74424][ C1] kmsan_save_stack_with_flags+0x3c/0x90 [ 2765.880078][ C1] kmsan_alloc_page+0x12a/0x310 [ 2765.884923][ C1] __alloc_pages_nodemask+0x5712/0x5e80 [ 2765.890488][ C1] alloc_pages_current+0x67d/0x990 [ 2765.895605][ C1] alloc_slab_page+0x111/0x12f0 [ 2765.900452][ C1] new_slab+0x2bc/0x1130 [ 2765.904752][ C1] ___slab_alloc+0x1533/0x1f30 [ 2765.909507][ C1] kmem_cache_alloc+0xb23/0xd70 [ 2765.914431][ C1] inet_twsk_alloc+0x135/0xba0 [ 2765.919195][ C1] tcp_time_wait+0xcd/0x10b0 [ 2765.924024][ C1] tcp_fin+0x1f9/0x890 [ 2765.928076][ C1] tcp_data_queue+0x24ce/0x9c40 [ 2765.932915][ C1] tcp_rcv_state_process+0x67db/0x7140 [ 2765.938361][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2765.942936][ C1] tcp_v4_rcv+0x4398/0x4d00 [ 2765.947557][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2765.952996][ C1] ip_local_deliver+0x62a/0x7c0 [ 2765.957843][ C1] ip_rcv+0x6cf/0x750 [ 2765.961813][ C1] process_backlog+0xf0b/0x1410 [ 2765.966652][ C1] net_rx_action+0x786/0x1aa0 [ 2765.971410][ C1] __do_softirq+0x311/0x83d 00:43:23 executing program 3: open(&(0x7f00000000c0)='./file0\x00', 0x204c2, 0x0) mount(&(0x7f0000001340)=ANY=[@ANYBLOB='./file0'], &(0x7f0000000180)='./file0\x00', 0x0, 0x30c5004, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x38028b8, &(0x7f0000000080)={[{@jqfmt_vfsv1='jqfmt=vfsv1'}]}) 00:43:23 executing program 1: r0 = openat$audio(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio\x00', 0x0, 0x0) io_setup(0x8, &(0x7f0000000140)=0x0) io_submit(r1, 0x1, &(0x7f0000000240)=[&(0x7f0000000200)={0x2, 0x0, 0x0, 0x5, 0x0, r0, 0x0}]) io_cancel(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0) 00:43:23 executing program 0: r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffdb5, &(0x7f00000001c0)=[{&(0x7f00000002c0)="2e00000033000502f0598064716356c10324fc44543fa8000a000a00053582c1b0a8ea8b090009801302127ad1bd", 0x2e}], 0x1}, 0x0) 00:43:23 executing program 2: r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x615, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x615, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) dup2(r0, r1) 00:43:23 executing program 4: r0 = openat$audio(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio\x00', 0x0, 0x0) io_setup(0x8, &(0x7f0000000140)=0x0) io_submit(r1, 0x1, &(0x7f0000000240)=[&(0x7f0000000200)={0x2, 0x0, 0x0, 0x5, 0x0, r0, 0x0}]) io_cancel(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0) 00:43:23 executing program 5: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) read$dsp(r0, &(0x7f0000000200)=""/4096, 0x1000) ioctl$SNDCTL_DSP_SPEED(r0, 0xc004500a, &(0x7f0000000000)) r1 = dup(r0) ioctl$SNDCTL_DSP_SUBDIVIDE(r1, 0xc0045009, &(0x7f0000000000)) [ 2769.461697][ T2264] netlink: 'syz-executor.0': attribute type 10 has an invalid length. 00:43:23 executing program 0: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) socket$nl_route(0x10, 0x3, 0x0) write$P9_RWALK(r0, &(0x7f0000000200)=ANY=[@ANYPTR64, @ANYBLOB="7bce1f"], 0xb) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x1012, r1, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r3 = perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0xfffffff6}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000001840)='./bus\x00', 0x84002, 0x0) write$P9_RREADDIR(r4, &(0x7f00000000c0)={0xb}, 0xb) dup2(r2, r3) 00:43:23 executing program 4: r0 = openat$audio(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio\x00', 0x0, 0x0) io_setup(0x8, &(0x7f0000000140)=0x0) io_submit(r1, 0x1, &(0x7f0000000240)=[&(0x7f0000000200)={0x2, 0x0, 0x0, 0x5, 0x0, r0, 0x0}]) io_cancel(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0) 00:43:23 executing program 1: r0 = openat$audio(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio\x00', 0x0, 0x0) io_setup(0x8, &(0x7f0000000140)=0x0) io_submit(r1, 0x1, &(0x7f0000000240)=[&(0x7f0000000200)={0x2, 0x0, 0x0, 0x5, 0x0, r0, 0x0}]) io_cancel(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0) 00:43:24 executing program 2: r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x615, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x615, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) dup2(r0, r1) [ 2770.121613][ T32] audit: type=1804 audit(1583541804.179:487): pid=2387 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir189363725/syzkaller.eqSye8/2211/bus" dev="sda1" ino=16786 res=1 [ 2770.149433][ T32] audit: type=1804 audit(1583541804.179:488): pid=2387 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir189363725/syzkaller.eqSye8/2211/bus" dev="sda1" ino=16786 res=1 00:43:24 executing program 4: socket(0x0, 0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x2a9, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="000000000000000028001200090001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="0000b20000000000"], 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000004007a2a30005000000", @ANYRES32=r4, @ANYBLOB="00000000ffffffff000000000900010068667363000000000800020000000000"], 0x38}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000002480)=@newtfilter={0x34, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {}, {0x8}}, [@filter_kind_options=@f_basic={{0xa, 0x1, 'basic\x00'}, {0x4}}]}, 0x34}}, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route_sched(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000002480)=@newtfilter={0x34, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {}, {0x8}}, [@filter_kind_options=@f_basic={{0xa, 0x1, 'basic\x00'}, {0x4}}]}, 0x34}}, 0x0) sendmsg$nl_route_sched(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)=ANY=[@ANYBLOB="240000002e000102000000000000000700000000", @ANYRES32=r7, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\x00\x00'], 0x24}}, 0x4) 00:43:24 executing program 1: r0 = openat$audio(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio\x00', 0x0, 0x0) io_setup(0x8, &(0x7f0000000140)=0x0) io_submit(r1, 0x1, &(0x7f0000000240)=[&(0x7f0000000200)={0x2, 0x0, 0x0, 0x5, 0x0, r0, 0x0}]) io_cancel(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0) [ 2771.800408][ T2719] EXT4-fs (sda1): re-mounted. Opts: jqfmt=vfsv1, 00:43:27 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @empty}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000000), 0x20) 00:43:27 executing program 2: r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x615, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x615, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) dup2(r0, r1) 00:43:27 executing program 4: msgrcv(0x0, 0x0, 0x0, 0x0, 0x7000) 00:43:27 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) writev(r0, &(0x7f00000005c0)=[{&(0x7f00000000c0)="9f8194be5ace602f096d07ff00cd66299667b70536342623b372d82fefa01f9a2d03297f99b4e597f4e9fad324868e83f474d0c35449712f00c51c638e6aea4a8dee825286b31a260e60482bb0b4179b315d", 0x52}], 0x2000000000000172) 00:43:27 executing program 5: r0 = socket$phonet_pipe(0x23, 0x5, 0x2) bind(r0, &(0x7f0000000080)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @dev}}}, 0x80) 00:43:27 executing program 3: open(&(0x7f00000000c0)='./file0\x00', 0x204c2, 0x0) mount(&(0x7f0000001340)=ANY=[@ANYBLOB='./file0'], &(0x7f0000000180)='./file0\x00', 0x0, 0x30c5004, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x38028b8, &(0x7f0000000080)={[{@jqfmt_vfsv1='jqfmt=vfsv1'}]}) 00:43:28 executing program 1: r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000340)='/dev/nvram\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000400)=[{&(0x7f0000000600)=""/138, 0x8a}], 0x1, 0x0) 00:43:28 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000480)='SEG6\x00') sendmsg$SEG6_CMD_SETHMAC(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)={0x2c, r1, 0x1, 0x0, 0x0, {}, [@SEG6_ATTR_SECRETLEN={0x5, 0x5, 0xc}, @SEG6_ATTR_ALGID={0x5}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x5}]}, 0x2c}, 0x1, 0x6c}, 0x0) 00:43:28 executing program 2: r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x615, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x615, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) dup2(r0, r1) 00:43:28 executing program 0: mlockall(0x3) openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r3) r4 = fcntl$dupfd(r1, 0x0, r0) ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60) ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) 00:43:28 executing program 1: pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0xfec8) r3 = socket$inet6(0xa, 0x200000000003, 0x87) connect$inet6(r3, &(0x7f00000002c0)={0xa, 0x0, 0x0, @mcast1, 0x7}, 0x1c) setsockopt$inet6_opts(r3, 0x29, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="3308000400000000fe8000000000000000000000efffffa9377d45c5731252e03addfa612ad9d527fe8000000000000000000000000000aaff930000000000000000000000000001"], 0x48) perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) splice(r0, 0x0, r2, 0x0, 0x10005, 0x0) 00:43:28 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@ipv6_newroute={0x2c, 0x18, 0x1, 0x0, 0x0, {}, [@RTA_OIF={0x8, 0x1e}, @RTA_OIF={0x8}]}, 0x2c}}, 0x0) 00:43:29 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSSOFTCAR(r1, 0x541a, &(0x7f0000000c00)) 00:43:29 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000080)='SMC_PNETID\x00') sendmsg$SMC_PNETID_GET(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000005c0)={0x14, r1, 0x303}, 0x14}}, 0x0) 00:43:29 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@newlink={0x70, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @bridge_slave={{0x11, 0x1, 'bridge_slave\x00'}, {0x14, 0x5, 0x0, 0x1, [@IFLA_BRPORT_STATE={0x5}, @IFLA_BRPORT_GROUP_FWD_MASK={0x6}]}}}, @IFLA_MAP={0x24}]}, 0x70}}, 0x0) 00:43:29 executing program 1: r0 = socket(0x2, 0x5, 0x0) setsockopt$inet_sctp_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c}, 0xe) [ 2775.581885][ T3051] bridge0: port 1(bridge_slave_0) entered disabled state [ 2775.590541][ T3051] bridge0: port 1(bridge_slave_0) entered blocking state [ 2775.597917][ T3051] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2775.607442][ T3051] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 2776.773365][ C0] not chained 630000 origins [ 2776.778035][ C0] CPU: 0 PID: 5371 Comm: kworker/u4:4 Not tainted 5.6.0-rc2-syzkaller #0 [ 2776.786444][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2776.796614][ C0] Workqueue: krdsd rds_connect_worker [ 2776.802015][ C0] Call Trace: [ 2776.805328][ C0] [ 2776.808192][ C0] dump_stack+0x1c9/0x220 [ 2776.812548][ C0] kmsan_internal_chain_origin+0x6f/0x130 [ 2776.818292][ C0] ? should_fail+0x72/0x9e0 [ 2776.822806][ C0] ? ret_from_fork+0x35/0x40 [ 2776.827679][ C0] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 2776.833761][ C0] ? arch_stack_walk+0x34c/0x3e0 [ 2776.838722][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2776.843969][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2776.849199][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2776.855025][ C0] ? kmsan_get_metadata+0x4f/0x180 [ 2776.860165][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2776.865997][ C0] ? __msan_metadata_ptr_for_store_2+0x13/0x20 [ 2776.872167][ C0] ? tcp_parse_options+0x1ada/0x1b90 [ 2776.877625][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2776.882840][ C0] __msan_chain_origin+0x50/0x90 [ 2776.887794][ C0] tcp_conn_request+0x174b/0x4d10 [ 2776.892865][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2776.898074][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2776.903314][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2776.909147][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2776.914376][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2776.919505][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2776.924541][ C0] ? inet6_sk_rx_dst_set+0x3d0/0x3d0 [ 2776.929837][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2776.935222][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2776.940436][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2776.946255][ C0] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 2776.952358][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2776.957587][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2776.962203][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2776.966765][ C0] ? tcp_filter+0xf0/0xf0 [ 2776.971099][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2776.976581][ C0] ip_local_deliver+0x62a/0x7c0 [ 2776.981454][ C0] ? ip_local_deliver+0x7c0/0x7c0 [ 2776.986484][ C0] ? ip_protocol_deliver_rcu+0xbc0/0xbc0 [ 2776.992289][ C0] ip_rcv+0x6cf/0x750 [ 2776.996290][ C0] ? ip_rcv_core+0x1270/0x1270 [ 2777.001062][ C0] ? ip_local_deliver_finish+0x350/0x350 [ 2777.006716][ C0] process_backlog+0xf0b/0x1410 [ 2777.011581][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2777.016814][ C0] ? ip_local_deliver_finish+0x350/0x350 [ 2777.022474][ C0] ? rps_trigger_softirq+0x2e0/0x2e0 [ 2777.027764][ C0] net_rx_action+0x786/0x1aa0 [ 2777.032472][ C0] ? net_tx_action+0xc30/0xc30 [ 2777.037505][ C0] __do_softirq+0x311/0x83d [ 2777.042033][ C0] do_softirq_own_stack+0x49/0x80 [ 2777.047054][ C0] [ 2777.050002][ C0] __local_bh_enable_ip+0x184/0x1d0 [ 2777.055215][ C0] local_bh_enable+0x36/0x40 [ 2777.059814][ C0] ip_finish_output2+0x2115/0x2610 [ 2777.065104][ C0] ? ctnetlink_net_exit_batch+0x180/0x180 [ 2777.071018][ C0] ? nf_ct_deliver_cached_events+0x403/0x6c0 [ 2777.077047][ C0] __ip_finish_output+0xaa7/0xd80 [ 2777.082104][ C0] ip_finish_output+0x166/0x410 [ 2777.086988][ C0] ip_output+0x593/0x680 [ 2777.091255][ C0] ? ip_mc_finish_output+0x6c0/0x6c0 [ 2777.096544][ C0] ? ip_finish_output+0x410/0x410 [ 2777.101994][ C0] __ip_queue_xmit+0x1b5c/0x21a0 [ 2777.106936][ C0] ? kmsan_set_origin_checked+0x95/0xf0 [ 2777.112475][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2777.117703][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2777.123102][ C0] ip_queue_xmit+0xcc/0xf0 [ 2777.127530][ C0] ? tcp_v4_fill_cb+0x580/0x580 [ 2777.132398][ C0] __tcp_transmit_skb+0x439c/0x6090 [ 2777.137700][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2777.143534][ C0] tcp_connect+0x4337/0x6920 [ 2777.148138][ C0] ? __msan_poison_alloca+0xf0/0x120 [ 2777.153426][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2777.158664][ C0] tcp_v4_connect+0x21fd/0x2370 [ 2777.164608][ C0] ? tcp_twsk_unique+0xba0/0xba0 [ 2777.169548][ C0] __inet_stream_connect+0x2fb/0x1340 [ 2777.174922][ C0] ? __local_bh_enable_ip+0x97/0x1d0 [ 2777.180232][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2777.185466][ C0] inet_stream_connect+0x101/0x180 [ 2777.190578][ C0] ? __inet_stream_connect+0x1340/0x1340 [ 2777.196210][ C0] rds_tcp_conn_path_connect+0x8a7/0xb80 [ 2777.201847][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2777.207050][ C0] ? rds_tcp_state_change+0x390/0x390 [ 2777.212442][ C0] rds_connect_worker+0x2a6/0x470 [ 2777.217512][ C0] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 2777.223595][ C0] ? rds_addr_cmp+0x200/0x200 [ 2777.228455][ C0] process_one_work+0x1555/0x1f40 [ 2777.233508][ C0] worker_thread+0xef6/0x2450 [ 2777.238222][ C0] kthread+0x4b5/0x4f0 [ 2777.242299][ C0] ? process_one_work+0x1f40/0x1f40 [ 2777.247507][ C0] ? kthread_blkcg+0xf0/0xf0 [ 2777.252120][ C0] ret_from_fork+0x35/0x40 [ 2777.256540][ C0] Uninit was stored to memory at: [ 2777.261593][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2777.267332][ C0] __msan_chain_origin+0x50/0x90 [ 2777.272281][ C0] tcp_conn_request+0x1781/0x4d10 [ 2777.277415][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2777.282523][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2777.287685][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2777.293059][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2777.297659][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2777.302172][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2777.307649][ C0] ip_local_deliver+0x62a/0x7c0 [ 2777.312492][ C0] ip_rcv+0x6cf/0x750 [ 2777.316478][ C0] process_backlog+0xf0b/0x1410 [ 2777.321333][ C0] net_rx_action+0x786/0x1aa0 [ 2777.326009][ C0] __do_softirq+0x311/0x83d [ 2777.330507][ C0] [ 2777.332830][ C0] Uninit was stored to memory at: [ 2777.337860][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2777.343585][ C0] __msan_chain_origin+0x50/0x90 [ 2777.348533][ C0] tcp_openreq_init_rwin+0xc22/0xc80 [ 2777.353830][ C0] tcp_conn_request+0x33d7/0x4d10 [ 2777.358854][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2777.363960][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2777.368991][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2777.374380][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2777.379052][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2777.383566][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2777.389114][ C0] ip_local_deliver+0x62a/0x7c0 [ 2777.393972][ C0] ip_rcv+0x6cf/0x750 [ 2777.397964][ C0] process_backlog+0xf0b/0x1410 [ 2777.403045][ C0] net_rx_action+0x786/0x1aa0 [ 2777.407723][ C0] __do_softirq+0x311/0x83d [ 2777.412217][ C0] [ 2777.414550][ C0] Uninit was stored to memory at: [ 2777.419671][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2777.425515][ C0] __msan_chain_origin+0x50/0x90 [ 2777.430451][ C0] tcp_conn_request+0x1781/0x4d10 [ 2777.435478][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2777.440585][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2777.445611][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2777.451144][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2777.456197][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2777.461146][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2777.466609][ C0] ip_local_deliver+0x62a/0x7c0 [ 2777.471489][ C0] ip_rcv+0x6cf/0x750 [ 2777.475472][ C0] process_backlog+0xf0b/0x1410 [ 2777.480323][ C0] net_rx_action+0x786/0x1aa0 [ 2777.485015][ C0] __do_softirq+0x311/0x83d [ 2777.489513][ C0] [ 2777.491832][ C0] Uninit was stored to memory at: [ 2777.497476][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2777.503292][ C0] __msan_chain_origin+0x50/0x90 [ 2777.508237][ C0] tcp_openreq_init_rwin+0xc22/0xc80 [ 2777.513569][ C0] tcp_conn_request+0x33d7/0x4d10 [ 2777.518591][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2777.523706][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2777.528737][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2777.534109][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2777.538694][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2777.543190][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2777.548644][ C0] ip_local_deliver+0x62a/0x7c0 [ 2777.553485][ C0] ip_rcv+0x6cf/0x750 [ 2777.557476][ C0] process_backlog+0xf0b/0x1410 [ 2777.562346][ C0] net_rx_action+0x786/0x1aa0 [ 2777.567105][ C0] __do_softirq+0x311/0x83d [ 2777.571592][ C0] [ 2777.573907][ C0] Uninit was stored to memory at: [ 2777.578930][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2777.584653][ C0] __msan_chain_origin+0x50/0x90 [ 2777.589581][ C0] tcp_conn_request+0x1781/0x4d10 [ 2777.594601][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2777.599704][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2777.604718][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2777.610079][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2777.614675][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2777.619183][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2777.624638][ C0] ip_local_deliver+0x62a/0x7c0 [ 2777.631042][ C0] ip_rcv+0x6cf/0x750 [ 2777.635051][ C0] process_backlog+0xf0b/0x1410 [ 2777.639890][ C0] net_rx_action+0x786/0x1aa0 [ 2777.644573][ C0] __do_softirq+0x311/0x83d [ 2777.649058][ C0] [ 2777.651370][ C0] Uninit was stored to memory at: [ 2777.656387][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2777.662117][ C0] __msan_chain_origin+0x50/0x90 [ 2777.667047][ C0] tcp_openreq_init_rwin+0xc22/0xc80 [ 2777.672409][ C0] tcp_conn_request+0x33d7/0x4d10 [ 2777.677425][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2777.682524][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2777.687535][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2777.692894][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2777.697474][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2777.701967][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2777.707413][ C0] ip_local_deliver+0x62a/0x7c0 [ 2777.712255][ C0] ip_rcv+0x6cf/0x750 [ 2777.716230][ C0] process_backlog+0xf0b/0x1410 [ 2777.721072][ C0] net_rx_action+0x786/0x1aa0 [ 2777.725741][ C0] __do_softirq+0x311/0x83d [ 2777.730233][ C0] [ 2777.732556][ C0] Uninit was stored to memory at: [ 2777.737583][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2777.743319][ C0] __msan_chain_origin+0x50/0x90 [ 2777.748250][ C0] tcp_conn_request+0x1781/0x4d10 [ 2777.753289][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2777.758400][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2777.763417][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2777.768803][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2777.773430][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2777.778555][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2777.784007][ C0] ip_local_deliver+0x62a/0x7c0 [ 2777.788853][ C0] ip_rcv+0x6cf/0x750 [ 2777.792827][ C0] process_backlog+0xf0b/0x1410 [ 2777.797670][ C0] net_rx_action+0x786/0x1aa0 [ 2777.802338][ C0] __do_softirq+0x311/0x83d [ 2777.806821][ C0] [ 2777.809135][ C0] Uninit was created at: [ 2777.813370][ C0] kmsan_save_stack_with_flags+0x3c/0x90 [ 2777.818999][ C0] kmsan_alloc_page+0x12a/0x310 [ 2777.823923][ C0] __alloc_pages_nodemask+0x5712/0x5e80 [ 2777.829455][ C0] alloc_pages_current+0x67d/0x990 [ 2777.834641][ C0] alloc_slab_page+0x111/0x12f0 [ 2777.839487][ C0] new_slab+0x2bc/0x1130 [ 2777.843802][ C0] ___slab_alloc+0x1533/0x1f30 [ 2777.848551][ C0] kmem_cache_alloc+0xb23/0xd70 [ 2777.853387][ C0] inet_reqsk_alloc+0xac/0x830 [ 2777.858228][ C0] tcp_conn_request+0x753/0x4d10 [ 2777.863159][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2777.869571][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2777.874931][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2777.879508][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2777.884008][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2777.889454][ C0] ip_local_deliver+0x62a/0x7c0 [ 2777.894303][ C0] ip_sublist_rcv+0x11fa/0x13c0 [ 2777.899141][ C0] ip_list_rcv+0x8eb/0x950 [ 2777.903552][ C0] __netif_receive_skb_list_core+0x1311/0x1380 [ 2777.909766][ C0] netif_receive_skb_list_internal+0xf62/0x1620 [ 2777.916014][ C0] napi_complete_done+0x2ef/0xb60 [ 2777.921036][ C0] virtqueue_napi_complete+0xb9/0x1f0 [ 2777.926414][ C0] virtnet_poll+0x1468/0x19f0 [ 2777.931106][ C0] net_rx_action+0x786/0x1aa0 [ 2777.935805][ C0] __do_softirq+0x311/0x83d 00:43:32 executing program 5: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000480)='/dev/net/tun\x00', 0x80002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'\x00', 0x20000005002}) io_setup(0x4, &(0x7f0000000200)=0x0) io_submit(r1, 0x1, &(0x7f0000000600)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x800000000001, 0x0, r0, &(0x7f00000000c0)="e5fba5f95ab056840531", 0xa}]) 00:43:33 executing program 3: open(&(0x7f00000000c0)='./file0\x00', 0x204c2, 0x0) mount(&(0x7f0000001340)=ANY=[@ANYBLOB='./file0'], &(0x7f0000000180)='./file0\x00', 0x0, 0x30c5004, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x38028b8, &(0x7f0000000080)={[{@jqfmt_vfsv1='jqfmt=vfsv1'}]}) 00:43:33 executing program 4: r0 = socket(0x11, 0x800000003, 0x0) r1 = socket(0x11, 0x800000003, 0x0) bind(r1, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c58110308d9123127ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r1, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000140)=0x14) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000100)={r2, 0x5, 0x6, @local}, 0x10) r3 = socket(0x11, 0x2, 0x0) bind(r3, &(0x7f0000000080)=@generic={0x11, "000001000000000008fc9d71fc00000000000000f8ffff002e0b3836005404b0d6301a4ce875f2e3ff5f163ee340b76795008000f8000000000104003c5811039e15775027ecce66fd792bbf0e5bf5ff9b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ff42c65400"}, 0x80) getsockname$packet(r3, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000140)=0x14) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={r4, 0x1, 0x6}, 0x10) setsockopt$packet_add_memb(r0, 0x107, 0x2, &(0x7f0000000240)={r2, 0x1, 0x6, @remote}, 0x10) 00:43:33 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f0000000840)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f00000000c0)="eb3c906d6b66732e66617400020409ed01000270fff8", 0x16}], 0x0, 0x0) r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x1c507e, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0x49f) r2 = open(&(0x7f0000000240)='./bus\x00', 0x1c9c3e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7fffff, 0x4002011, r2, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup2(r3, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000600)={0x7}, 0xa00) 00:43:33 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@newlink={0x70, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @bridge_slave={{0x11, 0x1, 'bridge_slave\x00'}, {0x14, 0x5, 0x0, 0x1, [@IFLA_BRPORT_STATE={0x5}, @IFLA_BRPORT_GROUP_FWD_MASK={0x6}]}}}, @IFLA_MAP={0x24}]}, 0x70}}, 0x0) 00:43:33 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='ramfs\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x100000, 0x0) mount(0x0, &(0x7f0000000080)='.', 0x0, 0x0, 0x0) mount(&(0x7f0000000000), &(0x7f00000000c0)='.', 0x0, 0x23080, 0x0) mount(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x80000, 0x0) mount(&(0x7f0000000080), &(0x7f0000187ff8)='.', 0x0, 0x5010, 0x0) mount(&(0x7f0000000080), &(0x7f0000000140)='.', 0x0, 0x5110, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000180)='mountinfo\x00') preadv(r0, &(0x7f0000000940)=[{&(0x7f0000000040)=""/42, 0x2a}, {&(0x7f00000008c0)=""/106, 0x5b}, {&(0x7f00000007c0)=""/242, 0xf2}, {&(0x7f0000001380)=""/239, 0xfc36}], 0xc7, 0x300) 00:43:33 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c0000006900fdff0000000000000000000200030400000004000a84"], 0x1c}}, 0x0) [ 2779.285819][ T3389] device lo entered promiscuous mode [ 2779.311333][ T3385] device lo left promiscuous mode [ 2779.380430][ T3391] bridge0: port 1(bridge_slave_0) entered disabled state [ 2779.389899][ T3391] bridge0: port 1(bridge_slave_0) entered blocking state [ 2779.397349][ T3391] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2779.406723][ T3391] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 2779.426530][ T32] audit: type=1800 audit(1583541813.469:489): pid=3392 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="loop1" ino=55 res=0 [ 2779.449767][ T32] audit: type=1400 audit(1583541813.469:490): avc: denied { map } for pid=3386 comm="syz-executor.1" path="/root/syzkaller-testdir220426166/syzkaller.meuucw/1558/file0/bus" dev="loop1" ino=55 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:dosfs_t:s0 tclass=file permissive=1 00:43:33 executing program 1: r0 = socket(0x18, 0x0, 0x0) getsockopt$SO_BINDTODEVICE(r0, 0x1, 0xd, &(0x7f0000000000), 0x20a154cc) 00:43:33 executing program 0: r0 = syz_open_dev$sndctrl(&(0x7f0000001080)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r0, 0x40045542, 0x0) 00:43:34 executing program 1: r0 = socket(0x18, 0x0, 0x0) getsockopt$SO_BINDTODEVICE(r0, 0x1, 0xd, &(0x7f0000000000), 0x20a154cc) 00:43:34 executing program 4: r0 = socket(0x11, 0x800000003, 0x0) r1 = socket(0x11, 0x800000003, 0x0) bind(r1, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c58110308d9123127ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r1, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000140)=0x14) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000100)={r2, 0x5, 0x6, @local}, 0x10) r3 = socket(0x11, 0x2, 0x0) bind(r3, &(0x7f0000000080)=@generic={0x11, "000001000000000008fc9d71fc00000000000000f8ffff002e0b3836005404b0d6301a4ce875f2e3ff5f163ee340b76795008000f8000000000104003c5811039e15775027ecce66fd792bbf0e5bf5ff9b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ff42c65400"}, 0x80) getsockname$packet(r3, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000140)=0x14) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={r4, 0x1, 0x6}, 0x10) setsockopt$packet_add_memb(r0, 0x107, 0x2, &(0x7f0000000240)={r2, 0x1, 0x6, @remote}, 0x10) 00:43:34 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@newlink={0x70, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @bridge_slave={{0x11, 0x1, 'bridge_slave\x00'}, {0x14, 0x5, 0x0, 0x1, [@IFLA_BRPORT_STATE={0x5}, @IFLA_BRPORT_GROUP_FWD_MASK={0x6}]}}}, @IFLA_MAP={0x24}]}, 0x70}}, 0x0) 00:43:34 executing program 0: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x106}}, 0x20) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_MIGRATE_ID(r0, &(0x7f0000000140)={0x12, 0x10, 0xfa00, {0x0, r2, r3}}, 0x18) [ 2780.416141][ T3622] device lo entered promiscuous mode [ 2780.856985][ T3622] device lo left promiscuous mode 00:43:38 executing program 0: r0 = syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000040)={0x1}) 00:43:38 executing program 1: r0 = socket(0x18, 0x0, 0x0) getsockopt$SO_BINDTODEVICE(r0, 0x1, 0xd, &(0x7f0000000000), 0x20a154cc) 00:43:38 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@newlink={0x70, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @bridge_slave={{0x11, 0x1, 'bridge_slave\x00'}, {0x14, 0x5, 0x0, 0x1, [@IFLA_BRPORT_STATE={0x5}, @IFLA_BRPORT_GROUP_FWD_MASK={0x6}]}}}, @IFLA_MAP={0x24}]}, 0x70}}, 0x0) 00:43:38 executing program 4: r0 = socket(0x11, 0x800000003, 0x0) r1 = socket(0x11, 0x800000003, 0x0) bind(r1, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c58110308d9123127ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r1, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000140)=0x14) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000100)={r2, 0x5, 0x6, @local}, 0x10) r3 = socket(0x11, 0x2, 0x0) bind(r3, &(0x7f0000000080)=@generic={0x11, "000001000000000008fc9d71fc00000000000000f8ffff002e0b3836005404b0d6301a4ce875f2e3ff5f163ee340b76795008000f8000000000104003c5811039e15775027ecce66fd792bbf0e5bf5ff9b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ff42c65400"}, 0x80) getsockname$packet(r3, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000140)=0x14) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={r4, 0x1, 0x6}, 0x10) setsockopt$packet_add_memb(r0, 0x107, 0x2, &(0x7f0000000240)={r2, 0x1, 0x6, @remote}, 0x10) 00:43:38 executing program 5: clone(0x54041bc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = getpid() rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f00000000c0)) r1 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setuid(r2) tkill(r0, 0x0) 00:43:38 executing program 3: timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000000300)) socketpair$unix(0x1, 0x100000000001, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) pipe(&(0x7f00000006c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r0, 0x0, r1, 0x0, 0x8ec0, 0x0) write$FUSE_INIT(r1, &(0x7f0000000380)={0xfffffffffffffdc9}, 0xd03cb0e) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) r2 = gettid() tkill(r2, 0x16) [ 2784.917023][ T3938] bridge0: port 1(bridge_slave_0) entered disabled state [ 2784.925812][ T3938] bridge0: port 1(bridge_slave_0) entered blocking state [ 2784.933252][ T3938] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2784.942301][ T3938] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 2785.007511][ T3939] device lo entered promiscuous mode 00:43:39 executing program 0: r0 = socket$inet(0xa, 0x801, 0x84) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x82, &(0x7f0000000000), &(0x7f0000000040)=0x8) [ 2785.050488][ T3934] device lo left promiscuous mode 00:43:39 executing program 1: r0 = socket(0x18, 0x0, 0x0) getsockopt$SO_BINDTODEVICE(r0, 0x1, 0xd, &(0x7f0000000000), 0x20a154cc) 00:43:39 executing program 4: r0 = socket(0x11, 0x800000003, 0x0) r1 = socket(0x11, 0x800000003, 0x0) bind(r1, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c58110308d9123127ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r1, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000140)=0x14) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000100)={r2, 0x5, 0x6, @local}, 0x10) r3 = socket(0x11, 0x2, 0x0) bind(r3, &(0x7f0000000080)=@generic={0x11, "000001000000000008fc9d71fc00000000000000f8ffff002e0b3836005404b0d6301a4ce875f2e3ff5f163ee340b76795008000f8000000000104003c5811039e15775027ecce66fd792bbf0e5bf5ff9b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ff42c65400"}, 0x80) getsockname$packet(r3, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000140)=0x14) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000180)={r4, 0x1, 0x6}, 0x10) setsockopt$packet_add_memb(r0, 0x107, 0x2, &(0x7f0000000240)={r2, 0x1, 0x6, @remote}, 0x10) 00:43:39 executing program 2: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0) ioctl$SOUND_MIXER_WRITE_VOLUME(r0, 0x80044d76, 0x0) 00:43:39 executing program 1: r0 = syz_open_dev$evdev(&(0x7f0000000080)='/dev/input/event#\x00', 0xc, 0x21a01) write$evdev(0xffffffffffffffff, &(0x7f0000000100)=[{{}, 0x11, 0x200}], 0x18) write$evdev(r0, &(0x7f0000000040), 0x373) 00:43:39 executing program 0: syz_mount_image$iso9660(&(0x7f0000000040)='iso9660\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='uid=', @ANYRESHEX=0x0]) [ 2785.735352][ T3953] device lo entered promiscuous mode [ 2785.769628][ T3950] device lo left promiscuous mode 00:43:39 executing program 2: move_pages(0x0, 0x20000047, &(0x7f0000000080), 0x0, &(0x7f0000000100), 0x0) 00:43:40 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x32) 00:43:40 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x2a9, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r5, @ANYBLOB="000000000000000028001200090001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="0000b20000000000"], 0x48}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000004007a2a30005000000", @ANYRES32=r5, @ANYBLOB="00000000ffffffff000000000900010068667363000000000800020000000000"], 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=@newtfilter={0x38, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0xffe0}, {}, {0xf}}, [@filter_kind_options=@f_u32={{0x8, 0x1, 'u32\x00'}, {0xc, 0x2, [@TCA_U32_DIVISOR={0x8, 0x4, 0x4}]}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r5}}, 0x24}}, 0x0) [ 2786.147377][T12094] Bluetooth: hci0: Frame reassembly failed (-84) [ 2786.166924][ T3964] Bluetooth: received HCILL_WAKE_UP_IND in state 2 00:43:40 executing program 2: r0 = syz_open_dev$video4linux(&(0x7f0000001500)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f0000001540)) [ 2786.528587][ T3975] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. 00:43:41 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x2a9, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r5, @ANYBLOB="000000000000000028001200090001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="0000b20000000000"], 0x48}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000004007a2a30005000000", @ANYRES32=r5, @ANYBLOB="00000000ffffffff000000000900010068667363000000000800020000000000"], 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=@newtfilter={0x38, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0xffe0}, {}, {0xf}}, [@filter_kind_options=@f_u32={{0x8, 0x1, 'u32\x00'}, {0xc, 0x2, [@TCA_U32_DIVISOR={0x8, 0x4, 0x4}]}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r5}}, 0x24}}, 0x0) [ 2787.123546][ T4179] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'. [ 2788.174934][T11945] Bluetooth: hci0: command 0x1003 tx timeout [ 2788.181577][ T3965] Bluetooth: hci0: sending frame failed (-49) [ 2788.802229][ C0] not chained 640000 origins [ 2788.806891][ C0] CPU: 0 PID: 5371 Comm: kworker/u4:4 Not tainted 5.6.0-rc2-syzkaller #0 [ 2788.815411][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2788.825677][ C0] Workqueue: krdsd rds_tcp_accept_worker [ 2788.831380][ C0] Call Trace: [ 2788.835355][ C0] [ 2788.838222][ C0] dump_stack+0x1c9/0x220 [ 2788.842562][ C0] ? tcp_v4_do_rcv+0xb0f/0xd70 [ 2788.847359][ C0] kmsan_internal_chain_origin+0x6f/0x130 [ 2788.853103][ C0] ? ip_finish_output2+0x2115/0x2610 [ 2788.858377][ C0] ? __ip_finish_output+0xaa7/0xd80 [ 2788.863558][ C0] ? ip_finish_output+0x166/0x410 [ 2788.868603][ C0] ? ip_output+0x593/0x680 [ 2788.873033][ C0] ? __ip_queue_xmit+0x1b5c/0x21a0 [ 2788.878743][ C0] ? ip_queue_xmit+0xcc/0xf0 [ 2788.883323][ C0] ? __tcp_transmit_skb+0x439c/0x6090 [ 2788.888719][ C0] ? tcp_write_xmit+0x30e1/0xb470 [ 2788.893728][ C0] ? __tcp_push_pending_frames+0x124/0x4e0 [ 2788.899523][ C0] ? tcp_send_fin+0x131e/0x1570 [ 2788.904356][ C0] ? tcp_shutdown+0x188/0x200 [ 2788.909019][ C0] ? inet_shutdown+0x342/0x5e0 [ 2788.913767][ C0] ? kernel_sock_shutdown+0x9d/0xc0 [ 2788.918962][ C0] ? rds_tcp_accept_one+0xe17/0x1060 [ 2788.924256][ C0] ? rds_tcp_accept_worker+0x61/0x160 [ 2788.929614][ C0] ? process_one_work+0x1555/0x1f40 [ 2788.934809][ C0] ? worker_thread+0xef6/0x2450 [ 2788.940749][ C0] ? kthread+0x4b5/0x4f0 [ 2788.944997][ C0] ? ret_from_fork+0x35/0x40 [ 2788.949589][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2788.954786][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2788.960597][ C0] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 2788.966662][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2788.971866][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2788.977814][ C0] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 2788.984000][ C0] ? __msan_get_context_state+0x9/0x20 [ 2788.989474][ C0] ? __module_get+0x19/0x230 [ 2788.994160][ C0] ? inet_twsk_alloc+0x7bb/0xba0 [ 2788.999092][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2789.004400][ C0] __msan_chain_origin+0x50/0x90 [ 2789.009430][ C0] tcp_time_wait+0xb7e/0x10b0 [ 2789.014149][ C0] tcp_fin+0x1f9/0x890 [ 2789.018221][ C0] tcp_data_queue+0x24ce/0x9c40 [ 2789.023081][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2789.028907][ C0] ? __msan_metadata_ptr_for_load_2+0x10/0x20 [ 2789.035025][ C0] tcp_rcv_state_process+0x67db/0x7140 [ 2789.040631][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2789.045872][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2789.051277][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2789.056040][ C0] tcp_v4_rcv+0x4398/0x4d00 [ 2789.060751][ C0] ? tcp_filter+0xf0/0xf0 [ 2789.065107][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2789.070583][ C0] ip_local_deliver+0x62a/0x7c0 [ 2789.075451][ C0] ? ip_local_deliver+0x7c0/0x7c0 [ 2789.080486][ C0] ? ip_protocol_deliver_rcu+0xbc0/0xbc0 [ 2789.086148][ C0] ip_rcv+0x6cf/0x750 [ 2789.090133][ C0] ? ip_rcv_core+0x1270/0x1270 [ 2789.094896][ C0] ? ip_local_deliver_finish+0x350/0x350 [ 2789.100559][ C0] process_backlog+0xf0b/0x1410 [ 2789.105422][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2789.110637][ C0] ? ip_local_deliver_finish+0x350/0x350 [ 2789.116308][ C0] ? rps_trigger_softirq+0x2e0/0x2e0 [ 2789.121593][ C0] net_rx_action+0x786/0x1aa0 [ 2789.126313][ C0] ? net_tx_action+0xc30/0xc30 [ 2789.131092][ C0] __do_softirq+0x311/0x83d [ 2789.135624][ C0] do_softirq_own_stack+0x49/0x80 [ 2789.140763][ C0] [ 2789.143698][ C0] __local_bh_enable_ip+0x184/0x1d0 [ 2789.148914][ C0] local_bh_enable+0x36/0x40 [ 2789.153513][ C0] ip_finish_output2+0x2115/0x2610 [ 2789.158615][ C0] ? ctnetlink_net_exit_batch+0x180/0x180 [ 2789.164329][ C0] ? nf_ct_deliver_cached_events+0x403/0x6c0 [ 2789.170318][ C0] __ip_finish_output+0xaa7/0xd80 [ 2789.175367][ C0] ip_finish_output+0x166/0x410 [ 2789.180232][ C0] ip_output+0x593/0x680 [ 2789.184498][ C0] ? ip_mc_finish_output+0x6c0/0x6c0 [ 2789.189798][ C0] ? ip_finish_output+0x410/0x410 [ 2789.194854][ C0] __ip_queue_xmit+0x1b5c/0x21a0 [ 2789.199815][ C0] ? kmsan_set_origin_checked+0x95/0xf0 [ 2789.205376][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2789.210582][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2789.215789][ C0] ip_queue_xmit+0xcc/0xf0 [ 2789.220221][ C0] ? tcp_v6_send_response+0x2920/0x2920 [ 2789.225764][ C0] __tcp_transmit_skb+0x439c/0x6090 [ 2789.231017][ C0] tcp_write_xmit+0x30e1/0xb470 [ 2789.235928][ C0] __tcp_push_pending_frames+0x124/0x4e0 [ 2789.241589][ C0] tcp_send_fin+0x131e/0x1570 [ 2789.246283][ C0] tcp_shutdown+0x188/0x200 [ 2789.250803][ C0] ? tcp_set_state+0x9d0/0x9d0 [ 2789.255585][ C0] inet_shutdown+0x342/0x5e0 [ 2789.260198][ C0] ? inet_recvmsg+0x7d0/0x7d0 [ 2789.264969][ C0] kernel_sock_shutdown+0x9d/0xc0 [ 2789.270017][ C0] rds_tcp_accept_one+0xe17/0x1060 [ 2789.275147][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2789.280468][ C0] rds_tcp_accept_worker+0x61/0x160 [ 2789.285678][ C0] ? rds_tcp_exit_net+0xcb0/0xcb0 [ 2789.291053][ C0] process_one_work+0x1555/0x1f40 [ 2789.296112][ C0] worker_thread+0xef6/0x2450 [ 2789.300809][ C0] kthread+0x4b5/0x4f0 [ 2789.306364][ C0] ? process_one_work+0x1f40/0x1f40 [ 2789.311576][ C0] ? kthread_blkcg+0xf0/0xf0 [ 2789.316178][ C0] ret_from_fork+0x35/0x40 [ 2789.320702][ C0] Uninit was stored to memory at: [ 2789.325733][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2789.332262][ C0] __msan_chain_origin+0x50/0x90 [ 2789.337283][ C0] inet_twsk_alloc+0xab6/0xba0 [ 2789.342150][ C0] tcp_time_wait+0xcd/0x10b0 [ 2789.347038][ C0] tcp_fin+0x1f9/0x890 [ 2789.351112][ C0] tcp_data_queue+0x24ce/0x9c40 [ 2789.355964][ C0] tcp_rcv_state_process+0x67db/0x7140 [ 2789.361453][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2789.366146][ C0] tcp_v4_rcv+0x4398/0x4d00 [ 2789.370657][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2789.376205][ C0] ip_local_deliver+0x62a/0x7c0 [ 2789.381051][ C0] ip_rcv+0x6cf/0x750 [ 2789.385030][ C0] process_backlog+0xf0b/0x1410 [ 2789.389879][ C0] net_rx_action+0x786/0x1aa0 [ 2789.394553][ C0] __do_softirq+0x311/0x83d [ 2789.399067][ C0] [ 2789.401410][ C0] Uninit was stored to memory at: [ 2789.406438][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2789.412188][ C0] __msan_chain_origin+0x50/0x90 [ 2789.417142][ C0] __inet_twsk_schedule+0x24e/0x2c0 [ 2789.422339][ C0] tcp_time_wait+0xaca/0x10b0 [ 2789.427008][ C0] tcp_fin+0x1f9/0x890 [ 2789.431078][ C0] tcp_data_queue+0x24ce/0x9c40 [ 2789.435920][ C0] tcp_rcv_state_process+0x67db/0x7140 [ 2789.441456][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2789.446072][ C0] tcp_v4_rcv+0x4398/0x4d00 [ 2789.450787][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2789.456247][ C0] ip_local_deliver+0x62a/0x7c0 [ 2789.461201][ C0] ip_rcv+0x6cf/0x750 [ 2789.465180][ C0] process_backlog+0xf0b/0x1410 [ 2789.470128][ C0] net_rx_action+0x786/0x1aa0 [ 2789.474816][ C0] __do_softirq+0x311/0x83d [ 2789.479309][ C0] [ 2789.481633][ C0] Uninit was stored to memory at: [ 2789.486659][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2789.492483][ C0] __msan_chain_origin+0x50/0x90 [ 2789.497413][ C0] tcp_time_wait+0xb7e/0x10b0 [ 2789.502072][ C0] tcp_fin+0x1f9/0x890 [ 2789.506139][ C0] tcp_data_queue+0x24ce/0x9c40 [ 2789.510984][ C0] tcp_rcv_state_process+0x67db/0x7140 [ 2789.516523][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2789.521107][ C0] tcp_v4_rcv+0x4398/0x4d00 [ 2789.525611][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2789.531179][ C0] ip_local_deliver+0x62a/0x7c0 [ 2789.536035][ C0] ip_rcv+0x6cf/0x750 [ 2789.540539][ C0] process_backlog+0xf0b/0x1410 [ 2789.545389][ C0] net_rx_action+0x786/0x1aa0 [ 2789.551027][ C0] __do_softirq+0x311/0x83d [ 2789.555529][ C0] [ 2789.557897][ C0] Uninit was stored to memory at: [ 2789.562933][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2789.568725][ C0] __msan_chain_origin+0x50/0x90 [ 2789.573660][ C0] inet_twsk_alloc+0xab6/0xba0 [ 2789.578430][ C0] tcp_time_wait+0xcd/0x10b0 [ 2789.583019][ C0] tcp_fin+0x1f9/0x890 [ 2789.587214][ C0] tcp_data_queue+0x24ce/0x9c40 [ 2789.592444][ C0] tcp_rcv_state_process+0x67db/0x7140 [ 2789.597921][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2789.602551][ C0] tcp_v4_rcv+0x4398/0x4d00 [ 2789.607065][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2789.612525][ C0] ip_local_deliver+0x62a/0x7c0 [ 2789.617385][ C0] ip_rcv+0x6cf/0x750 [ 2789.621392][ C0] process_backlog+0xf0b/0x1410 [ 2789.626276][ C0] net_rx_action+0x786/0x1aa0 [ 2789.630973][ C0] __do_softirq+0x311/0x83d [ 2789.635481][ C0] [ 2789.637812][ C0] Uninit was stored to memory at: [ 2789.642850][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2789.648591][ C0] __msan_chain_origin+0x50/0x90 [ 2789.653545][ C0] __inet_twsk_schedule+0x24e/0x2c0 [ 2789.658735][ C0] tcp_time_wait+0xaca/0x10b0 [ 2789.663404][ C0] tcp_fin+0x1f9/0x890 [ 2789.667467][ C0] tcp_data_queue+0x24ce/0x9c40 [ 2789.672321][ C0] tcp_rcv_state_process+0x67db/0x7140 [ 2789.677770][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2789.682346][ C0] tcp_v4_rcv+0x4398/0x4d00 [ 2789.687622][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2789.693097][ C0] ip_local_deliver+0x62a/0x7c0 [ 2789.697987][ C0] ip_rcv+0x6cf/0x750 [ 2789.702065][ C0] process_backlog+0xf0b/0x1410 [ 2789.706928][ C0] net_rx_action+0x786/0x1aa0 [ 2789.711610][ C0] __do_softirq+0x311/0x83d [ 2789.716308][ C0] [ 2789.718634][ C0] Uninit was stored to memory at: [ 2789.723741][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2789.729446][ C0] __msan_chain_origin+0x50/0x90 [ 2789.734381][ C0] tcp_time_wait+0xb7e/0x10b0 [ 2789.739077][ C0] tcp_fin+0x1f9/0x890 [ 2789.743171][ C0] tcp_data_queue+0x24ce/0x9c40 [ 2789.748029][ C0] tcp_rcv_state_process+0x67db/0x7140 [ 2789.753657][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2789.758237][ C0] tcp_v4_rcv+0x4398/0x4d00 [ 2789.762741][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2789.768280][ C0] ip_local_deliver+0x62a/0x7c0 [ 2789.773137][ C0] ip_rcv+0x6cf/0x750 [ 2789.777278][ C0] process_backlog+0xf0b/0x1410 [ 2789.782166][ C0] net_rx_action+0x786/0x1aa0 [ 2789.786848][ C0] __do_softirq+0x311/0x83d [ 2789.791394][ C0] [ 2789.793747][ C0] Uninit was stored to memory at: [ 2789.798770][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2789.806541][ C0] __msan_chain_origin+0x50/0x90 [ 2789.811478][ C0] inet_twsk_alloc+0xab6/0xba0 [ 2789.816327][ C0] tcp_time_wait+0xcd/0x10b0 [ 2789.820958][ C0] tcp_fin+0x1f9/0x890 [ 2789.825030][ C0] tcp_data_queue+0x24ce/0x9c40 [ 2789.829878][ C0] tcp_rcv_state_process+0x67db/0x7140 [ 2789.835331][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2789.839928][ C0] tcp_v4_rcv+0x4398/0x4d00 [ 2789.844425][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2789.849893][ C0] ip_local_deliver+0x62a/0x7c0 [ 2789.854752][ C0] ip_rcv+0x6cf/0x750 [ 2789.858730][ C0] process_backlog+0xf0b/0x1410 [ 2789.863685][ C0] net_rx_action+0x786/0x1aa0 [ 2789.868380][ C0] __do_softirq+0x311/0x83d [ 2789.872886][ C0] [ 2789.875203][ C0] Uninit was created at: [ 2789.879436][ C0] kmsan_save_stack_with_flags+0x3c/0x90 [ 2789.885069][ C0] kmsan_alloc_page+0x12a/0x310 [ 2789.889943][ C0] __alloc_pages_nodemask+0x5712/0x5e80 [ 2789.895483][ C0] alloc_pages_current+0x67d/0x990 [ 2789.900609][ C0] alloc_slab_page+0x111/0x12f0 [ 2789.905488][ C0] new_slab+0x2bc/0x1130 [ 2789.910427][ C0] ___slab_alloc+0x1533/0x1f30 [ 2789.915199][ C0] kmem_cache_alloc+0xb23/0xd70 [ 2789.920058][ C0] inet_twsk_alloc+0x135/0xba0 [ 2789.924945][ C0] tcp_time_wait+0xcd/0x10b0 [ 2789.929540][ C0] tcp_fin+0x1f9/0x890 [ 2789.933603][ C0] tcp_data_queue+0x24ce/0x9c40 [ 2789.938595][ C0] tcp_rcv_state_process+0x67db/0x7140 [ 2789.944053][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2789.949156][ C0] tcp_v4_rcv+0x4398/0x4d00 [ 2789.953652][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2789.959097][ C0] ip_local_deliver+0x62a/0x7c0 [ 2789.963935][ C0] ip_rcv+0x6cf/0x750 [ 2789.967913][ C0] process_backlog+0xf0b/0x1410 [ 2789.972756][ C0] net_rx_action+0x786/0x1aa0 [ 2789.977424][ C0] __do_softirq+0x311/0x83d [ 2790.255405][T11945] Bluetooth: hci0: command 0x1001 tx timeout [ 2790.261881][ T3965] Bluetooth: hci0: sending frame failed (-49) 00:43:44 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(aes)\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) recvmsg(r1, &(0x7f0000001e80)={0x0, 0x0, 0x0}, 0x0) 00:43:44 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000800)=@newlink={0x38, 0x10, 0xffffff1f, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ipip6={{0xb, 0x1, 'ip6tnl\x00'}, {0x8, 0x2, 0x0, 0x1, [@IFLA_IPTUN_COLLECT_METADATA={0x4}]}}}]}, 0x38}}, 0x0) 00:43:44 executing program 2: r0 = syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0) io_setup(0x9, &(0x7f0000000000)=0x0) io_submit(r1, 0x1, &(0x7f0000000180)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0}]) 00:43:44 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x2a9, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r5, @ANYBLOB="000000000000000028001200090001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="0000b20000000000"], 0x48}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000004007a2a30005000000", @ANYRES32=r5, @ANYBLOB="00000000ffffffff000000000900010068667363000000000800020000000000"], 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=@newtfilter={0x38, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0xffe0}, {}, {0xf}}, [@filter_kind_options=@f_u32={{0x8, 0x1, 'u32\x00'}, {0xc, 0x2, [@TCA_U32_DIVISOR={0x8, 0x4, 0x4}]}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r5}}, 0x24}}, 0x0) 00:43:44 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x2a9, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r5, @ANYBLOB="000000000000000028001200090001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="0000b20000000000"], 0x48}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000004007a2a30005000000", @ANYRES32=r5, @ANYBLOB="00000000ffffffff000000000900010068667363000000000800020000000000"], 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=@newtfilter={0x38, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0xffe0}, {}, {0xf}}, [@filter_kind_options=@f_u32={{0x8, 0x1, 'u32\x00'}, {0xc, 0x2, [@TCA_U32_DIVISOR={0x8, 0x4, 0x4}]}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r5}}, 0x24}}, 0x0) 00:43:44 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000140)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) pipe(0x0) write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x0, 0x0, 0x2, 0x0, 0x0, 0x4cb, 0x0, 0x0, 0x0, 0xdbe]}) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000000c0)=0x3d2, 0x4) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='ns\x00') perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x48) prctl$PR_SET_PDEATHSIG(0x1, 0x0) open(0x0, 0x0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) [ 2790.630533][ T4195] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. 00:43:44 executing program 2: r0 = creat(&(0x7f0000000140)='./bus\x00', 0x0) truncate(&(0x7f00000000c0)='./bus\x00', 0x1000) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x8c540, 0x0) lseek(r0, 0x0, 0x2) sendfile(r0, r1, 0x0, 0x20008) 00:43:45 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x2a9, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r5, @ANYBLOB="000000000000000028001200090001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="0000b20000000000"], 0x48}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000004007a2a30005000000", @ANYRES32=r5, @ANYBLOB="00000000ffffffff000000000900010068667363000000000800020000000000"], 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=@newtfilter={0x38, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0xffe0}, {}, {0xf}}, [@filter_kind_options=@f_u32={{0x8, 0x1, 'u32\x00'}, {0xc, 0x2, [@TCA_U32_DIVISOR={0x8, 0x4, 0x4}]}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r5}}, 0x24}}, 0x0) [ 2791.182824][ T4309] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'. [ 2792.335915][T11945] Bluetooth: hci0: command 0x1009 tx timeout 00:43:50 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x32) 00:43:50 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000140)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) pipe(0x0) write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x0, 0x0, 0x2, 0x0, 0x0, 0x4cb, 0x0, 0x0, 0x0, 0xdbe]}) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000000c0)=0x3d2, 0x4) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='ns\x00') perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x48) prctl$PR_SET_PDEATHSIG(0x1, 0x0) open(0x0, 0x0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) 00:43:50 executing program 2: r0 = syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0) connect$nfc_raw(r0, &(0x7f0000000000)={0x27, 0xfffffffd}, 0x10) 00:43:50 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x2a9, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r5, @ANYBLOB="000000000000000028001200090001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="0000b20000000000"], 0x48}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000004007a2a30005000000", @ANYRES32=r5, @ANYBLOB="00000000ffffffff000000000900010068667363000000000800020000000000"], 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=@newtfilter={0x38, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0xffe0}, {}, {0xf}}, [@filter_kind_options=@f_u32={{0x8, 0x1, 'u32\x00'}, {0xc, 0x2, [@TCA_U32_DIVISOR={0x8, 0x4, 0x4}]}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r5}}, 0x24}}, 0x0) 00:43:50 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x2a9, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r5, @ANYBLOB="000000000000000028001200090001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="0000b20000000000"], 0x48}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000004007a2a30005000000", @ANYRES32=r5, @ANYBLOB="00000000ffffffff000000000900010068667363000000000800020000000000"], 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=@newtfilter={0x38, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0xffe0}, {}, {0xf}}, [@filter_kind_options=@f_u32={{0x8, 0x1, 'u32\x00'}, {0xc, 0x2, [@TCA_U32_DIVISOR={0x8, 0x4, 0x4}]}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r5}}, 0x24}}, 0x0) 00:43:50 executing program 3: r0 = socket(0x1e, 0x1, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000000)=@req3={0x80000000}, 0x1c) getsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000080), &(0x7f00000000c0)=0x4) 00:43:50 executing program 2: r0 = syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0) connect$nfc_raw(r0, &(0x7f0000000000)={0x27, 0xfffffffd}, 0x10) [ 2796.999746][T23582] Bluetooth: hci0: Frame reassembly failed (-84) [ 2797.018961][ T4636] Bluetooth: received HCILL_WAKE_UP_IND in state 2 00:43:51 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000140)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) pipe(0x0) write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x0, 0x0, 0x2, 0x0, 0x0, 0x4cb, 0x0, 0x0, 0x0, 0xdbe]}) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000000c0)=0x3d2, 0x4) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='ns\x00') perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x48) prctl$PR_SET_PDEATHSIG(0x1, 0x0) open(0x0, 0x0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) 00:43:51 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140), 0x4) syz_emit_ethernet(0x26, &(0x7f0000000300)=ANY=[@ANYBLOB="74880f21234daaaaaaaaaa0081000000810045000000009078e0040012ffff054c55680b000000000000dce4f89df966a1607001f8ffff76be3b31f8f2704da954cfa71c3aa4593464f12d97c73573bbe5c56f1682860d260da8a9ff319a97866d2178e9e7d6f2beeaa5a37c515a8a863d617f4221d640452c1b34f41705ef85e43418169b9bda26c74ca098f06a989f2160ab6e5b"], 0x0) 00:43:51 executing program 2: r0 = syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0) connect$nfc_raw(r0, &(0x7f0000000000)={0x27, 0xfffffffd}, 0x10) 00:43:51 executing program 2: r0 = syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0) connect$nfc_raw(r0, &(0x7f0000000000)={0x27, 0xfffffffd}, 0x10) 00:43:52 executing program 0: r0 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x0, 0x0) ioctl$DRM_IOCTL_SET_VERSION(r0, 0xc0106407, &(0x7f0000000000)={0xffffffff, 0x0, 0xffffffff}) [ 2798.430726][ T4816] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'. [ 2799.054984][T32043] Bluetooth: hci0: command 0x1003 tx timeout [ 2799.061815][ T3965] Bluetooth: hci0: sending frame failed (-49) [ 2800.602582][ C1] not chained 650000 origins [ 2800.607222][ C1] CPU: 1 PID: 5371 Comm: kworker/u4:4 Not tainted 5.6.0-rc2-syzkaller #0 [ 2800.616233][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2800.626571][ C1] Workqueue: krdsd rds_connect_worker [ 2800.632764][ C1] Call Trace: [ 2800.636051][ C1] [ 2800.638908][ C1] dump_stack+0x1c9/0x220 [ 2800.643241][ C1] kmsan_internal_chain_origin+0x6f/0x130 [ 2800.649269][ C1] ? xfrm_lookup_route+0x2c1/0x370 [ 2800.654506][ C1] ? ip_route_output_flow+0x35a/0x3d0 [ 2800.660176][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2800.665451][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2800.670914][ C1] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2800.676944][ C1] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 2800.683487][ C1] ? tcp_select_initial_window+0x60d/0x6c0 [ 2800.689462][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2800.694903][ C1] __msan_chain_origin+0x50/0x90 [ 2800.700187][ C1] tcp_openreq_init_rwin+0xc22/0xc80 [ 2800.705867][ C1] tcp_conn_request+0x33d7/0x4d10 [ 2800.711220][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2800.716529][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2800.722078][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2800.727264][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2800.732284][ C1] ? inet6_sk_rx_dst_set+0x3d0/0x3d0 [ 2800.737745][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2800.743418][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2800.749173][ C1] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2800.754984][ C1] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 2800.761361][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2800.766874][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2800.771821][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2800.776467][ C1] ? tcp_filter+0xf0/0xf0 [ 2800.780806][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2800.786424][ C1] ip_local_deliver+0x62a/0x7c0 [ 2800.791281][ C1] ? ip_local_deliver+0x7c0/0x7c0 [ 2800.796499][ C1] ? ip_protocol_deliver_rcu+0xbc0/0xbc0 [ 2800.802146][ C1] ip_rcv+0x6cf/0x750 [ 2800.806137][ C1] ? ip_rcv_core+0x1270/0x1270 [ 2800.811035][ C1] ? ip_local_deliver_finish+0x350/0x350 [ 2800.816846][ C1] process_backlog+0xf0b/0x1410 [ 2800.821847][ C1] ? ip_local_deliver_finish+0x350/0x350 [ 2800.827733][ C1] ? rps_trigger_softirq+0x2e0/0x2e0 [ 2800.834182][ C1] net_rx_action+0x786/0x1aa0 [ 2800.839250][ C1] ? net_tx_action+0xc30/0xc30 [ 2800.844526][ C1] __do_softirq+0x311/0x83d [ 2800.849405][ C1] do_softirq_own_stack+0x49/0x80 [ 2800.854606][ C1] [ 2800.857648][ C1] __local_bh_enable_ip+0x184/0x1d0 [ 2800.863258][ C1] local_bh_enable+0x36/0x40 [ 2800.868222][ C1] ip_finish_output2+0x2115/0x2610 [ 2800.873736][ C1] ? ctnetlink_net_exit_batch+0x180/0x180 [ 2800.879718][ C1] ? nf_ct_deliver_cached_events+0x403/0x6c0 [ 2800.885810][ C1] __ip_finish_output+0xaa7/0xd80 [ 2800.891122][ C1] ip_finish_output+0x166/0x410 [ 2800.896453][ C1] ip_output+0x593/0x680 [ 2800.901240][ C1] ? ip_mc_finish_output+0x6c0/0x6c0 [ 2800.906670][ C1] ? ip_finish_output+0x410/0x410 [ 2800.911795][ C1] __ip_queue_xmit+0x1b5c/0x21a0 [ 2800.916748][ C1] ? kmsan_set_origin_checked+0x95/0xf0 [ 2800.922788][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2800.928427][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2800.933891][ C1] ip_queue_xmit+0xcc/0xf0 [ 2800.938882][ C1] ? tcp_v4_fill_cb+0x580/0x580 [ 2800.943733][ C1] __tcp_transmit_skb+0x439c/0x6090 [ 2800.949090][ C1] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2800.954911][ C1] tcp_connect+0x4337/0x6920 [ 2800.959562][ C1] ? __msan_poison_alloca+0xf0/0x120 [ 2800.964856][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2800.970066][ C1] tcp_v4_connect+0x21fd/0x2370 [ 2800.975054][ C1] ? tcp_twsk_unique+0xba0/0xba0 [ 2800.980089][ C1] __inet_stream_connect+0x2fb/0x1340 [ 2800.985903][ C1] ? __local_bh_enable_ip+0x97/0x1d0 [ 2800.991273][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2800.996523][ C1] inet_stream_connect+0x101/0x180 [ 2801.002459][ C1] ? __inet_stream_connect+0x1340/0x1340 [ 2801.008314][ C1] rds_tcp_conn_path_connect+0x8a7/0xb80 [ 2801.014346][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2801.019679][ C1] ? rds_tcp_state_change+0x390/0x390 [ 2801.025606][ C1] rds_connect_worker+0x2a6/0x470 [ 2801.030627][ C1] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 2801.036965][ C1] ? rds_addr_cmp+0x200/0x200 [ 2801.041753][ C1] process_one_work+0x1555/0x1f40 [ 2801.047226][ C1] worker_thread+0xef6/0x2450 [ 2801.052145][ C1] kthread+0x4b5/0x4f0 [ 2801.056358][ C1] ? process_one_work+0x1f40/0x1f40 [ 2801.061632][ C1] ? kthread_blkcg+0xf0/0xf0 [ 2801.066282][ C1] ret_from_fork+0x35/0x40 [ 2801.070759][ C1] Uninit was stored to memory at: [ 2801.075958][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2801.081853][ C1] __msan_chain_origin+0x50/0x90 [ 2801.087322][ C1] tcp_conn_request+0x1781/0x4d10 [ 2801.092861][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2801.098257][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2801.103533][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2801.109217][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2801.113803][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2801.118743][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2801.124879][ C1] ip_local_deliver+0x62a/0x7c0 [ 2801.129954][ C1] ip_rcv+0x6cf/0x750 [ 2801.134088][ C1] process_backlog+0xf0b/0x1410 [ 2801.139412][ C1] net_rx_action+0x786/0x1aa0 [ 2801.144102][ C1] __do_softirq+0x311/0x83d [ 2801.148630][ C1] [ 2801.150980][ C1] Uninit was stored to memory at: [ 2801.156431][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2801.162164][ C1] __msan_chain_origin+0x50/0x90 [ 2801.167259][ C1] tcp_openreq_init_rwin+0xc22/0xc80 [ 2801.172923][ C1] tcp_conn_request+0x33d7/0x4d10 [ 2801.178250][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2801.183597][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2801.189734][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2801.195199][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2801.200668][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2801.205334][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2801.211231][ C1] ip_local_deliver+0x62a/0x7c0 [ 2801.216415][ C1] ip_rcv+0x6cf/0x750 [ 2801.220703][ C1] process_backlog+0xf0b/0x1410 [ 2801.225943][ C1] net_rx_action+0x786/0x1aa0 [ 2801.231474][ C1] __do_softirq+0x311/0x83d [ 2801.237899][ C1] [ 2801.240947][ C1] Uninit was stored to memory at: [ 2801.247071][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2801.255458][ C1] __msan_chain_origin+0x50/0x90 [ 2801.261986][ C1] tcp_conn_request+0x1781/0x4d10 [ 2801.268131][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2801.274503][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2801.280354][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2801.286016][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2801.292872][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2801.298108][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2801.304216][ C1] ip_local_deliver+0x62a/0x7c0 [ 2801.309569][ C1] ip_rcv+0x6cf/0x750 [ 2801.314430][ C1] process_backlog+0xf0b/0x1410 [ 2801.319453][ C1] net_rx_action+0x786/0x1aa0 [ 2801.325455][ C1] __do_softirq+0x311/0x83d [ 2801.329950][ C1] [ 2801.332370][ C1] Uninit was stored to memory at: [ 2801.337540][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2801.343641][ C1] __msan_chain_origin+0x50/0x90 [ 2801.349622][ C1] tcp_openreq_init_rwin+0xc22/0xc80 [ 2801.355167][ C1] tcp_conn_request+0x33d7/0x4d10 [ 2801.361089][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2801.367469][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2801.374110][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2801.380190][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2801.385118][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2801.389945][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2801.396118][ C1] ip_local_deliver+0x62a/0x7c0 [ 2801.401696][ C1] ip_rcv+0x6cf/0x750 [ 2801.405844][ C1] process_backlog+0xf0b/0x1410 [ 2801.411655][ C1] net_rx_action+0x786/0x1aa0 [ 2801.416690][ C1] __do_softirq+0x311/0x83d [ 2801.421498][ C1] [ 2801.424163][ C1] Uninit was stored to memory at: [ 2801.429390][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2801.435924][ C1] __msan_chain_origin+0x50/0x90 [ 2801.441880][ C1] tcp_conn_request+0x1781/0x4d10 [ 2801.447283][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2801.452804][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2801.458160][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2801.464453][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2801.470144][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2801.475552][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2801.481520][ C1] ip_local_deliver+0x62a/0x7c0 [ 2801.488259][ C1] ip_rcv+0x6cf/0x750 [ 2801.493035][ C1] process_backlog+0xf0b/0x1410 [ 2801.498170][ C1] net_rx_action+0x786/0x1aa0 [ 2801.503020][ C1] __do_softirq+0x311/0x83d [ 2801.507548][ C1] [ 2801.509882][ C1] Uninit was stored to memory at: [ 2801.515387][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2801.521212][ C1] __msan_chain_origin+0x50/0x90 [ 2801.526485][ C1] tcp_openreq_init_rwin+0xc22/0xc80 [ 2801.532839][ C1] tcp_conn_request+0x33d7/0x4d10 [ 2801.538449][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2801.544146][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2801.549988][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2801.555915][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2801.560827][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2801.565589][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2801.571228][ C1] ip_local_deliver+0x62a/0x7c0 [ 2801.576417][ C1] ip_rcv+0x6cf/0x750 [ 2801.580790][ C1] process_backlog+0xf0b/0x1410 [ 2801.585818][ C1] net_rx_action+0x786/0x1aa0 [ 2801.590500][ C1] __do_softirq+0x311/0x83d [ 2801.595579][ C1] [ 2801.598274][ C1] Uninit was stored to memory at: [ 2801.603737][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2801.609717][ C1] __msan_chain_origin+0x50/0x90 [ 2801.614957][ C1] tcp_conn_request+0x1781/0x4d10 [ 2801.620145][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2801.625261][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2801.632270][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2801.637646][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2801.642599][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2801.647202][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2801.652737][ C1] ip_local_deliver+0x62a/0x7c0 [ 2801.658008][ C1] ip_rcv+0x6cf/0x750 [ 2801.662179][ C1] process_backlog+0xf0b/0x1410 [ 2801.667033][ C1] net_rx_action+0x786/0x1aa0 [ 2801.671917][ C1] __do_softirq+0x311/0x83d [ 2801.676583][ C1] [ 2801.678932][ C1] Uninit was created at: [ 2801.683346][ C1] kmsan_save_stack_with_flags+0x3c/0x90 [ 2801.689071][ C1] kmsan_alloc_page+0x12a/0x310 [ 2801.694098][ C1] __alloc_pages_nodemask+0x5712/0x5e80 [ 2801.699873][ C1] alloc_pages_current+0x67d/0x990 [ 2801.705168][ C1] alloc_slab_page+0x111/0x12f0 [ 2801.710011][ C1] new_slab+0x2bc/0x1130 [ 2801.714603][ C1] ___slab_alloc+0x1533/0x1f30 [ 2801.719847][ C1] kmem_cache_alloc+0xb23/0xd70 [ 2801.724822][ C1] inet_reqsk_alloc+0xac/0x830 [ 2801.729672][ C1] tcp_conn_request+0x753/0x4d10 [ 2801.734979][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2801.740477][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2801.746063][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2801.750689][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2801.755638][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2801.761373][ C1] ip_local_deliver+0x62a/0x7c0 [ 2801.766670][ C1] ip_sublist_rcv+0x11fa/0x13c0 [ 2801.771790][ C1] ip_list_rcv+0x8eb/0x950 [ 2801.776208][ C1] __netif_receive_skb_list_core+0x1311/0x1380 [ 2801.782911][ C1] netif_receive_skb_list_internal+0xf62/0x1620 [ 2801.789321][ C1] napi_complete_done+0x2ef/0xb60 [ 2801.794489][ C1] virtqueue_napi_complete+0xb9/0x1f0 [ 2801.800103][ C1] virtnet_poll+0x1468/0x19f0 [ 2801.805083][ C1] net_rx_action+0x786/0x1aa0 [ 2801.809911][ C1] __do_softirq+0x311/0x83d [ 2801.825950][T32043] Bluetooth: hci0: command 0x1001 tx timeout [ 2801.832601][ T3965] Bluetooth: hci0: sending frame failed (-49) [ 2803.854934][T32043] Bluetooth: hci0: command 0x1009 tx timeout 00:44:01 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x32) 00:44:01 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000140)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) pipe(0x0) write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x0, 0x0, 0x2, 0x0, 0x0, 0x4cb, 0x0, 0x0, 0x0, 0xdbe]}) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000000c0)=0x3d2, 0x4) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='ns\x00') perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x48) prctl$PR_SET_PDEATHSIG(0x1, 0x0) open(0x0, 0x0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) 00:44:01 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x8000}, 0x10) sendmsg$nl_xfrm(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000240)=@allocspi={0xf8, 0x12, 0x201, 0x0, 0x0, {{{@in=@empty=0x1000000, @in=@remote}, {@in=@remote}, @in=@multicast1}}}, 0xf8}}, 0x0) 00:44:01 executing program 2: r0 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFVLAN_SET_VLAN_NAME_TYPE_CMD(r0, 0x8982, &(0x7f0000000140)={0x6, 'sit0\x00'}) 00:44:01 executing program 5: r0 = memfd_create(&(0x7f0000000000)='\x00\x13\x06\x01\x00\x00\x00\x00\xe2\x19\xf6;\x00\x00', 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x11, r0, 0x0) r1 = socket(0x11, 0x800000003, 0x0) bind(r1, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) sendto$inet6(r1, &(0x7f0000000200)="ce0410008b3350ec00911efc0bb3", 0x10011, 0x8000000, 0x0, 0x0) 00:44:01 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000580)='/dev/rtc0\x00', 0x0, 0x0) ioctl$RTC_AIE_ON(r0, 0x7001) [ 2807.577547][ T4840] netlink: 216 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2807.587618][ T4840] netlink: 216 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2807.778916][T17642] Bluetooth: hci0: Frame reassembly failed (-84) [ 2807.789748][ T4872] Bluetooth: received HCILL_WAKE_UP_IND in state 2 00:44:01 executing program 2: r0 = memfd_create(&(0x7f0000000000)='dummy0\x00', 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000100)='system.posix_acl_access\x00', &(0x7f00000006c0), 0x24, 0x0) flistxattr(r0, 0x0, 0x0) 00:44:02 executing program 0: syz_emit_ethernet(0x76, &(0x7f0000000000)={@local, @broadcast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x68, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr, @empty}, {{0x0, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0) 00:44:02 executing program 1: r0 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r0, &(0x7f00000001c0)="1c0000001200050f0c1000000049b23e9b200a00080001c000000001", 0x1c, 0x0, 0x0, 0x0) recvfrom$inet6(r0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c) 00:44:02 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_int(r0, 0x0, 0xb, 0x0, &(0x7f0000000000)) 00:44:02 executing program 2: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000140)='proc\x00', 0x0, 0x0) syz_open_procfs(0x0, &(0x7f0000000080)='schedstat\x00') r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = memfd_create(&(0x7f0000000440)='\xb3\x17MS\xdb\xe0\x91~\xd8\x10\xb3\xd4\x9b\xfa\xdc\x1c\xb2\xc7\xdcp<\xefB\x05J\xe4cE\xbe\xd1C\xb5J\x16\'\xfb~\xfa\xfd\xbd\xdb\xc5\'\x8dmm\x9d\x9d\x1cv\x91y\xca\xec\xc7\xa5\xfa\xdf\xdc\xa7&!^\xac\x89a\x8c4\xa6\x85~e< \xc8d\xc4\xce\x7f\xb80\xd3\x03\x97\xea\x98\xfb.x\x1a3\x17\r\x00\xc8\xd0G\x1dq\x9c\x90g7$S8Sw:(+\xd6x$\xd4\xb2L\xf8\xf0<\n-\xe6\xb1\x0e&f\xec{YP%f\x02,M@ae\xe1\xeb*\x93\t', 0x0) write$FUSE_DIRENT(r1, &(0x7f0000000080)=ANY=[], 0x14) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r1, 0x0) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x0, 0x0) pread64(r2, 0x0, 0x0, 0x8) 00:44:02 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000003c0)='TIPCv2\x00') sendmsg$TIPC_NL_MON_SET(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000040)={0x20, r1, 0xe837355e7edbc837, 0x0, 0x0, {}, [@TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}]}]}, 0x20}}, 0x0) [ 2809.854974][T32043] Bluetooth: hci0: command 0x1003 tx timeout [ 2809.861509][ T3965] Bluetooth: hci0: sending frame failed (-49) [ 2811.039364][ C0] not chained 660000 origins [ 2811.044295][ C0] CPU: 0 PID: 5371 Comm: kworker/u4:4 Not tainted 5.6.0-rc2-syzkaller #0 [ 2811.052698][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2811.062770][ C0] Workqueue: krdsd rds_connect_worker [ 2811.068143][ C0] Call Trace: [ 2811.071508][ C0] [ 2811.074382][ C0] dump_stack+0x1c9/0x220 [ 2811.078797][ C0] kmsan_internal_chain_origin+0x6f/0x130 [ 2811.084515][ C0] ? should_fail+0x72/0x9e0 [ 2811.089124][ C0] ? ret_from_fork+0x35/0x40 [ 2811.093716][ C0] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 2811.099774][ C0] ? arch_stack_walk+0x34c/0x3e0 [ 2811.104727][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2811.109936][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2811.115325][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2811.121131][ C0] ? kmsan_get_metadata+0x4f/0x180 [ 2811.126340][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2811.132322][ C0] ? __msan_metadata_ptr_for_store_2+0x13/0x20 [ 2811.138593][ C0] ? tcp_parse_options+0x1ada/0x1b90 [ 2811.143976][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2811.149185][ C0] __msan_chain_origin+0x50/0x90 [ 2811.154228][ C0] tcp_conn_request+0x1781/0x4d10 [ 2811.159297][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2811.164508][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2811.169780][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2811.175673][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2811.180897][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2811.186540][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2811.191568][ C0] ? inet6_sk_rx_dst_set+0x3d0/0x3d0 [ 2811.196846][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2811.202217][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2811.207428][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2811.213223][ C0] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 2811.219284][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2811.224495][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2811.229110][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2811.233675][ C0] ? tcp_filter+0xf0/0xf0 [ 2811.238052][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2811.243521][ C0] ip_local_deliver+0x62a/0x7c0 [ 2811.248807][ C0] ? ip_local_deliver+0x7c0/0x7c0 [ 2811.253820][ C0] ? ip_protocol_deliver_rcu+0xbc0/0xbc0 [ 2811.259443][ C0] ip_rcv+0x6cf/0x750 [ 2811.263440][ C0] ? ip_rcv_core+0x1270/0x1270 [ 2811.268224][ C0] ? ip_local_deliver_finish+0x350/0x350 [ 2811.273939][ C0] process_backlog+0xf0b/0x1410 [ 2811.278869][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2811.284076][ C0] ? ip_local_deliver_finish+0x350/0x350 [ 2811.289716][ C0] ? rps_trigger_softirq+0x2e0/0x2e0 [ 2811.295156][ C0] net_rx_action+0x786/0x1aa0 [ 2811.299854][ C0] ? net_tx_action+0xc30/0xc30 [ 2811.304607][ C0] __do_softirq+0x311/0x83d [ 2811.309133][ C0] do_softirq_own_stack+0x49/0x80 [ 2811.314150][ C0] [ 2811.317094][ C0] __local_bh_enable_ip+0x184/0x1d0 [ 2811.322318][ C0] local_bh_enable+0x36/0x40 [ 2811.326891][ C0] ip_finish_output2+0x2115/0x2610 [ 2811.331983][ C0] ? ctnetlink_net_exit_batch+0x180/0x180 [ 2811.337690][ C0] ? nf_ct_deliver_cached_events+0x403/0x6c0 [ 2811.343681][ C0] __ip_finish_output+0xaa7/0xd80 [ 2811.348712][ C0] ip_finish_output+0x166/0x410 [ 2811.353557][ C0] ip_output+0x593/0x680 [ 2811.357836][ C0] ? ip_mc_finish_output+0x6c0/0x6c0 [ 2811.363111][ C0] ? ip_finish_output+0x410/0x410 [ 2811.368128][ C0] __ip_queue_xmit+0x1b5c/0x21a0 [ 2811.373076][ C0] ? kmsan_set_origin_checked+0x95/0xf0 [ 2811.378625][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2811.383857][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2811.389072][ C0] ip_queue_xmit+0xcc/0xf0 [ 2811.393481][ C0] ? tcp_v4_fill_cb+0x580/0x580 [ 2811.398320][ C0] __tcp_transmit_skb+0x439c/0x6090 [ 2811.403533][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2811.409379][ C0] tcp_connect+0x4337/0x6920 [ 2811.413981][ C0] ? __msan_poison_alloca+0xf0/0x120 [ 2811.419269][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2811.424586][ C0] tcp_v4_connect+0x21fd/0x2370 [ 2811.429449][ C0] ? tcp_twsk_unique+0xba0/0xba0 [ 2811.434376][ C0] __inet_stream_connect+0x2fb/0x1340 [ 2811.439749][ C0] ? __local_bh_enable_ip+0x97/0x1d0 [ 2811.445151][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2811.450351][ C0] inet_stream_connect+0x101/0x180 [ 2811.455454][ C0] ? __inet_stream_connect+0x1340/0x1340 [ 2811.461081][ C0] rds_tcp_conn_path_connect+0x8a7/0xb80 [ 2811.466712][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2811.471898][ C0] ? rds_tcp_state_change+0x390/0x390 [ 2811.477263][ C0] rds_connect_worker+0x2a6/0x470 [ 2811.482302][ C0] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 2811.488464][ C0] ? rds_addr_cmp+0x200/0x200 [ 2811.493304][ C0] process_one_work+0x1555/0x1f40 [ 2811.498331][ C0] worker_thread+0xef6/0x2450 [ 2811.503007][ C0] kthread+0x4b5/0x4f0 [ 2811.507220][ C0] ? process_one_work+0x1f40/0x1f40 [ 2811.512424][ C0] ? kthread_blkcg+0xf0/0xf0 [ 2811.517004][ C0] ret_from_fork+0x35/0x40 [ 2811.521435][ C0] Uninit was stored to memory at: [ 2811.526449][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2811.532159][ C0] __msan_chain_origin+0x50/0x90 [ 2811.537081][ C0] tcp_conn_request+0x1781/0x4d10 [ 2811.542089][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2811.547197][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2811.552210][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2811.557627][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2811.562207][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2811.566792][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2811.572250][ C0] ip_local_deliver+0x62a/0x7c0 [ 2811.577085][ C0] ip_rcv+0x6cf/0x750 [ 2811.581053][ C0] process_backlog+0xf0b/0x1410 [ 2811.586019][ C0] net_rx_action+0x786/0x1aa0 [ 2811.590703][ C0] __do_softirq+0x311/0x83d [ 2811.595231][ C0] [ 2811.597552][ C0] Uninit was stored to memory at: [ 2811.602580][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2811.608303][ C0] __msan_chain_origin+0x50/0x90 [ 2811.613234][ C0] tcp_openreq_init_rwin+0xc22/0xc80 [ 2811.618515][ C0] tcp_conn_request+0x33d7/0x4d10 [ 2811.623568][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2811.628668][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2811.633674][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2811.639031][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2811.643612][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2811.648110][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2811.653590][ C0] ip_local_deliver+0x62a/0x7c0 [ 2811.658437][ C0] ip_rcv+0x6cf/0x750 [ 2811.662421][ C0] process_backlog+0xf0b/0x1410 [ 2811.667272][ C0] net_rx_action+0x786/0x1aa0 [ 2811.671931][ C0] __do_softirq+0x311/0x83d [ 2811.676425][ C0] [ 2811.678741][ C0] Uninit was stored to memory at: [ 2811.683750][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2811.689462][ C0] __msan_chain_origin+0x50/0x90 [ 2811.694409][ C0] tcp_conn_request+0x1781/0x4d10 [ 2811.699423][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2811.704526][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2811.709558][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2811.714924][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2811.719496][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2811.723991][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2811.729432][ C0] ip_local_deliver+0x62a/0x7c0 [ 2811.734281][ C0] ip_rcv+0x6cf/0x750 [ 2811.738262][ C0] process_backlog+0xf0b/0x1410 [ 2811.743098][ C0] net_rx_action+0x786/0x1aa0 [ 2811.747763][ C0] __do_softirq+0x311/0x83d [ 2811.752238][ C0] [ 2811.754548][ C0] Uninit was stored to memory at: [ 2811.759565][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2811.765275][ C0] __msan_chain_origin+0x50/0x90 [ 2811.770203][ C0] tcp_openreq_init_rwin+0xc22/0xc80 [ 2811.775475][ C0] tcp_conn_request+0x33d7/0x4d10 [ 2811.780508][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2811.788298][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2811.793346][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2811.798855][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2811.803465][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2811.807957][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2811.813412][ C0] ip_local_deliver+0x62a/0x7c0 [ 2811.818271][ C0] ip_rcv+0x6cf/0x750 [ 2811.822254][ C0] process_backlog+0xf0b/0x1410 [ 2811.827097][ C0] net_rx_action+0x786/0x1aa0 [ 2811.831757][ C0] __do_softirq+0x311/0x83d [ 2811.836258][ C0] [ 2811.838578][ C0] Uninit was stored to memory at: [ 2811.843974][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2811.849821][ C0] __msan_chain_origin+0x50/0x90 [ 2811.854846][ C0] tcp_conn_request+0x1781/0x4d10 [ 2811.859858][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2811.864962][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2811.869968][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2811.875343][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2811.879929][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2811.884424][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2811.889882][ C0] ip_local_deliver+0x62a/0x7c0 [ 2811.894852][ C0] ip_rcv+0x6cf/0x750 [ 2811.898831][ C0] process_backlog+0xf0b/0x1410 [ 2811.903668][ C0] net_rx_action+0x786/0x1aa0 [ 2811.908352][ C0] __do_softirq+0x311/0x83d [ 2811.912872][ C0] [ 2811.915195][ C0] Uninit was stored to memory at: [ 2811.920363][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2811.926079][ C0] __msan_chain_origin+0x50/0x90 [ 2811.931010][ C0] tcp_openreq_init_rwin+0xc22/0xc80 [ 2811.936401][ C0] tcp_conn_request+0x33d7/0x4d10 [ 2811.941432][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2811.946527][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2811.951554][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2811.957342][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2811.961915][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2811.966414][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2811.971867][ C0] ip_local_deliver+0x62a/0x7c0 [ 2811.976697][ C0] ip_rcv+0x6cf/0x750 [ 2811.980661][ C0] process_backlog+0xf0b/0x1410 [ 2811.985494][ C0] net_rx_action+0x786/0x1aa0 [ 2811.990159][ C0] __do_softirq+0x311/0x83d [ 2811.994639][ C0] [ 2811.996946][ C0] Uninit was stored to memory at: [ 2812.001967][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2812.007687][ C0] __msan_chain_origin+0x50/0x90 [ 2812.012634][ C0] tcp_conn_request+0x1781/0x4d10 [ 2812.017651][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2812.022747][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2812.027758][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2812.033128][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2812.037704][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2812.042192][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2812.047632][ C0] ip_local_deliver+0x62a/0x7c0 [ 2812.052552][ C0] ip_rcv+0x6cf/0x750 [ 2812.056557][ C0] process_backlog+0xf0b/0x1410 [ 2812.061400][ C0] net_rx_action+0x786/0x1aa0 [ 2812.066065][ C0] __do_softirq+0x311/0x83d [ 2812.070548][ C0] [ 2812.072872][ C0] Uninit was created at: [ 2812.077149][ C0] kmsan_save_stack_with_flags+0x3c/0x90 [ 2812.082774][ C0] kmsan_alloc_page+0x12a/0x310 [ 2812.087614][ C0] __alloc_pages_nodemask+0x5712/0x5e80 [ 2812.093146][ C0] alloc_pages_current+0x67d/0x990 [ 2812.098240][ C0] alloc_slab_page+0x111/0x12f0 [ 2812.103083][ C0] new_slab+0x2bc/0x1130 [ 2812.107447][ C0] ___slab_alloc+0x1533/0x1f30 [ 2812.112344][ C0] kmem_cache_alloc+0xb23/0xd70 [ 2812.117381][ C0] inet_reqsk_alloc+0xac/0x830 [ 2812.122130][ C0] tcp_conn_request+0x753/0x4d10 [ 2812.127060][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2812.132165][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2812.137527][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2812.142113][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2812.146604][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2812.152052][ C0] ip_local_deliver+0x62a/0x7c0 [ 2812.156892][ C0] ip_sublist_rcv+0x11fa/0x13c0 [ 2812.161734][ C0] ip_list_rcv+0x8eb/0x950 [ 2812.166241][ C0] __netif_receive_skb_list_core+0x1311/0x1380 [ 2812.172384][ C0] netif_receive_skb_list_internal+0xf62/0x1620 [ 2812.178607][ C0] napi_complete_done+0x2ef/0xb60 [ 2812.183618][ C0] virtqueue_napi_complete+0xb9/0x1f0 [ 2812.189061][ C0] virtnet_poll+0x1468/0x19f0 [ 2812.193760][ C0] net_rx_action+0x786/0x1aa0 [ 2812.198422][ C0] __do_softirq+0x311/0x83d [ 2812.208381][T32043] Bluetooth: hci0: command 0x1001 tx timeout [ 2812.215202][ T3965] Bluetooth: hci0: sending frame failed (-49) [ 2814.256866][T32043] Bluetooth: hci0: command 0x1009 tx timeout 00:44:12 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x32) 00:44:12 executing program 0: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x163282) r1 = socket$nl_route(0x10, 0x3, 0x0) dup2(r1, r0) 00:44:12 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000080)=@req={0x0, 0x0, 0x0, 0x5}, 0x10) 00:44:12 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @macsec={{0xb, 0x1, 'macsec\x00'}, {0x10, 0x2, 0x0, 0x1, [@IFLA_MACSEC_CIPHER_SUITE={0xc, 0x6}]}}}]}, 0x40}}, 0x0) 00:44:12 executing program 5: r0 = memfd_create(&(0x7f0000000000)='\x00\x13\x06\x01\x00\x00\x00\x00\xe2\x19\xf6;\x00\x00', 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x11, r0, 0x0) r1 = socket(0x11, 0x800000003, 0x0) bind(r1, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) sendto$inet6(r1, &(0x7f0000000200)="ce0410008b3350ec00911efc0bb3", 0x10011, 0x8000000, 0x0, 0x0) 00:44:12 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'tgr192\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$NLBL_MGMT_C_REMOVEDEF(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)={0x48, 0x0, 0x0, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}, @NLBL_MGMT_A_CLPDOI={0x8}, @NLBL_MGMT_A_CV4DOI={0x8}, @NLBL_MGMT_A_IPV4ADDR={0x0, 0x7, @multicast2}, @NLBL_MGMT_A_PROTOCOL={0x8}]}, 0x37}}, 0x0) [ 2818.568456][ T5324] netlink: 'syz-executor.1': attribute type 6 has an invalid length. 00:44:12 executing program 2: r0 = socket$inet6(0xa, 0x3, 0x6) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/softnet_stat\x00') sendfile(r0, r1, &(0x7f0000000940)=0x10000, 0x1000000000008) 00:44:12 executing program 0: r0 = socket$inet(0x2, 0x3, 0x4) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @multicast2}, 0xc) syz_emit_ethernet(0x3e, &(0x7f0000000000)={@broadcast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x4, 0x0, @empty=0xe0000002, @multicast1=0xe0000002}, @dest_unreach={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @multicast2}}}}}}, 0x0) [ 2818.776012][ T571] Bluetooth: hci0: Frame reassembly failed (-84) [ 2818.803883][ T5398] Bluetooth: received HCILL_WAKE_UP_IND in state 2 00:44:12 executing program 1: clock_getres(0xa, 0x0) 00:44:13 executing program 2: recvmmsg(0xffffffffffffffff, &(0x7f0000002240)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=""/211, 0xd3}}], 0x1, 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f00000000c0)=0x100000001, 0x4) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000000)=0x80000000001, 0x4) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_int(r0, 0x6, 0x24, &(0x7f0000000080)=0x1, 0x4) sendto$inet6(r0, &(0x7f00000005c0), 0xfffffffffffffee0, 0x0, 0x0, 0xb6) recvmmsg(r0, &(0x7f0000000080), 0x21e, 0x40010002, 0x0) 00:44:13 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x44, 0x0, 0x8, 0x101, 0x0, 0x0, {}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x84}, @CTA_TIMEOUT_DATA={0x14, 0x4, 0x0, 0x1, @fccp=[@CTA_TIMEOUT_DCCP_CLOSING={0x8, 0x8}, @CTA_TIMEOUT_DCCP_TIMEWAIT={0x8}]}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x9200}]}, 0x44}}, 0x0) 00:44:13 executing program 0: r0 = socket$inet(0x2, 0x3, 0x4) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @multicast2}, 0xc) syz_emit_ethernet(0x3e, &(0x7f0000000000)={@broadcast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x4, 0x0, @empty=0xe0000002, @multicast1=0xe0000002}, @dest_unreach={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @multicast2}}}}}}, 0x0) [ 2820.814787][T32043] Bluetooth: hci0: command 0x1003 tx timeout [ 2820.821268][ T3965] Bluetooth: hci0: sending frame failed (-49) [ 2821.851406][ C0] not chained 670000 origins [ 2821.856048][ C0] CPU: 0 PID: 12094 Comm: kworker/u4:2 Not tainted 5.6.0-rc2-syzkaller #0 [ 2821.864659][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2821.874961][ C0] Workqueue: krdsd rds_connect_worker [ 2821.880364][ C0] Call Trace: [ 2821.883688][ C0] [ 2821.886591][ C0] dump_stack+0x1c9/0x220 [ 2821.890919][ C0] kmsan_internal_chain_origin+0x6f/0x130 [ 2821.896792][ C0] ? should_fail+0x72/0x9e0 [ 2821.901330][ C0] ? ret_from_fork+0x35/0x40 [ 2821.906001][ C0] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 2821.912318][ C0] ? arch_stack_walk+0x34c/0x3e0 [ 2821.917306][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2821.922503][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2821.927766][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2821.933563][ C0] ? kmsan_get_metadata+0x4f/0x180 [ 2821.938669][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2821.945087][ C0] ? __msan_metadata_ptr_for_store_2+0x13/0x20 [ 2821.951427][ C0] ? tcp_parse_options+0x1ada/0x1b90 [ 2821.956740][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2821.962040][ C0] __msan_chain_origin+0x50/0x90 [ 2821.966971][ C0] tcp_conn_request+0x13ce/0x4d10 [ 2821.972018][ C0] ? rb_first+0x31/0x100 [ 2821.976390][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2821.981634][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2821.986834][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2821.992079][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2821.997996][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2822.003288][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2822.008560][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2822.013582][ C0] ? inet6_sk_rx_dst_set+0x3d0/0x3d0 [ 2822.018869][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2822.024255][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2822.029449][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2822.035268][ C0] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 2822.041347][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2822.046721][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2822.051384][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2822.055913][ C0] ? tcp_filter+0xf0/0xf0 [ 2822.060231][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2822.065743][ C0] ip_local_deliver+0x62a/0x7c0 [ 2822.070594][ C0] ? ip_local_deliver+0x7c0/0x7c0 [ 2822.075675][ C0] ? ip_protocol_deliver_rcu+0xbc0/0xbc0 [ 2822.081305][ C0] ip_rcv+0x6cf/0x750 [ 2822.085285][ C0] ? ip_rcv_core+0x1270/0x1270 [ 2822.090045][ C0] ? ip_local_deliver_finish+0x350/0x350 [ 2822.095675][ C0] process_backlog+0xf0b/0x1410 [ 2822.100543][ C0] ? ip_local_deliver_finish+0x350/0x350 [ 2822.106270][ C0] ? rps_trigger_softirq+0x2e0/0x2e0 [ 2822.111641][ C0] net_rx_action+0x786/0x1aa0 [ 2822.116407][ C0] ? net_tx_action+0xc30/0xc30 [ 2822.121297][ C0] __do_softirq+0x311/0x83d [ 2822.125951][ C0] do_softirq_own_stack+0x49/0x80 [ 2822.131160][ C0] [ 2822.134097][ C0] __local_bh_enable_ip+0x184/0x1d0 [ 2822.139297][ C0] local_bh_enable+0x36/0x40 [ 2822.143877][ C0] ip_finish_output2+0x2115/0x2610 [ 2822.148978][ C0] ? ctnetlink_net_exit_batch+0x180/0x180 [ 2822.154695][ C0] ? nf_ct_deliver_cached_events+0x403/0x6c0 [ 2822.160688][ C0] __ip_finish_output+0xaa7/0xd80 [ 2822.165722][ C0] ip_finish_output+0x166/0x410 [ 2822.170664][ C0] ip_output+0x593/0x680 [ 2822.174993][ C0] ? ip_mc_finish_output+0x6c0/0x6c0 [ 2822.180406][ C0] ? ip_finish_output+0x410/0x410 [ 2822.185450][ C0] __ip_queue_xmit+0x1b5c/0x21a0 [ 2822.190389][ C0] ? kmsan_set_origin_checked+0x95/0xf0 [ 2822.195942][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2822.201140][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2822.206362][ C0] ip_queue_xmit+0xcc/0xf0 [ 2822.210780][ C0] ? tcp_v4_fill_cb+0x580/0x580 [ 2822.215892][ C0] __tcp_transmit_skb+0x439c/0x6090 [ 2822.221090][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2822.227002][ C0] tcp_connect+0x4337/0x6920 [ 2822.231597][ C0] ? __msan_poison_alloca+0xf0/0x120 [ 2822.236870][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2822.242085][ C0] tcp_v4_connect+0x21fd/0x2370 [ 2822.247049][ C0] ? tcp_twsk_unique+0xba0/0xba0 [ 2822.251982][ C0] __inet_stream_connect+0x2fb/0x1340 [ 2822.257475][ C0] ? __local_bh_enable_ip+0x97/0x1d0 [ 2822.262771][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2822.270190][ C0] inet_stream_connect+0x101/0x180 [ 2822.275308][ C0] ? __inet_stream_connect+0x1340/0x1340 [ 2822.280965][ C0] rds_tcp_conn_path_connect+0x8a7/0xb80 [ 2822.286753][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2822.292129][ C0] ? rds_tcp_state_change+0x390/0x390 [ 2822.297540][ C0] rds_connect_worker+0x2a6/0x470 [ 2822.302697][ C0] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 2822.308768][ C0] ? rds_addr_cmp+0x200/0x200 [ 2822.313438][ C0] process_one_work+0x1555/0x1f40 [ 2822.318487][ C0] worker_thread+0xef6/0x2450 [ 2822.323175][ C0] kthread+0x4b5/0x4f0 [ 2822.327232][ C0] ? process_one_work+0x1f40/0x1f40 [ 2822.332429][ C0] ? kthread_blkcg+0xf0/0xf0 [ 2822.337007][ C0] ret_from_fork+0x35/0x40 [ 2822.341423][ C0] Uninit was stored to memory at: [ 2822.346444][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2822.352148][ C0] __msan_chain_origin+0x50/0x90 [ 2822.357082][ C0] tcp_conn_request+0x1781/0x4d10 [ 2822.362114][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2822.367227][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2822.372240][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2822.377633][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2822.382222][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2822.386718][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2822.392528][ C0] ip_local_deliver+0x62a/0x7c0 [ 2822.397395][ C0] ip_rcv+0x6cf/0x750 [ 2822.401416][ C0] process_backlog+0xf0b/0x1410 [ 2822.406254][ C0] net_rx_action+0x786/0x1aa0 [ 2822.410924][ C0] __do_softirq+0x311/0x83d [ 2822.415407][ C0] [ 2822.417722][ C0] Uninit was stored to memory at: [ 2822.422858][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2822.428787][ C0] __msan_chain_origin+0x50/0x90 [ 2822.433709][ C0] tcp_openreq_init_rwin+0xc22/0xc80 [ 2822.438987][ C0] tcp_conn_request+0x33d7/0x4d10 [ 2822.444126][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2822.449286][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2822.455306][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2822.460812][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2822.465390][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2822.470014][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2822.475466][ C0] ip_local_deliver+0x62a/0x7c0 [ 2822.480298][ C0] ip_rcv+0x6cf/0x750 [ 2822.484273][ C0] process_backlog+0xf0b/0x1410 [ 2822.489236][ C0] net_rx_action+0x786/0x1aa0 [ 2822.493904][ C0] __do_softirq+0x311/0x83d [ 2822.498559][ C0] [ 2822.500991][ C0] Uninit was stored to memory at: [ 2822.506014][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2822.511726][ C0] __msan_chain_origin+0x50/0x90 [ 2822.516672][ C0] tcp_conn_request+0x1781/0x4d10 [ 2822.521708][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2822.526813][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2822.531828][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2822.537250][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2822.541833][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2822.546363][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2822.551806][ C0] ip_local_deliver+0x62a/0x7c0 [ 2822.556652][ C0] ip_rcv+0x6cf/0x750 [ 2822.560623][ C0] process_backlog+0xf0b/0x1410 [ 2822.565460][ C0] net_rx_action+0x786/0x1aa0 [ 2822.570137][ C0] __do_softirq+0x311/0x83d [ 2822.574621][ C0] [ 2822.576930][ C0] Uninit was stored to memory at: [ 2822.581952][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2822.587677][ C0] __msan_chain_origin+0x50/0x90 [ 2822.592601][ C0] tcp_openreq_init_rwin+0xc22/0xc80 [ 2822.597869][ C0] tcp_conn_request+0x33d7/0x4d10 [ 2822.602886][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2822.608001][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2822.613015][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2822.618386][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2822.623091][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2822.627601][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2822.633059][ C0] ip_local_deliver+0x62a/0x7c0 [ 2822.637908][ C0] ip_rcv+0x6cf/0x750 [ 2822.641888][ C0] process_backlog+0xf0b/0x1410 [ 2822.646747][ C0] net_rx_action+0x786/0x1aa0 [ 2822.651410][ C0] __do_softirq+0x311/0x83d [ 2822.655895][ C0] [ 2822.658225][ C0] Uninit was stored to memory at: [ 2822.663279][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2822.669029][ C0] __msan_chain_origin+0x50/0x90 [ 2822.673973][ C0] tcp_conn_request+0x1781/0x4d10 [ 2822.678994][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2822.684095][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2822.689132][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2822.694534][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2822.699131][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2822.704002][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2822.709447][ C0] ip_local_deliver+0x62a/0x7c0 [ 2822.714298][ C0] ip_rcv+0x6cf/0x750 [ 2822.718346][ C0] process_backlog+0xf0b/0x1410 [ 2822.723186][ C0] net_rx_action+0x786/0x1aa0 [ 2822.727873][ C0] __do_softirq+0x311/0x83d [ 2822.732360][ C0] [ 2822.734671][ C0] Uninit was stored to memory at: [ 2822.739699][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2822.745414][ C0] __msan_chain_origin+0x50/0x90 [ 2822.750346][ C0] tcp_openreq_init_rwin+0xc22/0xc80 [ 2822.755971][ C0] tcp_conn_request+0x33d7/0x4d10 [ 2822.761007][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2822.766103][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2822.771116][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2822.776488][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2822.781061][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2822.785551][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2822.791170][ C0] ip_local_deliver+0x62a/0x7c0 [ 2822.796013][ C0] ip_rcv+0x6cf/0x750 [ 2822.799996][ C0] process_backlog+0xf0b/0x1410 [ 2822.804992][ C0] net_rx_action+0x786/0x1aa0 [ 2822.809792][ C0] __do_softirq+0x311/0x83d [ 2822.814294][ C0] [ 2822.816608][ C0] Uninit was stored to memory at: [ 2822.821626][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2822.827462][ C0] __msan_chain_origin+0x50/0x90 [ 2822.832391][ C0] tcp_conn_request+0x1781/0x4d10 [ 2822.837416][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2822.842521][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2822.847539][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2822.852903][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2822.857478][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2822.861970][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2822.867514][ C0] ip_local_deliver+0x62a/0x7c0 [ 2822.872364][ C0] ip_rcv+0x6cf/0x750 [ 2822.876631][ C0] process_backlog+0xf0b/0x1410 [ 2822.881702][ C0] net_rx_action+0x786/0x1aa0 [ 2822.886561][ C0] __do_softirq+0x311/0x83d [ 2822.891044][ C0] [ 2822.893365][ C0] Uninit was created at: [ 2822.897634][ C0] kmsan_save_stack_with_flags+0x3c/0x90 [ 2822.903409][ C0] kmsan_alloc_page+0x12a/0x310 [ 2822.908258][ C0] __alloc_pages_nodemask+0x5712/0x5e80 [ 2822.913804][ C0] alloc_pages_current+0x67d/0x990 [ 2822.918975][ C0] alloc_slab_page+0x111/0x12f0 [ 2822.923815][ C0] new_slab+0x2bc/0x1130 [ 2822.928048][ C0] ___slab_alloc+0x1533/0x1f30 [ 2822.932816][ C0] kmem_cache_alloc+0xb23/0xd70 [ 2822.937660][ C0] inet_reqsk_alloc+0xac/0x830 [ 2822.944057][ C0] tcp_conn_request+0x753/0x4d10 [ 2822.949111][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2822.954237][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2822.959603][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2822.964220][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2822.968715][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2822.974178][ C0] ip_local_deliver+0x62a/0x7c0 [ 2822.979034][ C0] ip_sublist_rcv+0x11fa/0x13c0 [ 2822.983869][ C0] ip_list_rcv+0x8eb/0x950 [ 2822.988279][ C0] __netif_receive_skb_list_core+0x1311/0x1380 [ 2822.994427][ C0] netif_receive_skb_list_internal+0xf62/0x1620 [ 2823.001283][ C0] napi_complete_done+0x2ef/0xb60 [ 2823.006326][ C0] virtqueue_napi_complete+0xb9/0x1f0 [ 2823.012010][ C0] virtnet_poll+0x1468/0x19f0 [ 2823.016792][ C0] net_rx_action+0x786/0x1aa0 [ 2823.021456][ C0] __do_softirq+0x311/0x83d [ 2823.032121][T32043] Bluetooth: hci0: command 0x1001 tx timeout [ 2823.046849][ T3965] Bluetooth: hci0: sending frame failed (-49) [ 2825.071539][T11945] Bluetooth: hci0: command 0x1009 tx timeout 00:44:23 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)={0x1c, 0x2, 0x3, 0x1, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)={0x1c, 0x2, 0x3, 0x1, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8}]}, 0x1c}}, 0x0) 00:44:23 executing program 1: syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000400)="a51272c8318e0cc36bcba46748b941888ff0", 0x12, 0x4}, {0x0, 0x0, 0xfff}], 0x8704, 0x0) 00:44:23 executing program 0: r0 = socket$inet(0x2, 0x3, 0x4) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @multicast2}, 0xc) syz_emit_ethernet(0x3e, &(0x7f0000000000)={@broadcast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x4, 0x0, @empty=0xe0000002, @multicast1=0xe0000002}, @dest_unreach={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @multicast2}}}}}}, 0x0) 00:44:23 executing program 5: r0 = memfd_create(&(0x7f0000000000)='\x00\x13\x06\x01\x00\x00\x00\x00\xe2\x19\xf6;\x00\x00', 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x11, r0, 0x0) r1 = socket(0x11, 0x800000003, 0x0) bind(r1, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) sendto$inet6(r1, &(0x7f0000000200)="ce0410008b3350ec00911efc0bb3", 0x10011, 0x8000000, 0x0, 0x0) 00:44:23 executing program 3: socketpair(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x8922, &(0x7f0000000740)='lo:\a\x00`\x00\x00 \x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xd9\xde\xa4\xc7\xc6\xe9LT\xa1X\x19\x9d\xf2\xb6\xd15\xa1\xb7\x02\xbb\xd6\xcf\a\xbc\x15\xcc>=\x06+\xc0\xf5\x8b\xa9p\x16W)\x00\x00\x00\x00\x00\x00M1\x94r>5\b\xdc^T\x14t\x1e\xea-0\x89\xe1\x8bp\xf5I\x01\x89\xc3\x01\'\x91|p>\x15P`(/\x95\xec\x05\xe2\xc7\x01\"-\xacJJG\\5\x8b\x8c\xf3\xf2\xea') 00:44:23 executing program 4: prctl$PR_SET_MM(0x23, 0x8, &(0x7f00002d8000/0x1000)=nil) prctl$PR_SET_MM(0x23, 0x9, &(0x7f00002d8000/0x3000)=nil) 00:44:23 executing program 4: syz_emit_ethernet(0x2a, &(0x7f0000000080)={@link_local, @remote, @void, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x1, @link_local, @initdev={0xac, 0x1e, 0x0, 0x0}}}}}, 0x0) 00:44:23 executing program 0: r0 = socket$inet(0x2, 0x3, 0x4) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @multicast2}, 0xc) syz_emit_ethernet(0x3e, &(0x7f0000000000)={@broadcast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x4, 0x0, @empty=0xe0000002, @multicast1=0xe0000002}, @dest_unreach={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @multicast2}}}}}}, 0x0) 00:44:23 executing program 2: r0 = socket$inet(0x2, 0x4000000805, 0x0) r1 = socket$inet_sctp(0x2, 0x5, 0x84) r2 = dup3(r0, r1, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000d6cff0)=[@in={0x2, 0x4e20, @loopback}], 0x10) sendto$inet(r2, &(0x7f0000fa3fff)='\t', 0x1, 0x0, &(0x7f00006f7000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r1, &(0x7f00003cef9f)='7', 0x1, 0x0, &(0x7f0000618000)={0x2, 0x4e20, @loopback}, 0x10) r3 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000000c0)="480000001400e702095f9f95274b0a0002840200400402000000000000006fab078a6a36d40056aa68c6f8c36d96bd7c490900ff0003c000d9000000000000dfff624310e68b0c89", 0x48}], 0x1}, 0x0) 00:44:23 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) r1 = syz_open_dev$binderN(0x0, 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000200)={0x1, 0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="05630440"], 0x0, 0x0, 0x0}) r2 = dup2(r1, r0) ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000140)={0xd, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="05630440000000000063404003"], 0x0, 0x0, 0x0}) 00:44:24 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000600)={'bridge_slave_1\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="6c00000024000705ff00"/20, @ANYRES32=r2, @ANYBLOB="00000000ffffffff000000040a0001006e6574656d0000003c000200000000000000000000000c000b00000000000052e0db1400050005000200000000000000000000000000a1d04ff131f4858458ba0492c8b4f08fe7f3b1d6cf071419d9a4117c1b56df875f63d7c9dd693feb8150abbb3f00000000000000000000eb2058d096ee49dffb7715c858c243d01bda9296c929095eac83a479d1a7e5be07413b700243ab1cafada043d3134cdf53a3c237ea5ea95aee077fd793ff88d6d360dcf043f9e97035c647e9db2be9300900000000000012449402d4135ab13ed48e4d0aafb883454167176f124aa395730e70b8da2525767c074fb488a439264ba779d6d173c5dd1fa16c10fc4bfe29b1691d3be9f7baa9a7db01f9503fb81bfec31da1289a890ccde00f1bb5e30aa31b7bf1cabc56049a24e05421feb76d0847594d2f395d8489675d4ed63bcb7136eada831cb1b0c22f76a6f2a02384e71a0b7eef60990087fc3078a2de038a28b42dfd0777b42f7ac69aecae8ae22f91fb84178e4b110194637c87204e9646a2eb6921c295b3776f2dd5502df8fe4302caf9f88a93fee1ffdee61abb91f7bb1b88819e34070b2d690d34a1154c66c8f57f3945423d33f557b406d27025f67b86ffff00000000000039ddfd0165d00841208fe72aeecc4b02982ca2f000ee51879c8225bc17492f17cb70a40f669f0000000000000000000000000000000000000000000000b62ef4aba9da49417ea96cd598b1a0262837c246da11e72c5990a5df917fe073d040009c2b9010c187a696557e32fe50da91ea91213e5000"/598], 0x6c}}, 0x0) [ 2830.230972][ T5846] binder: BINDER_SET_CONTEXT_MGR already set [ 2830.237600][ T5846] binder: 5844:5846 ioctl 40046207 0 returned -16 00:44:24 executing program 1: r0 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp1\x00', 0x0, 0x0) ioctl$SNDCTL_DSP_NONBLOCK(r0, 0x500e, 0x0) 00:44:24 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0x4008ae06, 0x0) 00:44:24 executing program 2: syz_mount_image$tmpfs(&(0x7f0000002100)='tmpfs\x00', &(0x7f0000002140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)={[{@mpol={'mpol', 0x3d, {'prefer', '=static', @void}}}]}) 00:44:24 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000600)={'bridge_slave_1\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="6c00000024000705ff00"/20, @ANYRES32=r2, @ANYBLOB="00000000ffffffff000000040a0001006e6574656d0000003c000200000000000000000000000c000b00000000000052e0db1400050005000200000000000000000000000000a1d04ff131f4858458ba0492c8b4f08fe7f3b1d6cf071419d9a4117c1b56df875f63d7c9dd693feb8150abbb3f00000000000000000000eb2058d096ee49dffb7715c858c243d01bda9296c929095eac83a479d1a7e5be07413b700243ab1cafada043d3134cdf53a3c237ea5ea95aee077fd793ff88d6d360dcf043f9e97035c647e9db2be9300900000000000012449402d4135ab13ed48e4d0aafb883454167176f124aa395730e70b8da2525767c074fb488a439264ba779d6d173c5dd1fa16c10fc4bfe29b1691d3be9f7baa9a7db01f9503fb81bfec31da1289a890ccde00f1bb5e30aa31b7bf1cabc56049a24e05421feb76d0847594d2f395d8489675d4ed63bcb7136eada831cb1b0c22f76a6f2a02384e71a0b7eef60990087fc3078a2de038a28b42dfd0777b42f7ac69aecae8ae22f91fb84178e4b110194637c87204e9646a2eb6921c295b3776f2dd5502df8fe4302caf9f88a93fee1ffdee61abb91f7bb1b88819e34070b2d690d34a1154c66c8f57f3945423d33f557b406d27025f67b86ffff00000000000039ddfd0165d00841208fe72aeecc4b02982ca2f000ee51879c8225bc17492f17cb70a40f669f0000000000000000000000000000000000000000000000b62ef4aba9da49417ea96cd598b1a0262837c246da11e72c5990a5df917fe073d040009c2b9010c187a696557e32fe50da91ea91213e5000"/598], 0x6c}}, 0x0) [ 2831.016815][ T6061] tmpfs: Bad value for 'mpol' [ 2831.077052][ T6061] tmpfs: Bad value for 'mpol' 00:44:25 executing program 5: r0 = memfd_create(&(0x7f0000000000)='\x00\x13\x06\x01\x00\x00\x00\x00\xe2\x19\xf6;\x00\x00', 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x11, r0, 0x0) r1 = socket(0x11, 0x800000003, 0x0) bind(r1, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) sendto$inet6(r1, &(0x7f0000000200)="ce0410008b3350ec00911efc0bb3", 0x10011, 0x8000000, 0x0, 0x0) [ 2832.397385][ C0] not chained 680000 origins [ 2832.402017][ C0] CPU: 0 PID: 571 Comm: kworker/u4:23 Not tainted 5.6.0-rc2-syzkaller #0 [ 2832.410522][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2832.420587][ C0] Workqueue: krdsd rds_connect_worker [ 2832.425950][ C0] Call Trace: [ 2832.429235][ C0] [ 2832.432087][ C0] dump_stack+0x1c9/0x220 [ 2832.436451][ C0] kmsan_internal_chain_origin+0x6f/0x130 [ 2832.442340][ C0] ? should_fail+0x72/0x9e0 [ 2832.446835][ C0] ? ret_from_fork+0x35/0x40 [ 2832.451421][ C0] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 2832.457498][ C0] ? arch_stack_walk+0x34c/0x3e0 [ 2832.462447][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2832.468697][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2832.473879][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2832.479692][ C0] ? kmsan_get_metadata+0x4f/0x180 [ 2832.484934][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2832.491122][ C0] ? __msan_metadata_ptr_for_store_2+0x13/0x20 [ 2832.498087][ C0] ? tcp_parse_options+0x1ada/0x1b90 [ 2832.503412][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2832.508615][ C0] __msan_chain_origin+0x50/0x90 [ 2832.513549][ C0] tcp_conn_request+0x174b/0x4d10 [ 2832.518684][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2832.523889][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2832.530045][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2832.535865][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2832.541158][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2832.546273][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2832.551307][ C0] ? inet6_sk_rx_dst_set+0x3d0/0x3d0 [ 2832.556604][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2832.562072][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2832.567363][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2832.573172][ C0] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 2832.579273][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2832.584485][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2832.589086][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2832.593618][ C0] ? tcp_filter+0xf0/0xf0 [ 2832.597979][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2832.603448][ C0] ip_local_deliver+0x62a/0x7c0 [ 2832.608308][ C0] ? ip_local_deliver+0x7c0/0x7c0 [ 2832.613497][ C0] ? ip_protocol_deliver_rcu+0xbc0/0xbc0 [ 2832.619256][ C0] ip_rcv+0x6cf/0x750 [ 2832.623241][ C0] ? ip_rcv_core+0x1270/0x1270 [ 2832.628000][ C0] ? ip_local_deliver_finish+0x350/0x350 [ 2832.633623][ C0] process_backlog+0xf0b/0x1410 [ 2832.638719][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2832.644648][ C0] ? ip_local_deliver_finish+0x350/0x350 [ 2832.650317][ C0] ? rps_trigger_softirq+0x2e0/0x2e0 [ 2832.655606][ C0] net_rx_action+0x786/0x1aa0 [ 2832.660356][ C0] ? net_tx_action+0xc30/0xc30 [ 2832.665129][ C0] __do_softirq+0x311/0x83d [ 2832.669649][ C0] do_softirq_own_stack+0x49/0x80 [ 2832.674660][ C0] [ 2832.677632][ C0] __local_bh_enable_ip+0x184/0x1d0 [ 2832.682851][ C0] local_bh_enable+0x36/0x40 [ 2832.687443][ C0] ip_finish_output2+0x2115/0x2610 [ 2832.692538][ C0] ? ctnetlink_net_exit_batch+0x180/0x180 [ 2832.698304][ C0] ? nf_ct_deliver_cached_events+0x403/0x6c0 [ 2832.704314][ C0] __ip_finish_output+0xaa7/0xd80 [ 2832.709348][ C0] ip_finish_output+0x166/0x410 [ 2832.714191][ C0] ip_output+0x593/0x680 [ 2832.718458][ C0] ? ip_mc_finish_output+0x6c0/0x6c0 [ 2832.723751][ C0] ? ip_finish_output+0x410/0x410 [ 2832.728894][ C0] __ip_queue_xmit+0x1b5c/0x21a0 [ 2832.733831][ C0] ? kmsan_set_origin_checked+0x95/0xf0 [ 2832.739720][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2832.744917][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2832.750103][ C0] ip_queue_xmit+0xcc/0xf0 [ 2832.754504][ C0] ? tcp_v4_fill_cb+0x580/0x580 [ 2832.760567][ C0] __tcp_transmit_skb+0x439c/0x6090 [ 2832.765778][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2832.771591][ C0] tcp_connect+0x4337/0x6920 [ 2832.776186][ C0] ? __msan_poison_alloca+0xf0/0x120 [ 2832.781736][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2832.787054][ C0] tcp_v4_connect+0x21fd/0x2370 [ 2832.791928][ C0] ? tcp_twsk_unique+0xba0/0xba0 [ 2832.796895][ C0] __inet_stream_connect+0x2fb/0x1340 [ 2832.802285][ C0] ? __local_bh_enable_ip+0x97/0x1d0 [ 2832.807615][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2832.812803][ C0] inet_stream_connect+0x101/0x180 [ 2832.817925][ C0] ? __inet_stream_connect+0x1340/0x1340 [ 2832.823567][ C0] rds_tcp_conn_path_connect+0x8a7/0xb80 [ 2832.829221][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2832.834437][ C0] ? rds_tcp_state_change+0x390/0x390 [ 2832.840001][ C0] rds_connect_worker+0x2a6/0x470 [ 2832.845044][ C0] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 2832.851119][ C0] ? rds_addr_cmp+0x200/0x200 [ 2832.855803][ C0] process_one_work+0x1555/0x1f40 [ 2832.860843][ C0] worker_thread+0xef6/0x2450 [ 2832.865612][ C0] kthread+0x4b5/0x4f0 [ 2832.869763][ C0] ? process_one_work+0x1f40/0x1f40 [ 2832.875055][ C0] ? kthread_blkcg+0xf0/0xf0 [ 2832.879753][ C0] ret_from_fork+0x35/0x40 [ 2832.884337][ C0] Uninit was stored to memory at: [ 2832.889361][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2832.895080][ C0] __msan_chain_origin+0x50/0x90 [ 2832.900016][ C0] tcp_conn_request+0x1781/0x4d10 [ 2832.905050][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2832.910166][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2832.915210][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2832.920661][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2832.925234][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2832.929733][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2832.935196][ C0] ip_local_deliver+0x62a/0x7c0 [ 2832.940077][ C0] ip_rcv+0x6cf/0x750 [ 2832.944045][ C0] process_backlog+0xf0b/0x1410 [ 2832.948898][ C0] net_rx_action+0x786/0x1aa0 [ 2832.954002][ C0] __do_softirq+0x311/0x83d [ 2832.958525][ C0] [ 2832.960839][ C0] Uninit was stored to memory at: [ 2832.965851][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2832.971552][ C0] __msan_chain_origin+0x50/0x90 [ 2832.976491][ C0] tcp_openreq_init_rwin+0xc22/0xc80 [ 2832.981782][ C0] tcp_conn_request+0x33d7/0x4d10 [ 2832.986809][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2832.992076][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2832.997190][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2833.002562][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2833.007773][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2833.012359][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2833.017855][ C0] ip_local_deliver+0x62a/0x7c0 [ 2833.022732][ C0] ip_rcv+0x6cf/0x750 [ 2833.026701][ C0] process_backlog+0xf0b/0x1410 [ 2833.031535][ C0] net_rx_action+0x786/0x1aa0 [ 2833.036204][ C0] __do_softirq+0x311/0x83d [ 2833.040729][ C0] [ 2833.043039][ C0] Uninit was stored to memory at: [ 2833.048246][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2833.053974][ C0] __msan_chain_origin+0x50/0x90 [ 2833.058996][ C0] tcp_conn_request+0x1781/0x4d10 [ 2833.064010][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2833.069104][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2833.074112][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2833.079479][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2833.084148][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2833.088639][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2833.094086][ C0] ip_local_deliver+0x62a/0x7c0 [ 2833.098920][ C0] ip_rcv+0x6cf/0x750 [ 2833.102888][ C0] process_backlog+0xf0b/0x1410 [ 2833.107733][ C0] net_rx_action+0x786/0x1aa0 [ 2833.112407][ C0] __do_softirq+0x311/0x83d [ 2833.116999][ C0] [ 2833.119345][ C0] Uninit was stored to memory at: [ 2833.124392][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2833.130123][ C0] __msan_chain_origin+0x50/0x90 [ 2833.135117][ C0] tcp_openreq_init_rwin+0xc22/0xc80 [ 2833.140418][ C0] tcp_conn_request+0x33d7/0x4d10 [ 2833.145437][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2833.150594][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2833.155618][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2833.161226][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2833.165842][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2833.170836][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2833.176395][ C0] ip_local_deliver+0x62a/0x7c0 [ 2833.181364][ C0] ip_rcv+0x6cf/0x750 [ 2833.185334][ C0] process_backlog+0xf0b/0x1410 [ 2833.190165][ C0] net_rx_action+0x786/0x1aa0 [ 2833.194864][ C0] __do_softirq+0x311/0x83d [ 2833.199548][ C0] [ 2833.202142][ C0] Uninit was stored to memory at: [ 2833.207271][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2833.213112][ C0] __msan_chain_origin+0x50/0x90 [ 2833.218324][ C0] tcp_conn_request+0x1781/0x4d10 [ 2833.223520][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2833.228621][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2833.233633][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2833.239102][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2833.243964][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2833.248642][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2833.254086][ C0] ip_local_deliver+0x62a/0x7c0 [ 2833.258925][ C0] ip_rcv+0x6cf/0x750 [ 2833.262888][ C0] process_backlog+0xf0b/0x1410 [ 2833.267853][ C0] net_rx_action+0x786/0x1aa0 [ 2833.272514][ C0] __do_softirq+0x311/0x83d [ 2833.277007][ C0] [ 2833.279325][ C0] Uninit was stored to memory at: [ 2833.284348][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2833.290073][ C0] __msan_chain_origin+0x50/0x90 [ 2833.295214][ C0] tcp_openreq_init_rwin+0xc22/0xc80 [ 2833.300581][ C0] tcp_conn_request+0x33d7/0x4d10 [ 2833.305590][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2833.310779][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2833.315795][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2833.321210][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2833.325822][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2833.330394][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2833.338223][ C0] ip_local_deliver+0x62a/0x7c0 [ 2833.343228][ C0] ip_rcv+0x6cf/0x750 [ 2833.347205][ C0] process_backlog+0xf0b/0x1410 [ 2833.352143][ C0] net_rx_action+0x786/0x1aa0 [ 2833.356824][ C0] __do_softirq+0x311/0x83d [ 2833.361329][ C0] [ 2833.363637][ C0] Uninit was stored to memory at: [ 2833.368837][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2833.374556][ C0] __msan_chain_origin+0x50/0x90 [ 2833.379492][ C0] tcp_conn_request+0x1781/0x4d10 [ 2833.384537][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2833.389652][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2833.394785][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2833.400164][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2833.404778][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2833.409369][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2833.414949][ C0] ip_local_deliver+0x62a/0x7c0 [ 2833.419817][ C0] ip_rcv+0x6cf/0x750 [ 2833.423787][ C0] process_backlog+0xf0b/0x1410 [ 2833.428634][ C0] net_rx_action+0x786/0x1aa0 [ 2833.433312][ C0] __do_softirq+0x311/0x83d [ 2833.438224][ C0] [ 2833.440553][ C0] Uninit was created at: [ 2833.445029][ C0] kmsan_save_stack_with_flags+0x3c/0x90 [ 2833.450669][ C0] kmsan_alloc_page+0x12a/0x310 [ 2833.455623][ C0] __alloc_pages_nodemask+0x5712/0x5e80 [ 2833.461203][ C0] alloc_pages_current+0x67d/0x990 [ 2833.466485][ C0] alloc_slab_page+0x111/0x12f0 [ 2833.471464][ C0] new_slab+0x2bc/0x1130 [ 2833.475708][ C0] ___slab_alloc+0x1533/0x1f30 [ 2833.480470][ C0] kmem_cache_alloc+0xb23/0xd70 [ 2833.485320][ C0] inet_reqsk_alloc+0xac/0x830 [ 2833.490098][ C0] tcp_conn_request+0x753/0x4d10 [ 2833.495078][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2833.500193][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2833.505638][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2833.510541][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2833.515050][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2833.520510][ C0] ip_local_deliver+0x62a/0x7c0 [ 2833.525386][ C0] ip_sublist_rcv+0x11fa/0x13c0 [ 2833.530256][ C0] ip_list_rcv+0x8eb/0x950 [ 2833.534670][ C0] __netif_receive_skb_list_core+0x1311/0x1380 [ 2833.540841][ C0] netif_receive_skb_list_internal+0xf62/0x1620 [ 2833.547085][ C0] napi_complete_done+0x2ef/0xb60 [ 2833.552109][ C0] virtqueue_napi_complete+0xb9/0x1f0 [ 2833.557475][ C0] virtnet_poll+0x1468/0x19f0 [ 2833.562150][ C0] net_rx_action+0x786/0x1aa0 [ 2833.566809][ C0] __do_softirq+0x311/0x83d 00:44:27 executing program 3: socketpair(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x8922, &(0x7f0000000740)='lo:\a\x00`\x00\x00 \x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xd9\xde\xa4\xc7\xc6\xe9LT\xa1X\x19\x9d\xf2\xb6\xd15\xa1\xb7\x02\xbb\xd6\xcf\a\xbc\x15\xcc>=\x06+\xc0\xf5\x8b\xa9p\x16W)\x00\x00\x00\x00\x00\x00M1\x94r>5\b\xdc^T\x14t\x1e\xea-0\x89\xe1\x8bp\xf5I\x01\x89\xc3\x01\'\x91|p>\x15P`(/\x95\xec\x05\xe2\xc7\x01\"-\xacJJG\\5\x8b\x8c\xf3\xf2\xea') 00:44:27 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000080)="0201bfffffff0a000000ff45ac000000000063000800000000000000024000ffffff82000000e1000000887700720030070082ffffff00000000008000da55aa", 0x40, 0x1c0}]) 00:44:27 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f00000001c0)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:44:27 executing program 2: syz_mount_image$tmpfs(&(0x7f0000002100)='tmpfs\x00', &(0x7f0000002140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)={[{@mpol={'mpol', 0x3d, {'prefer', '=static', @void}}}]}) 00:44:27 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000600)={'bridge_slave_1\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="6c00000024000705ff00"/20, @ANYRES32=r2, @ANYBLOB="00000000ffffffff000000040a0001006e6574656d0000003c000200000000000000000000000c000b00000000000052e0db1400050005000200000000000000000000000000a1d04ff131f4858458ba0492c8b4f08fe7f3b1d6cf071419d9a4117c1b56df875f63d7c9dd693feb8150abbb3f00000000000000000000eb2058d096ee49dffb7715c858c243d01bda9296c929095eac83a479d1a7e5be07413b700243ab1cafada043d3134cdf53a3c237ea5ea95aee077fd793ff88d6d360dcf043f9e97035c647e9db2be9300900000000000012449402d4135ab13ed48e4d0aafb883454167176f124aa395730e70b8da2525767c074fb488a439264ba779d6d173c5dd1fa16c10fc4bfe29b1691d3be9f7baa9a7db01f9503fb81bfec31da1289a890ccde00f1bb5e30aa31b7bf1cabc56049a24e05421feb76d0847594d2f395d8489675d4ed63bcb7136eada831cb1b0c22f76a6f2a02384e71a0b7eef60990087fc3078a2de038a28b42dfd0777b42f7ac69aecae8ae22f91fb84178e4b110194637c87204e9646a2eb6921c295b3776f2dd5502df8fe4302caf9f88a93fee1ffdee61abb91f7bb1b88819e34070b2d690d34a1154c66c8f57f3945423d33f557b406d27025f67b86ffff00000000000039ddfd0165d00841208fe72aeecc4b02982ca2f000ee51879c8225bc17492f17cb70a40f669f0000000000000000000000000000000000000000000000b62ef4aba9da49417ea96cd598b1a0262837c246da11e72c5990a5df917fe073d040009c2b9010c187a696557e32fe50da91ea91213e5000"/598], 0x6c}}, 0x0) 00:44:27 executing program 5: r0 = socket$kcm(0x29, 0x2, 0x0) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x119, 0x1, 0x0, 0x0) [ 2833.833047][ T6086] tmpfs: Bad value for 'mpol' 00:44:28 executing program 0: r0 = socket(0x40000000015, 0x5, 0x0) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x114, 0x3, 0x0, 0x0) 00:44:28 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000600)={'bridge_slave_1\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="6c00000024000705ff00"/20, @ANYRES32=r2, @ANYBLOB="00000000ffffffff000000040a0001006e6574656d0000003c000200000000000000000000000c000b00000000000052e0db1400050005000200000000000000000000000000a1d04ff131f4858458ba0492c8b4f08fe7f3b1d6cf071419d9a4117c1b56df875f63d7c9dd693feb8150abbb3f00000000000000000000eb2058d096ee49dffb7715c858c243d01bda9296c929095eac83a479d1a7e5be07413b700243ab1cafada043d3134cdf53a3c237ea5ea95aee077fd793ff88d6d360dcf043f9e97035c647e9db2be9300900000000000012449402d4135ab13ed48e4d0aafb883454167176f124aa395730e70b8da2525767c074fb488a439264ba779d6d173c5dd1fa16c10fc4bfe29b1691d3be9f7baa9a7db01f9503fb81bfec31da1289a890ccde00f1bb5e30aa31b7bf1cabc56049a24e05421feb76d0847594d2f395d8489675d4ed63bcb7136eada831cb1b0c22f76a6f2a02384e71a0b7eef60990087fc3078a2de038a28b42dfd0777b42f7ac69aecae8ae22f91fb84178e4b110194637c87204e9646a2eb6921c295b3776f2dd5502df8fe4302caf9f88a93fee1ffdee61abb91f7bb1b88819e34070b2d690d34a1154c66c8f57f3945423d33f557b406d27025f67b86ffff00000000000039ddfd0165d00841208fe72aeecc4b02982ca2f000ee51879c8225bc17492f17cb70a40f669f0000000000000000000000000000000000000000000000b62ef4aba9da49417ea96cd598b1a0262837c246da11e72c5990a5df917fe073d040009c2b9010c187a696557e32fe50da91ea91213e5000"/598], 0x6c}}, 0x0) 00:44:28 executing program 2: syz_mount_image$tmpfs(&(0x7f0000002100)='tmpfs\x00', &(0x7f0000002140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)={[{@mpol={'mpol', 0x3d, {'prefer', '=static', @void}}}]}) 00:44:28 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f00000001c0)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:44:28 executing program 0: r0 = socket(0x40000000015, 0x5, 0x0) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x114, 0x3, 0x0, 0x0) 00:44:28 executing program 4: bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1a, 0x0, 0x0, 0x0, 0xbffc8ffecb70bea4}, 0x40) [ 2834.793813][ T6109] tmpfs: Bad value for 'mpol' 00:44:35 executing program 3: socketpair(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x8922, &(0x7f0000000740)='lo:\a\x00`\x00\x00 \x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xd9\xde\xa4\xc7\xc6\xe9LT\xa1X\x19\x9d\xf2\xb6\xd15\xa1\xb7\x02\xbb\xd6\xcf\a\xbc\x15\xcc>=\x06+\xc0\xf5\x8b\xa9p\x16W)\x00\x00\x00\x00\x00\x00M1\x94r>5\b\xdc^T\x14t\x1e\xea-0\x89\xe1\x8bp\xf5I\x01\x89\xc3\x01\'\x91|p>\x15P`(/\x95\xec\x05\xe2\xc7\x01\"-\xacJJG\\5\x8b\x8c\xf3\xf2\xea') 00:44:35 executing program 0: r0 = socket(0x40000000015, 0x5, 0x0) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x114, 0x3, 0x0, 0x0) 00:44:35 executing program 2: syz_mount_image$tmpfs(&(0x7f0000002100)='tmpfs\x00', &(0x7f0000002140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)={[{@mpol={'mpol', 0x3d, {'prefer', '=static', @void}}}]}) 00:44:35 executing program 4: sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000)=0x98, 0x0) r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0) close(r0) r1 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp_SCTP_ASSOCINFO(r0, 0x84, 0x7b, &(0x7f0000000100)={r2}, 0x14) 00:44:35 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f00000001c0)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:44:35 executing program 5: r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0) r1 = dup2(r0, r0) ioctl$VHOST_RESET_OWNER(r1, 0xaf02, 0x0) ioctl$VIDIOC_DQBUF(r1, 0xc0445611, &(0x7f0000000080)={0x1, 0x0, 0x4, 0x0, 0x0, {0x77359400}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "fd8e1820"}, 0x0, 0x0, @planes=0x0}) [ 2841.471304][ T6236] tmpfs: Bad value for 'mpol' 00:44:35 executing program 0: r0 = socket(0x40000000015, 0x5, 0x0) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x114, 0x3, 0x0, 0x0) 00:44:35 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @empty}}) write$tun(r0, &(0x7f0000001580)={@void, @val={0x3, 0x0, 0x0, 0x0, 0x60}, @mpls={[], @ipv6=@generic={0x0, 0x6, "f4e243", 0x40, 0x84, 0x0, @empty, @mcast2, {[@hopopts={0x0, 0x6, [], [@generic={0x0, 0x2f, "297c359376cad0664e3da68bcc09f21b6c6240039598e9a1f5a372733de474890f8c99684df84de395feb4f2968bd6"}]}]}}}}, 0x72) 00:44:36 executing program 2: r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x0, 0x0}}, 0x20) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xf, 0x13, r0, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0x5008, 0x0) r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r1, 0x0) poll(&(0x7f00000001c0)=[{r0}], 0x1, 0x0) 00:44:36 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x11, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x71, 0x10, 0x18}, [@ldst={0x5, 0x2}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/190, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffd06, 0x10, &(0x7f0000000000), 0x1dd}, 0x48) 00:44:36 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f00000001c0)) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:44:36 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @empty}}) write$tun(r0, &(0x7f0000001580)={@void, @val={0x3, 0x0, 0x0, 0x0, 0x60}, @mpls={[], @ipv6=@generic={0x0, 0x6, "f4e243", 0x40, 0x84, 0x0, @empty, @mcast2, {[@hopopts={0x0, 0x6, [], [@generic={0x0, 0x2f, "297c359376cad0664e3da68bcc09f21b6c6240039598e9a1f5a372733de474890f8c99684df84de395feb4f2968bd6"}]}]}}}}, 0x72) [ 2845.376977][ C0] not chained 690000 origins [ 2845.381787][ C0] CPU: 0 PID: 5371 Comm: kworker/u4:4 Not tainted 5.6.0-rc2-syzkaller #0 [ 2845.390285][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2845.400564][ C0] Workqueue: krdsd rds_connect_worker [ 2845.405936][ C0] Call Trace: [ 2845.409212][ C0] [ 2845.412053][ C0] dump_stack+0x1c9/0x220 [ 2845.416416][ C0] kmsan_internal_chain_origin+0x6f/0x130 [ 2845.422137][ C0] ? should_fail+0x72/0x9e0 [ 2845.426625][ C0] ? ret_from_fork+0x35/0x40 [ 2845.431203][ C0] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 2845.437282][ C0] ? arch_stack_walk+0x34c/0x3e0 [ 2845.442215][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2845.447434][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2845.452719][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2845.458529][ C0] ? kmsan_get_metadata+0x4f/0x180 [ 2845.463662][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2845.469486][ C0] ? __msan_metadata_ptr_for_store_2+0x13/0x20 [ 2845.475643][ C0] ? tcp_parse_options+0x1ada/0x1b90 [ 2845.480934][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2845.486126][ C0] __msan_chain_origin+0x50/0x90 [ 2845.491070][ C0] tcp_conn_request+0x13ce/0x4d10 [ 2845.496263][ C0] ? rb_first+0x31/0x100 [ 2845.500770][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2845.506052][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2845.511382][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2845.516591][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2845.522397][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2845.527604][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2845.532721][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2845.537735][ C0] ? inet6_sk_rx_dst_set+0x3d0/0x3d0 [ 2845.543007][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2845.548379][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2845.553559][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2845.559357][ C0] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 2845.565453][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2845.570669][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2845.575262][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2845.579800][ C0] ? tcp_filter+0xf0/0xf0 [ 2845.584378][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2845.589854][ C0] ip_local_deliver+0x62a/0x7c0 [ 2845.594703][ C0] ? ip_local_deliver+0x7c0/0x7c0 [ 2845.599713][ C0] ? ip_protocol_deliver_rcu+0xbc0/0xbc0 [ 2845.605332][ C0] ip_rcv+0x6cf/0x750 [ 2845.609334][ C0] ? ip_rcv_core+0x1270/0x1270 [ 2845.614087][ C0] ? ip_local_deliver_finish+0x350/0x350 [ 2845.619708][ C0] process_backlog+0xf0b/0x1410 [ 2845.624680][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2845.629890][ C0] ? ip_local_deliver_finish+0x350/0x350 [ 2845.635542][ C0] ? rps_trigger_softirq+0x2e0/0x2e0 [ 2845.641000][ C0] net_rx_action+0x786/0x1aa0 [ 2845.645679][ C0] ? net_tx_action+0xc30/0xc30 [ 2845.650448][ C0] __do_softirq+0x311/0x83d [ 2845.654946][ C0] do_softirq_own_stack+0x49/0x80 [ 2845.659954][ C0] [ 2845.662903][ C0] __local_bh_enable_ip+0x184/0x1d0 [ 2845.668107][ C0] local_bh_enable+0x36/0x40 [ 2845.672725][ C0] ip_finish_output2+0x2115/0x2610 [ 2845.677975][ C0] ? ctnetlink_net_exit_batch+0x180/0x180 [ 2845.684419][ C0] ? nf_ct_deliver_cached_events+0x403/0x6c0 [ 2845.690514][ C0] __ip_finish_output+0xaa7/0xd80 [ 2845.695547][ C0] ip_finish_output+0x166/0x410 [ 2845.700415][ C0] ip_output+0x593/0x680 [ 2845.704674][ C0] ? ip_mc_finish_output+0x6c0/0x6c0 [ 2845.709954][ C0] ? ip_finish_output+0x410/0x410 [ 2845.714990][ C0] __ip_queue_xmit+0x1b5c/0x21a0 [ 2845.720376][ C0] ? kmsan_set_origin_checked+0x95/0xf0 [ 2845.726002][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2845.731301][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2845.736500][ C0] ip_queue_xmit+0xcc/0xf0 [ 2845.740906][ C0] ? tcp_v4_fill_cb+0x580/0x580 [ 2845.745752][ C0] __tcp_transmit_skb+0x439c/0x6090 [ 2845.750965][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2845.756777][ C0] tcp_connect+0x4337/0x6920 [ 2845.761365][ C0] ? __msan_poison_alloca+0xf0/0x120 [ 2845.766646][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2845.771854][ C0] tcp_v4_connect+0x21fd/0x2370 [ 2845.776719][ C0] ? tcp_twsk_unique+0xba0/0xba0 [ 2845.781644][ C0] __inet_stream_connect+0x2fb/0x1340 [ 2845.787006][ C0] ? __local_bh_enable_ip+0x97/0x1d0 [ 2845.792469][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2845.797665][ C0] inet_stream_connect+0x101/0x180 [ 2845.802770][ C0] ? __inet_stream_connect+0x1340/0x1340 [ 2845.808404][ C0] rds_tcp_conn_path_connect+0x8a7/0xb80 [ 2845.814032][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2845.819221][ C0] ? rds_tcp_state_change+0x390/0x390 [ 2845.824586][ C0] rds_connect_worker+0x2a6/0x470 [ 2845.829600][ C0] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 2845.835666][ C0] ? rds_addr_cmp+0x200/0x200 [ 2845.840325][ C0] process_one_work+0x1555/0x1f40 [ 2845.845371][ C0] worker_thread+0xef6/0x2450 [ 2845.850058][ C0] kthread+0x4b5/0x4f0 [ 2845.854108][ C0] ? process_one_work+0x1f40/0x1f40 [ 2845.859309][ C0] ? kthread_blkcg+0xf0/0xf0 [ 2845.863916][ C0] ret_from_fork+0x35/0x40 [ 2845.868336][ C0] Uninit was stored to memory at: [ 2845.873363][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2845.879075][ C0] __msan_chain_origin+0x50/0x90 [ 2845.884008][ C0] tcp_conn_request+0x1781/0x4d10 [ 2845.889029][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2845.894150][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2845.899169][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2845.904721][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2845.909295][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2845.913798][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2845.919260][ C0] ip_local_deliver+0x62a/0x7c0 [ 2845.924095][ C0] ip_rcv+0x6cf/0x750 [ 2845.928086][ C0] process_backlog+0xf0b/0x1410 [ 2845.932966][ C0] net_rx_action+0x786/0x1aa0 [ 2845.937638][ C0] __do_softirq+0x311/0x83d [ 2845.942158][ C0] [ 2845.944471][ C0] Uninit was stored to memory at: [ 2845.949484][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2845.955189][ C0] __msan_chain_origin+0x50/0x90 [ 2845.960121][ C0] tcp_openreq_init_rwin+0xc22/0xc80 [ 2845.965408][ C0] tcp_conn_request+0x33d7/0x4d10 [ 2845.970416][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2845.975513][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2845.980529][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2845.985894][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2845.990499][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2845.995267][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2846.000717][ C0] ip_local_deliver+0x62a/0x7c0 [ 2846.005560][ C0] ip_rcv+0x6cf/0x750 [ 2846.009761][ C0] process_backlog+0xf0b/0x1410 [ 2846.014602][ C0] net_rx_action+0x786/0x1aa0 [ 2846.019266][ C0] __do_softirq+0x311/0x83d [ 2846.023743][ C0] [ 2846.026051][ C0] Uninit was stored to memory at: [ 2846.031073][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2846.036776][ C0] __msan_chain_origin+0x50/0x90 [ 2846.041699][ C0] tcp_conn_request+0x1781/0x4d10 [ 2846.046711][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2846.051810][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2846.056819][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2846.062177][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2846.066754][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2846.071256][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2846.076701][ C0] ip_local_deliver+0x62a/0x7c0 [ 2846.081541][ C0] ip_rcv+0x6cf/0x750 [ 2846.085530][ C0] process_backlog+0xf0b/0x1410 [ 2846.090374][ C0] net_rx_action+0x786/0x1aa0 [ 2846.095049][ C0] __do_softirq+0x311/0x83d [ 2846.099532][ C0] [ 2846.101858][ C0] Uninit was stored to memory at: [ 2846.106892][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2846.112594][ C0] __msan_chain_origin+0x50/0x90 [ 2846.117516][ C0] tcp_openreq_init_rwin+0xc22/0xc80 [ 2846.123578][ C0] tcp_conn_request+0x33d7/0x4d10 [ 2846.128587][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2846.133709][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2846.138726][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2846.144084][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2846.149371][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2846.153865][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2846.159315][ C0] ip_local_deliver+0x62a/0x7c0 [ 2846.164204][ C0] ip_rcv+0x6cf/0x750 [ 2846.168556][ C0] process_backlog+0xf0b/0x1410 [ 2846.173511][ C0] net_rx_action+0x786/0x1aa0 [ 2846.178209][ C0] __do_softirq+0x311/0x83d [ 2846.182709][ C0] [ 2846.185026][ C0] Uninit was stored to memory at: [ 2846.190058][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2846.195782][ C0] __msan_chain_origin+0x50/0x90 [ 2846.200750][ C0] tcp_conn_request+0x1781/0x4d10 [ 2846.205772][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2846.210889][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2846.215911][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2846.221308][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2846.225889][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2846.230475][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2846.239334][ C0] ip_local_deliver+0x62a/0x7c0 [ 2846.244191][ C0] ip_rcv+0x6cf/0x750 [ 2846.248214][ C0] process_backlog+0xf0b/0x1410 [ 2846.253080][ C0] net_rx_action+0x786/0x1aa0 [ 2846.257757][ C0] __do_softirq+0x311/0x83d [ 2846.262280][ C0] [ 2846.264605][ C0] Uninit was stored to memory at: [ 2846.269625][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2846.275365][ C0] __msan_chain_origin+0x50/0x90 [ 2846.280356][ C0] tcp_openreq_init_rwin+0xc22/0xc80 [ 2846.285700][ C0] tcp_conn_request+0x33d7/0x4d10 [ 2846.290720][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2846.295941][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2846.301096][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2846.306540][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2846.311207][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2846.315701][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2846.321143][ C0] ip_local_deliver+0x62a/0x7c0 [ 2846.325989][ C0] ip_rcv+0x6cf/0x750 [ 2846.329974][ C0] process_backlog+0xf0b/0x1410 [ 2846.334807][ C0] net_rx_action+0x786/0x1aa0 [ 2846.339472][ C0] __do_softirq+0x311/0x83d [ 2846.343965][ C0] [ 2846.346286][ C0] Uninit was stored to memory at: [ 2846.351300][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2846.357114][ C0] __msan_chain_origin+0x50/0x90 [ 2846.362042][ C0] tcp_conn_request+0x1781/0x4d10 [ 2846.367061][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2846.372193][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2846.377230][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2846.382673][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2846.387266][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2846.391768][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2846.397429][ C0] ip_local_deliver+0x62a/0x7c0 [ 2846.402281][ C0] ip_rcv+0x6cf/0x750 [ 2846.406252][ C0] process_backlog+0xf0b/0x1410 [ 2846.411117][ C0] net_rx_action+0x786/0x1aa0 [ 2846.415926][ C0] __do_softirq+0x311/0x83d [ 2846.420775][ C0] [ 2846.423190][ C0] Uninit was created at: [ 2846.427434][ C0] kmsan_save_stack_with_flags+0x3c/0x90 [ 2846.433079][ C0] kmsan_alloc_page+0x12a/0x310 [ 2846.438009][ C0] __alloc_pages_nodemask+0x5712/0x5e80 [ 2846.443788][ C0] alloc_pages_current+0x67d/0x990 [ 2846.449399][ C0] alloc_slab_page+0x111/0x12f0 [ 2846.454359][ C0] new_slab+0x2bc/0x1130 [ 2846.458588][ C0] ___slab_alloc+0x1533/0x1f30 [ 2846.463448][ C0] kmem_cache_alloc+0xb23/0xd70 [ 2846.468291][ C0] inet_reqsk_alloc+0xac/0x830 [ 2846.473048][ C0] tcp_conn_request+0x753/0x4d10 [ 2846.477986][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2846.483428][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2846.488826][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2846.493411][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2846.497904][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2846.503361][ C0] ip_local_deliver+0x62a/0x7c0 [ 2846.508210][ C0] ip_sublist_rcv+0x11fa/0x13c0 [ 2846.513058][ C0] ip_list_rcv+0x8eb/0x950 [ 2846.517482][ C0] __netif_receive_skb_list_core+0x1311/0x1380 [ 2846.523802][ C0] netif_receive_skb_list_internal+0xf62/0x1620 [ 2846.530108][ C0] napi_complete_done+0x2ef/0xb60 [ 2846.535141][ C0] virtqueue_napi_complete+0xb9/0x1f0 [ 2846.540508][ C0] virtnet_poll+0x1468/0x19f0 [ 2846.545479][ C0] net_rx_action+0x786/0x1aa0 [ 2846.550164][ C0] __do_softirq+0x311/0x83d 00:44:40 executing program 3: socketpair(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x8922, &(0x7f0000000740)='lo:\a\x00`\x00\x00 \x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xd9\xde\xa4\xc7\xc6\xe9LT\xa1X\x19\x9d\xf2\xb6\xd15\xa1\xb7\x02\xbb\xd6\xcf\a\xbc\x15\xcc>=\x06+\xc0\xf5\x8b\xa9p\x16W)\x00\x00\x00\x00\x00\x00M1\x94r>5\b\xdc^T\x14t\x1e\xea-0\x89\xe1\x8bp\xf5I\x01\x89\xc3\x01\'\x91|p>\x15P`(/\x95\xec\x05\xe2\xc7\x01\"-\xacJJG\\5\x8b\x8c\xf3\xf2\xea') 00:44:40 executing program 1: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendto$inet(r0, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) shutdown(r0, 0x1) setsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000100), 0x10) 00:44:40 executing program 2: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0xa4}, [@ldst={0x3, 0x2, 0x3, 0x1c10a1, 0x0, 0x3a}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48) 00:44:40 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @empty}}) write$tun(r0, &(0x7f0000001580)={@void, @val={0x3, 0x0, 0x0, 0x0, 0x60}, @mpls={[], @ipv6=@generic={0x0, 0x6, "f4e243", 0x40, 0x84, 0x0, @empty, @mcast2, {[@hopopts={0x0, 0x6, [], [@generic={0x0, 0x2f, "297c359376cad0664e3da68bcc09f21b6c6240039598e9a1f5a372733de474890f8c99684df84de395feb4f2968bd6"}]}]}}}}, 0x72) 00:44:40 executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10) syz_emit_ethernet(0x5a, &(0x7f0000000140)={@dev, @broadcast, @val={@void}, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "38601a0b0a6e2e48a134452de11f88c7f87c2a334239f924c67d2d6cbb8f3ed2663c967c4ed781d249374c0307b8941790b523379cd27f9bcee55acc82d775ce"}}}}, 0x0) 00:44:40 executing program 5: setrlimit(0x0, &(0x7f0000000000)={0x100, 0x800}) clone3(&(0x7f0000001680)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x40) 00:44:41 executing program 1: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendto$inet(r0, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) shutdown(r0, 0x1) setsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000100), 0x10) 00:44:41 executing program 2: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0xa4}, [@ldst={0x3, 0x2, 0x3, 0x1c10a1, 0x0, 0x3a}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48) 00:44:41 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @empty}}) write$tun(r0, &(0x7f0000001580)={@void, @val={0x3, 0x0, 0x0, 0x0, 0x60}, @mpls={[], @ipv6=@generic={0x0, 0x6, "f4e243", 0x40, 0x84, 0x0, @empty, @mcast2, {[@hopopts={0x0, 0x6, [], [@generic={0x0, 0x2f, "297c359376cad0664e3da68bcc09f21b6c6240039598e9a1f5a372733de474890f8c99684df84de395feb4f2968bd6"}]}]}}}}, 0x72) 00:44:41 executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10) syz_emit_ethernet(0x5a, &(0x7f0000000140)={@dev, @broadcast, @val={@void}, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "38601a0b0a6e2e48a134452de11f88c7f87c2a334239f924c67d2d6cbb8f3ed2663c967c4ed781d249374c0307b8941790b523379cd27f9bcee55acc82d775ce"}}}}, 0x0) 00:44:41 executing program 1: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendto$inet(r0, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) shutdown(r0, 0x1) setsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000100), 0x10) 00:44:41 executing program 2: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0xa4}, [@ldst={0x3, 0x2, 0x3, 0x1c10a1, 0x0, 0x3a}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48) 00:44:46 executing program 3: r0 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$IPT_SO_GET_ENTRIES(r0, 0x0, 0x41, 0x0, &(0x7f0000000200)) 00:44:46 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)={0x20, r1, 0x1, 0x0, 0x0, {0x2}, [@IPVS_CMD_ATTR_SERVICE={0xc, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6, 0x8}]}]}, 0x20}}, 0x0) 00:44:46 executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10) syz_emit_ethernet(0x5a, &(0x7f0000000140)={@dev, @broadcast, @val={@void}, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "38601a0b0a6e2e48a134452de11f88c7f87c2a334239f924c67d2d6cbb8f3ed2663c967c4ed781d249374c0307b8941790b523379cd27f9bcee55acc82d775ce"}}}}, 0x0) 00:44:46 executing program 1: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendto$inet(r0, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) shutdown(r0, 0x1) setsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000100), 0x10) 00:44:46 executing program 2: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0xa4}, [@ldst={0x3, 0x2, 0x3, 0x1c10a1, 0x0, 0x3a}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48) 00:44:46 executing program 5: r0 = memfd_create(&(0x7f0000000100)='#\'%nodev\x00', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x4, 0x11, r0, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) getsockopt$inet6_int(r1, 0x29, 0x7, 0x0, &(0x7f00000002c0)) [ 2852.220671][ T7015] netlink: 'syz-executor.4': attribute type 8 has an invalid length. 00:44:46 executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10) syz_emit_ethernet(0x5a, &(0x7f0000000140)={@dev, @broadcast, @val={@void}, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "38601a0b0a6e2e48a134452de11f88c7f87c2a334239f924c67d2d6cbb8f3ed2663c967c4ed781d249374c0307b8941790b523379cd27f9bcee55acc82d775ce"}}}}, 0x0) 00:44:46 executing program 2: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x2000077d, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) writev(r0, &(0x7f0000000580)=[{&(0x7f00000002c0)="e73b2ca797d29d33eeb7ed4e18f86a31351c877a8a343f6257baf601f84b81e89045a0538dc9efa04c19c13f6b1ff2cf02d408f27487de1d0c3d71cc76aac5b4235eac46d10a1377a36c7d174c72e3b715084ce2439253fd65131210253d3a3096baeaad428c0fcb2e362ef8a8db9350d6b272a6ba1c770fdb32f27cef0ca500000000000000000000000000576d1f78a044425f88b9866df40d2da2f9e0852ad9b1e71044cca95929e918f3e47e7f0470bd5b74afca49a8be9ca7551058bf8c224b01cf4cf48c3c21", 0xc9}], 0x1) sendto$inet(r0, &(0x7f00000012c0)="0e", 0x1, 0x11, 0x0, 0x0) ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) 00:44:46 executing program 1: r0 = syz_open_dev$vivid(&(0x7f0000000ec0)='/dev/video#\x00', 0x0, 0x2) ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r0, 0xc0205647, &(0x7f00000000c0)={0x8001007}) 00:44:46 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bridge_slave_0\x00', 0x0}) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x3d2}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0xfd11) sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="340000001000010400"/20, @ANYRES32=r5, @ANYBLOB="0000000000000000140012000c0001006272696467650000000200"], 0x34}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000000c0)=@newlink={0x28, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_MASTER={0x8, 0xa, r5}]}, 0x28}}, 0x0) 00:44:47 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x33, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{}]}, 0x10) 00:44:47 executing program 1: r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey\x00', 0x0, 0x0) close(r0) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080)={0xffffffffffffffff}, 0x111}}, 0x20) write$RDMA_USER_CM_CMD_QUERY(r0, &(0x7f0000000240)={0x13, 0x10, 0x7, {0x0, r2, 0x1}}, 0x18) [ 2853.159970][ T7236] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. 00:44:50 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x24, 0x7, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x7fffffff}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x24}}, 0x0) 00:44:50 executing program 2: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x2000077d, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) writev(r0, &(0x7f0000000580)=[{&(0x7f00000002c0)="e73b2ca797d29d33eeb7ed4e18f86a31351c877a8a343f6257baf601f84b81e89045a0538dc9efa04c19c13f6b1ff2cf02d408f27487de1d0c3d71cc76aac5b4235eac46d10a1377a36c7d174c72e3b715084ce2439253fd65131210253d3a3096baeaad428c0fcb2e362ef8a8db9350d6b272a6ba1c770fdb32f27cef0ca500000000000000000000000000576d1f78a044425f88b9866df40d2da2f9e0852ad9b1e71044cca95929e918f3e47e7f0470bd5b74afca49a8be9ca7551058bf8c224b01cf4cf48c3c21", 0xc9}], 0x1) sendto$inet(r0, &(0x7f00000012c0)="0e", 0x1, 0x11, 0x0, 0x0) ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) 00:44:50 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f0000000240)=[@in6={0xa, 0x0, 0x0, @rand_addr="100e0e188dec22c679daac3b6f3d26b3"}]}, &(0x7f0000000180)=0x10) r1 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0x6d, &(0x7f00000002c0)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, @in={{0x2, 0x0, @multicast1}}}}, &(0x7f0000000380)=0xb0) 00:44:50 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x33, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{}]}, 0x10) 00:44:50 executing program 1: socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)) clone(0xd7e0ce5d01a5091b, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$TIOCSSOFTCAR(r0, 0x40096101, &(0x7f0000000000)) 00:44:50 executing program 5: r0 = memfd_create(&(0x7f0000000100)='#\'%nodev\x00', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x4, 0x11, r0, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) getsockopt$inet6_int(r1, 0x29, 0x7, 0x0, &(0x7f00000002c0)) [ 2856.849291][ T7457] QAT: Device 0 not found 00:44:51 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x33, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{}]}, 0x10) 00:44:51 executing program 1: socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)) clone(0xd7e0ce5d01a5091b, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$TIOCSSOFTCAR(r0, 0x40096101, &(0x7f0000000000)) 00:44:51 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f0000000240)=[@in6={0xa, 0x0, 0x0, @rand_addr="100e0e188dec22c679daac3b6f3d26b3"}]}, &(0x7f0000000180)=0x10) r1 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0x6d, &(0x7f00000002c0)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, @in={{0x2, 0x0, @multicast1}}}}, &(0x7f0000000380)=0xb0) 00:44:51 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x33, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{}]}, 0x10) 00:44:51 executing program 2: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x2000077d, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) writev(r0, &(0x7f0000000580)=[{&(0x7f00000002c0)="e73b2ca797d29d33eeb7ed4e18f86a31351c877a8a343f6257baf601f84b81e89045a0538dc9efa04c19c13f6b1ff2cf02d408f27487de1d0c3d71cc76aac5b4235eac46d10a1377a36c7d174c72e3b715084ce2439253fd65131210253d3a3096baeaad428c0fcb2e362ef8a8db9350d6b272a6ba1c770fdb32f27cef0ca500000000000000000000000000576d1f78a044425f88b9866df40d2da2f9e0852ad9b1e71044cca95929e918f3e47e7f0470bd5b74afca49a8be9ca7551058bf8c224b01cf4cf48c3c21", 0xc9}], 0x1) sendto$inet(r0, &(0x7f00000012c0)="0e", 0x1, 0x11, 0x0, 0x0) ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) [ 2857.355913][ T7672] QAT: Device 0 not found 00:44:51 executing program 1: socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)) clone(0xd7e0ce5d01a5091b, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$TIOCSSOFTCAR(r0, 0x40096101, &(0x7f0000000000)) [ 2857.870368][ T7684] QAT: Device 0 not found [ 2858.357769][ C1] not chained 700000 origins [ 2858.362954][ C1] CPU: 1 PID: 5371 Comm: kworker/u4:4 Not tainted 5.6.0-rc2-syzkaller #0 [ 2858.371384][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2858.381642][ C1] Workqueue: krdsd rds_connect_worker [ 2858.387000][ C1] Call Trace: [ 2858.390453][ C1] [ 2858.393290][ C1] dump_stack+0x1c9/0x220 [ 2858.397609][ C1] kmsan_internal_chain_origin+0x6f/0x130 [ 2858.403328][ C1] ? xfrm_lookup_route+0x2c1/0x370 [ 2858.408439][ C1] ? ip_route_output_flow+0x35a/0x3d0 [ 2858.413791][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2858.418970][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2858.424186][ C1] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2858.429989][ C1] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 2858.436230][ C1] ? tcp_select_initial_window+0x60d/0x6c0 [ 2858.442153][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2858.447353][ C1] __msan_chain_origin+0x50/0x90 [ 2858.452277][ C1] tcp_openreq_init_rwin+0xc22/0xc80 [ 2858.457570][ C1] tcp_conn_request+0x33d7/0x4d10 [ 2858.462614][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2858.467812][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2858.472996][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2858.478098][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2858.483104][ C1] ? inet6_sk_rx_dst_set+0x3d0/0x3d0 [ 2858.488366][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2858.493734][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2858.498916][ C1] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2858.504705][ C1] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 2858.510855][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2858.516133][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2858.520735][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2858.525256][ C1] ? tcp_filter+0xf0/0xf0 [ 2858.529584][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2858.536108][ C1] ip_local_deliver+0x62a/0x7c0 [ 2858.540965][ C1] ? ip_local_deliver+0x7c0/0x7c0 [ 2858.545973][ C1] ? ip_protocol_deliver_rcu+0xbc0/0xbc0 [ 2858.551597][ C1] ip_rcv+0x6cf/0x750 [ 2858.555570][ C1] ? ip_rcv_core+0x1270/0x1270 [ 2858.560337][ C1] ? ip_local_deliver_finish+0x350/0x350 [ 2858.565952][ C1] process_backlog+0xf0b/0x1410 [ 2858.570792][ C1] ? ip_local_deliver_finish+0x350/0x350 [ 2858.576416][ C1] ? rps_trigger_softirq+0x2e0/0x2e0 [ 2858.581682][ C1] net_rx_action+0x786/0x1aa0 [ 2858.586352][ C1] ? net_tx_action+0xc30/0xc30 [ 2858.591117][ C1] __do_softirq+0x311/0x83d [ 2858.595703][ C1] do_softirq_own_stack+0x49/0x80 [ 2858.600701][ C1] [ 2858.603635][ C1] __local_bh_enable_ip+0x184/0x1d0 [ 2858.608906][ C1] local_bh_enable+0x36/0x40 [ 2858.613554][ C1] ip_finish_output2+0x2115/0x2610 [ 2858.618694][ C1] ? ctnetlink_net_exit_batch+0x180/0x180 [ 2858.624420][ C1] ? nf_ct_deliver_cached_events+0x403/0x6c0 [ 2858.630414][ C1] __ip_finish_output+0xaa7/0xd80 [ 2858.635457][ C1] ip_finish_output+0x166/0x410 [ 2858.640323][ C1] ip_output+0x593/0x680 [ 2858.644572][ C1] ? ip_mc_finish_output+0x6c0/0x6c0 [ 2858.649850][ C1] ? ip_finish_output+0x410/0x410 [ 2858.654866][ C1] __ip_queue_xmit+0x1b5c/0x21a0 [ 2858.659789][ C1] ? kmsan_set_origin_checked+0x95/0xf0 [ 2858.665327][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2858.670517][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2858.675704][ C1] ip_queue_xmit+0xcc/0xf0 [ 2858.680117][ C1] ? tcp_v4_fill_cb+0x580/0x580 [ 2858.684948][ C1] __tcp_transmit_skb+0x439c/0x6090 [ 2858.690139][ C1] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2858.695963][ C1] tcp_connect+0x4337/0x6920 [ 2858.700535][ C1] ? __msan_poison_alloca+0xf0/0x120 [ 2858.705814][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2858.711037][ C1] tcp_v4_connect+0x21fd/0x2370 [ 2858.715888][ C1] ? tcp_twsk_unique+0xba0/0xba0 [ 2858.720825][ C1] __inet_stream_connect+0x2fb/0x1340 [ 2858.726190][ C1] ? __local_bh_enable_ip+0x97/0x1d0 [ 2858.731465][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2858.736647][ C1] inet_stream_connect+0x101/0x180 [ 2858.741741][ C1] ? __inet_stream_connect+0x1340/0x1340 [ 2858.747355][ C1] rds_tcp_conn_path_connect+0x8a7/0xb80 [ 2858.752977][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2858.758175][ C1] ? rds_tcp_state_change+0x390/0x390 [ 2858.763534][ C1] rds_connect_worker+0x2a6/0x470 [ 2858.768754][ C1] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 2858.774818][ C1] ? rds_addr_cmp+0x200/0x200 [ 2858.779477][ C1] process_one_work+0x1555/0x1f40 [ 2858.784499][ C1] worker_thread+0xef6/0x2450 [ 2858.789214][ C1] kthread+0x4b5/0x4f0 [ 2858.793283][ C1] ? process_one_work+0x1f40/0x1f40 [ 2858.798485][ C1] ? kthread_blkcg+0xf0/0xf0 [ 2858.803064][ C1] ret_from_fork+0x35/0x40 [ 2858.807659][ C1] Uninit was stored to memory at: [ 2858.812674][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2858.818379][ C1] __msan_chain_origin+0x50/0x90 [ 2858.823334][ C1] tcp_conn_request+0x1781/0x4d10 [ 2858.828341][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2858.833518][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2858.838571][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2858.843922][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2858.848503][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2858.853108][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2858.858577][ C1] ip_local_deliver+0x62a/0x7c0 [ 2858.863411][ C1] ip_rcv+0x6cf/0x750 [ 2858.867426][ C1] process_backlog+0xf0b/0x1410 [ 2858.872277][ C1] net_rx_action+0x786/0x1aa0 [ 2858.876956][ C1] __do_softirq+0x311/0x83d [ 2858.881528][ C1] [ 2858.883844][ C1] Uninit was stored to memory at: [ 2858.888980][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2858.894851][ C1] __msan_chain_origin+0x50/0x90 [ 2858.899798][ C1] tcp_openreq_init_rwin+0xc22/0xc80 [ 2858.905078][ C1] tcp_conn_request+0x33d7/0x4d10 [ 2858.910083][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2858.915176][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2858.920410][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2858.925771][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2858.930339][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2858.935956][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2858.941390][ C1] ip_local_deliver+0x62a/0x7c0 [ 2858.946220][ C1] ip_rcv+0x6cf/0x750 [ 2858.950187][ C1] process_backlog+0xf0b/0x1410 [ 2858.955016][ C1] net_rx_action+0x786/0x1aa0 [ 2858.959771][ C1] __do_softirq+0x311/0x83d [ 2858.964253][ C1] [ 2858.966559][ C1] Uninit was stored to memory at: [ 2858.971567][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2858.977294][ C1] __msan_chain_origin+0x50/0x90 [ 2858.982210][ C1] tcp_conn_request+0x1781/0x4d10 [ 2858.987211][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2858.992302][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2858.997304][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2859.002657][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2859.007236][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2859.011730][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2859.017203][ C1] ip_local_deliver+0x62a/0x7c0 [ 2859.022037][ C1] ip_rcv+0x6cf/0x750 [ 2859.026019][ C1] process_backlog+0xf0b/0x1410 [ 2859.030850][ C1] net_rx_action+0x786/0x1aa0 [ 2859.035516][ C1] __do_softirq+0x311/0x83d [ 2859.039998][ C1] [ 2859.042303][ C1] Uninit was stored to memory at: [ 2859.047325][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2859.053023][ C1] __msan_chain_origin+0x50/0x90 [ 2859.057942][ C1] tcp_openreq_init_rwin+0xc22/0xc80 [ 2859.063214][ C1] tcp_conn_request+0x33d7/0x4d10 [ 2859.068220][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2859.073748][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2859.078750][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2859.084096][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2859.088662][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2859.093146][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2859.098585][ C1] ip_local_deliver+0x62a/0x7c0 [ 2859.103414][ C1] ip_rcv+0x6cf/0x750 [ 2859.107418][ C1] process_backlog+0xf0b/0x1410 [ 2859.112250][ C1] net_rx_action+0x786/0x1aa0 [ 2859.116930][ C1] __do_softirq+0x311/0x83d [ 2859.121498][ C1] [ 2859.123884][ C1] Uninit was stored to memory at: [ 2859.129001][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2859.134710][ C1] __msan_chain_origin+0x50/0x90 [ 2859.139632][ C1] tcp_conn_request+0x1781/0x4d10 [ 2859.144638][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2859.149738][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2859.154744][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2859.160217][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2859.164803][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2859.169321][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2859.174763][ C1] ip_local_deliver+0x62a/0x7c0 [ 2859.179604][ C1] ip_rcv+0x6cf/0x750 [ 2859.183565][ C1] process_backlog+0xf0b/0x1410 [ 2859.188411][ C1] net_rx_action+0x786/0x1aa0 [ 2859.193090][ C1] __do_softirq+0x311/0x83d [ 2859.197565][ C1] [ 2859.199879][ C1] Uninit was stored to memory at: [ 2859.204891][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2859.210700][ C1] __msan_chain_origin+0x50/0x90 [ 2859.215629][ C1] tcp_openreq_init_rwin+0xc22/0xc80 [ 2859.220900][ C1] tcp_conn_request+0x33d7/0x4d10 [ 2859.226041][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2859.231134][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2859.236249][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2859.241617][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2859.246258][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2859.250747][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2859.256391][ C1] ip_local_deliver+0x62a/0x7c0 [ 2859.261357][ C1] ip_rcv+0x6cf/0x750 [ 2859.265329][ C1] process_backlog+0xf0b/0x1410 [ 2859.270292][ C1] net_rx_action+0x786/0x1aa0 [ 2859.274958][ C1] __do_softirq+0x311/0x83d [ 2859.279714][ C1] [ 2859.282203][ C1] Uninit was stored to memory at: [ 2859.287217][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2859.292916][ C1] __msan_chain_origin+0x50/0x90 [ 2859.297874][ C1] tcp_conn_request+0x1781/0x4d10 [ 2859.302912][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2859.308113][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2859.314756][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2859.320149][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2859.325340][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2859.329829][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2859.335366][ C1] ip_local_deliver+0x62a/0x7c0 [ 2859.340200][ C1] ip_rcv+0x6cf/0x750 [ 2859.344172][ C1] process_backlog+0xf0b/0x1410 [ 2859.349007][ C1] net_rx_action+0x786/0x1aa0 [ 2859.353672][ C1] __do_softirq+0x311/0x83d [ 2859.358147][ C1] [ 2859.360451][ C1] Uninit was created at: [ 2859.364695][ C1] kmsan_save_stack_with_flags+0x3c/0x90 [ 2859.370306][ C1] kmsan_alloc_page+0x12a/0x310 [ 2859.375157][ C1] __alloc_pages_nodemask+0x5712/0x5e80 [ 2859.380683][ C1] alloc_pages_current+0x67d/0x990 [ 2859.385803][ C1] alloc_slab_page+0x111/0x12f0 [ 2859.390641][ C1] new_slab+0x2bc/0x1130 [ 2859.395834][ C1] ___slab_alloc+0x1533/0x1f30 [ 2859.400595][ C1] kmem_cache_alloc+0xb23/0xd70 [ 2859.405438][ C1] inet_reqsk_alloc+0xac/0x830 [ 2859.410209][ C1] tcp_conn_request+0x753/0x4d10 [ 2859.415164][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2859.420299][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2859.425658][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2859.430357][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2859.434844][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2859.440301][ C1] ip_local_deliver+0x62a/0x7c0 [ 2859.445230][ C1] ip_sublist_rcv+0x11fa/0x13c0 [ 2859.450080][ C1] ip_list_rcv+0x8eb/0x950 [ 2859.454479][ C1] __netif_receive_skb_list_core+0x1311/0x1380 [ 2859.460616][ C1] netif_receive_skb_list_internal+0xf62/0x1620 [ 2859.466839][ C1] napi_complete_done+0x2ef/0xb60 [ 2859.471848][ C1] virtqueue_napi_complete+0xb9/0x1f0 [ 2859.477213][ C1] virtnet_poll+0x1468/0x19f0 [ 2859.482580][ C1] net_rx_action+0x786/0x1aa0 [ 2859.487239][ C1] __do_softirq+0x311/0x83d 00:44:56 executing program 3: syz_emit_ethernet(0x9a, &(0x7f0000000140)={@local, @dev, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "831a46", 0x64, 0x11, 0x0, @local, @local, {[], {0x0, 0x57c1, 0x64, 0x0, @wg=@response={0x2, 0x0, 0x0, "76d5d527cd19b969fe0c8e01d4ceb6f90200b0470cbc5760d4492de98a08ce81", "b3866aad1bcd3a6df9dd218604b7278d", {"5601e738a5cc8ee42bdee7aa0655d56a", "585a9434971a4bbda9f597a3172cc156"}}}}}}}}, 0x0) 00:44:56 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f0000000240)=[@in6={0xa, 0x0, 0x0, @rand_addr="100e0e188dec22c679daac3b6f3d26b3"}]}, &(0x7f0000000180)=0x10) r1 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0x6d, &(0x7f00000002c0)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, @in={{0x2, 0x0, @multicast1}}}}, &(0x7f0000000380)=0xb0) 00:44:56 executing program 2: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x2000077d, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) writev(r0, &(0x7f0000000580)=[{&(0x7f00000002c0)="e73b2ca797d29d33eeb7ed4e18f86a31351c877a8a343f6257baf601f84b81e89045a0538dc9efa04c19c13f6b1ff2cf02d408f27487de1d0c3d71cc76aac5b4235eac46d10a1377a36c7d174c72e3b715084ce2439253fd65131210253d3a3096baeaad428c0fcb2e362ef8a8db9350d6b272a6ba1c770fdb32f27cef0ca500000000000000000000000000576d1f78a044425f88b9866df40d2da2f9e0852ad9b1e71044cca95929e918f3e47e7f0470bd5b74afca49a8be9ca7551058bf8c224b01cf4cf48c3c21", 0xc9}], 0x1) sendto$inet(r0, &(0x7f00000012c0)="0e", 0x1, 0x11, 0x0, 0x0) ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) 00:44:56 executing program 0: r0 = openat$selinux_relabel(0xffffffffffffff9c, &(0x7f0000002040)='/selinux/relabel\x00', 0x2, 0x0) write$selinux_access(r0, &(0x7f0000002080)={'system_u:object_r:semanage_trans_lock_t:s0', 0x20, 'unconfined_u:system_r:insmod_t:s0-s0:c0.c1023', 0x20, 0x17f}, 0x6e) 00:44:56 executing program 1: socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)) clone(0xd7e0ce5d01a5091b, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$TIOCSSOFTCAR(r0, 0x40096101, &(0x7f0000000000)) 00:44:56 executing program 5: r0 = memfd_create(&(0x7f0000000100)='#\'%nodev\x00', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x4, 0x11, r0, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) getsockopt$inet6_int(r1, 0x29, 0x7, 0x0, &(0x7f00000002c0)) 00:44:56 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f0000000240)=[@in6={0xa, 0x0, 0x0, @rand_addr="100e0e188dec22c679daac3b6f3d26b3"}]}, &(0x7f0000000180)=0x10) r1 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0x6d, &(0x7f00000002c0)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, @in={{0x2, 0x0, @multicast1}}}}, &(0x7f0000000380)=0xb0) [ 2862.777790][ T7700] QAT: Device 0 not found 00:44:57 executing program 0: r0 = socket(0x10, 0x80002, 0x0) sendmmsg$alg(r0, &(0x7f0000000180)=[{0x2, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100), 0xfffffffffffffed6}], 0x492492492492642, 0x0) 00:44:57 executing program 1: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) socket(0x10, 0x0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700) pwrite64(r2, &(0x7f0000000600)="4ebefa1e923f1e018b6e53bf4815b78e1f2ef9212b93090c1ff6b35c208d50aef3fd759f995b53dd37c58cf8332b8a6b66575478e02ef0145bf122ba2e2c53a7ec45e375683475a6495f8d7b7a088f5e32dc266569074319bf8c8d3d8007cc92e2ba0d9082c41b63e330f353a3f675a98d2e74a08e38400f7f5eb113a0e25fd90115d57a7acdcab1128cf4f9c719f3f29d460c507f8a2a6594d259217d32eae9be93c6ed17a67ae2e7e689a31fa8449da12fd62bf423cff702b09e6ee1ff0e698b8bb517819eb712ba2b34b54b28b79d9399d920d5a5507e8a85f37060dfe3051f06f8d7cc9b068495ee5d5fcce85410bcd9f91d1f198353ce94b2e03370e43875c1a035bb88fd26fbb5b1252e2056d6b67e2b2f424051a40ad9170e76a81a6ca4f149ff643db76f8f2c1aa8024a6279952027489bbad6479e47ea5ba9e47d8136df398665f6cdfd15e93cfbf2ce1151afe9321ed63fe7100e704b232646fc1e0e936b90cceaaa70225ce71640e10316d2cc637355eddb3c4e16ff1635fa4e65a66eb5ab2cbf9d6f063e05f0e46fcc14bf31eedfb9f33c215fc14946cc6f7493924442e939f71ac4bd3e35e78857f9624c663f3669a47a7146e3249ee3eaaf681f371d515af5b934f9252c7ac2a164bf318fc2b194ee087b2b28ed5e4618c0906fc3f32c43a3b9e08a2e0d509f65a7de909e8c3c535f1d8cb9c236716e5ad709", 0x200, 0x1200) write$cgroup_int(r0, &(0x7f0000000200), 0xf000) sendfile(r0, r1, 0x0, 0xf03b0000) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700) 00:44:57 executing program 2: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x9, 0x0, 0x0, 0x0, 0x28}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x30, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty}}}}}}, 0x62) 00:44:57 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000200)='/dev/sg#\x00', 0x0, 0x163882) ioctl$SCSI_IOCTL_DOORLOCK(r0, 0x541b) 00:44:57 executing program 0: r0 = open(&(0x7f0000000040)='./file0\x00', 0x200c2, 0x0) write$binfmt_elf64(r0, &(0x7f00000004c0)=ANY=[@ANYBLOB="ed"], 0x1) [ 2868.343917][ C0] not chained 710000 origins [ 2868.348637][ C0] CPU: 0 PID: 571 Comm: kworker/u4:23 Not tainted 5.6.0-rc2-syzkaller #0 [ 2868.357119][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2868.367259][ C0] Workqueue: krdsd rds_connect_worker [ 2868.372719][ C0] Call Trace: [ 2868.376039][ C0] [ 2868.378901][ C0] dump_stack+0x1c9/0x220 [ 2868.383297][ C0] kmsan_internal_chain_origin+0x6f/0x130 [ 2868.389048][ C0] ? xfrm_lookup_route+0x2c1/0x370 [ 2868.394285][ C0] ? ip_route_output_flow+0x35a/0x3d0 [ 2868.399746][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2868.404939][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2868.410157][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2868.415984][ C0] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 2868.422149][ C0] ? tcp_select_initial_window+0x60d/0x6c0 [ 2868.428853][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2868.434493][ C0] __msan_chain_origin+0x50/0x90 [ 2868.440107][ C0] tcp_openreq_init_rwin+0xc22/0xc80 [ 2868.445438][ C0] tcp_conn_request+0x33d7/0x4d10 [ 2868.450775][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2868.456304][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2868.461726][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2868.466945][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2868.472101][ C0] ? inet6_sk_rx_dst_set+0x3d0/0x3d0 [ 2868.477644][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2868.483028][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2868.488330][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2868.494484][ C0] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 2868.500659][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2868.506062][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2868.510764][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2868.516568][ C0] ? tcp_filter+0xf0/0xf0 [ 2868.521214][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2868.528439][ C0] ip_local_deliver+0x62a/0x7c0 [ 2868.533316][ C0] ? ip_local_deliver+0x7c0/0x7c0 [ 2868.538361][ C0] ? ip_protocol_deliver_rcu+0xbc0/0xbc0 [ 2868.544129][ C0] ip_rcv+0x6cf/0x750 [ 2868.548134][ C0] ? ip_rcv_core+0x1270/0x1270 [ 2868.555239][ C0] ? ip_local_deliver_finish+0x350/0x350 [ 2868.560882][ C0] process_backlog+0xf0b/0x1410 [ 2868.566097][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2868.571322][ C0] ? ip_local_deliver_finish+0x350/0x350 [ 2868.577082][ C0] ? rps_trigger_softirq+0x2e0/0x2e0 [ 2868.582549][ C0] net_rx_action+0x786/0x1aa0 [ 2868.587310][ C0] ? net_tx_action+0xc30/0xc30 [ 2868.592191][ C0] __do_softirq+0x311/0x83d [ 2868.596698][ C0] do_softirq_own_stack+0x49/0x80 [ 2868.601823][ C0] [ 2868.604767][ C0] __local_bh_enable_ip+0x184/0x1d0 [ 2868.609960][ C0] local_bh_enable+0x36/0x40 [ 2868.614573][ C0] ip_finish_output2+0x2115/0x2610 [ 2868.619784][ C0] ? ctnetlink_net_exit_batch+0x180/0x180 [ 2868.625553][ C0] ? nf_ct_deliver_cached_events+0x403/0x6c0 [ 2868.631779][ C0] __ip_finish_output+0xaa7/0xd80 [ 2868.636842][ C0] ip_finish_output+0x166/0x410 [ 2868.641693][ C0] ip_output+0x593/0x680 [ 2868.645944][ C0] ? ip_mc_finish_output+0x6c0/0x6c0 [ 2868.651219][ C0] ? ip_finish_output+0x410/0x410 [ 2868.656386][ C0] __ip_queue_xmit+0x1b5c/0x21a0 [ 2868.661446][ C0] ? kmsan_set_origin_checked+0x95/0xf0 [ 2868.667016][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2868.672249][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2868.677450][ C0] ip_queue_xmit+0xcc/0xf0 [ 2868.681859][ C0] ? tcp_v4_fill_cb+0x580/0x580 [ 2868.686700][ C0] __tcp_transmit_skb+0x439c/0x6090 [ 2868.691905][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2868.697735][ C0] tcp_connect+0x4337/0x6920 [ 2868.702318][ C0] ? __msan_poison_alloca+0xf0/0x120 [ 2868.707600][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2868.712839][ C0] tcp_v4_connect+0x21fd/0x2370 [ 2868.717807][ C0] ? tcp_twsk_unique+0xba0/0xba0 [ 2868.722752][ C0] __inet_stream_connect+0x2fb/0x1340 [ 2868.728223][ C0] ? __local_bh_enable_ip+0x97/0x1d0 [ 2868.733557][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2868.738778][ C0] inet_stream_connect+0x101/0x180 [ 2868.744335][ C0] ? __inet_stream_connect+0x1340/0x1340 [ 2868.749971][ C0] rds_tcp_conn_path_connect+0x8a7/0xb80 [ 2868.757820][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2868.763188][ C0] ? rds_tcp_state_change+0x390/0x390 [ 2868.768563][ C0] rds_connect_worker+0x2a6/0x470 [ 2868.773598][ C0] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 2868.779659][ C0] ? rds_addr_cmp+0x200/0x200 [ 2868.785416][ C0] process_one_work+0x1555/0x1f40 [ 2868.790467][ C0] worker_thread+0xef6/0x2450 [ 2868.795184][ C0] kthread+0x4b5/0x4f0 [ 2868.799249][ C0] ? process_one_work+0x1f40/0x1f40 [ 2868.804461][ C0] ? kthread_blkcg+0xf0/0xf0 [ 2868.809054][ C0] ret_from_fork+0x35/0x40 [ 2868.813539][ C0] Uninit was stored to memory at: [ 2868.818691][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2868.824493][ C0] __msan_chain_origin+0x50/0x90 [ 2868.829527][ C0] tcp_conn_request+0x1781/0x4d10 [ 2868.834584][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2868.839700][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2868.844729][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2868.850274][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2868.854859][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2868.860835][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2868.866459][ C0] ip_local_deliver+0x62a/0x7c0 [ 2868.871303][ C0] ip_rcv+0x6cf/0x750 [ 2868.875280][ C0] process_backlog+0xf0b/0x1410 [ 2868.880198][ C0] net_rx_action+0x786/0x1aa0 [ 2868.884855][ C0] __do_softirq+0x311/0x83d [ 2868.889380][ C0] [ 2868.891706][ C0] Uninit was stored to memory at: [ 2868.896718][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2868.902447][ C0] __msan_chain_origin+0x50/0x90 [ 2868.907391][ C0] tcp_openreq_init_rwin+0xc22/0xc80 [ 2868.912666][ C0] tcp_conn_request+0x33d7/0x4d10 [ 2868.917676][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2868.922787][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2868.927795][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2868.933167][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2868.937743][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2868.942240][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2868.947689][ C0] ip_local_deliver+0x62a/0x7c0 [ 2868.952526][ C0] ip_rcv+0x6cf/0x750 [ 2868.956511][ C0] process_backlog+0xf0b/0x1410 [ 2868.961378][ C0] net_rx_action+0x786/0x1aa0 [ 2868.966039][ C0] __do_softirq+0x311/0x83d [ 2868.970516][ C0] [ 2868.972823][ C0] Uninit was stored to memory at: [ 2868.977832][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2868.983555][ C0] __msan_chain_origin+0x50/0x90 [ 2868.988476][ C0] tcp_conn_request+0x1781/0x4d10 [ 2868.993484][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2868.998599][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2869.003632][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2869.009074][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2869.013766][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2869.018264][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2869.023891][ C0] ip_local_deliver+0x62a/0x7c0 [ 2869.028732][ C0] ip_rcv+0x6cf/0x750 [ 2869.032802][ C0] process_backlog+0xf0b/0x1410 [ 2869.037675][ C0] net_rx_action+0x786/0x1aa0 [ 2869.042350][ C0] __do_softirq+0x311/0x83d [ 2869.046832][ C0] [ 2869.049158][ C0] Uninit was stored to memory at: [ 2869.054218][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2869.059954][ C0] __msan_chain_origin+0x50/0x90 [ 2869.064913][ C0] tcp_openreq_init_rwin+0xc22/0xc80 [ 2869.070262][ C0] tcp_conn_request+0x33d7/0x4d10 [ 2869.075367][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2869.080487][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2869.085571][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2869.090939][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2869.095593][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2869.100229][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2869.105692][ C0] ip_local_deliver+0x62a/0x7c0 [ 2869.111404][ C0] ip_rcv+0x6cf/0x750 [ 2869.115452][ C0] process_backlog+0xf0b/0x1410 [ 2869.120838][ C0] net_rx_action+0x786/0x1aa0 [ 2869.125515][ C0] __do_softirq+0x311/0x83d [ 2869.130006][ C0] [ 2869.132598][ C0] Uninit was stored to memory at: [ 2869.137707][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2869.143414][ C0] __msan_chain_origin+0x50/0x90 [ 2869.148464][ C0] tcp_conn_request+0x1781/0x4d10 [ 2869.153493][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2869.158922][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2869.163947][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2869.169444][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2869.174158][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2869.178656][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2869.184251][ C0] ip_local_deliver+0x62a/0x7c0 [ 2869.189192][ C0] ip_rcv+0x6cf/0x750 [ 2869.193167][ C0] process_backlog+0xf0b/0x1410 [ 2869.198296][ C0] net_rx_action+0x786/0x1aa0 [ 2869.202966][ C0] __do_softirq+0x311/0x83d [ 2869.207446][ C0] [ 2869.209761][ C0] Uninit was stored to memory at: [ 2869.214883][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2869.220711][ C0] __msan_chain_origin+0x50/0x90 [ 2869.225645][ C0] tcp_openreq_init_rwin+0xc22/0xc80 [ 2869.230922][ C0] tcp_conn_request+0x33d7/0x4d10 [ 2869.235939][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2869.241152][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2869.246174][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2869.251650][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2869.256448][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2869.260946][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2869.266498][ C0] ip_local_deliver+0x62a/0x7c0 [ 2869.271342][ C0] ip_rcv+0x6cf/0x750 [ 2869.275399][ C0] process_backlog+0xf0b/0x1410 [ 2869.280236][ C0] net_rx_action+0x786/0x1aa0 [ 2869.285074][ C0] __do_softirq+0x311/0x83d [ 2869.289593][ C0] [ 2869.292069][ C0] Uninit was stored to memory at: [ 2869.297098][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2869.302813][ C0] __msan_chain_origin+0x50/0x90 [ 2869.307757][ C0] tcp_conn_request+0x1781/0x4d10 [ 2869.312779][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2869.318418][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2869.323571][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2869.328999][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2869.333577][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2869.338085][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2869.343753][ C0] ip_local_deliver+0x62a/0x7c0 [ 2869.348690][ C0] ip_rcv+0x6cf/0x750 [ 2869.352716][ C0] process_backlog+0xf0b/0x1410 [ 2869.357567][ C0] net_rx_action+0x786/0x1aa0 [ 2869.362257][ C0] __do_softirq+0x311/0x83d [ 2869.366780][ C0] [ 2869.369096][ C0] Uninit was created at: [ 2869.373941][ C0] kmsan_save_stack_with_flags+0x3c/0x90 [ 2869.379624][ C0] kmsan_alloc_page+0x12a/0x310 [ 2869.384472][ C0] __alloc_pages_nodemask+0x5712/0x5e80 [ 2869.390016][ C0] alloc_pages_current+0x67d/0x990 [ 2869.395456][ C0] alloc_slab_page+0x111/0x12f0 [ 2869.400301][ C0] new_slab+0x2bc/0x1130 [ 2869.404538][ C0] ___slab_alloc+0x1533/0x1f30 [ 2869.409297][ C0] kmem_cache_alloc+0xb23/0xd70 [ 2869.414169][ C0] inet_reqsk_alloc+0xac/0x830 [ 2869.419270][ C0] tcp_conn_request+0x753/0x4d10 [ 2869.424220][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2869.429331][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2869.434803][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2869.439378][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2869.443882][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2869.449322][ C0] ip_local_deliver+0x62a/0x7c0 [ 2869.454178][ C0] ip_sublist_rcv+0x11fa/0x13c0 [ 2869.459011][ C0] ip_list_rcv+0x8eb/0x950 [ 2869.463413][ C0] __netif_receive_skb_list_core+0x1311/0x1380 [ 2869.469566][ C0] netif_receive_skb_list_internal+0xf62/0x1620 [ 2869.476574][ C0] napi_complete_done+0x2ef/0xb60 [ 2869.481757][ C0] virtqueue_napi_complete+0xb9/0x1f0 [ 2869.487816][ C0] virtnet_poll+0x1468/0x19f0 [ 2869.492490][ C0] net_rx_action+0x786/0x1aa0 [ 2869.497167][ C0] __do_softirq+0x311/0x83d 00:45:03 executing program 3: r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f0000000000)="2600000013003ff1eb14c1f8030322ff001000e3130000000939036800000000060003000a4b", 0x26) 00:45:03 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000200)='/dev/sg#\x00', 0x0, 0x163882) ioctl$SCSI_IOCTL_DOORLOCK(r0, 0x541b) 00:45:03 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x2a9, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="000000000000000028001200090001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="0000b20000100000"], 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000004007a2a30005000000", @ANYRES32=r4, @ANYBLOB="00000000ffffffff000000000900010068667363000000000800020000000000"], 0x38}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=@newtfilter={0x64, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {}, {0x2}}, [@filter_kind_options=@f_rsvp={{0x9, 0x1, 'rsvp\x00'}, {0x34, 0x2, [@TCA_RSVP_DST={0x8, 0x2, @remote}, @TCA_RSVP_CLASSID={0x8, 0x1, {0x0, 0x3}}, @TCA_RSVP_PINFO={0x20, 0x4, {{}, {}, 0x0, 0x0, 0x1f}}]}}]}, 0x64}}, 0x0) 00:45:03 executing program 1: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) socket(0x10, 0x0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700) pwrite64(r2, &(0x7f0000000600)="4ebefa1e923f1e018b6e53bf4815b78e1f2ef9212b93090c1ff6b35c208d50aef3fd759f995b53dd37c58cf8332b8a6b66575478e02ef0145bf122ba2e2c53a7ec45e375683475a6495f8d7b7a088f5e32dc266569074319bf8c8d3d8007cc92e2ba0d9082c41b63e330f353a3f675a98d2e74a08e38400f7f5eb113a0e25fd90115d57a7acdcab1128cf4f9c719f3f29d460c507f8a2a6594d259217d32eae9be93c6ed17a67ae2e7e689a31fa8449da12fd62bf423cff702b09e6ee1ff0e698b8bb517819eb712ba2b34b54b28b79d9399d920d5a5507e8a85f37060dfe3051f06f8d7cc9b068495ee5d5fcce85410bcd9f91d1f198353ce94b2e03370e43875c1a035bb88fd26fbb5b1252e2056d6b67e2b2f424051a40ad9170e76a81a6ca4f149ff643db76f8f2c1aa8024a6279952027489bbad6479e47ea5ba9e47d8136df398665f6cdfd15e93cfbf2ce1151afe9321ed63fe7100e704b232646fc1e0e936b90cceaaa70225ce71640e10316d2cc637355eddb3c4e16ff1635fa4e65a66eb5ab2cbf9d6f063e05f0e46fcc14bf31eedfb9f33c215fc14946cc6f7493924442e939f71ac4bd3e35e78857f9624c663f3669a47a7146e3249ee3eaaf681f371d515af5b934f9252c7ac2a164bf318fc2b194ee087b2b28ed5e4618c0906fc3f32c43a3b9e08a2e0d509f65a7de909e8c3c535f1d8cb9c236716e5ad709", 0x200, 0x1200) write$cgroup_int(r0, &(0x7f0000000200), 0xf000) sendfile(r0, r1, 0x0, 0xf03b0000) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700) 00:45:03 executing program 5: r0 = memfd_create(&(0x7f0000000100)='#\'%nodev\x00', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x4, 0x11, r0, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) getsockopt$inet6_int(r1, 0x29, 0x7, 0x0, &(0x7f00000002c0)) 00:45:03 executing program 2: r0 = socket(0x10, 0x80002, 0x0) sendmmsg$alg(r0, &(0x7f0000001d00)=[{0x0, 0x0, &(0x7f0000000b80)=[{&(0x7f0000000380)="66c4656f0df89a36ec4a6d189c186785", 0x10}], 0x1, &(0x7f0000000c00)=[@iv={0x10}], 0x10}], 0x1, 0x0) [ 2869.778075][ T7935] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=63501 sclass=netlink_route_socket pid=7935 comm=syz-executor.2 00:45:04 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000200)='/dev/sg#\x00', 0x0, 0x163882) ioctl$SCSI_IOCTL_DOORLOCK(r0, 0x541b) 00:45:04 executing program 1: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) socket(0x10, 0x0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700) pwrite64(r2, &(0x7f0000000600)="4ebefa1e923f1e018b6e53bf4815b78e1f2ef9212b93090c1ff6b35c208d50aef3fd759f995b53dd37c58cf8332b8a6b66575478e02ef0145bf122ba2e2c53a7ec45e375683475a6495f8d7b7a088f5e32dc266569074319bf8c8d3d8007cc92e2ba0d9082c41b63e330f353a3f675a98d2e74a08e38400f7f5eb113a0e25fd90115d57a7acdcab1128cf4f9c719f3f29d460c507f8a2a6594d259217d32eae9be93c6ed17a67ae2e7e689a31fa8449da12fd62bf423cff702b09e6ee1ff0e698b8bb517819eb712ba2b34b54b28b79d9399d920d5a5507e8a85f37060dfe3051f06f8d7cc9b068495ee5d5fcce85410bcd9f91d1f198353ce94b2e03370e43875c1a035bb88fd26fbb5b1252e2056d6b67e2b2f424051a40ad9170e76a81a6ca4f149ff643db76f8f2c1aa8024a6279952027489bbad6479e47ea5ba9e47d8136df398665f6cdfd15e93cfbf2ce1151afe9321ed63fe7100e704b232646fc1e0e936b90cceaaa70225ce71640e10316d2cc637355eddb3c4e16ff1635fa4e65a66eb5ab2cbf9d6f063e05f0e46fcc14bf31eedfb9f33c215fc14946cc6f7493924442e939f71ac4bd3e35e78857f9624c663f3669a47a7146e3249ee3eaaf681f371d515af5b934f9252c7ac2a164bf318fc2b194ee087b2b28ed5e4618c0906fc3f32c43a3b9e08a2e0d509f65a7de909e8c3c535f1d8cb9c236716e5ad709", 0x200, 0x1200) write$cgroup_int(r0, &(0x7f0000000200), 0xf000) sendfile(r0, r1, 0x0, 0xf03b0000) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700) 00:45:04 executing program 2: socket$kcm(0x21, 0x0, 0x2) 00:45:04 executing program 0: r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f00000017c0), 0x4) 00:45:04 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000200)='/dev/sg#\x00', 0x0, 0x163882) ioctl$SCSI_IOCTL_DOORLOCK(r0, 0x541b) 00:45:04 executing program 2: r0 = socket(0x10, 0x800000000080002, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000540)="5500000018007f5f00fe01b2a4a280930206000100000001020b000039000900350028001400000019000540000000000022de1338d54400009b84136ef75afb83de4411001600c43ab822", 0x4b}], 0x1}, 0x0) sendmmsg$alg(r0, &(0x7f0000000140)=[{0x0, 0xd2efff7f00000000, &(0x7f0000000100), 0xa, &(0x7f0000000100)}], 0x492492492492805, 0x0) 00:45:10 executing program 3: socket$inet6_tcp(0xa, 0x1, 0x0) getpid() recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3}, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x3, &(0x7f00000009c0)=ANY=[@ANYBLOB="85000000130000005d0000000000000095000000000000000a621cf434b9dbafdc0a00e9bfde51afe9c81a9cf05725caf1cae63487ff7f0000cde5c019d3527812ae6908080096e2c43f6b8fd41b7e7666adb44650732b48587e84f8347a1b5efd079137038277beb5e0615c40dbb7005fbd189981feb0a514c168646ea716bb5b9407000000808f25bfc91c15d7dc2adcdefba065af283792104d6280636df94a8942577d8953191eeb79379829652b10737d4e25a226d3be5c14007f4251e097d695df1cff25340af4fc990000099fff70b27c1c62e36832b81ec91dbee40cf630e64f8228bd07741c710ebde4bb17dc8f3259ec78e5b39535991b1428faf2010000fa398f65000052b259e4f8e2009937e0b2a312e45eb76f1b2c8fea54fb3726850310bd4d0355921c9c0c120d049000b3190974f06e53eb9e0000b172a4a281ced161c40784e62a8af72bb3fd2656551881b945861d8f3eb0a543de4c71e4f306767a7b542258becc9fa52a5d2c539b749491ce88e47b14f884df676eb8a8f4d844ff1e3c13e7f2dc788dd1d676edd7b9ba4acce58d9a820000000000000000004d908b0a35b6c489fed872aba046974e5bfe9a3fa79f1f2c061506d327e2a0c0ae630cde1706e9c9e8b314cc0db5d3d241294869c9a016793abde17243e391e2bd23b8e8916be2c8545cd1ec784a9657b9906de39fd5dc000b665ce473fea2e06749f13798cae1557fb845d0d73b2d46417648edf18944088597a7f69630d470ab289a4019aa07c6d9fe28283977275e"], &(0x7f0000000000)='GPL\x00', 0x5, 0x487, &(0x7f000000cf3d)=""/195}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r0, 0x0, 0x12, 0x0, &(0x7f0000000380)="263abd030e98ff4dc870bd6688a8640888a8", 0x0, 0x200}, 0x28) openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0) creat(0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) 00:45:10 executing program 1: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) socket(0x10, 0x0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700) pwrite64(r2, &(0x7f0000000600)="4ebefa1e923f1e018b6e53bf4815b78e1f2ef9212b93090c1ff6b35c208d50aef3fd759f995b53dd37c58cf8332b8a6b66575478e02ef0145bf122ba2e2c53a7ec45e375683475a6495f8d7b7a088f5e32dc266569074319bf8c8d3d8007cc92e2ba0d9082c41b63e330f353a3f675a98d2e74a08e38400f7f5eb113a0e25fd90115d57a7acdcab1128cf4f9c719f3f29d460c507f8a2a6594d259217d32eae9be93c6ed17a67ae2e7e689a31fa8449da12fd62bf423cff702b09e6ee1ff0e698b8bb517819eb712ba2b34b54b28b79d9399d920d5a5507e8a85f37060dfe3051f06f8d7cc9b068495ee5d5fcce85410bcd9f91d1f198353ce94b2e03370e43875c1a035bb88fd26fbb5b1252e2056d6b67e2b2f424051a40ad9170e76a81a6ca4f149ff643db76f8f2c1aa8024a6279952027489bbad6479e47ea5ba9e47d8136df398665f6cdfd15e93cfbf2ce1151afe9321ed63fe7100e704b232646fc1e0e936b90cceaaa70225ce71640e10316d2cc637355eddb3c4e16ff1635fa4e65a66eb5ab2cbf9d6f063e05f0e46fcc14bf31eedfb9f33c215fc14946cc6f7493924442e939f71ac4bd3e35e78857f9624c663f3669a47a7146e3249ee3eaaf681f371d515af5b934f9252c7ac2a164bf318fc2b194ee087b2b28ed5e4618c0906fc3f32c43a3b9e08a2e0d509f65a7de909e8c3c535f1d8cb9c236716e5ad709", 0x200, 0x1200) write$cgroup_int(r0, &(0x7f0000000200), 0xf000) sendfile(r0, r1, 0x0, 0xf03b0000) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700) 00:45:10 executing program 4: creat(&(0x7f0000000140)='./bus\x00', 0x0) r0 = open(&(0x7f00000004c0)='./bus\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0xc0506617, 0x0) 00:45:10 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0x374) setresuid(0x0, r2, 0x0) setsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, 0x0, 0x0) 00:45:10 executing program 5: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x83, &(0x7f0000001200)={'nat\x00', 0x0, 0x0, 0x90, [], 0x0, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 00:45:10 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @empty}}) write$tun(r0, &(0x7f0000000180)={@void, @val={0x0, 0x0, 0x2}, @mpls={[], @ipv4=@tcp={{0x6, 0x4, 0x0, 0x0, 0xfde5, 0x0, 0x0, 0x0, 0x88, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}, 0xfdef) 00:45:10 executing program 2: r0 = syz_open_dev$sndctrl(&(0x7f0000000000)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000080)={{0x0, 0x0, 0x0, 0x0, 'syz1\x00'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) 00:45:10 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f0000000180)='coredump_filter\x00') r1 = gettid() tkill(r1, 0x3c) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x10001ff) 00:45:11 executing program 0: r0 = socket$kcm(0x11, 0x200000000000002, 0x300) setsockopt$sock_attach_bpf(r0, 0x107, 0x2, &(0x7f00000000c0), 0x10) 00:45:11 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000ab9ff0)={0x2, &(0x7f000039a000)=[{0x20, 0x0, 0x0, 0xfffff004}, {0x6}]}, 0x10) 00:45:11 executing program 4: r0 = socket$inet6(0xa, 0x80002, 0x88) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev, 0x6}, 0x1c) sendmmsg(r0, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000002c0)="a9", 0x1}], 0x1}}], 0x2, 0xdc05) 00:45:11 executing program 2: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x2, 0x400000000000003, 0x0, 0x403, 0x13, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @ipv4={[0x300000000000000, 0x0, 0x0, 0x6000000, 0x0, 0x0, 0x6000000, 0x40030000000000]}}}, @sadb_address={0x5, 0x9, 0xfffffffd, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @empty={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x2]}, 0x2}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @mcast2}}]}, 0x98}}, 0x0) [ 2878.082230][ T8604] ebtables: wrong size: *len 264, entries_size 144, replsz 144 [ 2879.895065][ C0] not chained 720000 origins [ 2879.900236][ C0] CPU: 0 PID: 17642 Comm: kworker/u4:3 Not tainted 5.6.0-rc2-syzkaller #0 [ 2879.909246][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2879.920220][ C0] Workqueue: krdsd rds_connect_worker [ 2879.925884][ C0] Call Trace: [ 2879.929198][ C0] [ 2879.932330][ C0] dump_stack+0x1c9/0x220 [ 2879.937017][ C0] kmsan_internal_chain_origin+0x6f/0x130 [ 2879.942846][ C0] ? should_fail+0x72/0x9e0 [ 2879.947581][ C0] ? ret_from_fork+0x35/0x40 [ 2879.952791][ C0] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 2879.959100][ C0] ? arch_stack_walk+0x34c/0x3e0 [ 2879.964642][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2879.969957][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2879.975409][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2879.981683][ C0] ? kmsan_get_metadata+0x4f/0x180 [ 2879.987752][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2879.994140][ C0] ? __msan_metadata_ptr_for_store_2+0x13/0x20 [ 2880.001338][ C0] ? tcp_parse_options+0x1ada/0x1b90 [ 2880.007337][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2880.013068][ C0] __msan_chain_origin+0x50/0x90 [ 2880.018446][ C0] tcp_conn_request+0x1781/0x4d10 [ 2880.023894][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2880.029098][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2880.034671][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2880.040934][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2880.046164][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2880.052009][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2880.057540][ C0] ? inet6_sk_rx_dst_set+0x3d0/0x3d0 [ 2880.063381][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2880.068924][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2880.074465][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2880.080670][ C0] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 2880.086921][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2880.092270][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2880.096982][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2880.101576][ C0] ? tcp_filter+0xf0/0xf0 [ 2880.106297][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2880.111869][ C0] ip_local_deliver+0x62a/0x7c0 [ 2880.117212][ C0] ? ip_local_deliver+0x7c0/0x7c0 [ 2880.122446][ C0] ? ip_protocol_deliver_rcu+0xbc0/0xbc0 [ 2880.128471][ C0] ip_rcv+0x6cf/0x750 [ 2880.133336][ C0] ? ip_rcv_core+0x1270/0x1270 [ 2880.138794][ C0] ? ip_local_deliver_finish+0x350/0x350 [ 2880.145309][ C0] process_backlog+0xf0b/0x1410 [ 2880.150303][ C0] ? ip_local_deliver_finish+0x350/0x350 [ 2880.156504][ C0] ? rps_trigger_softirq+0x2e0/0x2e0 [ 2880.162804][ C0] net_rx_action+0x786/0x1aa0 [ 2880.167549][ C0] ? net_tx_action+0xc30/0xc30 [ 2880.173011][ C0] __do_softirq+0x311/0x83d [ 2880.177897][ C0] do_softirq_own_stack+0x49/0x80 [ 2880.183187][ C0] [ 2880.186160][ C0] __local_bh_enable_ip+0x184/0x1d0 [ 2880.191504][ C0] local_bh_enable+0x36/0x40 [ 2880.197045][ C0] ip_finish_output2+0x2115/0x2610 [ 2880.202436][ C0] ? ctnetlink_net_exit_batch+0x180/0x180 [ 2880.208196][ C0] ? nf_ct_deliver_cached_events+0x403/0x6c0 [ 2880.214298][ C0] __ip_finish_output+0xaa7/0xd80 [ 2880.219659][ C0] ip_finish_output+0x166/0x410 [ 2880.224720][ C0] ip_output+0x593/0x680 [ 2880.229848][ C0] ? ip_mc_finish_output+0x6c0/0x6c0 [ 2880.235566][ C0] ? ip_finish_output+0x410/0x410 [ 2880.240939][ C0] __ip_queue_xmit+0x1b5c/0x21a0 [ 2880.246245][ C0] ? kmsan_set_origin_checked+0x95/0xf0 [ 2880.253423][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2880.260718][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2880.266667][ C0] ip_queue_xmit+0xcc/0xf0 [ 2880.272810][ C0] ? tcp_v4_fill_cb+0x580/0x580 [ 2880.277819][ C0] __tcp_transmit_skb+0x439c/0x6090 [ 2880.283280][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2880.289457][ C0] tcp_connect+0x4337/0x6920 [ 2880.294179][ C0] ? __msan_poison_alloca+0xf0/0x120 [ 2880.299471][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2880.304842][ C0] tcp_v4_connect+0x21fd/0x2370 [ 2880.309742][ C0] ? tcp_twsk_unique+0xba0/0xba0 [ 2880.314701][ C0] __inet_stream_connect+0x2fb/0x1340 [ 2880.320866][ C0] ? __local_bh_enable_ip+0x97/0x1d0 [ 2880.326550][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2880.331929][ C0] inet_stream_connect+0x101/0x180 [ 2880.337229][ C0] ? __inet_stream_connect+0x1340/0x1340 [ 2880.343160][ C0] rds_tcp_conn_path_connect+0x8a7/0xb80 [ 2880.348847][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2880.354520][ C0] ? rds_tcp_state_change+0x390/0x390 [ 2880.359996][ C0] rds_connect_worker+0x2a6/0x470 [ 2880.365216][ C0] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 2880.371639][ C0] ? rds_addr_cmp+0x200/0x200 [ 2880.376502][ C0] process_one_work+0x1555/0x1f40 [ 2880.382117][ C0] worker_thread+0xef6/0x2450 [ 2880.387023][ C0] kthread+0x4b5/0x4f0 [ 2880.392019][ C0] ? process_one_work+0x1f40/0x1f40 [ 2880.397502][ C0] ? kthread_blkcg+0xf0/0xf0 [ 2880.402479][ C0] ret_from_fork+0x35/0x40 [ 2880.407471][ C0] Uninit was stored to memory at: [ 2880.412974][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2880.419254][ C0] __msan_chain_origin+0x50/0x90 [ 2880.425055][ C0] tcp_conn_request+0x1781/0x4d10 [ 2880.430413][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2880.436931][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2880.443011][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2880.449310][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2880.455000][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2880.461446][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2880.468481][ C0] ip_local_deliver+0x62a/0x7c0 [ 2880.473723][ C0] ip_rcv+0x6cf/0x750 [ 2880.478062][ C0] process_backlog+0xf0b/0x1410 [ 2880.482930][ C0] net_rx_action+0x786/0x1aa0 [ 2880.487948][ C0] __do_softirq+0x311/0x83d [ 2880.492513][ C0] [ 2880.495025][ C0] Uninit was stored to memory at: [ 2880.500075][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2880.506027][ C0] __msan_chain_origin+0x50/0x90 [ 2880.511677][ C0] tcp_openreq_init_rwin+0xc22/0xc80 [ 2880.518060][ C0] tcp_conn_request+0x33d7/0x4d10 [ 2880.524139][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2880.529755][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2880.534893][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2880.540966][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2880.545699][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2880.550211][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2880.556146][ C0] ip_local_deliver+0x62a/0x7c0 [ 2880.561477][ C0] ip_rcv+0x6cf/0x750 [ 2880.565553][ C0] process_backlog+0xf0b/0x1410 [ 2880.570844][ C0] net_rx_action+0x786/0x1aa0 [ 2880.575940][ C0] __do_softirq+0x311/0x83d [ 2880.580553][ C0] [ 2880.583186][ C0] Uninit was stored to memory at: [ 2880.588835][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2880.595488][ C0] __msan_chain_origin+0x50/0x90 [ 2880.600723][ C0] tcp_conn_request+0x1781/0x4d10 [ 2880.606291][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2880.612666][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2880.618012][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2880.623601][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2880.630633][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2880.635527][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2880.641477][ C0] ip_local_deliver+0x62a/0x7c0 [ 2880.646328][ C0] ip_rcv+0x6cf/0x750 [ 2880.650407][ C0] process_backlog+0xf0b/0x1410 [ 2880.655534][ C0] net_rx_action+0x786/0x1aa0 [ 2880.660341][ C0] __do_softirq+0x311/0x83d [ 2880.665257][ C0] [ 2880.667961][ C0] Uninit was stored to memory at: [ 2880.673628][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2880.679728][ C0] __msan_chain_origin+0x50/0x90 [ 2880.684994][ C0] tcp_openreq_init_rwin+0xc22/0xc80 [ 2880.690857][ C0] tcp_conn_request+0x33d7/0x4d10 [ 2880.696467][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2880.702119][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2880.709229][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2880.714637][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2880.719278][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2880.724231][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2880.730399][ C0] ip_local_deliver+0x62a/0x7c0 [ 2880.735851][ C0] ip_rcv+0x6cf/0x750 [ 2880.741190][ C0] process_backlog+0xf0b/0x1410 [ 2880.746245][ C0] net_rx_action+0x786/0x1aa0 [ 2880.752283][ C0] __do_softirq+0x311/0x83d [ 2880.758477][ C0] [ 2880.761166][ C0] Uninit was stored to memory at: [ 2880.766855][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2880.773343][ C0] __msan_chain_origin+0x50/0x90 [ 2880.778752][ C0] tcp_conn_request+0x1781/0x4d10 [ 2880.784212][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2880.789685][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2880.794752][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2880.800151][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2880.805068][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2880.809586][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2880.815299][ C0] ip_local_deliver+0x62a/0x7c0 [ 2880.820386][ C0] ip_rcv+0x6cf/0x750 [ 2880.824872][ C0] process_backlog+0xf0b/0x1410 [ 2880.830054][ C0] net_rx_action+0x786/0x1aa0 [ 2880.835395][ C0] __do_softirq+0x311/0x83d [ 2880.840159][ C0] [ 2880.842827][ C0] Uninit was stored to memory at: [ 2880.848153][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2880.854388][ C0] __msan_chain_origin+0x50/0x90 [ 2880.859444][ C0] tcp_openreq_init_rwin+0xc22/0xc80 [ 2880.864976][ C0] tcp_conn_request+0x33d7/0x4d10 [ 2880.870576][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2880.875917][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2880.881871][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2880.887442][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2880.892065][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2880.896618][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2880.902722][ C0] ip_local_deliver+0x62a/0x7c0 [ 2880.907847][ C0] ip_rcv+0x6cf/0x750 [ 2880.912304][ C0] process_backlog+0xf0b/0x1410 [ 2880.917462][ C0] net_rx_action+0x786/0x1aa0 [ 2880.922383][ C0] __do_softirq+0x311/0x83d [ 2880.927366][ C0] [ 2880.929700][ C0] Uninit was stored to memory at: [ 2880.935544][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2880.941285][ C0] __msan_chain_origin+0x50/0x90 [ 2880.946716][ C0] tcp_conn_request+0x1781/0x4d10 [ 2880.952186][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2880.957513][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2880.962918][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2880.968737][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2880.973482][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2880.978343][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2880.984669][ C0] ip_local_deliver+0x62a/0x7c0 [ 2880.990047][ C0] ip_rcv+0x6cf/0x750 [ 2880.994560][ C0] process_backlog+0xf0b/0x1410 [ 2880.999653][ C0] net_rx_action+0x786/0x1aa0 [ 2881.005254][ C0] __do_softirq+0x311/0x83d [ 2881.010302][ C0] [ 2881.012659][ C0] Uninit was created at: [ 2881.016921][ C0] kmsan_save_stack_with_flags+0x3c/0x90 [ 2881.022945][ C0] kmsan_alloc_page+0x12a/0x310 [ 2881.028000][ C0] __alloc_pages_nodemask+0x5712/0x5e80 [ 2881.033932][ C0] alloc_pages_current+0x67d/0x990 [ 2881.039055][ C0] alloc_slab_page+0x111/0x12f0 [ 2881.044001][ C0] new_slab+0x2bc/0x1130 [ 2881.049182][ C0] ___slab_alloc+0x1533/0x1f30 [ 2881.054517][ C0] kmem_cache_alloc+0xb23/0xd70 [ 2881.059385][ C0] inet_reqsk_alloc+0xac/0x830 [ 2881.064876][ C0] tcp_conn_request+0x753/0x4d10 [ 2881.070365][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2881.076244][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2881.081793][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2881.086578][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2881.091955][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2881.097791][ C0] ip_local_deliver+0x62a/0x7c0 [ 2881.103417][ C0] ip_sublist_rcv+0x11fa/0x13c0 [ 2881.108667][ C0] ip_list_rcv+0x8eb/0x950 [ 2881.113212][ C0] __netif_receive_skb_list_core+0x1311/0x1380 [ 2881.119650][ C0] netif_receive_skb_list_internal+0xf62/0x1620 [ 2881.126021][ C0] napi_complete_done+0x2ef/0xb60 [ 2881.131689][ C0] virtqueue_napi_complete+0xb9/0x1f0 [ 2881.137476][ C0] virtnet_poll+0x1468/0x19f0 [ 2881.142733][ C0] net_rx_action+0x786/0x1aa0 [ 2881.147904][ C0] __do_softirq+0x311/0x83d 00:45:18 executing program 3: socket$inet6_tcp(0xa, 0x1, 0x0) getpid() recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3}, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x3, &(0x7f00000009c0)=ANY=[@ANYBLOB="85000000130000005d0000000000000095000000000000000a621cf434b9dbafdc0a00e9bfde51afe9c81a9cf05725caf1cae63487ff7f0000cde5c019d3527812ae6908080096e2c43f6b8fd41b7e7666adb44650732b48587e84f8347a1b5efd079137038277beb5e0615c40dbb7005fbd189981feb0a514c168646ea716bb5b9407000000808f25bfc91c15d7dc2adcdefba065af283792104d6280636df94a8942577d8953191eeb79379829652b10737d4e25a226d3be5c14007f4251e097d695df1cff25340af4fc990000099fff70b27c1c62e36832b81ec91dbee40cf630e64f8228bd07741c710ebde4bb17dc8f3259ec78e5b39535991b1428faf2010000fa398f65000052b259e4f8e2009937e0b2a312e45eb76f1b2c8fea54fb3726850310bd4d0355921c9c0c120d049000b3190974f06e53eb9e0000b172a4a281ced161c40784e62a8af72bb3fd2656551881b945861d8f3eb0a543de4c71e4f306767a7b542258becc9fa52a5d2c539b749491ce88e47b14f884df676eb8a8f4d844ff1e3c13e7f2dc788dd1d676edd7b9ba4acce58d9a820000000000000000004d908b0a35b6c489fed872aba046974e5bfe9a3fa79f1f2c061506d327e2a0c0ae630cde1706e9c9e8b314cc0db5d3d241294869c9a016793abde17243e391e2bd23b8e8916be2c8545cd1ec784a9657b9906de39fd5dc000b665ce473fea2e06749f13798cae1557fb845d0d73b2d46417648edf18944088597a7f69630d470ab289a4019aa07c6d9fe28283977275e"], &(0x7f0000000000)='GPL\x00', 0x5, 0x487, &(0x7f000000cf3d)=""/195}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r0, 0x0, 0x12, 0x0, &(0x7f0000000380)="263abd030e98ff4dc870bd6688a8640888a8", 0x0, 0x200}, 0x28) openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0) creat(0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) 00:45:18 executing program 0: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCADDRT(r0, 0x89eb, &(0x7f0000000200)={@remote={[], 0x1}, 0x0, 'bond0\x00'}) 00:45:18 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000ab9ff0)={0x2, &(0x7f000039a000)=[{0x20, 0x0, 0x0, 0xfffff004}, {0x6}]}, 0x10) 00:45:18 executing program 4: r0 = socket$inet6(0xa, 0x80002, 0x88) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev, 0x6}, 0x1c) sendmmsg(r0, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000002c0)="a9", 0x1}], 0x1}}], 0x2, 0xdc05) 00:45:18 executing program 2: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x2, 0x400000000000003, 0x0, 0x403, 0x13, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @ipv4={[0x300000000000000, 0x0, 0x0, 0x6000000, 0x0, 0x0, 0x6000000, 0x40030000000000]}}}, @sadb_address={0x5, 0x9, 0xfffffffd, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @empty={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x2]}, 0x2}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @mcast2}}]}, 0x98}}, 0x0) 00:45:18 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x25, &(0x7f0000000000)=0x55, 0x61) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) sendto$inet6(r0, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000009, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) 00:45:18 executing program 4: r0 = socket$inet6(0xa, 0x80002, 0x88) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev, 0x6}, 0x1c) sendmmsg(r0, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000002c0)="a9", 0x1}], 0x1}}], 0x2, 0xdc05) 00:45:18 executing program 2: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x2, 0x400000000000003, 0x0, 0x403, 0x13, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @ipv4={[0x300000000000000, 0x0, 0x0, 0x6000000, 0x0, 0x0, 0x6000000, 0x40030000000000]}}}, @sadb_address={0x5, 0x9, 0xfffffffd, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @empty={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x2]}, 0x2}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @mcast2}}]}, 0x98}}, 0x0) 00:45:18 executing program 0: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000b80)='/dev/vga_arbiter\x00', 0x20a040, 0x0) recvfrom$netrom(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 00:45:18 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000ab9ff0)={0x2, &(0x7f000039a000)=[{0x20, 0x0, 0x0, 0xfffff004}, {0x6}]}, 0x10) 00:45:19 executing program 4: r0 = socket$inet6(0xa, 0x80002, 0x88) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev, 0x6}, 0x1c) sendmmsg(r0, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000002c0)="a9", 0x1}], 0x1}}], 0x2, 0xdc05) 00:45:19 executing program 2: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x2, 0x400000000000003, 0x0, 0x403, 0x13, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @ipv4={[0x300000000000000, 0x0, 0x0, 0x6000000, 0x0, 0x0, 0x6000000, 0x40030000000000]}}}, @sadb_address={0x5, 0x9, 0xfffffffd, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @empty={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x2]}, 0x2}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @mcast2}}]}, 0x98}}, 0x0) 00:45:24 executing program 3: socket$inet6_tcp(0xa, 0x1, 0x0) getpid() recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3}, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x3, &(0x7f00000009c0)=ANY=[@ANYBLOB="85000000130000005d0000000000000095000000000000000a621cf434b9dbafdc0a00e9bfde51afe9c81a9cf05725caf1cae63487ff7f0000cde5c019d3527812ae6908080096e2c43f6b8fd41b7e7666adb44650732b48587e84f8347a1b5efd079137038277beb5e0615c40dbb7005fbd189981feb0a514c168646ea716bb5b9407000000808f25bfc91c15d7dc2adcdefba065af283792104d6280636df94a8942577d8953191eeb79379829652b10737d4e25a226d3be5c14007f4251e097d695df1cff25340af4fc990000099fff70b27c1c62e36832b81ec91dbee40cf630e64f8228bd07741c710ebde4bb17dc8f3259ec78e5b39535991b1428faf2010000fa398f65000052b259e4f8e2009937e0b2a312e45eb76f1b2c8fea54fb3726850310bd4d0355921c9c0c120d049000b3190974f06e53eb9e0000b172a4a281ced161c40784e62a8af72bb3fd2656551881b945861d8f3eb0a543de4c71e4f306767a7b542258becc9fa52a5d2c539b749491ce88e47b14f884df676eb8a8f4d844ff1e3c13e7f2dc788dd1d676edd7b9ba4acce58d9a820000000000000000004d908b0a35b6c489fed872aba046974e5bfe9a3fa79f1f2c061506d327e2a0c0ae630cde1706e9c9e8b314cc0db5d3d241294869c9a016793abde17243e391e2bd23b8e8916be2c8545cd1ec784a9657b9906de39fd5dc000b665ce473fea2e06749f13798cae1557fb845d0d73b2d46417648edf18944088597a7f69630d470ab289a4019aa07c6d9fe28283977275e"], &(0x7f0000000000)='GPL\x00', 0x5, 0x487, &(0x7f000000cf3d)=""/195}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r0, 0x0, 0x12, 0x0, &(0x7f0000000380)="263abd030e98ff4dc870bd6688a8640888a8", 0x0, 0x200}, 0x28) openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0) creat(0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) 00:45:24 executing program 0: r0 = socket$inet(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000240)="24000000180007841dfffd946f610500020081001f03fe020400080008001e000400ff7e", 0x24}], 0x1}, 0x0) 00:45:24 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000ab9ff0)={0x2, &(0x7f000039a000)=[{0x20, 0x0, 0x0, 0xfffff004}, {0x6}]}, 0x10) 00:45:24 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x480100000001, 0x498) connect$inet6(r0, &(0x7f0000000080), 0x1c) r1 = memfd_create(&(0x7f0000000100)='\vem1\xc1\xf8\xa6\x8dN\xc0\xa3w\xe2\xcb\xa2\xba\xe5\xf4\x97\xac#*\xff', 0x0) write(r1, &(0x7f0000000040)="06", 0x1) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f85e) 00:45:24 executing program 4: r0 = openat$audio(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/audio\x00', 0x0, 0x0) ioctl$int_in(r0, 0x800000c0045006, &(0x7f0000000100)=0x80) read$eventfd(r0, &(0x7f0000000000), 0x8) 00:45:24 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x25, &(0x7f0000000000)=0x55, 0x61) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) sendto$inet6(r0, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000009, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) 00:45:24 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0xc0406619, 0x0) 00:45:24 executing program 1: creat(&(0x7f0000000040)='./bus\x00', 0x0) r0 = open(&(0x7f000000fffa)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x3800002, 0x12, r0, 0x0) mlock(&(0x7f0000006000/0x4000)=nil, 0x4000) mlock2(&(0x7f0000009000/0x2000)=nil, 0x2000, 0x1) 00:45:24 executing program 2: r0 = getpid() r1 = syz_open_dev$sndseq(&(0x7f0000000880)='/dev/snd/seq\x00', 0x0, 0x0) read(r1, &(0x7f0000000200)=""/18, 0x33c) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd, @time}) timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0)) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_STATUS(r1, 0xc0305302, &(0x7f0000000500)) timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) tkill(r0, 0x1000000000015) 00:45:24 executing program 4: io_setup(0x3, &(0x7f00000000c0)=0x0) r1 = memfd_create(&(0x7f0000000000)='sec]ritynodev:ppp1bdev\x00*\xd8\xect\t\xfa\xab0\x00Q\xef\xbe9\n \xc0\xcd\xcb&\x87\x06I=T5\xdf\x13a\xf2R\xdb.\x97T\x98\x06\x06z+\x06\x83\x8a\x96TGD\x03\xbb!AaR\xcf\xdbtW\xf6\xc4\xd0Q\"\xe0\xc1&\n\xbe\xe9X&\bbD\xe9\xbd]\v{W3Ru`\xc6\xa8\v\xfb\xd8\xf9\xbcG\xa6\xc6\x83PO\xd8\xbd*s;\x8eq\xdd', 0x4) io_submit(r0, 0xd8, &(0x7f0000000280)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0}]) [ 2890.769985][ T32] audit: type=1804 audit(1583541924.829:491): pid=9062 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir220426166/syzkaller.meuucw/1599/bus" dev="sda1" ino=16893 res=1 [ 2890.799591][ T32] audit: type=1804 audit(1583541924.829:492): pid=9062 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir220426166/syzkaller.meuucw/1599/bus" dev="sda1" ino=16893 res=1 00:45:24 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000002bc0)=ANY=[@ANYBLOB="540000006800ffff000000000000000000000000400001003c000100080001006e6174002c000280d28f62890000000000000000000000000000000000000000e0000001ac1414aa000000000000000004000600"], 0x54}}, 0x0) 00:45:25 executing program 2: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000ca6000)={&(0x7f00000000c0)={0x2, 0xf, 0x0, 0x0, 0x15, 0x0, 0x0, 0x0, [@sadb_x_policy={0x8, 0x12, 0x0, 0x3, 0x0, 0x0, 0x0, {0x6}}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @mcast1}}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}}}, @sadb_x_sec_ctx={0x1}]}, 0xa8}}, 0x0) [ 2890.997823][ T32] audit: type=1804 audit(1583541924.889:493): pid=9062 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir220426166/syzkaller.meuucw/1599/bus" dev="sda1" ino=16893 res=1 [ 2891.328344][ T9273] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 2892.404436][ C1] not chained 730000 origins [ 2892.409074][ C1] CPU: 1 PID: 17642 Comm: kworker/u4:3 Not tainted 5.6.0-rc2-syzkaller #0 [ 2892.417924][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2892.428161][ C1] Workqueue: krdsd rds_connect_worker [ 2892.433535][ C1] Call Trace: [ 2892.436808][ C1] [ 2892.439666][ C1] dump_stack+0x1c9/0x220 [ 2892.443995][ C1] kmsan_internal_chain_origin+0x6f/0x130 [ 2892.449728][ C1] ? xfrm_lookup_route+0x2c1/0x370 [ 2892.454870][ C1] ? ip_route_output_flow+0x35a/0x3d0 [ 2892.460260][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2892.465465][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2892.470692][ C1] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2892.476533][ C1] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 2892.482709][ C1] ? tcp_select_initial_window+0x60d/0x6c0 [ 2892.488879][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2892.494078][ C1] __msan_chain_origin+0x50/0x90 [ 2892.499148][ C1] tcp_openreq_init_rwin+0xc22/0xc80 [ 2892.504553][ C1] tcp_conn_request+0x33d7/0x4d10 [ 2892.509624][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2892.514836][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2892.520058][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2892.525177][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2892.530217][ C1] ? inet6_sk_rx_dst_set+0x3d0/0x3d0 [ 2892.535526][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2892.540895][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2892.546099][ C1] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2892.551908][ C1] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 2892.557969][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2892.563159][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2892.567886][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2892.572418][ C1] ? tcp_filter+0xf0/0xf0 [ 2892.576739][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2892.582207][ C1] ip_local_deliver+0x62a/0x7c0 [ 2892.587075][ C1] ? ip_local_deliver+0x7c0/0x7c0 [ 2892.592107][ C1] ? ip_protocol_deliver_rcu+0xbc0/0xbc0 [ 2892.597756][ C1] ip_rcv+0x6cf/0x750 [ 2892.601743][ C1] ? ip_rcv_core+0x1270/0x1270 [ 2892.606518][ C1] ? ip_local_deliver_finish+0x350/0x350 [ 2892.612167][ C1] process_backlog+0xf0b/0x1410 [ 2892.617025][ C1] ? ip_local_deliver_finish+0x350/0x350 [ 2892.622654][ C1] ? rps_trigger_softirq+0x2e0/0x2e0 [ 2892.627943][ C1] net_rx_action+0x786/0x1aa0 [ 2892.632637][ C1] ? net_tx_action+0xc30/0xc30 [ 2892.637406][ C1] __do_softirq+0x311/0x83d [ 2892.641904][ C1] do_softirq_own_stack+0x49/0x80 [ 2892.646924][ C1] [ 2892.649925][ C1] __local_bh_enable_ip+0x184/0x1d0 [ 2892.655650][ C1] local_bh_enable+0x36/0x40 [ 2892.660240][ C1] ip_finish_output2+0x2115/0x2610 [ 2892.665346][ C1] ? ctnetlink_net_exit_batch+0x180/0x180 [ 2892.671071][ C1] ? nf_ct_deliver_cached_events+0x403/0x6c0 [ 2892.677058][ C1] __ip_finish_output+0xaa7/0xd80 [ 2892.682098][ C1] ip_finish_output+0x166/0x410 [ 2892.686959][ C1] ip_output+0x593/0x680 [ 2892.691207][ C1] ? ip_mc_finish_output+0x6c0/0x6c0 [ 2892.696507][ C1] ? ip_finish_output+0x410/0x410 [ 2892.701534][ C1] __ip_queue_xmit+0x1b5c/0x21a0 [ 2892.706472][ C1] ? kmsan_set_origin_checked+0x95/0xf0 [ 2892.712023][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2892.717234][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2892.722422][ C1] ip_queue_xmit+0xcc/0xf0 [ 2892.726869][ C1] ? tcp_v4_fill_cb+0x580/0x580 [ 2892.731720][ C1] __tcp_transmit_skb+0x439c/0x6090 [ 2892.736912][ C1] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2892.742729][ C1] tcp_connect+0x4337/0x6920 [ 2892.747325][ C1] ? __msan_poison_alloca+0xf0/0x120 [ 2892.752608][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2892.757838][ C1] tcp_v4_connect+0x21fd/0x2370 [ 2892.762705][ C1] ? tcp_twsk_unique+0xba0/0xba0 [ 2892.767644][ C1] __inet_stream_connect+0x2fb/0x1340 [ 2892.773025][ C1] ? __local_bh_enable_ip+0x97/0x1d0 [ 2892.778316][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2892.783505][ C1] inet_stream_connect+0x101/0x180 [ 2892.788612][ C1] ? __inet_stream_connect+0x1340/0x1340 [ 2892.794385][ C1] rds_tcp_conn_path_connect+0x8a7/0xb80 [ 2892.800028][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2892.805246][ C1] ? rds_tcp_state_change+0x390/0x390 [ 2892.810627][ C1] rds_connect_worker+0x2a6/0x470 [ 2892.815658][ C1] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 2892.821736][ C1] ? rds_addr_cmp+0x200/0x200 [ 2892.826418][ C1] process_one_work+0x1555/0x1f40 [ 2892.831460][ C1] worker_thread+0xef6/0x2450 [ 2892.836141][ C1] kthread+0x4b5/0x4f0 [ 2892.840229][ C1] ? process_one_work+0x1f40/0x1f40 [ 2892.845452][ C1] ? kthread_blkcg+0xf0/0xf0 [ 2892.850059][ C1] ret_from_fork+0x35/0x40 [ 2892.854480][ C1] Uninit was stored to memory at: [ 2892.859521][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2892.865251][ C1] __msan_chain_origin+0x50/0x90 [ 2892.870197][ C1] tcp_conn_request+0x1781/0x4d10 [ 2892.875600][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2892.881583][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2892.886613][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2892.892001][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2892.896591][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2892.901102][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2892.906572][ C1] ip_local_deliver+0x62a/0x7c0 [ 2892.911467][ C1] ip_rcv+0x6cf/0x750 [ 2892.915487][ C1] process_backlog+0xf0b/0x1410 [ 2892.920494][ C1] net_rx_action+0x786/0x1aa0 [ 2892.925261][ C1] __do_softirq+0x311/0x83d [ 2892.929763][ C1] [ 2892.932098][ C1] Uninit was stored to memory at: [ 2892.937118][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2892.942943][ C1] __msan_chain_origin+0x50/0x90 [ 2892.947905][ C1] tcp_openreq_init_rwin+0xc22/0xc80 [ 2892.953452][ C1] tcp_conn_request+0x33d7/0x4d10 [ 2892.958471][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2892.963594][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2892.968630][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2892.973995][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2892.978677][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2892.983353][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2892.989129][ C1] ip_local_deliver+0x62a/0x7c0 [ 2892.994012][ C1] ip_rcv+0x6cf/0x750 [ 2892.998104][ C1] process_backlog+0xf0b/0x1410 [ 2893.004541][ C1] net_rx_action+0x786/0x1aa0 [ 2893.009252][ C1] __do_softirq+0x311/0x83d [ 2893.013819][ C1] [ 2893.016147][ C1] Uninit was stored to memory at: [ 2893.021216][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2893.026942][ C1] __msan_chain_origin+0x50/0x90 [ 2893.031887][ C1] tcp_conn_request+0x1781/0x4d10 [ 2893.036918][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2893.042040][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2893.047082][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2893.052457][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2893.057137][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2893.062167][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2893.067635][ C1] ip_local_deliver+0x62a/0x7c0 [ 2893.073129][ C1] ip_rcv+0x6cf/0x750 [ 2893.077129][ C1] process_backlog+0xf0b/0x1410 [ 2893.081968][ C1] net_rx_action+0x786/0x1aa0 [ 2893.086729][ C1] __do_softirq+0x311/0x83d [ 2893.091313][ C1] [ 2893.093742][ C1] Uninit was stored to memory at: [ 2893.098884][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2893.104730][ C1] __msan_chain_origin+0x50/0x90 [ 2893.109682][ C1] tcp_openreq_init_rwin+0xc22/0xc80 [ 2893.114978][ C1] tcp_conn_request+0x33d7/0x4d10 [ 2893.120449][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2893.125799][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2893.130827][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2893.137152][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2893.141920][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2893.146452][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2893.152012][ C1] ip_local_deliver+0x62a/0x7c0 [ 2893.156905][ C1] ip_rcv+0x6cf/0x750 [ 2893.160894][ C1] process_backlog+0xf0b/0x1410 [ 2893.165744][ C1] net_rx_action+0x786/0x1aa0 [ 2893.170447][ C1] __do_softirq+0x311/0x83d [ 2893.175058][ C1] [ 2893.177385][ C1] Uninit was stored to memory at: [ 2893.182470][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2893.188193][ C1] __msan_chain_origin+0x50/0x90 [ 2893.193371][ C1] tcp_conn_request+0x1781/0x4d10 [ 2893.198607][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2893.203703][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2893.208847][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2893.214239][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2893.219457][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2893.223958][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2893.229426][ C1] ip_local_deliver+0x62a/0x7c0 [ 2893.234270][ C1] ip_rcv+0x6cf/0x750 [ 2893.238260][ C1] process_backlog+0xf0b/0x1410 [ 2893.243096][ C1] net_rx_action+0x786/0x1aa0 [ 2893.247776][ C1] __do_softirq+0x311/0x83d [ 2893.252275][ C1] [ 2893.254587][ C1] Uninit was stored to memory at: [ 2893.259845][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2893.265568][ C1] __msan_chain_origin+0x50/0x90 [ 2893.270773][ C1] tcp_openreq_init_rwin+0xc22/0xc80 [ 2893.276299][ C1] tcp_conn_request+0x33d7/0x4d10 [ 2893.281466][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2893.286690][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2893.291722][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2893.297106][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2893.301900][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2893.306409][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2893.311880][ C1] ip_local_deliver+0x62a/0x7c0 [ 2893.316729][ C1] ip_rcv+0x6cf/0x750 [ 2893.320732][ C1] process_backlog+0xf0b/0x1410 [ 2893.325579][ C1] net_rx_action+0x786/0x1aa0 [ 2893.330251][ C1] __do_softirq+0x311/0x83d [ 2893.334737][ C1] [ 2893.337060][ C1] Uninit was stored to memory at: [ 2893.342101][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2893.347823][ C1] __msan_chain_origin+0x50/0x90 [ 2893.352824][ C1] tcp_conn_request+0x1781/0x4d10 [ 2893.357854][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2893.362968][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2893.368124][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2893.373483][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2893.378150][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2893.382785][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2893.388248][ C1] ip_local_deliver+0x62a/0x7c0 [ 2893.393273][ C1] ip_rcv+0x6cf/0x750 [ 2893.397260][ C1] process_backlog+0xf0b/0x1410 [ 2893.402268][ C1] net_rx_action+0x786/0x1aa0 [ 2893.406952][ C1] __do_softirq+0x311/0x83d [ 2893.411454][ C1] [ 2893.413788][ C1] Uninit was created at: [ 2893.418058][ C1] kmsan_save_stack_with_flags+0x3c/0x90 [ 2893.423679][ C1] kmsan_alloc_page+0x12a/0x310 [ 2893.428531][ C1] __alloc_pages_nodemask+0x5712/0x5e80 [ 2893.434081][ C1] alloc_pages_current+0x67d/0x990 [ 2893.439185][ C1] alloc_slab_page+0x111/0x12f0 [ 2893.444042][ C1] new_slab+0x2bc/0x1130 [ 2893.448286][ C1] ___slab_alloc+0x1533/0x1f30 [ 2893.453062][ C1] kmem_cache_alloc+0xb23/0xd70 [ 2893.457912][ C1] inet_reqsk_alloc+0xac/0x830 [ 2893.462684][ C1] tcp_conn_request+0x753/0x4d10 [ 2893.467636][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2893.472770][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2893.478133][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2893.482737][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2893.487247][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2893.492724][ C1] ip_local_deliver+0x62a/0x7c0 [ 2893.497561][ C1] ip_sublist_rcv+0x11fa/0x13c0 [ 2893.502417][ C1] ip_list_rcv+0x8eb/0x950 [ 2893.506846][ C1] __netif_receive_skb_list_core+0x1311/0x1380 [ 2893.513021][ C1] netif_receive_skb_list_internal+0xf62/0x1620 [ 2893.519258][ C1] napi_complete_done+0x2ef/0xb60 [ 2893.524282][ C1] virtqueue_napi_complete+0xb9/0x1f0 [ 2893.529758][ C1] virtnet_poll+0x1468/0x19f0 [ 2893.534432][ C1] net_rx_action+0x786/0x1aa0 [ 2893.539100][ C1] __do_softirq+0x311/0x83d 00:45:29 executing program 3: socket$inet6_tcp(0xa, 0x1, 0x0) getpid() recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3}, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x3, &(0x7f00000009c0)=ANY=[@ANYBLOB="85000000130000005d0000000000000095000000000000000a621cf434b9dbafdc0a00e9bfde51afe9c81a9cf05725caf1cae63487ff7f0000cde5c019d3527812ae6908080096e2c43f6b8fd41b7e7666adb44650732b48587e84f8347a1b5efd079137038277beb5e0615c40dbb7005fbd189981feb0a514c168646ea716bb5b9407000000808f25bfc91c15d7dc2adcdefba065af283792104d6280636df94a8942577d8953191eeb79379829652b10737d4e25a226d3be5c14007f4251e097d695df1cff25340af4fc990000099fff70b27c1c62e36832b81ec91dbee40cf630e64f8228bd07741c710ebde4bb17dc8f3259ec78e5b39535991b1428faf2010000fa398f65000052b259e4f8e2009937e0b2a312e45eb76f1b2c8fea54fb3726850310bd4d0355921c9c0c120d049000b3190974f06e53eb9e0000b172a4a281ced161c40784e62a8af72bb3fd2656551881b945861d8f3eb0a543de4c71e4f306767a7b542258becc9fa52a5d2c539b749491ce88e47b14f884df676eb8a8f4d844ff1e3c13e7f2dc788dd1d676edd7b9ba4acce58d9a820000000000000000004d908b0a35b6c489fed872aba046974e5bfe9a3fa79f1f2c061506d327e2a0c0ae630cde1706e9c9e8b314cc0db5d3d241294869c9a016793abde17243e391e2bd23b8e8916be2c8545cd1ec784a9657b9906de39fd5dc000b665ce473fea2e06749f13798cae1557fb845d0d73b2d46417648edf18944088597a7f69630d470ab289a4019aa07c6d9fe28283977275e"], &(0x7f0000000000)='GPL\x00', 0x5, 0x487, &(0x7f000000cf3d)=""/195}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r0, 0x0, 0x12, 0x0, &(0x7f0000000380)="263abd030e98ff4dc870bd6688a8640888a8", 0x0, 0x200}, 0x28) openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0) creat(0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) 00:45:29 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$team(&(0x7f0000000080)='team\x00') ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f00000000c0)={'team0\x00', 0x0}) sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000003ac0)={0x0, 0x0, &(0x7f0000003a80)={&(0x7f0000003240)={0x20, r1, 0x225, 0x0, 0x0, {0x2}, [{{0x8, 0x1, r2}, {0x4}}]}, 0x20}}, 0x0) 00:45:29 executing program 4: r0 = socket(0x40000000015, 0x805, 0x0) connect$inet6(r0, &(0x7f0000000380)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x6}, 0x1c) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0x11}, 0x6}, 0x1c) 00:45:29 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x25, &(0x7f0000000000)=0x55, 0x61) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) sendto$inet6(r0, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000009, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) 00:45:29 executing program 2: sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setresuid(0x0, 0x0, 0x0) clone3(0x0, 0x0) rt_sigqueueinfo(0x0, 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) ioctl$TUNSETOWNER(r0, 0x400454d0, r2) 00:45:29 executing program 0: sendmmsg$unix(0xffffffffffffffff, &(0x7f0000002980)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000c80)=[@cred={{0x1c}}], 0x20}], 0x1, 0x0) r0 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10) r1 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10) r2 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc, 0x0, 0x2}, 0x10) sendmmsg(r2, &(0x7f0000000a40), 0x8000000000000b0, 0x0) 00:45:29 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x800, 0x9}, 0x3c) bpf$MAP_LOOKUP_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080), &(0x7f0000000100), 0x4, r0}, 0x38) 00:45:29 executing program 1: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$sock_inet_SIOCSIFADDR(r2, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @multicast2}}) write$tun(r0, &(0x7f00000002c0)={@void, @val={0x0, 0x0, 0x20}, @mpls={[], @ipv4=@gre={{0x19, 0x4, 0x0, 0x0, 0xfc0, 0x0, 0x0, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @remote, {[@lsrr={0x83, 0x7, 0x0, [@rand_addr]}, @timestamp={0x44, 0x24, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @lsrr={0x83, 0xf, 0x0, [@broadcast, @loopback, @loopback]}, @timestamp_prespec={0x44, 0x14, 0x0, 0x3, 0x0, [{@initdev={0xac, 0x1e, 0x0, 0x0}}, {@initdev={0xac, 0x1e, 0x0, 0x0}}]}]}}, {{}, {}, {}, {}, {}, {0x8, 0x6558, 0x0, "a42bc69ff223d56a8f1c95c8706f4ea7b8f0e59f182ec7219ed5ca4601beddad3f609f27e441ee48a7e7549909586feef899987bc05d24c28a15f6d067f4171d81a90d1bc85df5e5e9ea5759ee2348db2bb6c5c90da50264ea3407e07eb39e86d68b3e93904a8a89a4e164cf0141a648e5ad1169a3f3c44e724f9dd5f5f254a722e64387a07af2c02bbe416377772ebf4a29b9a31102614364a8071124bdb15b4613a59fc1dc7c4fc0f322574da34fb9f4c77280f33692085a365ef462aba6b93e288d123bf74b55938243b0e494981de57778f6bbdd87683bb2c47921d125dc31c6137fb8517c22c3e823c87e82c5bd74244329b93e4eee871e64e7354dbf53a946e2d52702a2d225f3ffde6000dad055da44a7ea694ee80efe34dc3051941df071782e32714fa73056f56942a84de27c8c71a4f9295dbbd434b2ad5f94f0f773e2d7e1284a1deee3f95f576422320249abc2c330a97231af4051de66fcd8bc7bda97f73005033644fd94389e9428d1da88a02846c007353ec573ef46d25b3cba9e2403900594d43ca231ef70afe761c9fa0e2a69b47c3732d1b9adc07bde58b3266405044eae9bda1402dcbbd68150afe1bcb3799f34f6122e73d9232a7b99a78790b3f64220f539dc2302abb6f0fba56cacf887148075128da979af2a54dc4077b4b56f167c6f2fe310de9722eb8e66a36c62f79dee90abba44deef82f6d0173d904af4f2e59d8ceba70e42ec4f001dac3ec98afe0a4869387e3b8608dd872ac61aed833b39b55fb92632b59f5853ac31da10c528e971336ec28e8dea54d8fb45aaa6bd57f5628a2f5fed8fabfef31315b160b0f7a2ecde99fcbbe3b7fad62e0f4ab4e60513014e4408c14db4a491ad6079af26f826a10b0e4395f77b42683279b0856a3508af1c925f7d48b5c054d5521ae560b4c81fea337399e388cc680bd715d7875f996521892aa8d008560a0f78ef71aa06b299d0e2f481905a5c57dcee754cfe0329d9d777fe751bc9736046b8f134a6ba919244d7b118f5005e12e2e8f44c737ad5ac3453f120f0ddea9e06f91ac5b8d15ae01737f5349c487e32a10b432e3e74ecae84cd1192813e3bea9889bd848086fb3fd3eae00abae9a68e29aabe7ac0d5539ecaade963d01f25c3fea2bdd6ca0aa4756723334704da7c8919bfb09261414aac595736411052a7c9fc3f6e64e50b457d80ee17943b4efea839f6ebd86352c9c8e0de785dbbbe8850b072b7341e35ed210083213912e1d29503268fac2175a057f80177863e445dbef5a31da9aec7f0dde4ce40be1138ad3436ad3442307da2ab194a8ad8bb168b1613cd9a4580f99148a6736790a5a9c5d1e4a6702077ad3cf696641a9215b92c36e07c17bb0d0639679f4b67444777062dfe6bbb81393b8fcd3576c622c7dd61270cf0125e00f0b1077ded01b19ccf359dc46aff1e14676c34f51a14b00b1d992e135ebebccd736bffddf8a734bcfcd7e271293db4c7a07c341bf6ed8bc1aae44bfbd5a3468f414b662c7326988d24fc653ab3582ced467ad3587802cb69f069e22d8622a82f4fd2f5669e3526c30623be068d8a6356caa8d16828fd5a818a4f1c5478bf75d76e9b32005e1aff669945b217cb5f3a6f58eb4ddb26b6d7d96b347ec7dd3654d50ae6d4c5bb8f0570931c5903a04adb01a32a7a0d43bcd06a102cc149e70ee43ad26a814516056e90b6ecb9255e82814b93fbe08daf34b4454a3a72325e5697199d4f4805d9f9120d57215eaf900181f016b555faffc8affa08cbdb8018511c36015b7a01a90faaaa94456cfe22c89abd9a56d390a896d1b9f2d94416b4dca924c6003d17e99ca40b6875751c88abbdc0f74d4376db6dc2fe2f5c1e9b625de36e5833c10bcc0ee38c1fbcc633ef2217c064ee7fba1d94177577c3025f547911fd4727920b4dad9e13e8220bed71b4601d1cfe57c37830b664fef1bb48c4120aea51097bbc4832b743271878c713f2804b2b0c65dfe9c1ea1e8c5c4455d4a22a4513cd52700f6dbbb155f54e3e776f98961fb6402bfcfca057175c199972042fe64720aa6924d8f71f69b965b734c07137039b4a5fbd74c12c19069d2bdd92a0b739b5fb64afe8479517e03e99c10a770dbaf448497c5f37566b161602cd3ab049e1f39a243abedae8a83c0189b45b8199d9ad74c48b82cac036aa593a996749934fe3fc46f7393b7b7ec4beeb86d5535761bd97a1327cb25d379e55f23444b8c3f95eec8ede20b539045d5b8a57e4971ffd266937d2efd6c0ed47c8b7464d2307716c6b6cbbce30e6ab15876d5f728d796a7c1dad1ffeb8bbac163569ac2d82d4881bdc4f6aadedb33ce162e58578d9ab66862472a9d3f4612772144e6b5981c1969139d906824e0f1bf197f8ae018f71c0e726cb73dad7ab1b3722d460209fe869151ddf6122bfa77bd663a723d55afa8f1988d2667e5a826e860ede77aa97dfd2369ca879bcda5b72cb1d698b1802f9a28690211a86c1b2ca96a71bcf16df82f48eba03d981d0ca73c419b64ca93b53735c00dee00a28ea146986e997999554035af28acaf91281adefd0b7bc1bb3dc8f2f71ab7bac7e86b6f1f61c421eeff1a7aac2709b448a0a7f954ee6f3b535ce784f59ec578e1bbd05e0de74db731a987a782713477c9a6a065a45eb7fe00bbd5d45fc14038d8823c0f02b3c4a09975479a7930649c30920312233be1469ee7921cb92b7bc2dab1d0f5b7cc54369e732de2892f1818d60141eeea603708219e6b0154c566d1df8c6d21e51eb71c0ffd69952f2737811edc0cd26249388c13dbce7c0d895101887be98371e28b92dbfac040bd5d1051dc1819be74d21d1f7f5c2ec3716856a64db66b8b721f10bb55e16c6f5f79f8fd63817a719d51f8b68acff3934bab6ff79d9e7278d5e8bbb7c8f83741dc525b6d82991a37a21baaa08d099ef4ebab0fe8c262b874a1bad4a5dd2ec918b932094c2429666f48ab827b92ba9e5eff43fd0d39af52095981c20a3ff16c2137393aa3176c3fa076992cf5c0cf346ee3cb395123dd0145f94df53c8745aa15a8bf44d3f0906e87edcb2129d60f9121149c583fb2141bf86146702cd2ce8d80e5a70d77267af7b6ae5d3a9da88e559485f64e1574d4d5be7a5ec51938a8b521b8207249e04a3db5a8bb05efe396952b6ff127230cd9ad6038fd0c10b96c6d7c30f4343fdcbc4a0fa1ca4a193d82633297d7fa4fa7fe9f4af36b87b53b98b5425101c08b973f6584fafd0f29a271efeecc06b796681534ecaed353f2b50151556141bd9bf2054bd8b34816016761f9cfdf02ca4105b9817b259986442e7a3cf8bf7336cd9e798f7a4b3a7c64d56757322adaea756750d2c0d0f5ace063c1f38a0f2cdc1a09e0dba394ce4c65cf77273c3f1549ed31c8b2d80f0002c65b1104e387906ada893eac0e41751fa06a5048a120606a1ccc5bff8df9a1ed0018e08a4d582e4090d05a0d70e6d081d379ca53731fab1fef3306c8f59dec047c373025d815ca7e17bc253a8a0d225cd5c51e8d04f308595acc2c4940696d5b9f653b311e6bd48d67c51ffbd0ac1a43aaf84b7926a7acc70ee1bda1f1cbf5f0d88c5b74ec51afe0c050e9dd79bb2a73b953969a0a07b7e3a007f4514aa3b2090f271c070f160387d67274f79735e76f77de737d6eeec2433617eb88bdcb3edae20c37b2a71cef6496692f67f65d32a905a04d4dbe51161984740a0501996bf5d24631d6b6bc23c84e06d1d26012c9bc27b067554f357f2469a88c59b18c5086055df6c9038e8a72dc765c0064e3b9b09fcfea15e08e87893d3d41a35db9262aecdf3378f1e339ac9e3622bb38397c1d8fbab74f7981452b8a40325366f2b8eac1c4e5fb8aac5a5e275b62a73f9ecae1d53b7b9f19934f1b91f4bd6b33c7f25ee41b7f2425c447ec49eb3aa4370b8a8731af065c45bab4044f7bd1086d172c47266975dc6ecda523fd79d964505f06939956d1effad2afc565a5269847c87033ac6208c8522a8a01d3fa45b9fa05b9a1fc95bc4777003d3694a02fd5209441f818d43bffae5312f22fe261eb3a88055808746f6a4a7f173f0c94f86a5b51e4e7d4ae559f9ec021a1a0b3e99f0ffe989598442620a2bd63ca30633bce713376cc613911bcc680e30b267ef4651cf99261ed7747b6a80648db888607c725fe7a0ddf1a0ce2c553c55517a6ccbbfe88258af054267593ccddaf13ef08e39c3de65c8141be415ea65d5f356b2bd5f8353f1eaa48ec122a9fe6378fe01e3aa64fa1814ce6405f16aa0e29a4c090bbbcb8e7a2b934541044863e54a895dac89de8f89aa0222943a4640b54e4997941ff3d98ffc0f0ccf8fc19dd9456f442def24c5382cac98ca9f5c550b7718aefb0a56a254608caef1dbb6a73d4de004396236761590737c6daa34b9d94fba4abf0814ad7ecf0645d52975b2a21e3dd9463b73078ddd463f94bbbfa6fd78fe662622585c5ae3b6b485fa746b3d1a9a5053442b20797bcb44b3536b6453a3ca55ad30458a2feaad4b6709b88c4292301f7a2204bd4846e1529fed3977aef34a7edfe2458977fae2c57bb43eb7d49d921bbde456a7df7c1322aed21c7952bb5f5b1690665fa0e1cf896fd76cdcac707c1c4dd6248bb447ca101ffa0b512b2bddbe0731e5ff0315136fc30ddae233b66e673ee74d2d3c471fcbd46037e32cc8acb5112f20a0678555771a2c4f98f859516fcd044a8185ac4a6ec4795467804efc99b826dcd2e28ce3668a64d44d0e2bc3ef62378a7b9096187ef14d1f346cdc008a47a91adee93080d940c85674fdd00dcbd0907ad920e567640cc104c8f179bbd31e4b2cdc41234b653f42e5bbfd58cb67eaa3a95c9720044239a8a215887cbff6f0f39fc53f42d78fbb23563ecd9ea6c8a8b674650cbd2d6c464d3be8af40b84fd322a35a3ed08dd7f647dead677742d12395009406c2df3bbf68b658d2dfdb2b0bbccedf0164bf752cd9a9581d58ee1b422ac8d225b472eb56d8e59d8e135fc26d1c704ba98cbc467b9f5f9809b48b5a30671985ddf5b5e19c19493034ae233a26276aa6dd428a8625112d12d56ab93beed50d86687ba0398c0492248c4e0b0fcf50573c6c293b0c906d78b8df7e4fdf441c21f4e7b0f0e958f404b7e85a35cfaa2dc504a724db598339b0057ef639ad142538a488ec53151486080bc34768a2eac36a0ad52ff136f3cd5fdd0e60bee9c343106409eebc16059b97f1331606c6714045febc24cff51eef50e0626980f858266ab556b3bf453af0dd308e88e865d1bc64f33413020396bbffdd06ec1afe8a462a3138840f2193b5eedc2666de69f37cf25b78bd76653633d3f4736c302f6f36dd475bcda872c9973efcfce8ad9c4b88b5f7bcd2ffd9f40f65272fbf32d9e572dab9918bdf5b33b5170e8c53326b3d76f09180bfba3196dad01dcdc6c9e01f7ccf4a22f0643859418b7f"}}}}}, 0xfca) 00:45:30 executing program 0: r0 = socket$inet6(0xa, 0x5, 0x0) close(r0) openat$ipvs(0xffffffffffffff9c, &(0x7f0000000380)='/proc/sys/net/ipv4/vs/sync_refresh_period\x00', 0x2, 0x0) r1 = socket$inet6(0xa, 0x200000000003, 0x87) connect$inet6(r1, &(0x7f00000002c0)={0xa, 0x0, 0x5, @dev, 0x6}, 0x1c) sendmsg(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="b10b9386c473", 0x6}], 0x1}, 0x8000) sendmsg(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000000)="8582cfb6", 0x4}], 0x1}, 0x20004010) r2 = socket$inet6(0xa, 0x200000000003, 0x87) connect$inet6(r2, &(0x7f00000002c0)={0xa, 0x0, 0x0, @dev, 0x6}, 0x1c) sendmsg(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="b10b9386c473", 0x6}], 0x1}, 0x8000) sendmsg(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000000)="8582cfb6", 0x4}], 0x1}, 0x20004010) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r2, 0x84, 0x71, &(0x7f0000000100)={0x0, 0x8}, &(0x7f00000001c0)=0x8) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000280)={r3, 0x2}, 0x8) open(&(0x7f00000000c0)='./bus\x00', 0x800000141042, 0x0) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r4) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) creat(0x0, 0x0) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_config_ext={0x3, 0xed9a}, 0x10822, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x20000002, 0x8}, 0x0, 0xfffffffffffffffe, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000140)='/dev/sg#\x00', 0x0, 0x1c9200) ioctl$SG_GET_SG_TABLESIZE(0xffffffffffffffff, 0x227f, &(0x7f0000000180)) socketpair$unix(0x1, 0x0, 0x0, 0x0) r5 = syz_open_dev$loop(0x0, 0x0, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[]}, 0x1, 0x0, 0x0, 0x11}, 0x0) ioctl$FS_IOC_ENABLE_VERITY(0xffffffffffffffff, 0x40806685, 0x0) ioctl$BLKTRACESETUP(r5, 0xc0481273, &(0x7f0000000040)={[], 0x0, 0x9, 0x200}) ioctl$BLKTRACESTART(r5, 0x1274, 0x0) ioctl$BLKTRACESTOP(r5, 0x1275, 0x0) ioctl$BLKTRACETEARDOWN(r5, 0x1276, 0x0) 00:45:30 executing program 2: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000240)) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x0, 0x800002172, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000000000/0x9000)=nil, 0x9000, 0x1000, 0x3, &(0x7f0000ffd000/0x1000)=nil) clone(0x1918ffd, 0x0, &(0x7f0000000040), 0x0, 0x0) 00:45:30 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x800, 0x9}, 0x3c) bpf$MAP_LOOKUP_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080), &(0x7f0000000100), 0x4, r0}, 0x38) 00:45:30 executing program 2: r0 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x0, 0x0, @loopback}], 0x1c) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000380)={0x0, 0x1c, "f22b0390479cbd06376096b50dc513fffd49cd4104019694a4f135a6"}, &(0x7f00000003c0)=0x24) 00:45:36 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x800, 0x9}, 0x3c) bpf$MAP_LOOKUP_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080), &(0x7f0000000100), 0x4, r0}, 0x38) 00:45:36 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000380)={&(0x7f0000000000), 0xc, &(0x7f0000000340)={&(0x7f0000000480)=ANY=[@ANYBLOB="840000001800010026bd7000fddbdf251d01000008000900", @ANYRES32, @ANYBLOB="15000100040000000001000002a37bc94dfa3a840200000008000900", @ANYRES32=0x0, @ANYBLOB='\b\x00\t\x00', @ANYRES32, @ANYBLOB="05000d000100000008000900", @ANYRES32, @ANYBLOB="15000200030000800503000049f9ccc374d009e50521ad00000000000000802072fa051fcc871303eea31b00000000000000ab50e884e70fd3eaaa3f03e38700"/74], 0x84}, 0x1, 0x0, 0x0, 0x8daf23e3e5f570c5}, 0x0) 00:45:36 executing program 2: r0 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x0, 0x0, @loopback}], 0x1c) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000380)={0x0, 0x1c, "f22b0390479cbd06376096b50dc513fffd49cd4104019694a4f135a6"}, &(0x7f00000003c0)=0x24) 00:45:36 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x25, &(0x7f0000000000)=0x55, 0x61) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) sendto$inet6(r0, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000009, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) 00:45:36 executing program 1: r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000200)="d800000018008100e00f80ecdb4cb9040a1d65ef0b007c06e87c55a1bc000900b8000699030000000700150005008178a8001600400001000000000003ac040000d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dee1d9d322fe04000000730d16a4683e4f6d0200003f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e04adcdf634c1f215ce3bb9ad809d5e1cace81ed0b7fece0b42a9ecbee5de6ccd40d96f69916862de21f2e402053e8ffd22b", 0xd8}], 0x1}, 0x0) 00:45:36 executing program 3: r0 = perf_event_open(&(0x7f000025c000)={0x400000001, 0x70, 0x2005, 0x0, 0x0, 0x0, 0x0, 0x1, 0xae759, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) sendto$inet(r2, 0x0, 0x0, 0x200047ff, &(0x7f0000000100)={0x2, 0x10004e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10) sendto$inet(r2, &(0x7f0000d7cfcb), 0xffffffffffffff67, 0x240, 0x0, 0xfffffffffffffe90) [ 2902.243169][ T9822] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. 00:45:36 executing program 1: r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000200)="d800000018008100e00f80ecdb4cb9040a1d65ef0b007c06e87c55a1bc000900b8000699030000000700150005008178a8001600400001000000000003ac040000d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dee1d9d322fe04000000730d16a4683e4f6d0200003f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e04adcdf634c1f215ce3bb9ad809d5e1cace81ed0b7fece0b42a9ecbee5de6ccd40d96f69916862de21f2e402053e8ffd22b", 0xd8}], 0x1}, 0x0) 00:45:36 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x2, 0x4, 0x800, 0x9}, 0x3c) bpf$MAP_LOOKUP_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080), &(0x7f0000000100), 0x4, r0}, 0x38) 00:45:36 executing program 2: r0 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x0, 0x0, @loopback}], 0x1c) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000380)={0x0, 0x1c, "f22b0390479cbd06376096b50dc513fffd49cd4104019694a4f135a6"}, &(0x7f00000003c0)=0x24) 00:45:36 executing program 0: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) close(r0) socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000000)={0x0, @in={{0x2, 0x0, @empty}}}, 0x98) 00:45:37 executing program 1: r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000200)="d800000018008100e00f80ecdb4cb9040a1d65ef0b007c06e87c55a1bc000900b8000699030000000700150005008178a8001600400001000000000003ac040000d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dee1d9d322fe04000000730d16a4683e4f6d0200003f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e04adcdf634c1f215ce3bb9ad809d5e1cace81ed0b7fece0b42a9ecbee5de6ccd40d96f69916862de21f2e402053e8ffd22b", 0xd8}], 0x1}, 0x0) 00:45:37 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) setsockopt$inet6_tcp_int(r0, 0x6, 0xa, &(0x7f0000000080)=0x6, 0x4) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000180)='bbr\x00', 0x4) sendto$inet6(r0, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) 00:45:37 executing program 2: r0 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x0, 0x0, @loopback}], 0x1c) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000380)={0x0, 0x1c, "f22b0390479cbd06376096b50dc513fffd49cd4104019694a4f135a6"}, &(0x7f00000003c0)=0x24) 00:45:37 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c00000008060104000000000000000000000000050001000600000074b5accf0434d706a729f8c28beb6877191d22994b846c408390350ec2202b0d9672de958c57fdff6301c7b9cbbb22be7d66244befdbd10f0903af6dcc56fb689f8a120e1db0280623803951eb1ba95d1c04009cf9000000003b291682bea409658e1719ff081a6000e68d32bb92bd0dbc660c5446d985f61310800dfe5879527f20c9dc48677891ec532ad32838ad0000000000000000451ac328ad31270e5e723ff8a97aff7a2b5f590b9d5f2ea6260ea92bc9335729fb7ecebddfc81c2b86f441e948d0e40e13e3425dc1889b84ecbc16e40a668c033940a344121ba37a60ff223b20f3cffeabf52ce104f4bf5a5944dcfb60fd13556e7aad0d02b61f2f1e50695708274429e211552cb57b5f567211b36ed5335aba6c526c61425bb013bce889b8c41fda2faba104ea3c3502c41e6db0340d3b9a6f44e9e14552aa78d6da288d23d7952ebd8b470ef40656091982c390cad546ab9a76be299d1a69856d72ab61a3c91ebf"], 0x1c}}, 0x0) 00:45:37 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000040)={0x2, {0x2, 0x0, 0x0, 0x0, 0x3ff}}) 00:45:37 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000040)={0x2, {0x2, 0x0, 0x0, 0x0, 0x3ff}}) 00:45:37 executing program 1: r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000200)="d800000018008100e00f80ecdb4cb9040a1d65ef0b007c06e87c55a1bc000900b8000699030000000700150005008178a8001600400001000000000003ac040000d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dee1d9d322fe04000000730d16a4683e4f6d0200003f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e04adcdf634c1f215ce3bb9ad809d5e1cace81ed0b7fece0b42a9ecbee5de6ccd40d96f69916862de21f2e402053e8ffd22b", 0xd8}], 0x1}, 0x0) [ 2904.589922][ C1] not chained 740000 origins [ 2904.594797][ C1] CPU: 1 PID: 12094 Comm: kworker/u4:2 Not tainted 5.6.0-rc2-syzkaller #0 [ 2904.603380][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2904.614581][ C1] Workqueue: krdsd rds_connect_worker [ 2904.620189][ C1] Call Trace: [ 2904.623461][ C1] [ 2904.626398][ C1] dump_stack+0x1c9/0x220 [ 2904.630724][ C1] kmsan_internal_chain_origin+0x6f/0x130 [ 2904.636430][ C1] ? should_fail+0x72/0x9e0 [ 2904.640917][ C1] ? ret_from_fork+0x35/0x40 [ 2904.645605][ C1] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 2904.651678][ C1] ? arch_stack_walk+0x34c/0x3e0 [ 2904.656611][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2904.661810][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2904.667009][ C1] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2904.672814][ C1] ? kmsan_get_metadata+0x4f/0x180 [ 2904.678022][ C1] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2904.683824][ C1] ? __msan_metadata_ptr_for_store_2+0x13/0x20 [ 2904.689977][ C1] ? tcp_parse_options+0x1ada/0x1b90 [ 2904.695511][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2904.700707][ C1] __msan_chain_origin+0x50/0x90 [ 2904.705662][ C1] tcp_conn_request+0x174b/0x4d10 [ 2904.710694][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2904.715881][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2904.721072][ C1] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2904.727146][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2904.732330][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2904.737578][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2904.742690][ C1] ? inet6_sk_rx_dst_set+0x3d0/0x3d0 [ 2904.748243][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2904.753712][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2904.758928][ C1] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2904.764817][ C1] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 2904.771206][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2904.776437][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2904.781048][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2904.785593][ C1] ? tcp_filter+0xf0/0xf0 [ 2904.789910][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2904.795369][ C1] ip_local_deliver+0x62a/0x7c0 [ 2904.800332][ C1] ? ip_local_deliver+0x7c0/0x7c0 [ 2904.805341][ C1] ? ip_protocol_deliver_rcu+0xbc0/0xbc0 [ 2904.810953][ C1] ip_rcv+0x6cf/0x750 [ 2904.814932][ C1] ? ip_rcv_core+0x1270/0x1270 [ 2904.819678][ C1] ? ip_local_deliver_finish+0x350/0x350 [ 2904.825322][ C1] process_backlog+0xf0b/0x1410 [ 2904.830187][ C1] ? ip_local_deliver_finish+0x350/0x350 [ 2904.835838][ C1] ? rps_trigger_softirq+0x2e0/0x2e0 [ 2904.841125][ C1] net_rx_action+0x786/0x1aa0 [ 2904.845800][ C1] ? net_tx_action+0xc30/0xc30 [ 2904.850552][ C1] __do_softirq+0x311/0x83d [ 2904.855051][ C1] do_softirq_own_stack+0x49/0x80 [ 2904.860106][ C1] [ 2904.863100][ C1] __local_bh_enable_ip+0x184/0x1d0 [ 2904.868318][ C1] local_bh_enable+0x36/0x40 [ 2904.872909][ C1] ip_finish_output2+0x2115/0x2610 [ 2904.878024][ C1] ? ctnetlink_net_exit_batch+0x180/0x180 [ 2904.883731][ C1] ? nf_ct_deliver_cached_events+0x403/0x6c0 [ 2904.889728][ C1] __ip_finish_output+0xaa7/0xd80 [ 2904.895009][ C1] ip_finish_output+0x166/0x410 [ 2904.899864][ C1] ip_output+0x593/0x680 [ 2904.904115][ C1] ? ip_mc_finish_output+0x6c0/0x6c0 [ 2904.909382][ C1] ? ip_finish_output+0x410/0x410 [ 2904.914390][ C1] __ip_queue_xmit+0x1b5c/0x21a0 [ 2904.919310][ C1] ? kmsan_set_origin_checked+0x95/0xf0 [ 2904.924842][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2904.930031][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2904.935256][ C1] ip_queue_xmit+0xcc/0xf0 [ 2904.939655][ C1] ? tcp_v4_fill_cb+0x580/0x580 [ 2904.944486][ C1] __tcp_transmit_skb+0x439c/0x6090 [ 2904.949663][ C1] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2904.955487][ C1] tcp_connect+0x4337/0x6920 [ 2904.960058][ C1] ? __msan_poison_alloca+0xf0/0x120 [ 2904.965399][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2904.970601][ C1] tcp_v4_connect+0x21fd/0x2370 [ 2904.975455][ C1] ? tcp_twsk_unique+0xba0/0xba0 [ 2904.980401][ C1] __inet_stream_connect+0x2fb/0x1340 [ 2904.985783][ C1] ? __local_bh_enable_ip+0x97/0x1d0 [ 2904.991162][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2904.996385][ C1] inet_stream_connect+0x101/0x180 [ 2905.001489][ C1] ? __inet_stream_connect+0x1340/0x1340 [ 2905.007226][ C1] rds_tcp_conn_path_connect+0x8a7/0xb80 [ 2905.012869][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2905.018075][ C1] ? rds_tcp_state_change+0x390/0x390 [ 2905.023607][ C1] rds_connect_worker+0x2a6/0x470 [ 2905.028712][ C1] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 2905.034962][ C1] ? rds_addr_cmp+0x200/0x200 [ 2905.040004][ C1] process_one_work+0x1555/0x1f40 [ 2905.045401][ C1] worker_thread+0xef6/0x2450 [ 2905.050169][ C1] kthread+0x4b5/0x4f0 [ 2905.054242][ C1] ? process_one_work+0x1f40/0x1f40 [ 2905.059454][ C1] ? kthread_blkcg+0xf0/0xf0 [ 2905.064054][ C1] ret_from_fork+0x35/0x40 [ 2905.068467][ C1] Uninit was stored to memory at: [ 2905.073483][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2905.079634][ C1] __msan_chain_origin+0x50/0x90 [ 2905.084559][ C1] tcp_conn_request+0x1781/0x4d10 [ 2905.089922][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2905.095018][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2905.100045][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2905.105411][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2905.110515][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2905.115001][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2905.120440][ C1] ip_local_deliver+0x62a/0x7c0 [ 2905.125391][ C1] ip_rcv+0x6cf/0x750 [ 2905.129865][ C1] process_backlog+0xf0b/0x1410 [ 2905.135656][ C1] net_rx_action+0x786/0x1aa0 [ 2905.140319][ C1] __do_softirq+0x311/0x83d [ 2905.144799][ C1] [ 2905.147123][ C1] Uninit was stored to memory at: [ 2905.152131][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2905.157845][ C1] __msan_chain_origin+0x50/0x90 [ 2905.162780][ C1] tcp_openreq_init_rwin+0xc22/0xc80 [ 2905.168071][ C1] tcp_conn_request+0x33d7/0x4d10 [ 2905.173374][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2905.178482][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2905.183497][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2905.188855][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2905.193427][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2905.197930][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2905.203370][ C1] ip_local_deliver+0x62a/0x7c0 [ 2905.208217][ C1] ip_rcv+0x6cf/0x750 [ 2905.212205][ C1] process_backlog+0xf0b/0x1410 [ 2905.217039][ C1] net_rx_action+0x786/0x1aa0 [ 2905.221721][ C1] __do_softirq+0x311/0x83d [ 2905.226199][ C1] [ 2905.228509][ C1] Uninit was stored to memory at: [ 2905.233536][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2905.239238][ C1] __msan_chain_origin+0x50/0x90 [ 2905.244155][ C1] tcp_conn_request+0x1781/0x4d10 [ 2905.249157][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2905.254264][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2905.259286][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2905.264680][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2905.269251][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2905.273733][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2905.279178][ C1] ip_local_deliver+0x62a/0x7c0 [ 2905.284008][ C1] ip_rcv+0x6cf/0x750 [ 2905.287978][ C1] process_backlog+0xf0b/0x1410 [ 2905.292810][ C1] net_rx_action+0x786/0x1aa0 [ 2905.297480][ C1] __do_softirq+0x311/0x83d [ 2905.301986][ C1] [ 2905.304306][ C1] Uninit was stored to memory at: [ 2905.309334][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2905.315051][ C1] __msan_chain_origin+0x50/0x90 [ 2905.319968][ C1] tcp_openreq_init_rwin+0xc22/0xc80 [ 2905.325232][ C1] tcp_conn_request+0x33d7/0x4d10 [ 2905.330256][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2905.335352][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2905.340356][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2905.345710][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2905.350278][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2905.354764][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2905.360225][ C1] ip_local_deliver+0x62a/0x7c0 [ 2905.365116][ C1] ip_rcv+0x6cf/0x750 [ 2905.369132][ C1] process_backlog+0xf0b/0x1410 [ 2905.374080][ C1] net_rx_action+0x786/0x1aa0 [ 2905.378749][ C1] __do_softirq+0x311/0x83d [ 2905.383234][ C1] [ 2905.385542][ C1] Uninit was stored to memory at: [ 2905.390831][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2905.396591][ C1] __msan_chain_origin+0x50/0x90 [ 2905.401678][ C1] tcp_conn_request+0x1781/0x4d10 [ 2905.406701][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2905.411812][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2905.416822][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2905.422180][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2905.426752][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2905.431239][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2905.436676][ C1] ip_local_deliver+0x62a/0x7c0 [ 2905.441508][ C1] ip_rcv+0x6cf/0x750 [ 2905.445484][ C1] process_backlog+0xf0b/0x1410 [ 2905.450434][ C1] net_rx_action+0x786/0x1aa0 [ 2905.455555][ C1] __do_softirq+0x311/0x83d [ 2905.460037][ C1] [ 2905.462348][ C1] Uninit was stored to memory at: [ 2905.467358][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2905.473075][ C1] __msan_chain_origin+0x50/0x90 [ 2905.477995][ C1] tcp_openreq_init_rwin+0xc22/0xc80 [ 2905.483281][ C1] tcp_conn_request+0x33d7/0x4d10 [ 2905.488287][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2905.493378][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2905.498496][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2905.503851][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2905.508422][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2905.512916][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2905.518377][ C1] ip_local_deliver+0x62a/0x7c0 [ 2905.523205][ C1] ip_rcv+0x6cf/0x750 [ 2905.527186][ C1] process_backlog+0xf0b/0x1410 [ 2905.532038][ C1] net_rx_action+0x786/0x1aa0 [ 2905.536718][ C1] __do_softirq+0x311/0x83d [ 2905.541193][ C1] [ 2905.543500][ C1] Uninit was stored to memory at: [ 2905.548520][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2905.554232][ C1] __msan_chain_origin+0x50/0x90 [ 2905.559158][ C1] tcp_conn_request+0x1781/0x4d10 [ 2905.564178][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2905.569290][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2905.574582][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2905.579941][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2905.584507][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2905.588996][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2905.594433][ C1] ip_local_deliver+0x62a/0x7c0 [ 2905.599264][ C1] ip_rcv+0x6cf/0x750 [ 2905.603298][ C1] process_backlog+0xf0b/0x1410 [ 2905.608246][ C1] net_rx_action+0x786/0x1aa0 [ 2905.612918][ C1] __do_softirq+0x311/0x83d [ 2905.617400][ C1] [ 2905.619710][ C1] Uninit was created at: [ 2905.623948][ C1] kmsan_save_stack_with_flags+0x3c/0x90 [ 2905.629565][ C1] kmsan_alloc_page+0x12a/0x310 [ 2905.634505][ C1] __alloc_pages_nodemask+0x5712/0x5e80 [ 2905.640051][ C1] alloc_pages_current+0x67d/0x990 [ 2905.645282][ C1] alloc_slab_page+0x111/0x12f0 [ 2905.650118][ C1] new_slab+0x2bc/0x1130 [ 2905.654411][ C1] ___slab_alloc+0x1533/0x1f30 [ 2905.662038][ C1] kmem_cache_alloc+0xb23/0xd70 [ 2905.666959][ C1] inet_reqsk_alloc+0xac/0x830 [ 2905.671702][ C1] tcp_conn_request+0x753/0x4d10 [ 2905.676624][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2905.681716][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2905.687098][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2905.691759][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2905.696258][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2905.701698][ C1] ip_local_deliver+0x62a/0x7c0 [ 2905.706797][ C1] ip_sublist_rcv+0x11fa/0x13c0 [ 2905.711627][ C1] ip_list_rcv+0x8eb/0x950 [ 2905.716186][ C1] __netif_receive_skb_list_core+0x1311/0x1380 [ 2905.722578][ C1] netif_receive_skb_list_internal+0xf62/0x1620 [ 2905.728894][ C1] napi_complete_done+0x2ef/0xb60 [ 2905.733909][ C1] virtqueue_napi_complete+0xb9/0x1f0 [ 2905.739264][ C1] virtnet_poll+0x1468/0x19f0 [ 2905.744410][ C1] net_rx_action+0x786/0x1aa0 [ 2905.749137][ C1] __do_softirq+0x311/0x83d 00:45:43 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000400)='nl80211\x00') sendmsg$NL80211_CMD_SET_WIPHY(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000001c0)={0x1c, r1, 0x2b, 0x0, 0x0, {}, [@NL80211_ATTR_WIPHY_RETRY_LONG={0x5, 0x3e, 0x30}]}, 0x1c}}, 0x0) 00:45:43 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='clear_refs\x00') write$cgroup_subtree(r0, &(0x7f0000000640)=ANY=[@ANYBLOB='-c'], 0x2) 00:45:43 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/slabinfo\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1, 0x0) preadv(r0, &(0x7f0000001a00)=[{&(0x7f00000012c0)=""/197, 0xc5}], 0x1, 0xff) 00:45:43 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000040)={0x2, {0x2, 0x0, 0x0, 0x0, 0x3ff}}) 00:45:43 executing program 1: r0 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) sendmsg$nfc_llcp(r0, &(0x7f0000000640)={0x0, 0x0, 0x0}, 0x0) 00:45:43 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) setsockopt$inet6_tcp_int(r0, 0x6, 0xa, &(0x7f0000000080)=0x6, 0x4) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000180)='bbr\x00', 0x4) sendto$inet6(r0, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) 00:45:43 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) ftruncate(r1, 0x400) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r0, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$inet6_int(r2, 0x11, 0x64, 0x0, &(0x7f0000000000)) 00:45:44 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000030000040900010073797a30000000008c000000030a01020000000000000000050000000900010073797a300000000014000480080002400000000008000140000000000900030073797a30000000004c0008800c00014000000000000000050c00024000000000000000060c00024000000000000000060c0002400000000000001b170c00024000000000000000000c0001400000000000000bffec0100000e0a05000000000000000000010000020900020073797a32000000000900010073797a2c00000000080004400000000208000440000000038c010380880100800c0005400000000000000001780101800f000100769e6fad35675513e6c5b50002010100d686b8c7e8cc70fbf59d5ed02d1e227d8378eec5cebf56dfdd458992e24455ecff17ebb30b47e02b1bdd4de8b0d70eae8233010dc89a29158b62899723a7ed070ceb0a7cb25a940324c4932f1182d07cbd7417b1e5d6ca57440c20ac595c9cbb96dbd5a42542412be87c6ccb6d375042a6d2682b63d6e92ac2ab8e98b643dcaed8b009d0f6fa31782b9a846dd96f7e5473dd8bf06786c729d67c337860c0cc79549614a694c6b1d8dc0f582c09693982aa6e688d0097b9662a9756a1f0055cb78b40d9fb5bfb28a8d79c87afbcaae66ba44c93a85d30f1187702427595f0c5682c44f99b31de574dbd575420af752e461688ef005ff24ece3d256fe9bbd400001800028008000180fffffffd0900020073797a30000000002c0002800900020073797a300000000008000180fffffffe0900020073797a320000000008000180fffffffc1c00028008000180fffffffc08000180fffffffe08000180fffffffe0900010073797a31000000000900010073797a30000000000900010073797a3000000000140000001100010000000000000000000000000a"], 0x2c0}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) 00:45:44 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000040)={0x2, {0x2, 0x0, 0x0, 0x0, 0x3ff}}) 00:45:44 executing program 2: syz_emit_ethernet(0x46, &(0x7f00000001c0)={@local, @remote, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "85a600", 0x10, 0x11, 0x0, @local, @ipv4={[], [], @initdev={0xac, 0x1e, 0x0, 0x0}}, {[], {0x0, 0x0, 0x10, 0x0, @gue={{0x2}}}}}}}}, 0x0) 00:45:44 executing program 0: bpf$MAP_CREATE(0x0, &(0x7f0000001b00)={0xa, 0x0, 0x0, 0xc, 0x42}, 0x3c) 00:45:44 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000600)={'bridge_slave_1\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="6c00000024000705ff00"/20, @ANYRES32=r2, @ANYBLOB="00000000ffffffff000000040a0001006e6574656d0000003c0002000000000000000000000000000000000000000000000000000c000b00000000000052e0db1400050005000200000000000000000000000000a1d04ff131f4858458ba0492c8b4f08fe7f3b1d6cf071419d9a4117c1b56df875f63d7c9dd693feb8150abbb3f00000000000000000000eb2058d096ee49dffb7715c858c243d01bda9296c929095eac83a479d1a7e5be07413b700243ab1cafada043d3134cdf53a3c237ea5ea95aee077fd793ff88d6d360dcf043f9e97035c647e9db2be9300900000000000012449402d4135ab13ed48e4d0aafb883454167176f124aa395730e70b8da2525767c074fb488a439264ba779d6d173c5dd1fa16c10fc4bfe29b1691d3be9f7baa9a7db01f9503fb81bfec31da1289a890ccde00f1bb5e30aa31b7bf15f4b3c0f185008ae9b335dc4de3bfde0cabc56049a24e05421feb76d0847594d2f395d8489675d4ed63bcb7136eada831cb1b0c22f76a6f2a02384e71a0b7eef60990087fc3078a2de038a28b42dfd0777b42f7ac69aecae8ae22f91fb84178e4b110194637c87204e9646a2eb6921c295b3776f2dd5502df8fe4302caf9f88a93fee1ffdee61abb91f7bb1b88819e34070b2d690d34a1154c66c8f57f3945423d33f557b406d27025f67b86ffff00000000000039ddfd0165d00841208fe72aeecc4b02982ca2f000ee51879c8225bc17492f17cb70a40f669f00000000000000"], 0x6c}}, 0x0) [ 2910.653339][T10094] netem: incorrect ge model size [ 2910.658596][T10094] netem: change failed 00:45:49 executing program 3: r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000140)='/dev/urandom\x00', 0x8000000000000085, 0x0) r1 = dup(r0) r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ftruncate(r2, 0xee72) sendfile(r1, r2, 0x0, 0x8000fffffffe) 00:45:49 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000180)=0x1, 0x4) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000180)=0x1, 0x4) bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e22}, 0x1c) listen(r1, 0x0) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f00000000c0)='xfrm0\x00', 0x10) bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000180)=0x1, 0x4) bind$inet6(r2, &(0x7f0000000140)={0xa, 0x4e22}, 0x1c) listen(r2, 0x0) 00:45:49 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) setsockopt$inet6_tcp_int(r0, 0x6, 0xa, &(0x7f0000000080)=0x6, 0x4) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000180)='bbr\x00', 0x4) sendto$inet6(r0, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) 00:45:49 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000080)='/dev/uinput\x00', 0x4000000000802, 0x0) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2) ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8) syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x0) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) ioctl$UI_DEV_DESTROY(r0, 0x5502) 00:45:49 executing program 1: r0 = syz_open_dev$sndseq(&(0x7f00000000c0)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r0, 0x4058534c, &(0x7f0000000000)={0x80, 0x0, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfd]}) 00:45:49 executing program 5: syz_read_part_table(0x0, 0x1, &(0x7f00000000c0)=[{&(0x7f00000002c0)="c98effad060b9815483b452c26cc99ac9fd695ca1484a088d7b8768aafbb4f322908821b95dab9ba012304d78b01442bf2b478ebcbc606530875a44ab1f36ba86409cc79ae63471c1513c03c0ea28459479717421359c338d8667afcbbdeaff0124fa63c87dfc6f5141c686739d53abd1ae39aa4165bff0eadc02c321baf0df3fc3118eff4d92c01a73c166914ad7af2efd6525a6fea962a1da79ab2dfccb81399b3e3c984c348e75ead91f16bc15ff26fa77a066349c5d5bbd209219a7d5873bb306eeec78decf2579cfa10e445ebb8152c228345e77c5863755e7b4d88a534c5c211f4514812263d808e32e3eadc3a87943e1f639117382f3c0edabcd982494d7c2f8e9590afe9d412cfdfa0d2114c7daff33abbcc08f740315b414eebc65fa6b41a21d3d5525c3ada19492fa3500065617feaaade8a2fa8df5b8510014627ef75fc978e2efd4a7e7ebdf18129eca96b832e5fb7b9700584434d33b0138f724b73c97e6e3dbde639192580200f07f799afb11465ea1194be4a917c69a3568eeaf39ed7099a0546622459c884853d385f29ff7c0ec96742063c8dc05499270c661477ba35047a4d7ace3ad63400417f29e00b0468b4c3e4dc516ca4e1b7f916cba0d781729140c740735eca00952a132d81c617d0f5576d122a41efc1384b4fe38568dbc3132e25d55d620dcfc2ca5e4c9302c547b4523eef799147cb078465", 0x200}]) [ 2915.527425][T10213] input: syz1 as /devices/virtual/input/input78 00:45:49 executing program 1: unshare(0x20600) r0 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self\x00', 0x284380, 0x0) fremovexattr(r0, 0x0) 00:45:49 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x4, &(0x7f0000000140)=ANY=[@ANYBLOB="b7050000000000006110200000000000d40500002000000095000000000000009abb1723bf24203831c9545b21c751ee4024f479cbe4b89f9808838da5847c95ffc926c2e1a8c7a3221481f5009edaf5f5ac058299e10e790a198f42a715929fb3d2a73dd02584a54ee68c70db4d8995886e"], &(0x7f00000002c0)='syzkaller\x00', 0x5, 0xfd90, &(0x7f0000000300)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f3, 0x10, &(0x7f0000000080), 0xfffffffffffffc79}, 0x48) 00:45:50 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_ifreq(r0, 0x8949, &(0x7f0000000040)={'bond0\x00', @ifru_names='veth1\x00'}) 00:45:50 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f00000002c0)='attr/exec\x00') r1 = syz_open_procfs(0x0, &(0x7f0000000200)='personality\x00') sendfile(r0, r1, 0x0, 0x50) 00:45:50 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) setsockopt$inet6_tcp_int(r0, 0x6, 0xa, &(0x7f0000000080)=0x6, 0x4) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000180)='bbr\x00', 0x4) sendto$inet6(r0, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) [ 2916.334875][T10337] Dev loop5: unable to read RDB block 1 [ 2916.340840][T10337] loop5: unable to read partition table [ 2916.347151][T10337] loop5: partition table beyond EOD, truncated [ 2916.353400][T10337] loop_reread_partitions: partition scan of loop5 () failed (rc=-5) 00:45:50 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x4, &(0x7f0000000140)=ANY=[@ANYBLOB="b7050000000000006110200000000000d40500002000000095000000000000009abb1723bf24203831c9545b21c751ee4024f479cbe4b89f9808838da5847c95ffc926c2e1a8c7a3221481f5009edaf5f5ac058299e10e790a198f42a715929fb3d2a73dd02584a54ee68c70db4d8995886e"], &(0x7f00000002c0)='syzkaller\x00', 0x5, 0xfd90, &(0x7f0000000300)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f3, 0x10, &(0x7f0000000080), 0xfffffffffffffc79}, 0x48) [ 2917.430708][ C1] not chained 750000 origins [ 2917.435356][ C1] CPU: 1 PID: 17642 Comm: kworker/u4:3 Not tainted 5.6.0-rc2-syzkaller #0 [ 2917.443856][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2917.453931][ C1] Workqueue: krdsd rds_connect_worker [ 2917.459303][ C1] Call Trace: [ 2917.462586][ C1] [ 2917.465451][ C1] dump_stack+0x1c9/0x220 [ 2917.469800][ C1] kmsan_internal_chain_origin+0x6f/0x130 [ 2917.475529][ C1] ? should_fail+0x72/0x9e0 [ 2917.480036][ C1] ? ret_from_fork+0x35/0x40 [ 2917.484627][ C1] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 2917.490701][ C1] ? arch_stack_walk+0x34c/0x3e0 [ 2917.495639][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2917.500840][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2917.506043][ C1] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2917.511865][ C1] ? kmsan_get_metadata+0x4f/0x180 [ 2917.516985][ C1] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2917.522789][ C1] ? __msan_metadata_ptr_for_store_2+0x13/0x20 [ 2917.528938][ C1] ? tcp_parse_options+0x1ada/0x1b90 [ 2917.534259][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2917.539451][ C1] __msan_chain_origin+0x50/0x90 [ 2917.544387][ C1] tcp_conn_request+0x174b/0x4d10 [ 2917.549430][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2917.554620][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2917.559811][ C1] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2917.565626][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2917.570822][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2917.575934][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2917.580964][ C1] ? inet6_sk_rx_dst_set+0x3d0/0x3d0 [ 2917.586246][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2917.591626][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2917.596839][ C1] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2917.602644][ C1] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 2917.608826][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2917.614131][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2917.618731][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2917.623284][ C1] ? tcp_filter+0xf0/0xf0 [ 2917.627609][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2917.633073][ C1] ip_local_deliver+0x62a/0x7c0 [ 2917.637930][ C1] ? ip_local_deliver+0x7c0/0x7c0 [ 2917.642949][ C1] ? ip_protocol_deliver_rcu+0xbc0/0xbc0 [ 2917.648572][ C1] ip_rcv+0x6cf/0x750 [ 2917.652554][ C1] ? ip_rcv_core+0x1270/0x1270 [ 2917.657323][ C1] ? ip_local_deliver_finish+0x350/0x350 [ 2917.662958][ C1] process_backlog+0xf0b/0x1410 [ 2917.667811][ C1] ? ip_local_deliver_finish+0x350/0x350 [ 2917.673449][ C1] ? rps_trigger_softirq+0x2e0/0x2e0 [ 2917.678726][ C1] net_rx_action+0x786/0x1aa0 [ 2917.683411][ C1] ? net_tx_action+0xc30/0xc30 [ 2917.688168][ C1] __do_softirq+0x311/0x83d [ 2917.692951][ C1] do_softirq_own_stack+0x49/0x80 [ 2917.697960][ C1] [ 2917.700896][ C1] __local_bh_enable_ip+0x184/0x1d0 [ 2917.706094][ C1] local_bh_enable+0x36/0x40 [ 2917.710675][ C1] ip_finish_output2+0x2115/0x2610 [ 2917.715778][ C1] ? ctnetlink_net_exit_batch+0x180/0x180 [ 2917.721491][ C1] ? nf_ct_deliver_cached_events+0x403/0x6c0 [ 2917.727498][ C1] __ip_finish_output+0xaa7/0xd80 [ 2917.732542][ C1] ip_finish_output+0x166/0x410 [ 2917.737412][ C1] ip_output+0x593/0x680 [ 2917.741662][ C1] ? ip_mc_finish_output+0x6c0/0x6c0 [ 2917.746947][ C1] ? ip_finish_output+0x410/0x410 [ 2917.751970][ C1] __ip_queue_xmit+0x1b5c/0x21a0 [ 2917.756918][ C1] ? kmsan_set_origin_checked+0x95/0xf0 [ 2917.762478][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2917.767694][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2917.772913][ C1] ip_queue_xmit+0xcc/0xf0 [ 2917.777336][ C1] ? tcp_v4_fill_cb+0x580/0x580 [ 2917.782182][ C1] __tcp_transmit_skb+0x439c/0x6090 [ 2917.787380][ C1] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2917.793210][ C1] tcp_connect+0x4337/0x6920 [ 2917.797814][ C1] ? __msan_poison_alloca+0xf0/0x120 [ 2917.803094][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2917.808305][ C1] tcp_v4_connect+0x21fd/0x2370 [ 2917.813183][ C1] ? tcp_twsk_unique+0xba0/0xba0 [ 2917.818117][ C1] __inet_stream_connect+0x2fb/0x1340 [ 2917.823488][ C1] ? __local_bh_enable_ip+0x97/0x1d0 [ 2917.828772][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2917.833967][ C1] inet_stream_connect+0x101/0x180 [ 2917.839163][ C1] ? __inet_stream_connect+0x1340/0x1340 [ 2917.844807][ C1] rds_tcp_conn_path_connect+0x8a7/0xb80 [ 2917.850456][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2917.855653][ C1] ? rds_tcp_state_change+0x390/0x390 [ 2917.861020][ C1] rds_connect_worker+0x2a6/0x470 [ 2917.866050][ C1] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 2917.872126][ C1] ? rds_addr_cmp+0x200/0x200 [ 2917.876794][ C1] process_one_work+0x1555/0x1f40 [ 2917.881832][ C1] worker_thread+0xef6/0x2450 [ 2917.886563][ C1] kthread+0x4b5/0x4f0 [ 2917.890732][ C1] ? process_one_work+0x1f40/0x1f40 [ 2917.895946][ C1] ? kthread_blkcg+0xf0/0xf0 [ 2917.900542][ C1] ret_from_fork+0x35/0x40 [ 2917.904966][ C1] Uninit was stored to memory at: [ 2917.909989][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2917.915713][ C1] __msan_chain_origin+0x50/0x90 [ 2917.920643][ C1] tcp_conn_request+0x1781/0x4d10 [ 2917.925660][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2917.930768][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2917.935784][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2917.941146][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2917.945737][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2917.950242][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2917.955689][ C1] ip_local_deliver+0x62a/0x7c0 [ 2917.960525][ C1] ip_rcv+0x6cf/0x750 [ 2917.964496][ C1] process_backlog+0xf0b/0x1410 [ 2917.969339][ C1] net_rx_action+0x786/0x1aa0 [ 2917.974007][ C1] __do_softirq+0x311/0x83d [ 2917.978491][ C1] [ 2917.980806][ C1] Uninit was stored to memory at: [ 2917.985818][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2917.991525][ C1] __msan_chain_origin+0x50/0x90 [ 2917.996450][ C1] tcp_openreq_init_rwin+0xc22/0xc80 [ 2918.001723][ C1] tcp_conn_request+0x33d7/0x4d10 [ 2918.006737][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2918.011850][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2918.016876][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2918.022257][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2918.026853][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2918.031348][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2918.036802][ C1] ip_local_deliver+0x62a/0x7c0 [ 2918.041653][ C1] ip_rcv+0x6cf/0x750 [ 2918.045627][ C1] process_backlog+0xf0b/0x1410 [ 2918.050485][ C1] net_rx_action+0x786/0x1aa0 [ 2918.055153][ C1] __do_softirq+0x311/0x83d [ 2918.059639][ C1] [ 2918.061957][ C1] Uninit was stored to memory at: [ 2918.066980][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2918.072710][ C1] __msan_chain_origin+0x50/0x90 [ 2918.077638][ C1] tcp_conn_request+0x1781/0x4d10 [ 2918.082657][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2918.087845][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2918.092859][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2918.098661][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2918.103268][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2918.107780][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2918.113263][ C1] ip_local_deliver+0x62a/0x7c0 [ 2918.118895][ C1] ip_rcv+0x6cf/0x750 [ 2918.122888][ C1] process_backlog+0xf0b/0x1410 [ 2918.127736][ C1] net_rx_action+0x786/0x1aa0 [ 2918.132405][ C1] __do_softirq+0x311/0x83d [ 2918.136887][ C1] [ 2918.139214][ C1] Uninit was stored to memory at: [ 2918.144264][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2918.149977][ C1] __msan_chain_origin+0x50/0x90 [ 2918.154907][ C1] tcp_openreq_init_rwin+0xc22/0xc80 [ 2918.160182][ C1] tcp_conn_request+0x33d7/0x4d10 [ 2918.165206][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2918.170325][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2918.175348][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2918.180714][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2918.185298][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2918.189799][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2918.195247][ C1] ip_local_deliver+0x62a/0x7c0 [ 2918.200083][ C1] ip_rcv+0x6cf/0x750 [ 2918.204058][ C1] process_backlog+0xf0b/0x1410 [ 2918.208915][ C1] net_rx_action+0x786/0x1aa0 [ 2918.213582][ C1] __do_softirq+0x311/0x83d [ 2918.218062][ C1] [ 2918.220376][ C1] Uninit was stored to memory at: [ 2918.225494][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2918.231208][ C1] __msan_chain_origin+0x50/0x90 [ 2918.236164][ C1] tcp_conn_request+0x1781/0x4d10 [ 2918.241181][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2918.246294][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2918.251319][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2918.256677][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2918.261270][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2918.265762][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2918.271216][ C1] ip_local_deliver+0x62a/0x7c0 [ 2918.276061][ C1] ip_rcv+0x6cf/0x750 [ 2918.280032][ C1] process_backlog+0xf0b/0x1410 [ 2918.284890][ C1] net_rx_action+0x786/0x1aa0 [ 2918.289565][ C1] __do_softirq+0x311/0x83d [ 2918.294048][ C1] [ 2918.296388][ C1] Uninit was stored to memory at: [ 2918.301412][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2918.307123][ C1] __msan_chain_origin+0x50/0x90 [ 2918.312081][ C1] tcp_openreq_init_rwin+0xc22/0xc80 [ 2918.317360][ C1] tcp_conn_request+0x33d7/0x4d10 [ 2918.322502][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2918.327622][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2918.332725][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2918.338094][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2918.342691][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2918.347209][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2918.352689][ C1] ip_local_deliver+0x62a/0x7c0 [ 2918.357540][ C1] ip_rcv+0x6cf/0x750 [ 2918.361627][ C1] process_backlog+0xf0b/0x1410 [ 2918.366730][ C1] net_rx_action+0x786/0x1aa0 [ 2918.371399][ C1] __do_softirq+0x311/0x83d [ 2918.375882][ C1] [ 2918.378203][ C1] Uninit was stored to memory at: [ 2918.383221][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2918.388929][ C1] __msan_chain_origin+0x50/0x90 [ 2918.393857][ C1] tcp_conn_request+0x1781/0x4d10 [ 2918.398871][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2918.403980][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2918.409087][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2918.414465][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2918.419043][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2918.423546][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2918.428994][ C1] ip_local_deliver+0x62a/0x7c0 [ 2918.433833][ C1] ip_rcv+0x6cf/0x750 [ 2918.437807][ C1] process_backlog+0xf0b/0x1410 [ 2918.442645][ C1] net_rx_action+0x786/0x1aa0 [ 2918.447313][ C1] __do_softirq+0x311/0x83d [ 2918.451803][ C1] [ 2918.454114][ C1] Uninit was created at: [ 2918.458344][ C1] kmsan_save_stack_with_flags+0x3c/0x90 [ 2918.464093][ C1] kmsan_alloc_page+0x12a/0x310 [ 2918.468938][ C1] __alloc_pages_nodemask+0x5712/0x5e80 [ 2918.474474][ C1] alloc_pages_current+0x67d/0x990 [ 2918.479578][ C1] alloc_slab_page+0x111/0x12f0 [ 2918.484420][ C1] new_slab+0x2bc/0x1130 [ 2918.488651][ C1] ___slab_alloc+0x1533/0x1f30 [ 2918.493402][ C1] kmem_cache_alloc+0xb23/0xd70 [ 2918.498241][ C1] inet_reqsk_alloc+0xac/0x830 [ 2918.502997][ C1] tcp_conn_request+0x753/0x4d10 [ 2918.507920][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2918.513019][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2918.518377][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2918.522951][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2918.527443][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2918.532939][ C1] ip_local_deliver+0x62a/0x7c0 [ 2918.537777][ C1] ip_sublist_rcv+0x11fa/0x13c0 [ 2918.542610][ C1] ip_list_rcv+0x8eb/0x950 [ 2918.547015][ C1] __netif_receive_skb_list_core+0x1311/0x1380 [ 2918.553158][ C1] netif_receive_skb_list_internal+0xf62/0x1620 [ 2918.559395][ C1] napi_complete_done+0x2ef/0xb60 [ 2918.564406][ C1] virtqueue_napi_complete+0xb9/0x1f0 [ 2918.569766][ C1] virtnet_poll+0x1468/0x19f0 [ 2918.574432][ C1] net_rx_action+0x786/0x1aa0 [ 2918.579114][ C1] __do_softirq+0x311/0x83d 00:45:55 executing program 3: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000cd0fc8)={0x0, 0x0, &(0x7f0000ca6000)={&(0x7f0000000000)={0x2, 0xd, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, [@sadb_x_policy={0x8, 0x12, 0x0, 0x3, 0x400300, 0x0, 0x0, {0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @in, @in6=@mcast2}}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @ipv4={[], [], @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], 0xffffffffffffffff}}}]}, 0xa0}}, 0x0) 00:45:55 executing program 1: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080), 0x4) r1 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000080)={0x0, 0x0, 0x6}, 0x4) 00:45:55 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x4, &(0x7f0000000140)=ANY=[@ANYBLOB="b7050000000000006110200000000000d40500002000000095000000000000009abb1723bf24203831c9545b21c751ee4024f479cbe4b89f9808838da5847c95ffc926c2e1a8c7a3221481f5009edaf5f5ac058299e10e790a198f42a715929fb3d2a73dd02584a54ee68c70db4d8995886e"], &(0x7f00000002c0)='syzkaller\x00', 0x5, 0xfd90, &(0x7f0000000300)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f3, 0x10, &(0x7f0000000080), 0xfffffffffffffc79}, 0x48) 00:45:55 executing program 2: r0 = socket(0x22, 0x2, 0x4) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, 0x0, &(0x7f0000000140)) 00:45:55 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=@ipv6_newroute={0x30, 0x18, 0x311, 0x0, 0x0, {}, [@RTA_GATEWAY={0x14, 0x5, @mcast1}]}, 0x30}}, 0x0) 00:45:55 executing program 4: mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x31, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x403, 0x0) mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x1, 0x0, 0x0, 0x0) 00:45:56 executing program 2: clone(0x8100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0xfffffffffffffee7, [@typedef]}}, &(0x7f00000002c0)=""/236, 0x27, 0xec, 0x8}, 0x20) 00:45:56 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x4, &(0x7f0000000140)=ANY=[@ANYBLOB="b7050000000000006110200000000000d40500002000000095000000000000009abb1723bf24203831c9545b21c751ee4024f479cbe4b89f9808838da5847c95ffc926c2e1a8c7a3221481f5009edaf5f5ac058299e10e790a198f42a715929fb3d2a73dd02584a54ee68c70db4d8995886e"], &(0x7f00000002c0)='syzkaller\x00', 0x5, 0xfd90, &(0x7f0000000300)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f3, 0x10, &(0x7f0000000080), 0xfffffffffffffc79}, 0x48) 00:45:56 executing program 1: r0 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'ipvlan1\x00', &(0x7f0000000080)=@ethtool_cmd={0x23}}) 00:45:56 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000680)=[@in={0x2, 0x0, @rand_addr=0x40}]}, &(0x7f0000000180)=0x10) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x6c, &(0x7f0000000100)={r1}, &(0x7f0000000140)=0x8) [ 2922.312334][T10759] BPF:Total section length too long 00:45:56 executing program 2: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x24, &(0x7f0000000040)=0x81, 0x4) syz_emit_ethernet(0x4a, &(0x7f0000000900)={@broadcast, @random, @val={@void}, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "a4f008", 0x10, 0x3a, 0x0, @local, @mcast2, {[], @ndisc_ra}}}}}, 0x0) 00:45:56 executing program 0: r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000040)=ANY=[], 0xfea7) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r1, 0x0) ioctl$int_in(r0, 0x800000c0045002, &(0x7f0000001380)) 00:46:01 executing program 3: r0 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0)='batadv\x00') r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x2a9, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="000000000000000028001200090001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="0000b20000000000"], 0x48}}, 0x0) sendmsg$BATADV_CMD_GET_GATEWAYS(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)={0x1c, r0, 0x711, 0x0, 0x0, {0x6}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r4}]}, 0x1c}}, 0x0) 00:46:01 executing program 1: r0 = open(&(0x7f0000000000)='./bus\x00', 0x1fe, 0x0) write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[@ANYRESHEX], 0x12) r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x2007fff) sendfile(r0, r0, &(0x7f00000001c0)=0x1, 0x8080fffffffe) r2 = socket(0x2, 0x803, 0xff) connect$inet(r2, &(0x7f0000000080)={0x2, 0x0, @empty}, 0x10) r3 = dup(r2) r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x8000fffffffe) creat(&(0x7f0000000100)='./bus\x00', 0x0) getsockopt$bt_BT_DEFER_SETUP(0xffffffffffffffff, 0x112, 0x7, 0x0, &(0x7f0000000040)) 00:46:01 executing program 4: unshare(0x2a000400) fremovexattr(0xffffffffffffffff, 0x0) 00:46:01 executing program 2: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000380)=@mangle={'mangle\x00', 0x1f, 0x6, 0x544, 0x364, 0x2c4, 0x410, 0x2c4, 0x410, 0x4f8, 0x4f8, 0x4f8, 0x4f8, 0x4f8, 0x6, 0x0, {[{{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00'}}, {{@uncond, 0x0, 0x198, 0x1f4, 0x0, {}, [@common=@inet=@recent1={{0x104, 'recent\x00'}, {0x0, 0x0, 0x0, 0x0, 'syz0\x00'}}, @inet=@rpfilter={{0x24, 'rpfilter\x00'}}]}, @common=@CLUSTERIP={0x5c, 'CLUSTERIP\x00', 0x0, {0x0, @random="1ff82724b20a"}}}, {{@uncond, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @loopback}}}, {{@uncond, 0x0, 0x70, 0xac}, @inet=@TPROXY1={0x3c, 'TPROXY\x00'}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, 0x0, 0x0, 'netpci0\x00', 'veth0_to_bond\x00'}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00'}}], {{[], 0x0, 0x70, 0x94}, {0x24}}}}, 0x5a0) 00:46:01 executing program 0: r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000040)=ANY=[], 0xfea7) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r1, 0x0) ioctl$int_in(r0, 0x800000c0045002, &(0x7f0000001380)) 00:46:01 executing program 5: unshare(0x24020400) r0 = socket$inet_udp(0x2, 0x2, 0x0) fcntl$setstatus(r0, 0x4, 0x4000) [ 2927.315043][ T32] audit: type=1804 audit(1583541961.369:494): pid=11089 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir220426166/syzkaller.meuucw/1614/bus" dev="sda1" ino=16951 res=1 00:46:01 executing program 4: io_submit(0x0, 0x1ffffffffffffc7d, &(0x7f0000000040)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x316}]) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x1ed, &(0x7f0000000100)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0) 00:46:01 executing program 0: r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000040)=ANY=[], 0xfea7) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r1, 0x0) ioctl$int_in(r0, 0x800000c0045002, &(0x7f0000001380)) 00:46:01 executing program 2: syz_open_dev$video(&(0x7f0000000080)='/dev/video#\x00', 0x8447, 0x0) r0 = syz_open_dev$video(0x0, 0x0, 0x0) ioctl$VIDIOC_SUBDEV_S_EDID(r0, 0xc0285628, &(0x7f0000000040)={0x3, 0x1, 0x7}) [ 2927.527213][ T32] audit: type=1804 audit(1583541961.429:495): pid=11090 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir220426166/syzkaller.meuucw/1614/bus" dev="sda1" ino=16951 res=1 [ 2927.555110][ T32] audit: type=1804 audit(1583541961.499:496): pid=11090 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir220426166/syzkaller.meuucw/1614/bus" dev="sda1" ino=16951 res=1 00:46:01 executing program 1: r0 = open(&(0x7f0000000000)='./bus\x00', 0x1fe, 0x0) write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[@ANYRESHEX], 0x12) r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x2007fff) sendfile(r0, r0, &(0x7f00000001c0)=0x1, 0x8080fffffffe) r2 = socket(0x2, 0x803, 0xff) connect$inet(r2, &(0x7f0000000080)={0x2, 0x0, @empty}, 0x10) r3 = dup(r2) r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x8000fffffffe) creat(&(0x7f0000000100)='./bus\x00', 0x0) getsockopt$bt_BT_DEFER_SETUP(0xffffffffffffffff, 0x112, 0x7, 0x0, &(0x7f0000000040)) 00:46:02 executing program 0: r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000040)=ANY=[], 0xfea7) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r1, 0x0) ioctl$int_in(r0, 0x800000c0045002, &(0x7f0000001380)) [ 2927.964440][T11300] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 2927.976880][T11300] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 2927.986976][T11300] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 2927.996997][T11300] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 2928.009686][T11300] EXT4-fs error (device loop4): ext4_fill_super:4528: inode #2: comm syz-executor.4: iget: root inode unallocated [ 2928.023549][T11300] EXT4-fs (loop4): get root inode failed [ 2928.029581][T11300] EXT4-fs (loop4): mount failed 00:46:02 executing program 2: r0 = open(&(0x7f0000000000)='./bus\x00', 0x1fe, 0x0) write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[@ANYRESHEX], 0x12) r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x2007fff) sendfile(r0, r0, &(0x7f00000001c0)=0x1, 0x8080fffffffe) r2 = socket(0x2, 0x803, 0xff) connect$inet(r2, &(0x7f0000000080)={0x2, 0x0, @empty}, 0x10) r3 = dup(r2) r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x8000fffffffe) creat(&(0x7f0000000100)='./bus\x00', 0x0) getsockopt$bt_BT_DEFER_SETUP(0xffffffffffffffff, 0x112, 0x7, 0x0, &(0x7f0000000040)) [ 2928.450489][ T32] audit: type=1804 audit(1583541962.509:497): pid=11314 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir220426166/syzkaller.meuucw/1615/bus" dev="sda1" ino=16689 res=1 [ 2928.651300][ T32] audit: type=1804 audit(1583541962.589:498): pid=11317 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir220426166/syzkaller.meuucw/1615/bus" dev="sda1" ino=16689 res=1 [ 2929.372478][ C1] not chained 760000 origins [ 2929.377117][ C1] CPU: 1 PID: 17642 Comm: kworker/u4:3 Not tainted 5.6.0-rc2-syzkaller #0 [ 2929.385722][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2929.395795][ C1] Workqueue: krdsd rds_connect_worker [ 2929.401187][ C1] Call Trace: [ 2929.404460][ C1] [ 2929.407309][ C1] dump_stack+0x1c9/0x220 [ 2929.411638][ C1] kmsan_internal_chain_origin+0x6f/0x130 [ 2929.417355][ C1] ? should_fail+0x72/0x9e0 [ 2929.421850][ C1] ? ret_from_fork+0x35/0x40 [ 2929.426446][ C1] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 2929.432518][ C1] ? arch_stack_walk+0x34c/0x3e0 [ 2929.437447][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2929.442631][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2929.447828][ C1] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2929.453635][ C1] ? kmsan_get_metadata+0x4f/0x180 [ 2929.458748][ C1] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2929.464564][ C1] ? __msan_metadata_ptr_for_store_2+0x13/0x20 [ 2929.470721][ C1] ? tcp_parse_options+0x1ada/0x1b90 [ 2929.476032][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2929.481225][ C1] __msan_chain_origin+0x50/0x90 [ 2929.486164][ C1] tcp_conn_request+0x174b/0x4d10 [ 2929.491210][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2929.496394][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2929.501578][ C1] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2929.507383][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2929.512700][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2929.517808][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2929.523108][ C1] ? inet6_sk_rx_dst_set+0x3d0/0x3d0 [ 2929.528388][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2929.533805][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2929.539010][ C1] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2929.544932][ C1] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 2929.551033][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2929.556236][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2929.560856][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2929.565413][ C1] ? tcp_filter+0xf0/0xf0 [ 2929.569835][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2929.575306][ C1] ip_local_deliver+0x62a/0x7c0 [ 2929.580165][ C1] ? ip_local_deliver+0x7c0/0x7c0 [ 2929.585294][ C1] ? ip_protocol_deliver_rcu+0xbc0/0xbc0 [ 2929.590942][ C1] ip_rcv+0x6cf/0x750 [ 2929.595153][ C1] ? ip_rcv_core+0x1270/0x1270 [ 2929.600100][ C1] ? ip_local_deliver_finish+0x350/0x350 [ 2929.605746][ C1] process_backlog+0xf0b/0x1410 [ 2929.610629][ C1] ? ip_local_deliver_finish+0x350/0x350 [ 2929.618398][ C1] ? rps_trigger_softirq+0x2e0/0x2e0 [ 2929.623684][ C1] net_rx_action+0x786/0x1aa0 [ 2929.628890][ C1] ? net_tx_action+0xc30/0xc30 [ 2929.633642][ C1] __do_softirq+0x311/0x83d [ 2929.638141][ C1] do_softirq_own_stack+0x49/0x80 [ 2929.643348][ C1] [ 2929.646291][ C1] __local_bh_enable_ip+0x184/0x1d0 [ 2929.651494][ C1] local_bh_enable+0x36/0x40 [ 2929.656109][ C1] ip_finish_output2+0x2115/0x2610 [ 2929.661219][ C1] ? ctnetlink_net_exit_batch+0x180/0x180 [ 2929.667116][ C1] ? nf_ct_deliver_cached_events+0x403/0x6c0 [ 2929.674226][ C1] __ip_finish_output+0xaa7/0xd80 [ 2929.679256][ C1] ip_finish_output+0x166/0x410 [ 2929.684193][ C1] ip_output+0x593/0x680 [ 2929.688465][ C1] ? ip_mc_finish_output+0x6c0/0x6c0 [ 2929.693752][ C1] ? ip_finish_output+0x410/0x410 [ 2929.698868][ C1] __ip_queue_xmit+0x1b5c/0x21a0 [ 2929.703789][ C1] ? kmsan_set_origin_checked+0x95/0xf0 [ 2929.709327][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2929.714680][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2929.719886][ C1] ip_queue_xmit+0xcc/0xf0 [ 2929.724293][ C1] ? tcp_v4_fill_cb+0x580/0x580 [ 2929.729138][ C1] __tcp_transmit_skb+0x439c/0x6090 [ 2929.734325][ C1] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2929.740138][ C1] tcp_connect+0x4337/0x6920 [ 2929.744726][ C1] ? __msan_poison_alloca+0xf0/0x120 [ 2929.750018][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2929.755237][ C1] tcp_v4_connect+0x21fd/0x2370 [ 2929.760103][ C1] ? tcp_twsk_unique+0xba0/0xba0 [ 2929.765043][ C1] __inet_stream_connect+0x2fb/0x1340 [ 2929.770458][ C1] ? __local_bh_enable_ip+0x97/0x1d0 [ 2929.775756][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2929.780957][ C1] inet_stream_connect+0x101/0x180 [ 2929.786069][ C1] ? __inet_stream_connect+0x1340/0x1340 [ 2929.791700][ C1] rds_tcp_conn_path_connect+0x8a7/0xb80 [ 2929.797327][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2929.802512][ C1] ? rds_tcp_state_change+0x390/0x390 [ 2929.807878][ C1] rds_connect_worker+0x2a6/0x470 [ 2929.812885][ C1] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 2929.818958][ C1] ? rds_addr_cmp+0x200/0x200 [ 2929.823632][ C1] process_one_work+0x1555/0x1f40 [ 2929.828675][ C1] worker_thread+0xef6/0x2450 [ 2929.833367][ C1] kthread+0x4b5/0x4f0 [ 2929.837431][ C1] ? process_one_work+0x1f40/0x1f40 [ 2929.842619][ C1] ? kthread_blkcg+0xf0/0xf0 [ 2929.847209][ C1] ret_from_fork+0x35/0x40 [ 2929.851629][ C1] Uninit was stored to memory at: [ 2929.856654][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2929.862364][ C1] __msan_chain_origin+0x50/0x90 [ 2929.867306][ C1] tcp_conn_request+0x1781/0x4d10 [ 2929.872336][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2929.877549][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2929.882559][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2929.887933][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2929.892505][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2929.897005][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2929.902459][ C1] ip_local_deliver+0x62a/0x7c0 [ 2929.907302][ C1] ip_rcv+0x6cf/0x750 [ 2929.911327][ C1] process_backlog+0xf0b/0x1410 [ 2929.916174][ C1] net_rx_action+0x786/0x1aa0 [ 2929.920850][ C1] __do_softirq+0x311/0x83d [ 2929.925335][ C1] [ 2929.927658][ C1] Uninit was stored to memory at: [ 2929.932673][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2929.938377][ C1] __msan_chain_origin+0x50/0x90 [ 2929.943297][ C1] tcp_openreq_init_rwin+0xc22/0xc80 [ 2929.948563][ C1] tcp_conn_request+0x33d7/0x4d10 [ 2929.953567][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2929.958670][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2929.963676][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2929.969034][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2929.973607][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2929.978104][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2929.983540][ C1] ip_local_deliver+0x62a/0x7c0 [ 2929.988371][ C1] ip_rcv+0x6cf/0x750 [ 2929.992333][ C1] process_backlog+0xf0b/0x1410 [ 2929.997164][ C1] net_rx_action+0x786/0x1aa0 [ 2930.001822][ C1] __do_softirq+0x311/0x83d [ 2930.006304][ C1] [ 2930.008622][ C1] Uninit was stored to memory at: [ 2930.013626][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2930.019335][ C1] __msan_chain_origin+0x50/0x90 [ 2930.024263][ C1] tcp_conn_request+0x1781/0x4d10 [ 2930.029282][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2930.034388][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2930.039395][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2930.044755][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2930.049351][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2930.053832][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2930.059294][ C1] ip_local_deliver+0x62a/0x7c0 [ 2930.064124][ C1] ip_rcv+0x6cf/0x750 [ 2930.068098][ C1] process_backlog+0xf0b/0x1410 [ 2930.072942][ C1] net_rx_action+0x786/0x1aa0 [ 2930.077605][ C1] __do_softirq+0x311/0x83d [ 2930.082099][ C1] [ 2930.084406][ C1] Uninit was stored to memory at: [ 2930.089411][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2930.095118][ C1] __msan_chain_origin+0x50/0x90 [ 2930.100047][ C1] tcp_openreq_init_rwin+0xc22/0xc80 [ 2930.105320][ C1] tcp_conn_request+0x33d7/0x4d10 [ 2930.110348][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2930.115457][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2930.120558][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2930.125920][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2930.130781][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2930.135704][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2930.141142][ C1] ip_local_deliver+0x62a/0x7c0 [ 2930.145983][ C1] ip_rcv+0x6cf/0x750 [ 2930.149959][ C1] process_backlog+0xf0b/0x1410 [ 2930.154802][ C1] net_rx_action+0x786/0x1aa0 [ 2930.159494][ C1] __do_softirq+0x311/0x83d [ 2930.163971][ C1] [ 2930.166282][ C1] Uninit was stored to memory at: [ 2930.171313][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2930.177031][ C1] __msan_chain_origin+0x50/0x90 [ 2930.182008][ C1] tcp_conn_request+0x1781/0x4d10 [ 2930.187041][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2930.192148][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2930.197166][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2930.202547][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2930.207146][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2930.211654][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2930.217166][ C1] ip_local_deliver+0x62a/0x7c0 [ 2930.222017][ C1] ip_rcv+0x6cf/0x750 [ 2930.226008][ C1] process_backlog+0xf0b/0x1410 [ 2930.230855][ C1] net_rx_action+0x786/0x1aa0 [ 2930.235613][ C1] __do_softirq+0x311/0x83d [ 2930.240119][ C1] [ 2930.242427][ C1] Uninit was stored to memory at: [ 2930.247444][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2930.253157][ C1] __msan_chain_origin+0x50/0x90 [ 2930.258085][ C1] tcp_openreq_init_rwin+0xc22/0xc80 [ 2930.263360][ C1] tcp_conn_request+0x33d7/0x4d10 [ 2930.268376][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2930.273478][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2930.278829][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2930.283398][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2930.287892][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2930.293331][ C1] ip_local_deliver+0x62a/0x7c0 [ 2930.298162][ C1] ip_sublist_rcv+0x11fa/0x13c0 [ 2930.302992][ C1] ip_list_rcv+0x8eb/0x950 [ 2930.307402][ C1] __netif_receive_skb_list_core+0x1311/0x1380 [ 2930.313546][ C1] netif_receive_skb_list_internal+0xf62/0x1620 [ 2930.319767][ C1] napi_complete_done+0x2ef/0xb60 [ 2930.324784][ C1] virtqueue_napi_complete+0xb9/0x1f0 [ 2930.330164][ C1] virtnet_poll+0x1468/0x19f0 [ 2930.334839][ C1] net_rx_action+0x786/0x1aa0 [ 2930.339518][ C1] __do_softirq+0x311/0x83d [ 2930.344216][ C1] [ 2930.346536][ C1] Uninit was stored to memory at: [ 2930.351565][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2930.357335][ C1] __msan_chain_origin+0x50/0x90 [ 2930.362257][ C1] tcp_conn_request+0x1781/0x4d10 [ 2930.367280][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2930.372391][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2930.377749][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2930.382324][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2930.386825][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2930.392372][ C1] ip_local_deliver+0x62a/0x7c0 [ 2930.397209][ C1] ip_sublist_rcv+0x11fa/0x13c0 [ 2930.402039][ C1] ip_list_rcv+0x8eb/0x950 [ 2930.406452][ C1] __netif_receive_skb_list_core+0x1311/0x1380 [ 2930.412600][ C1] netif_receive_skb_list_internal+0xf62/0x1620 [ 2930.418826][ C1] napi_complete_done+0x2ef/0xb60 [ 2930.423832][ C1] virtqueue_napi_complete+0xb9/0x1f0 [ 2930.429184][ C1] virtnet_poll+0x1468/0x19f0 [ 2930.433845][ C1] net_rx_action+0x786/0x1aa0 [ 2930.438502][ C1] __do_softirq+0x311/0x83d [ 2930.443020][ C1] [ 2930.445334][ C1] Uninit was created at: [ 2930.449579][ C1] kmsan_save_stack_with_flags+0x3c/0x90 [ 2930.455205][ C1] kmsan_alloc_page+0x12a/0x310 [ 2930.460136][ C1] __alloc_pages_nodemask+0x5712/0x5e80 [ 2930.465670][ C1] alloc_pages_current+0x67d/0x990 [ 2930.470788][ C1] alloc_slab_page+0x111/0x12f0 [ 2930.475626][ C1] new_slab+0x2bc/0x1130 [ 2930.479861][ C1] ___slab_alloc+0x1533/0x1f30 [ 2930.484610][ C1] kmem_cache_alloc+0xb23/0xd70 [ 2930.489452][ C1] inet_reqsk_alloc+0xac/0x830 [ 2930.494211][ C1] tcp_conn_request+0x753/0x4d10 [ 2930.499146][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2930.504255][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2930.509627][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2930.514325][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2930.518819][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2930.524726][ C1] ip_local_deliver+0x62a/0x7c0 [ 2930.530833][ C1] ip_sublist_rcv+0x11fa/0x13c0 [ 2930.535667][ C1] ip_list_rcv+0x8eb/0x950 [ 2930.540067][ C1] __netif_receive_skb_list_core+0x1311/0x1380 [ 2930.546222][ C1] netif_receive_skb_list_internal+0xf62/0x1620 [ 2930.552513][ C1] napi_complete_done+0x2ef/0xb60 [ 2930.557528][ C1] virtqueue_napi_complete+0xb9/0x1f0 [ 2930.562924][ C1] virtnet_poll+0x1468/0x19f0 [ 2930.567592][ C1] net_rx_action+0x786/0x1aa0 [ 2930.572711][ C1] __do_softirq+0x311/0x83d 00:46:07 executing program 3: socket$alg(0x26, 0x5, 0x0) pivot_root(0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000140)={0x26, 'hash\x00', 0x0, 0x0, 'crct10dif\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f0000003340)=[{{0x0, 0x4000000000000, 0x0}}], 0x600, 0x0, 0x0) 00:46:07 executing program 4: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000040)='rpc_pipefs\x00', 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) lseek(r0, 0x400000000003, 0x1) 00:46:07 executing program 0: r0 = socket$inet(0x2, 0x3, 0x9) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x6}, 0x40) getsockopt$inet_mreqsrc(r0, 0x0, 0x53, &(0x7f0000000000)={@dev, @local, @broadcast}, &(0x7f0000000040)=0x28) 00:46:07 executing program 1: r0 = open(&(0x7f0000000000)='./bus\x00', 0x1fe, 0x0) write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[@ANYRESHEX], 0x12) r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x2007fff) sendfile(r0, r0, &(0x7f00000001c0)=0x1, 0x8080fffffffe) r2 = socket(0x2, 0x803, 0xff) connect$inet(r2, &(0x7f0000000080)={0x2, 0x0, @empty}, 0x10) r3 = dup(r2) r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x8000fffffffe) creat(&(0x7f0000000100)='./bus\x00', 0x0) getsockopt$bt_BT_DEFER_SETUP(0xffffffffffffffff, 0x112, 0x7, 0x0, &(0x7f0000000040)) 00:46:07 executing program 2: r0 = open(&(0x7f0000000000)='./bus\x00', 0x1fe, 0x0) write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[@ANYRESHEX], 0x12) r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x2007fff) sendfile(r0, r0, &(0x7f00000001c0)=0x1, 0x8080fffffffe) r2 = socket(0x2, 0x803, 0xff) connect$inet(r2, &(0x7f0000000080)={0x2, 0x0, @empty}, 0x10) r3 = dup(r2) r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x8000fffffffe) creat(&(0x7f0000000100)='./bus\x00', 0x0) getsockopt$bt_BT_DEFER_SETUP(0xffffffffffffffff, 0x112, 0x7, 0x0, &(0x7f0000000040)) 00:46:07 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0xffffff1f, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip={{0x9, 0x1, 'ipip\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x11, @multicast1}]}}}]}, 0x3c}}, 0x0) [ 2933.777999][ T32] audit: type=1804 audit(1583541967.839:499): pid=11536 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir220426166/syzkaller.meuucw/1616/bus" dev="sda1" ino=16787 res=1 [ 2933.969992][ T32] audit: type=1804 audit(1583541967.929:500): pid=11548 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir220426166/syzkaller.meuucw/1616/bus" dev="sda1" ino=16787 res=1 00:46:08 executing program 1: r0 = open(&(0x7f0000000000)='./bus\x00', 0x1fe, 0x0) write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[@ANYRESHEX], 0x12) r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x2007fff) sendfile(r0, r0, &(0x7f00000001c0)=0x1, 0x8080fffffffe) r2 = socket(0x2, 0x803, 0xff) connect$inet(r2, &(0x7f0000000080)={0x2, 0x0, @empty}, 0x10) r3 = dup(r2) r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x8000fffffffe) creat(&(0x7f0000000100)='./bus\x00', 0x0) getsockopt$bt_BT_DEFER_SETUP(0xffffffffffffffff, 0x112, 0x7, 0x0, &(0x7f0000000040)) 00:46:08 executing program 2: r0 = open(&(0x7f0000000000)='./bus\x00', 0x1fe, 0x0) write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[@ANYRESHEX], 0x12) r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x2007fff) sendfile(r0, r0, &(0x7f00000001c0)=0x1, 0x8080fffffffe) r2 = socket(0x2, 0x803, 0xff) connect$inet(r2, &(0x7f0000000080)={0x2, 0x0, @empty}, 0x10) r3 = dup(r2) r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x8000fffffffe) creat(&(0x7f0000000100)='./bus\x00', 0x0) getsockopt$bt_BT_DEFER_SETUP(0xffffffffffffffff, 0x112, 0x7, 0x0, &(0x7f0000000040)) 00:46:08 executing program 4: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000040)='rpc_pipefs\x00', 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) lseek(r0, 0x400000000003, 0x1) 00:46:08 executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xa, 0x83, 0x4, 0x3, 0x0, 0x1}, 0x40) bpf$MAP_UPDATE_BATCH(0x1b, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0xe, r0}, 0x38) [ 2934.552724][ T32] audit: type=1804 audit(1583541968.609:501): pid=11883 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir220426166/syzkaller.meuucw/1617/bus" dev="sda1" ino=16753 res=1 00:46:08 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f0000000840)='/dev/bus/usb/00#/00#\x00', 0x40000000909, 0x1) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x8008551d, 0x0) [ 2934.674456][ T32] audit: type=1804 audit(1583541968.689:502): pid=11884 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir220426166/syzkaller.meuucw/1617/bus" dev="sda1" ino=16753 res=1 00:46:08 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video35\x00', 0x2, 0x0) ioctl$VIDIOC_STREAMOFF(r0, 0x40045613, &(0x7f00000000c0)=0x1) [ 2935.304231][T12103] netlink: 'syz-executor.5': attribute type 17 has an invalid length. [ 2940.370844][ C1] not chained 770000 origins [ 2940.375512][ C1] CPU: 1 PID: 17642 Comm: kworker/u4:3 Not tainted 5.6.0-rc2-syzkaller #0 [ 2940.384099][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2940.394308][ C1] Workqueue: krdsd rds_connect_worker [ 2940.399677][ C1] Call Trace: [ 2940.402951][ C1] [ 2940.405796][ C1] dump_stack+0x1c9/0x220 [ 2940.410160][ C1] kmsan_internal_chain_origin+0x6f/0x130 [ 2940.415887][ C1] ? should_fail+0x72/0x9e0 [ 2940.420378][ C1] ? ret_from_fork+0x35/0x40 [ 2940.425017][ C1] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 2940.431304][ C1] ? arch_stack_walk+0x34c/0x3e0 [ 2940.436239][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2940.441436][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2940.446627][ C1] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2940.452423][ C1] ? kmsan_get_metadata+0x4f/0x180 [ 2940.457522][ C1] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2940.463314][ C1] ? __msan_metadata_ptr_for_store_2+0x13/0x20 [ 2940.469464][ C1] ? tcp_parse_options+0x1ada/0x1b90 [ 2940.474807][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2940.480226][ C1] __msan_chain_origin+0x50/0x90 [ 2940.485174][ C1] tcp_conn_request+0x1781/0x4d10 [ 2940.490235][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2940.495547][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2940.500757][ C1] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2940.506563][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2940.511756][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2940.516875][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2940.522004][ C1] ? inet6_sk_rx_dst_set+0x3d0/0x3d0 [ 2940.527286][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2940.532744][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2940.537928][ C1] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2940.543726][ C1] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 2940.549793][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2940.554986][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2940.559569][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2940.564085][ C1] ? tcp_filter+0xf0/0xf0 [ 2940.568429][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2940.573909][ C1] ip_local_deliver+0x62a/0x7c0 [ 2940.578852][ C1] ? ip_local_deliver+0x7c0/0x7c0 [ 2940.583859][ C1] ? ip_protocol_deliver_rcu+0xbc0/0xbc0 [ 2940.589487][ C1] ip_rcv+0x6cf/0x750 [ 2940.593464][ C1] ? ip_rcv_core+0x1270/0x1270 [ 2940.599505][ C1] ? ip_local_deliver_finish+0x350/0x350 [ 2940.605284][ C1] process_backlog+0xf0b/0x1410 [ 2940.610129][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2940.615319][ C1] ? ip_local_deliver_finish+0x350/0x350 [ 2940.620966][ C1] ? rps_trigger_softirq+0x2e0/0x2e0 [ 2940.626250][ C1] net_rx_action+0x786/0x1aa0 [ 2940.630934][ C1] ? net_tx_action+0xc30/0xc30 [ 2940.635685][ C1] __do_softirq+0x311/0x83d [ 2940.640196][ C1] do_softirq_own_stack+0x49/0x80 [ 2940.645199][ C1] [ 2940.648125][ C1] __local_bh_enable_ip+0x184/0x1d0 [ 2940.653310][ C1] local_bh_enable+0x36/0x40 [ 2940.657885][ C1] ip_finish_output2+0x2115/0x2610 [ 2940.663100][ C1] ? ctnetlink_net_exit_batch+0x180/0x180 [ 2940.668836][ C1] ? nf_ct_deliver_cached_events+0x403/0x6c0 [ 2940.674890][ C1] __ip_finish_output+0xaa7/0xd80 [ 2940.680030][ C1] ip_finish_output+0x166/0x410 [ 2940.684904][ C1] ip_output+0x593/0x680 [ 2940.689149][ C1] ? ip_mc_finish_output+0x6c0/0x6c0 [ 2940.694419][ C1] ? ip_finish_output+0x410/0x410 [ 2940.699435][ C1] __ip_queue_xmit+0x1b5c/0x21a0 [ 2940.704372][ C1] ? kmsan_set_origin_checked+0x95/0xf0 [ 2940.709923][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2940.715128][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2940.720311][ C1] ip_queue_xmit+0xcc/0xf0 [ 2940.724717][ C1] ? tcp_v4_fill_cb+0x580/0x580 [ 2940.729551][ C1] __tcp_transmit_skb+0x439c/0x6090 [ 2940.734736][ C1] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2940.740643][ C1] tcp_connect+0x4337/0x6920 [ 2940.745218][ C1] ? __msan_poison_alloca+0xf0/0x120 [ 2940.750487][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2940.755709][ C1] tcp_v4_connect+0x21fd/0x2370 [ 2940.760577][ C1] ? tcp_twsk_unique+0xba0/0xba0 [ 2940.765503][ C1] __inet_stream_connect+0x2fb/0x1340 [ 2940.770861][ C1] ? __local_bh_enable_ip+0x97/0x1d0 [ 2940.776149][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2940.781344][ C1] inet_stream_connect+0x101/0x180 [ 2940.786445][ C1] ? __inet_stream_connect+0x1340/0x1340 [ 2940.792070][ C1] rds_tcp_conn_path_connect+0x8a7/0xb80 [ 2940.797702][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 2940.802887][ C1] ? rds_tcp_state_change+0x390/0x390 [ 2940.808259][ C1] rds_connect_worker+0x2a6/0x470 [ 2940.813284][ C1] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 2940.819341][ C1] ? rds_addr_cmp+0x200/0x200 [ 2940.824006][ C1] process_one_work+0x1555/0x1f40 [ 2940.829032][ C1] worker_thread+0xef6/0x2450 [ 2940.833735][ C1] kthread+0x4b5/0x4f0 [ 2940.837787][ C1] ? process_one_work+0x1f40/0x1f40 [ 2940.842974][ C1] ? kthread_blkcg+0xf0/0xf0 [ 2940.847569][ C1] ret_from_fork+0x35/0x40 [ 2940.851989][ C1] Uninit was stored to memory at: [ 2940.856998][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2940.862718][ C1] __msan_chain_origin+0x50/0x90 [ 2940.867636][ C1] tcp_conn_request+0x1781/0x4d10 [ 2940.872649][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2940.877756][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2940.882774][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2940.888128][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2940.892698][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2940.897197][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2940.902657][ C1] ip_local_deliver+0x62a/0x7c0 [ 2940.907497][ C1] ip_rcv+0x6cf/0x750 [ 2940.911485][ C1] process_backlog+0xf0b/0x1410 [ 2940.916338][ C1] net_rx_action+0x786/0x1aa0 [ 2940.921096][ C1] __do_softirq+0x311/0x83d [ 2940.925632][ C1] [ 2940.927944][ C1] Uninit was stored to memory at: [ 2940.933080][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2940.938838][ C1] __msan_chain_origin+0x50/0x90 [ 2940.943887][ C1] tcp_openreq_init_rwin+0xc22/0xc80 [ 2940.949169][ C1] tcp_conn_request+0x33d7/0x4d10 [ 2940.954191][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2940.959306][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2940.964315][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2940.969686][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2940.974433][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2940.978919][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2940.984365][ C1] ip_local_deliver+0x62a/0x7c0 [ 2940.989205][ C1] ip_rcv+0x6cf/0x750 [ 2940.993219][ C1] process_backlog+0xf0b/0x1410 [ 2940.998065][ C1] net_rx_action+0x786/0x1aa0 [ 2941.002736][ C1] __do_softirq+0x311/0x83d [ 2941.007376][ C1] [ 2941.009687][ C1] Uninit was stored to memory at: [ 2941.014774][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2941.020486][ C1] __msan_chain_origin+0x50/0x90 [ 2941.025413][ C1] tcp_conn_request+0x1781/0x4d10 [ 2941.030422][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2941.035526][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2941.040538][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2941.046024][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2941.050616][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2941.055110][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2941.060567][ C1] ip_local_deliver+0x62a/0x7c0 [ 2941.065569][ C1] ip_rcv+0x6cf/0x750 [ 2941.069538][ C1] process_backlog+0xf0b/0x1410 [ 2941.074380][ C1] net_rx_action+0x786/0x1aa0 [ 2941.079049][ C1] __do_softirq+0x311/0x83d [ 2941.083548][ C1] [ 2941.085861][ C1] Uninit was stored to memory at: [ 2941.090874][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2941.096580][ C1] __msan_chain_origin+0x50/0x90 [ 2941.101514][ C1] tcp_openreq_init_rwin+0xc22/0xc80 [ 2941.106946][ C1] tcp_conn_request+0x33d7/0x4d10 [ 2941.112090][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2941.117189][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2941.122207][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2941.127570][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2941.132210][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2941.136715][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2941.142261][ C1] ip_local_deliver+0x62a/0x7c0 [ 2941.147106][ C1] ip_rcv+0x6cf/0x750 [ 2941.151093][ C1] process_backlog+0xf0b/0x1410 [ 2941.155941][ C1] net_rx_action+0x786/0x1aa0 [ 2941.160616][ C1] __do_softirq+0x311/0x83d [ 2941.165163][ C1] [ 2941.167491][ C1] Uninit was stored to memory at: [ 2941.172505][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2941.178270][ C1] __msan_chain_origin+0x50/0x90 [ 2941.183207][ C1] tcp_conn_request+0x1781/0x4d10 [ 2941.188287][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2941.193424][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2941.198467][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2941.203835][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2941.208411][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2941.212917][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2941.218431][ C1] ip_local_deliver+0x62a/0x7c0 [ 2941.223289][ C1] ip_rcv+0x6cf/0x750 [ 2941.227272][ C1] process_backlog+0xf0b/0x1410 [ 2941.232116][ C1] net_rx_action+0x786/0x1aa0 [ 2941.236779][ C1] __do_softirq+0x311/0x83d [ 2941.241368][ C1] [ 2941.243695][ C1] Uninit was stored to memory at: [ 2941.248719][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2941.254423][ C1] __msan_chain_origin+0x50/0x90 [ 2941.259356][ C1] tcp_openreq_init_rwin+0xc22/0xc80 [ 2941.264624][ C1] tcp_conn_request+0x33d7/0x4d10 [ 2941.269691][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2941.275011][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2941.280030][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2941.285394][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2941.289968][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2941.294471][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2941.299936][ C1] ip_local_deliver+0x62a/0x7c0 [ 2941.304780][ C1] ip_rcv+0x6cf/0x750 [ 2941.308806][ C1] process_backlog+0xf0b/0x1410 [ 2941.313644][ C1] net_rx_action+0x786/0x1aa0 [ 2941.318314][ C1] __do_softirq+0x311/0x83d 00:46:15 executing program 3: r0 = socket$inet6(0xa, 0x5, 0x0) shutdown(r0, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e23, 0x0, @ipv4={[], [], @empty}}, 0x1c) listen(r0, 0x100000000000012) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000001c0)={0x0, 0x10, &(0x7f0000000140)=[@in={0x2, 0x4e23, @remote}]}, &(0x7f0000000180)=0x10) 00:46:15 executing program 4: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000040)='rpc_pipefs\x00', 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) lseek(r0, 0x400000000003, 0x1) 00:46:15 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000000)='IPVS\x00') sendmsg$IPVS_CMD_GET_DEST(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x44, r1, 0xf01, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0x30, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PROTOCOL={0x6}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@dev}, @IPVS_SVC_ATTR_PORT={0x6}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}]}]}, 0x44}}, 0x0) 00:46:15 executing program 2: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @empty}}) write$tun(r0, &(0x7f0000001980)={@void, @val={0x0, 0x0, 0x10}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "a5c268", 0xf98, 0x2f, 0x0, @dev, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x0, 0x19, "e5fb000005005357cd99e33bca98e246dc9027eb3334ea443e7fdc4049b892d54090878bee496aa11e07fb0f1db1a0ebe2f95347b0317613063381165c01f08fea1048ea59a6f2273e02707fdd7defc02bde3192360593169594710bddd04aead6c89c87778555de42d23236534ba1a799a63eb4532003a703b249e4628e4706bccc7a264ee85014d99a7fd4565d3c416c835a741eb4e97140e834013724d23450072f0087ac65295ca0d7c601c30de0161560e2d20c5b1052e9b208e25470e9fa884ecd2082ec38b3cb19c083"}, {0x0, 0x1b, "14a142ef59c04e8e7b4db5309006bd98ec79847a52ed68124e8a24d3079fc53b81c039a7d59f992dcb481043f510a0ce1ebb98c07a624ff8c8cc0b4fd3b8e700196d1f5696e184393de669ffaebfbd494a9d6a5fedac0738ffc3dcb3c1b96e48fd063786ae5701f6aa5022621e665607848e20f162630df96d0a773993e97ae6b847e51883d73d66bb30b4375229cfd0c9c41f511bfbf2bca94caa7ce76be257173a4eae2b484117ac32acf6ea1a32def26c919c93055c2f9a640b2d847d527357902538828abd66b3d1a9b85034066154f0b2ec054f6a8712ec98e5"}, {0x0, 0x1f, "8cf0833ae2772f05d302c778833be4f2b9c43c83284b82e71ca1ee382af46513079a2f52da08c93afdfc1a18e4b677b307a1c7df90787cbd143b129bc8dbc39104eb21674d26fd4ced8626df256869e168d42f4d160ad1442cae2bd8fda0fc44a08759d245bfe8eba42ec7967c1e953256a057369159333bca73b498a882fb5e840d429804169a6446c1d1b013144ae0ee276a463ef69ea4c4636751083041811c9b549256c6a3a71e451f8fd4de25629b3de61cba78315412fa14e350bb03feaf63909bd7320561df80bc77f36d4561a5efcc324450355ed398d9e46e798e23e2a4a2c787728b9c549a1894c53dcdfe834c7785fb3c4331"}, {0x0, 0x3, "6598975984c98199c07565e33783bc472344c2fc4e6a32"}, {0x0, 0x199, "631c74c9d1ae5f26763e689d7358d52b9d78e1af1392b0a090488b19cbc96370f62d48c23e1427c05acd9c3b3f073a763d782618ff1eec26b515a9b327cbc17f30d83b25eb0642880dfa19be7390bfd822af60a6c50ca6e86b5a7a713194fb7fd8d6fbabab53a0be384d6197ec95d58387c3c60474093fafe7b973081f27ecda4197fda48a1f93aef6f2fe0790ee4c44b9311e6a55f85e9a53c1b9d12d9b586d5e9c0f98d3d6f5e215a0392bc0f0747ce75347ce29eea158c0f1ff30ecf208af154508b0c1f57d03d6e884937b7d84b3170624b4ebb76df8681493b4ff2f5cb6ab9fc4745569c2105f1eef9e9e3b7f10aa79b3746d194b78719295ce4ca9a520a08a67241d6770b93eb3a0b12e0ae16886e6a6312f858009dfc6736efec7498718a3c84b37267e49860fcf486442c2f06179672b3a6d1afac32246207723f9f43a7afc4e63820609c8a44dd4a88cdec819602a152eb4403f842712fd75ea44c779e98ff01f41caba247ef6434df425ff6bf93d49d1a8a08e455f2d86ff55773d57b611dd0e464d6b5e139271a91c6c8c629b694364730a38ddbe897a252620a2e41167afc48833290e0859615328f9dd7ba13514af6e3b3ca4e6514d400ad062a3519a85c4c79265bc284308602e73254a6ad85e76649c9b48f6785971a0e01ff0fe22de2c1c0b7ff27cf7e46f022d0b1a3c3a9ba65bcba1901c95e20ce39c24ff76acf7c4a3771e114a760448dbcd88c54351ee97a903c554564866eefb0964b5fe6ba26e73b64273c3f5d8079620cd509a3d88c19d09b5cc4256f38d263e105a94cfd44305e8c2755f90fd580628f0550268c95a1193362c265e0025ebdb42e58e2afcc38edbb77eedc486564a16e2405a99a382cfe15b03b097c10cb1651c2cb4bc7c5df969fb5ce19a6c8d3accb5b67dcf11fcfb6c028107c6b93c6a9b9c659dc05549a6fb1732f67cfc0ae5fe425245b72dbb6a719f83887a8af64ea8d1b3764ce0684f2d748a057d3ee3158d58266a560f8e04777a1f303163304d08b5bd470f627e0a13928e46fd0847bde599510e6978d68bb75f40ac4e247fc8708ca82ad40e729c3de042c94756d3816083784644d5e666fb3810117a62f7508ae3cdcdf312e314acd9add8e9c3e473ae206bd9b25659db6c1f570777f408644dcc6d150e92f284ad68d4bbe1f52e0c36e88a0d083dee8f7d59540b2ddda7fd27c97abc268630cbcad1e9cdd88c0a075462288bbf59824497ba7df15bc34d9fd22f8508a6d1c90118676ad3f9fc03cea1c69594dff6e978f42d1da2011290872e062fb2cc3293030534a6cedb6f461b33b5fd90b2ee0a8ae6803f45f4f2e74fac772ce235d66e8625951d7acbc87f1c4e13cbf0c01e8909de72d3b78b7d945b53e50f38486556dc6fd58db1a1da7f9cda6b50278a73d58842f15117c0232e6860caaab9be2d010ab4c5689a0ea14d78a5ec2dde3e837cadd8e1c794168860a4e303d513cc099d79cbb7605419db906a76d44ea62c6a767fb0f5cf25325a63c4939e1e8eb8df73645b5e9c4eebe6f736706708a8b0b5eebe263d846a9dedd9cb30365f3605cde065ae8fa4cb1075b87485ec0ccbabbe3033901e273234c688136c0960932e2ecd38870b7e72ca635a6e6d23cac391686fd2b7e5aac1c6862242dffc5a656922fbd23a6a8cae9f5a19b8778409987b26442739325b05ce005b215d1843278d767de541646d03cb4a3cfe32ecd2c686b8a550e12945b53bd87ae4387bc7876d1d17f3043a536e2319b760100963de494461c3dff0dc546ade451a393f08107cd419d1a075e7ce14cb082dabb30f61e67a9772aa384ee22505f0f54a58637abea7d3aa2263e744d2f99deefc0a6e2c225b0e14f3eae792b74a289920331b5d08aa748a123e3ccd2e7918495de5ad88068f6a2bc49c0bea736aaf68c21991ddb622522c9e6907ccc0716f394fa97da40beb33db9dbea01e2d07c6425853baffdd8ed2dc0d3ef710f518393634d7e312ea87093957de12f667d2c7a73ada38d95583ec1c3b8ba18bb6f592592a690a63a257b2792c8e75b98b46584069f240301facf10ef823003392d908af8386a403810fbb14a0bf56c9c718ea0e2eb8f478974fb9beb74bfc3fb13fa71babce0fa67e57950c2022dc5580b4a0e66740bc2f11dd4866f786bfb8c4b0fa78cf36d0baff865e0051dfbadcc0fc1bb4a4d89544375500bd08c8b219aba4213e081549239847b1b11cf51a72c26654f0d40b42b69178377ee9819b896c36e70304705aa6d1de33b77b6456fdf05de27813089e6bb5089a1ff02c361a8cc0e35454eff7d06033d02b0e66fd1d542115523c25bc49aea964ff93fe12bafabe723c16a6f9e669540e83d2dd64296b59dccdd553659bf15eec6598f32dfddd5f08380f4382e88e4441135abff53f7990c0c38f8a9f103082bd6009d059852f44bbdd2d8fbeebee4fe0822d205534fa1bec74b8e41ad2314f4742201f32202c21875731f87b86e1062270a3620dc3c5d4818618063379c97a29cf76acd17caf996d186a70d8385655048299538c8eb91fd25891125e5d317d6ca064bee38526fdfb4da1769e1bfddda5e1e64e7eeef125895ab9cf9db641b03ab5ec70633e8b79c665fa37e98cfbf23b176fc6d60668b25020420c81d77bebb0d32c63326bc9f88a8d2c226a85e54d7a44583e0f5b1f7cb52dacb769b57834ddf38ef5abd017f20f115daa51dea5bcbd58ea7a90ca042357927032040291dedf20c20eab92a384a23ab282db6c2a5c89b001a4dea0688cc7ca51a120390be070e07c618cb6b0e8c9106c0d2eabfb645e5b1fa9ef878df5861431e78e9c7ac12ceec025304a4d3351204c9bf7045a3b889f20321599f3f4c9c23169d1d10ace235dfb44edc3b9582dacef2269d5d07bf4555eec665dc307daef0aaaa0f7e44764fda59a861e67c1ce55de3515df6cec910c5fbb87aa9e100c290696ef366bb69b5d2de38d2f2d99413428c9761b0dd6bc5bd8c9c5e4f22c5f2ea5b666fa694359339d2e7e9ab6622b205713c7815edaeb01b2e63ff267e4ad2f66c267a2dae50a830d0b58bb0041bbbe43f6da01fd29e6fae8a8676d366ce2e31d9f61e257dd3ba7da8504fd00eb265c02cbd9d5e1c4955b85190c9bf085fdb54350ee9074c57c7add37bf6a614be01bba4871816ddc0c7e47797ee0d7c53b06352957dd546063f1593263e945ff319dba2bcef8f18844fecb244e9ca42a012774b137e86346a021934d30f2f8fb2cd906b45260154ce17d1cf1836654791bbd378f329a588ddcfd26b87296a17fe5077ec9968f47c4ca921dface81395435873af808472eb42eb12b92dbb4cc26683e21811cd13d8d273fbf3aa75204af1f593a5b423f9537a63308a945757d5f44c99e7eeebc506ec5f28729bd38b988babc33b570f8feca7a50c0966c66f063324fa504de647f7fc7f1d18bf94ae0899b758ee0ad1bb238dfd26a4ce6f3e7fdd1dd1b062b5cd493f4aa6eb08c6cb0510c696983a254c09197c1bfb784d5947a1329d7add6d3ddef0ad4b9ec93dee717788dd223feeab64acf9a73f24996d2e7d698b18607fc9a12b94d6ceafc680d9d91a1cfbf2d5fd6d0a9070d77b7f2204665b3a94f1e6245ecf7a1c671ee987fc0c67e7a26ed5e41862c5ddfa9a8344e1d8a88ca653a2efeb6e8fba6153fff8b279317ef0d65115073b38ab74d451cb58b75812231fd6282b7544fe4412ccea896e899a8f352269f60eb2383acfe60ab315c0f7ca43112bb898c051f6f07097d584e4f743f75d304b46b6b8c0e4825f987de99f24995dde490d7da0b47400a77fc8c39e5953b491a1bddf5d55fbb27e322bdc33e04fcbaf26f93b79c3030d920472b7694810195a02dc792d9ed4b43cedb72647c3005002eab924aa8ffaaecba42aa79eb3f4fb0b9e87317df11a79320a2d5bc83ad25fb139d45b843db5f8002b5cbf33812685fd9d5b994d370e8fd5333fa936ca9940f236b2c2e201912a7781dfca80497df9327c167d4d985db50e45fdb81c6eca85a3a4d0574d75e897ff98a23bfb122438f8f62a8422e0aff85febdc54e42bd05569a95717faf06eaea46b6b3e9335a1a60a922d8e79c153324cad570ee4efa53687280de0814071352d9c6ee939eaf3e89a09887b3bd9105a888635fcd190bcebc98ce4688665b8f827a2f0f1992fa90c4921342026de6fb0d31df3aaeba026678d7425a9c2f7cb2bfd7037cf81f814492f299a29b61e2a6ae386510caf4823e520365204ebc962504cb8997a51aed2903cba9fb52e015659a4fed914f7ecaa3cf3080da45a3d95c881dbb17639c31c9d833f270af042acf467dd492e6fa636e3df3ce7f28455fdd984e609c63170ffd55a0bb2debe6a4efa7228b47d455da6bbd83319620c16c63c2675dedaea409785fa50ae7786621f45b67d022d546b91edda149af142d2a720c238f5e940d701cdb27439c7ff666f80b31ab695d3852bc5f4da0c39e588badb3e49153ea153b5894ee9fdebdb1bc3b6270644fb9f9d9dd3c4089932ec8fd9090d01c7a4eda7e1c1f304b59fed6ab77440eefb0324a8f5d127be662264399b5a4a41979e2a10d2905d9c265dd"}]}}}}}, 0xfca) 00:46:15 executing program 1: r0 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x10, 0x0, 0x0) 00:46:15 executing program 5: r0 = socket$rxrpc(0x21, 0x2, 0xa) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000180)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @remote}}, 0x80, 0x0}, 0x0) [ 2941.322877][ C1] [ 2941.325219][ C1] Uninit was stored to memory at: [ 2941.330246][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 2941.336085][ C1] __msan_chain_origin+0x50/0x90 [ 2941.341042][ C1] tcp_conn_request+0x1781/0x4d10 [ 2941.346078][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2941.351195][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 2941.356243][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2941.361625][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2941.369454][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2941.373973][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2941.379444][ C1] ip_local_deliver+0x62a/0x7c0 [ 2941.384303][ C1] ip_rcv+0x6cf/0x750 [ 2941.388289][ C1] process_backlog+0xf0b/0x1410 [ 2941.393132][ C1] net_rx_action+0x786/0x1aa0 [ 2941.397928][ C1] __do_softirq+0x311/0x83d [ 2941.402424][ C1] [ 2941.404755][ C1] Uninit was created at: [ 2941.409004][ C1] kmsan_save_stack_with_flags+0x3c/0x90 [ 2941.414648][ C1] kmsan_alloc_page+0x12a/0x310 [ 2941.419490][ C1] __alloc_pages_nodemask+0x5712/0x5e80 [ 2941.425038][ C1] alloc_pages_current+0x67d/0x990 [ 2941.430156][ C1] alloc_slab_page+0x111/0x12f0 [ 2941.435134][ C1] new_slab+0x2bc/0x1130 [ 2941.439379][ C1] ___slab_alloc+0x1533/0x1f30 [ 2941.444151][ C1] kmem_cache_alloc+0xb23/0xd70 [ 2941.449112][ C1] inet_reqsk_alloc+0xac/0x830 [ 2941.453901][ C1] tcp_conn_request+0x753/0x4d10 [ 2941.458837][ C1] tcp_v4_conn_request+0x19b/0x240 [ 2941.463960][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 2941.469323][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 2941.473903][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 2941.478397][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2941.483853][ C1] ip_local_deliver+0x62a/0x7c0 [ 2941.488694][ C1] ip_sublist_rcv+0x11fa/0x13c0 [ 2941.493544][ C1] ip_list_rcv+0x8eb/0x950 [ 2941.497957][ C1] __netif_receive_skb_list_core+0x1311/0x1380 [ 2941.504102][ C1] netif_receive_skb_list_internal+0xf62/0x1620 [ 2941.510333][ C1] napi_complete_done+0x2ef/0xb60 [ 2941.515787][ C1] virtqueue_napi_complete+0xb9/0x1f0 [ 2941.521148][ C1] virtnet_poll+0x1468/0x19f0 [ 2941.525818][ C1] net_rx_action+0x786/0x1aa0 [ 2941.533187][ C1] __do_softirq+0x311/0x83d 00:46:16 executing program 5: r0 = socket$rxrpc(0x21, 0x2, 0xa) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000180)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @remote}}, 0x80, 0x0}, 0x0) 00:46:16 executing program 1: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000100)={'syzkaller1\x00', 0xa732}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000000)={'syzkaller1\x00', {0x7, 0x0, @empty}}) write$tun(r0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00f7ff0000000000001ac4b1ab687fef8100"], 0x12) 00:46:16 executing program 4: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000040)='rpc_pipefs\x00', 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) lseek(r0, 0x400000000003, 0x1) 00:46:16 executing program 0: syz_emit_ethernet(0x46, &(0x7f0000000140)={@multicast, @link_local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr=0xfffffffd, @local}, @redirect={0x3, 0x0, 0x0, @multicast1, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x29, 0x0, @dev}, "260280c2fb43ddcb"}}}}}, 0x0) 00:46:17 executing program 4: syz_mount_image$hfsplus(&(0x7f0000000000)='hfsplus\x00', &(0x7f0000000140)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000008c0)={[{@umask={'umask', 0x3d, 0x500000000000000}}]}) 00:46:17 executing program 0: r0 = socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) r1 = socket$unix(0x1, 0x2, 0x0) connect$unix(r1, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) recvmmsg(r1, &(0x7f00000007c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) connect$unix(r1, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) [ 2943.436949][T12348] hfsplus: umask requires a value [ 2943.442065][T12348] hfsplus: unable to parse mount options [ 2943.564946][T12348] hfsplus: umask requires a value [ 2943.570057][T12348] hfsplus: unable to parse mount options 00:46:20 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x404e21, 0x0, @ipv4={[], [], @local}}, 0x1c) connect$bt_sco(0xffffffffffffffff, &(0x7f0000000040)={0x1f, @none}, 0x8) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000240)={0x0, @in6={{0x2, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x30d}, 0x9c) 00:46:20 executing program 4: syz_mount_image$ntfs(&(0x7f0000000000)='ntfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={[{@mft_zone_multiplier={'mft_zone_multiplier'}}, {@umask={'umask'}}, {@case_sensitive_no='case_sensitive=no'}, {@uid={'uid'}}, {@fmask={'fmask'}}, {@umask={'umask'}}, {@mft_zone_multiplier={'mft_zone_multiplier'}}, {@show_sys_files_no='show_sys_files=no'}]}) 00:46:20 executing program 2: r0 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) r2 = dup3(r0, r1, 0x0) bind$inet(r2, &(0x7f00000002c0)={0x2, 0x0, @broadcast}, 0x10) 00:46:20 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b70a000007000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a00000000000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) 00:46:20 executing program 5: r0 = socket$rxrpc(0x21, 0x2, 0xa) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000180)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @remote}}, 0x80, 0x0}, 0x0) 00:46:20 executing program 1: getpid() r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x36, &(0x7f0000000080)=@routing, 0x8) setsockopt$inet6_opts(r0, 0x29, 0x37, 0x0, 0x0) bind$inet6(0xffffffffffffffff, 0x0, 0x0) [ 2946.943996][T12566] ntfs: (device loop4): parse_options(): The show_sys_files option requires a boolean argument. 00:46:21 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f0000000100)='oom_adj\x00') r1 = dup(r0) r2 = syz_open_procfs(0x0, &(0x7f0000000300)='oom_score_adj\x00') writev(r2, &(0x7f0000000140)=[{&(0x7f0000000000)='+4', 0x2}], 0x1) sendfile(r1, r2, 0x0, 0x8000fffffffe) 00:46:21 executing program 0: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000040)={0xffffffffa0018000, 0x0, &(0x7f0000000000)={&(0x7f0000000500)={0x2, 0x2, 0x0, 0x9, 0xc, 0x0, 0x0, 0x0, [@sadb_x_sa2={0x2, 0x13, 0x2}, @sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1}}]}, 0x60}}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000040)={0xffffffffa0018000, 0x0, &(0x7f0000000000)={&(0x7f0000000500)={0x2, 0x2, 0x0, 0x9, 0xc, 0x0, 0x0, 0x0, [@sadb_x_sa2={0x2, 0x13, 0x2}, @sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1}}]}, 0x60}}, 0x0) [ 2947.142085][T12566] ntfs: (device loop4): parse_options(): The show_sys_files option requires a boolean argument. 00:46:21 executing program 2: r0 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) r2 = dup3(r0, r1, 0x0) bind$inet(r2, &(0x7f00000002c0)={0x2, 0x0, @broadcast}, 0x10) 00:46:21 executing program 4: r0 = socket$inet(0x2, 0x4000000805, 0x0) r1 = socket$inet_sctp(0x2, 0x5, 0x84) r2 = dup3(r0, r1, 0x0) setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f0000000000)=@sack_info={0x0, 0x0, 0x401}, 0xc) 00:46:21 executing program 1: r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000180)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f0000000080)={'syz'}, 0x0, 0x0, r0) request_key(&(0x7f0000000180)='keyring\x00', &(0x7f00000001c0)={'syz', 0x0}, 0x0, r1) 00:46:22 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x3}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x1}, 0x6d) 00:46:26 executing program 3: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x79, &(0x7f0000000080)={r1}, 0x8) 00:46:26 executing program 1: mknod$loop(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) mount(&(0x7f0000000040)=ANY=[@ANYBLOB='[]:'], &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='ceph\x00', 0x0, 0x0) 00:46:26 executing program 2: r0 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) r2 = dup3(r0, r1, 0x0) bind$inet(r2, &(0x7f00000002c0)={0x2, 0x0, @broadcast}, 0x10) 00:46:26 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000100)={0x1c, 0x7, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0) 00:46:26 executing program 4: connect$netrom(0xffffffffffffffff, &(0x7f0000000000)={{0x6, @rose}, [@rose, @rose, @default, @netrom, @bcast, @rose, @rose, @null]}, 0x48) r0 = socket$inet(0x2, 0x5, 0x0) r1 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0x18, &(0x7f0000000140)=@assoc_value={r2}, 0x8) 00:46:26 executing program 5: r0 = socket$rxrpc(0x21, 0x2, 0xa) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000180)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @remote}}, 0x80, 0x0}, 0x0) [ 2952.345907][T13024] libceph: Failed to parse monitor IPs: -22 00:46:26 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000100)={0x1c, 0x7, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0) 00:46:26 executing program 2: r0 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) r2 = dup3(r0, r1, 0x0) bind$inet(r2, &(0x7f00000002c0)={0x2, 0x0, @broadcast}, 0x10) 00:46:26 executing program 1: syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000003c0)='./file0\x00', 0x800, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174001004010a0200027400f8", 0x16}], 0x0, 0x0) 00:46:26 executing program 4: r0 = syz_open_dev$sndmidi(&(0x7f0000000500)='/dev/snd/midiC#D#\x00', 0x2, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_STATUS32(r0, 0x40045731, &(0x7f0000000540)) 00:46:26 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000100)={0x1c, 0x7, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0) [ 2952.837614][T13118] FAT-fs (loop1): unable to read boot sector (logical sector size = 4096) 00:46:27 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) getsockopt$inet6_tcp_int(r0, 0x6, 0x14, 0x0, &(0x7f0000000100)=0x28b7aa188bef7d8f) [ 2952.999458][T13118] FAT-fs (loop1): unable to read boot sector (logical sector size = 4096) [ 2953.864412][ C0] not chained 780000 origins [ 2953.869175][ C0] CPU: 0 PID: 5371 Comm: kworker/u4:4 Not tainted 5.6.0-rc2-syzkaller #0 [ 2953.878914][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2953.889000][ C0] Workqueue: krdsd rds_connect_worker [ 2953.894348][ C0] Call Trace: [ 2953.897755][ C0] [ 2953.900598][ C0] dump_stack+0x1c9/0x220 [ 2953.904940][ C0] kmsan_internal_chain_origin+0x6f/0x130 [ 2953.910665][ C0] ? should_fail+0x72/0x9e0 [ 2953.915204][ C0] ? ret_from_fork+0x35/0x40 [ 2953.919780][ C0] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 2953.925883][ C0] ? arch_stack_walk+0x34c/0x3e0 [ 2953.930803][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2953.935984][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2953.941183][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2953.946983][ C0] ? kmsan_get_metadata+0x4f/0x180 [ 2953.952073][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2953.957862][ C0] ? __msan_metadata_ptr_for_store_2+0x13/0x20 [ 2953.963996][ C0] ? tcp_parse_options+0x1ada/0x1b90 [ 2953.969275][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2953.974452][ C0] __msan_chain_origin+0x50/0x90 [ 2953.979372][ C0] tcp_conn_request+0x13ce/0x4d10 [ 2953.984384][ C0] ? rb_first+0x31/0x100 [ 2953.988616][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2953.993804][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2953.998997][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2954.004249][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2954.010163][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2954.015376][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2954.020491][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2954.025506][ C0] ? inet6_sk_rx_dst_set+0x3d0/0x3d0 [ 2954.030779][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2954.036141][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2954.041416][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2954.047295][ C0] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 2954.053350][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2954.058547][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2954.063132][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2954.067644][ C0] ? tcp_filter+0xf0/0xf0 [ 2954.071953][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2954.077413][ C0] ip_local_deliver+0x62a/0x7c0 [ 2954.082253][ C0] ? ip_local_deliver+0x7c0/0x7c0 [ 2954.087262][ C0] ? ip_protocol_deliver_rcu+0xbc0/0xbc0 [ 2954.092891][ C0] ip_rcv+0x6cf/0x750 [ 2954.096985][ C0] ? ip_rcv_core+0x1270/0x1270 [ 2954.101853][ C0] ? ip_local_deliver_finish+0x350/0x350 [ 2954.107505][ C0] process_backlog+0xf0b/0x1410 [ 2954.112347][ C0] ? ip_local_deliver_finish+0x350/0x350 [ 2954.117974][ C0] ? rps_trigger_softirq+0x2e0/0x2e0 [ 2954.123305][ C0] net_rx_action+0x786/0x1aa0 [ 2954.128039][ C0] ? net_tx_action+0xc30/0xc30 [ 2954.132790][ C0] __do_softirq+0x311/0x83d [ 2954.137285][ C0] do_softirq_own_stack+0x49/0x80 [ 2954.142287][ C0] [ 2954.145298][ C0] __local_bh_enable_ip+0x184/0x1d0 [ 2954.150624][ C0] local_bh_enable+0x36/0x40 [ 2954.155256][ C0] ip_finish_output2+0x2115/0x2610 [ 2954.160469][ C0] ? ctnetlink_net_exit_batch+0x180/0x180 [ 2954.166181][ C0] ? nf_ct_deliver_cached_events+0x403/0x6c0 [ 2954.172264][ C0] __ip_finish_output+0xaa7/0xd80 [ 2954.177302][ C0] ip_finish_output+0x166/0x410 [ 2954.182170][ C0] ip_output+0x593/0x680 [ 2954.186416][ C0] ? ip_mc_finish_output+0x6c0/0x6c0 [ 2954.191728][ C0] ? ip_finish_output+0x410/0x410 [ 2954.197359][ C0] __ip_queue_xmit+0x1b5c/0x21a0 [ 2954.202433][ C0] ? kmsan_set_origin_checked+0x95/0xf0 [ 2954.207999][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2954.213263][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2954.218457][ C0] ip_queue_xmit+0xcc/0xf0 [ 2954.222912][ C0] ? tcp_v4_fill_cb+0x580/0x580 [ 2954.227750][ C0] __tcp_transmit_skb+0x439c/0x6090 [ 2954.232932][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2954.238742][ C0] tcp_connect+0x4337/0x6920 [ 2954.243318][ C0] ? __msan_poison_alloca+0xf0/0x120 [ 2954.248586][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2954.253797][ C0] tcp_v4_connect+0x21fd/0x2370 [ 2954.258659][ C0] ? tcp_twsk_unique+0xba0/0xba0 [ 2954.263580][ C0] __inet_stream_connect+0x2fb/0x1340 [ 2954.268938][ C0] ? __local_bh_enable_ip+0x97/0x1d0 [ 2954.274215][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2954.279408][ C0] inet_stream_connect+0x101/0x180 [ 2954.284502][ C0] ? __inet_stream_connect+0x1340/0x1340 [ 2954.290143][ C0] rds_tcp_conn_path_connect+0x8a7/0xb80 [ 2954.295882][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2954.301081][ C0] ? rds_tcp_state_change+0x390/0x390 [ 2954.306441][ C0] rds_connect_worker+0x2a6/0x470 [ 2954.311453][ C0] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 2954.317525][ C0] ? rds_addr_cmp+0x200/0x200 [ 2954.322200][ C0] process_one_work+0x1555/0x1f40 [ 2954.327249][ C0] worker_thread+0xef6/0x2450 [ 2954.331931][ C0] kthread+0x4b5/0x4f0 [ 2954.335982][ C0] ? process_one_work+0x1f40/0x1f40 [ 2954.341171][ C0] ? kthread_blkcg+0xf0/0xf0 [ 2954.345833][ C0] ret_from_fork+0x35/0x40 [ 2954.350239][ C0] Uninit was stored to memory at: [ 2954.355249][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2954.360952][ C0] __msan_chain_origin+0x50/0x90 [ 2954.365870][ C0] tcp_conn_request+0x1781/0x4d10 [ 2954.370873][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2954.375963][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2954.380964][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2954.386316][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2954.390882][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2954.395369][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2954.400806][ C0] ip_local_deliver+0x62a/0x7c0 [ 2954.405633][ C0] ip_rcv+0x6cf/0x750 [ 2954.409595][ C0] process_backlog+0xf0b/0x1410 [ 2954.414434][ C0] net_rx_action+0x786/0x1aa0 [ 2954.419105][ C0] __do_softirq+0x311/0x83d [ 2954.423590][ C0] [ 2954.425912][ C0] Uninit was stored to memory at: [ 2954.431098][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2954.436802][ C0] __msan_chain_origin+0x50/0x90 [ 2954.441751][ C0] tcp_openreq_init_rwin+0xc22/0xc80 [ 2954.447018][ C0] tcp_conn_request+0x33d7/0x4d10 [ 2954.452023][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2954.457115][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2954.462125][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2954.467474][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2954.472040][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2954.476520][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2954.481959][ C0] ip_local_deliver+0x62a/0x7c0 [ 2954.486784][ C0] ip_rcv+0x6cf/0x750 [ 2954.490745][ C0] process_backlog+0xf0b/0x1410 [ 2954.495585][ C0] net_rx_action+0x786/0x1aa0 [ 2954.500253][ C0] __do_softirq+0x311/0x83d [ 2954.504732][ C0] [ 2954.507036][ C0] Uninit was stored to memory at: [ 2954.512205][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2954.518095][ C0] __msan_chain_origin+0x50/0x90 [ 2954.523026][ C0] tcp_conn_request+0x1781/0x4d10 [ 2954.528037][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2954.533129][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2954.538168][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2954.543527][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2954.548100][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2954.552585][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2954.558030][ C0] ip_local_deliver+0x62a/0x7c0 [ 2954.562859][ C0] ip_rcv+0x6cf/0x750 [ 2954.566821][ C0] process_backlog+0xf0b/0x1410 [ 2954.571661][ C0] net_rx_action+0x786/0x1aa0 [ 2954.576328][ C0] __do_softirq+0x311/0x83d [ 2954.580820][ C0] [ 2954.583133][ C0] Uninit was stored to memory at: [ 2954.588154][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2954.593851][ C0] __msan_chain_origin+0x50/0x90 [ 2954.598769][ C0] tcp_openreq_init_rwin+0xc22/0xc80 [ 2954.604034][ C0] tcp_conn_request+0x33d7/0x4d10 [ 2954.609039][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2954.614129][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2954.619128][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2954.624497][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2954.629069][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2954.633566][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2954.639002][ C0] ip_local_deliver+0x62a/0x7c0 [ 2954.643828][ C0] ip_rcv+0x6cf/0x750 [ 2954.647805][ C0] process_backlog+0xf0b/0x1410 [ 2954.652636][ C0] net_rx_action+0x786/0x1aa0 [ 2954.657294][ C0] __do_softirq+0x311/0x83d [ 2954.662043][ C0] [ 2954.664539][ C0] Uninit was stored to memory at: [ 2954.669559][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2954.675257][ C0] __msan_chain_origin+0x50/0x90 [ 2954.680173][ C0] tcp_conn_request+0x1781/0x4d10 [ 2954.685178][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2954.690285][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2954.695300][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2954.700650][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2954.705220][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2954.709714][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2954.715154][ C0] ip_local_deliver+0x62a/0x7c0 [ 2954.720003][ C0] ip_rcv+0x6cf/0x750 [ 2954.724154][ C0] process_backlog+0xf0b/0x1410 [ 2954.728984][ C0] net_rx_action+0x786/0x1aa0 [ 2954.733639][ C0] __do_softirq+0x311/0x83d [ 2954.738127][ C0] [ 2954.740432][ C0] Uninit was stored to memory at: [ 2954.745434][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2954.751131][ C0] __msan_chain_origin+0x50/0x90 [ 2954.756049][ C0] tcp_openreq_init_rwin+0xc22/0xc80 [ 2954.761324][ C0] tcp_conn_request+0x33d7/0x4d10 [ 2954.766326][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2954.771413][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2954.776415][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2954.781777][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2954.786346][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2954.790827][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2954.796270][ C0] ip_local_deliver+0x62a/0x7c0 [ 2954.801109][ C0] ip_rcv+0x6cf/0x750 [ 2954.805169][ C0] process_backlog+0xf0b/0x1410 [ 2954.810018][ C0] net_rx_action+0x786/0x1aa0 [ 2954.814681][ C0] __do_softirq+0x311/0x83d [ 2954.819223][ C0] [ 2954.821553][ C0] Uninit was stored to memory at: [ 2954.826563][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2954.832266][ C0] __msan_chain_origin+0x50/0x90 [ 2954.837235][ C0] tcp_conn_request+0x1781/0x4d10 [ 2954.842267][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2954.847357][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2954.852377][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2954.857729][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2954.862371][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2954.866867][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2954.872318][ C0] ip_local_deliver+0x62a/0x7c0 [ 2954.877157][ C0] ip_rcv+0x6cf/0x750 [ 2954.881122][ C0] process_backlog+0xf0b/0x1410 [ 2954.885956][ C0] net_rx_action+0x786/0x1aa0 [ 2954.890620][ C0] __do_softirq+0x311/0x83d [ 2954.895099][ C0] [ 2954.897407][ C0] Uninit was created at: [ 2954.901747][ C0] kmsan_save_stack_with_flags+0x3c/0x90 [ 2954.907486][ C0] kmsan_alloc_page+0x12a/0x310 [ 2954.912317][ C0] __alloc_pages_nodemask+0x5712/0x5e80 [ 2954.917842][ C0] alloc_pages_current+0x67d/0x990 [ 2954.922945][ C0] alloc_slab_page+0x111/0x12f0 [ 2954.927772][ C0] new_slab+0x2bc/0x1130 [ 2954.931990][ C0] ___slab_alloc+0x1533/0x1f30 [ 2954.936735][ C0] kmem_cache_alloc+0xb23/0xd70 [ 2954.941566][ C0] inet_reqsk_alloc+0xac/0x830 [ 2954.946308][ C0] tcp_conn_request+0x753/0x4d10 [ 2954.951237][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2954.956333][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2954.961680][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2954.966250][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2954.970742][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2954.976197][ C0] ip_local_deliver+0x62a/0x7c0 [ 2954.981024][ C0] ip_sublist_rcv+0x11fa/0x13c0 [ 2954.985864][ C0] ip_list_rcv+0x8eb/0x950 [ 2954.990263][ C0] __netif_receive_skb_list_core+0x1311/0x1380 [ 2954.996397][ C0] netif_receive_skb_list_internal+0xf62/0x1620 [ 2955.002628][ C0] napi_complete_done+0x2ef/0xb60 [ 2955.007632][ C0] virtqueue_napi_complete+0xb9/0x1f0 [ 2955.012997][ C0] virtnet_poll+0x1468/0x19f0 [ 2955.017652][ C0] net_rx_action+0x786/0x1aa0 [ 2955.022309][ C0] __do_softirq+0x311/0x83d 00:46:32 executing program 3: r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={0x0, 0x0, 0x800}, 0x20) 00:46:32 executing program 1: syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000003c0)='./file0\x00', 0x800, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174001004010a0200027400f8", 0x16}], 0x0, 0x0) 00:46:32 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000100)={0x1c, 0x7, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0) 00:46:32 executing program 4: r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={0x0, 0x0, 0x807}, 0x20) 00:46:32 executing program 2: clone(0x1080210b1065ff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setresuid(0xee00, 0x0, 0x0) r0 = gettid() tkill(r0, 0x3f) ioprio_set$pid(0x2, 0x0, 0x0) 00:46:32 executing program 5: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r0, &(0x7f0000000200)=[{&(0x7f0000000180)="8b", 0x1}, {&(0x7f0000000300)="89", 0x1}, {&(0x7f0000000380)="c5", 0x1}], 0x3, 0x0) ioctl$sock_inet6_udp_SIOCINQ(r0, 0x541b, &(0x7f0000000000)) [ 2958.185291][T13242] FAT-fs (loop1): unable to read boot sector (logical sector size = 4096) 00:46:32 executing program 0: perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ppp\x00', 0x0, 0x0) r1 = socket$inet6(0xa, 0x3, 0x21) r2 = dup2(r0, r1) ioctl$EVIOCGPROP(r2, 0xc004743e, &(0x7f0000000000)=""/246) 00:46:32 executing program 1: syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000003c0)='./file0\x00', 0x800, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174001004010a0200027400f8", 0x16}], 0x0, 0x0) 00:46:32 executing program 4: r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={0x0, 0x0, 0x807}, 0x20) 00:46:32 executing program 2: clone(0x1080210b1065ff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setresuid(0xee00, 0x0, 0x0) r0 = gettid() tkill(r0, 0x3f) ioprio_set$pid(0x2, 0x0, 0x0) 00:46:32 executing program 4: r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={0x0, 0x0, 0x807}, 0x20) 00:46:33 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c00000008060104000000706ca1d000000000000500010006000000"], 0x1c}}, 0x0) [ 2958.926243][T13364] FAT-fs (loop1): unable to read boot sector (logical sector size = 4096) 00:46:37 executing program 3: r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0) r1 = gettid() timer_create(0x0, &(0x7f0000000080)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup3(r2, r3, 0x0) readv(r0, &(0x7f000058c000)=[{&(0x7f0000422f69)=""/151, 0x97}], 0x100000000000002c) dup2(r3, r0) tkill(r1, 0x1000000000016) 00:46:37 executing program 0: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x9, 0x20011, r0, 0x0) ioctl$SG_NEXT_CMD_LEN(r0, 0x5385, &(0x7f0000000140)) 00:46:37 executing program 1: syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000003c0)='./file0\x00', 0x800, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174001004010a0200027400f8", 0x16}], 0x0, 0x0) 00:46:37 executing program 2: clone(0x1080210b1065ff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setresuid(0xee00, 0x0, 0x0) r0 = gettid() tkill(r0, 0x3f) ioprio_set$pid(0x2, 0x0, 0x0) 00:46:37 executing program 4: r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={0x0, 0x0, 0x807}, 0x20) 00:46:37 executing program 5: r0 = socket(0x1e, 0x2, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000080)=@req={0x3fc}, 0x10) bind$tipc(r0, 0x0, 0x0) r1 = socket(0x1e, 0x2, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000080)=@req={0x3fc}, 0x10) bind$tipc(r1, 0x0, 0x0) setsockopt$TIPC_GROUP_LEAVE(r1, 0x10f, 0x88) 00:46:38 executing program 4: get_mempolicy(0x0, &(0x7f0000000080), 0x924e, &(0x7f0000bfd000/0x400000)=nil, 0x2) [ 2963.987382][T13620] FAT-fs (loop1): unable to read boot sector (logical sector size = 4096) 00:46:38 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x200000000000011, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', 0x0}) bind$packet(r1, &(0x7f0000000240)={0x11, 0x0, r3}, 0x14) getsockname$packet(r1, &(0x7f0000000500)={0x11, 0x0, 0x0}, &(0x7f0000000040)=0x10eef0f1) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=@newlink={0x54, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_VFINFO_LIST={0x30, 0x16, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, [@IFLA_VF_MAC={0x28, 0x9, {0x0, @dev}}]}]}, @IFLA_IFALIASn={0x4}]}, 0x54}}, 0x0) 00:46:38 executing program 2: clone(0x1080210b1065ff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setresuid(0xee00, 0x0, 0x0) r0 = gettid() tkill(r0, 0x3f) ioprio_set$pid(0x2, 0x0, 0x0) 00:46:38 executing program 1: r0 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @local, 0xfffffffe}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={[], [], @dev}}, 0x1c) 00:46:38 executing program 4: r0 = getpgrp(0x0) r1 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0x0) pipe(0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2401, 0x80ffff) [ 2964.739133][T13810] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. 00:46:38 executing program 1: mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x2000009, 0x31, 0xffffffffffffffff, 0x0) r0 = socket$rds(0x15, 0x5, 0x0) setsockopt$RDS_CONG_MONITOR(r0, 0x114, 0x5, &(0x7f0000001f00), 0x4) [ 2965.818959][ C0] not chained 790000 origins [ 2965.823769][ C0] CPU: 0 PID: 5371 Comm: kworker/u4:4 Not tainted 5.6.0-rc2-syzkaller #0 [ 2965.834433][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2965.844582][ C0] Workqueue: krdsd rds_connect_worker [ 2965.849940][ C0] Call Trace: [ 2965.853317][ C0] [ 2965.856167][ C0] dump_stack+0x1c9/0x220 [ 2965.860495][ C0] kmsan_internal_chain_origin+0x6f/0x130 [ 2965.866205][ C0] ? should_fail+0x72/0x9e0 [ 2965.870697][ C0] ? ret_from_fork+0x35/0x40 [ 2965.875293][ C0] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 2965.881478][ C0] ? arch_stack_walk+0x34c/0x3e0 [ 2965.886430][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2965.891633][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2965.896830][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2965.902652][ C0] ? kmsan_get_metadata+0x4f/0x180 [ 2965.907772][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2965.913585][ C0] ? __msan_metadata_ptr_for_store_2+0x13/0x20 [ 2965.920077][ C0] ? tcp_parse_options+0x1ada/0x1b90 [ 2965.925376][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2965.930566][ C0] __msan_chain_origin+0x50/0x90 [ 2965.935499][ C0] tcp_conn_request+0x13ce/0x4d10 [ 2965.940526][ C0] ? rb_first+0x31/0x100 [ 2965.944789][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2965.949976][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2965.955169][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2965.961320][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2965.966515][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2965.971711][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2965.976744][ C0] ? inet6_sk_rx_dst_set+0x3d0/0x3d0 [ 2965.982017][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2965.987381][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2965.992571][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2965.998551][ C0] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 2966.004622][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2966.009820][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2966.014416][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2966.018972][ C0] ? tcp_filter+0xf0/0xf0 [ 2966.023331][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2966.028823][ C0] ip_local_deliver+0x62a/0x7c0 [ 2966.033688][ C0] ? ip_local_deliver+0x7c0/0x7c0 [ 2966.038708][ C0] ? ip_protocol_deliver_rcu+0xbc0/0xbc0 [ 2966.044534][ C0] ip_rcv+0x6cf/0x750 [ 2966.048526][ C0] ? ip_rcv_core+0x1270/0x1270 [ 2966.053284][ C0] ? ip_local_deliver_finish+0x350/0x350 [ 2966.058922][ C0] process_backlog+0xf0b/0x1410 [ 2966.063783][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2966.068998][ C0] ? ip_local_deliver_finish+0x350/0x350 [ 2966.074651][ C0] ? rps_trigger_softirq+0x2e0/0x2e0 [ 2966.079928][ C0] net_rx_action+0x786/0x1aa0 [ 2966.084614][ C0] ? net_tx_action+0xc30/0xc30 [ 2966.089374][ C0] __do_softirq+0x311/0x83d [ 2966.093883][ C0] do_softirq_own_stack+0x49/0x80 [ 2966.098890][ C0] [ 2966.101828][ C0] __local_bh_enable_ip+0x184/0x1d0 [ 2966.107020][ C0] local_bh_enable+0x36/0x40 [ 2966.111611][ C0] ip_finish_output2+0x2115/0x2610 [ 2966.116720][ C0] ? ctnetlink_net_exit_batch+0x180/0x180 [ 2966.122448][ C0] ? nf_ct_deliver_cached_events+0x403/0x6c0 [ 2966.128446][ C0] __ip_finish_output+0xaa7/0xd80 [ 2966.133480][ C0] ip_finish_output+0x166/0x410 [ 2966.138333][ C0] ip_output+0x593/0x680 [ 2966.142695][ C0] ? ip_mc_finish_output+0x6c0/0x6c0 [ 2966.147972][ C0] ? ip_finish_output+0x410/0x410 [ 2966.152987][ C0] __ip_queue_xmit+0x1b5c/0x21a0 [ 2966.157932][ C0] ? kmsan_set_origin_checked+0x95/0xf0 [ 2966.163471][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2966.168673][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2966.173914][ C0] ip_queue_xmit+0xcc/0xf0 [ 2966.178435][ C0] ? tcp_v4_fill_cb+0x580/0x580 [ 2966.183284][ C0] __tcp_transmit_skb+0x439c/0x6090 [ 2966.188503][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2966.194358][ C0] tcp_connect+0x4337/0x6920 [ 2966.198957][ C0] ? __msan_poison_alloca+0xf0/0x120 [ 2966.204337][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2966.210861][ C0] tcp_v4_connect+0x21fd/0x2370 [ 2966.215736][ C0] ? tcp_twsk_unique+0xba0/0xba0 [ 2966.220673][ C0] __inet_stream_connect+0x2fb/0x1340 [ 2966.226044][ C0] ? __local_bh_enable_ip+0x97/0x1d0 [ 2966.231334][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2966.236555][ C0] inet_stream_connect+0x101/0x180 [ 2966.241664][ C0] ? __inet_stream_connect+0x1340/0x1340 [ 2966.247307][ C0] rds_tcp_conn_path_connect+0x8a7/0xb80 [ 2966.252944][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2966.258142][ C0] ? rds_tcp_state_change+0x390/0x390 [ 2966.263515][ C0] rds_connect_worker+0x2a6/0x470 [ 2966.268690][ C0] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 2966.274766][ C0] ? rds_addr_cmp+0x200/0x200 [ 2966.279513][ C0] process_one_work+0x1555/0x1f40 [ 2966.284838][ C0] worker_thread+0xef6/0x2450 [ 2966.289548][ C0] kthread+0x4b5/0x4f0 [ 2966.293610][ C0] ? process_one_work+0x1f40/0x1f40 [ 2966.298811][ C0] ? kthread_blkcg+0xf0/0xf0 [ 2966.303395][ C0] ret_from_fork+0x35/0x40 [ 2966.307811][ C0] Uninit was stored to memory at: [ 2966.312829][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2966.319059][ C0] __msan_chain_origin+0x50/0x90 [ 2966.323985][ C0] tcp_conn_request+0x1781/0x4d10 [ 2966.328998][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2966.334736][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2966.339749][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2966.345112][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2966.349954][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2966.354469][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2966.359925][ C0] ip_local_deliver+0x62a/0x7c0 [ 2966.364773][ C0] ip_rcv+0x6cf/0x750 [ 2966.368749][ C0] process_backlog+0xf0b/0x1410 [ 2966.373589][ C0] net_rx_action+0x786/0x1aa0 [ 2966.378269][ C0] __do_softirq+0x311/0x83d [ 2966.382762][ C0] [ 2966.385084][ C0] Uninit was stored to memory at: [ 2966.390220][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2966.395958][ C0] __msan_chain_origin+0x50/0x90 [ 2966.400923][ C0] tcp_openreq_init_rwin+0xc22/0xc80 [ 2966.406200][ C0] tcp_conn_request+0x33d7/0x4d10 [ 2966.411227][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2966.416334][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2966.421357][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2966.426732][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2966.431316][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2966.435815][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2966.441289][ C0] ip_local_deliver+0x62a/0x7c0 [ 2966.446298][ C0] ip_rcv+0x6cf/0x750 [ 2966.450277][ C0] process_backlog+0xf0b/0x1410 [ 2966.455119][ C0] net_rx_action+0x786/0x1aa0 [ 2966.459801][ C0] __do_softirq+0x311/0x83d [ 2966.464297][ C0] [ 2966.466632][ C0] Uninit was stored to memory at: [ 2966.471655][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2966.477380][ C0] __msan_chain_origin+0x50/0x90 [ 2966.482333][ C0] tcp_conn_request+0x1781/0x4d10 [ 2966.487484][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2966.492605][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2966.497645][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2966.503121][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2966.507707][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2966.512238][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2966.517692][ C0] ip_local_deliver+0x62a/0x7c0 [ 2966.522545][ C0] ip_rcv+0x6cf/0x750 [ 2966.526529][ C0] process_backlog+0xf0b/0x1410 [ 2966.531378][ C0] net_rx_action+0x786/0x1aa0 [ 2966.536070][ C0] __do_softirq+0x311/0x83d [ 2966.540703][ C0] [ 2966.543045][ C0] Uninit was stored to memory at: [ 2966.548067][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2966.553909][ C0] __msan_chain_origin+0x50/0x90 [ 2966.558859][ C0] tcp_openreq_init_rwin+0xc22/0xc80 [ 2966.564146][ C0] tcp_conn_request+0x33d7/0x4d10 [ 2966.569178][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2966.574287][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2966.579595][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2966.585106][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2966.589714][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2966.594220][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2966.599688][ C0] ip_local_deliver+0x62a/0x7c0 [ 2966.604530][ C0] ip_rcv+0x6cf/0x750 [ 2966.608517][ C0] process_backlog+0xf0b/0x1410 [ 2966.613359][ C0] net_rx_action+0x786/0x1aa0 [ 2966.618027][ C0] __do_softirq+0x311/0x83d [ 2966.622619][ C0] [ 2966.624943][ C0] Uninit was stored to memory at: [ 2966.629967][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2966.635690][ C0] __msan_chain_origin+0x50/0x90 [ 2966.640621][ C0] tcp_conn_request+0x1781/0x4d10 [ 2966.645642][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2966.650768][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2966.655784][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2966.661146][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2966.665725][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2966.670221][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2966.675673][ C0] ip_local_deliver+0x62a/0x7c0 [ 2966.680513][ C0] ip_rcv+0x6cf/0x750 [ 2966.684488][ C0] process_backlog+0xf0b/0x1410 [ 2966.690803][ C0] net_rx_action+0x786/0x1aa0 [ 2966.695474][ C0] __do_softirq+0x311/0x83d [ 2966.699956][ C0] [ 2966.702358][ C0] Uninit was stored to memory at: [ 2966.707388][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2966.713098][ C0] __msan_chain_origin+0x50/0x90 [ 2966.718026][ C0] tcp_openreq_init_rwin+0xc22/0xc80 [ 2966.723296][ C0] tcp_conn_request+0x33d7/0x4d10 [ 2966.728311][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2966.733422][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2966.738435][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2966.743798][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2966.748374][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2966.752871][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2966.758328][ C0] ip_local_deliver+0x62a/0x7c0 [ 2966.763184][ C0] ip_rcv+0x6cf/0x750 [ 2966.767181][ C0] process_backlog+0xf0b/0x1410 [ 2966.772032][ C0] net_rx_action+0x786/0x1aa0 [ 2966.776698][ C0] __do_softirq+0x311/0x83d [ 2966.781181][ C0] [ 2966.783499][ C0] Uninit was stored to memory at: [ 2966.788527][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2966.794247][ C0] __msan_chain_origin+0x50/0x90 [ 2966.799183][ C0] tcp_conn_request+0x1781/0x4d10 [ 2966.804212][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2966.809326][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2966.814368][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2966.819737][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2966.824333][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2966.828863][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2966.834318][ C0] ip_local_deliver+0x62a/0x7c0 [ 2966.839160][ C0] ip_rcv+0x6cf/0x750 [ 2966.843149][ C0] process_backlog+0xf0b/0x1410 [ 2966.848003][ C0] net_rx_action+0x786/0x1aa0 [ 2966.852675][ C0] __do_softirq+0x311/0x83d [ 2966.857281][ C0] [ 2966.859602][ C0] Uninit was created at: [ 2966.863840][ C0] kmsan_save_stack_with_flags+0x3c/0x90 [ 2966.870707][ C0] kmsan_alloc_page+0x12a/0x310 [ 2966.875560][ C0] __alloc_pages_nodemask+0x5712/0x5e80 [ 2966.881099][ C0] alloc_pages_current+0x67d/0x990 [ 2966.886216][ C0] alloc_slab_page+0x111/0x12f0 [ 2966.891076][ C0] new_slab+0x2bc/0x1130 [ 2966.895322][ C0] ___slab_alloc+0x1533/0x1f30 [ 2966.900094][ C0] kmem_cache_alloc+0xb23/0xd70 [ 2966.904940][ C0] inet_reqsk_alloc+0xac/0x830 [ 2966.909701][ C0] tcp_conn_request+0x753/0x4d10 [ 2966.914710][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2966.919825][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2966.925191][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2966.929873][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2966.934383][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2966.939852][ C0] ip_local_deliver+0x62a/0x7c0 [ 2966.944711][ C0] ip_sublist_rcv+0x11fa/0x13c0 [ 2966.949698][ C0] ip_list_rcv+0x8eb/0x950 [ 2966.954124][ C0] __netif_receive_skb_list_core+0x1311/0x1380 [ 2966.960280][ C0] netif_receive_skb_list_internal+0xf62/0x1620 [ 2966.966519][ C0] napi_complete_done+0x2ef/0xb60 [ 2966.971584][ C0] virtqueue_napi_complete+0xb9/0x1f0 [ 2966.976965][ C0] virtnet_poll+0x1468/0x19f0 [ 2966.981637][ C0] net_rx_action+0x786/0x1aa0 [ 2966.986305][ C0] __do_softirq+0x311/0x83d 00:46:44 executing program 3: syz_mount_image$xfs(&(0x7f00000001c0)='xfs\x00', &(0x7f0000000000)='./file0\x00', 0xffff80d5, 0x2, &(0x7f0000000140)=[{&(0x7f0000000200)='XFSB', 0x4}, {&(0x7f00000002c0)="0119f9bb26d3bd0038ec8eaac8a09aab50ded8a85aba10e959a756b660906572971170846407766019e1e9e508ce1a8ce9d05b42f3192ec0399cd41847db7b22e27f317391aab52327b65b3d16a8457c18a04f3e28e0f7a1cbb16f0a71917f2082ac462417fefaab5c0b39dd18191f7e16f39f6ac2980634c2f2f88e417ced29db58fa1b578f3e7761944d6c46c43886716db525997290532f7c23969da4b9946dec56d190143f71db", 0xa9, 0x9}], 0x0, 0x0) 00:46:44 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x200000000000011, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', 0x0}) bind$packet(r1, &(0x7f0000000240)={0x11, 0x0, r3}, 0x14) getsockname$packet(r1, &(0x7f0000000500)={0x11, 0x0, 0x0}, &(0x7f0000000040)=0x10eef0f1) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=@newlink={0x54, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_VFINFO_LIST={0x30, 0x16, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, [@IFLA_VF_MAC={0x28, 0x9, {0x0, @dev}}]}]}, @IFLA_IFALIASn={0x4}]}, 0x54}}, 0x0) 00:46:44 executing program 2: r0 = socket$packet(0x11, 0x2, 0x300) getsockopt$packet_int(r0, 0x107, 0x0, 0x0, 0x0) 00:46:44 executing program 1: r0 = socket$inet6(0xa, 0x3, 0x9) recvmmsg(r0, &(0x7f00000055c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000044c0)=""/17, 0x11}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0) setsockopt$inet6_int(r0, 0x29, 0x2, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendmmsg(r0, &(0x7f00000092c0), 0x4ff, 0x0) 00:46:44 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f00000002c0)=[{&(0x7f0000000000)="0201a9ffffff0a040000ff45ac0480ef000000000000190000000000800680ffffffbf000000e100e2ff87770072003007000500000000000000008000da55aa", 0x40, 0x1c0}]) 00:46:44 executing program 5: r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}}, 0x0, 0xffffffffffffffff, r0, 0x0) readv(r0, &(0x7f0000000480)=[{&(0x7f00000000c0)=""/168, 0xa8}], 0x1) [ 2970.266278][T14234] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 2970.372927][T14235] loop4: p1 p2 p3 p4 < p5 p6 p7 p8 p9 p10 p11 p12 p13 p14 p15 p16 p17 p18 p19 p20 p21 p22 p23 p24 p25 p26 p27 p28 p29 p30 p31 p32 p33 p34 p35 p36 p37 p38 p39 p40 p41 p42 p43 p44 p45 p46 p47 p48 p49 p50 p51 p52 p53 p54 p55 p56 p57 p58 p59 p60 p61 p62 p63 p64 p65 p66 p67 p68 p69 p70 p71 p72 p73 p74 p75 p76 p77 p78 p79 p80 p81 p82 p83 p84 p85 p86 p87 p88 p89 p90 p91 p92 p93 p94 p95 p96 p97 p98 p99 p100 p101 p102 p103 p104 p105 p106 p107 p108 p109 p110 p111 p112 p113 p114 p115 p116 p117 p118 p119 p120 p121 p122 p123 p124 p125 p126 p127 p128 p129 p130 p131 p132 p133 p134 p135 p136 p137 p138 p139 p140 p141 p142 p143 p144 p145 p146 p147 p148 p149 p150 p151 p152 p153 p154 p155 p156 p157 p158 p159 p160 p161 p162 p163 p164 p165 p166 p167 p168 p169 p170 p171 p172 p173 p174 p175 p176 p177 p178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p [ 2970.372970][T14235] loop4: partition table partially beyond EOD, truncated [ 2970.468546][T14235] loop4: p1 start 1034 is beyond EOD, truncated [ 2970.474978][T14235] loop4: p2 start 25 is beyond EOD, truncated [ 2970.481112][T14235] loop4: p3 start 4293001441 is beyond EOD, truncated [ 2970.488061][T14235] loop4: p4 size 2 extends beyond EOD, truncated 00:46:44 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000040)={0x26, 'hash\x00', 0x0, 0x0, 'md5-generic\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) recvmsg(r1, &(0x7f0000001a00)={0x0, 0x0, &(0x7f00000018c0)=[{&(0x7f0000000280)=""/228, 0xe4}], 0x1}, 0x0) 00:46:44 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x200000000000011, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', 0x0}) bind$packet(r1, &(0x7f0000000240)={0x11, 0x0, r3}, 0x14) getsockname$packet(r1, &(0x7f0000000500)={0x11, 0x0, 0x0}, &(0x7f0000000040)=0x10eef0f1) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=@newlink={0x54, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_VFINFO_LIST={0x30, 0x16, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, [@IFLA_VF_MAC={0x28, 0x9, {0x0, @dev}}]}]}, @IFLA_IFALIASn={0x4}]}, 0x54}}, 0x0) [ 2970.615686][T14235] loop4: p5 start 1034 is beyond EOD, truncated [ 2970.622054][T14235] loop4: p6 start 25 is beyond EOD, truncated [ 2970.628347][T14235] loop4: p7 start 1034 is beyond EOD, truncated [ 2970.634826][T14235] loop4: p8 start 25 is beyond EOD, truncated [ 2970.640970][T14235] loop4: p9 start 1034 is beyond EOD, truncated [ 2970.647408][T14235] loop4: p10 start 25 is beyond EOD, truncated [ 2970.653644][T14235] loop4: p11 start 1034 is beyond EOD, truncated [ 2970.660166][T14235] loop4: p12 start 25 is beyond EOD, truncated [ 2970.666542][T14235] loop4: p13 start 1034 is beyond EOD, truncated [ 2970.672928][T14235] loop4: p14 start 25 is beyond EOD, truncated [ 2970.679264][T14235] loop4: p15 start 1034 is beyond EOD, truncated [ 2970.686023][T14235] loop4: p16 start 25 is beyond EOD, truncated [ 2970.692429][T14235] loop4: p17 start 1034 is beyond EOD, truncated [ 2970.698959][T14235] loop4: p18 start 25 is beyond EOD, truncated [ 2970.705273][T14235] loop4: p19 start 1034 is beyond EOD, truncated [ 2970.711667][T14235] loop4: p20 start 25 is beyond EOD, truncated [ 2970.718023][T14235] loop4: p21 start 1034 is beyond EOD, truncated [ 2970.724413][T14235] loop4: p22 start 25 is beyond EOD, truncated [ 2970.730742][T14235] loop4: p23 start 1034 is beyond EOD, truncated [ 2970.737231][T14235] loop4: p24 start 25 is beyond EOD, truncated [ 2970.743541][T14235] loop4: p25 start 1034 is beyond EOD, truncated [ 2970.750120][T14235] loop4: p26 start 25 is beyond EOD, truncated [ 2970.756420][T14235] loop4: p27 start 1034 is beyond EOD, truncated [ 2970.762813][T14235] loop4: p28 start 25 is beyond EOD, truncated [ 2970.769319][T14235] loop4: p29 start 1034 is beyond EOD, truncated [ 2970.775887][T14235] loop4: p30 start 25 is beyond EOD, truncated [ 2970.782106][T14235] loop4: p31 start 1034 is beyond EOD, truncated [ 2970.788663][T14235] loop4: p32 start 25 is beyond EOD, truncated [ 2970.794988][T14235] loop4: p33 start 1034 is beyond EOD, truncated [ 2970.801711][T14235] loop4: p34 start 25 is beyond EOD, truncated [ 2970.808066][T14235] loop4: p35 start 1034 is beyond EOD, truncated [ 2970.814460][T14235] loop4: p36 start 25 is beyond EOD, truncated [ 2970.820867][T14235] loop4: p37 start 1034 is beyond EOD, truncated [ 2970.827370][T14235] loop4: p38 start 25 is beyond EOD, truncated [ 2970.833588][T14235] loop4: p39 start 1034 is beyond EOD, truncated [ 2970.840193][T14235] loop4: p40 start 25 is beyond EOD, truncated [ 2970.846511][T14235] loop4: p41 start 1034 is beyond EOD, truncated [ 2970.852987][T14235] loop4: p42 start 25 is beyond EOD, truncated [ 2970.859416][T14235] loop4: p43 start 1034 is beyond EOD, truncated [ 2970.865925][T14235] loop4: p44 start 25 is beyond EOD, truncated [ 2970.872176][T14235] loop4: p45 start 1034 is beyond EOD, truncated [ 2970.878720][T14235] loop4: p46 start 25 is beyond EOD, truncated [ 2970.885038][T14235] loop4: p47 start 1034 is beyond EOD, truncated [ 2970.891542][T14235] loop4: p48 start 25 is beyond EOD, truncated [ 2970.898240][T14235] loop4: p49 start 1034 is beyond EOD, truncated [ 2970.904735][T14235] loop4: p50 start 25 is beyond EOD, truncated [ 2970.910973][T14235] loop4: p51 start 1034 is beyond EOD, truncated [ 2970.917507][T14235] loop4: p52 start 25 is beyond EOD, truncated [ 2970.923721][T14235] loop4: p53 start 1034 is beyond EOD, truncated [ 2970.930396][T14235] loop4: p54 start 25 is beyond EOD, truncated [ 2970.936921][T14235] loop4: p55 start 1034 is beyond EOD, truncated [ 2970.943458][T14235] loop4: p56 start 25 is beyond EOD, truncated [ 2970.949961][T14235] loop4: p57 start 1034 is beyond EOD, truncated [ 2970.956463][T14235] loop4: p58 start 25 is beyond EOD, truncated [ 2970.962688][T14235] loop4: p59 start 1034 is beyond EOD, truncated [ 2970.969195][T14235] loop4: p60 start 25 is beyond EOD, truncated [ 2970.975523][T14235] loop4: p61 start 1034 is beyond EOD, truncated [ 2970.981909][T14235] loop4: p62 start 25 is beyond EOD, truncated [ 2970.988245][T14235] loop4: p63 start 1034 is beyond EOD, truncated [ 2970.994889][T14235] loop4: p64 start 25 is beyond EOD, truncated [ 2971.001109][T14235] loop4: p65 start 1034 is beyond EOD, truncated [ 2971.007692][T14235] loop4: p66 start 25 is beyond EOD, truncated [ 2971.013917][T14235] loop4: p67 start 1034 is beyond EOD, truncated [ 2971.020439][T14235] loop4: p68 start 25 is beyond EOD, truncated [ 2971.026776][T14235] loop4: p69 start 1034 is beyond EOD, truncated [ 2971.033177][T14235] loop4: p70 start 25 is beyond EOD, truncated [ 2971.039667][T14235] loop4: p71 start 1034 is beyond EOD, truncated [ 2971.046179][T14235] loop4: p72 start 25 is beyond EOD, truncated [ 2971.052400][T14235] loop4: p73 start 1034 is beyond EOD, truncated [ 2971.059002][T14235] loop4: p74 start 25 is beyond EOD, truncated [ 2971.065486][T14235] loop4: p75 start 1034 is beyond EOD, truncated [ 2971.071885][T14235] loop4: p76 start 25 is beyond EOD, truncated [ 2971.078345][T14235] loop4: p77 start 1034 is beyond EOD, truncated [ 2971.084842][T14235] loop4: p78 start 25 is beyond EOD, truncated [ 2971.091163][T14235] loop4: p79 start 1034 is beyond EOD, truncated [ 2971.097666][T14235] loop4: p80 start 25 is beyond EOD, truncated [ 2971.103891][T14235] loop4: p81 start 1034 is beyond EOD, truncated [ 2971.110434][T14235] loop4: p82 start 25 is beyond EOD, truncated [ 2971.116774][T14235] loop4: p83 start 1034 is beyond EOD, truncated [ 2971.123172][T14235] loop4: p84 start 25 is beyond EOD, truncated [ 2971.129516][T14235] loop4: p85 start 1034 is beyond EOD, truncated [ 2971.137641][T14235] loop4: p86 start 25 is beyond EOD, truncated [ 2971.144007][T14235] loop4: p87 start 1034 is beyond EOD, truncated [ 2971.150511][T14235] loop4: p88 start 25 is beyond EOD, truncated [ 2971.156832][T14235] loop4: p89 start 1034 is beyond EOD, truncated [ 2971.163329][T14235] loop4: p90 start 25 is beyond EOD, truncated [ 2971.169642][T14235] loop4: p91 start 1034 is beyond EOD, truncated [ 2971.176275][T14235] loop4: p92 start 25 is beyond EOD, truncated [ 2971.182487][T14235] loop4: p93 start 1034 is beyond EOD, truncated [ 2971.189126][T14235] loop4: p94 start 25 is beyond EOD, truncated [ 2971.195448][T14235] loop4: p95 start 1034 is beyond EOD, truncated [ 2971.202787][T14235] loop4: p96 start 25 is beyond EOD, truncated [ 2971.209219][T14235] loop4: p97 start 1034 is beyond EOD, truncated [ 2971.215696][T14235] loop4: p98 start 25 is beyond EOD, truncated [ 2971.221913][T14235] loop4: p99 start 1034 is beyond EOD, truncated [ 2971.228385][T14235] loop4: p100 start 25 is beyond EOD, truncated [ 2971.234765][T14235] loop4: p101 start 1034 is beyond EOD, truncated [ 2971.241236][T14235] loop4: p102 start 25 is beyond EOD, truncated [ 2971.247631][T14235] loop4: p103 start 1034 is beyond EOD, truncated [ 2971.254168][T14235] loop4: p104 start 25 is beyond EOD, truncated [ 2971.260624][T14235] loop4: p105 start 1034 is beyond EOD, truncated [ 2971.267219][T14235] loop4: p106 start 25 is beyond EOD, truncated [ 2971.273519][T14235] loop4: p107 start 1034 is beyond EOD, truncated [ 2971.280090][T14235] loop4: p108 start 25 is beyond EOD, truncated [ 2971.286478][T14235] loop4: p109 start 1034 is beyond EOD, truncated [ 2971.292955][T14235] loop4: p110 start 25 is beyond EOD, truncated [ 2971.299357][T14235] loop4: p111 start 1034 is beyond EOD, truncated [ 2971.305928][T14235] loop4: p112 start 25 is beyond EOD, truncated [ 2971.312239][T14235] loop4: p113 start 1034 is beyond EOD, truncated [ 2971.318804][T14235] loop4: p114 start 25 is beyond EOD, truncated [ 2971.325229][T14235] loop4: p115 start 1034 is beyond EOD, truncated [ 2971.331723][T14235] loop4: p116 start 25 is beyond EOD, truncated [ 2971.338117][T14235] loop4: p117 start 1034 is beyond EOD, truncated [ 2971.344682][T14235] loop4: p118 start 25 is beyond EOD, truncated [ 2971.351026][T14235] loop4: p119 start 1034 is beyond EOD, truncated [ 2971.357634][T14235] loop4: p120 start 25 is beyond EOD, truncated [ 2971.363957][T14235] loop4: p121 start 1034 is beyond EOD, truncated [ 2971.370559][T14235] loop4: p122 start 25 is beyond EOD, truncated [ 2971.376975][T14235] loop4: p123 start 1034 is beyond EOD, truncated [ 2971.383450][T14235] loop4: p124 start 25 is beyond EOD, truncated [ 2971.389852][T14235] loop4: p125 start 1034 is beyond EOD, truncated [ 2971.396508][T14235] loop4: p126 start 25 is beyond EOD, truncated [ 2971.402823][T14235] loop4: p127 start 1034 is beyond EOD, truncated [ 2971.409392][T14235] loop4: p128 start 25 is beyond EOD, truncated [ 2971.415791][T14235] loop4: p129 start 1034 is beyond EOD, truncated [ 2971.422268][T14235] loop4: p130 start 25 is beyond EOD, truncated [ 2971.428662][T14235] loop4: p131 start 1034 is beyond EOD, truncated [ 2971.435229][T14235] loop4: p132 start 25 is beyond EOD, truncated [ 2971.441548][T14235] loop4: p133 start 1034 is beyond EOD, truncated [ 2971.448265][T14235] loop4: p134 start 25 is beyond EOD, truncated [ 2971.454678][T14235] loop4: p135 start 1034 is beyond EOD, truncated [ 2971.461160][T14235] loop4: p136 start 25 is beyond EOD, truncated [ 2971.467552][T14235] loop4: p137 start 1034 is beyond EOD, truncated [ 2971.474025][T14235] loop4: p138 start 25 is beyond EOD, truncated [ 2971.480437][T14235] loop4: p139 start 1034 is beyond EOD, truncated [ 2971.486997][T14235] loop4: p140 start 25 is beyond EOD, truncated [ 2971.493298][T14235] loop4: p141 start 1034 is beyond EOD, truncated [ 2971.499853][T14235] loop4: p142 start 25 is beyond EOD, truncated [ 2971.506237][T14235] loop4: p143 start 1034 is beyond EOD, truncated [ 2971.512719][T14235] loop4: p144 start 25 is beyond EOD, truncated [ 2971.519115][T14235] loop4: p145 start 1034 is beyond EOD, truncated [ 2971.525674][T14235] loop4: p146 start 25 is beyond EOD, truncated [ 2971.532102][T14235] loop4: p147 start 1034 is beyond EOD, truncated [ 2971.538673][T14235] loop4: p148 start 25 is beyond EOD, truncated [ 2971.545060][T14235] loop4: p149 start 1034 is beyond EOD, truncated [ 2971.551538][T14235] loop4: p150 start 25 is beyond EOD, truncated [ 2971.557934][T14235] loop4: p151 start 1034 is beyond EOD, truncated [ 2971.564411][T14235] loop4: p152 start 25 is beyond EOD, truncated [ 2971.570806][T14235] loop4: p153 start 1034 is beyond EOD, truncated [ 2971.577364][T14235] loop4: p154 start 25 is beyond EOD, truncated [ 2971.583660][T14235] loop4: p155 start 1034 is beyond EOD, truncated [ 2971.590227][T14235] loop4: p156 start 25 is beyond EOD, truncated [ 2971.596613][T14235] loop4: p157 start 1034 is beyond EOD, truncated [ 2971.603100][T14235] loop4: p158 start 25 is beyond EOD, truncated [ 2971.609483][T14235] loop4: p159 start 1034 is beyond EOD, truncated [ 2971.616045][T14235] loop4: p160 start 25 is beyond EOD, truncated [ 2971.622371][T14235] loop4: p161 start 1034 is beyond EOD, truncated [ 2971.628961][T14235] loop4: p162 start 25 is beyond EOD, truncated [ 2971.635479][T14235] loop4: p163 start 1034 is beyond EOD, truncated [ 2971.641955][T14235] loop4: p164 start 25 is beyond EOD, truncated [ 2971.648346][T14235] loop4: p165 start 1034 is beyond EOD, truncated [ 2971.654904][T14235] loop4: p166 start 25 is beyond EOD, truncated [ 2971.661221][T14235] loop4: p167 start 1034 is beyond EOD, truncated [ 2971.667784][T14235] loop4: p168 start 25 is beyond EOD, truncated [ 2971.674100][T14235] loop4: p169 start 1034 is beyond EOD, truncated [ 2971.680667][T14235] loop4: p170 start 25 is beyond EOD, truncated [ 2971.687041][T14235] loop4: p171 start 1034 is beyond EOD, truncated [ 2971.693509][T14235] loop4: p172 start 25 is beyond EOD, truncated [ 2971.699903][T14235] loop4: p173 start 1034 is beyond EOD, truncated [ 2971.706462][T14235] loop4: p174 start 25 is beyond EOD, truncated [ 2971.712779][T14235] loop4: p175 start 1034 is beyond EOD, truncated [ 2971.719339][T14235] loop4: p176 start 25 is beyond EOD, truncated [ 2971.725720][T14235] loop4: p177 start 1034 is beyond EOD, truncated [ 2971.732381][T14235] loop4: p178 start 25 is beyond EOD, truncated [ 2971.738778][T14235] loop4: p179 start 1034 is beyond EOD, truncated [ 2971.745388][T14235] loop4: p180 start 25 is beyond EOD, truncated [ 2971.751698][T14235] loop4: p181 start 1034 is beyond EOD, truncated [ 2971.758299][T14235] loop4: p182 start 25 is beyond EOD, truncated [ 2971.764709][T14235] loop4: p183 start 1034 is beyond EOD, truncated [ 2971.771213][T14235] loop4: p184 start 25 is beyond EOD, truncated [ 2971.777619][T14235] loop4: p185 start 1034 is beyond EOD, truncated [ 2971.784129][T14235] loop4: p186 start 25 is beyond EOD, truncated [ 2971.790522][T14235] loop4: p187 start 1034 is beyond EOD, truncated [ 2971.797094][T14235] loop4: p188 start 25 is beyond EOD, truncated [ 2971.803414][T14235] loop4: p189 start 1034 is beyond EOD, truncated [ 2971.809987][T14235] loop4: p190 start 25 is beyond EOD, truncated [ 2971.816383][T14235] loop4: p191 start 1034 is beyond EOD, truncated [ 2971.822873][T14235] loop4: p192 start 25 is beyond EOD, truncated [ 2971.829274][T14235] loop4: p193 start 1034 is beyond EOD, truncated [ 2971.835832][T14235] loop4: p194 start 25 is beyond EOD, truncated [ 2971.842149][T14235] loop4: p195 start 1034 is beyond EOD, truncated [ 2971.848724][T14235] loop4: p196 start 25 is beyond EOD, truncated [ 2971.855109][T14235] loop4: p197 start 1034 is beyond EOD, truncated [ 2971.861588][T14235] loop4: p198 start 25 is beyond EOD, truncated [ 2971.867981][T14235] loop4: p199 start 1034 is beyond EOD, truncated [ 2971.874458][T14235] loop4: p200 start 25 is beyond EOD, truncated [ 2971.880886][T14235] loop4: p201 start 1034 is beyond EOD, truncated [ 2971.887447][T14235] loop4: p202 start 25 is beyond EOD, truncated [ 2971.893745][T14235] loop4: p203 start 1034 is beyond EOD, truncated [ 2971.900332][T14235] loop4: p204 start 25 is beyond EOD, truncated [ 2971.906774][T14235] loop4: p205 start 1034 is beyond EOD, truncated [ 2971.913258][T14235] loop4: p206 start 25 is beyond EOD, truncated [ 2971.919755][T14235] loop4: p207 start 1034 is beyond EOD, truncated [ 2971.926323][T14235] loop4: p208 start 25 is beyond EOD, truncated [ 2971.932641][T14235] loop4: p209 start 1034 is beyond EOD, truncated [ 2971.939221][T14235] loop4: p210 start 25 is beyond EOD, truncated [ 2971.945622][T14235] loop4: p211 start 1034 is beyond EOD, truncated [ 2971.952245][T14235] loop4: p212 start 25 is beyond EOD, truncated [ 2971.958656][T14235] loop4: p213 start 1034 is beyond EOD, truncated [ 2971.965240][T14235] loop4: p214 start 25 is beyond EOD, truncated [ 2971.971543][T14235] loop4: p215 start 1034 is beyond EOD, truncated [ 2971.978117][T14235] loop4: p216 start 25 is beyond EOD, truncated [ 2971.984423][T14235] loop4: p217 start 1034 is beyond EOD, truncated [ 2971.991097][T14235] loop4: p218 start 25 is beyond EOD, truncated [ 2971.997501][T14235] loop4: p219 start 1034 is beyond EOD, truncated [ 2972.004094][T14235] loop4: p220 start 25 is beyond EOD, truncated [ 2972.010510][T14235] loop4: p221 start 1034 is beyond EOD, truncated [ 2972.017088][T14235] loop4: p222 start 25 is beyond EOD, truncated [ 2972.023386][T14235] loop4: p223 start 1034 is beyond EOD, truncated [ 2972.030086][T14235] loop4: p224 start 25 is beyond EOD, truncated [ 2972.036480][T14235] loop4: p225 start 1034 is beyond EOD, truncated [ 2972.042956][T14235] loop4: p226 start 25 is beyond EOD, truncated [ 2972.049356][T14235] loop4: p227 start 1034 is beyond EOD, truncated [ 2972.055957][T14235] loop4: p228 start 25 is beyond EOD, truncated [ 2972.062266][T14235] loop4: p229 start 1034 is beyond EOD, truncated 00:46:46 executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x1, 0xc0, 0x4, 0x3}, 0x40) unshare(0x20000400) bpf$MAP_UPDATE_BATCH(0x1b, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x4}, 0x38) [ 2972.068831][T14235] loop4: p230 start 25 is beyond EOD, truncated [ 2972.075225][T14235] loop4: p231 start 1034 is beyond EOD, truncated [ 2972.082136][T14235] loop4: p232 start 25 is beyond EOD, truncated [ 2972.088542][T14235] loop4: p233 start 1034 is beyond EOD, truncated [ 2972.095094][T14235] loop4: p234 start 25 is beyond EOD, truncated [ 2972.101393][T14235] loop4: p235 start 1034 is beyond EOD, truncated [ 2972.107962][T14235] loop4: p236 start 25 is beyond EOD, truncated [ 2972.114259][T14235] loop4: p237 start 1034 is beyond EOD, truncated [ 2972.120828][T14235] loop4: p238 start 25 is beyond EOD, truncated [ 2972.127241][T14235] loop4: p239 start 1034 is beyond EOD, truncated [ 2972.133721][T14235] loop4: p240 start 25 is beyond EOD, truncated [ 2972.140125][T14235] loop4: p241 start 1034 is beyond EOD, truncated [ 2972.146695][T14235] loop4: p242 start 25 is beyond EOD, truncated [ 2972.152994][T14235] loop4: p243 start 1034 is beyond EOD, truncated [ 2972.159569][T14235] loop4: p244 start 25 is beyond EOD, truncated [ 2972.165952][T14235] loop4: p245 start 1034 is beyond EOD, truncated [ 2972.172604][T14235] loop4: p246 start 25 is beyond EOD, truncated [ 2972.179120][T14235] loop4: p247 start 1034 is beyond EOD, truncated [ 2972.185694][T14235] loop4: p248 start 25 is beyond EOD, truncated [ 2972.192013][T14235] loop4: p249 start 1034 is beyond EOD, truncated [ 2972.198591][T14235] loop4: p250 start 25 is beyond EOD, truncated [ 2972.201044][T14563] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 2972.205004][T14235] loop4: p251 start 1034 is beyond EOD, truncated [ 2972.227422][T14235] loop4: p252 start 25 is beyond EOD, truncated [ 2972.233807][T14235] loop4: p253 start 1034 is beyond EOD, truncated [ 2972.240383][T14235] loop4: p254 start 25 is beyond EOD, truncated [ 2972.246766][T14235] loop4: p255 start 1034 is beyond EOD, truncated 00:46:46 executing program 1: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) read$dsp(r0, &(0x7f00000001c0)=""/4082, 0xff2) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc0045009, &(0x7f0000001300)=0x1) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f00000000c0)) 00:46:46 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x200000000000011, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', 0x0}) bind$packet(r1, &(0x7f0000000240)={0x11, 0x0, r3}, 0x14) getsockname$packet(r1, &(0x7f0000000500)={0x11, 0x0, 0x0}, &(0x7f0000000040)=0x10eef0f1) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=@newlink={0x54, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_VFINFO_LIST={0x30, 0x16, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, [@IFLA_VF_MAC={0x28, 0x9, {0x0, @dev}}]}]}, @IFLA_IFALIASn={0x4}]}, 0x54}}, 0x0) 00:46:47 executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x1, 0xc0, 0x4, 0x3}, 0x40) unshare(0x20000400) bpf$MAP_UPDATE_BATCH(0x1b, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x4}, 0x38) [ 2973.208037][T14682] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. 00:46:49 executing program 3: r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, [], [{0x0, 0x0, 0x0, 0x0, 0x9}]}) 00:46:49 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f00000002c0)=[{&(0x7f0000000000)="0201a9ffffff0a040000ff45ac0480ef000000000000190000000000800680ffffffbf000000e100e2ff87770072003007000500000000000000008000da55aa", 0x40, 0x1c0}]) 00:46:49 executing program 1: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) read$dsp(r0, &(0x7f00000001c0)=""/4082, 0xff2) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc0045009, &(0x7f0000001300)=0x1) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f00000000c0)) 00:46:49 executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x1, 0xc0, 0x4, 0x3}, 0x40) unshare(0x20000400) bpf$MAP_UPDATE_BATCH(0x1b, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x4}, 0x38) 00:46:49 executing program 0: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) read$dsp(r0, &(0x7f00000001c0)=""/4082, 0xff2) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc0045009, &(0x7f0000001300)=0x1) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f00000000c0)) 00:46:49 executing program 5: mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x7, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000c34000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000080)={{&(0x7f0000291000/0x400000)=nil, 0x400000}}) ioctl(0xffffffffffffffff, 0x0, 0x0) [ 2975.930485][T14804] loop4: p1 p2 p3 p4 < p5 p6 p7 p8 p9 p10 p11 p12 p13 p14 p15 p16 p17 p18 p19 p20 p21 p22 p23 p24 p25 p26 p27 p28 p29 p30 p31 p32 p33 p34 p35 p36 p37 p38 p39 p40 p41 p42 p43 p44 p45 p46 p47 p48 p49 p50 p51 p52 p53 p54 p55 p56 p57 p58 p59 p60 p61 p62 p63 p64 p65 p66 p67 p68 p69 p70 p71 p72 p73 p74 p75 p76 p77 p78 p79 p80 p81 p82 p83 p84 p85 p86 p87 p88 p89 p90 p91 p92 p93 p94 p95 p96 p97 p98 p99 p100 p101 p102 p103 p104 p105 p106 p107 p108 p109 p110 p111 p112 p113 p114 p115 p116 p117 p118 p119 p120 p121 p122 p123 p124 p125 p126 p127 p128 p129 p130 p131 p132 p133 p134 p135 p136 p137 p138 p139 p140 p141 p142 p143 p144 p145 p146 p147 p148 p149 p150 p151 p152 p153 p154 p155 p156 p157 p158 p159 p160 p161 p162 p163 p164 p165 p166 p167 p168 p169 p170 p171 p172 p173 p174 p175 p176 p177 p178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p [ 2975.930529][T14804] loop4: partition table partially beyond EOD, truncated 00:46:50 executing program 0: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) read$dsp(r0, &(0x7f00000001c0)=""/4082, 0xff2) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc0045009, &(0x7f0000001300)=0x1) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f00000000c0)) [ 2976.027844][T14804] loop4: p1 start 1034 is beyond EOD, truncated [ 2976.034174][T14804] loop4: p2 start 25 is beyond EOD, truncated [ 2976.040508][T14804] loop4: p3 start 4293001441 is beyond EOD, truncated [ 2976.047547][T14804] loop4: p4 size 2 extends beyond EOD, truncated [ 2976.228146][T14804] loop4: p5 start 1034 is beyond EOD, truncated [ 2976.234849][T14804] loop4: p6 start 25 is beyond EOD, truncated [ 2976.240993][T14804] loop4: p7 start 1034 is beyond EOD, truncated [ 2976.247520][T14804] loop4: p8 start 25 is beyond EOD, truncated [ 2976.253656][T14804] loop4: p9 start 1034 is beyond EOD, truncated [ 2976.260159][T14804] loop4: p10 start 25 is beyond EOD, truncated [ 2976.266572][T14804] loop4: p11 start 1034 is beyond EOD, truncated [ 2976.272972][T14804] loop4: p12 start 25 is beyond EOD, truncated [ 2976.279361][T14804] loop4: p13 start 1034 is beyond EOD, truncated [ 2976.285876][T14804] loop4: p14 start 25 is beyond EOD, truncated [ 2976.292098][T14804] loop4: p15 start 1034 is beyond EOD, truncated [ 2976.298870][T14804] loop4: p16 start 25 is beyond EOD, truncated [ 2976.305198][T14804] loop4: p17 start 1034 is beyond EOD, truncated [ 2976.311588][T14804] loop4: p18 start 25 is beyond EOD, truncated [ 2976.317988][T14804] loop4: p19 start 1034 is beyond EOD, truncated [ 2976.324392][T14804] loop4: p20 start 25 is beyond EOD, truncated [ 2976.330791][T14804] loop4: p21 start 1034 is beyond EOD, truncated [ 2976.337470][T14804] loop4: p22 start 25 is beyond EOD, truncated [ 2976.343766][T14804] loop4: p23 start 1034 is beyond EOD, truncated [ 2976.350270][T14804] loop4: p24 start 25 is beyond EOD, truncated [ 2976.356634][T14804] loop4: p25 start 1034 is beyond EOD, truncated [ 2976.363093][T14804] loop4: p26 start 25 is beyond EOD, truncated [ 2976.369721][T14804] loop4: p27 start 1034 is beyond EOD, truncated 00:46:50 executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x1, 0xc0, 0x4, 0x3}, 0x40) unshare(0x20000400) bpf$MAP_UPDATE_BATCH(0x1b, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x4}, 0x38) [ 2976.376312][T14804] loop4: p28 start 25 is beyond EOD, truncated [ 2976.382516][T14804] loop4: p29 start 1034 is beyond EOD, truncated [ 2976.389056][T14804] loop4: p30 start 25 is beyond EOD, truncated [ 2976.395403][T14804] loop4: p31 start 1034 is beyond EOD, truncated [ 2976.401794][T14804] loop4: p32 start 25 is beyond EOD, truncated [ 2976.408186][T14804] loop4: p33 start 1034 is beyond EOD, truncated [ 2976.416242][T14804] loop4: p34 start 25 is beyond EOD, truncated [ 2976.422482][T14804] loop4: p35 start 1034 is beyond EOD, truncated [ 2976.429019][T14804] loop4: p36 start 25 is beyond EOD, truncated [ 2976.435328][T14804] loop4: p37 start 1034 is beyond EOD, truncated [ 2976.441717][T14804] loop4: p38 start 25 is beyond EOD, truncated [ 2976.448078][T14804] loop4: p39 start 1034 is beyond EOD, truncated [ 2976.454528][T14804] loop4: p40 start 25 is beyond EOD, truncated [ 2976.460925][T14804] loop4: p41 start 1034 is beyond EOD, truncated [ 2976.467487][T14804] loop4: p42 start 25 is beyond EOD, truncated [ 2976.473708][T14804] loop4: p43 start 1034 is beyond EOD, truncated [ 2976.480245][T14804] loop4: p44 start 25 is beyond EOD, truncated [ 2976.486561][T14804] loop4: p45 start 1034 is beyond EOD, truncated [ 2976.492950][T14804] loop4: p46 start 25 is beyond EOD, truncated [ 2976.499307][T14804] loop4: p47 start 1034 is beyond EOD, truncated [ 2976.505796][T14804] loop4: p48 start 25 is beyond EOD, truncated [ 2976.512009][T14804] loop4: p49 start 1034 is beyond EOD, truncated [ 2976.518545][T14804] loop4: p50 start 25 is beyond EOD, truncated [ 2976.526423][T14804] loop4: p51 start 1034 is beyond EOD, truncated [ 2976.532912][T14804] loop4: p52 start 25 is beyond EOD, truncated [ 2976.539269][T14804] loop4: p53 start 1034 is beyond EOD, truncated [ 2976.546375][T14804] loop4: p54 start 25 is beyond EOD, truncated [ 2976.552590][T14804] loop4: p55 start 1034 is beyond EOD, truncated [ 2976.559129][T14804] loop4: p56 start 25 is beyond EOD, truncated [ 2976.565613][T14804] loop4: p57 start 1034 is beyond EOD, truncated [ 2976.572006][T14804] loop4: p58 start 25 is beyond EOD, truncated [ 2976.578387][T14804] loop4: p59 start 1034 is beyond EOD, truncated [ 2976.584872][T14804] loop4: p60 start 25 is beyond EOD, truncated [ 2976.591106][T14804] loop4: p61 start 1034 is beyond EOD, truncated [ 2976.597645][T14804] loop4: p62 start 25 is beyond EOD, truncated [ 2976.603866][T14804] loop4: p63 start 1034 is beyond EOD, truncated [ 2976.610401][T14804] loop4: p64 start 25 is beyond EOD, truncated [ 2976.616713][T14804] loop4: p65 start 1034 is beyond EOD, truncated [ 2976.623115][T14804] loop4: p66 start 25 is beyond EOD, truncated [ 2976.629495][T14804] loop4: p67 start 1034 is beyond EOD, truncated [ 2976.636015][T14804] loop4: p68 start 25 is beyond EOD, truncated [ 2976.642295][T14804] loop4: p69 start 1034 is beyond EOD, truncated [ 2976.648781][T14804] loop4: p70 start 25 is beyond EOD, truncated [ 2976.655141][T14804] loop4: p71 start 1034 is beyond EOD, truncated [ 2976.661607][T14804] loop4: p72 start 25 is beyond EOD, truncated [ 2976.667984][T14804] loop4: p73 start 1034 is beyond EOD, truncated [ 2976.674674][T14804] loop4: p74 start 25 is beyond EOD, truncated [ 2976.680977][T14804] loop4: p75 start 1034 is beyond EOD, truncated [ 2976.687464][T14804] loop4: p76 start 25 is beyond EOD, truncated [ 2976.693737][T14804] loop4: p77 start 1034 is beyond EOD, truncated [ 2976.700222][T14804] loop4: p78 start 25 is beyond EOD, truncated [ 2976.706597][T14804] loop4: p79 start 1034 is beyond EOD, truncated [ 2976.713038][T14804] loop4: p80 start 25 is beyond EOD, truncated [ 2976.719426][T14804] loop4: p81 start 1034 is beyond EOD, truncated [ 2976.725896][T14804] loop4: p82 start 25 is beyond EOD, truncated [ 2976.732223][T14804] loop4: p83 start 1034 is beyond EOD, truncated [ 2976.738707][T14804] loop4: p84 start 25 is beyond EOD, truncated [ 2976.745060][T14804] loop4: p85 start 1034 is beyond EOD, truncated [ 2976.751502][T14804] loop4: p86 start 25 is beyond EOD, truncated [ 2976.757867][T14804] loop4: p87 start 1034 is beyond EOD, truncated [ 2976.764292][T14804] loop4: p88 start 25 is beyond EOD, truncated [ 2976.770674][T14804] loop4: p89 start 1034 is beyond EOD, truncated 00:46:50 executing program 0: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) read$dsp(r0, &(0x7f00000001c0)=""/4082, 0xff2) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc0045009, &(0x7f0000001300)=0x1) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f00000000c0)) [ 2976.777165][T14804] loop4: p90 start 25 is beyond EOD, truncated [ 2976.783732][T14804] loop4: p91 start 1034 is beyond EOD, truncated [ 2976.790288][T14804] loop4: p92 start 25 is beyond EOD, truncated [ 2976.796607][T14804] loop4: p93 start 1034 is beyond EOD, truncated [ 2976.803073][T14804] loop4: p94 start 25 is beyond EOD, truncated [ 2976.809527][T14804] loop4: p95 start 1034 is beyond EOD, truncated [ 2976.816307][T14804] loop4: p96 start 25 is beyond EOD, truncated [ 2976.822521][T14804] loop4: p97 start 1034 is beyond EOD, truncated [ 2976.829152][T14804] loop4: p98 start 25 is beyond EOD, truncated [ 2976.835516][T14804] loop4: p99 start 1034 is beyond EOD, truncated [ 2976.842138][T14804] loop4: p100 start 25 is beyond EOD, truncated [ 2976.848588][T14804] loop4: p101 start 1034 is beyond EOD, truncated [ 2976.855217][T14804] loop4: p102 start 25 is beyond EOD, truncated [ 2976.861540][T14804] loop4: p103 start 1034 is beyond EOD, truncated [ 2976.868214][T14804] loop4: p104 start 25 is beyond EOD, truncated [ 2976.874536][T14804] loop4: p105 start 1034 is beyond EOD, truncated [ 2976.881198][T14804] loop4: p106 start 25 is beyond EOD, truncated [ 2976.887653][T14804] loop4: p107 start 1034 is beyond EOD, truncated [ 2976.894203][T14804] loop4: p108 start 25 is beyond EOD, truncated [ 2976.900693][T14804] loop4: p109 start 1034 is beyond EOD, truncated [ 2976.907327][T14804] loop4: p110 start 25 is beyond EOD, truncated [ 2976.913635][T14804] loop4: p111 start 1034 is beyond EOD, truncated [ 2976.920264][T14804] loop4: p112 start 25 is beyond EOD, truncated [ 2976.926670][T14804] loop4: p113 start 1034 is beyond EOD, truncated [ 2976.933201][T14804] loop4: p114 start 25 is beyond EOD, truncated [ 2976.939596][T14804] loop4: p115 start 1034 is beyond EOD, truncated [ 2976.946225][T14804] loop4: p116 start 25 is beyond EOD, truncated [ 2976.952527][T14804] loop4: p117 start 1034 is beyond EOD, truncated [ 2976.959143][T14804] loop4: p118 start 25 is beyond EOD, truncated [ 2976.965566][T14804] loop4: p119 start 1034 is beyond EOD, truncated [ 2976.972036][T14804] loop4: p120 start 25 is beyond EOD, truncated [ 2976.978502][T14804] loop4: p121 start 1034 is beyond EOD, truncated [ 2976.985063][T14804] loop4: p122 start 25 is beyond EOD, truncated [ 2976.991473][T14804] loop4: p123 start 1034 is beyond EOD, truncated [ 2976.998090][T14804] loop4: p124 start 25 is beyond EOD, truncated [ 2977.004458][T14804] loop4: p125 start 1034 is beyond EOD, truncated [ 2977.011099][T14804] loop4: p126 start 25 is beyond EOD, truncated [ 2977.017665][T14804] loop4: p127 start 1034 is beyond EOD, truncated [ 2977.024193][T14804] loop4: p128 start 25 is beyond EOD, truncated [ 2977.030598][T14804] loop4: p129 start 1034 is beyond EOD, truncated [ 2977.037207][T14804] loop4: p130 start 25 is beyond EOD, truncated [ 2977.043510][T14804] loop4: p131 start 1034 is beyond EOD, truncated [ 2977.050131][T14804] loop4: p132 start 25 is beyond EOD, truncated [ 2977.056531][T14804] loop4: p133 start 1034 is beyond EOD, truncated [ 2977.063001][T14804] loop4: p134 start 25 is beyond EOD, truncated [ 2977.069519][T14804] loop4: p135 start 1034 is beyond EOD, truncated [ 2977.076143][T14804] loop4: p136 start 25 is beyond EOD, truncated [ 2977.082501][T14804] loop4: p137 start 1034 is beyond EOD, truncated [ 2977.089068][T14804] loop4: p138 start 25 is beyond EOD, truncated [ 2977.095501][T14804] loop4: p139 start 1034 is beyond EOD, truncated [ 2977.101974][T14804] loop4: p140 start 25 is beyond EOD, truncated [ 2977.108426][T14804] loop4: p141 start 1034 is beyond EOD, truncated [ 2977.114993][T14804] loop4: p142 start 25 is beyond EOD, truncated [ 2977.121354][T14804] loop4: p143 start 1034 is beyond EOD, truncated [ 2977.127936][T14804] loop4: p144 start 25 is beyond EOD, truncated [ 2977.135424][T14804] loop4: p145 start 1034 is beyond EOD, truncated [ 2977.141903][T14804] loop4: p146 start 25 is beyond EOD, truncated [ 2977.148380][T14804] loop4: p147 start 1034 is beyond EOD, truncated [ 2977.154970][T14804] loop4: p148 start 25 is beyond EOD, truncated [ 2977.161282][T14804] loop4: p149 start 1034 is beyond EOD, truncated [ 2977.167958][T14804] loop4: p150 start 25 is beyond EOD, truncated [ 2977.174307][T14804] loop4: p151 start 1034 is beyond EOD, truncated [ 2977.180947][T14804] loop4: p152 start 25 is beyond EOD, truncated [ 2977.187356][T14804] loop4: p153 start 1034 is beyond EOD, truncated [ 2977.193833][T14804] loop4: p154 start 25 is beyond EOD, truncated [ 2977.200296][T14804] loop4: p155 start 1034 is beyond EOD, truncated [ 2977.206881][T14804] loop4: p156 start 25 is beyond EOD, truncated [ 2977.213231][T14804] loop4: p157 start 1034 is beyond EOD, truncated [ 2977.219796][T14804] loop4: p158 start 25 is beyond EOD, truncated [ 2977.226231][T14804] loop4: p159 start 1034 is beyond EOD, truncated 00:46:51 executing program 1: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) read$dsp(r0, &(0x7f00000001c0)=""/4082, 0xff2) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc0045009, &(0x7f0000001300)=0x1) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f00000000c0)) [ 2977.232821][T14804] loop4: p160 start 25 is beyond EOD, truncated [ 2977.239359][T14804] loop4: p161 start 1034 is beyond EOD, truncated [ 2977.245929][T14804] loop4: p162 start 25 is beyond EOD, truncated [ 2977.252229][T14804] loop4: p163 start 1034 is beyond EOD, truncated [ 2977.258847][T14804] loop4: p164 start 25 is beyond EOD, truncated [ 2977.265252][T14804] loop4: p165 start 1034 is beyond EOD, truncated [ 2977.271732][T14804] loop4: p166 start 25 is beyond EOD, truncated [ 2977.278175][T14804] loop4: p167 start 1034 is beyond EOD, truncated [ 2977.284775][T14804] loop4: p168 start 25 is beyond EOD, truncated [ 2977.291071][T14804] loop4: p169 start 1034 is beyond EOD, truncated [ 2977.297714][T14804] loop4: p170 start 25 is beyond EOD, truncated [ 2977.304087][T14804] loop4: p171 start 1034 is beyond EOD, truncated [ 2977.310785][T14804] loop4: p172 start 25 is beyond EOD, truncated [ 2977.317359][T14804] loop4: p173 start 1034 is beyond EOD, truncated [ 2977.323848][T14804] loop4: p174 start 25 is beyond EOD, truncated [ 2977.330309][T14804] loop4: p175 start 1034 is beyond EOD, truncated [ 2977.336883][T14804] loop4: p176 start 25 is beyond EOD, truncated [ 2977.343217][T14804] loop4: p177 start 1034 is beyond EOD, truncated [ 2977.349866][T14804] loop4: p178 start 25 is beyond EOD, truncated [ 2977.356278][T14804] loop4: p179 start 1034 is beyond EOD, truncated [ 2977.363102][T14804] loop4: p180 start 25 is beyond EOD, truncated [ 2977.369558][T14804] loop4: p181 start 1034 is beyond EOD, truncated [ 2977.376183][T14804] loop4: p182 start 25 is beyond EOD, truncated [ 2977.382487][T14804] loop4: p183 start 1034 is beyond EOD, truncated [ 2977.389117][T14804] loop4: p184 start 25 is beyond EOD, truncated [ 2977.395515][T14804] loop4: p185 start 1034 is beyond EOD, truncated [ 2977.402037][T14804] loop4: p186 start 25 is beyond EOD, truncated [ 2977.408422][T14804] loop4: p187 start 1034 is beyond EOD, truncated [ 2977.415017][T14804] loop4: p188 start 25 is beyond EOD, truncated [ 2977.421319][T14804] loop4: p189 start 1034 is beyond EOD, truncated [ 2977.427944][T14804] loop4: p190 start 25 is beyond EOD, truncated [ 2977.434252][T14804] loop4: p191 start 1034 is beyond EOD, truncated [ 2977.440862][T14804] loop4: p192 start 25 is beyond EOD, truncated [ 2977.447323][T14804] loop4: p193 start 1034 is beyond EOD, truncated [ 2977.453795][T14804] loop4: p194 start 25 is beyond EOD, truncated [ 2977.460255][T14804] loop4: p195 start 1034 is beyond EOD, truncated [ 2977.466839][T14804] loop4: p196 start 25 is beyond EOD, truncated [ 2977.473153][T14804] loop4: p197 start 1034 is beyond EOD, truncated [ 2977.479780][T14804] loop4: p198 start 25 is beyond EOD, truncated [ 2977.486182][T14804] loop4: p199 start 1034 is beyond EOD, truncated [ 2977.492779][T14804] loop4: p200 start 25 is beyond EOD, truncated [ 2977.499268][T14804] loop4: p201 start 1034 is beyond EOD, truncated [ 2977.505889][T14804] loop4: p202 start 25 is beyond EOD, truncated [ 2977.512187][T14804] loop4: p203 start 1034 is beyond EOD, truncated [ 2977.518818][T14804] loop4: p204 start 25 is beyond EOD, truncated [ 2977.525198][T14804] loop4: p205 start 1034 is beyond EOD, truncated [ 2977.531678][T14804] loop4: p206 start 25 is beyond EOD, truncated [ 2977.538151][T14804] loop4: p207 start 1034 is beyond EOD, truncated [ 2977.544731][T14804] loop4: p208 start 25 is beyond EOD, truncated [ 2977.551639][T14804] loop4: p209 start 1034 is beyond EOD, truncated [ 2977.558286][T14804] loop4: p210 start 25 is beyond EOD, truncated [ 2977.564679][T14804] loop4: p211 start 1034 is beyond EOD, truncated [ 2977.571236][T14804] loop4: p212 start 25 is beyond EOD, truncated [ 2977.577662][T14804] loop4: p213 start 1034 is beyond EOD, truncated [ 2977.584138][T14804] loop4: p214 start 25 is beyond EOD, truncated [ 2977.590618][T14804] loop4: p215 start 1034 is beyond EOD, truncated [ 2977.597201][T14804] loop4: p216 start 25 is beyond EOD, truncated [ 2977.603571][T14804] loop4: p217 start 1034 is beyond EOD, truncated [ 2977.610158][T14804] loop4: p218 start 25 is beyond EOD, truncated [ 2977.616608][T14804] loop4: p219 start 1034 is beyond EOD, truncated [ 2977.623152][T14804] loop4: p220 start 25 is beyond EOD, truncated [ 2977.629550][T14804] loop4: p221 start 1034 is beyond EOD, truncated [ 2977.636173][T14804] loop4: p222 start 25 is beyond EOD, truncated [ 2977.642502][T14804] loop4: p223 start 1034 is beyond EOD, truncated [ 2977.649128][T14804] loop4: p224 start 25 is beyond EOD, truncated [ 2977.655530][T14804] loop4: p225 start 1034 is beyond EOD, truncated [ 2977.662062][T14804] loop4: p226 start 25 is beyond EOD, truncated [ 2977.668464][T14804] loop4: p227 start 1034 is beyond EOD, truncated [ 2977.675071][T14804] loop4: p228 start 25 is beyond EOD, truncated [ 2977.681379][T14804] loop4: p229 start 1034 is beyond EOD, truncated [ 2977.688019][T14804] loop4: p230 start 25 is beyond EOD, truncated [ 2977.694353][T14804] loop4: p231 start 1034 is beyond EOD, truncated [ 2977.700979][T14804] loop4: p232 start 25 is beyond EOD, truncated [ 2977.707385][T14804] loop4: p233 start 1034 is beyond EOD, truncated [ 2977.713851][T14804] loop4: p234 start 25 is beyond EOD, truncated [ 2977.720299][T14804] loop4: p235 start 1034 is beyond EOD, truncated [ 2977.727008][T14804] loop4: p236 start 25 is beyond EOD, truncated [ 2977.733382][T14804] loop4: p237 start 1034 is beyond EOD, truncated [ 2977.740089][T14804] loop4: p238 start 25 is beyond EOD, truncated [ 2977.746525][T14804] loop4: p239 start 1034 is beyond EOD, truncated [ 2977.753007][T14804] loop4: p240 start 25 is beyond EOD, truncated [ 2977.759481][T14804] loop4: p241 start 1034 is beyond EOD, truncated [ 2977.766046][T14804] loop4: p242 start 25 is beyond EOD, truncated [ 2977.772415][T14804] loop4: p243 start 1034 is beyond EOD, truncated [ 2977.778996][T14804] loop4: p244 start 25 is beyond EOD, truncated [ 2977.785439][T14804] loop4: p245 start 1034 is beyond EOD, truncated [ 2977.791919][T14804] loop4: p246 start 25 is beyond EOD, truncated [ 2977.798414][T14804] loop4: p247 start 1034 is beyond EOD, truncated [ 2977.804999][T14804] loop4: p248 start 25 is beyond EOD, truncated [ 2977.811355][T14804] loop4: p249 start 1034 is beyond EOD, truncated [ 2977.817930][T14804] loop4: p250 start 25 is beyond EOD, truncated [ 2977.824297][T14804] loop4: p251 start 1034 is beyond EOD, truncated [ 2977.830866][T14804] loop4: p252 start 25 is beyond EOD, truncated [ 2977.837330][T14804] loop4: p253 start 1034 is beyond EOD, truncated [ 2977.843809][T14804] loop4: p254 start 25 is beyond EOD, truncated [ 2977.850274][T14804] loop4: p255 start 1034 is beyond EOD, truncated 00:46:52 executing program 0: r0 = syz_open_dev$evdev(&(0x7f0000000080)='/dev/input/event#\x00', 0xc, 0x21a01) ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000000c0)={0x0, 0x0, 0x0, {0x0, 0x100000000000001}, {0x49, 0x2}}) write$evdev(r0, &(0x7f0000000040), 0x373) 00:46:52 executing program 2: unshare(0x2a000400) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000280)='ramfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) lseek(r0, 0x0, 0x0) [ 2981.473436][ C0] not chained 800000 origins [ 2981.478074][ C0] CPU: 0 PID: 5371 Comm: kworker/u4:4 Not tainted 5.6.0-rc2-syzkaller #0 [ 2981.486489][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2981.496558][ C0] Workqueue: krdsd rds_connect_worker [ 2981.501937][ C0] Call Trace: [ 2981.505230][ C0] [ 2981.508113][ C0] dump_stack+0x1c9/0x220 [ 2981.512446][ C0] kmsan_internal_chain_origin+0x6f/0x130 [ 2981.518167][ C0] ? xfrm_lookup_route+0x2c1/0x370 [ 2981.523274][ C0] ? ip_route_output_flow+0x35a/0x3d0 [ 2981.528645][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2981.533836][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2981.539019][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2981.544834][ C0] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 2981.550993][ C0] ? tcp_select_initial_window+0x60d/0x6c0 [ 2981.556807][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2981.562020][ C0] __msan_chain_origin+0x50/0x90 [ 2981.566951][ C0] tcp_openreq_init_rwin+0xc22/0xc80 [ 2981.572234][ C0] tcp_conn_request+0x33d7/0x4d10 [ 2981.577297][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2981.582508][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2981.587807][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2981.592915][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2981.597944][ C0] ? inet6_sk_rx_dst_set+0x3d0/0x3d0 [ 2981.603234][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2981.608624][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2981.613856][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2981.619658][ C0] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 2981.625850][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2981.631040][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2981.635645][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2981.640227][ C0] ? tcp_filter+0xf0/0xf0 [ 2981.644567][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2981.650028][ C0] ip_local_deliver+0x62a/0x7c0 [ 2981.654992][ C0] ? ip_local_deliver+0x7c0/0x7c0 [ 2981.660070][ C0] ? ip_protocol_deliver_rcu+0xbc0/0xbc0 [ 2981.665683][ C0] ip_rcv+0x6cf/0x750 [ 2981.669658][ C0] ? ip_rcv_core+0x1270/0x1270 [ 2981.674427][ C0] ? ip_local_deliver_finish+0x350/0x350 [ 2981.680049][ C0] process_backlog+0xf0b/0x1410 [ 2981.684905][ C0] ? ip_local_deliver_finish+0x350/0x350 [ 2981.690558][ C0] ? rps_trigger_softirq+0x2e0/0x2e0 [ 2981.695838][ C0] net_rx_action+0x786/0x1aa0 [ 2981.700579][ C0] ? net_tx_action+0xc30/0xc30 [ 2981.705344][ C0] __do_softirq+0x311/0x83d [ 2981.714675][ C0] do_softirq_own_stack+0x49/0x80 [ 2981.719697][ C0] [ 2981.722637][ C0] __local_bh_enable_ip+0x184/0x1d0 [ 2981.727825][ C0] local_bh_enable+0x36/0x40 [ 2981.732398][ C0] ip_finish_output2+0x2115/0x2610 [ 2981.737532][ C0] ? ctnetlink_net_exit_batch+0x180/0x180 [ 2981.743248][ C0] ? nf_ct_deliver_cached_events+0x403/0x6c0 [ 2981.749235][ C0] __ip_finish_output+0xaa7/0xd80 [ 2981.754254][ C0] ip_finish_output+0x166/0x410 [ 2981.759112][ C0] ip_output+0x593/0x680 [ 2981.763349][ C0] ? ip_mc_finish_output+0x6c0/0x6c0 [ 2981.768648][ C0] ? ip_finish_output+0x410/0x410 [ 2981.773666][ C0] __ip_queue_xmit+0x1b5c/0x21a0 [ 2981.778686][ C0] ? kmsan_set_origin_checked+0x95/0xf0 [ 2981.784342][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2981.789553][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2981.794760][ C0] ip_queue_xmit+0xcc/0xf0 [ 2981.799193][ C0] ? tcp_v4_fill_cb+0x580/0x580 [ 2981.804036][ C0] __tcp_transmit_skb+0x439c/0x6090 [ 2981.809246][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2981.815091][ C0] tcp_connect+0x4337/0x6920 [ 2981.819707][ C0] ? __msan_poison_alloca+0xf0/0x120 [ 2981.825001][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2981.830224][ C0] tcp_v4_connect+0x21fd/0x2370 [ 2981.835111][ C0] ? tcp_twsk_unique+0xba0/0xba0 [ 2981.840059][ C0] __inet_stream_connect+0x2fb/0x1340 [ 2981.845431][ C0] ? __local_bh_enable_ip+0x97/0x1d0 [ 2981.850707][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2981.855921][ C0] inet_stream_connect+0x101/0x180 [ 2981.861064][ C0] ? __inet_stream_connect+0x1340/0x1340 [ 2981.866694][ C0] rds_tcp_conn_path_connect+0x8a7/0xb80 [ 2981.872329][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2981.877759][ C0] ? rds_tcp_state_change+0x390/0x390 [ 2981.883137][ C0] rds_connect_worker+0x2a6/0x470 [ 2981.888150][ C0] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 2981.894481][ C0] ? rds_addr_cmp+0x200/0x200 [ 2981.899219][ C0] process_one_work+0x1555/0x1f40 [ 2981.904249][ C0] worker_thread+0xef6/0x2450 [ 2981.908941][ C0] kthread+0x4b5/0x4f0 [ 2981.913164][ C0] ? process_one_work+0x1f40/0x1f40 [ 2981.918377][ C0] ? kthread_blkcg+0xf0/0xf0 [ 2981.922974][ C0] ret_from_fork+0x35/0x40 [ 2981.927513][ C0] Uninit was stored to memory at: [ 2981.932536][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2981.938512][ C0] __msan_chain_origin+0x50/0x90 [ 2981.943971][ C0] tcp_conn_request+0x1781/0x4d10 [ 2981.948985][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2981.954081][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2981.959089][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2981.964454][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2981.969062][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2981.973586][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2981.979030][ C0] ip_local_deliver+0x62a/0x7c0 [ 2981.983861][ C0] ip_rcv+0x6cf/0x750 [ 2981.987837][ C0] process_backlog+0xf0b/0x1410 [ 2981.992679][ C0] net_rx_action+0x786/0x1aa0 [ 2981.997350][ C0] __do_softirq+0x311/0x83d [ 2982.001830][ C0] [ 2982.004161][ C0] Uninit was stored to memory at: [ 2982.009177][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2982.015004][ C0] __msan_chain_origin+0x50/0x90 [ 2982.019967][ C0] tcp_openreq_init_rwin+0xc22/0xc80 [ 2982.025259][ C0] tcp_conn_request+0x33d7/0x4d10 [ 2982.030294][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2982.035403][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2982.040421][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2982.045789][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2982.050484][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2982.054983][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2982.060443][ C0] ip_local_deliver+0x62a/0x7c0 [ 2982.065286][ C0] ip_rcv+0x6cf/0x750 [ 2982.069267][ C0] process_backlog+0xf0b/0x1410 [ 2982.074112][ C0] net_rx_action+0x786/0x1aa0 [ 2982.078787][ C0] __do_softirq+0x311/0x83d [ 2982.083290][ C0] [ 2982.085605][ C0] Uninit was stored to memory at: [ 2982.090624][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2982.096336][ C0] __msan_chain_origin+0x50/0x90 [ 2982.101281][ C0] tcp_conn_request+0x1781/0x4d10 [ 2982.106311][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2982.111420][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2982.116437][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2982.121806][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2982.126388][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2982.131004][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2982.136460][ C0] ip_local_deliver+0x62a/0x7c0 [ 2982.141307][ C0] ip_rcv+0x6cf/0x750 [ 2982.145296][ C0] process_backlog+0xf0b/0x1410 [ 2982.150229][ C0] net_rx_action+0x786/0x1aa0 [ 2982.154904][ C0] __do_softirq+0x311/0x83d [ 2982.159483][ C0] [ 2982.161803][ C0] Uninit was stored to memory at: [ 2982.166838][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2982.172685][ C0] __msan_chain_origin+0x50/0x90 [ 2982.177642][ C0] tcp_openreq_init_rwin+0xc22/0xc80 [ 2982.182933][ C0] tcp_conn_request+0x33d7/0x4d10 [ 2982.187964][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2982.193079][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2982.198210][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2982.203563][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2982.208147][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2982.212645][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2982.218165][ C0] ip_local_deliver+0x62a/0x7c0 [ 2982.223032][ C0] ip_rcv+0x6cf/0x750 [ 2982.227024][ C0] process_backlog+0xf0b/0x1410 [ 2982.231881][ C0] net_rx_action+0x786/0x1aa0 [ 2982.236569][ C0] __do_softirq+0x311/0x83d [ 2982.241062][ C0] [ 2982.243387][ C0] Uninit was stored to memory at: [ 2982.248425][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2982.254165][ C0] __msan_chain_origin+0x50/0x90 [ 2982.259088][ C0] tcp_conn_request+0x1781/0x4d10 [ 2982.264108][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2982.269211][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2982.274229][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2982.279957][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2982.284551][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2982.289060][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2982.294515][ C0] ip_local_deliver+0x62a/0x7c0 [ 2982.299353][ C0] ip_rcv+0x6cf/0x750 [ 2982.303364][ C0] process_backlog+0xf0b/0x1410 [ 2982.308201][ C0] net_rx_action+0x786/0x1aa0 [ 2982.312863][ C0] __do_softirq+0x311/0x83d [ 2982.317341][ C0] [ 2982.319837][ C0] Uninit was stored to memory at: [ 2982.324870][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2982.330595][ C0] __msan_chain_origin+0x50/0x90 [ 2982.335653][ C0] tcp_openreq_init_rwin+0xc22/0xc80 [ 2982.340934][ C0] tcp_conn_request+0x33d7/0x4d10 [ 2982.345973][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2982.351084][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2982.356177][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2982.361965][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2982.366553][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2982.371065][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2982.376636][ C0] ip_local_deliver+0x62a/0x7c0 [ 2982.381509][ C0] ip_rcv+0x6cf/0x750 [ 2982.385487][ C0] process_backlog+0xf0b/0x1410 [ 2982.390332][ C0] net_rx_action+0x786/0x1aa0 [ 2982.395000][ C0] __do_softirq+0x311/0x83d [ 2982.399484][ C0] [ 2982.401793][ C0] Uninit was stored to memory at: [ 2982.406810][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2982.412543][ C0] __msan_chain_origin+0x50/0x90 [ 2982.417475][ C0] tcp_conn_request+0x1781/0x4d10 [ 2982.422496][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2982.427609][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 2982.432646][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2982.438018][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2982.442590][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2982.447086][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2982.452548][ C0] ip_local_deliver+0x62a/0x7c0 [ 2982.457389][ C0] ip_rcv+0x6cf/0x750 [ 2982.461389][ C0] process_backlog+0xf0b/0x1410 [ 2982.466230][ C0] net_rx_action+0x786/0x1aa0 [ 2982.470904][ C0] __do_softirq+0x311/0x83d [ 2982.475386][ C0] [ 2982.478838][ C0] Uninit was created at: [ 2982.483064][ C0] kmsan_save_stack_with_flags+0x3c/0x90 [ 2982.488692][ C0] kmsan_alloc_page+0x12a/0x310 [ 2982.493540][ C0] __alloc_pages_nodemask+0x5712/0x5e80 [ 2982.499105][ C0] alloc_pages_current+0x67d/0x990 [ 2982.504214][ C0] alloc_slab_page+0x111/0x12f0 [ 2982.509191][ C0] new_slab+0x2bc/0x1130 [ 2982.513429][ C0] ___slab_alloc+0x1533/0x1f30 [ 2982.518701][ C0] kmem_cache_alloc+0xb23/0xd70 [ 2982.523634][ C0] inet_reqsk_alloc+0xac/0x830 [ 2982.528379][ C0] tcp_conn_request+0x753/0x4d10 [ 2982.533493][ C0] tcp_v4_conn_request+0x19b/0x240 [ 2982.538604][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 2982.543959][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2982.548546][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 2982.553090][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2982.558542][ C0] ip_local_deliver+0x62a/0x7c0 [ 2982.563442][ C0] ip_sublist_rcv+0x11fa/0x13c0 [ 2982.568302][ C0] ip_list_rcv+0x8eb/0x950 [ 2982.572719][ C0] __netif_receive_skb_list_core+0x1311/0x1380 [ 2982.578883][ C0] netif_receive_skb_list_internal+0xf62/0x1620 [ 2982.585123][ C0] napi_complete_done+0x2ef/0xb60 [ 2982.590151][ C0] virtqueue_napi_complete+0xb9/0x1f0 [ 2982.595518][ C0] virtnet_poll+0x1468/0x19f0 [ 2982.600187][ C0] net_rx_action+0x786/0x1aa0 [ 2982.604862][ C0] __do_softirq+0x311/0x83d 00:46:56 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x20000884, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c) r2 = accept4(r0, 0x0, 0x0, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) sendmsg$IPVS_CMD_DEL_DEST(0xffffffffffffffff, 0x0, 0x0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r3, 0x8914, &(0x7f00000000c0)) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$team(0x0) socket$inet6_udplite(0xa, 0x2, 0x88) sendmsg$TEAM_CMD_OPTIONS_GET(r2, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000002080)={0x20, 0x0, 0x0, 0x0, 0x0, {}, [{{0x8}, {0x4}}]}, 0x20}}, 0x0) 00:46:56 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f00000002c0)=[{&(0x7f0000000000)="0201a9ffffff0a040000ff45ac0480ef000000000000190000000000800680ffffffbf000000e100e2ff87770072003007000500000000000000008000da55aa", 0x40, 0x1c0}]) 00:46:56 executing program 1: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) read$dsp(r0, &(0x7f00000001c0)=""/4082, 0xff2) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc0045009, &(0x7f0000001300)=0x1) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f00000000c0)) 00:46:56 executing program 2: r0 = socket$inet(0x2, 0x2, 0x0) sendmmsg$inet(r0, &(0x7f00000007c0)=[{{&(0x7f00000002c0)={0x2, 0x4e20, @remote}, 0x10, 0x0}}, {{&(0x7f00000003c0)={0x2, 0x4e20, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000000040)=[@ip_pktinfo={{0x18, 0x0, 0x8, {0x0, @multicast2, @local}}}], 0x18}}], 0x2, 0x0) 00:46:56 executing program 5: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, 0x0, &(0x7f00000004c0)) 00:46:56 executing program 0: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket(0x11, 0x800000003, 0x8) setsockopt$packet_buf(r3, 0x107, 0xf, &(0x7f00000014c0)="12cb96df", 0x4) bind(r3, &(0x7f0000000280)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000140)=ANY=[@ANYBLOB="07010000060000000000000000000000000000000000100008000000000000000529"], 0x22) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000140), 0x4) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x10005, 0x0) [ 2982.938879][T15248] loop4: p1 p2 p3 p4 < p5 p6 p7 p8 p9 p10 p11 p12 p13 p14 p15 p16 p17 p18 p19 p20 p21 p22 p23 p24 p25 p26 p27 p28 p29 p30 p31 p32 p33 p34 p35 p36 p37 p38 p39 p40 p41 p42 p43 p44 p45 p46 p47 p48 p49 p50 p51 p52 p53 p54 p55 p56 p57 p58 p59 p60 p61 p62 p63 p64 p65 p66 p67 p68 p69 p70 p71 p72 p73 p74 p75 p76 p77 p78 p79 p80 p81 p82 p83 p84 p85 p86 p87 p88 p89 p90 p91 p92 p93 p94 p95 p96 p97 p98 p99 p100 p101 p102 p103 p104 p105 p106 p107 p108 p109 p110 p111 p112 p113 p114 p115 p116 p117 p118 p119 p120 p121 p122 p123 p124 p125 p126 p127 p128 p129 p130 p131 p132 p133 p134 p135 p136 p137 p138 p139 p140 p141 p142 p143 p144 p145 p146 p147 p148 p149 p150 p151 p152 p153 p154 p155 p156 p157 p158 p159 p160 p161 p162 p163 p164 p165 p166 p167 p168 p169 p170 p171 p172 p173 p174 p175 p176 p177 p178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p [ 2982.938922][T15248] loop4: partition table partially beyond EOD, truncated [ 2983.034508][T15248] loop4: p1 start 1034 is beyond EOD, truncated [ 2983.040978][T15248] loop4: p2 start 25 is beyond EOD, truncated [ 2983.047242][T15248] loop4: p3 start 4293001441 is beyond EOD, truncated [ 2983.054073][T15248] loop4: p4 size 2 extends beyond EOD, truncated 00:46:57 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000000)={0x1, {{0xa, 0x0, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @ipv4={[0x0, 0x0, 0x4603000000000000]}}}}, 0x108) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/mcfilter6\x00') preadv(r1, &(0x7f0000000a00)=[{&(0x7f0000000900)=""/140, 0x8c}], 0x1, 0x3) 00:46:57 executing program 0: r0 = socket$unix(0x1, 0x2, 0x0) sendmmsg$unix(r0, &(0x7f0000004840)=[{&(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e, 0x0}], 0x1, 0x200400d0) 00:46:57 executing program 0: r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0) r2 = gettid() timer_create(0x0, &(0x7f0000000080)={0x0, 0x12}, &(0x7f0000044000)) clock_gettime(0x0, &(0x7f0000000480)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f0000000140)={{0x0, 0x8}, {0x0, r3+30000000}}, 0x0) readv(r1, &(0x7f000058c000)=[{&(0x7f0000422f69)=""/151, 0x97}], 0x10000000000001f4) dup3(r0, r1, 0x0) tkill(r2, 0x5000000000014) socketpair$unix(0x1, 0x0, 0x0, 0x0) [ 2983.474045][T15248] loop4: p5 start 1034 is beyond EOD, truncated [ 2983.480956][T15248] loop4: p6 start 25 is beyond EOD, truncated [ 2983.487230][T15248] loop4: p7 start 1034 is beyond EOD, truncated [ 2983.494818][T15248] loop4: p8 start 25 is beyond EOD, truncated [ 2983.500953][T15248] loop4: p9 start 1034 is beyond EOD, truncated [ 2983.507388][T15248] loop4: p10 start 25 is beyond EOD, truncated [ 2983.513607][T15248] loop4: p11 start 1034 is beyond EOD, truncated 00:46:57 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_opts(r0, 0x0, 0x12, &(0x7f0000000640)='+', 0x1) [ 2983.520138][T15248] loop4: p12 start 25 is beyond EOD, truncated [ 2983.526447][T15248] loop4: p13 start 1034 is beyond EOD, truncated [ 2983.532843][T15248] loop4: p14 start 25 is beyond EOD, truncated [ 2983.539177][T15248] loop4: p15 start 1034 is beyond EOD, truncated [ 2983.545643][T15248] loop4: p16 start 25 is beyond EOD, truncated [ 2983.551862][T15248] loop4: p17 start 1034 is beyond EOD, truncated [ 2983.558408][T15248] loop4: p18 start 25 is beyond EOD, truncated [ 2983.564702][T15248] loop4: p19 start 1034 is beyond EOD, truncated [ 2983.571106][T15248] loop4: p20 start 25 is beyond EOD, truncated [ 2983.577460][T15248] loop4: p21 start 1034 is beyond EOD, truncated [ 2983.583860][T15248] loop4: p22 start 25 is beyond EOD, truncated [ 2983.590230][T15248] loop4: p23 start 1034 is beyond EOD, truncated [ 2983.596694][T15248] loop4: p24 start 25 is beyond EOD, truncated [ 2983.602972][T15248] loop4: p25 start 1034 is beyond EOD, truncated [ 2983.609445][T15248] loop4: p26 start 25 is beyond EOD, truncated [ 2983.615790][T15248] loop4: p27 start 1034 is beyond EOD, truncated [ 2983.622192][T15248] loop4: p28 start 25 is beyond EOD, truncated [ 2983.628623][T15248] loop4: p29 start 1034 is beyond EOD, truncated [ 2983.635090][T15248] loop4: p30 start 25 is beyond EOD, truncated [ 2983.641395][T15248] loop4: p31 start 1034 is beyond EOD, truncated [ 2983.647862][T15248] loop4: p32 start 25 is beyond EOD, truncated [ 2983.654141][T15248] loop4: p33 start 1034 is beyond EOD, truncated [ 2983.660609][T15248] loop4: p34 start 25 is beyond EOD, truncated [ 2983.666947][T15248] loop4: p35 start 1034 is beyond EOD, truncated [ 2983.673346][T15248] loop4: p36 start 25 is beyond EOD, truncated [ 2983.679710][T15248] loop4: p37 start 1034 is beyond EOD, truncated [ 2983.686166][T15248] loop4: p38 start 25 is beyond EOD, truncated [ 2983.692445][T15248] loop4: p39 start 1034 is beyond EOD, truncated [ 2983.698904][T15248] loop4: p40 start 25 is beyond EOD, truncated [ 2983.705253][T15248] loop4: p41 start 1034 is beyond EOD, truncated [ 2983.711650][T15248] loop4: p42 start 25 is beyond EOD, truncated [ 2983.718000][T15248] loop4: p43 start 1034 is beyond EOD, truncated [ 2983.724412][T15248] loop4: p44 start 25 is beyond EOD, truncated [ 2983.730840][T15248] loop4: p45 start 1034 is beyond EOD, truncated [ 2983.737377][T15248] loop4: p46 start 25 is beyond EOD, truncated [ 2983.743662][T15248] loop4: p47 start 1034 is beyond EOD, truncated [ 2983.750130][T15248] loop4: p48 start 25 is beyond EOD, truncated [ 2983.756471][T15248] loop4: p49 start 1034 is beyond EOD, truncated [ 2983.762894][T15248] loop4: p50 start 25 is beyond EOD, truncated [ 2983.769235][T15248] loop4: p51 start 1034 is beyond EOD, truncated [ 2983.775697][T15248] loop4: p52 start 25 is beyond EOD, truncated [ 2983.782062][T15248] loop4: p53 start 1034 is beyond EOD, truncated [ 2983.788527][T15248] loop4: p54 start 25 is beyond EOD, truncated [ 2983.794858][T15248] loop4: p55 start 1034 is beyond EOD, truncated [ 2983.801277][T15248] loop4: p56 start 25 is beyond EOD, truncated [ 2983.807620][T15248] loop4: p57 start 1034 is beyond EOD, truncated [ 2983.814031][T15248] loop4: p58 start 25 is beyond EOD, truncated [ 2983.820363][T15248] loop4: p59 start 1034 is beyond EOD, truncated [ 2983.826823][T15248] loop4: p60 start 25 is beyond EOD, truncated [ 2983.833053][T15248] loop4: p61 start 1034 is beyond EOD, truncated [ 2983.839551][T15248] loop4: p62 start 25 is beyond EOD, truncated [ 2983.845835][T15248] loop4: p63 start 1034 is beyond EOD, truncated [ 2983.852298][T15248] loop4: p64 start 25 is beyond EOD, truncated [ 2983.858594][T15248] loop4: p65 start 1034 is beyond EOD, truncated [ 2983.865122][T15248] loop4: p66 start 25 is beyond EOD, truncated [ 2983.871338][T15248] loop4: p67 start 1034 is beyond EOD, truncated [ 2983.877791][T15248] loop4: p68 start 25 is beyond EOD, truncated [ 2983.884012][T15248] loop4: p69 start 1034 is beyond EOD, truncated [ 2983.890617][T15248] loop4: p70 start 25 is beyond EOD, truncated [ 2983.897097][T15248] loop4: p71 start 1034 is beyond EOD, truncated [ 2983.903539][T15248] loop4: p72 start 25 is beyond EOD, truncated [ 2983.909881][T15248] loop4: p73 start 1034 is beyond EOD, truncated [ 2983.916348][T15248] loop4: p74 start 25 is beyond EOD, truncated [ 2983.922563][T15248] loop4: p75 start 1034 is beyond EOD, truncated [ 2983.929064][T15248] loop4: p76 start 25 is beyond EOD, truncated [ 2983.935356][T15248] loop4: p77 start 1034 is beyond EOD, truncated [ 2983.942305][T15248] loop4: p78 start 25 is beyond EOD, truncated [ 2983.948641][T15248] loop4: p79 start 1034 is beyond EOD, truncated [ 2983.955103][T15248] loop4: p80 start 25 is beyond EOD, truncated [ 2983.961394][T15248] loop4: p81 start 1034 is beyond EOD, truncated [ 2983.967862][T15248] loop4: p82 start 25 is beyond EOD, truncated [ 2983.974085][T15248] loop4: p83 start 1034 is beyond EOD, truncated [ 2983.980676][T15248] loop4: p84 start 25 is beyond EOD, truncated [ 2983.986933][T15248] loop4: p85 start 1034 is beyond EOD, truncated [ 2983.993569][T15248] loop4: p86 start 25 is beyond EOD, truncated [ 2984.000037][T15248] loop4: p87 start 1034 is beyond EOD, truncated [ 2984.006527][T15248] loop4: p88 start 25 is beyond EOD, truncated [ 2984.012745][T15248] loop4: p89 start 1034 is beyond EOD, truncated [ 2984.019249][T15248] loop4: p90 start 25 is beyond EOD, truncated [ 2984.025606][T15248] loop4: p91 start 1034 is beyond EOD, truncated [ 2984.031995][T15248] loop4: p92 start 25 is beyond EOD, truncated [ 2984.038419][T15248] loop4: p93 start 1034 is beyond EOD, truncated [ 2984.044874][T15248] loop4: p94 start 25 is beyond EOD, truncated [ 2984.051093][T15248] loop4: p95 start 1034 is beyond EOD, truncated [ 2984.057594][T15248] loop4: p96 start 25 is beyond EOD, truncated [ 2984.063805][T15248] loop4: p97 start 1034 is beyond EOD, truncated [ 2984.070397][T15248] loop4: p98 start 25 is beyond EOD, truncated [ 2984.076691][T15248] loop4: p99 start 1034 is beyond EOD, truncated [ 2984.083139][T15248] loop4: p100 start 25 is beyond EOD, truncated [ 2984.089522][T15248] loop4: p101 start 1034 is beyond EOD, truncated [ 2984.096108][T15248] loop4: p102 start 25 is beyond EOD, truncated [ 2984.102398][T15248] loop4: p103 start 1034 is beyond EOD, truncated [ 2984.108939][T15248] loop4: p104 start 25 is beyond EOD, truncated [ 2984.115364][T15248] loop4: p105 start 1034 is beyond EOD, truncated [ 2984.121898][T15248] loop4: p106 start 25 is beyond EOD, truncated [ 2984.128321][T15248] loop4: p107 start 1034 is beyond EOD, truncated [ 2984.135119][T15248] loop4: p108 start 25 is beyond EOD, truncated [ 2984.141431][T15248] loop4: p109 start 1034 is beyond EOD, truncated [ 2984.148029][T15248] loop4: p110 start 25 is beyond EOD, truncated [ 2984.154525][T15248] loop4: p111 start 1034 is beyond EOD, truncated [ 2984.161160][T15248] loop4: p112 start 25 is beyond EOD, truncated [ 2984.167533][T15248] loop4: p113 start 1034 is beyond EOD, truncated [ 2984.174268][T15248] loop4: p114 start 25 is beyond EOD, truncated [ 2984.180673][T15248] loop4: p115 start 1034 is beyond EOD, truncated [ 2984.187279][T15248] loop4: p116 start 25 is beyond EOD, truncated [ 2984.193951][T15248] loop4: p117 start 1034 is beyond EOD, truncated [ 2984.200554][T15248] loop4: p118 start 25 is beyond EOD, truncated [ 2984.206934][T15248] loop4: p119 start 1034 is beyond EOD, truncated [ 2984.213418][T15248] loop4: p120 start 25 is beyond EOD, truncated [ 2984.219854][T15248] loop4: p121 start 1034 is beyond EOD, truncated [ 2984.226406][T15248] loop4: p122 start 25 is beyond EOD, truncated [ 2984.233111][T15248] loop4: p123 start 1034 is beyond EOD, truncated [ 2984.239667][T15248] loop4: p124 start 25 is beyond EOD, truncated [ 2984.246157][T15248] loop4: p125 start 1034 is beyond EOD, truncated [ 2984.252657][T15248] loop4: p126 start 25 is beyond EOD, truncated [ 2984.259085][T15248] loop4: p127 start 1034 is beyond EOD, truncated [ 2984.265636][T15248] loop4: p128 start 25 is beyond EOD, truncated [ 2984.272023][T15248] loop4: p129 start 1034 is beyond EOD, truncated [ 2984.278625][T15248] loop4: p130 start 25 is beyond EOD, truncated [ 2984.285000][T15248] loop4: p131 start 1034 is beyond EOD, truncated [ 2984.291553][T15248] loop4: p132 start 25 is beyond EOD, truncated [ 2984.297951][T15248] loop4: p133 start 1034 is beyond EOD, truncated [ 2984.304484][T15248] loop4: p134 start 25 is beyond EOD, truncated [ 2984.310868][T15248] loop4: p135 start 1034 is beyond EOD, truncated [ 2984.317478][T15248] loop4: p136 start 25 is beyond EOD, truncated [ 2984.323786][T15248] loop4: p137 start 1034 is beyond EOD, truncated [ 2984.330395][T15248] loop4: p138 start 25 is beyond EOD, truncated [ 2984.336781][T15248] loop4: p139 start 1034 is beyond EOD, truncated [ 2984.343470][T15248] loop4: p140 start 25 is beyond EOD, truncated [ 2984.349873][T15248] loop4: p141 start 1034 is beyond EOD, truncated [ 2984.356642][T15248] loop4: p142 start 25 is beyond EOD, truncated [ 2984.362955][T15248] loop4: p143 start 1034 is beyond EOD, truncated [ 2984.369583][T15248] loop4: p144 start 25 is beyond EOD, truncated [ 2984.375970][T15248] loop4: p145 start 1034 is beyond EOD, truncated [ 2984.382509][T15248] loop4: p146 start 25 is beyond EOD, truncated [ 2984.388908][T15248] loop4: p147 start 1034 is beyond EOD, truncated [ 2984.395507][T15248] loop4: p148 start 25 is beyond EOD, truncated [ 2984.401829][T15248] loop4: p149 start 1034 is beyond EOD, truncated [ 2984.408431][T15248] loop4: p150 start 25 is beyond EOD, truncated [ 2984.414806][T15248] loop4: p151 start 1034 is beyond EOD, truncated [ 2984.421291][T15248] loop4: p152 start 25 is beyond EOD, truncated [ 2984.427770][T15248] loop4: p153 start 1034 is beyond EOD, truncated [ 2984.434272][T15248] loop4: p154 start 25 is beyond EOD, truncated [ 2984.440712][T15248] loop4: p155 start 1034 is beyond EOD, truncated [ 2984.450234][T15248] loop4: p156 start 25 is beyond EOD, truncated [ 2984.456741][T15248] loop4: p157 start 1034 is beyond EOD, truncated [ 2984.463334][T15248] loop4: p158 start 25 is beyond EOD, truncated [ 2984.469713][T15248] loop4: p159 start 1034 is beyond EOD, truncated [ 2984.476356][T15248] loop4: p160 start 25 is beyond EOD, truncated [ 2984.482668][T15248] loop4: p161 start 1034 is beyond EOD, truncated [ 2984.489302][T15248] loop4: p162 start 25 is beyond EOD, truncated [ 2984.495750][T15248] loop4: p163 start 1034 is beyond EOD, truncated [ 2984.502244][T15248] loop4: p164 start 25 is beyond EOD, truncated [ 2984.508693][T15248] loop4: p165 start 1034 is beyond EOD, truncated [ 2984.515271][T15248] loop4: p166 start 25 is beyond EOD, truncated [ 2984.521582][T15248] loop4: p167 start 1034 is beyond EOD, truncated [ 2984.528194][T15248] loop4: p168 start 25 is beyond EOD, truncated [ 2984.534646][T15248] loop4: p169 start 1034 is beyond EOD, truncated [ 2984.541271][T15248] loop4: p170 start 25 is beyond EOD, truncated [ 2984.547648][T15248] loop4: p171 start 1034 is beyond EOD, truncated [ 2984.554141][T15248] loop4: p172 start 25 is beyond EOD, truncated [ 2984.560582][T15248] loop4: p173 start 1034 is beyond EOD, truncated [ 2984.567144][T15248] loop4: p174 start 25 is beyond EOD, truncated [ 2984.573536][T15248] loop4: p175 start 1034 is beyond EOD, truncated [ 2984.580143][T15248] loop4: p176 start 25 is beyond EOD, truncated [ 2984.586523][T15248] loop4: p177 start 1034 is beyond EOD, truncated [ 2984.593004][T15248] loop4: p178 start 25 is beyond EOD, truncated [ 2984.599473][T15248] loop4: p179 start 1034 is beyond EOD, truncated [ 2984.606087][T15248] loop4: p180 start 25 is beyond EOD, truncated [ 2984.612560][T15248] loop4: p181 start 1034 is beyond EOD, truncated [ 2984.619119][T15248] loop4: p182 start 25 is beyond EOD, truncated [ 2984.625565][T15248] loop4: p183 start 1034 is beyond EOD, truncated [ 2984.632049][T15248] loop4: p184 start 25 is beyond EOD, truncated [ 2984.638465][T15248] loop4: p185 start 1034 is beyond EOD, truncated [ 2984.645031][T15248] loop4: p186 start 25 is beyond EOD, truncated [ 2984.651469][T15248] loop4: p187 start 1034 is beyond EOD, truncated [ 2984.658009][T15248] loop4: p188 start 25 is beyond EOD, truncated [ 2984.664314][T15248] loop4: p189 start 1034 is beyond EOD, truncated [ 2984.670908][T15248] loop4: p190 start 25 is beyond EOD, truncated [ 2984.677367][T15248] loop4: p191 start 1034 is beyond EOD, truncated [ 2984.683938][T15248] loop4: p192 start 25 is beyond EOD, truncated [ 2984.690534][T15248] loop4: p193 start 1034 is beyond EOD, truncated [ 2984.697099][T15248] loop4: p194 start 25 is beyond EOD, truncated [ 2984.703401][T15248] loop4: p195 start 1034 is beyond EOD, truncated [ 2984.710012][T15248] loop4: p196 start 25 is beyond EOD, truncated [ 2984.716387][T15248] loop4: p197 start 1034 is beyond EOD, truncated [ 2984.722871][T15248] loop4: p198 start 25 is beyond EOD, truncated [ 2984.729302][T15248] loop4: p199 start 1034 is beyond EOD, truncated [ 2984.735960][T15248] loop4: p200 start 25 is beyond EOD, truncated [ 2984.742267][T15248] loop4: p201 start 1034 is beyond EOD, truncated [ 2984.748919][T15248] loop4: p202 start 25 is beyond EOD, truncated [ 2984.755347][T15248] loop4: p203 start 1034 is beyond EOD, truncated [ 2984.761832][T15248] loop4: p204 start 25 is beyond EOD, truncated [ 2984.768285][T15248] loop4: p205 start 1034 is beyond EOD, truncated [ 2984.774843][T15248] loop4: p206 start 25 is beyond EOD, truncated [ 2984.781162][T15248] loop4: p207 start 1034 is beyond EOD, truncated [ 2984.787761][T15248] loop4: p208 start 25 is beyond EOD, truncated [ 2984.794071][T15248] loop4: p209 start 1034 is beyond EOD, truncated [ 2984.800678][T15248] loop4: p210 start 25 is beyond EOD, truncated [ 2984.807167][T15248] loop4: p211 start 1034 is beyond EOD, truncated [ 2984.813654][T15248] loop4: p212 start 25 is beyond EOD, truncated [ 2984.820086][T15248] loop4: p213 start 1034 is beyond EOD, truncated [ 2984.826644][T15248] loop4: p214 start 25 is beyond EOD, truncated [ 2984.832951][T15248] loop4: p215 start 1034 is beyond EOD, truncated [ 2984.839587][T15248] loop4: p216 start 25 is beyond EOD, truncated [ 2984.846494][T15248] loop4: p217 start 1034 is beyond EOD, truncated [ 2984.852982][T15248] loop4: p218 start 25 is beyond EOD, truncated [ 2984.859404][T15248] loop4: p219 start 1034 is beyond EOD, truncated [ 2984.865951][T15248] loop4: p220 start 25 is beyond EOD, truncated [ 2984.872260][T15248] loop4: p221 start 1034 is beyond EOD, truncated [ 2984.878878][T15248] loop4: p222 start 25 is beyond EOD, truncated [ 2984.885263][T15248] loop4: p223 start 1034 is beyond EOD, truncated [ 2984.891744][T15248] loop4: p224 start 25 is beyond EOD, truncated [ 2984.898184][T15248] loop4: p225 start 1034 is beyond EOD, truncated [ 2984.904760][T15248] loop4: p226 start 25 is beyond EOD, truncated [ 2984.911071][T15248] loop4: p227 start 1034 is beyond EOD, truncated [ 2984.917769][T15248] loop4: p228 start 25 is beyond EOD, truncated [ 2984.924078][T15248] loop4: p229 start 1034 is beyond EOD, truncated [ 2984.930682][T15248] loop4: p230 start 25 is beyond EOD, truncated [ 2984.937064][T15248] loop4: p231 start 1034 is beyond EOD, truncated [ 2984.943545][T15248] loop4: p232 start 25 is beyond EOD, truncated [ 2984.949971][T15248] loop4: p233 start 1034 is beyond EOD, truncated [ 2984.956517][T15248] loop4: p234 start 25 is beyond EOD, truncated [ 2984.962824][T15248] loop4: p235 start 1034 is beyond EOD, truncated [ 2984.969432][T15248] loop4: p236 start 25 is beyond EOD, truncated [ 2984.975811][T15248] loop4: p237 start 1034 is beyond EOD, truncated [ 2984.982311][T15248] loop4: p238 start 25 is beyond EOD, truncated [ 2984.988744][T15248] loop4: p239 start 1034 is beyond EOD, truncated [ 2984.995316][T15248] loop4: p240 start 25 is beyond EOD, truncated [ 2985.001714][T15248] loop4: p241 start 1034 is beyond EOD, truncated [ 2985.008318][T15248] loop4: p242 start 25 is beyond EOD, truncated [ 2985.014708][T15248] loop4: p243 start 1034 is beyond EOD, truncated [ 2985.021199][T15248] loop4: p244 start 25 is beyond EOD, truncated [ 2985.027643][T15248] loop4: p245 start 1034 is beyond EOD, truncated [ 2985.034279][T15248] loop4: p246 start 25 is beyond EOD, truncated [ 2985.040850][T15248] loop4: p247 start 1034 is beyond EOD, truncated [ 2985.047422][T15248] loop4: p248 start 25 is beyond EOD, truncated [ 2985.053747][T15248] loop4: p249 start 1034 is beyond EOD, truncated [ 2985.060356][T15248] loop4: p250 start 25 is beyond EOD, truncated [ 2985.066947][T15248] loop4: p251 start 1034 is beyond EOD, truncated [ 2985.073558][T15248] loop4: p252 start 25 is beyond EOD, truncated 00:46:59 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000000)={0x1, {{0xa, 0x0, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @ipv4={[0x0, 0x0, 0x4603000000000000]}}}}, 0x108) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/mcfilter6\x00') preadv(r1, &(0x7f0000000a00)=[{&(0x7f0000000900)=""/140, 0x8c}], 0x1, 0x3) [ 2985.080081][T15248] loop4: p253 start 1034 is beyond EOD, truncated [ 2985.086711][T15248] loop4: p254 start 25 is beyond EOD, truncated [ 2985.093028][T15248] loop4: p255 start 1034 is beyond EOD, truncated 00:46:59 executing program 1: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000440)='/dev/cachefiles\x00', 0x200042, 0x0) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000980)={r0, 0x0, 0x0}, 0x1c) 00:47:02 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x1d, &(0x7f0000000380)=0x1a, 0x4) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000080)=0x27fc, 0x4) 00:47:02 executing program 1: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000440)='/dev/cachefiles\x00', 0x200042, 0x0) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000980)={r0, 0x0, 0x0}, 0x1c) 00:47:02 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000000)={0x1, {{0xa, 0x0, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @ipv4={[0x0, 0x0, 0x4603000000000000]}}}}, 0x108) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/mcfilter6\x00') preadv(r1, &(0x7f0000000a00)=[{&(0x7f0000000900)=""/140, 0x8c}], 0x1, 0x3) 00:47:02 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x69, 0x11, 0x62}, [@ldst={0x6, 0x0, 0x3}]}, &(0x7f0000000080)='GPL\x00', 0x2, 0x3f7, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x149}, 0x48) 00:47:02 executing program 4: syz_read_part_table(0x0, 0x1, &(0x7f00000002c0)=[{&(0x7f0000000000)="0201a9ffffff0a040000ff45ac0480ef000000000000190000000000800680ffffffbf000000e100e2ff87770072003007000500000000000000008000da55aa", 0x40, 0x1c0}]) 00:47:02 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000200)) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSW(r1, 0x5403, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "0000b800"}) read(r1, 0x0, 0x0) 00:47:02 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000000)={0x1, {{0xa, 0x0, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @ipv4={[0x0, 0x0, 0x4603000000000000]}}}}, 0x108) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/mcfilter6\x00') preadv(r1, &(0x7f0000000a00)=[{&(0x7f0000000900)=""/140, 0x8c}], 0x1, 0x3) 00:47:02 executing program 1: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000440)='/dev/cachefiles\x00', 0x200042, 0x0) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000980)={r0, 0x0, 0x0}, 0x1c) [ 2988.560951][T15700] loop4: p1 p2 p3 p4 < p5 p6 p7 p8 p9 p10 p11 p12 p13 p14 p15 p16 p17 p18 p19 p20 p21 p22 p23 p24 p25 p26 p27 p28 p29 p30 p31 p32 p33 p34 p35 p36 p37 p38 p39 p40 p41 p42 p43 p44 p45 p46 p47 p48 p49 p50 p51 p52 p53 p54 p55 p56 p57 p58 p59 p60 p61 p62 p63 p64 p65 p66 p67 p68 p69 p70 p71 p72 p73 p74 p75 p76 p77 p78 p79 p80 p81 p82 p83 p84 p85 p86 p87 p88 p89 p90 p91 p92 p93 p94 p95 p96 p97 p98 p99 p100 p101 p102 p103 p104 p105 p106 p107 p108 p109 p110 p111 p112 p113 p114 p115 p116 p117 p118 p119 p120 p121 p122 p123 p124 p125 p126 p127 p128 p129 p130 p131 p132 p133 p134 p135 p136 p137 p138 p139 p140 p141 p142 p143 p144 p145 p146 p147 p148 p149 p150 p151 p152 p153 p154 p155 p156 p157 p158 p159 p160 p161 p162 p163 p164 p165 p166 p167 p168 p169 p170 p171 p172 p173 p174 p175 p176 p177 p178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p [ 2988.560993][T15700] loop4: partition table partially beyond EOD, truncated [ 2988.656108][T15700] loop4: p1 start 1034 is beyond EOD, truncated [ 2988.662475][T15700] loop4: p2 start 25 is beyond EOD, truncated [ 2988.668760][T15700] loop4: p3 start 4293001441 is beyond EOD, truncated [ 2988.675696][T15700] loop4: p4 size 2 extends beyond EOD, truncated [ 2988.744214][T15700] loop4: p5 start 1034 is beyond EOD, truncated [ 2988.751225][T15700] loop4: p6 start 25 is beyond EOD, truncated [ 2988.757567][T15700] loop4: p7 start 1034 is beyond EOD, truncated [ 2988.763877][T15700] loop4: p8 start 25 is beyond EOD, truncated [ 2988.770130][T15700] loop4: p9 start 1034 is beyond EOD, truncated [ 2988.776553][T15700] loop4: p10 start 25 is beyond EOD, truncated [ 2988.782783][T15700] loop4: p11 start 1034 is beyond EOD, truncated [ 2988.789282][T15700] loop4: p12 start 25 is beyond EOD, truncated [ 2988.795632][T15700] loop4: p13 start 1034 is beyond EOD, truncated [ 2988.802632][T15700] loop4: p14 start 25 is beyond EOD, truncated [ 2988.808977][T15700] loop4: p15 start 1034 is beyond EOD, truncated [ 2988.815516][T15700] loop4: p16 start 25 is beyond EOD, truncated [ 2988.821740][T15700] loop4: p17 start 1034 is beyond EOD, truncated [ 2988.828231][T15700] loop4: p18 start 25 is beyond EOD, truncated [ 2988.834445][T15700] loop4: p19 start 1034 is beyond EOD, truncated [ 2988.840945][T15700] loop4: p20 start 25 is beyond EOD, truncated [ 2988.847251][T15700] loop4: p21 start 1034 is beyond EOD, truncated [ 2988.853636][T15700] loop4: p22 start 25 is beyond EOD, truncated [ 2988.861784][T15700] loop4: p23 start 1034 is beyond EOD, truncated [ 2988.868272][T15700] loop4: p24 start 25 is beyond EOD, truncated [ 2988.874486][T15700] loop4: p25 start 1034 is beyond EOD, truncated [ 2988.880988][T15700] loop4: p26 start 25 is beyond EOD, truncated [ 2988.887283][T15700] loop4: p27 start 1034 is beyond EOD, truncated 00:47:02 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/packet\x00') preadv(r0, &(0x7f00000024c0)=[{&(0x7f0000000200)=""/86, 0x56}], 0x1, 0x3) [ 2988.893659][T15700] loop4: p28 start 25 is beyond EOD, truncated [ 2988.900050][T15700] loop4: p29 start 1034 is beyond EOD, truncated [ 2988.906546][T15700] loop4: p30 start 25 is beyond EOD, truncated [ 2988.912757][T15700] loop4: p31 start 1034 is beyond EOD, truncated [ 2988.919305][T15700] loop4: p32 start 25 is beyond EOD, truncated [ 2988.925619][T15700] loop4: p33 start 1034 is beyond EOD, truncated [ 2988.932013][T15700] loop4: p34 start 25 is beyond EOD, truncated [ 2988.938344][T15700] loop4: p35 start 1034 is beyond EOD, truncated [ 2988.945007][T15700] loop4: p36 start 25 is beyond EOD, truncated [ 2988.951232][T15700] loop4: p37 start 1034 is beyond EOD, truncated [ 2988.957714][T15700] loop4: p38 start 25 is beyond EOD, truncated [ 2988.963928][T15700] loop4: p39 start 1034 is beyond EOD, truncated [ 2988.970420][T15700] loop4: p40 start 25 is beyond EOD, truncated [ 2988.976852][T15700] loop4: p41 start 1034 is beyond EOD, truncated [ 2988.983278][T15700] loop4: p42 start 25 is beyond EOD, truncated [ 2988.989624][T15700] loop4: p43 start 1034 is beyond EOD, truncated [ 2988.996118][T15700] loop4: p44 start 25 is beyond EOD, truncated [ 2989.002340][T15700] loop4: p45 start 1034 is beyond EOD, truncated [ 2989.008871][T15700] loop4: p46 start 25 is beyond EOD, truncated [ 2989.015252][T15700] loop4: p47 start 1034 is beyond EOD, truncated [ 2989.021640][T15700] loop4: p48 start 25 is beyond EOD, truncated [ 2989.028102][T15700] loop4: p49 start 1034 is beyond EOD, truncated [ 2989.034705][T15700] loop4: p50 start 25 is beyond EOD, truncated [ 2989.040940][T15700] loop4: p51 start 1034 is beyond EOD, truncated [ 2989.047438][T15700] loop4: p52 start 25 is beyond EOD, truncated [ 2989.056399][T15700] loop4: p53 start 1034 is beyond EOD, truncated [ 2989.062822][T15700] loop4: p54 start 25 is beyond EOD, truncated [ 2989.069183][T15700] loop4: p55 start 1034 is beyond EOD, truncated [ 2989.075714][T15700] loop4: p56 start 25 is beyond EOD, truncated [ 2989.081953][T15700] loop4: p57 start 1034 is beyond EOD, truncated [ 2989.088608][T15700] loop4: p58 start 25 is beyond EOD, truncated [ 2989.094934][T15700] loop4: p59 start 1034 is beyond EOD, truncated [ 2989.101328][T15700] loop4: p60 start 25 is beyond EOD, truncated [ 2989.107666][T15700] loop4: p61 start 1034 is beyond EOD, truncated [ 2989.114060][T15700] loop4: p62 start 25 is beyond EOD, truncated [ 2989.120454][T15700] loop4: p63 start 1034 is beyond EOD, truncated [ 2989.126963][T15700] loop4: p64 start 25 is beyond EOD, truncated [ 2989.133187][T15700] loop4: p65 start 1034 is beyond EOD, truncated [ 2989.139764][T15700] loop4: p66 start 25 is beyond EOD, truncated [ 2989.146160][T15700] loop4: p67 start 1034 is beyond EOD, truncated [ 2989.152577][T15700] loop4: p68 start 25 is beyond EOD, truncated [ 2989.158935][T15700] loop4: p69 start 1034 is beyond EOD, truncated [ 2989.165455][T15700] loop4: p70 start 25 is beyond EOD, truncated [ 2989.171683][T15700] loop4: p71 start 1034 is beyond EOD, truncated [ 2989.178684][T15700] loop4: p72 start 25 is beyond EOD, truncated [ 2989.185120][T15700] loop4: p73 start 1034 is beyond EOD, truncated [ 2989.191529][T15700] loop4: p74 start 25 is beyond EOD, truncated [ 2989.197859][T15700] loop4: p75 start 1034 is beyond EOD, truncated [ 2989.204252][T15700] loop4: p76 start 25 is beyond EOD, truncated [ 2989.210584][T15700] loop4: p77 start 1034 is beyond EOD, truncated [ 2989.217074][T15700] loop4: p78 start 25 is beyond EOD, truncated [ 2989.223292][T15700] loop4: p79 start 1034 is beyond EOD, truncated [ 2989.229878][T15700] loop4: p80 start 25 is beyond EOD, truncated [ 2989.236219][T15700] loop4: p81 start 1034 is beyond EOD, truncated [ 2989.242628][T15700] loop4: p82 start 25 is beyond EOD, truncated [ 2989.248952][T15700] loop4: p83 start 1034 is beyond EOD, truncated [ 2989.255460][T15700] loop4: p84 start 25 is beyond EOD, truncated [ 2989.261689][T15700] loop4: p85 start 1034 is beyond EOD, truncated [ 2989.268158][T15700] loop4: p86 start 25 is beyond EOD, truncated [ 2989.274469][T15700] loop4: p87 start 1034 is beyond EOD, truncated [ 2989.280966][T15700] loop4: p88 start 25 is beyond EOD, truncated [ 2989.287286][T15700] loop4: p89 start 1034 is beyond EOD, truncated [ 2989.293675][T15700] loop4: p90 start 25 is beyond EOD, truncated [ 2989.300008][T15700] loop4: p91 start 1034 is beyond EOD, truncated [ 2989.306477][T15700] loop4: p92 start 25 is beyond EOD, truncated [ 2989.312700][T15700] loop4: p93 start 1034 is beyond EOD, truncated [ 2989.319207][T15700] loop4: p94 start 25 is beyond EOD, truncated [ 2989.325550][T15700] loop4: p95 start 1034 is beyond EOD, truncated [ 2989.331944][T15700] loop4: p96 start 25 is beyond EOD, truncated [ 2989.338391][T15700] loop4: p97 start 1034 is beyond EOD, truncated [ 2989.344894][T15700] loop4: p98 start 25 is beyond EOD, truncated [ 2989.351108][T15700] loop4: p99 start 1034 is beyond EOD, truncated [ 2989.357726][T15700] loop4: p100 start 25 is beyond EOD, truncated [ 2989.364040][T15700] loop4: p101 start 1034 is beyond EOD, truncated [ 2989.370629][T15700] loop4: p102 start 25 is beyond EOD, truncated [ 2989.377023][T15700] loop4: p103 start 1034 is beyond EOD, truncated [ 2989.383493][T15700] loop4: p104 start 25 is beyond EOD, truncated [ 2989.389891][T15700] loop4: p105 start 1034 is beyond EOD, truncated [ 2989.396448][T15700] loop4: p106 start 25 is beyond EOD, truncated [ 2989.402810][T15700] loop4: p107 start 1034 is beyond EOD, truncated [ 2989.409468][T15700] loop4: p108 start 25 is beyond EOD, truncated [ 2989.415909][T15700] loop4: p109 start 1034 is beyond EOD, truncated [ 2989.422388][T15700] loop4: p110 start 25 is beyond EOD, truncated [ 2989.428791][T15700] loop4: p111 start 1034 is beyond EOD, truncated [ 2989.435378][T15700] loop4: p112 start 25 is beyond EOD, truncated [ 2989.441679][T15700] loop4: p113 start 1034 is beyond EOD, truncated [ 2989.448247][T15700] loop4: p114 start 25 is beyond EOD, truncated [ 2989.454667][T15700] loop4: p115 start 1034 is beyond EOD, truncated [ 2989.461138][T15700] loop4: p116 start 25 is beyond EOD, truncated [ 2989.467534][T15700] loop4: p117 start 1034 is beyond EOD, truncated [ 2989.474154][T15700] loop4: p118 start 25 is beyond EOD, truncated [ 2989.480574][T15700] loop4: p119 start 1034 is beyond EOD, truncated [ 2989.487158][T15700] loop4: p120 start 25 is beyond EOD, truncated [ 2989.493474][T15700] loop4: p121 start 1034 is beyond EOD, truncated [ 2989.500064][T15700] loop4: p122 start 25 is beyond EOD, truncated [ 2989.506472][T15700] loop4: p123 start 1034 is beyond EOD, truncated [ 2989.512956][T15700] loop4: p124 start 25 is beyond EOD, truncated [ 2989.519418][T15700] loop4: p125 start 1034 is beyond EOD, truncated [ 2989.526025][T15700] loop4: p126 start 25 is beyond EOD, truncated [ 2989.532340][T15700] loop4: p127 start 1034 is beyond EOD, truncated [ 2989.538927][T15700] loop4: p128 start 25 is beyond EOD, truncated [ 2989.545345][T15700] loop4: p129 start 1034 is beyond EOD, truncated [ 2989.552549][T15700] loop4: p130 start 25 is beyond EOD, truncated [ 2989.558960][T15700] loop4: p131 start 1034 is beyond EOD, truncated [ 2989.565539][T15700] loop4: p132 start 25 is beyond EOD, truncated [ 2989.571862][T15700] loop4: p133 start 1034 is beyond EOD, truncated [ 2989.578450][T15700] loop4: p134 start 25 is beyond EOD, truncated [ 2989.584840][T15700] loop4: p135 start 1034 is beyond EOD, truncated [ 2989.591313][T15700] loop4: p136 start 25 is beyond EOD, truncated [ 2989.597715][T15700] loop4: p137 start 1034 is beyond EOD, truncated [ 2989.604220][T15700] loop4: p138 start 25 is beyond EOD, truncated [ 2989.610635][T15700] loop4: p139 start 1034 is beyond EOD, truncated [ 2989.617229][T15700] loop4: p140 start 25 is beyond EOD, truncated [ 2989.623552][T15700] loop4: p141 start 1034 is beyond EOD, truncated [ 2989.630122][T15700] loop4: p142 start 25 is beyond EOD, truncated [ 2989.636517][T15700] loop4: p143 start 1034 is beyond EOD, truncated [ 2989.642994][T15700] loop4: p144 start 25 is beyond EOD, truncated [ 2989.649431][T15700] loop4: p145 start 1034 is beyond EOD, truncated [ 2989.656011][T15700] loop4: p146 start 25 is beyond EOD, truncated [ 2989.662411][T15700] loop4: p147 start 1034 is beyond EOD, truncated [ 2989.669029][T15700] loop4: p148 start 25 is beyond EOD, truncated [ 2989.675423][T15700] loop4: p149 start 1034 is beyond EOD, truncated [ 2989.681903][T15700] loop4: p150 start 25 is beyond EOD, truncated [ 2989.688358][T15700] loop4: p151 start 1034 is beyond EOD, truncated 00:47:03 executing program 1: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000440)='/dev/cachefiles\x00', 0x200042, 0x0) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000980)={r0, 0x0, 0x0}, 0x1c) [ 2989.694935][T15700] loop4: p152 start 25 is beyond EOD, truncated [ 2989.701239][T15700] loop4: p153 start 1034 is beyond EOD, truncated [ 2989.707971][T15700] loop4: p154 start 25 is beyond EOD, truncated [ 2989.714283][T15700] loop4: p155 start 1034 is beyond EOD, truncated [ 2989.720915][T15700] loop4: p156 start 25 is beyond EOD, truncated [ 2989.727318][T15700] loop4: p157 start 1034 is beyond EOD, truncated [ 2989.733794][T15700] loop4: p158 start 25 is beyond EOD, truncated [ 2989.740253][T15700] loop4: p159 start 1034 is beyond EOD, truncated [ 2989.746857][T15700] loop4: p160 start 25 is beyond EOD, truncated [ 2989.753170][T15700] loop4: p161 start 1034 is beyond EOD, truncated [ 2989.759847][T15700] loop4: p162 start 25 is beyond EOD, truncated [ 2989.766256][T15700] loop4: p163 start 1034 is beyond EOD, truncated [ 2989.772788][T15700] loop4: p164 start 25 is beyond EOD, truncated [ 2989.779192][T15700] loop4: p165 start 1034 is beyond EOD, truncated [ 2989.785993][T15700] loop4: p166 start 25 is beyond EOD, truncated [ 2989.792306][T15700] loop4: p167 start 1034 is beyond EOD, truncated [ 2989.798938][T15700] loop4: p168 start 25 is beyond EOD, truncated [ 2989.805336][T15700] loop4: p169 start 1034 is beyond EOD, truncated [ 2989.811842][T15700] loop4: p170 start 25 is beyond EOD, truncated [ 2989.818300][T15700] loop4: p171 start 1034 is beyond EOD, truncated [ 2989.825056][T15700] loop4: p172 start 25 is beyond EOD, truncated [ 2989.831420][T15700] loop4: p173 start 1034 is beyond EOD, truncated [ 2989.838029][T15700] loop4: p174 start 25 is beyond EOD, truncated [ 2989.844342][T15700] loop4: p175 start 1034 is beyond EOD, truncated [ 2989.850987][T15700] loop4: p176 start 25 is beyond EOD, truncated [ 2989.857375][T15700] loop4: p177 start 1034 is beyond EOD, truncated [ 2989.864020][T15700] loop4: p178 start 25 is beyond EOD, truncated [ 2989.870467][T15700] loop4: p179 start 1034 is beyond EOD, truncated [ 2989.877036][T15700] loop4: p180 start 25 is beyond EOD, truncated [ 2989.883402][T15700] loop4: p181 start 1034 is beyond EOD, truncated [ 2989.889971][T15700] loop4: p182 start 25 is beyond EOD, truncated [ 2989.896414][T15700] loop4: p183 start 1034 is beyond EOD, truncated [ 2989.902892][T15700] loop4: p184 start 25 is beyond EOD, truncated [ 2989.909339][T15700] loop4: p185 start 1034 is beyond EOD, truncated [ 2989.915916][T15700] loop4: p186 start 25 is beyond EOD, truncated [ 2989.922297][T15700] loop4: p187 start 1034 is beyond EOD, truncated [ 2989.928882][T15700] loop4: p188 start 25 is beyond EOD, truncated [ 2989.935333][T15700] loop4: p189 start 1034 is beyond EOD, truncated [ 2989.941895][T15700] loop4: p190 start 25 is beyond EOD, truncated [ 2989.948300][T15700] loop4: p191 start 1034 is beyond EOD, truncated [ 2989.954917][T15700] loop4: p192 start 25 is beyond EOD, truncated [ 2989.961216][T15700] loop4: p193 start 1034 is beyond EOD, truncated [ 2989.967836][T15700] loop4: p194 start 25 is beyond EOD, truncated [ 2989.974142][T15700] loop4: p195 start 1034 is beyond EOD, truncated [ 2989.980778][T15700] loop4: p196 start 25 is beyond EOD, truncated [ 2989.987192][T15700] loop4: p197 start 1034 is beyond EOD, truncated [ 2989.993663][T15700] loop4: p198 start 25 is beyond EOD, truncated [ 2990.000115][T15700] loop4: p199 start 1034 is beyond EOD, truncated [ 2990.006705][T15700] loop4: p200 start 25 is beyond EOD, truncated [ 2990.013016][T15700] loop4: p201 start 1034 is beyond EOD, truncated [ 2990.019677][T15700] loop4: p202 start 25 is beyond EOD, truncated [ 2990.026139][T15700] loop4: p203 start 1034 is beyond EOD, truncated [ 2990.032675][T15700] loop4: p204 start 25 is beyond EOD, truncated [ 2990.039265][T15700] loop4: p205 start 1034 is beyond EOD, truncated [ 2990.045935][T15700] loop4: p206 start 25 is beyond EOD, truncated [ 2990.052233][T15700] loop4: p207 start 1034 is beyond EOD, truncated [ 2990.058848][T15700] loop4: p208 start 25 is beyond EOD, truncated [ 2990.065245][T15700] loop4: p209 start 1034 is beyond EOD, truncated [ 2990.071737][T15700] loop4: p210 start 25 is beyond EOD, truncated [ 2990.078212][T15700] loop4: p211 start 1034 is beyond EOD, truncated [ 2990.084797][T15700] loop4: p212 start 25 is beyond EOD, truncated [ 2990.091168][T15700] loop4: p213 start 1034 is beyond EOD, truncated [ 2990.097746][T15700] loop4: p214 start 25 is beyond EOD, truncated [ 2990.104053][T15700] loop4: p215 start 1034 is beyond EOD, truncated [ 2990.110671][T15700] loop4: p216 start 25 is beyond EOD, truncated [ 2990.117089][T15700] loop4: p217 start 1034 is beyond EOD, truncated [ 2990.123659][T15700] loop4: p218 start 25 is beyond EOD, truncated [ 2990.130119][T15700] loop4: p219 start 1034 is beyond EOD, truncated [ 2990.136819][T15700] loop4: p220 start 25 is beyond EOD, truncated [ 2990.143130][T15700] loop4: p221 start 1034 is beyond EOD, truncated [ 2990.149820][T15700] loop4: p222 start 25 is beyond EOD, truncated [ 2990.156277][T15700] loop4: p223 start 1034 is beyond EOD, truncated [ 2990.162760][T15700] loop4: p224 start 25 is beyond EOD, truncated [ 2990.169223][T15700] loop4: p225 start 1034 is beyond EOD, truncated [ 2990.175815][T15700] loop4: p226 start 25 is beyond EOD, truncated [ 2990.182130][T15700] loop4: p227 start 1034 is beyond EOD, truncated [ 2990.188765][T15700] loop4: p228 start 25 is beyond EOD, truncated [ 2990.195195][T15700] loop4: p229 start 1034 is beyond EOD, truncated 00:47:04 executing program 0: rt_sigprocmask(0x0, &(0x7f0000000040)={[0xfffffffffffffffc]}, 0x0, 0x8) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) close(r0) write$uinput_user_dev(r1, &(0x7f00000001c0)={'syz1\x00'}, 0x45c) [ 2990.201731][T15700] loop4: p230 start 25 is beyond EOD, truncated [ 2990.208120][T15700] loop4: p231 start 1034 is beyond EOD, truncated [ 2990.214756][T15700] loop4: p232 start 25 is beyond EOD, truncated [ 2990.221066][T15700] loop4: p233 start 1034 is beyond EOD, truncated [ 2990.227682][T15700] loop4: p234 start 25 is beyond EOD, truncated [ 2990.233991][T15700] loop4: p235 start 1034 is beyond EOD, truncated [ 2990.240646][T15700] loop4: p236 start 25 is beyond EOD, truncated [ 2990.247054][T15700] loop4: p237 start 1034 is beyond EOD, truncated [ 2990.253539][T15700] loop4: p238 start 25 is beyond EOD, truncated [ 2990.259984][T15700] loop4: p239 start 1034 is beyond EOD, truncated [ 2990.266573][T15700] loop4: p240 start 25 is beyond EOD, truncated [ 2990.272936][T15700] loop4: p241 start 1034 is beyond EOD, truncated [ 2990.279510][T15700] loop4: p242 start 25 is beyond EOD, truncated [ 2990.285957][T15700] loop4: p243 start 1034 is beyond EOD, truncated [ 2990.292495][T15700] loop4: p244 start 25 is beyond EOD, truncated [ 2990.298906][T15700] loop4: p245 start 1034 is beyond EOD, truncated [ 2990.305616][T15700] loop4: p246 start 25 is beyond EOD, truncated [ 2990.311926][T15700] loop4: p247 start 1034 is beyond EOD, truncated [ 2990.318569][T15700] loop4: p248 start 25 is beyond EOD, truncated [ 2990.324979][T15700] loop4: p249 start 1034 is beyond EOD, truncated [ 2990.331517][T15700] loop4: p250 start 25 is beyond EOD, truncated [ 2990.337923][T15700] loop4: p251 start 1034 is beyond EOD, truncated [ 2990.344411][T15700] loop4: p252 start 25 is beyond EOD, truncated [ 2990.350888][T15700] loop4: p253 start 1034 is beyond EOD, truncated [ 2990.357506][T15700] loop4: p254 start 25 is beyond EOD, truncated [ 2990.363878][T15700] loop4: p255 start 1034 is beyond EOD, truncated 00:47:04 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f00000000c0)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10) syz_emit_ethernet(0x7a, &(0x7f0000000300)={@local, @broadcast, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "5adf8a", 0x44, 0x2f, 0x0, @empty, @remote, {[], {{0x0, 0x0, 0x1, 0x0, 0x0, 0x1}}}}}}}, 0x0) 00:47:07 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) lsetxattr(&(0x7f0000712ff8)='./file0\x00', &(0x7f0000faffe7)=@known='system.posix_acl_default\x00', &(0x7f00002e7fec)='\x02\x00\x00\x00 \x00\x00\x00\x00\xfe\xff\x00\x01\x00\x00\x80\x8c\x00\x00\x00', 0x14, 0x0) 00:47:07 executing program 0: r0 = socket(0x40000000015, 0x805, 0x0) getsockopt(r0, 0x114, 0x2710, &(0x7f0000000440)=""/102400, &(0x7f00000000c0)=0x19000) 00:47:07 executing program 2: syz_emit_ethernet(0x7e, &(0x7f00000001c0)={@local, @link_local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr=0x3, @local}, @source_quench={0xb, 0x0, 0x0, 0x2c00, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x29, 0x0, @multicast2, @broadcast, {[@timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x0, [{@loopback}, {@initdev={0xac, 0x1e, 0x0, 0x0}}, {@dev}, {}, {@empty}, {@multicast1}, {@loopback, 0x3a000000}]}, @noop]}}}}}}}, 0x0) 00:47:07 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x49}, [@ldst={0x0, 0x0, 0x2}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x1}, 0x48) 00:47:07 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=ANY=[@ANYBLOB="3800000010000507000200"/20, @ANYRES32=r3, @ANYBLOB="00000016010000001800120008000100736974000c00020008000300", @ANYRES32=r4], 0x38}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@ipv6_newaddr={0x2c, 0x14, 0x121, 0x0, 0x0, {0xa, 0x0, 0x2, 0x0, r4}, [@IFA_ADDRESS={0x14, 0x1, @rand_addr="d741c2e85fb39b236282732192398995"}]}, 0x2c}}, 0x0) 00:47:07 executing program 5: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) read$dsp(r0, &(0x7f0000000340)=""/175, 0xaf) ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000040)) read(r0, &(0x7f0000000300)=""/124, 0x7c) 00:47:07 executing program 2: syz_emit_ethernet(0x7e, &(0x7f00000001c0)={@local, @link_local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr=0x3, @local}, @source_quench={0xb, 0x0, 0x0, 0x2c00, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x29, 0x0, @multicast2, @broadcast, {[@timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x0, [{@loopback}, {@initdev={0xac, 0x1e, 0x0, 0x0}}, {@dev}, {}, {@empty}, {@multicast1}, {@loopback, 0x3a000000}]}, @noop]}}}}}}}, 0x0) 00:47:08 executing program 0: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000080)='/dev/uinput\x00', 0x802, 0x0) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) writev(r0, &(0x7f0000000340)=[{&(0x7f00000000c0)="79269751d1bbdda710cfe78ae7a3b84003", 0x11}], 0x1) 00:47:08 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='numa_maps\x00') mmap(&(0x7f0000000000/0xae0000)=nil, 0xae0000, 0x0, 0x4d031, 0xffffffffffffffff, 0x0) pread64(r0, 0x0, 0x0, 0x103f00) 00:47:08 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=ANY=[@ANYBLOB="3800000010000507000200"/20, @ANYRES32=r3, @ANYBLOB="00000016010000001800120008000100736974000c00020008000300", @ANYRES32=r4], 0x38}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@ipv6_newaddr={0x2c, 0x14, 0x121, 0x0, 0x0, {0xa, 0x0, 0x2, 0x0, r4}, [@IFA_ADDRESS={0x14, 0x1, @rand_addr="d741c2e85fb39b236282732192398995"}]}, 0x2c}}, 0x0) 00:47:08 executing program 2: syz_emit_ethernet(0x7e, &(0x7f00000001c0)={@local, @link_local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr=0x3, @local}, @source_quench={0xb, 0x0, 0x0, 0x2c00, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x29, 0x0, @multicast2, @broadcast, {[@timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x0, [{@loopback}, {@initdev={0xac, 0x1e, 0x0, 0x0}}, {@dev}, {}, {@empty}, {@multicast1}, {@loopback, 0x3a000000}]}, @noop]}}}}}}}, 0x0) 00:47:08 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=ANY=[@ANYBLOB="3800000010000507000200"/20, @ANYRES32=r3, @ANYBLOB="00000016010000001800120008000100736974000c00020008000300", @ANYRES32=r4], 0x38}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@ipv6_newaddr={0x2c, 0x14, 0x121, 0x0, 0x0, {0xa, 0x0, 0x2, 0x0, r4}, [@IFA_ADDRESS={0x14, 0x1, @rand_addr="d741c2e85fb39b236282732192398995"}]}, 0x2c}}, 0x0) [ 2996.756200][ C0] not chained 810000 origins [ 2996.761064][ C0] CPU: 0 PID: 23582 Comm: kworker/u4:1 Not tainted 5.6.0-rc2-syzkaller #0 [ 2996.769658][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2996.779712][ C0] Workqueue: krdsd rds_tcp_accept_worker [ 2996.785337][ C0] Call Trace: [ 2996.788618][ C0] [ 2996.791476][ C0] dump_stack+0x1c9/0x220 [ 2996.795812][ C0] ? tcp_v4_do_rcv+0xb0f/0xd70 [ 2996.800764][ C0] kmsan_internal_chain_origin+0x6f/0x130 [ 2996.806497][ C0] ? ip_finish_output2+0x2115/0x2610 [ 2996.811777][ C0] ? __ip_finish_output+0xaa7/0xd80 [ 2996.816970][ C0] ? ip_finish_output+0x166/0x410 [ 2996.822001][ C0] ? ip_output+0x593/0x680 [ 2996.826421][ C0] ? __ip_queue_xmit+0x1b5c/0x21a0 [ 2996.831652][ C0] ? ip_queue_xmit+0xcc/0xf0 [ 2996.836251][ C0] ? __tcp_transmit_skb+0x439c/0x6090 [ 2996.841621][ C0] ? tcp_write_xmit+0x30e1/0xb470 [ 2996.846650][ C0] ? __tcp_push_pending_frames+0x124/0x4e0 [ 2996.852458][ C0] ? tcp_send_fin+0x131e/0x1570 [ 2996.857380][ C0] ? tcp_shutdown+0x188/0x200 [ 2996.862080][ C0] ? inet_shutdown+0x342/0x5e0 [ 2996.866853][ C0] ? kernel_sock_shutdown+0x9d/0xc0 [ 2996.872149][ C0] ? rds_tcp_accept_one+0xe17/0x1060 [ 2996.877431][ C0] ? rds_tcp_accept_worker+0x61/0x160 [ 2996.882788][ C0] ? process_one_work+0x1555/0x1f40 [ 2996.887976][ C0] ? worker_thread+0xef6/0x2450 [ 2996.892808][ C0] ? kthread+0x4b5/0x4f0 [ 2996.897129][ C0] ? ret_from_fork+0x35/0x40 [ 2996.901714][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2996.906919][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2996.912799][ C0] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 2996.918937][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2996.924304][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2996.930271][ C0] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 2996.936435][ C0] ? __msan_get_context_state+0x9/0x20 [ 2996.941900][ C0] ? __module_get+0x19/0x230 [ 2996.946499][ C0] ? inet_twsk_alloc+0x7bb/0xba0 [ 2996.951453][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2996.956663][ C0] __msan_chain_origin+0x50/0x90 [ 2996.961609][ C0] tcp_time_wait+0xb7e/0x10b0 [ 2996.966459][ C0] tcp_fin+0x1f9/0x890 [ 2996.970622][ C0] tcp_data_queue+0x24ce/0x9c40 [ 2996.975501][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 2996.981570][ C0] ? __msan_metadata_ptr_for_load_2+0x10/0x20 [ 2996.987744][ C0] tcp_rcv_state_process+0x67db/0x7140 [ 2996.993194][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2996.998416][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2997.003609][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2997.008197][ C0] tcp_v4_rcv+0x4398/0x4d00 [ 2997.012719][ C0] ? tcp_filter+0xf0/0xf0 [ 2997.017051][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2997.022535][ C0] ip_local_deliver+0x62a/0x7c0 [ 2997.027491][ C0] ? ip_local_deliver+0x7c0/0x7c0 [ 2997.032579][ C0] ? ip_protocol_deliver_rcu+0xbc0/0xbc0 [ 2997.038199][ C0] ip_rcv+0x6cf/0x750 [ 2997.042167][ C0] ? ip_rcv_core+0x1270/0x1270 [ 2997.046927][ C0] ? ip_local_deliver_finish+0x350/0x350 [ 2997.052667][ C0] process_backlog+0xf0b/0x1410 [ 2997.057507][ C0] ? ip_local_deliver_finish+0x350/0x350 [ 2997.063172][ C0] ? rps_trigger_softirq+0x2e0/0x2e0 [ 2997.068457][ C0] net_rx_action+0x786/0x1aa0 [ 2997.073141][ C0] ? net_tx_action+0xc30/0xc30 [ 2997.077950][ C0] __do_softirq+0x311/0x83d [ 2997.082444][ C0] do_softirq_own_stack+0x49/0x80 [ 2997.087460][ C0] [ 2997.090397][ C0] __local_bh_enable_ip+0x184/0x1d0 [ 2997.095601][ C0] local_bh_enable+0x36/0x40 [ 2997.100205][ C0] ip_finish_output2+0x2115/0x2610 [ 2997.105315][ C0] ? ctnetlink_net_exit_batch+0x180/0x180 [ 2997.111032][ C0] ? nf_ct_deliver_cached_events+0x403/0x6c0 [ 2997.117014][ C0] __ip_finish_output+0xaa7/0xd80 [ 2997.122045][ C0] ip_finish_output+0x166/0x410 [ 2997.126913][ C0] ip_output+0x593/0x680 [ 2997.131162][ C0] ? ip_mc_finish_output+0x6c0/0x6c0 [ 2997.136436][ C0] ? ip_finish_output+0x410/0x410 [ 2997.141444][ C0] __ip_queue_xmit+0x1b5c/0x21a0 [ 2997.146390][ C0] ? kmsan_set_origin_checked+0x95/0xf0 [ 2997.151943][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2997.157243][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2997.162470][ C0] ip_queue_xmit+0xcc/0xf0 [ 2997.166894][ C0] ? tcp_v6_send_response+0x2920/0x2920 [ 2997.172438][ C0] __tcp_transmit_skb+0x439c/0x6090 [ 2997.177636][ C0] ? tda18271_dump_regs+0x90e/0x2390 [ 2997.182932][ C0] tcp_write_xmit+0x30e1/0xb470 [ 2997.187901][ C0] __tcp_push_pending_frames+0x124/0x4e0 [ 2997.193524][ C0] tcp_send_fin+0x131e/0x1570 [ 2997.198196][ C0] tcp_shutdown+0x188/0x200 [ 2997.202835][ C0] ? tcp_set_state+0x9d0/0x9d0 [ 2997.207599][ C0] inet_shutdown+0x342/0x5e0 [ 2997.212189][ C0] ? inet_recvmsg+0x7d0/0x7d0 [ 2997.216869][ C0] kernel_sock_shutdown+0x9d/0xc0 [ 2997.221912][ C0] rds_tcp_accept_one+0xe17/0x1060 [ 2997.227072][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 2997.232299][ C0] rds_tcp_accept_worker+0x61/0x160 [ 2997.237515][ C0] ? rds_tcp_exit_net+0xcb0/0xcb0 [ 2997.242544][ C0] process_one_work+0x1555/0x1f40 [ 2997.247705][ C0] worker_thread+0xef6/0x2450 [ 2997.252393][ C0] kthread+0x4b5/0x4f0 [ 2997.256478][ C0] ? process_one_work+0x1f40/0x1f40 [ 2997.261694][ C0] ? kthread_blkcg+0xf0/0xf0 [ 2997.266384][ C0] ret_from_fork+0x35/0x40 [ 2997.270803][ C0] Uninit was stored to memory at: [ 2997.275897][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2997.281630][ C0] __msan_chain_origin+0x50/0x90 [ 2997.286665][ C0] inet_twsk_alloc+0xab6/0xba0 [ 2997.291420][ C0] tcp_time_wait+0xcd/0x10b0 [ 2997.296016][ C0] tcp_fin+0x1f9/0x890 [ 2997.300163][ C0] tcp_data_queue+0x24ce/0x9c40 [ 2997.305008][ C0] tcp_rcv_state_process+0x67db/0x7140 [ 2997.310548][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2997.315128][ C0] tcp_v4_rcv+0x4398/0x4d00 [ 2997.319623][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2997.325182][ C0] ip_local_deliver+0x62a/0x7c0 [ 2997.330014][ C0] ip_rcv+0x6cf/0x750 [ 2997.333981][ C0] process_backlog+0xf0b/0x1410 [ 2997.338831][ C0] net_rx_action+0x786/0x1aa0 [ 2997.343507][ C0] __do_softirq+0x311/0x83d [ 2997.347996][ C0] [ 2997.350318][ C0] Uninit was stored to memory at: [ 2997.355341][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2997.361077][ C0] __msan_chain_origin+0x50/0x90 [ 2997.366007][ C0] __inet_twsk_schedule+0x24e/0x2c0 [ 2997.371197][ C0] tcp_time_wait+0xaca/0x10b0 [ 2997.375860][ C0] tcp_fin+0x1f9/0x890 [ 2997.379925][ C0] tcp_data_queue+0x24ce/0x9c40 [ 2997.384768][ C0] tcp_rcv_state_process+0x67db/0x7140 [ 2997.390340][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2997.394928][ C0] tcp_v4_rcv+0x4398/0x4d00 [ 2997.399436][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2997.404893][ C0] ip_local_deliver+0x62a/0x7c0 [ 2997.409737][ C0] ip_rcv+0x6cf/0x750 [ 2997.413712][ C0] process_backlog+0xf0b/0x1410 [ 2997.418555][ C0] net_rx_action+0x786/0x1aa0 [ 2997.423298][ C0] __do_softirq+0x311/0x83d [ 2997.427779][ C0] [ 2997.430090][ C0] Uninit was stored to memory at: [ 2997.435112][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2997.440823][ C0] __msan_chain_origin+0x50/0x90 [ 2997.445745][ C0] tcp_time_wait+0xb7e/0x10b0 [ 2997.450399][ C0] tcp_fin+0x1f9/0x890 [ 2997.454469][ C0] tcp_data_queue+0x24ce/0x9c40 [ 2997.459314][ C0] tcp_rcv_state_process+0x67db/0x7140 [ 2997.464801][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2997.469384][ C0] tcp_v4_rcv+0x4398/0x4d00 [ 2997.473865][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2997.479316][ C0] ip_local_deliver+0x62a/0x7c0 [ 2997.484159][ C0] ip_rcv+0x6cf/0x750 [ 2997.488136][ C0] process_backlog+0xf0b/0x1410 [ 2997.492982][ C0] net_rx_action+0x786/0x1aa0 [ 2997.497640][ C0] __do_softirq+0x311/0x83d [ 2997.502125][ C0] [ 2997.504431][ C0] Uninit was stored to memory at: [ 2997.509439][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2997.515157][ C0] __msan_chain_origin+0x50/0x90 [ 2997.520096][ C0] inet_twsk_alloc+0xab6/0xba0 [ 2997.524856][ C0] tcp_time_wait+0xcd/0x10b0 [ 2997.529425][ C0] tcp_fin+0x1f9/0x890 [ 2997.533476][ C0] tcp_data_queue+0x24ce/0x9c40 [ 2997.538315][ C0] tcp_rcv_state_process+0x67db/0x7140 [ 2997.543754][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2997.548327][ C0] tcp_v4_rcv+0x4398/0x4d00 [ 2997.552811][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2997.558358][ C0] ip_local_deliver+0x62a/0x7c0 [ 2997.563204][ C0] ip_rcv+0x6cf/0x750 [ 2997.567171][ C0] process_backlog+0xf0b/0x1410 [ 2997.572006][ C0] net_rx_action+0x786/0x1aa0 [ 2997.576676][ C0] __do_softirq+0x311/0x83d [ 2997.581164][ C0] [ 2997.583468][ C0] Uninit was stored to memory at: [ 2997.588478][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2997.594191][ C0] __msan_chain_origin+0x50/0x90 [ 2997.599129][ C0] __inet_twsk_schedule+0x24e/0x2c0 [ 2997.604335][ C0] tcp_time_wait+0xaca/0x10b0 [ 2997.609015][ C0] tcp_fin+0x1f9/0x890 [ 2997.613075][ C0] tcp_data_queue+0x24ce/0x9c40 [ 2997.617934][ C0] tcp_rcv_state_process+0x67db/0x7140 [ 2997.623399][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2997.627980][ C0] tcp_v4_rcv+0x4398/0x4d00 [ 2997.632464][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2997.638164][ C0] ip_local_deliver+0x62a/0x7c0 [ 2997.642997][ C0] ip_rcv+0x6cf/0x750 [ 2997.647076][ C0] process_backlog+0xf0b/0x1410 [ 2997.651912][ C0] net_rx_action+0x786/0x1aa0 [ 2997.656588][ C0] __do_softirq+0x311/0x83d [ 2997.661078][ C0] [ 2997.663403][ C0] Uninit was stored to memory at: [ 2997.668419][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2997.674122][ C0] __msan_chain_origin+0x50/0x90 [ 2997.679048][ C0] tcp_time_wait+0xb7e/0x10b0 [ 2997.683743][ C0] tcp_fin+0x1f9/0x890 [ 2997.687859][ C0] tcp_data_queue+0x24ce/0x9c40 [ 2997.692747][ C0] tcp_rcv_state_process+0x67db/0x7140 [ 2997.698917][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2997.703510][ C0] tcp_v4_rcv+0x4398/0x4d00 [ 2997.708122][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2997.713569][ C0] ip_local_deliver+0x62a/0x7c0 [ 2997.718406][ C0] ip_rcv+0x6cf/0x750 [ 2997.722384][ C0] process_backlog+0xf0b/0x1410 [ 2997.727252][ C0] net_rx_action+0x786/0x1aa0 [ 2997.731929][ C0] __do_softirq+0x311/0x83d [ 2997.736431][ C0] [ 2997.738753][ C0] Uninit was stored to memory at: [ 2997.743770][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 2997.749591][ C0] __msan_chain_origin+0x50/0x90 [ 2997.754615][ C0] inet_twsk_alloc+0xab6/0xba0 [ 2997.759462][ C0] tcp_time_wait+0xcd/0x10b0 [ 2997.764124][ C0] tcp_fin+0x1f9/0x890 [ 2997.768194][ C0] tcp_data_queue+0x24ce/0x9c40 [ 2997.773047][ C0] tcp_rcv_state_process+0x67db/0x7140 [ 2997.778511][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2997.783107][ C0] tcp_v4_rcv+0x4398/0x4d00 [ 2997.787616][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2997.793080][ C0] ip_local_deliver+0x62a/0x7c0 [ 2997.797923][ C0] ip_rcv+0x6cf/0x750 [ 2997.801910][ C0] process_backlog+0xf0b/0x1410 [ 2997.806761][ C0] net_rx_action+0x786/0x1aa0 [ 2997.811437][ C0] __do_softirq+0x311/0x83d [ 2997.815933][ C0] [ 2997.818260][ C0] Uninit was created at: [ 2997.822637][ C0] kmsan_save_stack_with_flags+0x3c/0x90 [ 2997.828268][ C0] kmsan_alloc_page+0x12a/0x310 [ 2997.833259][ C0] __alloc_pages_nodemask+0x5712/0x5e80 [ 2997.838905][ C0] alloc_pages_current+0x67d/0x990 [ 2997.844007][ C0] alloc_slab_page+0x111/0x12f0 [ 2997.848851][ C0] new_slab+0x2bc/0x1130 [ 2997.853077][ C0] ___slab_alloc+0x1533/0x1f30 [ 2997.857828][ C0] kmem_cache_alloc+0xb23/0xd70 [ 2997.862836][ C0] inet_twsk_alloc+0x135/0xba0 [ 2997.867594][ C0] tcp_time_wait+0xcd/0x10b0 [ 2997.872174][ C0] tcp_fin+0x1f9/0x890 [ 2997.876228][ C0] tcp_data_queue+0x24ce/0x9c40 [ 2997.881057][ C0] tcp_rcv_state_process+0x67db/0x7140 [ 2997.886507][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 2997.891094][ C0] tcp_v4_rcv+0x4398/0x4d00 [ 2997.895592][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 2997.901071][ C0] ip_local_deliver+0x62a/0x7c0 [ 2997.905919][ C0] ip_rcv+0x6cf/0x750 [ 2997.909910][ C0] process_backlog+0xf0b/0x1410 [ 2997.914765][ C0] net_rx_action+0x786/0x1aa0 [ 2997.919444][ C0] __do_softirq+0x311/0x83d 00:47:14 executing program 3: r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f00000001c0)={0x18, 0x0, {0x3, @dev, 'lo\x00'}}, 0x1e) close(r0) 00:47:14 executing program 4: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="7472616e733d66ce6385adc474642c7266646e6f3d"]) 00:47:14 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_mreqsrc(r1, 0x0, 0x27, &(0x7f00000000c0)={@multicast1, @local, @local}, 0xc) bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10) connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10) 00:47:14 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=ANY=[@ANYBLOB="3800000010000507000200"/20, @ANYRES32=r3, @ANYBLOB="00000016010000001800120008000100736974000c00020008000300", @ANYRES32=r4], 0x38}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@ipv6_newaddr={0x2c, 0x14, 0x121, 0x0, 0x0, {0xa, 0x0, 0x2, 0x0, r4}, [@IFA_ADDRESS={0x14, 0x1, @rand_addr="d741c2e85fb39b236282732192398995"}]}, 0x2c}}, 0x0) 00:47:14 executing program 2: syz_emit_ethernet(0x7e, &(0x7f00000001c0)={@local, @link_local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr=0x3, @local}, @source_quench={0xb, 0x0, 0x0, 0x2c00, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x29, 0x0, @multicast2, @broadcast, {[@timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x0, [{@loopback}, {@initdev={0xac, 0x1e, 0x0, 0x0}}, {@dev}, {}, {@empty}, {@multicast1}, {@loopback, 0x3a000000}]}, @noop]}}}}}}}, 0x0) 00:47:14 executing program 5: r0 = socket$inet6(0xa, 0x3, 0x2) setsockopt$inet6_int(r0, 0x29, 0x4b, &(0x7f0000000040)=0x7f, 0x4) sendmmsg(r0, &(0x7f00000000c0)=[{{&(0x7f0000000100)=@in6={0xa, 0x0, 0x0, @mcast2, 0x2}, 0x80, 0x0, 0x0, &(0x7f0000000240)=[{0xc}], 0xc}}], 0x1, 0x0) [ 3000.406054][T16288] 9pnet: Could not find request transport: fÎc…­Ätd 00:47:14 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x4e21, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000240)={0x0, @in6={{0xa, 0x4e21, 0x0, @loopback}}, 0x0, 0x0, 0x401, 0x0, 0x8000000056}, 0x98) 00:47:14 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x2, &(0x7f00000001c0)=[{0xc}, {0x6, 0x0, 0x0, 0x50000}]}) 00:47:14 executing program 0: setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x1000000, 0x1, &(0x7f0000000000)=[{&(0x7f0000000080)="eb3c906d6b66732e666174000204010002000270fff8", 0x268}], 0x0, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fchdir(r0) open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/cpuinfo\x00', 0x0, 0x0) dup3(r2, r1, 0x0) 00:47:14 executing program 4: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f00000008c0)='/dev/video1\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000000)={0xa, @sdr}) [ 3001.107153][ T32] audit: type=1800 audit(1583542035.159:503): pid=16553 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="sda1" ino=17057 res=0 00:47:15 executing program 2: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS3\x00', 0x0, 0x0) ioctl$TCSBRK(r0, 0x5409, 0x3) 00:47:15 executing program 4: socket$alg(0x26, 0x5, 0x0) mlockall(0x7) sched_setattr(0x0, 0x0, 0x0) openat$null(0xffffffffffffff9c, 0x0, 0xa000, 0x0) munlockall() setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0) 00:47:21 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x31, &(0x7f0000000440)={'filter\x00', 0x8000801, 0x4, 0x3d4, 0x1e8, 0xe4, 0x1e8, 0x2f4, 0x2f4, 0x2f4, 0x4, 0x0, {[{{@uncond=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x70], 0xbc, 0xe4}, @unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00'}}, {{@uncond, 0xbc, 0x104}, @unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@arp={@multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'sit0\x00'}, 0xbc, 0x10c}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@link_local, @empty, @broadcast}}}], {{[], 0xbc, 0xe0}, {0x24}}}}, 0x420) 00:47:21 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100)='nl80211\x00') sendmsg$NL80211_CMD_GET_WIPHY(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000005180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="21d7ab5aab00fddfffff01000000080001000400000008000f00319c9a356492572c8dd58c9e925f213344b5ba59e99637f7fdbc535fa3f600"/72, @ANYRES32, @ANYBLOB="08000300", @ANYRES32, @ANYBLOB="bbb0c8a5c8cab39eae79881d630883b6bd9b2f348faaab93cd8fee45ec5d0236535d3dcfd8647aa8762ede4a822dac61742215eb93d231d1cb0966639362f1406be04aa1b70299de2b62cae8217bede50b60bb8c7b4bad1344aede9c128e3697bb08f4e8f918558218849c12f9a96344a4860986dcc63ce45fa540d37267fc145c202c5f121840cddf3d41439ad78f4bc2b1f6f222f28ab7b3045700d22fe19cb73d3a6818ba4d7732fc031c00bc1bf5af5dcf311a19338567d110d640a5fa4b2163a7a36c44b7ece06ec520a6baff1db847c9ac5a2c53268e1af2eee9ee856ca1509ad0f7e871130200"/249], 0x2c}}, 0x40000) 00:47:21 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000280)={@in6={{0xa, 0x0, 0x0, @mcast2}}, 0x0, 0x0, 0x4b, 0x0, "881bee1d8531ea58500ed108cf68c4cab0b4b2086212b9d749638dd3a2b086dfbb79dbd5de3179319899722c8f1820ef4dc7d4223056cc524acc1201ce3bf865d9ae71f29f64668d8da1ec1412ee7560"}, 0xd8) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f00000000c0)=0x100000001, 0x2c4) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4) sendto$inet6(r0, &(0x7f0000000000)='E', 0xf1ab, 0x0, 0x0, 0x0) recvfrom$inet6(r0, 0x0, 0x0, 0x122, 0x0, 0x0) 00:47:21 executing program 5: r0 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) bind$packet(r0, &(0x7f0000000300)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @random="65ed59501ed8"}, 0x14) sendmmsg(r0, &(0x7f0000000d00), 0x400004e, 0x0) r2 = socket$packet(0x11, 0x4000000000000a, 0x300) recvmmsg(r2, &(0x7f0000003800)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0) 00:47:21 executing program 0: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x7d, &(0x7f00000000c0)=[@in={0x2, 0x4e23, @local}], 0x10) 00:47:21 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x2, &(0x7f00000001c0)=[{0xc}, {0x6, 0x0, 0x0, 0x50000}]}) 00:47:22 executing program 0: r0 = socket$inet6(0xa, 0x8000000000001, 0x8010000000000084) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x0, 0x30}, 0xc) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x4e21, 0x0, @loopback}, 0x1c) write$binfmt_script(r0, &(0x7f00000004c0)=ANY=[@ANYBLOB="2321213a0f0df805000000ef33408b93e8b647dc86c66e073f092a97ce0b70cf4aa009ff688a9fc6f7ffe5e95f67a891394ce80800c84af285c61a3656f27ffe16ccdf581f01fd7c810b3cd731cd284e96576f865e5300f16187ff87f620a99b535456a2b05a87fb85e441883ad2cb62d0ed4b47de834aadecdd8861a0c980980ec3fe2601e43d026efa090fb5c220fb4011132975cecbe07a1d881461e70fc34b5eb0729c9707aaddb10f5f8693220bf6f8b8ba344a747a5a02a9a96f6f3d44008a7f70c9136c3286483d77bbe933c78f3b29e45c94781df4f5e35fa47f14f9ce01515881f49eed0b270000000000000000000000000000db02f5628bbab69da896873fa7253f8c3217d45632e6f2ccae3b6bae01afac6dd5f447ae19687617f02fb0d94ccfbdd2907731079025c279ce4f17d807f09e4504d925ff91254c729a1b2f9f42b6a80a6a9df9d3180bfb725172ebc2565f503dbfea0007ea855612383b6aa43c55926f5313729c5d1c0f9da847b776d546b6b9f5d05f27100f65da07da5e28380879c11ddc95c6da0e8bf8f4b5792753ab40219e216fd80a352922dce39620c7c1cdfd635588e22477181ac4d1ae1a9deebe66a1350d3871bd0c8d09baab8cf72cf3f7b726fcf0524690cebe6071911721faa83d704c144e9385d236f0641827758b3b74fabb69dba40e3156d92187cad7e71c29239fb4cf68ccdbb60d08f0cf2efde0121765ed4aaf10af98169148eea441e914d2414dec7a488aefc82709b64a417f4a8b"], 0x10094) write$binfmt_script(r0, &(0x7f0000000ac0)=ANY=[@ANYRES16=0x0, @ANYPTR=&(0x7f0000000840)=ANY=[@ANYRES64, @ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYPTR64, @ANYPTR=&(0x7f0000000700)=ANY=[@ANYPTR64, @ANYRESHEX, @ANYRESDEC=0x0, @ANYRESHEX, @ANYRESDEC, @ANYBLOB="e47e6d21f32a8aeb65365c54f972e7c2902bc0f68f797185f8765f5c2bd081734f6384ba364971c61be8b09843b60e04660fda3845934c6fc73ea87146955a609465704cfbc6e5d42d0a6171a2d8e9b240b86afa6e1c8ef02b91a424e93726b32c3fe24c325e7c8ffc06fa112b800653bdc003205bebd560d204a227fabad5c7f3af5d2828ba62bff95f796d2eecf3318952023ec24bf7813bb3d495bf7fb107a4bb686b4f5c33d16c6cd817f0fba783505c062c1c66afa9ac0d8bfbbcc50f5bcab20906dbaff2491e69e9e03f5a05f12ab1", @ANYRES16, @ANYRESHEX], @ANYRES32, @ANYRESOCT], @ANYRES16, @ANYRES64=0x0, @ANYBLOB="bdc75d69bcdf8cc26341bcefbcd717c2bc5aa7c2a878b9bfb0b854f01474fbbdc013411daf60ccb13bc3384e5eeb088a6cc9c4a040c884beadd4e5703da1332181492ae707d39f146d72673de4f2a1f3c7ee6d1eb92dfe34973cfb889c00429f788cc9aec757bc09653082f2d56ae0e889842eed9fbb15fe58869da2f98fe504b4aac7fdc045ee64f541b53a1d9f84c2fdf95e0601aa37899ca67413bed1ac544014bb9ed3228d2cfbcde4c62bf9992e70f21f5a5860f309002691e84fb5a3847bf8ed02da87bde73f76c8282b43021e58dfacc571826919c592f21b1b53c4cf8304ce7dc5938d02003eeca46b02da26d2255d9a32b5889c8c0f5b5d01bfc2af64d4384e762d1bd446f154da411d97c5b6d1cdef3afec4e16e86e2fbc515e8bf59dcf59d70e5dee03311595bb20500"/314], 0x10523) write$binfmt_elf64(r0, &(0x7f0000000440)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, [{}]}, 0x78) 00:47:22 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x2, &(0x7f00000001c0)=[{0xc}, {0x6, 0x0, 0x0, 0x50000}]}) 00:47:22 executing program 2: mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000006c0)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0xd, 0x10012, r1, 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc028aa03, &(0x7f00000a0fe0)={{&(0x7f00005e3000/0x800000)=nil, 0x20ce6000}, 0x200000}) 00:47:22 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl(r0, 0x8948, &(0x7f0000000040)="fffbb505600bcff93a") 00:47:22 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000100)={'syzkaller1\x00', 0xa732}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000000)={'syzkaller1\x00', {0x7, 0x0, @empty}}) writev(r0, &(0x7f00000002c0)=[{&(0x7f0000000200)="e5", 0x1}, {&(0x7f0000000040)="de72d07e7a03cc5a1ca490e90c65f1", 0xf}, {&(0x7f0000000140)='4', 0x1}, {&(0x7f0000000240)="18", 0x1}], 0x4) 00:47:22 executing program 4: pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'rmd160-generic\x00'}, 0x58) r3 = accept4(r2, 0x0, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f00000001c0)=ANY=[@ANYPTR], 0x8) splice(r0, 0x0, r3, 0x0, 0x20000000003, 0xf) [ 3009.990726][ C0] not chained 820000 origins [ 3009.995395][ C0] CPU: 0 PID: 571 Comm: kworker/u4:23 Not tainted 5.6.0-rc2-syzkaller #0 [ 3010.003799][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3010.013868][ C0] Workqueue: krdsd rds_connect_worker [ 3010.019244][ C0] Call Trace: [ 3010.022531][ C0] [ 3010.025385][ C0] dump_stack+0x1c9/0x220 [ 3010.029728][ C0] kmsan_internal_chain_origin+0x6f/0x130 [ 3010.035453][ C0] ? should_fail+0x72/0x9e0 [ 3010.039978][ C0] ? ret_from_fork+0x35/0x40 [ 3010.044573][ C0] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 3010.050637][ C0] ? arch_stack_walk+0x34c/0x3e0 [ 3010.055582][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 3010.060786][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 3010.065987][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 3010.071802][ C0] ? kmsan_get_metadata+0x4f/0x180 [ 3010.076924][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 3010.082754][ C0] ? __msan_metadata_ptr_for_store_2+0x13/0x20 [ 3010.088923][ C0] ? tcp_parse_options+0x1ada/0x1b90 [ 3010.094248][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 3010.099453][ C0] __msan_chain_origin+0x50/0x90 [ 3010.104400][ C0] tcp_conn_request+0x1781/0x4d10 [ 3010.109473][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 3010.114680][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 3010.119892][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 3010.125709][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 3010.130921][ C0] tcp_v4_conn_request+0x19b/0x240 [ 3010.136056][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 3010.141110][ C0] ? inet6_sk_rx_dst_set+0x3d0/0x3d0 [ 3010.146397][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 3010.151761][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 3010.157112][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 3010.162907][ C0] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 3010.168972][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 3010.174159][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 3010.178873][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 3010.183574][ C0] ? tcp_filter+0xf0/0xf0 [ 3010.187896][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 3010.193346][ C0] ip_local_deliver+0x62a/0x7c0 [ 3010.198190][ C0] ? ip_local_deliver+0x7c0/0x7c0 [ 3010.203342][ C0] ? ip_protocol_deliver_rcu+0xbc0/0xbc0 [ 3010.209008][ C0] ip_rcv+0x6cf/0x750 [ 3010.212996][ C0] ? ip_rcv_core+0x1270/0x1270 [ 3010.217751][ C0] ? ip_local_deliver_finish+0x350/0x350 [ 3010.223374][ C0] process_backlog+0xf0b/0x1410 [ 3010.228304][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 3010.233589][ C0] ? ip_local_deliver_finish+0x350/0x350 [ 3010.239232][ C0] ? rps_trigger_softirq+0x2e0/0x2e0 [ 3010.244620][ C0] net_rx_action+0x786/0x1aa0 [ 3010.249412][ C0] ? net_tx_action+0xc30/0xc30 [ 3010.254185][ C0] __do_softirq+0x311/0x83d [ 3010.258705][ C0] do_softirq_own_stack+0x49/0x80 [ 3010.263725][ C0] [ 3010.266671][ C0] __local_bh_enable_ip+0x184/0x1d0 [ 3010.271871][ C0] local_bh_enable+0x36/0x40 [ 3010.276454][ C0] ip_finish_output2+0x2115/0x2610 [ 3010.281755][ C0] ? ctnetlink_net_exit_batch+0x180/0x180 [ 3010.287507][ C0] ? nf_ct_deliver_cached_events+0x403/0x6c0 [ 3010.293520][ C0] __ip_finish_output+0xaa7/0xd80 [ 3010.298543][ C0] ip_finish_output+0x166/0x410 [ 3010.303408][ C0] ip_output+0x593/0x680 [ 3010.307645][ C0] ? ip_mc_finish_output+0x6c0/0x6c0 [ 3010.312913][ C0] ? ip_finish_output+0x410/0x410 [ 3010.317935][ C0] __ip_queue_xmit+0x1b5c/0x21a0 [ 3010.323053][ C0] ? kmsan_set_origin_checked+0x95/0xf0 [ 3010.328755][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 3010.333956][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 3010.339151][ C0] ip_queue_xmit+0xcc/0xf0 [ 3010.343559][ C0] ? tcp_v4_fill_cb+0x580/0x580 [ 3010.348418][ C0] __tcp_transmit_skb+0x439c/0x6090 [ 3010.353613][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 3010.359468][ C0] tcp_connect+0x4337/0x6920 [ 3010.364072][ C0] ? __msan_poison_alloca+0xf0/0x120 [ 3010.369354][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 3010.374578][ C0] tcp_v4_connect+0x21fd/0x2370 [ 3010.379554][ C0] ? tcp_twsk_unique+0xba0/0xba0 [ 3010.384603][ C0] __inet_stream_connect+0x2fb/0x1340 [ 3010.389985][ C0] ? __local_bh_enable_ip+0x97/0x1d0 [ 3010.395336][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 3010.400542][ C0] inet_stream_connect+0x101/0x180 [ 3010.405846][ C0] ? __inet_stream_connect+0x1340/0x1340 [ 3010.411487][ C0] rds_tcp_conn_path_connect+0x8a7/0xb80 [ 3010.417125][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 3010.422319][ C0] ? rds_tcp_state_change+0x390/0x390 [ 3010.427681][ C0] rds_connect_worker+0x2a6/0x470 [ 3010.432691][ C0] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 3010.438762][ C0] ? rds_addr_cmp+0x200/0x200 [ 3010.443571][ C0] process_one_work+0x1555/0x1f40 [ 3010.448755][ C0] worker_thread+0xef6/0x2450 [ 3010.453478][ C0] kthread+0x4b5/0x4f0 [ 3010.457655][ C0] ? process_one_work+0x1f40/0x1f40 [ 3010.462846][ C0] ? kthread_blkcg+0xf0/0xf0 [ 3010.467427][ C0] ret_from_fork+0x35/0x40 [ 3010.471835][ C0] Uninit was stored to memory at: [ 3010.476847][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 3010.482549][ C0] __msan_chain_origin+0x50/0x90 [ 3010.487468][ C0] tcp_conn_request+0x1781/0x4d10 [ 3010.492699][ C0] tcp_v4_conn_request+0x19b/0x240 [ 3010.497802][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 3010.502918][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 3010.508283][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 3010.512926][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 3010.517415][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 3010.522886][ C0] ip_local_deliver+0x62a/0x7c0 [ 3010.527718][ C0] ip_rcv+0x6cf/0x750 [ 3010.531682][ C0] process_backlog+0xf0b/0x1410 [ 3010.536517][ C0] net_rx_action+0x786/0x1aa0 [ 3010.541264][ C0] __do_softirq+0x311/0x83d [ 3010.545742][ C0] [ 3010.548065][ C0] Uninit was stored to memory at: [ 3010.553089][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 3010.558819][ C0] __msan_chain_origin+0x50/0x90 [ 3010.563748][ C0] tcp_openreq_init_rwin+0xc22/0xc80 [ 3010.569014][ C0] tcp_conn_request+0x33d7/0x4d10 [ 3010.574019][ C0] tcp_v4_conn_request+0x19b/0x240 [ 3010.579131][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 3010.584138][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 3010.589514][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 3010.594090][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 3010.598586][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 3010.604038][ C0] ip_local_deliver+0x62a/0x7c0 [ 3010.608877][ C0] ip_rcv+0x6cf/0x750 [ 3010.612841][ C0] process_backlog+0xf0b/0x1410 [ 3010.617675][ C0] net_rx_action+0x786/0x1aa0 [ 3010.622767][ C0] __do_softirq+0x311/0x83d [ 3010.627244][ C0] [ 3010.629568][ C0] Uninit was stored to memory at: [ 3010.634602][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 3010.640314][ C0] __msan_chain_origin+0x50/0x90 [ 3010.645236][ C0] tcp_conn_request+0x1781/0x4d10 [ 3010.650241][ C0] tcp_v4_conn_request+0x19b/0x240 [ 3010.655351][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 3010.660367][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 3010.665731][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 3010.670418][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 3010.674905][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 3010.680357][ C0] ip_local_deliver+0x62a/0x7c0 [ 3010.685205][ C0] ip_rcv+0x6cf/0x750 [ 3010.689171][ C0] process_backlog+0xf0b/0x1410 [ 3010.694061][ C0] net_rx_action+0x786/0x1aa0 [ 3010.698914][ C0] __do_softirq+0x311/0x83d [ 3010.703475][ C0] [ 3010.705796][ C0] Uninit was stored to memory at: [ 3010.710815][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 3010.716602][ C0] __msan_chain_origin+0x50/0x90 [ 3010.721547][ C0] tcp_openreq_init_rwin+0xc22/0xc80 [ 3010.727017][ C0] tcp_conn_request+0x33d7/0x4d10 [ 3010.732028][ C0] tcp_v4_conn_request+0x19b/0x240 [ 3010.737125][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 3010.742132][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 3010.747516][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 3010.752217][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 3010.756711][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 3010.762322][ C0] ip_local_deliver+0x62a/0x7c0 [ 3010.767181][ C0] ip_rcv+0x6cf/0x750 [ 3010.771609][ C0] process_backlog+0xf0b/0x1410 [ 3010.776482][ C0] net_rx_action+0x786/0x1aa0 [ 3010.781172][ C0] __do_softirq+0x311/0x83d [ 3010.785674][ C0] [ 3010.788037][ C0] Uninit was stored to memory at: [ 3010.793067][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 3010.798810][ C0] __msan_chain_origin+0x50/0x90 [ 3010.803748][ C0] tcp_conn_request+0x1781/0x4d10 [ 3010.808971][ C0] tcp_v4_conn_request+0x19b/0x240 [ 3010.814069][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 3010.819098][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 3010.824479][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 3010.829066][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 3010.833569][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 3010.839019][ C0] ip_local_deliver+0x62a/0x7c0 [ 3010.843857][ C0] ip_rcv+0x6cf/0x750 [ 3010.847827][ C0] process_backlog+0xf0b/0x1410 [ 3010.852675][ C0] net_rx_action+0x786/0x1aa0 [ 3010.857337][ C0] __do_softirq+0x311/0x83d [ 3010.861813][ C0] [ 3010.864125][ C0] Uninit was stored to memory at: [ 3010.869152][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 3010.874855][ C0] __msan_chain_origin+0x50/0x90 [ 3010.879797][ C0] tcp_openreq_init_rwin+0xc22/0xc80 [ 3010.885083][ C0] tcp_conn_request+0x33d7/0x4d10 [ 3010.890092][ C0] tcp_v4_conn_request+0x19b/0x240 [ 3010.895203][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 3010.900323][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 3010.905732][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 3010.910319][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 3010.914804][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 3010.920242][ C0] ip_local_deliver+0x62a/0x7c0 [ 3010.925087][ C0] ip_rcv+0x6cf/0x750 [ 3010.929062][ C0] process_backlog+0xf0b/0x1410 [ 3010.933910][ C0] net_rx_action+0x786/0x1aa0 [ 3010.938829][ C0] __do_softirq+0x311/0x83d [ 3010.943309][ C0] [ 3010.945617][ C0] Uninit was stored to memory at: [ 3010.950624][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 3010.956340][ C0] __msan_chain_origin+0x50/0x90 [ 3010.961282][ C0] tcp_conn_request+0x1781/0x4d10 [ 3010.966306][ C0] tcp_v4_conn_request+0x19b/0x240 [ 3010.971413][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 3010.976429][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 3010.981787][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 3010.986364][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 3010.990861][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 3010.996434][ C0] ip_local_deliver+0x62a/0x7c0 [ 3011.001274][ C0] ip_rcv+0x6cf/0x750 [ 3011.005251][ C0] process_backlog+0xf0b/0x1410 [ 3011.010088][ C0] net_rx_action+0x786/0x1aa0 [ 3011.014749][ C0] __do_softirq+0x311/0x83d [ 3011.019235][ C0] [ 3011.021561][ C0] Uninit was created at: [ 3011.025811][ C0] kmsan_save_stack_with_flags+0x3c/0x90 [ 3011.031440][ C0] kmsan_alloc_page+0x12a/0x310 [ 3011.036301][ C0] __alloc_pages_nodemask+0x5712/0x5e80 [ 3011.041831][ C0] alloc_pages_current+0x67d/0x990 [ 3011.046943][ C0] alloc_slab_page+0x111/0x12f0 [ 3011.051799][ C0] new_slab+0x2bc/0x1130 [ 3011.056046][ C0] ___slab_alloc+0x1533/0x1f30 [ 3011.060791][ C0] kmem_cache_alloc+0xb23/0xd70 [ 3011.065621][ C0] inet_reqsk_alloc+0xac/0x830 [ 3011.070368][ C0] tcp_conn_request+0x753/0x4d10 [ 3011.075301][ C0] tcp_v4_conn_request+0x19b/0x240 [ 3011.080391][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 3011.085744][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 3011.090324][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 3011.094818][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 3011.100257][ C0] ip_local_deliver+0x62a/0x7c0 [ 3011.105108][ C0] ip_sublist_rcv+0x11fa/0x13c0 [ 3011.109949][ C0] ip_list_rcv+0x8eb/0x950 [ 3011.114360][ C0] __netif_receive_skb_list_core+0x1311/0x1380 [ 3011.120503][ C0] netif_receive_skb_list_internal+0xf62/0x1620 [ 3011.126741][ C0] napi_complete_done+0x2ef/0xb60 [ 3011.131758][ C0] virtqueue_napi_complete+0xb9/0x1f0 [ 3011.137637][ C0] virtnet_poll+0x1468/0x19f0 [ 3011.142315][ C0] net_rx_action+0x786/0x1aa0 [ 3011.146984][ C0] __do_softirq+0x311/0x83d 00:47:27 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x31, &(0x7f0000000440)={'filter\x00', 0x8000801, 0x4, 0x3d4, 0x1e8, 0xe4, 0x1e8, 0x2f4, 0x2f4, 0x2f4, 0x4, 0x0, {[{{@uncond=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x70], 0xbc, 0xe4}, @unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00'}}, {{@uncond, 0xbc, 0x104}, @unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@arp={@multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'sit0\x00'}, 0xbc, 0x10c}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@link_local, @empty, @broadcast}}}], {{[], 0xbc, 0xe0}, {0x24}}}}, 0x420) 00:47:27 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x2, &(0x7f00000001c0)=[{0xc}, {0x6, 0x0, 0x0, 0x50000}]}) 00:47:27 executing program 4: r0 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1) r1 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x1, 0x2) dup2(r1, r0) 00:47:27 executing program 0: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@struct={0x0, 0x0, 0x0, 0x9, 0x0, 0x2}, @volatile]}}, &(0x7f0000000040)=""/242, 0x32, 0xf2, 0x8}, 0x20) 00:47:27 executing program 2: mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000006c0)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0xd, 0x10012, r1, 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc028aa03, &(0x7f00000a0fe0)={{&(0x7f00005e3000/0x800000)=nil, 0x20ce6000}, 0x200000}) 00:47:27 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) r0 = socket(0x10, 0x3, 0x0) r1 = socket$inet(0x2, 0x2, 0x0) getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000040)={0x0, @local, @local}, &(0x7f0000000280)) r3 = socket$inet(0x2, 0x2, 0x0) getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000040)={0x0, @local, @local}, &(0x7f0000000280)) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=@can_newroute={0x24, 0x18, 0x1, 0x0, 0x0, {}, [@CGW_SRC_IF={0x8, 0x9, r2}, @CGW_DST_IF={0x8, 0xa, r4}]}, 0x24}}, 0x0) 00:47:27 executing program 0: kexec_load(0x0, 0x1, &(0x7f0000000bc0)=[{0x0, 0x0, 0x72d}], 0x140000) 00:47:27 executing program 1: unshare(0x28020400) r0 = gettid() waitid(0x3, r0, 0x0, 0x80000004, 0x0) 00:47:28 executing program 2: mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000006c0)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0xd, 0x10012, r1, 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc028aa03, &(0x7f00000a0fe0)={{&(0x7f00005e3000/0x800000)=nil, 0x20ce6000}, 0x200000}) 00:47:28 executing program 4: r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f0000000040)={0x0, 0x3}, 0xe) shutdown(r1, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000180)=0x10) r2 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000440)={r3}, &(0x7f0000000480)=0x14) 00:47:28 executing program 0: r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0) read(r0, &(0x7f0000000200)=""/11, 0xb) 00:47:28 executing program 1: r0 = socket$inet6(0xa, 0x3, 0x1) close(r0) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x30}, 0xc) ftruncate(r2, 0x200004) sendfile(r0, r2, 0x0, 0x80001d00c0d0) 00:47:34 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x31, &(0x7f0000000440)={'filter\x00', 0x8000801, 0x4, 0x3d4, 0x1e8, 0xe4, 0x1e8, 0x2f4, 0x2f4, 0x2f4, 0x4, 0x0, {[{{@uncond=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x70], 0xbc, 0xe4}, @unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00'}}, {{@uncond, 0xbc, 0x104}, @unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@arp={@multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'sit0\x00'}, 0xbc, 0x10c}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@link_local, @empty, @broadcast}}}], {{[], 0xbc, 0xe0}, {0x24}}}}, 0x420) 00:47:34 executing program 4: r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f0000000040)={0x0, 0x3}, 0xe) shutdown(r1, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000180)=0x10) r2 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000440)={r3}, &(0x7f0000000480)=0x14) 00:47:34 executing program 0: r0 = epoll_create1(0x0) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS3\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000000)) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) 00:47:34 executing program 1: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000480)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'\x00', 0x20000005002}) ioctl$TUNSETVNETLE(r0, 0x400454dc, &(0x7f0000000200)=0x1) 00:47:34 executing program 2: mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000006c0)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0xd, 0x10012, r1, 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc028aa03, &(0x7f00000a0fe0)={{&(0x7f00005e3000/0x800000)=nil, 0x20ce6000}, 0x200000}) 00:47:34 executing program 5: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r1 = dup(r0) getsockopt$bt_rfcomm_RFCOMM_LM(r1, 0x12, 0x3, 0x0, &(0x7f0000000140)) 00:47:34 executing program 0: mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000001600)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000001680)='./file0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000300), 0x12) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r2, &(0x7f0000000280)={0x2, 0x4e23, @broadcast}, 0x10) sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r2, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860ac5cf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x8204, 0x20c49a, 0x0, 0x27) 00:47:34 executing program 4: r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f0000000040)={0x0, 0x3}, 0xe) shutdown(r1, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000180)=0x10) r2 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000440)={r3}, &(0x7f0000000480)=0x14) 00:47:34 executing program 1: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ttyS3\x00', 0x0, 0x0) ioctl$TIOCGPGRP(r0, 0x540f, 0x0) 00:47:34 executing program 0: syz_open_dev$sndseq(&(0x7f0000000600)='/dev/snd/seq\x00', 0x0, 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/sequencer2\x00', 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) getsockopt$inet_sctp6_SCTP_RECVNXTINFO(0xffffffffffffffff, 0x84, 0x21, 0x0, 0x0) socket(0xa, 0x2, 0x0) socket(0xa, 0x2, 0x0) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0) 00:47:35 executing program 4: r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f0000000040)={0x0, 0x3}, 0xe) shutdown(r1, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000180)=0x10) r2 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000440)={r3}, &(0x7f0000000480)=0x14) 00:47:35 executing program 1: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ttyS3\x00', 0x0, 0x0) ioctl$TIOCGPGRP(r0, 0x540f, 0x0) [ 3021.924937][ C0] not chained 830000 origins [ 3021.929587][ C0] CPU: 0 PID: 12094 Comm: kworker/u4:2 Not tainted 5.6.0-rc2-syzkaller #0 [ 3021.938101][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3021.948179][ C0] Workqueue: krdsd rds_connect_worker [ 3021.953550][ C0] Call Trace: [ 3021.956839][ C0] [ 3021.959708][ C0] dump_stack+0x1c9/0x220 [ 3021.964044][ C0] kmsan_internal_chain_origin+0x6f/0x130 [ 3021.969761][ C0] ? should_fail+0x72/0x9e0 [ 3021.974271][ C0] ? ret_from_fork+0x35/0x40 [ 3021.978852][ C0] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 3021.984911][ C0] ? arch_stack_walk+0x34c/0x3e0 [ 3021.989843][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 3021.995231][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 3022.000422][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 3022.006231][ C0] ? kmsan_get_metadata+0x4f/0x180 [ 3022.011340][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 3022.017145][ C0] ? __msan_metadata_ptr_for_store_2+0x13/0x20 [ 3022.023288][ C0] ? tcp_parse_options+0x1ada/0x1b90 [ 3022.028588][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 3022.033777][ C0] __msan_chain_origin+0x50/0x90 [ 3022.038725][ C0] tcp_conn_request+0x174b/0x4d10 [ 3022.043767][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 3022.048964][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 3022.054153][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 3022.059968][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 3022.065165][ C0] tcp_v4_conn_request+0x19b/0x240 [ 3022.070276][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 3022.075293][ C0] ? inet6_sk_rx_dst_set+0x3d0/0x3d0 [ 3022.080573][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 3022.085940][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 3022.091146][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 3022.096950][ C0] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 3022.103020][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 3022.108217][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 3022.112810][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 3022.117365][ C0] ? tcp_filter+0xf0/0xf0 [ 3022.121686][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 3022.127146][ C0] ip_local_deliver+0x62a/0x7c0 [ 3022.132003][ C0] ? ip_local_deliver+0x7c0/0x7c0 [ 3022.137038][ C0] ? ip_protocol_deliver_rcu+0xbc0/0xbc0 [ 3022.142711][ C0] ip_rcv+0x6cf/0x750 [ 3022.146717][ C0] ? ip_rcv_core+0x1270/0x1270 [ 3022.151497][ C0] ? ip_local_deliver_finish+0x350/0x350 [ 3022.157130][ C0] process_backlog+0xf0b/0x1410 [ 3022.162004][ C0] ? ip_local_deliver_finish+0x350/0x350 [ 3022.167646][ C0] ? rps_trigger_softirq+0x2e0/0x2e0 [ 3022.172924][ C0] net_rx_action+0x786/0x1aa0 [ 3022.177642][ C0] ? net_tx_action+0xc30/0xc30 [ 3022.182406][ C0] __do_softirq+0x311/0x83d [ 3022.186976][ C0] do_softirq_own_stack+0x49/0x80 [ 3022.192002][ C0] [ 3022.194938][ C0] __local_bh_enable_ip+0x184/0x1d0 [ 3022.200149][ C0] local_bh_enable+0x36/0x40 [ 3022.204730][ C0] ip_finish_output2+0x2115/0x2610 [ 3022.209860][ C0] ? ctnetlink_net_exit_batch+0x180/0x180 [ 3022.215587][ C0] ? nf_ct_deliver_cached_events+0x403/0x6c0 [ 3022.221582][ C0] __ip_finish_output+0xaa7/0xd80 [ 3022.226626][ C0] ip_finish_output+0x166/0x410 [ 3022.231474][ C0] ip_output+0x593/0x680 [ 3022.235735][ C0] ? ip_mc_finish_output+0x6c0/0x6c0 [ 3022.241016][ C0] ? ip_finish_output+0x410/0x410 [ 3022.246030][ C0] __ip_queue_xmit+0x1b5c/0x21a0 [ 3022.250970][ C0] ? kmsan_set_origin_checked+0x95/0xf0 [ 3022.256508][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 3022.261740][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 3022.266950][ C0] ip_queue_xmit+0xcc/0xf0 [ 3022.271380][ C0] ? tcp_v4_fill_cb+0x580/0x580 [ 3022.276251][ C0] __tcp_transmit_skb+0x439c/0x6090 [ 3022.281454][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 3022.287292][ C0] tcp_connect+0x4337/0x6920 [ 3022.291886][ C0] ? __msan_poison_alloca+0xf0/0x120 [ 3022.297165][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 3022.302381][ C0] tcp_v4_connect+0x21fd/0x2370 [ 3022.307255][ C0] ? tcp_twsk_unique+0xba0/0xba0 [ 3022.312189][ C0] __inet_stream_connect+0x2fb/0x1340 [ 3022.317561][ C0] ? __local_bh_enable_ip+0x97/0x1d0 [ 3022.322848][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 3022.328048][ C0] inet_stream_connect+0x101/0x180 [ 3022.333157][ C0] ? __inet_stream_connect+0x1340/0x1340 [ 3022.338807][ C0] rds_tcp_conn_path_connect+0x8a7/0xb80 [ 3022.344454][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 3022.349651][ C0] ? rds_tcp_state_change+0x390/0x390 [ 3022.355016][ C0] rds_connect_worker+0x2a6/0x470 [ 3022.360033][ C0] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 3022.366096][ C0] ? rds_addr_cmp+0x200/0x200 [ 3022.370764][ C0] process_one_work+0x1555/0x1f40 [ 3022.375886][ C0] worker_thread+0xef6/0x2450 [ 3022.380594][ C0] kthread+0x4b5/0x4f0 [ 3022.384668][ C0] ? process_one_work+0x1f40/0x1f40 [ 3022.389879][ C0] ? kthread_blkcg+0xf0/0xf0 [ 3022.394460][ C0] ret_from_fork+0x35/0x40 [ 3022.398873][ C0] Uninit was stored to memory at: [ 3022.403888][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 3022.409596][ C0] __msan_chain_origin+0x50/0x90 [ 3022.414523][ C0] tcp_conn_request+0x1781/0x4d10 [ 3022.419542][ C0] tcp_v4_conn_request+0x19b/0x240 [ 3022.424757][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 3022.429785][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 3022.435159][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 3022.439752][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 3022.444265][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 3022.449712][ C0] ip_local_deliver+0x62a/0x7c0 [ 3022.454572][ C0] ip_rcv+0x6cf/0x750 [ 3022.458563][ C0] process_backlog+0xf0b/0x1410 [ 3022.463427][ C0] net_rx_action+0x786/0x1aa0 [ 3022.468102][ C0] __do_softirq+0x311/0x83d [ 3022.472591][ C0] [ 3022.474905][ C0] Uninit was stored to memory at: [ 3022.479940][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 3022.485652][ C0] __msan_chain_origin+0x50/0x90 [ 3022.490579][ C0] tcp_openreq_init_rwin+0xc22/0xc80 [ 3022.495854][ C0] tcp_conn_request+0x33d7/0x4d10 [ 3022.500872][ C0] tcp_v4_conn_request+0x19b/0x240 [ 3022.506009][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 3022.511021][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 3022.516381][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 3022.520959][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 3022.525468][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 3022.531065][ C0] ip_local_deliver+0x62a/0x7c0 [ 3022.535913][ C0] ip_rcv+0x6cf/0x750 [ 3022.539902][ C0] process_backlog+0xf0b/0x1410 [ 3022.544753][ C0] net_rx_action+0x786/0x1aa0 [ 3022.549421][ C0] __do_softirq+0x311/0x83d [ 3022.553904][ C0] [ 3022.556223][ C0] Uninit was stored to memory at: [ 3022.561251][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 3022.566961][ C0] __msan_chain_origin+0x50/0x90 [ 3022.571885][ C0] tcp_conn_request+0x1781/0x4d10 [ 3022.576919][ C0] tcp_v4_conn_request+0x19b/0x240 [ 3022.582034][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 3022.587044][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 3022.592407][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 3022.596989][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 3022.601479][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 3022.606950][ C0] ip_local_deliver+0x62a/0x7c0 [ 3022.611786][ C0] ip_rcv+0x6cf/0x750 [ 3022.615761][ C0] process_backlog+0xf0b/0x1410 [ 3022.620601][ C0] net_rx_action+0x786/0x1aa0 [ 3022.625270][ C0] __do_softirq+0x311/0x83d [ 3022.629754][ C0] [ 3022.632071][ C0] Uninit was stored to memory at: [ 3022.637086][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 3022.642795][ C0] __msan_chain_origin+0x50/0x90 [ 3022.647734][ C0] tcp_openreq_init_rwin+0xc22/0xc80 [ 3022.653019][ C0] tcp_conn_request+0x33d7/0x4d10 [ 3022.658035][ C0] tcp_v4_conn_request+0x19b/0x240 [ 3022.663141][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 3022.668272][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 3022.673644][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 3022.678230][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 3022.682730][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 3022.688181][ C0] ip_local_deliver+0x62a/0x7c0 [ 3022.693020][ C0] ip_rcv+0x6cf/0x750 [ 3022.696995][ C0] process_backlog+0xf0b/0x1410 [ 3022.701834][ C0] net_rx_action+0x786/0x1aa0 [ 3022.706499][ C0] __do_softirq+0x311/0x83d [ 3022.711002][ C0] [ 3022.713319][ C0] Uninit was stored to memory at: [ 3022.718335][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 3022.724043][ C0] __msan_chain_origin+0x50/0x90 [ 3022.728971][ C0] tcp_conn_request+0x1781/0x4d10 [ 3022.733986][ C0] tcp_v4_conn_request+0x19b/0x240 [ 3022.739087][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 3022.744104][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 3022.749467][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 3022.754046][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 3022.758564][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 3022.764011][ C0] ip_local_deliver+0x62a/0x7c0 [ 3022.768880][ C0] ip_rcv+0x6cf/0x750 [ 3022.772855][ C0] process_backlog+0xf0b/0x1410 [ 3022.777694][ C0] net_rx_action+0x786/0x1aa0 [ 3022.782600][ C0] __do_softirq+0x311/0x83d [ 3022.787093][ C0] [ 3022.789419][ C0] Uninit was stored to memory at: [ 3022.794444][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 3022.800152][ C0] __msan_chain_origin+0x50/0x90 [ 3022.805079][ C0] tcp_openreq_init_rwin+0xc22/0xc80 [ 3022.810372][ C0] tcp_conn_request+0x33d7/0x4d10 [ 3022.815384][ C0] tcp_v4_conn_request+0x19b/0x240 [ 3022.820483][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 3022.825496][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 3022.830868][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 3022.835454][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 3022.839967][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 3022.845424][ C0] ip_local_deliver+0x62a/0x7c0 [ 3022.850267][ C0] ip_rcv+0x6cf/0x750 [ 3022.854241][ C0] process_backlog+0xf0b/0x1410 [ 3022.859113][ C0] net_rx_action+0x786/0x1aa0 [ 3022.863787][ C0] __do_softirq+0x311/0x83d [ 3022.868268][ C0] [ 3022.870581][ C0] Uninit was stored to memory at: [ 3022.875609][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 3022.881317][ C0] __msan_chain_origin+0x50/0x90 [ 3022.886240][ C0] tcp_conn_request+0x1781/0x4d10 [ 3022.891264][ C0] tcp_v4_conn_request+0x19b/0x240 [ 3022.896361][ C0] tcp_v6_conn_request+0xb5/0x2d0 [ 3022.901383][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 3022.906752][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 3022.911331][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 3022.915823][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 3022.921269][ C0] ip_local_deliver+0x62a/0x7c0 [ 3022.926193][ C0] ip_rcv+0x6cf/0x750 [ 3022.930164][ C0] process_backlog+0xf0b/0x1410 [ 3022.935003][ C0] net_rx_action+0x786/0x1aa0 [ 3022.940636][ C0] __do_softirq+0x311/0x83d [ 3022.945130][ C0] [ 3022.947455][ C0] Uninit was created at: [ 3022.951698][ C0] kmsan_save_stack_with_flags+0x3c/0x90 [ 3022.957335][ C0] kmsan_alloc_page+0x12a/0x310 [ 3022.962175][ C0] __alloc_pages_nodemask+0x5712/0x5e80 [ 3022.967714][ C0] alloc_pages_current+0x67d/0x990 [ 3022.972822][ C0] alloc_slab_page+0x111/0x12f0 [ 3022.977663][ C0] new_slab+0x2bc/0x1130 [ 3022.981893][ C0] ___slab_alloc+0x1533/0x1f30 [ 3022.986647][ C0] kmem_cache_alloc+0xb23/0xd70 [ 3022.991487][ C0] inet_reqsk_alloc+0xac/0x830 [ 3022.996241][ C0] tcp_conn_request+0x753/0x4d10 [ 3023.001168][ C0] tcp_v4_conn_request+0x19b/0x240 [ 3023.006277][ C0] tcp_rcv_state_process+0x26b/0x7140 [ 3023.011724][ C0] tcp_v4_do_rcv+0xb0f/0xd70 [ 3023.016322][ C0] tcp_v4_rcv+0x3f39/0x4d00 [ 3023.020831][ C0] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 3023.026307][ C0] ip_local_deliver+0x62a/0x7c0 [ 3023.031333][ C0] ip_sublist_rcv+0x11fa/0x13c0 [ 3023.036212][ C0] ip_list_rcv+0x8eb/0x950 [ 3023.040635][ C0] __netif_receive_skb_list_core+0x1311/0x1380 [ 3023.046797][ C0] netif_receive_skb_list_internal+0xf62/0x1620 [ 3023.053047][ C0] napi_complete_done+0x2ef/0xb60 [ 3023.058065][ C0] virtqueue_napi_complete+0xb9/0x1f0 [ 3023.063435][ C0] virtnet_poll+0x1468/0x19f0 [ 3023.068113][ C0] net_rx_action+0x786/0x1aa0 [ 3023.072779][ C0] __do_softirq+0x311/0x83d 00:47:40 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x31, &(0x7f0000000440)={'filter\x00', 0x8000801, 0x4, 0x3d4, 0x1e8, 0xe4, 0x1e8, 0x2f4, 0x2f4, 0x2f4, 0x4, 0x0, {[{{@uncond=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x70], 0xbc, 0xe4}, @unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00'}}, {{@uncond, 0xbc, 0x104}, @unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@arp={@multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'sit0\x00'}, 0xbc, 0x10c}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@link_local, @empty, @broadcast}}}], {{[], 0xbc, 0xe0}, {0x24}}}}, 0x420) 00:47:40 executing program 2: r0 = open$dir(&(0x7f0000000100)='./file0\x00', 0x40000400000002c2, 0x0) writev(r0, &(0x7f0000000340)=[{&(0x7f0000000180), 0x81700}], 0x100000000000000a) fchown(r0, 0x0, 0x0) 00:47:40 executing program 1: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ttyS3\x00', 0x0, 0x0) ioctl$TIOCGPGRP(r0, 0x540f, 0x0) 00:47:40 executing program 4: r0 = socket$inet(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10) r1 = socket$inet6(0xa, 0x80002, 0x0) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @local, 0x2}, 0x1c) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x4e23, 0x0, @ipv4={[], [], @multicast1}}, 0x18) sendto$inet6(r1, 0x0, 0x0, 0x0, 0x0, 0x0) recvmsg(r0, &(0x7f000001b900)={0x0, 0x0, 0x0}, 0x10002) recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 00:47:40 executing program 0: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000480)=@filter={'filter\x00', 0x50, 0x4, 0x44c, 0x0, 0x200, 0x11c, 0x0, 0x0, 0x384, 0x384, 0x384, 0x384, 0x384, 0x4, 0x0, {[{{@ipv6={@mcast1, @loopback, [], [], 'bond_slave_0\x00', 'geneve1\x00'}, 0x0, 0xf8, 0x142, 0x0, {}, [@common=@inet=@socket1={{0x24, 'socket\x00'}}, @common=@frag={{0x30, 'frag\x00'}}]}, @common=@unspec=@NFQUEUE1={0x24, 'NFQUEUE\x00', 0x0}}, {{@ipv6={@dev, @mcast1, [], [], 'rose0\x00', 'veth0_to_bond\x00'}, 0x0, 0xa4, 0xe4}, @common=@inet=@TCPOPTSTRIP={0x40, 'TCPOPTSTRIP\x00'}}, {{@ipv6={@remote, @dev, [], [], 'bridge0\x00', 'ip_vti0\x00'}, 0x0, 0x160, 0x184, 0x0, {}, [@common=@unspec=@conntrack2={{0xbc, 'conntrack\x00'}, {{@ipv6=@remote, [], @ipv4=@empty, [], @ipv6=@remote, [], @ipv6=@loopback}}}]}, @REJECT={0x24, 'REJECT\x00'}}], {{[], 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x4a8) 00:47:40 executing program 5: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r1 = dup(r0) getsockopt$bt_rfcomm_RFCOMM_LM(r1, 0x12, 0x3, 0x0, &(0x7f0000000140)) 00:47:40 executing program 1: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ttyS3\x00', 0x0, 0x0) ioctl$TIOCGPGRP(r0, 0x540f, 0x0) 00:47:40 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_GET_PIT(r1, 0x4008ae48, &(0x7f0000000040)) 00:47:40 executing program 4: r0 = socket$inet(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10) r1 = socket$inet6(0xa, 0x80002, 0x0) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @local, 0x2}, 0x1c) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x4e23, 0x0, @ipv4={[], [], @multicast1}}, 0x18) sendto$inet6(r1, 0x0, 0x0, 0x0, 0x0, 0x0) recvmsg(r0, &(0x7f000001b900)={0x0, 0x0, 0x0}, 0x10002) recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 00:47:40 executing program 2: r0 = syz_open_dev$video4linux(&(0x7f0000000040)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_SUBDEV_ENUM_FRAME_INTERVAL(r0, 0xc040564b, &(0x7f0000000080)) 00:47:41 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@ipv6_newroute={0x24, 0x18, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, [@RTA_ENCAP={0x8, 0x8, 0x0, 0x1, @typed={0x4}}]}, 0x24}}, 0x0) 00:47:41 executing program 0: r0 = syz_open_dev$dri(&(0x7f00000001c0)='/dev/dri/card#\x00', 0x0, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)) 00:47:45 executing program 5: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r1 = dup(r0) getsockopt$bt_rfcomm_RFCOMM_LM(r1, 0x12, 0x3, 0x0, &(0x7f0000000140)) 00:47:45 executing program 4: r0 = socket$inet(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10) r1 = socket$inet6(0xa, 0x80002, 0x0) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @local, 0x2}, 0x1c) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x4e23, 0x0, @ipv4={[], [], @multicast1}}, 0x18) sendto$inet6(r1, 0x0, 0x0, 0x0, 0x0, 0x0) recvmsg(r0, &(0x7f000001b900)={0x0, 0x0, 0x0}, 0x10002) recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 00:47:45 executing program 2: r0 = socket$kcm(0x21, 0x2, 0xa) setsockopt$sock_attach_bpf(r0, 0x88, 0x67, 0x0, 0x0) 00:47:45 executing program 3: unlink(&(0x7f00000017c0)='.\x00') 00:47:45 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@ipv6_newroute={0x24, 0x18, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, [@RTA_ENCAP={0x8, 0x8, 0x0, 0x1, @typed={0x4}}]}, 0x24}}, 0x0) 00:47:45 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@mpls_delroute={0x1c, 0x19, 0x1, 0x0, 0x0, {0x1c, 0x14, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x1, 0x800}}, 0x1c}}, 0x0) 00:47:46 executing program 4: r0 = socket$inet(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10) r1 = socket$inet6(0xa, 0x80002, 0x0) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @local, 0x2}, 0x1c) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x4e23, 0x0, @ipv4={[], [], @multicast1}}, 0x18) sendto$inet6(r1, 0x0, 0x0, 0x0, 0x0, 0x0) recvmsg(r0, &(0x7f000001b900)={0x0, 0x0, 0x0}, 0x10002) recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 00:47:46 executing program 0: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fsetxattr$system_posix_acl(0xffffffffffffffff, 0x0, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0x1, 0x0) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) ftruncate(0xffffffffffffffff, 0x0) sendmsg$TIPC_CMD_SET_NODE_ADDR(0xffffffffffffffff, 0x0, 0x0) bind$inet(r2, &(0x7f0000000280)={0x2, 0x4e23, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) fstatfs(0xffffffffffffffff, &(0x7f00000004c0)=""/156) sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10) ioctl$FS_IOC_SETFSLABEL(r1, 0x41009432, &(0x7f0000000140)="b2f33f8c4a1130c4ae055dae3330b8c8e6517f8818729183d38ad595f149bf5cd588ef61bc3ad072aed0d7847ca756b6b6c03d4c0e7117bb778fad29a29cd4c4789433c2b794d08047484abc83a07d3313bec48c9e25546ff58bf0008ba12fac418f76f01f4dddfd503e47ebb45d13b498fd7470986fa057cc119e37b20f167bceebc83141488afb2ddaf12bfd02844e0541e8da56f71f0d25a76a7bf3694ab58dfdc761a88453f1bd0417de496c7f3416dee6b1f8a6e0833b88e2671fb3780860c9ece2792988483ac649f3a817112637dd3db995a8c3dca9842fec57e65dc61ea379738015e1aba3ac707c616c4f42bf702b1db589957342692c9b2f88bb2a") setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000000)='bic\x00', 0x4) openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x12100, 0x0) 00:47:46 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x10012, r0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000300)='illinois\x00', 0x9) 00:47:46 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@ipv6_newroute={0x24, 0x18, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, [@RTA_ENCAP={0x8, 0x8, 0x0, 0x1, @typed={0x4}}]}, 0x24}}, 0x0) 00:47:46 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@ipv6_newroute={0x24, 0x18, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, [@RTA_ENCAP={0x8, 0x8, 0x0, 0x1, @typed={0x4}}]}, 0x24}}, 0x0) 00:47:46 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x8010aebc, &(0x7f00000003c0)={0x0, 0x0, @ioapic}) 00:47:47 executing program 5: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r1 = dup(r0) getsockopt$bt_rfcomm_RFCOMM_LM(r1, 0x12, 0x3, 0x0, &(0x7f0000000140)) 00:47:47 executing program 2: r0 = syz_open_dev$video4linux(&(0x7f0000000080)='/dev/v4l-subdev#\x00', 0x20003, 0x0) ioctl$VIDIOC_SUBDEV_S_FMT(r0, 0xc0585605, &(0x7f00000000c0)={0x0, 0x0, {0x0, 0x0, 0x3016}}) 00:47:47 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000c40)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000c80)={{0x14}, [@NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x6234f84c1300dfc9, 0x0, 0x0, {}, [@NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x28}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x8}]}], {0x14}}, 0x6c}}, 0x0) [ 3034.426850][ C1] not chained 840000 origins [ 3034.431524][ C1] CPU: 1 PID: 571 Comm: kworker/u4:23 Not tainted 5.6.0-rc2-syzkaller #0 [ 3034.439923][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3034.449977][ C1] Workqueue: krdsd rds_connect_worker [ 3034.455348][ C1] Call Trace: [ 3034.458621][ C1] [ 3034.461465][ C1] dump_stack+0x1c9/0x220 [ 3034.466066][ C1] kmsan_internal_chain_origin+0x6f/0x130 [ 3034.471822][ C1] ? should_fail+0x72/0x9e0 [ 3034.476336][ C1] ? ret_from_fork+0x35/0x40 [ 3034.480927][ C1] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 3034.486991][ C1] ? arch_stack_walk+0x34c/0x3e0 [ 3034.491927][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 3034.497128][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 3034.502321][ C1] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 3034.508215][ C1] ? kmsan_get_metadata+0x4f/0x180 [ 3034.513323][ C1] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 3034.519125][ C1] ? __msan_metadata_ptr_for_store_2+0x13/0x20 [ 3034.525274][ C1] ? tcp_parse_options+0x1ada/0x1b90 [ 3034.530572][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 3034.535765][ C1] __msan_chain_origin+0x50/0x90 [ 3034.540701][ C1] tcp_conn_request+0x13ce/0x4d10 [ 3034.545758][ C1] ? rb_first+0x31/0x100 [ 3034.550004][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 3034.555210][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 3034.560411][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 3034.565605][ C1] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 3034.571410][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 3034.576703][ C1] tcp_v4_conn_request+0x19b/0x240 [ 3034.582181][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 3034.587202][ C1] ? inet6_sk_rx_dst_set+0x3d0/0x3d0 [ 3034.592480][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 3034.598026][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 3034.603226][ C1] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 3034.609030][ C1] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 3034.615112][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 3034.620329][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 3034.625032][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 3034.629571][ C1] ? tcp_filter+0xf0/0xf0 [ 3034.633902][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 3034.639387][ C1] ip_local_deliver+0x62a/0x7c0 [ 3034.644242][ C1] ? ip_local_deliver+0x7c0/0x7c0 [ 3034.649261][ C1] ? ip_protocol_deliver_rcu+0xbc0/0xbc0 [ 3034.654889][ C1] ip_rcv+0x6cf/0x750 [ 3034.658873][ C1] ? ip_rcv_core+0x1270/0x1270 [ 3034.663627][ C1] ? ip_local_deliver_finish+0x350/0x350 [ 3034.669257][ C1] process_backlog+0xf0b/0x1410 [ 3034.674109][ C1] ? ip_local_deliver_finish+0x350/0x350 [ 3034.679758][ C1] ? rps_trigger_softirq+0x2e0/0x2e0 [ 3034.685046][ C1] net_rx_action+0x786/0x1aa0 [ 3034.689736][ C1] ? net_tx_action+0xc30/0xc30 [ 3034.694492][ C1] __do_softirq+0x311/0x83d [ 3034.699003][ C1] do_softirq_own_stack+0x49/0x80 [ 3034.704020][ C1] [ 3034.706954][ C1] __local_bh_enable_ip+0x184/0x1d0 [ 3034.712949][ C1] local_bh_enable+0x36/0x40 [ 3034.717534][ C1] ip_finish_output2+0x2115/0x2610 [ 3034.722639][ C1] ? ctnetlink_net_exit_batch+0x180/0x180 [ 3034.728351][ C1] ? nf_ct_deliver_cached_events+0x403/0x6c0 [ 3034.734488][ C1] __ip_finish_output+0xaa7/0xd80 [ 3034.739649][ C1] ip_finish_output+0x166/0x410 [ 3034.744507][ C1] ip_output+0x593/0x680 [ 3034.748773][ C1] ? ip_mc_finish_output+0x6c0/0x6c0 [ 3034.754055][ C1] ? ip_finish_output+0x410/0x410 [ 3034.759079][ C1] __ip_queue_xmit+0x1b5c/0x21a0 [ 3034.764017][ C1] ? kmsan_set_origin_checked+0x95/0xf0 [ 3034.769560][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 3034.774765][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 3034.779983][ C1] ip_queue_xmit+0xcc/0xf0 [ 3034.785035][ C1] ? tcp_v4_fill_cb+0x580/0x580 [ 3034.789883][ C1] __tcp_transmit_skb+0x439c/0x6090 [ 3034.795083][ C1] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 3034.800929][ C1] tcp_connect+0x4337/0x6920 [ 3034.805541][ C1] ? __msan_poison_alloca+0xf0/0x120 [ 3034.810823][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 3034.816042][ C1] tcp_v4_connect+0x21fd/0x2370 [ 3034.820922][ C1] ? tcp_twsk_unique+0xba0/0xba0 [ 3034.825873][ C1] __inet_stream_connect+0x2fb/0x1340 [ 3034.831254][ C1] ? __local_bh_enable_ip+0x97/0x1d0 [ 3034.836548][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 3034.841744][ C1] inet_stream_connect+0x101/0x180 [ 3034.846869][ C1] ? __inet_stream_connect+0x1340/0x1340 [ 3034.852500][ C1] rds_tcp_conn_path_connect+0x8a7/0xb80 [ 3034.858267][ C1] ? kmsan_get_metadata+0x11d/0x180 [ 3034.863464][ C1] ? rds_tcp_state_change+0x390/0x390 [ 3034.868914][ C1] rds_connect_worker+0x2a6/0x470 [ 3034.873928][ C1] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 3034.880693][ C1] ? rds_addr_cmp+0x200/0x200 [ 3034.885372][ C1] process_one_work+0x1555/0x1f40 [ 3034.890416][ C1] worker_thread+0xef6/0x2450 [ 3034.895113][ C1] kthread+0x4b5/0x4f0 [ 3034.899186][ C1] ? process_one_work+0x1f40/0x1f40 [ 3034.904380][ C1] ? kthread_blkcg+0xf0/0xf0 [ 3034.908963][ C1] ret_from_fork+0x35/0x40 [ 3034.913378][ C1] Uninit was stored to memory at: [ 3034.918403][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 3034.924114][ C1] __msan_chain_origin+0x50/0x90 [ 3034.929056][ C1] tcp_conn_request+0x1781/0x4d10 [ 3034.934156][ C1] tcp_v4_conn_request+0x19b/0x240 [ 3034.939254][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 3034.944288][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 3034.949649][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 3034.954229][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 3034.958717][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 3034.964161][ C1] ip_local_deliver+0x62a/0x7c0 [ 3034.968996][ C1] ip_rcv+0x6cf/0x750 [ 3034.972970][ C1] process_backlog+0xf0b/0x1410 [ 3034.977813][ C1] net_rx_action+0x786/0x1aa0 [ 3034.982493][ C1] __do_softirq+0x311/0x83d [ 3034.987003][ C1] [ 3034.989325][ C1] Uninit was stored to memory at: [ 3034.994346][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 3035.000074][ C1] __msan_chain_origin+0x50/0x90 [ 3035.005018][ C1] tcp_openreq_init_rwin+0xc22/0xc80 [ 3035.010301][ C1] tcp_conn_request+0x33d7/0x4d10 [ 3035.015320][ C1] tcp_v4_conn_request+0x19b/0x240 [ 3035.020423][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 3035.025438][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 3035.030797][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 3035.035374][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 3035.039868][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 3035.045328][ C1] ip_local_deliver+0x62a/0x7c0 [ 3035.050168][ C1] ip_rcv+0x6cf/0x750 [ 3035.054144][ C1] process_backlog+0xf0b/0x1410 [ 3035.058983][ C1] net_rx_action+0x786/0x1aa0 [ 3035.063651][ C1] __do_softirq+0x311/0x83d [ 3035.068134][ C1] [ 3035.070451][ C1] Uninit was stored to memory at: [ 3035.075467][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 3035.081172][ C1] __msan_chain_origin+0x50/0x90 [ 3035.086098][ C1] tcp_conn_request+0x1781/0x4d10 [ 3035.091123][ C1] tcp_v4_conn_request+0x19b/0x240 [ 3035.096253][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 3035.101290][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 3035.106666][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 3035.111275][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 3035.115787][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 3035.121236][ C1] ip_local_deliver+0x62a/0x7c0 [ 3035.126090][ C1] ip_rcv+0x6cf/0x750 [ 3035.130063][ C1] process_backlog+0xf0b/0x1410 [ 3035.134905][ C1] net_rx_action+0x786/0x1aa0 [ 3035.139571][ C1] __do_softirq+0x311/0x83d [ 3035.144054][ C1] [ 3035.146365][ C1] Uninit was stored to memory at: [ 3035.151378][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 3035.157084][ C1] __msan_chain_origin+0x50/0x90 [ 3035.162012][ C1] tcp_openreq_init_rwin+0xc22/0xc80 [ 3035.167290][ C1] tcp_conn_request+0x33d7/0x4d10 [ 3035.172302][ C1] tcp_v4_conn_request+0x19b/0x240 [ 3035.177414][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 3035.182441][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 3035.187816][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 3035.192400][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 3035.196892][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 3035.202337][ C1] ip_local_deliver+0x62a/0x7c0 [ 3035.207175][ C1] ip_rcv+0x6cf/0x750 [ 3035.211155][ C1] process_backlog+0xf0b/0x1410 [ 3035.216015][ C1] net_rx_action+0x786/0x1aa0 [ 3035.220684][ C1] __do_softirq+0x311/0x83d [ 3035.225166][ C1] [ 3035.227480][ C1] Uninit was stored to memory at: [ 3035.232499][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 3035.238210][ C1] __msan_chain_origin+0x50/0x90 [ 3035.243142][ C1] tcp_conn_request+0x1781/0x4d10 [ 3035.248183][ C1] tcp_v4_conn_request+0x19b/0x240 [ 3035.253283][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 3035.258296][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 3035.263662][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 3035.268245][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 3035.272735][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 3035.278185][ C1] ip_local_deliver+0x62a/0x7c0 [ 3035.283047][ C1] ip_rcv+0x6cf/0x750 [ 3035.287038][ C1] process_backlog+0xf0b/0x1410 [ 3035.291992][ C1] net_rx_action+0x786/0x1aa0 [ 3035.296664][ C1] __do_softirq+0x311/0x83d [ 3035.301151][ C1] [ 3035.303471][ C1] Uninit was stored to memory at: [ 3035.308496][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 3035.314382][ C1] __msan_chain_origin+0x50/0x90 [ 3035.319312][ C1] tcp_openreq_init_rwin+0xc22/0xc80 [ 3035.325715][ C1] tcp_conn_request+0x33d7/0x4d10 [ 3035.330740][ C1] tcp_v4_conn_request+0x19b/0x240 [ 3035.335849][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 3035.340869][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 3035.346238][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 3035.350823][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 3035.355316][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 3035.360761][ C1] ip_local_deliver+0x62a/0x7c0 [ 3035.365607][ C1] ip_rcv+0x6cf/0x750 [ 3035.369582][ C1] process_backlog+0xf0b/0x1410 [ 3035.374421][ C1] net_rx_action+0x786/0x1aa0 [ 3035.379101][ C1] __do_softirq+0x311/0x83d [ 3035.383618][ C1] [ 3035.385944][ C1] Uninit was stored to memory at: [ 3035.390998][ C1] kmsan_internal_chain_origin+0xad/0x130 [ 3035.396720][ C1] __msan_chain_origin+0x50/0x90 [ 3035.401652][ C1] tcp_conn_request+0x1781/0x4d10 [ 3035.406666][ C1] tcp_v4_conn_request+0x19b/0x240 [ 3035.411766][ C1] tcp_v6_conn_request+0xb5/0x2d0 [ 3035.416780][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 3035.422141][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 3035.426723][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 3035.431242][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 3035.436687][ C1] ip_local_deliver+0x62a/0x7c0 [ 3035.441524][ C1] ip_rcv+0x6cf/0x750 [ 3035.445511][ C1] process_backlog+0xf0b/0x1410 [ 3035.450353][ C1] net_rx_action+0x786/0x1aa0 [ 3035.455024][ C1] __do_softirq+0x311/0x83d [ 3035.459519][ C1] [ 3035.461838][ C1] Uninit was created at: [ 3035.466073][ C1] kmsan_save_stack_with_flags+0x3c/0x90 [ 3035.471695][ C1] kmsan_alloc_page+0x12a/0x310 [ 3035.476534][ C1] __alloc_pages_nodemask+0x5712/0x5e80 [ 3035.482067][ C1] alloc_pages_current+0x67d/0x990 [ 3035.487188][ C1] alloc_slab_page+0x111/0x12f0 [ 3035.492025][ C1] new_slab+0x2bc/0x1130 [ 3035.496257][ C1] ___slab_alloc+0x1533/0x1f30 [ 3035.501010][ C1] kmem_cache_alloc+0xb23/0xd70 [ 3035.505848][ C1] inet_reqsk_alloc+0xac/0x830 [ 3035.510599][ C1] tcp_conn_request+0x753/0x4d10 [ 3035.515702][ C1] tcp_v4_conn_request+0x19b/0x240 [ 3035.520887][ C1] tcp_rcv_state_process+0x26b/0x7140 [ 3035.526252][ C1] tcp_v4_do_rcv+0xb0f/0xd70 [ 3035.530846][ C1] tcp_v4_rcv+0x3f39/0x4d00 [ 3035.535347][ C1] ip_protocol_deliver_rcu+0x4b7/0xbc0 [ 3035.540815][ C1] ip_local_deliver+0x62a/0x7c0 [ 3035.545664][ C1] ip_sublist_rcv+0x11fa/0x13c0 [ 3035.550504][ C1] ip_list_rcv+0x8eb/0x950 [ 3035.554920][ C1] __netif_receive_skb_list_core+0x1311/0x1380 [ 3035.561350][ C1] netif_receive_skb_list_internal+0xf62/0x1620 [ 3035.567580][ C1] napi_complete_done+0x2ef/0xb60 [ 3035.572597][ C1] virtqueue_napi_complete+0xb9/0x1f0 [ 3035.577987][ C1] virtnet_poll+0x1468/0x19f0 [ 3035.582651][ C1] net_rx_action+0x786/0x1aa0 [ 3035.587333][ C1] __do_softirq+0x311/0x83d 00:47:52 executing program 3: timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x0, 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r2, 0x1, &(0x7f00000000c0)=[&(0x7f0000000140)={0x3a000000, 0x2759, 0xd, 0x0, 0x0, r1, 0x0}]) io_pgetevents(r2, 0x4, 0x4, &(0x7f0000000400)=[{}, {}, {}, {}], 0x0, 0x0) 00:47:52 executing program 4: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000140)='/dev/adsp1\x00', 0x101301, 0x0) ioctl$SNDCTL_DSP_SUBDIVIDE(r0, 0xc0045009, &(0x7f0000000080)=0x8) 00:47:52 executing program 2: r0 = syz_open_dev$video4linux(&(0x7f0000000080)='/dev/v4l-subdev#\x00', 0x20003, 0x0) ioctl$VIDIOC_SUBDEV_S_FMT(r0, 0xc0585605, &(0x7f00000000c0)={0x0, 0x0, {0x0, 0x0, 0x3016}}) 00:47:52 executing program 1: r0 = socket$kcm(0x2, 0x2, 0x73) ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x541b, &(0x7f0000000000)) 00:47:52 executing program 5: r0 = socket(0x2, 0x3, 0x100000001) bind$inet(r0, &(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x10) syz_emit_ethernet(0x36, &(0x7f0000000340)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x1, 0x0, @remote, @local}, @timestamp}}}}, 0x0) 00:47:52 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)=@newlink={0x54, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_VFINFO_LIST={0x20, 0x16, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, [@IFLA_VF_VLAN_LIST={0x18, 0xc, 0x0, 0x1, [{0x14, 0x1, {0x81000000}}]}]}]}, @IFLA_IFNAME={0x14, 0x3, 'netdevsim0\x00'}]}, 0x54}}, 0x0) 00:47:52 executing program 2: r0 = syz_open_dev$video4linux(&(0x7f0000000080)='/dev/v4l-subdev#\x00', 0x20003, 0x0) ioctl$VIDIOC_SUBDEV_S_FMT(r0, 0xc0585605, &(0x7f00000000c0)={0x0, 0x0, {0x0, 0x0, 0x3016}}) 00:47:52 executing program 1: bind(0xffffffffffffffff, &(0x7f0000000100)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x4e21, 0x0, @remote}}}, 0x80) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x1, &(0x7f0000000280)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c000000000000040000000001000000004000000040010080002e360e59acaa4f37be5a0000ffff53ef", 0x261, 0x400}], 0x1, 0x0) 00:47:52 executing program 0: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000640)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0x6, [@typedef={0x4, 0x0, 0x0, 0x7}, @int={0x0, 0x0, 0x0, 0x1, 0x5}, @union={0x0, 0x1, 0x0, 0x5, 0x0, 0x0, [{0x4, 0x2}]}]}, {0x0, [0x0, 0x0, 0x0, 0xda]}}, &(0x7f0000000340)=""/142, 0x52, 0x8e, 0x8}, 0x20) [ 3039.027646][T19088] EXT4-fs (loop1): unsupported inode size: 8526 [ 3039.034179][T19088] EXT4-fs (loop1): blocksize: 1024 00:47:53 executing program 2: r0 = syz_open_dev$video4linux(&(0x7f0000000080)='/dev/v4l-subdev#\x00', 0x20003, 0x0) ioctl$VIDIOC_SUBDEV_S_FMT(r0, 0xc0585605, &(0x7f00000000c0)={0x0, 0x0, {0x0, 0x0, 0x3016}}) 00:47:53 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r0, &(0x7f00000003c0)={0x2, 0x4e23, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) sendmmsg(r0, &(0x7f0000000780)=[{{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000200)="8d", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000e40)=[{&(0x7f0000000000)="97b8f5de98917547b7209e3040e2f64f48a441e7e190f539052a880077fbdab71547169896fed3bf59faab285ac1df55954ee05d0fcfcc37df2d1d6d0a327dbe52474e90b75dddf08a5b5ce965f609363cb99e8b9e12b2f0671a68a23ab6d64fb7a0aa3663eebe63073baeac5c43d2a239efc1403075ec35906f96", 0x7b}, {&(0x7f0000000ac0)="5e80c36f136c7c962ab19a752dda6e54053869b6032b091e08ada9126ab8bdacd32b07530be715f077a3cdd86f213a8b0bcdb79baf04e636f7efc169ae6a8a9851dc82d6ea96f753529040b84e198317641e283a557981394ae30107799ae62f2e613b59bcb690a9dbfe8acadd444718151042686b0c060c781102500877433539c6ebc3289618e577a51e24126a8c512c4e40d5caeae1962c4e4f9b", 0x9c}, {&(0x7f0000001340)="4a5ee29babc909e40d9fbc8f433dd22b6874a1798767227fbfd665a8d762c85ec34bc8ad708c87fa90f24dbf8272afcd40f1010257a23e1f51010c91727e597e454a5ce26a4c6b813bed89822978f86e8bd448211290e36f3d61dc3f33daeba4ff2ea7ccffbcdb189a174b6610eec156b834c9463c5e3a8de549f51ea0a318f8845f", 0x82}], 0x3}}], 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000140)=0xda6, 0x4) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000001640)={0x470, 0x0, 0x0, 0x0, 0x0, {}, [@NL80211_ATTR_HIDDEN_SSID={0x8}, @NL80211_ATTR_FTM_RESPONDER={0xc, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_ENABLED={0x4}, @NL80211_FTM_RESP_ATTR_ENABLED={0x4}]}, @NL80211_ATTR_BEACON_HEAD={0x425, 0xe, "43f3f9fd2bfaaa84c6f656fafebb3d1ca2ddfc9bb93dc947aeca7d749dfea348c5ea3b7ea3a961616411539d7ff91bf927fa2adadadfd9b29965313438a2d74d0d69f354db5af3934e32262e0773e068087424c9b0e2de39ef8e4b8a6865558063c9b0654b65864c2d16d0568d70f4a00f81b65696e3f36dc4b61bb310550f4ee95a4b2d2315f9d023fd960a2475ba6093c08f55a211b9011ee1989b55f14cdd8ff8150eed70d4af68ed364bacc9077b078ae105b65ea8ddde1b8039cc8c5a725c02bef585ad403d37399610316a7ea86800383b229127f9bb5282086f2c3adb503852732245b5dcb9d8522d9ab5db9d71c5d09b3f0fa448eedcae3b9590d396d982397bd020a5d3588d8667bbc154103ff81f4c3ae4d7b5c442f58e7a89202f64893693a7595f511eb2a3129d32d7fe4d57ca4d94ec1e3126cdb0e12d8cc30c06efd6197167068b2a9905407e6afbf0f783a23a08c8df3c005fd864a931d75ccd3a4a1c0f85143b3cc7a1759c45c7ddb38f0bbc6be1a24b0a87b12d79368783673bc929e93594ba9162c8deac704892e657df727806d806086e4fab78af24d0db0bd25dbb8a32825dbc5b5480fbbf6078ba7d60fabaaea7cdb8b6cb7059266898c7c1c9044d5fdc11f0f1bbca2e5e443394ab3af2b1875385d3e53007c1c38a6a4ee4f7a51d984c7b06bf2d7ba5e43ec46fd76d87d93fd768a11f9fd3d4d721b3bd7c0694f1ccf0f7b4c3c89cb36d3a4d68dbb8fd9dc85fc29ac00c7431005e9734dac1fa2f88e6affaf956fbdc7519adc2447fa61ecc50b9562cf1710a61c78db04d954f97774a55c84ead300ec1e959087bd93c8225e538dae2fdcea4c03ee3f081cd35b24ca5335659d61fe64d793ac9d50459d8cdc205ba3c3f74408d8dc8ef0dae65cc43075d5e243027952fae7d9115a409c2e72e20c396018183bd55fbdaabbbcc6b9926382f9d571e58182c44ffd5834099c32210a847c4bad57c23292820c8c68106dcbe9d0f443b65fa35e94f1e57acf8ba23922da40111da7c489f7ec2ce50ec81ab511bde09a6c222564bfaa487085e1fb72e14a2141ec8827336da7dc4dd5c88a8c59eeccc68da4fdfac94c233653dceaa0b78ee8f55f626c93d0b5d61653edb009959abf277f3da685ecf70fd53212943393203698335b8c651003666c55cfb86280b83c6a74da8d38d5e4c8da4f4df65270403e43e04a49a6c92834bf9e2567e73be429dbf22b40036033dbbb20c6711e828e4d45f3f16b102705c7c5db92aeb75a9ccd9714b3edae4933ca19b84fe6ad40e4052bdeaa1369e54ab870b104e11c72503156b7c74b5d89e14b383aba89a8510934688f5b4e5668f1ce40954d500eab21de40981b32fb235e58baa69cd11646fcb897ac3e96171b379078d41b34c865b0b5072596c63a07ff03bd528f28a1aa1c656b9ca93fd621d575f113be07c748a682210de29fb2eb33a787f8c0356607c695d258e43e7a7"}, @NL80211_ATTR_CIPHER_SUITES_PAIRWISE={0x10, 0x49, [0x0, 0x0, 0x0]}, @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_AKM_SUITES={0x8, 0x4c, [0x0]}]}, 0x470}}, 0x0) 00:47:53 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000280)={'filter\x00', 0x7, 0x4, 0x404, 0x0, 0x0, 0x10c, 0x324, 0x324, 0x324, 0x4, 0x0, {[{{@arp={@loopback, @empty, 0x0, 0x0, 0x0, 0x0, {@mac=@dev}, {@mac=@multicast}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'batadv_slave_1\x00', 'ip_vti0\x00', {}, {}, 0x0, 0xfc964e656707f201}, 0xbc, 0x10c}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@local, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, {{@uncond, 0xbc, 0x10c}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@multicast, @empty, @broadcast, @local}}}, {{@uncond, 0xbc, 0x10c}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @empty, @loopback}}}], {{[], 0xbc, 0xe0}, {0x24}}}}, 0x450) 00:48:00 executing program 2: r0 = socket$inet6(0xa, 0x3, 0x5) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr="7c199e9a1d1772c2158e66efeb01fdbd", 0x0, 0x0, 0x3, 0x1}, 0x20) 00:48:00 executing program 3: timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x0, 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r2, 0x1, &(0x7f00000000c0)=[&(0x7f0000000140)={0x3a000000, 0x2759, 0xd, 0x0, 0x0, r1, 0x0}]) io_pgetevents(r2, 0x4, 0x4, &(0x7f0000000400)=[{}, {}, {}, {}], 0x0, 0x0) 00:48:00 executing program 1: r0 = socket$inet(0xa, 0x801, 0x84) connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(r0, 0x800000000000401) r1 = accept4(r0, 0x0, 0x0, 0x0) unshare(0x2000400) shutdown(r1, 0x0) 00:48:00 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'vlan1\x00', &(0x7f00000000c0)=@ethtool_eeprom={0x43}}) 00:48:00 executing program 0: r0 = socket$inet_dccp(0x2, 0x6, 0x0) setsockopt(r0, 0x0, 0xd, 0x0, 0x0) 00:48:00 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'rmd320\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$kcm(r1, &(0x7f0000002d00)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000340)="c5", 0x1}, {&(0x7f0000000000)="b8dbc13e499442b5e3e51ac60d7c3035932c1d83a5f7e2781bf175df6068c7235f5808703d", 0x25}, {&(0x7f0000000100)="18a74e58e719838b9b284ba8cb110c5e5ee557ad648244d6fcd43d125335304fad1ae3bba8e1736981e565b824e6e1701812bc1baca977494ba700c16167c3b60549ad2776c8bf40", 0x48}, {&(0x7f00000001c0)="60e0bbeae02c9b39402af514ebce629cbb9c7547b5c6bdd601138abf3fa20eb150c5316ad771e6d44c2671f15702e9dd13d9ff00f18e0d1faaf27d96d3e40035ed1ff7fff9cf10e57b9f", 0x4a}], 0x4}, 0x0) 00:48:00 executing program 2: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) r1 = syz_open_dev$sndtimer(&(0x7f0000000000)='/dev/snd/timer\x00', 0x0, 0x0) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000140)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r1}}) 00:48:00 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f0000000180)={@void, @val, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0x38, 0x3a, 0x0, @empty, @mcast2, {[], @time_exceed={0x4, 0x0, 0x0, 0x0, [], {0x0, 0x6, "caa7ce", 0x0, 0x29, 0x0, @dev, @empty, [], "aa40ca86ff8668ac"}}}}}}, 0x6a) 00:48:00 executing program 1: r0 = epoll_create1(0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4) fsetxattr$trusted_overlay_upper(r0, &(0x7f0000000000)='trusted.overlay.upper\x00', 0x0, 0x0, 0x0) 00:48:00 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) close(r0) socket$kcm(0x29, 0x5, 0x0) ioctl$SIOCSIFHWADDR(r0, 0x8937, &(0x7f0000000240)={'veth0_vlan\x00', @random="01003a1e2410"}) 00:48:00 executing program 4: r0 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r0, &(0x7f0000000040), 0x10) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f00000000c0)=[{}, {}], 0x10) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, 0x0, 0x0) 00:48:00 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000003c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x332, 0x0, 0x0, 0x17c, 0x17c, 0x0, 0x260, 0x260, 0x260, 0x260, 0x260, 0x3, 0x0, {[{{@uncond=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6], 0x0, 0x114, 0x17c, 0x52020000, {}, [@common=@unspec=@connbytes={{0x38, 'connbytes\x00'}}, @common=@unspec=@quota={{0x38, 'quota\x00'}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0xa4, 0xe4}, @common=@inet=@TCPOPTSTRIP={0x40, 'TCPOPTSTRIP\x00'}}], {{[], 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x384) 00:48:01 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000040)={0x26, 'hash\x00', 0x0, 0x0, 'cbcmac(camellia)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000100)="0a0775b005e381e5b3b60c969e5c9b23db", 0x11) 00:48:06 executing program 4: r0 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r0, &(0x7f0000000040), 0x10) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f00000000c0)=[{}, {}], 0x10) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, 0x0, 0x0) 00:48:06 executing program 1: r0 = socket$inet(0x10, 0x3, 0x0) sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)="24000000480003041dfffd946f6105000a00000a1f000003141008080800110012000000", 0x24}], 0x1}, 0x0) 00:48:06 executing program 3: timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x0, 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r2, 0x1, &(0x7f00000000c0)=[&(0x7f0000000140)={0x3a000000, 0x2759, 0xd, 0x0, 0x0, r1, 0x0}]) io_pgetevents(r2, 0x4, 0x4, &(0x7f0000000400)=[{}, {}, {}, {}], 0x0, 0x0) 00:48:06 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'crc32\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ipv6_route\x00') sendfile(r1, r2, 0x0, 0x96) 00:48:06 executing program 0: r0 = syz_open_dev$sndseq(&(0x7f0000000000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT(r0, 0xc0bc5351, &(0x7f0000000040)={0x40, 0x0, 'client1\x00', 0x0, "058a133c1382f7c6", "bda14c387d159c4efc634d25a7767a7c3916d50e75f57308dd05a9c28f2fbc32"}) 00:48:06 executing program 2: writev(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000280)="390000001300090468fe0704000000000000ff3f02000000450001070000001419001a0015000a0007000800020000", 0x2f}], 0x1) r0 = socket(0x10, 0x3, 0x0) sendmmsg$alg(r0, &(0x7f0000000140)=[{0x0, 0x0, &(0x7f0000000100), 0xa, &(0x7f0000000100)}], 0x492492492492805, 0x0) [ 3052.701095][T19998] netlink: 'syz-executor.2': attribute type 8 has an invalid length. [ 3052.709604][T19998] netlink: 9 bytes leftover after parsing attributes in process `syz-executor.2'. 00:48:06 executing program 0: r0 = memfd_create(&(0x7f0000000100)='\vem1\xc1\xf8\xa6\x8dN\xc0\xa3w\xe2\xcb\xa2\xba\xe5\xf4\x97\xac#*\xff', 0x0) write(r0, &(0x7f0000000040)="06", 0x1) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) getsockopt$inet_tcp_int(r2, 0x6, 0x1b, 0x0, &(0x7f00000001c0)) 00:48:06 executing program 4: r0 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r0, &(0x7f0000000040), 0x10) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f00000000c0)=[{}, {}], 0x10) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, 0x0, 0x0) 00:48:06 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={0x750, {}, {0x2, 0x0, @local}, {0x2, 0x0, @broadcast}, 0x0, 0x0, 0x2, 0x46a}) 00:48:07 executing program 2: r0 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x1, 0x60001) writev(r0, &(0x7f00000001c0)=[{&(0x7f0000001400)="9635ab0f", 0x4}, {&(0x7f0000000340)="3e55e72cfbe59bc199a98dc111a7069644ba2c56324883e86afd872e9904602fdd2b9d5c9e472f343e1990c03f8177563fdd6230dddc195af4707e1549d5a0d62c0cfb859ee44676e1f733dfa844edf195142d104489ab00c39a34db20014bdc10c47541f4e7", 0x66}, {&(0x7f0000000140)="5d9e4fd5e3b976b359edf8311e79b6a5681485bae64f690d10682c0f1256cf305e3d635ef8848fe3ed6b8d4652f3e574e4b4e5d6a04026eff4", 0x39}, {&(0x7f0000000200)='\r', 0x1221}], 0x4) 00:48:07 executing program 1: truncate(0x0, 0xfffffffffffff801) 00:48:07 executing program 0: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0) mount$bpf(0x20000000, &(0x7f0000000100)='./file0\x00', 0x0, 0x5890, 0x0) umount2(&(0x7f0000000200)='./file0\x00', 0x0) 00:48:13 executing program 2: r0 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x1, 0x60001) writev(r0, &(0x7f00000001c0)=[{&(0x7f0000001400)="9635ab0f", 0x4}, {&(0x7f0000000340)="3e55e72cfbe59bc199a98dc111a7069644ba2c56324883e86afd872e9904602fdd2b9d5c9e472f343e1990c03f8177563fdd6230dddc195af4707e1549d5a0d62c0cfb859ee44676e1f733dfa844edf195142d104489ab00c39a34db20014bdc10c47541f4e7", 0x66}, {&(0x7f0000000140)="5d9e4fd5e3b976b359edf8311e79b6a5681485bae64f690d10682c0f1256cf305e3d635ef8848fe3ed6b8d4652f3e574e4b4e5d6a04026eff4", 0x39}, {&(0x7f0000000200)='\r', 0x1221}], 0x4) 00:48:13 executing program 4: r0 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r0, &(0x7f0000000040), 0x10) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f00000000c0)=[{}, {}], 0x10) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, 0x0, 0x0) 00:48:13 executing program 3: timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x0, 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r2, 0x1, &(0x7f00000000c0)=[&(0x7f0000000140)={0x3a000000, 0x2759, 0xd, 0x0, 0x0, r1, 0x0}]) io_pgetevents(r2, 0x4, 0x4, &(0x7f0000000400)=[{}, {}, {}, {}], 0x0, 0x0) 00:48:13 executing program 5: r0 = socket$kcm(0x29, 0x5, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='net/kcm\x00') sendmsg$kcm(r0, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x40480c0) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000300)=""/152, 0x98}], 0x1, 0x0) 00:48:13 executing program 1: r0 = add_key$keyring(&(0x7f0000000640)='keyring\x00', &(0x7f0000000080)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, 0x0, 0x0) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, 0x0, 0x0) 00:48:13 executing program 0: prctl$PR_GET_NAME(0x59616d61, &(0x7f0000000040)=""/43) 00:48:13 executing program 2: r0 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x1, 0x60001) writev(r0, &(0x7f00000001c0)=[{&(0x7f0000001400)="9635ab0f", 0x4}, {&(0x7f0000000340)="3e55e72cfbe59bc199a98dc111a7069644ba2c56324883e86afd872e9904602fdd2b9d5c9e472f343e1990c03f8177563fdd6230dddc195af4707e1549d5a0d62c0cfb859ee44676e1f733dfa844edf195142d104489ab00c39a34db20014bdc10c47541f4e7", 0x66}, {&(0x7f0000000140)="5d9e4fd5e3b976b359edf8311e79b6a5681485bae64f690d10682c0f1256cf305e3d635ef8848fe3ed6b8d4652f3e574e4b4e5d6a04026eff4", 0x39}, {&(0x7f0000000200)='\r', 0x1221}], 0x4) 00:48:13 executing program 4: r0 = syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0x0, 0x0) ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000180)) 00:48:13 executing program 1: perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xbb, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x3, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41be, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f0000000040)='./file0\x00', 0x0, 0x807284, 0x0) r0 = open(&(0x7f0000000280)='./file0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000340)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000080), 0x12) r2 = openat$cgroup_int(r0, &(0x7f00000000c0)='cpuset.cpu_exclusive\x00', 0x2, 0x0) sendfile(r2, r1, 0x0, 0x100000700) tkill(0x0, 0x0) fanotify_mark(0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) 00:48:13 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0x33, &(0x7f0000000040)=0x2, 0x4) setsockopt$inet6_int(r0, 0x29, 0x31, &(0x7f0000000080)=0x8, 0x4) getsockopt$inet6_buf(r0, 0x29, 0x6, 0x0, &(0x7f0000000000)) 00:48:13 executing program 2: r0 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x1, 0x60001) writev(r0, &(0x7f00000001c0)=[{&(0x7f0000001400)="9635ab0f", 0x4}, {&(0x7f0000000340)="3e55e72cfbe59bc199a98dc111a7069644ba2c56324883e86afd872e9904602fdd2b9d5c9e472f343e1990c03f8177563fdd6230dddc195af4707e1549d5a0d62c0cfb859ee44676e1f733dfa844edf195142d104489ab00c39a34db20014bdc10c47541f4e7", 0x66}, {&(0x7f0000000140)="5d9e4fd5e3b976b359edf8311e79b6a5681485bae64f690d10682c0f1256cf305e3d635ef8848fe3ed6b8d4652f3e574e4b4e5d6a04026eff4", 0x39}, {&(0x7f0000000200)='\r', 0x1221}], 0x4) 00:48:13 executing program 4: ioctl$VIDIOC_G_MODULATOR(0xffffffffffffffff, 0xc0445636, &(0x7f0000000300)={0x0, "f6df92b067eb3963550bc0466ab2f4dac721b36f822ae5fc76ecd65c9267c61f", 0x0, 0x0, 0x0, 0x5cc991358d22268}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sendmsg$nl_crypto(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=@get={0xe0, 0x13, 0x0, 0x0, 0x0, {{'sha3-384-generic\x00'}}}, 0xe0}}, 0x0) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f00000000c0)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:48:14 executing program 2: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x541c, &(0x7f00000000c0)=0x3) 00:48:18 executing program 1: r0 = socket(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000800)=ANY=[@ANYBLOB="6d616e676c6500000000000000000000000000000000000000000000000000001f0000000600000058050000b8030000f0010000d0000000b8030000c00200008804000088040000880400008804000088040000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b031e97200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a800d0000000000000000000000000000000000000000000000000002800484c000000000000000000000000000000000000000000000000000000000100000000000000fe80000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000062617461647630000000000000000000697036677265300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f80020010000000000000000000000000000000000000000000000002800727066696c7465720000000000000000000000000000000000000000000000000000000000002800727066696c7465720000000000000000000000000000000000000000000000000000000000002800484c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a800d0000000000000000000000000000000000000000000000000002800484c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d000f800000000000000000000000000000000000000000000000000280069707636686561646572000000000000000000000000000000000000000000000000000000002800544f5300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a8ded0"], 0x1) 00:48:18 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=@newtaction={0x50, 0x30, 0x1, 0x0, 0x0, {}, [{0x3c, 0x1, [@m_ife={0x38, 0x1, 0x0, 0x0, {{0x8, 0x1, 'ife\x00'}, {0x28, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}, @TCA_IFE_METALST={0x8, 0x6, [@IFE_META_SKBMARK={0x4, 0x1, @void}]}]}, {0x4}}}]}]}, 0x50}}, 0x0) 00:48:18 executing program 2: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x541c, &(0x7f00000000c0)=0x3) 00:48:18 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @empty}}) write$tun(r0, &(0x7f0000000200)={@void, @val={0x3, 0x4, 0x0, 0x101}, @mpls={[], @ipv4=@icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x88, 0x0, @dev, @local}}}}, 0x26) 00:48:18 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSW(r1, 0x5403, &(0x7f0000000480)={0xe7, 0x0, 0x0, 0x10001, 0x0, "9c95df2c7526ee5f3a0388b0231003cc25aef2"}) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000000000001000"}) 00:48:18 executing program 3: r0 = socket$netlink(0x10, 0x3, 0xc) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=@newlink={0x20}, 0x20}}, 0x0) socket$inet6(0xa, 0x0, 0x0) 00:48:18 executing program 2: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x541c, &(0x7f00000000c0)=0x3) 00:48:18 executing program 0: rseq(0x0, 0x0, 0x21, 0x0) 00:48:18 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)={0x44, 0x0, 0x8, 0x101, 0x0, 0x0, {}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_DATA={0x14, 0x4, 0x0, 0x1, @sctp=[@CTA_TIMEOUT_SCTP_HEARTBEAT_ACKED={0xffffffffffffff90}, @CTA_TIMEOUT_SCTP_SHUTDOWN_ACK_SENT]}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x11}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x2}]}, 0x44}}, 0x0) 00:48:19 executing program 2: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x541c, &(0x7f00000000c0)=0x3) [ 3065.146852][T20815] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'. 00:48:19 executing program 0: r0 = creat(&(0x7f0000000480)='./bus\x00', 0x0) r1 = creat(&(0x7f0000000240)='./bus\x00', 0x0) ioctl$FICLONERANGE(r1, 0x4020940d, &(0x7f0000000200)={{r0}}) 00:48:19 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)={0x44, 0x0, 0x8, 0x101, 0x0, 0x0, {}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_DATA={0x14, 0x4, 0x0, 0x1, @sctp=[@CTA_TIMEOUT_SCTP_HEARTBEAT_ACKED={0xffffffffffffff90}, @CTA_TIMEOUT_SCTP_SHUTDOWN_ACK_SENT]}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x11}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x2}]}, 0x44}}, 0x0) [ 3065.411294][T20824] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'. 00:48:19 executing program 2: rt_sigtimedwait(&(0x7f0000000000), 0x0, &(0x7f00000002c0), 0x8) 00:48:19 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)={0x44, 0x0, 0x8, 0x101, 0x0, 0x0, {}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_DATA={0x14, 0x4, 0x0, 0x1, @sctp=[@CTA_TIMEOUT_SCTP_HEARTBEAT_ACKED={0xffffffffffffff90}, @CTA_TIMEOUT_SCTP_SHUTDOWN_ACK_SENT]}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x11}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x2}]}, 0x44}}, 0x0) 00:48:19 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000400)={{0x2, 0x0, @empty}, {0x0, @link_local}, 0x0, {0x2, 0x0, @dev}, 'vcan0\x00'}) 00:48:19 executing program 2: r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f00000031c0)={0x0, 0x8, &(0x7f0000003180)={&(0x7f0000000040)={0x38, 0x1403, 0x1, 0x0, 0x0, "", [{{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'netdevsim0\x00'}}]}, 0x38}}, 0x0) [ 3065.926469][T21049] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3065.992194][T21053] rdma_rxe: already configured on netdevsim0 00:48:20 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) execveat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) [ 3070.976835][T21260] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 3071.031605][T21260] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. 00:48:26 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) bind$netlink(r0, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc) 00:48:26 executing program 0: r0 = socket(0x1e, 0x1, 0x0) setsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, &(0x7f00000001c0), 0x4) 00:48:26 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)={0x44, 0x0, 0x8, 0x101, 0x0, 0x0, {}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_DATA={0x14, 0x4, 0x0, 0x1, @sctp=[@CTA_TIMEOUT_SCTP_HEARTBEAT_ACKED={0xffffffffffffff90}, @CTA_TIMEOUT_SCTP_SHUTDOWN_ACK_SENT]}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x11}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x2}]}, 0x44}}, 0x0) 00:48:26 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@ipv6_delroute={0x30, 0x19, 0x1, 0x0, 0x0, {}, [@RTA_MULTIPATH={0xc}, @RTA_EXPIRES={0x8, 0x1e}]}, 0x30}}, 0x0) 00:48:26 executing program 2: r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f00000031c0)={0x0, 0x8, &(0x7f0000003180)={&(0x7f0000000040)={0x38, 0x1403, 0x1, 0x0, 0x0, "", [{{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'netdevsim0\x00'}}]}, 0x38}}, 0x0) 00:48:26 executing program 5: pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) write$P9_RWSTAT(r1, &(0x7f0000000100)={0xffffff4f}, 0x7) socket$inet_icmp_raw(0x2, 0x3, 0x1) bind$inet(r2, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x32}}, 0x3d) connect$inet(r2, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10) r3 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r3, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4) setsockopt$packet_tx_ring(r3, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6, 0x0, 0x0, 0xfff}, 0x1c) splice(r0, 0x0, r2, 0x0, 0x100000, 0x0) [ 3072.140125][T21271] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3072.211064][T21273] rdma_rxe: already configured on netdevsim0 00:48:26 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800a00010076786c616e0000001800028014000400e00000b6a19c324dec3fab0ebbc757c7bc7f458168a5d5a12af6f4cebbba3a6b286cc70230251b0cfaec50864c69e23dabdda2e67d7a4e7d06c890f9a743e6f134", @ANYRES32=0x0, @ANYBLOB="0120000000000000"], 0x48}}, 0x0) 00:48:26 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) r1 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_msfilter(r1, 0x0, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="e0"], 0x1) getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000040)={0x0, @local, @local}, &(0x7f0000000080)=0xc) sendmsg$can_raw(r0, &(0x7f0000001340)={&(0x7f0000001280)={0x1d, r2}, 0x10, &(0x7f0000001300)={0x0, 0x10}}, 0x0) 00:48:26 executing program 2: r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f00000031c0)={0x0, 0x8, &(0x7f0000003180)={&(0x7f0000000040)={0x38, 0x1403, 0x1, 0x0, 0x0, "", [{{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'netdevsim0\x00'}}]}, 0x38}}, 0x0) 00:48:26 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[@ANYBLOB="d400000019001905000000000000000002200000ff03ff000000800008000100ac14140018009400111a8200040090f7c10f4b31901b77481e35fd000c00080008000200000300000000009a6505bc4c1d19e0832078a69f638f6cd400020000011d0137afbe631c51f45e330000235077d4ecf22fb77b9b7516eb430c341a73903e8201b95bab58186fb9bb9375f3ffffff7f645cb3a869c9d79e62ec5ff81e75adedf879c02c2e02035edbb50602f69e198fa8a10f5489c728f0983b9022c59af166fe5359ab1aa27d587fafd5a0dba1676bfbbe4f8aef8ae9ea4b574954d3815aa7be53b58e75e8a419a2e40d4aa20349205a735d4cb8b697d3de1987cefce7236145918e456380ce67ef3cdb01e9572932874d4833b9dec88f0e521a31204aab09dd79d18097cc934c3fa5bc8ee49fa220591c4891f720c3b1bddae92c563068244a2482c0e570df9976ea3576fdf71c6036d0bc9fa7ae1b80d4286735a48d599d93b48525c177f8bb5e750e430a69c394c9010eb0c285270ae0038db6100e1ad2445fa9aca507cb4e84db4cd96e5f1653632f111d1d5ed409e2ded8db9cb08a799d51640a9f4e65042fafbd5eb08fc4a4dc8c4c46eabeeebde761c7118c2ebdc7e990b3ab038034c376b455de9e2ac120e8ef7c402ff3fb6dc7d661052bb3ded6305c9ff383ff2c2ca5f81ea244f9011435d65221ad3c93", @ANYRES32, @ANYBLOB="8a0008005bfb166eb20dfb9c2de49fa5a62a106f1727765f306e63328c3715aff6e665d9c6a23f2513adaa0e5ee99773ec9c13b19171d85fb22b3259ad326283f17e6e508e814237d0e030de890f505f1a937216d4e408ac3105a019d3c29b16e435a7544546cd9c4d51d29ff6d4dd3bef4a5dadcf8db629c2935aa3750000c3f733eb5244f770d61e4641611c83e532d8307fe4a136b3e782c8f5859f5d7cd20100000020a32b9a5ec5f46e2f059d588dfb91c6070fa90e911b7535be0c2dcbaa0000000000000000ea3489cbe4089fbf27fb6f4ca455e33c1f8cf4d20b3bd613b9f1144724a569fd3dd41354ed6f355cb400b9405edd7d8c191cd0bc00a31bd9502177a8e4f517f6387a9d6213c877744c54bd0256d97f6d2fcd63ede7f6d3d2638089d9bce3f615e83d5bbe6d3bc34f2eb2dbddbe1ffbf575e7ba032ada58aa3fb8f8411d4e3a48a8d1671b51bd321d80653d3af49c5ec62408bc"], 0xd4}, 0x1, 0x0, 0x0, 0x10}, 0x0) 00:48:26 executing program 4: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) msgsnd(0x0, &(0x7f0000000000)={0x2}, 0x2000, 0x0) [ 3072.656458][T21287] netlink: 140 bytes leftover after parsing attributes in process `syz-executor.1'. [ 3072.693378][T21290] rdma_rxe: already configured on netdevsim0 00:48:26 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) r2 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=@bridge_setlink={0x28, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@IFLA_AF_SPEC={0x8, 0xc, 0x0, 0x0, [@AF_BRIDGE={0x4}]}]}, 0x28}}, 0x0) [ 3072.985980][T21387] bridge0: port 1(bridge_slave_0) entered blocking state [ 3072.994498][T21387] bridge0: port 1(bridge_slave_0) entered forwarding state 00:48:32 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000680)='TIPC\x00') sendmsg$TIPC_CMD_SET_NODE_ADDR(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x24, r1, 0x1, 0x0, 0x0, {{}, {}, {0x8}}}, 0x24}}, 0x0) 00:48:32 executing program 2: r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f00000031c0)={0x0, 0x8, &(0x7f0000003180)={&(0x7f0000000040)={0x38, 0x1403, 0x1, 0x0, 0x0, "", [{{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'netdevsim0\x00'}}]}, 0x38}}, 0x0) 00:48:32 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r1) getsockopt$EBT_SO_GET_INIT_ENTRIES(r0, 0x0, 0x83, 0x0, &(0x7f0000000040)) 00:48:32 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000180)=[{&(0x7f0000000040)="0201bfffffff0a000000ff45ac0000ffffff820008000000000000000000000000007e000000e1000000887700720030070063000fffff000000008000da55aa", 0x40, 0x1c0}]) 00:48:32 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00009e3ff6)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00005befdc)={0x0, 0x0, 0x0, 0x0, 0x0, "0000aa000000000037ce000000009dd736e700"}) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x7) ioctl$TCSETAW(r1, 0x8924, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, "b5918da3605efe06"}) 00:48:32 executing program 4: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r0, 0x84, 0x8, &(0x7f00000002c0)=0x3, 0x4) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1a0f0, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 3078.750286][T21609] rdma_rxe: already configured on netdevsim0 00:48:32 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae03, 0xa3) 00:48:33 executing program 0: pipe(&(0x7f0000000140)={0xffffffffffffffff}) r1 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) write(0xffffffffffffffff, &(0x7f00000001c0), 0xfffffef3) socket$inet6_tcp(0xa, 0x1, 0x0) perf_event_open(&(0x7f00000003c0)={0x2, 0x70, 0xb8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff, 0x0, 0xd6be}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528ac06}], 0x1, 0x0) write$FUSE_POLL(0xffffffffffffffff, 0x0, 0x0) 00:48:33 executing program 1: r0 = socket$kcm(0xa, 0x2, 0x73) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='syz_tun\x00', 0x10) bind(r0, &(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @local}, 0x80) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58) r1 = socket$kcm(0xa, 0x2, 0x73) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000180)='syz_tun\x00', 0x10) bind(r1, &(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @local}, 0x80) 00:48:33 executing program 4: r0 = socket$inet(0x2, 0x3, 0x2) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f00000001c0)=0xf17, 0x4) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000040), 0x10) recvmmsg(r0, &(0x7f0000002cc0)=[{{&(0x7f0000000080)=@phonet, 0x0, &(0x7f0000000300)=[{&(0x7f0000000100)=""/168}, {&(0x7f0000000200)=""/235}, {&(0x7f0000000000)=""/40}], 0x0, &(0x7f0000000340)=""/235}}, {{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000440)=""/95}, {&(0x7f00000007c0)=""/4096}], 0x0, &(0x7f0000000500)=""/94}}, {{&(0x7f0000000580)=@can, 0x0, &(0x7f0000000700)=[{&(0x7f0000000600)=""/240}, {&(0x7f00000017c0)=""/214}, {&(0x7f00000018c0)=""/169}, {&(0x7f0000001980)=""/151}, {&(0x7f0000001a40)=""/4096}], 0x0, &(0x7f0000002a40)}}, {{&(0x7f0000002a80)=@x25={0x9, @remote}, 0x0, &(0x7f0000002b80)=[{&(0x7f0000002b00)=""/93}], 0x0, &(0x7f0000002bc0)=""/249}}], 0x1, 0x0, 0x0) 00:48:33 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'netdevsim0\x00', &(0x7f0000000100)=@ethtool_cmd={0xb}}) 00:48:33 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_inet_SIOCDARP(r0, 0x8955, &(0x7f0000000500)={{0x2, 0x0, @local}, {0x0, @remote}, 0x28, {}, 'bond0\x00'}) 00:48:39 executing program 3: syz_mount_image$tmpfs(&(0x7f0000000180)='tmpfs\x00', &(0x7f00000001c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={[{@mpol={'mpol', 0x3d, {'bind', '', @val={0x3a, [0x30]}}}}]}) 00:48:39 executing program 0: r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000100)=@ipv4_delrule={0x1c, 0x21, 0x101}, 0x1c}}, 0x0) 00:48:39 executing program 2: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x841, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000040)=0x2) ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000080)) ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000a00)=0x6) 00:48:39 executing program 1: r0 = socket$inet_smc(0x2b, 0x1, 0x0) getpeername$inet(r0, 0x0, 0x0) 00:48:39 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)={{0x14}, [@NFT_MSG_DELFLOWTABLE={0x2c, 0x18, 0xa, 0x3, 0x0, 0x0, {}, [@NFTA_FLOWTABLE_HANDLE={0xc}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x54}}, 0x0) 00:48:39 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x2, 0xffffff8e}, [@NDA_LLADDR={0xa, 0x2, @random="0004000200"}]}, 0x28}}, 0x0) [ 3086.052046][T22056] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT 00:48:40 executing program 0: r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000100)=@ipv4_delrule={0x1c, 0x21, 0x101}, 0x1c}}, 0x0) 00:48:40 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4) setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}, 0x0, 0x9, 0x1, 0x0, "00000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000714000"}, 0x1ab) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='batadv0\x00', 0xc) connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x4000000000013, &(0x7f0000000400), 0x4) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000240)=0x1, 0x4) ioctl$int_in(r0, 0x5421, &(0x7f0000000100)=0xffffffff7fffffff) sendto$unix(r0, &(0x7f0000000040), 0xffffffb8, 0x4004800, 0x0, 0x0) 00:48:40 executing program 4: r0 = syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_WRITEN_FRAMES(r0, 0x4148, 0x0) 00:48:40 executing program 2: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x5, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x179, 0x10}]}, &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:48:40 executing program 0: r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000100)=@ipv4_delrule={0x1c, 0x21, 0x101}, 0x1c}}, 0x0) 00:48:40 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x0, 0x0, @rand_addr="5ac1b61024bb998277c9d8af29fdcb47"}, 0x1c) 00:48:46 executing program 0: r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000100)=@ipv4_delrule={0x1c, 0x21, 0x101}, 0x1c}}, 0x0) 00:48:46 executing program 4: syz_open_dev$dri(&(0x7f00000001c0)='/dev/dri/card#\x00', 0x0, 0x0) r0 = syz_open_dev$video(&(0x7f0000000340)='/dev/video#\x00', 0x7, 0x0) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc0f8565c, &(0x7f0000000100)={0x0, 0x6e543734, 0x4, {0x9}}) 00:48:46 executing program 2: bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000b40)=ANY=[@ANYBLOB="b700000001ed0000bca30000000000000703000028feffff720af0fff8ffffff71a4f0ff000000004704000000ffffffce400300000000005504000001ed00007c000000000000006c44000000000000630a00fe000000001f00000000000000b7000000000000009500000000000000023bc065b7a379d17cf9333379fc9e94af69912435f1b6a693002e7f3be361917adef6ee1c8a2b4f8ef1e50becb19bc461e91a7168c5181554a090f32050e436fe275daf51efd601b6bf01c8e8b1b5e4fef3bef70548aed0d600c095199fe3ff3128e599b0eaebbdbd7359a48f5b0afc64ee4d3b7611d97b2af503adc20e5d1f626cb7798b3e6440c0ffffffffffffff6b1d4fd67c90cdc710e4cdbf4fc41fbba4f94329e646b8ee6de2109fbe4ef154400e2438ec649dc74a1a610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda8a3658d42ecbf28bf7076c15b463b7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008c89a5923906f88b53987f013c12dc78b83142a06c128b5f88d28e59d2409cd367e0c33d39000d06ad99edc3a6138d5fcfba53f8d0c67ffaa6236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6eb1945a6c966df01000000f523d228a40f9411fe7226a4040996e37c4f46756d3bcd507ed3dddf79f6cd3b8537d89431bd20f146ac1800d7982148681042fc3198ebca5ea67e07e0774392a0a158dd2b3f21cf23397e724419"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x170}, 0x48) 00:48:46 executing program 1: sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x5) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) recvmsg(r0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3e8}, 0x0) write$binfmt_elf64(r0, &(0x7f0000000b40)=ANY=[@ANYRESHEX], 0x12) 00:48:46 executing program 5: mremap(&(0x7f0000005000/0x2000)=nil, 0xdfffc000, 0x2000, 0x3, &(0x7f0000002000/0x2000)=nil) 00:48:46 executing program 3: syz_mount_image$tmpfs(&(0x7f0000000180)='tmpfs\x00', &(0x7f00000001c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={[{@mpol={'mpol', 0x3d, {'bind', '', @val={0x3a, [0x30]}}}}]}) 00:48:46 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @ipv4={[], [], @empty}}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e21, 0x0, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x38}}}, 0x1c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x4000000, 0x0, 0xb3550aa4ba878254}, 0x9c) 00:48:46 executing program 4: r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r1, 0x407, 0x200006) splice(r0, 0x0, r1, 0x0, 0x55aa40be, 0x0) 00:48:46 executing program 1: sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x5) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) recvmsg(r0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3e8}, 0x0) write$binfmt_elf64(r0, &(0x7f0000000b40)=ANY=[@ANYRESHEX], 0x12) 00:48:47 executing program 0: r0 = socket$inet6_dccp(0xa, 0x6, 0x0) setsockopt$inet6_MRT6_ADD_MFC_PROXY(r0, 0x10d, 0x2, &(0x7f0000000000)={{0xa, 0x0, 0x0, @local}, {0xa, 0x0, 0xffffffff, @rand_addr="404b394ead834987245ede589cbf4e92"}}, 0x5c) 00:48:47 executing program 1: sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x5) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) recvmsg(r0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3e8}, 0x0) write$binfmt_elf64(r0, &(0x7f0000000b40)=ANY=[@ANYRESHEX], 0x12) 00:48:47 executing program 2: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/vmstat\x00', 0x0, 0x0) lseek(r0, 0x69a, 0x0) 00:48:47 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x3, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="180200000000000000000000000000008500000063000000950000000000000019c0a044ae18"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:48:47 executing program 4: perf_event_open(&(0x7f0000000180)={0x1000000002, 0x70, 0x800000000000013, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, @perf_bp={0x0, 0x4}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$EXT4_IOC_MIGRATE(0xffffffffffffffff, 0x6609) fstat(0xffffffffffffffff, 0x0) mount$fuseblk(0x0, 0x0, 0x0, 0x0, 0x0) write$P9_RRENAME(0xffffffffffffffff, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) add_key$keyring(&(0x7f0000000280)='keyring\x00', 0x0, 0x0, 0x0, 0xffffffffffffffff) r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000040)=0xc) keyctl$get_persistent(0x3, r1, 0x0) request_key(&(0x7f00000002c0)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000280)='user}eth1\x00', 0x0) 00:48:47 executing program 1: sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x5) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) recvmsg(r0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3e8}, 0x0) write$binfmt_elf64(r0, &(0x7f0000000b40)=ANY=[@ANYRESHEX], 0x12) 00:48:47 executing program 2: keyctl$instantiate_iov(0x14, 0x0, &(0x7f0000000880)=[{&(0x7f0000000900)="34ef3342dcbcb251143d9b8012eff6cd08552436997807550441eaf4eacffbb563859045ce9b7493b0cfd4ae021e0061ef88b44d054bcfac26088bb3bfcd1bf0feac5dc202b17f10f842fe9013f98b64d4bfb95456ccb21f791457855564d118ef372c389a815fb8d93dbcc7c83b4d60f90bacc5", 0x74}, {&(0x7f0000000100)="7962c0bdc5de27ecb67785cbb38104e33f46a89bce703fd947ea1cad36d37e7913275fba469c12778045", 0xffffffffffffffa4}, {&(0x7f0000000600)="6bd8e69c3268c9f08d9d8c25371ff33a83e92557068df2d5d07f37a8d6336aec39190a6894622b406b5bdbf2dc68faf721353b9fe58c98fbf9b2c74862a578e51eea41b1924ed9378081a4153ba934e2db6b8e79c8239a5fcbf08b22fc50117fe064e64729619da9168d4fab49a67d7b816423297d62886a02f3f773602130d242daa8e3e26dedca3819a90f4172d292bedd441488e214dfee0a8d38e7b90716ba728ada23f83a546206a327d25c57311a7be6ac3f67605713af484b00e24f348b9a634eae2631b6d7ab192822a8fdcff400769c9480740742051afde5f24350c7fe29e269c04fbee030f1624bdbf079ff08038aefb0e074ffa2ba0ef9c3ef40ea9858972cd494642f786b4580657d3a806317a517920b050249e0d2bb248674acfde449a2feca48f95fdb6b7e27004d274143e0c00aab6a69e9c6cdec316d3576319649279490af7278753837b926435551fa078ac27d543918fd80ea8091193042dbb15a8ad5344c2131bbc27c1cb09300c2cc31f97b84820c170400"/400, 0xbb}, {&(0x7f0000000300)="c3f6a6e27fd82c51401db65677088584a01a3d040ffec3b6b3d67365d619af12e87bafa01322b6b91d292b73a0cb07124173483c9dacc2304cd14c00402b7175bb11791a2a3b3f4feb0c635375a48f573d36e320b2b50f9648311c06c72195981c84f0c35b2ae8152f5ba0ccabe18ba55f002e3d355dc6d9c5a44312874770324607bc0105a4196e2117c1cf730255648d08d0b2bc21d268b97f7abf894637b6eba6b1d09e2b5636bec24f70183cc5e54ce4caa9bd85519215", 0xb9}, {&(0x7f00000003c0)="871f519f04c91031d397d0fa57034aea794a6f426b8467b26b33cfa2f49256fd58b8dd9e62ddaa8409fdb88a985d18822ab1647940550150dede6cc822ccbf49f43c8dd22017101558b7646edc6921f1", 0x50}, {&(0x7f00000007c0)="99123eeccc60996b205310867cf2ba5b024be48baaaf9f66f78cb8e9bbd0bbcbd71b8c5f9e99d4cb903e2bdc145c95259f9647f4cb6f438094553e66c36d0ce7cad5489a7bb4554cc31cf70c98d7fab929b90a804f2d82b07ff5ad54cf07908805e87a9791927f131b69805a04b52c34b018943d20738b6faff32f4f60f6e54e9efdaf81d81a0622030b2890"}], 0x10000000000000c7, 0x0) 00:48:48 executing program 5: pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$alg(0x26, 0x5, 0x0) close(r2) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000940)={0x26, 'hash\x00', 0x0, 0x0, 'vmac64(aes-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000000)="cb56b6cc0407008b65d8b4ac2ca35c66", 0x10) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r4, 0x0) r5 = accept4$alg(r2, 0x0, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f0000000040)=ANY=[], 0xfffffdea) splice(r0, 0x0, r5, 0x0, 0x2000000000a, 0x0) 00:48:52 executing program 3: syz_mount_image$tmpfs(&(0x7f0000000180)='tmpfs\x00', &(0x7f00000001c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={[{@mpol={'mpol', 0x3d, {'bind', '', @val={0x3a, [0x30]}}}}]}) 00:48:52 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x1b1, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYBLOB="18000000230047faffffff000000000004faff0204001000b10cabb9207ac3d78578125082f4fcc477cb57f5650731dfaf12ea77ad43cb08000000a9fdd6c1610c621c85fe3e348527b05e5d71460af16b42bede5105ec4fde821ef57e8d4306f47f6ea4a656379a221558fa14efab3bbee0"], 0x18}}, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close(r0) 00:48:52 executing program 0: r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000007580)='batadv\x00') r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000400)={'batadv0\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000640)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="0f0000000000000000000f100000050030000024000008000300", @ANYRES32=r2, @ANYBLOB="33000000000008003a00ce02000025003700000000000000"], 0x3c}}, 0x0) 00:48:52 executing program 1: r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/checkreqprot\x00', 0x200000, 0x0) connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev}, 0x2}}, 0x2e) 00:48:52 executing program 4: perf_event_open(&(0x7f0000000180)={0x1000000002, 0x70, 0x800000000000013, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, @perf_bp={0x0, 0x4}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$EXT4_IOC_MIGRATE(0xffffffffffffffff, 0x6609) fstat(0xffffffffffffffff, 0x0) mount$fuseblk(0x0, 0x0, 0x0, 0x0, 0x0) write$P9_RRENAME(0xffffffffffffffff, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) add_key$keyring(&(0x7f0000000280)='keyring\x00', 0x0, 0x0, 0x0, 0xffffffffffffffff) r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000040)=0xc) keyctl$get_persistent(0x3, r1, 0x0) request_key(&(0x7f00000002c0)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000280)='user}eth1\x00', 0x0) 00:48:52 executing program 5: pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$alg(0x26, 0x5, 0x0) close(r2) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000940)={0x26, 'hash\x00', 0x0, 0x0, 'vmac64(aes-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000000)="cb56b6cc0407008b65d8b4ac2ca35c66", 0x10) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r4, 0x0) r5 = accept4$alg(r2, 0x0, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f0000000040)=ANY=[], 0xfffffdea) splice(r0, 0x0, r5, 0x0, 0x2000000000a, 0x0) [ 3099.081146][T22857] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. 00:48:53 executing program 1: r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/checkreqprot\x00', 0x200000, 0x0) connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev}, 0x2}}, 0x2e) 00:48:53 executing program 4: perf_event_open(&(0x7f0000000180)={0x1000000002, 0x70, 0x800000000000013, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, @perf_bp={0x0, 0x4}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$EXT4_IOC_MIGRATE(0xffffffffffffffff, 0x6609) fstat(0xffffffffffffffff, 0x0) mount$fuseblk(0x0, 0x0, 0x0, 0x0, 0x0) write$P9_RRENAME(0xffffffffffffffff, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) add_key$keyring(&(0x7f0000000280)='keyring\x00', 0x0, 0x0, 0x0, 0xffffffffffffffff) r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000040)=0xc) keyctl$get_persistent(0x3, r1, 0x0) request_key(&(0x7f00000002c0)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000280)='user}eth1\x00', 0x0) 00:48:53 executing program 0: r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000007580)='batadv\x00') r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000400)={'batadv0\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000640)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="0f0000000000000000000f100000050030000024000008000300", @ANYRES32=r2, @ANYBLOB="33000000000008003a00ce02000025003700000000000000"], 0x3c}}, 0x0) 00:48:53 executing program 1: r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/checkreqprot\x00', 0x200000, 0x0) connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev}, 0x2}}, 0x2e) [ 3099.671026][T23072] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. 00:48:53 executing program 4: perf_event_open(&(0x7f0000000180)={0x1000000002, 0x70, 0x800000000000013, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, @perf_bp={0x0, 0x4}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$EXT4_IOC_MIGRATE(0xffffffffffffffff, 0x6609) fstat(0xffffffffffffffff, 0x0) mount$fuseblk(0x0, 0x0, 0x0, 0x0, 0x0) write$P9_RRENAME(0xffffffffffffffff, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) add_key$keyring(&(0x7f0000000280)='keyring\x00', 0x0, 0x0, 0x0, 0xffffffffffffffff) r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000040)=0xc) keyctl$get_persistent(0x3, r1, 0x0) request_key(&(0x7f00000002c0)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000280)='user}eth1\x00', 0x0) 00:48:53 executing program 0: r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000007580)='batadv\x00') r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000400)={'batadv0\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000640)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="0f0000000000000000000f100000050030000024000008000300", @ANYRES32=r2, @ANYBLOB="33000000000008003a00ce02000025003700000000000000"], 0x3c}}, 0x0) [ 3100.020147][T23082] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. 00:48:59 executing program 1: r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/checkreqprot\x00', 0x200000, 0x0) connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev}, 0x2}}, 0x2e) 00:48:59 executing program 5: pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$alg(0x26, 0x5, 0x0) close(r2) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000940)={0x26, 'hash\x00', 0x0, 0x0, 'vmac64(aes-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000000)="cb56b6cc0407008b65d8b4ac2ca35c66", 0x10) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r4, 0x0) r5 = accept4$alg(r2, 0x0, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f0000000040)=ANY=[], 0xfffffdea) splice(r0, 0x0, r5, 0x0, 0x2000000000a, 0x0) 00:48:59 executing program 4: pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$alg(0x26, 0x5, 0x0) close(r2) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000940)={0x26, 'hash\x00', 0x0, 0x0, 'vmac64(aes-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000000)="cb56b6cc0407008b65d8b4ac2ca35c66", 0x10) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r4, 0x0) r5 = accept4$alg(r2, 0x0, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f0000000040)=ANY=[], 0xfffffdea) splice(r0, 0x0, r5, 0x0, 0x2000000000a, 0x0) 00:48:59 executing program 0: r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000007580)='batadv\x00') r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000400)={'batadv0\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000640)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="0f0000000000000000000f100000050030000024000008000300", @ANYRES32=r2, @ANYBLOB="33000000000008003a00ce02000025003700000000000000"], 0x3c}}, 0x0) 00:48:59 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x1b1, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYBLOB="18000000230047faffffff000000000004faff0204001000b10cabb9207ac3d78578125082f4fcc477cb57f5650731dfaf12ea77ad43cb08000000a9fdd6c1610c621c85fe3e348527b05e5d71460af16b42bede5105ec4fde821ef57e8d4306f47f6ea4a656379a221558fa14efab3bbee0"], 0x18}}, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close(r0) 00:48:59 executing program 3: syz_mount_image$tmpfs(&(0x7f0000000180)='tmpfs\x00', &(0x7f00000001c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={[{@mpol={'mpol', 0x3d, {'bind', '', @val={0x3a, [0x30]}}}}]}) [ 3105.719430][T23097] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. 00:48:59 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup2(r3, r2) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) ioctl$VHOST_NET_SET_BACKEND(0xffffffffffffffff, 0x4008af30, &(0x7f00000003c0)={0x3}) getsockname$packet(r1, &(0x7f0000000280)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x3, &(0x7f0000000400)={&(0x7f0000000340)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2270d}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvlan={{0xc, 0x1, 'macvlan\x00'}, {0x4}}}, @IFLA_ADDRESS={0xa, 0x5, @empty=[0x4]}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x48}}, 0x0) 00:49:00 executing program 0: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) read$dsp(r0, &(0x7f0000001200)=""/4083, 0xff3) ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000040)) r1 = socket$inet(0x2, 0x3, 0x9) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r1, 0x0) 00:49:00 executing program 4: pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$alg(0x26, 0x5, 0x0) close(r2) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000940)={0x26, 'hash\x00', 0x0, 0x0, 'vmac64(aes-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000000)="cb56b6cc0407008b65d8b4ac2ca35c66", 0x10) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r4, 0x0) r5 = accept4$alg(r2, 0x0, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f0000000040)=ANY=[], 0xfffffdea) splice(r0, 0x0, r5, 0x0, 0x2000000000a, 0x0) 00:49:00 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x1b1, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYBLOB="18000000230047faffffff000000000004faff0204001000b10cabb9207ac3d78578125082f4fcc477cb57f5650731dfaf12ea77ad43cb08000000a9fdd6c1610c621c85fe3e348527b05e5d71460af16b42bede5105ec4fde821ef57e8d4306f47f6ea4a656379a221558fa14efab3bbee0"], 0x18}}, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close(r0) [ 3106.145155][ T32] audit: type=1400 audit(1583542140.199:504): avc: denied { map } for pid=23108 comm="syz-executor.0" path="socket:[667900]" dev="sockfs" ino=667900 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=rawip_socket permissive=1 [ 3106.171854][T23110] netlink: 'syz-executor.1': attribute type 5 has an invalid length. [ 3106.190637][T23110] device gretap0 entered promiscuous mode [ 3106.196941][T23110] device macvlan2 entered promiscuous mode [ 3106.329248][T23110] device gretap0 left promiscuous mode 00:49:00 executing program 4: pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$alg(0x26, 0x5, 0x0) close(r2) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000940)={0x26, 'hash\x00', 0x0, 0x0, 'vmac64(aes-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000000)="cb56b6cc0407008b65d8b4ac2ca35c66", 0x10) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r4, 0x0) r5 = accept4$alg(r2, 0x0, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f0000000040)=ANY=[], 0xfffffdea) splice(r0, 0x0, r5, 0x0, 0x2000000000a, 0x0) 00:49:00 executing program 0: r0 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$IPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x43, &(0x7f0000000000)={'ah\x00'}, &(0x7f0000000080)=0x1e) 00:49:00 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x6e) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x2a9, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="000000000000000028001200090001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="0000b20000000000"], 0x48}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xc, &(0x7f0000000140)={&(0x7f0000000300)=@newlink={0x34, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bond={{0x9, 0x1, 'bond\x00'}, {0x4}}}]}, 0x34}}, 0x0) [ 3107.010884][T23333] bond6 (uninitialized): Released all slaves 00:49:06 executing program 1: r0 = fsopen(&(0x7f0000000000)='tracefs\x00', 0x0) r1 = socket(0xa, 0x80001, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000b34ff8)={0x0, 0x0}, &(0x7f0000b34ffc)=0xc) setuid(r2) fsconfig$FSCONFIG_SET_FLAG(r0, 0x6, 0x0, 0x0, 0x0) 00:49:06 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) r1 = dup2(r0, r0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r1, 0x0) 00:49:06 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) bind$bt_l2cap(r0, &(0x7f00000000c0)={0x1f, 0x0, @any, 0x0, 0xe79f43bb8db7c38f}, 0xe) 00:49:06 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x1b1, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYBLOB="18000000230047faffffff000000000004faff0204001000b10cabb9207ac3d78578125082f4fcc477cb57f5650731dfaf12ea77ad43cb08000000a9fdd6c1610c621c85fe3e348527b05e5d71460af16b42bede5105ec4fde821ef57e8d4306f47f6ea4a656379a221558fa14efab3bbee0"], 0x18}}, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close(r0) 00:49:06 executing program 5: pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$alg(0x26, 0x5, 0x0) close(r2) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000940)={0x26, 'hash\x00', 0x0, 0x0, 'vmac64(aes-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000000)="cb56b6cc0407008b65d8b4ac2ca35c66", 0x10) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r4, 0x0) r5 = accept4$alg(r2, 0x0, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f0000000040)=ANY=[], 0xfffffdea) splice(r0, 0x0, r5, 0x0, 0x2000000000a, 0x0) 00:49:06 executing program 3: r0 = memfd_create(&(0x7f0000000340)='-B\xd5NI\xc5j\xbappp\xf0\b\x84\xa2m\x00:)\x00\xbb\x8d\xac\xacva}knh#\xcb)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8bCc\xad\x89\x9ck\xde\xc5\xe96\xddU\xa9=\xcdJx\xaa\x8f~\xb90a\xa9\xb2\x04K\x98\x93?\x88Q\xf7\xd6\x1d\xa1\xce\x8b\x19\xea\xef\xe3\xab\xb6\xa5$4\xd6\xfe7\x0f\xe7\xd9$\xce \xabN\xae\xc9\xbd\xd3g@\xe1\'s\x0e\x90\xf2\xcdr\xb8(', 0x0) write(r0, &(0x7f00000003c0)='1', 0x1) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000000)={0x0, 0x0}) 00:49:06 executing program 4: clone(0x1fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$netlink(0x10, 0x3, 0x5) 00:49:06 executing program 1: r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e0000002c008105e00f80ecdb4cb9f207c804b03500000010ec0507d400000000000005000500c50083b8000000", 0x2d6}], 0x1}, 0x0) 00:49:06 executing program 0: r0 = socket$inet(0xa, 0x801, 0x0) listen(r0, 0x0) poll(&(0x7f0000000400)=[{r0}], 0x1, 0x0) [ 3112.717701][T23771] netlink: 10 bytes leftover after parsing attributes in process `syz-executor.1'. 00:49:06 executing program 1: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000000)={@my=0x0}) r1 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r1, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x0}, 0x10) pipe(&(0x7f0000000300)={0xffffffffffffffff}) dup3(r2, r0, 0x0) shutdown(r1, 0x0) 00:49:06 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0}, &(0x7f0000000200)=0x7) setreuid(0x0, r1) 00:49:07 executing program 2: syz_emit_ethernet(0xb6, &(0x7f0000000440)={@broadcast, @empty, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "a0f009", 0x80, 0x3a, 0xff, @local={0xfe, 0x80, [0x2, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd]}, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, [{0x0, 0xb, "a78ce540cd4f791153d5dea6b259fe8000000000000023493b87aa0568f00b1c71a8242373244ad2439adc07df0a69748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c11b37adac15084dbaf736b41e5a81803"}, {0x0, 0x2, "84f0da52ef2457131396805037f55924f4dffba7"}]}}}}}}, 0x0) 00:49:07 executing program 0: r0 = socket$l2tp(0x2, 0x2, 0x73) setsockopt$inet_opts(r0, 0x0, 0x19, &(0x7f0000000080)='\x00', 0x1) 00:49:07 executing program 4: sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x6) futex(&(0x7f000000cffc)=0x1, 0x180, 0x1, 0x0, 0x0, 0x0) futex(&(0x7f000000cffc), 0x81, 0x0, 0x0, 0x0, 0x0) 00:49:07 executing program 2: creat(&(0x7f0000000000)='./bus\x00', 0x0) mount$fuseblk(&(0x7f0000000400)='/dev/loop0\x00', &(0x7f0000000440)='./bus\x00', 0x0, 0x9000, 0x0) r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x1ff, &(0x7f0000000240)=0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x25}]) 00:49:07 executing program 0: r0 = socket$l2tp(0x2, 0x2, 0x73) setsockopt$inet_opts(r0, 0x0, 0x19, &(0x7f0000000080)='\x00', 0x1) 00:49:07 executing program 5: r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x20000, 0x1000}, 0x18) setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000040)=0x100, 0x4) r1 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000180)="39000000140081ae101b43727002215a2ce76b1a42003c000500018311001f9f660fcf065b85acb612f691f3bd3508abca1be6eeb89c44ebb3", 0x39}], 0x1}, 0x0) 00:49:13 executing program 3: setsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000140)="e1", 0x1) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0xfea7) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_opts(r1, 0x0, 0xc, &(0x7f0000000100)='N', 0x1) getsockopt$inet_opts(r1, 0x0, 0x400000000000009, &(0x7f0000937fed)=""/16, &(0x7f0000000080)=0x10) 00:49:13 executing program 4: r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000040), 0x8, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000000c0)) r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000040), 0x8, 0x0) signalfd(r2, &(0x7f0000000080), 0x8) r3 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000000)) 00:49:13 executing program 0: r0 = socket$l2tp(0x2, 0x2, 0x73) setsockopt$inet_opts(r0, 0x0, 0x19, &(0x7f0000000080)='\x00', 0x1) 00:49:13 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05140000000000000000010000000900010073797a3000000000e8000000160a01000000000000000000010000000900010073797a30000000000900020073797a3200000000bc000380180003801400010069705f7674693000000000000000000008000240ffffffff0800014001006261746164763000000000000000000014000100767863616e3100000000000000000000140001006d616373656330000000000000000000140001006970365f7674693000000000000000001400010062617461647630000000000000000000140001006970366772653000000000000000000014000100626f6e645f736c6176655f3000000000140000001100010000000000000000000000000a00"/304], 0x130}}, 0x0) 00:49:13 executing program 1: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000000)={@my=0x0}) r1 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r1, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x0}, 0x10) pipe(&(0x7f0000000300)={0xffffffffffffffff}) dup3(r2, r0, 0x0) shutdown(r1, 0x0) 00:49:13 executing program 5: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000000)={@my=0x0}) r1 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r1, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x0}, 0x10) pipe(&(0x7f0000000300)={0xffffffffffffffff}) dup3(r2, r0, 0x0) shutdown(r1, 0x0) 00:49:14 executing program 0: r0 = socket$l2tp(0x2, 0x2, 0x73) setsockopt$inet_opts(r0, 0x0, 0x19, &(0x7f0000000080)='\x00', 0x1) [ 3119.981848][T24462] netlink: 144 bytes leftover after parsing attributes in process `syz-executor.2'. 00:49:14 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_COMPAT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x2c, 0x0, 0xb, 0x1, 0x0, 0x0, {0xa}, [@NFTA_COMPAT_NAME={0x5, 0x1, '\x00'}, @NFTA_COMPAT_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_COMPAT_REV={0x8, 0x2, 0x1, 0x0, 0x4}]}, 0x2c}}, 0x0) 00:49:14 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newlink={0x3c, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb, 0x1, 'bridge\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_STATS_ENABLED={0x5, 0x29, 0x2}]}}}]}, 0x3c}}, 0x0) 00:49:14 executing program 4: perf_event_open(&(0x7f00000003c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x23}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = memfd_create(&(0x7f00000000c0)='queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000200)='/dev/snd/seq\x00', 0x0, 0x1) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000140)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r2, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @connect}], 0xfcc8) 00:49:14 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="280000000406011265ba02a01e015500000000000900020073797a31000011000500010006000000"], 0x28}}, 0x0) 00:49:14 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newlink={0x3c, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb, 0x1, 'bridge\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_STATS_ENABLED={0x5, 0x29, 0x2}]}}}]}, 0x3c}}, 0x0) 00:49:19 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f00000028c0)=[{{&(0x7f00000004c0)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x80, 0x0}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000400)='net/if_inet6\x00') preadv(r0, &(0x7f00000017c0), 0x315, 0x4800) 00:49:19 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="280000000406011265ba02a01e015500000000000900020073797a31000011000500010006000000"], 0x28}}, 0x0) 00:49:19 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newlink={0x3c, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb, 0x1, 'bridge\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_STATS_ENABLED={0x5, 0x29, 0x2}]}}}]}, 0x3c}}, 0x0) 00:49:19 executing program 4: perf_event_open(&(0x7f00000003c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x23}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = memfd_create(&(0x7f00000000c0)='queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000200)='/dev/snd/seq\x00', 0x0, 0x1) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000140)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r2, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @connect}], 0xfcc8) 00:49:19 executing program 5: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000000)={@my=0x0}) r1 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r1, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x0}, 0x10) pipe(&(0x7f0000000300)={0xffffffffffffffff}) dup3(r2, r0, 0x0) shutdown(r1, 0x0) 00:49:19 executing program 1: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000000)={@my=0x0}) r1 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r1, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x0}, 0x10) pipe(&(0x7f0000000300)={0xffffffffffffffff}) dup3(r2, r0, 0x0) shutdown(r1, 0x0) 00:49:19 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="280000000406011265ba02a01e015500000000000900020073797a31000011000500010006000000"], 0x28}}, 0x0) 00:49:19 executing program 4: perf_event_open(&(0x7f00000003c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x23}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = memfd_create(&(0x7f00000000c0)='queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000200)='/dev/snd/seq\x00', 0x0, 0x1) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000140)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r2, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @connect}], 0xfcc8) 00:49:19 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="280000000406011265ba02a01e015500000000000900020073797a31000011000500010006000000"], 0x28}}, 0x0) 00:49:19 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newlink={0x3c, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb, 0x1, 'bridge\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_STATS_ENABLED={0x5, 0x29, 0x2}]}}}]}, 0x3c}}, 0x0) 00:49:19 executing program 4: perf_event_open(&(0x7f00000003c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x23}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = memfd_create(&(0x7f00000000c0)='queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000200)='/dev/snd/seq\x00', 0x0, 0x1) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000140)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r2, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @connect}], 0xfcc8) 00:49:19 executing program 0: syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f00000000c0)="020181ffffff0a000000ff45ac0000ffffffa9000800000000000000004000ffffffa9000000e10000008877007200300700bfffffff00000000008000da55aa", 0x40, 0x1c0}]) 00:49:26 executing program 3: pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x100000000011, 0x2, 0x0) bind(r3, &(0x7f00000001c0)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r3, &(0x7f00000000c0)={0x11, 0x0, 0x0}, &(0x7f0000000380)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000002000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c000000660083de00"/20, @ANYRES32=r4], 0x2}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) 00:49:26 executing program 1: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000000)={@my=0x0}) r1 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r1, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x0}, 0x10) pipe(&(0x7f0000000300)={0xffffffffffffffff}) dup3(r2, r0, 0x0) shutdown(r1, 0x0) 00:49:26 executing program 2: pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) write$P9_RVERSION(r1, &(0x7f0000000340)=ANY=[@ANYBLOB="1500000065ffff0180000008003950323030302e75"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x26f) r3 = syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0xc4, 0x1) mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='9p\x00', 0x0, &(0x7f0000001580)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r3}}) open(&(0x7f0000000300)='./file0/file0\x00', 0x0, 0x0) 00:49:26 executing program 5: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000000)={@my=0x0}) r1 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r1, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x0}, 0x10) pipe(&(0x7f0000000300)={0xffffffffffffffff}) dup3(r2, r0, 0x0) shutdown(r1, 0x0) 00:49:26 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x2a9, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="000000000000000028001200090001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="0000b20000000000"], 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000004007a2a30005000000", @ANYRES32=r4, @ANYBLOB="00000000ffffffff000000000900010068667363000000000800020000000000"], 0x38}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000003f80)=@newtfilter={0x50, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {}, {0xa}}, [@filter_kind_options=@f_basic={{0xa, 0x1, 'basic\x00'}, {0x20, 0x2, [@TCA_BASIC_EMATCHES={0x1c, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x5}}, @TCA_EMATCH_TREE_LIST={0x10, 0x2, 0x0, 0x1, [@TCF_EM_META={0xc, 0x1, 0x0, 0x0, {{0x0, 0x2, 0x8}}}]}]}]}}]}, 0x50}}, 0x0) 00:49:26 executing program 4: unshare(0x2a000400) sendmsg$BATADV_CMD_GET_HARDIF(0xffffffffffffffff, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={0x0}}, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='cgroup\x00') preadv(r0, &(0x7f0000000700), 0x31f, 0x0) lseek(r0, 0x0, 0x0) 00:49:27 executing program 2: r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/userio\x00', 0x6, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000040)={0x1, 0x101}, 0x2) write$RDMA_USER_CM_CMD_LEAVE_MCAST(r0, &(0x7f0000000140)={0x7ffffffff000, 0x10, 0xfa00, {&(0x7f00000000c0)}}, 0x2) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x101041, 0x0) 00:49:27 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x420000015001}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @remote}}) write$tun(r0, &(0x7f00000011c0)={@void, @val={0x9}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "9eef7b", 0xf98, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "6595c3", 0x0, 0x0, 0x0, @mcast2, @empty, [@routing={0x29, 0x2, 0x0, 0x0, 0x0, [@empty]}, @routing={0x0, 0x10, 0x0, 0x0, 0x0, [@remote, @rand_addr="ecec0a6b1583f5639eba95188465897c", @rand_addr="4c8040308b18360c66fa754065d58b33", @empty, @initdev={0xfe, 0x88, [], 0x0, 0x0}, @mcast2, @mcast1, @ipv4={[], [], @broadcast}]}, @hopopts={0x0, 0x1c6, [], [@calipso={0x7, 0x40, {0x0, 0xe, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}}, @generic={0x0, 0xded, "0cad4f4a7eeb53720a5107b6d8001a2f2241086745756559ca43dcc86c24645dd1ca87e3caf5413013c6baee7f151d411bad8f23a85fadfe0f959c12d3393193f4499171ba7b0fdee3a48548863719a05490befc514e21c91ea0c4bcc0e488e1cec20d2c2a5a69ce3dd47d41718560907c58078035d2a51850b0d85282b4a9ab5626b195d85d2727ed7047b647859a72011ff3fa524341909f841651f63701526c6a7e741f3bded9c25d978a77f334d12931fdd5484306ec3d6b268311f46917b7e42efa149511bafa5415d17ac02ab8937249a68b2e3fddb941b0040ced142c2afedcbec1039d40f4923ea3d4475ac561a6a0e869569dd13e736bf127eacb110f8d010329fccadf8e48b27819c823ca0f507f87b3d63ef1869cba2fe3deb0ad1dbaa1a343ab0a856f3e248c6af4ddbfc11824031ce2beeae0991b79382da8b02e0d25715845fc86df5a6279d54d675789e58df953992123c28c532058750c5978a819ddaadbcbe1d7fc264cb688b91668e116227771f36e2a8eb8b7bc364dbda1b3225c6bf9d82ae1e69fe54b17ff692f8b47718b508b8a4e10735bcb55f90616e50d6ba8851388d0f1b39957374ddc9efb243ac2a2bc436e867f3e1499e62d9d158ac22d4d0350b45d1ff2db14ff9507defa68bd37bc5a2e4f7988329171dd59db16a044b748fb6e05e3ca8f863b2ddd8623495f0c3d183e1b610263f17d7629921562a42a3c45a515a30a2c3edc574dff264f881f61393447a1fd773a20e494ac3afc0df59da758af735fbd5e6ad689e95675e29c15617764084f5b6f4732435f63ccb423df6442ad322600e21be45296fd27ca9e08ee7f442a688a32817404d9300ce4a70c2b75ca422b2173a52e9a800f5e520f349525b4c493701ae68ae0efc5e117b9a20735e47c37ccd977686b30d6cabb18f8e7c07ef9721f7daaf4b2c1fd02ec9a2e6e2fd458fa93e4f54d96d5e25ebaca4f322994ae737ee0181b9fac284e952b71fa18ecc7f1c3752a6385a596c094d36654008db0a2a785bf55bcb973d3c5e45ea9ca7506c10ecc0472fd4dd568e38548e87f8557d90290d8a8985cfa43853de5ff75d5a6d8f697c2a6a727675ea5aa1779b1cc98b4ff9556933c7bfa3ae59ada5c8d49191cbea2f2b457dd53c62a4dd257e808b3804cd18a95d566a818797fdc09f4b607dc97b634a9d9e447cc2252f51dd8ad9f5a10ccf32b7154992623957d963731bc4331adfc90c48361e4e2239892c82ff9260ad221c2e83c2352095d95a3d44a402e874edaa8a304f2e1c3d6a383a0515eb5657589a67691a22f10b89fd74123f7cec086d434da40ba509b0dbdf1fa82f4b16f9f3e6df6b0b28c3a85ab272e50e064fc37f681fcb5cfa0c0899a9b88d0a483281032cb16a80202b96cfe473ba073fcb9a6eeeee0032afe23506facba3ed1d11608d21a580ab87eeef70d18d9331eae104f6d77a4bc96bce642815485f513bb71ddc560bc31e995aba9faccd7d1bf74c8fe2b5d7137e3b771a2f408ac06d24bad2f7f4c8f6d7d977d7248415ccbd3420688ff681cf9b00724b6981b2555b86bce142c5d3bef47ebf75e989b337cb8cb98ed24402a98a4224685ceb2ded92f347e5192903dff7f6ed980cbf1413b8eb68474a9abac3fb206ef1ebe0d08dd999c9ecf811d0706d0a705a23ae530d3775e978159dc3c73b86dcd18a61e1c6c8b810041fbd80e0a4c9ff8a73933bb3dae152514ced9ee050e059c6f1bd0dbf2e3517ee3c2d770c296e6596290cf800508715da0799efced72be1ab153bec534129279639ba1afde05179952bf9e80133865b60c5669ef3b6972483e2936ac87a69c8e296a0c24cc0b2ce8583c99414ce7d7309c404b0652f27e6911fdfb59877366fa8754e716e50aa99cd04cbf7eb2c8e118b1a17d9965d6611dc65ac8c6b3a4d5d3df3097c4163c354509b50df0cc2daf0291bbd384a34dec960fd84a67cb30b761ee8161bb25d389bd20e15bfcf7f5edd77005e96e90c5a9bbacd7b3f9f5bbdb880f0a7e1254572b86cb28b3c310ba3052d3785b024ed3f3fafabf1393cf2d882b8bacca30d69adc024baede50d9b0bc2ffcd2bf5c6fef2fc290390162b563b8e846d7b615115818623113f01a1c216b9f588b65db63a459bcfce53020debb6de6e746ef2f9f1c8276ba8995e1bd02d3194e9875e1692ea0255743ba2175c4a804f57a4c19a2c7a4f8f36557878deba2d485aa67c2f36ccbb582f3c569e5d00fe8636857f30854abea6758389bcc832d0de97635ea41e42efa0b7c06fd4f84deeaebccfa8852e3c5582ade34fbe462b5244156d4545bd32377c65e3b0303879f8cc8f177056e39f99591dbaf1b2640f9b68c4cf3989fdd442cb1298d62ce43a21c56bc9556eb27431c04ed337fcd37c26387772677c25c7be21ee74d087c7b88457f30b34a493acb519295f38f4b9bc6764fcbd763d4f9e061d0fd8cb7800e2e0ec18d0fbfdbddc9af8d817b3cf16ce82c91f184f5c8184736203e1bcdb4b8c03a2176926cac0ba9fcf7e21604973d53ee3fc38263e80cea9b1cd9a5016d3e03141426a6802e0926485e8afff7cf8be9bdd2ce685128a7631314c4414a6ade6a85975c1b2958d9c52e455174ca71562eaf6102654466c66f5d3e251e6cae5efd91a88a2513f0587d80b9aafd1936b43beb4054bc35f1c42c0381618bbba181f0de8f4e7aa15f87bc7bb4609f88eadbb83bcc13f8caf7eca20a938c35378f8d3a810a7463d8a2487a157871a7402ab05b54bed456fb2d4c440976ccb4e724a20ba1941f3b3db4f8a185982bd719362b7e190052b5579835d1da2adcfdbec002fdb5f7b187fd365eb601432bf984ad6ee59e13aafba08485997587417b70f8cdf4f7370f04d94df49e135ed3012b87e50b93b27c78e1409f05a4bc0b75e6322068de9b0af459fdc40e3649fb2a7fb1296e00e7d48315705ecbb7815fedb45b8773309489e47aaa4009952604df5d6cd57ec310fc387ecdb296c11376715286df3d15f651310461e83c2ae6d407db6f81784b291e6c8f42907dd4c473cb72dedeb930668d6e5efd95bd1f69d9e818a744557689f7106d0d2a3c3e6f79c98559f9c31ca32307011fa3d70963cc2801babc9a23f73f5fa4bcd04285927f6ef7c5099a4620b85ca8dff2a56fe8aac89949dac74cf869739610d87068e3d32fdba1d5b7460b7857249091cb62b6d9f824ffb9b88a02ea4926da7b8b672ad08ec8c7508a3c5ba901e7c8c8a19e63bbc148a8bb307c6f5d87c736c9d6bcfaabdc7da7102a8bc466c6c11c0bf1973aaf9bc181f996b8aa726dc952dd26df33d6b2aa8de037308df7935ef3390e5939fd9cdf2044b40422197fac93f1762ad342d293162c109f39a369e48977af8ea32a7a098fd9cd7cd979b41a104b8359038cd6741a73968c72d09e9b9869d8dc5fc36b9bfdc89b8cffcede960561a9d1e4aa2453f712caecd2a4206947d3588190e3433bdb87a9241e08686dc78f00162f8239d660b74d42ae1d534ffc3a51fc308f98a5ac00f4da9bdcee4e6d0bf627d17366691a3ab8569b730ad31dcc5324c8835b19b65a11845a03434e10329c5feeeb1088b13a3bc3fe65c3eb6e549003d8d211b87823a44910b2a42e340dd2176a17a2e6ebb45cc59baa9a3bbfd74e6ee8d2c512a825292bdd7abe5ff7ede61b74376e5bc37faf8d69316fa32708df690b2d5b5f18727e4bdb899718e38dae959bb56d95ac153beb1426f3cca03105d5fed56e597822bfc31bb284a9848f1b6b9a1910ad2af8b76887cdd2b1de1f81cd542e0c889e89737d61f5e50ef964205a3b4c77c72271f83015e34989d60ef6d0d6c307902975d5dbe90a23ee1cde956cf70135c91a199d9f75500dc95604b9e7eb365ea858d90377601bad95e07a0f156ffc02778365315b67093aebe32a2a5f00ba8b0eae6fb0414eabe117fd590bc39e9208b4137977b5a8610462f2e83cff2b16edcb444b5d33035d0a80bcb1da228247cad6c11369c5026c5a8320d97cbac232b0ecc0b201552e0f41ab143040324217ad67e8606b34a3349e4ef0c34f9cf56d5b6d157c09b178b358491eb270093a99f522afa3aedaf5dc705fe1842b12515dfe1650dd92ab489bed299677eeff81da531569a3ad832ae273a0b47627561a35da92a6c1b161dbf496248f04feb5a407d99968d6ba0174f453d94708be5a57d82b980bd7751b4a9590dc7b4d38c912a8571ebc39150f7e52efad66cb6d3996710bc5a3e89576182a6a1e15d95dbd74c1ab791bee657547ffb645feb8566ed8db97003f1ff2312946a0404c8dfc0f0a240d8320795c83e66f1429eb56db9ba6e1cee43cbc9e95bd10ceccf1f2ff6b8264ed4e83928e0c5056ad07ba0dad0bb21bec76d7b6ee05a2f0bac88f17004e2e299ccb2679099cc838e25f78685509b69d3164c1fae4c538e683af818d223e8806f50da7504008173b9fc69eafb649dc4b516e4554edbe8c9a0ba46db39c962af343e9caada22d55e3d7ad01e5e5d7d146edfc3a93ce8afde8416b8e9a929b8d88909e11554f1b934a98be2d6e6e0ae2ff66f10be722958a0c0c3766f69d590fc56ed8ae47c289413d62310e8022369e8102d0407bfd30c103fb743c81360752a71f36be5a511c43ebdb493d96a7b2eb80494a028f6cc76a2d0eb0aa1f1392bb50a2ba71384f071473d0774e425dd2d212b537f8f654458e0a5d300780c3d29ddcabe9fdd95c14e6cbd924d1aad9eaa2e00d45278609ef27fdec8d81c9221d07b59370db0911550fdddc9ef3ba760109ba384b3ad7ba5747aa50e0b9832bf39cbf5244de38af8c273d497597be8d4e5575d13a580584436621bb5b7878d23991a6221381af19ef2be71e2c7dea6e5fc9dbe0039ccb02d13d978eebdd411727ee7faed65ca6c872bf9c37322ede378709e9f6a61a1b07c7ceeb94b7719d78a8a3d8221695bac11772fa6cedbc9209eeb60edbbeb540f20b252f66f8a8fc7fa311f2976c73edff271335a4b0ea63d7513c2d39c5f76fbc2c"}]}], "4011c6ed3ec831c0a859df4fd6a1cf59a90c42b433580b288a28728fb104cc462f4e92a1a4d50c2d9d75ce8b5ae9b1d6e9a4a79cae905957835e850585441d5cb5c76b06ad60a5a9003ebacf0d40fb6c636fd81af39f9d170ef5af99cd3e3e7ff54f71ca5d83d2b122ebbbc1333a2c811bc4095b572ebbcb83561044b2794ae54b33e99f48eac0eb"}}}}}}, 0xfca) 00:49:27 executing program 4: unshare(0x2a000400) sendmsg$BATADV_CMD_GET_HARDIF(0xffffffffffffffff, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={0x0}}, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='cgroup\x00') preadv(r0, &(0x7f0000000700), 0x31f, 0x0) lseek(r0, 0x0, 0x0) 00:49:27 executing program 4: unshare(0x2a000400) sendmsg$BATADV_CMD_GET_HARDIF(0xffffffffffffffff, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={0x0}}, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='cgroup\x00') preadv(r0, &(0x7f0000000700), 0x31f, 0x0) lseek(r0, 0x0, 0x0) 00:49:27 executing program 0: r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/vhost-net\x00', 0x2, 0x0) write$vhost_msg_v2(r0, &(0x7f00000001c0)={0x2, 0x0, {0x0, 0x0, 0x0}}, 0x48) 00:49:27 executing program 4: unshare(0x2a000400) sendmsg$BATADV_CMD_GET_HARDIF(0xffffffffffffffff, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={0x0}}, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='cgroup\x00') preadv(r0, &(0x7f0000000700), 0x31f, 0x0) lseek(r0, 0x0, 0x0) 00:49:27 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00008a7fe4)={0x5, 0x1, 0x6, 0x28}, 0x1b) bpf$BPF_GET_MAP_INFO(0x3, &(0x7f00002ff000)={r0, 0xfffffffffffffeef, &(0x7f00007dc000)}, 0x181) 00:49:31 executing program 3: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="250000001a000535d25a80648c63940d0124fc60100006400a00b4000200000027153e370a", 0x25}], 0x1}, 0x0) 00:49:31 executing program 0: ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(0xffffffffffffffff, 0x8008ae9d, 0x0) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000140)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4ca]}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000000540)) 00:49:31 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x18, &(0x7f00000002c0)=0x7f, 0x4d) 00:49:31 executing program 1: r0 = socket(0x40000000015, 0x5, 0x0) setsockopt$RDS_CONG_MONITOR(r0, 0x114, 0x6, &(0x7f0000000080)=0x1, 0x4) setsockopt$RDS_CONG_MONITOR(r0, 0x114, 0x6, &(0x7f0000000140)=0x100, 0x4) 00:49:31 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="1b5d509b3135000000075d"], 0xb) write$binfmt_elf64(r0, &(0x7f0000000100)={{0x1b, 0x5b, 0x33, 0x3b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48}, [{}]}, 0x1a6) 00:49:31 executing program 5: r0 = socket(0x22, 0x2, 0x4) accept4$netrom(r0, 0x0, 0x0, 0x0) 00:49:32 executing program 5: r0 = socket(0x100000000011, 0x2, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0xfea1}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c00000010008506000010000000000000000000", @ANYRES32=r3, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006000000"], 0x3c}}, 0x0) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000340)={r3, 0x1, 0x6, @multicast}, 0x10) 00:49:32 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c) syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) pipe(&(0x7f0000000200)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0) 00:49:32 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000600)=ANY=[@ANYBLOB="b700000001edffffbfa30000000000000703000028feffff620af0fff8ffffff61a4f0ff000000002f040000000000001d400300000000006504000001ed000067000000170000000c44000000000000630a00fe000000006e40000000000000c6000000000000009500000000000000023bc065b7a379d17cf9333379fc9e94af69912435f1b6a693002e7f3be361917adef6ee1c8a2b4f8ef1e50b91f32050e436fe275daf51efd601b6482a7d26f44198efefb202ee38788ebf01de00b1b5e4fef3bef70548aed0d600c095199fe3ff3128e599b0eaebbdbd7359a48f5b0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd8dff0c710e4cdbf4fc41fbba4f94329e646b8ee6de2109fbe4b61a615c6c57a2b649dc74a1a610643b08d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda8a3658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d99edc3a6138d5f728d236619074d6ebdf098bc908f50ad228a40f9411fe7226a4040b96e37c4f46756d3572e674047e29faf75ddd1aa96960bca97af13382cb881cc1f62c0f8f8f0e8d76b86f9c45636614786f5a2cb77230a874640dcbe0b20bb77c022d4cabf0d378fce8c5c81b7037181fc2f18f781aaa6e2957d7e38cc1baddcb7ec6667e699f24e41697ee7ea23c4b29a8b6cc9a1f5a7bb2b1ed81d2cf370ee4a2a00ebeb476ea3caae05f13832292cb949b3aab2ab1e042ff2164d80c605532b18ab1c156b97e5889685a96949e4cb4f8f67b8bb8dfff8f4b25243888e8b0020e733a63784ccc214d930cbb7e090d63fcd7071b53ac29df656f8ae6d6e18c1eacf5bf870768d5217e9bb7a05d9e22ce67f1231bd236486727d970acc546087acbf30f2f8165b47ba56dfadd14b306e98931485747292c6fe6e188750cf4f87cce229fd67c7133a9f05954cde298a35ea6d715ba80aee6335eb811a085ca14a7989f9777f600000000000000000000000000000000000000000000000000000000000000000000b854adb4f891ef64e8407c6bdb37f4b0ac"], &(0x7f00000001c0)='GPL\x00'}, 0x48) 00:49:32 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="1b5d509b3135000000075d"], 0xb) write$binfmt_elf64(r0, &(0x7f0000000100)={{0x1b, 0x5b, 0x33, 0x3b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48}, [{}]}, 0x1a6) 00:49:32 executing program 0: r0 = syz_open_dev$sg(&(0x7f0000000080)='/dev/sg#\x00', 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x2284, &(0x7f0000000040)=ANY=[@ANYBLOB="0401"]) 00:49:32 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="1b5d509b3135000000075d"], 0xb) write$binfmt_elf64(r0, &(0x7f0000000100)={{0x1b, 0x5b, 0x33, 0x3b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48}, [{}]}, 0x1a6) [ 3139.077337][T25781] netlink: 'syz-executor.5': attribute type 1 has an invalid length. [ 3139.107943][T25781] 8021q: adding VLAN 0 to HW filter on device bond3 [ 3139.123456][T25781] device bond3 entered promiscuous mode [ 3139.130392][T25780] device bond3 left promiscuous mode 00:49:37 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000680)=@newtaction={0x54, 0x30, 0x135, 0x0, 0x0, {}, [{0x40, 0x1, [@m_simple={0x3c, 0x1, 0x0, 0x0, {{0xb, 0x1, 'simple\x00'}, {0x28, 0x2, 0x0, 0x1, [@TCA_DEF_PARMS={0x18}, @TCA_DEF_DATA={0xb, 0x3, 'batadv\x00'}]}, {0x4}}}]}]}, 0x54}}, 0x0) 00:49:37 executing program 0: syz_mount_image$reiserfs(&(0x7f0000000040)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)={[{@resize_auto='resize=auto'}]}) 00:49:37 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="1b5d509b3135000000075d"], 0xb) write$binfmt_elf64(r0, &(0x7f0000000100)={{0x1b, 0x5b, 0x33, 0x3b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48}, [{}]}, 0x1a6) 00:49:37 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000600)=ANY=[@ANYBLOB="b700000001edffffbfa30000000000000703000028feffff620af0fff8ffffff61a4f0ff000000002f040000000000001d400300000000006504000001ed000067000000170000000c44000000000000630a00fe000000006e40000000000000c6000000000000009500000000000000023bc065b7a379d17cf9333379fc9e94af69912435f1b6a693002e7f3be361917adef6ee1c8a2b4f8ef1e50b91f32050e436fe275daf51efd601b6482a7d26f44198efefb202ee38788ebf01de00b1b5e4fef3bef70548aed0d600c095199fe3ff3128e599b0eaebbdbd7359a48f5b0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd8dff0c710e4cdbf4fc41fbba4f94329e646b8ee6de2109fbe4b61a615c6c57a2b649dc74a1a610643b08d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda8a3658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d99edc3a6138d5f728d236619074d6ebdf098bc908f50ad228a40f9411fe7226a4040b96e37c4f46756d3572e674047e29faf75ddd1aa96960bca97af13382cb881cc1f62c0f8f8f0e8d76b86f9c45636614786f5a2cb77230a874640dcbe0b20bb77c022d4cabf0d378fce8c5c81b7037181fc2f18f781aaa6e2957d7e38cc1baddcb7ec6667e699f24e41697ee7ea23c4b29a8b6cc9a1f5a7bb2b1ed81d2cf370ee4a2a00ebeb476ea3caae05f13832292cb949b3aab2ab1e042ff2164d80c605532b18ab1c156b97e5889685a96949e4cb4f8f67b8bb8dfff8f4b25243888e8b0020e733a63784ccc214d930cbb7e090d63fcd7071b53ac29df656f8ae6d6e18c1eacf5bf870768d5217e9bb7a05d9e22ce67f1231bd236486727d970acc546087acbf30f2f8165b47ba56dfadd14b306e98931485747292c6fe6e188750cf4f87cce229fd67c7133a9f05954cde298a35ea6d715ba80aee6335eb811a085ca14a7989f9777f600000000000000000000000000000000000000000000000000000000000000000000b854adb4f891ef64e8407c6bdb37f4b0ac"], &(0x7f00000001c0)='GPL\x00'}, 0x48) 00:49:37 executing program 5: r0 = socket(0x100000000011, 0x2, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0xfea1}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c00000010008506000010000000000000000000", @ANYRES32=r3, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006000000"], 0x3c}}, 0x0) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000340)={r3, 0x1, 0x6, @multicast}, 0x10) 00:49:37 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c) syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) pipe(&(0x7f0000000200)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0) 00:49:37 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f0000000780)={0x0, 0x6, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x2a9, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="000000000000000028001200090001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="0000b20000000000"], 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000004007a2a30005000000", @ANYRES32=r4, @ANYBLOB="00000000ffffffff000000000900010068667363000000000800020000000000"], 0x38}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000f80)=@newtfilter={0x34, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {}, {0xf}}, [@filter_kind_options=@f_rsvp6={{0xa, 0x1, 'rsvp6\x00'}, {0x3}}]}, 0x34}}, 0x0) 00:49:37 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000600)=ANY=[@ANYBLOB="b700000001edffffbfa30000000000000703000028feffff620af0fff8ffffff61a4f0ff000000002f040000000000001d400300000000006504000001ed000067000000170000000c44000000000000630a00fe000000006e40000000000000c6000000000000009500000000000000023bc065b7a379d17cf9333379fc9e94af69912435f1b6a693002e7f3be361917adef6ee1c8a2b4f8ef1e50b91f32050e436fe275daf51efd601b6482a7d26f44198efefb202ee38788ebf01de00b1b5e4fef3bef70548aed0d600c095199fe3ff3128e599b0eaebbdbd7359a48f5b0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd8dff0c710e4cdbf4fc41fbba4f94329e646b8ee6de2109fbe4b61a615c6c57a2b649dc74a1a610643b08d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda8a3658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d99edc3a6138d5f728d236619074d6ebdf098bc908f50ad228a40f9411fe7226a4040b96e37c4f46756d3572e674047e29faf75ddd1aa96960bca97af13382cb881cc1f62c0f8f8f0e8d76b86f9c45636614786f5a2cb77230a874640dcbe0b20bb77c022d4cabf0d378fce8c5c81b7037181fc2f18f781aaa6e2957d7e38cc1baddcb7ec6667e699f24e41697ee7ea23c4b29a8b6cc9a1f5a7bb2b1ed81d2cf370ee4a2a00ebeb476ea3caae05f13832292cb949b3aab2ab1e042ff2164d80c605532b18ab1c156b97e5889685a96949e4cb4f8f67b8bb8dfff8f4b25243888e8b0020e733a63784ccc214d930cbb7e090d63fcd7071b53ac29df656f8ae6d6e18c1eacf5bf870768d5217e9bb7a05d9e22ce67f1231bd236486727d970acc546087acbf30f2f8165b47ba56dfadd14b306e98931485747292c6fe6e188750cf4f87cce229fd67c7133a9f05954cde298a35ea6d715ba80aee6335eb811a085ca14a7989f9777f600000000000000000000000000000000000000000000000000000000000000000000b854adb4f891ef64e8407c6bdb37f4b0ac"], &(0x7f00000001c0)='GPL\x00'}, 0x48) 00:49:37 executing program 0: getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000000c0)={{{@in6=@mcast2, @in=@initdev}}, {{@in=@broadcast}, 0x0, @in6=@dev}}, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000200)) setuid(0x0) setuid(0x0) r0 = socket(0x10, 0x2, 0xc) write(r0, &(0x7f0000000000)="590200000104fffffd3b54c006110000f305010040000600000000000900cf", 0x259) setuid(0x0) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0) setuid(0x0) socket$inet_tcp(0x2, 0x1, 0x0) setresuid(0x0, 0x0, 0x0) ioctl$TUNSETGROUP(0xffffffffffffffff, 0x400454ce, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) setresuid(0x0, 0x0, 0x0) clone3(0x0, 0x0) rt_sigqueueinfo(0x0, 0x0, 0x0) waitid(0x0, 0x0, &(0x7f0000000100), 0x0, 0x0) setresuid(0x0, 0x0, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setregid(0x0, 0x0) r1 = clone3(0x0, 0x0) rt_sigqueueinfo(0x0, 0x0, 0x0) waitid(0x0, r1, &(0x7f0000000100), 0x0, &(0x7f0000000180)) 00:49:37 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000600)=ANY=[@ANYBLOB="b700000001edffffbfa30000000000000703000028feffff620af0fff8ffffff61a4f0ff000000002f040000000000001d400300000000006504000001ed000067000000170000000c44000000000000630a00fe000000006e40000000000000c6000000000000009500000000000000023bc065b7a379d17cf9333379fc9e94af69912435f1b6a693002e7f3be361917adef6ee1c8a2b4f8ef1e50b91f32050e436fe275daf51efd601b6482a7d26f44198efefb202ee38788ebf01de00b1b5e4fef3bef70548aed0d600c095199fe3ff3128e599b0eaebbdbd7359a48f5b0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd8dff0c710e4cdbf4fc41fbba4f94329e646b8ee6de2109fbe4b61a615c6c57a2b649dc74a1a610643b08d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda8a3658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d99edc3a6138d5f728d236619074d6ebdf098bc908f50ad228a40f9411fe7226a4040b96e37c4f46756d3572e674047e29faf75ddd1aa96960bca97af13382cb881cc1f62c0f8f8f0e8d76b86f9c45636614786f5a2cb77230a874640dcbe0b20bb77c022d4cabf0d378fce8c5c81b7037181fc2f18f781aaa6e2957d7e38cc1baddcb7ec6667e699f24e41697ee7ea23c4b29a8b6cc9a1f5a7bb2b1ed81d2cf370ee4a2a00ebeb476ea3caae05f13832292cb949b3aab2ab1e042ff2164d80c605532b18ab1c156b97e5889685a96949e4cb4f8f67b8bb8dfff8f4b25243888e8b0020e733a63784ccc214d930cbb7e090d63fcd7071b53ac29df656f8ae6d6e18c1eacf5bf870768d5217e9bb7a05d9e22ce67f1231bd236486727d970acc546087acbf30f2f8165b47ba56dfadd14b306e98931485747292c6fe6e188750cf4f87cce229fd67c7133a9f05954cde298a35ea6d715ba80aee6335eb811a085ca14a7989f9777f600000000000000000000000000000000000000000000000000000000000000000000b854adb4f891ef64e8407c6bdb37f4b0ac"], &(0x7f00000001c0)='GPL\x00'}, 0x48) [ 3143.529469][T25907] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 3143.560436][T25912] netlink: 'syz-executor.0': attribute type 6 has an invalid length. [ 3143.568825][T25912] netlink: 517 bytes leftover after parsing attributes in process `syz-executor.0'. 00:49:37 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c) syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) pipe(&(0x7f0000000200)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0) 00:49:37 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f0000000780)={0x0, 0x6, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x2a9, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="000000000000000028001200090001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="0000b20000000000"], 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000004007a2a30005000000", @ANYRES32=r4, @ANYBLOB="00000000ffffffff000000000900010068667363000000000800020000000000"], 0x38}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000f80)=@newtfilter={0x34, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {}, {0xf}}, [@filter_kind_options=@f_rsvp6={{0xa, 0x1, 'rsvp6\x00'}, {0x3}}]}, 0x34}}, 0x0) [ 3143.815124][T25908] netlink: 'syz-executor.5': attribute type 1 has an invalid length. [ 3144.001939][T25908] 8021q: adding VLAN 0 to HW filter on device bond4 00:49:43 executing program 3: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000300)="1400000013000507ed008064d20b000033000080", 0x14}], 0x1}, 0x0) 00:49:43 executing program 0: getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000000c0)={{{@in6=@mcast2, @in=@initdev}}, {{@in=@broadcast}, 0x0, @in6=@dev}}, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000200)) setuid(0x0) setuid(0x0) r0 = socket(0x10, 0x2, 0xc) write(r0, &(0x7f0000000000)="590200000104fffffd3b54c006110000f305010040000600000000000900cf", 0x259) setuid(0x0) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0) setuid(0x0) socket$inet_tcp(0x2, 0x1, 0x0) setresuid(0x0, 0x0, 0x0) ioctl$TUNSETGROUP(0xffffffffffffffff, 0x400454ce, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) setresuid(0x0, 0x0, 0x0) clone3(0x0, 0x0) rt_sigqueueinfo(0x0, 0x0, 0x0) waitid(0x0, 0x0, &(0x7f0000000100), 0x0, 0x0) setresuid(0x0, 0x0, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setregid(0x0, 0x0) r1 = clone3(0x0, 0x0) rt_sigqueueinfo(0x0, 0x0, 0x0) waitid(0x0, r1, &(0x7f0000000100), 0x0, &(0x7f0000000180)) 00:49:43 executing program 4: syz_emit_ethernet(0x36, &(0x7f00000002c0)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x33, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0) 00:49:43 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f0000000780)={0x0, 0x6, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x2a9, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="000000000000000028001200090001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="0000b20000000000"], 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000004007a2a30005000000", @ANYRES32=r4, @ANYBLOB="00000000ffffffff000000000900010068667363000000000800020000000000"], 0x38}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000f80)=@newtfilter={0x34, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {}, {0xf}}, [@filter_kind_options=@f_rsvp6={{0xa, 0x1, 'rsvp6\x00'}, {0x3}}]}, 0x34}}, 0x0) 00:49:43 executing program 5: r0 = socket(0x100000000011, 0x2, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0xfea1}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c00000010008506000010000000000000000000", @ANYRES32=r3, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006000000"], 0x3c}}, 0x0) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000340)={r3, 0x1, 0x6, @multicast}, 0x10) 00:49:43 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c) syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) pipe(&(0x7f0000000200)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0) [ 3149.549171][T26349] netlink: 'syz-executor.0': attribute type 6 has an invalid length. [ 3149.557636][T26349] netlink: 517 bytes leftover after parsing attributes in process `syz-executor.0'. 00:49:43 executing program 4: r0 = socket$netlink(0x10, 0x3, 0xf) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f00000002c0)=""/246) 00:49:43 executing program 0: getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000000c0)={{{@in6=@mcast2, @in=@initdev}}, {{@in=@broadcast}, 0x0, @in6=@dev}}, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000200)) setuid(0x0) setuid(0x0) r0 = socket(0x10, 0x2, 0xc) write(r0, &(0x7f0000000000)="590200000104fffffd3b54c006110000f305010040000600000000000900cf", 0x259) setuid(0x0) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0) setuid(0x0) socket$inet_tcp(0x2, 0x1, 0x0) setresuid(0x0, 0x0, 0x0) ioctl$TUNSETGROUP(0xffffffffffffffff, 0x400454ce, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) setresuid(0x0, 0x0, 0x0) clone3(0x0, 0x0) rt_sigqueueinfo(0x0, 0x0, 0x0) waitid(0x0, 0x0, &(0x7f0000000100), 0x0, 0x0) setresuid(0x0, 0x0, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setregid(0x0, 0x0) r1 = clone3(0x0, 0x0) rt_sigqueueinfo(0x0, 0x0, 0x0) waitid(0x0, r1, &(0x7f0000000100), 0x0, &(0x7f0000000180)) 00:49:43 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f0000000780)={0x0, 0x6, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x2a9, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="000000000000000028001200090001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="0000b20000000000"], 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000004007a2a30005000000", @ANYRES32=r4, @ANYBLOB="00000000ffffffff000000000900010068667363000000000800020000000000"], 0x38}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000f80)=@newtfilter={0x34, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {}, {0xf}}, [@filter_kind_options=@f_rsvp6={{0xa, 0x1, 'rsvp6\x00'}, {0x3}}]}, 0x34}}, 0x0) [ 3149.960740][T26558] netlink: 'syz-executor.5': attribute type 1 has an invalid length. [ 3149.999657][T26558] 8021q: adding VLAN 0 to HW filter on device bond5 00:49:44 executing program 4: r0 = socket$netlink(0x10, 0x3, 0xf) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f00000002c0)=""/246) [ 3150.102798][T26666] netlink: 'syz-executor.0': attribute type 6 has an invalid length. [ 3150.111180][T26666] netlink: 517 bytes leftover after parsing attributes in process `syz-executor.0'. [ 3150.140238][T26670] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. 00:49:44 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={0xffffffffffffffff}, 0x13f}}, 0xffaf) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0x2}, {0xa, 0x0, 0x0, @empty}, r1}}, 0x48) 00:49:44 executing program 0: getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000000c0)={{{@in6=@mcast2, @in=@initdev}}, {{@in=@broadcast}, 0x0, @in6=@dev}}, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000200)) setuid(0x0) setuid(0x0) r0 = socket(0x10, 0x2, 0xc) write(r0, &(0x7f0000000000)="590200000104fffffd3b54c006110000f305010040000600000000000900cf", 0x259) setuid(0x0) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0) setuid(0x0) socket$inet_tcp(0x2, 0x1, 0x0) setresuid(0x0, 0x0, 0x0) ioctl$TUNSETGROUP(0xffffffffffffffff, 0x400454ce, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) setresuid(0x0, 0x0, 0x0) clone3(0x0, 0x0) rt_sigqueueinfo(0x0, 0x0, 0x0) waitid(0x0, 0x0, &(0x7f0000000100), 0x0, 0x0) setresuid(0x0, 0x0, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setregid(0x0, 0x0) r1 = clone3(0x0, 0x0) rt_sigqueueinfo(0x0, 0x0, 0x0) waitid(0x0, r1, &(0x7f0000000100), 0x0, &(0x7f0000000180)) [ 3150.551604][T26687] netlink: 'syz-executor.0': attribute type 6 has an invalid length. [ 3150.562098][T26687] netlink: 517 bytes leftover after parsing attributes in process `syz-executor.0'. 00:49:48 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000f00)=@filter={'filter\x00', 0x50, 0x4, 0x3e4, 0xf8, 0xf8, 0xf8, 0x20c, 0xf8, 0x31c, 0x31c, 0x31c, 0x31c, 0x31c, 0x4, 0x0, {[{{@ipv6={@mcast1, @loopback, [], [], 'bond_slave_0\x00', 'veth0\x00'}, 0x0, 0xd4, 0xf8, 0x0, {}, [@common=@frag={{0x30, 'frag\x00'}}]}, @REJECT={0x24, 'REJECT\x00', 0x0, {0x5}}}, {{@ipv6={@ipv4={[], [], @remote}, @local, [], [], 'macvlan1\x00', 'bond_slave_1\x00'}, 0x0, 0xd4, 0x114, 0x0, {}, [@common=@frag={{0x30, 'frag\x00'}}]}, @common=@inet=@TCPOPTSTRIP={0x40, 'TCPOPTSTRIP\x00'}}, {{@uncond, 0x0, 0xa4, 0x110}, @common=@unspec=@NFLOG={0x6c, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "20390d5191ef6c3e476b0cc0f829610aab687a97ccc06ba96316e8049485430074ac887ae5d484ca881bc1097c5f159057e2d69efbfac943fccefb7564dc749c"}}}], {{[], 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x440) 00:49:48 executing program 0: r0 = openat$md(0xffffffffffffff9c, &(0x7f0000000040)='/dev/md0\x00', 0x0, 0x0) ioctl$BLKFLSBUF(r0, 0x1261, 0x0) 00:49:48 executing program 5: r0 = socket(0x100000000011, 0x2, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0xfea1}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c00000010008506000010000000000000000000", @ANYRES32=r3, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006000000"], 0x3c}}, 0x0) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000340)={r3, 0x1, 0x6, @multicast}, 0x10) 00:49:48 executing program 4: r0 = socket$netlink(0x10, 0x3, 0xf) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f00000002c0)=""/246) 00:49:48 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000100)={0x40000000, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x2, 0xd, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @empty}}, @sadb_x_policy={0x8, 0x12, 0x0, 0x2, 0x0, 0x0, 0x0, {0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @in6=@mcast1, @in=@loopback}}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, [], 0x0, 0x0}}}]}, 0xa0}}, 0x0) 00:49:48 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBENT(r0, 0x5602, &(0x7f0000000000)) 00:49:49 executing program 0: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000b6dfc8)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f0000000080)={0x2, 0x400000000000003, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @ipv4}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0xfb, 0xffffff02}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @mcast2}}]}, 0x70}}, 0x0) 00:49:49 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBENT(r0, 0x5602, &(0x7f0000000000)) 00:49:49 executing program 4: r0 = socket$netlink(0x10, 0x3, 0xf) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f00000002c0)=""/246) 00:49:49 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000100)={0x40000000, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x2, 0xd, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @empty}}, @sadb_x_policy={0x8, 0x12, 0x0, 0x2, 0x0, 0x0, 0x0, {0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @in6=@mcast1, @in=@loopback}}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, [], 0x0, 0x0}}}]}, 0xa0}}, 0x0) [ 3155.248865][T26891] netlink: 'syz-executor.5': attribute type 1 has an invalid length. 00:49:49 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBENT(r0, 0x5602, &(0x7f0000000000)) [ 3155.295368][T26891] 8021q: adding VLAN 0 to HW filter on device bond6 00:49:49 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000100)={0x40000000, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x2, 0xd, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @empty}}, @sadb_x_policy={0x8, 0x12, 0x0, 0x2, 0x0, 0x0, 0x0, {0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @in6=@mcast1, @in=@loopback}}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, [], 0x0, 0x0}}}]}, 0xa0}}, 0x0) 00:49:53 executing program 3: r0 = syz_open_dev$usbfs(&(0x7f0000001280)='/dev/bus/usb/00#/00#\x00', 0x200, 0x802) ioctl$USBDEVFS_DROP_PRIVILEGES(r0, 0x4004551e, &(0x7f0000000000)) ioctl$USBDEVFS_CONTROL(r0, 0x5514, 0x0) 00:49:53 executing program 0: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000b6dfc8)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f0000000080)={0x2, 0x400000000000003, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @ipv4}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0xfb, 0xffffff02}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @mcast2}}]}, 0x70}}, 0x0) 00:49:53 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBENT(r0, 0x5602, &(0x7f0000000000)) 00:49:53 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="4800000010000507000000001000000000000040", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="0020000000000000751dc23d8e008672391e51823799a0837eb904c9cedb383db4eff9d3f961ea48af33fb086dd809e74b05008b925b759fb97b84434f357bf55290ae2254db822b9f4b0a0256facb44521fa875669dd65b11c470252c5c3d9f4636bd897ff950e796e68a63ff88ba4600f241c913de3520493f7aa263989ac3f7d250dba5e5bc918809c9ee4a16e2703708f0dd2edb378300000000"], 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB="740000002400070500"/20, @ANYRES32=r4, @ANYBLOB="00000000ffffffff00000000080001007166710048000229c6090032d0ed64f3c3545aaf6e000085a4e4ebb5ef670000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a010c3"], 0x74}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)=@newtfilter={0x3c, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@filter_kind_options=@f_rsvp6={{0xa, 0x1, 'rsvp6\x00'}, {0x4}}, @TCA_RATE={0x6}]}, 0x3c}}, 0x0) 00:49:53 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000100)={0x40000000, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x2, 0xd, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @empty}}, @sadb_x_policy={0x8, 0x12, 0x0, 0x2, 0x0, 0x0, 0x0, {0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @in6=@mcast1, @in=@loopback}}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, [], 0x0, 0x0}}}]}, 0xa0}}, 0x0) 00:49:53 executing program 5: prctl$PR_CAPBSET_DROP(0x18, 0x20000) 00:49:54 executing program 2: r0 = memfd_create(&(0x7f00000000c0)='\x00'/10, 0x0) write$binfmt_script(r0, &(0x7f0000000400)=ANY=[@ANYBLOB='#! ./file0 \n'], 0xd) execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) 00:49:54 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) recvmsg(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x12100) 00:49:54 executing program 0: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000b6dfc8)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f0000000080)={0x2, 0x400000000000003, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @ipv4}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0xfb, 0xffffff02}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @mcast2}}]}, 0x70}}, 0x0) 00:49:54 executing program 4: r0 = socket$kcm(0x2, 0x3, 0x2) recvmsg$kcm(r0, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000d00)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}, 0x3) 00:49:54 executing program 2: r0 = open$dir(&(0x7f0000000080)='./file0\x00', 0x1450c2, 0x0) io_setup(0x1000, &(0x7f0000000000)=0x0) r2 = creat(&(0x7f0000000180)='./bus\x00', 0x0) io_submit(r1, 0x2, &(0x7f0000000140)=[&(0x7f00000000c0)={0x0, 0x0, 0x17, 0x0, 0x0, r0, 0x0}, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2, 0x0, r2, &(0x7f0000000480)}]) 00:49:54 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r0, &(0x7f0000000200), 0x12) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x4, 0x0, 0x0, 0x29fc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000040)) write$cgroup_type(r1, &(0x7f0000000000)='threaded\x00', 0x248800) [ 3160.685844][ T32] audit: type=1800 audit(1583542194.749:505): pid=27250 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=16766 res=0 00:49:59 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000003dc0)={&(0x7f00000001c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x1405, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x38, 0x16, 0xa, 0x1, 0x0, 0x0, {0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_HOOK={0x4}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x2}]}], {0x14, 0x11, 0x2}}, 0x80}}, 0x0) 00:49:59 executing program 0: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000b6dfc8)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f0000000080)={0x2, 0x400000000000003, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @ipv4}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0xfb, 0xffffff02}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @mcast2}}]}, 0x70}}, 0x0) 00:49:59 executing program 4: syz_emit_ethernet(0x2a, &(0x7f0000000080)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x1, 0x0, @remote, @local}, @echo={0x3}}}}}, 0x0) 00:49:59 executing program 2: openat$procfs(0xffffffffffffff9c, &(0x7f0000001380)='/proc/meminfo\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0x80, 0x0}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x204, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r0, &(0x7f00000017c0), 0x3da, 0x0) 00:49:59 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="6400000030000100000000000000000000000000500001004c00010008000100696665003c0002801c0001000000000000000000000000100000000000000000010000000a0003007f3fda8654d70000060005000700000006000500000800000440f449fef58a170600"], 0x64}}, 0x0) 00:49:59 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x11, 0x2, 0x0) bind(r1, &(0x7f0000000080)=@generic={0x11, "000001000000000008fc9d71fc00000000000000f8ffff002e0b3836005404b0d6301a4ce875f2e3ff5f163ee340b76795008000f8000000000104003c5811039e15775027ecce66fd792bbf0e5bf5ff9b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ff42c65400"}, 0x80) getsockname$packet(r1, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000140)=0x14) sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=@newchain={0x24, 0x5e, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0xd18}}}, 0x24}}, 0x0) [ 3165.445792][T27469] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. 00:49:59 executing program 4: r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0) ioctl$DRM_IOCTL_GET_MAGIC(r0, 0x80046402, 0x0) r1 = syz_open_dev$dri(0x0, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/udp\x00') ioctl$DRM_IOCTL_GET_MAGIC(r1, 0x80046402, 0x0) dup2(r2, r1) 00:49:59 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) getsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000), &(0x7f0000000040)=0x39) 00:50:00 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f13000)={0xa, 0x4e22}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x8}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000040)={@link_local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x11, 0x0, @remote, @multicast1}, {0x0, 0x4e22, 0x10, 0x0, @gue={{0x2}}}}}}}, 0x0) 00:50:00 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440)='ethtool\x00') sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000000)={0x28, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8}]}]}]}, 0x28}}, 0x0) 00:50:00 executing program 0: socket(0x10, 0x80002, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x78, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @ipip6={{0xb, 0x1, 'ip6tnl\x00'}, {0x38, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x14, 0x3, @dev}, @IFLA_IPTUN_FWMARK={0x8, 0x14, 0xacbb}, @IFLA_IPTUN_FLAGS={0x8, 0x8, 0x27}, @IFLA_IPTUN_ENCAP_SPORT={0x6, 0x11, 0x4e21}, @IFLA_IPTUN_FLOWINFO={0x8, 0x7, 0x3}]}}}, @IFLA_LINK={0x8}, @IFLA_MASTER={0x8}]}, 0x78}}, 0x0) 00:50:00 executing program 2: openat$procfs(0xffffffffffffff9c, &(0x7f0000001380)='/proc/meminfo\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0x80, 0x0}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x204, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r0, &(0x7f00000017c0), 0x3da, 0x0) 00:50:04 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000003dc0)={&(0x7f00000001c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x1405, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x38, 0x16, 0xa, 0x1, 0x0, 0x0, {0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_HOOK={0x4}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x2}]}], {0x14, 0x11, 0x2}}, 0x80}}, 0x0) 00:50:04 executing program 1: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0xd1, &(0x7f0000000080)=0x63, 0x4) setsockopt$inet6_int(r0, 0x29, 0xc8, &(0x7f0000000280), 0x4) setsockopt$inet6_MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, 0x0, 0x0) 00:50:04 executing program 0: r0 = socket$inet6(0xa, 0x3, 0x8010000400000084) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000040)={0x1}, 0x8) close(r0) 00:50:04 executing program 4: mkdir(&(0x7f0000000300)='./file0\x00', 0x0) bind(0xffffffffffffffff, 0x0, 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x0, 0x0) r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000780)='./bus\x00', 0x14103e, 0x0) ftruncate(r1, 0x200003) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x4002011, r2, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) 00:50:04 executing program 2: openat$procfs(0xffffffffffffff9c, &(0x7f0000001380)='/proc/meminfo\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0x80, 0x0}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x204, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r0, &(0x7f00000017c0), 0x3da, 0x0) 00:50:04 executing program 5: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="2e48000021000505d25a80648c63940d0724fc60100010400a000000053582c137153e370907018000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 00:50:04 executing program 1: r0 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setfsuid(r1) setuid(r1) 00:50:04 executing program 0: r0 = socket$inet6(0xa, 0x3, 0x8010000400000084) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000040)={0x1}, 0x8) close(r0) 00:50:04 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000340)=ANY=[@ANYBLOB="340000001000050d00"/20, @ANYRES32=r4, @ANYBLOB="000000000000000014001280090001007663616e0000000004000280"], 0x34}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="20000000140001000000000000000000021f0000", @ANYRES32=r4, @ANYBLOB="0800020000010000"], 0x20}, 0x1, 0xf0ffffff}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000380)=@ipv4_newaddr={0x20, 0x11, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r4}, [@IFA_LOCAL={0x8, 0x2, @multicast1}]}, 0x20}, 0x1, 0xf0ffffff}, 0x0) 00:50:05 executing program 1: r0 = timerfd_create(0x0, 0x0) timerfd_settime(r0, 0x0, &(0x7f0000007000)={{0x0, 0x989680}, {0x0, 0x5}}, 0x0) readv(r0, &(0x7f0000001340)=[{&(0x7f0000000000)=""/186, 0xba}], 0x1) 00:50:05 executing program 0: r0 = socket$inet6(0xa, 0x3, 0x8010000400000084) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000040)={0x1}, 0x8) close(r0) 00:50:05 executing program 2: openat$procfs(0xffffffffffffff9c, &(0x7f0000001380)='/proc/meminfo\x00', 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0x80, 0x0}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x204, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r0, &(0x7f00000017c0), 0x3da, 0x0) [ 3172.577050][T28337] netlink: 'syz-executor.5': attribute type 1 has an invalid length. [ 3172.585438][T28337] netlink: 16638 bytes leftover after parsing attributes in process `syz-executor.5'. 00:50:08 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000003dc0)={&(0x7f00000001c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x1405, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x38, 0x16, 0xa, 0x1, 0x0, 0x0, {0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_HOOK={0x4}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x2}]}], {0x14, 0x11, 0x2}}, 0x80}}, 0x0) 00:50:08 executing program 0: r0 = socket$inet6(0xa, 0x3, 0x8010000400000084) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000040)={0x1}, 0x8) close(r0) 00:50:08 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000340)=ANY=[@ANYBLOB="340000001000050d00"/20, @ANYRES32=r4, @ANYBLOB="000000000000000014001280090001007663616e0000000004000280"], 0x34}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="20000000140001000000000000000000021f0000", @ANYRES32=r4, @ANYBLOB="0800020000010000"], 0x20}, 0x1, 0xf0ffffff}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000380)=@ipv4_newaddr={0x20, 0x11, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r4}, [@IFA_LOCAL={0x8, 0x2, @multicast1}]}, 0x20}, 0x1, 0xf0ffffff}, 0x0) 00:50:08 executing program 2: r0 = socket$l2tp(0x2, 0x2, 0x73) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setreuid(r1, 0xffffffffffffffff) 00:50:08 executing program 1: r0 = syz_open_dev$radio(&(0x7f0000000240)='/dev/radio#\x00', 0x3, 0x2) ioctl$VIDIOC_QUERYMENU(r0, 0xc02c5625, &(0x7f0000000040)={0x98f904, 0x3, @name="15bc253733d95e6297742515b05c97b4434ddc5c00"}) 00:50:08 executing program 5: syz_mount_image$tmpfs(&(0x7f0000000000)='tmpfs\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)={[{@nr_blocks={'nr_blocks', 0x3d, [0x30, 0x78]}}]}) 00:50:08 executing program 1: syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{0x0, 0x0, 0xfffffffffffffffe}, {&(0x7f0000000500)="d8b5e6fb07d6d0e732bba1b99063ac5330", 0x11}], 0xcf02, &(0x7f00000000c0)={[{@fat=@dos1xfloppy='dos1xfloppy'}]}) 00:50:09 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000300)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x2a9, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="000000000000000028001200090001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="0000b20000000000"], 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000004007a2a30005000000", @ANYRES32=r4, @ANYBLOB="00000000ffffffff000000000900010068667363000000000800020000001000"], 0x38}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@newtfilter={0x48, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {}, {0x7}}, [@filter_kind_options=@f_flower={{0xb, 0x1, 'flower\x00'}, {0x18, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x14, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0xc, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8}]}, @TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x4}]}]}}]}, 0x48}}, 0x0) 00:50:09 executing program 0: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045009, &(0x7f0000000040)=0x8) 00:50:09 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000340)=ANY=[@ANYBLOB="340000001000050d00"/20, @ANYRES32=r4, @ANYBLOB="000000000000000014001280090001007663616e0000000004000280"], 0x34}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="20000000140001000000000000000000021f0000", @ANYRES32=r4, @ANYBLOB="0800020000010000"], 0x20}, 0x1, 0xf0ffffff}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000380)=@ipv4_newaddr={0x20, 0x11, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r4}, [@IFA_LOCAL={0x8, 0x2, @multicast1}]}, 0x20}, 0x1, 0xf0ffffff}, 0x0) [ 3175.089527][T28453] tmpfs: Bad value for 'nr_blocks' 00:50:09 executing program 1: syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{0x0, 0x0, 0xfffffffffffffffe}, {&(0x7f0000000500)="d8b5e6fb07d6d0e732bba1b99063ac5330", 0x11}], 0xcf02, &(0x7f00000000c0)={[{@fat=@dos1xfloppy='dos1xfloppy'}]}) 00:50:09 executing program 0: r0 = socket$inet6(0xa, 0x2, 0x0) socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r1, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a) ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000040)={@rand_addr="feef27077032695817c311ec36379666", 0x0, r2}) 00:50:13 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000003dc0)={&(0x7f00000001c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x1405, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x38, 0x16, 0xa, 0x1, 0x0, 0x0, {0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_HOOK={0x4}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x2}]}], {0x14, 0x11, 0x2}}, 0x80}}, 0x0) 00:50:13 executing program 1: syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{0x0, 0x0, 0xfffffffffffffffe}, {&(0x7f0000000500)="d8b5e6fb07d6d0e732bba1b99063ac5330", 0x11}], 0xcf02, &(0x7f00000000c0)={[{@fat=@dos1xfloppy='dos1xfloppy'}]}) 00:50:13 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)={0x70, 0x0, 0x9, 0x5, 0x0, 0x0, {}, [@NFCTH_NAME={0x9, 0x1, 'syz0\x00'}, @NFCTH_PRIV_DATA_LEN={0x8}, @NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x4}}, @NFCTH_TUPLE={0x3c, 0x2, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @remote}, {0x14, 0x4, @rand_addr="f37c3d3735b855e98970d14b085abb3e"}}}]}]}, 0x70}}, 0x0) 00:50:13 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000340)=ANY=[@ANYBLOB="340000001000050d00"/20, @ANYRES32=r4, @ANYBLOB="000000000000000014001280090001007663616e0000000004000280"], 0x34}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="20000000140001000000000000000000021f0000", @ANYRES32=r4, @ANYBLOB="0800020000010000"], 0x20}, 0x1, 0xf0ffffff}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000380)=@ipv4_newaddr={0x20, 0x11, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r4}, [@IFA_LOCAL={0x8, 0x2, @multicast1}]}, 0x20}, 0x1, 0xf0ffffff}, 0x0) 00:50:13 executing program 5: syz_mount_image$tmpfs(&(0x7f0000000000)='tmpfs\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)={[{@nr_blocks={'nr_blocks', 0x3d, [0x30, 0x78]}}]}) 00:50:13 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000000)=ANY=[@ANYBLOB="72617700000000000000000000000000000000000000000000000000000000000800000003000000580200003001000030010000000000003001000000000000c4010000c4010000c4010000c4010000c40100000300000000000000e0000001ac1414bb000000000000000073797a6b616c6c6572300000000000006e65747063693000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c800300100000000000000000000000000000000000000005800686173686c696d6974000000000000000000000000000000000000000001677265746170300000000000000000000000000000000000000000562d00000000000000040000000400000000000000000000000000000068004354000000000000000000000000000000000000000000000000000000020c00000000000000000000006e657462696f732d6e7300000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000ac1414bb000000000000000000000000000000000000000000000000000000006272696467655f736c6176655f3000000000000000000000000000000000000000000000000000000000000000000000000000080000000070009400000000000000000000000000000000000000000024005443504d535300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000940000000000000000000000000000000000000000002400000000000000000000000000000000000000000000000000000000000000feffffff"], 0x2b4) [ 3179.119773][T28695] netlink: 'syz-executor.2': attribute type 2 has an invalid length. [ 3179.128209][T28695] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 3179.136610][T28695] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 3179.198292][T28697] xt_CT: You must specify a L4 protocol and not use inversions on it 00:50:13 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000100)="c7da5f1a", 0x4) accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) 00:50:13 executing program 0: creat(&(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f0000000080)='./file1\x00', 0x0) mount$bpf(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0) mount$bpf(0x20000000, &(0x7f00000017c0)='./file0\x00', 0x0, 0x2010, 0x0) 00:50:13 executing program 1: syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{0x0, 0x0, 0xfffffffffffffffe}, {&(0x7f0000000500)="d8b5e6fb07d6d0e732bba1b99063ac5330", 0x11}], 0xcf02, &(0x7f00000000c0)={[{@fat=@dos1xfloppy='dos1xfloppy'}]}) 00:50:13 executing program 4: r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/pid\x00') setns(r0, 0x0) 00:50:13 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000007c0)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb, 0x1, 'bridge\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_NF_CALL_IPTABLES={0x5, 0x24, 0x1}]}}}]}, 0x3c}}, 0x0) 00:50:14 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000200)={0x26, 'hash\x00', 0x0, 0x0, 'rmd128-generic\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/netstat\x00') sendfile(r1, r2, 0x0, 0x175) [ 3180.107470][T28838] tmpfs: Bad value for 'nr_blocks' 00:50:19 executing program 1: mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount(0x0, &(0x7f000000aff8)='./file0\x00', &(0x7f0000000280)='hugetlbfs\x00', 0x0, 0x0) chdir(&(0x7f0000000300)='./file0\x00') mknod$loop(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) 00:50:19 executing program 0: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000040)={0xa925, 0x2b, 0x1, 0xffffffffffffffff}) r2 = dup(r1) ioctl$DMA_BUF_IOCTL_SYNC(r2, 0x40086200, &(0x7f0000000140)=0x1) 00:50:19 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x2a9, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="000000000000000028001200090001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="0000b20000000000"], 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000004007a2a30005000000", @ANYRES32=r4, @ANYBLOB="00000000ffffffff000000000900010068667363000000000800020000000000"], 0x38}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000b40)=@newtfilter={0x7c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {}, {0x8}}, [@filter_kind_options=@f_rsvp6={{0xa, 0x1, 'rsvp6\x00'}, {0x4c, 0x2, [@TCA_RSVP_POLICE={0x48, 0x5, [@TCA_POLICE_TBF={0x3c}, @TCA_POLICE_AVRATE={0x8}]}]}}]}, 0x7c}}, 0x0) 00:50:19 executing program 2: capset(&(0x7f0000000240)={0x20080522}, &(0x7f0000000000)) r0 = open(&(0x7f0000000200)='./file0\x00', 0x4008040, 0x0) close(r0) socket$inet6(0xa, 0x2, 0x0) sendmsg$inet6(r0, &(0x7f00000007c0)={&(0x7f0000000040)={0xa, 0x4e24, 0x0, @rand_addr="fcd5bf2cb9be0a23d8003789df513212"}, 0x1c, 0x0, 0x0, &(0x7f0000000600)=[@dstopts_2292={{0x14}}], 0x14}, 0x0) 00:50:19 executing program 5: syz_mount_image$tmpfs(&(0x7f0000000000)='tmpfs\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)={[{@nr_blocks={'nr_blocks', 0x3d, [0x30, 0x78]}}]}) 00:50:19 executing program 3: connect$inet6(0xffffffffffffffff, 0x0, 0x0) socket$kcm(0x10, 0x0, 0x10) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_GET_NR_MMU_PAGES(r1, 0xae45, 0x0) ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, 0x0) 00:50:20 executing program 4: r0 = socket(0x10, 0x2, 0x0) ioctl(0xffffffffffffffff, 0x0, 0x0) sendto(r0, &(0x7f0000000140)="120000001200e7ef007b1a3fcd00000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{0x0, 0x14e, 0x0, 0x0, 0x0, 0x24b, 0xd0}}], 0x34, 0x0, 0x0) 00:50:20 executing program 2: r0 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_REFINE_OLD(r0, 0xc1004110, 0x0) 00:50:20 executing program 1: mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount(0x0, &(0x7f000000aff8)='./file0\x00', &(0x7f0000000280)='hugetlbfs\x00', 0x0, 0x0) chdir(&(0x7f0000000300)='./file0\x00') mknod$loop(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) 00:50:20 executing program 0: r0 = socket$inet6(0xa, 0x3, 0xfe) setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000e86000)="0022040000ffffebfffffffeffffffff144e0000ff000207835eebf116b208feefaf234b4ff8b4cc4c39bdc8451792b903f4b7d8c8cf2153622652328c19ef68234f905557c4070000008735e9ab2f77c62e0a5cdd2cf9984c070400000000000003ff23353d8b2fc6a3ae1ebfcb49004a3ccd3560ae01010000079c60ed7449b842f3e253be8a62b37f820fe75a9ea937ea4e2540019ccbd9f6672837496d00ad7765abaac2ec0f91c88a1ea1ff6ee308c72febedcf00798d41991ac25bb6fce2220c25ea380c7e112ab358c3a6bd8a59c100000001b4e82cb03419544a3988bc226a85abe6eb60cd7cf8d103d38c31c7c86d16c4d86cbe4ab390c092d077ce70590fbbd4f8bf4d6ab1cea6dbe9d4a54c17aac0db6e3845", 0x118) connect$inet6(r0, &(0x7f0000000340)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000001f40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) 00:50:20 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000100)={{0x2, 0x0, @remote}, {0x4000030000000304, @random="00000400"}, 0xa, {0x2, 0x0, @multicast1}}) 00:50:20 executing program 1: mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount(0x0, &(0x7f000000aff8)='./file0\x00', &(0x7f0000000280)='hugetlbfs\x00', 0x0, 0x0) chdir(&(0x7f0000000300)='./file0\x00') mknod$loop(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) 00:50:20 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xa8) 00:50:20 executing program 0: r0 = socket$inet6(0xa, 0x3, 0xfe) setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000e86000)="0022040000ffffebfffffffeffffffff144e0000ff000207835eebf116b208feefaf234b4ff8b4cc4c39bdc8451792b903f4b7d8c8cf2153622652328c19ef68234f905557c4070000008735e9ab2f77c62e0a5cdd2cf9984c070400000000000003ff23353d8b2fc6a3ae1ebfcb49004a3ccd3560ae01010000079c60ed7449b842f3e253be8a62b37f820fe75a9ea937ea4e2540019ccbd9f6672837496d00ad7765abaac2ec0f91c88a1ea1ff6ee308c72febedcf00798d41991ac25bb6fce2220c25ea380c7e112ab358c3a6bd8a59c100000001b4e82cb03419544a3988bc226a85abe6eb60cd7cf8d103d38c31c7c86d16c4d86cbe4ab390c092d077ce70590fbbd4f8bf4d6ab1cea6dbe9d4a54c17aac0db6e3845", 0x118) connect$inet6(r0, &(0x7f0000000340)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000001f40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) 00:50:20 executing program 2: r0 = syz_open_dev$video(&(0x7f0000000080)='/dev/video#\x00', 0xd, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f00000000c0)={0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x800}}) 00:50:21 executing program 1: mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount(0x0, &(0x7f000000aff8)='./file0\x00', &(0x7f0000000280)='hugetlbfs\x00', 0x0, 0x0) chdir(&(0x7f0000000300)='./file0\x00') mknod$loop(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) [ 3187.215706][T29355] tmpfs: Bad value for 'nr_blocks' 00:50:21 executing program 5: syz_mount_image$tmpfs(&(0x7f0000000000)='tmpfs\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)={[{@nr_blocks={'nr_blocks', 0x3d, [0x30, 0x78]}}]}) [ 3187.600788][T29583] tmpfs: Bad value for 'nr_blocks' 00:50:27 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r1, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000280)={0x41, 0x3}, 0x10) r2 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41, 0x0, 0x4}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000280)={0x41, 0x81}, 0x10) dup2(r0, r1) 00:50:27 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff}, 0x0) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r1, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x24e23, @loopback}, 0x10) write$binfmt_elf64(r1, &(0x7f00000000c0)=ANY=[@ANYRES64], 0xc63b9e35) mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='9p\x00', 0x0, &(0x7f0000000040)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 00:50:27 executing program 0: r0 = socket$inet6(0xa, 0x3, 0xfe) setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000e86000)="0022040000ffffebfffffffeffffffff144e0000ff000207835eebf116b208feefaf234b4ff8b4cc4c39bdc8451792b903f4b7d8c8cf2153622652328c19ef68234f905557c4070000008735e9ab2f77c62e0a5cdd2cf9984c070400000000000003ff23353d8b2fc6a3ae1ebfcb49004a3ccd3560ae01010000079c60ed7449b842f3e253be8a62b37f820fe75a9ea937ea4e2540019ccbd9f6672837496d00ad7765abaac2ec0f91c88a1ea1ff6ee308c72febedcf00798d41991ac25bb6fce2220c25ea380c7e112ab358c3a6bd8a59c100000001b4e82cb03419544a3988bc226a85abe6eb60cd7cf8d103d38c31c7c86d16c4d86cbe4ab390c092d077ce70590fbbd4f8bf4d6ab1cea6dbe9d4a54c17aac0db6e3845", 0x118) connect$inet6(r0, &(0x7f0000000340)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000001f40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) 00:50:27 executing program 2: clone(0xa0447400, 0x0, 0x0, 0x0, 0x0) 00:50:27 executing program 1: r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_NAME_TABLE_GET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000280)={0x98, 0x0, 0x0, 0x0, 0x0, {}, [@TIPC_NLA_SOCK={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8}]}, @TIPC_NLA_NODE={0xc, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_PUBL={0x4c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8}, @TIPC_NLA_PUBL_LOWER={0x8}, @TIPC_NLA_PUBL_LOWER={0x8}, @TIPC_NLA_PUBL_TYPE={0x8}, @TIPC_NLA_PUBL_UPPER={0x8}, @TIPC_NLA_PUBL_TYPE={0x8}, @TIPC_NLA_PUBL_LOWER={0x8}, @TIPC_NLA_PUBL_UPPER={0x8}, @TIPC_NLA_PUBL_UPPER={0x8}]}, @TIPC_NLA_NET={0x20, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc}, @TIPC_NLA_NET_ID={0x8}, @TIPC_NLA_NET_ID={0x8}]}]}, 0x98}}, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x374, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x14b}, {&(0x7f0000000140)=""/85, 0x20a}, {&(0x7f0000000fc0)=""/4096, 0xf2}, {&(0x7f0000000400)=""/106, 0x685}, {&(0x7f0000000740)=""/73, 0x3dd}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f00000007c0)=""/154, 0x40d}, {&(0x7f0000000000)=""/22, 0xa}], 0x81, &(0x7f0000000600)=""/191, 0x97}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) 00:50:27 executing program 5: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x2, 0x400000000000003, 0x0, 0x403, 0x13, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @ipv4={[0x300000000000000, 0x0, 0x0, 0x6000000, 0x0, 0x0, 0x6000000, 0x40030000000000]}}}, @sadb_address={0x5, 0x9, 0xfffffffd, 0x0, 0x0, @in6={0xa, 0x0, 0x300, @rand_addr="f700000200"}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @mcast2}}]}, 0x98}}, 0x0) 00:50:27 executing program 2: r0 = syz_open_dev$video(&(0x7f0000000000)='/dev/video#\x00', 0x9, 0x0) ioctl$VIDIOC_S_PARM(r0, 0xc0cc5616, &(0x7f00000001c0)={0xc, @output}) 00:50:27 executing program 0: r0 = socket$inet6(0xa, 0x3, 0xfe) setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000e86000)="0022040000ffffebfffffffeffffffff144e0000ff000207835eebf116b208feefaf234b4ff8b4cc4c39bdc8451792b903f4b7d8c8cf2153622652328c19ef68234f905557c4070000008735e9ab2f77c62e0a5cdd2cf9984c070400000000000003ff23353d8b2fc6a3ae1ebfcb49004a3ccd3560ae01010000079c60ed7449b842f3e253be8a62b37f820fe75a9ea937ea4e2540019ccbd9f6672837496d00ad7765abaac2ec0f91c88a1ea1ff6ee308c72febedcf00798d41991ac25bb6fce2220c25ea380c7e112ab358c3a6bd8a59c100000001b4e82cb03419544a3988bc226a85abe6eb60cd7cf8d103d38c31c7c86d16c4d86cbe4ab390c092d077ce70590fbbd4f8bf4d6ab1cea6dbe9d4a54c17aac0db6e3845", 0x118) connect$inet6(r0, &(0x7f0000000340)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000001f40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) 00:50:27 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IP_VS_SO_SET_TIMEOUT(r0, 0x0, 0x48a, &(0x7f0000000000)={0x0, 0xfffffffc}, 0xc) 00:50:27 executing program 1: r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_NAME_TABLE_GET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000280)={0x98, 0x0, 0x0, 0x0, 0x0, {}, [@TIPC_NLA_SOCK={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8}]}, @TIPC_NLA_NODE={0xc, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_PUBL={0x4c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8}, @TIPC_NLA_PUBL_LOWER={0x8}, @TIPC_NLA_PUBL_LOWER={0x8}, @TIPC_NLA_PUBL_TYPE={0x8}, @TIPC_NLA_PUBL_UPPER={0x8}, @TIPC_NLA_PUBL_TYPE={0x8}, @TIPC_NLA_PUBL_LOWER={0x8}, @TIPC_NLA_PUBL_UPPER={0x8}, @TIPC_NLA_PUBL_UPPER={0x8}]}, @TIPC_NLA_NET={0x20, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc}, @TIPC_NLA_NET_ID={0x8}, @TIPC_NLA_NET_ID={0x8}]}]}, 0x98}}, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x374, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x14b}, {&(0x7f0000000140)=""/85, 0x20a}, {&(0x7f0000000fc0)=""/4096, 0xf2}, {&(0x7f0000000400)=""/106, 0x685}, {&(0x7f0000000740)=""/73, 0x3dd}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f00000007c0)=""/154, 0x40d}, {&(0x7f0000000000)=""/22, 0xa}], 0x81, &(0x7f0000000600)=""/191, 0x97}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) 00:50:27 executing program 2: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000500)='/dev/nullb0\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x2000004, 0x12, r0, 0x0) r1 = socket(0x200040000000015, 0x805, 0x0) getsockopt(r1, 0x114, 0x2715, 0x0, &(0x7f000033bffc)) 00:50:28 executing program 0: sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYRES16, @ANYPTR64=&(0x7f00000000c0)=ANY=[], @ANYRES16, @ANYRES32], 0x4}}, 0x0) r0 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r0, &(0x7f0000000040), 0x10) setsockopt(r0, 0x65, 0x1, &(0x7f0000000080), 0x1d0) r1 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r1, &(0x7f0000000040), 0x10) setsockopt(r1, 0x65, 0x1, &(0x7f0000000080), 0x1d0) close(r0) 00:50:34 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r1, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000280)={0x41, 0x3}, 0x10) r2 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41, 0x0, 0x4}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000280)={0x41, 0x81}, 0x10) dup2(r0, r1) 00:50:34 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IP_VS_SO_SET_TIMEOUT(r0, 0x0, 0x48a, &(0x7f0000000000)={0x0, 0xfffffffc}, 0xc) 00:50:34 executing program 2: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000500)='/dev/nullb0\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x2000004, 0x12, r0, 0x0) r1 = socket(0x200040000000015, 0x805, 0x0) getsockopt(r1, 0x114, 0x2715, 0x0, &(0x7f000033bffc)) 00:50:34 executing program 1: r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_NAME_TABLE_GET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000280)={0x98, 0x0, 0x0, 0x0, 0x0, {}, [@TIPC_NLA_SOCK={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8}]}, @TIPC_NLA_NODE={0xc, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_PUBL={0x4c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8}, @TIPC_NLA_PUBL_LOWER={0x8}, @TIPC_NLA_PUBL_LOWER={0x8}, @TIPC_NLA_PUBL_TYPE={0x8}, @TIPC_NLA_PUBL_UPPER={0x8}, @TIPC_NLA_PUBL_TYPE={0x8}, @TIPC_NLA_PUBL_LOWER={0x8}, @TIPC_NLA_PUBL_UPPER={0x8}, @TIPC_NLA_PUBL_UPPER={0x8}]}, @TIPC_NLA_NET={0x20, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc}, @TIPC_NLA_NET_ID={0x8}, @TIPC_NLA_NET_ID={0x8}]}]}, 0x98}}, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x374, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x14b}, {&(0x7f0000000140)=""/85, 0x20a}, {&(0x7f0000000fc0)=""/4096, 0xf2}, {&(0x7f0000000400)=""/106, 0x685}, {&(0x7f0000000740)=""/73, 0x3dd}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f00000007c0)=""/154, 0x40d}, {&(0x7f0000000000)=""/22, 0xa}], 0x81, &(0x7f0000000600)=""/191, 0x97}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) 00:50:34 executing program 0: sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYRES16, @ANYPTR64=&(0x7f00000000c0)=ANY=[], @ANYRES16, @ANYRES32], 0x4}}, 0x0) r0 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r0, &(0x7f0000000040), 0x10) setsockopt(r0, 0x65, 0x1, &(0x7f0000000080), 0x1d0) r1 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r1, &(0x7f0000000040), 0x10) setsockopt(r1, 0x65, 0x1, &(0x7f0000000080), 0x1d0) close(r0) 00:50:34 executing program 5: r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000080)='/dev/uhid\x00', 0x2, 0x0) write(r0, &(0x7f0000000100)="ec032d95", 0x4) 00:50:35 executing program 0: sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYRES16, @ANYPTR64=&(0x7f00000000c0)=ANY=[], @ANYRES16, @ANYRES32], 0x4}}, 0x0) r0 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r0, &(0x7f0000000040), 0x10) setsockopt(r0, 0x65, 0x1, &(0x7f0000000080), 0x1d0) r1 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r1, &(0x7f0000000040), 0x10) setsockopt(r1, 0x65, 0x1, &(0x7f0000000080), 0x1d0) close(r0) 00:50:35 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IP_VS_SO_SET_TIMEOUT(r0, 0x0, 0x48a, &(0x7f0000000000)={0x0, 0xfffffffc}, 0xc) 00:50:35 executing program 2: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000500)='/dev/nullb0\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x2000004, 0x12, r0, 0x0) r1 = socket(0x200040000000015, 0x805, 0x0) getsockopt(r1, 0x114, 0x2715, 0x0, &(0x7f000033bffc)) 00:50:35 executing program 1: r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_NAME_TABLE_GET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000280)={0x98, 0x0, 0x0, 0x0, 0x0, {}, [@TIPC_NLA_SOCK={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8}]}, @TIPC_NLA_NODE={0xc, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_PUBL={0x4c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8}, @TIPC_NLA_PUBL_LOWER={0x8}, @TIPC_NLA_PUBL_LOWER={0x8}, @TIPC_NLA_PUBL_TYPE={0x8}, @TIPC_NLA_PUBL_UPPER={0x8}, @TIPC_NLA_PUBL_TYPE={0x8}, @TIPC_NLA_PUBL_LOWER={0x8}, @TIPC_NLA_PUBL_UPPER={0x8}, @TIPC_NLA_PUBL_UPPER={0x8}]}, @TIPC_NLA_NET={0x20, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc}, @TIPC_NLA_NET_ID={0x8}, @TIPC_NLA_NET_ID={0x8}]}]}, 0x98}}, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x374, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x14b}, {&(0x7f0000000140)=""/85, 0x20a}, {&(0x7f0000000fc0)=""/4096, 0xf2}, {&(0x7f0000000400)=""/106, 0x685}, {&(0x7f0000000740)=""/73, 0x3dd}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f00000007c0)=""/154, 0x40d}, {&(0x7f0000000000)=""/22, 0xa}], 0x81, &(0x7f0000000600)=""/191, 0x97}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) 00:50:35 executing program 0: sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYRES16, @ANYPTR64=&(0x7f00000000c0)=ANY=[], @ANYRES16, @ANYRES32], 0x4}}, 0x0) r0 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r0, &(0x7f0000000040), 0x10) setsockopt(r0, 0x65, 0x1, &(0x7f0000000080), 0x1d0) r1 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r1, &(0x7f0000000040), 0x10) setsockopt(r1, 0x65, 0x1, &(0x7f0000000080), 0x1d0) close(r0) 00:50:35 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IP_VS_SO_SET_TIMEOUT(r0, 0x0, 0x48a, &(0x7f0000000000)={0x0, 0xfffffffc}, 0xc) 00:50:41 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r1, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000280)={0x41, 0x3}, 0x10) r2 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41, 0x0, 0x4}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000280)={0x41, 0x81}, 0x10) dup2(r0, r1) 00:50:41 executing program 2: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000500)='/dev/nullb0\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x2000004, 0x12, r0, 0x0) r1 = socket(0x200040000000015, 0x805, 0x0) getsockopt(r1, 0x114, 0x2715, 0x0, &(0x7f000033bffc)) 00:50:41 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x8000000000000004) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="480000001400190820ffff7fffffff5602113b850e1de0974881000000fe58a2bc4a01009164643e89720000de213ee23ffbf510040041feff5aff2b000000000000070000000000", 0x6a}], 0x1) 00:50:41 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x44, 0x10, 0x581, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9, 0x1, 'bond\x00'}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_AD_LACP_RATE={0x5}, @IFLA_BOND_MODE={0x5, 0x1, 0x4}]}}}]}, 0x44}}, 0x0) 00:50:41 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)={0x54, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x6}]}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}]}, 0x54}}, 0x0) 00:50:41 executing program 5: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vcs\x00', 0x2000, 0x0) ioctl$VHOST_SET_MEM_TABLE(r0, 0x5452, &(0x7f0000000500)) 00:50:41 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x8000000000000004) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="480000001400190820ffff7fffffff5602113b850e1de0974881000000fe58a2bc4a01009164643e89720000de213ee23ffbf510040041feff5aff2b000000000000070000000000", 0x6a}], 0x1) 00:50:41 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)={0x54, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x6}]}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}]}, 0x54}}, 0x0) 00:50:41 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r0, &(0x7f00000000c0)=[{&(0x7f0000000180)='w', 0x1}], 0x1, 0x0) move_pages(0x0, 0x1, &(0x7f0000000080)=[&(0x7f0000000000/0x3000)=nil], &(0x7f00000001c0)=[0x400000000000001], 0x0, 0x0) 00:50:41 executing program 1: r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000200)="d800000018008100e00f80ecdb4cb904021d65ef0b007c06e87c55a1bc000900b8000699030007000500154006008178a800160005000100e5580000000002000000006f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee48100000000000000d9d322fe04000000730d16a4683e4f6d0200003f5aeb4edbb57a5025ccca9e00360db798262f3d08fad95667e04adcdf634c1f215ce3bb53b409d5e1ca4e81ed0b7fece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92307f27260e9703", 0xd8}], 0x1}, 0x0) 00:50:41 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)={0x54, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x6}]}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}]}, 0x54}}, 0x0) 00:50:42 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x8000000000000004) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="480000001400190820ffff7fffffff5602113b850e1de0974881000000fe58a2bc4a01009164643e89720000de213ee23ffbf510040041feff5aff2b000000000000070000000000", 0x6a}], 0x1) 00:50:46 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r1, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000280)={0x41, 0x3}, 0x10) r2 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41, 0x0, 0x4}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000280)={0x41, 0x81}, 0x10) dup2(r0, r1) 00:50:46 executing program 1: r0 = socket$inet(0xa, 0x801, 0x84) sendmmsg$inet(r0, &(0x7f0000000400)=[{{&(0x7f0000000240)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000300)=[{&(0x7f00000001c0)="e8", 0x1}], 0x1}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=[@ip_tos_u8={{0xd, 0x84, 0x6}}], 0x10}}], 0x2, 0x0) 00:50:46 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)={0x54, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x6}]}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}]}, 0x54}}, 0x0) 00:50:46 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r0, &(0x7f00000000c0)=[{&(0x7f0000000180)='w', 0x1}], 0x1, 0x0) move_pages(0x0, 0x1, &(0x7f0000000080)=[&(0x7f0000000000/0x3000)=nil], &(0x7f00000001c0)=[0x400000000000001], 0x0, 0x0) 00:50:46 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x8000000000000004) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="480000001400190820ffff7fffffff5602113b850e1de0974881000000fe58a2bc4a01009164643e89720000de213ee23ffbf510040041feff5aff2b000000000000070000000000", 0x6a}], 0x1) 00:50:46 executing program 5: recvmmsg(0xffffffffffffffff, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001bc0)=""/50, 0x32}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/route\x00') preadv(r0, &(0x7f00000017c0), 0x315, 0x800000) 00:50:47 executing program 0: io_setup(0x1ff, &(0x7f00000004c0)=0x0) r1 = eventfd(0x0) r2 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) io_submit(r0, 0x1, &(0x7f00000019c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x1, r1}]) 00:50:47 executing program 4: r0 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vhci\x00', 0x2) write$vhci(r0, &(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r3 = dup2(r2, r1) bind$bt_hci(r3, &(0x7f00000007c0), 0xc) getsockname$packet(r3, 0x0, &(0x7f0000003b40)) 00:50:47 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r0, &(0x7f00000000c0)=[{&(0x7f0000000180)='w', 0x1}], 0x1, 0x0) move_pages(0x0, 0x1, &(0x7f0000000080)=[&(0x7f0000000000/0x3000)=nil], &(0x7f00000001c0)=[0x400000000000001], 0x0, 0x0) 00:50:47 executing program 1: mkdir(&(0x7f0000000240)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000000)='fuse\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) open(&(0x7f0000000080)='./file0/file0\x00', 0x0, 0x0) mount(&(0x7f0000000340)=@filename='./file0\x00', &(0x7f0000000380)='./file0\x00', 0x0, 0x2000, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) dup3(r1, r0, 0x0) 00:50:47 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r0, &(0x7f00000000c0)=[{&(0x7f0000000180)='w', 0x1}], 0x1, 0x0) move_pages(0x0, 0x1, &(0x7f0000000080)=[&(0x7f0000000000/0x3000)=nil], &(0x7f00000001c0)=[0x400000000000001], 0x0, 0x0) 00:50:47 executing program 2: openat$sequencer(0xffffffffffffff9c, &(0x7f0000000840)='/dev/sequencer\x00', 0x0, 0x0) 00:50:54 executing program 2: r0 = socket(0x10, 0x80002, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={0x40, 0x0, 0x1, 0x801, 0x0, 0x0, {}, [@CTA_TUPLE_REPLY={0x2c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast2}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6}]}]}, 0x40}}, 0x0) 00:50:54 executing program 0: io_setup(0x1ff, &(0x7f00000004c0)=0x0) r1 = eventfd(0x0) r2 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) io_submit(r0, 0x1, &(0x7f00000019c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x1, r1}]) 00:50:54 executing program 1: r0 = socket(0x10, 0x2, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000080)={0x7ff}, 0x10) write(r0, &(0x7f0000000280)="1c00000016009b8a140000003b9b301f00"/28, 0x32) 00:50:54 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000500)='/dev/loop-control\x00', 0x0, 0x0) r1 = dup(r0) ioctl$sock_inet6_tcp_SIOCINQ(r1, 0x4c81, 0xfffffffffffffffe) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) readv(0xffffffffffffffff, 0x0, 0x0) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) 00:50:54 executing program 3: r0 = perf_event_open(&(0x7f0000000140)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0x6fff) r1 = perf_event_open(&(0x7f0000000140)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0x6fff) 00:50:54 executing program 0: io_setup(0x1ff, &(0x7f00000004c0)=0x0) r1 = eventfd(0x0) r2 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) io_submit(r0, 0x1, &(0x7f00000019c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x1, r1}]) [ 3220.322899][T30345] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. 00:50:54 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000003dc0)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a0514bdce341800000000000000000900010073797a30000000002c000000080a01020000100000000069ed0000000900010073797a30000000000900029a501e9bc7f0e0956f97fe30000000001400000011000200004469c8d54ac3e82c55fd4a2b101b4dbd86a3ca8cf011f5609283eac77344c925afa5927149f06bcf613d022fa0c235a4a6435464951a7eb82dd2d0b84311ce16cdd64249649e2a9111e1403858bd28c91ef8f2d5cf13d9beadadc69eee7c23a28965866fe342875ee8ad109dc4d1bdba28b0d6eb4d5c"], 0x74}}, 0x0) [ 3220.420042][T30346] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. 00:50:57 executing program 4: r0 = socket$vsock_stream(0x28, 0x1, 0x0) setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r0, 0x28, 0x0, &(0x7f00000000c0), 0x8) 00:50:57 executing program 1: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0xd1, &(0x7f00000000c0)=0xffff, 0x4) setsockopt$inet6_MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f0000003840)={{0xa, 0x0, 0x0, @dev}, {0xa, 0x0, 0x0, @mcast2}}, 0x5c) 00:50:57 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000003dc0)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a0514bdce341800000000000000000900010073797a30000000002c000000080a01020000100000000069ed0000000900010073797a30000000000900029a501e9bc7f0e0956f97fe30000000001400000011000200004469c8d54ac3e82c55fd4a2b101b4dbd86a3ca8cf011f5609283eac77344c925afa5927149f06bcf613d022fa0c235a4a6435464951a7eb82dd2d0b84311ce16cdd64249649e2a9111e1403858bd28c91ef8f2d5cf13d9beadadc69eee7c23a28965866fe342875ee8ad109dc4d1bdba28b0d6eb4d5c"], 0x74}}, 0x0) 00:50:57 executing program 0: io_setup(0x1ff, &(0x7f00000004c0)=0x0) r1 = eventfd(0x0) r2 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) io_submit(r0, 0x1, &(0x7f00000019c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x1, r1}]) 00:50:57 executing program 5: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'\x00', 0x2}) ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000040)={'nr0\x00', 0x400}) 00:50:57 executing program 1: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0xd1, &(0x7f00000000c0)=0xffff, 0x4) setsockopt$inet6_MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f0000003840)={{0xa, 0x0, 0x0, @dev}, {0xa, 0x0, 0x0, @mcast2}}, 0x5c) 00:50:57 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000003dc0)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a0514bdce341800000000000000000900010073797a30000000002c000000080a01020000100000000069ed0000000900010073797a30000000000900029a501e9bc7f0e0956f97fe30000000001400000011000200004469c8d54ac3e82c55fd4a2b101b4dbd86a3ca8cf011f5609283eac77344c925afa5927149f06bcf613d022fa0c235a4a6435464951a7eb82dd2d0b84311ce16cdd64249649e2a9111e1403858bd28c91ef8f2d5cf13d9beadadc69eee7c23a28965866fe342875ee8ad109dc4d1bdba28b0d6eb4d5c"], 0x74}}, 0x0) 00:50:57 executing program 4: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0xd1, &(0x7f00000000c0)=0xffff, 0x4) setsockopt$inet6_MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f0000003840)={{0xa, 0x0, 0x0, @dev}, {0xa, 0x0, 0x0, @mcast2}}, 0x5c) 00:50:58 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4) connect$inet(r0, &(0x7f0000000240)={0x2, 0x0, @loopback}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0xc, &(0x7f0000000040)=0x100000001, 0x4) 00:50:59 executing program 3: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @local}, 0xc) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f00000000c0)={@multicast1, @local, 0x0, 0x1, [@multicast1]}, 0x14) setsockopt$inet_mreqn(r0, 0x0, 0x26, &(0x7f0000000080)={@multicast1, @local}, 0xc) 00:50:59 executing program 1: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0xd1, &(0x7f00000000c0)=0xffff, 0x4) setsockopt$inet6_MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f0000003840)={{0xa, 0x0, 0x0, @dev}, {0xa, 0x0, 0x0, @mcast2}}, 0x5c) 00:50:59 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000003dc0)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a0514bdce341800000000000000000900010073797a30000000002c000000080a01020000100000000069ed0000000900010073797a30000000000900029a501e9bc7f0e0956f97fe30000000001400000011000200004469c8d54ac3e82c55fd4a2b101b4dbd86a3ca8cf011f5609283eac77344c925afa5927149f06bcf613d022fa0c235a4a6435464951a7eb82dd2d0b84311ce16cdd64249649e2a9111e1403858bd28c91ef8f2d5cf13d9beadadc69eee7c23a28965866fe342875ee8ad109dc4d1bdba28b0d6eb4d5c"], 0x74}}, 0x0) 00:50:59 executing program 4: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0xd1, &(0x7f00000000c0)=0xffff, 0x4) setsockopt$inet6_MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f0000003840)={{0xa, 0x0, 0x0, @dev}, {0xa, 0x0, 0x0, @mcast2}}, 0x5c) 00:50:59 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='hugetlbfs\x00', 0x0, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000002c0)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) syz_mount_image$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0xc864, &(0x7f0000000180)={[{@gid={'gid', 0x3d, r2}}]}) 00:50:59 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) sendmsg$NL80211_CMD_GET_KEY(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[]}}, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socketpair$unix(0x1, 0x0, 0x0, 0x0) ioctl$DRM_IOCTL_MODE_SETGAMMA(0xffffffffffffffff, 0xc02064a5, &(0x7f0000000300)={0x0, 0x0, 0x0, &(0x7f00000001c0), 0x0}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f00000000c0)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:50:59 executing program 1: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0xd1, &(0x7f00000000c0)=0xffff, 0x4) setsockopt$inet6_MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f0000003840)={{0xa, 0x0, 0x0, @dev}, {0xa, 0x0, 0x0, @mcast2}}, 0x5c) 00:50:59 executing program 2: mmap(&(0x7f0000ff0000/0x10000)=nil, 0x10000, 0x0, 0x10, 0xffffffffffffffff, 0x0) socket$packet(0x11, 0x0, 0x300) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, 0x0, 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_UNIMAP(r0, 0x4b67, &(0x7f00000002c0)={0x6, &(0x7f0000000280)=[{}, {}, {0x2}, {0x408, 0x1}, {0x0, 0x8000}, {0x7f}]}) 00:50:59 executing program 4: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0xd1, &(0x7f00000000c0)=0xffff, 0x4) setsockopt$inet6_MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f0000003840)={{0xa, 0x0, 0x0, @dev}, {0xa, 0x0, 0x0, @mcast2}}, 0x5c) 00:51:00 executing program 1: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) getpgrp(0x0) getpgid(0x0) syz_open_dev$sndseq(0x0, 0x0, 0x0) r1 = syz_open_dev$vcsa(&(0x7f0000000080)='/dev/vcsa#\x00', 0x70, 0x0) lseek(r1, 0x0, 0x0) r2 = openat$vicodec0(0xffffffffffffff9c, 0x0, 0x2, 0x0) lseek(0xffffffffffffffff, 0x0, 0x0) lseek(0xffffffffffffffff, 0x0, 0x0) ppoll(&(0x7f0000000540)=[{0xffffffffffffffff, 0x100}, {r1, 0xc100}, {0xffffffffffffffff, 0x2021}, {r2, 0xc001}, {0xffffffffffffffff, 0x2000}, {0xffffffffffffffff, 0xc000}], 0x6, &(0x7f0000000280), 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$kcm(0x11, 0xa, 0x300) ioctl$sock_kcm_SIOCKCMUNATTACH(r3, 0x5452, &(0x7f0000000040)) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000580)) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r4, &(0x7f0000000140)=ANY=[], 0xfef0) socket(0xa, 0x3, 0x8) r5 = gettid() waitid(0x83b895581628fca4, r5, 0x0, 0x2, &(0x7f0000000480)) memfd_create(0x0, 0x0) gettid() r6 = syz_open_dev$sg(&(0x7f0000001580)='/dev/sg#\x00', 0x0, 0x0) writev(r6, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c", 0x28}, {0x0}], 0x2) kcmp(0x0, 0x0, 0x0, 0xffffffffffffffff, r6) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000023c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000002380)='\x00'}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x17, &(0x7f0000000780)='cgroup.subtree_control\x00'}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={0x0, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000080)='\x00'}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={0x0, 0xffffffffffffffff, 0x0, 0x14, &(0x7f0000000180)='&$vboxnet1security!\x00'}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30) open(0x0, 0xe279a88a3b20cda9, 0x0) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) r7 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r7, &(0x7f0000000080)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r7, 0x0, 0x0, 0x200007fa, &(0x7f0000000140)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) setsockopt$SO_BINDTODEVICE(r7, 0x1, 0x19, &(0x7f0000000200)='sit0\x00', 0x10) r8 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x2, 0x105084) socket$inet_tcp(0x2, 0x1, 0x0) sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0) sendfile(r7, r8, 0x0, 0x102000004) 00:51:00 executing program 0: r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vcsa\x00', 0x41, 0x0) pwritev(r0, &(0x7f0000000700)=[{&(0x7f0000000480)="04", 0x1}], 0x1, 0x7fffffff) 00:51:00 executing program 2: mmap(&(0x7f0000ff0000/0x10000)=nil, 0x10000, 0x0, 0x10, 0xffffffffffffffff, 0x0) socket$packet(0x11, 0x0, 0x300) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, 0x0, 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_UNIMAP(r0, 0x4b67, &(0x7f00000002c0)={0x6, &(0x7f0000000280)=[{}, {}, {0x2}, {0x408, 0x1}, {0x0, 0x8000}, {0x7f}]}) 00:51:07 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/stat\x00') getdents(r0, &(0x7f0000000040)=""/46, 0x2e) getdents(r0, &(0x7f0000000000)=""/46, 0x2e) 00:51:07 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000100)={0x40000000, 0x0, &(0x7f00008feff0)={&(0x7f00000001c0)={0x2, 0xd, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1}}, @sadb_x_policy={0x8, 0x12, 0x2, 0x2, 0x0, 0x0, 0x0, {0x30, 0x32, 0xffffff03, 0x0, 0x0, 0x0, 0x0, @in6=@loopback, @in=@remote}}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1}}]}, 0x80}}, 0x0) 00:51:07 executing program 0: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='stat\x00') sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={0x0}}, 0x0) socket$inet(0x2, 0x0, 0x0) preadv(r0, &(0x7f0000000500), 0x69, 0x0) 00:51:07 executing program 2: mmap(&(0x7f0000ff0000/0x10000)=nil, 0x10000, 0x0, 0x10, 0xffffffffffffffff, 0x0) socket$packet(0x11, 0x0, 0x300) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, 0x0, 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_UNIMAP(r0, 0x4b67, &(0x7f00000002c0)={0x6, &(0x7f0000000280)=[{}, {}, {0x2}, {0x408, 0x1}, {0x0, 0x8000}, {0x7f}]}) 00:51:07 executing program 5: perf_event_open(&(0x7f00000012c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000029000/0x18000)=nil, &(0x7f0000000240)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0xffffffffffffffb5}], 0xaaaac44, 0x0, 0x0, 0xfffffe41) r3 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x80000000000002, &(0x7f0000000040)=0x74, 0x4) bind$inet(r3, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r3, 0x0, 0x33e, 0x200007ff, &(0x7f00000001c0)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000400)='bbr\x00', 0xb4) setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000080)=0xda9, 0x4) r4 = fcntl$dupfd(r3, 0x0, r3) write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000480)={0x8c, 0x18, 0xfa00, {0x0, &(0x7f0000000440), 0x0, 0x0, [0x9c00, 0x0, 0xa8, 0x0, 0x8400000000000000]}}, 0xfef5) ioctl$SIOCAX25DELFWD(r4, 0x89eb, &(0x7f00000001c0)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}}) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc5e]}) r5 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vcsu\x00', 0x101000, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r5, 0x84, 0x6b, &(0x7f00000003c0)=[@in6={0xa, 0x21df, 0x6, @loopback, 0x1}, @in={0x2, 0x4e20, @broadcast}, @in6={0xa, 0x4e24, 0x2, @remote, 0x60}, @in={0x2, 0x4e22, @broadcast}], 0x58) membarrier(0x10, 0x0) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000000)={0x0, @in={{0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x25}}}, 0x1, 0x92, 0x6, 0x6, 0xc3, 0x1, 0xe1}, &(0x7f0000000140)=0x9c) ioctl$KVM_GET_API_VERSION(r1, 0xae00, 0x0) 00:51:07 executing program 1: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) getpgrp(0x0) getpgid(0x0) syz_open_dev$sndseq(0x0, 0x0, 0x0) r1 = syz_open_dev$vcsa(&(0x7f0000000080)='/dev/vcsa#\x00', 0x70, 0x0) lseek(r1, 0x0, 0x0) r2 = openat$vicodec0(0xffffffffffffff9c, 0x0, 0x2, 0x0) lseek(0xffffffffffffffff, 0x0, 0x0) lseek(0xffffffffffffffff, 0x0, 0x0) ppoll(&(0x7f0000000540)=[{0xffffffffffffffff, 0x100}, {r1, 0xc100}, {0xffffffffffffffff, 0x2021}, {r2, 0xc001}, {0xffffffffffffffff, 0x2000}, {0xffffffffffffffff, 0xc000}], 0x6, &(0x7f0000000280), 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$kcm(0x11, 0xa, 0x300) ioctl$sock_kcm_SIOCKCMUNATTACH(r3, 0x5452, &(0x7f0000000040)) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000580)) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r4, &(0x7f0000000140)=ANY=[], 0xfef0) socket(0xa, 0x3, 0x8) r5 = gettid() waitid(0x83b895581628fca4, r5, 0x0, 0x2, &(0x7f0000000480)) memfd_create(0x0, 0x0) gettid() r6 = syz_open_dev$sg(&(0x7f0000001580)='/dev/sg#\x00', 0x0, 0x0) writev(r6, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c", 0x28}, {0x0}], 0x2) kcmp(0x0, 0x0, 0x0, 0xffffffffffffffff, r6) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000023c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000002380)='\x00'}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x17, &(0x7f0000000780)='cgroup.subtree_control\x00'}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={0x0, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000080)='\x00'}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={0x0, 0xffffffffffffffff, 0x0, 0x14, &(0x7f0000000180)='&$vboxnet1security!\x00'}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30) open(0x0, 0xe279a88a3b20cda9, 0x0) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) r7 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r7, &(0x7f0000000080)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r7, 0x0, 0x0, 0x200007fa, &(0x7f0000000140)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) setsockopt$SO_BINDTODEVICE(r7, 0x1, 0x19, &(0x7f0000000200)='sit0\x00', 0x10) r8 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x2, 0x105084) socket$inet_tcp(0x2, 0x1, 0x0) sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0) sendfile(r7, r8, 0x0, 0x102000004) 00:51:07 executing program 4: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000400)='/dev/sequencer2\x00', 0x280540, 0x0) bind$netrom(r0, 0x0, 0x0) 00:51:07 executing program 2: mmap(&(0x7f0000ff0000/0x10000)=nil, 0x10000, 0x0, 0x10, 0xffffffffffffffff, 0x0) socket$packet(0x11, 0x0, 0x300) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, 0x0, 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_UNIMAP(r0, 0x4b67, &(0x7f00000002c0)={0x6, &(0x7f0000000280)=[{}, {}, {0x2}, {0x408, 0x1}, {0x0, 0x8000}, {0x7f}]}) 00:51:07 executing program 0: syz_open_dev$binderN(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x0) r0 = syz_open_dev$binderN(0x0, 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000480)={0x4, 0x0, &(0x7f00000001c0)=[@register_looper={0x40406300}], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000180)={0x10, 0x0, &(0x7f00000000c0)=[@request_death], 0x0, 0x2000000, 0x0}) 00:51:07 executing program 4: syz_open_procfs(0x0, &(0x7f0000000080)='net/netfilter\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x10012, r0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/netfilter\x00') getdents(r1, &(0x7f0000032540)=""/102400, 0x19000) 00:51:07 executing program 1: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) getpgrp(0x0) getpgid(0x0) syz_open_dev$sndseq(0x0, 0x0, 0x0) r1 = syz_open_dev$vcsa(&(0x7f0000000080)='/dev/vcsa#\x00', 0x70, 0x0) lseek(r1, 0x0, 0x0) r2 = openat$vicodec0(0xffffffffffffff9c, 0x0, 0x2, 0x0) lseek(0xffffffffffffffff, 0x0, 0x0) lseek(0xffffffffffffffff, 0x0, 0x0) ppoll(&(0x7f0000000540)=[{0xffffffffffffffff, 0x100}, {r1, 0xc100}, {0xffffffffffffffff, 0x2021}, {r2, 0xc001}, {0xffffffffffffffff, 0x2000}, {0xffffffffffffffff, 0xc000}], 0x6, &(0x7f0000000280), 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$kcm(0x11, 0xa, 0x300) ioctl$sock_kcm_SIOCKCMUNATTACH(r3, 0x5452, &(0x7f0000000040)) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000580)) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r4, &(0x7f0000000140)=ANY=[], 0xfef0) socket(0xa, 0x3, 0x8) r5 = gettid() waitid(0x83b895581628fca4, r5, 0x0, 0x2, &(0x7f0000000480)) memfd_create(0x0, 0x0) gettid() r6 = syz_open_dev$sg(&(0x7f0000001580)='/dev/sg#\x00', 0x0, 0x0) writev(r6, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c", 0x28}, {0x0}], 0x2) kcmp(0x0, 0x0, 0x0, 0xffffffffffffffff, r6) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000023c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000002380)='\x00'}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x17, &(0x7f0000000780)='cgroup.subtree_control\x00'}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={0x0, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000080)='\x00'}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={0x0, 0xffffffffffffffff, 0x0, 0x14, &(0x7f0000000180)='&$vboxnet1security!\x00'}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30) open(0x0, 0xe279a88a3b20cda9, 0x0) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) r7 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r7, &(0x7f0000000080)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r7, 0x0, 0x0, 0x200007fa, &(0x7f0000000140)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) setsockopt$SO_BINDTODEVICE(r7, 0x1, 0x19, &(0x7f0000000200)='sit0\x00', 0x10) r8 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x2, 0x105084) socket$inet_tcp(0x2, 0x1, 0x0) sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0) sendfile(r7, r8, 0x0, 0x102000004) 00:51:08 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) close(r0) close(r1) pipe(&(0x7f0000000100)) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r2, &(0x7f00000003c0)={0x2, 0x4e23, @broadcast}, 0x10) sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) writev(r2, &(0x7f0000000440)=[{&(0x7f00000002c0)='\n', 0x1}], 0x1) splice(r2, 0x0, r1, 0x0, 0xc0, 0x0) close(r0) close(r1) 00:51:12 executing program 3: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000000)={0x507, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x2, 0x400000000000003, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @ipv4={[0x300000000000000, 0x0, 0x0, 0x6000000, 0x0, 0x0, 0x6000000, 0x40030000000000]}}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x16}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @mcast2}}]}, 0x70}}, 0x0) 00:51:12 executing program 4: syz_open_procfs(0x0, &(0x7f0000000080)='net/netfilter\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x10012, r0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/netfilter\x00') getdents(r1, &(0x7f0000032540)=""/102400, 0x19000) 00:51:12 executing program 0: r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video36\x00', 0x2, 0x0) ioctl$VIDIOC_QUERYBUF(r0, 0xc0585609, &(0x7f0000000080)={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "a14b91b1"}, 0x0, 0x0, @fd}) 00:51:12 executing program 1: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) getpgrp(0x0) getpgid(0x0) syz_open_dev$sndseq(0x0, 0x0, 0x0) r1 = syz_open_dev$vcsa(&(0x7f0000000080)='/dev/vcsa#\x00', 0x70, 0x0) lseek(r1, 0x0, 0x0) r2 = openat$vicodec0(0xffffffffffffff9c, 0x0, 0x2, 0x0) lseek(0xffffffffffffffff, 0x0, 0x0) lseek(0xffffffffffffffff, 0x0, 0x0) ppoll(&(0x7f0000000540)=[{0xffffffffffffffff, 0x100}, {r1, 0xc100}, {0xffffffffffffffff, 0x2021}, {r2, 0xc001}, {0xffffffffffffffff, 0x2000}, {0xffffffffffffffff, 0xc000}], 0x6, &(0x7f0000000280), 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$kcm(0x11, 0xa, 0x300) ioctl$sock_kcm_SIOCKCMUNATTACH(r3, 0x5452, &(0x7f0000000040)) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000580)) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r4, &(0x7f0000000140)=ANY=[], 0xfef0) socket(0xa, 0x3, 0x8) r5 = gettid() waitid(0x83b895581628fca4, r5, 0x0, 0x2, &(0x7f0000000480)) memfd_create(0x0, 0x0) gettid() r6 = syz_open_dev$sg(&(0x7f0000001580)='/dev/sg#\x00', 0x0, 0x0) writev(r6, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c", 0x28}, {0x0}], 0x2) kcmp(0x0, 0x0, 0x0, 0xffffffffffffffff, r6) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000023c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000002380)='\x00'}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x17, &(0x7f0000000780)='cgroup.subtree_control\x00'}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={0x0, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000080)='\x00'}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={0x0, 0xffffffffffffffff, 0x0, 0x14, &(0x7f0000000180)='&$vboxnet1security!\x00'}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30) open(0x0, 0xe279a88a3b20cda9, 0x0) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) r7 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r7, &(0x7f0000000080)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r7, 0x0, 0x0, 0x200007fa, &(0x7f0000000140)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) setsockopt$SO_BINDTODEVICE(r7, 0x1, 0x19, &(0x7f0000000200)='sit0\x00', 0x10) r8 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x2, 0x105084) socket$inet_tcp(0x2, 0x1, 0x0) sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0) sendfile(r7, r8, 0x0, 0x102000004) 00:51:12 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCADDRT(r0, 0x890b, &(0x7f0000000240)={0x0, @l2tp={0x2, 0x0, @dev}, @sco, @xdp}) 00:51:12 executing program 5: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={0x0, &(0x7f0000000280)=""/237, 0x0, 0xed}, 0x20) 00:51:12 executing program 2: recvmmsg(0xffffffffffffffff, &(0x7f0000005280)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000d80)=""/51, 0x33}], 0x1}}], 0x1, 0x0, 0x0) socketpair(0x8000000000001e, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$alg(r0, &(0x7f0000003240), 0x492492492492619, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) dup2(r2, r1) 00:51:12 executing program 0: r0 = socket$inet(0x2, 0x1, 0x0) r1 = dup(r0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e23, @broadcast}, 0x10) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f00000001c0)=0x21d, 0x4) connect$inet(r0, &(0x7f0000000780)={0x2, 0x4e23}, 0x10) write$P9_RXATTRWALK(r1, &(0x7f0000000180)={0xf}, 0xf) recvfrom(r0, 0x0, 0x291, 0x2000, 0x0, 0x47) 00:51:12 executing program 4: syz_open_procfs(0x0, &(0x7f0000000080)='net/netfilter\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x10012, r0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/netfilter\x00') getdents(r1, &(0x7f0000032540)=""/102400, 0x19000) 00:51:12 executing program 0: r0 = socket$inet_dccp(0x2, 0x6, 0x0) openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000040)=ANY=[], 0xfea7) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r1, 0x0) getsockopt$inet_int(r0, 0x10d, 0xe4, 0x0, &(0x7f0000000080)) 00:51:12 executing program 5: r0 = perf_event_open(&(0x7f0000000000)={0x1000000002, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r0, 0x4008240b, &(0x7f00000001c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}) 00:51:13 executing program 4: syz_open_procfs(0x0, &(0x7f0000000080)='net/netfilter\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x10012, r0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/netfilter\x00') getdents(r1, &(0x7f0000032540)=""/102400, 0x19000) 00:51:18 executing program 2: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000000b06010200800000b9000000040004000900020073797a3200000000100007800c00018008000140ac0514aa050001"], 0x1}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe3, 0x0) 00:51:18 executing program 3: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000000)={0x507, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x2, 0x400000000000003, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @ipv4={[0x300000000000000, 0x0, 0x0, 0x6000000, 0x0, 0x0, 0x6000000, 0x40030000000000]}}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x16}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @mcast2}}]}, 0x70}}, 0x0) 00:51:18 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000003dc0)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x1405, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x20, 0x2, 0xa, 0x305, 0x0, 0x0, {0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x68}}, 0x0) 00:51:18 executing program 4: socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$sock(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000018c0)=[{&(0x7f0000000100)="c1", 0x20000101}], 0x1}, 0x0) dup2(r1, r0) 00:51:18 executing program 0: r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f0000000080)="1b0000001a005f0014f9f407000904000200000000000000010000", 0x1b) 00:51:18 executing program 5: keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_new={'new ', 'default', 0x20, 'user:', 'em1', 0x20, 0xffffffffffffffd0}, 0x2a, 0xfffffffffffffffd) add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180)={'syz'}, &(0x7f0000000100), 0x1f1, 0xfffffffffffffffe) 00:51:19 executing program 1: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd2(0x0, 0x0) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000080)=r1) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)) 00:51:19 executing program 0: r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f0000000080)="1b0000001a005f0014f9f407000904000200000000000000010000", 0x1b) 00:51:19 executing program 4: pipe2(&(0x7f0000000140)={0xffffffffffffffff}, 0x0) io_setup(0x8000000000000002, &(0x7f0000000480)=0x0) r2 = socket$packet(0x11, 0x3, 0x300) io_submit(r1, 0x2, &(0x7f0000000600)=[&(0x7f00000014c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0}, &(0x7f0000000540)={0x0, 0x0, 0xcc, 0x8, 0x0, r2, 0x0, 0x202}]) 00:51:19 executing program 2: pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000001400000a20000000000a0103000000000000000002000000090001007379565a868100002c000000030adf040000000000000000020000000900010073797a3000000000090003000805ffffef00000018010000080a0500000000006a00000002000009090001"], 0x1}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) 00:51:19 executing program 0: r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f0000000080)="1b0000001a005f0014f9f407000904000200000000000000010000", 0x1b) 00:51:19 executing program 1: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd2(0x0, 0x0) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000080)=r1) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)) 00:51:19 executing program 4: r0 = socket(0x10, 0x3, 0x0) recvfrom$inet(r0, 0x0, 0x0, 0x103, 0x0, 0x0) 00:51:24 executing program 3: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000000)={0x507, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x2, 0x400000000000003, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @ipv4={[0x300000000000000, 0x0, 0x0, 0x6000000, 0x0, 0x0, 0x6000000, 0x40030000000000]}}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x16}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @mcast2}}]}, 0x70}}, 0x0) 00:51:24 executing program 0: r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f0000000080)="1b0000001a005f0014f9f407000904000200000000000000010000", 0x1b) 00:51:24 executing program 5: r0 = epoll_create1(0x0) r1 = epoll_create1(0x0) close(r0) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x0, @loopback}, 0x10) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000780)) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000180)) 00:51:24 executing program 2: r0 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x4000001) 00:51:24 executing program 1: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd2(0x0, 0x0) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000080)=r1) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)) 00:51:24 executing program 4: modify_ldt$write2(0x11, &(0x7f00000000c0)={0x401}, 0x10) modify_ldt$write2(0x11, &(0x7f00000014c0), 0x10) 00:51:24 executing program 0: r0 = socket(0x11, 0x800000003, 0x0) bind(r0, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) bind$packet(r0, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x14) 00:51:24 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000280)={'macsec0\x00', &(0x7f0000001300)=@ethtool_rxnfc={0x32, 0x0, 0x0, {0x0, @udp_ip6_spec={@remote, @local}, {0x0, @remote}, @esp_ip6_spec={@empty, @loopback}, {0x0, @link_local}}}}) 00:51:24 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)={0x14, 0x13, 0xa, 0x301, 0x0, 0x0, {0xc}}, 0x14}}, 0x0) 00:51:24 executing program 1: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd2(0x0, 0x0) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000080)=r1) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)) 00:51:24 executing program 2: syz_open_dev$binderN(&(0x7f0000000280)='/dev/binder#\x00', 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) syz_open_dev$sndseq(0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc(0x0) socket$netlink(0x10, 0x3, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r0+30000000}, 0x0) 00:51:24 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)={0x14, 0x13, 0xa, 0x301, 0x0, 0x0, {0xc}}, 0x14}}, 0x0) 00:51:29 executing program 3: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000000)={0x507, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x2, 0x400000000000003, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @ipv4={[0x300000000000000, 0x0, 0x0, 0x6000000, 0x0, 0x0, 0x6000000, 0x40030000000000]}}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x16}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @mcast2}}]}, 0x70}}, 0x0) 00:51:29 executing program 0: r0 = socket(0x11, 0x800000003, 0x0) bind(r0, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) bind$packet(r0, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x14) 00:51:29 executing program 1: syz_mount_image$hfs(&(0x7f00000001c0)='hfs\x00', &(0x7f0000000300)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a40)={[{@type={'type', 0x3d, "5761f4a5"}}]}) 00:51:29 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)={0x14, 0x13, 0xa, 0x301, 0x0, 0x0, {0xc}}, 0x14}}, 0x0) 00:51:29 executing program 2: mkdir(&(0x7f0000000740)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000180)='tmpfs\x00', 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='mounts\x00') sendfile(r0, r0, &(0x7f0000000180)=0x74000000, 0x5) 00:51:29 executing program 5: r0 = socket(0x10, 0x803, 0x0) getsockopt$SO_BINDTODEVICE(r0, 0x1, 0xa, &(0x7f0000000000), 0x20a154cc) 00:51:30 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)={0x14, 0x13, 0xa, 0x301, 0x0, 0x0, {0xc}}, 0x14}}, 0x0) 00:51:30 executing program 0: r0 = socket(0x11, 0x800000003, 0x0) bind(r0, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) bind$packet(r0, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x14) 00:51:30 executing program 1: r0 = syz_open_dev$sndtimer(&(0x7f0000000080)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000029fcc)={{0x0, 0x2, 0x0, 0xffefffffffffffff}}) r1 = syz_open_dev$sndtimer(0x0, 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f0000029fcc)={{0x0, 0x2}}) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x0, 0x0) 00:51:30 executing program 2: mkdir(&(0x7f0000000740)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000180)='tmpfs\x00', 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='mounts\x00') sendfile(r0, r0, &(0x7f0000000180)=0x74000000, 0x5) 00:51:30 executing program 4: mlock(&(0x7f0000001000/0x2000)=nil, 0x800000) msync(&(0x7f0000006000/0x1000)=nil, 0x1000, 0x2) 00:51:30 executing program 0: r0 = socket(0x11, 0x800000003, 0x0) bind(r0, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) bind$packet(r0, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x14) 00:51:36 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x8}, 0x37a) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@mpls_getroute={0x1c, 0x1a, 0xffffff1f, 0x0, 0x0, {0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}}, 0x1c}}, 0x0) 00:51:36 executing program 2: mkdir(&(0x7f0000000740)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000180)='tmpfs\x00', 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='mounts\x00') sendfile(r0, r0, &(0x7f0000000180)=0x74000000, 0x5) 00:51:36 executing program 1: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000640)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0x6, [@typedef={0x4, 0x0, 0x0, 0x7}, @int={0x0, 0x0, 0x0, 0x1, 0x5, 0x10}, @union={0x0, 0x1, 0x0, 0x5, 0x1, 0x0, [{0x0, 0x2}]}]}, {0x0, [0x0, 0x0, 0x0, 0xda]}}, &(0x7f0000000340)=""/142, 0x52, 0x8e, 0x8}, 0x20) 00:51:36 executing program 0: mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x31, 0xffffffffffffffff, 0x0) mlockall(0x5) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x0, 0x0) 00:51:36 executing program 4: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x220007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) recvmmsg(r0, &(0x7f0000005540)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f4}}], 0x1, 0x0, 0x0) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860f46ef65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95c25a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x170) [ 3262.301773][ T639] BPF: (anon) type_id=2 bitfield_size=0 bits_offset=0 [ 3262.309324][ T639] BPF: [ 3262.312158][ T639] BPF:Member exceeds struct_size [ 3262.317304][ T639] BPF: [ 3262.317304][ T639] [ 3262.431413][ T639] BPF: (anon) type_id=2 bitfield_size=0 bits_offset=0 [ 3262.438721][ T639] BPF: [ 3262.441556][ T639] BPF:Member exceeds struct_size [ 3262.446695][ T639] BPF: [ 3262.446695][ T639] 00:51:36 executing program 4: r0 = syz_open_dev$loop(&(0x7f0000000180)='/dev/loop#\x00', 0x0, 0x0) ioctl$BLKRESETZONE(r0, 0x40101283, 0x0) 00:51:36 executing program 2: mkdir(&(0x7f0000000740)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000180)='tmpfs\x00', 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='mounts\x00') sendfile(r0, r0, &(0x7f0000000180)=0x74000000, 0x5) 00:51:36 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) recvmmsg(r0, &(0x7f0000000740)=[{{0x0, 0x0, 0x0}}], 0x1, 0x41, &(0x7f00000007c0)) 00:51:37 executing program 4: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000280)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000000c0)={0xffffffffffffffff}, 0x106}}, 0x20) write$RDMA_USER_CM_CMD_QUERY(r0, &(0x7f0000000040)={0x13, 0x10, 0xfa00, {&(0x7f0000000480), r1, 0x2}}, 0x18) 00:51:37 executing program 1: mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1, 0xa8072, 0xffffffffffffffff, 0x0) futex(&(0x7f0000000040), 0x0, 0x0, 0x0, 0x0, 0x0) 00:51:37 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x8c}, [@ldst={0x0, 0x0, 0x2}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x1}, 0x48) 00:51:37 executing program 0: r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000580)='TIPCv2\x00') r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_PUBL_GET(r1, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x18, r0, 0xf591d3ee456bd401, 0x0, 0x0, {0x2}, [@TIPC_NLA_BEARER={0x4}]}, 0x18}}, 0x0) 00:51:37 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_UNBLANKSCREEN(r0, 0x541c, &(0x7f0000000080)) 00:51:37 executing program 1: r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) fcntl$lock(r0, 0x5, &(0x7f0000000000)={0x0, 0x1, 0x81, 0xffffffffffffff7f}) 00:51:37 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_UNBLANKSCREEN(r0, 0x541c, &(0x7f0000000080)) 00:51:37 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000004c0)='./file0\x00', 0x0, 0x7a04, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000080)='cpuset.memory_spread_page\x00', 0x2, 0x0) writev(r1, &(0x7f0000000380)=[{&(0x7f0000000140)='2', 0x1}, {&(0x7f0000000180)='e', 0x1}], 0x2) 00:51:37 executing program 1: r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) fcntl$lock(r0, 0x5, &(0x7f0000000000)={0x0, 0x1, 0x81, 0xffffffffffffff7f}) 00:51:37 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_UNBLANKSCREEN(r0, 0x541c, &(0x7f0000000080)) 00:51:38 executing program 1: r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) fcntl$lock(r0, 0x5, &(0x7f0000000000)={0x0, 0x1, 0x81, 0xffffffffffffff7f}) 00:51:38 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_UNBLANKSCREEN(r0, 0x541c, &(0x7f0000000080)) 00:51:38 executing program 0: r0 = socket(0x11, 0x800000003, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=@ipv4_newroute={0xa0, 0x18, 0x0, 0x0, 0x0, {}, [@RTA_MARK={0x8}, @RTA_PREFSRC={0x8, 0x7, @multicast2}, @RTA_IIF={0x8}, @RTA_PRIORITY={0x8}, @RTA_ENCAP={0x10, 0x16, 0x0, 0x1, @typed={0x9, 0x0, 0x0, 0x0, @str='em0/\x00'}}, @RTA_IIF={0x8}, @RTA_ENCAP_TYPE={0x6}, @RTA_METRICS={0x41, 0x8, 0x0, 0x1, "f62d23dba3e033996e7d29731fd7a7ea20f021e221b3994fa6b435d52138e8359d4a1e851bb3afad6676cd1de0889410d0b3a01552840ddb7fec840c0f"}]}, 0xa0}}, 0x0) bind(r0, &(0x7f0000000400)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e1eba000000012e0b3836005404b0301a4ce8b7679500800000000000000101013c5811039e15775027ec8f66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2a95400"}, 0x80) getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000140)=0x14) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000100)={@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, r1}, 0xc) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x23, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0) 00:51:38 executing program 1: r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) fcntl$lock(r0, 0x5, &(0x7f0000000000)={0x0, 0x1, 0x81, 0xffffffffffffff7f}) 00:51:38 executing program 5: clone(0x8100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct={0x0, 0x3, 0x0, 0x6}]}}, &(0x7f00000002c0)=""/236, 0x26, 0xec, 0x8}, 0x20) 00:51:38 executing program 0: syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)) [ 3264.606302][ T1309] BPF:[1] ENUM (anon) [ 3264.610449][ T1309] BPF: [ 3264.613271][ T1309] BPF:meta_left:0 meta_needed:24 [ 3264.618624][ T1309] BPF: [ 3264.618624][ T1309] 00:51:38 executing program 0: open(&(0x7f00000000c0)='./file0\x00', 0x1ada42, 0x0) setsockopt$inet_sctp_SCTP_RECVRCVINFO(0xffffffffffffffff, 0x84, 0x20, &(0x7f0000000080)=0x2, 0x4) r0 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setresgid(0x0, 0x0, r1) setfsgid(r1) setfsgid(r1) syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f00000001c0)='./file0\x00', 0x8, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="7336e0dd4f5ef392e97416b2f75c9dfe", 0x10, 0x2}, {&(0x7f0000000240)="b4f789c623ddf8438ff454671c2d1cb9e147bca2d5a3dd1d4010129577848cc28a98c942db15ad707c2f7502fcee139b0be5e7b8a02b6dd519a05743596834994a14149aec6559122ca7758000d00b0b024bbd2752e477aa0327852a586d402192819946da82c87f9584478acb72f6f5dacefa1d07b90af48b32d383367cfbb706616e54957301c9bac1b20d0da0113500ca79a5e92f4e4cb1f86789d3d98383792a16", 0xa3, 0x4}], 0x1, &(0x7f0000000340)={[{@map_off='map=off'}, {@nojoliet='nojoliet'}, {@sbsector={'sbsector', 0x3d, 0x9}}, {@gid={'gid', 0x3d, r1}}], [{@obj_role={'obj_role', 0x3d, '/dev/dmmidi#\x00'}}]}) memfd_create(&(0x7f0000000040)='/s\xcb2\x1d\b\x00\xe8\xdc[\x17\x8b\xb2\xf7W\xf0hW\xdd\xbd\xc8k\xc0\xa5velin', 0x0) syz_open_dev$dmmidi(&(0x7f0000000100)='/dev/dmmidi#\x00', 0x8, 0x200200) 00:51:38 executing program 5: r0 = creat(&(0x7f0000000280)='./file0\x00', 0x0) close(r0) socket$caif_seqpacket(0x25, 0x5, 0x0) timerfd_create(0x0, 0x0) socket$l2tp6(0xa, 0x2, 0x73) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r1, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r1) r2 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r2, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r2) r3 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r3, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) r4 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) close(r4) 00:51:38 executing program 0: r0 = creat(&(0x7f0000000280)='./file0\x00', 0x0) close(r0) socket$caif_seqpacket(0x25, 0x5, 0x0) timerfd_create(0x0, 0x0) socket$l2tp6(0xa, 0x2, 0x73) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r1, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r1) r2 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r2, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r2) r3 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r3, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) r4 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) close(r4) [ 3264.774434][ T32] audit: type=1800 audit(1583542298.829:506): pid=1316 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="sda1" ino=17002 res=0 00:51:39 executing program 5: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x540, 0x0) ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000040)={{0x2, 0x4e21, @loopback}, {0x306}, 0x10, {0x2, 0x4e22, @broadcast}, 'dummy0\x00'}) r1 = syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0xff, 0x8680) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000100)={0x6, 0x8, 0x5, 0x5, 0x6, [{0x9, 0x9, 0xed, [], 0x80}, {0x9, 0x9, 0x3, [], 0x104}, {0x2, 0x7, 0xff, [], 0x9}, {0x40, 0x2, 0x7, [], 0x250c}, {0xf3, 0x3f, 0x0, [], 0x100}, {0x100, 0x7, 0x1ff, [], 0x82}]}) r2 = syz_open_dev$mice(&(0x7f0000000280)='/dev/input/mice\x00', 0x0, 0x100) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f00000002c0)={0x7f, 0x8202, 0x800, 0x40, 0x0}, &(0x7f0000000300)=0x10) setsockopt$inet_sctp_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f0000000340)={r3, 0x3}, 0x8) stat(&(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000004c0)={{{@in=@local, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in=@multicast1}}, &(0x7f00000005c0)=0xe4) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000600)={r4, 0x1, 0x6}, 0x10) openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) mmap$perf(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x100013, r2, 0x0) fstat(0xffffffffffffffff, &(0x7f0000000680)) semctl$GETPID(0x0, 0x4, 0xb, &(0x7f0000001180)=""/9) 00:51:39 executing program 0 (fault-call:0 fault-nth:0): syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={[], [{@obj_role={'obj_role', 0x3d, '/dev/dmmidi#\x00'}}]}) 00:51:39 executing program 0: syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="6f626a5f726f6c653d2f646576aedd1e4ca61d714cecd954"]) r0 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r0, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r0) write$P9_RREADDIR(r0, &(0x7f0000000000)={0xb2, 0x29, 0x2, {0xffffffff, [{{0x10}, 0x7, 0x3b, 0x7, './file0'}, {{0x20, 0x2, 0x6}, 0x7ff, 0x7, 0x7, './file0'}, {{0x1, 0x4, 0x7}, 0xefd, 0x3f, 0x7, './file0'}, {{0x2, 0x3, 0x1}, 0x5, 0x1, 0xd, './file0/file0'}, {{0x80, 0x0, 0x1}, 0x101, 0x0, 0xd, './file0/file0'}]}}, 0xb2) [ 3265.114517][ T32] audit: type=1400 audit(1583542299.169:507): avc: denied { map } for pid=1323 comm="syz-executor.5" path="/dev/input/mice" dev="devtmpfs" ino=900 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:mouse_device_t:s0 tclass=chr_file permissive=1 00:51:39 executing program 5 (fault-call:0 fault-nth:0): semctl$GETPID(0x0, 0x0, 0xb, 0x0) 00:51:39 executing program 0: socketpair$unix(0x1, 0x5, 0x0, 0x0) unshare(0x0) perf_event_open(&(0x7f0000000140)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r0, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r0) ioctl$KVM_SET_XCRS(r0, 0x4188aea7, &(0x7f0000000080)={0x0, 0x5}) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) add_key(&(0x7f0000000280)='asymmetric\x00', 0x0, &(0x7f0000000300)="fc", 0x1, 0xfffffffffffffffc) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) getpid() setns(0xffffffffffffffff, 0x0) syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f00000001c0)='./file0\x00', 0x80, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="6f626a5f726f6c653d2f6465762f646d6d69646923002c00eb02787e7be1f412898c972845b89e5a9c6b43c91edb7aeab4824d948caab528b2ac50baf9740886f8b98308944a"]) 00:51:39 executing program 5: semctl$GETPID(0x0, 0x0, 0xb, 0x0) r0 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r0, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r0) write$selinux_create(r0, &(0x7f0000000000)=@objname={'system_u:object_r:agp_device_t:s0', 0x20, '/usr/sbin/cups-browsed', 0x20, 0xffffffffffff8f33, 0x20, './file0\x00'}, 0x56) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r2, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r2) bind$inet(r2, &(0x7f00000001c0)={0x2, 0x4e23, @remote}, 0x10) r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000000)='batadv\x00') r4 = socket$netlink(0x10, 0x3, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x2a9, &(0x7f0000000000)={&(0x7f00000007c0)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r6, @ANYBLOB="000000000000000028001200090001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="0000b200000000008cae6525c5891c2750b69b6fc7bb9b69b7e40e37fbe7a1de68a96e03be094b5dd3a217667da12a6d56ce0f3196b138bd560e546247924c400362bfb13db1f3a3039b57c2c77d8046334b65113c055c1b38f630eabbabc062a8911c94fbf456a08f4cd0b0e0e1ca90ccfe418dba559c4ff973cb60f3830e1f265b9bfa66f1feca43c6912ec8fdb4e02ec481ff465d05f976a5121e1be286f121754b65ed5def3c230b3d7e9e89f1840ab0be530593f5d20e4f2a41b0ed4d301307ccdfb74210856ae1e8d72e80d8df918357e117e36f78189f7582908f8ff64970736244e17a70205d7fc32d49a488332521e3cd2c64d8715557d52c4e54be3a2a326cfe017e37af859f49320a5c1e944173405c0e5c9300615ba62b5324633b0e1c6210d8a2ab576df714b74393"], 0x48}}, 0x0) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000002c0)={0x1c, r3, 0x301, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r6}]}, 0x1c}}, 0x0) sendmsg$BATADV_CMD_SET_HARDIF(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x54, r3, 0x2, 0x70bd29, 0x25dfdbfb, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x40}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x5}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x10000000}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0xc17}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x2}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}]}, 0x54}, 0x1, 0x0, 0x0, 0x8010}, 0x20002840) 00:51:39 executing program 0: syz_genetlink_get_family_id$tipc2(&(0x7f0000000000)='TIPCv2\x00') syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={[], [{@obj_role={'obj_role', 0x3d, '/dev/dmmidi#\x00'}}]}) 00:51:39 executing program 0: syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="6f626a5f726f6c653d2f6465762f646d6d69646123002c00d8ac02cdabe84baaf7f29f60a6fd8d8468565119bf3e34f4d58fe656df700032b7609fc686a8536d5fb1de6ca8ab2ecdec23f6b02719cf68027abde06979c4e9caea77e7a0c4ae1219c2aff1de6ed0bbce0953ff7dbe43c33e307a3ff32f7d9e853d1012fd71377d2533fff5e8de4141309fe858c1eb01890b92783f625da7fa137e2df05dca8c1711646d9cef44abab6f5560b145a266d63d76eb708b717c97589d7114eb5a087edbe8e028eed4f096b2a3df907b698db9e8892cfd63041fc7fdcbc1df61bcf3027d22f35995407817"]) r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0xa00, 0x0) setsockopt$pppl2tp_PPPOL2TP_SO_LNSMODE(r0, 0x111, 0x4, 0x0, 0x4) statfs(&(0x7f0000000040)='./file0\x00', &(0x7f0000000380)=""/4096) 00:51:39 executing program 5: r0 = semget$private(0x0, 0x2000000010a, 0x390) r1 = semget$private(0x0, 0x2000000010a, 0x0) semctl$SETALL(r1, 0x0, 0x11, 0x0) semctl$SETALL(r1, 0x0, 0x11, 0x0) semctl$GETPID(r0, 0x4, 0xb, 0x0) 00:51:40 executing program 0: r0 = msgget(0x0, 0x48) stat(&(0x7f0000000000)='./file1\x00', &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0}) statx(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x800, 0x4, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r3 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setresgid(0x0, 0x0, r4) setfsgid(r4) setfsgid(r4) r5 = gettid() tkill(r5, 0x13) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r5, 0xffffffffffffffff, 0x0, 0x9, &(0x7f0000000100)='+keyring\x00'}, 0x30) msgctl$IPC_SET(r0, 0x1, &(0x7f0000000380)={{0x1, r1, r2, 0xffffffffffffffff, r4, 0x40, 0x595}, 0x0, 0x0, 0x5, 0xdc, 0x1, 0x8001, 0x1ff, 0x5, 0x1, 0x5, r6}) syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='obj_rolg=/dev/dmmidi#\x00,\x00']) 00:51:40 executing program 5: semget$private(0x0, 0x4, 0x10) semget(0x3, 0x2, 0x2) semget$private(0x0, 0x0, 0x22) r0 = semget$private(0x0, 0x2000000010a, 0x0) semctl$SETALL(r0, 0x0, 0x11, 0x0) semctl$GETPID(r0, 0x2, 0xb, 0x0) 00:51:40 executing program 5: semctl$GETPID(0x0, 0x0, 0xb, 0x0) r0 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r0, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r0) r1 = request_key(&(0x7f0000000080)='.dead\x00', &(0x7f00000000c0)={'syz', 0x0}, &(0x7f0000000100)='\x00', 0xfffffffffffffffa) r2 = add_key(&(0x7f00000000c0)='user\x00', &(0x7f0000000240)={'syz', 0x0}, &(0x7f0000000100)="f2", 0x1, 0xfffffffffffffffe) r3 = add_key(&(0x7f00000000c0)='user\x00', &(0x7f0000000240)={'syz', 0x0}, &(0x7f0000000100)="f2", 0x1, 0xfffffffffffffffe) keyctl$unlink(0x9, r2, r3) keyctl$instantiate_iov(0x14, r1, &(0x7f00000002c0)=[{&(0x7f0000000140)="fb241053014b70b9bd7aa3f1c0324351f64d739f9be1b782593910df7592aeda7401c61cc7ab7d1484ca1df0d555c2da032716cfa1f2f00fdf6443d17391ee54bf2536e87fc2d301f8bbe17134c8b830ee5267d382e6b002a18b8fa3f7ec44249ef33b5c2a7e9d3d9de454d7f7b075f0", 0x70}, {&(0x7f00000001c0)="821cace974a8567901ddd98c4ac1f3dc17193c2f96cf8ba62994f7a3cc67a46538aa4ed0142c7444488dda386b", 0x2d}, {&(0x7f0000000380)="f80d175b70a90093faceccad41cabefba19073f6d10bfd8ec66ae8caef00dffd9cdcb03d162124c4a0a91e3ddf1a31a6d0826b55ce88a1093f0cafc51d2e0411e3f6f5bf155e11b514fa9397914134f711feab7fdb5060b771cea504f59c1fcfd9eb79d3cef449db34550fcad9052478e2c65f0408b9fe5cc16dcf0bc7c2c432ee3b2c5302ba85cd00b2d1c9ed89b98ec720573bbbc6719232f63b0d42dabb10ae1e71bfbbfd1633f73370e65b4191a7f22661b3535f9acb636ed352b3c682dff64045697158e2038f46b1ce0e8037c50f2823b0bb4e2ea188e363858978f74b6dafedd41ac2dc24cbaa471cb585ea71de0118bf8f981b", 0xf7}, {&(0x7f0000000480)="c298c554e3c7c294e3fa4ee19b23ff7c797fed2e8dc47e65bafd543c694594d58bf656d39936de4787e132789ed2b4b6e52553f68b669512aae3f6db12afff32e04cc1e37356ee5058c22c9df0d67423f39dacd7c1af3bb507ddf72402af7155d4b0d878fa43c1b1ab065b03a2aa1f983577ad52d4a2bb54b28e3ce87b388d680f49572a508321add6bc1e25da3c6314e6f21b3773683b0996d08181f49be6c85f3e22b70f89370972d7b3a15b0850ec2889a102", 0xb4}, {&(0x7f0000000200)="3de23ce84adf30306678e1e27f52e4a83d961a71ce028c8c96b225480139227ad7f8c7c3aa69c27921f58b421047548cbaa63735866c1f77dda53e88b18ec6ec5f9ffcb37f06ad975c999bdbdabcd3f1a1d519b74b798ccacd6df38617bcb749a945e69bda", 0x65}], 0x5, r3) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x4058534c, &(0x7f0000000000)={0x4, 0xa9e, 0xff, 0x6, 0x5}) 00:51:40 executing program 5: r0 = syz_open_dev$rtc(&(0x7f0000000000)='/dev/rtc#\x00', 0x80000000, 0x440100) ioctl$RTC_IRQP_SET(r0, 0x4004700c, 0x1689) 00:51:40 executing program 5: r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/commit_pending_bools\x00', 0x1, 0x0) ioctl$EVIOCGLED(r0, 0x80404519, &(0x7f0000000040)=""/4096) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r1, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r1) sendmsg$SOCK_DESTROY(r1, &(0x7f0000002100)={&(0x7f0000001040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000020c0)={&(0x7f0000001080)={0x1018, 0x15, 0x400, 0x9, 0x25dfdbfe, {0x10}, [@INET_DIAG_REQ_BYTECODE={0x1004, 0x1, "dc7acd8d42f53df32ceb5bb563a78caecb05dded2bf289eb757fe1d942a1d3ffa15c50ee9ee1ad25922f8bb72dcda75ed9f948aeab1d75dc6913eb67a05ec0a66da9cbf99107447aff64df1a8d3e10da637280db5e716197069612506f69e61f3c44777ec58056655878c6729bbb14f24e5091c77f3a6979ed9b8ee31d7de899f23c308a8f319a2fb9387ca8d57692b32590ed2413ac44394fc8b0dab91002d2fdcd4d2aaa0bdb5bbec1c5a6103cf7c688ec5492ddbd28ff65478d0eeb4dbd09ef78b9700c6bac7770c7c700cdbd1a9077565290e982920b04d560415ed758f09059b5ed2d2e67de7568a3343d54080655aac8c0648da4e3dc703c7b772f2a52b2c5fcfac5a87f74b05e3e85fb6bae68337dc962884cabc8ad733d1381e047dfe3777d0e248b1ceea3158097256f11f9169d8e78afcc89008008689040d45d7eab31a63f8af6b5cd8dced9e5b83da2a99717a9522c476b45b0a5103ddcbdc96297794c9ad0bd328b4054a431e9e3ab05a203d2b663f9a4399355c7d9395bbfde0b8e6ebbd416705011fd4f466b2466501f90e1bdc68e64002f7c0957c90137b77aa010e7a8e78ee7d4ba3d13eb5bcf9f117e602f60d0bab051519e55c1e94fef6e95e5521af6d2a3997bd67cf6f74a460fc5b1a3074b1341fd2c037f23377d22173da87f3372f2212fc533e8caba1156287d695413e9e58a17026058f44ccf0cb7f302ac002a16a2671213dd6bb30cd429499081b288ba64555e72465a167e6e171b38abcaee017ea92660b7bfea07c58cee3f856c722985a05c519db7a429d4bcff0788b634f494400f8176ad3ce1b2c575287e2baa3e0843e3e3c9e737bf7f2464a4eb476a3a98300b5a73e4696c94687566778c5aa8a70a222de6d3bde34c62f2f17098101f36681e0cf5a6e1ba99d8543d1ad949f2da64fc64efa42ccad4f9eb8a73c40a0963650e969796dadc9b2afa7b6f58097e947de60bad7dd17a0be389fc25b0b636122818c43911d5db9d40005c648c8470bf3e275ef3fadf913c833f4f40d5a17acc7a7ad4d8f6b5eba2b30562bb2c78ab42eae0a0ecf9cc8d0f2475a71460ee45a34bdca87095ec1258f90c85e06a29297be9f520fe2a29bdfb4ce2ba9dec5e002b2b1d5e400474a6f5c469ab222e5df906530a67be8e18da981e42db6db3d3519eee43918ef1bfaa7e7f85c06c155a17d0057d8bf8a6d78f9478c16fee26ab1eee678168df35969ff3fdedc72d37f332e80c6e1edc542c494f0ce5848b02a9484cbc8bba5356e5b7f9eaf16ba13c22109f3fd0af4dca045f66ca7f93c7108e1780a93de21d2c46d561eba33db7ba3050b909764c72545f3c741576954b2d8a95bfe82218f49028d71c0fb6405f1f54efc968f0f1fd95d0b4e72cafbb317afdd481bd8d6dca17602fb0cd64fc16cf3aa2aa4984d29eda2d6d6643c4ec0aa3bb6080fc27f38c47c86b9f8d84a408e51a9e97f5e9326a5ae4db80edde5ea0d63dcdc2f6bf7117f67570ccc0fd86c1e800a0fe572f9c82788196be336de8df94207e28cb86f23279a06e02158897ef57985d68a14f9c85dac1cc62718132c0962bfc7ee3185af6acb2abb8dd09432177e10f744ddac7c2f6b404b60f3599921b3971dc0e6c25ddc65cf2d63d4c6af0fe2c2ee8a80d2871f87fb974f9f27921d531b651afc1475c89abb625dbf3fdbf724e975a638c06c954ecc6f9c68f8f8521f5c881c563e931dcc1f4a4e97ced21a6d632a0e11608ebb273753a0f0126d8703e8a58e775e597de506a8d3b69c9957b6dd7387e217d11f7e234299b57d7c121d89e08b9df1b6878b6c99761be344414224fdd6608d4705ec2d44f298aaa55be1b2dc6afb922434036821c804a42eb2446fc0cea55b36cf788b1f30b103e5b6363cd1b782b08923863244ac495281558406269096c73ebfe07af9378bd9cf7dd9c3ca8454abf3272ec19c56ef7629ceac0a7e6740417851f69aef89a98a62f80770c3a91ab1acc379ca9c91fbb58c7ef143fc5e6762bb4f6a0f4101819b91ec44fcb1d2c3a9c1a31a2fd39f9b95e8f7ced01bbce3abaee3418402ee64ae2236a903dfedccc6c3c60f3e0c3e78ebdc77853ded5efe33f3e5e2510008a6e07f0caee22ef2b9c695fd0696d5f2b7aa263fa81deca2997c2af9b3eb6350cce30da2492ee8175613eaa58cc4320ccd90e92f17192a77e055170c8b52ade0ef60a61cfa9e138ff7ffc659935dfe40569eac9a9aee495b7a0b7b814f51daecb3c7cbde8f8c8b99a5720cacd26387f5808270d95050d169f4acae2c0a5c9670eb0a0ccd0b8c05f91fcf8bbb46aa73d181dc581117b34329277b51a164d6d07a3cc9738d9b7839da6e51c0dfa90356ff5205a8e2f207563692e2e924dce5bdd36089aede86e3d0a4bd9a9a45565a30a99af0810b722b76c6cc8c076dbfe046fbb2b79f4bb796be5d3283066a1e0d11e382a6c590479058ad9a48f62f065aaeff98120d800ea30ec4115c1069a50fc4e4cf45f051cf9d6cbfd540d62de8add6651a59c7894b1d28d8b71f34c5b52639128098da329bbed520d7c2b93961fc60aaf5b5e2f88baf2570a68372e31bc59145afc17b037024ac34f086aaed90e70eee52c425a083406cc0a9c3896087e82581795d2f72ac03147db176917ac0250d4d72fc948e6330dc6f5bbb34298893d2a2542f5b4ee20962767666d567d89bad0c7c272849c3f42e4ebb5baf550996aee51e6b7bb7fd6c36df359521395ac83417f337cbdf2fd3bee8f71c166f6711820735f1ef32e4bd74677bec5a7ac04f81bc835a7e6adf4cbfdb62cfa3263f5c473661dc864b56260e0e9ebad50cf4fd86bb6de59edd111b49736f370c6ff9a2ecaaa52480fed3faf17636ccab8a68f61146806132355e7160205996e3f04dcc4d61fb0351865956ca1c7455f28649b804adc0b2df83366baca1e79b98b8677e2ae986c22d783668fe23b4aa6955442bde38262ece29f5af1765fb8673b18466e9c69888f3cdce6fe3063cd4bd3d4beb38e27486ff68a1941a7a81ac1c2e4f0221cade5c2bbba78da8bcc472c7bf7c2684c2030a3c45ed05896a664cb068c5d6dc03ab18c1b3281d4f985a26dceeb6d47362bcda3a0b448905dc413241f3ace2bdb4aa74111c2ff13db395954820cbfd826d0132beeabeeab684370797912534110388db7b961e2265d746c461180d1fc6840fe56a21b38ff06c605f8a8e005bece8c106d890d47751dc56486bd945a7764d24540317d2b4afbf00c111f1d4a9afac47117cb450c5482cbc5104a3d094c800299a5f092d17a40c9f8ac010836b9b8744964327139f1936eaedba9f03166dc2fb94522c2b453d0f8fd5041e550910ad8e16709dc7525efca6d1b46c6f6acc041060023edae748aa15719a7253850dc98b5eb98b1776b4f24d3ad58e1abfad2770c154a75add0e5f303755d3851d6c24838e0dbc7a994a79f1113a415fc4c53ec7c0c9450394edf95bd38754d6dc55fcbfdc5ce61e58f6b742e2bd1228aa3020b13ef2745cfc60896ed9cec0c4aeafe68c6c81a0f421613cfb0c6f703cd2409d3aa1254f8a4c612132f6196aaeac04e4ef8b9d578dfa5f36018188e5464463e0208cd5f864935048f87cb7c2fac7aebc4f1396e7c5571c1bab5b4bd24156562306b57c5bf100a0aaec6f8743f017db29ecafd5a52f2b1642b77487b50e1a17097ce36364325d02786df74db431efb112e78c8326271cbb73cc2b5f7d04765fa10ec05bcf0f2782a8839ad1f238bcdcc70761e66b95a4f3bcf017f7e42a6822ce7c5ad1fff6c418ac9dd5f34cfc459933f9ae399b005900b309998caa0f5355924341b7f35b91ff460074d2ceb8499b5db7bb9e87b4f69b1ace1910d3401fceda83bf34fe7a38c388636f10fc244a651e8cdcfaa9f205b9350c36994af74960b2e0c8a27eb68d8bd779ab75355708d5fba5fc644d5cd9d4bb480fd4c03f220eb1bf2986d1d093d6a068538535d804091e5431a8f5f9a246f5ee409d83c08d24bffefdfe55d27bdb531342fc71166269ef0e724b9a7e66e7e77f4d878463c6abdb1f46c199251f97769241f29810fb02e800458447eb843968c0d9d0935bb83cd576eaa465dac6dbcc34ee2d2416b412a6c27b74ac9447544f09984ea296f0bcf661566b137349b19347c0288b4fb5ff7764cf71f58f0ffb038a5864f6536a1894c84bca54e04d5880980da7e1a32ff0e3a8c3df7f55aa8e9617b4d14229844dbbcdc9fa697efd90b09c688b74584dd94a294d3a5c753f2b00b338ed3babd161e5dfe1844576f054e97c621a1e68637de440fe752d07f1077ce8b3fcd50a1c379dbc6f4177d23ac3309edf64abac952ece9e1c0fa53ad75b29931575add00824ba5d56b605f26a3bb5cfad0162227063b11c70aef27733a8c66f82c3294356ff949023b1d5d6ef881add88b8363068ab8b56acae5f93845599082b3748dc84db2364e64df8db3bcd31d5889ccb5b0a647be90dd269bcf6e2771780b06e8a7cd7196c3ed775bd44f240ae90dc4eca622a99a636fb9a3e998c7917cf7536a566bf7c6ac833b452818868fad80ca6e6047cf0215b61f171abb124bbe78abc5802d10fb3f492eea6e8530230e9b709fef64b551da425801e62ba90d8844cb5ec8b0c55a50b4d21109debc8d6b675d97145055b84197c949e77b35e83090c1961cdf5b13608f1c0bef73717e1bb72b51e9579ef594af6f66e7d559159afb2a4cb7b7fa27dc30a89de0e5fbe88a40199e84516a19747f0b80bab9f37ec58e808ab83235479ceff5570031b2271d4c81a221952a59104711eafbbaad02ab258e7584f2a6aa4dd8e8ef36a24bdfc8d610f4ce5933f651dec379b2231bb72730c5d488fca6379e753a4e5985a05ca13f1d6c0f45be58ba7d945eca52c618e26254005663d39e067d020b9c6102ebb1a679621a84ecfc1ef001f388bfa5932db6b686f22e9f3ead5b14cb85d67f602d91b91707aa9938b38a13725fb276caa7f9c5e0abbecacab88c7a8d9d005f251011f8c7bec0261252700cc311b9176114bbcc94399d9cda75e7e6cd1f7085b6c3aeaaf4962a1ae850578577b3d9d5edcc2fd9c396c4137b953b465f40f3de1f9d5240af294c598ffb82f7fc9090f12e765dfbd6b5a2ae6931b9d77b860950b99f667406c19777452eeebf746778ff3d67eb9c22669b70f14d27c435972ec39af9f6e058c770db876b472c9564e83b7d3622b3107719fe0962b13dea1d6e7f15883d52ecdbc30d6e418d9cae89e6eb9988d3d353dc098ec194d8da02564b009fa365c55a8a0f183e69ec763a50f6f1859e253441b0cdbb3a60fe7eb5b05cdcfd1df96c672d3aed2f1cd3f7e43aad48f76c347a61e579405c252ae6e7c283bd5fd76be66b0255592e3a722f63266491dc1d637b4f33b586d3968eb535db9849c4e2df292ddb09a0b29194ff008932bb442f6f742a21a6255a327e42f3fde4fde3883dcfc8274b16eebdee3d2d8ae900676468b0095fefa6aa43ce9300da4c1e5c96d4f50f270b5bf001fb03bff6bcf2804a61fd90e51daad7d44bfaafe8d8f71bf4923d8579059105a0bd8eac0af1435e952342970fc298b7b714e50c7b60d0c5be50c13761e13372896d31f8a310ec45a408c80b1f110aaa5d36e59cdf3b0e09e50976f5e806629e08a5c2d5bc034eabc532db494c31ba661651dbacdc9bd5b95baf1a029be4c40c19247730d8cb13042de3cef463d3718ca456225169da09e93789a18aa6a3d2fbdab988b03a899ca0c12b6c3dcfd5f3"}]}, 0x1018}, 0x1, 0x0, 0x0, 0x80000}, 0x0) semctl$GETPID(0x0, 0x0, 0xb, 0x0) ioctl$SIOCPNENABLEPIPE(r0, 0x89ed, 0x0) ioctl$EXT4_IOC_MIGRATE(r0, 0x6609) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180)='ethtool\x00') sendmsg$ETHTOOL_MSG_STRSET_GET(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x18, r3, 0x9, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}]}, 0x18}}, 0x0) r4 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r4, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r4) getsockopt$inet6_IPV6_IPSEC_POLICY(r4, 0x29, 0x22, &(0x7f0000002180)={{{@in=@dev, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in6=@dev}}, &(0x7f0000002280)=0xe4) r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) r8 = socket$netlink(0x10, 0x3, 0x0) r9 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) open(&(0x7f00000023c0)='./file0\x00', 0x3, 0x2) sendmsg$nl_route(r8, &(0x7f0000000040)={0x0, 0x2a9, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r10, @ANYBLOB="000000000000000028001200090001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="5d4c29be7813469d"], 0x48}}, 0x0) sendmsg$nl_route_sched(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000004007a2a30005000000", @ANYRES32=r10, @ANYBLOB="00000000ffffffff000000000900010068667363000000000800020000000000"], 0x38}}, 0x0) sendmsg$nl_route_sched(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000c80)=@newtfilter={0x34, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {0x0, 0xfff2}, {}, {0xfff3}}, [@filter_kind_options=@f_route={{0xa, 0x1, 'route\x00'}, {0x4}}]}, 0x34}}, 0x0) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f0000002380)={&(0x7f0000002140)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000002340)={&(0x7f00000022c0)={0x7c, r3, 0x10, 0x70bd2b, 0x25dfdbfe, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x54, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg2\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @ETHTOOL_A_LINKMODES_OURS={0xc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}, @ETHTOOL_A_LINKMODES_SPEED={0x8, 0x5, 0x28b}]}, 0x7c}, 0x1, 0x0, 0x0, 0x890}, 0x4840) 00:51:40 executing program 5: semctl$GETPID(0x0, 0x0, 0xb, 0x0) r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x5342, 0x325a02) ioctl$SNDRV_CTL_IOCTL_CARD_INFO(r0, 0x81785501, &(0x7f0000000040)=""/54) 00:51:41 executing program 5: rt_sigreturn() semctl$GETPID(0x0, 0x0, 0xb, 0x0) socketpair(0x23, 0x3, 0x7, &(0x7f0000000000)={0xffffffffffffffff}) sendmsg$NL80211_CMD_NEW_STATION(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x10, 0x70bd2b, 0x25dfdbfc, {}, [@NL80211_ATTR_VLAN_ID={0x6, 0x11a, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24000880}, 0x400c804) 00:51:41 executing program 5: semctl$GETPID(0x0, 0x4, 0xb, 0x0) r0 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r0, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r0) bind$l2tp(r0, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r1, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r1) ioctl$CAPI_REGISTER(r1, 0x400c4301, &(0x7f0000000080)={0xd1a, 0x7f, 0xffffffff}) r2 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r2, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r2) r3 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r3, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r3) setsockopt$inet_mreqsrc(r1, 0x0, 0x26, &(0x7f0000000240)={@remote, @local, @dev={0xac, 0x14, 0x14, 0x34}}, 0xc) r4 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) r5 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r5, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r5) r6 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r6, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r6) r7 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r7, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r7) io_uring_register$IORING_REGISTER_FILES(r5, 0x2, &(0x7f00000002c0)=[r0, r4, r6, r7], 0x4) write$binfmt_script(r4, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r4) ioctl$VIDIOC_QBUF(r3, 0xc044560f, &(0x7f00000000c0)={0x2, 0x5, 0x4, 0x1000, 0x7, {0x77359400}, {0x5, 0x8, 0x7f, 0x6, 0x3, 0x0, "2051e6fa"}, 0xffffff00, 0x1, @userptr=0x1, 0xfff, 0x0, r4}) setxattr$security_evm(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='security.evm\x00', &(0x7f0000000200)=@ng={0x4, 0xb, "afde9226d8a05bb8cb05440786a4"}, 0x10, 0x2) ioctl$sock_SIOCGIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r8, 0x8982, &(0x7f0000000140)) ioctl$EVIOCGMASK(r2, 0x80104592, &(0x7f0000000040)={0x5, 0x1000, &(0x7f0000000380)="0f6cd47512917b661ed57aeccbb547f316c94fc4fe991a152280f56976b063eee53bbe37858076697f32a43c8653eb3bbc284b948002fe14d5a667e6828bb1e5ec9d714a2fc7fc14e01da163854b2a1e7e41ef06fc80bd95dd6499eeef4270c39161ee3566aaa7206196d51b9c65bdfaac04cc979b68d501a470cc47a0a9ed8b85501dfd2516d7fe795588df8280b442babd785d392a856dd4727af2b0157fb49f6314baecf7838838cd326d3a589874363ba383cea2ed10628f073f89d43f4522382e930bd2fbda0cdb8bb83d485c6bc895a7dc7f4bc0d46a775b2aec3b2ea7411ca15ada7cfc0dff893619ac03b448243ec6aa269f1f70800eade03d791907d253a547f67448fe6a09eb96b3b25357251ed8902acd50716585edf2c777b585594a514109bc07c3b9b0c2e9317a3cbe58136ac22ec749808f0fee1ba5811e12984cb516cf3b5b6584c49719f50ea7f37a1372ef665331f4015ff2a90a1ca1ca774ccae8c8a898cbfd6ea830dd1cf9271e868371f3a2517f5864fc961c5bef494dea0ef1bc845d26dde01308522c2d6d431f86d84a945db34266d56ae9bee0acfaa884541f2ad7cf4a8e453353e32c7ddb29220d510348358fc8f168cfda47e6c701cc403553392ac0256f5b2391c7793264143937f2256d4104e80d3f16c0af2623743a28cf492f7bb87a95874e3db3aae3273af7132f85f427192b0e9daa8c62f4ad97499b5c5c205f6ae62b7c6810941d53c663a5e63295221bda2279bfc330307e96ebc1684a42d2733d86e2a9aae5df7e6136569369fc73097ee169b4b25f92d279c3a1b694cec178e86d4e8b6a316dacbb07181b2ba765ddc44ff3b1b7604f898581e1b950c97b4cbd5e520fb894c711c981e2beba4cf3d81fe0410bde63ddbe09f1690bd1b2fda182e90796ac72997e8ef3ba9933cd45c795930311190bb56ab59f47a93ed1e4c95bb614dc5eeeeaaf81d4ddc0b533e37c3576c3a6bddec95e89b7f924aacb65e48ecd8cd5f3eb939968a80a54de9a8d6c1005111d4cca506239500ef19fc3c9e36b8ef3597b6d9f81ae65ad3c1ea2f5aa2aab0703dd17bf9d13327b9c675227945384a611e1c805777b3a37abbeeb289ff3bb6ac18a49c3b05f995f80f30e20db58237fe48858d70cfde2ac96d3c19dfd6079b589eac6863958dd336392f2328cb68195b1d9f1253df819e31136a27ba1b56186565ebed6b4a22f4f17853592fc9077a34bd6d639dfb353d1531fd6b66e133514d86903e5081a8589a6776b0fdc099a1dff63f2cd9fecd03bea9be0a019470407192ff827af4eca4f1f1df7655ebca43bf78c2d7ea4d008d13caa9dc38ed47757de54aab9d2782a6ca9be24dc135a516febc544623b512c09787c0fc8fb00e9bdd523def98556ec063132beae96bf3c337f616c5028adcdaec234059834cd2a6ea05323f2f3a1d93d7c86ace729fe0ed784de063acdee177bb02c304490642ecb8dd8e29446acce73616be45b84c28582e4f4ef5dfde852beccc2f7f62d1a6fe42e0babcc1234cc2bdc118b3c3385aeb66934cdeec0316c0cb858ba0b5d9a532c2214cd9ebd8794754032960c61cd32c997ea7b129d18481682aca7516d1e0a37667b0654cfcb75bc1b95f149f4f4f5debebd4981473f7018f2a2ea748dbd734ed05ef5c446638e87cfb85c588986958f714a9ca5e2b667e57bc783d52aaeb055f358dcb70426b2c1220526e981ed26870f731bbc82545be827f6b1fcfcf49b5c4e4fa2026b2cbb38da2a7ab14ae407806948bc5d8779108539ff77854429c34e4d8b16d605c8f477ec9418cef4eae107cd8f3ed373c77e99f2af6a291c9fc2b49463a864c385e73b267c9114d35ef004bf786c7cfcefb72351fbf9506b8ad4a2cfaf4451964df6435d8f8cdb62bb0ec85f9caa2d7a77e1094a7e073667de8cb29480f46b01f3ac09740b804e5fe241650dea1a4519f7be3f332b5b35001c38f454e0ae2c713677c90a90cc82a9919deebfbe531352b1780b8fdd33efaa6daa7fc9854382da2572d4abe5d5762a0f532428c28433bd6047a0bd7233fe0eea0debed2f21514812067e6bb15a7f66a251fb2bc991bb6a58f705e1f8bc94fdb601fef0125924d608dd015f92058d0596119ac0401c42ee3b67a6d3bbcb93f84eec21af626f6cab52c830a23164d542e865badb7a09bba70d9a30218957a7a26b42c05b7848104b9d342858168c7d836e0fad79d9c5e4b6f08e60b835448d14bd1bc6279d71f1d2e9f5e95510aa8f0fa8bd53043cff6dfe64fbb9786328c0a98c2aaf1c838e9ece54b55e90f666313475b611919abbc15a186e5c35a55010b38dadce3ef07f60f2e86b1fab1787dff7859f1ce8443dab14c3f5448b0287fa9d1975ccf96b8b66481edd541d1a196674592413b3977304b346322b2d65f032117e3b7538f66042ba52d587d2537e95cb41b4a4d66941be699129882a1202c79d70d9b777321d6087e014129bd242b089f295bfbb3994a1634721cfa44a07924b78e4e2f9b60563a67dc2375e3013541a8dde5d6b4c085223133744f826068f84f33e5812b7310ee15acfbd364773d994c9f252347734ca65a6865b1e091388711fcb5dfc1cdb30107228698b32e78f711c3d850ee4fbf96ae36f2fe8cc96eeb9d2f70ade1b120435f3dbe74d91321caa8b94f73e5a5602654deda70efa2082d0f62a4b7439ff7e46425494d9c7b9236ea3916d47aa6c7c4fa90bbc1ba468f369cc286fcc2d96d4f80b0753d417deeab6ace2d568a49806dd2a2827d224518045000bb893a70274f7604fa736adb44f1553e34960523b7a39789109b32e897eb2043509848495b3f4e15a3319f795ac583b5e9875cb467012ffeba3efcec2ed1e33725e44ffbc6ec6d61cccb479c131a19f9d0da47ee9c3c3ed1d80a9922f223f2779cc8d8d9d50642991a2f652a56c31d5ee6a21a4739c66d960b0b6f2dc709096c7e3658d9c0ad242a8e6ee2397191e83ba8b9e195eca6c7818fb2457c6dfdd5d3dede77d51a64b331412604da1d9d71e8dd285e8d6b912d024fd71a538d488ed4bf06f866ba1a09a7546be9a77a4f1dfa4a3243a1eb66fd5a20cca1d54cee08a69b90ab89b3f66459360cdc534789b271f2dabcb9a9538f4c47fb6fdd78777e05bfe58f742665a9388b81e385585f5fb119c534e695c8d66bd854c86be67ddc2212139dfb32d62a4973d213a0e800452201e4ec130a976e925e535a0f133c5ce07580301318e8ef05409be09353646424625f5b80370b5f9024931a5acd2afdd15d60305c0a3159974f0d42828fb63f4cc4f35ce4b06e18eb2bcb5f81a42dd0a8d669c3f05fb7c7aecfb83f8a365632556831df92f0051f3124c30f5b5e3910366b441a37c04472fb0772c38abe16dbcbba939efd074ba83770c3867dc26cc1576a089b7f6b814e28d5a45e57fcd9d7a3f7f68a351d14826f5934fd123e9c3bc3da1c0ff6b2e28973e2e3fb1acc5eb1d0f779d06b10523d5747b2c63b4ed4b9232fe48bed0d08814dc1210e81a82120bd89959aff9a8b3483a96b23fbb267c1f4686d652cdaf9ee1fa964c06aa2c0a6f3069cba65b02d76d61b2e18a2d784d2dc1ed4be49528b57d3dfafc138aa8dfa8a370fd9c070fb8b718272d0f897a3751fbdacdf72cfbd104a039f7e6f5c125932675293e7ffa1ba7a2281e5da7daff99fe50d4ca8240e83bc1cbb34ba4737e3ca30331e3af17fb681edcca45e6c299d5849a82d968f5d76dc0c7c6f22757822f100a322b6740f265b0590a5b5beb08e7884836d740359e4b266d5fddd40dfbba7f9845fc535c917492434d21550f63655ea40d04ae2313f00ce3b6e7ea426d7e47dbba1ec9d8a74193628505918a23280bf7f5eeacfd3937e8d5c8ce3d8b0bd965b7e71f78e2a0ad124db848bda26f5efb471fc5519942298ef9312ae3ac0621c36ac1f4083c8441eec4b3a0d58ab774283b2167e6c1486ace2e781502c99f6c5a6db8e679ce1d7afdf3f7d49b01883aa7fc67400361a2416f365f83957f7549ee4e283654ba618e89ecc0b54dd38447b46054dc6be29eb3e4c4622cdeab2d20b84c120474f82a0d21f76ca57e6a428595a70462713e084f71dce5ff7c2c04dffb7953854a1deed9b7f26d73c4d7359805140ff3ce7cd9675585823257bfe0d537bd1781de21c35007db667a20b11889201cd84af7d0d77d6f163cf187b935b9e87c9e3c04ff17263d3dd86cca7c45d332897f3723110758b9bf9b31e6fe46dfd245e6c5636780b044213da4f409a1827aee6fddd78cc42d07573237155b1dafde63eb709699bf38bcddcb5413a76944c2836a2c2331d4c36f2d766066c0a8c6ecc641d36d0997bde5fb922c034e5bd16ba32b88b602e3f98c0ddc1157ae0c60d300ab60e8b6a9ddd822751ba9119fbccfc4a0f6e6f39c5b24d5f36ae15842b4b08006b0df43500066c54e8fa42bd9ef0d0431a82d297667081e0bf64d5e13e5f692430b712af620769fec6f79b37effb9c8717f811b228f12aed86335ea6a5b0d2f528feeea237b8f74e3290d5658de250b8899c2c65d851cbb270bee9eedbb8c52ff8861f338f559395c22b3208fb9546a560632db6dd7ed032fffc44dac56de65b4e7771676b8b1c31bf61cefe6ce27081c27fa01b2a61ea4ff11b2f0c4201bbfebc23a690057705479884779c07c53ec679994aa8acc1b73c5b5968125b01f7da23404cb736726f43207ea89e8b3bde1b5eed0a6408093aec9cfb80e27c18952c2a36b56aff547455699b4c60c08a8f3c6fcf92bdf37d6094c59c8b033632790b9a9336b348a20d875c8f498cc6bf0d2e8ec7227ad1e2ededb50594498335cc5eaaa764aa4735afff2a6f8d698bae15dd2466d136b6556d62281eeeffc6c4de2ffc53ae2a9ab7cd2632636b9321fbc620bbe718c9d083ff2a0c1d43a76112b3710fd92ecd47f7c8860a6763024826391b471c66942a9d13f39d84eb7008a32a7f0a02421b424c95b76f4d6f9e5b16aed588364507dcb3d34f572b5fdc41d8c3f8afa49be52ba82851e1fc3ca79e53df409e39311e76f6dac4601417c32a9f8f2286c99acd0c709f4df8f32dc54573a9fb4c6450c232c27c12519063069baf8a4a71855515785a1d052bed85991a1b0f8309a2f2f83b74d797c6cf4d176ea6b93645d96b9639c15a15e600031f4f5e791bddcda072ea4b89638db889c5fb93131a555f609e59319c00bde9eb51604d7884ea0ad5a44308137114a5405376cbb8dbdbbfd16f14487ccf1cc938daccc31eed9e5b9d63ece816f3c457e786ee39fc212eb01c18c04ce8e8245edae2983155cdf3d270853dc9d887fae0489161a15a79c269cbc8ab849beaeb38bcdb7ba53a42771bb46b0c7d3a2beabdf4155f3e1bd7c466d87cc0d40205d02c90edbea2815d94cc0a6436e75aa900dbeb18606373d7c6bd6cb0641a9c9cef921d13586144ef95b480784beca39f4a3ddde3332bcee872cdcbcc4d5ef42b74209ecff91c314cba21a07f77529a0e204ae9c7aad609cbb6a043087f40cc702c4e5b54ec9d6d32df90720857f0fda57f4e125e2147289c6c2a74d6e5499ea9e226571501c9ae61f76fb36897841e390c4edc6769f57992bb9f75c508b75d7d0c611610ddf608189b7e6dd4dc74dd425ba7cc6f1d35deb970d50ed615fa7f73831de4be35eb587af8513afe0bbe2a9dedb8986e28549ff075688cb7caedc902f77849d43f877e7ee0a3a0822e08f6b409ca2883a059d526a615465f22c9936c8f46511601156ec7bee"}) 00:51:41 executing program 5: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000340)='/dev/sequencer\x00', 0x200000, 0x0) ioctl$SIOCAX25CTLCON(r0, 0x89e8, &(0x7f0000000380)={@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x2, 0x1, 0x6, [@default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}) semctl$GETPID(0x0, 0x0, 0xb, 0x0) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) r2 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r2, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r2) bind$inet6(r2, &(0x7f0000000080)={0xa, 0x4e20, 0x6, @empty, 0x2}, 0x1c) write$binfmt_script(r1, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r1) r3 = syz_open_dev$vivid(&(0x7f0000000000)='/dev/video#\x00', 0x1, 0x2) sendfile(r1, r3, &(0x7f0000000040)=0xffffffff, 0x3) prctl$PR_GET_THP_DISABLE(0x2a) 00:51:41 executing program 5: semctl$GETPID(0x0, 0x0, 0xb, 0x0) r0 = socket$bt_bnep(0x1f, 0x3, 0x4) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r1, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r1) sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r1, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)={0xd4, 0x0, 0x8, 0x70bd25, 0x8149, {}, [@NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @rand_addr="fc3ec90d975f085a657e8847004723dd"}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @broadcast}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @local}, @NLBL_UNLABEL_A_SECCTX={0x27, 0x7, 'system_u:object_r:audisp_exec_t:s0\x00'}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'ipvlan0\x00'}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @rand_addr="444ef44413302c59b884612c79c9d5d2"}, @NLBL_UNLABEL_A_SECCTX={0x29, 0x7, 'system_u:object_r:hald_mac_exec_t:s0\x00'}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @initdev={0xfe, 0x88, [], 0x0, 0x0}}]}, 0xd4}}, 0x51) r2 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r2, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r2) ioctl$DRM_IOCTL_AGP_RELEASE(r2, 0x6431) getsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000), &(0x7f0000000040)=0x4) 00:51:41 executing program 5: r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcsa\x00', 0x400401, 0x0) getsockopt$netrom_NETROM_IDLE(r0, 0x103, 0x7, &(0x7f0000000040)=0xda0, &(0x7f0000000080)=0x4) semctl$GETPID(0x0, 0x0, 0xb, 0x0) 00:51:41 executing program 5: r0 = semget(0x1, 0x3, 0x48) semctl$GETPID(r0, 0x4, 0xb, 0x0) 00:51:43 executing program 5: r0 = semget$private(0x0, 0x2000000010a, 0x0) semctl$SETALL(r0, 0x0, 0x11, 0x0) r1 = semget$private(0x0, 0x2000000010a, 0x0) semctl$SETALL(r1, 0x0, 0x11, 0x0) semctl$GETPID(r1, 0x0, 0xb, 0x0) 00:51:43 executing program 0: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000000)={0x0, 0x2}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r0, 0x84, 0x5, &(0x7f0000000080)={r1, @in={{0x2, 0x4e22, @remote}}}, 0x84) geteuid() syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={[], [{@obj_role={'obj_role', 0x3d, '/dev/dmmidi#\x00'}}]}) 00:51:43 executing program 5: semctl$GETPID(0xffffffffffffffff, 0x3, 0xb, 0x0) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT(0xffffffffffffffff, 0x28, 0x6, &(0x7f00000000c0)={r0, r1/1000+30000}, 0x8) r2 = syz_open_dev$video4linux(&(0x7f0000000000)='/dev/v4l-subdev#\x00', 0x1c, 0x80202) ioctl$VIDIOC_SUBSCRIBE_EVENT(r2, 0x4020565a, &(0x7f0000000040)={0x8001001, 0x6c3d, 0x1}) 00:51:43 executing program 0: syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={[], [{@obj_role={'obj_role', 0x3d, '/dev/dmmidi#\x00'}}]}) r0 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r0, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r0) sendmsg$NFQNL_MSG_VERDICT(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x50, 0x1, 0x3, 0x101, 0x0, 0x0, {0x3, 0x0, 0x8}, [@NFQA_MARK={0x8, 0x3, 0x1, 0x0, 0xc2a8}, @NFQA_MARK={0x8, 0x3, 0x1, 0x0, 0x1}, @NFQA_PAYLOAD={0x2b, 0xa, "4b0f46b69ac20f8d2e529627e803054e18a380f51b6a37621645ef266d121ba4adad486930b471"}]}, 0x50}, 0x1, 0x0, 0x0, 0x14008101}, 0x4004081) 00:51:43 executing program 5: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f0000000140)=0x6, 0x4) r1 = syz_open_dev$vcsu(&(0x7f0000000000)='/dev/vcsu#\x00', 0x6ca, 0x8840) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0xd0, &(0x7f0000000180)=[@in={0x2, 0x4e22, @broadcast}, @in={0x2, 0x4e22, @empty}, @in={0x2, 0x4e22, @remote}, @in6={0xa, 0x4e23, 0x9, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x4}, @in6={0xa, 0x4e21, 0x101, @dev={0xfe, 0x80, [], 0x27}}, @in6={0xa, 0x4e22, 0x1, @remote, 0x80000000}, @in={0x2, 0x4e24, @remote}, @in={0x2, 0x4e21, @broadcast}, @in6={0xa, 0x4e23, 0x2, @mcast2, 0xffff0001}, @in={0x2, 0x4e23, @broadcast}]}, &(0x7f00000002c0)=0xc) getsockopt$inet_sctp_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000040)=@assoc_id=r2, &(0x7f0000000080)=0x4) setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f00000000c0), 0x4) semctl$GETPID(0x0, 0x0, 0xb, 0x0) 00:51:43 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x2, "0000410000e37800e1ffffbfffffffff00"}) read(r0, &(0x7f0000000380)=""/68, 0x44) syz_open_pts(r0, 0x0) socket$inet(0x2, 0x4000000000000001, 0x0) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r1, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r1) dup2(r0, r0) syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="6f00e7ff130000477b18b0a2ff00002f6461000001"]) 00:51:43 executing program 5: semctl$GETPID(0x0, 0x1, 0xb, 0x0) 00:51:43 executing program 0: syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x47060, &(0x7f0000000340)={[], [{@obj_role={'obj_role', 0x3d, '/dev/dmmidi#\x00'}}]}) r0 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r0, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r0) getsockopt$netrom_NETROM_IDLE(r0, 0x103, 0x7, &(0x7f0000000040)=0x800, &(0x7f0000000080)=0x4) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r1, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r1) setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000380)={0x9, {{0xa, 0x4e22, 0x3f, @ipv4={[], [], @local}, 0x8}}, 0x0, 0x3, [{{0xa, 0x4e22, 0x41, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x8}}, {{0xa, 0x4e23, 0x7fffffff, @rand_addr="14d2b40c7b34cce56eb38078a941ce5d", 0x6}}, {{0xa, 0x4e24, 0x8, @mcast2, 0x8}}]}, 0x20c) 00:51:43 executing program 5: prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x0) semctl$GETPID(0x0, 0x0, 0xb, 0x0) socket$vsock_stream(0x28, 0x1, 0x0) 00:51:44 executing program 0: syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f00000001c0)='./file0\x00', 0x40000, 0x0, 0x0, 0x2480c, &(0x7f0000000000)) 00:51:44 executing program 5: semctl$GETPID(0x0, 0x0, 0xb, 0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000000)) 00:51:44 executing program 0: syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f00000001c0)='./file0\x00', 0x3f, 0x0, 0x0, 0x34e49a, &(0x7f0000000000)=ANY=[]) socketpair(0x5, 0x4, 0x7, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080)='nl80211\x00') r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_GET_MPATH(r2, &(0x7f00000000c0)={0x0, 0x7, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="172a17af", @ANYRES16=r1, @ANYBLOB="3d170000000000000000150000000a001901ffffffffffff0000"], 0x20}}, 0x0) sendmsg$NL80211_CMD_GET_MPATH(r0, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x38, r1, 0x20, 0x70bd28, 0x25dfdbff, {}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @random="bd432f00c904"}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @link_local}, @NL80211_ATTR_MAC={0xa, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000081}, 0x2801) open(&(0x7f0000000000)='./file0\x00', 0x2, 0x84) 00:51:44 executing program 5: semctl$GETPID(0x0, 0x0, 0xb, 0x0) r0 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="2321202e2f663d687a30200300"/23], 0xc) close(r0) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r1, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r1) recvfrom$l2tp6(r1, &(0x7f0000000000)=""/125, 0x7d, 0x2c8fef2149a13661, &(0x7f0000000080)={0xa, 0x0, 0x0, @remote}, 0x20) 00:51:44 executing program 0: syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)) r0 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r0, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000000)={0x3, 0x0, 0x3000, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) 00:51:44 executing program 5: semctl$GETPID(0x0, 0x0, 0xb, 0x0) r0 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x6, 0x8800) sendmsg$TIPC_CMD_GET_MAX_PORTS(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0xb0084000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x800, 0x70bd26, 0x25dfdbfd, {}, ["", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x40000) 00:51:44 executing program 0: syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x37, 0x0, 0x0, &(0x7f0000000040)={[], [{@measure='measure'}, {@context={'context', 0x3d, 'user_u'}}, {@mask={'mask', 0x3d, '^MAY_APPEND'}}, {@measure='measure'}]}) 00:51:44 executing program 0: syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="6f636a5f726f6c653d000000000000000865682f646d6d692911d8a34c50762367f7ecba2a8f4aefbd33323ce716da530c31f7aa14713f4509bcdbf0233f5e93af8379524205a933e1c460ccc670e70b6cc3fe0079eab73e5d54ae9e64f8dc9007668568b9f993bb4575b7e5d9b32187b918cfe8426fd5ca9b2e0528532ae6f029699b82dc99e7c982eb879f6564e74c9a136a1e4015248cecdcd86faa84b9d6"]) 00:51:44 executing program 5: semget(0x0, 0x2, 0x40) semget(0x3, 0x4, 0x40) r0 = semget$private(0x0, 0x2000000010a, 0x0) semctl$SETALL(r0, 0x0, 0x11, 0x0) r1 = semget$private(0x0, 0x4, 0x404) semctl$SETALL(r1, 0x0, 0x11, 0x0) semctl$GETPID(r1, 0x0, 0xb, 0x0) 00:51:44 executing program 0: syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="6f626a5f7200000000000000002f646d6d69646d230028851bfb331a88a682519f63a40ef6eb0b027723e8148378f51f5537c3458a8157c39c8323139b91ff1193b11cd366b5aa634c78f0633a7517d9d22c35767188bc60c67268bddd3e621154b2cffa330fea4c8202153f683c312a8d7d9a3e1e5486276d18a5ca49b098b43eac3a2227ac2b14355e6252fd8e71a2ccfff1f350b7bb3ed68f2862184c59e7d2553676bdc01e99592fa58c9da012b184c17be481339d14aefd56918b1683a98f36f2f33b83808a1f6887166cfd4759bdc6656be7eb9eab0f0fdf"]) 00:51:45 executing program 0: ioctl$SNDCTL_DSP_GETCAPS(0xffffffffffffffff, 0x8004500f, &(0x7f0000000000)) r0 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="2300000000000000003020205a6af6aafcb054e0d98eaed7a65fa64254ccafc0eb1440574af9c091bdbd540a32877821944932ad2d9a3c84338a8a596573be"], 0xc) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r1, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000000)='batadv\x00') r4 = socket$netlink(0x10, 0x3, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x2a9, &(0x7f0000000000)={&(0x7f00000007c0)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r6, @ANYBLOB="000000000000000028001200090001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="0000b200000000008cae6525c5891c2750b69b6fc7bb9b69b7e40e37fbe7a1de68a96e03be094b5dd3a217667da12a6d56ce0f3196b138bd560e546247924c400362bfb13db1f3a3039b57c2c77d8046334b65113c055c1b38f630eabbabc062a8911c94fbf456a08f4cd0b0e0e1ca90ccfe418dba559c4ff973cb60f3830e1f265b9bfa66f1feca43c6912ec8fdb4e02ec481ff465d05f976a5121e1be286f121754b65ed5def3c230b3d7e9e89f1840ab0be530593f5d20e4f2a41b0ed4d301307ccdfb74210856ae1e8d72e80d8df918357e117e36f78189f7582908f8ff64970736244e17a70205d7fc32d49a488332521e3cd2c64d8715557d52c4e54be3a2a326cfe017e37af859f49320a5c1e944173405c0e5c9300615ba62b5324633b0e1c6210d8a2ab576df714b74393"], 0x48}}, 0x0) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000002c0)={0x1c, r3, 0x301, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r6}]}, 0x1c}}, 0x0) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r1, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x32757aeb74bbdadb}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r3, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x6}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x81) close(r0) ioctl$USBDEVFS_REAPURB(r0, 0x4004550c, &(0x7f0000000040)) syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='obj_rOle=/dev/dmmidi#\x00,\x00']) 00:51:45 executing program 5: r0 = semget$private(0x0, 0x0, 0x80) semctl$SETALL(r0, 0x0, 0x11, 0x0) r1 = semget$private(0x0, 0x2000000010a, 0x0) semctl$SETALL(r1, 0x0, 0x11, 0x0) semctl$GETPID(r1, 0x1, 0xb, 0x0) 00:51:45 executing program 0: keyctl$session_to_parent(0x12) syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={[], [{@obj_role={'obj_role', 0x3d, '/dev/dmmidi#\x00'}}]}) 00:51:45 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x1, 0x5, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0}, &(0x7f0000000200)=0x5) setresuid(0x0, r2, 0x0) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240)='nl80211\x00') sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)=ANY=[@ANYBLOB="14000204", @ANYRES16=r3, @ANYBLOB="0100000000000000000007000000"], 0x14}}, 0x0) semctl$GETPID(0x0, 0x0, 0xb, 0x0) 00:51:45 executing program 1: semget(0x0, 0x2, 0x40) semget(0x3, 0x4, 0x40) r0 = semget$private(0x0, 0x2000000010a, 0x0) semctl$SETALL(r0, 0x0, 0x11, 0x0) r1 = semget$private(0x0, 0x4, 0x404) semctl$SETALL(r1, 0x0, 0x11, 0x0) semctl$GETPID(r1, 0x0, 0xb, 0x0) 00:51:45 executing program 3: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000340)='/dev/sequencer\x00', 0x200000, 0x0) ioctl$SIOCAX25CTLCON(r0, 0x89e8, &(0x7f0000000380)={@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x2, 0x1, 0x6, [@default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}) semctl$GETPID(0x0, 0x0, 0xb, 0x0) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) r2 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r2, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r2) bind$inet6(r2, &(0x7f0000000080)={0xa, 0x4e20, 0x6, @empty, 0x2}, 0x1c) write$binfmt_script(r1, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r1) r3 = syz_open_dev$vivid(&(0x7f0000000000)='/dev/video#\x00', 0x1, 0x2) sendfile(r1, r3, &(0x7f0000000040)=0xffffffff, 0x3) prctl$PR_GET_THP_DISABLE(0x2a) 00:51:45 executing program 2: semctl$GETPID(0x0, 0x4, 0xb, 0x0) r0 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r0, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r0) bind$l2tp(r0, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r1, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r1) ioctl$CAPI_REGISTER(r1, 0x400c4301, &(0x7f0000000080)={0xd1a, 0x7f, 0xffffffff}) r2 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r2, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r2) r3 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r3, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r3) setsockopt$inet_mreqsrc(r1, 0x0, 0x26, &(0x7f0000000240)={@remote, @local, @dev={0xac, 0x14, 0x14, 0x34}}, 0xc) r4 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) r5 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r5, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r5) r6 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r6, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r6) r7 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r7, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r7) io_uring_register$IORING_REGISTER_FILES(r5, 0x2, &(0x7f00000002c0)=[r0, r4, r6, r7], 0x4) write$binfmt_script(r4, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r4) ioctl$VIDIOC_QBUF(r3, 0xc044560f, &(0x7f00000000c0)={0x2, 0x5, 0x4, 0x1000, 0x7, {0x77359400}, {0x5, 0x8, 0x7f, 0x6, 0x3, 0x0, "2051e6fa"}, 0xffffff00, 0x1, @userptr=0x1, 0xfff, 0x0, r4}) setxattr$security_evm(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='security.evm\x00', &(0x7f0000000200)=@ng={0x4, 0xb, "afde9226d8a05bb8cb05440786a4"}, 0x10, 0x2) ioctl$sock_SIOCGIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r8, 0x8982, &(0x7f0000000140)) ioctl$EVIOCGMASK(r2, 0x80104592, &(0x7f0000000040)={0x5, 0x1000, &(0x7f0000000380)="0f6cd47512917b661ed57aeccbb547f316c94fc4fe991a152280f56976b063eee53bbe37858076697f32a43c8653eb3bbc284b948002fe14d5a667e6828bb1e5ec9d714a2fc7fc14e01da163854b2a1e7e41ef06fc80bd95dd6499eeef4270c39161ee3566aaa7206196d51b9c65bdfaac04cc979b68d501a470cc47a0a9ed8b85501dfd2516d7fe795588df8280b442babd785d392a856dd4727af2b0157fb49f6314baecf7838838cd326d3a589874363ba383cea2ed10628f073f89d43f4522382e930bd2fbda0cdb8bb83d485c6bc895a7dc7f4bc0d46a775b2aec3b2ea7411ca15ada7cfc0dff893619ac03b448243ec6aa269f1f70800eade03d791907d253a547f67448fe6a09eb96b3b25357251ed8902acd50716585edf2c777b585594a514109bc07c3b9b0c2e9317a3cbe58136ac22ec749808f0fee1ba5811e12984cb516cf3b5b6584c49719f50ea7f37a1372ef665331f4015ff2a90a1ca1ca774ccae8c8a898cbfd6ea830dd1cf9271e868371f3a2517f5864fc961c5bef494dea0ef1bc845d26dde01308522c2d6d431f86d84a945db34266d56ae9bee0acfaa884541f2ad7cf4a8e453353e32c7ddb29220d510348358fc8f168cfda47e6c701cc403553392ac0256f5b2391c7793264143937f2256d4104e80d3f16c0af2623743a28cf492f7bb87a95874e3db3aae3273af7132f85f427192b0e9daa8c62f4ad97499b5c5c205f6ae62b7c6810941d53c663a5e63295221bda2279bfc330307e96ebc1684a42d2733d86e2a9aae5df7e6136569369fc73097ee169b4b25f92d279c3a1b694cec178e86d4e8b6a316dacbb07181b2ba765ddc44ff3b1b7604f898581e1b950c97b4cbd5e520fb894c711c981e2beba4cf3d81fe0410bde63ddbe09f1690bd1b2fda182e90796ac72997e8ef3ba9933cd45c795930311190bb56ab59f47a93ed1e4c95bb614dc5eeeeaaf81d4ddc0b533e37c3576c3a6bddec95e89b7f924aacb65e48ecd8cd5f3eb939968a80a54de9a8d6c1005111d4cca506239500ef19fc3c9e36b8ef3597b6d9f81ae65ad3c1ea2f5aa2aab0703dd17bf9d13327b9c675227945384a611e1c805777b3a37abbeeb289ff3bb6ac18a49c3b05f995f80f30e20db58237fe48858d70cfde2ac96d3c19dfd6079b589eac6863958dd336392f2328cb68195b1d9f1253df819e31136a27ba1b56186565ebed6b4a22f4f17853592fc9077a34bd6d639dfb353d1531fd6b66e133514d86903e5081a8589a6776b0fdc099a1dff63f2cd9fecd03bea9be0a019470407192ff827af4eca4f1f1df7655ebca43bf78c2d7ea4d008d13caa9dc38ed47757de54aab9d2782a6ca9be24dc135a516febc544623b512c09787c0fc8fb00e9bdd523def98556ec063132beae96bf3c337f616c5028adcdaec234059834cd2a6ea05323f2f3a1d93d7c86ace729fe0ed784de063acdee177bb02c304490642ecb8dd8e29446acce73616be45b84c28582e4f4ef5dfde852beccc2f7f62d1a6fe42e0babcc1234cc2bdc118b3c3385aeb66934cdeec0316c0cb858ba0b5d9a532c2214cd9ebd8794754032960c61cd32c997ea7b129d18481682aca7516d1e0a37667b0654cfcb75bc1b95f149f4f4f5debebd4981473f7018f2a2ea748dbd734ed05ef5c446638e87cfb85c588986958f714a9ca5e2b667e57bc783d52aaeb055f358dcb70426b2c1220526e981ed26870f731bbc82545be827f6b1fcfcf49b5c4e4fa2026b2cbb38da2a7ab14ae407806948bc5d8779108539ff77854429c34e4d8b16d605c8f477ec9418cef4eae107cd8f3ed373c77e99f2af6a291c9fc2b49463a864c385e73b267c9114d35ef004bf786c7cfcefb72351fbf9506b8ad4a2cfaf4451964df6435d8f8cdb62bb0ec85f9caa2d7a77e1094a7e073667de8cb29480f46b01f3ac09740b804e5fe241650dea1a4519f7be3f332b5b35001c38f454e0ae2c713677c90a90cc82a9919deebfbe531352b1780b8fdd33efaa6daa7fc9854382da2572d4abe5d5762a0f532428c28433bd6047a0bd7233fe0eea0debed2f21514812067e6bb15a7f66a251fb2bc991bb6a58f705e1f8bc94fdb601fef0125924d608dd015f92058d0596119ac0401c42ee3b67a6d3bbcb93f84eec21af626f6cab52c830a23164d542e865badb7a09bba70d9a30218957a7a26b42c05b7848104b9d342858168c7d836e0fad79d9c5e4b6f08e60b835448d14bd1bc6279d71f1d2e9f5e95510aa8f0fa8bd53043cff6dfe64fbb9786328c0a98c2aaf1c838e9ece54b55e90f666313475b611919abbc15a186e5c35a55010b38dadce3ef07f60f2e86b1fab1787dff7859f1ce8443dab14c3f5448b0287fa9d1975ccf96b8b66481edd541d1a196674592413b3977304b346322b2d65f032117e3b7538f66042ba52d587d2537e95cb41b4a4d66941be699129882a1202c79d70d9b777321d6087e014129bd242b089f295bfbb3994a1634721cfa44a07924b78e4e2f9b60563a67dc2375e3013541a8dde5d6b4c085223133744f826068f84f33e5812b7310ee15acfbd364773d994c9f252347734ca65a6865b1e091388711fcb5dfc1cdb30107228698b32e78f711c3d850ee4fbf96ae36f2fe8cc96eeb9d2f70ade1b120435f3dbe74d91321caa8b94f73e5a5602654deda70efa2082d0f62a4b7439ff7e46425494d9c7b9236ea3916d47aa6c7c4fa90bbc1ba468f369cc286fcc2d96d4f80b0753d417deeab6ace2d568a49806dd2a2827d224518045000bb893a70274f7604fa736adb44f1553e34960523b7a39789109b32e897eb2043509848495b3f4e15a3319f795ac583b5e9875cb467012ffeba3efcec2ed1e33725e44ffbc6ec6d61cccb479c131a19f9d0da47ee9c3c3ed1d80a9922f223f2779cc8d8d9d50642991a2f652a56c31d5ee6a21a4739c66d960b0b6f2dc709096c7e3658d9c0ad242a8e6ee2397191e83ba8b9e195eca6c7818fb2457c6dfdd5d3dede77d51a64b331412604da1d9d71e8dd285e8d6b912d024fd71a538d488ed4bf06f866ba1a09a7546be9a77a4f1dfa4a3243a1eb66fd5a20cca1d54cee08a69b90ab89b3f66459360cdc534789b271f2dabcb9a9538f4c47fb6fdd78777e05bfe58f742665a9388b81e385585f5fb119c534e695c8d66bd854c86be67ddc2212139dfb32d62a4973d213a0e800452201e4ec130a976e925e535a0f133c5ce07580301318e8ef05409be09353646424625f5b80370b5f9024931a5acd2afdd15d60305c0a3159974f0d42828fb63f4cc4f35ce4b06e18eb2bcb5f81a42dd0a8d669c3f05fb7c7aecfb83f8a365632556831df92f0051f3124c30f5b5e3910366b441a37c04472fb0772c38abe16dbcbba939efd074ba83770c3867dc26cc1576a089b7f6b814e28d5a45e57fcd9d7a3f7f68a351d14826f5934fd123e9c3bc3da1c0ff6b2e28973e2e3fb1acc5eb1d0f779d06b10523d5747b2c63b4ed4b9232fe48bed0d08814dc1210e81a82120bd89959aff9a8b3483a96b23fbb267c1f4686d652cdaf9ee1fa964c06aa2c0a6f3069cba65b02d76d61b2e18a2d784d2dc1ed4be49528b57d3dfafc138aa8dfa8a370fd9c070fb8b718272d0f897a3751fbdacdf72cfbd104a039f7e6f5c125932675293e7ffa1ba7a2281e5da7daff99fe50d4ca8240e83bc1cbb34ba4737e3ca30331e3af17fb681edcca45e6c299d5849a82d968f5d76dc0c7c6f22757822f100a322b6740f265b0590a5b5beb08e7884836d740359e4b266d5fddd40dfbba7f9845fc535c917492434d21550f63655ea40d04ae2313f00ce3b6e7ea426d7e47dbba1ec9d8a74193628505918a23280bf7f5eeacfd3937e8d5c8ce3d8b0bd965b7e71f78e2a0ad124db848bda26f5efb471fc5519942298ef9312ae3ac0621c36ac1f4083c8441eec4b3a0d58ab774283b2167e6c1486ace2e781502c99f6c5a6db8e679ce1d7afdf3f7d49b01883aa7fc67400361a2416f365f83957f7549ee4e283654ba618e89ecc0b54dd38447b46054dc6be29eb3e4c4622cdeab2d20b84c120474f82a0d21f76ca57e6a428595a70462713e084f71dce5ff7c2c04dffb7953854a1deed9b7f26d73c4d7359805140ff3ce7cd9675585823257bfe0d537bd1781de21c35007db667a20b11889201cd84af7d0d77d6f163cf187b935b9e87c9e3c04ff17263d3dd86cca7c45d332897f3723110758b9bf9b31e6fe46dfd245e6c5636780b044213da4f409a1827aee6fddd78cc42d07573237155b1dafde63eb709699bf38bcddcb5413a76944c2836a2c2331d4c36f2d766066c0a8c6ecc641d36d0997bde5fb922c034e5bd16ba32b88b602e3f98c0ddc1157ae0c60d300ab60e8b6a9ddd822751ba9119fbccfc4a0f6e6f39c5b24d5f36ae15842b4b08006b0df43500066c54e8fa42bd9ef0d0431a82d297667081e0bf64d5e13e5f692430b712af620769fec6f79b37effb9c8717f811b228f12aed86335ea6a5b0d2f528feeea237b8f74e3290d5658de250b8899c2c65d851cbb270bee9eedbb8c52ff8861f338f559395c22b3208fb9546a560632db6dd7ed032fffc44dac56de65b4e7771676b8b1c31bf61cefe6ce27081c27fa01b2a61ea4ff11b2f0c4201bbfebc23a690057705479884779c07c53ec679994aa8acc1b73c5b5968125b01f7da23404cb736726f43207ea89e8b3bde1b5eed0a6408093aec9cfb80e27c18952c2a36b56aff547455699b4c60c08a8f3c6fcf92bdf37d6094c59c8b033632790b9a9336b348a20d875c8f498cc6bf0d2e8ec7227ad1e2ededb50594498335cc5eaaa764aa4735afff2a6f8d698bae15dd2466d136b6556d62281eeeffc6c4de2ffc53ae2a9ab7cd2632636b9321fbc620bbe718c9d083ff2a0c1d43a76112b3710fd92ecd47f7c8860a6763024826391b471c66942a9d13f39d84eb7008a32a7f0a02421b424c95b76f4d6f9e5b16aed588364507dcb3d34f572b5fdc41d8c3f8afa49be52ba82851e1fc3ca79e53df409e39311e76f6dac4601417c32a9f8f2286c99acd0c709f4df8f32dc54573a9fb4c6450c232c27c12519063069baf8a4a71855515785a1d052bed85991a1b0f8309a2f2f83b74d797c6cf4d176ea6b93645d96b9639c15a15e600031f4f5e791bddcda072ea4b89638db889c5fb93131a555f609e59319c00bde9eb51604d7884ea0ad5a44308137114a5405376cbb8dbdbbfd16f14487ccf1cc938daccc31eed9e5b9d63ece816f3c457e786ee39fc212eb01c18c04ce8e8245edae2983155cdf3d270853dc9d887fae0489161a15a79c269cbc8ab849beaeb38bcdb7ba53a42771bb46b0c7d3a2beabdf4155f3e1bd7c466d87cc0d40205d02c90edbea2815d94cc0a6436e75aa900dbeb18606373d7c6bd6cb0641a9c9cef921d13586144ef95b480784beca39f4a3ddde3332bcee872cdcbcc4d5ef42b74209ecff91c314cba21a07f77529a0e204ae9c7aad609cbb6a043087f40cc702c4e5b54ec9d6d32df90720857f0fda57f4e125e2147289c6c2a74d6e5499ea9e226571501c9ae61f76fb36897841e390c4edc6769f57992bb9f75c508b75d7d0c611610ddf608189b7e6dd4dc74dd425ba7cc6f1d35deb970d50ed615fa7f73831de4be35eb587af8513afe0bbe2a9dedb8986e28549ff075688cb7caedc902f77849d43f877e7ee0a3a0822e08f6b409ca2883a059d526a615465f22c9936c8f46511601156ec7bee"}) 00:51:45 executing program 4: r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/commit_pending_bools\x00', 0x1, 0x0) ioctl$EVIOCGLED(r0, 0x80404519, &(0x7f0000000040)=""/4096) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r1, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r1) sendmsg$SOCK_DESTROY(r1, &(0x7f0000002100)={&(0x7f0000001040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000020c0)={&(0x7f0000001080)={0x1018, 0x15, 0x400, 0x9, 0x25dfdbfe, {0x10}, [@INET_DIAG_REQ_BYTECODE={0x1004, 0x1, "dc7acd8d42f53df32ceb5bb563a78caecb05dded2bf289eb757fe1d942a1d3ffa15c50ee9ee1ad25922f8bb72dcda75ed9f948aeab1d75dc6913eb67a05ec0a66da9cbf99107447aff64df1a8d3e10da637280db5e716197069612506f69e61f3c44777ec58056655878c6729bbb14f24e5091c77f3a6979ed9b8ee31d7de899f23c308a8f319a2fb9387ca8d57692b32590ed2413ac44394fc8b0dab91002d2fdcd4d2aaa0bdb5bbec1c5a6103cf7c688ec5492ddbd28ff65478d0eeb4dbd09ef78b9700c6bac7770c7c700cdbd1a9077565290e982920b04d560415ed758f09059b5ed2d2e67de7568a3343d54080655aac8c0648da4e3dc703c7b772f2a52b2c5fcfac5a87f74b05e3e85fb6bae68337dc962884cabc8ad733d1381e047dfe3777d0e248b1ceea3158097256f11f9169d8e78afcc89008008689040d45d7eab31a63f8af6b5cd8dced9e5b83da2a99717a9522c476b45b0a5103ddcbdc96297794c9ad0bd328b4054a431e9e3ab05a203d2b663f9a4399355c7d9395bbfde0b8e6ebbd416705011fd4f466b2466501f90e1bdc68e64002f7c0957c90137b77aa010e7a8e78ee7d4ba3d13eb5bcf9f117e602f60d0bab051519e55c1e94fef6e95e5521af6d2a3997bd67cf6f74a460fc5b1a3074b1341fd2c037f23377d22173da87f3372f2212fc533e8caba1156287d695413e9e58a17026058f44ccf0cb7f302ac002a16a2671213dd6bb30cd429499081b288ba64555e72465a167e6e171b38abcaee017ea92660b7bfea07c58cee3f856c722985a05c519db7a429d4bcff0788b634f494400f8176ad3ce1b2c575287e2baa3e0843e3e3c9e737bf7f2464a4eb476a3a98300b5a73e4696c94687566778c5aa8a70a222de6d3bde34c62f2f17098101f36681e0cf5a6e1ba99d8543d1ad949f2da64fc64efa42ccad4f9eb8a73c40a0963650e969796dadc9b2afa7b6f58097e947de60bad7dd17a0be389fc25b0b636122818c43911d5db9d40005c648c8470bf3e275ef3fadf913c833f4f40d5a17acc7a7ad4d8f6b5eba2b30562bb2c78ab42eae0a0ecf9cc8d0f2475a71460ee45a34bdca87095ec1258f90c85e06a29297be9f520fe2a29bdfb4ce2ba9dec5e002b2b1d5e400474a6f5c469ab222e5df906530a67be8e18da981e42db6db3d3519eee43918ef1bfaa7e7f85c06c155a17d0057d8bf8a6d78f9478c16fee26ab1eee678168df35969ff3fdedc72d37f332e80c6e1edc542c494f0ce5848b02a9484cbc8bba5356e5b7f9eaf16ba13c22109f3fd0af4dca045f66ca7f93c7108e1780a93de21d2c46d561eba33db7ba3050b909764c72545f3c741576954b2d8a95bfe82218f49028d71c0fb6405f1f54efc968f0f1fd95d0b4e72cafbb317afdd481bd8d6dca17602fb0cd64fc16cf3aa2aa4984d29eda2d6d6643c4ec0aa3bb6080fc27f38c47c86b9f8d84a408e51a9e97f5e9326a5ae4db80edde5ea0d63dcdc2f6bf7117f67570ccc0fd86c1e800a0fe572f9c82788196be336de8df94207e28cb86f23279a06e02158897ef57985d68a14f9c85dac1cc62718132c0962bfc7ee3185af6acb2abb8dd09432177e10f744ddac7c2f6b404b60f3599921b3971dc0e6c25ddc65cf2d63d4c6af0fe2c2ee8a80d2871f87fb974f9f27921d531b651afc1475c89abb625dbf3fdbf724e975a638c06c954ecc6f9c68f8f8521f5c881c563e931dcc1f4a4e97ced21a6d632a0e11608ebb273753a0f0126d8703e8a58e775e597de506a8d3b69c9957b6dd7387e217d11f7e234299b57d7c121d89e08b9df1b6878b6c99761be344414224fdd6608d4705ec2d44f298aaa55be1b2dc6afb922434036821c804a42eb2446fc0cea55b36cf788b1f30b103e5b6363cd1b782b08923863244ac495281558406269096c73ebfe07af9378bd9cf7dd9c3ca8454abf3272ec19c56ef7629ceac0a7e6740417851f69aef89a98a62f80770c3a91ab1acc379ca9c91fbb58c7ef143fc5e6762bb4f6a0f4101819b91ec44fcb1d2c3a9c1a31a2fd39f9b95e8f7ced01bbce3abaee3418402ee64ae2236a903dfedccc6c3c60f3e0c3e78ebdc77853ded5efe33f3e5e2510008a6e07f0caee22ef2b9c695fd0696d5f2b7aa263fa81deca2997c2af9b3eb6350cce30da2492ee8175613eaa58cc4320ccd90e92f17192a77e055170c8b52ade0ef60a61cfa9e138ff7ffc659935dfe40569eac9a9aee495b7a0b7b814f51daecb3c7cbde8f8c8b99a5720cacd26387f5808270d95050d169f4acae2c0a5c9670eb0a0ccd0b8c05f91fcf8bbb46aa73d181dc581117b34329277b51a164d6d07a3cc9738d9b7839da6e51c0dfa90356ff5205a8e2f207563692e2e924dce5bdd36089aede86e3d0a4bd9a9a45565a30a99af0810b722b76c6cc8c076dbfe046fbb2b79f4bb796be5d3283066a1e0d11e382a6c590479058ad9a48f62f065aaeff98120d800ea30ec4115c1069a50fc4e4cf45f051cf9d6cbfd540d62de8add6651a59c7894b1d28d8b71f34c5b52639128098da329bbed520d7c2b93961fc60aaf5b5e2f88baf2570a68372e31bc59145afc17b037024ac34f086aaed90e70eee52c425a083406cc0a9c3896087e82581795d2f72ac03147db176917ac0250d4d72fc948e6330dc6f5bbb34298893d2a2542f5b4ee20962767666d567d89bad0c7c272849c3f42e4ebb5baf550996aee51e6b7bb7fd6c36df359521395ac83417f337cbdf2fd3bee8f71c166f6711820735f1ef32e4bd74677bec5a7ac04f81bc835a7e6adf4cbfdb62cfa3263f5c473661dc864b56260e0e9ebad50cf4fd86bb6de59edd111b49736f370c6ff9a2ecaaa52480fed3faf17636ccab8a68f61146806132355e7160205996e3f04dcc4d61fb0351865956ca1c7455f28649b804adc0b2df83366baca1e79b98b8677e2ae986c22d783668fe23b4aa6955442bde38262ece29f5af1765fb8673b18466e9c69888f3cdce6fe3063cd4bd3d4beb38e27486ff68a1941a7a81ac1c2e4f0221cade5c2bbba78da8bcc472c7bf7c2684c2030a3c45ed05896a664cb068c5d6dc03ab18c1b3281d4f985a26dceeb6d47362bcda3a0b448905dc413241f3ace2bdb4aa74111c2ff13db395954820cbfd826d0132beeabeeab684370797912534110388db7b961e2265d746c461180d1fc6840fe56a21b38ff06c605f8a8e005bece8c106d890d47751dc56486bd945a7764d24540317d2b4afbf00c111f1d4a9afac47117cb450c5482cbc5104a3d094c800299a5f092d17a40c9f8ac010836b9b8744964327139f1936eaedba9f03166dc2fb94522c2b453d0f8fd5041e550910ad8e16709dc7525efca6d1b46c6f6acc041060023edae748aa15719a7253850dc98b5eb98b1776b4f24d3ad58e1abfad2770c154a75add0e5f303755d3851d6c24838e0dbc7a994a79f1113a415fc4c53ec7c0c9450394edf95bd38754d6dc55fcbfdc5ce61e58f6b742e2bd1228aa3020b13ef2745cfc60896ed9cec0c4aeafe68c6c81a0f421613cfb0c6f703cd2409d3aa1254f8a4c612132f6196aaeac04e4ef8b9d578dfa5f36018188e5464463e0208cd5f864935048f87cb7c2fac7aebc4f1396e7c5571c1bab5b4bd24156562306b57c5bf100a0aaec6f8743f017db29ecafd5a52f2b1642b77487b50e1a17097ce36364325d02786df74db431efb112e78c8326271cbb73cc2b5f7d04765fa10ec05bcf0f2782a8839ad1f238bcdcc70761e66b95a4f3bcf017f7e42a6822ce7c5ad1fff6c418ac9dd5f34cfc459933f9ae399b005900b309998caa0f5355924341b7f35b91ff460074d2ceb8499b5db7bb9e87b4f69b1ace1910d3401fceda83bf34fe7a38c388636f10fc244a651e8cdcfaa9f205b9350c36994af74960b2e0c8a27eb68d8bd779ab75355708d5fba5fc644d5cd9d4bb480fd4c03f220eb1bf2986d1d093d6a068538535d804091e5431a8f5f9a246f5ee409d83c08d24bffefdfe55d27bdb531342fc71166269ef0e724b9a7e66e7e77f4d878463c6abdb1f46c199251f97769241f29810fb02e800458447eb843968c0d9d0935bb83cd576eaa465dac6dbcc34ee2d2416b412a6c27b74ac9447544f09984ea296f0bcf661566b137349b19347c0288b4fb5ff7764cf71f58f0ffb038a5864f6536a1894c84bca54e04d5880980da7e1a32ff0e3a8c3df7f55aa8e9617b4d14229844dbbcdc9fa697efd90b09c688b74584dd94a294d3a5c753f2b00b338ed3babd161e5dfe1844576f054e97c621a1e68637de440fe752d07f1077ce8b3fcd50a1c379dbc6f4177d23ac3309edf64abac952ece9e1c0fa53ad75b29931575add00824ba5d56b605f26a3bb5cfad0162227063b11c70aef27733a8c66f82c3294356ff949023b1d5d6ef881add88b8363068ab8b56acae5f93845599082b3748dc84db2364e64df8db3bcd31d5889ccb5b0a647be90dd269bcf6e2771780b06e8a7cd7196c3ed775bd44f240ae90dc4eca622a99a636fb9a3e998c7917cf7536a566bf7c6ac833b452818868fad80ca6e6047cf0215b61f171abb124bbe78abc5802d10fb3f492eea6e8530230e9b709fef64b551da425801e62ba90d8844cb5ec8b0c55a50b4d21109debc8d6b675d97145055b84197c949e77b35e83090c1961cdf5b13608f1c0bef73717e1bb72b51e9579ef594af6f66e7d559159afb2a4cb7b7fa27dc30a89de0e5fbe88a40199e84516a19747f0b80bab9f37ec58e808ab83235479ceff5570031b2271d4c81a221952a59104711eafbbaad02ab258e7584f2a6aa4dd8e8ef36a24bdfc8d610f4ce5933f651dec379b2231bb72730c5d488fca6379e753a4e5985a05ca13f1d6c0f45be58ba7d945eca52c618e26254005663d39e067d020b9c6102ebb1a679621a84ecfc1ef001f388bfa5932db6b686f22e9f3ead5b14cb85d67f602d91b91707aa9938b38a13725fb276caa7f9c5e0abbecacab88c7a8d9d005f251011f8c7bec0261252700cc311b9176114bbcc94399d9cda75e7e6cd1f7085b6c3aeaaf4962a1ae850578577b3d9d5edcc2fd9c396c4137b953b465f40f3de1f9d5240af294c598ffb82f7fc9090f12e765dfbd6b5a2ae6931b9d77b860950b99f667406c19777452eeebf746778ff3d67eb9c22669b70f14d27c435972ec39af9f6e058c770db876b472c9564e83b7d3622b3107719fe0962b13dea1d6e7f15883d52ecdbc30d6e418d9cae89e6eb9988d3d353dc098ec194d8da02564b009fa365c55a8a0f183e69ec763a50f6f1859e253441b0cdbb3a60fe7eb5b05cdcfd1df96c672d3aed2f1cd3f7e43aad48f76c347a61e579405c252ae6e7c283bd5fd76be66b0255592e3a722f63266491dc1d637b4f33b586d3968eb535db9849c4e2df292ddb09a0b29194ff008932bb442f6f742a21a6255a327e42f3fde4fde3883dcfc8274b16eebdee3d2d8ae900676468b0095fefa6aa43ce9300da4c1e5c96d4f50f270b5bf001fb03bff6bcf2804a61fd90e51daad7d44bfaafe8d8f71bf4923d8579059105a0bd8eac0af1435e952342970fc298b7b714e50c7b60d0c5be50c13761e13372896d31f8a310ec45a408c80b1f110aaa5d36e59cdf3b0e09e50976f5e806629e08a5c2d5bc034eabc532db494c31ba661651dbacdc9bd5b95baf1a029be4c40c19247730d8cb13042de3cef463d3718ca456225169da09e93789a18aa6a3d2fbdab988b03a899ca0c12b6c3dcfd5f3"}]}, 0x1018}, 0x1, 0x0, 0x0, 0x80000}, 0x0) semctl$GETPID(0x0, 0x0, 0xb, 0x0) ioctl$SIOCPNENABLEPIPE(r0, 0x89ed, 0x0) ioctl$EXT4_IOC_MIGRATE(r0, 0x6609) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180)='ethtool\x00') sendmsg$ETHTOOL_MSG_STRSET_GET(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x18, r3, 0x9, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}]}, 0x18}}, 0x0) r4 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r4, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r4) getsockopt$inet6_IPV6_IPSEC_POLICY(r4, 0x29, 0x22, &(0x7f0000002180)={{{@in=@dev, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in6=@dev}}, &(0x7f0000002280)=0xe4) r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) r8 = socket$netlink(0x10, 0x3, 0x0) r9 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) open(&(0x7f00000023c0)='./file0\x00', 0x3, 0x2) sendmsg$nl_route(r8, &(0x7f0000000040)={0x0, 0x2a9, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r10, @ANYBLOB="000000000000000028001200090001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="5d4c29be7813469d"], 0x48}}, 0x0) sendmsg$nl_route_sched(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000004007a2a30005000000", @ANYRES32=r10, @ANYBLOB="00000000ffffffff000000000900010068667363000000000800020000000000"], 0x38}}, 0x0) sendmsg$nl_route_sched(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000c80)=@newtfilter={0x34, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {0x0, 0xfff2}, {}, {0xfff3}}, [@filter_kind_options=@f_route={{0xa, 0x1, 'route\x00'}, {0x4}}]}, 0x34}}, 0x0) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f0000002380)={&(0x7f0000002140)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000002340)={&(0x7f00000022c0)={0x7c, r3, 0x10, 0x70bd2b, 0x25dfdbfe, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x54, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg2\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @ETHTOOL_A_LINKMODES_OURS={0xc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}, @ETHTOOL_A_LINKMODES_SPEED={0x8, 0x5, 0x28b}]}, 0x7c}, 0x1, 0x0, 0x0, 0x890}, 0x4840) 00:51:45 executing program 0: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x2c0802, 0x0) sendmsg$AUDIT_TRIM(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x10, 0x3f6, 0x100, 0x70bd2d, 0x25dfdbfb, "", ["", "", "", "", "", "", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x20000800}, 0x10) 00:51:45 executing program 1: semget(0x0, 0x2, 0x40) semget(0x3, 0x4, 0x40) r0 = semget$private(0x0, 0x2000000010a, 0x0) semctl$SETALL(r0, 0x0, 0x11, 0x0) r1 = semget$private(0x0, 0x4, 0x404) semctl$SETALL(r1, 0x0, 0x11, 0x0) semctl$GETPID(r1, 0x0, 0xb, 0x0) 00:51:45 executing program 2: socketpair$unix(0x1, 0x5, 0x0, 0x0) unshare(0x0) perf_event_open(&(0x7f0000000140)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r0, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r0) ioctl$KVM_SET_XCRS(r0, 0x4188aea7, &(0x7f0000000080)={0x0, 0x5}) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) add_key(&(0x7f0000000280)='asymmetric\x00', 0x0, &(0x7f0000000300)="fc", 0x1, 0xfffffffffffffffc) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) getpid() setns(0xffffffffffffffff, 0x0) syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f00000001c0)='./file0\x00', 0x80, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="6f626a5f726f6c653d2f6465762f646d6d69646923002c00eb02787e7be1f412898c972845b89e5a9c6b43c91edb7aeab4824d948caab528b2ac50baf9740886f8b98308944a"]) 00:51:46 executing program 4: r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/commit_pending_bools\x00', 0x1, 0x0) ioctl$EVIOCGLED(r0, 0x80404519, &(0x7f0000000040)=""/4096) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r1, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r1) sendmsg$SOCK_DESTROY(r1, &(0x7f0000002100)={&(0x7f0000001040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000020c0)={&(0x7f0000001080)={0x1018, 0x15, 0x400, 0x9, 0x25dfdbfe, {0x10}, [@INET_DIAG_REQ_BYTECODE={0x1004, 0x1, "dc7acd8d42f53df32ceb5bb563a78caecb05dded2bf289eb757fe1d942a1d3ffa15c50ee9ee1ad25922f8bb72dcda75ed9f948aeab1d75dc6913eb67a05ec0a66da9cbf99107447aff64df1a8d3e10da637280db5e716197069612506f69e61f3c44777ec58056655878c6729bbb14f24e5091c77f3a6979ed9b8ee31d7de899f23c308a8f319a2fb9387ca8d57692b32590ed2413ac44394fc8b0dab91002d2fdcd4d2aaa0bdb5bbec1c5a6103cf7c688ec5492ddbd28ff65478d0eeb4dbd09ef78b9700c6bac7770c7c700cdbd1a9077565290e982920b04d560415ed758f09059b5ed2d2e67de7568a3343d54080655aac8c0648da4e3dc703c7b772f2a52b2c5fcfac5a87f74b05e3e85fb6bae68337dc962884cabc8ad733d1381e047dfe3777d0e248b1ceea3158097256f11f9169d8e78afcc89008008689040d45d7eab31a63f8af6b5cd8dced9e5b83da2a99717a9522c476b45b0a5103ddcbdc96297794c9ad0bd328b4054a431e9e3ab05a203d2b663f9a4399355c7d9395bbfde0b8e6ebbd416705011fd4f466b2466501f90e1bdc68e64002f7c0957c90137b77aa010e7a8e78ee7d4ba3d13eb5bcf9f117e602f60d0bab051519e55c1e94fef6e95e5521af6d2a3997bd67cf6f74a460fc5b1a3074b1341fd2c037f23377d22173da87f3372f2212fc533e8caba1156287d695413e9e58a17026058f44ccf0cb7f302ac002a16a2671213dd6bb30cd429499081b288ba64555e72465a167e6e171b38abcaee017ea92660b7bfea07c58cee3f856c722985a05c519db7a429d4bcff0788b634f494400f8176ad3ce1b2c575287e2baa3e0843e3e3c9e737bf7f2464a4eb476a3a98300b5a73e4696c94687566778c5aa8a70a222de6d3bde34c62f2f17098101f36681e0cf5a6e1ba99d8543d1ad949f2da64fc64efa42ccad4f9eb8a73c40a0963650e969796dadc9b2afa7b6f58097e947de60bad7dd17a0be389fc25b0b636122818c43911d5db9d40005c648c8470bf3e275ef3fadf913c833f4f40d5a17acc7a7ad4d8f6b5eba2b30562bb2c78ab42eae0a0ecf9cc8d0f2475a71460ee45a34bdca87095ec1258f90c85e06a29297be9f520fe2a29bdfb4ce2ba9dec5e002b2b1d5e400474a6f5c469ab222e5df906530a67be8e18da981e42db6db3d3519eee43918ef1bfaa7e7f85c06c155a17d0057d8bf8a6d78f9478c16fee26ab1eee678168df35969ff3fdedc72d37f332e80c6e1edc542c494f0ce5848b02a9484cbc8bba5356e5b7f9eaf16ba13c22109f3fd0af4dca045f66ca7f93c7108e1780a93de21d2c46d561eba33db7ba3050b909764c72545f3c741576954b2d8a95bfe82218f49028d71c0fb6405f1f54efc968f0f1fd95d0b4e72cafbb317afdd481bd8d6dca17602fb0cd64fc16cf3aa2aa4984d29eda2d6d6643c4ec0aa3bb6080fc27f38c47c86b9f8d84a408e51a9e97f5e9326a5ae4db80edde5ea0d63dcdc2f6bf7117f67570ccc0fd86c1e800a0fe572f9c82788196be336de8df94207e28cb86f23279a06e02158897ef57985d68a14f9c85dac1cc62718132c0962bfc7ee3185af6acb2abb8dd09432177e10f744ddac7c2f6b404b60f3599921b3971dc0e6c25ddc65cf2d63d4c6af0fe2c2ee8a80d2871f87fb974f9f27921d531b651afc1475c89abb625dbf3fdbf724e975a638c06c954ecc6f9c68f8f8521f5c881c563e931dcc1f4a4e97ced21a6d632a0e11608ebb273753a0f0126d8703e8a58e775e597de506a8d3b69c9957b6dd7387e217d11f7e234299b57d7c121d89e08b9df1b6878b6c99761be344414224fdd6608d4705ec2d44f298aaa55be1b2dc6afb922434036821c804a42eb2446fc0cea55b36cf788b1f30b103e5b6363cd1b782b08923863244ac495281558406269096c73ebfe07af9378bd9cf7dd9c3ca8454abf3272ec19c56ef7629ceac0a7e6740417851f69aef89a98a62f80770c3a91ab1acc379ca9c91fbb58c7ef143fc5e6762bb4f6a0f4101819b91ec44fcb1d2c3a9c1a31a2fd39f9b95e8f7ced01bbce3abaee3418402ee64ae2236a903dfedccc6c3c60f3e0c3e78ebdc77853ded5efe33f3e5e2510008a6e07f0caee22ef2b9c695fd0696d5f2b7aa263fa81deca2997c2af9b3eb6350cce30da2492ee8175613eaa58cc4320ccd90e92f17192a77e055170c8b52ade0ef60a61cfa9e138ff7ffc659935dfe40569eac9a9aee495b7a0b7b814f51daecb3c7cbde8f8c8b99a5720cacd26387f5808270d95050d169f4acae2c0a5c9670eb0a0ccd0b8c05f91fcf8bbb46aa73d181dc581117b34329277b51a164d6d07a3cc9738d9b7839da6e51c0dfa90356ff5205a8e2f207563692e2e924dce5bdd36089aede86e3d0a4bd9a9a45565a30a99af0810b722b76c6cc8c076dbfe046fbb2b79f4bb796be5d3283066a1e0d11e382a6c590479058ad9a48f62f065aaeff98120d800ea30ec4115c1069a50fc4e4cf45f051cf9d6cbfd540d62de8add6651a59c7894b1d28d8b71f34c5b52639128098da329bbed520d7c2b93961fc60aaf5b5e2f88baf2570a68372e31bc59145afc17b037024ac34f086aaed90e70eee52c425a083406cc0a9c3896087e82581795d2f72ac03147db176917ac0250d4d72fc948e6330dc6f5bbb34298893d2a2542f5b4ee20962767666d567d89bad0c7c272849c3f42e4ebb5baf550996aee51e6b7bb7fd6c36df359521395ac83417f337cbdf2fd3bee8f71c166f6711820735f1ef32e4bd74677bec5a7ac04f81bc835a7e6adf4cbfdb62cfa3263f5c473661dc864b56260e0e9ebad50cf4fd86bb6de59edd111b49736f370c6ff9a2ecaaa52480fed3faf17636ccab8a68f61146806132355e7160205996e3f04dcc4d61fb0351865956ca1c7455f28649b804adc0b2df83366baca1e79b98b8677e2ae986c22d783668fe23b4aa6955442bde38262ece29f5af1765fb8673b18466e9c69888f3cdce6fe3063cd4bd3d4beb38e27486ff68a1941a7a81ac1c2e4f0221cade5c2bbba78da8bcc472c7bf7c2684c2030a3c45ed05896a664cb068c5d6dc03ab18c1b3281d4f985a26dceeb6d47362bcda3a0b448905dc413241f3ace2bdb4aa74111c2ff13db395954820cbfd826d0132beeabeeab684370797912534110388db7b961e2265d746c461180d1fc6840fe56a21b38ff06c605f8a8e005bece8c106d890d47751dc56486bd945a7764d24540317d2b4afbf00c111f1d4a9afac47117cb450c5482cbc5104a3d094c800299a5f092d17a40c9f8ac010836b9b8744964327139f1936eaedba9f03166dc2fb94522c2b453d0f8fd5041e550910ad8e16709dc7525efca6d1b46c6f6acc041060023edae748aa15719a7253850dc98b5eb98b1776b4f24d3ad58e1abfad2770c154a75add0e5f303755d3851d6c24838e0dbc7a994a79f1113a415fc4c53ec7c0c9450394edf95bd38754d6dc55fcbfdc5ce61e58f6b742e2bd1228aa3020b13ef2745cfc60896ed9cec0c4aeafe68c6c81a0f421613cfb0c6f703cd2409d3aa1254f8a4c612132f6196aaeac04e4ef8b9d578dfa5f36018188e5464463e0208cd5f864935048f87cb7c2fac7aebc4f1396e7c5571c1bab5b4bd24156562306b57c5bf100a0aaec6f8743f017db29ecafd5a52f2b1642b77487b50e1a17097ce36364325d02786df74db431efb112e78c8326271cbb73cc2b5f7d04765fa10ec05bcf0f2782a8839ad1f238bcdcc70761e66b95a4f3bcf017f7e42a6822ce7c5ad1fff6c418ac9dd5f34cfc459933f9ae399b005900b309998caa0f5355924341b7f35b91ff460074d2ceb8499b5db7bb9e87b4f69b1ace1910d3401fceda83bf34fe7a38c388636f10fc244a651e8cdcfaa9f205b9350c36994af74960b2e0c8a27eb68d8bd779ab75355708d5fba5fc644d5cd9d4bb480fd4c03f220eb1bf2986d1d093d6a068538535d804091e5431a8f5f9a246f5ee409d83c08d24bffefdfe55d27bdb531342fc71166269ef0e724b9a7e66e7e77f4d878463c6abdb1f46c199251f97769241f29810fb02e800458447eb843968c0d9d0935bb83cd576eaa465dac6dbcc34ee2d2416b412a6c27b74ac9447544f09984ea296f0bcf661566b137349b19347c0288b4fb5ff7764cf71f58f0ffb038a5864f6536a1894c84bca54e04d5880980da7e1a32ff0e3a8c3df7f55aa8e9617b4d14229844dbbcdc9fa697efd90b09c688b74584dd94a294d3a5c753f2b00b338ed3babd161e5dfe1844576f054e97c621a1e68637de440fe752d07f1077ce8b3fcd50a1c379dbc6f4177d23ac3309edf64abac952ece9e1c0fa53ad75b29931575add00824ba5d56b605f26a3bb5cfad0162227063b11c70aef27733a8c66f82c3294356ff949023b1d5d6ef881add88b8363068ab8b56acae5f93845599082b3748dc84db2364e64df8db3bcd31d5889ccb5b0a647be90dd269bcf6e2771780b06e8a7cd7196c3ed775bd44f240ae90dc4eca622a99a636fb9a3e998c7917cf7536a566bf7c6ac833b452818868fad80ca6e6047cf0215b61f171abb124bbe78abc5802d10fb3f492eea6e8530230e9b709fef64b551da425801e62ba90d8844cb5ec8b0c55a50b4d21109debc8d6b675d97145055b84197c949e77b35e83090c1961cdf5b13608f1c0bef73717e1bb72b51e9579ef594af6f66e7d559159afb2a4cb7b7fa27dc30a89de0e5fbe88a40199e84516a19747f0b80bab9f37ec58e808ab83235479ceff5570031b2271d4c81a221952a59104711eafbbaad02ab258e7584f2a6aa4dd8e8ef36a24bdfc8d610f4ce5933f651dec379b2231bb72730c5d488fca6379e753a4e5985a05ca13f1d6c0f45be58ba7d945eca52c618e26254005663d39e067d020b9c6102ebb1a679621a84ecfc1ef001f388bfa5932db6b686f22e9f3ead5b14cb85d67f602d91b91707aa9938b38a13725fb276caa7f9c5e0abbecacab88c7a8d9d005f251011f8c7bec0261252700cc311b9176114bbcc94399d9cda75e7e6cd1f7085b6c3aeaaf4962a1ae850578577b3d9d5edcc2fd9c396c4137b953b465f40f3de1f9d5240af294c598ffb82f7fc9090f12e765dfbd6b5a2ae6931b9d77b860950b99f667406c19777452eeebf746778ff3d67eb9c22669b70f14d27c435972ec39af9f6e058c770db876b472c9564e83b7d3622b3107719fe0962b13dea1d6e7f15883d52ecdbc30d6e418d9cae89e6eb9988d3d353dc098ec194d8da02564b009fa365c55a8a0f183e69ec763a50f6f1859e253441b0cdbb3a60fe7eb5b05cdcfd1df96c672d3aed2f1cd3f7e43aad48f76c347a61e579405c252ae6e7c283bd5fd76be66b0255592e3a722f63266491dc1d637b4f33b586d3968eb535db9849c4e2df292ddb09a0b29194ff008932bb442f6f742a21a6255a327e42f3fde4fde3883dcfc8274b16eebdee3d2d8ae900676468b0095fefa6aa43ce9300da4c1e5c96d4f50f270b5bf001fb03bff6bcf2804a61fd90e51daad7d44bfaafe8d8f71bf4923d8579059105a0bd8eac0af1435e952342970fc298b7b714e50c7b60d0c5be50c13761e13372896d31f8a310ec45a408c80b1f110aaa5d36e59cdf3b0e09e50976f5e806629e08a5c2d5bc034eabc532db494c31ba661651dbacdc9bd5b95baf1a029be4c40c19247730d8cb13042de3cef463d3718ca456225169da09e93789a18aa6a3d2fbdab988b03a899ca0c12b6c3dcfd5f3"}]}, 0x1018}, 0x1, 0x0, 0x0, 0x80000}, 0x0) semctl$GETPID(0x0, 0x0, 0xb, 0x0) ioctl$SIOCPNENABLEPIPE(r0, 0x89ed, 0x0) ioctl$EXT4_IOC_MIGRATE(r0, 0x6609) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180)='ethtool\x00') sendmsg$ETHTOOL_MSG_STRSET_GET(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x18, r3, 0x9, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}]}, 0x18}}, 0x0) r4 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r4, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r4) getsockopt$inet6_IPV6_IPSEC_POLICY(r4, 0x29, 0x22, &(0x7f0000002180)={{{@in=@dev, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in6=@dev}}, &(0x7f0000002280)=0xe4) r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) r8 = socket$netlink(0x10, 0x3, 0x0) r9 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) open(&(0x7f00000023c0)='./file0\x00', 0x3, 0x2) sendmsg$nl_route(r8, &(0x7f0000000040)={0x0, 0x2a9, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r10, @ANYBLOB="000000000000000028001200090001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="5d4c29be7813469d"], 0x48}}, 0x0) sendmsg$nl_route_sched(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000004007a2a30005000000", @ANYRES32=r10, @ANYBLOB="00000000ffffffff000000000900010068667363000000000800020000000000"], 0x38}}, 0x0) sendmsg$nl_route_sched(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000c80)=@newtfilter={0x34, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {0x0, 0xfff2}, {}, {0xfff3}}, [@filter_kind_options=@f_route={{0xa, 0x1, 'route\x00'}, {0x4}}]}, 0x34}}, 0x0) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f0000002380)={&(0x7f0000002140)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000002340)={&(0x7f00000022c0)={0x7c, r3, 0x10, 0x70bd2b, 0x25dfdbfe, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x54, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg2\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @ETHTOOL_A_LINKMODES_OURS={0xc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}, @ETHTOOL_A_LINKMODES_SPEED={0x8, 0x5, 0x28b}]}, 0x7c}, 0x1, 0x0, 0x0, 0x890}, 0x4840) 00:51:46 executing program 1: semget(0x0, 0x2, 0x40) semget(0x3, 0x4, 0x40) r0 = semget$private(0x0, 0x2000000010a, 0x0) semctl$SETALL(r0, 0x0, 0x11, 0x0) r1 = semget$private(0x0, 0x4, 0x404) semctl$SETALL(r1, 0x0, 0x11, 0x0) semctl$GETPID(r1, 0x0, 0xb, 0x0) 00:51:46 executing program 1: semget(0x0, 0x2, 0x40) semget(0x3, 0x4, 0x40) r0 = semget$private(0x0, 0x2000000010a, 0x0) semctl$SETALL(r0, 0x0, 0x11, 0x0) r1 = semget$private(0x0, 0x4, 0x404) semctl$SETALL(r1, 0x0, 0x11, 0x0) 00:51:46 executing program 0: geteuid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000000c0)={0x0, 0x0}, &(0x7f0000000140)=0x61) setresuid(0x0, r0, 0x0) syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[], [{@uid_eq={'uid', 0x3d, r0}}]}) r1 = gettid() tkill(r1, 0x13) ptrace$setregset(0x4205, r1, 0x3, &(0x7f0000000200)={&(0x7f0000000080)="c2509dd660783076e08d41fee3653ade", 0x10}) openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x2, 0x0) 00:51:47 executing program 5: semctl$GETPID(0x0, 0x0, 0xb, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000000)=0x8800, 0x4) 00:51:47 executing program 1: semget(0x0, 0x2, 0x40) semget(0x3, 0x4, 0x40) r0 = semget$private(0x0, 0x2000000010a, 0x0) semctl$SETALL(r0, 0x0, 0x11, 0x0) semctl$SETALL(0x0, 0x0, 0x11, 0x0) 00:51:51 executing program 3: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000340)='/dev/sequencer\x00', 0x200000, 0x0) ioctl$SIOCAX25CTLCON(r0, 0x89e8, &(0x7f0000000380)={@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x2, 0x1, 0x6, [@default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}) semctl$GETPID(0x0, 0x0, 0xb, 0x0) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) r2 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r2, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r2) bind$inet6(r2, &(0x7f0000000080)={0xa, 0x4e20, 0x6, @empty, 0x2}, 0x1c) write$binfmt_script(r1, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r1) r3 = syz_open_dev$vivid(&(0x7f0000000000)='/dev/video#\x00', 0x1, 0x2) sendfile(r1, r3, &(0x7f0000000040)=0xffffffff, 0x3) prctl$PR_GET_THP_DISABLE(0x2a) 00:51:51 executing program 4: socketpair$unix(0x1, 0x5, 0x0, 0x0) unshare(0x0) perf_event_open(&(0x7f0000000140)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r0, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r0) ioctl$KVM_SET_XCRS(r0, 0x4188aea7, &(0x7f0000000080)={0x0, 0x5}) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) add_key(&(0x7f0000000280)='asymmetric\x00', 0x0, &(0x7f0000000300)="fc", 0x1, 0xfffffffffffffffc) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) getpid() setns(0xffffffffffffffff, 0x0) syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f00000001c0)='./file0\x00', 0x80, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="6f626a5f726f6c653d2f6465762f646d6d69646923002c00eb02787e7be1f412898c972845b89e5a9c6b43c91edb7aeab4824d948caab528b2ac50baf9740886f8b98308944a"]) 00:51:51 executing program 1: semget(0x0, 0x2, 0x40) semget(0x3, 0x4, 0x40) r0 = semget$private(0x0, 0x2000000010a, 0x0) semctl$SETALL(r0, 0x0, 0x11, 0x0) semctl$SETALL(0x0, 0x0, 0x11, 0x0) 00:51:51 executing program 5: pivot_root(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00') 00:51:51 executing program 0: clone(0x700, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0), &(0x7f0000000100), 0x390, 0xfffffffffffffffb) truncate(&(0x7f0000000040)='./file0\x00', 0x8) 00:51:51 executing program 2: socketpair$unix(0x1, 0x5, 0x0, 0x0) unshare(0x0) perf_event_open(&(0x7f0000000140)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r0, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r0) ioctl$KVM_SET_XCRS(r0, 0x4188aea7, &(0x7f0000000080)={0x0, 0x5}) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) add_key(&(0x7f0000000280)='asymmetric\x00', 0x0, &(0x7f0000000300)="fc", 0x1, 0xfffffffffffffffc) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) getpid() setns(0xffffffffffffffff, 0x0) syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f00000001c0)='./file0\x00', 0x80, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="6f626a5f726f6c653d2f6465762f646d6d69646923002c00eb02787e7be1f412898c972845b89e5a9c6b43c91edb7aeab4824d948caab528b2ac50baf9740886f8b98308944a"]) [ 3277.875176][ T4811] dns_resolver: Unsupported server list version (0) [ 3277.912972][ T4811] dns_resolver: Unsupported server list version (0) 00:51:52 executing program 1: semget(0x0, 0x2, 0x40) semget(0x3, 0x4, 0x40) r0 = semget$private(0x0, 0x2000000010a, 0x0) semctl$SETALL(r0, 0x0, 0x11, 0x0) semctl$SETALL(0x0, 0x0, 0x11, 0x0) 00:51:52 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x1, 0x5, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0}, &(0x7f0000000200)=0x5) setresuid(0x0, r2, 0x0) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240)='nl80211\x00') sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)=ANY=[@ANYBLOB="14000204", @ANYRES16=r3, @ANYBLOB="0100000000000000000007000000"], 0x14}}, 0x0) semctl$GETPID(0x0, 0x0, 0xb, 0x0) 00:51:52 executing program 0: syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={[], [{@obj_role={'obj_role', 0x3d, '/dev/dmmidi#\x00'}}]}) r0 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x1, 0x111601) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r1, &(0x7f0000000400)=ANY=[@ANYBLOB="23214afaf3e5dab2c9abf86ed297d00ae0086a5353d7237e1d0c92aa548c2947ae9cd986f320f64ec31233f90176b7e2a8abdd82416a3b024594f917fc8f0bee1249291c87c7e40241787b7893b0960d4c50d7b64f7e8188581de4fa08dba5afaa97c248bc3800f3436eb7e9556425ded42fd239058a64921b8d1b6aad118b38019f2cb8"], 0xc) close(r1) recvfrom$phonet(r1, &(0x7f0000000080)=""/139, 0x8b, 0x1, 0x0, 0x0) r2 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r2, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r2) fsconfig$FSCONFIG_SET_PATH_EMPTY(r2, 0x4, &(0x7f0000000200)='-nodev*/cpuset/%\x00', &(0x7f0000000240)='./file0\x00', r1) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000004c0)={{{@in6=@mcast2, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@local}, 0x0, @in=@dev}}, &(0x7f0000000140)=0xe4) r4 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r4, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r4) fcntl$getown(r4, 0x9) sendmsg$DCCPDIAG_GETSOCK(r0, &(0x7f00000028c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000002880)={&(0x7f0000001680)={0x11e8, 0x13, 0x200, 0x70bd2c, 0x25dfdbfe, {0x2b, 0x0, 0x1, 0x81, {0x4e22, 0x4e21, [0x8, 0x4, 0x9e, 0x4], [0xfffffe01, 0x1f, 0x3, 0x6], r3, [0x1, 0x8]}, 0x6, 0x200}, [@INET_DIAG_REQ_BYTECODE={0x1004, 0x1, "8a643bf9f7c69e24ac173436feb68acb2104ebdefa1f761c534a99792aabac5b804caf4cfa9a1ba1725c37b78737cf4cdae6e6b91e9f4c41da3790ccde6be838306a3737d1c81ae692108db42346ac889e97bdbe078c8331603a69d4ac1898e8d23c95978364ad2b8e9f17f81b07c5c059870f4fd1cdfb1b0ed05bafea8369890a1ed31c62cf6b24f4af323102c8218556533d0b044141654a1c4df5b62c39d5d0238dbe9aabc44d576fbdd7ded068789ffbf8516c14bc7fd68aebb4be3217271a02ca567f5c67f0ae6c5dcfb01a3633d5ea1e58114061ab0b785d85e9295cd4b1e06ad4094101856f8712e626e42a6fa2117d0e7ea12c9b9c5b786a6c2e363844d2083e6236935f11f4b3b7b10370997e3480d9846350db7b992da3a24c71ab2fb602328a8411c060d69397ace1bee9f623a03b8198dd9f74f73f3051c13fcaa57158c1620c2cdd4cd189d61735bcec2bee8960b4e38c8ce1df5d75ee1f14d9eed0b1adafcdd9affc522c93e9a8f0030f065c2b32dfcdeb363ebd7d81d34ca83d0db61366b804dffcda2f1d462520fc0177f278f032e5d7903ec0ff8f67049e1d67ddf79f0659b25979c6e862ad96b7cecd00b90feb204625234687d28d4d5fb1bd8d6adc6c0adb65b6833369b5704eee4e28447640d944594b507b22aea00cc2f6a9693fffb6a0bc3fcf762e93c8a70e7e16cf333ea46233c72a46225a87647776b57ff73115f56bb6383adbf4e44c9db70a2577b447c97eb32e17d2f71f3f38eb8fb803e14a0a394cb2a8d3adbff159ee730228cbbe73cfd45ce945ed1329f0dcc946a06e26a78d1f866899b0ff7bfc62fa50d663f978be6f36fc0eeabd465167e78027520838a415165c2b78ea36dedaaeabcc26e92dfa96cc573e9604704fbf5256c64e8140486df544b55020268f24c6d5b3b3fadf178ca70e882f5e516639afc4410b1877e71df3e3463befa335db26e4832238b9edc24e7301fa9569f46464841ebc16afe63d1c618e974da7e7c00d5f37d88819acc1666eb6d33e7a6cc26a8b13e165cef48c7d52444334f75fff01adab806401bd0a3586a2686898ca9c3cb07bf88cfbd1f19f09168bd227606fc72294b3b1eb7f566af76cf31cfe4f680e8a82dea5f536db83de32092af42a5743a1f8648d568297d29cd2308170d1c4c37d4329512dfae1bb82ce6f5db53b6deb48e7cc09c2030689f397cfe9444d04a15d8669c20a6d7126e7ff7f843c7bd2406be4772e84d2d2b9b9a89c241aede00d3930dde74a038d2d7838fd7ffb94f0fad4efa3eef638879e4606f41bc598e8e529e2df9047b0a062be43441c8940ef9963a8cd97fa574592e2025a15de73e788d6b25dd2350c1a55371cf1fda46f508f9764eca84deda3ba9e35db3f8ab49dd473183bb784f3dbdead93d7d03ff25f3a5abef8b8f60db48b0db948e2525f3df6a1b40533bd7b83f2973339203765cb564c9b9c3eb21f1878719664eb84e4eed9a48e9f8f16a1028ad4addc410b4d78ac84ca5b23ff418657a58cd216ecebd4c183a0af054a95520d002f9ad790eee794f6bce88b85f52528dedc55d4d42cf1ede279fdc174783b4065e87b1c87fc582a1811ce3341be9b89f9df1ebfbd270a8a444d2e8167d0857b8d66678d7e0860e33505ee50b61f5f7772664b2770d85d379b42154b7b15bef038f7066f17289338bc8cdb584fb6e69d71a9018b6df12770c0b6b0063b106da1be5bed91f3b8229354fc9c8bcccbd97194cd21614d64c1a755e5e52df0bbe2e86fee5501cfaf7b738727131ace109be966dcf1293678a2237b65d770a0140097d149a9eb182d85227ac4edbf2180c9f7f391c8a2149cca4f7509b24b24ef3c7a0708e30bd244f14d107c16b83bd7087141a8eb57aecdb704c0652f2a178bbfd89be9c0ca76ecec826d0405b0c254cad8af689833a22c2b980fef48e45d76942e3e69af7d3443f41382962ae841cbe333ad58047a6bef0ae3acf7b7c3691c4179bb020913e9146bac83a8da8504fea3214dbde8d75f42cbde265e571c4a97dae245e2c30162ddc3a61f674bd84e819fb18807e04abd1cc9f0bf264fe6c5c0dcce9cf12d3d064031925438e434d90eca27495a7f077ed3c55cc332e3e68f5af851aa914d1cf53d5f9597f9d3dc65785a29ee640a1b9ab795a45567b85acb6f73592dabf97b69261205cc49fdd2c8e5a7e29a2c5e885effb65bd4d89622cc3cd60113e48f6d11652c62b461b1ff39c8aadaafe2486ec0701865664c349bac17b6b60418782b4a0e0712c2b91e2537cc16cc92e4cc1229b3e38e367238c32b4647610be888d0996d827734ac2efa0475ef05c4a3543361221c98a22125408a4455b8e08a9a0fc8e39c8ead081ab605ef74e7068e19f6febdd6ee4c32ae241a560ba451e89578c647d6c29a0feadc1170bfb8bf9bb6972e54cba61f1c29c0518ac20599042367471646e2028d5990a5604ad6adbbb0ea6511ca76df83b94b055e89578eb0e8fd10dfb7fb61b1829a05efd16bb7f6b8bdf55374fad8ad454ef224699220f5d421432eef513131bf0710b10ce5022f36676c9197d2bb7c5039e23686653d88bd514181920b58716363eea5ad6acf3446dcd1d30d8247998fa1bb1cb01ac905e4171d3be3a08d796702ac47011c93f642afa3ec318377992abe393864e8153ccfe440aed55d5224315943f53d3bf3d48a9d6c64bdf881e6f753e940eff70ea8ae277853702d14b9d9611893b59661cce148dc7fe75df4dd323241c4c810d0c7588fe3eb3f43f251e37079e52fbb0de91c38a5f2e0e6b1e2f34852a59efe226e18ebda22684d3c49046b8b35bd6f5d9e7f8f5751f9f3d9b951c3ade7da05d9b6ce99ffd0bd4d1eba08bd4aa880d61576884840dcbddd5ab8cecd31e0d1164e7bf81b9bb9f99462238693d091d5f19a013f923e0d1faf77801784c8ed80a9d6306d3ca79e23ec0ba0b12947ac5dcfc0bd8f3b2507dd563d3c57f2bee7f758fc1c513b1a3168a47b1a76f41915459f7fd3207fceb2e0390746d3327220a02fc88c72acd6b6f2fecd746bf2a3e01bfe1473c42ee4f70aaa35e946fd9519f6512082429c0398c6715932e6311b941a9fda56166f9791b9d67a48558679ce49baafdaf72c56e491a91612026aff58905bf59cda8142c67976b62a150fb6c1473ba496bab5a6286a1493dfdcf7bd41ab63a176a17a0ef7ba0b6f628a8fb0e1ed9ef9f7ad4772f4dfa7fbf47056b321cee094f2adcd57d6bf0980cddf2314564cd1bfabef4f90179e57ed4495df3ef19990b205122670665f18b08ce4d71d92966ff5be6986a885ef213cd110bce412c42d65861ad24d71140370c4ebb788d004eb80a9bba01bdc023f07c0d65de18f52ae4eb5da468f8f2b4152c069681982a8669453f563adbe04116ac64de4e47f05a35efef3df3d6d89ae7a1dae4e2829465986d2c506af7702621b994c35a34384c585665f136f101a0d0be9d4a14dcbaee3a4bf6e34aa7b31474fe14b01cd7bebdcb1f2899b198868094340d03ca26341a697c4811b301824cb9ae8845804f3fc3a0f2f33261a6420ebfa8a32c637ad39b90b509d1acd7e25cfc549c4a32266784f6adb408ac75a51d4842e27b21b7c329fa7ec8190b8971ab25b633d590844115abbdbe3944170fe5039e08ce785dcf0bbffcaf0ed48d8b49c62b5f76f0ddb01f40d754dc0d8a278c9db8e95bda3be189de433201aa30bbf33be7882356008a61a6209f1fc7cd8ba5df7d58e073db2a6a12a46d075ff88238d64d85439f9ee744268d4e53371cc6e7c91814b15d16429dcd4cb3b9a7e6159944e2c47f5fb86f90617160eea0d8dcd409e738b0a1c9a9b80e2d7a27945d8b5962881deeeb7936a2db6c43e3de78bb4388d2314be216eabb368239e60510b86357eaf32741dbe62561a5cf366123ac25ab4e1e51a72fb451dbd51cb36bee0d57a1de1bc4e5a524c131022c035ab87559f171acf3e716b2028296108976f580367e68698260aacd7273c826ec456320dd0dd7073f31a507fb6f075918abcab84913016d74a2930409232a144ffe503e423ffed44a851fa79fbecbbbcc0b5b84974be4be448df729fac8f910178f063153f009d9c978badda66c5515881131b2fa7a28db5ccf9d64358a63c6c41dc5fa1d31948af72cc905e6a00d15a8eb860eeab4ea13e2f2896928e63ee9e890c9364c9583ae3cfc5007279afd2b629c710ccd50074d06d9a6f49ea35bc1d31097019075692e9f7705ffaff81ac28ecfceb9c1effda07f93d271209b25c03dccddab901522cfe5b9d6317e828df62a3dd149dddf30116895df6c1cb831c653a47d9eee163f18309190935f1d27e566bb0dccea581631c9db95c48d21ab2fd211fd86247a8b7c33b8a4c526eecbd9d9edc7bfda8b861c977e7178a8fe5239cabeedc967f1c63dd0ff862ea4be3d0bb127d0ad2a96dc390670ec949e4d72c46831a078ccea2e5fd00c4111147981122b9100a1570a33ef6a5db9d079641a9e59af2116b69872f743aa9ea924223972ab51991fb048911b8bc4dce856bdf4e923331302ac939e35fe2ee403376c284094294cbc72342db7043d86c1ad483a1ce3301816dc4ab8f7c0e204110733006321dba2cfe7edfabcce3e5e5a162d367df99b96a682da04af0d95e6703e6d5edf7813d276f082e9a21fae297692eff36ca7030aa543b507f0c3223f977a3a22696aa13fc6f176341df3a9d8436ecb511bb3ef664145bc895213d0b6410b1f5b9134e2ca60de1f7da2be0f9eca26ccbdf23afd99fd6b2899e7b3c732d3448e1b15a5a8cc457b460d8b137624576fa6da3056699d3a9eac33c0202d32ff17346dfc3b6dc1e6f72553b0c08ac9c394ec907d579eb1ddaf2e1163210f55b53f70bd233a24576a29c805f799e6be97cc4e367960fb8fdb5fbf2cdba09b7c7c971279b0e48eb7ba5e8151e2c3e548eedc208c3fcf9a5a90bc8c0df73fbf0b2d2e026db23e24e31290f51605c76e56399b7b09d470f7c5c0018c68f1d9874444fa2342ef597faa815b6cfde7a196ff0f567d574760315a2f1c8421169e6fa54111901b65f9280fc7f55b021eca6a16ce3ac60c0589f1b2c03c6aa4d38509a9783b898defeb82992831436d08f5f651d6ec20df995e029e6a8600ef636c94411d5ca4c2d8301c3767cc9b39f27d93234f8b76546eba1337ba5baa5e3e2ca4197364979c40eb64268782a4ddfd9bb5f1b010b254300e38e3f66172918769654fe0b250c67a5b2f4e9c69354ab8e1a2780ea391ba77e217fdcf5bfff5d6f7200553560949e7a14198ba722be8235c8d201aba09d6d1f284f774947ce131ef05066d586d32a7c0c03bb1aae06b7844e99f848138a0b7515f4ba9bb13ec59b066077a6bd4eda5360a1786089297f4b6a66fab02ef0c76127c824724f992fc0695aa266b7ebdeb70bcfdcc533a3b2554153152994bbd0e96113eec02be52c300ce7b2df14b293dd13cc19aae27176311e353cfa561f7878b72292c0235e27a9edc6690444b0047ad20898eed6fa2ff01860ae40d400179db3ab18b2cd49bfd24ad3a9d79adefbf1ff9ea39209fc851e7f4f7884ec5a3402041a57c440c06f1de5206fccf6c539922d8a9b205df254f97083f66bd60530167f51ca9b4f32d0e701475bc9ccea75020ae6d6905697b095d1b77750a203990514e7c3756a5fc08508f7c474f2806124fc46bee99e82db1bca8d8ab49f8da8a3682adeaefcc539c87aaaedef54e6bdadbb8b97561b11b86307efdd3b8a24e5ea0c5e"}, @INET_DIAG_REQ_BYTECODE={0x8d, 0x1, "0332306bd7cafe0f4ca26d0d876dc56d15f747656e7be8d75db5daa4851216ae46f425f64f70deb238923dfe128c41a31570816990b2f9a35a6fcc3171718e0ea56385de2f84150f725f38489001d84019ddbcd0d9b927088f74f96031e86316eb6d71c7428b60a91eb02b6e62ef356674b7b656385a379b0c2ba1693c5635d5b817d2301dca58ed2c"}, @INET_DIAG_REQ_BYTECODE={0x53, 0x1, "cf83038f32daf05a19bb1332fb2e54281d3d8258c1b8038831daf6ce944fef59aa1a353f132e12d61736858c90353a797bd669edc0c967114f477c60eec34a397ce423f8d09a358044b23bacd513b6"}, @INET_DIAG_REQ_BYTECODE={0xb3, 0x1, "c107335b9752f07202a85353effa95260afc64df2c9781565678802a645d243dcf299ffa0497057932d58cac5c05ded10945ea275ec3ebb5db9a8bb6be7ccdce3899f7f5db18d089ab3c9765483e3d38805ae5f3a6f22dee3cd72747038c163eb86a065a44d3d0555bf1bdf975a013b4cff6e53cd897d187e1bfc2419bbb4474bcb77032d76c392d04e43da569009605821275c1bd0c7157538f1f424e2697cb08cb384a6726d684dbb387540bf512"}]}, 0x11e8}, 0x1, 0x0, 0x0, 0x4000}, 0x20000010) 00:51:52 executing program 4 (fault-call:3 fault-nth:0): creat(&(0x7f0000000280)='./file0\x00', 0x0) r0 = creat(&(0x7f0000000280)='./file0\x00', 0x0) write$binfmt_script(r0, &(0x7f0000000340)=ANY=[@ANYBLOB='#'], 0x1) close(r0) 00:51:52 executing program 1: semget(0x0, 0x2, 0x40) semget(0x3, 0x4, 0x40) semget$private(0x0, 0x2000000010a, 0x0) r0 = semget$private(0x0, 0x4, 0x404) semctl$SETALL(r0, 0x0, 0x11, 0x0) 00:51:52 executing program 0: getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000580)={{{@in6=@dev, @in=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@remote}, 0x0, @in=@dev}}, &(0x7f0000000400)=0xe4) syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f0000000080)='./file0\x00', 0x40000000, 0x0, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="6368e4636b3d72656c617865642c666f776e65723c", @ANYRESDEC=r0, @ANYBLOB=',\x00']) ioctl$KDDELIO(0xffffffffffffffff, 0x4b35, 0xad) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r1, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r1) ioctl$KDGKBTYPE(r1, 0x4b33, &(0x7f00000000c0)) r2 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r2, &(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00'], 0xc) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r4, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r4) ioctl$TIOCMGET(r4, 0x5415, &(0x7f0000000200)) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) r7 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x2a9, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r8, @ANYBLOB="000000000000000028001200090001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="5d4c29be7813469d"], 0x48}}, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000004007a2a30005000000", @ANYRES32=r8, @ANYBLOB="00000000ffffffff000000000900010068667363000000000800020000000000"], 0x38}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@newtfilter={0x2c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {0x0, 0xfff2}, {0x0, 0xb}, {0xe, 0x3}}, [@TCA_CHAIN={0x8, 0xb, 0x1}]}, 0x2c}}, 0x20000000) setsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000001c0)={r8, @broadcast, @empty}, 0xc) close(r2) getsockopt$IPT_SO_GET_REVISION_MATCH(r2, 0x0, 0x42, &(0x7f0000000000)={'ah\x00'}, &(0x7f0000000040)=0x1e) 00:51:58 executing program 3: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000340)='/dev/sequencer\x00', 0x200000, 0x0) ioctl$SIOCAX25CTLCON(r0, 0x89e8, &(0x7f0000000380)={@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x2, 0x1, 0x6, [@default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}) semctl$GETPID(0x0, 0x0, 0xb, 0x0) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) r2 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r2, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r2) bind$inet6(r2, &(0x7f0000000080)={0xa, 0x4e20, 0x6, @empty, 0x2}, 0x1c) write$binfmt_script(r1, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r1) r3 = syz_open_dev$vivid(&(0x7f0000000000)='/dev/video#\x00', 0x1, 0x2) sendfile(r1, r3, &(0x7f0000000040)=0xffffffff, 0x3) prctl$PR_GET_THP_DISABLE(0x2a) 00:51:58 executing program 4: creat(&(0x7f0000000280)='./file0\x00', 0x0) r0 = creat(&(0x7f0000000280)='./file0\x00', 0x9) write$binfmt_script(r0, &(0x7f0000000340)=ANY=[@ANYBLOB='#'], 0x1) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r1, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r1) ioctl$SG_GET_LOW_DMA(r1, 0x227a, &(0x7f0000000000)) close(r0) 00:51:58 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x1, 0x5, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0}, &(0x7f0000000200)=0x5) setresuid(0x0, r2, 0x0) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240)='nl80211\x00') sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)=ANY=[@ANYBLOB="14000204", @ANYRES16=r3, @ANYBLOB="0100000000000000000007000000"], 0x14}}, 0x0) semctl$GETPID(0x0, 0x0, 0xb, 0x0) 00:51:58 executing program 1: semget(0x0, 0x2, 0x40) semget(0x3, 0x4, 0x40) r0 = semget$private(0x0, 0x4, 0x404) semctl$SETALL(r0, 0x0, 0x11, 0x0) 00:51:58 executing program 5: semget(0x1, 0x4, 0x2d5) r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/commit_pending_bools\x00', 0x1, 0x0) write$sndseq(r0, &(0x7f0000000080)=[{0x8, 0x3, 0x3, 0x2, @tick=0x3, {0x8e, 0x81}, {0x7f, 0xf3}, @note={0x3, 0x93, 0x9, 0x20, 0xc2ae}}, {0x1, 0x1f, 0x80, 0x7f, @tick=0x5, {0x7, 0xff}, {0x40, 0x9}, @note={0x0, 0x8, 0x5, 0x81, 0x7ff}}, {0x4, 0x5, 0x80, 0x0, @tick=0x200, {0x4, 0x9}, {0x0, 0x8}, @result={0x2, 0x1}}, {0x7, 0x8, 0x3, 0x7, @tick=0x6, {0x20, 0x4}, {0x3, 0x9}, @raw32={[0x563f, 0x5, 0x575]}}, {0x73, 0x7, 0x20, 0x45, @tick=0xfd65, {0x9f, 0x7d}, {0xd9, 0x4}, @raw32={[0x5, 0x0, 0x40]}}, {0x3f, 0x0, 0x19, 0x1, @tick=0x1, {0x1, 0x2}, {0x5, 0x6}, @queue={0x2, {0x5, 0x7fff}}}, {0x6, 0x1, 0x4, 0x6, @tick=0x5, {0x5, 0x5}, {0x4, 0x20}, @ext={0x0, &(0x7f0000000040)}}], 0xc4) r1 = semget$private(0x0, 0x2000000010a, 0x0) semctl$SETALL(r1, 0x0, 0x11, 0x0) r2 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r2, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r2) r3 = syz_open_procfs(0x0, &(0x7f0000000100)='setgroups\x00') close(r3) r4 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000200)='/dev/cachefiles\x00', 0x0, 0x0) close(r4) r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r5, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r6, 0x1c, 0x0, @in6={0xa, 0x0, 0x0, @empty}}}, 0x90) write$RDMA_USER_CM_CMD_LISTEN(r4, &(0x7f0000000000)={0x7, 0x8, 0xfa00, {r6}}, 0x10) write$RDMA_USER_CM_CMD_DESTROY_ID(r3, &(0x7f00000000c0)={0x1, 0x10, 0xfa00, {&(0x7f0000000080), r6}}, 0x18) write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r2, &(0x7f0000000040)={0x4, 0x8, 0xfa00, {r6, 0x9}}, 0x10) r7 = semget$private(0x0, 0x2, 0x100) r8 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r8, &(0x7f0000000340)=ANY=[@ANYBLOB=' \x00'/12], 0xc) close(r8) r9 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000180)='/dev/rtc0\x00', 0x90000, 0x0) close(r4) sendfile(r8, r9, &(0x7f0000000240)=0x21c9, 0x4) prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20) semctl$GETPID(r7, 0x2, 0xb, 0x0) 00:51:58 executing program 0: syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={[], [{@obj_role={'obj_role', 0x3d, '/dev/dmmidi#\x00'}}]}) setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(0xffffffffffffffff, 0x84, 0xc, &(0x7f0000000000), 0x4) 00:51:58 executing program 0: syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={[], [{@obj_role={'obj_role', 0x3d, '/dev/dmmidi#\x00'}}]}) r0 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r0, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r0) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x7, &(0x7f0000000000)={@loopback, 0x0}, &(0x7f0000000040)=0x14) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge0\x00', r1}) 00:51:58 executing program 4: creat(&(0x7f0000000280)='./file0\x00', 0x0) r0 = creat(&(0x7f0000000280)='./file0\x00', 0x0) write$binfmt_script(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="d578cf93ab782fda9e151e1bbe2847e8e7291622b1c9dcaedfe200910ef5a527bd3840fc7ba6e9a2497eb9d97b4f73e70f117caa44322f650000000000000009944905df126bfce36a07d1492dc03f45c65165900a8c33cdcbefb30fd3c77114d45ce2eb4a8924c2720313f9bc034bf7459abc017460c17bac17a9f526fc34b2808af3e44640b80e0bc68fc15e1e6df9b2ea91c037f2ac23e8c517cb88231fa38e774d233d0db95cccf02f6fd498c67ec28c939adaec17451c982b995f8955bebb7696debc649b3d8e8b4b4d1c51c70e5ca53d9e88f72f2c9fcd660cca93ff122697d7262e251447b320fc4678d1f8356cb31b61089756c792f8f595373e08dc5ae944a5cc25f72962c9b5c82ae9e74285f8e76fcc3c637c8c4a2c36f2ac526316dd0fdf21385fd1f7992b80d3982115550748b49573d934d40387c7cc8d512069c7d2bb0a1fac8da1247e61b1377855e7d1ac26a83e069a35c2fed5f979fc5fcecc9f"], 0x1) close(r0) 00:51:58 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x1, 0x5, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0}, &(0x7f0000000200)=0x5) setresuid(0x0, r2, 0x0) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240)='nl80211\x00') sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)=ANY=[@ANYBLOB="14000204", @ANYRES16=r3, @ANYBLOB="0100000000000000000007000000"], 0x14}}, 0x0) semctl$GETPID(0x0, 0x0, 0xb, 0x0) 00:51:58 executing program 1: semget(0x0, 0x2, 0x40) r0 = semget$private(0x0, 0x4, 0x404) semctl$SETALL(r0, 0x0, 0x11, 0x0) 00:51:59 executing program 1: r0 = semget$private(0x0, 0x4, 0x404) semctl$SETALL(r0, 0x0, 0x11, 0x0) 00:51:59 executing program 4: creat(&(0x7f0000000280)='./file0\x00', 0x0) r0 = creat(&(0x7f0000000280)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r1, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r1) write$binfmt_script(r0, &(0x7f00000001c0)=ANY=[@ANYRES64=r1], 0x8) r2 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r2, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r2) sendto$netrom(r2, &(0x7f0000000000)="6544ea7bc1590a930b1a0d283a8e597904148ca1139870ca4d59a896b33aefc5a87f2ec7616403a190a6be8225f012adb492a391e5d7d7c9cef1076443396f136a3a964f1d2786666d221dead3389940ad338c1be1fbf8f71626ffda99bd4bf416c8fce7140d7d8386083675e1c35f584b81e0e700e04079b6bd8af579302280456ce592d2760bbda8e85d5310730df8623acbb0224f94d496410d653e06137e7634a105c782bd22127c5ff2314317800d75f5cf7fa7fbe7", 0xb8, 0x0, 0x0, 0x0) r3 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r3, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r3) ioctl$VIDIOC_G_EXT_CTRLS(0xffffffffffffffff, 0xc0185647, &(0x7f0000000140)={0xa00000, 0x401, 0xf8, r3, 0x0, &(0x7f0000000100)={0x9b090f, 0x40, [], @p_u16=&(0x7f00000000c0)}}) connect$phonet_pipe(r4, &(0x7f0000000180)={0x23, 0x81, 0x9, 0x9}, 0x10) close(r0) 00:52:05 executing program 3: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000340)='/dev/sequencer\x00', 0x200000, 0x0) ioctl$SIOCAX25CTLCON(r0, 0x89e8, &(0x7f0000000380)={@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x2, 0x1, 0x6, [@default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}) semctl$GETPID(0x0, 0x0, 0xb, 0x0) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) r2 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r2, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r2) bind$inet6(r2, &(0x7f0000000080)={0xa, 0x4e20, 0x6, @empty, 0x2}, 0x1c) write$binfmt_script(r1, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r1) r3 = syz_open_dev$vivid(&(0x7f0000000000)='/dev/video#\x00', 0x1, 0x2) sendfile(r1, r3, &(0x7f0000000040)=0xffffffff, 0x3) 00:52:05 executing program 2: socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x1, 0x5, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0}, &(0x7f0000000200)=0x5) setresuid(0x0, r1, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000240)='nl80211\x00') semctl$GETPID(0x0, 0x0, 0xb, 0x0) 00:52:05 executing program 1: r0 = semget$private(0x0, 0x0, 0x404) semctl$SETALL(r0, 0x0, 0x11, 0x0) 00:52:05 executing program 0: r0 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r0, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x4, 0x16, 0x0, "ec010ab9fe0e368239105d2dcc12694589792092ff7e436623309ca2231a393b0f46f5779614d2b0c6c32bccacabd02d8c24b84514abed487ab5a377c0972d4c", "7c5ffcd26f5e506b454b11e8b7d0d252b0e39b81dec6442fc5acb4653bef84cf85c949d659011af3931dcbff2b94cc23566995545a9ba904e9707a49f565a330", "0a9643afc4f127d2ce38684bbdf3ef53741515461922fabe2f8b95a854cbc0b2", [0xffffffffffff0000, 0x200000000000000]}) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r1, &(0x7f0000000440)=ANY=[@ANYBLOB="2321202e2f66696c7a3020e05ba991064820"], 0xc) close(r1) write$P9_RLOCK(r1, &(0x7f0000000140)={0x8, 0x35, 0x2, 0x3}, 0x8) r2 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r2, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) syz_mount_image$nfs4(&(0x7f00000001c0)='nfs4\x00', &(0x7f0000000200)='./file0\x00', 0x9, 0x3, &(0x7f0000000300)=[{&(0x7f0000000240)="0e4f359c04e095bb2b147d3c5385bba84cbb253f6e548ca66e1b5270af782689cd80c516de3da31f040c978b0e5a1a2c655b8eef2715479dab3b3cf0", 0x3c}, {&(0x7f00000002c0)="306e1c2a3160bf8b96fbebdb1427a032134f4e7eb6638d569e78e16cdf782f9d5236e96f1c5705ec", 0x28, 0x8}, {&(0x7f0000000380)="2917fc4dd5965e4eefd8133522d6f80575ff555e864e0b39d46e4a099ce2bfef45331a8d8ca1566df0e76852180a287e965b21df5c6d7b5fdcd6dd5a86e3d65c6d269cbc9bdcb3a82c6bf3ef7f0f4a1d8cae95cba1bd6ffe1bfa5686bb97bc7361bf868fa9cd", 0x66, 0x1}], 0xe32e4c6efe38c9c, &(0x7f0000000400)='\x00') r3 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r3, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r3) ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r3, 0xc2c45512, &(0x7f0000000480)={{0xa, 0x2, 0x0, 0x6, 'syz1\x00'}, 0x1, [0x7, 0x7fffffff, 0x15, 0x0, 0x6, 0x4, 0x8, 0x4, 0xfffffffd, 0x10000, 0x5, 0x6, 0x401, 0xffffc363, 0x5, 0x8, 0x6, 0x6fd, 0x9, 0x800, 0x5, 0x2, 0x7fff, 0x9, 0xff, 0xffffffe0, 0xffffffff, 0x7fff, 0x2, 0x2800000, 0x0, 0x8, 0x8, 0x1, 0x4, 0x9, 0xf6, 0xfffff95e, 0x5, 0x0, 0x9, 0xffffff36, 0xffffffff, 0x7a, 0x1ff, 0x10000, 0x80, 0x8001, 0x8, 0x1, 0x5, 0x8001, 0xb9, 0x3, 0x9, 0x3, 0x5, 0x8001, 0xe29, 0x8000, 0x7, 0x8001, 0x20, 0x7, 0xff800000, 0x3, 0x8, 0x6, 0x7da8, 0x2, 0xfd, 0x200, 0x5, 0x6, 0x1000, 0x200, 0x2, 0x7, 0x5e2, 0xbca5, 0x2, 0x19, 0xffffffc0, 0x10001, 0x0, 0xa55, 0x81, 0x7, 0x1, 0x9, 0x3f, 0x3000, 0xfff, 0x7ff, 0x20000, 0x20, 0x6, 0x8000000, 0x7, 0x1, 0x8, 0x4998, 0x8, 0x8, 0xc31e, 0xff, 0xfffeffff, 0x1ff, 0xfffffff8, 0xad9, 0x0, 0x1ff, 0x3ff, 0x81, 0x6, 0x3f, 0x3, 0x351, 0x1, 0x9, 0xf6, 0x4, 0x0, 0x9, 0xe9d, 0x5, 0x0, 0xdc]}) close(r2) ioctl$VHOST_GET_FEATURES(r2, 0x8008af00, &(0x7f0000000180)) getcwd(&(0x7f0000000000)=""/3, 0x3) 00:52:05 executing program 4: r0 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x900) ioctl$VFIO_SET_IOMMU(r0, 0x3b66, 0x5) creat(&(0x7f0000000280)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r1, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r1) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040)='NLBL_MGMT\x00') sendmsg$NLBL_MGMT_C_REMOVE(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x48, r2, 0x200, 0x70bd2d, 0x25dfdbff, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @rand_addr=0x7}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @multicast2}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x7}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @remote}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @remote}]}, 0x48}, 0x1, 0x0, 0x0, 0x20044000}, 0x8801) r3 = creat(&(0x7f0000000280)='./file0\x00', 0x0) write$binfmt_script(r3, &(0x7f0000000340)=ANY=[@ANYBLOB='#'], 0x1) close(r3) 00:52:05 executing program 5: r0 = semget$private(0x0, 0x2, 0x45a) semctl$SEM_INFO(r0, 0x0, 0x13, &(0x7f0000000000)=""/248) semctl$GETPID(r0, 0x2, 0xb, 0x0) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000100)='/dev/null\x00', 0x404000, 0x0) ioctl$BLKROGET(r1, 0x125e, &(0x7f0000000140)) 00:52:06 executing program 1: r0 = semget$private(0x0, 0x0, 0x404) semctl$SETALL(r0, 0x0, 0x11, 0x0) 00:52:06 executing program 2: socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x1, 0x5, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0}, &(0x7f0000000200)=0x5) setresuid(0x0, r1, 0x0) semctl$GETPID(0x0, 0x0, 0xb, 0x0) 00:52:06 executing program 0: syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={[], [{@obj_role={'obj_role', 0x3d, '/dev/dmmidi#\x00'}}]}) r0 = add_key(&(0x7f00000000c0)='user\x00', &(0x7f0000000240)={'syz', 0x0}, &(0x7f0000000100)="f2", 0x1, 0xfffffffffffffffe) r1 = add_key(&(0x7f00000000c0)='user\x00', &(0x7f0000000240)={'syz', 0x0}, &(0x7f0000000100)="f2", 0x1, 0xfffffffffffffffe) keyctl$unlink(0x9, r0, r1) keyctl$KEYCTL_PKEY_QUERY(0x18, r1, 0x0, &(0x7f0000000000)='self/\x00', &(0x7f0000000040)) 00:52:06 executing program 4: creat(&(0x7f0000000280)='./file0\x00', 0x0) r0 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r0, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r0) ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(r0, 0xc0105303, &(0x7f0000000040)={0x2, 0x6}) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000340)=ANY=[@ANYBLOB='#'], 0x1) close(r1) r2 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r2, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r2) ioctl$USBDEVFS_GET_CAPABILITIES(r2, 0x8004551a, &(0x7f0000000000)) 00:52:06 executing program 2: socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x1, 0x5, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000001c0), &(0x7f0000000200)=0x5) semctl$GETPID(0x0, 0x0, 0xb, 0x0) 00:52:06 executing program 1: r0 = semget$private(0x0, 0x0, 0x404) semctl$SETALL(r0, 0x0, 0x11, 0x0) 00:52:11 executing program 2: socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x1, 0x5, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000001c0), &(0x7f0000000200)=0x5) semctl$GETPID(0x0, 0x0, 0xb, 0x0) 00:52:11 executing program 4: r0 = creat(&(0x7f0000000280)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x80) setsockopt$netlink_NETLINK_PKTINFO(r0, 0x10e, 0x3, &(0x7f0000000000)=0x9, 0x4) write$binfmt_script(r1, &(0x7f0000000340)=ANY=[@ANYBLOB='#'], 0x1) lsetxattr$trusted_overlay_origin(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='trusted.overlay.origin\x00', &(0x7f00000000c0)='y\x00', 0x2, 0x2) close(r1) pselect6(0x40, &(0x7f0000000100)={0x5, 0x459a, 0x62, 0x6, 0x3, 0x89, 0x6, 0x8000}, &(0x7f0000000140)={0x1f, 0x4, 0x10000, 0x0, 0xfffffffffffffff9, 0x15, 0x0, 0x2}, &(0x7f0000000180)={0xffff, 0x100000000, 0x3, 0x8001, 0x3, 0x1, 0x7, 0x1}, &(0x7f00000001c0)={0x77359400}, &(0x7f0000000240)={&(0x7f0000000200)={[0x4, 0x8]}, 0x8}) 00:52:11 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) setsockopt$RXRPC_SECURITY_KEY(0xffffffffffffffff, 0x110, 0x1, &(0x7f0000000140)=':,user]!procuser\x00', 0x11) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0x1) setresuid(0x0, r1, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000001c0)={{{@in=@dev, @in6=@ipv4={[], [], @initdev}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@initdev}, 0x0, @in=@multicast2}}, &(0x7f0000000000)=0xe4) r3 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r3, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r3) ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, &(0x7f0000000340)={0x5, 0x0, 0x0, 0x4, 0x7ff}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) r5 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/status\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r5, 0x80404509, &(0x7f00000002c0)=""/126) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0x1) setresuid(0x0, r6, 0x0) syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f0000000080)='./file0\x00', 0x4, 0x0, 0x0, 0x0, &(0x7f00000000c0)={[{@uid={'uid', 0x3d, r2}}], [{@uid_gt={'uid>', r6}}]}) 00:52:11 executing program 3: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000340)='/dev/sequencer\x00', 0x200000, 0x0) ioctl$SIOCAX25CTLCON(r0, 0x89e8, &(0x7f0000000380)={@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x2, 0x1, 0x6, [@default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}) semctl$GETPID(0x0, 0x0, 0xb, 0x0) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) r2 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r2, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r2) bind$inet6(r2, &(0x7f0000000080)={0xa, 0x4e20, 0x6, @empty, 0x2}, 0x1c) write$binfmt_script(r1, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r1) r3 = syz_open_dev$vivid(&(0x7f0000000000)='/dev/video#\x00', 0x1, 0x2) sendfile(r1, r3, &(0x7f0000000040)=0xffffffff, 0x3) 00:52:11 executing program 5: semctl$GETPID(0x0, 0x4, 0xb, 0x0) 00:52:11 executing program 1: r0 = semget$private(0x0, 0x4, 0x0) semctl$SETALL(r0, 0x0, 0x11, 0x0) 00:52:11 executing program 1: semget$private(0x0, 0x4, 0x0) semctl$SETALL(0x0, 0x0, 0x11, 0x0) 00:52:11 executing program 2: socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x1, 0x5, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000001c0), &(0x7f0000000200)=0x5) semctl$GETPID(0x0, 0x0, 0xb, 0x0) 00:52:11 executing program 0: r0 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20\x00', 0x40000, 0x0) ioctl$sock_bt_bnep_BNEPGETCONNINFO(r0, 0x800442d3, &(0x7f0000000040)={0x8, 0x6, 0x1, @random="57fdccd02857", 'syzkaller1\x00'}) socket$bt_hidp(0x1f, 0x3, 0x6) syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={[], [{@obj_role={'obj_role', 0x3d, '/dev/dmmidi#\x00'}}]}) 00:52:11 executing program 4: creat(&(0x7f0000000280)='./file0\x00', 0x0) r0 = creat(&(0x7f0000000280)='./file0\x00', 0x0) write$binfmt_script(r0, &(0x7f0000000340)=ANY=[@ANYBLOB='#'], 0x1) close(r0) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r1, &(0x7f0000000380)=ANY=[@ANYBLOB="2321200000000000fee06aafb00d5503157db30d7a7a90e2530000"], 0xc) close(r1) r2 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r2, &(0x7f0000000400)=ANY=[@ANYBLOB="232166696c7a302020e434a35fdcf2280386049412d67c5ba4e108bcaff6b524d945daddf9af5c75c989c65622a958b8c2"], 0xc) close(r2) r3 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r3, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r3) setsockopt$inet_sctp_SCTP_EVENTS(r3, 0x84, 0xb, &(0x7f00000003c0)={0x0, 0x9, 0x4, 0x1, 0x5, 0x8, 0x80, 0x40, 0x0, 0x40, 0x1, 0x1, 0xff, 0x9}, 0xe) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) r7 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x2a9, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r8, @ANYBLOB="000000000000000028001200090001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="5d4c29be7813469d"], 0x48}}, 0x0) r9 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r9, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r9) ioctl$SNDRV_SEQ_IOCTL_PVERSION(r9, 0x80045300, &(0x7f0000000440)) sendmsg$nl_route_sched(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="38000000240003050000009925ae3080656b012a4a145aea02", @ANYRES32=r8, @ANYBLOB="00000000ffffffff0000001e72f40332f7461bdb000000000800020000000080"], 0x38}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000c80)=@newtfilter={0x34, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {0x0, 0xfff2}, {}, {0xfff3}}, [@filter_kind_options=@f_route={{0xa, 0x1, 'route\x00'}, {0x4}}]}, 0x34}}, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'vlan0\x00', r8}) ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000040)=r10) 00:52:11 executing program 1: semget$private(0x0, 0x4, 0x0) semctl$SETALL(0x0, 0x0, 0x11, 0x0) 00:52:12 executing program 2: socket$nl_generic(0x10, 0x3, 0x10) socket(0x1, 0x5, 0x0) setresuid(0x0, 0x0, 0x0) semctl$GETPID(0x0, 0x0, 0xb, 0x0) [ 3298.073629][ T6534] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'. 00:52:17 executing program 3: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000340)='/dev/sequencer\x00', 0x200000, 0x0) ioctl$SIOCAX25CTLCON(r0, 0x89e8, &(0x7f0000000380)={@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x2, 0x1, 0x6, [@default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}) semctl$GETPID(0x0, 0x0, 0xb, 0x0) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) r2 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r2, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r2) bind$inet6(r2, &(0x7f0000000080)={0xa, 0x4e20, 0x6, @empty, 0x2}, 0x1c) write$binfmt_script(r1, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r1) sendfile(r1, 0xffffffffffffffff, &(0x7f0000000040)=0xffffffff, 0x3) 00:52:17 executing program 5: semctl$GETPID(0x0, 0x0, 0xb, 0x0) r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x201, 0x0) mq_getsetattr(r0, &(0x7f0000000040)={0xffff, 0x8000, 0x3f, 0x9}, &(0x7f0000000080)) 00:52:17 executing program 4: creat(&(0x7f0000000280)='./file0\x00', 0x0) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="fa7d8c99fe11678eacc5040965aa3c8791f2391fe2602d5f6af867ab441e2edff76e2f8075d3e3b59b3290867fa691f0743c9581f2892e8c0df2ee63faf42b37509e92b58ef5b46c4d9c539ff9929d0efce097d89c057148c91f6bb6d1fddeaac030f3f19976cd80ceb2c0fd65d3f95b2a"], 0x1) mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2000004, 0x30, 0xffffffffffffffff, 0xdfb2000) close(0xffffffffffffffff) 00:52:17 executing program 0: syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={[], [{@obj_role={'obj_role', 0x3d, '/dev/dmmidi#\x00'}}]}) r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_STATUS32(r0, 0x80585414, &(0x7f0000000040)) accept4(r0, &(0x7f00000000c0)=@nl=@proc, &(0x7f0000000140)=0x80, 0x100000) 00:52:17 executing program 1: semget$private(0x0, 0x4, 0x0) semctl$SETALL(0x0, 0x0, 0x11, 0x0) 00:52:17 executing program 2: socket$nl_generic(0x10, 0x3, 0x10) socket(0x1, 0x5, 0x0) setresuid(0x0, 0x0, 0x0) semctl$GETPID(0x0, 0x0, 0xb, 0x0) 00:52:18 executing program 2: socket$nl_generic(0x10, 0x3, 0x10) socket(0x1, 0x5, 0x0) setresuid(0x0, 0x0, 0x0) semctl$GETPID(0x0, 0x0, 0xb, 0x0) 00:52:18 executing program 1: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = gettid() wait4(0x0, 0x0, 0x40000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070002053c27bc337600363940082378df5cb4aed12f0000000000ae47a825d86800278dcff47d010000805acf4f8736460234432479aed75d492b415bcee0f0fc00008e99c5af81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0970fe2b9a77f08add3eac478b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349faf11e931e7d6a4cf10ce619ad2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e0d050feace34b52d9e5f755563698c7e24ab61f0866f15da7f480800b1003f5435282d27194a232de4acfd96ca06d6c6c2ec7937c23b418118d2e3f904c98949919001973ea400"/269, 0x10d}], 0x4, 0x0) ptrace$setopts(0x4206, r3, 0x0, 0x0) tkill(r3, 0x3c) ptrace$cont(0x18, r3, 0x0, 0x0) ptrace$setregs(0xd, r3, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r3, 0x0, 0x0) 00:52:18 executing program 4: creat(&(0x7f0000000280)='./file0\x00', 0x142) r0 = creat(&(0x7f0000000280)='./file0\x00', 0x0) write$binfmt_script(r0, &(0x7f0000000340)=ANY=[@ANYBLOB='#'], 0x1) close(r0) 00:52:18 executing program 2: socket$nl_generic(0x10, 0x3, 0x10) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0}, &(0x7f0000000200)=0x5) setresuid(0x0, r0, 0x0) semctl$GETPID(0x0, 0x0, 0xb, 0x0) 00:52:18 executing program 1: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000500)='cgroup.controllers\x00', 0x26e1, 0x0) close(r0) bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x4, 0x0, &(0x7f0000000540)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x922000000003, 0x11) sendmsg$kcm(r1, &(0x7f0000000140)={&(0x7f0000000040)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x80, 0x0}, 0x0) r2 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'\x00', 0x7132}) 00:52:18 executing program 0: syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="6f626a5f726f6c953d65762f646d8e6c9d52d00f82000069646923002c000000"]) getuid() r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x7f, 0x0) setsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0x7, &(0x7f0000000080)=0x1, 0x4) 00:52:24 executing program 3: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000340)='/dev/sequencer\x00', 0x200000, 0x0) ioctl$SIOCAX25CTLCON(r0, 0x89e8, &(0x7f0000000380)={@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x2, 0x1, 0x6, [@default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}) semctl$GETPID(0x0, 0x0, 0xb, 0x0) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) r2 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r2, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r2) bind$inet6(r2, &(0x7f0000000080)={0xa, 0x4e20, 0x6, @empty, 0x2}, 0x1c) write$binfmt_script(r1, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r1) sendfile(r1, 0xffffffffffffffff, &(0x7f0000000040)=0xffffffff, 0x3) 00:52:24 executing program 2: socket$nl_generic(0x10, 0x3, 0x10) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0}, &(0x7f0000000200)=0x5) setresuid(0x0, r0, 0x0) semctl$GETPID(0x0, 0x0, 0xb, 0x0) 00:52:24 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x61, 0x11, 0x8}]}, &(0x7f00000000c0)='GPL\x00', 0x4, 0x33f, &(0x7f0000000200)=""/4096, 0x0, 0x0, [], 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:52:24 executing program 5: semctl$GETPID(0x0, 0x0, 0xb, 0x0) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bsg\x00', 0x404400, 0x0) socket$inet_sctp(0x2, 0x1, 0x84) ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r0, 0xc25c4110, &(0x7f0000000040)={0x4, [[0xffff0000, 0x2, 0xb5b, 0x6, 0xc431, 0x5, 0x9, 0x5], [0xfffffff9, 0x4, 0x3, 0x91, 0x1000, 0x7f, 0x2, 0x100], [0x8001, 0x2, 0x1e1, 0x6, 0x3, 0x0, 0x8000, 0x7696]], [], [{0x10000, 0x1, 0x0, 0x1, 0x1}, {0x10000, 0x3, 0x1, 0x1}, {0x7f, 0x2, 0x1, 0x1, 0x1}, {0x6, 0x4, 0x0, 0x1, 0x1}, {0x98, 0xfffffffa, 0x0, 0x1}, {0x1, 0x101, 0x1, 0x1, 0x1, 0x1}, {0x3, 0x2, 0x1, 0x1}, {0x80, 0x0, 0x1, 0x0, 0x0, 0x1}, {0x7ff, 0x3ff, 0x0, 0x0, 0x1, 0x1}, {0xfffffff7, 0x7, 0x1, 0x0, 0x1, 0x1}, {0x20, 0x9, 0x0, 0x1, 0x1, 0x1}, {0xe0, 0x8, 0x0, 0x0, 0x1}], [], 0x6}) 00:52:24 executing program 0: semctl$SEM_STAT(0xffffffffffffffff, 0x2, 0x12, &(0x7f0000000000)=""/221) syz_mount_image$iso9660(&(0x7f0000000100)='iso9660\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="6f626a5f726f6c653d2f696469230000000000000000524fad104b8147c65f49c13e5fb6f152bdfc41f91a7df2ea0e06b575c27555903afbd0eb85e7bb2667506b4d84011def3fba281f705ed7a71541bfc85f4b801e55a734eadb569bc8e6db193b92bb5564ea6d76719299af9bf08b405fb44c43db2acb44d4d1f14692d8ff93e6cc70446b244e6eb3760af6f44b4bf13d7a9e900c920a6812dc5fc604a19ab6bd046255134d42ef58f79ab13c38c36ccf82cb90462f6bfebaeaeb7b2544a4926e1eb9e62f34100bf83884cffd2cace171518e15c3c4865c6d8ca242d774d7f2c36d3e78599be47364532c61707072616973655f747970653d"]) 00:52:24 executing program 4: r0 = creat(&(0x7f0000000280)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000340)=ANY=[@ANYBLOB='3'], 0x1) close(r1) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x15, 0x1, 0x9, 0x9, 0x0, 0x70bd28, 0x25dfdbfe, [@sadb_x_kmaddress={0x7, 0x19, 0x0, @in={0x2, 0x4e24, @rand_addr=0x7fffffff}, @in6={0xa, 0x4e24, 0x4, @rand_addr="bb54ff45e85061f0eafcc6c2fc79ea41"}}]}, 0x48}}, 0x4000014) 00:52:24 executing program 2: socket$nl_generic(0x10, 0x3, 0x10) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0}, &(0x7f0000000200)=0x5) setresuid(0x0, r0, 0x0) semctl$GETPID(0x0, 0x0, 0xb, 0x0) 00:52:24 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x400000, 0x0) ioctl$RTC_PLL_SET(r0, 0x401c7012, &(0x7f0000000040)={0x2, 0xdeb, 0x7f, 0x5f, 0x1f, 0x91d, 0x7}) syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={[], [{@obj_role={'obj_role', 0x3d, '/dev/dmmidi#\x00'}}]}) 00:52:24 executing program 4: creat(&(0x7f0000000280)='./file0\x00', 0x0) r0 = creat(&(0x7f0000000280)='./file0\x00', 0x0) write$binfmt_script(r0, &(0x7f0000000340)=ANY=[@ANYBLOB="f9"], 0x1) mlock2(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1) close(r0) 00:52:24 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x61, 0x11, 0x8}]}, &(0x7f00000000c0)='GPL\x00', 0x4, 0x33f, &(0x7f0000000200)=""/4096, 0x0, 0x0, [], 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:52:24 executing program 2: r0 = socket(0x1, 0x5, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0}, &(0x7f0000000200)=0x5) setresuid(0x0, r1, 0x0) semctl$GETPID(0x0, 0x0, 0xb, 0x0) 00:52:25 executing program 0: syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={[], [{@obj_role={'obj_role', 0x3d, '/dev/dmmidi#\x00'}}]}) r0 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r0, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r0) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r1, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r1) dup(r1) ioctl$sock_bt_hci(r0, 0x0, &(0x7f0000000000)="ca623eb944428f33f66dbd695d11be93986b47603ccee211990c0d0f1c039d746956806955b2934b2f6e38772a804c632a2dc8b4b02e6263f767564888d4016dd7ae1eb88001844873c311fabc2597421977a53899ed2c6f67f9223804c196ec43dd256d6d52303ce871f98966bd00f6a2f144678fc15275f8fd170bac246479a44ea78ecadc3bed774ad47b6a2acadfea31711a24c45c876da23fe54d756c3886295b40087c3db4e91504e2b10fa1fbb98e540ce2c1275e5fcb22837b84") 00:52:30 executing program 3: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000340)='/dev/sequencer\x00', 0x200000, 0x0) ioctl$SIOCAX25CTLCON(r0, 0x89e8, &(0x7f0000000380)={@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x2, 0x1, 0x6, [@default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}) semctl$GETPID(0x0, 0x0, 0xb, 0x0) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) r2 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r2, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r2) bind$inet6(r2, &(0x7f0000000080)={0xa, 0x4e20, 0x6, @empty, 0x2}, 0x1c) write$binfmt_script(r1, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r1) sendfile(r1, 0xffffffffffffffff, &(0x7f0000000040)=0xffffffff, 0x3) 00:52:30 executing program 4: creat(&(0x7f0000000280)='./file0\x00', 0x0) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(0xffffffffffffffff, 0x84, 0x8, &(0x7f0000000000)=0x3727c9a4, 0x4) r0 = creat(&(0x7f0000000280)='./file0\x00', 0x0) write$binfmt_script(r0, &(0x7f0000000340)=ANY=[@ANYBLOB='#'], 0x1) close(r0) 00:52:30 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x61, 0x11, 0x8}]}, &(0x7f00000000c0)='GPL\x00', 0x4, 0x33f, &(0x7f0000000200)=""/4096, 0x0, 0x0, [], 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:52:30 executing program 2: r0 = socket(0x0, 0x5, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0}, &(0x7f0000000200)=0x5) setresuid(0x0, r1, 0x0) semctl$GETPID(0x0, 0x0, 0xb, 0x0) 00:52:30 executing program 5: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bsg\x00', 0x20502, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x2a9, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r5, @ANYBLOB="000000000000000028001200090001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="5d4c29be7813469d"], 0x48}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000004007a2a30005000000", @ANYRES32=r5, @ANYBLOB="00000000ffffffff000000000900010068667363000000000800020000000000"], 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000c80)=@newtfilter={0x34, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0xfff2}, {}, {0xfff3}}, [@filter_kind_options=@f_route={{0xa, 0x1, 'route\x00'}, {0x4}}]}, 0x34}}, 0x0) sendto$packet(r0, &(0x7f0000000040)="de2a3c2d22600c23cf78055265a88bca85b6069133be4ee2091b5b86f0c0769b9f2634f179fbc65ed1252dc742ba9739024431255f7b2c71936103c403345149bab428c85da0d206db4732ccb86d059de01c3a51c92fdbd7bd0bc1d2576580a46a3908f7728c31e78f0250c01cf97e1e98b721ddfd3cb90e3ba4c17d6ce412a822142293f20a6ef7c612b6e323c799e80b04edc5180fd8e4ec88f04c2f6cdfa3d99524f779", 0xa5, 0x5, &(0x7f0000000100)={0x11, 0x8, r5, 0x1, 0x3f, 0x6, @remote}, 0x14) semctl$GETPID(0x0, 0x0, 0xb, 0x0) 00:52:30 executing program 0: r0 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r0, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r0) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0)='TIPCv2\x00') r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_BEARER_ENABLE(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)={0x18, r1, 0xc573de0d27bdfe6f, 0x0, 0x0, {0x4}, [@TIPC_NLA_BEARER={0x4}]}, 0x18}}, 0x0) sendmsg$TIPC_NL_PUBL_GET(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000580)={0xb4, r1, 0x100, 0x70bd26, 0x25dfdbfb, {}, [@TIPC_NLA_NODE={0xc, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x5}]}, @TIPC_NLA_NET={0x34, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x3}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x9}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x4f}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x5}]}, @TIPC_NLA_LINK={0x24, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}]}, @TIPC_NLA_PUBL={0x3c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xe2bd}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x1}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x9}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x1000}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x9}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x51f}, @TIPC_NLA_PUBL_LOWER={0x8}]}]}, 0xb4}, 0x1, 0x0, 0x0, 0x800}, 0x20040084) r3 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/checkreqprot\x00', 0x260000, 0x0) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080)='nl80211\x00') r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_GET_MPATH(r5, &(0x7f00000000c0)={0x0, 0x7, &(0x7f0000000040)={&(0x7f0000000140)={0x20, r4, 0x2468825185d9173d, 0x0, 0x0, {}, [@NL80211_ATTR_MAC={0xa, 0x119, @broadcast}]}, 0x20}}, 0x0) r6 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r6, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r6) getsockopt$inet6_mreq(r6, 0x29, 0x1b, &(0x7f00000003c0)={@mcast1, 0x0}, &(0x7f0000000400)=0x14) sendmsg$NL80211_CMD_SET_MESH_CONFIG(r3, &(0x7f0000000540)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)={0xa4, r4, 0x200, 0x70bd2d, 0x25dfdbfe, {}, [@NL80211_ATTR_MESH_CONFIG={0x34, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_AUTO_OPEN_PLINKS={0x5, 0x7, 0xfb}, @NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL={0x6, 0xc, 0x9291}, @NL80211_MESHCONF_PLINK_TIMEOUT={0x8, 0x1c, 0xfffffc00}, @NL80211_MESHCONF_RETRY_TIMEOUT={0x6, 0x1, 0xc5}, @NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT={0x6, 0xa, 0xfffb}, @NL80211_MESHCONF_TTL={0x5, 0x6, 0x8}]}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0xffffffffffffffff}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x3}, @NL80211_ATTR_MESH_CONFIG={0x24, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_RETRY_TIMEOUT={0x6, 0x1, 0xbf}, @NL80211_MESHCONF_HWMP_CONFIRMATION_INTERVAL={0x6, 0x19, 0x4ed6}, @NL80211_MESHCONF_HWMP_ROOT_INTERVAL={0x6, 0x18, 0x7}, @NL80211_MESHCONF_AWAKE_WINDOW={0x6, 0x1b, 0x2}]}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x3, 0x4}}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x1}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x1}}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r7}]}, 0xa4}, 0x1, 0x0, 0x0, 0x485}, 0x801) syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={[], [{@obj_role={'obj_role', 0x3d, '/dev/dmmidi#\x00'}}]}) [ 3316.963185][ T7644] netlink: 'syz-executor.0': attribute type 281 has an invalid length. 00:52:31 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x61, 0x11, 0x8}]}, &(0x7f00000000c0)='GPL\x00', 0x4, 0x33f, &(0x7f0000000200)=""/4096, 0x0, 0x0, [], 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:52:31 executing program 4: r0 = creat(&(0x7f0000000280)='./file0\x00', 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0x1) socket$rds(0x15, 0x5, 0x0) setresuid(0x0, r2, 0x0) ioprio_get$uid(0x0, r2) r3 = creat(&(0x7f0000000280)='./file0\x00', 0x0) write$binfmt_script(r3, &(0x7f0000000000)=ANY=[@ANYRESHEX=r0], 0x12) r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x23200, 0x0) r5 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r5, &(0x7f0000000340)=ANY=[@ANYBLOB="032120692f66696c7a302020"], 0xc) r6 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mISDNtimer\x00', 0x103000, 0x0) open_by_handle_at(r6, &(0x7f0000000140)={0xff, 0x400000, "0970150ae2669f6d4452ff56d8d6195398f5ee27d79abb9b1a35920f2ffd37b32abcda4105c920fade50de14fcd6a0d81b10ff1d993abf259a232f12d38a61eda8a5eb6110b6324675c3b9569cf204312cc2fba511c73b296a04e0705e11631d5f9d5d570df74dbd260592e03a8c50c8fd747ded78606560821a6bfc181f947469877e929917d5f32ac211ea40eed37415a98583f085509fb5cf921fae1be40335ea05d0aef782281169b91891a69ab13cfc93337e5d9a8ea4fcf1631c48fe13d9ebd8c9580d7ee8da6ce0bd99360811e0115a78472e4b86be4e91467990fb00508064247e95a5c67ea61ac90ad74d6421c21e44451733"}, 0x8100) close(r5) ioctl$DRM_IOCTL_ADD_MAP(r4, 0xc0186415, &(0x7f00000000c0)={0x0, 0x2, 0x4, 0x10, &(0x7f0000ffa000/0x3000)=nil, 0x9}) close(r3) 00:52:31 executing program 2: r0 = socket(0x0, 0x5, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0}, &(0x7f0000000200)=0x5) setresuid(0x0, r1, 0x0) semctl$GETPID(0x0, 0x0, 0xb, 0x0) 00:52:31 executing program 0: getresuid(&(0x7f0000000000), &(0x7f0000000040)=0x0, &(0x7f0000000080)=0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0x1) setresuid(0x0, r3, 0x0) setresuid(0xee01, r3, r1) syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x8, &(0x7f00000000c0)={[], [{@uid_eq={'uid', 0x3d, r0}}]}) 00:52:31 executing program 1: bpf$PROG_LOAD(0x5, 0x0, 0x0) 00:52:31 executing program 4: creat(&(0x7f0000000280)='./file0\x00', 0x0) r0 = socket$nl_crypto(0x10, 0x3, 0x15) setsockopt$sock_void(r0, 0x1, 0x1b, 0x0, 0x0) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000000)=ANY=[@ANYRESOCT], 0x17) close(r1) 00:52:37 executing program 3: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000340)='/dev/sequencer\x00', 0x200000, 0x0) ioctl$SIOCAX25CTLCON(r0, 0x89e8, &(0x7f0000000380)={@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x2, 0x1, 0x6, [@default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}) semctl$GETPID(0x0, 0x0, 0xb, 0x0) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) r2 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r2, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r2) bind$inet6(r2, &(0x7f0000000080)={0xa, 0x4e20, 0x6, @empty, 0x2}, 0x1c) write$binfmt_script(r1, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) r3 = syz_open_dev$vivid(&(0x7f0000000000)='/dev/video#\x00', 0x1, 0x2) sendfile(r1, r3, &(0x7f0000000040)=0xffffffff, 0x3) 00:52:37 executing program 2: r0 = socket(0x0, 0x5, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0}, &(0x7f0000000200)=0x5) setresuid(0x0, r1, 0x0) semctl$GETPID(0x0, 0x0, 0xb, 0x0) 00:52:37 executing program 0: r0 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x2a0182, 0x0) setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000000040)=0x200003, 0x4) syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={[], [{@obj_role={'obj_role', 0x3d, '/dev/dmmidi#\x00'}}]}) 00:52:37 executing program 1: bpf$PROG_LOAD(0x5, 0x0, 0x0) 00:52:37 executing program 4: creat(&(0x7f0000000280)='./file0\x00', 0x0) r0 = creat(&(0x7f0000000280)='./file0\x00', 0x0) write$binfmt_script(r0, &(0x7f0000000340)=ANY=[@ANYBLOB='#'], 0x1) close(r0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r0, 0x84, 0x65, &(0x7f0000000000)=[@in={0x2, 0x4e22, @multicast2}, @in6={0xa, 0x4e23, 0x2, @ipv4={[], [], @empty}, 0x5}, @in={0x2, 0x4e24, @multicast2}], 0x3c) 00:52:37 executing program 5: semctl$GETPID(0x0, 0x0, 0xb, 0x0) r0 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r0, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r0) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000000)=@req={0x5, 0x0, 0x40, 0x5}, 0x10) 00:52:37 executing program 1: bpf$PROG_LOAD(0x5, 0x0, 0x0) 00:52:37 executing program 4: r0 = creat(&(0x7f0000000280)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000340)=ANY=[@ANYBLOB='#'], 0x1) close(r1) ioctl$FS_IOC_MEASURE_VERITY(r0, 0xc0046686, &(0x7f0000000000)={0x2, 0x43, "84f7d38917ab6d5b6cedb9a01ca412490f03a3b804851ca9db9055a2b9635bc6fd0dfe411148471c1a8c241b90581d0f83e3d48142dc5a98f135d581e58eae17a15750"}) ioctl$KVM_GET_MSR_INDEX_LIST(0xffffffffffffffff, 0xc004ae02, &(0x7f0000000080)={0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}) 00:52:37 executing program 0: syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="6f626a5f726f6c653d2f6465762f646d6d69646923002c0045cb7de1ee5096af6113402954f3cf82b105502932b4eb316bebbfb06eddb24796ead76232122dc6cb7b2bbc"]) r0 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r0, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r0) renameat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', r0, &(0x7f00000000c0)='./file0\x00') prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f) 00:52:37 executing program 2: r0 = socket(0x1, 0x0, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0}, &(0x7f0000000200)=0x5) setresuid(0x0, r1, 0x0) semctl$GETPID(0x0, 0x0, 0xb, 0x0) 00:52:38 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x61, 0x11, 0x8}]}, &(0x7f00000000c0)='GPL\x00', 0x4, 0x33f, &(0x7f0000000200)=""/4096, 0x0, 0x0, [], 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:52:38 executing program 2: r0 = socket(0x1, 0x0, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0}, &(0x7f0000000200)=0x5) setresuid(0x0, r1, 0x0) semctl$GETPID(0x0, 0x0, 0xb, 0x0) 00:52:44 executing program 4: creat(&(0x7f0000000280)='./file0\x00', 0x0) r0 = creat(&(0x7f0000000280)='./file0\x00', 0x0) write$binfmt_script(r0, &(0x7f0000000340)=ANY=[@ANYBLOB='#'], 0x1) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r1, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x200, 0x0) close(r1) ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x5, 0x4, 0x1, 0x7, 0x0, 0x1, 0x3, 0x5386bd75, 0x7, 0x1, 0x9, 0x8000, 0x9, 0x7ff, 0xf1], 0xf000, 0x116042}) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f00000000c0)={0x0, 0x0}) move_pages(r3, 0x6, &(0x7f0000000100)=[&(0x7f0000003000/0x13000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f000000e000/0x4000)=nil, &(0x7f0000012000/0x2000)=nil, &(0x7f0000006000/0x2000)=nil, &(0x7f0000009000/0x4000)=nil], &(0x7f0000000140)=[0x1, 0x800], &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0], 0x6) r4 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r4, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r4) getsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000380)={{{@in6=@loopback, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in6=@local}}, &(0x7f00000002c0)=0xe4) lstat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0}) r7 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r7, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r7) getsockopt$inet6_IPV6_IPSEC_POLICY(r7, 0x29, 0x22, &(0x7f0000000500)={{{@in=@multicast1, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@initdev}, 0x0, @in6=@remote}}, &(0x7f0000000600)=0xe4) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0x1) setresuid(0x0, r10, 0x0) lstat(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000700)={{{@in=@multicast1, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in=@initdev}}, &(0x7f0000000800)=0xe4) r13 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r13, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setresgid(0x0, 0x0, r14) setfsgid(r14) setfsgid(r14) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000840)={0x0, 0x0, 0x0}, &(0x7f0000000880)=0xc) fstat(r2, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r17 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r17, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setresgid(0x0, 0x0, r18) setfsgid(r18) setfsgid(r18) r19 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r19, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setresgid(0x0, 0x0, r20) setfsgid(r20) setfsgid(r20) r21 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r21, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setresgid(0x0, 0x0, r22) setfsgid(r22) setfsgid(r22) getgroups(0x8, &(0x7f0000000940)=[0xee00, r18, 0xee01, r20, 0x0, r22, 0xffffffffffffffff, 0xee01]) r24 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r24, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setresgid(0x0, 0x0, r25) setfsgid(r25) setfsgid(r25) getgroups(0x5, &(0x7f0000000980)=[0xee00, r25, 0xee01, 0xee00, 0xee00]) getresgid(&(0x7f00000009c0), &(0x7f0000000a00), &(0x7f0000000a40)=0x0) r28 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r28, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setresgid(0x0, 0x0, r29) setfsgid(r29) setfsgid(r29) r30 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r30, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setresgid(0x0, 0x0, r31) setfsgid(r31) setfsgid(r31) lsetxattr$system_posix_acl(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240)='system.posix_acl_default\x00', &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000010000000000000002000400", @ANYRES32=r5, @ANYBLOB="02000200", @ANYRES32=r6, @ANYBLOB="02000000", @ANYRES32=r8, @ANYBLOB="02000200", @ANYRES32=r10, @ANYBLOB="02000600", @ANYRES32=0xee01, @ANYBLOB="02000200", @ANYRES32=r11, @ANYBLOB="02000000", @ANYRES32=r12, @ANYBLOB="040004000000000008000600", @ANYRES32=r14, @ANYBLOB="08000500", @ANYRES32=r15, @ANYBLOB="08000400", @ANYRES32=r16, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0xee01, @ANYBLOB="08000100", @ANYRES32=r23, @ANYBLOB="08000100", @ANYRES32=r26, @ANYBLOB="08001888", @ANYRES32=r27, @ANYBLOB="08000100", @ANYRES32=r29, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=r31, @ANYBLOB="10000200000000002000020000000000"], 0xa4, 0x3) close(r0) 00:52:44 executing program 5: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x812903, 0x0) ioctl$PPPIOCCONNECT(r0, 0x4004743a, &(0x7f0000000040)=0x3) semctl$GETPID(0x0, 0x0, 0xb, 0x0) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r1, &(0x7f0000000400)=ANY=[@ANYBLOB="2321202e2f66696c7a3020201b573146d3bc6568cfb9891db55043989e1f1447868591a7376956da32863d856fdeb6366535d49cd11135bf71d82b83552f2c073489eed7fe9f3577df3b08027d01e9be0c3a623eb0cdce54a073b35ba3159dbcb0d944439beae8466461c98ddb500f73ab04d7b2a49351a60dcd94851dc4ab8d634f286b039403440f179bee6295a9615b3d7dbf239cb3e53579b12d6911be625009b44b5e"], 0xc) close(r1) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000000c0)='NLBL_UNLBL\x00') sendmsg$NLBL_UNLABEL_C_ACCEPT(r1, &(0x7f0000000180)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x40, r2, 0x400, 0x70bd2c, 0x25dfdbfe, {}, [@NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @broadcast}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @loopback}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @empty}]}, 0x40}, 0x1, 0x0, 0x0, 0xc001}, 0x48004) ioctl$SIOCX25SDTEFACILITIES(r1, 0x89eb, &(0x7f00000001c0)={0xf000, 0x7f, 0x7, 0x8, 0x3f, 0x26, 0x0, "24d1da604214f3945a3dda5a1c2bde758eb77442", "672d9019c662e19b5db3996bb2c68f26ef9fba92"}) 00:52:44 executing program 2: r0 = socket(0x1, 0x0, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0}, &(0x7f0000000200)=0x5) setresuid(0x0, r1, 0x0) semctl$GETPID(0x0, 0x0, 0xb, 0x0) 00:52:44 executing program 0: syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="6f626a5f726f6c653d2f6465762f646d6d69646923232c00bbe700fcffffb1099a5da6ba90a6562954556321f852afd01e0684acd7f67b4d3e06b56b30d429544e7a801786a2181066d2b1a679ce3d67b74109112aa0f5cd05d27fcd232c0014546f8922d3e6d0d4e72864f861c6b0dc7fc8ccfd4bd5efcad16171febc4906bae19b3751c5b4183fd693ba181057dde84dc54070aa1725a917827aa983bed4ec8fb7e227d3b727"]) r0 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r0, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0x1) setresuid(0x0, r2, 0x0) r3 = socket(0x22, 0x2, 0x80) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setresgid(0x0, 0x0, r4) setfsgid(r4) setfsgid(r4) chown(&(0x7f0000000040)='./file0\x00', r2, r4) r5 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r5, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) r6 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r6, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r6) ioctl$sock_rose_SIOCRSCLRRT(r6, 0x89e4) close(r5) r7 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r7, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r7) setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r7, 0x10e, 0x8, &(0x7f0000000300)=0x9, 0x4) getsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000080)=ANY=[@ANYRES32=0x0, @ANYBLOB="000001000801"], &(0x7f0000000140)=0xa) setsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r5, 0x84, 0x6, &(0x7f0000000540)={r8, @in={{0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}}}, 0x84) close(r0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000000)=@v1={0x0, @aes256, 0x2, "3d6ad05be867b2ef"}) r9 = openat$cgroup_type(0xffffffffffffffff, &(0x7f00000000c0)='cgroup.type\x00', 0x2, 0x0) r10 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r10, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r10) setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r10, 0x28, 0x0, &(0x7f00000002c0)=0xfffffffffffffffd, 0x8) write$binfmt_script(r9, &(0x7f0000000400)={'#! ', './file0', [{0x20, 'usermime_typeself*-!ppp1\xa4\x84S\xba\xec\x83\xf8\xf2\x98<\xb0^\x16\xf9L\xbf\xf5o\x8bZ\x02\x8b\x92\xc3~\xec\x12^\x80*\xa3y\x12W\x94\xcc\xe1\x83@\x00p\xcd5C\xac\x1f\x0f \x84v*rM\xd5$\xd2\xa1W\x1dS\x8f \xd34\xa8e\x01\x82G\n\xa58\x83\xaf#\x06\x88\x8c\x02\x02\x03f\rG\xeap\xca\xaa-\xf8vkl%\f\"\xdc\x9c\x8c\f\xc6e\r\xd0\x92\xfc!6\xb3~\xea<\xf7\xea\xfc'}, {0x20, '#! '}], 0xa, "85b232119837cab27de29a79d37e31c4643349bfb41880e20cabe9cc4a3c892ee4aba7cfc863649d085157497b8ffdcc02efc0cabe491097e6902e1124bdac330bf6cfea535a5af3655472c027466ccdbdb32afbf8a355fc3e3786acfc232907b33d12b9c5ee5b0bf3e887b02b1cd597511ae1e25e09fc63e14dda3c01255a8ead122500"}, 0x120) 00:52:44 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x61, 0x11, 0x8}]}, &(0x7f00000000c0)='GPL\x00', 0x4, 0x33f, &(0x7f0000000200)=""/4096, 0x0, 0x0, [], 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:52:44 executing program 3: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000340)='/dev/sequencer\x00', 0x200000, 0x0) ioctl$SIOCAX25CTLCON(r0, 0x89e8, &(0x7f0000000380)={@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x2, 0x1, 0x6, [@default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}) semctl$GETPID(0x0, 0x0, 0xb, 0x0) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) r2 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r2, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r2) bind$inet6(r2, &(0x7f0000000080)={0xa, 0x4e20, 0x6, @empty, 0x2}, 0x1c) r3 = syz_open_dev$vivid(&(0x7f0000000000)='/dev/video#\x00', 0x1, 0x2) sendfile(r1, r3, &(0x7f0000000040)=0xffffffff, 0x3) 00:52:44 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x61, 0x11, 0x8}]}, &(0x7f00000000c0)='GPL\x00', 0x4, 0x33f, &(0x7f0000000200)=""/4096, 0x0, 0x0, [], 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:52:44 executing program 2: socket(0x1, 0x5, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0}, &(0x7f0000000200)=0x5) setresuid(0x0, r0, 0x0) semctl$GETPID(0x0, 0x0, 0xb, 0x0) 00:52:44 executing program 4: creat(&(0x7f0000000280)='./file0\x00', 0x1) r0 = creat(&(0x7f0000000400)='./file0\x00', 0x142) ioctl$SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0xc0045005, &(0x7f0000000440)=0x311) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080)='nl80211\x00') openat$vicodec0(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/video36\x00', 0x2, 0x0) sendmsg$NL80211_CMD_SET_MPATH(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x44, r1, 0x200, 0x70bd27, 0x25dfdbfe, {}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @local}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x10001}}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @multicast}]}, 0x44}, 0x1, 0x0, 0x0, 0x800}, 0x40000) r2 = socket$nl_generic(0x10, 0x3, 0x10) recvfrom(r2, &(0x7f00000002c0)=""/210, 0xd2, 0x21, &(0x7f00000001c0)=@pptp={0x18, 0x2, {0x0, @local}}, 0x80) write$binfmt_script(r0, &(0x7f0000000000)=ANY=[@ANYRES64=r0], 0x8) ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(r2, 0x8983, &(0x7f0000000240)={0x6, 'batadv_slave_0\x00', {0x1000}, 0x400}) close(r0) 00:52:44 executing program 0: r0 = dup(0xffffffffffffffff) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) r2 = socket$inet(0x2, 0x4000000805, 0x0) r3 = socket$inet_sctp(0x2, 0x5, 0x84) dup3(r2, r3, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000d6cff0)=[@in={0x2, 0x4e20, @loopback}], 0x10) sendto$inet(r3, &(0x7f00003cef9f)='7', 0x1, 0x0, &(0x7f0000618000)={0x2, 0x4e20, @loopback}, 0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f000025e000)={0x2, [0x0, 0x0]}, &(0x7f0000a8a000)=0xc) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f0000000040)={r4}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f0000000000)={r4, 0x2, 0x10, 0x2000, 0xa8}, &(0x7f0000000040)=0x18) 00:52:44 executing program 2: socket(0x1, 0x5, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0}, &(0x7f0000000200)=0x5) setresuid(0x0, r0, 0x0) semctl$GETPID(0x0, 0x0, 0xb, 0x0) 00:52:44 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x0, 0x0, &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f0000000200)=""/4096, 0x0, 0x0, [], 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 00:52:45 executing program 0: r0 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000340)=ANY=[@ANYRES16=r0], 0x2) close(r0) ioctl$VIDIOC_ENUM_DV_TIMINGS(r0, 0xc0945662, &(0x7f0000000000)={0x8d, 0x0, [], {0x0, @bt={0x6, 0x7f, 0x0, 0x3, 0x3, 0x29, 0x1, 0x3, 0x86d, 0x7, 0x1ff, 0x2e9, 0x1ff, 0x3, 0x4, 0x3b, {0x39ac800, 0x9}, 0xf9, 0xa0}}}) syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={[], [{@obj_role={'obj_role', 0x3d, '/dev/dmmidi#\x00'}}]}) 00:52:49 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x0, 0x0, &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f0000000200)=""/4096, 0x0, 0x0, [], 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 00:52:49 executing program 5: r0 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r0, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) stat(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000100)) close(r0) setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000000)="4e7c863b51b59a573577c3c7d7e159d2", 0x10) 00:52:49 executing program 2: socket(0x1, 0x5, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0}, &(0x7f0000000200)=0x5) setresuid(0x0, r0, 0x0) semctl$GETPID(0x0, 0x0, 0xb, 0x0) 00:52:49 executing program 4: creat(&(0x7f0000000280)='./file0\x00', 0x0) r0 = creat(&(0x7f0000000280)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r1, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r1) r2 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r2, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r2) r3 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r3, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r3) write$binfmt_script(r0, &(0x7f0000000000)=ANY=[@ANYBLOB='#', @ANYRESOCT, @ANYRESDEC=r1, @ANYPTR, @ANYRESDEC=r2, @ANYRESHEX=r2, @ANYRES64=r3, @ANYPTR64, @ANYRESDEC=0x0], 0x7a) close(r0) 00:52:49 executing program 3: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000340)='/dev/sequencer\x00', 0x200000, 0x0) ioctl$SIOCAX25CTLCON(r0, 0x89e8, &(0x7f0000000380)={@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x2, 0x1, 0x6, [@default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}) semctl$GETPID(0x0, 0x0, 0xb, 0x0) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) r2 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r2, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r2) bind$inet6(r2, &(0x7f0000000080)={0xa, 0x4e20, 0x6, @empty, 0x2}, 0x1c) r3 = syz_open_dev$vivid(&(0x7f0000000000)='/dev/video#\x00', 0x1, 0x2) sendfile(r1, r3, &(0x7f0000000040)=0xffffffff, 0x3) 00:52:49 executing program 0: syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={[], [{@obj_role={'obj_role', 0x3d, '/dev/dmmidi#\x00'}}]}) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ip_mr_vif\x00') futimesat(r0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={{0x77359400}, {0x0, 0x7530}}) 00:52:49 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x0, 0x0, &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f0000000200)=""/4096, 0x0, 0x0, [], 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 00:52:49 executing program 2: r0 = socket(0x1, 0x5, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, 0x0, &(0x7f0000000200)) setresuid(0x0, 0x0, 0x0) semctl$GETPID(0x0, 0x0, 0xb, 0x0) 00:52:49 executing program 0: syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="6f626aff7f6f6c653d2f643969240487af2bbd65762f646d"]) 00:52:49 executing program 4: creat(&(0x7f0000000280)='./file0\x00', 0x0) r0 = creat(&(0x7f0000000280)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r1, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r1) r2 = openat$drirender128(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dri/renderD128\x00', 0x22082, 0x0) fsetxattr(r2, &(0x7f0000000100)=@known='trusted.overlay.opaque\x00', &(0x7f0000000140)='wlan1%securityselinux[!selinux!:keyring&\x00', 0x29, 0x3) flistxattr(r1, &(0x7f0000000000)=""/153, 0x99) write$binfmt_script(r0, &(0x7f0000000340)=ANY=[@ANYBLOB='#'], 0x1) r3 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r3, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r3) recvmsg(r3, &(0x7f00000005c0)={&(0x7f0000000180)=@ax25={{0x3, @default}, [@null, @rose, @bcast, @bcast, @rose, @bcast, @netrom, @default]}, 0x80, &(0x7f0000000500)=[{&(0x7f0000000380)=""/241, 0xf1}, {&(0x7f0000000200)=""/124, 0x7c}, {&(0x7f00000002c0)=""/7, 0x7}, {&(0x7f0000000300)=""/15, 0xf}, {&(0x7f0000000480)=""/17, 0x11}, {&(0x7f00000004c0)=""/30, 0x1e}], 0x6, &(0x7f0000000540)=""/127, 0x7f}, 0x0) close(r0) 00:52:49 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x3, &(0x7f0000000000)=@framed, &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f0000000200)=""/4096, 0x0, 0x0, [], 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 00:52:50 executing program 2: r0 = socket(0x1, 0x5, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, 0x0, &(0x7f0000000200)) setresuid(0x0, 0x0, 0x0) semctl$GETPID(0x0, 0x0, 0xb, 0x0) 00:52:50 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x3, &(0x7f0000000000)=@framed, &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f0000000200)=""/4096, 0x0, 0x0, [], 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 00:52:54 executing program 3: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000340)='/dev/sequencer\x00', 0x200000, 0x0) ioctl$SIOCAX25CTLCON(r0, 0x89e8, &(0x7f0000000380)={@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x2, 0x1, 0x6, [@default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}) semctl$GETPID(0x0, 0x0, 0xb, 0x0) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) r2 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r2, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r2) bind$inet6(r2, &(0x7f0000000080)={0xa, 0x4e20, 0x6, @empty, 0x2}, 0x1c) r3 = syz_open_dev$vivid(&(0x7f0000000000)='/dev/video#\x00', 0x1, 0x2) sendfile(r1, r3, &(0x7f0000000040)=0xffffffff, 0x3) 00:52:54 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)) r0 = accept4$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$sock_SIOCSIFVLAN_SET_VLAN_INGRESS_PRIORITY_CMD(r0, 0x8983, &(0x7f0000000040)={0x2, 'nr0\x00', {0x2}, 0xfffb}) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(0x0, r1, 0x0) r2 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="2321202e2f66696c7a30202061cd15450f99a00448d0967349beee3fd0fb57f15842f7cb3f45854cbb274f217113f5605c5ca5180d09e49474a35b9eda7c642cca7fbe42b08c20c4c7791b5aa5f2bcdac28ffc2c16a1199458997bf83b2e1df52b36b69be90e27dd7d72b0c54f5bafaf150fd133da91153d258fd41c479676005a3cbf7bf414e10d3eca80d0994897af53bed37824cecdda10046810c6b64e44974e8769cdf7b9b7604f02e9652a58f5b4dbd77c523d03c1043a83b489ae8286ae6bbf65f805950a891b2e5e93d83640fc33015662dbc253333822cf0e26dc8a3749e3b542b6303064ff5b8fc7f1824642d014d65fc808afff55c7b2112f78b4db4d684a61490895b5d996e22ebcd18a0f22f29b56bf76ae8cd7dde8d94251ba8329ea78f254806f81606f4ec25e8a63a8a03d48fb0e8036f1c504a9f19b8cec41e024c24e1b1ddbd4545fb3dc7884a6524ad9a57a03de1c007cb7adcdf3f87b3a968cbccc03ded7e7f2bab91ea36c70f3d9f93f12abd0934775a54621f227274d67738056d9144f1d265f45f63b399c1800821d0e1ccda1b8e5f9b1d940179648b3a87b274ee730a5e092dce599903b691e7449f18aca73175778d22861f721429e4b9e5f8fc10043d5213c98c7752ae83a20c5abf98a3555e12d493efe2202859d45bbc7378594a828cb95cd41b5"], 0xc) close(r2) ioctl$SIOCPNADDRESOURCE(r2, 0x89e0, &(0x7f0000000080)=0x20) syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)={[], [{@obj_role={'obj_role', 0x3d, '/dev/dmmidi#\x00'}}, {@seclabel='seclabel'}, {@fowner_eq={'fowner', 0x3d, r1}}]}) 00:52:54 executing program 2: r0 = socket(0x1, 0x5, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, 0x0, &(0x7f0000000200)) setresuid(0x0, 0x0, 0x0) semctl$GETPID(0x0, 0x0, 0xb, 0x0) 00:52:54 executing program 4: r0 = creat(&(0x7f0000000280)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r1, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r1) io_uring_register$IORING_REGISTER_EVENTFD(r1, 0x4, &(0x7f0000000100), 0x1) r2 = creat(&(0x7f0000000280)='./file0\x00', 0x0) r3 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r3, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r3) r4 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r4, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r4) r5 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r5, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r5) r6 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r6, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r6) r7 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r7, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r7) r8 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r8, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r8) r9 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r9, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r9) r10 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r10, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r10) r11 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r11, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r11) write$binfmt_script(r0, &(0x7f00000000c0)=ANY=[@ANYRESOCT=r2, @ANYPTR64=&(0x7f0000000140)=ANY=[@ANYRESDEC=r3, @ANYRES64=r11, @ANYRES64, @ANYRES64=0x0, @ANYRESDEC=r1, @ANYRESOCT, @ANYRES32=0x0, @ANYRES16=r4, @ANYRES64=r5], @ANYPTR64=&(0x7f00000001c0)=ANY=[@ANYRESDEC=r6, @ANYRES32=r7, @ANYRES32=r8, @ANYRESHEX=0x0, @ANYRES64=r2, @ANYRESOCT=r2, @ANYRESOCT=r1, @ANYRES32=r9, @ANYRES16=r5], @ANYRES64=r6, @ANYRES16=r10], 0xeedb3179ed0f8552) close(r2) 00:52:54 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x3, &(0x7f0000000000)=@framed, &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f0000000200)=""/4096, 0x0, 0x0, [], 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 00:52:54 executing program 5: prctl$PR_GET_THP_DISABLE(0x2a) semget$private(0x0, 0x3, 0x422) r0 = semget(0x2, 0x1, 0x222) semctl$GETPID(r0, 0x3, 0xb, 0x0) 00:52:55 executing program 2: r0 = socket(0x1, 0x5, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0}, 0x0) setresuid(0x0, r1, 0x0) semctl$GETPID(0x0, 0x0, 0xb, 0x0) 00:52:55 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x61, 0x11, 0x8}]}, 0x0, 0x4, 0x1000, &(0x7f0000000200)=""/4096, 0x0, 0x0, [], 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) 00:52:55 executing program 0: syz_mount_image$iso9660(&(0x7f0000000180)='iso9660\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="6f626a5f726f6c653d2f6465762f646d6d69646923002c003174acba81b840a03ec38d36f9010f77c591bb14d5272ee32e3f1f00ad64afd7ff15a55c72f55358efd5c67d0000000000002448a68711114ccd674b89edf6252505bfb0d1fcb24d9479db80290b1eb1902593429f84d7d075ff9443a5e5bf892bd827ccd91fe1e858d8973be5c9d5e87b4c8b4e58949b07993b73973bf09fcb955bc190ffec14af01eadc63a096f7f3a8a8b7d2297f97259e5e17bf0134f0c7ac5885dc55b963245534b4ae237b1046198c13aa8294c410fa65ce56d17b389ea412b8a6720beca8218963d6f7942ea2b317d26d7cf540fdd5"]) r0 = creat(&(0x7f0000000280)='./file0\x00', 0x9c) write$binfmt_script(r0, &(0x7f0000000340)=ANY=[@ANYBLOB='#! ./filz0 '], 0xc) close(r0) ioctl$USBDEVFS_CLAIMINTERFACE(r0, 0x8004550f, &(0x7f0000000100)=0x6) 00:52:55 executing program 2: r0 = socket(0x1, 0x5, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0}, 0x0) setresuid(0x0, r1, 0x0) semctl$GETPID(0x0, 0x0, 0xb, 0x0) 00:52:55 executing program 4: creat(&(0x7f0000000280)='./file0\x00', 0x0) r0 = getegid() mount$9p_unix(&(0x7f0000000000)='\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='9p\x00', 0x16, &(0x7f00000000c0)={'trans=unix,', {[{@nodevmap='nodevmap'}, {@afid={'afid', 0x3d, 0x8}}, {@mmap='mmap'}, {@mmap='mmap'}, {@dfltgid={'dfltgid', 0x3d, r0}}, {@cache_mmap='cache=mmap'}, {@cache_none='cache=none'}, {@uname={'uname'}}], [{@permit_directio='permit_directio'}]}}) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x0) write$binfmt_script(r1, &(0x7f0000000340)=ANY=[@ANYBLOB='#'], 0x1) close(r1) 00:52:55 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x61, 0x11, 0x8}]}, 0x0, 0x4, 0x1000, &(0x7f0000000200)=""/4096, 0x0, 0x0, [], 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x74) [ 3341.776523][T10534] ===================================================== [ 3341.783642][T10534] BUG: KMSAN: uninit-value in unix_find_other+0x30f/0xda0 [ 3341.790778][T10534] CPU: 1 PID: 10534 Comm: syz-executor.4 Not tainted 5.6.0-rc2-syzkaller #0 [ 3341.799462][T10534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3341.809622][T10534] Call Trace: [ 3341.812934][T10534] dump_stack+0x1c9/0x220 [ 3341.817293][T10534] kmsan_report+0xf7/0x1e0 [ 3341.821736][T10534] __msan_warning+0x58/0xa0 [ 3341.826258][T10534] unix_find_other+0x30f/0xda0 [ 3341.831058][T10534] unix_stream_connect+0x7c5/0x2450 [ 3341.836277][T10534] ? security_socket_post_create+0x1ea/0x240 [ 3341.842274][T10534] ? kmsan_get_metadata+0x4f/0x180 [ 3341.847435][T10534] ? unix_bind+0x1bd0/0x1bd0 [ 3341.852028][T10534] p9_fd_create_unix+0x2cf/0x690 [ 3341.857093][T10534] ? kmsan_get_metadata+0x11d/0x180 [ 3341.862280][T10534] ? p9_pollwake+0x350/0x350 [ 3341.867016][T10534] p9_client_create+0xfdc/0x1dc0 [ 3341.872166][T10534] ? kmsan_get_metadata+0x11d/0x180 [ 3341.877584][T10534] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 3341.883514][T10534] v9fs_session_init+0x2ab/0x2a10 [ 3341.888580][T10534] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 3341.894535][T10534] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 3341.900669][T10534] ? kmem_cache_alloc_trace+0x170/0xd70 [ 3341.906410][T10534] v9fs_mount+0x150/0x1170 [ 3341.910905][T10534] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 3341.916978][T10534] legacy_get_tree+0x169/0x2e0 [ 3341.921791][T10534] ? xfs_fs_commit_blocks+0xda0/0xda0 [ 3341.927195][T10534] ? legacy_parse_monolithic+0x2c0/0x2c0 [ 3341.932833][T10534] vfs_get_tree+0xdd/0x580 [ 3341.937246][T10534] do_mount+0x365c/0x4ac0 [ 3341.941666][T10534] ? _copy_from_user+0x15b/0x260 [ 3341.946622][T10534] __se_compat_sys_mount+0x3a8/0xa10 [ 3341.951901][T10534] ? kmsan_get_metadata+0x4f/0x180 [ 3341.957009][T10534] __ia32_compat_sys_mount+0x157/0x1b0 [ 3341.962522][T10534] ? locks_show+0x580/0x580 [ 3341.967030][T10534] do_fast_syscall_32+0x3c7/0x6e0 [ 3341.972075][T10534] entry_SYSENTER_compat+0x68/0x77 [ 3341.977185][T10534] RIP: 0023:0xf7f56d99 [ 3341.981260][T10534] Code: 90 e8 0b 00 00 00 f3 90 0f ae e8 eb f9 8d 74 26 00 89 3c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3342.000999][T10534] RSP: 002b:00000000f5d510cc EFLAGS: 00000296 ORIG_RAX: 0000000000000015 [ 3342.009479][T10534] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000020000040 [ 3342.017479][T10534] RDX: 0000000020000080 RSI: 0000000000000016 RDI: 00000000200000c0 [ 3342.025460][T10534] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3342.033422][T10534] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3342.041386][T10534] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3342.049476][T10534] [ 3342.051801][T10534] Local variable ----sun_server@p9_fd_create_unix created at: [ 3342.059246][T10534] p9_fd_create_unix+0x8d/0x690 [ 3342.064098][T10534] p9_fd_create_unix+0x8d/0x690 [ 3342.068928][T10534] ===================================================== [ 3342.075838][T10534] Disabling lock debugging due to kernel taint [ 3342.081970][T10534] Kernel panic - not syncing: panic_on_warn set ... [ 3342.088542][T10534] CPU: 1 PID: 10534 Comm: syz-executor.4 Tainted: G B 5.6.0-rc2-syzkaller #0 [ 3342.098585][T10534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3342.108655][T10534] Call Trace: [ 3342.111949][T10534] dump_stack+0x1c9/0x220 [ 3342.116281][T10534] panic+0x3d5/0xc3e [ 3342.120210][T10534] kmsan_report+0x1df/0x1e0 [ 3342.124731][T10534] __msan_warning+0x58/0xa0 [ 3342.129238][T10534] unix_find_other+0x30f/0xda0 [ 3342.133997][T10534] unix_stream_connect+0x7c5/0x2450 [ 3342.139189][T10534] ? security_socket_post_create+0x1ea/0x240 [ 3342.145159][T10534] ? kmsan_get_metadata+0x4f/0x180 [ 3342.150273][T10534] ? unix_bind+0x1bd0/0x1bd0 [ 3342.154849][T10534] p9_fd_create_unix+0x2cf/0x690 [ 3342.159782][T10534] ? kmsan_get_metadata+0x11d/0x180 [ 3342.164970][T10534] ? p9_pollwake+0x350/0x350 [ 3342.169562][T10534] p9_client_create+0xfdc/0x1dc0 [ 3342.174502][T10534] ? kmsan_get_metadata+0x11d/0x180 [ 3342.179686][T10534] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 3342.185479][T10534] v9fs_session_init+0x2ab/0x2a10 [ 3342.190508][T10534] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 3342.196564][T10534] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 3342.202632][T10534] ? kmem_cache_alloc_trace+0x170/0xd70 [ 3342.208179][T10534] v9fs_mount+0x150/0x1170 [ 3342.212585][T10534] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 3342.218828][T10534] legacy_get_tree+0x169/0x2e0 [ 3342.223602][T10534] ? xfs_fs_commit_blocks+0xda0/0xda0 [ 3342.228975][T10534] ? legacy_parse_monolithic+0x2c0/0x2c0 [ 3342.234615][T10534] vfs_get_tree+0xdd/0x580 [ 3342.239092][T10534] do_mount+0x365c/0x4ac0 [ 3342.243423][T10534] ? _copy_from_user+0x15b/0x260 [ 3342.248403][T10534] __se_compat_sys_mount+0x3a8/0xa10 [ 3342.253722][T10534] ? kmsan_get_metadata+0x4f/0x180 [ 3342.258934][T10534] __ia32_compat_sys_mount+0x157/0x1b0 [ 3342.264437][T10534] ? locks_show+0x580/0x580 [ 3342.269004][T10534] do_fast_syscall_32+0x3c7/0x6e0 [ 3342.274137][T10534] entry_SYSENTER_compat+0x68/0x77 [ 3342.279230][T10534] RIP: 0023:0xf7f56d99 [ 3342.283292][T10534] Code: 90 e8 0b 00 00 00 f3 90 0f ae e8 eb f9 8d 74 26 00 89 3c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3342.303024][T10534] RSP: 002b:00000000f5d510cc EFLAGS: 00000296 ORIG_RAX: 0000000000000015 [ 3342.311543][T10534] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000020000040 [ 3342.319605][T10534] RDX: 0000000020000080 RSI: 0000000000000016 RDI: 00000000200000c0 [ 3342.327689][T10534] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3342.335766][T10534] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3342.343835][T10534] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3342.352561][T10534] ------------[ cut here ]------------ [ 3342.358043][T10534] kernel BUG at mm/kmsan/kmsan.h:87! [ 3342.363315][T10534] invalid opcode: 0000 [#1] SMP [ 3342.368148][T10534] CPU: 1 PID: 10534 Comm: syz-executor.4 Tainted: G B 5.6.0-rc2-syzkaller #0 [ 3342.378193][T10534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3342.388255][T10534] RIP: 0010:kmsan_internal_check_memory+0x3c0/0x3d0 [ 3342.395357][T10534] Code: 5b 41 5c 41 5d 41 5e 41 5f 5d c3 0f 0b 48 c7 c7 06 4c e8 af 31 c0 e8 e1 70 48 ff 0f 0b 0f 0b 0f 0b 0f 0b e8 02 8f 48 ff 0f 0b <0f> 0b 0f 1f 40 00 66 2e 0f 1f 84 00 00 00 00 00 55 48 89 e5 83 ff [ 3342.415076][T10534] RSP: 0018:ffffbdbcc2463108 EFLAGS: 00010046 [ 3342.421129][T10534] RAX: 0000000000000002 RBX: 00000000057300b4 RCX: 00000000057300b4 [ 3342.429080][T10534] RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffffbdbcc24631e4 [ 3342.437030][T10534] RBP: ffffbdbcc24631b0 R08: 0000000000000000 R09: ffff9d996fd28ed0 [ 3342.444995][T10534] R10: 0000000000000000 R11: ffffffffa6c16f70 R12: 0000000000000000 [ 3342.452962][T10534] R13: 0000000000000001 R14: 0000000000000006 R15: 0000000000000001 [ 3342.460916][T10534] FS: 0000000000000000(0000) GS:ffff9d996fd00000(0063) knlGS:00000000f5d51b40 [ 3342.469836][T10534] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 3342.476398][T10534] CR2: 0000000008178084 CR3: 00000000af5b1000 CR4: 00000000001406e0 [ 3342.484353][T10534] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 3342.492312][T10534] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600 [ 3342.500267][T10534] Call Trace: [ 3342.503560][T10534] kmsan_check_memory+0xd/0x10 [ 3342.508325][T10534] iowrite8+0x99/0x2e0 [ 3342.512394][T10534] pvpanic_panic_notify+0x99/0xc0 [ 3342.517405][T10534] ? pvpanic_mmio_remove+0x60/0x60 [ 3342.522610][T10534] atomic_notifier_call_chain+0x12a/0x240 [ 3342.528321][T10534] panic+0x468/0xc3e [ 3342.532223][T10534] kmsan_report+0x1df/0x1e0 [ 3342.536766][T10534] __msan_warning+0x58/0xa0 [ 3342.541259][T10534] unix_find_other+0x30f/0xda0 [ 3342.546019][T10534] unix_stream_connect+0x7c5/0x2450 [ 3342.551213][T10534] ? security_socket_post_create+0x1ea/0x240 [ 3342.557281][T10534] ? kmsan_get_metadata+0x4f/0x180 [ 3342.562385][T10534] ? unix_bind+0x1bd0/0x1bd0 [ 3342.566957][T10534] p9_fd_create_unix+0x2cf/0x690 [ 3342.571883][T10534] ? kmsan_get_metadata+0x11d/0x180 [ 3342.577067][T10534] ? p9_pollwake+0x350/0x350 [ 3342.581634][T10534] p9_client_create+0xfdc/0x1dc0 [ 3342.586563][T10534] ? kmsan_get_metadata+0x11d/0x180 [ 3342.591743][T10534] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 3342.597531][T10534] v9fs_session_init+0x2ab/0x2a10 [ 3342.602557][T10534] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 3342.608342][T10534] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 3342.614405][T10534] ? kmem_cache_alloc_trace+0x170/0xd70 [ 3342.620044][T10534] v9fs_mount+0x150/0x1170 [ 3342.624459][T10534] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 3342.630514][T10534] legacy_get_tree+0x169/0x2e0 [ 3342.635255][T10534] ? xfs_fs_commit_blocks+0xda0/0xda0 [ 3342.640617][T10534] ? legacy_parse_monolithic+0x2c0/0x2c0 [ 3342.646239][T10534] vfs_get_tree+0xdd/0x580 [ 3342.650699][T10534] do_mount+0x365c/0x4ac0 [ 3342.655632][T10534] ? _copy_from_user+0x15b/0x260 [ 3342.660614][T10534] __se_compat_sys_mount+0x3a8/0xa10 [ 3342.666016][T10534] ? kmsan_get_metadata+0x4f/0x180 [ 3342.671219][T10534] __ia32_compat_sys_mount+0x157/0x1b0 [ 3342.676662][T10534] ? locks_show+0x580/0x580 [ 3342.681181][T10534] do_fast_syscall_32+0x3c7/0x6e0 [ 3342.686212][T10534] entry_SYSENTER_compat+0x68/0x77 [ 3342.691317][T10534] RIP: 0023:0xf7f56d99 [ 3342.695368][T10534] Code: 90 e8 0b 00 00 00 f3 90 0f ae e8 eb f9 8d 74 26 00 89 3c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 [ 3342.715048][T10534] RSP: 002b:00000000f5d510cc EFLAGS: 00000296 ORIG_RAX: 0000000000000015 [ 3342.724391][T10534] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000020000040 [ 3342.732356][T10534] RDX: 0000000020000080 RSI: 0000000000000016 RDI: 00000000200000c0 [ 3342.740309][T10534] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 3342.748272][T10534] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 3342.756836][T10534] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 3342.764814][T10534] Modules linked in: [ 3342.768697][T10534] ---[ end trace 68e8bd7977618106 ]--- [ 3342.774148][T10534] RIP: 0010:kmsan_internal_check_memory+0x3c0/0x3d0 [ 3342.780724][T10534] Code: 5b 41 5c 41 5d 41 5e 41 5f 5d c3 0f 0b 48 c7 c7 06 4c e8 af 31 c0 e8 e1 70 48 ff 0f 0b 0f 0b 0f 0b 0f 0b e8 02 8f 48 ff 0f 0b <0f> 0b 0f 1f 40 00 66 2e 0f 1f 84 00 00 00 00 00 55 48 89 e5 83 ff [ 3342.800315][T10534] RSP: 0018:ffffbdbcc2463108 EFLAGS: 00010046 [ 3342.806359][T10534] RAX: 0000000000000002 RBX: 00000000057300b4 RCX: 00000000057300b4 [ 3342.814317][T10534] RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffffbdbcc24631e4 [ 3342.822276][T10534] RBP: ffffbdbcc24631b0 R08: 0000000000000000 R09: ffff9d996fd28ed0 [ 3342.830234][T10534] R10: 0000000000000000 R11: ffffffffa6c16f70 R12: 0000000000000000 [ 3342.838184][T10534] R13: 0000000000000001 R14: 0000000000000006 R15: 0000000000000001 [ 3342.846150][T10534] FS: 0000000000000000(0000) GS:ffff9d996fd00000(0063) knlGS:00000000f5d51b40 [ 3342.855095][T10534] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 3342.861686][T10534] CR2: 0000000008178084 CR3: 00000000af5b1000 CR4: 00000000001406e0 [ 3342.869770][T10534] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 3342.877724][T10534] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600 [ 3342.885679][T10534] Kernel panic - not syncing: Fatal exception [ 3342.892484][T10534] Kernel Offset: 0x20a00000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff) [ 3342.904104][T10534] Rebooting in 86400 seconds..