5)
ioctl$sock_inet_SIOCSIFBRDADDR(r0, 0x891c, &(0x7f0000000040)={'vxcan1\x00', {0x2, 0x0, @initdev}})
getsockopt$inet_udp_int(r0, 0x11, 0x66, &(0x7f0000000040), 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xe, 0xe, &(0x7f0000001640)=ANY=[@ANYBLOB="b70200000b400000bfa300000000000024020000fffeff7f7a03f0fff8ffffff79a4f0ff00000000b7060000ffffff112e460500000000007502faff07cd02020404000009007d60b7030000001000006a0a00fe000000008500000026000000b70000000000002995000000000000001da5ad3548ebb63d18db6a1c72821c9b767ac8308fbce596c6d89ef05c0672c2c9ff215ac60c2ceaea4c0ec908abb6e7325ed1956bd8660bf3664148a2c96752fe2bb328dff1a15750ab9a780001000000000000d4bf20c2bd152d814f01f2cd519e078da9144ce8734ffab418e4682b2aec5e4a35629e8ef040c50287c37a7f4182f32333b08c6e497687e10a4daea5ca0b6c00000000000080f5104d16ddb64963d84d91814cd5817e0b8f6f5e6ee7a39e180b5a18ed786b783ab1321ea5e82ae5ba2c42a5e23ea6253d5df768a162ab41d0cb06000000000000004c03e53466fa4f22d8c19f958e8b34de35949a7a48ce18799ee53da177a81ea65e652c1d71b7ee5d605bb32935f542127a8f000000000000f00699f5c95177fbd0b14b36259e2905ef911785c88a16aae46084d676d8ef8aa6ecc2d32e3f4ee367c5a769643bed96ec96ad73f77f0e2aeee2b703c0a606636c9f4a4413c098f4fcc96623b7c373b0ef04d55b846b094bf97e2ef5987b6e0983a7cab79bffda141f65e7d9ebe3be70c4af9a9d91c3e41ac37a63f85ad8f32b70829d44ea4e4d0599a76519205b0fa80cce69df304b153c989ef100bbf77a63d3f6ffffb73d70e9c3d7b90aecf48e7565efff2dbcb512218c98442406333c890923a797e00b75481739952fe87fde27ce81893f54ec0ea8e792414f639bc9ce1fea3f6ac0d702575935323db7656c12ee11e8ad585951950e521f4e210b6494e3c52d927195737945cc03d5668483151710de246420a1b6c55b73876a6ed7fd0d9338923789a1ed68324a25df14010c8ed6b8c97c00eac0e451ac4544d3a7c86fe09b404e0b7c723d3bfdc339e93583d7134b589f3f1329cbe9c7af24aad0922091d49e2bc408a5a37d2fe7a60b903d2d9fe9d451cafcc8dc389671c2d08b6e264150a6b9445b00cee4584e234fa69ea90eb029faca7dce34c41aec7aa86e596119109ea8b3fcff01643baab1c95bb22cedd913b22dcaa197ccc34586dc50bd9f4628e3e757bae30b356521df06f995cb57f97052fc4158250ccecfb47ea8faf509593fadc7eafb613313b052397af1ede94d87590ce90a0a7579766f7ec4fcd3cb0b3a464803cedaa9cedf16dc3af6e0b67f62a83a256474c97c925d9d447175b535e87dbdeb0dcca5303eedde47e6672e93a314a5f60e7b68c2242bd0f0d8c66449d8687dcf2d0f76668b2b9bf8b32b518e01ffb985f8054d37959c529e99b7daf34b2d825d192ade90a1162acfe9749d516d014cef783620cf585cf3acc85808c4d69e5749901b09e4902a6f5addc0cbe47c69d99944103756b894418e4591c624a9b2ccabbfb888d413d923b0d7c9d997d6d8e64787c4d397f57a15b6e0af212b6cb55b9c387bbe08f483b1bea05f41b9a1d3af087047c568ae6ebf070000c30b6290dc757a4903a88fb2c035b2349b6d2f0c051b8b7751527861fdff4eebd5fc19928ceb713ff09e179c308fbe9bc54374d96ef2447a2a4af5ca0c39e7ca2e801e57560a55e9cfa095cf3f74398219ad1000000000a88de7596429a20793e12616aa32b3e720c6521fbe93963e22bd2a9b03957afea7dd99c0a0125ff8c18119a6926083f4a2c008a9f2a29e30823bf0ec3639cadaf9be9608358e1e5ab17eea477b1754f78f45468c956847bc03d10411ac6eec9a3ecd9e3c325fcabbab3d129c0cced3ce11dafa387a8077db8a00000032fabc643bcb9c42c0ab1eef5f989c207eb1f160cbcb92968fb40b1f9a37ef19551dff7f837d37aabf30d2e9a8e5b0df5daa78dabc1000785b6f8319e3edb4d2d661560c73c95b0f4e2e1e07d61e43859d08366f52a2c8f5f34b0fdda9586728b417bfd9d325aa2a6770bf3753e99b1f0ef865f1ae377e8c084a46888ca3a71b5815d9d22c56bc8e967b1c04577e736c0a2cdcc0f3c605d80d7e2e9aaf78d9ece3986a1b0481c19a8e9008769b3159426f5be7b300004e341f4e74370e0000000000000000009405649a683c6a338b61095a9ec7780500000000000000f665bf232282a23747d71cbae1c88b136ccc05e034834ca06479271a846f82e797c085043e4e142e7b1242eee8655684c654ade7ed810feac9b9428ea238cd4835f6dbe8cbcd023b16879d240c641df07b4b06bff89bfbb399f136456579b8170b6c000000000000000000daa426da3dd1d3958b608ebcfa0045a2c464e00ff15a7108eca8deb58a39bef4009da56d42ddf62de894c62dda7fa6bbe1d8e9d242d0c96d06951dca1abbf50eb945b9b24cc451d0cb27de09d2dd4fa8e90e1b953c91691332a7cfcedf4708eec12fc21e6fd4f6682ee64b500adccbb96c52b881ed0bbd96e494795745ce03f0a0720490787f35aa7f092c16c590cfd8bd35ce08f8287e5e0d799d3a53b7be1b1edca2e522fcf55c013bd4c94c6a7ea153c8d1ad8b211768db3d00206884c5da7b0e85fd59678d2805adaeeb8f9e5520052d4d8077d384f32ee86a63f94e11305f3ca55ba95dca43da4ae9d93682df785afd37195a7dbbce2b077e9b21fe61457e994a57540fff4ed436af3aa32c1ebc73b7575871e3242220a56e0922d22e28f2df0fe44974a0e6f6bca046b7b283d7ced0ef03008bf6a6102ea3ddb63c4d787eb30c704ac367dec64170ba47c84ba56ace679158c5a9b0b8c4018318098f9d73a96bd838b449d17b4285347a1c973db987eb641016097a5354c0a74c2b755da0714656fa50d4cd9da9ada1fe0ccc52e962b09f102d6cf09946576e89b59d0a5cd45de558ada4fe50d1d90000879dbc9ecaf6aa59724aa89c12266c94384fa652b063a42b44204fc328da4d4e55d67006c9a876c0692592b7141c622bdd4568c48fe5b6eead8e0460d208f0a7e042807f332cc63b96238f58124ad528c2f26f8cd43bcc7d8233889589dc3e13a3d5f9a83526c30e228928d327ffbbf18d4a13685f99cbb89456f8f44454a8ed6c36fceb85c10bd3dd2e52220951e997bff277a4764e9f226796085a749ece344b5977fbe783cf86014ef0a1cc4b230e6a0d992fca8b5926b4761667e82f59d5a40cf374f9bb69fdb9d17b5cef0e3340ae9955d6d0f2bef57d53"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x171}, 0x48)
r1 = getpid()
rt_tgsigqueueinfo(0x0, r1, 0x16, 0x0)
r2 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f0000000100)={'gretap0\x00', 0x0})

02:11:17 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000240)={'bridge0\x00', <r4=>0x0})
bind$packet(r2, &(0x7f0000000040)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @dev}, 0x14)
sendto$inet6(r2, &(0x7f0000000280)="4103092c8b03480401020200c52cf7c25975e005b02f0800eb2b2ff0dac8897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305f80a88161b6fd8f24286a57c3feffff", 0xfc13, 0x800, 0x0, 0x2f)
ppoll(&(0x7f0000000080)=[{r1}], 0x1, &(0x7f0000000100), 0x0, 0x0)

02:11:17 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000440)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74)

02:11:17 executing program 1:
unshare(0x40400)
r0 = perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/bus/nd', 0x254900, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x40049409, r1)

02:11:17 executing program 0:
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000e4a000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x10000)

02:11:17 executing program 4:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000b80)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000002c3f2cc2b7954244ce9a87507ebf4e43bc0609b199b6ed90e0596acec976e57309ebcdac5f7a860c00269c781f6428457253e89ad528d985636a86ec0f60f5a6d1159a2c2e85d726859a919cc9548a349980d1ccdce27f94bc074c27f81070545cab415b0d7ff0575cc2727e8d974927676468ff2d86e0ffac94712ed9cf6b40b3cf252a47c05af3a30d57cc3ed67d1867b54d24e2da18568c3b0f24b52616bf84d3b042d6e432cd0e3b57239f0127473e6ba922aff649609d40b47ec331ccba3ce8f530ffff19a6471bf5abc742d9cbcfb964b13831034694a6aad86cf08a2c7b2235dc99de9aa3e6b77c7a2877261ed72da90864987f30926c9013eec3b86836ae504479f60b0ec920ae37eeae3023a8499800220000008f02712c3d8fc4e2686e21a855e823887196d4f4e91f000000b379b247742e09b252b88317c5adbbdb0015f89e9939bc424d1bafe5725c8a4047b91da3768c1ca6a4410009f95d5ba21068285afa8d3b4a68cdb887af2c85c2d9ab09b5dd7d3c4406d2d7650bf7b2ff4602aec1eea200000064881c560c371a08e051374cf05c921a06fbf8183e7e68de9dabe35f1a5d50f20209eec6eb2c510b2cc8d95e4e5b365d1e1298f431432010e1004dae58b3b5b89709b0ff47b200000000000000cbefd9a6bb70f60eb9c0557c67a1d9f00e1dd2fc79a957c84f2369dcd548b3d360c4b85e4d961498f3a80131d21d856177a2189f45d011ef1da5c6da7bb8fd387ced8b053a7fcea9c3899a914e47e82fb95a84b29de2323f9273a5d84f62d1f941f35d797e05a61e3d7976ca168e88d7a9af94b04a37387bfffab9abbb31fa8cfe15c2b1276765f37fa8000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x20e, 0x5ee, 0xfd000000, &(0x7f00000004c0)="b91803b700070703009e40f086dd1fff060000000000ff020010ac141434e0080001c699da153f0ae0e6e380f60122f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b333c20c9ec0c222d644bdcb178c1cc53d6960fbb842d6a33dfcde3a1e1848135214baf139753866cadcbe3ce52505e992818cc452bee339d9ab076f484020eaa348a21d7911e4c44905256ec2cc54cca47a198b00c10aff62a4bed43a2ebcad92743fb22c593f28fd4bb7c703cde9cae0569d4c8d9a823f2c12863f7a6c0cf88ed22aae4f6f084508833b61429a25773eedf63dd9f33d430f2a0a30a7761db16fe0f743b95ded898c28aac1256ce2751b3d738899b8b19d9052b7f13ff94", 0x0, 0x31, 0x6000000000000000, 0xfffffffffffffe7e, 0x1d4}, 0x28)

02:11:17 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000240)={'bridge0\x00', <r4=>0x0})
bind$packet(r2, &(0x7f0000000040)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @dev}, 0x14)
ppoll(&(0x7f0000000080)=[{r1}], 0x1, &(0x7f0000000100), 0x0, 0x0)

02:11:18 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000440)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74)

[  655.625739][T14277] mmap: syz-executor.0 (14277) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst.
[  656.254735][   T24] audit: type=1800 audit(1638929478.865:22): pid=14287 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.5" name="file0" dev="ramfs" ino=44896 res=0 errno=0
02:11:18 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)

02:11:18 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x2}, 0x1c)
listen(r0, 0x1000)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x9, &(0x7f00000001c0)=0x40, 0x4)
connect$inet(r1, &(0x7f0000000140)={0x2, 0x2, @local}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r2, &(0x7f0000000040)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000020000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100090c10000000050000000000", 0x58}], 0x1)

02:11:18 executing program 0:
socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2)
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000080), 0x802, 0x0)
write$uinput_user_dev(r0, &(0x7f00000005c0)={'syz1\x00', {}, 0x0, [], [], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5]}, 0x45c)
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
lsetxattr$system_posix_acl(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000240)='system.posix_acl_default\x00', &(0x7f0000000ec0)=ANY=[@ANYBLOB="020000fd0cabb553", @ANYBLOB="020000003a87cfe89e5b2edc98f8f70b73a13f35535dcd7e5a68d1f358058925de2ec4c94223c8b27cf20a737c5d684035e5b7f91d9faf38682e99dff752cf2f0a50c864fbe7511b2228041214c8c459c9bc74f5ae8badee0ee826d1007be1c83394740ac88c2b5611dc7ed5d10a39", @ANYRES32=0x0, @ANYBLOB="0400000000000000002000"/24], 0x34, 0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xff7fffffffffffff, 0xffffffffffffffff, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r1 = syz_open_dev$loop(&(0x7f00000001c0), 0x0, 0x103382)
r2 = memfd_create(&(0x7f0000000240)='.^\xc5', 0x0)
pwritev(r2, &(0x7f0000000540)=[{&(0x7f0000000840)="16", 0x1}], 0x1, 0x81805, 0x0)
ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2)
sendfile(r1, r1, 0x0, 0x24002da8)

02:11:18 executing program 4:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x88, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x10, 0x1, @remote}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_TUPLE_MASTER={0x24, 0xe, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x88}}, 0x0)

02:11:19 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000240)={'bridge0\x00', <r4=>0x0})
bind$packet(r2, &(0x7f0000000040)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @dev}, 0x14)
ppoll(&(0x7f0000000080)=[{r1}], 0x1, &(0x7f0000000100), 0x0, 0x0)

02:11:19 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000440)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74)

[  656.508221][T14297] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  656.611541][T14298] loop0: detected capacity change from 0 to 1036
02:11:19 executing program 4:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x88, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x10, 0x1, @remote}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_TUPLE_MASTER={0x24, 0xe, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x88}}, 0x0)

02:11:19 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000440)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74)

02:11:19 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000240)={'bridge0\x00', <r4=>0x0})
bind$packet(r2, &(0x7f0000000040)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @dev}, 0x14)
ppoll(&(0x7f0000000080)=[{r1}], 0x1, &(0x7f0000000100), 0x0, 0x0)

02:11:19 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x2}, 0x1c)
listen(r0, 0x1000)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x9, &(0x7f00000001c0)=0x40, 0x4)
connect$inet(r1, &(0x7f0000000140)={0x2, 0x2, @local}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r2, &(0x7f0000000040)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000020000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100090c10000000050000000000", 0x58}], 0x1)

02:11:19 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000440)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74)

[  657.260420][T14312] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
02:11:20 executing program 4:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x88, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x10, 0x1, @remote}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_TUPLE_MASTER={0x24, 0xe, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x88}}, 0x0)

02:11:20 executing program 5:
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = open(&(0x7f0000000280)='./file0\x00', 0x3fc, 0x0)
flock(r1, 0x1)
r2 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
flock(r2, 0x2)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
dup2(r3, r2)

02:11:20 executing program 0:
r0 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', 0x0})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r2=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000000c0)={'ip6tnl0\x00', &(0x7f0000000000)={'syztnl1\x00', r2, 0x0, 0x0, 0x0, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2={0xff, 0x3}}})

02:11:20 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000240)={'bridge0\x00'})
sendto$inet6(r2, &(0x7f0000000280)="4103092c8b03480401020200c52cf7c25975e005b02f0800eb2b2ff0dac8897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305f80a88161b6fd8f24286a57c3feffff", 0xfc13, 0x800, 0x0, 0x2f)
ppoll(&(0x7f0000000080)=[{r1}], 0x1, &(0x7f0000000100), 0x0, 0x0)

02:11:20 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x2}, 0x1c)
listen(r0, 0x1000)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x9, &(0x7f00000001c0)=0x40, 0x4)
connect$inet(r1, &(0x7f0000000140)={0x2, 0x2, @local}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r2, &(0x7f0000000040)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000020000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100090c10000000050000000000", 0x58}], 0x1)

02:11:20 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000440)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74)

[  657.809501][T14323] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
02:11:20 executing program 4:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x88, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x10, 0x1, @remote}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_TUPLE_MASTER={0x24, 0xe, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x88}}, 0x0)

02:11:20 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000240)={'bridge0\x00'})
sendto$inet6(r2, &(0x7f0000000280)="4103092c8b03480401020200c52cf7c25975e005b02f0800eb2b2ff0dac8897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305f80a88161b6fd8f24286a57c3feffff", 0xfc13, 0x800, 0x0, 0x2f)
ppoll(&(0x7f0000000080)=[{r1}], 0x1, &(0x7f0000000100), 0x0, 0x0)

02:11:20 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000440)=ANY=[@ANYBLOB="61124c000000000061134c0000000000bf2000000000000007030000151b00093d030100000000009500000000000000bc26000000000000bf67000000000000070600000fff07006706000003000000160600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad43010000000000950000000000000005000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74)

[  658.368249][T14343] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
02:11:21 executing program 0:
r0 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', 0x0})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r2=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000000c0)={'ip6tnl0\x00', &(0x7f0000000000)={'syztnl1\x00', r2, 0x0, 0x0, 0x0, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2={0xff, 0x3}}})

02:11:21 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000940), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000980)={0x60, r4, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_IFNAME={0x14, 0x2, 'wg2\x00'}, @WGDEVICE_A_FLAGS={0x8, 0x5, 0x1}, @WGDEVICE_A_PEERS={0x30, 0x8, 0x0, 0x1, [{0x2c, 0x0, 0x0, 0x1, [@WGPEER_A_ALLOWEDIPS={0x4}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}]}]}]}, 0x60}, 0x1, 0x4000}, 0x0)
sched_setattr(r0, &(0x7f0000000000)={0x38, 0x6, 0x0, 0x80000000, 0x0, 0x1, 0x7f, 0x1, 0x1, 0x4}, 0x0)

02:11:21 executing program 1:
mremap(&(0x7f0000005000/0x4000)=nil, 0x4000, 0x1000, 0x0, &(0x7f0000003000/0x1000)=nil)
mlock2(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0)
prlimit64(0x0, 0x9, &(0x7f0000000140), 0x0)
syz_io_uring_setup(0x2dde, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000006000/0x2000)=nil, &(0x7f0000000100), &(0x7f0000000140))

02:11:21 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000240)={'bridge0\x00'})
sendto$inet6(r2, &(0x7f0000000280)="4103092c8b03480401020200c52cf7c25975e005b02f0800eb2b2ff0dac8897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305f80a88161b6fd8f24286a57c3feffff", 0xfc13, 0x800, 0x0, 0x2f)
ppoll(&(0x7f0000000080)=[{r1}], 0x1, &(0x7f0000000100), 0x0, 0x0)

02:11:21 executing program 5:
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = open(&(0x7f0000000280)='./file0\x00', 0x3fc, 0x0)
flock(r1, 0x1)
r2 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
flock(r2, 0x2)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
dup2(r3, r2)

02:11:21 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000440)=ANY=[@ANYBLOB="61124c000000000061134c0000000000bf2000000000000007030000151b00093d030100000000009500000000000000bc26000000000000bf67000000000000070600000fff07006706000003000000160600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad43010000000000950000000000000005000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74)

02:11:22 executing program 1:
mremap(&(0x7f0000005000/0x4000)=nil, 0x4000, 0x1000, 0x0, &(0x7f0000003000/0x1000)=nil)
mlock2(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0)
prlimit64(0x0, 0x9, &(0x7f0000000140), 0x0)
syz_io_uring_setup(0x2dde, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000006000/0x2000)=nil, &(0x7f0000000100), &(0x7f0000000140))

02:11:22 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
socket$inet_tcp(0x2, 0x1, 0x0)
bind$packet(r2, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x14)
sendto$inet6(r2, &(0x7f0000000280)="4103092c8b03480401020200c52cf7c25975e005b02f0800eb2b2ff0dac8897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305f80a88161b6fd8f24286a57c3feffff", 0xfc13, 0x800, 0x0, 0x2f)
ppoll(&(0x7f0000000080)=[{r1}], 0x1, &(0x7f0000000100), 0x0, 0x0)

02:11:22 executing program 0:
r0 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', 0x0})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r2=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000000c0)={'ip6tnl0\x00', &(0x7f0000000000)={'syztnl1\x00', r2, 0x0, 0x0, 0x0, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2={0xff, 0x3}}})

02:11:22 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000440)=ANY=[@ANYBLOB="61124c000000000061134c0000000000bf2000000000000007030000151b00093d030100000000009500000000000000bc26000000000000bf67000000000000070600000fff07006706000003000000160600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad43010000000000950000000000000005000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74)

02:11:22 executing program 5:
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = open(&(0x7f0000000280)='./file0\x00', 0x3fc, 0x0)
flock(r1, 0x1)
r2 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
flock(r2, 0x2)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
dup2(r3, r2)

02:11:22 executing program 1:
mremap(&(0x7f0000005000/0x4000)=nil, 0x4000, 0x1000, 0x0, &(0x7f0000003000/0x1000)=nil)
mlock2(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0)
prlimit64(0x0, 0x9, &(0x7f0000000140), 0x0)
syz_io_uring_setup(0x2dde, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000006000/0x2000)=nil, &(0x7f0000000100), &(0x7f0000000140))

02:11:22 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
socket$inet_tcp(0x2, 0x1, 0x0)
bind$packet(r2, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x14)
sendto$inet6(r2, &(0x7f0000000280)="4103092c8b03480401020200c52cf7c25975e005b02f0800eb2b2ff0dac8897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305f80a88161b6fd8f24286a57c3feffff", 0xfc13, 0x800, 0x0, 0x2f)
ppoll(&(0x7f0000000080)=[{r1}], 0x1, &(0x7f0000000100), 0x0, 0x0)

[  660.845617][T14363] not chained 470000 origins
[  660.850293][T14363] CPU: 0 PID: 14363 Comm: syz-executor.4 Not tainted 5.16.0-rc3-syzkaller #0
[  660.859098][T14363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  660.869177][T14363] Call Trace:
[  660.872470][T14363]  <TASK>
[  660.875412][T14363]  dump_stack_lvl+0x1ff/0x28e
[  660.880138][T14363]  dump_stack+0x25/0x28
[  660.884329][T14363]  kmsan_internal_chain_origin+0x7a/0x110
[  660.890118][T14363]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  660.896235][T14363]  ? kmsan_get_metadata+0xa4/0x120
[  660.901394][T14363]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  660.907255][T14363]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  660.912851][T14363]  ? kmsan_get_metadata+0xa4/0x120
[  660.918009][T14363]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  660.923875][T14363]  ? should_fail+0x75/0x9c0
[  660.928425][T14363]  ? kmsan_get_metadata+0xa4/0x120
[  660.933581][T14363]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  660.939886][T14363]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  660.946004][T14363]  ? kmsan_get_metadata+0xa4/0x120
[  660.951181][T14363]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  660.957042][T14363]  __msan_chain_origin+0xbf/0x140
[  660.962117][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  660.967291][T14363]  get_compat_msghdr+0x108/0x2c0
[  660.972273][T14363]  ? __sys_recvmmsg+0x51c/0x6f0
[  660.977158][T14363]  do_recvmmsg+0x1063/0x2120
[  660.981810][T14363]  ? kmsan_get_metadata+0xa4/0x120
[  660.986977][T14363]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  660.993272][T14363]  ? kmsan_get_metadata+0xa4/0x120
[  660.998432][T14363]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  661.004726][T14363]  ? fput+0x82/0x320
[  661.008663][T14363]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  661.015218][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  661.019944][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  661.026350][T14363]  __do_fast_syscall_32+0x96/0xf0
[  661.031443][T14363]  do_fast_syscall_32+0x34/0x70
[  661.036333][T14363]  do_SYSENTER_32+0x1b/0x20
[  661.040872][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  661.047239][T14363] RIP: 0023:0xf6eb3549
[  661.051324][T14363] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  661.070973][T14363] RSP: 002b:00000000f5e8c5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  661.079422][T14363] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  661.087420][T14363] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  661.095413][T14363] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  661.103401][T14363] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  661.111393][T14363] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  661.119397][T14363]  </TASK>
[  661.125948][T14363] Uninit was stored to memory at:
[  661.131386][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  661.136648][T14363]  get_compat_msghdr+0x108/0x2c0
[  661.141641][T14363]  do_recvmmsg+0x1063/0x2120
[  661.146383][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  661.151109][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  661.157601][T14363]  __do_fast_syscall_32+0x96/0xf0
[  661.162763][T14363]  do_fast_syscall_32+0x34/0x70
[  661.167679][T14363]  do_SYSENTER_32+0x1b/0x20
[  661.172320][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  661.178703][T14363] 
[  661.181051][T14363] Uninit was stored to memory at:
[  661.186248][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  661.191403][T14363]  get_compat_msghdr+0x108/0x2c0
[  661.196475][T14363]  do_recvmmsg+0x1063/0x2120
[  661.201098][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  661.205969][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  661.212623][T14363]  __do_fast_syscall_32+0x96/0xf0
[  661.217696][T14363]  do_fast_syscall_32+0x34/0x70
[  661.222689][T14363]  do_SYSENTER_32+0x1b/0x20
[  661.227232][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  661.233705][T14363] 
[  661.236036][T14363] Uninit was stored to memory at:
[  661.241131][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  661.246379][T14363]  get_compat_msghdr+0x108/0x2c0
[  661.251375][T14363]  do_recvmmsg+0x1063/0x2120
[  661.256115][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  661.260827][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  661.267309][T14363]  __do_fast_syscall_32+0x96/0xf0
[  661.272471][T14363]  do_fast_syscall_32+0x34/0x70
[  661.277373][T14363]  do_SYSENTER_32+0x1b/0x20
[  661.282005][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  661.288396][T14363] 
[  661.290743][T14363] Uninit was stored to memory at:
[  661.295942][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  661.301099][T14363]  get_compat_msghdr+0x108/0x2c0
[  661.306198][T14363]  do_recvmmsg+0x1063/0x2120
[  661.310829][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  661.315639][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  661.322130][T14363]  __do_fast_syscall_32+0x96/0xf0
[  661.327200][T14363]  do_fast_syscall_32+0x34/0x70
[  661.332206][T14363]  do_SYSENTER_32+0x1b/0x20
[  661.336748][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  661.343212][T14363] 
[  661.345542][T14363] Uninit was stored to memory at:
[  661.350641][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  661.355889][T14363]  get_compat_msghdr+0x108/0x2c0
[  661.360874][T14363]  do_recvmmsg+0x1063/0x2120
[  661.365589][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  661.370305][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  661.376768][T14363]  __do_fast_syscall_32+0x96/0xf0
[  661.381940][T14363]  do_fast_syscall_32+0x34/0x70
[  661.386839][T14363]  do_SYSENTER_32+0x1b/0x20
[  661.391400][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  661.397976][T14363] 
[  661.400321][T14363] Uninit was stored to memory at:
[  661.405520][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  661.410685][T14363]  get_compat_msghdr+0x108/0x2c0
[  661.415764][T14363]  do_recvmmsg+0x1063/0x2120
[  661.420417][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  661.425240][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  661.431626][T14363]  __do_fast_syscall_32+0x96/0xf0
[  661.436884][T14363]  do_fast_syscall_32+0x34/0x70
[  661.441862][T14363]  do_SYSENTER_32+0x1b/0x20
[  661.446437][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  661.452926][T14363] 
[  661.455257][T14363] Uninit was stored to memory at:
[  661.460378][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  661.465621][T14363]  get_compat_msghdr+0x108/0x2c0
[  661.470604][T14363]  do_recvmmsg+0x1063/0x2120
[  661.475321][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  661.480257][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  661.486781][T14363]  __do_fast_syscall_32+0x96/0xf0
[  661.491952][T14363]  do_fast_syscall_32+0x34/0x70
[  661.496850][T14363]  do_SYSENTER_32+0x1b/0x20
[  661.501408][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  661.507889][T14363] 
[  661.510225][T14363] Local variable msg_sys created at:
[  661.515606][T14363]  do_recvmmsg+0xc1/0x2120
[  661.520076][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  662.132733][T14363] not chained 480000 origins
[  662.137373][T14363] CPU: 1 PID: 14363 Comm: syz-executor.4 Not tainted 5.16.0-rc3-syzkaller #0
[  662.146181][T14363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  662.156269][T14363] Call Trace:
[  662.159568][T14363]  <TASK>
[  662.162557][T14363]  dump_stack_lvl+0x1ff/0x28e
[  662.167410][T14363]  dump_stack+0x25/0x28
[  662.171614][T14363]  kmsan_internal_chain_origin+0x7a/0x110
[  662.177395][T14363]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  662.183530][T14363]  ? kmsan_get_metadata+0xa4/0x120
[  662.188700][T14363]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  662.194572][T14363]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  662.200183][T14363]  ? kmsan_get_metadata+0xa4/0x120
[  662.205355][T14363]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  662.211262][T14363]  ? should_fail+0x75/0x9c0
[  662.215826][T14363]  ? kmsan_get_metadata+0xa4/0x120
[  662.221002][T14363]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  662.227305][T14363]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  662.233436][T14363]  ? kmsan_get_metadata+0xa4/0x120
[  662.238604][T14363]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  662.244469][T14363]  __msan_chain_origin+0xbf/0x140
[  662.249549][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  662.254751][T14363]  get_compat_msghdr+0x108/0x2c0
[  662.259744][T14363]  ? __sys_recvmmsg+0x51c/0x6f0
[  662.264642][T14363]  do_recvmmsg+0x1063/0x2120
[  662.269287][T14363]  ? kmsan_get_metadata+0xa4/0x120
[  662.274464][T14363]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  662.280762][T14363]  ? kmsan_get_metadata+0xa4/0x120
[  662.285927][T14363]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  662.292230][T14363]  ? fput+0x82/0x320
[  662.296180][T14363]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  662.302742][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  662.307501][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  662.313903][T14363]  __do_fast_syscall_32+0x96/0xf0
[  662.318989][T14363]  do_fast_syscall_32+0x34/0x70
[  662.323890][T14363]  do_SYSENTER_32+0x1b/0x20
[  662.328442][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  662.334822][T14363] RIP: 0023:0xf6eb3549
[  662.338918][T14363] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  662.358682][T14363] RSP: 002b:00000000f5e8c5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  662.367146][T14363] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  662.375162][T14363] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  662.383173][T14363] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  662.391186][T14363] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  662.399192][T14363] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  662.407214][T14363]  </TASK>
[  662.414626][T14363] Uninit was stored to memory at:
[  662.419735][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  662.425701][T14363]  get_compat_msghdr+0x108/0x2c0
[  662.430696][T14363]  do_recvmmsg+0x1063/0x2120
[  662.435805][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  662.440524][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  662.447106][T14363]  __do_fast_syscall_32+0x96/0xf0
[  662.452351][T14363]  do_fast_syscall_32+0x34/0x70
[  662.457249][T14363]  do_SYSENTER_32+0x1b/0x20
[  662.462120][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  662.468507][T14363] 
[  662.470837][T14363] Uninit was stored to memory at:
[  662.476131][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  662.481293][T14363]  get_compat_msghdr+0x108/0x2c0
[  662.486470][T14363]  do_recvmmsg+0x1063/0x2120
[  662.491119][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  662.496030][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  662.502595][T14363]  __do_fast_syscall_32+0x96/0xf0
[  662.507667][T14363]  do_fast_syscall_32+0x34/0x70
[  662.512756][T14363]  do_SYSENTER_32+0x1b/0x20
[  662.517305][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  662.523864][T14363] 
[  662.526195][T14363] Uninit was stored to memory at:
[  662.531308][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  662.536657][T14363]  get_compat_msghdr+0x108/0x2c0
[  662.541643][T14363]  do_recvmmsg+0x1063/0x2120
[  662.546618][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  662.551324][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  662.557896][T14363]  __do_fast_syscall_32+0x96/0xf0
[  662.563223][T14363]  do_fast_syscall_32+0x34/0x70
[  662.568127][T14363]  do_SYSENTER_32+0x1b/0x20
[  662.572854][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  662.579319][T14363] 
[  662.581649][T14363] Uninit was stored to memory at:
[  662.586920][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  662.592257][T14363]  get_compat_msghdr+0x108/0x2c0
[  662.597246][T14363]  do_recvmmsg+0x1063/0x2120
[  662.602232][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  662.606978][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  662.613555][T14363]  __do_fast_syscall_32+0x96/0xf0
[  662.618630][T14363]  do_fast_syscall_32+0x34/0x70
[  662.623808][T14363]  do_SYSENTER_32+0x1b/0x20
[  662.628358][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  662.634931][T14363] 
[  662.637264][T14363] Uninit was stored to memory at:
[  662.642536][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  662.647695][T14363]  get_compat_msghdr+0x108/0x2c0
[  662.652963][T14363]  do_recvmmsg+0x1063/0x2120
[  662.657592][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  662.662485][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  662.668866][T14363]  __do_fast_syscall_32+0x96/0xf0
[  662.674102][T14363]  do_fast_syscall_32+0x34/0x70
[  662.678999][T14363]  do_SYSENTER_32+0x1b/0x20
[  662.683738][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  662.690123][T14363] 
[  662.692646][T14363] Uninit was stored to memory at:
[  662.697737][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  662.703080][T14363]  get_compat_msghdr+0x108/0x2c0
[  662.708070][T14363]  do_recvmmsg+0x1063/0x2120
[  662.712883][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  662.717597][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  662.724167][T14363]  __do_fast_syscall_32+0x96/0xf0
[  662.729239][T14363]  do_fast_syscall_32+0x34/0x70
[  662.734322][T14363]  do_SYSENTER_32+0x1b/0x20
[  662.738867][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  662.745437][T14363] 
[  662.747769][T14363] Uninit was stored to memory at:
[  662.753040][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  662.758205][T14363]  get_compat_msghdr+0x108/0x2c0
[  662.763369][T14363]  do_recvmmsg+0x1063/0x2120
[  662.767997][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  662.772903][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  662.779287][T14363]  __do_fast_syscall_32+0x96/0xf0
[  662.784533][T14363]  do_fast_syscall_32+0x34/0x70
[  662.789453][T14363]  do_SYSENTER_32+0x1b/0x20
[  662.794168][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  662.800551][T14363] 
[  662.803070][T14363] Local variable msg_sys created at:
[  662.808364][T14363]  do_recvmmsg+0xc1/0x2120
[  662.813005][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  663.090392][T14363] not chained 490000 origins
[  663.095347][T14363] CPU: 1 PID: 14363 Comm: syz-executor.4 Not tainted 5.16.0-rc3-syzkaller #0
[  663.104162][T14363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  663.114248][T14363] Call Trace:
[  663.117572][T14363]  <TASK>
[  663.120548][T14363]  dump_stack_lvl+0x1ff/0x28e
[  663.125304][T14363]  dump_stack+0x25/0x28
[  663.129503][T14363]  kmsan_internal_chain_origin+0x7a/0x110
[  663.135286][T14363]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  663.141417][T14363]  ? kmsan_get_metadata+0xa4/0x120
[  663.146585][T14363]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  663.152461][T14363]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  663.158091][T14363]  ? kmsan_get_metadata+0xa4/0x120
[  663.163260][T14363]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  663.169131][T14363]  ? should_fail+0x75/0x9c0
[  663.173689][T14363]  ? kmsan_get_metadata+0xa4/0x120
[  663.178859][T14363]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  663.185162][T14363]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  663.191300][T14363]  ? kmsan_get_metadata+0xa4/0x120
[  663.196476][T14363]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  663.202363][T14363]  __msan_chain_origin+0xbf/0x140
[  663.207490][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  663.212684][T14363]  get_compat_msghdr+0x108/0x2c0
[  663.217701][T14363]  ? __sys_recvmmsg+0x51c/0x6f0
[  663.222596][T14363]  do_recvmmsg+0x1063/0x2120
[  663.227271][T14363]  ? kmsan_get_metadata+0xa4/0x120
[  663.232451][T14363]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  663.238760][T14363]  ? kmsan_get_metadata+0xa4/0x120
[  663.243930][T14363]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  663.250259][T14363]  ? fput+0x82/0x320
[  663.254208][T14363]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  663.260773][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  663.265507][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  663.271903][T14363]  __do_fast_syscall_32+0x96/0xf0
[  663.276983][T14363]  do_fast_syscall_32+0x34/0x70
[  663.281881][T14363]  do_SYSENTER_32+0x1b/0x20
[  663.286427][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  663.292812][T14363] RIP: 0023:0xf6eb3549
[  663.296906][T14363] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  663.316575][T14363] RSP: 002b:00000000f5e8c5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  663.325133][T14363] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  663.333169][T14363] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  663.341169][T14363] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  663.349173][T14363] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  663.357175][T14363] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  663.365208][T14363]  </TASK>
[  663.371992][T14363] Uninit was stored to memory at:
[  663.377100][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  663.382894][T14363]  get_compat_msghdr+0x108/0x2c0
[  663.387893][T14363]  do_recvmmsg+0x1063/0x2120
[  663.392672][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  663.397389][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  663.403954][T14363]  __do_fast_syscall_32+0x96/0xf0
[  663.409032][T14363]  do_fast_syscall_32+0x34/0x70
[  663.414093][T14363]  do_SYSENTER_32+0x1b/0x20
[  663.418644][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  663.425198][T14363] 
[  663.427534][T14363] Uninit was stored to memory at:
[  663.432746][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  663.437905][T14363]  get_compat_msghdr+0x108/0x2c0
[  663.443092][T14363]  do_recvmmsg+0x1063/0x2120
[  663.447730][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  663.452586][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  663.458976][T14363]  __do_fast_syscall_32+0x96/0xf0
[  663.464177][T14363]  do_fast_syscall_32+0x34/0x70
[  663.469074][T14363]  do_SYSENTER_32+0x1b/0x20
[  663.473750][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  663.480132][T14363] 
[  663.482589][T14363] Uninit was stored to memory at:
[  663.487681][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  663.493046][T14363]  get_compat_msghdr+0x108/0x2c0
[  663.498031][T14363]  do_recvmmsg+0x1063/0x2120
[  663.502776][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  663.507490][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  663.514005][T14363]  __do_fast_syscall_32+0x96/0xf0
[  663.519073][T14363]  do_fast_syscall_32+0x34/0x70
[  663.524096][T14363]  do_SYSENTER_32+0x1b/0x20
[  663.528639][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  663.535158][T14363] 
[  663.537492][T14363] Uninit was stored to memory at:
[  663.542714][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  663.547874][T14363]  get_compat_msghdr+0x108/0x2c0
[  663.553033][T14363]  do_recvmmsg+0x1063/0x2120
[  663.557666][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  663.562511][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  663.568902][T14363]  __do_fast_syscall_32+0x96/0xf0
[  663.574118][T14363]  do_fast_syscall_32+0x34/0x70
[  663.579022][T14363]  do_SYSENTER_32+0x1b/0x20
[  663.583691][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  663.591933][T14363] 
[  663.594264][T14363] Uninit was stored to memory at:
[  663.599363][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  663.604913][T14363]  get_compat_msghdr+0x108/0x2c0
[  663.609914][T14363]  do_recvmmsg+0x1063/0x2120
[  663.614673][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  663.619410][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  663.625957][T14363]  __do_fast_syscall_32+0x96/0xf0
[  663.631036][T14363]  do_fast_syscall_32+0x34/0x70
[  663.636069][T14363]  do_SYSENTER_32+0x1b/0x20
[  663.640621][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  663.647143][T14363] 
[  663.649481][T14363] Uninit was stored to memory at:
[  663.654711][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  663.659868][T14363]  get_compat_msghdr+0x108/0x2c0
[  663.664990][T14363]  do_recvmmsg+0x1063/0x2120
[  663.669626][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  663.674475][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  663.680862][T14363]  __do_fast_syscall_32+0x96/0xf0
[  663.686070][T14363]  do_fast_syscall_32+0x34/0x70
[  663.690966][T14363]  do_SYSENTER_32+0x1b/0x20
[  663.695638][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  663.702123][T14363] 
[  663.704462][T14363] Uninit was stored to memory at:
[  663.709552][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  663.714837][T14363]  get_compat_msghdr+0x108/0x2c0
[  663.719821][T14363]  do_recvmmsg+0x1063/0x2120
[  663.724570][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  663.729284][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  663.735790][T14363]  __do_fast_syscall_32+0x96/0xf0
[  663.740863][T14363]  do_fast_syscall_32+0x34/0x70
[  663.745885][T14363]  do_SYSENTER_32+0x1b/0x20
[  663.750438][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  663.756943][T14363] 
[  663.759289][T14363] Local variable msg_sys created at:
[  663.764702][T14363]  do_recvmmsg+0xc1/0x2120
[  663.769154][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  664.530883][T14363] not chained 500000 origins
[  664.535791][T14363] CPU: 0 PID: 14363 Comm: syz-executor.4 Not tainted 5.16.0-rc3-syzkaller #0
[  664.544605][T14363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  664.554698][T14363] Call Trace:
[  664.557999][T14363]  <TASK>
[  664.560952][T14363]  dump_stack_lvl+0x1ff/0x28e
[  664.565687][T14363]  dump_stack+0x25/0x28
[  664.569887][T14363]  kmsan_internal_chain_origin+0x7a/0x110
[  664.575758][T14363]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  664.581889][T14363]  ? kmsan_get_metadata+0xa4/0x120
[  664.587101][T14363]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  664.592983][T14363]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  664.598591][T14363]  ? kmsan_get_metadata+0xa4/0x120
[  664.603759][T14363]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  664.609631][T14363]  ? should_fail+0x75/0x9c0
[  664.614196][T14363]  ? kmsan_get_metadata+0xa4/0x120
[  664.619366][T14363]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  664.625663][T14363]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  664.631790][T14363]  ? kmsan_get_metadata+0xa4/0x120
[  664.637047][T14363]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  664.642927][T14363]  __msan_chain_origin+0xbf/0x140
[  664.648008][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  664.653185][T14363]  get_compat_msghdr+0x108/0x2c0
[  664.658181][T14363]  ? __sys_recvmmsg+0x51c/0x6f0
[  664.663072][T14363]  do_recvmmsg+0x1063/0x2120
[  664.667724][T14363]  ? kmsan_get_metadata+0xa4/0x120
[  664.672900][T14363]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  664.679205][T14363]  ? kmsan_get_metadata+0xa4/0x120
[  664.684371][T14363]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  664.690678][T14363]  ? fput+0x82/0x320
[  664.694621][T14363]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  664.701181][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  664.705887][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  664.712303][T14363]  __do_fast_syscall_32+0x96/0xf0
[  664.717374][T14363]  do_fast_syscall_32+0x34/0x70
[  664.722254][T14363]  do_SYSENTER_32+0x1b/0x20
[  664.726799][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  664.733154][T14363] RIP: 0023:0xf6eb3549
[  664.737243][T14363] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  664.756872][T14363] RSP: 002b:00000000f5e8c5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  664.765326][T14363] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  664.773331][T14363] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  664.781323][T14363] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  664.789305][T14363] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  664.797293][T14363] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  664.805287][T14363]  </TASK>
[  664.812131][T14363] Uninit was stored to memory at:
[  664.817259][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  664.823114][T14363]  get_compat_msghdr+0x108/0x2c0
[  664.828102][T14363]  do_recvmmsg+0x1063/0x2120
[  664.832892][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  664.837608][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  664.844157][T14363]  __do_fast_syscall_32+0x96/0xf0
[  664.849252][T14363]  do_fast_syscall_32+0x34/0x70
[  664.854310][T14363]  do_SYSENTER_32+0x1b/0x20
[  664.858881][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  664.865417][T14363] 
[  664.867747][T14363] Uninit was stored to memory at:
[  664.873103][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  664.878262][T14363]  get_compat_msghdr+0x108/0x2c0
[  664.883412][T14363]  do_recvmmsg+0x1063/0x2120
[  664.888045][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  664.892912][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  664.899295][T14363]  __do_fast_syscall_32+0x96/0xf0
[  664.904524][T14363]  do_fast_syscall_32+0x34/0x70
[  664.909419][T14363]  do_SYSENTER_32+0x1b/0x20
[  664.914125][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  664.920506][T14363] 
[  664.922987][T14363] Uninit was stored to memory at:
[  664.928080][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  664.933390][T14363]  get_compat_msghdr+0x108/0x2c0
[  664.938369][T14363]  do_recvmmsg+0x1063/0x2120
[  664.943150][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  664.947866][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  664.954402][T14363]  __do_fast_syscall_32+0x96/0xf0
[  664.959474][T14363]  do_fast_syscall_32+0x34/0x70
[  664.964911][T14363]  do_SYSENTER_32+0x1b/0x20
[  664.969460][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  664.976008][T14363] 
[  664.978341][T14363] Uninit was stored to memory at:
[  664.983579][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  664.988740][T14363]  get_compat_msghdr+0x108/0x2c0
[  664.993884][T14363]  do_recvmmsg+0x1063/0x2120
[  664.998509][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  665.003378][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  665.009765][T14363]  __do_fast_syscall_32+0x96/0xf0
[  665.014992][T14363]  do_fast_syscall_32+0x34/0x70
[  665.019889][T14363]  do_SYSENTER_32+0x1b/0x20
[  665.024596][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  665.030986][T14363] 
[  665.033480][T14363] Uninit was stored to memory at:
[  665.038570][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  665.043912][T14363]  get_compat_msghdr+0x108/0x2c0
[  665.049017][T14363]  do_recvmmsg+0x1063/0x2120
[  665.053840][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  665.058554][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  665.065100][T14363]  __do_fast_syscall_32+0x96/0xf0
[  665.070177][T14363]  do_fast_syscall_32+0x34/0x70
[  665.075277][T14363]  do_SYSENTER_32+0x1b/0x20
[  665.079844][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  665.086409][T14363] 
[  665.088738][T14363] Uninit was stored to memory at:
[  665.094030][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  665.099191][T14363]  get_compat_msghdr+0x108/0x2c0
[  665.104380][T14363]  do_recvmmsg+0x1063/0x2120
[  665.109011][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  665.114010][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  665.120395][T14363]  __do_fast_syscall_32+0x96/0xf0
[  665.125659][T14363]  do_fast_syscall_32+0x34/0x70
[  665.130546][T14363]  do_SYSENTER_32+0x1b/0x20
[  665.135288][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  665.141660][T14363] 
[  665.144173][T14363] Uninit was stored to memory at:
[  665.149250][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  665.154579][T14363]  get_compat_msghdr+0x108/0x2c0
[  665.159563][T14363]  do_recvmmsg+0x1063/0x2120
[  665.164397][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  665.169137][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  665.175672][T14363]  __do_fast_syscall_32+0x96/0xf0
[  665.180739][T14363]  do_fast_syscall_32+0x34/0x70
[  665.185827][T14363]  do_SYSENTER_32+0x1b/0x20
[  665.190372][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  665.196926][T14363] 
[  665.199263][T14363] Local variable msg_sys created at:
[  665.204762][T14363]  do_recvmmsg+0xc1/0x2120
[  665.209212][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  665.385455][T14363] not chained 510000 origins
[  665.390101][T14363] CPU: 0 PID: 14363 Comm: syz-executor.4 Not tainted 5.16.0-rc3-syzkaller #0
[  665.398882][T14363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  665.408949][T14363] Call Trace:
[  665.412232][T14363]  <TASK>
[  665.415172][T14363]  dump_stack_lvl+0x1ff/0x28e
[  665.419877][T14363]  dump_stack+0x25/0x28
[  665.424047][T14363]  kmsan_internal_chain_origin+0x7a/0x110
[  665.429819][T14363]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  665.435929][T14363]  ? kmsan_get_metadata+0xa4/0x120
[  665.441072][T14363]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  665.446911][T14363]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  665.452505][T14363]  ? kmsan_get_metadata+0xa4/0x120
[  665.457735][T14363]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  665.463602][T14363]  ? should_fail+0x75/0x9c0
[  665.468158][T14363]  ? kmsan_get_metadata+0xa4/0x120
[  665.473326][T14363]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  665.479621][T14363]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  665.485822][T14363]  ? kmsan_get_metadata+0xa4/0x120
[  665.490980][T14363]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  665.496862][T14363]  __msan_chain_origin+0xbf/0x140
[  665.501923][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  665.507093][T14363]  get_compat_msghdr+0x108/0x2c0
[  665.512061][T14363]  ? __sys_recvmmsg+0x51c/0x6f0
[  665.516948][T14363]  do_recvmmsg+0x1063/0x2120
[  665.521639][T14363]  ? kmsan_get_metadata+0xa4/0x120
[  665.526804][T14363]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  665.533101][T14363]  ? kmsan_get_metadata+0xa4/0x120
[  665.538260][T14363]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  665.544539][T14363]  ? fput+0x82/0x320
[  665.548478][T14363]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  665.555040][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  665.559743][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  665.566113][T14363]  __do_fast_syscall_32+0x96/0xf0
[  665.571188][T14363]  do_fast_syscall_32+0x34/0x70
[  665.576077][T14363]  do_SYSENTER_32+0x1b/0x20
[  665.580602][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  665.586950][T14363] RIP: 0023:0xf6eb3549
[  665.591069][T14363] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  665.610696][T14363] RSP: 002b:00000000f5e8c5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  665.619153][T14363] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  665.627141][T14363] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  665.635127][T14363] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  665.643124][T14363] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  665.651115][T14363] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  665.659121][T14363]  </TASK>
[  665.665146][T14363] Uninit was stored to memory at:
[  665.670247][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  665.676446][T14363]  get_compat_msghdr+0x108/0x2c0
[  665.681441][T14363]  do_recvmmsg+0x1063/0x2120
[  665.686325][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  665.691036][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  665.697514][T14363]  __do_fast_syscall_32+0x96/0xf0
[  665.702681][T14363]  do_fast_syscall_32+0x34/0x70
[  665.707577][T14363]  do_SYSENTER_32+0x1b/0x20
[  665.712203][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  665.718576][T14363] 
[  665.720927][T14363] Uninit was stored to memory at:
[  665.726138][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  665.731296][T14363]  get_compat_msghdr+0x108/0x2c0
[  665.736439][T14363]  do_recvmmsg+0x1063/0x2120
[  665.741069][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  665.745963][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  665.752493][T14363]  __do_fast_syscall_32+0x96/0xf0
[  665.757564][T14363]  do_fast_syscall_32+0x34/0x70
[  665.762606][T14363]  do_SYSENTER_32+0x1b/0x20
[  665.767176][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  665.773693][T14363] 
[  665.776021][T14363] Uninit was stored to memory at:
[  665.781111][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  665.786425][T14363]  get_compat_msghdr+0x108/0x2c0
[  665.791408][T14363]  do_recvmmsg+0x1063/0x2120
[  665.796190][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  665.800900][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  665.807455][T14363]  __do_fast_syscall_32+0x96/0xf0
[  665.812695][T14363]  do_fast_syscall_32+0x34/0x70
[  665.817590][T14363]  do_SYSENTER_32+0x1b/0x20
[  665.822281][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  665.828656][T14363] 
[  665.830983][T14363] Uninit was stored to memory at:
[  665.836225][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  665.841378][T14363]  get_compat_msghdr+0x108/0x2c0
[  665.846533][T14363]  do_recvmmsg+0x1063/0x2120
[  665.851162][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  665.856038][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  665.862620][T14363]  __do_fast_syscall_32+0x96/0xf0
[  665.867691][T14363]  do_fast_syscall_32+0x34/0x70
[  665.872786][T14363]  do_SYSENTER_32+0x1b/0x20
[  665.877330][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  665.883869][T14363] 
[  665.886202][T14363] Uninit was stored to memory at:
[  665.891283][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  665.896636][T14363]  get_compat_msghdr+0x108/0x2c0
[  665.901619][T14363]  do_recvmmsg+0x1063/0x2120
[  665.906388][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  665.911104][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  665.917649][T14363]  __do_fast_syscall_32+0x96/0xf0
[  665.922921][T14363]  do_fast_syscall_32+0x34/0x70
[  665.927814][T14363]  do_SYSENTER_32+0x1b/0x20
[  665.932564][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  665.938936][T14363] 
[  665.941266][T14363] Uninit was stored to memory at:
[  665.946540][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  665.951872][T14363]  get_compat_msghdr+0x108/0x2c0
[  665.956860][T14363]  do_recvmmsg+0x1063/0x2120
[  665.961491][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  665.966381][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  665.972937][T14363]  __do_fast_syscall_32+0x96/0xf0
[  665.978010][T14363]  do_fast_syscall_32+0x34/0x70
[  665.983105][T14363]  do_SYSENTER_32+0x1b/0x20
[  665.987648][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  665.994234][T14363] 
[  665.996566][T14363] Uninit was stored to memory at:
[  666.001642][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  666.006972][T14363]  get_compat_msghdr+0x108/0x2c0
[  666.012142][T14363]  do_recvmmsg+0x1063/0x2120
[  666.016769][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  666.021476][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  666.028025][T14363]  __do_fast_syscall_32+0x96/0xf0
[  666.033294][T14363]  do_fast_syscall_32+0x34/0x70
[  666.038185][T14363]  do_SYSENTER_32+0x1b/0x20
[  666.042907][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  666.049279][T14363] 
[  666.051607][T14363] Local variable msg_sys created at:
[  666.057061][T14363]  do_recvmmsg+0xc1/0x2120
[  666.061508][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  666.225415][T14363] not chained 520000 origins
[  666.230117][T14363] CPU: 1 PID: 14363 Comm: syz-executor.4 Not tainted 5.16.0-rc3-syzkaller #0
[  666.238897][T14363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  666.248957][T14363] Call Trace:
[  666.252275][T14363]  <TASK>
[  666.255234][T14363]  dump_stack_lvl+0x1ff/0x28e
[  666.259939][T14363]  dump_stack+0x25/0x28
[  666.264107][T14363]  kmsan_internal_chain_origin+0x7a/0x110
[  666.269888][T14363]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  666.275983][T14363]  ? kmsan_get_metadata+0xa4/0x120
[  666.281125][T14363]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  666.286998][T14363]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  666.292577][T14363]  ? kmsan_get_metadata+0xa4/0x120
[  666.297715][T14363]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  666.303559][T14363]  ? should_fail+0x75/0x9c0
[  666.308087][T14363]  ? kmsan_get_metadata+0xa4/0x120
[  666.313264][T14363]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  666.319533][T14363]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  666.325646][T14363]  ? kmsan_get_metadata+0xa4/0x120
[  666.330820][T14363]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  666.336682][T14363]  __msan_chain_origin+0xbf/0x140
[  666.341750][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  666.346918][T14363]  get_compat_msghdr+0x108/0x2c0
[  666.351887][T14363]  ? __sys_recvmmsg+0x51c/0x6f0
[  666.356754][T14363]  do_recvmmsg+0x1063/0x2120
[  666.361381][T14363]  ? kmsan_get_metadata+0xa4/0x120
[  666.366537][T14363]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  666.372825][T14363]  ? kmsan_get_metadata+0xa4/0x120
[  666.377971][T14363]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  666.384259][T14363]  ? fput+0x82/0x320
[  666.388204][T14363]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  666.394749][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  666.399466][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  666.405846][T14363]  __do_fast_syscall_32+0x96/0xf0
[  666.410902][T14363]  do_fast_syscall_32+0x34/0x70
[  666.415777][T14363]  do_SYSENTER_32+0x1b/0x20
[  666.420296][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  666.426651][T14363] RIP: 0023:0xf6eb3549
[  666.430727][T14363] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  666.450354][T14363] RSP: 002b:00000000f5e8c5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  666.458802][T14363] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  666.466795][T14363] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  666.474783][T14363] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  666.482760][T14363] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  666.490750][T14363] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  666.498748][T14363]  </TASK>
[  666.505534][T14363] Uninit was stored to memory at:
[  666.510647][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  666.516491][T14363]  get_compat_msghdr+0x108/0x2c0
[  666.521488][T14363]  do_recvmmsg+0x1063/0x2120
[  666.526308][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  666.531026][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  666.537618][T14363]  __do_fast_syscall_32+0x96/0xf0
[  666.542884][T14363]  do_fast_syscall_32+0x34/0x70
[  666.547778][T14363]  do_SYSENTER_32+0x1b/0x20
[  666.552510][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  666.558890][T14363] 
[  666.561303][T14363] Uninit was stored to memory at:
[  666.566586][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  666.571905][T14363]  get_compat_msghdr+0x108/0x2c0
[  666.576892][T14363]  do_recvmmsg+0x1063/0x2120
[  666.581515][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  666.586425][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  666.592994][T14363]  __do_fast_syscall_32+0x96/0xf0
[  666.598066][T14363]  do_fast_syscall_32+0x34/0x70
[  666.603135][T14363]  do_SYSENTER_32+0x1b/0x20
[  666.607680][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  666.614253][T14363] 
[  666.616586][T14363] Uninit was stored to memory at:
[  666.621671][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  666.627004][T14363]  get_compat_msghdr+0x108/0x2c0
[  666.632167][T14363]  do_recvmmsg+0x1063/0x2120
[  666.636786][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  666.641488][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  666.648066][T14363]  __do_fast_syscall_32+0x96/0xf0
[  666.653298][T14363]  do_fast_syscall_32+0x34/0x70
[  666.658211][T14363]  do_SYSENTER_32+0x1b/0x20
[  666.662951][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  666.669326][T14363] 
[  666.671661][T14363] Uninit was stored to memory at:
[  666.676935][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  666.682281][T14363]  get_compat_msghdr+0x108/0x2c0
[  666.687272][T14363]  do_recvmmsg+0x1063/0x2120
[  666.692084][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  666.696797][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  666.703359][T14363]  __do_fast_syscall_32+0x96/0xf0
[  666.708427][T14363]  do_fast_syscall_32+0x34/0x70
[  666.713513][T14363]  do_SYSENTER_32+0x1b/0x20
[  666.718060][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  666.724623][T14363] 
[  666.726958][T14363] Uninit was stored to memory at:
[  666.732240][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  666.737400][T14363]  get_compat_msghdr+0x108/0x2c0
[  666.742559][T14363]  do_recvmmsg+0x1063/0x2120
[  666.747186][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  666.752057][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  666.758432][T14363]  __do_fast_syscall_32+0x96/0xf0
[  666.763596][T14363]  do_fast_syscall_32+0x34/0x70
[  666.768497][T14363]  do_SYSENTER_32+0x1b/0x20
[  666.773244][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  666.779623][T14363] 
[  666.782133][T14363] Uninit was stored to memory at:
[  666.787221][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  666.792540][T14363]  get_compat_msghdr+0x108/0x2c0
[  666.797524][T14363]  do_recvmmsg+0x1063/0x2120
[  666.802265][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  666.806973][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  666.813548][T14363]  __do_fast_syscall_32+0x96/0xf0
[  666.818608][T14363]  do_fast_syscall_32+0x34/0x70
[  666.823715][T14363]  do_SYSENTER_32+0x1b/0x20
[  666.828259][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  666.834875][T14363] 
[  666.837222][T14363] Uninit was stored to memory at:
[  666.842515][T14363]  __get_compat_msghdr+0x6e1/0x9d0
[  666.847667][T14363]  get_compat_msghdr+0x108/0x2c0
[  666.852883][T14363]  do_recvmmsg+0x1063/0x2120
[  666.857509][T14363]  __sys_recvmmsg+0x51c/0x6f0
[  666.862408][T14363]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  666.868793][T14363]  __do_fast_syscall_32+0x96/0xf0
[  666.874101][T14363]  do_fast_syscall_32+0x34/0x70
[  666.878997][T14363]  do_SYSENTER_32+0x1b/0x20
[  666.883726][T14363]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  666.890107][T14363] 
[  666.892626][T14363] Local variable msg_sys created at:
[  666.897918][T14363]  do_recvmmsg+0xc1/0x2120
[  666.902560][T14363]  __sys_recvmmsg+0x51c/0x6f0
02:11:29 executing program 4:
mknod$loop(&(0x7f0000002cc0)='./bus\x00', 0x6000, 0x0)
r0 = open(&(0x7f0000000780)='./bus\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x1ffff000, 0x0, 0x4002011, r0, 0x0)

02:11:29 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000440)=ANY=[@ANYBLOB="61124c000000000061134c0000000000bf2000000000000007030000151b00093d030100000000009500000000000000bc26000000000000bf67000000000000070600000fff07006706000003000000160600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cbf843dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe703057593d5cbcd6a12176efc246beef484bd66a2ee0cced3c0a037b8bdcd855cb40be258"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74)

02:11:29 executing program 0:
r0 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', 0x0})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r2=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000000c0)={'ip6tnl0\x00', &(0x7f0000000000)={'syztnl1\x00', r2, 0x0, 0x0, 0x0, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2={0xff, 0x3}}})

02:11:29 executing program 5:
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r1 = open(&(0x7f0000000280)='./file0\x00', 0x3fc, 0x0)
flock(r1, 0x1)
r2 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
flock(r2, 0x2)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
dup2(r3, r2)

02:11:29 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
socket$inet_tcp(0x2, 0x1, 0x0)
bind$packet(r2, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x14)
sendto$inet6(r2, &(0x7f0000000280)="4103092c8b03480401020200c52cf7c25975e005b02f0800eb2b2ff0dac8897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305f80a88161b6fd8f24286a57c3feffff", 0xfc13, 0x800, 0x0, 0x2f)
ppoll(&(0x7f0000000080)=[{r1}], 0x1, &(0x7f0000000100), 0x0, 0x0)

02:11:29 executing program 1:
mremap(&(0x7f0000005000/0x4000)=nil, 0x4000, 0x1000, 0x0, &(0x7f0000003000/0x1000)=nil)
mlock2(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0)
prlimit64(0x0, 0x9, &(0x7f0000000140), 0x0)
syz_io_uring_setup(0x2dde, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000006000/0x2000)=nil, &(0x7f0000000100), &(0x7f0000000140))

02:11:29 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'bridge0\x00', <r3=>0x0})
bind$packet(r2, &(0x7f0000000040)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @dev}, 0x14)
sendto$inet6(r2, &(0x7f0000000280)="4103092c8b03480401020200c52cf7c25975e005b02f0800eb2b2ff0dac8897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305f80a88161b6fd8f24286a57c3feffff", 0xfc13, 0x800, 0x0, 0x2f)
ppoll(&(0x7f0000000080)=[{r1}], 0x1, &(0x7f0000000100), 0x0, 0x0)

02:11:29 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000440)=ANY=[@ANYBLOB="61124c000000000061134c0000000000bf2000000000000007030000151b00093d030100000000009500000000000000bc26000000000000bf67000000000000070600000fff07006706000003000000160600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cbf843dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe703057593d5cbcd6a12176efc246beef484bd66a2ee0cced3c0a037b8bdcd855cb40be258"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74)

02:11:29 executing program 1:
mremap(&(0x7f0000005000/0x4000)=nil, 0x4000, 0x1000, 0x0, &(0x7f0000003000/0x1000)=nil)
mlock2(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0)
syz_io_uring_setup(0x2dde, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000006000/0x2000)=nil, &(0x7f0000000100), &(0x7f0000000140))

02:11:30 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x213)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@ipv6_getroute={0x24, 0x1a, 0x1, 0x0, 0x0, {0x2}, [@RTA_EXPIRES={0x8, 0x5}]}, 0x24}}, 0x0)

02:11:30 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x40, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000240)={0x0, <r2=>0x0}, &(0x7f0000000280)=0x5)
setuid(r2)
unshare(0x400)
ioctl$FS_IOC_MEASURE_VERITY(r0, 0x6609, 0x0)

02:11:30 executing program 1:
mremap(&(0x7f0000005000/0x4000)=nil, 0x4000, 0x1000, 0x0, &(0x7f0000003000/0x1000)=nil)
mlock2(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0)
syz_io_uring_setup(0x2dde, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000006000/0x2000)=nil, &(0x7f0000000100), &(0x7f0000000140))

02:11:30 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'bridge0\x00', <r3=>0x0})
bind$packet(r2, &(0x7f0000000040)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @dev}, 0x14)
sendto$inet6(r2, &(0x7f0000000280)="4103092c8b03480401020200c52cf7c25975e005b02f0800eb2b2ff0dac8897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305f80a88161b6fd8f24286a57c3feffff", 0xfc13, 0x800, 0x0, 0x2f)
ppoll(&(0x7f0000000080)=[{r1}], 0x1, &(0x7f0000000100), 0x0, 0x0)

02:11:30 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000440)=ANY=[@ANYBLOB="61124c000000000061134c0000000000bf2000000000000007030000151b00093d030100000000009500000000000000bc26000000000000bf67000000000000070600000fff07006706000003000000160600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cbf843dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe703057593d5cbcd6a12176efc246beef484bd66a2ee0cced3c0a037b8bdcd855cb40be258"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74)

02:11:30 executing program 0:
r0 = perf_event_open(&(0x7f0000000500)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x317d, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f000025c000)={0x400000001, 0x80, 0x2005, 0x0, 0x0, 0x0, 0x0, 0x1, 0xa8094, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r2, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, r2)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r3, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f0000000040)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x2400067e, &(0x7f0000000100)={0x2, 0x10004e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10)
sendto$inet(r4, &(0x7f0000d7cfcb), 0xffffffffffffffef, 0x0, 0x0, 0x53)

02:11:30 executing program 5:
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000000), 0x4)
r0 = epoll_create1(0x0)
r1 = socket(0x2, 0x80802, 0x0)
shutdown(r1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000c85000)={0xa000201a})
epoll_wait(r0, &(0x7f0000000000)=[{}], 0x1, 0x0)

02:11:31 executing program 4:
prlimit64(0x0, 0x7, &(0x7f0000000080), 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)

02:11:31 executing program 1:
mremap(&(0x7f0000005000/0x4000)=nil, 0x4000, 0x1000, 0x0, &(0x7f0000003000/0x1000)=nil)
mlock2(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0)
syz_io_uring_setup(0x2dde, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000006000/0x2000)=nil, &(0x7f0000000100), &(0x7f0000000140))

02:11:31 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000440)=ANY=[@ANYBLOB="61124c000000000061134c0000000000bf2000000000000007030000151b00093d030100000000009500000000000000bc26000000000000bf67000000000000070600000fff07006706000003000000160600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cbf843dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe703057593d5cbcd6a12176efc246beef484bd66a2ee0cced3c0a037b8bdcd855cb40be258e1f778bc66d5242a57fa866fdce74af0f7c7ccc831046d281b11a6c775d9289bc996260ea61e61b578db4c93"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74)

02:11:31 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'bridge0\x00', <r3=>0x0})
bind$packet(r2, &(0x7f0000000040)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @dev}, 0x14)
sendto$inet6(r2, &(0x7f0000000280)="4103092c8b03480401020200c52cf7c25975e005b02f0800eb2b2ff0dac8897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305f80a88161b6fd8f24286a57c3feffff", 0xfc13, 0x800, 0x0, 0x2f)
ppoll(&(0x7f0000000080)=[{r1}], 0x1, &(0x7f0000000100), 0x0, 0x0)

02:11:31 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_GET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={0x38, r1, 0x1, 0x0, 0x0, {0x9}, [@TIPC_NLA_LINK={0x24, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x4}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}]}]}, 0x38}}, 0x0)

02:11:31 executing program 1:
mremap(&(0x7f0000005000/0x4000)=nil, 0x4000, 0x1000, 0x0, &(0x7f0000003000/0x1000)=nil)
prlimit64(0x0, 0x9, &(0x7f0000000140), 0x0)
syz_io_uring_setup(0x2dde, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000006000/0x2000)=nil, &(0x7f0000000100), &(0x7f0000000140))

02:11:31 executing program 4:
unshare(0x400)
r0 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x0)
ioctl$EVIOCGMASK(r0, 0x80104592, &(0x7f00000000c0)={0x0, 0x9, &(0x7f0000000100)="c9ca41fc0006504fe4"})

02:11:31 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000440)=ANY=[@ANYBLOB="61124c000000000061134c0000000000bf2000000000000007030000151b00093d030100000000009500000000000000bc26000000000000bf67000000000000070600000fff07006706000003000000160600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cbf843dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe703057593d5cbcd6a12176efc246beef484bd66a2ee0cced3c0a037b8bdcd855cb40be258e1f778bc66d5242a57fa866fdce74af0f7c7ccc831046d281b11a6c775d9289bc996260ea61e61b578db4c93"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74)

[  669.139183][T14482] netlink: 'syz-executor.5': attribute type 2 has an invalid length.
02:11:31 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000240)={'bridge0\x00', <r4=>0x0})
bind$packet(r2, &(0x7f0000000040)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @dev}, 0x14)
sendto$inet6(r2, &(0x7f0000000280)="4103092c8b03480401020200c52cf7c25975e005b02f0800eb2b2ff0dac8897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305f80a88161b6fd8f24286a57c3feffff", 0xfc13, 0x800, 0x0, 0x2f)
ppoll(&(0x7f0000000080)=[{r1}], 0x1, &(0x7f0000000100), 0x0, 0x0)

[  669.238479][T14484] netlink: 'syz-executor.5': attribute type 2 has an invalid length.
02:11:32 executing program 5:
syz_emit_ethernet(0x2a, &(0x7f0000000040)={@multicast, @random="f83b005a8a26", @void, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x2, @random="2bb654cd7e8f", @empty, @link_local, @private=0xa010102}}}}, 0x0)

02:11:32 executing program 0:
r0 = perf_event_open(&(0x7f0000000500)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x317d, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f000025c000)={0x400000001, 0x80, 0x2005, 0x0, 0x0, 0x0, 0x0, 0x1, 0xa8094, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r2, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, r2)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r3, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f0000000040)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x2400067e, &(0x7f0000000100)={0x2, 0x10004e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10)
sendto$inet(r4, &(0x7f0000d7cfcb), 0xffffffffffffffef, 0x0, 0x0, 0x53)

02:11:32 executing program 1:
mremap(&(0x7f0000005000/0x4000)=nil, 0x4000, 0x1000, 0x0, &(0x7f0000003000/0x1000)=nil)
prlimit64(0x0, 0x9, &(0x7f0000000140), 0x0)
syz_io_uring_setup(0x2dde, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000006000/0x2000)=nil, &(0x7f0000000100), &(0x7f0000000140))

02:11:32 executing program 4:
perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x0)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="12010000000000402609333300000000000109022400010000000009040000090300000009210000000122290009058103", @ANYRES32=r0], 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io(r1, &(0x7f0000001080)={0x2c, &(0x7f0000000280)=ANY=[@ANYBLOB='\x00\x00)'], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_ep_write(r1, 0x0, 0x1, &(0x7f00000000c0)='B')

02:11:32 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000240)={'bridge0\x00', <r4=>0x0})
bind$packet(r2, &(0x7f0000000040)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @dev}, 0x14)
sendto$inet6(r2, &(0x7f0000000280)="4103092c8b03480401020200c52cf7c25975e005b02f0800eb2b2ff0dac8897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305f80a88161b6fd8f24286a57c3feffff", 0xfc13, 0x800, 0x0, 0x2f)
ppoll(&(0x7f0000000080)=[{r1}], 0x1, &(0x7f0000000100), 0x0, 0x0)

02:11:32 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000440)=ANY=[@ANYBLOB="61124c000000000061134c0000000000bf2000000000000007030000151b00093d030100000000009500000000000000bc26000000000000bf67000000000000070600000fff07006706000003000000160600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cbf843dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe703057593d5cbcd6a12176efc246beef484bd66a2ee0cced3c0a037b8bdcd855cb40be258e1f778bc66d5242a57fa866fdce74af0f7c7ccc831046d281b11a6c775d9289bc996260ea61e61b578db4c93"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74)

02:11:32 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000040)=0x820100)

02:11:33 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000440)=ANY=[@ANYBLOB="61124c000000000061134c0000000000bf2000000000000007030000151b00093d030100000000009500000000000000bc26000000000000bf67000000000000070600000fff07006706000003000000160600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cbf843dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe703057593d5cbcd6a12176efc246beef484bd66a2ee0cced3c0a037b8bdcd855cb40be258e1f778bc66d5242a57fa866fdce74af0f7c7ccc831046d281b11a6c775d9289bc996260ea61e61b578db4c93768e92c4ba2100f476c0cdfb205248ed39248013fc4c"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74)

02:11:33 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000240)={'bridge0\x00', <r4=>0x0})
bind$packet(r2, &(0x7f0000000040)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @dev}, 0x14)
sendto$inet6(r2, &(0x7f0000000280)="4103092c8b03480401020200c52cf7c25975e005b02f0800eb2b2ff0dac8897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305f80a88161b6fd8f24286a57c3feffff", 0xfc13, 0x800, 0x0, 0x2f)
ppoll(&(0x7f0000000080)=[{r1}], 0x1, &(0x7f0000000100), 0x0, 0x0)

[  670.403281][ T8339] usb 5-1: new high-speed USB device number 94 using dummy_hcd
02:11:33 executing program 1:
mremap(&(0x7f0000005000/0x4000)=nil, 0x4000, 0x1000, 0x0, &(0x7f0000003000/0x1000)=nil)
prlimit64(0x0, 0x9, &(0x7f0000000140), 0x0)
syz_io_uring_setup(0x2dde, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000006000/0x2000)=nil, &(0x7f0000000100), &(0x7f0000000140))

02:11:33 executing program 5:
mkdir(0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
write$P9_RVERSION(r1, &(0x7f0000000580)=ANY=[], 0x15)
r2 = dup(r1)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
openat(r2, &(0x7f0000000080)='./file0\x00', 0x0, 0xa8)
r3 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r3, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x4924924924927be, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
clock_gettime(0x0, &(0x7f0000006f80))
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200003, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000e2f4655fe2f4655f0100ffff53ef010001000000e1f4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000fc8e0b4946704d25a0f18393550c433b010040", 0x1f, 0x4e0}, {&(0x7f0000010400)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f00000000c0)="ed41000000100000e1f4655fe2f4655fe2016658b100dac7280900b8815c8f886941", 0x22, 0x4400}], 0x0, &(0x7f0000000040))
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB="0010"])

[  670.773865][ T8339] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  670.788498][ T8339] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  670.802346][ T8339] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.00
[  670.811583][ T8339] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
02:11:33 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000240)={'bridge0\x00', <r3=>0x0})
bind$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @dev}, 0x14)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000280)="4103092c8b03480401020200c52cf7c25975e005b02f0800eb2b2ff0dac8897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305f80a88161b6fd8f24286a57c3feffff", 0xfc13, 0x800, 0x0, 0x2f)
ppoll(&(0x7f0000000080)=[{r1}], 0x1, &(0x7f0000000100), 0x0, 0x0)

02:11:33 executing program 0:
r0 = perf_event_open(&(0x7f0000000500)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x317d, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f000025c000)={0x400000001, 0x80, 0x2005, 0x0, 0x0, 0x0, 0x0, 0x1, 0xa8094, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r2, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, r2)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r3, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f0000000040)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x2400067e, &(0x7f0000000100)={0x2, 0x10004e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10)
sendto$inet(r4, &(0x7f0000d7cfcb), 0xffffffffffffffef, 0x0, 0x0, 0x53)

02:11:33 executing program 1:
mlock2(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0)
prlimit64(0x0, 0x9, &(0x7f0000000140), 0x0)
syz_io_uring_setup(0x2dde, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000006000/0x2000)=nil, &(0x7f0000000100), &(0x7f0000000140))

[  671.019990][ T8339] usb 5-1: config 0 descriptor??
02:11:33 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000440)=ANY=[@ANYBLOB="61124c000000000061134c0000000000bf2000000000000007030000151b00093d030100000000009500000000000000bc26000000000000bf67000000000000070600000fff07006706000003000000160600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cbf843dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe703057593d5cbcd6a12176efc246beef484bd66a2ee0cced3c0a037b8bdcd855cb40be258e1f778bc66d5242a57fa866fdce74af0f7c7ccc831046d281b11a6c775d9289bc996260ea61e61b578db4c93768e92c4ba2100f476c0cdfb205248ed39248013fc4c"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74)

[  671.145025][T14527] loop5: detected capacity change from 0 to 4096
[  671.274150][T14527] EXT4-fs: error -4 creating inode table initialization thread
[  671.364476][T14527] EXT4-fs (loop5): mount failed
[  671.512602][ T8339] keytouch 0003:0926:3333.0001: fixing up Keytouch IEC report descriptor
[  671.567526][ T8339] input: HID 0926:3333 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0926:3333.0001/input/input69
[  671.613727][T14525] not chained 530000 origins
[  671.618583][T14525] CPU: 1 PID: 14525 Comm: syz-executor.5 Not tainted 5.16.0-rc3-syzkaller #0
[  671.627391][T14525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  671.637501][T14525] Call Trace:
[  671.640797][T14525]  <TASK>
[  671.643744][T14525]  dump_stack_lvl+0x1ff/0x28e
[  671.648479][T14525]  dump_stack+0x25/0x28
[  671.652674][T14525]  kmsan_internal_chain_origin+0x7a/0x110
[  671.658498][T14525]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  671.664623][T14525]  ? kmsan_get_metadata+0xa4/0x120
[  671.669794][T14525]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  671.675666][T14525]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  671.681273][T14525]  ? kmsan_get_metadata+0xa4/0x120
[  671.686446][T14525]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  671.692316][T14525]  ? should_fail+0x75/0x9c0
[  671.696884][T14525]  ? kmsan_get_metadata+0xa4/0x120
[  671.702077][T14525]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  671.708405][T14525]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  671.714541][T14525]  ? kmsan_get_metadata+0xa4/0x120
[  671.719717][T14525]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  671.725589][T14525]  __msan_chain_origin+0xbf/0x140
[  671.730702][T14525]  __get_compat_msghdr+0x6e1/0x9d0
[  671.735893][T14525]  get_compat_msghdr+0x108/0x2c0
[  671.740894][T14525]  ? __sys_recvmmsg+0x51c/0x6f0
[  671.745796][T14525]  do_recvmmsg+0x1063/0x2120
[  671.750446][T14525]  ? kmsan_get_metadata+0xa4/0x120
[  671.755633][T14525]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  671.761936][T14525]  ? kmsan_get_metadata+0xa4/0x120
[  671.767105][T14525]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  671.773492][T14525]  ? fput+0x82/0x320
[  671.777431][T14525]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  671.784000][T14525]  __sys_recvmmsg+0x51c/0x6f0
[  671.788721][T14525]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  671.795108][T14525]  __do_fast_syscall_32+0x96/0xf0
[  671.800176][T14525]  do_fast_syscall_32+0x34/0x70
[  671.805064][T14525]  do_SYSENTER_32+0x1b/0x20
[  671.809690][T14525]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  671.816065][T14525] RIP: 0023:0xf6ec3549
[  671.820152][T14525] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  671.839795][T14525] RSP: 002b:00000000f5e9c5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  671.848262][T14525] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000200000c0
[  671.856258][T14525] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  671.864247][T14525] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  671.872238][T14525] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  671.880228][T14525] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  671.888234][T14525]  </TASK>
[  671.895315][T14525] Uninit was stored to memory at:
[  671.900417][T14525]  __get_compat_msghdr+0x6e1/0x9d0
[  671.906352][T14525]  get_compat_msghdr+0x108/0x2c0
[  671.911374][T14525]  do_recvmmsg+0x1063/0x2120
[  671.916120][T14525]  __sys_recvmmsg+0x51c/0x6f0
[  671.920829][T14525]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  671.927394][T14525]  __do_fast_syscall_32+0x96/0xf0
[  671.932651][T14525]  do_fast_syscall_32+0x34/0x70
[  671.937544][T14525]  do_SYSENTER_32+0x1b/0x20
[  671.942294][T14525]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  671.948669][T14525] 
[  671.950999][T14525] Uninit was stored to memory at:
[  671.956284][T14525]  __get_compat_msghdr+0x6e1/0x9d0
[  671.961437][T14525]  get_compat_msghdr+0x108/0x2c0
[  671.966607][T14525]  do_recvmmsg+0x1063/0x2120
[  671.971245][T14525]  __sys_recvmmsg+0x51c/0x6f0
[  671.976153][T14525]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  671.982731][T14525]  __do_fast_syscall_32+0x96/0xf0
[  671.987808][T14525]  do_fast_syscall_32+0x34/0x70
[  671.992879][T14525]  do_SYSENTER_32+0x1b/0x20
[  671.997427][T14525]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  672.004006][T14525] 
[  672.006359][T14525] Uninit was stored to memory at:
[  672.011455][T14525]  __get_compat_msghdr+0x6e1/0x9d0
[  672.016807][T14525]  get_compat_msghdr+0x108/0x2c0
[  672.021953][T14525]  do_recvmmsg+0x1063/0x2120
[  672.026584][T14525]  __sys_recvmmsg+0x51c/0x6f0
[  672.031295][T14525]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  672.037863][T14525]  __do_fast_syscall_32+0x96/0xf0
[  672.043185][T14525]  do_fast_syscall_32+0x34/0x70
[  672.048083][T14525]  do_SYSENTER_32+0x1b/0x20
[  672.052814][T14525]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  672.059201][T14525] 
[  672.061527][T14525] Uninit was stored to memory at:
[  672.067319][T14525]  __get_compat_msghdr+0x6e1/0x9d0
[  672.072655][T14525]  get_compat_msghdr+0x108/0x2c0
[  672.077641][T14525]  do_recvmmsg+0x1063/0x2120
[  672.082426][T14525]  __sys_recvmmsg+0x51c/0x6f0
[  672.087153][T14525]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  672.093737][T14525]  __do_fast_syscall_32+0x96/0xf0
[  672.098812][T14525]  do_fast_syscall_32+0x34/0x70
[  672.103891][T14525]  do_SYSENTER_32+0x1b/0x20
[  672.108443][T14525]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  672.115014][T14525] 
[  672.117351][T14525] Uninit was stored to memory at:
[  672.122626][T14525]  __get_compat_msghdr+0x6e1/0x9d0
[  672.127781][T14525]  get_compat_msghdr+0x108/0x2c0
[  672.132940][T14525]  do_recvmmsg+0x1063/0x2120
[  672.137568][T14525]  __sys_recvmmsg+0x51c/0x6f0
[  672.142477][T14525]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  672.148860][T14525]  __do_fast_syscall_32+0x96/0xf0
[  672.154131][T14525]  do_fast_syscall_32+0x34/0x70
[  672.159030][T14525]  do_SYSENTER_32+0x1b/0x20
[  672.163764][T14525]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  672.170142][T14525] 
[  672.172660][T14525] Uninit was stored to memory at:
[  672.177749][T14525]  __get_compat_msghdr+0x6e1/0x9d0
[  672.183110][T14525]  get_compat_msghdr+0x108/0x2c0
[  672.188094][T14525]  do_recvmmsg+0x1063/0x2120
[  672.192922][T14525]  __sys_recvmmsg+0x51c/0x6f0
[  672.197645][T14525]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  672.204228][T14525]  __do_fast_syscall_32+0x96/0xf0
[  672.209302][T14525]  do_fast_syscall_32+0x34/0x70
[  672.214402][T14525]  do_SYSENTER_32+0x1b/0x20
[  672.218961][T14525]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  672.225560][T14525] 
[  672.227895][T14525] Uninit was stored to memory at:
[  672.233179][T14525]  __get_compat_msghdr+0x6e1/0x9d0
[  672.238340][T14525]  get_compat_msghdr+0x108/0x2c0
[  672.243518][T14525]  do_recvmmsg+0x1063/0x2120
[  672.248147][T14525]  __sys_recvmmsg+0x51c/0x6f0
[  672.253048][T14525]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  672.259436][T14525]  __do_fast_syscall_32+0x96/0xf0
[  672.264685][T14525]  do_fast_syscall_32+0x34/0x70
[  672.269582][T14525]  do_SYSENTER_32+0x1b/0x20
[  672.274313][T14525]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  672.280691][T14525] 
[  672.283211][T14525] Local variable msg_sys created at:
[  672.288504][T14525]  do_recvmmsg+0xc1/0x2120
[  672.293184][T14525]  __sys_recvmmsg+0x51c/0x6f0
[  672.383861][ T8339] keytouch 0003:0926:3333.0001: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.4-1/input0
[  672.470624][ T8339] usb 5-1: USB disconnect, device number 94
[  673.213629][ T8339] usb 5-1: new high-speed USB device number 95 using dummy_hcd
[  673.586413][ T8339] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  673.597711][ T8339] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  673.610992][ T8339] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.00
[  673.620517][ T8339] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  673.655365][ T8339] usb 5-1: config 0 descriptor??
02:11:36 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000080)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getpid()
sched_setattr(0x0, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r3, &(0x7f0000000040)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000020200000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100090c10000000000000000000", 0x58}], 0x1)

02:11:36 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000240)={'bridge0\x00', <r3=>0x0})
bind$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @dev}, 0x14)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000280)="4103092c8b03480401020200c52cf7c25975e005b02f0800eb2b2ff0dac8897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305f80a88161b6fd8f24286a57c3feffff", 0xfc13, 0x800, 0x0, 0x2f)
ppoll(&(0x7f0000000080)=[{r1}], 0x1, &(0x7f0000000100), 0x0, 0x0)

02:11:36 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000440)=ANY=[@ANYBLOB="61124c000000000061134c0000000000bf2000000000000007030000151b00093d030100000000009500000000000000bc26000000000000bf67000000000000070600000fff07006706000003000000160600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cbf843dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe703057593d5cbcd6a12176efc246beef484bd66a2ee0cced3c0a037b8bdcd855cb40be258e1f778bc66d5242a57fa866fdce74af0f7c7ccc831046d281b11a6c775d9289bc996260ea61e61b578db4c93768e92c4ba2100f476c0cdfb205248ed39248013fc4c"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74)

02:11:36 executing program 1:
mlock2(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0)
prlimit64(0x0, 0x9, &(0x7f0000000140), 0x0)
syz_io_uring_setup(0x2dde, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000006000/0x2000)=nil, &(0x7f0000000100), &(0x7f0000000140))

02:11:36 executing program 0:
r0 = perf_event_open(&(0x7f0000000500)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x317d, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f000025c000)={0x400000001, 0x80, 0x2005, 0x0, 0x0, 0x0, 0x0, 0x1, 0xa8094, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r2, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, r2)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r3, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f0000000040)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x2400067e, &(0x7f0000000100)={0x2, 0x10004e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10)
sendto$inet(r4, &(0x7f0000d7cfcb), 0xffffffffffffffef, 0x0, 0x0, 0x53)

02:11:36 executing program 5:
syz_emit_ethernet(0x46, &(0x7f0000000040)={@local, @empty, @void, {@ipv4={0x800, @tcp={{0x9, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @remote={0xac, 0x4d}, {[@timestamp={0x7, 0x10, 0xa, 0x0, 0x0, [0x0, 0x0, 0x0]}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0)

[  673.964382][ T8339] usbhid 5-1:0.0: can't add hid device: -71
[  673.970669][ T8339] usbhid: probe of 5-1:0.0 failed with error -71
[  674.026664][ T8339] usb 5-1: USB disconnect, device number 95
02:11:36 executing program 1:
mlock2(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0)
prlimit64(0x0, 0x9, &(0x7f0000000140), 0x0)
syz_io_uring_setup(0x2dde, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000006000/0x2000)=nil, &(0x7f0000000100), &(0x7f0000000140))

02:11:36 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000440)=ANY=[@ANYBLOB="61124c000000000061134c0000000000bf2000000000000007030000151b00093d030100000000009500000000000000bc26000000000000bf67000000000000070600000fff07006706000003000000160600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cbf843dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe703057593d5cbcd6a12176efc246beef484bd66a2ee0cced3c0a037b8bdcd855cb40be258e1f778bc66d5242a57fa866fdce74af0f7c7ccc831046d281b11a6c775d9289bc996260ea61e61b578db4c93768e92c4ba2100f476c0cdfb205248ed39248013fc4c1bc6458e8bfc17f82d47d9"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74)

02:11:36 executing program 5:
syz_emit_ethernet(0x46, &(0x7f0000000040)={@local, @empty, @void, {@ipv4={0x800, @tcp={{0x9, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @remote={0xac, 0x4d}, {[@timestamp={0x7, 0x10, 0xa, 0x0, 0x0, [0x0, 0x0, 0x0]}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0)

02:11:37 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000240)={'bridge0\x00', <r3=>0x0})
bind$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @dev}, 0x14)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000280)="4103092c8b03480401020200c52cf7c25975e005b02f0800eb2b2ff0dac8897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305f80a88161b6fd8f24286a57c3feffff", 0xfc13, 0x800, 0x0, 0x2f)
ppoll(&(0x7f0000000080)=[{r1}], 0x1, &(0x7f0000000100), 0x0, 0x0)

02:11:37 executing program 1:
mremap(&(0x7f0000005000/0x4000)=nil, 0x4000, 0x1000, 0x0, &(0x7f0000003000/0x1000)=nil)
mlock2(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0)
prlimit64(0x0, 0x0, &(0x7f0000000140), 0x0)
syz_io_uring_setup(0x2dde, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000006000/0x2000)=nil, &(0x7f0000000100), &(0x7f0000000140))

02:11:37 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000440)=ANY=[@ANYBLOB="61124c000000000061134c0000000000bf2000000000000007030000151b00093d030100000000009500000000000000bc26000000000000bf67000000000000070600000fff07006706000003000000160600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cbf843dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe703057593d5cbcd6a12176efc246beef484bd66a2ee0cced3c0a037b8bdcd855cb40be258e1f778bc66d5242a57fa866fdce74af0f7c7ccc831046d281b11a6c775d9289bc996260ea61e61b578db4c93768e92c4ba2100f476c0cdfb205248ed39248013fc4c1bc6458e8bfc17f82d47d9"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74)

[  675.799271][T14602] not chained 540000 origins
[  675.807763][T14602] CPU: 1 PID: 14602 Comm: syz-executor.4 Not tainted 5.16.0-rc3-syzkaller #0
[  675.816588][T14602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  675.826683][T14602] Call Trace:
[  675.829980][T14602]  <TASK>
[  675.832928][T14602]  dump_stack_lvl+0x1ff/0x28e
[  675.837659][T14602]  dump_stack+0x25/0x28
[  675.841879][T14602]  kmsan_internal_chain_origin+0x7a/0x110
[  675.847658][T14602]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  675.853783][T14602]  ? kmsan_get_metadata+0xa4/0x120
[  675.858948][T14602]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  675.864827][T14602]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  675.870433][T14602]  ? kmsan_get_metadata+0xa4/0x120
[  675.875602][T14602]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  675.881470][T14602]  ? should_fail+0x75/0x9c0
[  675.886032][T14602]  ? kmsan_get_metadata+0xa4/0x120
[  675.891201][T14602]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  675.897506][T14602]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  675.903637][T14602]  ? kmsan_get_metadata+0xa4/0x120
[  675.908799][T14602]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  675.914663][T14602]  __msan_chain_origin+0xbf/0x140
[  675.919741][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  675.924919][T14602]  get_compat_msghdr+0x108/0x2c0
[  675.929910][T14602]  ? __sys_recvmmsg+0x51c/0x6f0
[  675.934802][T14602]  do_recvmmsg+0x1063/0x2120
[  675.939447][T14602]  ? kmsan_get_metadata+0xa4/0x120
[  675.944624][T14602]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  675.950935][T14602]  ? kmsan_get_metadata+0xa4/0x120
[  675.956103][T14602]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  675.962414][T14602]  ? fput+0x82/0x320
[  675.966357][T14602]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  675.972926][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  675.977655][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  675.984052][T14602]  __do_fast_syscall_32+0x96/0xf0
[  675.989137][T14602]  do_fast_syscall_32+0x34/0x70
[  675.994046][T14602]  do_SYSENTER_32+0x1b/0x20
[  675.998602][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  676.004981][T14602] RIP: 0023:0xf6eb3549
[  676.009085][T14602] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  676.028743][T14602] RSP: 002b:00000000f5e8c5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  676.037223][T14602] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  676.045231][T14602] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  676.053235][T14602] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  676.061236][T14602] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  676.069239][T14602] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  676.077344][T14602]  </TASK>
[  676.084862][T14602] Uninit was stored to memory at:
[  676.089978][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  676.095699][T14602]  get_compat_msghdr+0x108/0x2c0
[  676.100686][T14602]  do_recvmmsg+0x1063/0x2120
[  676.105431][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  676.110163][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  676.116677][T14602]  __do_fast_syscall_32+0x96/0xf0
[  676.121905][T14602]  do_fast_syscall_32+0x34/0x70
[  676.126800][T14602]  do_SYSENTER_32+0x1b/0x20
[  676.131341][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  676.137917][T14602] 
[  676.140250][T14602] Uninit was stored to memory at:
[  676.145501][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  676.150662][T14602]  get_compat_msghdr+0x108/0x2c0
[  676.155846][T14602]  do_recvmmsg+0x1063/0x2120
[  676.160476][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  676.165393][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  676.171992][T14602]  __do_fast_syscall_32+0x96/0xf0
[  676.177077][T14602]  do_fast_syscall_32+0x34/0x70
[  676.182189][T14602]  do_SYSENTER_32+0x1b/0x20
[  676.186741][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  676.193359][T14602] 
[  676.195696][T14602] Uninit was stored to memory at:
[  676.200786][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  676.206136][T14602]  get_compat_msghdr+0x108/0x2c0
[  676.211214][T14602]  do_recvmmsg+0x1063/0x2120
[  676.216043][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  676.220760][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  676.227357][T14602]  __do_fast_syscall_32+0x96/0xf0
[  676.232623][T14602]  do_fast_syscall_32+0x34/0x70
[  676.237519][T14602]  do_SYSENTER_32+0x1b/0x20
[  676.242252][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  676.248632][T14602] 
[  676.250962][T14602] Uninit was stored to memory at:
[  676.256230][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  676.261388][T14602]  get_compat_msghdr+0x108/0x2c0
[  676.266566][T14602]  do_recvmmsg+0x1063/0x2120
[  676.271196][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  676.276113][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  676.282689][T14602]  __do_fast_syscall_32+0x96/0xf0
[  676.287764][T14602]  do_fast_syscall_32+0x34/0x70
[  676.292851][T14602]  do_SYSENTER_32+0x1b/0x20
[  676.297400][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  676.303965][T14602] 
[  676.306300][T14602] Uninit was stored to memory at:
[  676.311389][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  676.316723][T14602]  get_compat_msghdr+0x108/0x2c0
[  676.321879][T14602]  do_recvmmsg+0x1063/0x2120
[  676.326508][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  676.331217][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  676.337783][T14602]  __do_fast_syscall_32+0x96/0xf0
[  676.343004][T14602]  do_fast_syscall_32+0x34/0x70
[  676.347901][T14602]  do_SYSENTER_32+0x1b/0x20
[  676.352717][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  676.359098][T14602] 
[  676.361943][T14602] Uninit was stored to memory at:
[  676.367032][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  676.372363][T14602]  get_compat_msghdr+0x108/0x2c0
[  676.377348][T14602]  do_recvmmsg+0x1063/0x2120
[  676.382167][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  676.386883][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  676.393482][T14602]  __do_fast_syscall_32+0x96/0xf0
[  676.398556][T14602]  do_fast_syscall_32+0x34/0x70
[  676.403630][T14602]  do_SYSENTER_32+0x1b/0x20
[  676.408180][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  676.414750][T14602] 
[  676.417084][T14602] Uninit was stored to memory at:
[  676.422350][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  676.427502][T14602]  get_compat_msghdr+0x108/0x2c0
[  676.432662][T14602]  do_recvmmsg+0x1063/0x2120
[  676.437292][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  676.442190][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  676.448588][T14602]  __do_fast_syscall_32+0x96/0xf0
[  676.453854][T14602]  do_fast_syscall_32+0x34/0x70
[  676.458756][T14602]  do_SYSENTER_32+0x1b/0x20
[  676.463495][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  676.469877][T14602] 
[  676.472425][T14602] Local variable msg_sys created at:
[  676.477723][T14602]  do_recvmmsg+0xc1/0x2120
[  676.482358][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  676.908610][T14602] not chained 550000 origins
[  676.913490][T14602] CPU: 1 PID: 14602 Comm: syz-executor.4 Not tainted 5.16.0-rc3-syzkaller #0
[  676.922331][T14602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  676.932413][T14602] Call Trace:
[  676.935707][T14602]  <TASK>
[  676.938654][T14602]  dump_stack_lvl+0x1ff/0x28e
[  676.943386][T14602]  dump_stack+0x25/0x28
[  676.947586][T14602]  kmsan_internal_chain_origin+0x7a/0x110
[  676.953452][T14602]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  676.959585][T14602]  ? kmsan_get_metadata+0xa4/0x120
[  676.964754][T14602]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  676.970627][T14602]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  676.976233][T14602]  ? kmsan_get_metadata+0xa4/0x120
[  676.981402][T14602]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  676.987278][T14602]  ? should_fail+0x75/0x9c0
[  676.991840][T14602]  ? kmsan_get_metadata+0xa4/0x120
[  676.997007][T14602]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  677.003310][T14602]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  677.009441][T14602]  ? kmsan_get_metadata+0xa4/0x120
[  677.014616][T14602]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  677.020484][T14602]  __msan_chain_origin+0xbf/0x140
[  677.025566][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  677.030746][T14602]  get_compat_msghdr+0x108/0x2c0
[  677.035736][T14602]  ? __sys_recvmmsg+0x51c/0x6f0
[  677.040628][T14602]  do_recvmmsg+0x1063/0x2120
[  677.045276][T14602]  ? kmsan_get_metadata+0xa4/0x120
[  677.050456][T14602]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  677.056765][T14602]  ? kmsan_get_metadata+0xa4/0x120
[  677.061932][T14602]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  677.068235][T14602]  ? fput+0x82/0x320
[  677.072182][T14602]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  677.078752][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  677.083484][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  677.089884][T14602]  __do_fast_syscall_32+0x96/0xf0
[  677.094955][T14602]  do_fast_syscall_32+0x34/0x70
[  677.099852][T14602]  do_SYSENTER_32+0x1b/0x20
[  677.104403][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  677.110788][T14602] RIP: 0023:0xf6eb3549
[  677.114880][T14602] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  677.134539][T14602] RSP: 002b:00000000f5e8c5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  677.143000][T14602] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  677.151013][T14602] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  677.159018][T14602] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  677.167026][T14602] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  677.175029][T14602] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  677.183045][T14602]  </TASK>
[  677.189961][T14602] Uninit was stored to memory at:
[  677.195638][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  677.195698][T14602]  get_compat_msghdr+0x108/0x2c0
[  677.195752][T14602]  do_recvmmsg+0x1063/0x2120
[  677.195796][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  677.195838][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  677.221981][T14602]  __do_fast_syscall_32+0x96/0xf0
[  677.227060][T14602]  do_fast_syscall_32+0x34/0x70
[  677.232085][T14602]  do_SYSENTER_32+0x1b/0x20
[  677.236667][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  677.243228][T14602] 
[  677.245562][T14602] Uninit was stored to memory at:
[  677.250652][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  677.256002][T14602]  get_compat_msghdr+0x108/0x2c0
[  677.260987][T14602]  do_recvmmsg+0x1063/0x2120
[  677.265806][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  677.270520][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  677.277092][T14602]  __do_fast_syscall_32+0x96/0xf0
[  677.282347][T14602]  do_fast_syscall_32+0x34/0x70
[  677.287244][T14602]  do_SYSENTER_32+0x1b/0x20
[  677.291950][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  677.298326][T14602] 
[  677.300652][T14602] Uninit was stored to memory at:
[  677.305931][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  677.311095][T14602]  get_compat_msghdr+0x108/0x2c0
[  677.316266][T14602]  do_recvmmsg+0x1063/0x2120
[  677.320893][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  677.325790][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  677.332362][T14602]  __do_fast_syscall_32+0x96/0xf0
[  677.337433][T14602]  do_fast_syscall_32+0x34/0x70
[  677.342522][T14602]  do_SYSENTER_32+0x1b/0x20
[  677.347071][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  677.353693][T14602] 
[  677.356024][T14602] Uninit was stored to memory at:
[  677.361113][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  677.366449][T14602]  get_compat_msghdr+0x108/0x2c0
[  677.371442][T14602]  do_recvmmsg+0x1063/0x2120
[  677.376258][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  677.380974][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  677.387555][T14602]  __do_fast_syscall_32+0x96/0xf0
[  677.392808][T14602]  do_fast_syscall_32+0x34/0x70
[  677.397706][T14602]  do_SYSENTER_32+0x1b/0x20
[  677.402448][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  677.408832][T14602] 
[  677.411160][T14602] Uninit was stored to memory at:
[  677.416437][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  677.421597][T14602]  get_compat_msghdr+0x108/0x2c0
[  677.426756][T14602]  do_recvmmsg+0x1063/0x2120
[  677.431382][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  677.436285][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  677.442850][T14602]  __do_fast_syscall_32+0x96/0xf0
[  677.447926][T14602]  do_fast_syscall_32+0x34/0x70
[  677.452999][T14602]  do_SYSENTER_32+0x1b/0x20
[  677.457550][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  677.464128][T14602] 
[  677.466469][T14602] Uninit was stored to memory at:
[  677.471558][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  677.476911][T14602]  get_compat_msghdr+0x108/0x2c0
[  677.482102][T14602]  do_recvmmsg+0x1063/0x2120
[  677.486732][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  677.491449][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  677.498073][T14602]  __do_fast_syscall_32+0x96/0xf0
[  677.503292][T14602]  do_fast_syscall_32+0x34/0x70
[  677.508189][T14602]  do_SYSENTER_32+0x1b/0x20
[  677.512911][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  677.519294][T14602] 
[  677.521621][T14602] Uninit was stored to memory at:
[  677.526917][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  677.532248][T14602]  get_compat_msghdr+0x108/0x2c0
[  677.537238][T14602]  do_recvmmsg+0x1063/0x2120
[  677.542021][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  677.546733][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  677.553295][T14602]  __do_fast_syscall_32+0x96/0xf0
[  677.558383][T14602]  do_fast_syscall_32+0x34/0x70
[  677.563467][T14602]  do_SYSENTER_32+0x1b/0x20
[  677.568014][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  677.574589][T14602] 
[  677.576924][T14602] Local variable msg_sys created at:
[  677.582392][T14602]  do_recvmmsg+0xc1/0x2120
[  677.586846][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  677.940205][T14602] not chained 560000 origins
[  677.945090][T14602] CPU: 1 PID: 14602 Comm: syz-executor.4 Not tainted 5.16.0-rc3-syzkaller #0
[  677.953899][T14602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  677.964004][T14602] Call Trace:
[  677.967301][T14602]  <TASK>
[  677.970248][T14602]  dump_stack_lvl+0x1ff/0x28e
[  677.974976][T14602]  dump_stack+0x25/0x28
[  677.979175][T14602]  kmsan_internal_chain_origin+0x7a/0x110
[  677.984956][T14602]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  677.991095][T14602]  ? kmsan_get_metadata+0xa4/0x120
[  677.996261][T14602]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  678.002127][T14602]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  678.007733][T14602]  ? kmsan_get_metadata+0xa4/0x120
[  678.012897][T14602]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  678.018791][T14602]  ? should_fail+0x75/0x9c0
[  678.023347][T14602]  ? kmsan_get_metadata+0xa4/0x120
[  678.028524][T14602]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  678.034824][T14602]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  678.040954][T14602]  ? kmsan_get_metadata+0xa4/0x120
[  678.046126][T14602]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  678.051998][T14602]  __msan_chain_origin+0xbf/0x140
[  678.057075][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  678.062255][T14602]  get_compat_msghdr+0x108/0x2c0
[  678.067244][T14602]  ? __sys_recvmmsg+0x51c/0x6f0
[  678.072132][T14602]  do_recvmmsg+0x1063/0x2120
[  678.076777][T14602]  ? kmsan_get_metadata+0xa4/0x120
[  678.081952][T14602]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  678.088256][T14602]  ? kmsan_get_metadata+0xa4/0x120
[  678.093421][T14602]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  678.099721][T14602]  ? fput+0x82/0x320
[  678.103665][T14602]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  678.110224][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  678.114947][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  678.121345][T14602]  __do_fast_syscall_32+0x96/0xf0
[  678.126417][T14602]  do_fast_syscall_32+0x34/0x70
[  678.131314][T14602]  do_SYSENTER_32+0x1b/0x20
[  678.135859][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  678.142236][T14602] RIP: 0023:0xf6eb3549
[  678.146327][T14602] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  678.166001][T14602] RSP: 002b:00000000f5e8c5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  678.174474][T14602] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  678.182485][T14602] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  678.190489][T14602] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  678.198495][T14602] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  678.206498][T14602] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  678.214513][T14602]  </TASK>
[  678.221511][T14602] Uninit was stored to memory at:
[  678.227185][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  678.232457][T14602]  get_compat_msghdr+0x108/0x2c0
[  678.237444][T14602]  do_recvmmsg+0x1063/0x2120
[  678.242201][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  678.246932][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  678.253443][T14602]  __do_fast_syscall_32+0x96/0xf0
[  678.258518][T14602]  do_fast_syscall_32+0x34/0x70
[  678.263603][T14602]  do_SYSENTER_32+0x1b/0x20
[  678.268150][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  678.274706][T14602] 
[  678.277040][T14602] Uninit was stored to memory at:
[  678.282326][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  678.287485][T14602]  get_compat_msghdr+0x108/0x2c0
[  678.292646][T14602]  do_recvmmsg+0x1063/0x2120
[  678.297270][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  678.302216][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  678.308596][T14602]  __do_fast_syscall_32+0x96/0xf0
[  678.313846][T14602]  do_fast_syscall_32+0x34/0x70
[  678.318752][T14602]  do_SYSENTER_32+0x1b/0x20
[  678.323475][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  678.329849][T14602] 
[  678.332361][T14602] Uninit was stored to memory at:
[  678.337450][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  678.342779][T14602]  get_compat_msghdr+0x108/0x2c0
[  678.347759][T14602]  do_recvmmsg+0x1063/0x2120
[  678.352552][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  678.357268][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  678.363829][T14602]  __do_fast_syscall_32+0x96/0xf0
[  678.368917][T14602]  do_fast_syscall_32+0x34/0x70
[  678.374005][T14602]  do_SYSENTER_32+0x1b/0x20
[  678.378550][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  678.385131][T14602] 
[  678.387468][T14602] Uninit was stored to memory at:
[  678.392733][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  678.397888][T14602]  get_compat_msghdr+0x108/0x2c0
[  678.403135][T14602]  do_recvmmsg+0x1063/0x2120
[  678.407764][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  678.412662][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  678.419053][T14602]  __do_fast_syscall_32+0x96/0xf0
[  678.424419][T14602]  do_fast_syscall_32+0x34/0x70
[  678.429317][T14602]  do_SYSENTER_32+0x1b/0x20
[  678.434042][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  678.440424][T14602] 
[  678.442936][T14602] Uninit was stored to memory at:
[  678.448035][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  678.453368][T14602]  get_compat_msghdr+0x108/0x2c0
[  678.458346][T14602]  do_recvmmsg+0x1063/0x2120
[  678.463152][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  678.467864][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  678.474424][T14602]  __do_fast_syscall_32+0x96/0xf0
[  678.479496][T14602]  do_fast_syscall_32+0x34/0x70
[  678.484579][T14602]  do_SYSENTER_32+0x1b/0x20
[  678.489124][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  678.495679][T14602] 
[  678.498018][T14602] Uninit was stored to memory at:
[  678.503280][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  678.508433][T14602]  get_compat_msghdr+0x108/0x2c0
[  678.513606][T14602]  do_recvmmsg+0x1063/0x2120
[  678.518230][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  678.523128][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  678.529512][T14602]  __do_fast_syscall_32+0x96/0xf0
[  678.534773][T14602]  do_fast_syscall_32+0x34/0x70
[  678.539669][T14602]  do_SYSENTER_32+0x1b/0x20
[  678.544403][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  678.550783][T14602] 
[  678.553298][T14602] Uninit was stored to memory at:
[  678.558385][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  678.563726][T14602]  get_compat_msghdr+0x108/0x2c0
[  678.568710][T14602]  do_recvmmsg+0x1063/0x2120
[  678.573512][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  678.578225][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  678.584798][T14602]  __do_fast_syscall_32+0x96/0xf0
[  678.589868][T14602]  do_fast_syscall_32+0x34/0x70
[  678.594953][T14602]  do_SYSENTER_32+0x1b/0x20
[  678.599502][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  678.606092][T14602] 
[  678.608428][T14602] Local variable msg_sys created at:
[  678.613906][T14602]  do_recvmmsg+0xc1/0x2120
[  678.618367][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  678.925491][T14602] not chained 570000 origins
[  678.930129][T14602] CPU: 1 PID: 14602 Comm: syz-executor.4 Not tainted 5.16.0-rc3-syzkaller #0
[  678.938941][T14602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  678.949138][T14602] Call Trace:
[  678.952428][T14602]  <TASK>
[  678.955371][T14602]  dump_stack_lvl+0x1ff/0x28e
[  678.960102][T14602]  dump_stack+0x25/0x28
[  678.964308][T14602]  kmsan_internal_chain_origin+0x7a/0x110
[  678.970095][T14602]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  678.976214][T14602]  ? kmsan_get_metadata+0xa4/0x120
[  678.981381][T14602]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  678.987269][T14602]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  678.992879][T14602]  ? kmsan_get_metadata+0xa4/0x120
[  678.998051][T14602]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  679.003921][T14602]  ? should_fail+0x75/0x9c0
[  679.008486][T14602]  ? kmsan_get_metadata+0xa4/0x120
[  679.013654][T14602]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  679.019977][T14602]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  679.026124][T14602]  ? kmsan_get_metadata+0xa4/0x120
[  679.031297][T14602]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  679.037163][T14602]  __msan_chain_origin+0xbf/0x140
[  679.042263][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  679.047447][T14602]  get_compat_msghdr+0x108/0x2c0
[  679.052467][T14602]  ? __sys_recvmmsg+0x51c/0x6f0
[  679.057359][T14602]  do_recvmmsg+0x1063/0x2120
[  679.062010][T14602]  ? kmsan_get_metadata+0xa4/0x120
[  679.067189][T14602]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  679.073490][T14602]  ? kmsan_get_metadata+0xa4/0x120
[  679.078660][T14602]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  679.084962][T14602]  ? fput+0x82/0x320
[  679.088917][T14602]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  679.095486][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  679.100213][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  679.106610][T14602]  __do_fast_syscall_32+0x96/0xf0
[  679.111696][T14602]  do_fast_syscall_32+0x34/0x70
[  679.116588][T14602]  do_SYSENTER_32+0x1b/0x20
[  679.121133][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  679.127511][T14602] RIP: 0023:0xf6eb3549
[  679.131601][T14602] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  679.151252][T14602] RSP: 002b:00000000f5e8c5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  679.159714][T14602] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  679.167721][T14602] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  679.175724][T14602] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  679.183729][T14602] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  679.191733][T14602] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  679.199752][T14602]  </TASK>
[  679.206703][T14602] Uninit was stored to memory at:
[  679.212381][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  679.217539][T14602]  get_compat_msghdr+0x108/0x2c0
[  679.222709][T14602]  do_recvmmsg+0x1063/0x2120
[  679.227333][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  679.232229][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  679.238616][T14602]  __do_fast_syscall_32+0x96/0xf0
[  679.243915][T14602]  do_fast_syscall_32+0x34/0x70
[  679.248819][T14602]  do_SYSENTER_32+0x1b/0x20
[  679.253555][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  679.259932][T14602] 
[  679.262463][T14602] Uninit was stored to memory at:
[  679.267559][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  679.272945][T14602]  get_compat_msghdr+0x108/0x2c0
[  679.278033][T14602]  do_recvmmsg+0x1063/0x2120
[  679.282834][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  679.287542][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  679.294058][T14602]  __do_fast_syscall_32+0x96/0xf0
[  679.299126][T14602]  do_fast_syscall_32+0x34/0x70
[  679.304148][T14602]  do_SYSENTER_32+0x1b/0x20
[  679.308691][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  679.315202][T14602] 
[  679.317533][T14602] Uninit was stored to memory at:
[  679.322736][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  679.327887][T14602]  get_compat_msghdr+0x108/0x2c0
[  679.333098][T14602]  do_recvmmsg+0x1063/0x2120
[  679.337729][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  679.342633][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  679.349020][T14602]  __do_fast_syscall_32+0x96/0xf0
[  679.354292][T14602]  do_fast_syscall_32+0x34/0x70
[  679.359187][T14602]  do_SYSENTER_32+0x1b/0x20
[  679.363929][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  679.370337][T14602] 
[  679.372867][T14602] Uninit was stored to memory at:
[  679.377957][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  679.383328][T14602]  get_compat_msghdr+0x108/0x2c0
[  679.388323][T14602]  do_recvmmsg+0x1063/0x2120
[  679.393237][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  679.398040][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  679.404630][T14602]  __do_fast_syscall_32+0x96/0xf0
[  679.409706][T14602]  do_fast_syscall_32+0x34/0x70
[  679.414795][T14602]  do_SYSENTER_32+0x1b/0x20
[  679.419345][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  679.425927][T14602] 
[  679.428268][T14602] Uninit was stored to memory at:
[  679.433555][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  679.438714][T14602]  get_compat_msghdr+0x108/0x2c0
[  679.443899][T14602]  do_recvmmsg+0x1063/0x2120
[  679.448534][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  679.453439][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  679.459828][T14602]  __do_fast_syscall_32+0x96/0xf0
[  679.465101][T14602]  do_fast_syscall_32+0x34/0x70
[  679.470005][T14602]  do_SYSENTER_32+0x1b/0x20
[  679.474755][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  679.481141][T14602] 
[  679.483675][T14602] Uninit was stored to memory at:
[  679.488965][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  679.494377][T14602]  get_compat_msghdr+0x108/0x2c0
[  679.499372][T14602]  do_recvmmsg+0x1063/0x2120
[  679.504214][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  679.508933][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  679.515526][T14602]  __do_fast_syscall_32+0x96/0xf0
[  679.520602][T14602]  do_fast_syscall_32+0x34/0x70
[  679.525721][T14602]  do_SYSENTER_32+0x1b/0x20
[  679.530268][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  679.536849][T14602] 
[  679.539182][T14602] Uninit was stored to memory at:
[  679.544466][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  679.549626][T14602]  get_compat_msghdr+0x108/0x2c0
[  679.554807][T14602]  do_recvmmsg+0x1063/0x2120
[  679.559435][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  679.564330][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  679.570711][T14602]  __do_fast_syscall_32+0x96/0xf0
[  679.575965][T14602]  do_fast_syscall_32+0x34/0x70
[  679.580859][T14602]  do_SYSENTER_32+0x1b/0x20
[  679.585603][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  679.592095][T14602] 
[  679.594427][T14602] Local variable msg_sys created at:
[  679.599730][T14602]  do_recvmmsg+0xc1/0x2120
[  679.604389][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  680.737995][T14602] not chained 580000 origins
[  680.743031][T14602] CPU: 0 PID: 14602 Comm: syz-executor.4 Not tainted 5.16.0-rc3-syzkaller #0
[  680.751869][T14602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  680.762047][T14602] Call Trace:
[  680.765344][T14602]  <TASK>
[  680.768286][T14602]  dump_stack_lvl+0x1ff/0x28e
[  680.773016][T14602]  dump_stack+0x25/0x28
[  680.777228][T14602]  kmsan_internal_chain_origin+0x7a/0x110
[  680.783011][T14602]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  680.789135][T14602]  ? kmsan_get_metadata+0xa4/0x120
[  680.794305][T14602]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  680.800176][T14602]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  680.805807][T14602]  ? kmsan_get_metadata+0xa4/0x120
[  680.810983][T14602]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  680.816853][T14602]  ? should_fail+0x75/0x9c0
[  680.821411][T14602]  ? kmsan_get_metadata+0xa4/0x120
[  680.826577][T14602]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  680.832881][T14602]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  680.839017][T14602]  ? kmsan_get_metadata+0xa4/0x120
[  680.844181][T14602]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  680.850053][T14602]  __msan_chain_origin+0xbf/0x140
[  680.855134][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  680.860313][T14602]  get_compat_msghdr+0x108/0x2c0
[  680.865303][T14602]  ? __sys_recvmmsg+0x51c/0x6f0
[  680.870197][T14602]  do_recvmmsg+0x1063/0x2120
[  680.874841][T14602]  ? kmsan_get_metadata+0xa4/0x120
[  680.880015][T14602]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  680.886313][T14602]  ? kmsan_get_metadata+0xa4/0x120
[  680.891475][T14602]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  680.897777][T14602]  ? fput+0x82/0x320
[  680.901720][T14602]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  680.908280][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  680.913007][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  680.919405][T14602]  __do_fast_syscall_32+0x96/0xf0
[  680.924477][T14602]  do_fast_syscall_32+0x34/0x70
[  680.929372][T14602]  do_SYSENTER_32+0x1b/0x20
[  680.933916][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  680.940301][T14602] RIP: 0023:0xf6eb3549
[  680.944387][T14602] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  680.964037][T14602] RSP: 002b:00000000f5e8c5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  680.972503][T14602] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  680.980521][T14602] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  680.988525][T14602] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  680.996526][T14602] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  681.004525][T14602] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  681.012541][T14602]  </TASK>
[  681.018883][T14602] Uninit was stored to memory at:
[  681.026812][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  681.032382][T14602]  get_compat_msghdr+0x108/0x2c0
[  681.037369][T14602]  do_recvmmsg+0x1063/0x2120
[  681.042090][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  681.046953][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  681.053488][T14602]  __do_fast_syscall_32+0x96/0xf0
[  681.058559][T14602]  do_fast_syscall_32+0x34/0x70
[  681.063618][T14602]  do_SYSENTER_32+0x1b/0x20
[  681.068166][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  681.074700][T14602] 
[  681.077030][T14602] Uninit was stored to memory at:
[  681.082249][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  681.087404][T14602]  get_compat_msghdr+0x108/0x2c0
[  681.092541][T14602]  do_recvmmsg+0x1063/0x2120
[  681.097170][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  681.102056][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  681.108447][T14602]  __do_fast_syscall_32+0x96/0xf0
[  681.113674][T14602]  do_fast_syscall_32+0x34/0x70
[  681.118566][T14602]  do_SYSENTER_32+0x1b/0x20
[  681.123267][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  681.129666][T14602] 
[  681.132141][T14602] Uninit was stored to memory at:
[  681.137248][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  681.142592][T14602]  get_compat_msghdr+0x108/0x2c0
[  681.147574][T14602]  do_recvmmsg+0x1063/0x2120
[  681.152392][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  681.157103][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  681.163712][T14602]  __do_fast_syscall_32+0x96/0xf0
[  681.168814][T14602]  do_fast_syscall_32+0x34/0x70
[  681.173944][T14602]  do_SYSENTER_32+0x1b/0x20
[  681.178509][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  681.185140][T14602] 
[  681.187496][T14602] Uninit was stored to memory at:
[  681.192807][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  681.197963][T14602]  get_compat_msghdr+0x108/0x2c0
[  681.203147][T14602]  do_recvmmsg+0x1063/0x2120
[  681.207772][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  681.212678][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  681.219057][T14602]  __do_fast_syscall_32+0x96/0xf0
[  681.224327][T14602]  do_fast_syscall_32+0x34/0x70
[  681.229218][T14602]  do_SYSENTER_32+0x1b/0x20
[  681.233947][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  681.240325][T14602] 
[  681.242848][T14602] Uninit was stored to memory at:
[  681.247926][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  681.253267][T14602]  get_compat_msghdr+0x108/0x2c0
[  681.258337][T14602]  do_recvmmsg+0x1063/0x2120
[  681.263190][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  681.267927][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  681.274729][T14602]  __do_fast_syscall_32+0x96/0xf0
[  681.279805][T14602]  do_fast_syscall_32+0x34/0x70
[  681.284944][T14602]  do_SYSENTER_32+0x1b/0x20
[  681.289482][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  681.296054][T14602] 
[  681.298388][T14602] Uninit was stored to memory at:
[  681.303694][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  681.309003][T14602]  get_compat_msghdr+0x108/0x2c0
[  681.314176][T14602]  do_recvmmsg+0x1063/0x2120
[  681.318803][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  681.323810][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  681.330191][T14602]  __do_fast_syscall_32+0x96/0xf0
[  681.335448][T14602]  do_fast_syscall_32+0x34/0x70
[  681.340351][T14602]  do_SYSENTER_32+0x1b/0x20
[  681.345106][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  681.351483][T14602] 
[  681.354017][T14602] Uninit was stored to memory at:
[  681.359099][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  681.364437][T14602]  get_compat_msghdr+0x108/0x2c0
[  681.369430][T14602]  do_recvmmsg+0x1063/0x2120
[  681.374237][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  681.378945][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  681.385528][T14602]  __do_fast_syscall_32+0x96/0xf0
[  681.390597][T14602]  do_fast_syscall_32+0x34/0x70
[  681.395664][T14602]  do_SYSENTER_32+0x1b/0x20
[  681.400205][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  681.406861][T14602] 
[  681.409192][T14602] Local variable msg_sys created at:
[  681.414682][T14602]  do_recvmmsg+0xc1/0x2120
[  681.419132][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  681.583200][T14602] not chained 590000 origins
[  681.587835][T14602] CPU: 0 PID: 14602 Comm: syz-executor.4 Not tainted 5.16.0-rc3-syzkaller #0
[  681.596614][T14602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  681.606681][T14602] Call Trace:
[  681.609962][T14602]  <TASK>
[  681.612895][T14602]  dump_stack_lvl+0x1ff/0x28e
[  681.617619][T14602]  dump_stack+0x25/0x28
[  681.621788][T14602]  kmsan_internal_chain_origin+0x7a/0x110
[  681.627556][T14602]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  681.633654][T14602]  ? kmsan_get_metadata+0xa4/0x120
[  681.638814][T14602]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  681.644683][T14602]  ? __unix_dgram_recvmsg+0x1a18/0x1c30
[  681.650289][T14602]  ? kmsan_get_metadata+0xa4/0x120
[  681.655432][T14602]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  681.661300][T14602]  ? should_fail+0x75/0x9c0
[  681.665834][T14602]  ? kmsan_get_metadata+0xa4/0x120
[  681.670998][T14602]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  681.677336][T14602]  ? kmsan_internal_unpoison_memory+0x10/0x20
[  681.683437][T14602]  ? kmsan_get_metadata+0xa4/0x120
[  681.688602][T14602]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  681.694443][T14602]  __msan_chain_origin+0xbf/0x140
[  681.699522][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  681.704678][T14602]  get_compat_msghdr+0x108/0x2c0
[  681.709665][T14602]  ? __sys_recvmmsg+0x51c/0x6f0
[  681.714534][T14602]  do_recvmmsg+0x1063/0x2120
[  681.719208][T14602]  ? kmsan_get_metadata+0xa4/0x120
[  681.724360][T14602]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  681.730654][T14602]  ? kmsan_get_metadata+0xa4/0x120
[  681.735814][T14602]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  681.742110][T14602]  ? fput+0x82/0x320
[  681.746049][T14602]  ? __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  681.752613][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  681.757336][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  681.763705][T14602]  __do_fast_syscall_32+0x96/0xf0
[  681.768825][T14602]  do_fast_syscall_32+0x34/0x70
[  681.773702][T14602]  do_SYSENTER_32+0x1b/0x20
[  681.778243][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  681.784618][T14602] RIP: 0023:0xf6eb3549
[  681.788705][T14602] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  681.808338][T14602] RSP: 002b:00000000f5e8c5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  681.816890][T14602] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  681.824888][T14602] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  681.832895][T14602] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  681.840893][T14602] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  681.848878][T14602] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  681.856899][T14602]  </TASK>
[  681.863039][T14602] Uninit was stored to memory at:
[  681.868175][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  681.873938][T14602]  get_compat_msghdr+0x108/0x2c0
[  681.878926][T14602]  do_recvmmsg+0x1063/0x2120
[  681.883655][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  681.888369][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  681.894855][T14602]  __do_fast_syscall_32+0x96/0xf0
[  681.899928][T14602]  do_fast_syscall_32+0x34/0x70
[  681.904979][T14602]  do_SYSENTER_32+0x1b/0x20
[  681.909529][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  681.915996][T14602] 
[  681.918334][T14602] Uninit was stored to memory at:
[  681.923528][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  681.928686][T14602]  get_compat_msghdr+0x108/0x2c0
[  681.933838][T14602]  do_recvmmsg+0x1063/0x2120
[  681.938470][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  681.943331][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  681.949737][T14602]  __do_fast_syscall_32+0x96/0xf0
[  681.954985][T14602]  do_fast_syscall_32+0x34/0x70
[  681.959888][T14602]  do_SYSENTER_32+0x1b/0x20
[  681.964602][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  681.970981][T14602] 
[  681.973473][T14602] Uninit was stored to memory at:
[  681.978566][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  681.983886][T14602]  get_compat_msghdr+0x108/0x2c0
[  681.988882][T14602]  do_recvmmsg+0x1063/0x2120
[  681.993666][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  681.998380][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  682.004970][T14602]  __do_fast_syscall_32+0x96/0xf0
[  682.010043][T14602]  do_fast_syscall_32+0x34/0x70
[  682.015097][T14602]  do_SYSENTER_32+0x1b/0x20
[  682.019649][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  682.026194][T14602] 
[  682.028531][T14602] Uninit was stored to memory at:
[  682.033765][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  682.038918][T14602]  get_compat_msghdr+0x108/0x2c0
[  682.044054][T14602]  do_recvmmsg+0x1063/0x2120
[  682.048683][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  682.053546][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  682.059931][T14602]  __do_fast_syscall_32+0x96/0xf0
[  682.065145][T14602]  do_fast_syscall_32+0x34/0x70
[  682.070069][T14602]  do_SYSENTER_32+0x1b/0x20
[  682.074788][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  682.081171][T14602] 
[  682.083669][T14602] Uninit was stored to memory at:
[  682.088770][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  682.094082][T14602]  get_compat_msghdr+0x108/0x2c0
[  682.099068][T14602]  do_recvmmsg+0x1063/0x2120
[  682.103842][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  682.108554][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  682.115089][T14602]  __do_fast_syscall_32+0x96/0xf0
[  682.120158][T14602]  do_fast_syscall_32+0x34/0x70
[  682.125202][T14602]  do_SYSENTER_32+0x1b/0x20
[  682.129750][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  682.136282][T14602] 
[  682.138612][T14602] Uninit was stored to memory at:
[  682.143850][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  682.149000][T14602]  get_compat_msghdr+0x108/0x2c0
[  682.154150][T14602]  do_recvmmsg+0x1063/0x2120
[  682.158776][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  682.163643][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  682.170110][T14602]  __do_fast_syscall_32+0x96/0xf0
[  682.175381][T14602]  do_fast_syscall_32+0x34/0x70
[  682.180284][T14602]  do_SYSENTER_32+0x1b/0x20
[  682.185016][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  682.191391][T14602] 
[  682.193927][T14602] Uninit was stored to memory at:
[  682.199028][T14602]  __get_compat_msghdr+0x6e1/0x9d0
[  682.204335][T14602]  get_compat_msghdr+0x108/0x2c0
[  682.209324][T14602]  do_recvmmsg+0x1063/0x2120
[  682.214133][T14602]  __sys_recvmmsg+0x51c/0x6f0
[  682.218845][T14602]  __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0
[  682.225430][T14602]  __do_fast_syscall_32+0x96/0xf0
[  682.230508][T14602]  do_fast_syscall_32+0x34/0x70
[  682.235578][T14602]  do_SYSENTER_32+0x1b/0x20
[  682.240190][T14602]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  682.246746][T14602] 
[  682.249078][T14602] Local variable msg_sys created at:
[  682.254557][T14602]  do_recvmmsg+0xc1/0x2120
[  682.259006][T14602]  __sys_recvmmsg+0x51c/0x6f0
02:11:45 executing program 4:
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
unshare(0x20400)
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)

02:11:45 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000240)={'bridge0\x00', <r4=>0x0})
bind$packet(r2, &(0x7f0000000040)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @dev}, 0x14)
sendto$inet6(r2, &(0x7f0000000280)="4103092c8b03480401020200c52cf7c25975e005b02f0800eb2b2ff0dac8897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305f80a88161b6fd8f24286a57c3feffff", 0xfc13, 0x800, 0x0, 0x2f)
ppoll(&(0x7f0000000080)=[{r1}], 0x1, &(0x7f0000000100), 0x0, 0x0)

02:11:45 executing program 5:
syz_emit_ethernet(0x46, &(0x7f0000000040)={@local, @empty, @void, {@ipv4={0x800, @tcp={{0x9, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @remote={0xac, 0x4d}, {[@timestamp={0x7, 0x10, 0xa, 0x0, 0x0, [0x0, 0x0, 0x0]}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0)

02:11:45 executing program 1:
mremap(&(0x7f0000005000/0x4000)=nil, 0x4000, 0x1000, 0x0, &(0x7f0000003000/0x1000)=nil)
mlock2(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0)
prlimit64(0x0, 0x0, &(0x7f0000000140), 0x0)
syz_io_uring_setup(0x2dde, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000006000/0x2000)=nil, &(0x7f0000000100), &(0x7f0000000140))

02:11:45 executing program 0:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
ioctl$BTRFS_IOC_TREE_SEARCH_V2(0xffffffffffffffff, 0xc0709411, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
r0 = syz_io_uring_setup(0x2de7, &(0x7f0000001600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=@pppol2tp, 0x80, 0x0}, 0x0, 0x20000000}, 0x0)
bind(0xffffffffffffffff, &(0x7f0000000140)=@l2tp6={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x80)
io_uring_enter(r0, 0x2ff, 0x0, 0x0, 0x0, 0x0)

02:11:45 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000440)=ANY=[@ANYBLOB="61124c000000000061134c0000000000bf2000000000000007030000151b00093d030100000000009500000000000000bc26000000000000bf67000000000000070600000fff07006706000003000000160600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cbf843dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe703057593d5cbcd6a12176efc246beef484bd66a2ee0cced3c0a037b8bdcd855cb40be258e1f778bc66d5242a57fa866fdce74af0f7c7ccc831046d281b11a6c775d9289bc996260ea61e61b578db4c93768e92c4ba2100f476c0cdfb205248ed39248013fc4c1bc6458e8bfc17f82d47d9"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74)

02:11:45 executing program 1:
mremap(&(0x7f0000005000/0x4000)=nil, 0x4000, 0x1000, 0x0, &(0x7f0000003000/0x1000)=nil)
mlock2(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0)
prlimit64(0x0, 0x0, &(0x7f0000000140), 0x0)
syz_io_uring_setup(0x2dde, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000006000/0x2000)=nil, &(0x7f0000000100), &(0x7f0000000140))

02:11:45 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000440)=ANY=[@ANYBLOB="61124c000000000061134c0000000000bf2000000000000007030000151b00093d030100000000009500000000000000bc26000000000000bf67000000000000070600000fff07006706000003000000160600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cbf843dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe703057593d5cbcd6a12176efc246beef484bd66a2ee0cced3c0a037b8bdcd855cb40be258e1f778bc66d5242a57fa866fdce74af0f7c7ccc831046d281b11a6c775d9289bc996260ea61e61b578db4c93768e92c4ba2100f476c0cdfb205248ed39248013fc4c1bc6458e8bfc17f82d47d95453556a4198"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74)

02:11:45 executing program 5:
syz_emit_ethernet(0x46, &(0x7f0000000040)={@local, @empty, @void, {@ipv4={0x800, @tcp={{0x9, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @remote={0xac, 0x4d}, {[@timestamp={0x7, 0x10, 0xa, 0x0, 0x0, [0x0, 0x0, 0x0]}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0)

02:11:45 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x1, 0x0, 0x0, 0x2}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ee9000/0x4000)=nil, 0x0, 0x0)
r3 = gettid()
prlimit64(r3, 0x8, &(0x7f0000000040)={0x3f, 0x7}, &(0x7f0000000200))
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount$binder(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180), 0xc00, &(0x7f0000000640)={[{}], [{@rootcontext={'rootcontext', 0x3d, 'user_u'}}, {@dont_appraise}, {@euid_gt={'euid>', 0xee00}}, {@fsname={'fsname', 0x3d, '%-)!,{]\xa4..&]%\'#'}}, {@dont_hash}, {@appraise_type}, {@subj_user={'subj_user', 0x3d, '\x00'}}]})
mount$bind(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000240), 0x0, 0x0)
pivot_root(&(0x7f0000000340)='./file0\x00', &(0x7f0000000080)='./file0\x00')
mmap$IORING_OFF_CQ_RING(&(0x7f0000691000/0x2000)=nil, 0x2000, 0x5, 0x8010, 0xffffffffffffffff, 0x8000000)

02:11:45 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000440)=ANY=[@ANYBLOB="61124c000000000061134c0000000000bf2000000000000007030000151b00093d030100000000009500000000000000bc26000000000000bf67000000000000070600000fff07006706000003000000160600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cbf843dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe703057593d5cbcd6a12176efc246beef484bd66a2ee0cced3c0a037b8bdcd855cb40be258e1f778bc66d5242a57fa866fdce74af0f7c7ccc831046d281b11a6c775d9289bc996260ea61e61b578db4c93768e92c4ba2100f476c0cdfb205248ed39248013fc4c1bc6458e8bfc17f82d47d95453556a4198"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74)

02:11:45 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000240)={'bridge0\x00', <r4=>0x0})
bind$packet(r2, &(0x7f0000000040)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @dev}, 0x14)
sendto$inet6(r2, &(0x7f0000000280)="4103092c8b03480401020200c52cf7c25975e005b02f0800eb2b2ff0dac8897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305f80a88161b6fd8f24286a57c3feffff", 0xfc13, 0x800, 0x0, 0x2f)
ppoll(&(0x7f0000000080)=[{r1}], 0x1, &(0x7f0000000100), 0x0, 0x0)

02:11:45 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff0180000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000700)=ANY=[@ANYBLOB="3801"], 0x138)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f0000000100)={0x30}, 0x30)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_any}]}})
utime(&(0x7f0000000040)='./file0\x00', 0x0)

02:11:45 executing program 1:
mremap(&(0x7f0000005000/0x4000)=nil, 0x4000, 0x1000, 0x0, &(0x7f0000003000/0x1000)=nil)
mlock2(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0)
prlimit64(0x0, 0x9, 0x0, 0x0)
syz_io_uring_setup(0x2dde, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000006000/0x2000)=nil, &(0x7f0000000100), &(0x7f0000000140))

02:11:46 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0xc008aec1, &(0x7f0000000640)={"06020000dd245c8495000040c9c8dc1964325fa96fa42b76040001c02bec0ba41f010a003a40c8a4024d564b3b00041f01ffff80003c5ca2c2000000ee377abaece6b88378e3d63a05010040361d264fe68b46485f02baee010100c04252066178868d1ef4b5ffff5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525a7e8c499a573577736800000000000008f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa006a832d309fcda5bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478fbe65449b404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8dfaf46099b1f58e068af6afbbc19db161c6df1e7c9c71bc08a282fc2c142856b5e69aff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684364673dcfa9235ea6dcac779ff000000000000003d185afe28b774b99d38c90937428617de4cdd6f53c419ce31054182fd898af706f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e9605ab8c3c43840abd17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca702f78b233b5208752726ed9f0c340d494b92d19cc9303b8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba160cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33d45fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33ca14de8768ddbc02a484c345c3efb254297b010000009c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f47692613e28387e955722908dd88b56163be8312ff47c5b6f070072975af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047666865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffb7e7603970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8fdcda80ce975ec1381b1cec6ddaa76e186719d8191643002000"})

[  683.473688][T14662] binder: Unknown parameter 'rootcontext'
02:11:46 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000440)=ANY=[@ANYBLOB="61124c000000000061134c0000000000bf2000000000000007030000151b00093d030100000000009500000000000000bc26000000000000bf67000000000000070600000fff07006706000003000000160600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cbf843dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe703057593d5cbcd6a12176efc246beef484bd66a2ee0cced3c0a037b8bdcd855cb40be258e1f778bc66d5242a57fa866fdce74af0f7c7ccc831046d281b11a6c775d9289bc996260ea61e61b578db4c93768e92c4ba2100f476c0cdfb205248ed39248013fc4c1bc6458e8bfc17f82d47d95453556a4198"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x74)

[  683.820103][T14669] =====================================================
[  683.827218][T14669] BUG: KMSAN: uninit-value in from_kuid+0x51d/0xbd0
[  683.833856][T14669]  from_kuid+0x51d/0xbd0
[  683.838142][T14669]  p9pdu_vwritef+0x15ab/0x5120
[  683.843001][T14669]  p9pdu_writef+0x23a/0x280
[  683.847548][T14669]  p9pdu_vwritef+0x21f0/0x5120
[  683.852353][T14669]  p9_client_prepare_req+0x9e3/0x1090
[  683.857766][T14669]  p9_client_rpc+0x276/0x1460
[  683.862483][T14669]  p9_client_setattr+0x115/0x2c0
[  683.867465][T14669]  v9fs_vfs_setattr_dotl+0x7e2/0xd70
[  683.872881][T14669]  notify_change+0x1fe3/0x2170
[  683.877718][T14669]  vfs_utimes+0x8aa/0xc70
[  683.882135][T14669]  __se_sys_utime32+0x386/0x520
[  683.887033][T14669]  __ia32_sys_utime32+0x91/0xc0
[  683.891937][T14669]  __do_fast_syscall_32+0x96/0xf0
[  683.897006][T14669]  do_fast_syscall_32+0x34/0x70
[  683.901910][T14669]  do_SYSENTER_32+0x1b/0x20
[  683.906457][T14669]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  683.912833][T14669] 
[  683.915163][T14669] Uninit was stored to memory at:
[  683.920257][T14669]  v9fs_vfs_setattr_dotl+0x58a/0xd70
[  683.925593][T14669]  notify_change+0x1fe3/0x2170
[  683.930402][T14669]  vfs_utimes+0x8aa/0xc70
[  683.934771][T14669]  __se_sys_utime32+0x386/0x520
[  683.939664][T14669]  __ia32_sys_utime32+0x91/0xc0
[  683.944551][T14669]  __do_fast_syscall_32+0x96/0xf0
[  683.949615][T14669]  do_fast_syscall_32+0x34/0x70
[  683.954500][T14669]  do_SYSENTER_32+0x1b/0x20
[  683.959036][T14669]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  683.965424][T14669] 
[  683.967747][T14669] Local variable newattrs created at:
[  683.973120][T14669]  vfs_utimes+0x69/0xc70
[  683.977393][T14669]  __se_sys_utime32+0x386/0x520
[  683.982276][T14669] 
[  683.984599][T14669] CPU: 1 PID: 14669 Comm: syz-executor.4 Not tainted 5.16.0-rc3-syzkaller #0
[  683.993395][T14669] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  684.003470][T14669] =====================================================
[  684.010421][T14669] Disabling lock debugging due to kernel taint
[  684.021198][T14669] Kernel panic - not syncing: kmsan.panic set ...
[  684.027632][T14669] CPU: 1 PID: 14669 Comm: syz-executor.4 Tainted: G    B             5.16.0-rc3-syzkaller #0
[  684.037826][T14669] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  684.047912][T14669] Call Trace:
[  684.051211][T14669]  <TASK>
[  684.054159][T14669]  dump_stack_lvl+0x1ff/0x28e
[  684.058891][T14669]  dump_stack+0x25/0x28
[  684.063081][T14669]  panic+0x467/0xe03
[  684.067102][T14669]  ? add_taint+0x187/0x210
[  684.071595][T14669]  ? _raw_spin_unlock_irqrestore+0x78/0xb0
[  684.077461][T14669]  kmsan_report+0x306/0x310
[  684.082045][T14669]  ? __msan_warning+0xb8/0x130
[  684.086861][T14669]  ? from_kuid+0x51d/0xbd0
[  684.091310][T14669]  ? p9pdu_vwritef+0x15ab/0x5120
[  684.096298][T14669]  ? p9pdu_writef+0x23a/0x280
[  684.101029][T14669]  ? p9pdu_vwritef+0x21f0/0x5120
[  684.106008][T14669]  ? p9_client_prepare_req+0x9e3/0x1090
[  684.111595][T14669]  ? p9_client_rpc+0x276/0x1460
[  684.116476][T14669]  ? p9_client_setattr+0x115/0x2c0
[  684.121619][T14669]  ? v9fs_vfs_setattr_dotl+0x7e2/0xd70
[  684.127130][T14669]  ? notify_change+0x1fe3/0x2170
[  684.132095][T14669]  ? vfs_utimes+0x8aa/0xc70
[  684.136629][T14669]  ? __se_sys_utime32+0x386/0x520
[  684.141693][T14669]  ? __ia32_sys_utime32+0x91/0xc0
[  684.146761][T14669]  ? __do_fast_syscall_32+0x96/0xf0
[  684.151994][T14669]  ? do_fast_syscall_32+0x34/0x70
[  684.157058][T14669]  ? do_SYSENTER_32+0x1b/0x20
[  684.161773][T14669]  ? entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  684.168316][T14669]  ? p9_client_rpc+0x276/0x1460
[  684.173194][T14669]  ? p9_client_setattr+0x115/0x2c0
[  684.178340][T14669]  ? v9fs_vfs_setattr_dotl+0x7e2/0xd70
[  684.183854][T14669]  ? notify_change+0x1fe3/0x2170
[  684.188846][T14669]  ? vfs_utimes+0x8aa/0xc70
[  684.193409][T14669]  ? __se_sys_utime32+0x386/0x520
[  684.198494][T14669]  ? __ia32_sys_utime32+0x91/0xc0
[  684.203566][T14669]  ? __do_fast_syscall_32+0x96/0xf0
[  684.208807][T14669]  ? do_fast_syscall_32+0x34/0x70
[  684.213869][T14669]  ? do_SYSENTER_32+0x1b/0x20
[  684.218581][T14669]  ? entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  684.225124][T14669]  ? p9pdu_vwritef+0x21f0/0x5120
[  684.230092][T14669]  ? p9_client_prepare_req+0x9e3/0x1090
[  684.235671][T14669]  ? p9_client_rpc+0x276/0x1460
[  684.240550][T14669]  ? p9_client_setattr+0x115/0x2c0
[  684.245691][T14669]  ? v9fs_vfs_setattr_dotl+0x7e2/0xd70
[  684.251194][T14669]  ? notify_change+0x1fe3/0x2170
[  684.256162][T14669]  ? vfs_utimes+0x8aa/0xc70
[  684.260699][T14669]  ? __se_sys_utime32+0x386/0x520
[  684.265760][T14669]  ? __ia32_sys_utime32+0x91/0xc0
[  684.270821][T14669]  ? __do_fast_syscall_32+0x96/0xf0
[  684.276057][T14669]  ? do_fast_syscall_32+0x34/0x70
[  684.281119][T14669]  ? do_SYSENTER_32+0x1b/0x20
[  684.285829][T14669]  ? entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  684.292374][T14669]  ? __stack_depot_save+0x1db/0x510
[  684.297620][T14669]  ? preempt_count_sub+0xf8/0x340
[  684.302786][T14669]  ? kmsan_get_metadata+0xa4/0x120
[  684.307945][T14669]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  684.313803][T14669]  __msan_warning+0xb8/0x130
[  684.318432][T14669]  from_kuid+0x51d/0xbd0
[  684.322715][T14669]  ? kmsan_internal_set_shadow_origin+0x63/0xc0
[  684.329008][T14669]  ? p9pdu_vwritef+0x157e/0x5120
[  684.333979][T14669]  ? p9pdu_writef+0x23a/0x280
[  684.338688][T14669]  p9pdu_vwritef+0x15ab/0x5120
[  684.343510][T14669]  ? _raw_spin_unlock_irqrestore+0x78/0xb0
[  684.349369][T14669]  ? get_partial_node+0xc4f/0xd00
[  684.354432][T14669]  ? __stack_depot_save+0x1db/0x510
[  684.359680][T14669]  ? preempt_count_sub+0xf8/0x340
[  684.364772][T14669]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  684.370629][T14669]  p9pdu_writef+0x23a/0x280
[  684.375184][T14669]  ? kmsan_get_metadata+0xa4/0x120
[  684.380345][T14669]  ? kmsan_get_metadata+0xa4/0x120
[  684.385503][T14669]  p9pdu_vwritef+0x21f0/0x5120
[  684.390314][T14669]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  684.396210][T14669]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  684.402067][T14669]  p9_client_prepare_req+0x9e3/0x1090
[  684.407497][T14669]  p9_client_rpc+0x276/0x1460
[  684.412227][T14669]  ? v9fs_fid_lookup_with_uid+0x15d/0x18d0
[  684.418101][T14669]  ? kmsan_get_metadata+0xa4/0x120
[  684.423262][T14669]  p9_client_setattr+0x115/0x2c0
[  684.428237][T14669]  ? kmsan_get_metadata+0xa4/0x120
[  684.433400][T14669]  v9fs_vfs_setattr_dotl+0x7e2/0xd70
[  684.438753][T14669]  ? v9fs_open_to_dotl_flags+0xe0/0xe0
[  684.444274][T14669]  notify_change+0x1fe3/0x2170
[  684.449105][T14669]  vfs_utimes+0x8aa/0xc70
[  684.453511][T14669]  __se_sys_utime32+0x386/0x520
[  684.458419][T14669]  ? kmsan_get_shadow_origin_ptr+0x9b/0xf0
[  684.464290][T14669]  __ia32_sys_utime32+0x91/0xc0
[  684.469185][T14669]  __do_fast_syscall_32+0x96/0xf0
[  684.474251][T14669]  do_fast_syscall_32+0x34/0x70
[  684.479138][T14669]  do_SYSENTER_32+0x1b/0x20
[  684.483681][T14669]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  684.490049][T14669] RIP: 0023:0xf6eb3549
[  684.494131][T14669] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00
[  684.513774][T14669] RSP: 002b:00000000f5ead5fc EFLAGS: 00000296 ORIG_RAX: 000000000000001e
[  684.522234][T14669] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 0000000000000000
[  684.530230][T14669] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  684.538219][T14669] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  684.546208][T14669] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  684.554197][T14669] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  684.562202][T14669]  </TASK>
[  684.565471][T14669] Kernel Offset: disabled
[  684.569817][T14669] Rebooting in 86400 seconds..