='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(0xffffffffffffffff, 0x8008551d, &(0x7f0000000000)={0x0, 0xd, [{}, {}, {}, {}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {0x0, 0x1}]}) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000040)=ANY=[@ANYBLOB="0200230374be10000000000010"]) [ 708.000058][T15726] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.5'. 20:05:11 executing program 2: r0 = socket(0xa, 0x3, 0x3) ioctl$sock_inet_tcp_SIOCOUTQ(r0, 0x89e0, 0x0) 20:05:11 executing program 1: bpf$MAP_CREATE(0x0, &(0x7f00004f9fe4)={0xa, 0x6, 0x200f, 0x7f}, 0x40) r0 = bpf$MAP_CREATE(0x2, &(0x7f0000000000)={0x3, 0x0, 0x77fffb, 0x0, 0x820005, 0x0}, 0x2c) bpf$MAP_CREATE(0x4, &(0x7f0000000040)={0x3, 0x0, 0x403618, 0x0, 0x20820000, r0}, 0x2c) 20:05:11 executing program 5: r0 = socket(0x18, 0x0, 0x0) ioctl$SIOCSIFHWADDR(r0, 0x89f0, &(0x7f0000000000)={'ip6_vti0\x00', @broadcast}) 20:05:11 executing program 3: setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x6, 0x87, 0x0, 0xfffffffffffffd4a) 20:05:11 executing program 4: r0 = socket$inet_smc(0x2b, 0x1, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, 0x0) 20:05:11 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(0xffffffffffffffff, 0x8008551d, &(0x7f0000000000)={0x0, 0xd, [{}, {}, {}, {}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {0x0, 0x1}]}) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000040)=ANY=[@ANYBLOB="0200230374be10000000000010"]) 20:05:11 executing program 2: r0 = syz_io_uring_setup(0x3c91, &(0x7f0000000000), &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000080)) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x40010, r0, 0x10000000) 20:05:12 executing program 5: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$bt_l2cap_L2CAP_LM(r0, 0x29, 0x2, 0x0, 0x0) 20:05:12 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f0000007580)={0x0, 0x0, &(0x7f0000007540)={&(0x7f00000000c0)={0x38, 0x0, 0xb, 0x101, 0x0, 0x0, {0x2}, [@NFCTH_QUEUE_NUM={0x8}, @NFCTH_TUPLE={0x10, 0x2, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @NFCTH_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x38}}, 0x0) 20:05:12 executing program 3: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_GETFSLABEL(r0, 0x81009431, 0x0) 20:05:12 executing program 1: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f0000000140)={0x14, 0x88, 0xfa00, {0xffffffffffffffff, 0x30, 0x0, @in6={0xa, 0x0, 0x0, @dev}}}, 0x90) [ 709.653702][T15761] netlink: 'syz-executor.4': attribute type 2 has an invalid length. 20:05:12 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(0xffffffffffffffff, 0x8008551d, &(0x7f0000000000)={0x0, 0xd, [{}, {}, {}, {}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {0x0, 0x1}]}) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000040)=ANY=[@ANYBLOB="0200230374be10000000000010"]) 20:05:12 executing program 5: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_REAPURB(r0, 0x802c550a, 0x0) 20:05:12 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x8910, &(0x7f00000000c0)={'sit0\x00', &(0x7f0000000040)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @private0, @loopback}}) 20:05:12 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x8915, &(0x7f0000000280)={'syztnl0\x00', 0x0}) 20:05:12 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$bt_l2cap_L2CAP_LM(r0, 0x29, 0x4b, 0x0, 0x0) 20:05:13 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000080)='fou\x00') sendmsg$FOU_CMD_ADD(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000500)={0x1c, r1, 0x1, 0x0, 0x0, {0x2}, [@FOU_ATTR_AF={0x5}]}, 0x1c}}, 0x0) 20:05:13 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(0xffffffffffffffff, 0x8008551d, &(0x7f0000000000)={0x0, 0xd, [{}, {}, {}, {}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {0x0, 0x1}]}) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000040)=ANY=[@ANYBLOB="0200230374be100000000000100000"]) 20:05:13 executing program 2: r0 = socket$inet_dccp(0x2, 0x6, 0x0) ioctl$BTRFS_IOC_RESIZE(r0, 0x890d, 0x0) 20:05:13 executing program 4: r0 = syz_open_dev$vim2m(&(0x7f0000000000)='/dev/video#\x00', 0x0, 0x2) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc0205647, &(0x7f0000000180)={0x0, 0x0, 0xffffffffffffffe5, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "394327e3"}, 0x0, 0x0, @planes=0x0}) 20:05:13 executing program 5: r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$DCCPDIAG_GETSOCK(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="540000001300110800"/56, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000060003"], 0x54}}, 0x0) 20:05:13 executing program 3: r0 = socket$inet_dccp(0x2, 0x6, 0x0) ioctl$BTRFS_IOC_RESIZE(r0, 0x8923, &(0x7f0000000200)={{}, {@void}}) 20:05:13 executing program 1: r0 = socket(0x2, 0x3, 0x101) connect$caif(r0, 0x0, 0x0) 20:05:13 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(0xffffffffffffffff, 0x8008551d, &(0x7f0000000000)={0x0, 0xd, [{}, {}, {}, {}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {0x0, 0x1}]}) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000040)=ANY=[@ANYBLOB="0200230374be100000000000100000"]) 20:05:13 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) sendto$l2tp(r0, &(0x7f0000000300)="cd", 0x4d0, 0x0, &(0x7f0000000340)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) 20:05:14 executing program 4: write$snapshot(0xffffffffffffffff, &(0x7f0000000080)="13", 0x1) r0 = pkey_alloc(0x0, 0x0) pkey_mprotect(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x4, r0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x27fd, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x101001, 0x0) write$snapshot(r1, &(0x7f0000000000)='A', 0xfffffdef) r2 = pkey_alloc(0x0, 0x0) pkey_mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x6, r2) write$snapshot(r1, &(0x7f0000000280)='\\', 0x1) 20:05:14 executing program 5: r0 = shmget$private(0x0, 0x3000, 0x1e2c, &(0x7f0000000000/0x3000)=nil) shmat(r0, &(0x7f0000000000/0x1000)=nil, 0x5000) r1 = shmat(0x0, &(0x7f0000000000/0x13000)=nil, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) shmdt(r1) 20:05:14 executing program 1: r0 = socket$inet6(0xa, 0x3, 0x8) setsockopt$packet_tx_ring(r0, 0x29, 0x4e, 0x0, 0x0) 20:05:14 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(0xffffffffffffffff, 0x8008551d, &(0x7f0000000000)={0x0, 0xd, [{}, {}, {}, {}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {0x0, 0x1}]}) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000040)=ANY=[@ANYBLOB="0200230374be100000000000100000"]) 20:05:14 executing program 3: r0 = socket$rds(0x15, 0x5, 0x0) recvfrom(r0, 0x0, 0x0, 0x80010142, 0x0, 0x0) 20:05:14 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_buf(r0, 0x84, 0x11, 0x0, &(0x7f0000000180)) 20:05:15 executing program 1: r0 = socket(0x2a, 0x2, 0x0) connect$l2tp6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x20) 20:05:15 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(0xffffffffffffffff, 0x8008551d, &(0x7f0000000000)={0x0, 0xd, [{}, {}, {}, {}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {0x0, 0x1}]}) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000040)=ANY=[@ANYBLOB="0200230374be10000000000010000020"]) 20:05:15 executing program 5: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x11, 0x68, &(0x7f00000006c0), 0x8) 20:05:15 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f00000000c0)={'team0\x00'}) 20:05:15 executing program 3: r0 = socket$rds(0x15, 0x5, 0x0) setsockopt$RDS_CONG_MONITOR(r0, 0x114, 0x8, 0x0, 0x4) 20:05:15 executing program 4: socket$tipc(0x1e, 0x9fd3ad1e561b85e7, 0x0) 20:05:15 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(0xffffffffffffffff, 0x8008551d, &(0x7f0000000000)={0x0, 0xd, [{}, {}, {}, {}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {0x0, 0x1}]}) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000040)=ANY=[@ANYBLOB="0200230374be10000000000010000020"]) 20:05:15 executing program 1: r0 = socket$inet6(0xa, 0x3, 0x4) sendto$l2tp(r0, 0x0, 0x0, 0x3, 0x0, 0x0) 20:05:16 executing program 5: r0 = socket(0xa, 0x3, 0x6) bind$l2tp6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0xff}, 0x20) 20:05:16 executing program 3: r0 = socket(0x2, 0x5, 0x0) accept4$unix(r0, 0x0, 0x0, 0x0) 20:05:16 executing program 2: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_buf(r0, 0x84, 0x10, 0x0, &(0x7f0000000180)) 20:05:16 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(0xffffffffffffffff, 0x8008551d, &(0x7f0000000000)={0x0, 0xd, [{}, {}, {}, {}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {0x0, 0x1}]}) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000040)=ANY=[@ANYBLOB="0200230374be10000000000010000020"]) 20:05:16 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCDARP(r0, 0x5421, &(0x7f00000000c0)={{0x2, 0x0, @dev}, {0x0, @link_local}, 0x0, {0x2, 0x0, @dev}, 'ip6_vti0\x00'}) 20:05:16 executing program 4: r0 = syz_open_dev$sndctrl(&(0x7f0000000080)='/dev/snd/controlC#\x00', 0x494c95f5, 0x0) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r0, 0x541b, 0x0) 20:05:16 executing program 5: r0 = syz_open_dev$vcsu(&(0x7f0000000080)='/dev/vcsu#\x00', 0x6, 0x0) read$alg(r0, 0x0, 0x0) 20:05:16 executing program 3: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_buf(r0, 0x84, 0x6c, 0x0, &(0x7f0000000180)) 20:05:17 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet6_opts(r0, 0x84, 0x75, 0x0, 0x0) 20:05:17 executing program 1: r0 = openat$vimc0(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/video0\x00', 0x2, 0x0) ioctl$VIDIOC_DQBUF(r0, 0xc0585611, 0x0) 20:05:17 executing program 0: r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcsa\x00', 0x101802, 0x0) write$bt_hci(r0, 0x0, 0x6) 20:05:17 executing program 5: r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/mISDNtimer\x00', 0x0, 0x0) ioctl$IMDELTIMER(r0, 0x80044941, 0x0) 20:05:17 executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x43, &(0x7f00000006c0)={0x0, 0x1, [], [@calipso={0x7, 0x8}]}, 0x18) 20:05:17 executing program 3: r0 = socket(0x10, 0x80002, 0x0) sendmsg$nl_xfrm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="230000002a0001"], 0x128}}, 0x0) 20:05:17 executing program 2: shmat(0x0, &(0x7f0000ffc000/0x1000)=nil, 0x5000) msync(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x6) 20:05:17 executing program 1: r0 = socket$inet6(0xa, 0x5, 0x0) sendto$l2tp(r0, &(0x7f0000000300)="cd", 0x1, 0x0, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10) 20:05:17 executing program 0: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$IP_VS_SO_SET_TIMEOUT(r0, 0x0, 0x21, 0x0, 0x0) 20:05:17 executing program 4: r0 = socket$inet6(0xa, 0x3, 0x4) sendto$l2tp(r0, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x2f) 20:05:18 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r0, 0x6, 0x8, &(0x7f0000000140)={@private2}, 0x14) 20:05:18 executing program 5: r0 = socket$l2tp6(0xa, 0x2, 0x73) sendmsg$L2TP_CMD_SESSION_GET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}}, 0x0) 20:05:18 executing program 2: r0 = socket(0x2, 0x3, 0x101) sendmsg$TEAM_CMD_PORT_LIST_GET(r0, &(0x7f0000003140)={0x0, 0x0, &(0x7f0000003100)={0x0}}, 0x4000011) 20:05:18 executing program 0: syz_mount_image$fuse(&(0x7f0000000580)='fuse\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)={{'fd'}, 0x2c, {'rootmode'}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 20:05:18 executing program 4: r0 = socket(0xa, 0x3, 0x35) sendmsg$NBD_CMD_STATUS(r0, &(0x7f0000000140)={&(0x7f0000000080)={0xa}, 0x2000008c, &(0x7f0000000100)={0x0}}, 0x5000000) 20:05:18 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x891b, &(0x7f0000000000)={'gre0\x00', 0x0}) 20:05:18 executing program 3: r0 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20\x00', 0x41, 0x0) write$nbd(r0, 0x0, 0x0) 20:05:18 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000300)='/dev/video#\x00', 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0x5452, &(0x7f00000003c0)={0x2}) 20:05:19 executing program 2: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000000)={0xffffffffffffffff, 0x0, "ae774e"}) 20:05:19 executing program 0: r0 = socket(0x23, 0x80002, 0x0) sendmsg$NFNL_MSG_COMPAT_GET(r0, &(0x7f0000000280)={&(0x7f0000000100), 0x2000010c, &(0x7f0000000140)={0x0}}, 0x0) 20:05:19 executing program 4: bpf$MAP_UPDATE_ELEM(0x10, &(0x7f00000002c0)={0xffffffffffffffff, &(0x7f00000001c0), 0x0}, 0x20) 20:05:19 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect(r0, &(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @mcast1, 0x2}, 0x80) connect(r0, &(0x7f0000000080)=@l2tp6={0x2, 0x0, 0xe0000000, @mcast2}, 0x80) 20:05:19 executing program 2: r0 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000080)='/proc/capi/capi20\x00', 0x0, 0x0) statx(r0, &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0) 20:05:19 executing program 3: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_buf(r0, 0x84, 0xd, 0x0, &(0x7f0000000180)) 20:05:19 executing program 5: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_REAPURB(r0, 0x80045505, 0x0) 20:05:19 executing program 0: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x2, 0x0) write$FUSE_WRITE(r0, 0x0, 0xffffffffffffff78) 20:05:19 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r0, 0x6, 0x11, &(0x7f0000000140)={@ipv4={[], [], @loopback}}, 0x14) 20:05:19 executing program 1: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_buf(r0, 0x84, 0x3, 0x0, &(0x7f0000000180)=0x300) 20:05:20 executing program 3: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0x13, &(0x7f0000000a00), 0x4) 20:05:20 executing program 2: write$snapshot(0xffffffffffffffff, &(0x7f0000000080)="13", 0x1) r0 = pkey_alloc(0x0, 0x0) pkey_mprotect(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x4, r0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x27fd, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0) read$snapshot(r1, &(0x7f0000000180)=""/247, 0xf7) 20:05:20 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040)='ethtool\x00') sendmsg$ETHTOOL_MSG_PAUSE_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000422418384b42167e0000180001801400020069705f76746930"], 0x2c}}, 0x0) 20:05:20 executing program 0: r0 = shmget$private(0x0, 0x3000, 0x1000, &(0x7f0000000000/0x3000)=nil) shmat(r0, &(0x7f0000000000/0x1000)=nil, 0x5000) pselect6(0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0}) 20:05:20 executing program 4: openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0x0, 0x0) [ 717.672353][ T28] audit: type=1804 audit(1599768320.559:34): pid=15928 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.2" name=2F726F6F742F73797A6B616C6C65722D746573746469723639333535353233382F73797A6B616C6C65722E5A65485152512F3231302F13 dev="sda1" ino=15718 res=1 20:05:20 executing program 1: r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r0, &(0x7f0000000000), 0x10) sendmsg$TIPC_CMD_SET_LINK_PRI(r0, &(0x7f0000000480)={&(0x7f0000000100), 0xc, &(0x7f0000000140)={&(0x7f0000000400)={0x68, 0x0, 0x0, 0x0, 0x0, {{}, {}, {0x4c, 0x18, {0x0, @media='eth\x00'}}}}, 0x68}}, 0x0) 20:05:20 executing program 3: r0 = socket(0x23, 0x5, 0x0) getpeername(r0, &(0x7f00000032c0)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @remote}}}, &(0x7f0000003340)=0x80) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r1, 0x89f0, 0x0) 20:05:20 executing program 2: r0 = socket$inet6(0xa, 0x3, 0x8) setsockopt$packet_tx_ring(r0, 0x29, 0x4a, 0x0, 0x0) 20:05:21 executing program 5: r0 = socket(0x2, 0x5, 0x0) getsockopt$kcm_KCM_RECV_DISABLE(r0, 0x84, 0x18, 0x0, 0x400000) 20:05:21 executing program 4: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet6_opts(r0, 0x84, 0x24, 0x0, 0x0) 20:05:21 executing program 1: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_buf(r0, 0x0, 0xc, 0x0, &(0x7f0000000180)) 20:05:21 executing program 2: select(0x0, 0x0, 0x0, &(0x7f0000000200), &(0x7f0000000280)) 20:05:21 executing program 3: r0 = socket(0x23, 0x2, 0x0) ioctl$SIOCX25CALLACCPTAPPRV(r0, 0xc0189436) 20:05:21 executing program 5: keyctl$join(0xe, 0x0) 20:05:21 executing program 4: r0 = socket(0xa, 0x3, 0x200000000000ff) ioctl$sock_SIOCADDRT(r0, 0x5411, &(0x7f0000000180)={0x0, @xdp={0x2c, 0x0, 0x0, 0x0, 0xb00}, @can, @ax25={0x3, @bcast}, 0x0, 0x0, 0x0, 0x600}) 20:05:21 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r0, 0x6, 0x1b, &(0x7f0000000140)={@private2}, 0x14) 20:05:21 executing program 2: r0 = socket(0xa, 0x3, 0x35) sendmsg$NBD_CMD_STATUS(r0, &(0x7f0000000140)={&(0x7f0000000080)={0xa}, 0x2000008c, &(0x7f0000000100)={0x0, 0xf4010000}}, 0x0) 20:05:21 executing program 1: r0 = socket$inet_dccp(0x2, 0x6, 0x0) ioctl$BTRFS_IOC_RESIZE(r0, 0x2, 0x0) 20:05:22 executing program 5: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$bt_l2cap_L2CAP_LM(r0, 0x29, 0x3, 0x0, 0x0) 20:05:22 executing program 2: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) read$midi(r0, &(0x7f00000000c0)=""/230, 0xe6) 20:05:22 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040)='ethtool\x00') sendmsg$ETHTOOL_MSG_PAUSE_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x14, r1, 0x1, 0x0, 0x0, {0x5}}, 0x14}}, 0x0) 20:05:22 executing program 1: r0 = socket$inet6(0xa, 0x3, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x541b, &(0x7f0000000200)={'vxcan1\x00'}) 20:05:22 executing program 3: keyctl$join(0x16, &(0x7f0000000180)={'syz', 0x1}) 20:05:22 executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect(r0, &(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @mcast1, 0x2}, 0x80) connect(r0, &(0x7f0000000080)=@l2tp6={0xa, 0x0, 0x0, @mcast2, 0x3}, 0x80) 20:05:23 executing program 5: r0 = socket(0x2, 0x3, 0x3) ioctl$sock_inet_tcp_SIOCOUTQ(r0, 0x8916, &(0x7f0000000000)) 20:05:23 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x8) setsockopt$packet_tx_ring(r0, 0x29, 0x3c, 0x0, 0x0) 20:05:23 executing program 0: r0 = syz_open_dev$sndctrl(&(0x7f0000000100)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(r0, 0x80dc5521, 0x0) 20:05:23 executing program 1: openat$nvram(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nvram\x00', 0x410002, 0x0) 20:05:23 executing program 4: r0 = socket(0x11, 0x2, 0x0) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000100)={&(0x7f0000000000), 0x2000000c, &(0x7f00000000c0)={0x0}}, 0x0) 20:05:24 executing program 0: r0 = socket(0x2, 0x3, 0x3) ioctl$sock_inet_tcp_SIOCOUTQ(r0, 0x8910, &(0x7f0000000000)) 20:05:24 executing program 1: r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0) ioctl$VFIO_CHECK_EXTENSION(r0, 0x4030582b, 0x0) 20:05:24 executing program 2: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000580)='/proc/sys/net/ipv4/vs/sync_persist_mode\x00', 0x2, 0x0) ioctl$MEDIA_IOC_REQUEST_ALLOC(r0, 0x80047c05, 0x0) 20:05:24 executing program 3: r0 = syz_open_dev$sndctrl(&(0x7f0000000040)='/dev/snd/controlC#\x00', 0x1, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r0, 0xc4c85513, &(0x7f0000000140)={{0x2, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x2]}) 20:05:24 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$inet_udp_int(r0, 0x10e, 0x8, 0x0, 0x0) 20:05:24 executing program 4: r0 = socket(0xa, 0x5, 0x0) sendmsg$rds(r0, &(0x7f00000035c0)={0x0, 0x0, 0x0}, 0x0) 20:05:24 executing program 3: r0 = socket(0x2, 0x3, 0x3) ioctl$sock_inet_tcp_SIOCOUTQ(r0, 0x890b, &(0x7f0000000000)) 20:05:24 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$inet_udp_int(r0, 0x10e, 0x5, 0x0, 0x0) 20:05:24 executing program 1: bpf$BPF_LINK_CREATE(0xb, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff, 0xaf9ee8b1aa5e5449}, 0x10) 20:05:24 executing program 5: keyctl$join(0xf, 0x0) 20:05:24 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_ifreq(r0, 0x89b0, &(0x7f0000000040)={'tunl0\x00', @ifru_mtu=0x531101}) 20:05:24 executing program 2: r0 = add_key$keyring(&(0x7f0000000280)='keyring\x00', &(0x7f0000000240)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000000140)='trusted\x00', &(0x7f00000000c0)=@chain={'key_or_keyring:', 0x0, ':chain\x00'}) 20:05:25 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_ifreq(r0, 0x8981, &(0x7f0000000040)={'tunl0\x00', @ifru_mtu}) 20:05:25 executing program 3: creat(&(0x7f0000000040)='./file0/file0\x00', 0x0) creat(&(0x7f0000000280)='./file0/file0\x00', 0x0) 20:05:25 executing program 1: r0 = syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x40101283, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "95db72024ef6233db03971ee69ea804a9a8b2513fc05cc57b56418967d48d2fe9278307bd3f07ff2067ad88d77cee11af37dfa7d3683e60c2337005a0b8a060d", "f3f33f2e1c6d556d0188133fed836d2382d5843ca2fbe14ac5fe7b1b2ae70a4eaa7128eadfdc0e77ff1408226d72693b9a2e2fbdf9cedfbb732276916ceb7697", "234c088a81c657e03448f6e7fde1a6e3c5615c70bb4c371da91703c60f4591f6"}) 20:05:25 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$MON_IOCX_MFETCH(r0, 0x2, &(0x7f00000000c0)={0x0}) 20:05:25 executing program 5: r0 = socket(0x11, 0x2, 0x0) recvmsg$can_raw(r0, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x2000) 20:05:25 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) sendmsg(r0, &(0x7f0000000b40)={&(0x7f0000000500)=@in6={0xa, 0x4e21, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7]}, 0x7}, 0x80, 0x0, 0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="d802"], 0x2d8}, 0x0) 20:05:25 executing program 0: ioprio_set$uid(0x0, 0xee00, 0x3) 20:05:25 executing program 5: r0 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000040)='/proc/capi/capi20\x00', 0x0, 0x0) read$FUSE(r0, 0x0, 0x0) 20:05:25 executing program 3: bpf$MAP_CREATE(0x0, &(0x7f00004f9fe4)={0xa, 0x6, 0x200f, 0x7f}, 0x40) r0 = bpf$MAP_CREATE(0x2, &(0x7f0000000000)={0x3, 0x0, 0x77fffb, 0x0, 0x820005, 0x0}, 0x2c) bpf$MAP_CREATE(0x4, &(0x7f0000000040)={0x3, 0x0, 0x0, 0x0, 0x20820000, r0}, 0x2c) 20:05:26 executing program 4: r0 = socket$kcm(0x11, 0x200000000000002, 0x300) recvmsg(r0, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x10000) 20:05:26 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f0000000400)={'wg2\x00'}) r2 = socket$isdn_base(0x22, 0x3, 0x0) r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = getuid() syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='mode=00000000000000000000004,uid=', @ANYRESHEX=r4]) syz_mount_image$gfs2(&(0x7f00000001c0)='gfs2\x00', &(0x7f0000000200)='./file0\x00', 0x40, 0x0, &(0x7f0000000240), 0x1002020, &(0x7f0000000480)=ANY=[@ANYBLOB='data=ordered,lockproto=lock_nolock,uid>', @ANYRESDEC=r4, @ANYBLOB=',fowner>', @ANYRESDEC, @ANYBLOB=',func=PATH_CHECK,permit_directio,fscontext=sysadm_u,hash,fowner=', @ANYRESDEC=r4, @ANYBLOB=',|ecwnoG?\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRESDEC=r4, @ANYBLOB=',dont_appraise,\x00']) openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000380)='/dev/btrfs-control\x00', 0x402081, 0x0) ioctl$IMGETDEVINFO(r2, 0x89a0, &(0x7f0000000080)={0x13, 0x0, 0x401000}) connect(r0, &(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x6}, 0x80) bind$isdn_base(r2, &(0x7f0000000240)={0x22, 0xff, 0x4, 0x3, 0x3}, 0x6) perf_event_open(&(0x7f00000000c0)={0x2, 0x70, 0x3, 0x1, 0xfe, 0x0, 0x0, 0x2c0, 0x80, 0x7, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x2, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x2, 0x2, @perf_bp={&(0x7f0000000440), 0x8}, 0x9080, 0xffffffffffffffff, 0xdf2, 0x8, 0x21, 0x9, 0x1}, 0xffffffffffffffff, 0x4000005, r3, 0x3) r5 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/sync_refresh_period\x00', 0x2, 0x0) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r5, 0xc00c642e, &(0x7f00000003c0)={0x0, 0x0, r5}) ioctl$IMGETDEVINFO(r5, 0x80044944, &(0x7f0000000180)={0x9}) 20:05:26 executing program 2: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0xaf01, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x4008af13, &(0x7f0000000300)) 20:05:26 executing program 0: r0 = syz_open_dev$ndb(&(0x7f00000000c0)='/dev/nbd#\x00', 0x0, 0x0) r1 = syz_open_dev$ndb(&(0x7f00000000c0)='/dev/nbd#\x00', 0x0, 0x0) r2 = socket(0xa, 0x3, 0x6) ioctl$NBD_SET_SOCK(r1, 0xab00, r2) ioctl$NBD_SET_SOCK(r0, 0xab03, 0xffffffffffffffff) r3 = syz_open_dev$ndb(&(0x7f0000000000)='/dev/nbd#\x00', 0x0, 0x0) ioctl$NBD_CLEAR_SOCK(r3, 0xab04) 20:05:26 executing program 5: r0 = socket$inet6(0xa, 0x3, 0x8) setsockopt$packet_tx_ring(r0, 0x29, 0x4e, 0x0, 0x3000000) 20:05:26 executing program 4: sendmsg$WG_CMD_GET_DEVICE(0xffffffffffffffff, 0x0, 0x0) [ 723.877545][T16066] block nbd0: shutting down sockets 20:05:26 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) dup2(r0, r0) 20:05:26 executing program 3: r0 = socket(0xa, 0x6, 0x0) ioctl$SIOCSIFHWADDR(r0, 0x8933, &(0x7f0000000040)={'macvtap0\x00', @link_local}) [ 724.045150][T16066] block nbd0: shutting down sockets 20:05:27 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) sendto$l2tp(r0, &(0x7f0000000000)="cd", 0x1, 0x26c, &(0x7f0000000340)={0x2, 0x0, @dev}, 0x10) 20:05:27 executing program 1: accept4$bt_l2cap(0xffffffffffffffff, 0x0, 0x0, 0x0) 20:05:27 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = eventfd(0x0) ioctl$KVM_IRQFD(r1, 0x4020ae46, &(0x7f0000000000)={r2, 0x0, 0x2, 0xffffffffffffffff, [0x0, 0x0, 0x6]}) 20:05:27 executing program 3: r0 = socket(0x15, 0x5, 0x0) sendmsg$inet(r0, &(0x7f00000008c0)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0}, 0x0) 20:05:27 executing program 5: shmat(0x0, &(0x7f0000000000/0x1000)=nil, 0x5000) pselect6(0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0}) r0 = shmget$private(0x0, 0x3000, 0x1e2c, &(0x7f0000000000/0x3000)=nil) shmat(r0, &(0x7f0000000000/0x1000)=nil, 0x5000) 20:05:27 executing program 4: keyctl$dh_compute(0x15, 0x0, 0x0, 0x0, 0x0) 20:05:27 executing program 1: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r0, 0x6, 0xc, &(0x7f0000000140)={@private2}, 0x14) 20:05:27 executing program 2: r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vcsu\x00', 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r0, 0x5452, &(0x7f0000000200)={'syztnl0\x00', 0x0}) read$FUSE(r0, &(0x7f0000000240)={0x2020}, 0x2020) 20:05:27 executing program 3: setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0x7, 0x0, 0x0) 20:05:28 executing program 0: r0 = socket$phonet_pipe(0x23, 0x5, 0x2) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x80108906, 0x0) 20:05:28 executing program 5: r0 = syz_open_dev$vcsu(&(0x7f0000000080)='/dev/vcsu#\x00', 0x6, 0x0) read$alg(r0, &(0x7f0000000000)=""/103, 0x67) 20:05:28 executing program 4: r0 = syz_open_dev$vim2m(&(0x7f0000000000)='/dev/video#\x00', 0x0, 0x2) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc0285628, &(0x7f0000000180)={0x0, 0x0, 0xffffffffffffffe5, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "394327e3"}, 0x0, 0x0, @planes=0x0}) 20:05:28 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) recvfrom$llc(r0, 0x0, 0x28, 0x0, 0x0, 0x0) sendmsg$L2TP_CMD_SESSION_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x14, 0x0, 0x4}, 0x14}}, 0x0) 20:05:28 executing program 2: r0 = socket$nl_crypto(0x10, 0x3, 0x15) sendmsg$nl_crypto(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=@get={0xe0, 0x10, 0x1, 0x0, 0x0, {{'ctr-twofish-avx\x00'}}}, 0xe0}}, 0x0) 20:05:28 executing program 0: r0 = socket(0x26, 0x5, 0x0) setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT(r0, 0x117, 0xa, 0x0, 0x0) 20:05:28 executing program 3: bpf$BPF_BTF_LOAD(0xd, 0x0, 0x0) 20:05:28 executing program 5: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r0, 0xab0a, 0x0) 20:05:29 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040)='wireguard\x00') sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f0000004a40)=ANY=[@ANYBLOB="180c0000", @ANYRES16=r1, @ANYBLOB="010000000000000000000100000008000100", @ANYRES32=0x0, @ANYBLOB="24000300a05ca84f6c9c8e3853e2fd7a70ae0fb20fa152600cb00845174f08076f8d7843980b0380"], 0xc18}}, 0x0) 20:05:29 executing program 4: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0xaf01, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x4008af10, &(0x7f0000000300)) 20:05:29 executing program 0: r0 = socket(0x23, 0x2, 0x0) ioctl$sock_inet_tcp_SIOCOUTQ(r0, 0x541b, 0x0) 20:05:29 executing program 5: prctl$PR_SET_MM_EXE_FILE(0x19, 0xd, 0xffffffffffffffff) 20:05:29 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448d2, &(0x7f0000000000)={0x0, 0x0, "ae774e"}) 20:05:29 executing program 2: r0 = socket(0x25, 0x1, 0x0) recvmsg$can_raw(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x40000300) 20:05:29 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_inet_udp_SIOCOUTQ(r0, 0x8980, &(0x7f0000000000)) 20:05:29 executing program 0: r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000001480)='/dev/dlm_plock\x00', 0x0, 0x0) ioctl$sock_qrtr_TIOCINQ(r0, 0x541b, 0x0) 20:05:29 executing program 4: r0 = socket$rds(0x15, 0x5, 0x0) setsockopt$RDS_CONG_MONITOR(r0, 0x114, 0x6, 0x0, 0x0) 20:05:29 executing program 5: r0 = socket(0x2a, 0x2, 0x0) sendmsg$TEAM_CMD_OPTIONS_GET(r0, &(0x7f000000ac00)={0x0, 0x0, &(0x7f000000abc0)={0x0}}, 0x4800) 20:05:30 executing program 2: r0 = syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x127f, 0x0) 20:05:30 executing program 3: r0 = syz_open_dev$sndctrl(&(0x7f0000000040)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r0, 0x84009422, 0x0) 20:05:30 executing program 1: r0 = socket(0xa, 0x2, 0x0) sendmsg$WG_CMD_GET_DEVICE(r0, &(0x7f0000005940)={0x0, 0x0, &(0x7f0000005900)={0x0}}, 0x0) 20:05:30 executing program 0: r0 = syz_open_dev$vim2m(&(0x7f0000000300)='/dev/video#\x00', 0xff, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000003c0)={0x0, 0x8}) 20:05:30 executing program 4: r0 = socket(0x2, 0x5, 0x0) getsockopt$inet_mreqn(r0, 0x0, 0x7, 0x0, &(0x7f0000000000)) 20:05:30 executing program 5: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet6_opts(r0, 0x84, 0x0, &(0x7f0000000380)=@routing, 0x8) 20:05:30 executing program 2: r0 = syz_io_uring_setup(0x7d3f, &(0x7f0000000240), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x40010, r0, 0x0) 20:05:30 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$bt_l2cap_L2CAP_LM(r0, 0x29, 0x1d, 0x0, 0x0) 20:05:30 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) socketpair(0x1e, 0x1, 0x0, &(0x7f0000001bc0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$MPTCP_PM_CMD_GET_LIMITS(r1, &(0x7f00000000c0)={0x0, 0x18, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[], 0x2000015c}}, 0x0) ioctl$sock_ifreq(r0, 0x89f0, &(0x7f0000000040)={'tunl0\x00', @ifru_mtu=0x5310ff}) recvmmsg(r2, &(0x7f0000001b00)=[{{&(0x7f0000000200)=@in6={0xa, 0x0, 0x0, @remote}, 0x80, &(0x7f0000001780)=[{&(0x7f0000000340)=""/138, 0x8a}], 0x1, &(0x7f0000001840)=""/195, 0xc3}}], 0x1, 0x0, 0x0) 20:05:31 executing program 4: r0 = socket(0xa, 0x3, 0x3) sendto$l2tp6(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 20:05:31 executing program 0: r0 = socket(0x1, 0x3, 0x0) ioctl$sock_inet6_udp_SIOCOUTQ(r0, 0x89e0, 0x0) 20:05:31 executing program 1: socket$kcm(0x11, 0x20000000000000a, 0x300) r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$SOCK_DESTROY(r0, &(0x7f0000000f40)={0x0, 0x0, &(0x7f0000000f00)={&(0x7f0000000c40)=ANY=[], 0x14}}, 0x0) 20:05:31 executing program 5: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x2, 0x0) write$FUSE_WRITE(r0, 0x0, 0x0) 20:05:31 executing program 2: r0 = socket$caif_stream(0x25, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, 0x0) 20:05:31 executing program 4: r0 = socket(0xa, 0x5, 0x0) sendmsg$WG_CMD_GET_DEVICE(r0, &(0x7f0000005940)={0x0, 0x0, &(0x7f0000005900)={0x0}}, 0x0) 20:05:31 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000000280)={&(0x7f0000000000)={0x2}, 0x2000000c, &(0x7f0000000240)={0x0}}, 0x0) 20:05:31 executing program 1: r0 = socket$inet(0x2, 0x3, 0xf9) getsockopt$inet_mreqn(r0, 0x0, 0x20, &(0x7f0000000040)={@broadcast, @multicast2}, &(0x7f0000000080)=0xc) 20:05:31 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_buf(r0, 0x0, 0x14, 0x0, &(0x7f0000000180)) 20:05:32 executing program 2: r0 = syz_open_dev$vim2m(&(0x7f0000000300)='/dev/video#\x00', 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0x8933, 0x0) 20:05:32 executing program 4: r0 = socket(0x2a, 0x2, 0x0) ioctl$sock_inet_tcp_SIOCOUTQ(r0, 0x5411, &(0x7f0000000080)) 20:05:32 executing program 3: r0 = socket(0x2, 0x5, 0x0) getsockopt$kcm_KCM_RECV_DISABLE(r0, 0x84, 0x29, 0x0, 0x400000) 20:05:32 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet6_opts(r0, 0x84, 0x82, 0x0, 0x0) 20:05:32 executing program 1: r0 = socket$nl_crypto(0x10, 0x3, 0x15) sendmsg$nl_crypto(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000500)=@alg={0x75, 0x10, 0x333, 0x0, 0x0, {{'ccm(camellia-asm)\x00'}, [0x9]}, [{0x8}, {0x8}]}, 0xf0}}, 0x0) 20:05:32 executing program 5: r0 = socket(0x2, 0x5, 0x0) getsockopt$kcm_KCM_RECV_DISABLE(r0, 0x84, 0x1a, 0x0, 0x400000) 20:05:32 executing program 2: r0 = syz_open_dev$vim2m(&(0x7f0000000300)='/dev/video#\x00', 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000003c0)={0x0, 0xc}) 20:05:32 executing program 4: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_LISTEN(r0, &(0x7f0000000000)={0x7, 0x8}, 0x10) 20:05:32 executing program 0: accept4$tipc(0xffffffffffffffff, 0x0, 0x0, 0x0) 20:05:32 executing program 3: socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x5421, &(0x7f0000000280)={'sit0\x00', 0x0}) sendto$packet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 20:05:32 executing program 1: r0 = socket(0xa, 0x3, 0x3) ioctl$sock_inet_tcp_SIOCOUTQ(r0, 0x89e1, 0x0) 20:05:32 executing program 5: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1}, 0x4) syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000140)='NLBL_UNLBL\x00') 20:05:33 executing program 2: r0 = syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$MON_IOCX_MFETCH(r0, 0x40049409, &(0x7f00000000c0)={0x0}) 20:05:33 executing program 4: r0 = socket(0xa, 0x3, 0x6) sendmsg$L2TP_CMD_SESSION_MODIFY(r0, &(0x7f0000000180)={&(0x7f0000000040), 0xfffffffffffffd8c, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16, @ANYBLOB="010028bd7000ffdbdf250700000014002000fc00000000001000000000000000000105000700020000000c0016000100000000000000050006002000000008000b0002000000"], 0x4c}, 0x1, 0x0, 0x0, 0x41}, 0x40040) 20:05:33 executing program 0: r0 = socket$l2tp6(0xa, 0x2, 0x73) getsockopt$bt_l2cap_L2CAP_CONNINFO(r0, 0x6, 0x2, 0x0, 0x0) 20:05:33 executing program 3: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_buf(r0, 0x0, 0x50, 0x0, &(0x7f0000000180)) 20:05:33 executing program 1: socket$kcm(0x11, 0x20000000000000a, 0x300) r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$SOCK_DESTROY(r0, &(0x7f0000000f40)={0x0, 0x0, &(0x7f0000000f00)={0x0}}, 0x0) 20:05:33 executing program 5: r0 = socket(0x2, 0x5, 0x0) getsockopt$kcm_KCM_RECV_DISABLE(r0, 0x84, 0x71, 0x0, 0x400000) 20:05:33 executing program 4: r0 = socket(0x21, 0x2, 0x2) sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f00000000c0)={&(0x7f0000000000), 0xc, &(0x7f0000000080)={0x0}}, 0x0) 20:05:33 executing program 2: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCADDRT(r0, 0x890b, &(0x7f00000003c0)={0x0, @ethernet={0x0, @link_local}, @ethernet={0x0, @link_local}, @vsock={0x28, 0x0, 0x0, @local, 0x1000000}}) 20:05:33 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$inet_udp_int(r0, 0x11, 0x0, 0x0, 0x0) 20:05:34 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x8) setsockopt$packet_tx_ring(r0, 0x29, 0x1b, 0x0, 0x0) 20:05:34 executing program 1: r0 = epoll_create1(0x0) fcntl$lock(0xffffffffffffffff, 0x0, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) fcntl$lock(0xffffffffffffffff, 0x0, 0x0) fcntl$lock(r0, 0x26, &(0x7f00000000c0)) 20:05:34 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) bind$unix(r0, &(0x7f0000000140)=@file={0x0, './file0\x00'}, 0x6e) 20:05:34 executing program 4: r0 = syz_open_dev$sndctrl(&(0x7f0000000040)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r0, 0xc00455d0, 0x0) 20:05:34 executing program 2: r0 = socket(0x1, 0x1, 0x0) ioctl$sock_inet_tcp_SIOCOUTQ(r0, 0x80108906, 0x0) 20:05:34 executing program 0: r0 = socket(0x1e, 0x5, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, 0x0, 0x0) 20:05:34 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) bind(r0, 0x0, 0x0) 20:05:34 executing program 1: r0 = socket(0x1e, 0x2, 0x0) getsockopt$kcm_KCM_RECV_DISABLE(r0, 0x10f, 0x1, 0x0, 0x0) 20:05:34 executing program 5: r0 = socket(0x11, 0x3, 0x0) getsockopt$inet6_dccp_int(r0, 0x21, 0x0, 0x0, 0x0) 20:05:35 executing program 2: syz_open_dev$sndctrl(&(0x7f00000003c0)='/dev/snd/controlC#\x00', 0x93c, 0x8200) 20:05:35 executing program 4: r0 = syz_open_dev$dri(&(0x7f00000001c0)='/dev/dri/card#\x00', 0x0, 0x0) ioctl$DRM_IOCTL_MODE_REVOKE_LEASE(r0, 0xc00464c9, &(0x7f0000000040)) 20:05:35 executing program 3: setsockopt$netlink_NETLINK_CAP_ACK(0xffffffffffffffff, 0x10e, 0xa, 0x0, 0x0) 20:05:35 executing program 0: r0 = socket(0x10, 0x803, 0x0) sendto$l2tp(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 20:05:35 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480)='/dev/ptmx\x00', 0x0, 0x0) sync_file_range(r0, 0x0, 0xdd8, 0x0) 20:05:35 executing program 5: r0 = socket(0xa, 0x2, 0x0) getpeername(r0, 0x0, 0x0) 20:05:35 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000200)}}, 0xfffffffffffffde0) 20:05:35 executing program 0: r0 = socket$l2tp(0x18, 0x1, 0x1) bind$l2tp(r0, 0x0, 0x0) 20:05:35 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = add_key$user(&(0x7f0000000280)='user\x00', &(0x7f0000000180)={'syz'}, &(0x7f0000000000)="03", 0x1, 0xfffffffffffffffd) r1 = add_key$user(&(0x7f00000002c0)='user\x00', &(0x7f0000000200)={'syz', 0x0}, &(0x7f0000000600)="9c", 0x1, 0xfffffffffffffffe) r2 = add_key$user(&(0x7f00000000c0)='user\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340)="585ccbe4ed83b836c1a6474914dc55e72206297b6895b66147b3c7218a9169a85ea0bdc9e1587a050000000000000042e33089754c8107c3cd3923dd4a71c2ff06007b6b4816122d2550829eaa9435c99926022b8753a188748c569f435fb3bae96efb74b50ec93c152f5e8e198a29e5c0d0c60000ce0637ce003d661ff5ff70e48884ca000018cea71fcfacf40d32e4b58a8d2725561f6110fd7b06f90b5274cc5c1e298a16324fe27da2a9d5ba9ff3c009d308bd73f4772539", 0x2b2, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r2, r1}, &(0x7f0000000640)=""/243, 0xf3, &(0x7f0000000240)={&(0x7f0000000080)={'rmd160-generic\x00'}}) io_setup(0x0, 0x0) 20:05:35 executing program 3: r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0) fsetxattr$trusted_overlay_upper(r0, &(0x7f00000000c0)='trusted.overlay.upper\x00', &(0x7f0000000300)={0x0, 0xfb, 0xfbd, 0x0, 0x0, "cce57a2b694c4871c6146ac04ce65890", "200f993385f5039f42d024b65ef88117493afc5a18392f24a7830bd5914486c6265da437a663fbefbde3e891bb09889d7971f8e90702a1dd60106c624a41e31317ceeedcffa7282416e6b7ab2c12583df8bb049bb7f51a3bd72511c0c33cb138e2169db8c6277c49130c3cc83aebd04a542f9ed32ace7d4de02150e95fc963c1d32801b8f3c7362198d2c338a1a27263144212b440af6a3f693aed82fabc5d0c753de9437fe73ce40b6662cdf1b9cb1b589a8218fb86a2ed6836fe434f7986043725834fbad8a9de421aa5949f02113e737ebda45937f7944b2dbcfae414bcb3118ebcfd23e756d423c083fdf344dcdfe89b400b7443aefcea30d4613f1074abd99cf6ceaac3bf9f0ad2a3f7a02b353c4d4ace019af7a3335aa0bfa980c73b77b9bb7a9d0d4a3f88429dbfd17115be3c3a35331bb46d8a54526134bc42a8f9badebddc5d915665d72f397dad99dcc58aba156a37f5f5b9044c7578ee2bb0aa49c4ed0085bff2aad440561fecf92b0f120fa295adc58b0adecc2e67c93648c71e6f2ec677edfa20d1fba2f7a6e4d6af4d33eab2f3a83799b5d2b0800e81687a4ce1e6f839bb821370f98cff97f3a54b4c0395225f11a6f73c5ba097a5c2e0c54547b8bc866a26414e36ad5ce66ccada657656e359c465597cece5197246b1ee5909cd39181b91bf0633fccf8217c0e1e2bdb0d31018e0ac81e89bb7a69d7b11ab91dcafdb511feee58b1078632d42bf927beff4c071ef12eb616d3923ce8df112130cd4496edcd26ae4939ef6a9d9e1c3395cac60c543ca5c306f82c3c8309c105f47522a6c7a1913493c0915950e8e74e5470a24cf586bcf987c1fd63e44e0e59a5348f02df895fbd5712cd7e7acc7f483c04718beef1752574c2bb0307ff1356fb3da3c11c17ac7c1b5bf23d3bfe541906817ce7a8fd781e2680542e7c7eac71c21c7b19ad15caf9b895bad20daa57308e581b02fd6beea960a4dc3d4a4de2d62a14de8878df00b499768d190922b1975e58be754e874226f8696bcb0cf8cae8d770fd620fb87f14eaf1dba15b914039b1b8179c785d12940207fca3e75cc5720a7f352f855c5b8e84b69a9606996694614f5ab61f30c571c8953c7dcb446f6b7fe3eae991acd55060602d825e0cc6490d1b02e8065701d98a18d820b658cf352f65ad0471b17ee1db36c7608a40f85aba053c66e1a7603431e9d492609ba6811dc15b4e78ff775a23b73c00173802e2f6955e2e8d02cef9c951bac9f222481affe5d5563fd7759ef171e9dc6eebc2c6aa2ce8ea99b16cd29f67101cccc79c3ff6cc5a925df6607ba5f169f1eac52a4dc8659bda754d6a8251477865dcb236a60086b41a2d9abff41b5f646eee3b7edd0f84f1373916cbd39b0619e1a58b09a473b5d79e175b96fc5672c7a92601cc099406ab80db9b05aa2cfbe9f238f06f6e994553dfcdaf6cab640b8726f8ac2d0ec420704f9ef9120587ff02b8925afdd21029a5fd2a34142047970bf92b71abd4d9b570314f297b93a2079498a1439d532c9e9cbc0406ba41a6823a543ec484aa4250773b0f49d008ad4590af11950a1625b7ba4e55d000214bb81cb8be69b3557059d87a3fa7b59e2dc5f424ef385943a04b3c3bebb3b11833a8bc48680e65ede5c5e23982e5aa7c872dbe7cd63fe1c73bccd3a08c2af5f09320c07105a405f0b0991950190afff83da3654e3ff92edf7247787b53d4fab1a52eb5e3324bfa72aa8212931b92b034c6d6627c6e01826a1aa3460d5ed592e72f8d4345e009a41025e09d708b9f69cd8caaa13427d2739e160f2058969694ce3fd7cde79c8020edc6b448414bbc58cd503048c174eb724713a2a8e92e9fadbb7c15181beb53e24c3adeaef4746c5b1c99b35208e1e65a8345d7177fe9ce4e56958db8e039f17d5f1b442b0519169abc59a32621b0f4469f19778ffc875ad854bf37dba73878296b55707dc98f2b41d8c67835e80d2dc533396b336a17150815fe5b584221a581565eb3234282fd8d4b210bd962a13743954382ca63fb01d775b35e8e38cdde8aabcc6833b557fc6f27da77c3310cac3513b21bd7925f805513af79b38c7642ec1574d075f57e22deb4036fe8a8158a66fa588fd8427a8121b1b6a0a2c16830d82c97038defcebba8225e3faa000d7c499aec8082fb66fc1b1fcee6ac8c0952103bf3b1d9a5a5f128f605b84d9a99c32631647ade75ebfbb0742cc4af36fce3b871dc04e9d20fea7348c185f6bda6f50855f2026cc6401b68a19f516c880abdeffe89f157f31aff687b527f7fe1e0995016a46f13f8b475c20ec7d0ca2ecdde031abf99c71ee5a9505043b1f07df2265a49950b7d980da35b896fc2716159a8f2aef8b99c828382b8ba1d92e40995cef8ade4eb6f27493d3f33cd6b60083725d185e5bacdc9bdcb0a74bb53fd9fddc7e4b06376b68985682dbaeff730719acff1b56d8a86174a052e82e9939e92b4df869c60a10c61a93f3b025ccfa840b68b684cb03ac96b38250db8df652d790159f813f97ab41a1ac4ac4b531ea0bfb4136cfa23f5e09bf656e458c32424dc85283192736c2d3d7a90b2de14cbab8fe69435d0b3771dea18ac20774a8f411d388f5dc315221238b792d192d604cbe6c74b053e469f72f865b9d8e55c3095945a8e4c05fdba59fe99afbd984310671c72117726caecb05fb50d43124f10a24f0a302516bd6872f5be9354dc656bddebc1d472851833ffe20458cfe54cb1db6357b42c487610398640d1e94e37c6831dfb032e03e21ff0884de3f988d6e38d110c7dc4fb0d75b74524862fc9bc96fb2617f7334a20d14035b4c730e42325ef3d9f60033b10a0e49d2c421b2cde41e5b0483635e54f83e38f5f367a5c1e263249780a10bbdf7aaec46d0f9ab1076dadeb478bf5b48c2d300c0689ec86b3165fbd5bf9272f060b88302c4b7a93c276a0ab1f714db662f961ab505954c63e0d73b10a5d8e9e609bc9987b4a6de727ed50a94e10abf4c6a301e0e46fc52fd27014d95300d5e1bec98ae9f470c997cbf8cc9ee67aba4fc7d75fffffc295c35090bb00efa842eb91a962ac5b65716fe6ee479f22b2b1f12b974a72d021dc16626c1974d0ca3a7497850a400d6d0a5f46a949e61137a2a639de034475b94d4bcdb7b863a75b19c2730618a4fe0fe2c169a1124aff0f887484c494acee84e6737bbd04ed5c7240c8459e795de9005090b6a49738d6921efbf4bd33782fd50c38bfc24b7b8f30e42ad0bebb3ccc8e6a37b77e3e797f598006769d445c9f77845614f50d7bb33c3c693b32a6c5742434dc8de397ea8d5dae94a98c12d2354ade64276119658aa60dae576f5b0aea8b5ba185d65e3a3c72aa3ec929f6f1bd78f34d4c456651f34624956f7abd1ca590ab184e832fc8ecc00b09e7af658140e8d98cbbf0d551c7280d3dbbf514da90a290aa8efc20a1951578f652bf837b588bdccbff280b801e8085d7134ddff215b1c4a21b3e42e0bfe60871041a8d6ff9d652669fec3da4646d4da05093dcace43341905c24d42a752e71e4bf3365cdb2312231d20be01c8b142645dd07ba533033614bdf4998d6c1cf07690c45807db6a8f59d528207eefcf2da950c2e33745a1923440f42d0368ead44d64ac1370910b617412b349f3ae734448d7c2de268d2bf3130fd002b1572e6766d3a8b786b9ca51868026d11275a8098bf459e294f245067aca61d1151abb09b4d324afeba3154e769d7c82fc6345d2e79b977ee64015839faaafa20bdedf8fab0c2af86c3a692275e3e9e308bc213ef11056fdf91cccb7c9c036c9bf4c304de60271da07523e568deb7f2ad2aff13b3e9922c480eb5b662f4a95fc14990ca754c8a252ec451dad197222017a5f185c7b74a9f0471e0c36e1e5f6c8b241f2ead0587b093cc7f89f692311725b3c2c80a138e11dfb12333a1091019ab02df3d1541ed278a9a851c49c3b7f8be79a0fc339eee06858deab1083c469c782926afa914731f62b92da754e0fbb7b68791987fc7dc53662509038770e23d8f8e3a7fb8d95200cac0fdb932bcee01fd7797b3aecbfbb3d9516bfd45cf0ca9a5f7c9698c8d6c791659242099276ee198a0928fdb6bfbed77bb38ab9caed80631af2fb4539516fdc47deb85be4eefa865d3ea2a5235f36964faf7db7eb531c688bdd960b898ad284214ec9b2fa40d1cc2169ac0a335df82188b007f96feb5062ce99d99528d03891e0577a8f3af4a0fa1b49fc56fe4c73731c464fce3101a51f8f465fc9faf66b020455aba502a1f34be424c1c5c690a9c8b247f1034758e51c8bad94bce6cc3119d383d0fffa0212b99b9935514388fcd19905c49ce65020ad97e5fa97d47b97b668f643d2798187430dc86744009a84fcc46ec7f37b105cfe23bb6038d2efb322128662b35598cc25a0a9250c595d11c640b045f05020686d8bf469f1cbb018c21800a518a98411488a2ea93fe98abaffd70724764986a4f28174de756163d22e688715fecc7e3774128e37441dfc2f966973d1cc6ab5f0acde8ca60879cb17bc4f1a00033812252fdd34e621ffe36d66766654447d5b12e7e6dc7361dd570ce3c59efe7e97ec6e4dc6136cc131bf4f1fd2f5db1939ea97abd9fbd8a8622844e0ad8668c5b21ae5addbb18551d951f4641fd00d7565386ab2971472a8c8376ab11af09e7eeec783b8cb7de8d2550890b1042ee9004a8ffe2753a8408919e5dbe816b6b2dd0e09519a0cb041760b7e6bded5752c25b86f4a3985ffb3389d7ba3c1c3bc0d31178d83b83a4f3b0170b40dae3545c0734557327d52947b7a2a2bd5bb6e9175e12bcfac4f089bb7a3e0ab1970a1c41029dc134c93dbf4293b861b80e691b17c728605010d6b9bfbdaf3279a357ff9c08d0df0562f57b989c4da3e09dba54506fd9b4ad4c8255ac792c83409acd30eee5cf402ac84ab74ccaef8c774d2f8b970e7bb6c749cf00fda29209c2e88974f58c96c174f883fc259a612a09b97fd8a50bf083471f4ea7ba0fc0799bf948f2b3d5419ce83708a72bc0edbabd515b2e98307b537058c1c441fa505c059f36122e90e693e2a5252a51310a38e9970097ebe24f4ea891a7050fe3ed68d59f82e6685e3dfb329e1e16c793c6c77806f34801a2fc6abbb2e5d46c579c846445508b4c0558afca90e65cf0b21cda2cde0320544bb755711ce1687e5be0326fc6ec0322e5b324c7d433502328c1e77628266e4968aab6457595c423929d60b17455459a5f883e30325c8ccd3cecaa649acbbe2ad1525da15f7d97dc6e321ec04498bea35571d03b860bc8f4b9243e0f622ad792798e1054a37b355b4b538b3c64bd91d30b96d605ff510ce853b8df3cb9710ac4e2547a38c6116760676a24137050acf56ba75f9e14f81908419c81e560fae902f75663efd60a47194bcf148124c7c072d0162c71eec698fa5fdfc12a31e9160a080fad78bf066be6744cff3ad6c66e498f70e8b96621549f861671b6d077e972c37fec461059266bd528e61db9f4041f57f68315d5342d0ef8db032f85e46a733ae1c0eb4758c4da261295e53d20f1b068e4a747f64765711ffa3de0f132572103d6583e689f376793e0a895637f7930a4efaf59ddc590f7ad6a57accdb02628abc85069b3e7404cd4383d8557ef17c55f26c"}, 0xfbd, 0x0) 20:05:35 executing program 1: r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) getsockopt$bt_sco_SCO_OPTIONS(r0, 0x11, 0x1, 0x0, 0xffffffffffffffff) 20:05:36 executing program 5: r0 = socket$inet_dccp(0x2, 0x6, 0x0) ioctl$BTRFS_IOC_RESIZE(r0, 0x8916, &(0x7f0000000200)={{}, {@void}}) 20:05:36 executing program 0: r0 = socket(0xa, 0x3, 0x6) bind$l2tp6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @ipv4={[], [], @broadcast}}, 0x20) 20:05:36 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8970, &(0x7f0000000040)={'team0\x00'}) 20:05:36 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x37, &(0x7f00000006c0), 0x8) 20:05:36 executing program 3: r0 = socket(0x2, 0x5, 0x0) setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT(r0, 0x84, 0x76, 0x0, 0x0) 20:05:36 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x4040ae79, &(0x7f0000000100)={0x0, 0x0, @ioapic={0x0, 0x0, 0x0, 0x1}}) 20:05:36 executing program 0: r0 = socket(0x2, 0x3, 0x101) recvmsg$kcm(r0, &(0x7f0000003f80)={0x0, 0x0, 0x0}, 0x20000040) 20:05:36 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x5450, 0x0) 20:05:37 executing program 2: r0 = io_uring_setup(0x5108, &(0x7f0000000000)) fchdir(r0) 20:05:37 executing program 1: r0 = epoll_create1(0x0) fcntl$lock(r0, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x1}) 20:05:37 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)={0x1c, 0x1, 0x1, 0x201, 0x0, 0x0, {0x3}, [@CTA_MARK_MASK={0x8}]}, 0x1c}}, 0x0) 20:05:37 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0x4188aea7, &(0x7f0000000040)=ANY=[@ANYRES64=r1, @ANYRESHEX]) 20:05:37 executing program 0: r0 = socket$xdp(0x2c, 0x3, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) fcntl$dupfd(r0, 0x0, r1) 20:05:37 executing program 5: r0 = socket(0x1, 0x3, 0x0) setsockopt$inet6_udp_int(r0, 0x11, 0x0, 0x0, 0x0) 20:05:37 executing program 1: r0 = add_key$keyring(&(0x7f0000000280)='keyring\x00', &(0x7f0000000240)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000000140)='.dead\x00', &(0x7f00000000c0)=@chain={'key_or_keyring:', 0x0, ':chain\x00'}) 20:05:37 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_ifreq(r0, 0x8933, &(0x7f0000000000)={'gretap0\x00', @ifru_addrs=@ax25={0x3, @null}}) 20:05:38 executing program 3: r0 = socket(0x25, 0x1, 0x0) recvmsg$can_raw(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x40000001) 20:05:38 executing program 4: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0) 20:05:38 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$IP_VS_SO_SET_TIMEOUT(r0, 0x0, 0x11, &(0x7f0000000000), 0xc) 20:05:38 executing program 0: r0 = socket(0xa, 0x5, 0x0) sendmsg$rds(r0, &(0x7f00000035c0)={&(0x7f0000000140)={0x2, 0x0, @loopback}, 0x4cbda036, &(0x7f0000001180)=[{&(0x7f0000002500)=""/4112, 0x1010}], 0x1}, 0x0) getsockname$packet(r0, 0x0, &(0x7f0000000180)) 20:05:38 executing program 1: r0 = socket(0x2, 0x5, 0x0) getsockopt$kcm_KCM_RECV_DISABLE(r0, 0x84, 0x76, 0x0, 0x400000) 20:05:38 executing program 2: r0 = socket(0x2, 0x6, 0x0) accept4$unix(r0, 0x0, 0x0, 0x0) 20:05:38 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r0, 0x6, 0x1d, &(0x7f0000000140)={@private2}, 0x14) 20:05:38 executing program 4: keyctl$join(0x10, 0x0) 20:05:38 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x488}}, 0x0) 20:05:39 executing program 1: r0 = socket(0x2, 0x5, 0x0) setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT(r0, 0x84, 0x7, 0x0, 0x0) 20:05:39 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f00000034c0)='devlink\x00') sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)={0x50, r1, 0x1, 0x0, 0x0, {}, [{@pci={{0x2d, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, {0x8}, {0xc}, {0xc}}]}, 0x50}}, 0x0) 20:05:39 executing program 2: r0 = socket(0xf, 0x3, 0x2) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0) socket(0x1a, 0x80000, 0x8) ioctl$BLKTRACESTART(r1, 0x1274, 0x0) setpriority(0x0, 0x0, 0x9) perf_event_open(&(0x7f0000000000)={0x1, 0x70, 0xc0, 0x57, 0x0, 0x0, 0x0, 0x1, 0x10000, 0x8, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xff, 0x4, @perf_config_ext={0xffffffff, 0x3}, 0x10142, 0x3f, 0x80000001, 0x0, 0xb544, 0x5, 0x1}, 0x0, 0xfffffffffffffffc, r1, 0x2) prctl$PR_SVE_GET_VL(0x33, 0xd90f) getpid() clone3(&(0x7f0000000900)={0x400a0100, &(0x7f0000000140), 0x0, 0x0, {}, 0x0, 0x0, &(0x7f0000000300)=""/173, 0x0}, 0x58) sendmsg$ETHTOOL_MSG_LINKSTATE_GET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}}, 0x0) 20:05:39 executing program 4: r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fuse\x00', 0x2, 0x0) syz_mount_image$fuse(&(0x7f0000000580)='fuse\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4001}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) write$FUSE_NOTIFY_INVAL_INODE(r0, &(0x7f0000000000)={0x28}, 0x28) 20:05:39 executing program 5: r0 = socket(0x2b, 0x1, 0x0) ioctl$SIOCSIFHWADDR(r0, 0x8905, &(0x7f0000000040)={'macvtap0\x00', @link_local}) 20:05:39 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_LAPIC(r2, 0x8400ae8e, 0x0) 20:05:39 executing program 1: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SFACILITIES(r0, 0x89e6, 0x0) [ 737.115084][T16384] IPVS: ftp: loaded support on port[0] = 21 20:05:40 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, 0x0, 0x0) 20:05:40 executing program 0: r0 = syz_open_dev$dri(&(0x7f0000000240)='/dev/dri/card#\x00', 0x6, 0x0) ioctl$DRM_IOCTL_SWITCH_CTX(r0, 0x40086424, 0x0) 20:05:40 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$inet_udp_int(r0, 0x10e, 0x0, 0x0, 0x0) [ 737.808380][T16407] IPVS: ftp: loaded support on port[0] = 21 20:05:40 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet6_opts(r0, 0x84, 0x0, 0x0, 0x0) 20:05:40 executing program 4: syz_open_dev$sndctrl(&(0x7f0000000140)='/dev/snd/controlC#\x00', 0x0, 0x2ea40) 20:05:40 executing program 0: r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/dlm_plock\x00', 0x0, 0x0) read$hidraw(r0, 0x0, 0x0) 20:05:40 executing program 3: r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f00000000c0)={0x19, 0x4, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x0, 0x2000000]}, 0x40) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r0, &(0x7f0000000200), &(0x7f0000000880)=@tcp6=r0}, 0x84) [ 738.794962][T16384] lo speed is unknown, defaulting to 1000 [ 739.748227][T16407] lo speed is unknown, defaulting to 1000 [ 740.058795][T11586] tipc: TX() has been purged, node left! 20:05:44 executing program 2: write$rfkill(0xffffffffffffffff, 0x0, 0x0) 20:05:44 executing program 5: clock_gettime(0x3, &(0x7f0000000040)) 20:05:44 executing program 1: r0 = syz_open_dev$sndctrl(&(0x7f0000000040)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r0, 0xc008551a, 0x0) 20:05:44 executing program 3: socketpair(0x1e, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$can_j1939(0x1d, 0x2, 0x7) recvmsg$can_j1939(r1, &(0x7f0000000300)={&(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @broadcast}}, 0x80, &(0x7f0000000140)=[{&(0x7f00000001c0)=""/244, 0xf4}, {&(0x7f0000000100)=""/56, 0x38}], 0x2, &(0x7f00000002c0)=""/1, 0x1}, 0x0) shmget(0x0, 0x3000, 0x1684, &(0x7f0000ffc000/0x3000)=nil) sendmsg$IPVS_CMD_NEW_DEST(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}, 0x1, 0x0, 0x101d0}, 0x0) syz_usb_ep_read(0xffffffffffffffff, 0x65, 0x6f, &(0x7f0000000000)=""/111) 20:05:44 executing program 0: r0 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0xc00, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_STATUS64(r0, 0xc0385725, 0x0) 20:05:44 executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet(r0, &(0x7f0000002b00)=[{{&(0x7f0000000000)={0xa, 0x0, @multicast1}, 0x10, 0x0}}], 0x1, 0x0) 20:05:45 executing program 4: r0 = socket$inet6(0xa, 0x3, 0x8) setsockopt$packet_tx_ring(r0, 0x29, 0x12, 0x0, 0x3000000) 20:05:45 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) connect$bt_rfcomm(r0, &(0x7f0000000000)={0x1f, @none}, 0xa) 20:05:45 executing program 0: r0 = socket(0x2, 0x5, 0x0) getsockopt$kcm_KCM_RECV_DISABLE(r0, 0x84, 0x73, 0x0, 0x400000) 20:05:45 executing program 1: r0 = socket$inet6(0xa, 0x3, 0x8) setsockopt$packet_tx_ring(r0, 0x29, 0x2a, 0x0, 0x3000000) 20:05:45 executing program 2: r0 = socket(0x2, 0x5, 0x0) getsockopt$kcm_KCM_RECV_DISABLE(r0, 0x84, 0x82, 0x0, 0x400000) 20:05:45 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040)='ethtool\x00') sendmsg$ETHTOOL_MSG_PAUSE_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000422418384b42197e0000180001801400020069705f76746930"], 0x2c}}, 0x0) 20:05:45 executing program 3: r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000000)={0x18, 0x0, {0x5, @dev, 'geneve1\x00'}}, 0x1e) sendmsg$TIPC_NL_MEDIA_GET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x6}, 0x0) 20:05:45 executing program 0: r0 = socket(0x22, 0x2, 0x2) setsockopt$PNPIPE_ENCAP(r0, 0x113, 0x1, 0x0, 0x0) 20:05:45 executing program 5: r0 = socket(0xa, 0x5, 0x0) recvfrom$packet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 20:05:46 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040)='wireguard\x00') sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f0000004a40)=ANY=[@ANYBLOB="180c0000", @ANYRES16=r1, @ANYBLOB="0100000000000000000001000000080008"], 0xc18}}, 0x0) 20:05:46 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200)='nl80211\x00') sendmsg$NL80211_CMD_GET_MESH_CONFIG(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x1c, r1, 0x1, 0x0, 0x0, {0x2}, [@NL80211_ATTR_IFINDEX={0x8, 0x10}]}, 0x1c}}, 0x0) 20:05:46 executing program 0: r0 = socket(0x1e, 0x5, 0x0) sendmsg$TIPC_CMD_GET_LINKS(r0, &(0x7f0000000180)={&(0x7f0000000040), 0xc, &(0x7f0000000140)={0x0}}, 0x45) 20:05:46 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_ifreq(r0, 0x8980, &(0x7f0000000040)={'tunl0\x00', @ifru_mtu}) [ 743.692545][T16515] netlink: 'syz-executor.2': attribute type 16 has an invalid length. 20:05:46 executing program 3: r0 = socket(0xa, 0x3, 0x35) sendmsg$NBD_CMD_STATUS(r0, &(0x7f0000000140)={&(0x7f0000000080)={0xa, 0x9}, 0x2000008c, &(0x7f0000000100)={0x0}}, 0x0) 20:05:46 executing program 5: r0 = socket$phonet_pipe(0x23, 0x5, 0x2) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x541b, 0x0) [ 743.816952][T16517] netlink: 'syz-executor.2': attribute type 16 has an invalid length. 20:05:46 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)={'team0\x00'}) 20:05:47 executing program 2: r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000001000)={0x0, 0x89c095cd3fe88419, 0x800}, 0x20) 20:05:47 executing program 0: bpf$BPF_BTF_LOAD(0x13, &(0x7f00000003c0)={&(0x7f0000000280)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0x1a}, 0x20) 20:05:47 executing program 4: r0 = socket(0x2, 0x5, 0x0) setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT(r0, 0x84, 0x79, 0x0, 0x0) 20:05:47 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_buf(r0, 0x84, 0x8, 0x0, &(0x7f0000000180)=0x300) 20:05:47 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae03, 0xf) ioctl$KVM_GET_IRQCHIP(r1, 0x5451, 0x0) 20:05:47 executing program 1: r0 = socket(0xa, 0x3, 0x200000000000ff) bind$xdp(r0, 0x0, 0x0) 20:05:47 executing program 2: r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$DCCPDIAG_GETSOCK(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="540000001300110100"/56, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000060003001101"], 0x54}}, 0x0) 20:05:47 executing program 4: write$snapshot(0xffffffffffffffff, &(0x7f0000000080)="13", 0x1) r0 = pkey_alloc(0x0, 0x0) pkey_mprotect(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x4, r0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x27fd, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x101001, 0x0) write$snapshot(r1, &(0x7f0000000000)='A', 0xfdef) 20:05:47 executing program 0: r0 = syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x40081271, 0x0) 20:05:48 executing program 5: r0 = socket(0x15, 0x5, 0x0) recvmmsg(r0, &(0x7f0000006a80)=[{{&(0x7f0000005c40)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @ipv4}}}, 0x80, 0x0}}], 0x1, 0x40002103, 0x0) ioctl$IMGETVERSION(r1, 0x40049409, 0x0) 20:05:48 executing program 3: r0 = socket(0x1, 0x3, 0x0) ioctl$sock_inet6_tcp_SIOCOUTQ(r0, 0x89e0, 0x0) 20:05:48 executing program 1: pkey_mprotect(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0, 0xffffffffffffffff) openat$snapshot(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$snapshot(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$snapshot(0xffffffffffffffff, 0x0, 0x0) r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) ioctl$sock_netrom_SIOCADDRT(r0, 0x890b, 0x0) 20:05:48 executing program 2: creat(&(0x7f00000002c0)='./file0\x00', 0x0) bpf$ITER_CREATE(0x21, 0x0, 0x0) 20:05:48 executing program 4: openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x4281, 0x0) 20:05:48 executing program 3: socketpair(0x0, 0x0, 0x0, &(0x7f0000000000)) shmat(0x0, &(0x7f0000000000/0x1000)=nil, 0x4000) 20:05:48 executing program 5: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/cuse\x00', 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8004e500, 0x0) 20:05:48 executing program 0: r0 = socket(0x11, 0x3, 0x0) connect$l2tp6(r0, 0x0, 0x0) 20:05:48 executing program 1: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_buf(r0, 0x0, 0x29, &(0x7f0000000200)="6453bd6c79470ce6348c3f976fc851b9", 0x10) 20:05:49 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$bt_l2cap_L2CAP_LM(r0, 0x29, 0xb, 0x0, 0x0) 20:05:49 executing program 4: shmat(0x0, &(0x7f0000000000/0x1000)=nil, 0x5000) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x0, 0x0, @ipv4={[], [], @multicast2}}}}, 0x84) 20:05:49 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x8937, &(0x7f0000000280)={'syztnl0\x00', &(0x7f0000000300)={'gre0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @rand_addr, @broadcast}}}}) 20:05:49 executing program 3: r0 = socket(0xa, 0x5, 0x0) ioctl$SIOCSIFHWADDR(r0, 0x8933, &(0x7f0000000040)={'macvtap0\x00', @multicast}) 20:05:49 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0xf0ff7f}, 0x0) 20:05:49 executing program 1: socket(0x0, 0x3, 0x2) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket(0x0, 0x80000, 0x8) ioctl$BLKTRACESTART(r0, 0x1274, 0x0) setpriority(0x0, 0x0, 0x9) perf_event_open(&(0x7f0000000000)={0x1, 0x70, 0xc0, 0x57, 0xff, 0x0, 0x0, 0x1, 0x10000, 0x8, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xff, 0x4, @perf_config_ext={0xffffffff}, 0x10142, 0x3f, 0x80000001, 0x0, 0xb544, 0x5, 0x1}, 0x0, 0xfffffffffffffffc, r0, 0x2) prctl$PR_SVE_GET_VL(0x33, 0xd90f) getpid() clone3(&(0x7f0000000900)={0x400a0100, &(0x7f0000000140), 0x0, 0x0, {}, 0x0, 0x0, &(0x7f0000000300)=""/173, 0x0}, 0x58) 20:05:49 executing program 2: r0 = syz_io_uring_setup(0x3c91, &(0x7f0000000000), &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000080)) mmap$IORING_OFF_SQ_RING(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x100010, r0, 0x0) 20:05:49 executing program 4: r0 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000080)='/proc/capi/capi20\x00', 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCADD6RD(r0, 0x40305839, 0x0) 20:05:50 executing program 3: ioctl$HIDIOCSFEATURE(0xffffffffffffffff, 0xc0404806, 0x0) [ 747.245375][T16594] IPVS: ftp: loaded support on port[0] = 21 20:05:50 executing program 5: r0 = socket$inet6(0xa, 0x5, 0x0) sendto$l2tp(r0, &(0x7f0000000300)="cd", 0x1, 0x0, &(0x7f0000000340)={0x2, 0x0, @multicast2}, 0x10) 20:05:50 executing program 0: r0 = socket$kcm(0x11, 0x200000000000002, 0x300) sendmsg(r0, &(0x7f0000000e40)={&(0x7f0000000600)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @private0}}, 0x80, 0x0}, 0x0) 20:05:50 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_ipv6_tunnel_SIOCGET6RD(r0, 0x89f8, 0x0) 20:05:50 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r0, 0x6, 0x2, &(0x7f0000000140)={@empty}, 0x14) 20:05:50 executing program 3: r0 = socket(0x2, 0x5, 0x0) sendmsg$ETHTOOL_MSG_WOL_GET(r0, &(0x7f0000000180)={&(0x7f0000000000), 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x14}, 0x14}}, 0x0) [ 748.008390][T16616] IPVS: ftp: loaded support on port[0] = 21 20:05:50 executing program 5: ioprio_set$uid(0x0, 0xee00, 0xdf27ef08145a27bc) 20:05:51 executing program 0: r0 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) preadv2(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 20:05:51 executing program 2: r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$DCCPDIAG_GETSOCK(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="540000001300110100"/56, @ANYRES32=0x0, @ANYBLOB="0000000000ffffff9e000000000000000600030011"], 0x54}}, 0x0) [ 748.326169][T16594] lo speed is unknown, defaulting to 1000 [ 749.621231][T16616] lo speed is unknown, defaulting to 1000 [ 750.017807][ T8534] tipc: TX() has been purged, node left! 20:05:52 executing program 1: syz_mount_image$cifs(0x0, &(0x7f0000001980)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) lstat(&(0x7f0000003940)='./file0\x00', &(0x7f0000003980)) 20:05:52 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r0, 0x6, 0xc, &(0x7f0000000140)={@ipv4={[], [], @loopback}}, 0x14) 20:05:52 executing program 4: r0 = syz_open_dev$vim2m(&(0x7f0000000000)='/dev/video#\x00', 0x0, 0x2) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc0205647, &(0x7f0000000180)={0x0, 0x500, 0xffffffffffffffe5, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "394327e3"}, 0x0, 0x0, @planes=0x0}) 20:05:52 executing program 5: r0 = socket(0x11, 0x3, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x107, 0x5, 0x0, 0x300) 20:05:52 executing program 0: r0 = syz_open_dev$sndctrl(&(0x7f0000000040)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r0, 0xc008551c, 0x0) 20:05:52 executing program 2: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_buf(r0, 0x84, 0x7d, 0x0, &(0x7f0000000180)) 20:05:53 executing program 2: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000080)={0x800}) 20:05:53 executing program 3: socketpair(0x2a, 0x0, 0x0, &(0x7f0000000180)) 20:05:53 executing program 0: r0 = socket$inet6(0xa, 0x3, 0x8) setsockopt$packet_tx_ring(r0, 0x29, 0x2b, 0x0, 0x0) 20:05:53 executing program 5: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect(r0, &(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @mcast1, 0x2}, 0x80) connect(r0, &(0x7f0000000080)=@in={0x2, 0x0, @dev}, 0x80) write$binfmt_script(r0, 0x0, 0x0) 20:05:53 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0x9, &(0x7f0000000280)={0x0, @in={{0x2, 0x0, @loopback}}}, &(0x7f0000000340)=0x98) 20:05:53 executing program 1: clock_gettime(0xc87a2e2d4f4107df, 0x0) 20:05:53 executing program 2: keyctl$get_security(0x13, 0x0, 0x0, 0x0) 20:05:54 executing program 3: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$IP_VS_SO_SET_TIMEOUT(r0, 0x84, 0x24, 0x0, 0x0) 20:05:54 executing program 0: request_key(&(0x7f0000000000)='keyring\x00', &(0x7f0000000080)={'syz', 0x0}, &(0x7f00000000c0)='tunl0\x00', 0x0) 20:05:54 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040)='ethtool\x00') sendmsg$ETHTOOL_MSG_PAUSE_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a00)={0x2c, r1, 0x1, 0x0, 0x0, {0x6}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team0\x00'}]}]}, 0x2c}}, 0x0) 20:05:54 executing program 4: keyctl$dh_compute(0x9, 0x0, 0x0, 0x0, 0x0) 20:05:54 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_ifreq(r0, 0x89f0, &(0x7f0000000040)={'tunl0\x00', @ifru_mtu=0x5310ff}) socket$inet6(0xa, 0x6, 0x0) 20:05:54 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect(r0, &(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @mcast2, 0xffffffc0}, 0x80) connect(r0, &(0x7f0000000080)=@l2tp6={0x2, 0x0, 0xe0000001, @mcast2}, 0x80) 20:05:54 executing program 3: r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0) io_uring_setup(0x0, 0x0) write$UHID_INPUT2(r0, &(0x7f0000000300), 0x6) 20:05:54 executing program 0: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$IP_VS_SO_SET_TIMEOUT(r0, 0x84, 0x7d, 0x0, 0x0) 20:05:54 executing program 4: r0 = socket$rds(0x15, 0x5, 0x0) sendmsg$rds(r0, &(0x7f0000002440)={&(0x7f0000000000)={0x2, 0x0, @broadcast}, 0x10, 0x0}, 0x0) 20:05:55 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r0, 0x6, 0x2, &(0x7f0000000140)={@private2}, 0x14) 20:05:55 executing program 1: syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$ceph(0x0, &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) rmdir(&(0x7f00000004c0)='./file0\x00') 20:05:55 executing program 2: r0 = socket(0x1, 0x1, 0x0) ioctl$sock_inet_tcp_SIOCOUTQ(r0, 0x89e0, 0x0) 20:05:55 executing program 0: r0 = socket$inet_dccp(0x2, 0x6, 0x0) ioctl$BTRFS_IOC_RESIZE(r0, 0x8953, 0x0) 20:05:55 executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x12, 0xc, 0x4, 0x8, 0x0, 0x1}, 0x8d) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r0, &(0x7f0000000000), &(0x7f0000000080)=@tcp6=r1}, 0x20) 20:05:55 executing program 4: r0 = socket(0x29, 0x5, 0x0) setsockopt$bt_hci_HCI_DATA_DIR(r0, 0x0, 0x1, 0x0, 0x0) 20:05:55 executing program 5: bpf$BPF_MAP_GET_FD_BY_ID(0x10, &(0x7f0000000080)={0x0, 0x0, 0x30}, 0xc) 20:05:56 executing program 0: epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000000)) 20:05:56 executing program 2: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SFACILITIES(r0, 0x5411, 0x0) 20:05:56 executing program 1: statx(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0) 20:05:56 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0xa, 0xfa00, {0x0, &(0x7f0000000000)={0xffffffffffffffff}, 0x111}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000200)={0x3, 0x40, 0xfa00, {{0x6000000, 0x0, 0x0, @loopback}, {0xa, 0x0, 0x0, @remote}, r1}}, 0x48) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000440)={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @ipv4}, {0xa, 0x0, 0x0, @dev}, r1, 0x22b9f80}}, 0x48) 20:05:56 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$wireguard(&(0x7f00000002c0)='wireguard\x00') sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000640)={0x14, r1, 0x409, 0x0, 0x0, {0x2}}, 0x14}}, 0x0) 20:05:56 executing program 5: r0 = signalfd(0xffffffffffffffff, &(0x7f0000000080), 0x8) read(r0, &(0x7f0000000300)=""/221, 0xdd) 20:05:56 executing program 2: shmat(0x0, &(0x7f0000000000/0x1000)=nil, 0x5000) syz_open_dev$usbfs(&(0x7f0000002480)='/dev/bus/usb/00#/00#\x00', 0x48b7, 0x8000) 20:05:56 executing program 0: recvfrom$rxrpc(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) 20:05:57 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000200)='/dev/vbi#\x00', 0x2, 0x2) ioctl$VIDIOC_S_STD(r0, 0x40085618, &(0x7f0000000340)) 20:05:57 executing program 4: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000040)=ANY=[@ANYBLOB="0280"]) 20:05:57 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000000)='/dev/nbd#\x00', 0x0, 0x0) ioctl$NBD_SET_SOCK(r0, 0x1263, 0xffffffffffffffff) 20:05:57 executing program 2: r0 = socket$inet6(0xa, 0x3, 0x8) setsockopt$packet_tx_ring(r0, 0x29, 0x35, 0x0, 0x0) 20:05:57 executing program 0: r0 = socket$inet6(0xa, 0x3, 0x8) setsockopt$packet_tx_ring(r0, 0x29, 0x1e, 0x0, 0x3000000) 20:05:57 executing program 1: r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0) fchown(r0, 0xffffffffffffffff, 0x0) 20:05:57 executing program 4: sendto$llc(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) 20:05:58 executing program 3: r0 = socket(0x25, 0x1, 0x0) io_setup(0x5, &(0x7f00000002c0)=0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f0000000380)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}]) io_cancel(r1, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0) [ 755.236621][ T8534] tipc: TX() has been purged, node left! 20:05:58 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x18, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000611984020000000095000000400000008f4eb5d66130285d61a4d6652560e745e21123bb27003daf40ab9519efd587d823e0ef4b70f39af78ac6570dd2dfdf5d5ff6458c4de3093d8eaba9700bb8"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x287b361ae6c523fa, 0x10, &(0x7f0000000000), 0x128}, 0x48) 20:05:58 executing program 2: r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0) ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000300)) 20:05:58 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x43, &(0x7f00000006c0), 0x8) 20:05:58 executing program 0: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0xaf01, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0x4004af07, 0x0) 20:05:58 executing program 4: r0 = socket(0x1e, 0x2, 0x0) getsockopt$kcm_KCM_RECV_DISABLE(r0, 0x119, 0x1, 0x0, 0x0) 20:05:58 executing program 3: r0 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000040)={0x42}, 0x10) r1 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000040)={0x42}, 0x10) sendmsg$tipc(r1, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x0) 20:05:59 executing program 5: r0 = syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x1269, 0x0) 20:05:59 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000000)='/dev/nbd#\x00', 0x0, 0x0) ioctl$NBD_CLEAR_QUE(r0, 0x1263) 20:05:59 executing program 0: r0 = socket(0x2, 0x6, 0x0) accept4$x25(r0, 0x0, 0x0, 0x0) 20:05:59 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$bt_l2cap_L2CAP_LM(r0, 0x29, 0x3c, 0x0, 0x0) 20:05:59 executing program 4: r0 = socket(0x10, 0x80002, 0xc) sendmsg$nl_xfrm(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="c2"], 0x50}}, 0x0) 20:05:59 executing program 3: r0 = socket(0x1e, 0x5, 0x0) sendmsg$can_bcm(r0, &(0x7f00000092c0)={&(0x7f00000091c0), 0x10, &(0x7f0000009280)={0x0}}, 0x0) 20:05:59 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmmsg$inet(r0, &(0x7f00000006c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, 0x0, 0xd0}}], 0x2, 0x0) 20:05:59 executing program 1: r0 = socket(0x1, 0x1, 0x0) sendmsg$DEVLINK_CMD_TRAP_POLICER_GET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}}, 0xc1) 20:05:59 executing program 2: socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x891e, &(0x7f0000000280)={'sit0\x00', 0x0}) 20:05:59 executing program 0: r0 = socket$inet_dccp(0x2, 0x6, 0x0) ioctl$BTRFS_IOC_RESIZE(r0, 0x891e, &(0x7f0000000200)={{}, {@void}}) 20:05:59 executing program 4: r0 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/renderD128\x00', 0x0, 0x0) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r0, 0xc0045540, 0x0) 20:06:00 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x89b0, &(0x7f0000000040)={'team0\x00'}) 20:06:00 executing program 1: r0 = syz_open_dev$sndctrl(&(0x7f0000000a40)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r0, 0x40405515, 0x0) 20:06:00 executing program 5: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) ioctl$NBD_SET_SOCK(r0, 0xab00, 0xffffffffffffffff) 20:06:00 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet6_opts(r0, 0x29, 0x39, &(0x7f0000000380)=@routing={0x0, 0x2, 0x4, 0x0, 0x0, [@local]}, 0x18) 20:06:00 executing program 4: r0 = socket(0x2, 0x5, 0x0) setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT(r0, 0x84, 0x15, 0x0, 0x0) 20:06:00 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0)) ioctl$PPPIOCDISCONN(r0, 0x40047451) 20:06:00 executing program 3: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_REAPURB(r0, 0x5523, 0x0) 20:06:00 executing program 1: shmat(0x0, &(0x7f0000000000/0x1000)=nil, 0x5000) syz_genetlink_get_family_id$tipc2(0x0) syz_open_dev$usbfs(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x0, 0x1c9241) 20:06:01 executing program 5: r0 = socket(0x2, 0x5, 0x0) getsockopt$kcm_KCM_RECV_DISABLE(r0, 0x84, 0x66, 0x0, 0x400000) 20:06:01 executing program 2: r0 = socket(0x10, 0x80002, 0x0) sendmsg$nl_xfrm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="28010000680001"], 0x128}}, 0x0) 20:06:01 executing program 4: r0 = socket(0x15, 0x5, 0x0) recvmmsg(r0, &(0x7f0000006a80)=[{{&(0x7f0000005c40)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @ipv4}}}, 0x80, 0x0}}], 0x1, 0x40002103, 0x0) ioctl$IMGETVERSION(r1, 0x40186366, 0x0) 20:06:01 executing program 0: socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x5421, &(0x7f0000000280)={'sit0\x00', 0x0}) sendmsg$IPVS_CMD_SET_INFO(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0) 20:06:01 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x8, 0x0, 0x0) 20:06:01 executing program 3: r0 = socket(0x15, 0x5, 0x0) sendmmsg(r0, &(0x7f0000001680)=[{{&(0x7f0000000000)=@sco={0x1f, @fixed}, 0x80, 0x0}}], 0x1, 0x0) [ 758.725915][T16861] netlink: 272 bytes leftover after parsing attributes in process `syz-executor.2'. 20:06:01 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) sendmsg$inet(r0, &(0x7f0000000340)={&(0x7f00000001c0)={0x2, 0x4e22, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000000300)=[@ip_tos_int={{0x18}}], 0x18}, 0x0) 20:06:01 executing program 2: socketpair(0x1e, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$phonet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 20:06:02 executing program 4: mmap$binder(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1, 0x11, 0xffffffffffffffff, 0x0) 20:06:02 executing program 0: bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x1a, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, [], 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x5}, 0x40) 20:06:02 executing program 1: r0 = syz_open_dev$ndb(&(0x7f0000000000)='/dev/nbd#\x00', 0x0, 0x0) ioctl$NBD_SET_SOCK(r0, 0xc0045878, 0xffffffffffffffff) 20:06:02 executing program 3: creat(&(0x7f00000002c0)='.\x00', 0x0) 20:06:02 executing program 5: write$snapshot(0xffffffffffffffff, &(0x7f0000000080)="13", 0x1) r0 = pkey_alloc(0x0, 0x0) pkey_mprotect(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x4, r0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x27fd, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x101001, 0x0) write$snapshot(r1, &(0x7f0000000000)='A', 0xffff8000) 20:06:02 executing program 2: r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/mISDNtimer\x00', 0x0, 0x0) ioctl$IMDELTIMER(r0, 0x80044941, &(0x7f0000000180)) 20:06:02 executing program 4: r0 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/renderD128\x00', 0x0, 0x0) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r0, 0x10, 0x0) 20:06:02 executing program 0: bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x7, 0x0, 0x0, 0x7fffffff}, 0x40) 20:06:03 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000000140)={'filter\x00', 0x0, 0x0, 0x0, [], 0x0, 0x0, 0x0}, &(0x7f00000001c0)=0x78) 20:06:03 executing program 3: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_buf(r0, 0x84, 0x8, 0x0, &(0x7f0000000180)) [ 760.400155][T16893] ebtables: wrong size: *len 120, entries_size 144, replsz 144 20:06:03 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) sendmsg$AUDIT_USER_AVC(r0, &(0x7f0000000440)={&(0x7f00000002c0)={0x2, 0x0, 0xfea9}, 0x1c, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="100060805e93be12d750dda97fe6a8e2b3008053bc7e12563eb995d30a934a1a7f459912f6096f887d33463b9b00"/55], 0x801}}, 0xfec0) recvmmsg(r0, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 20:06:03 executing program 4: r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) write$proc_mixer(r0, &(0x7f0000000100)=[{'LINE1', @val={' \'', 'Master', '\' '}}], 0x24) 20:06:03 executing program 0: r0 = socket(0xa, 0x3, 0x200000000000ff) ioctl$sock_SIOCADDRT(r0, 0x8936, &(0x7f0000000180)={0x0, @xdp={0x2c, 0x0, 0x0, 0xfc, 0xb00}, @can, @ax25={0x3, @bcast}, 0x0, 0x0, 0x0, 0x600}) 20:06:03 executing program 1: r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) connect(r0, &(0x7f0000000140)=@in6={0xa, 0x0, 0x0, @local}, 0x80) 20:06:03 executing program 3: r0 = socket(0x2, 0x5, 0x0) getsockopt$kcm_KCM_RECV_DISABLE(r0, 0x84, 0x29, 0x0, 0x7fffffffefff) 20:06:04 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCDARP(r0, 0x8954, 0x0) 20:06:04 executing program 5: socketpair(0x1e, 0x4, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) ioctl$SIOCPNGETOBJECT(r0, 0x89e0, &(0x7f0000000040)) 20:06:04 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_ipv6_tunnel_SIOCGET6RD(r0, 0x89f8, &(0x7f0000000140)={'ip6tnl0\x00', 0x0}) 20:06:04 executing program 0: ioctl$sock_bt_hidp_HIDPGETCONNINFO(0xffffffffffffffff, 0x800448d3, 0x0) 20:06:04 executing program 3: write$snapshot(0xffffffffffffffff, &(0x7f0000000080)="13", 0x1) r0 = pkey_alloc(0x0, 0x0) pkey_mprotect(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x4, r0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x27fd, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x101001, 0x0) write$snapshot(r1, &(0x7f0000000000)='A', 0xfffffdef) r2 = pkey_alloc(0x0, 0x0) pkey_mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x6, r2) write$snapshot(r1, &(0x7f0000000280)='\\', 0x4100) 20:06:04 executing program 0: bpf$BPF_MAP_GET_FD_BY_ID(0x13, 0x0, 0x0) 20:06:04 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x24}}, 0x0) 20:06:05 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_GET_MPP(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0}, 0x1, 0x0, 0x9effffff}, 0x0) 20:06:05 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_ipv6_tunnel_SIOCGET6RD(r0, 0x89f8, &(0x7f0000000140)={'ip6tnl0\x00', 0x0}) 20:06:05 executing program 5: socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg$can_j1939(r0, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x40012002) 20:06:05 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200230374be10000000000010000020f9"]) ioctl$USBDEVFS_REAPURB(r0, 0x4004550c, 0x0) 20:06:05 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x890b, &(0x7f00000002c0)={'batadv0\x00'}) 20:06:05 executing program 1: r0 = syz_open_dev$sndctrl(&(0x7f0000000040)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r0, 0x80045530, 0x0) 20:06:05 executing program 2: r0 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000001440)='/dev/dri/renderD128\x00', 0x0, 0x0) ioctl$DRM_IOCTL_MODE_REVOKE_LEASE(r0, 0xc00464c9, &(0x7f0000001400)) 20:06:05 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200230374be10000000000010000020f9"]) ioctl$USBDEVFS_REAPURB(r0, 0x4004550c, 0x0) 20:06:06 executing program 1: r0 = socket(0x23, 0x2, 0x0) ioctl$sock_inet_tcp_SIOCOUTQ(r0, 0x89e0, 0x0) 20:06:06 executing program 3: r0 = socket(0x23, 0x80002, 0x0) sendmsg$NFNL_MSG_COMPAT_GET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0) 20:06:06 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200)='nl80211\x00') sendmsg$NL80211_CMD_GET_MESH_CONFIG(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x28, r1, 0x1, 0x0, 0x0, {0x2}, [@NL80211_ATTR_IFINDEX={0x8}, @NL80211_ATTR_WDEV={0xc}]}, 0x28}}, 0x0) 20:06:06 executing program 2: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0xaf01, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x4008af14, &(0x7f0000000300)) 20:06:06 executing program 5: r0 = socket(0x2, 0x5, 0x0) setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT(r0, 0x84, 0x7d, 0x0, 0x0) 20:06:06 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200230374be10000000000010000020f9"]) ioctl$USBDEVFS_REAPURB(r0, 0x4004550c, 0x0) 20:06:06 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000100), 0x4) 20:06:06 executing program 4: r0 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, 0x0, 0xf00) 20:06:07 executing program 2: ioctl$sock_rose_SIOCDELRT(0xffffffffffffffff, 0x8902, &(0x7f0000000080)={@dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x0, @null, @bpq0='bpq0\x00', 0x0, [@bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @bcast, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}) r0 = socket(0xa, 0x3, 0x35) sendmsg$NBD_CMD_STATUS(r0, &(0x7f0000000140)={&(0x7f0000000080)={0xa}, 0x2000008c, &(0x7f0000000100)={0x0}}, 0x0) 20:06:07 executing program 5: sendmmsg$nfc_llcp(0xffffffffffffffff, &(0x7f00000042c0)=[{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000680)="dc0e434abc5ca4b5cc3b6a48609da4aa63141d", 0x13}], 0x1}], 0x1, 0x0) r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$DCCPDIAG_GETSOCK(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000640)={0x54, 0x13, 0x111, 0x0, 0x0, {}, [@INET_DIAG_REQ_BYTECODE={0x5, 0x3, "06"}]}, 0x54}}, 0x0) 20:06:07 executing program 3: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000240)='/dev/cuse\x00', 0x2, 0x0) read$FUSE(r0, &(0x7f00000005c0)={0x2020}, 0xf7ea98ae31f0d90b) 20:06:07 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200230374be10000000000010000020f9"]) ioctl$USBDEVFS_REAPURB(r0, 0x4004550c, 0x0) 20:06:07 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) unshare(0x400) connect(r0, &(0x7f0000000080)=@l2tp6={0xa, 0x0, 0x0, @mcast2, 0x2}, 0x80) 20:06:07 executing program 4: r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) read$hidraw(r0, 0x0, 0x0) 20:06:07 executing program 5: r0 = socket(0x1, 0x5, 0x0) recvmsg$can_raw(r0, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0) 20:06:07 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000000)='/dev/nbd#\x00', 0x0, 0x0) ioctl$NBD_SET_SOCK(r0, 0x40049409, 0xffffffffffffffff) 20:06:07 executing program 2: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_buf(r0, 0x0, 0xf, 0x0, &(0x7f0000000180)) 20:06:07 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_REAPURB(r0, 0x4004550c, 0x0) 20:06:07 executing program 1: bpf$BPF_PROG_GET_NEXT_ID(0x16, 0x0, 0x0) 20:06:07 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r0, 0x6, 0x22, &(0x7f0000000140)={@private2}, 0x14) 20:06:08 executing program 5: r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000001640)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) connect$caif(r0, 0x0, 0x0) 20:06:08 executing program 1: add_key(&(0x7f0000000440)='asymmetric\x00', 0x0, &(0x7f0000000040)="10c7", 0x2, 0xffffffffffffffff) 20:06:08 executing program 4: r0 = socket(0xa, 0x5, 0x0) getsockopt$inet_mreqn(r0, 0x0, 0x20, 0x0, &(0x7f0000000100)) 20:06:09 executing program 2: r0 = socket(0x1, 0x3, 0x0) ioctl$sock_inet6_tcp_SIOCOUTQ(r0, 0x8940, &(0x7f0000000100)) 20:06:09 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect(r0, &(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @loopback}, 0x80) sendmsg(r0, &(0x7f0000002840)={0x0, 0x0, &(0x7f0000002780)=[{&(0x7f0000000440)="fd", 0x1}], 0x1}, 0xbb8) 20:06:09 executing program 4: write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, 0x0}}, 0x20) arch_prctl$ARCH_GET_GS(0x1004, &(0x7f0000000040)) 20:06:09 executing program 1: r0 = socket(0x2, 0x3, 0x80) sendmsg$AUDIT_MAKE_EQUIV(r0, &(0x7f00000000c0)={&(0x7f0000000000), 0xc, &(0x7f0000000080)={0x0}}, 0x0) 20:06:09 executing program 5: bpf$BPF_MAP_GET_FD_BY_ID(0x6, 0x0, 0x0) 20:06:09 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_REAPURB(r0, 0x4004550c, 0x0) 20:06:09 executing program 2: r0 = socket$rds(0x15, 0x5, 0x0) setsockopt$RDS_CONG_MONITOR(r0, 0x114, 0x1d, 0x0, 0x0) 20:06:09 executing program 3: r0 = socket(0x2, 0x5, 0x0) getsockopt$kcm_KCM_RECV_DISABLE(r0, 0x84, 0x25, 0x0, 0x400000) 20:06:10 executing program 5: r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f00000000c0)={0x10, 0x4, 0x4, 0x4, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x0, 0x2000000]}, 0x40) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r0, &(0x7f0000000100), &(0x7f0000000180)=@udp}, 0x20) 20:06:10 executing program 1: r0 = socket(0x2, 0x5, 0x0) setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT(r0, 0x84, 0xd, 0x0, 0x0) 20:06:10 executing program 3: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$IP_VS_SO_SET_TIMEOUT(r0, 0x84, 0x48a, 0x0, 0x0) 20:06:10 executing program 4: r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/dlm_plock\x00', 0x0, 0x0) read$hidraw(r0, &(0x7f00000004c0)=""/193, 0xc1) 20:06:10 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040)='ethtool\x00') sendmsg$ETHTOOL_MSG_PAUSE_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x14, r1, 0x1, 0x0, 0x0, {0x3}}, 0x14}}, 0x0) 20:06:10 executing program 5: r0 = socket$inet6_sctp(0xa, 0x3, 0x84) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, 0x0, 0x0) 20:06:10 executing program 1: r0 = socket$inet6(0xa, 0x3, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x541b, 0x0) 20:06:10 executing program 3: r0 = socket(0xa, 0x3, 0x3) sendto$l2tp6(r0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0xa, 0x2, 0x0, @ipv4}, 0x20) 20:06:10 executing program 2: r0 = socket(0xa, 0x3, 0x35) sendmsg$NBD_CMD_STATUS(r0, &(0x7f0000000140)={&(0x7f0000000080), 0x2000008c, &(0x7f0000000100)={0x0}}, 0x0) 20:06:10 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_REAPURB(r0, 0x4004550c, 0x0) 20:06:10 executing program 4: r0 = socket(0x25, 0x5, 0x0) bind$x25(r0, 0x0, 0x0) 20:06:11 executing program 5: shmat(0x0, &(0x7f0000000000/0x1000)=nil, 0x5000) keyctl$join(0x1, &(0x7f0000000180)={'syz', 0x1}) 20:06:11 executing program 1: r0 = syz_mount_image$jfs(&(0x7f0000000000)='jfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x6, &(0x7f0000000480)=[{&(0x7f0000000080)="564a332036c8ce8c0121c0c3d27ec8cdd3008d9a6c4a3cc594c589aa2ae4c5d40e337e43b158e56d7f2882c796445f51a0c85fa35d92ac753a9d66c218275c58bd97ddffab5d10e434ed21beab60b0393aafb5f5e3bb015cae4884ea0d7f9590bbb76280b9", 0x65, 0x3f}, {&(0x7f0000000100)="13b880d42767cf83845ab88d6e2e7b6647ad20cd4cf76401b408067cc4ddbea552dcc7f91e08f4725931d4ab48c8bdca41d21cd08e2823f51359d9b5a0f5f3e5ba69a82df1532997a71a5fcdb23d6ade0feb01a7a99ed87395739521c49f35977746e7f430c2484d14d4033695593ebe98256554cf6636e3121725f1cf4603be2a42e76f753248663d98f62d0bb472324f4604f24a67f1c7cf933d3a74212fcc9101773ce6820aa206c1fd7d88a86c80adfa415ae74498f7244d0114be869273f7938e4cd31c2b710f059e42c0772c7b21b877bd084c2867c178ee57e8a379411828", 0xe2, 0x6}, {&(0x7f0000000200)="117cbf88d5d4103986dfacdfc3d2eb5c6aaa5b1c539b0874d677b8e7bea7770564a1d538870f6fc631006cbdfbcbb9a2", 0x30, 0x8000}, {&(0x7f0000000240)="10a3437e8ce5ab1f6741fee42234b596670a", 0x12, 0x1}, {&(0x7f0000000280)="1469f27e72efa921d9cf704f41c251acb247f4a5d4dcc7ae9fe3042611fc987221bf75a5e123376eab0d0674b316258b445df6bd470c30dd6a6145797269fa24fb94f2729974d62c59b691c3b1cb49f4b5530da2c6ba5b6ba22030c5479dc0f05daf59973c569e9dd05705abfd1642612959329b10e371261aa676343d9dc6feb128c4a2d1d170999e4f3f45ab881a3a73aafc6b3e7c2cf86597f60e25bc26592595f6a528d07f248168a3e9c72fdb56bc0d8e3c23a66e72d06eab31f73b32333d825a539ddd0d866c474b0d0fb1f0303406463761dd8309f5fc98178de5858c249dcfcb6ec1", 0xe6, 0x100000001}, {&(0x7f0000000380)="9c5b2b421ed6929ba9eda3eedb9cc9df0c8800a944d26df0461d00d344b8ce216b6afe76711302ab60845988fe76021b71d651fed7b98c5d9cd507b387ab6cb425e1503bdbed8f4405bba2710829bc1da14f221b9b1023d429fb7256b7d2a33ea66dc351bcb46c91a6bb81d986d70ba5ff95ab46f25d3062895cf54ac76d62fd8ea39b1937a7285746466f2f794070ac6425c98fc91357cb6556dceec44911a1fd940b66833af636c46904852258c3ad0b09baaebb9580649b6e98e05d4cbeb35464da0729f46fd5726fe85a6bb85a6c16cade3c5bce241eaa5853794e", 0xdd, 0x1}], 0x498000, &(0x7f0000000540)={[{@errors_continue='errors=continue'}], [{@smackfsdef={'smackfsdef', 0x3d, '['}}, {@euid_eq={'euid'}}, {@obj_type={'obj_type', 0x3d, '}'}}, {@euid_lt={'euid<'}}, {@permit_directio='permit_directio'}, {@context={'context', 0x3d, 'root'}}, {@subj_user={'subj_user', 0x3d, '7.*[-+-}'}}, {@smackfstransmute={'smackfstransmute', 0x3d, '.@:'}}]}) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r0, 0x40189429, &(0x7f0000000600)={0x1, 0x916, 0x2}) write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000640)={0x8, {"57b348235f9f34444f51a68bdf198529c82af589520f5f41c3ac5d8e6a752cd11b4928b857468a511acf25de016d601c5bc405d51f4d1940fb5bde9603544de4e39065fcf0c11c86d6d6433435c79b55602e44369c91867e00f710238f7afac837eea1b8635f175d7475f1eb06bc9e5d28fa0caf1103bd71447f930da6c975935881fbbc9670fd7a4d3e3f4a3851cf87b7ecfdb6ead88087c0ac7130bdb7adf78acb4c9726afeb26d6375bedd068d3204dc64deba95d4341f21b6c4bb98da594ffb02c47d942143cc82aa6710058ca87c4d93ee18421f0b171978ce0b9e471efe2709253ae83cef5fc5c69f36f60e05a8ee58a66c88e7929cf2f04e5ecd9745f4b9b0747bd4a91f8a10656a88d8c3614cc209255ac5f497917bd42eda9dfedc9e2974b60f35185d055c657be12c4fe2a471d649a8ea944610ba72cc1b40921e8c7c8782bb67088f42d8aa0e452a5c6550d9fad064b13ddb896faab6c30a81d5328046deaa35fe343326d88b7de1154819f4293a04e0ea50abba5d77b48fb0666cb8af89b53ac1cf5196cd7da5416f9eed3c92d5fe25fffc68da509a5a1154094d1c98dfa4bf63f03c2b7e33699c23ccf4f4e7858a1e05da6bc569bf65b6948306d0b79a15083656c3661f1dfbba1e7114d5a1d4211b87f6f0aed4851ca53d218bf7c12ed9d6a10cbb209b6f44e6ac4b4203f239741691b8824f1c839d08187e981216952b36458c416f66829e89812f6af3cb83ccdbcf0142fa0363fc7e358d3207a6731eb0a3402f77009e0128ab2ad6a0411c8e8b1ec04b73f40bb0656c5ff2f22c15545ec0ab3fff634f61b85dc8e127329977a903bfdaf2d2a882c8bd41d0856c30da67f582d0a3d868a86b5d1e67e1d8dbff902a1a7ef90fbf32d0ae270cac8fbebe6d85fc0d9e084d9e8a918622ad15f18e86cec1851f803da2ea1fadd7e38c51e21fee6d59dd0da3f6c3d6aa0c315ff2a8cd17540fbd2da72b1948a73bef106dbb7b83ed21bad42a1b2fac6702b7abb8aa50df5a9ecca6f97a8303540934817b4b20e32ccad493880a39adb8904bd33fdc61df2d177243973abfc614e7f6dd649462c8ff2c07fde99a2a4a2d5afcf0d12b0f6a64ae0834221b78e2d12a7db83927ee2f8b83ed6113698916b1cad5f5bec52dbbca6998350c2c48379941efc58bf4bb7a6e8612032b01be6b154e4b98889e4bf15d9e204dc21d08fe428291abbe6e10c88dc0305d6b71462a0a13e9bab706ceff86fea4c2a2f69747fb37ec97e81117fd3f76e464f0eb72c35298d2f6389952b3a6a6806a139e20991e02aa3fd168871611aa3f1dc5580f4f6077c2c3f1132feb77cd0483d0ae78a9193a53000a28a6f14a7ad848ab88406152ab6519254ea5dc2f977f3298b9db96092fb24150e37c2030e16c3a4c3ada21f0809c1a8f914b1d5c071b7eed996e32ead5292b87ef30520b4885a5ad335e8ccb19cf8c6782aa4d34b485b763a02ead510e129715d961562dcacd162fdc39f9f7b6dc41d954afe5103a68728dc8a6aaa2a99bf4df95663a66faf50789f2d88389ad4419499286740cad9295a0332a3d033764e0b3cee3c842bd04a2dc4bae2859464e15688a2d220b87c3a459d9b6d36c11ba5cc977ba1f2f0e0f42c3cba1c22eab88f926732fd838a36af0156647d2b644b4e84a9759fde39619dfcbdbfbf98a453533a78a6c36f1047cd7908e05512fe5d4039e6918a2cc1b956d2c3c0b9710fb132f0f9a52b160438a877b7c36676dff3b13c782d491e9cd9fccd1134b61b8a635b3cfe7a23da5406199dd364a77f9e41cedfc9f7fa8772904cf75b170084f1c252bc445068451c8762cd0c67c05b8aa2a3d47e306876eff98bfd2834c95b018a9cb4166a8bbf4fa71b680b2ef8df32c38479d0a47dcaff4cde07cb7666f4afe8cdbd131648341e93e9c3249b8ed7b708ab8bdbc6b759004ab8c2fca8d57880028361bc32948764af126ce553e7f42d6fe873d56a9b8a5f8e8e71de2f068ae42077921f7237478c7431b7f1c033b040e7104ede1ed8e6e4aa685f1c3c16d2101ed4d869688a78c13d3ebfcc4da3e7c1be0e391c842f9f72161d858d6b81f6509a09b0a6d58afa160ee3863c38406defd92fb301787823844a88b62fe3f890030e563bd1a467b487a27b35b01bc696462d6172c570db3e7d45e26e1dc85baffccb80e012c8af7657bbcd56dee6a8942922c3f546b36510f2a0111b51127cea12db34f7bedbf362eee222179be2945b57269fabebd86d99d5124bdf16ad4e00e8f46b7d8d817a3d3cb73bb89daea5134741a04cb01937fcbd78eebcf90c674074b0ce23b57f9a03a25bc0f3c5e77de559a973e0f7d19571333611103084f26262f18d7dbed3bc9e30e6b66afb49d93123a36e70e88219a6f7dcedd0e47af9ce85827baa76455fa3c00d056c92bf0d49485e2a11c7a5edb6490c6b0379afd3384ca31597dceea5e71cad5bbb21fba24211f666a02b48c77adb0a3a2040585a2a257e6b97e6fffc0259334bde1bac0e5ddc529300b07183a116259e39f46fb36aea9a68d91988dfec864bbeea4f72da5a0c3d0566719df47030ae8e91179857b7455b12bd9a72ca69499b17c9deb7885cdec318ad2408fa8f3cebb0344b51fe1ebfb2629d250fb2c19feeb01f43bd2ded41b7d435758709ecce88ae97cf9e3297d699fee49c195f53842046fa24b968f1e217844c531ef689fc2e59e9278e427f6ff65e894b8290e4184f9e1d3f28632526e66b5d223b9ebbeb0fee81e0623d8819f160818730b73739e09f116c7352b1d6300d57712e9e5fed79d0021467388d4ccbc0e6445c2c52655c79515661a400a73417ea0278790476aa1e39ea2885866388888513638f54ef0cc22ce174099a1236cd49b6bee6e0adc293681a327e1f7bb02bfc683bea44df54e46b8698577529f8d3845d48285202a4d14c56d0682af416edac3cfb980b7e1434cac957054690750f133512954fb3d15246acd7488c6a34feea528cbc8131b820604f12e8444c2024280d004e3007825ccde79e6c2ab8c297e6fd24fe61a89bdf8d7d77335bb99a8f4598012a51f3953b970ca0a47acd170f42284780e46c1e45f4cbbbe999a50ea14a61b91c65f7642eb4cb8e294c199263f9df9c79db7327c78c30867684caba3d119bbf2d74b0289d981ed4b3c661a453c3d60c3140bbad6c95e9924d9137bfacb7b7d9cd6088776ca9d549c406f235b2d5bebe17aaea2c151982c459a92ad1f970082d098630dcdda6a6da428f1d8ee1448f1562a6eeb32e2628277bc67da6c2f2a156f233504b585e1a59d0a3183e90b073022f45ff5d5ff247f8127a205ab719f404767316b934752323822bc5fc0cf5133215ef83ffaf6df3bb3524dffe35af5bd52ed3a6cff115d0037dd2dfb4f93db0ecedd47cc56cab40c1f87967be280983f2942e0f362df725d42f78b7cb5729b7636a73ed0b5e1a4f95fd823ee6c5344a23d6bcd01c539145c9daa94c08acc659147bbb53a7837272f87b6b03edc7d981e989476421bf962b621d4d1ec89ed92bfa13b194f622c15287c596dee5f1a7e1cc952d6f149693232b11bc889549f73a48bee6b02694acd1386feaed5d92d5115d7a03b9d9aef67cc04c739a8b5381a1bf654367d0ee4a19f88b19bf2be553722d745020bfb5428e60b4c7923e8c064fcea8588fc99caebfbf5978d82f299228ec06a6ef1d974a1acc7f7603a9e0ca7d83586680d8e516e92dbe94629246c2b4f913c3b11768ca9f72dab1d50afa9eeb45190d288b3b77ae2778a6cab2385786d93eef794d11c37ca9eced8f546a64041bfd13434401f64e2a1bc0eec7df8d3c4db21e453f520bf1972268b73dd017c107a40775f17da2a32e0e26ca7130b9c7a845823db0756b11df22332d9bd4c4fd7f4a31e344af3c0e5ebed6e7ae0d36db564c0747d08e2f62f60293aeee2819ee62b1024cb408624f0dc5b6cb29dfabb156aeb64bdedb5f3afb84887c515672718b38ed2a8065de7cf245172dd79dee40cf34156b04690d1eccbfedbd13eebb60a46e30fd8c559ed4dbf2ec873ef544e01c2f30cffc7371f883c54bad8b05e7514097f1d205371a0e7475a947fc1ae8f8860a88425e7e8cf12bbcdb2244d6d5d817a00276df3d90f11b38585797fd9cf4dd796a5980e956d17fcb91e55b63ac59b61e3d4dd93f59bb8f230d47466e5e687b8f14cc77b9251ad056e0bcfbbcf3bf523d361df4ac45c726bb0166ecec2cedefda4bd766064da62000eddbc3afe1a6b47cc148aa5cb52d0a5989f156a458b792ae5a68113bd5113ed776a23ed7c59a46ca3912a6eadec55f7840797322723cc51f811e9f454e2c2ab712bf78f039bf2d12015dce514e58b5668876432ad75bfbd39d0fea179041993f64dfccb1c9e85381c80c8ec6bb94e4629ed2afbbd088f5d2dd44942078cae6987a81d036308d9f03df5763a844aa676db3a940601744cc4350ca81fbb3db5be810359a7dbba85dca715931a897847c447c07079749024d67c1c12b22cbf1a6e2cb96e49d4c6b9c350834f52fa9152bf7a4c10eed8c99605c0e5ae4235a253b0526b62811ebe2c1e10fecb18ea352d865b87302be71edd215ee4d86be4cb7a1d7910c618ad77207fc02d713deb5741fc7caa0131b35bae5a4f60e5a6dd85f19f7e9de5cbba973b4a5f19f690789ff2cfec63d82cb14134c640f7865b1dc76e7c7307d4a8be37ae1cc94729b42e87c3a518183ef32b8e204af50b2d23a622e7ae993234a082857a62cb6e1bf2625ef00702612ec038c1f345ac8989bbe28b29677108dfbc9aa333af81e924df77086909c63a4617be8873b554ebe33c3e3402eefea0400b2d2a27dba6ed1306077a6207316e8d289be8bdc733676c33ec664446a028ff6c3f8ed717d654d16caf6a6e392690a8c297d699acd0405a867272cdb76a52fc6f63fcc30522f1392ff32cf9be44c23d0110972ec4a246e6b3d7fce0fb487fc49d896888dd58bcd8b16b068f0fa2f2809fe7eb4ec725583c069b0343fb0ac2504c074ebd922f1cf4eb3296782273e304dba232403c87169588e215a560dbbc1fa758a665083820425aa780332e92e1c697778d2542da4fb79e9e9097d282c4532d0d86d5fc6f8fb0e88676c8704dbeac8a2bfba050095c71d943863c7761365eab29dd3e96d6d6f837a84882bd6f184af6e066f52bc17bed79c239b3da25bdc959b3b159a3db31d0f811b98a6b7662e2ed70ecd751ac958e8c1a111e68452e3999b71120ca480c53c7fd2aac7e33db24bc74bedbf4fc1fa6e8f94dc3f5e143a41bdb61d6c792468adec118e9a8e20e58fdd3b0b0f801db00f45da8eb7ab19e7a18cb9673c5ea3551603c2fc138bbb8f9492dae3f04e96b7ef5707574bbc9013c655691beaf4a64bb2697edb2be471ba139059d548e87dd6f3a8d8646ca9de6741389de40513b523f7fce1fabf0e80be7f6b625d7c3ed108c272621adbc3f58fa741ea7fcf5705b7d92e5d08d048c94060678bbd1155d45269e7e8816371e237a571167460f79ffecfa69464628db39530fec5ea37f9e6d2205ff06c505b543b0f93e8e83ce72eb301c0195eecbf254b0e4e7d40c5eaef855771b096823adab136562fb4fa2cfc897f0db0a2820d973fe626bba66cd53d1b8365316822d870387bf5fa86e6dee10ff1df162479a20276b62944f172ba37582c912d3f7e849220986280b8c57e514d1186ebfb01ce93ec705f1895da73d46693dc670766161bb1528c804c60559cad81e6feebeab5c61c", 0x1000}}, 0x1006) fdatasync(r0) write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000001680)={0xe, {0x5, 0x2, 0x93, 0xaf, "784bab8a2e2981206177caf0ae470ac99616f4f032070c5c1f73da53140aebfe8e26f6d6f125dac62189639db97d6ecd00d55365e003242305924e6aa9a2a130f2c9961a3dd260f88df101ea711d4ead0abb64156dbafd0b7d996322557e78beb388663d16e1e2a89ceac996861805581ce6bbdc06bde6fe0ebfde389a5d24a354f61135b58ff4191db7717718957281f184f9a514da44c09508ed5c3f135d20a682644d42fd9cb8ab147a54c7d57f"}}, 0xbb) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0xc0506617, &(0x7f0000001740)={{0x0, 0x0, @reserved="e4b2c1f8a62ff5d38fd63a0eb398d28054b12d88e271243a5a3811e566872feb"}, 0x22, 0x0, [], "4f0b3d15c33d49feef07daf3612b7d0d58a83bc36831e872b6a316ec5d6c0a44280b"}) 20:06:11 executing program 4: r0 = socket(0x10, 0x80002, 0x0) sendmsg$nl_xfrm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="280100002c0001"], 0x128}}, 0x0) 20:06:11 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8953, &(0x7f0000000040)={'team0\x00'}) 20:06:11 executing program 3: bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff, 0xaf9ee8b1aa5e5449}, 0x10) [ 768.877347][T17064] netlink: 260 bytes leftover after parsing attributes in process `syz-executor.4'. 20:06:11 executing program 5: r0 = socket(0x10, 0x80002, 0x0) sendmsg$nl_xfrm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="28010000430001"], 0x128}}, 0x0) 20:06:12 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040)='ethtool\x00') sendmsg$ETHTOOL_MSG_PAUSE_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x13, r1, 0x1, 0x0, 0x0, {}, [@HEADER={0x4}]}, 0x18}}, 0x0) 20:06:12 executing program 2: shmat(0x0, &(0x7f0000000000/0x1000)=nil, 0x5000) getresgid(0x0, 0x0, 0x0) 20:06:12 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x7, 0x4, &(0x7f0000000200)=@framed={{0x18, 0x2}, [@call]}, &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x61, 0x10, 0x0}, 0x35) 20:06:12 executing program 3: bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x10}, 0x40) 20:06:12 executing program 0: ioctl$USBDEVFS_FREE_STREAMS(0xffffffffffffffff, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200230374be10000000000010000020f9"]) ioctl$USBDEVFS_REAPURB(0xffffffffffffffff, 0x4004550c, 0x0) [ 769.426939][T17073] netlink: 276 bytes leftover after parsing attributes in process `syz-executor.5'. 20:06:12 executing program 2: r0 = socket(0x1, 0x1, 0x0) sendmsg$L2TP_CMD_SESSION_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0) 20:06:12 executing program 5: select(0x40, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0x0) r0 = socket$l2tp6(0xa, 0x2, 0x73) sendmsg$L2TP_CMD_SESSION_GET(r0, &(0x7f0000000140)={&(0x7f0000000040)={0xa, 0x0, 0x78000000}, 0x69, &(0x7f0000000100)={0x0}}, 0x0) 20:06:12 executing program 1: r0 = socket(0x11, 0x800000003, 0x0) ioctl$sock_inet6_tcp_SIOCOUTQ(r0, 0x5411, &(0x7f0000000100)) 20:06:12 executing program 4: socket$kcm(0x11, 0x20000000000000a, 0x300) syz_mount_image$tmpfs(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$SOCK_DESTROY(r0, &(0x7f0000000f40)={0x0, 0x0, &(0x7f0000000f00)={0x0}}, 0x0) 20:06:12 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$CAN_RAW_LOOPBACK(r0, 0x65, 0x3, 0x0, 0x0) 20:06:12 executing program 0: ioctl$USBDEVFS_FREE_STREAMS(0xffffffffffffffff, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200230374be10000000000010000020f9"]) ioctl$USBDEVFS_REAPURB(0xffffffffffffffff, 0x4004550c, 0x0) 20:06:13 executing program 2: r0 = socket(0x23, 0x80002, 0x0) sendmsg$NFNL_MSG_COMPAT_GET(r0, &(0x7f0000000280)={&(0x7f0000000100)={0x23}, 0x2000010c, &(0x7f0000000140)={0x0}}, 0x0) 20:06:13 executing program 4: r0 = socket$rds(0x15, 0x5, 0x0) bind$rds(r0, &(0x7f0000000140)={0x2, 0x0, @broadcast}, 0x10) 20:06:13 executing program 1: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) pwritev(r0, 0x0, 0x0, 0x0, 0x0) 20:06:13 executing program 5: r0 = socket$inet(0x2, 0xa, 0x0) getsockopt$inet_sctp_SCTP_STATUS(r0, 0x84, 0xe, 0x0, 0x0) 20:06:13 executing program 3: r0 = socket(0x23, 0x2, 0x0) ioctl$SIOCX25CALLACCPTAPPRV(r0, 0x2) 20:06:13 executing program 0: ioctl$USBDEVFS_FREE_STREAMS(0xffffffffffffffff, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200230374be10000000000010000020f9"]) ioctl$USBDEVFS_REAPURB(0xffffffffffffffff, 0x4004550c, 0x0) 20:06:13 executing program 2: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_buf(r0, 0x0, 0x60, 0x0, &(0x7f0000000180)) 20:06:13 executing program 1: openat$snapshot(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x101001, 0x0) write$snapshot(r0, &(0x7f0000000000)='A', 0xfffffffffffffdef) 20:06:14 executing program 4: r0 = socket(0x18, 0x0, 0x2) sendmsg$L2TP_CMD_SESSION_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0) 20:06:14 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) sendmsg$IPVS_CMD_GET_CONFIG(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0) 20:06:14 executing program 3: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer\x00', 0x0, 0x0) ioctl$SNDCTL_SYNTH_ID(r0, 0xc08c5114, 0x0) 20:06:14 executing program 0: r0 = syz_open_dev$usbfs(0x0, 0x76, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200230374be10000000000010000020f9"]) ioctl$USBDEVFS_REAPURB(r0, 0x4004550c, 0x0) 20:06:14 executing program 2: r0 = io_uring_setup(0x5108, &(0x7f0000000000)) pwritev(r0, 0x0, 0x0, 0x0, 0x0) 20:06:14 executing program 4: r0 = socket$l2tp6(0xa, 0x2, 0x73) sendmsg$NL80211_CMD_STOP_SCHED_SCAN(r0, &(0x7f0000000180)={&(0x7f0000000100), 0xc, &(0x7f0000000140)={0x0}}, 0x0) 20:06:14 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xff7fffffffffffff, 0xffffffffffffffff, 0x9) syz_mount_image$gfs2(&(0x7f00000001c0)='gfs2\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/btrfs-control\x00', 0x103080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000000200)='batadv\x00') 20:06:14 executing program 1: keyctl$search(0xc, 0x0, &(0x7f0000000040)='big_key\x00', 0x0, 0x0) 20:06:14 executing program 3: r0 = socket$packet(0x11, 0x3, 0x300) socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendto$packet(r0, 0x0, 0x4, 0x0, &(0x7f0000000280)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14) 20:06:15 executing program 2: epoll_pwait(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, &(0x7f00000000c0), 0xc4) 20:06:15 executing program 0: r0 = syz_open_dev$usbfs(0x0, 0x76, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200230374be10000000000010000020f9"]) ioctl$USBDEVFS_REAPURB(r0, 0x4004550c, 0x0) 20:06:15 executing program 4: r0 = socket$inet_dccp(0x2, 0x6, 0x0) ioctl$BTRFS_IOC_RESIZE(r0, 0x8982, 0x0) 20:06:15 executing program 1: r0 = syz_open_dev$ndb(&(0x7f0000000000)='/dev/nbd#\x00', 0x0, 0x0) ioctl$NBD_SET_SOCK(r0, 0x5451, 0xffffffffffffffff) 20:06:15 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000300)='/dev/video#\x00', 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0x5421, &(0x7f00000003c0)) 20:06:15 executing program 3: r0 = getpgrp(0xffffffffffffffff) setpriority(0x2, r0, 0x0) 20:06:15 executing program 2: r0 = socket(0xa, 0x3, 0x200000000000ff) recvmsg$can_raw(r0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x1) 20:06:15 executing program 4: mmap$IORING_OFF_SQ_RING(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x66872, 0xffffffffffffffff, 0x200000) mincore(&(0x7f0000003000/0x3000)=nil, 0x3000, 0x0) 20:06:15 executing program 0: r0 = syz_open_dev$usbfs(0x0, 0x76, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200230374be10000000000010000020f9"]) ioctl$USBDEVFS_REAPURB(r0, 0x4004550c, 0x0) 20:06:16 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmmsg$inet(r0, &(0x7f00000006c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x24}}], 0x2, 0x0) 20:06:16 executing program 2: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$IP_VS_SO_SET_TIMEOUT(r0, 0x84, 0x22, 0x0, 0x0) 20:06:16 executing program 3: r0 = socket$inet6(0xa, 0x5, 0x0) sendto$l2tp(r0, &(0x7f0000000300)="cd", 0x1, 0x0, &(0x7f0000000340)={0xa, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) 20:06:16 executing program 5: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet6_opts(r0, 0x84, 0xa, 0x0, 0x0) 20:06:16 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x0, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200230374be10000000000010000020f9"]) ioctl$USBDEVFS_REAPURB(r0, 0x4004550c, 0x0) 20:06:16 executing program 4: recvfrom$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) 20:06:16 executing program 2: r0 = socket(0x2, 0x5, 0x0) getsockopt$kcm_KCM_RECV_DISABLE(r0, 0x84, 0x14, 0x0, 0x400000) 20:06:16 executing program 1: socket(0x0, 0x3, 0x2) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket(0x1a, 0x80000, 0x8) ioctl$BLKTRACESTART(r0, 0x1274, 0x0) setpriority(0x0, 0x0, 0x9) perf_event_open(&(0x7f0000000000)={0x1, 0x70, 0xc0, 0x57, 0xff, 0x0, 0x0, 0x1, 0x10000, 0x8, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4, @perf_config_ext={0xffffffff, 0x3}, 0x0, 0x3f, 0x80000001, 0x0, 0xb544, 0x5, 0x1}, 0x0, 0xfffffffffffffffc, r0, 0x2) prctl$PR_SVE_GET_VL(0x33, 0xd90f) getpid() clone3(&(0x7f0000000900)={0x400a0100, &(0x7f0000000140), 0x0, 0x0, {}, 0x0, 0x0, &(0x7f0000000300)=""/173, 0x0}, 0x58) 20:06:16 executing program 5: r0 = syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x1261, 0x0) 20:06:16 executing program 3: r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x0, 0x0) r1 = io_uring_setup(0x5108, &(0x7f0000000000)) mmap$IORING_OFF_CQ_RING(&(0x7f0000004000/0x3000)=nil, 0x3000, 0x0, 0x6013, r1, 0x8000000) dup3(r0, r1, 0x0) 20:06:17 executing program 4: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SFACILITIES(r0, 0x89ea, 0x0) 20:06:17 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x0, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200230374be10000000000010000020f9"]) ioctl$USBDEVFS_REAPURB(r0, 0x4004550c, 0x0) [ 774.365118][T17185] IPVS: ftp: loaded support on port[0] = 21 20:06:17 executing program 2: r0 = syz_open_dev$dri(&(0x7f0000000280)='/dev/dri/card#\x00', 0x0, 0x0) ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r0, 0x5000943f, &(0x7f0000001980)={{}, 0x0, 0x0, @unused=[0x2, 0x0, 0x0, 0x1], @devid}) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x2000, 0x0) 20:06:17 executing program 5: socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x2, 0x0) 20:06:17 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_SIOCDELRT(r0, 0x890c, 0x0) 20:06:17 executing program 4: sendmsg$NL80211_CMD_GET_MPP(0xffffffffffffffff, 0x0, 0xff600000) 20:06:17 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x0, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200230374be10000000000010000020f9"]) ioctl$USBDEVFS_REAPURB(r0, 0x4004550c, 0x0) [ 775.114814][T17206] IPVS: ftp: loaded support on port[0] = 21 20:06:18 executing program 2: r0 = syz_open_dev$vcsu(&(0x7f0000000700)='/dev/vcsu#\x00', 0x0, 0x0) accept4$bt_l2cap(r0, 0x0, 0x0, 0x0) 20:06:18 executing program 5: r0 = socket(0x18, 0x0, 0x0) sendmsg$TIPC_CMD_SET_LINK_PRI(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={0x0}}, 0x0) [ 775.569019][T17206] lo speed is unknown, defaulting to 1000 [ 776.229606][T17185] lo speed is unknown, defaulting to 1000 20:06:20 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCDARP(r0, 0x89a0, &(0x7f00000000c0)={{0x2, 0x0, @dev}, {0x6, @link_local}, 0xa, {0x2, 0x0, @dev}, 'ip6_vti0\x00'}) 20:06:20 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000000)='/dev/video#\x00', 0x0, 0x2) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc0d05605, &(0x7f0000000180)={0x0, 0x0, 0xffffffffffffffe5, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "394327e3"}, 0x0, 0x0, @planes=0x0}) 20:06:20 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x0) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200230374be10000000000010000020f9"]) ioctl$USBDEVFS_REAPURB(r0, 0x4004550c, 0x0) 20:06:20 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$IP_VS_SO_SET_TIMEOUT(r0, 0x84, 0x7b, 0x0, 0x0) 20:06:20 executing program 2: write$snapshot(0xffffffffffffffff, &(0x7f0000000080)="13", 0x1) r0 = pkey_alloc(0x0, 0x0) pkey_mprotect(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x4, r0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x27fd, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x101001, 0x0) write$snapshot(r1, &(0x7f0000000000)='A', 0xfffffdef) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000040)=[0x1, 0x101], 0x2, 0x80000, 0x0, 0xffffffffffffffff}) recvfrom$netrom(r2, 0x0, 0x0, 0x0, &(0x7f0000000180)={{0x3, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}]}, 0x48) 20:06:20 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = eventfd(0x0) ioctl$KVM_IRQFD(r1, 0x4020ae46, &(0x7f0000000000)={r2, 0x3, 0x0, 0xffffffffffffffff, [0x0, 0x0, 0x6]}) [ 777.091587][ T611] tipc: TX() has been purged, node left! 20:06:20 executing program 3: r0 = socket$inet_dccp(0x2, 0x6, 0x0) ioctl$BTRFS_IOC_RESIZE(r0, 0x80108906, 0x0) 20:06:20 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x0) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200230374be10000000000010000020f9"]) ioctl$USBDEVFS_REAPURB(r0, 0x4004550c, 0x0) 20:06:20 executing program 4: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, 0x0, 0x0) 20:06:20 executing program 5: r0 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000080)='/proc/capi/capi20\x00', 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCADD6RD(r0, 0x5421, 0x0) 20:06:21 executing program 1: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$IP_VS_SO_SET_TIMEOUT(r0, 0x84, 0x65, 0x0, 0x0) 20:06:21 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x0) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200230374be10000000000010000020f9"]) ioctl$USBDEVFS_REAPURB(r0, 0x4004550c, 0x0) 20:06:21 executing program 4: prctl$PR_SET_MM_EXE_FILE(0x34, 0xd, 0xffffffffffffffff) 20:06:21 executing program 3: socketpair(0x1e, 0x4, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$IPVS_CMD_NEW_DEST(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x101d0}}, 0x0) 20:06:21 executing program 5: r0 = io_uring_setup(0x5108, &(0x7f0000000000)) poll(&(0x7f00000000c0)=[{r0}], 0x1, 0x0) 20:06:21 executing program 1: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCDISCONN(r0, 0x5452) 20:06:21 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f00000002c0)={0x1, 0x0, [{0xd, 0x1}]}) 20:06:22 executing program 4: r0 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x0, 0x0) ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, 0x0) 20:06:22 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(0xffffffffffffffff, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200230374be10000000000010000020f9"]) ioctl$USBDEVFS_REAPURB(r0, 0x4004550c, 0x0) 20:06:22 executing program 3: r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000000)={0x18, 0x0, {0x5, @dev, 'geneve1\x00'}}, 0x1e) recvmmsg(r0, &(0x7f000000b1c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 20:06:22 executing program 5: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r0, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x44001) 20:06:22 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000000)='/dev/video#\x00', 0x3, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000040)={0x0, 0x0, 0x2, {0x3, @raw_data="76811d1820bfdb62645c2692be776d8f35a50584157328caac39c40134f81f6dfa8c10cad2e3d18087773ed050d8b50ebaab8710912a50cf7270b8d1b7f3f4d5fb3aec9e55d85f7c447f79e73964e8b6851b680b6e6c01c948f7ae8ca1f54f5068e74794385e45ee0f3fe01fa900d65f55f889a845c7c1fc9245c424e0ff31ed1bed7fe6c53d56707201bf9effdac828e2b2d47dde43b1de83e0dde51fa2a158f76c87970e9f264b46f71dbacabbd19a96d7cb5720a2b39b39d9c19231886a60189b864c877e01dc"}}) 20:06:22 executing program 4: socket$vsock_stream(0x28, 0x1, 0x0) select(0x40, &(0x7f0000000080), &(0x7f00000000c0)={0x8}, 0x0, 0x0) 20:06:22 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000000)) 20:06:22 executing program 5: r0 = socket(0x2, 0x5, 0x0) setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT(r0, 0x84, 0x16, 0x0, 0x0) 20:06:23 executing program 1: bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x12, 0xc, 0x4, 0x8, 0x580, 0x1}, 0x40) 20:06:23 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(0xffffffffffffffff, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200230374be10000000000010000020f9"]) ioctl$USBDEVFS_REAPURB(r0, 0x4004550c, 0x0) 20:06:23 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f0000007580)={0x0, 0x0, &(0x7f0000007540)={&(0x7f00000000c0)={0x30, 0x0, 0xb, 0x101, 0x0, 0x0, {}, [@NFCTH_TUPLE={0x10, 0x2, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @NFCTH_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x30}}, 0x0) 20:06:23 executing program 2: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$IP_VS_SO_SET_TIMEOUT(r0, 0x84, 0x19, 0x0, 0x0) 20:06:23 executing program 3: keyctl$join(0x1e, &(0x7f0000000180)={'syz', 0x1}) 20:06:23 executing program 1: r0 = io_uring_setup(0x5108, &(0x7f0000000000)) r1 = io_uring_setup(0x5108, &(0x7f0000000000)) copy_file_range(r0, 0x0, r1, &(0x7f0000000040), 0x0, 0x0) 20:06:23 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$IP_VS_SO_SET_TIMEOUT(r0, 0x84, 0x15, 0x0, 0x0) [ 781.019340][T17357] netlink: 'syz-executor.4': attribute type 2 has an invalid length. 20:06:24 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_ifreq(r0, 0x89f0, &(0x7f0000000040)={'tunl0\x00', @ifru_mtu=0x5310ff}) socketpair(0x2, 0x3, 0x0, &(0x7f0000000000)) 20:06:24 executing program 3: setsockopt$llc_int(0xffffffffffffffff, 0x10c, 0x0, &(0x7f0000000080), 0xffffffffffffffe9) 20:06:24 executing program 2: r0 = socket(0x18, 0x0, 0x0) sendmsg$BATADV_CMD_GET_ORIGINATORS(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}}, 0x0) 20:06:24 executing program 1: r0 = socket(0x23, 0x5, 0x0) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000080)={'gre0\x00', &(0x7f0000000000)={'erspan0\x00', 0x0, 0x7800, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @multicast1, @multicast1}}}}) 20:06:24 executing program 5: r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f00000000c0)={0x10, 0x4, 0x4, 0x4, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x0, 0x2000000]}, 0x40) bpf$MAP_UPDATE_ELEM(0x4, &(0x7f00000001c0)={r0, &(0x7f0000000100), &(0x7f0000000180)=@udp}, 0x20) 20:06:24 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(0xffffffffffffffff, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200230374be10000000000010000020f9"]) ioctl$USBDEVFS_REAPURB(r0, 0x4004550c, 0x0) 20:06:24 executing program 3: r0 = socket(0x25, 0x5, 0x0) getpeername$packet(r0, 0x0, 0x0) 20:06:24 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_GET_MPP(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0}, 0x8}, 0x0) [ 782.095508][ T611] tipc: TX() has been purged, node left! 20:06:25 executing program 2: add_key(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff) 20:06:25 executing program 5: keyctl$join(0x19, 0x0) 20:06:25 executing program 4: r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm_plock\x00', 0x0, 0x0) inotify_add_watch(r0, 0x0, 0x1000000) 20:06:25 executing program 3: r0 = socket(0x23, 0x5, 0x0) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x8911, &(0x7f0000000400)={'ip_vti0\x00', 0x0}) 20:06:25 executing program 1: r0 = socket(0x2, 0x5, 0x0) setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT(r0, 0x84, 0x17, 0x0, 0x0) 20:06:25 executing program 2: r0 = socket(0xa, 0x3, 0x200000000000ff) ioctl$sock_SIOCADDRT(r0, 0x5411, 0x0) 20:06:25 executing program 4: r0 = syz_open_dev$vim2m(&(0x7f0000000300)='/dev/video#\x00', 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000003c0)={0x0, 0x8}) 20:06:26 executing program 5: r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0) fanotify_mark(r0, 0x2, 0x8, 0xffffffffffffffff, 0x0) 20:06:26 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, 0x0) ioctl$USBDEVFS_REAPURB(r0, 0x4004550c, 0x0) 20:06:26 executing program 1: r0 = io_uring_setup(0x1911, &(0x7f0000000080)) mmap$IORING_OFF_SQ_RING(&(0x7f0000000000/0x1000)=nil, 0x149a000, 0x0, 0x11, r0, 0x0) 20:06:26 executing program 4: r0 = socket$rds(0x15, 0x5, 0x0) bind$rds(r0, 0x0, 0x1000000) 20:06:26 executing program 2: syz_mount_image$jfs(0x0, &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) creat(&(0x7f00000002c0)='./file0\x00', 0x0) 20:06:26 executing program 3: r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0) mmap$IORING_OFF_SQES(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x10000000) 20:06:26 executing program 5: r0 = socket(0xa, 0x3, 0x35) sendmsg$NBD_CMD_STATUS(r0, &(0x7f0000000140)={&(0x7f0000000080)={0xa, 0x0, 0x0, 0xfffffdef}, 0x2000008c, &(0x7f0000000100)={0x0}}, 0x0) 20:06:27 executing program 1: getsockname$l2tp6(0xffffffffffffffff, 0x0, 0x0) 20:06:27 executing program 4: r0 = socket$nl_audit(0x10, 0x3, 0x9) sendmsg$AUDIT_SIGNAL_INFO(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={0x0}}, 0x0) 20:06:27 executing program 2: syz_mount_image$fuse(0x0, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) sync() rmdir(&(0x7f00000004c0)='./file0\x00') 20:06:27 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_buf(r0, 0x84, 0x1e, 0x0, &(0x7f0000000180)) 20:06:27 executing program 3: socketpair(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) connect$bt_rfcomm(r0, 0x0, 0xfffffd71) 20:06:27 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, 0x0) ioctl$USBDEVFS_REAPURB(r0, 0x4004550c, 0x0) 20:06:27 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect(r0, &(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @mcast1, 0x2}, 0x80) connect(r0, &(0x7f0000000080)=@in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x23}}, 0x80) write$binfmt_script(r0, 0x0, 0x0) 20:06:27 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_buf(r0, 0x84, 0xe, 0x0, &(0x7f0000000180)) 20:06:27 executing program 5: r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$SOCK_DESTROY(r0, &(0x7f0000000f40)={0x0, 0x0, &(0x7f0000000f00)={&(0x7f0000000c40)=ANY=[@ANYBLOB="1400000015000100de00000000c2bae80a"], 0x14}}, 0x0) 20:06:28 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_MEDIA_SET(r0, &(0x7f0000000480)={0x0, 0x27, &(0x7f0000000440)={0x0, 0xffffff3b}}, 0x0) 20:06:28 executing program 2: r0 = socket(0x28, 0x1, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000300)={'tunl0\x00', &(0x7f0000000280)={'gretap0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x29, 0x0, @multicast2, @remote}}}}) 20:06:28 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000005c0)={0x53, 0x0, 0x0, 0x0, 0x0, {0x1a}}, 0x53}}, 0x0) 20:06:28 executing program 5: sendto$rxrpc(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) 20:06:28 executing program 4: r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$SOCK_DESTROY(r0, &(0x7f0000000f40)={0x0, 0x0, &(0x7f0000000f00)={&(0x7f0000000c40)=ANY=[@ANYBLOB="14000000120001"], 0x14}}, 0x0) 20:06:28 executing program 2: r0 = socket(0x2, 0x3, 0x101) sendmsg$NFNL_MSG_ACCT_GET(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={0x0}}, 0x0) 20:06:28 executing program 3: r0 = socket(0xa, 0x3, 0x200000000000ff) connect$bt_rfcomm(r0, &(0x7f0000000040)={0x1f, @none}, 0xa) 20:06:28 executing program 1: r0 = socket(0xa, 0x5, 0x0) ioctl$sock_ipv6_tunnel_SIOCADD6RD(r0, 0x89f9, 0x0) 20:06:29 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, 0x0) ioctl$USBDEVFS_REAPURB(r0, 0x4004550c, 0x0) 20:06:29 executing program 5: select(0x40, &(0x7f0000000000), 0xffffffffffffffff, 0x0, 0x0) 20:06:29 executing program 4: keyctl$instantiate_iov(0x14, 0x0, &(0x7f00000014c0)=[{&(0x7f00000004c0)="7d34765be5322af82f13f2db00543db00ac5601ff512cfbebfdd37386616c7fa1847598c6bb1b72831e8a560b00044844dfcdc5999c056571562a2589132bee3837a5ec8c6a1322f0683331da708f2b3d41c68ee9771a33fb8577e33ba896bdbca66bb06c504f45d4ea2a60a765cdb98956b409e5b161a68826c619aa55bfc750a62fbf8283d0729eaf4362d9d7f5ca95e5f68fcfca5ade738d3264fc4b357bc28e18ffd42d1a8c957862f0ff14975b9fdecef8922298c2310b5d36a422aba9ff46d74d154853c93f5b2a3a42c9946accef4db1bcd3d029beac4ce561eba7eaed069dceaef930c96751d0cb0f77cdf8c99049b454ab1bae0e7a4125b1c6a9bf37482bceec933dff035fe139956c11baef183f0d37fbb659d0ba8d82a41951c11ee8e2c0ac61fa53b7799ea3341aeb97da921d4133e0f6bd5f64478f9d8af4473404c445659ac79a339e23a0ed7ef86d11a692f4e4f", 0x155}], 0x1, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000280)='batadv\x00') sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="0917000000000000000007"], 0x1c}}, 0x0) 20:06:29 executing program 3: r0 = socket$inet_dccp(0x2, 0x6, 0x0) ioctl$BTRFS_IOC_RESIZE(r0, 0x8911, &(0x7f0000000200)={{}, {@void}}) 20:06:29 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_ifreq(r0, 0x89f0, &(0x7f0000000040)={'tunl0\x00', @ifru_mtu=0x5310ff}) openat$nullb(0xffffffffffffff9c, 0x0, 0x140c0, 0x0) 20:06:29 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet6_opts(r0, 0x84, 0x76, 0x0, 0x0) 20:06:29 executing program 5: r0 = gettid() kcmp(0x0, r0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) 20:06:29 executing program 4: keyctl$read(0x8, 0x0, 0x0, 0x0) 20:06:29 executing program 2: r0 = socket$inet6(0xa, 0x3, 0x8) setsockopt$packet_tx_ring(r0, 0x29, 0x1d, 0x0, 0x0) 20:06:30 executing program 3: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_buf(r0, 0x0, 0xf3de60aa089f430f, 0x0, &(0x7f0000000180)) 20:06:30 executing program 1: r0 = socket$inet6(0xa, 0x3, 0x8) setsockopt$packet_tx_ring(r0, 0x29, 0x31, 0x0, 0x0) 20:06:30 executing program 5: openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0) 20:06:30 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[]) ioctl$USBDEVFS_REAPURB(r0, 0x4004550c, 0x0) 20:06:30 executing program 4: bpf$BPF_LINK_CREATE(0x8, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff, 0xaf9ee8b1aa5e5449}, 0x10) 20:06:30 executing program 3: r0 = add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f00000000c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000000040)='ceph\x00', &(0x7f00000001c0)=@keyring={'key_or_keyring:'}) 20:06:30 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) sendmsg$inet(r0, &(0x7f0000000400)={&(0x7f00000001c0)={0x2, 0x4e22, @loopback}, 0x10, 0x0}, 0x24008010) 20:06:30 executing program 2: r0 = syz_open_dev$sndmidi(&(0x7f0000000080)='/dev/snd/midiC#D#\x00', 0x2, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000280)='/dev/dri/card#\x00', 0x0, 0x0) read$midi(r0, &(0x7f0000000240)=""/40, 0x28) ioctl$BTRFS_IOC_DEV_INFO(r1, 0xd000941e, 0x0) 20:06:30 executing program 5: r0 = socket(0x23, 0x80002, 0x0) bind$isdn_base(r0, 0x0, 0x0) 20:06:31 executing program 3: r0 = socket(0x2, 0x5, 0x0) setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT(r0, 0x84, 0x13, 0x0, 0x0) 20:06:31 executing program 4: r0 = socket(0x10, 0x80002, 0xc) sendmsg$nl_xfrm(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[], 0x50}}, 0x0) 20:06:31 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[]) ioctl$USBDEVFS_REAPURB(r0, 0x4004550c, 0x0) 20:06:32 executing program 5: r0 = socket$inet_dccp(0x2, 0x6, 0x0) ioctl$BTRFS_IOC_RESIZE(r0, 0x894a, &(0x7f0000000200)={{}, {@void}}) 20:06:32 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_RINGS_SET(r0, &(0x7f0000000180)={&(0x7f00000000c0), 0x4, &(0x7f0000000140)={&(0x7f0000001040)={0xb4, 0x0, 0x0, 0x0, 0x0, {}, [@ETHTOOL_A_RINGS_RX_JUMBO={0x8}, @ETHTOOL_A_RINGS_HEADER={0x54, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_RINGS_RX={0xfffffd2b}, @ETHTOOL_A_RINGS_RX_MINI={0x8}, @ETHTOOL_A_RINGS_RX={0x8}, @ETHTOOL_A_RINGS_HEADER={0xfffffffffffffc61, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}]}, 0xb4}}, 0x0) 20:06:32 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) sendmsg$inet(r0, &(0x7f0000000340)={&(0x7f00000001c0)={0x2, 0x4e22, @private}, 0x10, 0x0, 0x0, &(0x7f0000000480)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @broadcast, @multicast2}}}], 0x20}, 0x0) 20:06:32 executing program 4: r0 = syz_open_dev$radio(&(0x7f00000000c0)='/dev/radio#\x00', 0x1, 0x2) ioctl$VIDIOC_G_EDID(r0, 0xc0285628, &(0x7f0000000140)={0x0, 0x0, 0x5, [], 0x0}) 20:06:32 executing program 1: r0 = socket(0xa, 0x3, 0x6) connect$l2tp6(r0, 0x0, 0x0) 20:06:32 executing program 3: write$P9_RSETATTR(0xffffffffffffffff, 0x0, 0x0) 20:06:32 executing program 4: r0 = socket$inet6(0xa, 0x5, 0x0) sendto$l2tp(r0, &(0x7f0000000300)="cd", 0x1, 0x0, &(0x7f0000000340)={0x2, 0x0, @rand_addr=0xc0586300}, 0x10) 20:06:32 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000000)={0x1, 0x0, [{0x40000001, 0x2eb2aaea, 0x7}]}) 20:06:32 executing program 5: openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/secure_tcp\x00', 0x2, 0x0) select(0x40, &(0x7f0000000180), 0x0, &(0x7f0000000200)={0x9}, &(0x7f0000000280)) 20:06:33 executing program 1: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={@remote={[], 0x1}, 0x0, 'nr0\x00'}) 20:06:33 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[]) ioctl$USBDEVFS_REAPURB(r0, 0x4004550c, 0x0) 20:06:33 executing program 3: r0 = socket(0xf, 0x3, 0x2) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpid() r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0) socket(0x1a, 0x80000, 0x8) ioctl$BLKTRACESTART(r2, 0x1274, 0x0) setpriority(0x0, r1, 0x9) perf_event_open(&(0x7f0000000000)={0x1, 0x70, 0xc0, 0x57, 0xff, 0x0, 0x0, 0x1, 0x10000, 0x8, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xff, 0x4, @perf_config_ext={0xffffffff, 0x3}, 0x10142, 0x3f, 0x80000001, 0x0, 0xb544, 0x5, 0x1}, 0x0, 0xfffffffffffffffc, r2, 0x2) prctl$PR_SVE_GET_VL(0x33, 0xd90f) getpid() clone3(&(0x7f0000000900)={0x400a0100, &(0x7f0000000140), 0x0, 0x0, {}, 0x0, 0x0, &(0x7f0000000300)=""/173, 0x0}, 0x58) sendmsg$ETHTOOL_MSG_LINKSTATE_GET(r0, 0x0, 0x0) 20:06:33 executing program 4: r0 = syz_open_dev$sndctrl(&(0x7f0000000a40)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r0, 0x80045530, &(0x7f0000000400)=""/214) r1 = syz_open_dev$sndctrl(&(0x7f0000000a40)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r1, 0x80045530, &(0x7f0000000400)=""/214) 20:06:33 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r0, 0x6, 0x19, &(0x7f0000000140)={@private2}, 0x14) 20:06:33 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_ifreq(r0, 0x8931, &(0x7f0000000040)={'veth0_to_bridge\x00', @ifru_data=0x0}) 20:06:33 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x1c10c0, 0x0) [ 790.890633][T17561] IPVS: ftp: loaded support on port[0] = 21 20:06:33 executing program 4: r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000580)={'bond0\x00', &(0x7f0000000480)=@ethtool_drvinfo={0x3, "3b40e6fcabf8fc51d752b3a0f5d5756729bd07d49baab81e1174fd7d50ed3066", "e8f03178edcfd242ff0fa71120eaf026ea0afdb352bb7ac56c2f3f94da00551d", "c30a435fcbff7739458ba477f8c03cdf8db878ab0a8135f895b99424f07e90ad", "d09b2c14b27e95f76d0db5f9b2111b42c88f4c5c4dcc34411dbe0649d69db064", "03095c6b71277322051a72e224316349fd904e1ec03ce2bac99cfc155baf7242", "7573f61ee04cf475ee3ff119"}}) [ 791.045743][T17561] lo speed is unknown, defaulting to 1000 20:06:34 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_ifreq(r0, 0x8910, &(0x7f0000000040)={'tunl0\x00', @ifru_mtu}) 20:06:34 executing program 1: r0 = socket(0x25, 0x1, 0x0) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x51) 20:06:34 executing program 2: r0 = socket(0x29, 0x5, 0x0) setsockopt$RDS_CONG_MONITOR(r0, 0x114, 0xa, 0x0, 0x0) 20:06:34 executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x16, 0x0, 0x0) 20:06:34 executing program 5: socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)) socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)) socket$packet(0x11, 0x3, 0x300) socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)) r0 = socket$packet(0x11, 0x3, 0x300) socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendto$packet(r0, 0x0, 0x0, 0x0, &(0x7f0000000280)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14) 20:06:34 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB]) ioctl$USBDEVFS_REAPURB(r0, 0x4004550c, 0x0) [ 791.904576][T17565] IPVS: ftp: loaded support on port[0] = 21 [ 792.944519][T17565] lo speed is unknown, defaulting to 1000 [ 792.954146][ T8620] tipc: TX() has been purged, node left! 20:06:42 executing program 3: r0 = add_key(&(0x7f00000000c0)='cifs.idmap\x00', &(0x7f0000000100)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb) keyctl$read(0x3, r0, 0x0, 0x0) keyctl$read(0xb, r0, 0x0, 0x0) 20:06:42 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_ifreq(r0, 0x89f0, &(0x7f0000000040)={'tunl0\x00', @ifru_mtu=0x5310ff}) r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], &(0x7f0000000280)=""/237, 0x37, 0xed, 0x1}, 0x20) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x1, 0x4, 0x4, 0x1, 0x0, 0xffffffffffffffff, 0x0, [], 0x0, r1, 0x0, 0x1}, 0x40) 20:06:42 executing program 2: r0 = epoll_create1(0x0) fcntl$lock(r0, 0x7, &(0x7f0000000040)) r1 = epoll_create1(0x0) fcntl$lock(r1, 0x7, &(0x7f0000000080)) 20:06:42 executing program 4: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RFLUSH(r0, &(0x7f0000000080)={0x7}, 0xffffff08) 20:06:42 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB]) ioctl$USBDEVFS_REAPURB(r0, 0x4004550c, 0x0) 20:06:42 executing program 5: r0 = socket$inet6(0xa, 0x3, 0x8) setsockopt$packet_tx_ring(r0, 0x29, 0x4a, 0x0, 0x3000000) 20:06:42 executing program 5: r0 = syz_init_net_socket$x25(0x3, 0x2, 0x0) accept4$x25(r0, 0x0, 0x0, 0x0) 20:06:42 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x24}}, 0x1) 20:06:42 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_ifreq(r0, 0x89f0, &(0x7f0000000040)={'tunl0\x00', @ifru_mtu=0x5310ff}) syz_usb_connect$uac1(0x0, 0x71, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5f, 0x3, 0x1, 0x0, 0x0, 0x0, {{}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}}}}]}}, 0x0) 20:06:42 executing program 1: r0 = add_key$keyring(&(0x7f0000000280)='keyring\x00', &(0x7f0000000240)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff) keyctl$KEYCTL_RESTRICT_KEYRING(0x17, r0, &(0x7f0000000140)='trusted\x00', 0x0) 20:06:43 executing program 5: r0 = socket(0x1, 0x1, 0x0) recvmsg$can_raw(r0, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0) [ 800.369167][ T3226] usb 4-1: new high-speed USB device number 82 using dummy_hcd 20:06:43 executing program 2: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x0, 0x0) connect$bt_rfcomm(r0, 0x0, 0x0) 20:06:43 executing program 1: r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) getsockopt$llc_int(r0, 0x10c, 0x1, &(0x7f00000000c0), &(0x7f0000000000)=0x4) 20:06:43 executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)) socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)) socket$packet(0x11, 0x3, 0x300) socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)) r0 = socket$packet(0x11, 0x3, 0x300) socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendto$packet(r0, 0x0, 0x0, 0x0, &(0x7f0000000280)={0x11, 0xc, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14) 20:06:43 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB]) ioctl$USBDEVFS_REAPURB(r0, 0x4004550c, 0x0) [ 800.609954][ T3226] usb 4-1: Using ep0 maxpacket: 32 [ 800.729646][ T3226] usb 4-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 800.738586][ T3226] usb 4-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 800.749076][ T3226] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 20:06:43 executing program 5: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$bt_l2cap_L2CAP_LM(r0, 0x29, 0x4d, 0x0, 0x0) [ 800.950452][ T3226] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 800.959856][ T3226] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 800.968002][ T3226] usb 4-1: Product: syz [ 800.972510][ T3226] usb 4-1: Manufacturer: syz [ 800.977242][ T3226] usb 4-1: SerialNumber: syz 20:06:43 executing program 2: r0 = syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x80081270, 0x0) 20:06:44 executing program 1: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_buf(r0, 0x84, 0x1a, 0x0, &(0x7f0000000180)) 20:06:44 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_usb_connect$cdc_ncm(0x0, 0x98, &(0x7f0000000940)={{0x12, 0x1, 0x250, 0x2, 0x0, 0x0, 0x20, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x86, 0x2, 0x1, 0xbc, 0x0, 0x7, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5, 0x24, 0x0, 0x1f}, {0xd, 0x24, 0xf, 0x1, 0x2, 0x8, 0x8, 0x6}, {0x6, 0x24, 0x1a, 0x1000}, [@call_mgmt={0x5, 0x24, 0x1, 0x2, 0x8}, @acm={0x4, 0x24, 0x2, 0x2}, @mbim={0xc, 0x24, 0x1b, 0x8, 0x1, 0x2, 0x20, 0xffff, 0xfa}, @dmm={0x7, 0x24, 0x14, 0x7fff, 0x64}, @country_functional={0xe, 0x24, 0x7, 0x81, 0x4c, [0x3, 0xfffe, 0x1, 0x80]}]}, {{0x9, 0x5, 0x81, 0x3, 0x40, 0x3b, 0x7f, 0x75}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x400, 0x1f, 0x2, 0x81}}, {{0x9, 0x5, 0x3, 0x2, 0x3ff, 0x6, 0x1, 0x4}}}}}}}]}}, &(0x7f0000000b00)={0xa, &(0x7f0000000a00)={0xa, 0x6, 0x250, 0x0, 0x15, 0xe1, 0x20, 0x2}, 0x35, &(0x7f0000000a40)={0x5, 0xf, 0x35, 0x4, [@ext_cap={0x7, 0x10, 0x2, 0x10, 0x2, 0xa, 0x3f}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0x0, 0xff, 0x7, 0x3}, @ssp_cap={0x14, 0x10, 0xa, 0x5, 0x2, 0x8, 0xf00, 0x7fff, [0xff00de, 0xc030]}, @wireless={0xb, 0x10, 0x1, 0x8, 0x10, 0x5, 0x0, 0x0, 0x81}]}, 0x1, [{0x4, &(0x7f0000000a80)=@lang_id={0x4, 0x3, 0x401}}]}) [ 801.419432][ T3226] usb 4-1: 0:2 : does not exist [ 801.508051][ T3226] usb 4-1: USB disconnect, device number 82 20:06:44 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000100)='/dev/video#\x00', 0x0, 0x2) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc0d05605, &(0x7f0000000000)={0x0, 0x0, 0x4, 0x0, 0x0, {}, {}, 0x0, 0x0, @planes=0x0}) [ 801.909004][ T9656] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 802.153746][ T9656] usb 5-1: Using ep0 maxpacket: 32 [ 802.248972][ T3226] usb 4-1: new high-speed USB device number 83 using dummy_hcd [ 802.359419][ T9656] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 59, changing to 9 [ 802.370801][ T9656] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024 [ 802.381280][ T9656] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 1023 [ 802.489079][ T3226] usb 4-1: Using ep0 maxpacket: 32 [ 802.556829][ T9656] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 802.566106][ T9656] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 802.574463][ T9656] usb 5-1: Product: syz [ 802.578842][ T9656] usb 5-1: Manufacturer: syz [ 802.583575][ T9656] usb 5-1: SerialNumber: syz [ 802.629930][ T3226] usb 4-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 802.638868][ T3226] usb 4-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 802.649235][ T3226] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 802.849651][ T3226] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 802.859160][ T3226] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 802.867293][ T3226] usb 4-1: Product: syz [ 802.872600][ T3226] usb 4-1: Manufacturer: syz [ 802.877348][ T3226] usb 4-1: SerialNumber: syz [ 803.020248][ T9656] cdc_ncm 5-1:1.0: bind() failure [ 803.035249][ T9656] cdc_ncm 5-1:1.1: bind() failure [ 803.149165][ T9656] usb 5-1: USB disconnect, device number 4 20:06:46 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x19, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000611984020000000095000000400000008f4eb5d66130285d61a4d6652560e745e21123bb27003daf40ab9519efd587d823e0ef4b70f39af78ac6570dd2dfdf5d5ff6458c4de3093d8eaba9700bb8"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x287b361ae6c523fa, 0x10, &(0x7f0000000000), 0x128}, 0x48) 20:06:46 executing program 2: r0 = socket$nl_crypto(0x10, 0x3, 0x15) sendmsg$nl_crypto(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=ANY=[@ANYBLOB="e0000000100001000000000000000000647262675f6e6feea656729568dcf500eaa678b925979e7b8476c322e89cb9f16161e00781075c714718e9ddcc9af33b56758d0270a8975e05cbe1534d911364e659d78e476132314fc98ebb509df2823767b8ddbc8a36ca87524b707f8816a92929265fe8a23c8260e433d296cb17e1b4fad31509f6c61a8ff5d48be1bace0a"], 0xe0}}, 0x0) 20:06:46 executing program 1: write$snapshot(0xffffffffffffffff, &(0x7f0000000080)="13", 0x1) r0 = pkey_alloc(0x0, 0x0) pkey_mprotect(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x4, r0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x27fd, 0x0) r1 = pkey_alloc(0x0, 0x3) pkey_mprotect(&(0x7f00000b7000/0x4000)=nil, 0x4000, 0x1, r1) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x101001, 0x0) write$snapshot(r2, &(0x7f0000000000)='A', 0xfffffdef) 20:06:46 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200230374be100000"]) ioctl$USBDEVFS_REAPURB(r0, 0x4004550c, 0x0) 20:06:46 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000300)='/dev/video#\x00', 0xff, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000003c0)={0x0, 0xe}) [ 803.250451][ T3226] usb 4-1: can't set config #1, error -71 [ 803.299837][ T3226] usb 4-1: USB disconnect, device number 83 20:06:46 executing program 2: r0 = socket(0x2, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x891b, &(0x7f0000000080)={'wg1\x00', 0x0}) ioctl$sock_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, @l2tp={0x2, 0x0, @remote, 0x2}, @nl=@kern={0x10, 0x0, 0x0, 0x80000460}, @phonet={0x23, 0xf9, 0x2, 0x1e}, 0xfe04, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000040)='wg1\x00', 0x3, 0x0, 0x4d82}) sendmsg$RDMA_NLDEV_CMD_SYS_SET(r0, &(0x7f0000000800)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x80010004}, 0xc, &(0x7f00000007c0)={&(0x7f0000000740)={0x44, 0x1407, 0x200, 0x70bd25, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz1\x00'}, @RDMA_NLDEV_NET_NS_FD={0x8}, @RDMA_NLDEV_NET_NS_FD={0x8}, @RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz0\x00'}, @RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz2\x00'}]}, 0x44}, 0x1, 0x0, 0x0, 0x20000001}, 0x44811) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000000)={'wg1\x00', r1}) r2 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000140)='wireguard\x00') sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000840)={0x494, r2, 0x100, 0x70bd28, 0x25dfdbfc, {}, [@WGDEVICE_A_FWMARK={0x8, 0x7, 0x9}, @WGDEVICE_A_FLAGS={0x8, 0x5, 0x1}, @WGDEVICE_A_PEERS={0x1dc, 0x8, 0x0, 0x1, [{0x9c, 0x0, 0x0, 0x1, [@WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x9}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "36d224e454609b907edab7e1dac0fd0a06b5ebe1c3909ad135222e36e03a5e7c"}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x9}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e22, @remote}}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "8791dddd3b5f4fcd1694c879d2d03326ebfd6c56964b38c2fc918a3c8fd25613"}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e21, @broadcast}}, @WGPEER_A_PROTOCOL_VERSION={0x8}]}, {0x7c, 0x0, 0x0, 0x1, [@WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e20, @multicast2}}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e21, 0x8, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x7f}}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "a2a0cf742e91ac82dedf556a1fd5a1cd38344c64f2b5e53bc4fc827f16d8c38d"}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e23, 0xfff, @private0={0xfc, 0x0, [], 0x1}, 0x3}}]}, {0xac, 0x0, 0x0, 0x1, [@WGPEER_A_FLAGS={0x8, 0x3, 0x4}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "3cb4ee1f5cf1f71ad814d88cce0ca5d7e63bf160b6b1b093df46c7127e45c0c7"}, @WGPEER_A_FLAGS={0x8, 0x3, 0x2}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @b_g='\xd1s(\x99\xf6\x11\xcd\x89\x94\x03M\x7fA=\xc9Wc\x0eT\x93\xc2\x85\xac\xa4\x00e\xcbc\x11\xbeik'}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "3a43f55af528d82168ad28d94e48507e5323936a21abf1452289f5669950d1b7"}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x9}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e20, @empty}}]}, {0x14, 0x0, 0x0, 0x1, [@WGPEER_A_FLAGS={0x8, 0x3, 0x4}, @WGPEER_A_FLAGS={0x8, 0x3, 0x2}]}]}, @WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e21}, @WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @c='\xa0\xcb\x87\x9aG\xf5\xbcdL\x0ei?\xa6\xd01\xc7J\x15S\xb6\xe9\x01\xb9\xff/Q\x8cx\x04/\xb5B'}, @WGDEVICE_A_PEERS={0x254, 0x8, 0x0, 0x1, [{0x250, 0x0, 0x0, 0x1, [@WGPEER_A_ALLOWEDIPS={0x24c, 0x9, 0x0, 0x1, [{0x4c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x4, 0x0}}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x1}}]}, {0x40, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, [], 0x12}}, {0x5, 0x3, 0x3}}]}, {0x100, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @local}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, [], 0x0, 0x0}}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010102}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @private=0xa010100}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x2}}]}, {0x58, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5, 0x3, 0x2}}]}, {0x64, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @private1={0xfc, 0x1, [], 0x1}}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @private=0xa010100}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, {0x5, 0x3, 0x3}}]}]}]}]}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}]}, 0x494}, 0x1, 0x0, 0x0, 0x24008080}, 0x20008184) syz_usb_ep_read(0xffffffffffffffff, 0xff, 0x27, &(0x7f00000006c0)=""/39) 20:06:46 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCDISCONN(r0, 0x2) 20:06:46 executing program 5: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x1c, &(0x7f0000000040)=[@in6={0xa, 0x0, 0x0, @dev, 0x1}]}, &(0x7f0000000240)=0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000380), &(0x7f00000003c0)=0x4) 20:06:46 executing program 3: r0 = socket$can_j1939(0x1d, 0x2, 0x7) r1 = socket(0x11, 0x800000003, 0x0) bind(r1, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r1, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000003c0)=0x10) bind$can_j1939(r0, &(0x7f0000004600)={0x1d, r2, 0x0, {0x0, 0x0, 0x4}}, 0x18) 20:06:47 executing program 4: r0 = epoll_create1(0x0) r1 = syz_io_uring_setup(0x8a8, &(0x7f0000000100)={0x0, 0xde1c, 0x20, 0x2, 0xae}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000000180), &(0x7f00000001c0)) r2 = io_uring_setup(0x5108, &(0x7f0000000000)) mmap$IORING_OFF_CQ_RING(&(0x7f0000004000/0x3000)=nil, 0x3000, 0x0, 0x6013, r2, 0x8000000) fcntl$dupfd(r1, 0x406, r2) fcntl$lock(r0, 0x7, &(0x7f0000000080)={0x1}) fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x1, 0x3}) 20:06:47 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f00000034c0)='devlink\x00') sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)={0x50, r1, 0x1, 0x0, 0x0, {}, [{@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, {0x8}, {0xc}, {0xc}}]}, 0x50}}, 0x0) 20:06:47 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200230374be100000"]) ioctl$USBDEVFS_REAPURB(r0, 0x4004550c, 0x0) 20:06:47 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCDARP(r0, 0x5460, 0x0) 20:06:47 executing program 2: r0 = socket$inet_dccp(0x2, 0x6, 0x0) poll(&(0x7f0000000140)=[{r0}, {r0}], 0x2, 0x0) 20:06:47 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_inet_udp_SIOCOUTQ(r0, 0xc0189436, &(0x7f0000000000)) 20:06:48 executing program 4: openat$proc_capi20(0xffffffffffffff9c, 0x0, 0x404000, 0x0) 20:06:48 executing program 5: prctl$PR_SET_MM_EXE_FILE(0x24, 0xd, 0xffffffffffffffff) 20:06:48 executing program 2: r0 = syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c0a, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "95db72024ef6233db03971ee69ea804a9a8b2513fc05cc57b56418967d48d2fe9278307bd3f07ff2067ad88d77cee11af37dfa7d3683e60c2337005a0b8a060d", "f3f33f2e1c6d556d0188133fed836d2382d5843ca2fbe14ac5fe7b1b2ae70a4eaa7128eadfdc0e77ff1408226d72693b9a2e2fbdf9cedfbb732276916ceb7697", "234c088a81c657e03448f6e7fde1a6e3c5615c70bb4c371da91703c60f4591f6"}) 20:06:48 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200)='nl80211\x00') sendmsg$NL80211_CMD_GET_MESH_CONFIG(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x1c, r1, 0x1, 0x0, 0x0, {0x2}, [@NL80211_ATTR_IFINDEX={0x8, 0x117}]}, 0x1c}}, 0x0) 20:06:48 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f0000007580)={0x0, 0x0, &(0x7f0000007540)={&(0x7f0000007480)={0x14, 0x2, 0x7, 0x101}, 0x14}}, 0x0) 20:06:48 executing program 4: r0 = socket$inet6(0xa, 0x3, 0x8) setsockopt$packet_tx_ring(r0, 0x29, 0x4, 0x0, 0x0) 20:06:48 executing program 5: r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fuse\x00', 0x2, 0x0) syz_mount_image$fuse(&(0x7f0000000580)='fuse\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4001}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f00000001c0)={0x30}, 0x30) 20:06:48 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200230374be100000"]) ioctl$USBDEVFS_REAPURB(r0, 0x4004550c, 0x0) 20:06:48 executing program 2: r0 = syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x1267, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "95db72024ef6233db03971ee69ea804a9a8b2513fc05cc57b56418967d48d2fe9278307bd3f07ff2067ad88d77cee11af37dfa7d3683e60c2337005a0b8a060d", "f3f33f2e1c6d556d0188133fed836d2382d5843ca2fbe14ac5fe7b1b2ae70a4eaa7128eadfdc0e77ff1408226d72693b9a2e2fbdf9cedfbb732276916ceb7697", "234c088a81c657e03448f6e7fde1a6e3c5615c70bb4c371da91703c60f4591f6"}) 20:06:49 executing program 1: r0 = socket$inet6(0xa, 0x5, 0x0) sendto$l2tp(r0, &(0x7f0000000000)="cd", 0x1, 0x0, &(0x7f0000000340)={0x2, 0x0, @dev}, 0x10) 20:06:49 executing program 3: r0 = socket(0x11, 0x3, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x107, 0x11, 0x0, 0x0) 20:06:49 executing program 4: bpf$MAP_CREATE(0x0, &(0x7f00004f9fe4)={0xa, 0x6, 0x200f, 0x7f}, 0x40) bpf$MAP_CREATE(0x2, &(0x7f0000000000)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2c) 20:06:49 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0)='ethtool\x00') sendmsg$ETHTOOL_MSG_COALESCE_GET(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f00000006c0)={0x34, r1, 0x1, 0x0, 0x0, {}, [@HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0xf, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x34}}, 0x0) 20:06:49 executing program 3: r0 = socket(0x1, 0x3, 0x0) ioctl$sock_inet6_tcp_SIOCOUTQ(r0, 0x541b, &(0x7f0000000100)) 20:06:49 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_buf(r0, 0x84, 0xf, 0x0, &(0x7f0000000180)) 20:06:50 executing program 2: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff}, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0x5760, 0x0) 20:06:50 executing program 5: r0 = socket$inet6(0xa, 0x5, 0x0) sendto$l2tp(r0, &(0x7f0000000300)="cd", 0x34000, 0x0, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10) 20:06:50 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200230374be10000000000010"]) ioctl$USBDEVFS_REAPURB(r0, 0x4004550c, 0x0) 20:06:50 executing program 3: r0 = socket$phonet_pipe(0x23, 0x5, 0x2) recvfrom$phonet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 20:06:50 executing program 1: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) getsockopt$TIPC_CONN_TIMEOUT(r0, 0x10f, 0x82, 0x0, &(0x7f0000000100)=0x300) 20:06:50 executing program 4: add_key$keyring(0x0, 0x0, 0x0, 0x10000000, 0xfffffffffffffffa) 20:06:50 executing program 2: r0 = socket(0x2, 0x5, 0x0) getsockopt$kcm_KCM_RECV_DISABLE(r0, 0x84, 0x12, 0x0, 0x400000) 20:06:50 executing program 3: openat$proc_capi20(0xffffffffffffff9c, 0x0, 0x490400, 0x0) 20:06:50 executing program 4: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet6_opts(r0, 0x84, 0x7, 0x0, 0x0) 20:06:51 executing program 5: r0 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0xc00, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_STATUS64(r0, 0xc0305710, 0x0) 20:06:51 executing program 1: r0 = socket$inet6(0xa, 0x5, 0x0) sendto$l2tp(r0, &(0x7f0000000000)="cd", 0x1, 0x1f4, &(0x7f0000000340)={0x2, 0x0, @dev}, 0x10) 20:06:51 executing program 2: r0 = socket(0x1e, 0x2, 0x0) connect$pppl2tp(r0, 0x0, 0x0) 20:06:51 executing program 3: r0 = syz_open_dev$dri(&(0x7f0000000280)='/dev/dri/card#\x00', 0x0, 0x0) ioctl$BTRFS_IOC_DEV_INFO(r0, 0x4c01, 0x0) 20:06:51 executing program 4: r0 = socket(0x1e, 0x5, 0x0) setsockopt$IP_VS_SO_SET_FLUSH(r0, 0x0, 0x485, 0x0, 0x0) 20:06:51 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200230374be10000000000010"]) ioctl$USBDEVFS_REAPURB(r0, 0x4004550c, 0x0) 20:06:51 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_buf(r0, 0x84, 0x22, 0x0, &(0x7f0000000180)) 20:06:51 executing program 1: r0 = socket$inet6(0xa, 0x3, 0x8) setsockopt$packet_tx_ring(r0, 0x29, 0xb, 0x0, 0x3000000) 20:06:51 executing program 2: bpf$MAP_CREATE(0xf, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x40) 20:06:51 executing program 3: r0 = socket(0xf, 0x3, 0x2) sendmsg$TIPC_NL_MEDIA_GET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)={0x14}, 0x14}}, 0x0) 20:06:52 executing program 4: r0 = socket(0x2, 0x5, 0x0) setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT(r0, 0x84, 0x83, 0x0, 0x0) 20:06:52 executing program 5: syz_open_dev$media(&(0x7f0000000780)='/dev/media#\x00', 0x4, 0x0) 20:06:52 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x0, 0x0, &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 20:06:52 executing program 2: r0 = socket(0x29, 0x2, 0x0) sendmsg$ETHTOOL_MSG_LINKINFO_SET(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000280)={0x14}, 0x14}}, 0x0) sendmsg$ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) 20:06:52 executing program 3: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) accept4$tipc(r0, 0x0, 0x0, 0x1400) 20:06:52 executing program 4: sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x784d9275b5d3e7d8) 20:06:52 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r0, 0x6, 0x17, &(0x7f0000000140)={@private2}, 0x14) 20:06:53 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200230374be10000000000010"]) ioctl$USBDEVFS_REAPURB(r0, 0x4004550c, 0x0) 20:06:53 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) write$UHID_INPUT(r0, 0x0, 0x0) 20:06:53 executing program 1: syz_open_dev$vcsu(&(0x7f0000000000)='/dev/vcsu#\x00', 0x0, 0x498481) 20:06:53 executing program 3: r0 = socket(0x22, 0x80002, 0x4) sendmsg$IPVS_CMD_GET_DAEMON(r0, &(0x7f0000009bc0)={0x0, 0x0, &(0x7f0000009b80)={0x0}}, 0x0) 20:06:53 executing program 4: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, 0x0, 0x0) 20:06:53 executing program 2: write$snapshot(0xffffffffffffffff, &(0x7f0000000080)="13", 0x1) r0 = pkey_alloc(0x0, 0x0) pkey_mprotect(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x4, r0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x27fd, 0x0) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x101001, 0x0) write$snapshot(r2, &(0x7f0000000000)='A', 0xfffffdef) write$snapshot(r1, 0x0, 0x0) write$snapshot(r1, 0x0, 0xeffdffff) 20:06:53 executing program 5: write$snapshot(0xffffffffffffffff, &(0x7f0000000080)="13", 0x1) r0 = pkey_alloc(0x0, 0x0) pkey_mprotect(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x4, r0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x27fd, 0x0) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x101001, 0x0) write$snapshot(r2, &(0x7f0000000000)='A', 0xfffffdef) write$snapshot(r1, &(0x7f00000000c0)='L', 0x1) 20:06:53 executing program 1: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_buf(r0, 0x84, 0x25, 0x0, &(0x7f0000000180)) 20:06:53 executing program 3: r0 = socket$kcm(0x29, 0x2, 0x0) connect(r0, 0x0, 0x0) 20:06:53 executing program 4: r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_MON_SET(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000003c0)={0x14, r0, 0x1}, 0x14}}, 0x0) 20:06:54 executing program 1: r0 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/renderD128\x00', 0x0, 0x0) r1 = syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, 0x0) socketpair(0xa, 0x6, 0x1, &(0x7f0000000040)={0xffffffffffffffff}) ioctl$LOOP_CHANGE_FD(r1, 0x4c06, r2) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r0, 0xd000943e, 0x0) r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rfkill\x00', 0x208800, 0x0) read$rfkill(r3, &(0x7f0000000280), 0x8) 20:06:54 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200230374be100000000000100000"]) ioctl$USBDEVFS_REAPURB(r0, 0x4004550c, 0x0) 20:06:54 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = eventfd(0x0) ioctl$KVM_IRQFD(r1, 0x4020940d, &(0x7f0000000000)={r2, 0x0, 0x0, 0xffffffffffffffff, [0x0, 0x0, 0x6]}) 20:06:54 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) recvmmsg(r0, &(0x7f0000000140)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 20:06:54 executing program 5: r0 = socket$inet6(0xa, 0x3, 0x8) setsockopt$packet_tx_ring(r0, 0x29, 0x39, 0x0, 0x0) 20:06:55 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCDARP(r0, 0x541b, &(0x7f00000000c0)={{0x2, 0x0, @dev}, {0x0, @link_local}, 0x0, {0x2, 0x0, @dev}, 'ip6_vti0\x00'}) 20:06:55 executing program 3: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) connect$rose(r0, &(0x7f0000000040)=@short={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x1, @bcast}, 0x1c) 20:06:55 executing program 1: bpf$MAP_CREATE(0xa, &(0x7f0000000040), 0x40) 20:06:55 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x4020ae46, &(0x7f0000000100)={0x300}) 20:06:55 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200230374be100000000000100000"]) ioctl$USBDEVFS_REAPURB(r0, 0x4004550c, 0x0) 20:06:55 executing program 5: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0)) ioctl$PPPIOCDISCONN(r0, 0x8004745a) 20:06:55 executing program 3: r0 = socket(0x18, 0x0, 0x2) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, 0x0) 20:06:55 executing program 1: socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x5421, 0x0) 20:06:55 executing program 2: r0 = socket$inet_dccp(0x2, 0x6, 0x0) ioctl$BTRFS_IOC_RESIZE(r0, 0x8980, 0x0) 20:06:55 executing program 4: keyctl$dh_compute(0x11, 0x0, 0x0, 0x0, 0x0) 20:06:56 executing program 1: r0 = syz_open_dev$vcsu(&(0x7f0000000100)='/dev/vcsu#\x00', 0x0, 0x0) r1 = syz_open_dev$loop(&(0x7f0000000180)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_SET_FD(r1, 0x4c00, r0) ioctl$LOOP_SET_BLOCK_SIZE(r1, 0x4c09, 0x0) 20:06:56 executing program 3: r0 = io_uring_setup(0x1911, &(0x7f0000000080)) mmap$IORING_OFF_SQ_RING(&(0x7f0000000000/0x1000)=nil, 0x20000000, 0x0, 0x11, r0, 0x0) 20:06:56 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_CREATE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0}, 0x1, 0x0, 0xffffff7f}, 0x0) 20:06:56 executing program 5: getsockopt$TIPC_SOCK_RECVQ_DEPTH(0xffffffffffffffff, 0x10f, 0x84, 0x0, 0x0) 20:06:56 executing program 2: r0 = socket$qrtr(0x2a, 0x2, 0x0) bind$qrtr(r0, &(0x7f00000001c0)={0x2a, 0x1}, 0xc) 20:06:57 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200230374be100000000000100000"]) ioctl$USBDEVFS_REAPURB(r0, 0x4004550c, 0x0) 20:06:57 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, 0x0, 0x0) 20:06:57 executing program 3: ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'}) r0 = socket(0x2, 0x5, 0x0) getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8) 20:06:57 executing program 4: r0 = socket(0x1, 0x3, 0x0) ioctl$sock_inet6_udp_SIOCOUTQ(r0, 0x8906, 0x0) 20:06:57 executing program 5: r0 = socket(0x15, 0x5, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x8940, 0x0) 20:06:57 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) sendmsg$IPVS_CMD_GET_CONFIG(r0, &(0x7f0000000200)={&(0x7f0000000000), 0xc, &(0x7f0000000080)={0x0}}, 0x0) 20:06:57 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8993, &(0x7f0000000040)={'team0\x00'}) 20:06:57 executing program 4: r0 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0xc00, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_STATUS64(r0, 0x40045731, 0x0) 20:06:57 executing program 3: r0 = socket(0x2, 0x5, 0x0) getsockopt$kcm_KCM_RECV_DISABLE(r0, 0x84, 0x16, 0x0, 0x400000) 20:06:57 executing program 5: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$bt_l2cap_L2CAP_LM(r0, 0x29, 0x19, 0x0, 0x0) 20:06:58 executing program 2: r0 = socket$inet_dccp(0x2, 0x6, 0x0) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r0) 20:06:58 executing program 1: r0 = socket(0x2, 0x5, 0x0) connect$vsock_stream(r0, &(0x7f0000000080)={0x2, 0x0, 0x0, @local}, 0x10) 20:06:58 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200230374be10000000000010000020"]) ioctl$USBDEVFS_REAPURB(r0, 0x4004550c, 0x0) 20:06:58 executing program 3: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$can_bcm(r0, 0x0, 0x0) 20:06:58 executing program 4: syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) r0 = socket(0x1, 0x3, 0x0) ioctl$sock_inet6_tcp_SIOCOUTQ(r0, 0x541b, &(0x7f0000000100)) 20:06:58 executing program 5: syz_open_dev$vcsu(&(0x7f0000000200)='/dev/vcsu#\x00', 0x0, 0x472080) 20:06:58 executing program 1: read$rfkill(0xffffffffffffffff, 0x0, 0x0) setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(0xffffffffffffffff, 0x0, 0x0) getegid() ioctl$LOOP_SET_FD(0xffffffffffffffff, 0x4c00, 0xffffffffffffffff) sync() openat$rfkill(0xffffffffffffff9c, 0x0, 0x20180, 0x0) syz_open_dev$vcsu(0x0, 0x104, 0x44043) openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x84901, 0x0) r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/rfkill\x00', 0x0, 0x0) ioctl$RFKILL_IOCTL_NOINPUT(r0, 0x5201) 20:06:58 executing program 2: r0 = socket$qrtr(0x2a, 0x2, 0x0) bind$qrtr(r0, &(0x7f00000004c0), 0xc) 20:06:58 executing program 3: r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000001640)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) read$dsp(r0, &(0x7f00000016c0)=""/79, 0x4f) 20:06:59 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0xc020660b, 0x0) 20:06:59 executing program 4: bpf$BPF_LINK_CREATE(0x9, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff, 0x3c}, 0x10) 20:06:59 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCDARP(r0, 0x5452, &(0x7f00000000c0)={{0x2, 0x0, @dev}, {0x0, @link_local}, 0x0, {0x2, 0x0, @dev}, 'ip6_vti0\x00'}) 20:06:59 executing program 3: r0 = socket(0x2, 0x5, 0x0) setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT(r0, 0x84, 0x71, 0x0, 0x0) 20:06:59 executing program 2: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/qat_adf_ctl\x00', 0x0, 0x0) sendmsg$TIPC_NL_MON_PEER_GET(r0, 0x0, 0x0) 20:06:59 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200230374be10000000000010000020"]) ioctl$USBDEVFS_REAPURB(r0, 0x4004550c, 0x0) 20:06:59 executing program 5: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$bt_l2cap_L2CAP_LM(r0, 0x29, 0x2a, 0x0, 0x0) 20:06:59 executing program 4: r0 = creat(&(0x7f0000000180)='./bus\x00', 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, 0x0) 20:07:00 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r0, 0x6, 0x0, 0x0, 0xd) 20:07:00 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x8919, &(0x7f0000000000)={'gre0\x00', 0x0}) 20:07:00 executing program 3: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/seq\x00', 0x2) write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0xfe, @time, {}, {}, @connect}], 0x1c) 20:07:00 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) connect$bt_rfcomm(r0, 0x0, 0x0) 20:07:00 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r0, 0x6, 0x10, &(0x7f0000000140)={@ipv4={[], [], @loopback}}, 0x14) 20:07:00 executing program 2: r0 = socket(0xa, 0x5, 0x0) setsockopt$netlink_NETLINK_CAP_ACK(r0, 0x10e, 0xa, 0x0, 0x0) 20:07:00 executing program 1: r0 = socket(0x2, 0x5, 0x0) getsockopt$kcm_KCM_RECV_DISABLE(r0, 0x84, 0x24, 0x0, 0x400000) 20:07:00 executing program 3: r0 = socket$inet(0x2, 0x3, 0xf9) getsockopt$inet_mreqn(r0, 0x0, 0x0, 0x0, 0x0) 20:07:00 executing program 5: socketpair(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) read$alg(r0, 0x0, 0x0) 20:07:00 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200230374be10000000000010000020"]) ioctl$USBDEVFS_REAPURB(r0, 0x4004550c, 0x0) 20:07:00 executing program 4: r0 = socket$rxrpc(0x21, 0x2, 0xa) r1 = creat(&(0x7f0000000200)='./file0\x00', 0x0) poll(&(0x7f0000000240)=[{r0}, {r1, 0x12300}], 0x2, 0xec2) 20:07:01 executing program 2: r0 = socket$kcm(0x21, 0x2, 0x2) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x119, 0x1, 0x0, 0x0) 20:07:01 executing program 1: r0 = socket(0xf, 0x3, 0x2) recvmsg$can_bcm(r0, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x40) 20:07:01 executing program 3: r0 = socket(0x29, 0x5, 0x0) sendmsg$L2TP_CMD_SESSION_DELETE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=ANY=[], 0x4c}}, 0x0) sendto$l2tp6(r0, 0x0, 0xeffdffff, 0x0, 0x0, 0x0) 20:07:01 executing program 5: pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) write$P9_RMKNOD(r0, &(0x7f0000000000)={0x14}, 0x14) write$P9_RATTACH(r0, &(0x7f00000000c0)={0x14}, 0x14) 20:07:01 executing program 4: r0 = socket(0xa, 0x5, 0x0) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000080)=@assoc_value={0x0}, &(0x7f00000000c0)=0x4) getsockopt$inet_sctp_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f00000000c0)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, @in={{0x2, 0x0, @multicast2}}}}, &(0x7f0000000180)=0xb0) 20:07:01 executing program 2: r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0) ioctl$VFIO_CHECK_EXTENSION(r0, 0x541b, 0x0) 20:07:01 executing program 1: r0 = syz_open_dev$sndctrl(&(0x7f0000000a40)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000180)) [ 818.984155][T18088] sctp: [Deprecated]: syz-executor.4 (pid 18088) Use of int in max_burst socket option. [ 818.984155][T18088] Use struct sctp_assoc_value instead 20:07:01 executing program 3: socketpair(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) sendmmsg$alg(r0, &(0x7f0000001740)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000001680)=ANY=[], 0x90}], 0x1, 0x0) 20:07:02 executing program 5: r0 = syz_open_dev$ndb(&(0x7f00000000c0)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0xa, 0x3, 0x6) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(&(0x7f0000000000)='/dev/nbd#\x00', 0x0, 0x0) ioctl$NBD_DISCONNECT(r2, 0xab08) 20:07:02 executing program 4: fanotify_mark(0xffffffffffffffff, 0xb0, 0x0, 0xffffffffffffffff, 0x0) [ 819.583713][T18100] block nbd5: NBD_DISCONNECT [ 819.589097][T18100] block nbd5: Send disconnect failed -89 [ 819.612261][T18097] block nbd5: Disconnected due to user request. [ 819.618922][T18097] block nbd5: shutting down sockets [ 819.682818][T18097] block nbd5: shutting down sockets 20:07:03 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200230374be10000000000010000020f9"]) ioctl$USBDEVFS_REAPURB(0xffffffffffffffff, 0x4004550c, 0x0) 20:07:03 executing program 2: r0 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1) bind$nfc_llcp(r0, &(0x7f0000000000)={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "975cecf08f259f1f2b5272460b2601fed902cea169dce321c70b43619f2e21133fa76a18b4e4a8377d06fa73598e275563cb28f6377328f64055983c4239ce"}, 0x60) recvfrom$rxrpc(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 20:07:03 executing program 1: r0 = socket(0xa, 0x2, 0x0) connect$can_bcm(r0, &(0x7f0000000000)={0xa}, 0x10) 20:07:03 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_ifreq(r0, 0x89f0, &(0x7f0000000040)={'tunl0\x00', @ifru_mtu=0x5310ff}) r1 = socket$inet6(0xa, 0x1, 0x0) accept4$inet6(r1, 0x0, 0x0, 0x0) 20:07:03 executing program 4: r0 = add_key(&(0x7f00000000c0)='cifs.idmap\x00', &(0x7f0000000100)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb) keyctl$read(0x10, r0, 0x0, 0x0) 20:07:03 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, 0x0) 20:07:03 executing program 3: fspick(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0) fspick(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) 20:07:04 executing program 5: r0 = socket(0x2, 0x2, 0x0) sendmsg$TIPC_CMD_SHOW_PORTS(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x2}, 0xc, &(0x7f0000000080)={0x0}}, 0x0) 20:07:04 executing program 1: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0xaf01, 0x0) openat$cuse(0xffffffffffffff9c, &(0x7f0000000300)='/dev/cuse\x00', 0x2842, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x4004af07, &(0x7f0000000300)) 20:07:04 executing program 4: r0 = creat(&(0x7f00000001c0)='./file0\x00', 0x0) ioctl$FS_IOC_ENABLE_VERITY(r0, 0x40806685, 0x0) 20:07:04 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200230374be10000000000010000020f9"]) ioctl$USBDEVFS_REAPURB(0xffffffffffffffff, 0x4004550c, 0x0) 20:07:04 executing program 3: r0 = socket(0x2, 0x3, 0x101) connect$caif(r0, &(0x7f0000000000)=@rfm={0x25, 0x0, "c3d9b252d87c57175f3a9a8261756f86"}, 0x18) 20:07:04 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000780)=ANY=[@ANYBLOB="940400001500010025bd7000fcdbdf25ff020000000000000000000000000001000000000000000000000000000000004e2200024e2304000a00808032000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="b900e40006"], 0x494}}, 0x0) [ 821.735926][T18116] llcp: llcp_sock_recvmsg: Recv datagram failed state 5 -512 0 20:07:04 executing program 2: r0 = io_uring_setup(0x5108, &(0x7f0000000000)) fcntl$lock(r0, 0x25, &(0x7f0000000480)={0x0, 0x3, 0x0, 0x0, 0xffffffffffffffff}) 20:07:04 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200230374be10000000000010000020f9"]) ioctl$USBDEVFS_REAPURB(0xffffffffffffffff, 0x4004550c, 0x0) 20:07:04 executing program 1: r0 = socket(0x2, 0x5, 0x0) getsockopt$kcm_KCM_RECV_DISABLE(r0, 0x84, 0x70, 0x0, 0x400000) 20:07:04 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f0000007580)={0x0, 0x0, &(0x7f0000007540)={&(0x7f00000000c0)={0x38, 0x0, 0xb, 0x101, 0x0, 0x0, {}, [@NFCTH_QUEUE_NUM={0x8}, @NFCTH_TUPLE={0x10, 0x2, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @NFCTH_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x38}}, 0x0) 20:07:05 executing program 3: r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000000)={0x18, 0x0, {0x5, @link_local, 'bridge_slave_0\x00'}}, 0x1e) sendmsg$TIPC_NL_MEDIA_GET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}}, 0x0) 20:07:05 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8927, &(0x7f0000000040)={'team0\x00'}) [ 821.736940][T18136] llcp: llcp_sock_recvmsg: Recv datagram failed state 5 -512 0 [ 822.272273][T18148] netlink: 'syz-executor.4': attribute type 2 has an invalid length. [ 822.288644][T18148] nft_compat: unsupported protocol 0 20:07:05 executing program 1: r0 = socket(0x22, 0x2, 0x1) setsockopt$PNPIPE_ENCAP(r0, 0x113, 0x1, 0x0, 0x0) 20:07:05 executing program 0: r0 = syz_open_dev$dri(&(0x7f0000000280)='/dev/dri/card#\x00', 0x0, 0x0) ioctl$BTRFS_IOC_DEV_INFO(r0, 0x2286, 0x0) 20:07:05 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f0000007580)={0x0, 0x0, &(0x7f0000007540)={&(0x7f00000000c0)={0x38, 0x0, 0xb, 0x101, 0x0, 0x0, {}, [@NFCTH_QUEUE_NUM={0x8}, @NFCTH_TUPLE={0x10, 0x2, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @NFCTH_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x38}}, 0x0) 20:07:05 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xd, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000611984020000000095000000400000008f4eb5d66130285d61a4d6652560e745e21123bb27003daf40ab9519efd587d823e0ef4b70f39af78ac6570dd2dfdf5d5ff6458c4de3093d8eaba9700bb8"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x287b361ae6c523fa, 0x10, &(0x7f0000000000), 0x128}, 0x48) 20:07:05 executing program 2: bpf$BPF_MAP_GET_FD_BY_ID(0x22, 0x0, 0x0) 20:07:05 executing program 5: r0 = socket(0xa, 0x3, 0x6) bind$l2tp6(r0, &(0x7f00000001c0)={0xa, 0x0, 0x0, @local}, 0x20) 20:07:05 executing program 1: r0 = socket(0xa, 0x3, 0x35) sendmsg$NBD_CMD_STATUS(r0, &(0x7f0000000140)={&(0x7f0000000080)={0xa}, 0x2000008c, &(0x7f0000000100)={0x0}}, 0xffd8) [ 823.004756][T18170] netlink: 'syz-executor.4': attribute type 2 has an invalid length. [ 823.013227][T18170] nft_compat: unsupported protocol 0 20:07:05 executing program 0: syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x0, 0x48981) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fuse\x00', 0x2, 0x0) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='fuseblk\x00', 0x0, &(0x7f0000000180)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 20:07:06 executing program 4: r0 = syz_mount_image$jfs(&(0x7f0000000000)='jfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x6, &(0x7f0000000480)=[{&(0x7f0000000080)="564a332036c8ce8c0121c0c3d27ec8cdd3008d9a6c4a3cc594c589aa2ae4c5d40e337e43b158e56d7f2882c796445f51a0c85fa35d92ac753a9d66c218275c58bd97ddffab5d10e434ed21beab60b0393aafb5f5e3bb015cae4884ea0d7f9590bbb76280b9", 0x65, 0x3f}, {&(0x7f0000000100)="13b880d42767cf83845ab88d6e2e7b6647ad20cd4cf76401b408067cc4ddbea552dcc7f91e08f4725931d4ab48c8bdca41d21cd08e2823f51359d9b5a0f5f3e5ba69a82df1532997a71a5fcdb23d6ade0feb01a7a99ed87395739521c49f35977746e7f430c2484d14d4033695593ebe98256554cf6636e3121725f1cf4603be2a42e76f753248663d98f62d0bb472324f4604f24a67f1c7cf933d3a74212fcc9101773ce6820aa206c1fd7d88a86c80adfa415ae74498f7244d0114be869273f7938e4cd31c2b710f059e42c0772c7b21b877bd084c2867c178ee57e8a379411828", 0xe2, 0x6}, {&(0x7f0000000200)="117cbf88d5d4103986dfacdfc3d2eb5c6aaa5b1c539b0874d677b8e7bea7770564a1d538870f6fc631006cbdfbcbb9a2", 0x30, 0x8000}, {&(0x7f0000000240)="10a3437e8ce5ab1f6741fee42234b596670a", 0x12, 0x1}, {&(0x7f0000000280)="1469f27e72efa921d9cf704f41c251acb247f4a5d4dcc7ae9fe3042611fc987221bf75a5e123376eab0d0674b316258b445df6bd470c30dd6a6145797269fa24fb94f2729974d62c59b691c3b1cb49f4b5530da2c6ba5b6ba22030c5479dc0f05daf59973c569e9dd05705abfd1642612959329b10e371261aa676343d9dc6feb128c4a2d1d170999e4f3f45ab881a3a73aafc6b3e7c2cf86597f60e25bc26592595f6a528d07f248168a3e9c72fdb56bc0d8e3c23a66e72d06eab31f73b32333d825a539ddd0d866c474b0d0fb1f0303406463761dd8309f5fc98178de5858c249dcfcb6ec1", 0xe6, 0x100000001}, {&(0x7f0000000380)="9c5b2b421ed6929ba9eda3eedb9cc9df0c8800a944d26df0461d00d344b8ce216b6afe76711302ab60845988fe76021b71d651fed7b98c5d9cd507b387ab6cb425e1503bdbed8f4405bba2710829bc1da14f221b9b1023d429fb7256b7d2a33ea66dc351bcb46c91a6bb81d986d70ba5ff95ab46f25d3062895cf54ac76d62fd8ea39b1937a7285746466f2f794070ac6425c98fc91357cb6556dceec44911a1fd940b66833af636c46904852258c3ad0b09baaebb9580649b6e98e05d4cbeb35464da0729f46fd5726fe85a6bb85a6c16cade3c5bce241eaa5853794e", 0xdd, 0x1}], 0x498000, &(0x7f0000000540)={[{@errors_continue='errors=continue'}], [{@smackfsdef={'smackfsdef', 0x3d, '['}}, {@euid_eq={'euid'}}, {@obj_type={'obj_type', 0x3d, '}'}}, {@euid_lt={'euid<'}}, {@permit_directio='permit_directio'}, {@context={'context', 0x3d, 'root'}}, {@subj_user={'subj_user', 0x3d, '7.*[-+-}'}}, {@smackfstransmute={'smackfstransmute', 0x3d, '.@:'}}]}) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r0, 0x40189429, &(0x7f0000000600)={0x1, 0x916, 0x2}) write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000640)={0x8, {"57b348235f9f34444f51a68bdf198529c82af589520f5f41c3ac5d8e6a752cd11b4928b857468a511acf25de016d601c5bc405d51f4d1940fb5bde9603544de4e39065fcf0c11c86d6d6433435c79b55602e44369c91867e00f710238f7afac837eea1b8635f175d7475f1eb06bc9e5d28fa0caf1103bd71447f930da6c975935881fbbc9670fd7a4d3e3f4a3851cf87b7ecfdb6ead88087c0ac7130bdb7adf78acb4c9726afeb26d6375bedd068d3204dc64deba95d4341f21b6c4bb98da594ffb02c47d942143cc82aa6710058ca87c4d93ee18421f0b171978ce0b9e471efe2709253ae83cef5fc5c69f36f60e05a8ee58a66c88e7929cf2f04e5ecd9745f4b9b0747bd4a91f8a10656a88d8c3614cc209255ac5f497917bd42eda9dfedc9e2974b60f35185d055c657be12c4fe2a471d649a8ea944610ba72cc1b40921e8c7c8782bb67088f42d8aa0e452a5c6550d9fad064b13ddb896faab6c30a81d5328046deaa35fe343326d88b7de1154819f4293a04e0ea50abba5d77b48fb0666cb8af89b53ac1cf5196cd7da5416f9eed3c92d5fe25fffc68da509a5a1154094d1c98dfa4bf63f03c2b7e33699c23ccf4f4e7858a1e05da6bc569bf65b6948306d0b79a15083656c3661f1dfbba1e7114d5a1d4211b87f6f0aed4851ca53d218bf7c12ed9d6a10cbb209b6f44e6ac4b4203f239741691b8824f1c839d08187e981216952b36458c416f66829e89812f6af3cb83ccdbcf0142fa0363fc7e358d3207a6731eb0a3402f77009e0128ab2ad6a0411c8e8b1ec04b73f40bb0656c5ff2f22c15545ec0ab3fff634f61b85dc8e127329977a903bfdaf2d2a882c8bd41d0856c30da67f582d0a3d868a86b5d1e67e1d8dbff902a1a7ef90fbf32d0ae270cac8fbebe6d85fc0d9e084d9e8a918622ad15f18e86cec1851f803da2ea1fadd7e38c51e21fee6d59dd0da3f6c3d6aa0c315ff2a8cd17540fbd2da72b1948a73bef106dbb7b83ed21bad42a1b2fac6702b7abb8aa50df5a9ecca6f97a8303540934817b4b20e32ccad493880a39adb8904bd33fdc61df2d177243973abfc614e7f6dd649462c8ff2c07fde99a2a4a2d5afcf0d12b0f6a64ae0834221b78e2d12a7db83927ee2f8b83ed6113698916b1cad5f5bec52dbbca6998350c2c48379941efc58bf4bb7a6e8612032b01be6b154e4b98889e4bf15d9e204dc21d08fe428291abbe6e10c88dc0305d6b71462a0a13e9bab706ceff86fea4c2a2f69747fb37ec97e81117fd3f76e464f0eb72c35298d2f6389952b3a6a6806a139e20991e02aa3fd168871611aa3f1dc5580f4f6077c2c3f1132feb77cd0483d0ae78a9193a53000a28a6f14a7ad848ab88406152ab6519254ea5dc2f977f3298b9db96092fb24150e37c2030e16c3a4c3ada21f0809c1a8f914b1d5c071b7eed996e32ead5292b87ef30520b4885a5ad335e8ccb19cf8c6782aa4d34b485b763a02ead510e129715d961562dcacd162fdc39f9f7b6dc41d954afe5103a68728dc8a6aaa2a99bf4df95663a66faf50789f2d88389ad4419499286740cad9295a0332a3d033764e0b3cee3c842bd04a2dc4bae2859464e15688a2d220b87c3a459d9b6d36c11ba5cc977ba1f2f0e0f42c3cba1c22eab88f926732fd838a36af0156647d2b644b4e84a9759fde39619dfcbdbfbf98a453533a78a6c36f1047cd7908e05512fe5d4039e6918a2cc1b956d2c3c0b9710fb132f0f9a52b160438a877b7c36676dff3b13c782d491e9cd9fccd1134b61b8a635b3cfe7a23da5406199dd364a77f9e41cedfc9f7fa8772904cf75b170084f1c252bc445068451c8762cd0c67c05b8aa2a3d47e306876eff98bfd2834c95b018a9cb4166a8bbf4fa71b680b2ef8df32c38479d0a47dcaff4cde07cb7666f4afe8cdbd131648341e93e9c3249b8ed7b708ab8bdbc6b759004ab8c2fca8d57880028361bc32948764af126ce553e7f42d6fe873d56a9b8a5f8e8e71de2f068ae42077921f7237478c7431b7f1c033b040e7104ede1ed8e6e4aa685f1c3c16d2101ed4d869688a78c13d3ebfcc4da3e7c1be0e391c842f9f72161d858d6b81f6509a09b0a6d58afa160ee3863c38406defd92fb301787823844a88b62fe3f890030e563bd1a467b487a27b35b01bc696462d6172c570db3e7d45e26e1dc85baffccb80e012c8af7657bbcd56dee6a8942922c3f546b36510f2a0111b51127cea12db34f7bedbf362eee222179be2945b57269fabebd86d99d5124bdf16ad4e00e8f46b7d8d817a3d3cb73bb89daea5134741a04cb01937fcbd78eebcf90c674074b0ce23b57f9a03a25bc0f3c5e77de559a973e0f7d19571333611103084f26262f18d7dbed3bc9e30e6b66afb49d93123a36e70e88219a6f7dcedd0e47af9ce85827baa76455fa3c00d056c92bf0d49485e2a11c7a5edb6490c6b0379afd3384ca31597dceea5e71cad5bbb21fba24211f666a02b48c77adb0a3a2040585a2a257e6b97e6fffc0259334bde1bac0e5ddc529300b07183a116259e39f46fb36aea9a68d91988dfec864bbeea4f72da5a0c3d0566719df47030ae8e91179857b7455b12bd9a72ca69499b17c9deb7885cdec318ad2408fa8f3cebb0344b51fe1ebfb2629d250fb2c19feeb01f43bd2ded41b7d435758709ecce88ae97cf9e3297d699fee49c195f53842046fa24b968f1e217844c531ef689fc2e59e9278e427f6ff65e894b8290e4184f9e1d3f28632526e66b5d223b9ebbeb0fee81e0623d8819f160818730b73739e09f116c7352b1d6300d57712e9e5fed79d0021467388d4ccbc0e6445c2c52655c79515661a400a73417ea0278790476aa1e39ea2885866388888513638f54ef0cc22ce174099a1236cd49b6bee6e0adc293681a327e1f7bb02bfc683bea44df54e46b8698577529f8d3845d48285202a4d14c56d0682af416edac3cfb980b7e1434cac957054690750f133512954fb3d15246acd7488c6a34feea528cbc8131b820604f12e8444c2024280d004e3007825ccde79e6c2ab8c297e6fd24fe61a89bdf8d7d77335bb99a8f4598012a51f3953b970ca0a47acd170f42284780e46c1e45f4cbbbe999a50ea14a61b91c65f7642eb4cb8e294c199263f9df9c79db7327c78c30867684caba3d119bbf2d74b0289d981ed4b3c661a453c3d60c3140bbad6c95e9924d9137bfacb7b7d9cd6088776ca9d549c406f235b2d5bebe17aaea2c151982c459a92ad1f970082d098630dcdda6a6da428f1d8ee1448f1562a6eeb32e2628277bc67da6c2f2a156f233504b585e1a59d0a3183e90b073022f45ff5d5ff247f8127a205ab719f404767316b934752323822bc5fc0cf5133215ef83ffaf6df3bb3524dffe35af5bd52ed3a6cff115d0037dd2dfb4f93db0ecedd47cc56cab40c1f87967be280983f2942e0f362df725d42f78b7cb5729b7636a73ed0b5e1a4f95fd823ee6c5344a23d6bcd01c539145c9daa94c08acc659147bbb53a7837272f87b6b03edc7d981e989476421bf962b621d4d1ec89ed92bfa13b194f622c15287c596dee5f1a7e1cc952d6f149693232b11bc889549f73a48bee6b02694acd1386feaed5d92d5115d7a03b9d9aef67cc04c739a8b5381a1bf654367d0ee4a19f88b19bf2be553722d745020bfb5428e60b4c7923e8c064fcea8588fc99caebfbf5978d82f299228ec06a6ef1d974a1acc7f7603a9e0ca7d83586680d8e516e92dbe94629246c2b4f913c3b11768ca9f72dab1d50afa9eeb45190d288b3b77ae2778a6cab2385786d93eef794d11c37ca9eced8f546a64041bfd13434401f64e2a1bc0eec7df8d3c4db21e453f520bf1972268b73dd017c107a40775f17da2a32e0e26ca7130b9c7a845823db0756b11df22332d9bd4c4fd7f4a31e344af3c0e5ebed6e7ae0d36db564c0747d08e2f62f60293aeee2819ee62b1024cb408624f0dc5b6cb29dfabb156aeb64bdedb5f3afb84887c515672718b38ed2a8065de7cf245172dd79dee40cf34156b04690d1eccbfedbd13eebb60a46e30fd8c559ed4dbf2ec873ef544e01c2f30cffc7371f883c54bad8b05e7514097f1d205371a0e7475a947fc1ae8f8860a88425e7e8cf12bbcdb2244d6d5d817a00276df3d90f11b38585797fd9cf4dd796a5980e956d17fcb91e55b63ac59b61e3d4dd93f59bb8f230d47466e5e687b8f14cc77b9251ad056e0bcfbbcf3bf523d361df4ac45c726bb0166ecec2cedefda4bd766064da62000eddbc3afe1a6b47cc148aa5cb52d0a5989f156a458b792ae5a68113bd5113ed776a23ed7c59a46ca3912a6eadec55f7840797322723cc51f811e9f454e2c2ab712bf78f039bf2d12015dce514e58b5668876432ad75bfbd39d0fea179041993f64dfccb1c9e85381c80c8ec6bb94e4629ed2afbbd088f5d2dd44942078cae6987a81d036308d9f03df5763a844aa676db3a940601744cc4350ca81fbb3db5be810359a7dbba85dca715931a897847c447c07079749024d67c1c12b22cbf1a6e2cb96e49d4c6b9c350834f52fa9152bf7a4c10eed8c99605c0e5ae4235a253b0526b62811ebe2c1e10fecb18ea352d865b87302be71edd215ee4d86be4cb7a1d7910c618ad77207fc02d713deb5741fc7caa0131b35bae5a4f60e5a6dd85f19f7e9de5cbba973b4a5f19f690789ff2cfec63d82cb14134c640f7865b1dc76e7c7307d4a8be37ae1cc94729b42e87c3a518183ef32b8e204af50b2d23a622e7ae993234a082857a62cb6e1bf2625ef00702612ec038c1f345ac8989bbe28b29677108dfbc9aa333af81e924df77086909c63a4617be8873b554ebe33c3e3402eefea0400b2d2a27dba6ed1306077a6207316e8d289be8bdc733676c33ec664446a028ff6c3f8ed717d654d16caf6a6e392690a8c297d699acd0405a867272cdb76a52fc6f63fcc30522f1392ff32cf9be44c23d0110972ec4a246e6b3d7fce0fb487fc49d896888dd58bcd8b16b068f0fa2f2809fe7eb4ec725583c069b0343fb0ac2504c074ebd922f1cf4eb3296782273e304dba232403c87169588e215a560dbbc1fa758a665083820425aa780332e92e1c697778d2542da4fb79e9e9097d282c4532d0d86d5fc6f8fb0e88676c8704dbeac8a2bfba050095c71d943863c7761365eab29dd3e96d6d6f837a84882bd6f184af6e066f52bc17bed79c239b3da25bdc959b3b159a3db31d0f811b98a6b7662e2ed70ecd751ac958e8c1a111e68452e3999b71120ca480c53c7fd2aac7e33db24bc74bedbf4fc1fa6e8f94dc3f5e143a41bdb61d6c792468adec118e9a8e20e58fdd3b0b0f801db00f45da8eb7ab19e7a18cb9673c5ea3551603c2fc138bbb8f9492dae3f04e96b7ef5707574bbc9013c655691beaf4a64bb2697edb2be471ba139059d548e87dd6f3a8d8646ca9de6741389de40513b523f7fce1fabf0e80be7f6b625d7c3ed108c272621adbc3f58fa741ea7fcf5705b7d92e5d08d048c94060678bbd1155d45269e7e8816371e237a571167460f79ffecfa69464628db39530fec5ea37f9e6d2205ff06c505b543b0f93e8e83ce72eb301c0195eecbf254b0e4e7d40c5eaef855771b096823adab136562fb4fa2cfc897f0db0a2820d973fe626bba66cd53d1b8365316822d870387bf5fa86e6dee10ff1df162479a20276b62944f172ba37582c912d3f7e849220986280b8c57e514d1186ebfb01ce93ec705f1895da73d46693dc670766161bb1528c804c60559cad81e6feebeab5c61c", 0x1000}}, 0x1006) fdatasync(r0) write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000001680)={0xe, {0x5, 0x2, 0x93, 0xaf, "784bab8a2e2981206177caf0ae470ac99616f4f032070c5c1f73da53140aebfe8e26f6d6f125dac62189639db97d6ecd00d55365e003242305924e6aa9a2a130f2c9961a3dd260f88df101ea711d4ead0abb64156dbafd0b7d996322557e78beb388663d16e1e2a89ceac996861805581ce6bbdc06bde6fe0ebfde389a5d24a354f61135b58ff4191db7717718957281f184f9a514da44c09508ed5c3f135d20a682644d42fd9cb8ab147a54c7d57f"}}, 0xbb) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0xc0506617, &(0x7f0000001740)={{0x0, 0x0, @reserved="e4b2c1f8a62ff5d38fd63a0eb398d28054b12d88e271243a5a3811e566872feb"}, 0x22, 0x0, [], "4f0b3d15c33d49feef07daf3612b7d0d58a83bc36831e872b6a316ec5d6c0a44280b"}) r1 = openat$mixer(0xffffffffffffff9c, &(0x7f00000017c0)='/dev/mixer\x00', 0x200800, 0x0) ioctl$SOUND_MIXER_WRITE_VOLUME(r1, 0xc0044d0e, &(0x7f0000001800)=0x38) r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840)='/dev/ttyS3\x00', 0x80, 0x0) ioctl$BTRFS_IOC_SCRUB_PROGRESS(r1, 0xc400941d, &(0x7f0000001880)={0x0, 0x1, 0x1ff, 0x1}) ioctl$BTRFS_IOC_GET_DEV_STATS(r2, 0xc4089434, &(0x7f0000001c80)={r3, 0x5, 0x0, [0x4, 0x6, 0x5, 0x401, 0x6], [0x3, 0x4dd8, 0x1, 0x100000001, 0xffffffff, 0x2000000000000000, 0x2, 0x8000, 0x0, 0xfffffffffffffff9, 0x4, 0x100000001, 0x3, 0x3ff, 0x80000001, 0x1f, 0x0, 0x6, 0x7, 0x1, 0x100000000, 0x200000000000000, 0x5, 0x1000, 0x4, 0x401, 0x400, 0x9, 0x9, 0x1, 0x6, 0x140000000000, 0x3, 0x2, 0x3, 0x4, 0x5, 0x2, 0x2a7d5aed, 0x40, 0x0, 0x400, 0x2, 0x7, 0xa2b9, 0x6, 0x401, 0x9, 0x9, 0x36ec, 0x7, 0x4, 0x7, 0xfffffffffffffe00, 0x1ff, 0x397, 0x8, 0x3, 0x265e, 0x1f, 0x5, 0xadf4, 0x401, 0x2000000000000000, 0x8, 0xfffffffffffffffa, 0x80e, 0x4, 0x1, 0x4, 0x8, 0x100, 0xff, 0x10000, 0x2, 0x5, 0x7, 0xffffffff, 0x123, 0x80, 0x1000, 0xb8, 0x317, 0x0, 0x9, 0xff, 0x79, 0x400, 0x9, 0x4, 0x8, 0x6, 0x1ff, 0x3, 0x8001, 0xaad, 0x2, 0x80, 0x3, 0xc9, 0x0, 0x7, 0x4, 0x1, 0x3, 0x51, 0x6, 0xfffffffffffffff9, 0x100000000, 0x8e9, 0x40, 0x3f, 0xbd, 0x1, 0x30000000, 0x69af, 0xa89, 0x1f, 0x2, 0x7, 0x8]}) syz_mount_image$jfs(&(0x7f0000002140)='jfs\x00', &(0x7f0000002180)='./file0\x00', 0x3, 0x3, &(0x7f0000002340)=[{&(0x7f00000021c0)="cdbbee34eccb17c974c633a4ecb5caab104acc615253b3505fae48ca17dd604244f2439d46351a7d1e727b5d4f453548a4c17359025b07ee063bd6afcbd20791e4cea7286f0dba332a242f9eaca68ceab5ad5dbc653e0f7a541248a876e6060ba87127f4271dc77b6f58c0e857bac2a81c93741e09cef6a1382c778be940001cb3571830c379b190b2a6037bf063d853612aae3a38a23696b6c2a25259ac0f461b6358a8705d2b311d0c61ae90b601ea3a8c983b40069effc1ae80b69291db3f7c0b5f5d68964713", 0xc8, 0x5}, {&(0x7f00000022c0)="de27f5866732b918f19c41f613e8e2361219bcb6a5278e34daf2dd18b363906b83b77f90b11151fc06676a23", 0x2c, 0x70c}, {&(0x7f0000002300)="c74cddb1e50af25ae1f1fec14cd4", 0xe, 0x5}], 0x2000000, &(0x7f00000023c0)={[{@nointegrity='nointegrity'}, {@errors_remount='errors=remount-ro'}, {@quota='quota'}, {@resize_size={'resize', 0x3d, 0x77d}}], [{@smackfshat={'smackfshat'}}, {@rootcontext={'rootcontext', 0x3d, 'unconfined_u'}}, {@obj_role={'obj_role', 0x3d, '-'}}, {@fscontext={'fscontext', 0x3d, 'user_u'}}, {@subj_role={'subj_role', 0x3d, '\xc8\''}}, {@dont_hash='dont_hash'}, {@hash='hash'}, {@hash='hash'}]}) 20:07:06 executing program 3: socketpair(0x1e, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) bind$packet(r0, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, 0x14) 20:07:06 executing program 2: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qat_adf_ctl\x00', 0x0, 0x0) connect$l2tp6(r0, 0x0, 0x0) 20:07:06 executing program 5: r0 = socket$phonet_pipe(0x23, 0x5, 0x2) sendmsg$NL80211_CMD_SET_MPATH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x40c0) [ 823.707646][T18185] jfs: Unrecognized mount option "smackfshat=" or missing value 20:07:06 executing program 0: r0 = socket(0xa, 0x3, 0x35) sendmsg$NBD_CMD_STATUS(r0, &(0x7f0000000140)={&(0x7f0000000080)={0xa, 0x0, 0x0, 0x80fe}, 0x2000008c, &(0x7f0000000100)={0x0}}, 0xffd8) 20:07:06 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f00000004c0)='/dev/video#\x00', 0x80000001, 0x2) ioctl$vim2m_VIDIOC_QUERYBUF(r0, 0xc0205649, &(0x7f0000000a00)={0xf000000, 0x0, 0x4, 0x0, 0x0, {0x77359400}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "348aa89f"}, 0x0, 0x0, @planes=0x0}) 20:07:06 executing program 3: r0 = socket(0x18, 0x0, 0x0) sendmsg$AUDIT_USER_AVC(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0) 20:07:06 executing program 4: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000080)=@assoc_value={0x0}, &(0x7f00000000c0)=0x4) r2 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_RTOINFO(r2, 0x84, 0x0, &(0x7f0000000100)={r1}, 0x10) 20:07:07 executing program 2: socketpair(0x1e, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$IPVS_CMD_NEW_DEST(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}, 0x1, 0x0, 0x5000}, 0x0) 20:07:07 executing program 5: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) connect(r0, &(0x7f0000000000)=@vsock, 0x80) 20:07:07 executing program 0: r0 = socket(0x2, 0x5, 0x0) setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT(r0, 0x84, 0x1e, 0x0, 0x0) 20:07:07 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IP_VS_SO_SET_STOPDAEMON(r0, 0x0, 0x48c, &(0x7f0000000140)={0x1, 'bond_slave_0\x00'}, 0x18) [ 824.413499][T18208] sctp: [Deprecated]: syz-executor.4 (pid 18208) Use of int in max_burst socket option. [ 824.413499][T18208] Use struct sctp_assoc_value instead 20:07:07 executing program 3: r0 = io_uring_setup(0x1911, &(0x7f0000000080)) mmap$IORING_OFF_SQ_RING(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x300000c, 0x11, r0, 0x0) r1 = socket(0x2, 0x2, 0x0) connect$l2tp6(r1, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev}, 0x20) 20:07:07 executing program 2: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x541b, &(0x7f0000000200)={'vxcan1\x00'}) 20:07:07 executing program 4: r0 = syz_open_dev$ndb(&(0x7f0000000000)='/dev/nbd#\x00', 0x0, 0x0) ioctl$NBD_SET_SOCK(r0, 0xc020660b, 0xffffffffffffffff) 20:07:07 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$team(&(0x7f0000000400)='team\x00') sendmsg$TEAM_CMD_OPTIONS_GET(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000f42801929aefd0"], 0x20}}, 0x0) 20:07:07 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet6_opts(r0, 0x84, 0x25, 0x0, 0x0) 20:07:07 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = fcntl$dupfd(r0, 0x0, r0) getsockopt$PNPIPE_HANDLE(r1, 0x113, 0x3, 0x0, 0x0) 20:07:08 executing program 3: prctl$PR_SET_MM_EXE_FILE(0xe, 0xd, 0xffffffffffffffff) 20:07:08 executing program 5: r0 = creat(&(0x7f0000000180)='./bus\x00', 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000080)=0x8) 20:07:08 executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xa, 0x5, 0x5, 0x40, 0x0, 0x1}, 0x40) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000200)={r0, &(0x7f0000000140), &(0x7f00000001c0)=@udp6}, 0x20) 20:07:08 executing program 2: connect$bt_rfcomm(0xffffffffffffffff, 0x0, 0x0) 20:07:08 executing program 4: r0 = socket(0xa, 0x2, 0x0) getsockopt$inet_mreq(r0, 0x0, 0x0, 0x0, 0x0) 20:07:08 executing program 1: r0 = socket(0x15, 0x5, 0x0) connect$vsock_stream(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @host}, 0x10) 20:07:08 executing program 3: r0 = socket$packet(0x11, 0x3, 0x300) recvfrom$packet(r0, 0x0, 0x0, 0x10100, 0x0, 0x0) 20:07:08 executing program 5: r0 = socket(0x18, 0x0, 0x0) sendmsg$AUDIT_USER(r0, &(0x7f0000000180)={&(0x7f0000000000), 0xfffffffffffffcf0, &(0x7f0000000140)={&(0x7f0000000040)={0xe0, 0x3ed, 0x0, 0x0, 0x0, "bd2d81867f4f13bc39b3f4473fe9a77a9ac887568f71125d23593a21c1048f51b7d6ded1ea6b98a31864e13bb42125923e3ef136a90004000089f2e67afbb553c6473da096c49dd2609b9f6f863e39a8c821c2405c8bee59c4f1675a8a5e432f2aabd33e732c7c3dd4954e27b535534f9f883db90c37e18ee8bed5733c35fba8a4efebc7d34c1c0d3da74bcde94fc0d371fb09574ba66e4e3134ed8aa4642b592950781bf9802d82fd70c594de8175a55dbe132bfea00f2a6187c135fed35f711e4d18b67ba8f629b1add67d47a2", ["", "", "", "", "", ""]}, 0xe0}}, 0x0) 20:07:08 executing program 0: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) getsockopt$rose(r0, 0x104, 0x4, 0x0, &(0x7f0000000040)) 20:07:08 executing program 4: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet6_opts(r0, 0x84, 0xb, 0x0, 0x0) 20:07:08 executing program 2: r0 = socket$inet6(0xa, 0x3, 0x8) bind$inet6(r0, &(0x7f0000000080)={0x2, 0x0, 0x0, @private2}, 0x1c) 20:07:09 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_ifreq(r0, 0x89f0, &(0x7f0000000040)={'tunl0\x00', @ifru_mtu=0x5310ff}) syz_open_dev$dri(&(0x7f0000001b00)='/dev/dri/card#\x00', 0x400, 0x0) 20:07:09 executing program 3: r0 = socket(0x15, 0x5, 0x0) connect$vsock_stream(r0, &(0x7f0000000040)={0x2, 0x0, 0xffffffff, @local}, 0x10) 20:07:09 executing program 5: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCDISCONN(r0, 0xc020660b) 20:07:09 executing program 2: r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_buf(r0, 0x0, 0x19, 0x0, &(0x7f0000000180)) 20:07:09 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r0, 0x6, 0x8, &(0x7f0000000140)={@ipv4={[], [], @loopback}}, 0x14) 20:07:09 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x11, 0xa, &(0x7f00000006c0), 0x8) 20:07:09 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040)='ethtool\x00') sendmsg$ETHTOOL_MSG_PAUSE_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a00)={0x2c, r1, 0x1, 0x0, 0x0, {0x9}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan0\x00'}]}]}, 0x2c}}, 0x0) 20:07:09 executing program 3: r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) sendto$llc(r0, &(0x7f0000000040)="0937bd0ec91e479465b0fbb968fd1f6066948cdc1e507f613c6360f2f6391a7e96f27598d7e11ae058ae7e6b216e984eff05e99d7b3f94e25950ce6611f33a2258f5b54fcc", 0x45, 0x20000880, &(0x7f0000000100)={0x1a, 0x1, 0x2f, 0x7, 0x2, 0x5, @multicast}, 0x10) 20:07:10 executing program 4: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/loop-control\x00', 0x241, 0x0) 20:07:10 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000300)='IPVS\x00') sendmsg$IPVS_CMD_SET_INFO(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r1, 0x401}, 0x14}}, 0x0) 20:07:10 executing program 0: r0 = socket(0x11, 0x2, 0x0) getsockopt$kcm_KCM_RECV_DISABLE(r0, 0x107, 0x1, 0x0, 0x0) 20:07:10 executing program 2: shmat(0x0, &(0x7f0000000000/0x1000)=nil, 0x5000) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x0, 0x0}, &(0x7f0000000240)=0x10) 20:07:10 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)) select(0x40, &(0x7f0000000180), 0x0, &(0x7f0000000200)={0x9}, &(0x7f0000000280)) 20:07:10 executing program 3: r0 = socket(0x18, 0x0, 0x1) ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000040)={'vlan0\x00', @broadcast}) 20:07:10 executing program 0: r0 = socket(0xa, 0x3, 0x200000000000ff) recvmsg$can_raw(r0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0) 20:07:10 executing program 4: r0 = socket(0xa, 0x3, 0x35) sendmsg$NBD_CMD_STATUS(r0, &(0x7f0000000140)={&(0x7f0000000080)={0xa}, 0x2000008c, &(0x7f0000000100)={0x0, 0x5}}, 0xffd8) 20:07:10 executing program 5: r0 = socket(0x2a, 0x2, 0x0) bind$x25(r0, 0x0, 0x0) 20:07:10 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet6_opts(r0, 0x84, 0x77, 0x0, 0x0) 20:07:10 executing program 1: r0 = socket(0x29, 0x5, 0x0) sendmsg$L2TP_CMD_SESSION_DELETE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=ANY=[], 0x4c}}, 0x0) sendto$l2tp6(r0, &(0x7f0000000000)="b1", 0x1, 0x0, 0x0, 0x0) [ 828.127842][T18300] device vlan0 entered promiscuous mode 20:07:11 executing program 3: prctl$PR_SET_MM_EXE_FILE(0x17, 0xd, 0xffffffffffffffff) 20:07:11 executing program 5: prctl$PR_SET_MM_EXE_FILE(0x16, 0xd, 0xffffffffffffffff) 20:07:11 executing program 4: r0 = syz_io_uring_setup(0x600a, &(0x7f0000000000), &(0x7f0000003000/0xc000)=nil, &(0x7f000000e000/0x2000)=nil, &(0x7f0000000680), &(0x7f00000000c0)) mmap$IORING_OFF_SQES(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x10000000) rt_sigaction(0x0, &(0x7f0000000900)={0x0, 0x0, 0x0}, 0x0, 0x8, &(0x7f0000000a80)) 20:07:11 executing program 2: r0 = socket(0x23, 0x5, 0x0) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x8912, &(0x7f0000000400)={'ip_vti0\x00', 0x0}) 20:07:11 executing program 1: r0 = socket(0x15, 0x5, 0x0) recvmmsg(r0, &(0x7f0000006a80)=[{{&(0x7f0000005c40)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @ipv4}}}, 0x80, 0x0}}], 0x1, 0x40002103, 0x0) ioctl$IMGETVERSION(r1, 0xa, 0x0) 20:07:11 executing program 5: r0 = socket$inet_dccp(0x2, 0x6, 0x0) ioctl$BTRFS_IOC_RESIZE(r0, 0x8901, &(0x7f0000000200)={{}, {@void}}) 20:07:11 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000180)={'vlan0\x00', &(0x7f0000000140)=@ethtool_ts_info}) 20:07:12 executing program 0: r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f00000000c0)={0x10, 0x4, 0x4, 0x4, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x0, 0x2000000]}, 0x40) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r0, &(0x7f0000000100)="1e", &(0x7f0000000180)=@udp}, 0x20) 20:07:12 executing program 2: socket$kcm(0x29, 0x57d34b477f561cb6, 0x0) 20:07:12 executing program 1: r0 = socket(0xa, 0x3, 0x200000000000ff) ioctl$sock_SIOCADDRT(r0, 0x890b, &(0x7f0000000180)={0xfe80, @xdp={0x2c, 0x0, 0x0, 0x0, 0xb00}, @can, @ax25={0x3, @bcast, 0x400005}, 0x0, 0x0, 0x0, 0x600}) 20:07:12 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB='\t'], 0x1c}}, 0x0) 20:07:12 executing program 5: r0 = socket(0xa, 0x5, 0x0) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, 0x0, 0x0) 20:07:12 executing program 3: r0 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000040)='/proc/capi/capi20\x00', 0x0, 0x0) accept4$packet(r0, 0x0, 0x0, 0x0) 20:07:12 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x4040ae79, &(0x7f0000000100)={0x0, 0x0, @pic={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}) 20:07:12 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$BTRFS_IOC_SET_FEATURES(r0, 0x40309439, 0x0) 20:07:12 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) sendmsg$inet(r0, &(0x7f0000000340)={&(0x7f00000001c0)={0x2, 0x4e22, @private}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_retopts={{0x1c, 0x0, 0x7, {[@timestamp_prespec={0x44, 0xc, 0x9, 0x3, 0x0, [{@dev}]}]}}}], 0x20}, 0x0) 20:07:12 executing program 1: r0 = socket(0x23, 0x2, 0x0) ioctl$SIOCX25CALLACCPTAPPRV(r0, 0x8980) 20:07:13 executing program 5: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000fe6000)={0x3, 0x4, 0x4, 0x100000009, 0x0, 0x1}, 0x40) bpf$MAP_UPDATE_ELEM(0xc, &(0x7f0000000000)={r0, 0x0, 0x0}, 0x20) 20:07:13 executing program 3: r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm_plock\x00', 0x0, 0x0) inotify_rm_watch(r0, 0x0) 20:07:13 executing program 0: r0 = socket(0x25, 0x5, 0x0) sendmsg$FOU_CMD_ADD(r0, &(0x7f00000004c0)={&(0x7f00000003c0), 0xc, &(0x7f0000000480)={0x0}}, 0x0) 20:07:13 executing program 2: r0 = socket(0x1, 0x3, 0x0) sendmsg$L2TP_CMD_SESSION_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) 20:07:13 executing program 4: keyctl$KEYCTL_MOVE(0x6, 0x0, 0x0, 0x0, 0x0) 20:07:13 executing program 1: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080)='/dev/adsp1\x00', 0x2, 0x0) ioctl$SNDCTL_DSP_SUBDIVIDE(r0, 0xc0045009, &(0x7f00000003c0)=0x1) write$dsp(r0, &(0x7f0000000400)="f8", 0x1) 20:07:13 executing program 5: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/seq\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r0, 0x4020940d, &(0x7f0000000080)) 20:07:13 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x8) setsockopt$packet_tx_ring(r0, 0x29, 0x16, 0x0, 0x0) 20:07:13 executing program 0: r0 = socket(0x11, 0x2, 0x0) ioctl$PPPIOCGL2TPSTATS(r0, 0x80487436, &(0x7f0000000000)="8438a76d713a") 20:07:14 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae03, 0xf) write$FUSE_GETXATTR(r1, &(0x7f0000000040)={0x18}, 0x18) 20:07:14 executing program 4: r0 = socket(0xa, 0x2, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x12, 0xc, 0x4, 0x8, 0x0, 0x1}, 0x8d) sendmsg$NL80211_CMD_GET_INTERFACE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x1c}}, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000a40)={r1, &(0x7f00000009c0), &(0x7f0000000680)=@tcp=r0, 0xf0}, 0x20) 20:07:14 executing program 5: timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080)) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r0, &(0x7f0000000040)=ANY=[], 0xfef0) vmsplice(r0, &(0x7f0000001f00)=[{&(0x7f0000000040)="ec", 0x1}], 0x1, 0x0) timer_settime(0x0, 0x0, &(0x7f00000002c0)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x16}, &(0x7f0000000100)=0x0) timer_settime(r1, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) 20:07:14 executing program 3: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x1f4) 20:07:14 executing program 0: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'poly1305-generic\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$sock(r1, &(0x7f00000036c0)=[{{0x0, 0x0, &(0x7f00000013c0)=[{&(0x7f0000000100)="1bef6b0c4c954879fdd022b87c3d77718d6f3e0242df22a7b8d936e887", 0xf}, {&(0x7f0000000140)="9b83ef", 0x6fec0}], 0x2}, 0x8dffffff}], 0x1, 0x0) 20:07:14 executing program 4: r0 = socket$packet(0x11, 0x3, 0x300) r1 = dup(r0) setsockopt$packet_int(r1, 0x107, 0x10000000000f, &(0x7f0000006ffc)=0x40000008, 0x4) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r3 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r3, 0x107, 0xa, &(0x7f0000000080)=0x1, 0x4) setsockopt$packet_tx_ring(r3, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000200)={'vlan0\x00', 0x0}) bind$packet(r0, &(0x7f0000000640)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @link_local}, 0x14) sendto$inet6(r0, &(0x7f0000000300)="0503d0324a0e3e0400a00000c513f7c25975e697b02f08066b2b2ff0dac8897c6b11876d886b143a301817ccd51cc5471d130a6632a88161b6fd8f24286a57c3fe257c3314a3974bb654697f", 0xfdfa, 0x0, 0x0, 0x0) 20:07:14 executing program 2: r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) shutdown(r0, 0x2) 20:07:15 executing program 3: socket$kcm(0x2, 0x2, 0x73) r0 = socket$kcm(0x2, 0x2, 0x73) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @broadcast}, 0x10) 20:07:15 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x2, 0x0, @ipv4={[], [], @loopback}}, 0x1c) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000140)='vegas\x00', 0x6) sendto$inet6(r0, 0x0, 0x0, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x983a}, 0x1c) 20:07:15 executing program 0: r0 = syz_io_uring_setup(0x87, &(0x7f0000000080), &(0x7f0000ee7000/0x2000)=nil, &(0x7f00006d4000/0x4000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000040)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_OPENAT2={0x1c, 0x4, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000480)='./file0\x00'}, 0x0) io_uring_enter(r0, 0x450c, 0x0, 0x0, 0x0, 0x0) 20:07:15 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="480000001000390400"/20, @ANYRES32=r4, @ANYBLOB="0300000000000000280012800b0001006272696467650000180002800c00220000000000000000000500190002"], 0x48}}, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="3c0000001000010800"/20, @ANYRES32=r3, @ANYBLOB='@'], 0x3c}}, 0x0) 20:07:15 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) getsockname$packet(r2, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000003b40)=@newlink={0x2c, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FLAGS={0x8}]}]}, 0x2c}}, 0x0) 20:07:15 executing program 2: r0 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f00000001c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000000200)='asymmetric\x00', &(0x7f0000000000)=@secondary='builtin_and_secondary_trusted\x00') 20:07:15 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="400000001000050700ff79000000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b0001006d61637365630000040002800a0005003c"], 0x40}}, 0x0) [ 833.173332][T18429] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.5'. 20:07:16 executing program 2: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) timer_create(0x0, &(0x7f0000000080)={0x0, 0x12}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=0x0) timer_settime(r1, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) readv(r0, &(0x7f0000000100)=[{&(0x7f00000001c0)=""/150, 0x96}], 0x1) 20:07:16 executing program 0: r0 = syz_io_uring_setup(0x87, &(0x7f0000000080), &(0x7f0000ee7000/0x2000)=nil, &(0x7f00006d4000/0x4000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000040)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_OPENAT2={0x1c, 0x4, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000480)='./file0\x00'}, 0x0) io_uring_enter(r0, 0x450c, 0x0, 0x0, 0x0, 0x0) 20:07:16 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x3, 0x7) setsockopt$inet6_int(r2, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x7fff, 0x4) connect$inet6(r2, &(0x7f0000000080)={0xa, 0x0, 0x380000, @empty}, 0x1c) 20:07:16 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="5400000002060104000000000000fe3a0000000005000400000000000900020073797a3000000000050005000a000000050001000600000010000300686173683a69702c6d6163"], 0x54}}, 0x0) [ 833.777558][T18436] netlink: 'syz-executor.3': attribute type 5 has an invalid length. 20:07:16 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000000)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x2bf, 0x0, 0x52}, 0x9c) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x118a8, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) writev(r0, &(0x7f0000000280)=[{&(0x7f0000000200)="fe", 0x8}], 0x1) 20:07:17 executing program 5: syz_open_dev$usbfs(0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='cpuset\x00', 0x0, 0x0) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000180)='cpuset.memory_spread_slab\x00', 0x2, 0x0) writev(r1, &(0x7f00000001c0)=[{&(0x7f0000000280)='0', 0x1}, {&(0x7f00000003c0)='7', 0x1}], 0x2) [ 834.138399][T18456] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. 20:07:17 executing program 3: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000001500)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000040)={0xa926, 0x19, 0x0, 0xffffffffffffffff}) r2 = dup(r1) mmap$xdp(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x812, r2, 0x0) 20:07:17 executing program 4: r0 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r0, &(0x7f0000000280)={0x28, 0x0, 0x0, @hyper}, 0x10) unshare(0x40000000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r0, 0x28, 0x2, &(0x7f0000000200), 0x8) 20:07:17 executing program 1: perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x80, 0x4) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) sendto$inet(r0, 0x0, 0xffffffffffffffb5, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f00000003c0), 0x4) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[], 0x2bcf) shutdown(r0, 0x1) recvmsg(r0, &(0x7f0000001440)={0x0, 0xa, &(0x7f00000015c0)=[{&(0x7f0000001600)=""/4096, 0xf99e}], 0x1, 0x0, 0xff96ce4aaaa47475, 0x7115}, 0x100) [ 834.530084][T18463] ion_mmap: failure mapping buffer to userspace [ 834.579469][T18465] new mount options do not match the existing superblock, will be ignored [ 834.582759][T18466] IPVS: ftp: loaded support on port[0] = 21 [ 834.668786][T18470] new mount options do not match the existing superblock, will be ignored [ 834.798505][T18466] lo speed is unknown, defaulting to 1000 20:07:17 executing program 0: fsetxattr$security_capability(0xffffffffffffffff, &(0x7f00000001c0)='security.capability\x00', 0x0, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.stat\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0xfea7) fsetxattr$security_capability(r0, &(0x7f0000000040)='security.capability\x00', &(0x7f0000002380)=@v3, 0x18, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r0, 0x0) getxattr(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00', 0x0, 0x700) 20:07:17 executing program 2: r0 = socket$inet6(0xa, 0x6, 0x0) connect$inet6(r0, &(0x7f0000419000)={0xa, 0x0, 0x0, @loopback}, 0x1c) 20:07:17 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f00000015c0)=ANY=[@ANYBLOB="bf16000000000000b7070000000100004870000000000000500000000000000095000000000000002ba728041598d6fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f2641d8b02c3815e79c1414eb07eae6f0711e6bd917487960717142fa9ea4318123f602000000000000de89e661168c1886d0d4d94f204e345c652fbc1626e3a2a2ad35806150ae0209e62f51ee988e6e0dc8ce974a22a550d6f97080980400003e05df3ceb9f1feae5737ecaa80a666963c474c2a100c788b277beee1cbf9b0a4d3881dcc7b1b85f3c3d44aeaccd3641110bec4e90a6341965c39e4b3431abe802f5ab3e89cf6c662ed4048d3b3e22278d00031e5388ee5c867ddd58211d6ececb0cd2b6d3a02762c2951257b85802189d74005d2a1bcf9436e192e23fd275985bf31b714f000bcab6fcd610f25f5888b2a858ab3f11afc9bd08c676d2b89432fb465bc52f49129b9b6150e320c9901de2ebb9000000018e3095c4c5c7a156cec33a667dccaff950ca1e5efdd4c968dacf81e65998b9091957d1d11a5730baa3a509b1041d06f6b0097c430481824a3f4fddd3c643f630ba175d876defd3541772f26e27c44cfdb2d85d6d29983e830a9cdd1d0a017c100344c52a6f387a1340a1c8889464f90cc4cd1f570dd39877dfb2ff1ae66e1ce917474b2e650ae610afd01409d9a337ac5d58bcb5e51723257c872c5255f22bd8b325d9b76e57f041b665ab21372c8d8b7bac5b5c784d20a4a24d8dbd75062e1daef9dead619cc6e7baa72707157791c3d2a286ffb8d35452bb5d36c2a8682bf7ecbd53f950ef4709ec01e230d2f53594ef4839c6130c4c13a0cca84b9935f771fd49e480cd9d48aeb12b1d255be1ed66d9051f22614d1f62734d679039a97d2b74f9e8e97f4e8e7025123e783df8b8a17e3aa9fe1f662aef87a09c502f9a65b4dfe4f1b56e1f23128d743753a1de172d683d5892ce9414a1d98ea93e3d35dbb6c23b90cf36e83b8a434ab422d2bcd7ce6dfc06b02e69d384146056d125cfa788237874dd913d033277e88d10acd06864eac44c42dae334bdc32f819a2aa24dba1c25be27940b4c4f63483026b5e34d44705b76ef29241adab0dd7d68bf975e02069f6f2425e1bc976d965ddabb01aff9f27dc1d9a4a3d588085f16bef63a06578d4f5de7bfb6aaa75f16996d536256c02284cb1d3a6fb8cae87691fae365a70c3f15871565bba8dd8a8ca049f798abe646f738bebd29413afc9d8a5edd7a19ca6a57b5a8fa7e1e6c2f2a287c5278a218dbe173ec6900a14db5cfa6819eb1d39c48cfdc80d215c9e16e0c4736c819363154cca4e2f89800d18c89d7f46f679df6c9e2952ae1ebfd0ca88368ee6ce139e8b5822422cf2e9dde943d34c432e1001171792c65986146666a549092398af45ba38441f47e0fffeac41824ca1fd0eb71aa243c88d5480e5aee9c9e5f2e5a5628995b1531bd20360d33d8f9ffffff5f912a93e34bf6ea8a86da707b6d85db491ba0cc98f6be92c55969a2b52a25419d1476c73132ca7ca26ce8a7e3ffb700f09e157f9bc31f09d314844051f1a642aca9ff98c9036471ccff0522903e7bcf62e18f7696bbc280b95e8e0d6fd5644b0ebde3a95b06548862de809d3dae3cccf109f7c78e8479a345e800000000000000000000009455bf417627ce723a5d9103706aba69279500bb82f6b5a3ddc0bd9856712945b70c75ce5b722578820820d010d7a37d0b92ef26ab708c0b19ed144be51c3b398f0e6bb7a300bb8b3b3fcba12953d58cff0f0378740fe66637bc63568bfc5ab87b97d8e7cdb047050d7296cd3856476a60a49ad127ba6570bafc2bbcf9ee721fd9cb467ff071e5604fbf049124f2dd226b7d932d7a64de4c4aa433fce840aff7c47da3a4c6966d881819dfd413dd83f6bfbae29e8a6e2a889f6ef6869d82d6bd73eb76b65c7a35a54a4a6b8ad4600ed5972a0bb5971a5f16590b0a03dafa3fd1118765cc8ab9fccf3b51c41a339f200f2fa33006910a679a265f4d4da448a7a0d19c5e43eaf65731609dfa2dde267551467eb657839cc77012cc449009981f22820e57a03432cc14ee1abe724adb6b5431befedd3e22971118f0e21aed1823cb7dde8212a8531bd9691dd4cc6a370e9eb56b3d790b98f2bd0db1e5de6a146597b2cbb7103040d2a39d7965d34df524b760ab92efcce7dd1574052c735937bf6a752c015c7f5ffee9ff66e5dd2866b15b6e0d17618cb1f5c1ee4b05ebf1445ea110f499f840a5c965443d725556351ee25fe09f69494b053678dcadcf02e063dff2fa4bef1ac3bba5be6c74d71ec3b43e29895eff1d1017024fe3e8cc759b057ffd05963f92c1d0d7d90ba8c26d8678913f78ad89e490f3e29ac51d30632869a534418f916bf6fe8167827c8e6c8f8b391c822805cb0adf1b8bd6947ff208753eb0d208ce14f7b206b2e02c21e963abc5ceb735c1b3c46b0a843de52a903375dfb663a8d8ee9c2b2705c1a81d9d3b9656b219c8cd99c9cafcd0d0540884d97aecb19983fc6af29ab44a82aff9cba921192c665b877af6539bdb1b567f481ba07982e7ad758f4e1eac69e7e88a63960975f490e161e371ec8534791e3b61c685d900a9c0839208356b53750e76fcc3c2d1bddcbd83897921414d0c02e8188f3df79ea2a5c5444004830e6cb227ca1bdafb977c0000000000000038417193b8c5d793687335a930867094fd6a78218218e04b705ec62f1608cb569b81914e68f175b392af6bc4fd2121d7fd276af2c97a441b823056e7a0687d98b8e76d8d0d231e4fe00be1de76bd19cc12e2bd938eb681ed6bc94d0af30db042a0f8ea4d40c6"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffe89}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe80, 0xfffffffffffffe7f, &(0x7f0000000500)="b9ff0300600d698cb89e14f065581fffffff07004000632f77fbac14140ee934a0a662079f4b4d2f87e5feca6aab845013f2325f1a39010108038da1924425181aa5", 0x0, 0x241, 0x60000000, 0x0, 0x1f597e108aa0d50c, &(0x7f0000000000), &(0x7f00000000c0)="61ae793cb58796e98bec67538e015077de7e272f4c58590e0a49abbb02864ce87f29c55242edc400de0f90b385e2f9c937fd3b232ab7c99460628f97e6d6f935e88684d642fd966756e2d8b5af7a9002d71c203c4dd9b55ae6eb91e77d823ca1a2de2496a532933552dfb5aa7808176243ef5971c1a9c84ebfbd113d1a233ed5490f124afc9b88bc97d734a20b1e"}, 0x28) 20:07:17 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) setsockopt$inet6_tcp_int(r0, 0x6, 0xa, &(0x7f0000000080)=0x4, 0x4) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f00000000c0), 0x8) sendto$inet6(r0, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x6}, 0x1c) 20:07:18 executing program 1: creat(&(0x7f0000000000)='./file1\x00', 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4) openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x40081, 0x0) 20:07:18 executing program 2: r0 = epoll_create1(0x0) fsetxattr$trusted_overlay_redirect(r0, &(0x7f0000000000)='trusted.overlay.redirect\x00', 0x0, 0x0, 0x0) 20:07:18 executing program 0: creat(&(0x7f0000000140)='./file0\x00', 0x0) setxattr$trusted_overlay_nlink(0x0, 0x0, 0x0, 0x0, 0x0) 20:07:19 executing program 2: rt_sigtimedwait(&(0x7f0000001cc0), 0x0, &(0x7f0000001d80), 0x8) 20:07:19 executing program 1: r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x443fa, 0x0) r1 = epoll_create1(0x0) tee(r1, r0, 0x0, 0x0) 20:07:19 executing program 5: r0 = socket$inet(0x2, 0x802, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000eedffc)=0x7c4, 0x4) setsockopt$inet_int(r0, 0x0, 0x14, &(0x7f0000000080)=0x800003fe, 0x4) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000514ff0)={0x2, 0x4e20}, 0x10) recvfrom$inet(r0, 0x0, 0x0, 0x2000, 0x0, 0x0) [ 836.830981][ T28] audit: type=1800 audit(1599768439.736:35): pid=18525 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.1" name="file1" dev="sda1" ino=16371 res=0 [ 836.921344][T18527] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 837.301172][T18466] IPVS: ftp: loaded support on port[0] = 21 [ 837.344608][T18466] lo speed is unknown, defaulting to 1000 [ 837.762059][ T8620] tipc: TX() has been purged, node left! 20:07:20 executing program 4: r0 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r0, &(0x7f0000000280)={0x28, 0x0, 0x0, @hyper}, 0x10) unshare(0x40000000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r0, 0x28, 0x2, &(0x7f0000000200), 0x8) 20:07:20 executing program 0: 20:07:20 executing program 2: 20:07:20 executing program 1: r0 = shmget(0x3, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmat(r0, &(0x7f0000ffe000/0x1000)=nil, 0x1000) 20:07:20 executing program 3: open(&(0x7f0000000140)='.\x00', 0x0, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4) openat$random(0xffffffffffffff9c, &(0x7f0000000140)='/dev/urandom\x00', 0x5cb100, 0x0) 20:07:20 executing program 5: shmget(0x2, 0x4000, 0x0, &(0x7f0000ff9000/0x4000)=nil) 20:07:21 executing program 0: semget(0x1, 0x0, 0x326302cc005e876b) 20:07:21 executing program 3: 20:07:21 executing program 1: [ 838.334702][T18564] IPVS: ftp: loaded support on port[0] = 21 20:07:21 executing program 5: 20:07:21 executing program 2: [ 838.508471][T18564] lo speed is unknown, defaulting to 1000 20:07:21 executing program 0: 20:07:23 executing program 4: 20:07:23 executing program 5: 20:07:23 executing program 3: 20:07:23 executing program 1: 20:07:23 executing program 2: 20:07:23 executing program 0: 20:07:23 executing program 0: 20:07:23 executing program 3: 20:07:23 executing program 5: 20:07:23 executing program 2: 20:07:23 executing program 1: 20:07:24 executing program 4: [ 841.352881][ T8620] tipc: TX() has been purged, node left! [ 841.381321][ T8620] tipc: TX() has been purged, node left! 20:07:24 executing program 2: 20:07:24 executing program 0: 20:07:24 executing program 1: 20:07:24 executing program 5: 20:07:24 executing program 3: 20:07:24 executing program 4: 20:07:25 executing program 0: 20:07:25 executing program 2: 20:07:25 executing program 1: 20:07:25 executing program 5: 20:07:25 executing program 3: 20:07:25 executing program 4: 20:07:25 executing program 2: 20:07:25 executing program 0: 20:07:26 executing program 1: 20:07:26 executing program 3: 20:07:26 executing program 5: 20:07:26 executing program 4: 20:07:26 executing program 2: 20:07:26 executing program 0: 20:07:26 executing program 3: 20:07:26 executing program 1: 20:07:27 executing program 5: 20:07:27 executing program 4: 20:07:27 executing program 0: 20:07:27 executing program 2: 20:07:27 executing program 3: 20:07:27 executing program 1: 20:07:27 executing program 5: 20:07:27 executing program 4: 20:07:27 executing program 0: 20:07:27 executing program 2: 20:07:28 executing program 3: 20:07:28 executing program 5: 20:07:28 executing program 1: 20:07:28 executing program 4: 20:07:28 executing program 0: 20:07:28 executing program 2: 20:07:28 executing program 5: 20:07:28 executing program 3: 20:07:28 executing program 1: 20:07:28 executing program 4: 20:07:29 executing program 0: 20:07:29 executing program 2: 20:07:29 executing program 3: 20:07:29 executing program 5: 20:07:29 executing program 4: 20:07:29 executing program 1: 20:07:29 executing program 0: 20:07:29 executing program 2: 20:07:30 executing program 3: 20:07:30 executing program 4: 20:07:30 executing program 1: 20:07:30 executing program 5: 20:07:30 executing program 0: 20:07:30 executing program 2: 20:07:30 executing program 4: 20:07:30 executing program 3: 20:07:30 executing program 1: 20:07:30 executing program 5: 20:07:30 executing program 2: 20:07:30 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) getsockopt$sock_timeval(r0, 0x1, 0x0, 0x0, 0x0) 20:07:31 executing program 4: 20:07:31 executing program 1: 20:07:31 executing program 5: 20:07:31 executing program 3: 20:07:31 executing program 2: 20:07:31 executing program 0: 20:07:31 executing program 4: 20:07:31 executing program 1: 20:07:31 executing program 5: 20:07:31 executing program 3: 20:07:32 executing program 0: 20:07:32 executing program 2: 20:07:32 executing program 4: 20:07:32 executing program 1: 20:07:32 executing program 5: 20:07:32 executing program 3: 20:07:32 executing program 0: 20:07:32 executing program 2: 20:07:32 executing program 4: 20:07:32 executing program 1: 20:07:32 executing program 3: 20:07:32 executing program 5: 20:07:33 executing program 0: 20:07:33 executing program 2: 20:07:33 executing program 4: 20:07:33 executing program 1: 20:07:33 executing program 5: 20:07:33 executing program 3: 20:07:33 executing program 0: 20:07:33 executing program 2: 20:07:33 executing program 4: 20:07:33 executing program 5: 20:07:33 executing program 1: 20:07:34 executing program 3: 20:07:34 executing program 0: 20:07:34 executing program 2: 20:07:34 executing program 5: 20:07:34 executing program 4: 20:07:34 executing program 3: 20:07:34 executing program 1: 20:07:34 executing program 0: 20:07:34 executing program 2: 20:07:35 executing program 5: 20:07:35 executing program 4: 20:07:35 executing program 3: 20:07:35 executing program 0: 20:07:35 executing program 1: 20:07:35 executing program 2: 20:07:35 executing program 5: 20:07:35 executing program 4: 20:07:35 executing program 3: 20:07:35 executing program 0: 20:07:35 executing program 1: 20:07:36 executing program 2: 20:07:36 executing program 5: 20:07:36 executing program 3: 20:07:36 executing program 4: 20:07:36 executing program 0: 20:07:36 executing program 1: 20:07:36 executing program 2: 20:07:36 executing program 5: 20:07:36 executing program 4: 20:07:36 executing program 0: 20:07:36 executing program 3: 20:07:36 executing program 1: 20:07:37 executing program 2: 20:07:37 executing program 5: 20:07:37 executing program 4: 20:07:37 executing program 0: 20:07:37 executing program 1: 20:07:37 executing program 3: 20:07:37 executing program 2: 20:07:37 executing program 5: 20:07:37 executing program 0: 20:07:37 executing program 1: 20:07:37 executing program 4: 20:07:37 executing program 3: 20:07:38 executing program 2: 20:07:38 executing program 5: 20:07:38 executing program 1: 20:07:38 executing program 0: 20:07:38 executing program 3: 20:07:38 executing program 4: 20:07:38 executing program 2: 20:07:38 executing program 1: 20:07:38 executing program 0: 20:07:38 executing program 5: 20:07:38 executing program 4: 20:07:39 executing program 3: 20:07:39 executing program 1: 20:07:39 executing program 2: 20:07:39 executing program 0: 20:07:39 executing program 5: 20:07:39 executing program 3: 20:07:39 executing program 4: 20:07:39 executing program 1: 20:07:39 executing program 0: 20:07:39 executing program 2: 20:07:39 executing program 5: 20:07:40 executing program 4: 20:07:40 executing program 3: 20:07:40 executing program 1: 20:07:40 executing program 0: 20:07:40 executing program 2: 20:07:41 executing program 4: 20:07:41 executing program 0: 20:07:41 executing program 5: 20:07:41 executing program 3: 20:07:41 executing program 1: 20:07:41 executing program 2: 20:07:41 executing program 5: 20:07:41 executing program 4: 20:07:41 executing program 0: 20:07:41 executing program 3: 20:07:41 executing program 1: 20:07:41 executing program 2: 20:07:42 executing program 5: 20:07:42 executing program 4: 20:07:42 executing program 0: 20:07:42 executing program 3: 20:07:42 executing program 1: 20:07:42 executing program 2: 20:07:42 executing program 4: 20:07:42 executing program 5: 20:07:42 executing program 0: 20:07:42 executing program 3: 20:07:42 executing program 1: 20:07:43 executing program 2: 20:07:43 executing program 4: 20:07:43 executing program 5: 20:07:43 executing program 3: 20:07:43 executing program 0: 20:07:43 executing program 1: 20:07:43 executing program 2: 20:07:43 executing program 4: 20:07:43 executing program 5: 20:07:43 executing program 3: 20:07:43 executing program 1: 20:07:43 executing program 0: 20:07:44 executing program 2: 20:07:44 executing program 4: 20:07:44 executing program 5: 20:07:44 executing program 3: 20:07:44 executing program 1: 20:07:44 executing program 0: 20:07:44 executing program 2: 20:07:45 executing program 5: 20:07:45 executing program 4: 20:07:45 executing program 3: 20:07:45 executing program 0: 20:07:45 executing program 2: 20:07:45 executing program 1: 20:07:45 executing program 5: 20:07:45 executing program 4: 20:07:45 executing program 0: 20:07:45 executing program 3: 20:07:46 executing program 1: 20:07:46 executing program 2: 20:07:46 executing program 5: 20:07:46 executing program 4: 20:07:46 executing program 0: 20:07:46 executing program 1: 20:07:46 executing program 3: 20:07:46 executing program 2: 20:07:46 executing program 5: 20:07:46 executing program 4: 20:07:47 executing program 0: 20:07:47 executing program 1: 20:07:47 executing program 3: 20:07:47 executing program 2: 20:07:47 executing program 4: 20:07:47 executing program 5: 20:07:47 executing program 0: 20:07:47 executing program 1: 20:07:47 executing program 3: 20:07:47 executing program 2: 20:07:48 executing program 4: 20:07:48 executing program 5: 20:07:48 executing program 0: 20:07:48 executing program 1: 20:07:48 executing program 3: 20:07:48 executing program 2: 20:07:48 executing program 5: 20:07:48 executing program 4: 20:07:48 executing program 1: 20:07:48 executing program 0: 20:07:48 executing program 3: 20:07:48 executing program 2: 20:07:49 executing program 4: 20:07:49 executing program 5: 20:07:49 executing program 1: 20:07:49 executing program 0: 20:07:49 executing program 3: 20:07:49 executing program 2: 20:07:49 executing program 4: 20:07:49 executing program 1: 20:07:49 executing program 5: 20:07:50 executing program 0: 20:07:50 executing program 3: 20:07:50 executing program 2: 20:07:50 executing program 4: 20:07:50 executing program 5: 20:07:50 executing program 1: 20:07:50 executing program 3: 20:07:50 executing program 0: 20:07:50 executing program 2: 20:07:50 executing program 1: 20:07:50 executing program 5: 20:07:51 executing program 4: 20:07:51 executing program 3: 20:07:51 executing program 2: 20:07:51 executing program 0: 20:07:51 executing program 1: 20:07:51 executing program 5: 20:07:51 executing program 3: 20:07:51 executing program 4: 20:07:51 executing program 0: 20:07:51 executing program 2: 20:07:51 executing program 5: 20:07:51 executing program 1: 20:07:52 executing program 3: 20:07:52 executing program 0: 20:07:52 executing program 4: 20:07:52 executing program 2: 20:07:52 executing program 5: 20:07:52 executing program 1: 20:07:52 executing program 4: 20:07:52 executing program 0: 20:07:52 executing program 3: 20:07:53 executing program 2: 20:07:53 executing program 5: 20:07:53 executing program 1: 20:07:53 executing program 0: 20:07:53 executing program 4: 20:07:53 executing program 5: 20:07:53 executing program 3: 20:07:53 executing program 2: 20:07:53 executing program 1: 20:07:53 executing program 4: 20:07:53 executing program 0: 20:07:54 executing program 5: 20:07:54 executing program 3: 20:07:54 executing program 2: 20:07:54 executing program 1: 20:07:54 executing program 4: 20:07:54 executing program 0: 20:07:54 executing program 5: 20:07:54 executing program 1: 20:07:54 executing program 3: 20:07:54 executing program 2: 20:07:55 executing program 0: 20:07:55 executing program 4: 20:07:55 executing program 5: 20:07:55 executing program 2: 20:07:55 executing program 3: 20:07:55 executing program 1: 20:07:55 executing program 0: 20:07:55 executing program 4: 20:07:55 executing program 5: 20:07:55 executing program 1: 20:07:55 executing program 2: 20:07:56 executing program 3: 20:07:56 executing program 0: 20:07:56 executing program 4: 20:07:56 executing program 5: 20:07:56 executing program 1: 20:07:56 executing program 2: 20:07:56 executing program 0: 20:07:56 executing program 3: 20:07:56 executing program 4: 20:07:56 executing program 5: 20:07:57 executing program 1: 20:07:57 executing program 2: 20:07:57 executing program 3: 20:07:57 executing program 0: 20:07:57 executing program 4: 20:07:57 executing program 5: 20:07:57 executing program 1: 20:07:57 executing program 2: 20:07:57 executing program 0: 20:07:57 executing program 3: 20:07:57 executing program 4: 20:07:58 executing program 5: 20:07:58 executing program 1: 20:07:58 executing program 2: 20:07:58 executing program 0: 20:07:58 executing program 3: 20:07:58 executing program 5: 20:07:58 executing program 1: 20:07:58 executing program 2: 20:07:59 executing program 0: 20:07:59 executing program 3: 20:07:59 executing program 1: 20:07:59 executing program 4: 20:07:59 executing program 5: 20:07:59 executing program 2: 20:07:59 executing program 0: 20:07:59 executing program 3: 20:07:59 executing program 1: 20:08:00 executing program 5: 20:08:00 executing program 1: 20:08:00 executing program 3: 20:08:00 executing program 2: 20:08:00 executing program 0: 20:08:00 executing program 4: 20:08:00 executing program 1: 20:08:00 executing program 5: 20:08:00 executing program 2: 20:08:00 executing program 3: 20:08:00 executing program 0: 20:08:00 executing program 4: 20:08:01 executing program 1: 20:08:01 executing program 5: 20:08:01 executing program 0: 20:08:01 executing program 2: 20:08:01 executing program 3: 20:08:01 executing program 4: 20:08:01 executing program 1: 20:08:01 executing program 5: 20:08:01 executing program 2: 20:08:01 executing program 0: 20:08:01 executing program 3: 20:08:02 executing program 4: 20:08:02 executing program 1: 20:08:02 executing program 5: 20:08:02 executing program 0: 20:08:02 executing program 3: 20:08:02 executing program 2: 20:08:02 executing program 4: 20:08:02 executing program 1: 20:08:02 executing program 5: 20:08:02 executing program 0: 20:08:03 executing program 3: 20:08:03 executing program 2: 20:08:03 executing program 4: 20:08:03 executing program 1: 20:08:03 executing program 5: 20:08:03 executing program 0: 20:08:03 executing program 3: 20:08:03 executing program 2: 20:08:03 executing program 4: 20:08:03 executing program 1: 20:08:03 executing program 5: 20:08:04 executing program 0: 20:08:04 executing program 3: 20:08:04 executing program 2: 20:08:04 executing program 4: 20:08:04 executing program 1: 20:08:04 executing program 0: 20:08:04 executing program 5: 20:08:04 executing program 3: 20:08:04 executing program 2: 20:08:04 executing program 4: 20:08:04 executing program 1: 20:08:04 executing program 0: 20:08:05 executing program 5: 20:08:05 executing program 1: 20:08:05 executing program 4: 20:08:05 executing program 2: 20:08:05 executing program 3: 20:08:05 executing program 0: 20:08:05 executing program 5: 20:08:05 executing program 3: 20:08:05 executing program 4: 20:08:05 executing program 1: 20:08:06 executing program 2: 20:08:06 executing program 0: 20:08:06 executing program 4: 20:08:06 executing program 5: 20:08:06 executing program 1: 20:08:06 executing program 2: 20:08:06 executing program 3: 20:08:06 executing program 0: 20:08:06 executing program 5: 20:08:06 executing program 4: 20:08:06 executing program 1: 20:08:07 executing program 2: 20:08:07 executing program 0: 20:08:07 executing program 3: 20:08:07 executing program 5: 20:08:07 executing program 4: 20:08:07 executing program 1: 20:08:07 executing program 2: 20:08:07 executing program 0: 20:08:07 executing program 3: 20:08:07 executing program 5: 20:08:08 executing program 4: 20:08:08 executing program 1: 20:08:08 executing program 2: 20:08:08 executing program 0: 20:08:08 executing program 3: 20:08:08 executing program 5: 20:08:08 executing program 4: 20:08:08 executing program 1: 20:08:08 executing program 2: 20:08:08 executing program 0: 20:08:08 executing program 3: 20:08:09 executing program 5: 20:08:09 executing program 4: 20:08:09 executing program 2: 20:08:09 executing program 1: 20:08:09 executing program 0: 20:08:09 executing program 3: 20:08:09 executing program 5: 20:08:09 executing program 4: 20:08:09 executing program 1: 20:08:09 executing program 2: 20:08:09 executing program 0: 20:08:10 executing program 3: 20:08:10 executing program 5: 20:08:10 executing program 4: 20:08:10 executing program 1: 20:08:10 executing program 2: 20:08:10 executing program 0: 20:08:10 executing program 3: 20:08:10 executing program 5: 20:08:10 executing program 4: 20:08:10 executing program 1: 20:08:10 executing program 0: 20:08:10 executing program 2: 20:08:11 executing program 3: 20:08:11 executing program 5: 20:08:11 executing program 4: 20:08:11 executing program 0: 20:08:11 executing program 1: 20:08:11 executing program 2: 20:08:11 executing program 3: 20:08:11 executing program 5: 20:08:11 executing program 4: 20:08:12 executing program 1: 20:08:12 executing program 2: 20:08:12 executing program 0: 20:08:12 executing program 3: 20:08:12 executing program 4: 20:08:12 executing program 5: 20:08:12 executing program 0: 20:08:12 executing program 2: 20:08:12 executing program 1: 20:08:12 executing program 3: 20:08:12 executing program 5: 20:08:12 executing program 4: 20:08:13 executing program 0: 20:08:13 executing program 2: 20:08:13 executing program 1: 20:08:13 executing program 3: 20:08:13 executing program 5: 20:08:13 executing program 4: 20:08:13 executing program 0: 20:08:13 executing program 2: 20:08:13 executing program 1: 20:08:13 executing program 3: 20:08:13 executing program 5: 20:08:13 executing program 4: 20:08:14 executing program 0: 20:08:14 executing program 2: 20:08:14 executing program 1: 20:08:14 executing program 3: 20:08:14 executing program 5: 20:08:14 executing program 4: 20:08:14 executing program 0: 20:08:14 executing program 2: 20:08:14 executing program 1: 20:08:14 executing program 3: 20:08:15 executing program 5: 20:08:15 executing program 4: 20:08:15 executing program 0: 20:08:15 executing program 2: 20:08:15 executing program 1: 20:08:15 executing program 3: 20:08:15 executing program 0: 20:08:15 executing program 5: 20:08:15 executing program 4: 20:08:15 executing program 1: 20:08:16 executing program 3: 20:08:16 executing program 5: 20:08:16 executing program 0: 20:08:16 executing program 4: 20:08:16 executing program 1: 20:08:16 executing program 2: 20:08:16 executing program 3: 20:08:16 executing program 5: 20:08:16 executing program 0: 20:08:16 executing program 4: 20:08:17 executing program 1: 20:08:17 executing program 0: 20:08:17 executing program 3: 20:08:17 executing program 4: 20:08:17 executing program 5: 20:08:17 executing program 2: 20:08:17 executing program 1: 20:08:17 executing program 3: 20:08:17 executing program 0: 20:08:17 executing program 4: 20:08:18 executing program 5: 20:08:18 executing program 2: 20:08:18 executing program 1: 20:08:18 executing program 3: 20:08:18 executing program 0: 20:08:18 executing program 4: 20:08:18 executing program 5: 20:08:18 executing program 2: 20:08:18 executing program 1: 20:08:19 executing program 0: 20:08:19 executing program 5: 20:08:19 executing program 3: 20:08:19 executing program 4: 20:08:19 executing program 2: 20:08:19 executing program 1: 20:08:19 executing program 0: 20:08:19 executing program 5: 20:08:19 executing program 4: 20:08:19 executing program 1: 20:08:19 executing program 3: 20:08:19 executing program 2: 20:08:20 executing program 0: 20:08:20 executing program 5: 20:08:20 executing program 4: 20:08:20 executing program 1: 20:08:20 executing program 3: 20:08:20 executing program 2: 20:08:20 executing program 0: 20:08:20 executing program 5: 20:08:20 executing program 4: 20:08:20 executing program 1: 20:08:20 executing program 3: 20:08:21 executing program 2: 20:08:21 executing program 5: 20:08:21 executing program 0: 20:08:21 executing program 1: 20:08:21 executing program 4: 20:08:21 executing program 3: 20:08:21 executing program 2: 20:08:21 executing program 0: 20:08:21 executing program 5: 20:08:21 executing program 1: 20:08:22 executing program 4: 20:08:22 executing program 3: 20:08:22 executing program 2: 20:08:22 executing program 5: 20:08:22 executing program 0: 20:08:22 executing program 1: 20:08:22 executing program 4: 20:08:22 executing program 2: 20:08:22 executing program 3: 20:08:22 executing program 5: 20:08:22 executing program 0: 20:08:22 executing program 1: 20:08:23 executing program 2: 20:08:23 executing program 4: 20:08:23 executing program 0: 20:08:23 executing program 3: 20:08:23 executing program 5: 20:08:23 executing program 1: 20:08:23 executing program 2: 20:08:23 executing program 0: 20:08:23 executing program 4: 20:08:23 executing program 1: 20:08:24 executing program 5: 20:08:24 executing program 3: 20:08:24 executing program 4: 20:08:24 executing program 2: 20:08:24 executing program 0: 20:08:24 executing program 1: 20:08:24 executing program 5: 20:08:24 executing program 3: 20:08:24 executing program 0: 20:08:25 executing program 2: 20:08:25 executing program 4: 20:08:25 executing program 5: 20:08:25 executing program 1: 20:08:25 executing program 3: 20:08:25 executing program 0: 20:08:25 executing program 2: 20:08:25 executing program 4: 20:08:25 executing program 1: 20:08:25 executing program 5: 20:08:26 executing program 3: 20:08:26 executing program 0: 20:08:26 executing program 4: 20:08:26 executing program 2: 20:08:26 executing program 5: 20:08:26 executing program 1: 20:08:26 executing program 3: 20:08:26 executing program 0: 20:08:26 executing program 4: 20:08:27 executing program 2: 20:08:27 executing program 5: 20:08:27 executing program 3: 20:08:27 executing program 1: 20:08:27 executing program 0: 20:08:27 executing program 4: 20:08:27 executing program 2: 20:08:27 executing program 3: 20:08:27 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) setsockopt$inet6_tcp_int(r0, 0x6, 0xa, &(0x7f0000000080)=0x4, 0x4) fsetxattr$system_posix_acl(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000180)='cdg\x00', 0x4) sendto$inet6(r0, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x983a, @rand_addr, 0xffffff91}, 0x1c) 20:08:27 executing program 1: syz_emit_ethernet(0x68, &(0x7f0000000980)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb86dd60a0f000000000008d31000000000000e9dcf1dc32cf5e378003100000000000040000000000aaff2c26"], 0x0) 20:08:27 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x30, 0x16, 0xa, 0x801, 0x0, 0x0, {}, [@NFTA_FLOWTABLE_HOOK={0x4}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}]}], {0x14, 0x2}}, 0x78}}, 0x0) 20:08:28 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x4000000043) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f000087dffe)='F', 0x3e, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) shutdown(r1, 0x2) r2 = accept4(r0, 0x0, 0x0, 0x0) shutdown(r2, 0x1) socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000440)='SEG6\x00') setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000000c0)={0x0, @in6, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x98) 20:08:28 executing program 2: r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0}, 0x24000844) 20:08:28 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_ACCT_GET_CTRZERO(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0x14, 0x2, 0x7, 0x101}, 0x14}}, 0x0) 20:08:28 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'rmd128\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f0000001600)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe803}}], 0x500, 0x0, 0x0) pivot_root(0x0, 0x0) ioctl$CHAR_RAW_PBSZGET(0xffffffffffffffff, 0x127b, &(0x7f0000000100)) 20:08:28 executing program 1: prctl$PR_SET_NAME(0xf, &(0x7f0000000000)='//selinux\x00\x00\x01\x10') openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000300)='fd/3\x00') r1 = openat(r0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) lseek(r1, 0x0, 0x4) 20:08:29 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r0, 0x0, 0x0, 0x200000c0, &(0x7f0000000080), 0x10) 20:08:29 executing program 2: sendmmsg(0xffffffffffffffff, &(0x7f0000005c00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}}], 0x1, 0x0) r0 = socket(0x2000000000000021, 0x2, 0x10000000000002) connect$rxrpc(r0, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10}, 0x24) sendmmsg(r0, &(0x7f0000005c00), 0x1, 0x0) 20:08:29 executing program 3: prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000180)={&(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil, 0x0}, 0x68) r0 = syz_open_dev$loop(&(0x7f0000000080)='/dev/loop#\x00', 0x0, 0x105082) io_setup(0xb, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f0000000440)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x8, 0x0, r0, &(0x7f0000000140)="73844ae89d", 0x5}]) 20:08:29 executing program 4: r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bind(0xffffffffffffffff, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) fcntl$setpipe(r1, 0x407, 0x80005) splice(r0, 0x0, r1, 0x0, 0x62ce9f1, 0x0) 20:08:29 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x2a7) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002808100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$inet6_int(r0, 0x29, 0x8, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1c) dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$TIOCSLCKTRMIOS(0xffffffffffffffff, 0x5457, 0x0) wait4(0x0, 0x0, 0x0, 0x0) 20:08:29 executing program 5: mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f0000000040)='./file0\x00', 0x0, 0x7a00, 0x0) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) r1 = openat$cgroup_int(r0, &(0x7f00000000c0)='cpuset.mems\x00', 0x2, 0x0) sendfile(r1, r1, 0x0, 0x100020000) 20:08:29 executing program 2: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0xffffffffffffff42}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) ioctl$KDFONTOP_COPY(0xffffffffffffffff, 0x4b72, &(0x7f00000000c0)={0x3, 0x0, 0x0, 0x0, 0x159, 0x0}) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0x3}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 20:08:30 executing program 1: perf_event_open(&(0x7f0000000000)={0x1000000002, 0x70, 0x800000000000013, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0x10, 0x3, 0x4) sendto$inet6(r0, &(0x7f00000001c0)="4c00000012001f15b9409b849ac00a00a5784002000000000000030038c88cc055c5ac27a6c5b068d0bf46d323456536005ad94a461cdbfee9bdb9423523598451d1ec0cffc8792cd8000000", 0x4c, 0x0, 0x0, 0x0) [ 907.417204][T19413] ptrace attach of "/root/syz-executor.2"[19412] was attempted by "/root/syz-executor.2"[19413] 20:08:30 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={0x0, 0x0, &(0x7f00000bfff0)={&(0x7f0000000180)=@updpolicy={0xb4, 0x14, 0x1, 0x0, 0x0, {{@in6=@mcast1={0xff, 0x1, [0x0, 0x3f000000]}, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}}}, 0xb4}, 0x1, 0xfffff000}, 0x0) 20:08:30 executing program 3: r0 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r1, 0x4, 0x46000) lseek(r1, 0x4200, 0x0) r2 = creat(&(0x7f0000000140)='./bus\x00', 0x0) readv(r0, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/116, 0x74}], 0x1) ftruncate(r2, 0x48280) r3 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) sendfile(r1, r3, 0x0, 0x8400ffffbffb) sendfile(r0, r0, 0x0, 0x8080fffffffe) [ 907.899394][ T28] audit: type=1804 audit(1599768510.800:36): pid=19424 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir107425466/syzkaller.uTNfBX/374/bus" dev="sda1" ino=16126 res=1 20:08:30 executing program 0: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0xffffffffffffff42}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) ioctl$KDFONTOP_COPY(0xffffffffffffffff, 0x4b72, &(0x7f00000000c0)={0x3, 0x0, 0x0, 0x0, 0x168, 0x0}) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0x3}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 20:08:30 executing program 4: socketpair$unix(0x1, 0x0, 0x0, 0x0) r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_SERVICE(0xffffffffffffffff, 0x0, 0x483, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x2400, 0x4bd) socket$packet(0x11, 0x3, 0x300) 20:08:30 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f00000000c0)=0x100000001, 0x4) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f00000001c0)=0x2, 0x2e1) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup2(r1, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={[], [], @local}}, 0x1c) sendto$inet6(r0, &(0x7f0000000400)="fa", 0x1, 0x0, 0x0, 0x0) shutdown(r0, 0x1) 20:08:31 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe", 0x6}], 0x1, 0x1) close(r1) r2 = socket$inet6(0xa, 0x3, 0x8) setsockopt$inet6_buf(r1, 0x29, 0x39, &(0x7f0000e86000)="0022040000ffffebfffffffeffffffff144e0000ff000207835eebf116b208feefaf234b4ff8b4cc4c39bdc8451792b903f4b7d8c8cf2153622652328c19ef68234f905557c4070000008735e9ab2f77c62e0a5cdd2cf9984c070400000000000003ff23353d8b2fc6a3ae1ebfcb49004a3ccd3560ae01010000079c60ed7449b842f3e253be8a62b37f820fe75a9ea937ea4e2540019ccbd9f6672837496d00ad7765abaac2ec0f91c88a1ea1ff6ee308c72febedcf00798d41991ac25bb6fce2220c25ea380c7e112ab358c3a6bd8a59c100000001b4e82cb03419544a3988bc226a85abe6eb60cd7cf8d103d38c31c7c86d16c4d86cbe4ab390c092d077ce70590fbbd4f8bf4d6ab1cea6dbe9d4a54c17aac0db6e3845", 0x118) connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev, 0x6}, 0x1c) splice(r0, 0x0, r1, 0x0, 0x7fffffff, 0x0) [ 908.150862][ T28] audit: type=1800 audit(1599768511.050:37): pid=19423 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed comm="syz-executor.3" name="bus" dev="sda1" ino=16126 res=0 20:08:31 executing program 3: r0 = socket$key(0xf, 0x3, 0x2) perf_event_open(&(0x7f0000000000)={0x1000000002, 0x70, 0x800000000000013, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000480)={0x2, 0x3, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, [@sadb_key={0x2, 0x9, 0x8, 0x0, "b7"}, @sadb_address={0x3, 0x6}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0xd}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}]}, 0x60}, 0x1, 0x7}, 0x0) 20:08:31 executing program 4: r0 = socket$inet6(0xa, 0x3, 0x87) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@ipv4={[], [], @dev}, @in6=@ipv4, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@empty, 0x0, 0x32}, 0x0, @in=@loopback, 0x0, 0x0, 0x0, 0xfffffffffffffffe}}, 0xe8) perf_event_open(&(0x7f0000000000)={0x1000000002, 0x70, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) bind$netlink(r1, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @ipv4={[], [], @local}}, 0x1c) [ 908.575989][T19438] ptrace attach of "/root/syz-executor.0"[19437] was attempted by "/root/syz-executor.0"[19438] 20:08:31 executing program 0: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x13, 0x1, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0xffffffffffffff80}, 0x0, 0x0, 0x0, 0x2, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f0000000240)='./file0\x00') syz_open_dev$ttys(0xc, 0x2, 0x1) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@broute={'broute\x00', 0x20, 0x2, 0x11d, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000740], 0x0, 0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0100000009000000ff9c0000883e76657468315f746f5f7465616d000000b72d36746e6c3000000000000000000069726c616e300000000000000000000069666230000000000000000000000000aaaaaaaaaabb000000000000aaaaaaaaaa000000000000000000ac000000ec000000d400000071756f746100000000000000000000000000000000000000000000000000000018000000000000000000000001000000000000000700000000000a00415544495400000000000000000000000000000000000000000000000000000004000000eaffffff00"/285]}, 0x16d) ioctl$TCSETX(0xffffffffffffffff, 0x5433, &(0x7f0000000400)={0x5, 0x4501, [0x6, 0x0, 0xe4f1, 0x0, 0x3], 0x40}) mkdir(0x0, 0x18) r1 = open(&(0x7f0000001680)='./file0\x00', 0x0, 0x86) openat$cgroup_procs(r1, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCDELDLCI(r0, 0x8981, &(0x7f0000000000)={'wg0\x00', 0xf0}) ioctl$FIGETBSZ(0xffffffffffffffff, 0x2, &(0x7f0000000140)) eventfd2(0x201, 0x80001) r2 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x3d2}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) getsockopt$packet_buf(r2, 0x107, 0x2, &(0x7f00000016c0)=""/4096, &(0x7f00000000c0)=0x1000) rmdir(&(0x7f0000000040)='./file0\x00') 20:08:31 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f00000000c0)=0x100000001, 0x4) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f00000001c0)=0x2, 0x2e1) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={[], [], @local}}, 0x1c) sendto$inet6(r0, &(0x7f0000000400)="fa", 0x1, 0x0, 0x0, 0x0) shutdown(r0, 0x1) 20:08:31 executing program 5: perf_event_open(&(0x7f0000000000)={0x1000000002, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x3, &(0x7f00000001c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x50000}]}) openat$full(0xffffff9c, &(0x7f0000000440)='/dev/full\x00', 0x0, 0x0) 20:08:31 executing program 2: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0xfffffffffffffebd, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="00a8883400045a7b00108fe12b87d06d8c"], 0x2}}, 0x0) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = gettid() tkill(r1, 0x37) 20:08:32 executing program 4: clone(0x13122001ffa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001}) r1 = socket(0x1, 0x3, 0x0) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000100)={0x0, 'syzkaller1\x00'}) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-generic\x00'}, 0x58) accept4(r2, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$netlbl_calipso(0x0) perf_event_open(&(0x7f0000000000)={0x1000000002, 0x70, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r3, 0x8983, &(0x7f0000000080)={0x0, 'syzkaller1\x00', {0x804}}) close(r0) 20:08:32 executing program 1: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='veth1\x00', 0x10) connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000100), 0x4) setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000140)={0x1, 0x1}, 0x8) close(r1) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r0, 0x16) 20:08:32 executing program 0: prctl$PR_SET_NAME(0xf, &(0x7f0000000000)='//selinux\x00\x00\x01\x10=\x8f\xa2\xc7\x8b\x96|?\x16\xbf\xa1$\xe2\xf4\xa6t#M\xe0l\x0e<\x89\x8df\xa0m\x00\a\xbb\x84\xc2V\xff\xb0j\x06\x00\xba\x1a\xe7@\xab\xe2v\x8a\x97\x88\xd3\xa5\xeePb\x10\xf5\'\xc1\x01\xfew\xdfgCM>\xba\xc6\xe5\xa6\xac\xfa\xed\xdf;') openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = syz_open_procfs(0x0, &(0x7f0000000100)='fd/3\x00') r3 = openat(r2, &(0x7f0000000bc0)='./file0\x00', 0xc0242, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000100)='fd/3\x00') r5 = openat(r4, &(0x7f0000000040)='./file0\x00', 0x141202, 0x0) write$FUSE_INIT(r5, &(0x7f0000000140)={0x50}, 0x50) fallocate(r3, 0x0, 0x0, 0x5) 20:08:32 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r0) ioctl$sock_SIOCGIFBR(r3, 0x8940, &(0x7f0000000040)=@add_del={0x2, &(0x7f0000000000)='ip6erspan0\x00'}) perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFBR(r1, 0x8940, &(0x7f0000000080)=@add_del={0x3, &(0x7f0000000100)='ip6erspan0\x00'}) [ 909.477526][T19466] ptrace attach of "/root/syz-executor.2"[19465] was attempted by "/root/syz-executor.2"[19466] 20:08:32 executing program 3: r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vhost-net\x00', 0x2, 0x0) ioctl$int_in(r0, 0x40000000af01, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) r2 = dup3(r0, r1, 0x0) ioctl$VHOST_NET_SET_BACKEND(r2, 0xaf02, 0x0) 20:08:32 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x2}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x14}, @NFT_MSG_DELCHAIN={0x20, 0x5, 0xa, 0x5, 0x0, 0x0, {0x2}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x7c}}, 0x0) 20:08:33 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x3ff, 0x4) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'bridge0\x00', 0x0}) bind$packet(r0, &(0x7f0000000080)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @dev}, 0x14) sendto$inet6(r0, &(0x7f0000000140)="0503460008003e0000000200c52cf7c25975e605b02f80357f2b2ff0dac8897c6b11876d886b143a301817ccd51cc5471d130a6632a88161b6fd8f24286a57c3fe257c3314a3974bb654697f462f4c73", 0x50, 0x0, 0x0, 0x0) 20:08:33 executing program 0: socket(0x10, 0x803, 0x0) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0xffffffffffffff42}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) ioctl$KDFONTOP_COPY(0xffffffffffffffff, 0x4b72, &(0x7f00000000c0)={0x3, 0x0, 0x0, 0x0, 0x16d, 0x0}) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0x3}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 20:08:33 executing program 2: r0 = socket$can_raw(0x1d, 0x3, 0x1) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vxcan0\x00', 0x0}) bind$can_raw(r0, &(0x7f0000000040)={0x1d, r2}, 0x10) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = dup2(r3, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) setsockopt$CAN_RAW_ERR_FILTER(r0, 0x65, 0x2, &(0x7f0000000000)=0x205, 0x4) [ 910.741662][T19537] ptrace attach of "/root/syz-executor.0"[19535] was attempted by "/root/syz-executor.0"[19537] 20:08:33 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0xd}, 0x2c) 20:08:34 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) sendto$inet(r0, 0x0, 0xffffffffffffffb5, 0x200007fd, &(0x7f0000e68000)={0x2, 0x0, @local}, 0x10) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, &(0x7f00000003c0), 0x4) 20:08:34 executing program 3: syz_emit_ethernet(0x36, &(0x7f0000000540)={@local, @local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @empty, @empty}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0) 20:08:34 executing program 4: clone(0x13122001ffa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001}) r1 = socket(0x1, 0x3, 0x0) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000100)={0x0, 'syzkaller1\x00'}) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-generic\x00'}, 0x58) accept4(r2, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$netlbl_calipso(0x0) perf_event_open(&(0x7f0000000000)={0x1000000002, 0x70, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r3, 0x8983, &(0x7f0000000080)={0x0, 'syzkaller1\x00', {0x804}}) close(r0) 20:08:34 executing program 1: syz_open_procfs(0x0, 0x0) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000000040)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000180), 0xe}, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000380)='./bus\x00', 0x0) lseek(r0, 0x7ffffc, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r1, &(0x7f0000000280)={0x2, 0x4e20, @empty}, 0x10) syz_open_dev$tty1(0xc, 0x4, 0x2) setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000000440)=0x1, 0xffe6) sendto$inet(r1, 0x0, 0x0, 0x20020001, &(0x7f0000000080)={0x2, 0x4e20}, 0x10) r2 = socket$can_bcm(0x1d, 0x2, 0x2) r3 = accept4$unix(0xffffffffffffffff, &(0x7f0000001780), 0x0, 0x800) setsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000001800)={0x0, 0xee00, 0xee01}, 0xc) connect(r2, &(0x7f0000000300)=@ll={0x11, 0x3, 0x0, 0x1, 0x0, 0x6, @remote}, 0x80) socket$can_bcm(0x1d, 0x2, 0x2) 20:08:34 executing program 2: mkdir(&(0x7f0000000400)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080)='/dev/fuse\x00', 0x42, 0x0) mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000002100)='fuse\x00', 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1}, 0x50) syz_fuse_handle_req(r0, &(0x7f0000000000)="9eda438838743bd4e9720bee57093515dc189a5ea685e9556c1c2c3cfc4df50d66d31a48aa312663b68d18c5826b5b55fb738208863dac0f10f423aee7a5d8ddc45ebdfeb7424bae859d7c37ecfc4b63914d5a56d91017dd22bc84f759a15969951aef9d5c88c96560896988fa18cd946cfcc3a0f1c993348377904eac32c980bdf7976ebca2b499cab63c4e841514277fc71d4620e29a92523402485de0e82896484c0ae497a4d686df23ca7b68c3fd5e624d3510d7f94838e54af877ca58a00c5a672bba11f5aa1ed1980dfef47b9973d0bf456ded5e72f1702b3dc5197fce39cba53a038d8dc0ec783ce70577107dc5e8b299e64a0b7f1191f0926bd25762370191710bab2f44e9069f55f8a3f87e4cb488a2fb3348c0bf3b3874291f83e4776b160ea73aafa3919c7c069c73c0052173a63158db8b65541d161f9c964926ad7f06bdd6cb6a32135b04e35701c2e13c49c1f75dc7a25d623378860692d172ec3f1e1f2d9dc77c015c13721efcb101c2390abb847e871132f472a37cc0163b39b1d575a5444e246a08a1afb1a696cabab29498a314429a3b9f44c43ba29f71fac1fbe0d01c3c16d22730932704bcfb0c1b7a432bc51dd3f5dd5afc3b342cbe6a6ff899039e28f9a51881b1d46fdcf31767cb6f5c5c69ab3c80615d77c4d1664fc4ec831b8cea2e752bbb7a9ce79df875b29f1e232751daf32a1a0c4ff8bd0688e2b8e2d668b8a77e20a9eb6ec2e2c23b94e507baeacbcfa31fb6e1ca3343668f43e3aa6d85e7c29bf0bb4dbdabddc92be7f4a6f5d21b19e6da17bfb6cc926e3847532fae29c7b62fb909130ec372d3c16cfe6aaf3ce2af0fe7610fde7aad61bc80d2f96b999c8ccf6d22cf903ca8ae8b879ec4a416f334982e9810c0140a18d4dc81b5edaae23e9f4abaf40ed71512aebbba5bb251545e188db789558a845a2877b14bdaeec3c738b7d730c0860531bf5517d4f0e8f95ed3571f8a35816d5116fcb8d7cbf42b7d5d5e65541508c898bb2e0fe96297d2ab7135662de39df099ebaed5871111f5346278cee5728cec512e6c0a0d65b51e3d627873195b84103341c2bc83b6c8fdd8ba17f5957413f61c69d618c9b9d0b1f08dc81921b6c662ee1da3bfa019b095e9a03c2db4d645ccb7364e895098cbf7d932c72d80663c7a1694d122f7348393079223c11d36c64a5856eae0397ab9a9d948204b74e56525a9d552dd0916de81cbb5af3c59b3d7f8f9154423ce2cb45a5bc808e24bef13212019a19545fe54ba84d01534358380192b8c7b0eda907810375bb66a578a58fec392b47991271c8367b91d710e8a176bc1a4e96f0e137d4c25fbb03eddc392f9f170dd744472b864fbbae7c93d86e682308b21b73c5652065d72cf02e1152b44024a90a3b52eb0bb3cb412e518d37a68aa4c7f46789c54ab30d3a73d0a8712fde612294cda2aa1ccf164930b9b1d17801d4fbb06e849d39bf2b5141330caa0d2618b616f1c67e1ca57080e79ed9092ba7a55e8121cfc825cd26a0199a479a7ab1b7b23d2a4dd82fa6d04ee41ca680435efc934f0451e865e8632ac2f1115f4cdd33b0fccb7a2326127faf20cba37c828613dba5a98f4e1ad25eb6b91078cf73d873df9ef91531476f64b83559ff7ccdc4c070d478b18196ea05fe8d4ea0216ee5273dfabbd04582f40f064c9781afd2cbf30901f28cd09cc934f1b2d50883778274177e3dba8af0a1b931d80ce1a6c4085780ea2195b65ecfd2953f78a5290fe560d0cd6a5e73890a5a82dc410b92a3ef2be05ec5607820fd4ca6b9c3aa258d59022fdcb21665f1ce4e8aad8fd918c43bd3c2afe3dc223ff9f48831d401c8b6996190793d1dd7551f8511b69283992398d8f9b4bd2b3398d3b8c6f3c5d8b802ca5282b70242df2b7be4b38e70c3065f8da888631375afcc05ce578089c4f783776b286b7a60d1b5e189e2742a3240c1036a953d886885422eef01413c38099b64505fd5a73488acb4e611820674c58ae74d6c64a885d4beda9bd7903bcdc71e3711e2a057c0eab2100c321050ab14c6e453c53182577ad3178603cd9afde40a701120e9a36074fd582428c74e02781318e6c65450f8f020bd22475696fe13b8c59260e53a06d16eabd135e887a0a6bbc8ad21be7661df76fec5b13844f68b8eed1a7379713738beac9f23c7a26520e19797a910cde9fb285179526889b908b7eb49bb06f70f6271fba8712c1a4269ebcf4b7d043e924e3d2c4c753fd7e547d95841e335179836f76424e728810d7f32b78256ea30c79d9238a6588426e1f2d4c0b03d5605bd826ed24f0f11326b4cf958632b86e017aa80e142db1580c44f76d9c98196f3f6852ab2bfc6a01a3553a130c2d171957f5a45c3550fbbc990ef8742a98a86b280a57b9f198ff436bc01161ada50e6f23026c3254adf2321bff7e20aa54080bbb57d8d52c6a6df6107706a2e5bc6da68f17b474c0edd39401d765086e885cf7992405f856557915603cbe8894676e996bbadbb649a5e7498b91f9bd2f697dd9ebbe4d386050258b9f4c94781e61c660651c3f1e3ae51f8c035eca365bf15d6db48ea9ce183515f4a208d010f7c23dcacbd6e225490d7e9c133525f5c9018d752b21b4897bf18b64b6a9936f538a0a8958fc934440aeeaad2b68ac844d76f0900a6c95bd0b353d85d4fb62eb88360112237fd8c636a80e3130b21d66ae8ec58a4b76cba0602f96da919f7e84fd37e3ec2379f58e389a39c78d2482e03c379e3c4649ad63a76e3707ecff07d2fcb0c9dfc524cab49e69a09c92e4f88714335cb57d3f6184d07bef9657280fb5c9fd2d8f940f7ac6c5407e3077aa2e4ba8e217e0ee19e302d6d90e3be05a86dade35d2e454e511afb5cf5936f1d11f2fa6be6ceaa817dbdc7a6aabf2fad8ff3efa8382a25099f0c5989d2ad56ae0f4968b2cfcfc67b4f1c161c75900b4848f59a3c0376dfcb7997bf28e9e85d6dd942a360516de38e1c1a038a796f9a77ff2b0c7e5e8f4932391a0e58e76dacc6f9764178a211dfde3e75d367d2911ff398126ffdf83cf2fbdf1ad5232bed9155f7a168638a572094a9e934d4969b358cf6e121d7fd2aeae2f499068b42c152f0e3403a230885d6f92f038ddaa23499f804ffb06abdbabb51f6c38c92fb1a6271a4b13d6d11125b8ec12efa5907dc65062797fb9cca15e2f254e76b182d3fcdb4e96ac4de36d6df7e7bba5c32f422286b1be3b79bffb6fd693761952d195a84ad9ceb07287a0fbefab9e0347b513c5f60233ccd4b52d90ec144a2f896d9dc7f279f8aa93038f3efa286e1c3006933a4d7183d952f8d28b141b28b2af355b5bd8198dfde1ffb8d09202aff0d16ca3fec194662892a49f829813970a4520f1228aa03d211a45bed3b2e05bf1f10b1a152761e7b6c6ddea863a3c02224256092c70ca70dc185c4c385dd98b09e2682661e1e66f71d9c4037048eb70e8a1cbe57de87ec43713abf5fdcf63b9c482f318e3bec37e878dadbae15a02d731e6c8574eb14c059d72f73be5174add786d06b585a28a06d349d8e434a491b34897b3c1ad786ec8280d7f57edd4fbc6aea5485d659b59d393e331cf91e6ed76f340fcf7cf460892fa7318fc42b883f61d888ad982a751accb613c66661fba5f3d6de751a6a9ef8a4700316aaad04e991aab7903f4ef012ec2a8c092234e74ef335daf360ae47bbd2bbc6ad8c1a4f81efe8bbd703cb55ef36b32b4e30cb5a3b165c02ba295d0e1c40ce6ff8f479a74f01275f113ebfa8ade37a59ce70e6ca2a6f48f1be085f61bf772e2c2da523a2cfe63e99c57bdb1ff23139d4fca49eff7547e9880eefd3f7511a677efa23b52098ba89037c48dfcda2e8c1cfb9f892161049e53f8cee55256279512aecab8c441600dae0fd957883273047cf5c66ba209f830aa2ce0cbe41ca08c0cef4aed7f4324009200661a7ce680e5a8df2d051c1d8b2f63d25d8d74d05c75c46c8f3f24d625539e63459650960498a54ec3b16225bbbf4d3930009df265839d72611f5332a904cdebada108236e4414a2909ad01ec44b9d7f75de4385ad7ca5152e890a0919b3639fd1bcbca3b737ebb8d9ae541b1271cf2166ba15830e66f3d3afd3b754a7f81ad4f0999704ae99c114907c5be4a4797f13b80564f234723a34dbe137dabfd7fa23562df679f54a6ab54def6d63deae9844f72fd73efd0413551f5c4b9ee826eb3b7faf92a59ea34a16723b4fea14d1c8815a4e2d39fc48d1dbce526a7c53f5a96d0ef6463a0cee73fd3505f5c764a264b83c4a21f80e8b61c82d24442d13da99d18dc1b2538e7a510f6093d9ef2bc5cc777d4f98411e93919eddfd69d6e20d227cb61c50f358ea227f4de941fb080c1cf6b1f6e25533768fe133dbfc3f9d29c603bed38aa3c5af5b81a706b0067b40b88f992610d04c7cc36b8f649697cd6a93fae51138161891ae75a7147780fc59af5a6e18c54f9d2a4fe7fa92314b399afba9a40d0cc24f70a2593acf8d179215e06b7a9a88224bafcb2cbf60caf5fe4ff38208a70793b5dc33cd572956260e1c86312d3ba9b3a4b2b44376f2e78c616a6c0880ac8dcbaa30b9f761d500fd03a8518dd0509157b184a2d95e0caf3ffc8ac2db6c54d80c71a1e5b9ea3bf51071e2118af204123daceeb04e4f6f31f32a4d3fbb76ee49440cabda2c121c1b99acab5b87cecc37c3f9066af34ab29d6598bbfd91047a2ac7ce3a8f3027ff5e6d743506f161087278896a98ed37122ba208b61cf54d3929555ab06b564cd5e4f46f4755a6cfa2ef2b30d29ea66f2749d4060d411fa9160c91b6f55cf071ac8222c6313df18759e2958cddfe3db4cbeb9cd39abcf5f0beaecae8437813995cb7ed0b87d42ca942ff7245ece204798d01361c5f008e0d82bdf76660515bc78f7f8f409ccf68614b2cb50f5af2615661326fd971bc57eeeade60ea906b8df1cb0dfafd318cd2c396309c329d0469ca192aa8f51d7c4227685440f073983255baf054b97b9d7be1d1470d7eabd5c09b2116b4e86b0567b7e97e088717a4fe3dbdd310a1c39136ea4d2c47492001f9885dba03bf97e7da376171d666441cdc2f999db137603d57df32b4260fa0165e82917bb1631ea314e7a7437e66fc68cef22cda8f456d6e583f6e3237e0bc79987a9103f7cf0918e26881f67ea582e1ff3a49177599d385bf6e42572a2547933aeddb826530e9adf30dd84c3a7fae5c4c26f6c6f3a9f0906decd314e2407825abef959c5416d18a92ff34e6c521a16e8a0a29937c77d4ee99b41d530a732acbe0bf5d274df9d496b47a9a624546bdcf9976cde12ec989cb2a70b33a7c8a3a77652023164695f9db30dfcf587f0cd4f73e385730bcbdd688f6dcb08ba0efbb9f579220afefa4acfea522e864fce9b1782ce9f14824d16e9d33a2609c23ba3c5a1af02549357a0dcc12e37819d778021762cf895abeac1125b744c8b8225a091e7be9ded9993cfa3ca9abb83e25c8f559009977a2ed9374a89619fae5ef6d164bb73d242004dc8428e44689b33ee3bbe88bb4962ab0a32a90e7aea044f08410752cb2d7aeaf3196648a3a99092665b478bb394b48f79b36db0efc7f50d6a5179c945f5298cfaac5e5dea715296f92abce7281d48a0c9c6b785a35ef5f1697c047ddb254fe9a8ab9f498b0c1ae09ffd01a3d8d427fee7e36c51e0e5c2fee2245fb8464626ab5c9857ebce91f7d22bf024d10c2d71021cd69268472de419e6cefd970cc3a8e4d1bbe6496799aa7f100411766e712aff08b731460f14f9d7356db12cf8e1c6121968dc68b1d81c086b325ca4ce6fe1f476707e08fa913144b757c6be17cf93150db29544d207f09a896f33b7335d9339215da751e7af2c6bdd19db6f521af2c8a5998dc607f97026d07111488741134c1c86eba123273d1fd5ee4b471e86f9ae9478a04c7482076ab34a1eca5c64f89e5106eed44bceec019c67c12fb4db4fdac153f4ac3b63ffeb6d30de58ec039e2dd3c181e254cd94d0a2b0b44490384cc5915b54ee1db2b6d059879bf8126c9ca976d0f7862da07ecd350930a081810a7afd72b2ad3f65b96ae9c7f91227a2b5513a559f36b90fe01be9ae5ad3ca65e2c26f358fc26b858a3633fda7ae49a5fb705220a5819b3cca41b1ccc21d7c40f5fa9c422288efa5394e4312675899d704a2aab62b8363f58fd4bc12a8bea6ffc45b4414237bf5f019321206dbba439acb5ef26641f30fdac20f964354bce94e4c9d73e137f9806deefaf6f4acaa0e76ad4fef9f6cb7fc01bbabda9612c05adbe46afcf94819e8a4b4b49ff764784fa432d47fb6d4230900043d1b4521cd6839fe8c5df4d1899fdfb13880e207cac73f0a29020bdd563bd9c2f6bcd1ec523b3e03ebf6164fc65af001830c51396f9df2d346f83a59cfc82201cf1150ea57259d579fc2ed199b3fbe42d5188c84e4354610743e5b23a265246313cc63913f17412fa00d98b379b80b96d936969572e11316bc8926cb23115186f3b2387b82c3898fa41bf16a308da62d5a3eb3609af1943fddde08a4036eb2a41b7292caad9eb082614b02a1fa255bc7abd4d0e3b4ec1801e131e68c7aa9da1a0ff10f9de87dec8fad1ad8bfa99caa49e203a7b9c33e044d4544a537471e7a452468b821959bc488c6b8cbf81e90081a26de273ad1203cc06adb6af242ab19f96c1c66b58c37e2c9309704fba63af99a8d9c5efc651afb631fe9f546b938cc3b8e526c4159e5c9f7afb29fd1d55fabf09367ce2a63a35e7a2062d1c772ed981fd77157a847f687a177cf9886ce41df8cc509302b46bc1e2ba896b1c1656a1bbfdf4cd9ac39cf8510d1c823075f16550fd044aacc8d42a56f03718f7b18475cdc3999faeb25ab3dd8a807ee04d8e5d831d08b4e309dff50330685138797e10c6362636f53f22bfc1f3d5090a5d369282d9de36bb4e2505411ccc6ea395afa1567b15a2fb4be2adeea7126b1a8e80034105e0d98bdd78e796ce1cdc06a4ae666fc0baec5c52614340ed997673e26ec47c88846c000bb7c9077337cd44f5c041fdcc64986e5e1c0f488148f0ee6f842c44c0b72e82109270341bba6e9080b70fcf930d0f10be5a36798e70111fed72727b72282ff164fc08319d74f1f57cde71b57cb397a9e753f87b97729bafba017a24cbfdee5dfe7fc296c112e93bb8fce560ca80a3afd8370baaa79ad783b51352b5440b144a47378c9ae22eda5794328e95bcca220fd07bb56915529b155c61858efe89ad36a79288e74c0e251addcfaf797432175a5562b46eff5e3aebeb74623e18beef85389383c604d8884431b07dc4bea0174aadc337ff41f558a63f16690feae47efa2a5d1318b7397e1e4ba398727d286791b71610e1d78d32800e7e113c12abf0f60b6ca4401ecd23b7aacd990633b2b017daf6bfef1b2361ece74b7dbcbb1a73d4bc1f9d2e5c9fb0b7980d25cc44d1b10c09ef5a6a05c84669294a5cadf0cd88ab449f9f0bcdd8c48590d416c5c1feaa494a2145949c2a3373df7c6014225f2745bbeb20ff294d22c0d96ca111e6926946207cab56a03162a49e68968e398f70690188ee3ca847ef421742d60b9a6ad029e8a3d607950b2bf8ad8ff297cb39acc94905635770436e134435e28205140331b5100d9f64469792fffac87bca0835cbc617446ff86a7b50418c305f32e658b32130e491e38709fd3697017ac8084cdf1ed81a28375aed092ab4e32ca88a933154dd3a9e99351acbada926b67b310c7070ac1a414a28c5abfe1f45476249a12f18ca2d981528d881ed3c5072e46a6eff3cdf37dcbc89c7f79c88a1f8d15d15beb66a0e4440c7b93e379c4e2bac1d5c8e85f1852887e2cfeb178fba1c67dc2adb0c87df8ca4444ca7f455509f492effb5001328b8cc696e2933207a2d78bbce8562ca34a248193c914406b161c8141479d891b0c6110ec1e25cad38299b489f2ec437017cadba67dcb58abd4933c95b3526f1d4747b8701a7d71e446e4b62e2941d4281faca0cf22914be5aad80f47100000000ceb24e82508fe55a92fb6db70d03d1c1ec09cfee31639341756a4630a0eaaecac7bfbddf9d30c42cbd45eb181d5bd341307ad26f496bb042e2b655c03ac3dcc587acbf50f79b5c239be9938b62d3251b199f8413b020605d5d0552cfd9c39c9132719d6d0a326b000e12fcb51bc274df79d11430060d05978cdd50583f1bca82c57dbee605e2d00fcb5414af13a596d35cb5ba62de6a28cbccc857d23547b1c7fd5ac8fbf6758d5b8451fa46d9acc00344dc2e565674b1dd3547eb8f8aa5fff99042f8d1d59e6ad2f53379211e6832fcb68f5777eb2db85b28f724f4e4ce6342cf55713ff7b0cb4f7f47dd12a6566b86709eaefae024373267ce72a89e7f3e42ab48edcccc96b5d0403fe93a927e5ccf470014f220b8257393226cd7b996f20e6a34f81206733a9fdce03b701943c1b560d3eab68c2c225cf7f7f2b56123be2bb173e9e5b37f4d3348f6b987764ad07c2acd44514ff264d7eda31e5e517a179414841ad4553d51c08f435e05f10aa82d74b97a9ba3a133e6c9175fdcd4f3dc9c16d3be1d5bbaf13240177081ac1d56681bfa988a93af09868afd608520c0bfd71d857a6661fdaf6f2e166987eb007449dd26334ae932c5003fefc0f983b9e49cbfcea325f2de16a9ae935caa46f5b3433957fb370971ed957f138f08a60fed5b84995e428e7ae7d5c22021ff016baef0e713a118344c016a99ad469313ba7f2452da0dd82e019f64aa229cf80a69b3e08ac5847f10d247179855546313232f23e055c2f74ecef14e0fdcc29a9bf0976fbb249bd5c7903183d2a53c70960a183630e7d4928daa7091a85ad987d2a4a5b8f6be6612fa72d9fbb33c67bb38eff19f2e784f94e0354cf6d35a5b2c62233c039de3734b38e97ec72bd673fef09fd56fec329818cc68cdf12cb52f7d37a8350c16e94208880bfcd3e895d7aa4489e3dd15db4a9026f0d2a46f1e89c35845dbd976a1992b87c15a0c7580e6424b8792a7bb7b933d7c5433d4133ba4dbbcf7995d6ed3feaa32f876a287feeb9cc6107778c1f83e0119d980b9e994c2a3ae3de24a103efb3cacb746b49d1ad85746b233ab4aaf0e988ec2a786bc93f32040d3bdc3008031634cdfded5ac95b2279e096243228296591e7ba53c4a127772cc4620e6b238ccad250629194533d0a669ff3366c52d64928693e0b0cbb0b8e2c6029089d4dfe2b4b6c5dcd85f1a02770611e65001e48a32a8b0431a3b9d77fa3a95be38a0436a704c05a8e0183f3214c25531a63796f679bf72885aa766468d42b2543542d7e82544efc5c5e81e6a91a0f5d4e68000cff687d63e45c9a11d4ef515050daa592c9a828ac7c0488e7cdb3d6fdaef5e9176ee68d981ea50d386d74df3b40660351736deb03bfceb721878cf9894b0302df15964242ab6b9f77f98ba1c7993735983d2b022600ab74a19e3636e1400d08ba45d3a5c2774cb06a1c358bbfc11d27efaf7ca53c2e7757c8c76da24707d91a4a5244262898d68083ff91c514d9b9b1ebaa0cb0b10254fda1b1e82b9a1a47f117b5b280ddbec1f6732d11117ef1a7a674699df87fe795d1243cb9c4527e364e2b711b6562a87fafc130ce0baf1701686639b05f0c8dc708f008b1e6ab89e8d623bb83f3d54b7bcdbdacd055ac4eccbd36bbe0af0f65a00e3d6dd985ae8851d176976cfb5816d1fc2a63d3546aecaa4e712ca6961d1f181315d553de6b53485faed0dcfcf819a1ba3badffe797377d3d1ddaed8e7a0acc0c3d277762262a139f94de49faca167b11bf04f2104a5ab9a73367a6461f7124c91a2c4229ef98e6ebde9aac283c7d029400d71293f488ba169b62c1e94689cf5b248ed4aea62b88d65bb764cfe27d5231a58486e7381df518f4ed81cb905108c54a5050a94ca0e94da20d3794bc5fab9127dc95b6404b1e27b4e28136fc27806f7be798444c33aca88ffd45b860eba0d5033839f5a092863954604f1952bd61dad23b11643fe14f3ade08116aa2c13eee701ccd13e506bd65a1060bf69579aea8c8143cd38c0891a3065f251eba0c20ab9c69ddf28e3bd6400cc203bac8de1882239ad4e1b97b0ae2f1abb7bac7c0d8ef82b97ebfb1f5577f06a3a1377b09ada4db87d342f20ab0eca4b9c206042471307511429cb57a578211f92d3647189861cad9145f5eb26ab696abe50a2a6c1b469df97da28aba4e79b586c348a430f5ea61c4be1032fa61d18581f05a07fb8707c8996e0fff1c3eda59b992687fa12483b9327e10224b20d42e8b3fc4670bf070ced602283273d6818acd1f6da567c44d3f5e1377065d43d87d889843ae48e7fa8ba1634815695b8c480ca271e6e833799c70da80fd79acc09b989667a2294de5da73f0363df9a33ad4dab8d27cf7bed0a06838672e3d07d52b6396e9b5576021d5e925abd533bf161c944795065fdd44e8462e3070c479f1c118276653488dd9b2f1a673f8cad3612ca1fab4388ec9c8f834a01a499adb7b3a9a977672f6d75b41bbdd7f91ceb7e7a88568d17bb432be9e4e96e115075bce197ef4754d2914c2c59e2d7f4c08f0dbe34d31f229428f211bf1d7e8f5c319ed4a8273cb6255eb318851ac4557b0278fac63107a54d407c42f300b843a12abd3b893b46c7efac2e388ab42b87aebe2543bd4c15f459bc50aad10ffe1c1196fb52c26e54bdaa7fbd52451f207ffb073ef4b3f71eedd7da40c89505019739e3fa733bcdc84ff4919e8fe2358129ef28291be1d6426b8bafe88463b1d3cd7273745381c7f65221898e6ad361e88b24c54ccc7ac9a830145b6dc096e2d71ef71ec4f03524cb870b724e08d223bdec2f6fdde6200217a13b5136004d455d66547f5a1793e0cad85677d49e5c558852107007c8136812cf021afaf6f7e8f59883371be46cda412dd9c6fcf187c31252ceb5758901d39cd5355ab386d9a7fe6ea46ebf277aaf809c3023211ea9aa189de4d422080ebb9fec50ffab6b95ba4ae5018accc497e79149ed6047ce561ccc10e9194cdccd5c9fb75175c8dbc9d0a916ad59288f010defbbb50d263041ab37aac0f93253bef6f898cd0825d99d27224f26181f9713b8979da64756c95e7505f25a2688960d6155c3613dcc31b6c337a6dbfc6b12cfde1db22b93bbd5e48534fb0bda8b212577a14dcf665c834b0bd24e5f624d2455fe048dbe930328d7cb632db3b0e244bb5d43390b420b15157a339487fc78976f867d3a361aafdd3f50a93c01882da7c220089a544381db22e2c86b228dc2be01820468460437588952a549d37498e529e62aa62bad1580546bcb1e9a6ed1870b7838d05d12f6e3a041e78b1bdb80894626f20889ccb3a468aa4fb24b9c87cbb28623ce59c6b3c6286db366d08004551a25fe4d8d194a2bb7c52e1c85a5fbe4cb15b171489da121bea1c469a6bb185d63213084e3a81ee54dc03a94dc5ecdda7bfaad1df68021aaf4627c9d529f13e5c81b5ee4dd228949ca16b9a61d186211d153294470907557e5e14ae665013f285fe4d3766e7b3d8ce5e2a14692072d4d8f79354bcc8db8a2a36c8bcd", 0x2000, &(0x7f00000069c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000066c0)={0x90, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000, 0x0, 0x0, 0x0, 0x800}}}, 0x0, 0x0, 0x0, 0x0}) r2 = openat(0xffffffffffffff9c, &(0x7f00000020c0)='./file0/file0\x00', 0x0, 0x0) umount2(&(0x7f0000000080)='./file0\x00', 0x3) ioctl$SCSI_IOCTL_SEND_COMMAND(r2, 0x2275, &(0x7f0000004300)) [ 911.388198][T19550] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. 20:08:34 executing program 0: 20:08:34 executing program 3: 20:08:34 executing program 5: 20:08:34 executing program 1: 20:08:34 executing program 0: 20:08:35 executing program 4: clone(0x13122001ffa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001}) r1 = socket(0x1, 0x3, 0x0) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000100)={0x0, 'syzkaller1\x00'}) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-generic\x00'}, 0x58) accept4(r2, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$netlbl_calipso(0x0) perf_event_open(&(0x7f0000000000)={0x1000000002, 0x70, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r3, 0x8983, &(0x7f0000000080)={0x0, 'syzkaller1\x00', {0x804}}) close(r0) 20:08:35 executing program 3: 20:08:35 executing program 2: 20:08:35 executing program 5: 20:08:35 executing program 0: 20:08:35 executing program 1: 20:08:35 executing program 2: 20:08:35 executing program 3: 20:08:35 executing program 5: 20:08:36 executing program 1: 20:08:36 executing program 0: 20:08:36 executing program 4: 20:08:36 executing program 3: 20:08:36 executing program 2: 20:08:36 executing program 5: 20:08:36 executing program 1: 20:08:36 executing program 0: 20:08:36 executing program 4: 20:08:36 executing program 3: 20:08:36 executing program 5: 20:08:37 executing program 1: 20:08:37 executing program 2: 20:08:37 executing program 0: 20:08:37 executing program 4: 20:08:37 executing program 3: 20:08:37 executing program 1: 20:08:37 executing program 5: 20:08:37 executing program 2: 20:08:37 executing program 0: 20:08:37 executing program 4: 20:08:37 executing program 3: 20:08:38 executing program 5: 20:08:38 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$devlink(0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x204) io_setup(0x20, &(0x7f00000001c0)=0x0) io_pgetevents(r1, 0x3, 0x3, &(0x7f0000000240)=[{}, {}, {}], 0x0, 0x0) 20:08:38 executing program 0: bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x6) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @ipv4={[], [], @remote}}, 0x1c) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) getpeername$packet(r2, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000140)={@local, @ipv4={[0x0, 0x0, 0x8], [], @empty}, @remote={0xfe, 0x80, [0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xb]}, 0x0, 0x0, 0x0, 0x0, 0x9, 0x20c301e2, r3}) sendmmsg(r0, &(0x7f00000092c0), 0x3fffffffffffe9f, 0x0) 20:08:38 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x3, 0xe, &(0x7f0000000a80)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000cacbf0b9c4b88449c3a926042512e17e46f7071a463143fb42c20e017feec42107f2e6ddbe1150296c6a6db4afa7c81b2636b1c5fbe24ec88317"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x300}, 0x48) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) recvmsg$kcm(0xffffffffffffffff, 0x0, 0x0) recvmsg$kcm(0xffffffffffffffff, 0x0, 0x40) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe80, 0xe000000, &(0x7f00000000c0)="b9ff030000ffffff7f9e14f005051fffffff0a0a4000630677fbac141433e000000162079f4b4d2f87e5feca6aab840413f2325f1a390101051a0100010000000000df74e30d7eabe773afef6f6e4798ab117e9f84fa406b913de8ad827a022e1faee50887dc302819a8a3d0cde36b67f337ce8eee124e061f8fea8ab95f1e8f99c7edea980697449b78569ea293c3eed3b28fc3205db63b2c65e77f19ab28c632cc80d9f2f37f9ba67174fffcb5244b0c909eb8e12116bebc47cf97d2ea8acadfb34ca580b64df7c800113e53bae401cd22f50072deabf93dd4d3e626", 0x0, 0x100, 0x0, 0x296, 0x0, &(0x7f0000000000), &(0x7f0000000040)}, 0x28) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x3, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x78) unlink(&(0x7f0000000480)='./file0\x00') r2 = socket$kcm(0x29, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0xd0, 0x0, &(0x7f00000000c0)="b9ff030000ffffff7f9e14f005051fffffff00004000630677fbac141433e000000162079f4b4d2f87e5feca6aab840213f2325f1a390101050a0100010000000000df74e30d7eabe773afef6f6e4798ab117e9f84fa406b913de8ad827a022e1faee50887dc302819a8a3d0cde36b67f337ce8eee124e061f8fea8ab95f1e8f99c7edea980697449b78569ea293c3eed3b28fc3205db63b2c65e77f19ab28c632cc80d9f2f37f9ba67174fffcb5244b0c909eb8e12116bebc47cf97d2ea8acadfb34ca580b64df7c800113e53bae401", 0x0, 0x100, 0x0, 0x0, 0x0, &(0x7f0000000000), &(0x7f0000000040)}, 0x40) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) sendmsg$inet(0xffffffffffffffff, 0x0, 0x240488c4) setsockopt$sock_attach_bpf(r2, 0x1, 0x32, 0x0, 0x0) r3 = socket$kcm(0x11, 0x200000000000002, 0x300) recvmsg(r3, &(0x7f0000007500)={&(0x7f0000006f80)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, 0x80, 0x0, 0x0, 0xffffffffffffffff}, 0x0) r4 = socket$kcm(0x11, 0x200000000000002, 0x300) recvmsg(r4, &(0x7f0000007500)={&(0x7f0000006f80)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, 0x80, 0x0, 0x0, 0xffffffffffffffff}, 0x0) recvmsg$kcm(r4, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000b40)=""/253, 0xfd}, {&(0x7f0000000280)=""/115, 0x73}, {&(0x7f0000000400)=""/113, 0x71}, {&(0x7f0000000040)=""/6, 0x6}], 0x4, &(0x7f00000009c0)=""/74, 0x4a}, 0x10001) sendmsg$kcm(r3, &(0x7f00000031c0)={&(0x7f0000000900)=@l2={0x1f, 0x0, @fixed={[], 0x12}}, 0x80, &(0x7f0000000980)=[{&(0x7f00000004c0)="33899ced14e41433a9a803c59049a813f5747d20400cf911d3735a65cc8a94a1b5dce1d9b8131550af0ac969c1dda796d1375567579fa1e4e7a91f17f0824fcbfaf45c2b8aa9d8470f4774215792d3734b1657bd5424be45ebe29a6eb910818b4c30ecf369eed92a390da9273735525eedc4a2c616aed9c6bff103c4b48e459dfc2b90f2e440f13eb24ea659027d815dcddaaa42afec5fc760a3ea100a2475c59b65b8129605ec392c00c6c584a3c4aad2699f54bf2f3e02f85206b1b3d86c2953afe9542bd8b74a2b91436500edaf2e4e4701fb2b8bdffb44adf5b6643135f5689d9aacce0db687de2a583ef353e578aad4f2a50b211cd19629dcbdaa52a2dab61ddbde9dd3112180f814b15a8a404948ef9e7572c8373f4bd683a9b26751ff0a55b1ac39bc957050aa5fb7d42e08e0da4de611568bc6177349626b8484563e3ad130024171b7e7cb7bb892274bd2401c17240b1e1db5b14da744a32896abf094ffcc005e74115bfaf1f19e796a9efb45ea9bb964c65780fd3c57d4073c4c1367c5bdddc46ca4e28a624c1bdc9e972b2ece7c20eda52c7a04ce13fbbdd7cca0ccb40cb9fa65566c4fef7af0026560fe1c267959a5991bbd9be661d32d6572f3d5ce1d346704352b2b2c4345f659ec408e891b2e8a5c5d9ac1955724fd4cac31082f65bb9bdd483f669095685f905c02126e1976adea33c54694ca2aa92838b7e01432e7f1a4bf39b9d3cdd76a8ec0377f351f198e4bb16824cb3f3d4d49686e905463345d4e1054a22e451516b5e77bb373ee8040ee85c770d17d1a04cb2052f6f1cda266a7d91cb6be1d4bb927f619582bb22c1d6a84e40463b7b689855f695034f76c93cb7b026497402c0406cab80439f032515e5a516cd4edd0a9a064111f0c0c5885e4ce5457be280d0c54d726c353cc7917078bc7a619b1afd31e4abd2d157c65518b8baa7af45062c6b7cc28cb575de50109acca8ea6824e644e7bb7bc704a389f917cb62c55f6e25e79955fe63fbdf75ea111df53626295a4e31d8f06a538f4f54a4e615e75249dc2f9773c23ec6f57fa4e2bee99680e17c62d6a0644c15a783e0e8d1ed550b940f0448df0c977191f211da485fe3d7691823cf7608c3f655e1c879db719d8a4ac66a0f952c3bb2d1a7f89df54b9a21cf54365fce976dfffcd7b849c7a7ed502b2106d68bbffc4fe842a44d1315baa1203c463fce8be644ccffeb49361a1afb65a913fa33b48ee08088d14c490b4be2281754df5682e770127719d35ddfb1e3b3ecfb3f516be58c9a2c8d68f2e0b2cec30eee6a1bd371adf93918a51ed322b9d08ed0def7ac06e86334d1d07433ca24022a3e3cff034e97412974eb1f06db73c2e3ff94d47b81be55b9399836e54a5bf95dea36330184a0514785cdd69b35b9eafa90ba9db6ccb12dcd780ac52", 0x3f8}, {0x0}], 0x2, &(0x7f0000001300)=ANY=[@ANYBLOB], 0x4c8}, 0x51) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) 20:08:38 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 20:08:38 executing program 1: perf_event_open(&(0x7f00000000c0)={0x1, 0x8f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000003040)='ip6tnl0\x00', 0x10) connect$inet(r0, &(0x7f00000002c0)={0x2, 0x0, @multicast1}, 0x10) sendmmsg(r0, &(0x7f00000038c0), 0x4000000000000a8, 0x0) 20:08:38 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000100)='net/fib_triestat\x00') recvmmsg(0xffffffffffffffff, &(0x7f0000004700)=[{{0x0, 0x0, &(0x7f0000001980)=[{&(0x7f00000017c0)=""/1, 0x1}], 0x1}}], 0x1, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r0, &(0x7f00000017c0), 0x1be, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000000c0)={0x0, @in6}, 0x98) 20:08:38 executing program 5: socket$nl_crypto(0x10, 0x3, 0x15) perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x22004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) recvmmsg(0xffffffffffffffff, &(0x7f0000002540)=[{{0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}}], 0x1, 0x0, 0x0) exit(0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/packet\x00') socket(0x0, 0x0, 0x0) preadv(r0, &(0x7f00000017c0), 0x3da, 0x0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, 0x0) 20:08:38 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x11, 0x800000003, 0x0) r0 = socket$netlink(0x10, 0x3, 0x4) write(r0, &(0x7f00000003c0)="2f00000014000f3f00000000120f0a0011000000039a67a23aa7970f7c87218682ee6e8d06e500100000638c7b9916", 0x2f) 20:08:39 executing program 0: unshare(0x40000000) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0xe) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x78) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246) ioctl$HIDIOCGREPORT(r1, 0x400c4807, 0x0) 20:08:39 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) timer_create(0x0, &(0x7f0000000040)={0x0, 0x12}, &(0x7f0000000080)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x204) r1 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) readv(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/65, 0x7ffff000}], 0x1) [ 916.826981][T19679] IPVS: ftp: loaded support on port[0] = 21 20:08:39 executing program 5: openat$hwrng(0xffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) socket(0x0, 0x0, 0x0) preadv(0xffffffffffffffff, &(0x7f00000023c0)=[{&(0x7f00000013c0)=""/4089, 0xff9}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') preadv(r0, &(0x7f00000017c0), 0x218, 0x0, 0x0) 20:08:39 executing program 3: r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f00000000c0)={0x10, 0x4, 0x4, 0x7, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x0, 0x2000000]}, 0x40) bpf$MAP_UPDATE_ELEM(0x4, &(0x7f0000000000)={r0, &(0x7f0000000000), 0x0}, 0x20) [ 916.951742][T19679] lo speed is unknown, defaulting to 1000 20:08:40 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(0x0, 0x0, 0x0) socket$inet6(0xa, 0x1, 0x8010000000000084) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x0, 0x0) read$eventfd(r0, &(0x7f0000000080), 0xfffffefc) [ 917.626686][T19680] IPVS: ftp: loaded support on port[0] = 21 [ 917.745128][T19680] lo speed is unknown, defaulting to 1000 20:08:40 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000200)=0x1, 0x4) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) inotify_init1(0x0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/vmallocinfo\x00', 0x0, 0x0) sendfile(r2, r3, 0x0, 0xd811) 20:08:40 executing program 1: shmat(0x0, &(0x7f0000ffc000/0x1000)=nil, 0x5000) msync(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0) 20:08:40 executing program 5: r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000000380)) perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff}) close(r1) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000340), 0x106}}, 0x20) close(r1) 20:08:41 executing program 2: r0 = gettid() socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f0000b28000)=0x6) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0xfffffffffffffd10, 0x0, 0x0, 0x0, 0xfffffffffffffe35}}], 0x40000fd, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) [ 918.408885][T13431] tipc: TX() has been purged, node left! 20:08:41 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0) ioctl$int_in(r1, 0x40000000af01, 0x0) ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f00000007c0)=ANY=[]) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000480)={0x0, 0x0, 0x0, &(0x7f0000000340)=""/40, 0x0}) ioctl$VHOST_NET_SET_BACKEND(r1, 0x4008af30, &(0x7f0000000040)={0x0, r0}) syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000100)='NLBL_CIPSOv4\x00') 20:08:41 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1, 0x7e, 0x1, 0x3}, 0x40) bpf$MAP_CREATE(0x100000000000000, &(0x7f0000214fd4)={0xc, 0x4, 0x4, 0x234, 0x0, r0, 0x0, [0x305f, 0xa, 0x300, 0x1800, 0x6000000]}, 0x2c) 20:08:42 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f00000002c0)) clone(0x22004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit(0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) syz_genetlink_get_family_id$ipvs(0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) r4 = dup3(r3, r2, 0x0) write$binfmt_misc(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="73797a3060d0ac9187f2087725fb7eea50"], 0xf2) 20:08:42 executing program 0: r0 = perf_event_open(&(0x7f0000000240)={0x2, 0x70, 0xe7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r0, 0x2403, 0x0) 20:08:42 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000200)=0x1, 0x4) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) inotify_init1(0x0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/vmallocinfo\x00', 0x0, 0x0) sendfile(r2, r3, 0x0, 0xd811) [ 919.386346][T19757] not chained 10000 origins [ 919.390915][T19757] CPU: 0 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 919.399578][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 919.409813][T19757] Call Trace: [ 919.413160][T19757] dump_stack+0x21c/0x280 [ 919.417517][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 919.423243][T19757] ? kmsan_get_metadata+0x116/0x180 [ 919.428453][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 919.434253][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 919.440320][T19757] ? kmsan_get_metadata+0x116/0x180 [ 919.445514][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 919.451060][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 919.457295][T19757] ? _copy_from_user+0x221/0x330 [ 919.462320][T19757] ? kmsan_get_metadata+0x116/0x180 [ 919.467525][T19757] __msan_chain_origin+0x50/0x90 [ 919.472532][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 919.477651][T19757] get_compat_msghdr+0x108/0x2b0 [ 919.482612][T19757] do_recvmmsg+0xdba/0x22c0 [ 919.487111][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 919.493390][T19757] ? kmsan_get_metadata+0x116/0x180 [ 919.498581][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 919.504417][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 919.509712][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 919.514468][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 919.519224][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 919.525292][T19757] __sys_recvmmsg+0x5dd/0x610 [ 919.529983][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 919.536050][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 919.542221][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 919.547539][T19757] do_int80_syscall_32+0x1d/0x30 [ 919.552490][T19757] entry_INT80_compat+0x71/0x76 [ 919.557338][T19757] RIP: 0023:0xf7f85549 [ 919.561398][T19757] Code: Bad RIP value. [ 919.565451][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 919.573852][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 919.581810][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 919.589773][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 919.597733][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 919.605823][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 919.613874][T19757] Uninit was stored to memory at: [ 919.618889][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 919.624596][T19757] __msan_chain_origin+0x50/0x90 [ 919.629531][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 919.634758][T19757] get_compat_msghdr+0x108/0x2b0 [ 919.639684][T19757] do_recvmmsg+0xdba/0x22c0 [ 919.644173][T19757] __sys_recvmmsg+0x5dd/0x610 [ 919.648838][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 919.654894][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 919.661048][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 919.666324][T19757] do_int80_syscall_32+0x1d/0x30 [ 919.671250][T19757] entry_INT80_compat+0x71/0x76 [ 919.676163][T19757] [ 919.678473][T19757] Uninit was stored to memory at: [ 919.683485][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 919.689192][T19757] __msan_chain_origin+0x50/0x90 [ 919.694116][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 919.699302][T19757] get_compat_msghdr+0x108/0x2b0 [ 919.704225][T19757] do_recvmmsg+0xdba/0x22c0 [ 919.708728][T19757] __sys_recvmmsg+0x5dd/0x610 [ 919.713393][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 919.719449][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 919.725595][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 919.730865][T19757] do_int80_syscall_32+0x1d/0x30 [ 919.735792][T19757] entry_INT80_compat+0x71/0x76 [ 919.740622][T19757] [ 919.742935][T19757] Uninit was stored to memory at: [ 919.747953][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 919.753749][T19757] __msan_chain_origin+0x50/0x90 [ 919.758674][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 919.763791][T19757] get_compat_msghdr+0x108/0x2b0 [ 919.768715][T19757] do_recvmmsg+0xdba/0x22c0 [ 919.773220][T19757] __sys_recvmmsg+0x5dd/0x610 [ 919.777885][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 919.783950][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 919.790105][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 919.795378][T19757] do_int80_syscall_32+0x1d/0x30 [ 919.800313][T19757] entry_INT80_compat+0x71/0x76 [ 919.805141][T19757] [ 919.807455][T19757] Uninit was stored to memory at: [ 919.812467][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 919.818259][T19757] __msan_chain_origin+0x50/0x90 [ 919.823182][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 919.828282][T19757] get_compat_msghdr+0x108/0x2b0 [ 919.833293][T19757] do_recvmmsg+0xdba/0x22c0 [ 919.837783][T19757] __sys_recvmmsg+0x5dd/0x610 [ 919.842448][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 919.848503][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 919.854649][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 919.859943][T19757] do_int80_syscall_32+0x1d/0x30 [ 919.864868][T19757] entry_INT80_compat+0x71/0x76 [ 919.869696][T19757] [ 919.872010][T19757] Uninit was stored to memory at: [ 919.877022][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 919.882812][T19757] __msan_chain_origin+0x50/0x90 [ 919.887751][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 919.892876][T19757] get_compat_msghdr+0x108/0x2b0 [ 919.897794][T19757] do_recvmmsg+0xdba/0x22c0 [ 919.902281][T19757] __sys_recvmmsg+0x5dd/0x610 [ 919.906958][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 919.913017][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 919.919160][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 919.924435][T19757] do_int80_syscall_32+0x1d/0x30 [ 919.929361][T19757] entry_INT80_compat+0x71/0x76 [ 919.934186][T19757] [ 919.936495][T19757] Uninit was stored to memory at: [ 919.941509][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 919.947214][T19757] __msan_chain_origin+0x50/0x90 [ 919.952146][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 919.957250][T19757] get_compat_msghdr+0x108/0x2b0 [ 919.962173][T19757] do_recvmmsg+0xdba/0x22c0 [ 919.966665][T19757] __sys_recvmmsg+0x5dd/0x610 [ 919.971338][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 919.977397][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 919.983542][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 919.988813][T19757] do_int80_syscall_32+0x1d/0x30 [ 919.993740][T19757] entry_INT80_compat+0x71/0x76 [ 919.998571][T19757] [ 920.000884][T19757] Uninit was stored to memory at: [ 920.005901][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 920.011623][T19757] __msan_chain_origin+0x50/0x90 [ 920.016550][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 920.021645][T19757] get_compat_msghdr+0x108/0x2b0 [ 920.026568][T19757] do_recvmmsg+0xdba/0x22c0 [ 920.031055][T19757] __sys_recvmmsg+0x5dd/0x610 [ 920.035720][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 920.041780][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 920.047925][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 920.053197][T19757] do_int80_syscall_32+0x1d/0x30 [ 920.058127][T19757] entry_INT80_compat+0x71/0x76 [ 920.062954][T19757] [ 920.065268][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 920.071930][T19757] do_recvmmsg+0xc2/0x22c0 [ 920.076334][T19757] do_recvmmsg+0xc2/0x22c0 20:08:43 executing program 5: r0 = socket(0xa, 0x2, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x12, 0xc, 0x4, 0x8, 0x0, 0x1}, 0x8d) sendmsg$NL80211_CMD_GET_INTERFACE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x1c}}, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000a40)={r1, &(0x7f00000009c0), &(0x7f0000000680)=@tcp=r0, 0x2}, 0x20) 20:08:43 executing program 1: perf_event_open(&(0x7f0000000100)={0x2, 0x70, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pselect6(0x40, &(0x7f0000000080), 0x0, &(0x7f0000000180)={0x80000000}, 0x0, 0x0) 20:08:43 executing program 0: perf_event_open(&(0x7f0000000100)={0x2, 0x70, 0xe7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4) connect$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000140)='tls\x00', 0x4) setsockopt$inet_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000100)=@gcm_256={{0x304}, "de882eed3191fad1", "19017e8c10009c4400a364f4819f97bd805682b13e11df24f1b865ff2fb2a717", "0cb100", "0f0f3763ea778073"}, 0x38) 20:08:43 executing program 5: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xc, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x11, 0x1a001000050}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x7}, @exit]}, &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 20:08:44 executing program 1: ioctl$VIDIOC_S_FBUF(0xffffffffffffffff, 0x402c560b, 0x0) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000300)='oom_score_adj\x00') writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)='+4', 0x2}], 0x6) sendfile(0xffffffffffffffff, r0, 0x0, 0x0) 20:08:44 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semctl$IPC_INFO(0x0, 0x0, 0x3, 0x0) bind$alg(0xffffffffffffffff, 0x0, 0x0) r0 = socket(0x1e, 0x4, 0x0) r1 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f00000002c0)=@req={0x3fc, 0x0, 0x2, 0x7}, 0x10) sendmmsg(r1, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0) r2 = socket(0x1e, 0x4, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000100)='environ\x00') accept4$packet(r1, 0x0, 0x0, 0x0) read$FUSE(r3, &(0x7f0000000140), 0xfffffefa) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f00000002c0)=@req={0x3fc, 0x0, 0x2}, 0x10) sendmmsg(r2, &(0x7f0000000a40), 0x8000000000000b0, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f00000002c0)=@req={0x3fc, 0x0, 0x2}, 0x10) sendmmsg(r0, &(0x7f0000000a40), 0x8000000000000b0, 0x0) [ 922.583624][T19757] not chained 20000 origins [ 922.588254][T19757] CPU: 1 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 922.596937][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 922.607263][T19757] Call Trace: [ 922.610560][T19757] dump_stack+0x21c/0x280 [ 922.614992][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 922.620715][T19757] ? kmsan_get_metadata+0x116/0x180 [ 922.625906][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 922.631704][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 922.637780][T19757] ? kmsan_get_metadata+0x116/0x180 [ 922.642967][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 922.648500][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 922.654564][T19757] ? _copy_from_user+0x221/0x330 [ 922.659491][T19757] ? kmsan_get_metadata+0x116/0x180 [ 922.664701][T19757] __msan_chain_origin+0x50/0x90 [ 922.669633][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 922.674749][T19757] get_compat_msghdr+0x108/0x2b0 [ 922.679686][T19757] do_recvmmsg+0xdba/0x22c0 [ 922.684195][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 922.690446][T19757] ? kmsan_get_metadata+0x116/0x180 [ 922.695639][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 922.701261][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 922.706539][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 922.711290][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 922.716052][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 922.722126][T19757] __sys_recvmmsg+0x5dd/0x610 [ 922.726807][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 922.732884][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 922.739026][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 922.744399][T19757] do_int80_syscall_32+0x1d/0x30 [ 922.749327][T19757] entry_INT80_compat+0x71/0x76 [ 922.754164][T19757] RIP: 0023:0xf7f85549 [ 922.758213][T19757] Code: Bad RIP value. [ 922.762264][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 922.770679][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 922.778736][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 922.786718][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 922.795048][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 922.803006][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 922.810971][T19757] Uninit was stored to memory at: [ 922.815987][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 922.821693][T19757] __msan_chain_origin+0x50/0x90 [ 922.826633][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 922.831832][T19757] get_compat_msghdr+0x108/0x2b0 [ 922.836764][T19757] do_recvmmsg+0xdba/0x22c0 [ 922.841253][T19757] __sys_recvmmsg+0x5dd/0x610 [ 922.845919][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 922.851979][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 922.858127][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 922.863402][T19757] do_int80_syscall_32+0x1d/0x30 [ 922.868450][T19757] entry_INT80_compat+0x71/0x76 [ 922.873280][T19757] [ 922.875594][T19757] Uninit was stored to memory at: [ 922.880609][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 922.886313][T19757] __msan_chain_origin+0x50/0x90 [ 922.891271][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 922.896370][T19757] get_compat_msghdr+0x108/0x2b0 [ 922.901295][T19757] do_recvmmsg+0xdba/0x22c0 [ 922.905884][T19757] __sys_recvmmsg+0x5dd/0x610 [ 922.910553][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 922.916699][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 922.922843][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 922.928985][T19757] do_int80_syscall_32+0x1d/0x30 [ 922.933911][T19757] entry_INT80_compat+0x71/0x76 [ 922.938739][T19757] [ 922.941064][T19757] Uninit was stored to memory at: [ 922.946078][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 922.951786][T19757] __msan_chain_origin+0x50/0x90 [ 922.956726][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 922.961824][T19757] get_compat_msghdr+0x108/0x2b0 [ 922.966751][T19757] do_recvmmsg+0xdba/0x22c0 [ 922.971239][T19757] __sys_recvmmsg+0x5dd/0x610 [ 922.975903][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 922.981964][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 922.988115][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 922.993737][T19757] do_int80_syscall_32+0x1d/0x30 [ 922.998662][T19757] entry_INT80_compat+0x71/0x76 [ 923.003579][T19757] [ 923.005892][T19757] Uninit was stored to memory at: [ 923.010908][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 923.016618][T19757] __msan_chain_origin+0x50/0x90 [ 923.021543][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 923.026643][T19757] get_compat_msghdr+0x108/0x2b0 [ 923.031579][T19757] do_recvmmsg+0xdba/0x22c0 [ 923.036069][T19757] __sys_recvmmsg+0x5dd/0x610 [ 923.040739][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 923.046798][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 923.053030][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 923.058307][T19757] do_int80_syscall_32+0x1d/0x30 [ 923.063230][T19757] entry_INT80_compat+0x71/0x76 [ 923.068059][T19757] [ 923.070380][T19757] Uninit was stored to memory at: [ 923.075397][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 923.081105][T19757] __msan_chain_origin+0x50/0x90 [ 923.086030][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 923.091129][T19757] get_compat_msghdr+0x108/0x2b0 [ 923.096056][T19757] do_recvmmsg+0xdba/0x22c0 [ 923.100547][T19757] __sys_recvmmsg+0x5dd/0x610 [ 923.105225][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 923.111278][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 923.117419][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 923.122699][T19757] do_int80_syscall_32+0x1d/0x30 [ 923.127644][T19757] entry_INT80_compat+0x71/0x76 [ 923.132477][T19757] [ 923.134792][T19757] Uninit was stored to memory at: [ 923.139809][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 923.145527][T19757] __msan_chain_origin+0x50/0x90 [ 923.150454][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 923.155578][T19757] get_compat_msghdr+0x108/0x2b0 [ 923.160541][T19757] do_recvmmsg+0xdba/0x22c0 [ 923.165053][T19757] __sys_recvmmsg+0x5dd/0x610 [ 923.169722][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 923.175779][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 923.181921][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 923.187201][T19757] do_int80_syscall_32+0x1d/0x30 [ 923.192175][T19757] entry_INT80_compat+0x71/0x76 [ 923.197092][T19757] [ 923.199404][T19757] Uninit was stored to memory at: [ 923.204420][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 923.210130][T19757] __msan_chain_origin+0x50/0x90 [ 923.215058][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 923.220159][T19757] get_compat_msghdr+0x108/0x2b0 [ 923.225089][T19757] do_recvmmsg+0xdba/0x22c0 [ 923.229581][T19757] __sys_recvmmsg+0x5dd/0x610 [ 923.234254][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 923.240319][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 923.246464][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 923.251743][T19757] do_int80_syscall_32+0x1d/0x30 [ 923.256672][T19757] entry_INT80_compat+0x71/0x76 [ 923.261618][T19757] [ 923.263931][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 923.270597][T19757] do_recvmmsg+0xc2/0x22c0 [ 923.275005][T19757] do_recvmmsg+0xc2/0x22c0 [ 924.134445][T19757] not chained 30000 origins [ 924.139164][T19757] CPU: 0 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 924.147829][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 924.157880][T19757] Call Trace: [ 924.161178][T19757] dump_stack+0x21c/0x280 [ 924.165521][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 924.171255][T19757] ? kmsan_get_metadata+0x116/0x180 [ 924.176460][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 924.182274][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 924.188340][T19757] ? kmsan_get_metadata+0x116/0x180 [ 924.193629][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 924.199184][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 924.205283][T19757] ? _copy_from_user+0x221/0x330 [ 924.210229][T19757] ? kmsan_get_metadata+0x116/0x180 [ 924.215437][T19757] __msan_chain_origin+0x50/0x90 [ 924.220389][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 924.225527][T19757] get_compat_msghdr+0x108/0x2b0 [ 924.230528][T19757] do_recvmmsg+0xdba/0x22c0 [ 924.235039][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 924.241221][T19757] ? kmsan_get_metadata+0x116/0x180 [ 924.246424][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 924.252067][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 924.257354][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 924.262127][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 924.266896][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 924.272976][T19757] __sys_recvmmsg+0x5dd/0x610 [ 924.277669][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 924.283749][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 924.289933][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 924.295221][T19757] do_int80_syscall_32+0x1d/0x30 [ 924.300149][T19757] entry_INT80_compat+0x71/0x76 [ 924.304986][T19757] RIP: 0023:0xf7f85549 [ 924.309152][T19757] Code: Bad RIP value. [ 924.313224][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 924.321630][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 924.329680][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 924.337641][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 924.345605][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 924.353565][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 924.367713][T19757] Uninit was stored to memory at: [ 924.372736][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 924.378473][T19757] __msan_chain_origin+0x50/0x90 [ 924.383401][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 924.388504][T19757] get_compat_msghdr+0x108/0x2b0 [ 924.393432][T19757] do_recvmmsg+0xdba/0x22c0 [ 924.398024][T19757] __sys_recvmmsg+0x5dd/0x610 [ 924.402693][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 924.408837][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 924.414982][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 924.420257][T19757] do_int80_syscall_32+0x1d/0x30 [ 924.425184][T19757] entry_INT80_compat+0x71/0x76 [ 924.430015][T19757] [ 924.432326][T19757] Uninit was stored to memory at: [ 924.437338][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 924.443070][T19757] __msan_chain_origin+0x50/0x90 [ 924.447996][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 924.453098][T19757] get_compat_msghdr+0x108/0x2b0 [ 924.458052][T19757] do_recvmmsg+0xdba/0x22c0 [ 924.462544][T19757] __sys_recvmmsg+0x5dd/0x610 [ 924.467235][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 924.473292][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 924.479431][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 924.484723][T19757] do_int80_syscall_32+0x1d/0x30 [ 924.489647][T19757] entry_INT80_compat+0x71/0x76 [ 924.494560][T19757] [ 924.496900][T19757] Uninit was stored to memory at: [ 924.501924][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 924.507645][T19757] __msan_chain_origin+0x50/0x90 [ 924.512591][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 924.517688][T19757] get_compat_msghdr+0x108/0x2b0 [ 924.522609][T19757] do_recvmmsg+0xdba/0x22c0 [ 924.527101][T19757] __sys_recvmmsg+0x5dd/0x610 [ 924.531768][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 924.537826][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 924.543978][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 924.549255][T19757] do_int80_syscall_32+0x1d/0x30 [ 924.554184][T19757] entry_INT80_compat+0x71/0x76 [ 924.559011][T19757] [ 924.561320][T19757] Uninit was stored to memory at: [ 924.566335][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 924.572048][T19757] __msan_chain_origin+0x50/0x90 [ 924.576974][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 924.582078][T19757] get_compat_msghdr+0x108/0x2b0 [ 924.587006][T19757] do_recvmmsg+0xdba/0x22c0 [ 924.591498][T19757] __sys_recvmmsg+0x5dd/0x610 [ 924.596169][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 924.602314][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 924.608544][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 924.613818][T19757] do_int80_syscall_32+0x1d/0x30 [ 924.618834][T19757] entry_INT80_compat+0x71/0x76 [ 924.623665][T19757] [ 924.625973][T19757] Uninit was stored to memory at: [ 924.631092][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 924.636818][T19757] __msan_chain_origin+0x50/0x90 [ 924.641760][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 924.646867][T19757] get_compat_msghdr+0x108/0x2b0 [ 924.651792][T19757] do_recvmmsg+0xdba/0x22c0 [ 924.656286][T19757] __sys_recvmmsg+0x5dd/0x610 [ 924.660960][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 924.667015][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 924.673174][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 924.678452][T19757] do_int80_syscall_32+0x1d/0x30 [ 924.683379][T19757] entry_INT80_compat+0x71/0x76 [ 924.688204][T19757] [ 924.690512][T19757] Uninit was stored to memory at: [ 924.695525][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 924.701246][T19757] __msan_chain_origin+0x50/0x90 [ 924.706195][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 924.711295][T19757] get_compat_msghdr+0x108/0x2b0 [ 924.716218][T19757] do_recvmmsg+0xdba/0x22c0 [ 924.720710][T19757] __sys_recvmmsg+0x5dd/0x610 [ 924.725380][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 924.731437][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 924.737584][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 924.742883][T19757] do_int80_syscall_32+0x1d/0x30 [ 924.747810][T19757] entry_INT80_compat+0x71/0x76 [ 924.752642][T19757] [ 924.754957][T19757] Uninit was stored to memory at: [ 924.759969][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 924.765677][T19757] __msan_chain_origin+0x50/0x90 [ 924.770599][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 924.775695][T19757] get_compat_msghdr+0x108/0x2b0 [ 924.780622][T19757] do_recvmmsg+0xdba/0x22c0 [ 924.785122][T19757] __sys_recvmmsg+0x5dd/0x610 [ 924.789786][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 924.795857][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 924.802003][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 924.807278][T19757] do_int80_syscall_32+0x1d/0x30 [ 924.812208][T19757] entry_INT80_compat+0x71/0x76 [ 924.817038][T19757] [ 924.819350][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 924.826011][T19757] do_recvmmsg+0xc2/0x22c0 [ 924.830414][T19757] do_recvmmsg+0xc2/0x22c0 [ 924.910316][ T9435] tipc: TX() has been purged, node left! [ 925.106921][T19757] not chained 40000 origins [ 925.111464][T19757] CPU: 1 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 925.120213][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 925.130261][T19757] Call Trace: [ 925.133559][T19757] dump_stack+0x21c/0x280 [ 925.137895][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 925.143634][T19757] ? kmsan_get_metadata+0x116/0x180 [ 925.148844][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 925.154657][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 925.160836][T19757] ? kmsan_get_metadata+0x116/0x180 [ 925.166126][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 925.171682][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 925.177849][T19757] ? _copy_from_user+0x221/0x330 [ 925.182824][T19757] ? kmsan_get_metadata+0x116/0x180 [ 925.188023][T19757] __msan_chain_origin+0x50/0x90 [ 925.192968][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 925.198107][T19757] get_compat_msghdr+0x108/0x2b0 [ 925.203058][T19757] do_recvmmsg+0xdba/0x22c0 [ 925.207680][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 925.213964][T19757] ? kmsan_get_metadata+0x116/0x180 [ 925.219175][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 925.224822][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 925.230120][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 925.234886][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 925.239789][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 925.245886][T19757] __sys_recvmmsg+0x5dd/0x610 [ 925.250594][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 925.256674][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 925.262855][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 925.268150][T19757] do_int80_syscall_32+0x1d/0x30 [ 925.273195][T19757] entry_INT80_compat+0x71/0x76 [ 925.278042][T19757] RIP: 0023:0xf7f85549 [ 925.282122][T19757] Code: Bad RIP value. [ 925.286200][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 925.294805][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 925.302800][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 925.310782][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 925.318871][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 925.326844][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 925.334825][T19757] Uninit was stored to memory at: [ 925.339859][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 925.345587][T19757] __msan_chain_origin+0x50/0x90 [ 925.350529][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 925.355645][T19757] get_compat_msghdr+0x108/0x2b0 [ 925.360586][T19757] do_recvmmsg+0xdba/0x22c0 [ 925.365254][T19757] __sys_recvmmsg+0x5dd/0x610 [ 925.369928][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 925.375984][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 925.382124][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 925.387452][T19757] do_int80_syscall_32+0x1d/0x30 [ 925.392398][T19757] entry_INT80_compat+0x71/0x76 [ 925.397227][T19757] [ 925.399538][T19757] Uninit was stored to memory at: [ 925.404554][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 925.410263][T19757] __msan_chain_origin+0x50/0x90 [ 925.415192][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 925.420293][T19757] get_compat_msghdr+0x108/0x2b0 [ 925.425220][T19757] do_recvmmsg+0xdba/0x22c0 [ 925.429732][T19757] __sys_recvmmsg+0x5dd/0x610 [ 925.434409][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 925.440462][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 925.446628][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 925.451940][T19757] do_int80_syscall_32+0x1d/0x30 [ 925.456867][T19757] entry_INT80_compat+0x71/0x76 [ 925.461694][T19757] [ 925.464025][T19757] Uninit was stored to memory at: [ 925.469038][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 925.474772][T19757] __msan_chain_origin+0x50/0x90 [ 925.479712][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 925.484812][T19757] get_compat_msghdr+0x108/0x2b0 [ 925.489735][T19757] do_recvmmsg+0xdba/0x22c0 [ 925.494225][T19757] __sys_recvmmsg+0x5dd/0x610 [ 925.498893][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 925.504949][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 925.511098][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 925.516402][T19757] do_int80_syscall_32+0x1d/0x30 [ 925.521347][T19757] entry_INT80_compat+0x71/0x76 [ 925.526182][T19757] [ 925.528496][T19757] Uninit was stored to memory at: [ 925.533510][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 925.539212][T19757] __msan_chain_origin+0x50/0x90 [ 925.544140][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 925.549242][T19757] get_compat_msghdr+0x108/0x2b0 [ 925.554168][T19757] do_recvmmsg+0xdba/0x22c0 [ 925.558660][T19757] __sys_recvmmsg+0x5dd/0x610 [ 925.563344][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 925.569424][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 925.575569][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 925.580850][T19757] do_int80_syscall_32+0x1d/0x30 [ 925.585783][T19757] entry_INT80_compat+0x71/0x76 [ 925.590647][T19757] [ 925.592969][T19757] Uninit was stored to memory at: [ 925.597996][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 925.603705][T19757] __msan_chain_origin+0x50/0x90 [ 925.608636][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 925.613946][T19757] get_compat_msghdr+0x108/0x2b0 [ 925.618919][T19757] do_recvmmsg+0xdba/0x22c0 [ 925.623413][T19757] __sys_recvmmsg+0x5dd/0x610 [ 925.628077][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 925.634132][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 925.640282][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 925.645559][T19757] do_int80_syscall_32+0x1d/0x30 [ 925.650485][T19757] entry_INT80_compat+0x71/0x76 [ 925.655319][T19757] [ 925.657629][T19757] Uninit was stored to memory at: [ 925.662642][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 925.668363][T19757] __msan_chain_origin+0x50/0x90 [ 925.673293][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 925.678396][T19757] get_compat_msghdr+0x108/0x2b0 [ 925.683322][T19757] do_recvmmsg+0xdba/0x22c0 [ 925.687813][T19757] __sys_recvmmsg+0x5dd/0x610 [ 925.692518][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 925.698575][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 925.704759][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 925.710038][T19757] do_int80_syscall_32+0x1d/0x30 [ 925.714962][T19757] entry_INT80_compat+0x71/0x76 [ 925.719791][T19757] [ 925.722130][T19757] Uninit was stored to memory at: [ 925.727147][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 925.733046][T19757] __msan_chain_origin+0x50/0x90 [ 925.737972][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 925.743074][T19757] get_compat_msghdr+0x108/0x2b0 [ 925.748087][T19757] do_recvmmsg+0xdba/0x22c0 [ 925.752591][T19757] __sys_recvmmsg+0x5dd/0x610 [ 925.757256][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 925.763342][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 925.769488][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 925.774791][T19757] do_int80_syscall_32+0x1d/0x30 [ 925.779715][T19757] entry_INT80_compat+0x71/0x76 [ 925.784543][T19757] [ 925.786858][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 925.793517][T19757] do_recvmmsg+0xc2/0x22c0 [ 925.797930][T19757] do_recvmmsg+0xc2/0x22c0 [ 926.061443][T19757] not chained 50000 origins [ 926.065991][T19757] CPU: 0 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 926.074660][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 926.084819][T19757] Call Trace: [ 926.088133][T19757] dump_stack+0x21c/0x280 [ 926.092621][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 926.098367][T19757] ? kmsan_get_metadata+0x116/0x180 [ 926.103608][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 926.109430][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 926.115508][T19757] ? kmsan_get_metadata+0x116/0x180 [ 926.120715][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 926.126291][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 926.132489][T19757] ? _copy_from_user+0x221/0x330 [ 926.137441][T19757] ? kmsan_get_metadata+0x116/0x180 [ 926.142741][T19757] __msan_chain_origin+0x50/0x90 [ 926.147688][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 926.152841][T19757] get_compat_msghdr+0x108/0x2b0 [ 926.157794][T19757] do_recvmmsg+0xdba/0x22c0 [ 926.162309][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 926.168520][T19757] ? kmsan_get_metadata+0x116/0x180 [ 926.173721][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 926.179391][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 926.184701][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 926.189471][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 926.194240][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 926.200310][T19757] __sys_recvmmsg+0x5dd/0x610 [ 926.205004][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 926.211082][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 926.217356][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 926.222655][T19757] do_int80_syscall_32+0x1d/0x30 [ 926.227620][T19757] entry_INT80_compat+0x71/0x76 [ 926.232468][T19757] RIP: 0023:0xf7f85549 [ 926.236524][T19757] Code: Bad RIP value. [ 926.240682][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 926.249096][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 926.257082][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 926.265168][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 926.273148][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 926.281123][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 926.289112][T19757] Uninit was stored to memory at: [ 926.294145][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 926.299876][T19757] __msan_chain_origin+0x50/0x90 [ 926.304821][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 926.309944][T19757] get_compat_msghdr+0x108/0x2b0 [ 926.314888][T19757] do_recvmmsg+0xdba/0x22c0 [ 926.319424][T19757] __sys_recvmmsg+0x5dd/0x610 [ 926.324122][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 926.330195][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 926.336357][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 926.341786][T19757] do_int80_syscall_32+0x1d/0x30 [ 926.346727][T19757] entry_INT80_compat+0x71/0x76 [ 926.351564][T19757] [ 926.353891][T19757] Uninit was stored to memory at: [ 926.358918][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 926.364649][T19757] __msan_chain_origin+0x50/0x90 [ 926.369594][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 926.374726][T19757] get_compat_msghdr+0x108/0x2b0 [ 926.379665][T19757] do_recvmmsg+0xdba/0x22c0 [ 926.384171][T19757] __sys_recvmmsg+0x5dd/0x610 [ 926.388848][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 926.394919][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 926.401072][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 926.406363][T19757] do_int80_syscall_32+0x1d/0x30 [ 926.411429][T19757] entry_INT80_compat+0x71/0x76 [ 926.416268][T19757] [ 926.418586][T19757] Uninit was stored to memory at: [ 926.423611][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 926.429329][T19757] __msan_chain_origin+0x50/0x90 [ 926.434265][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 926.439372][T19757] get_compat_msghdr+0x108/0x2b0 [ 926.444307][T19757] do_recvmmsg+0xdba/0x22c0 [ 926.448839][T19757] __sys_recvmmsg+0x5dd/0x610 [ 926.453523][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 926.459591][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 926.465750][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 926.471038][T19757] do_int80_syscall_32+0x1d/0x30 [ 926.475979][T19757] entry_INT80_compat+0x71/0x76 [ 926.480816][T19757] [ 926.483143][T19757] Uninit was stored to memory at: [ 926.488168][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 926.493889][T19757] __msan_chain_origin+0x50/0x90 [ 926.498829][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 926.504057][T19757] get_compat_msghdr+0x108/0x2b0 [ 926.508997][T19757] do_recvmmsg+0xdba/0x22c0 [ 926.513501][T19757] __sys_recvmmsg+0x5dd/0x610 [ 926.518185][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 926.524340][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 926.530503][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 926.535803][T19757] do_int80_syscall_32+0x1d/0x30 [ 926.540756][T19757] entry_INT80_compat+0x71/0x76 [ 926.545594][T19757] [ 926.547916][T19757] Uninit was stored to memory at: [ 926.553032][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 926.558727][T19757] __msan_chain_origin+0x50/0x90 [ 926.563653][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 926.568766][T19757] get_compat_msghdr+0x108/0x2b0 [ 926.573682][T19757] do_recvmmsg+0xdba/0x22c0 [ 926.578158][T19757] __sys_recvmmsg+0x5dd/0x610 [ 926.582824][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 926.588908][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 926.595056][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 926.600321][T19757] do_int80_syscall_32+0x1d/0x30 [ 926.605237][T19757] entry_INT80_compat+0x71/0x76 [ 926.610055][T19757] [ 926.612357][T19757] Uninit was stored to memory at: [ 926.617374][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 926.623085][T19757] __msan_chain_origin+0x50/0x90 [ 926.628048][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 926.633153][T19757] get_compat_msghdr+0x108/0x2b0 [ 926.638069][T19757] do_recvmmsg+0xdba/0x22c0 [ 926.642558][T19757] __sys_recvmmsg+0x5dd/0x610 [ 926.647228][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 926.653271][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 926.659486][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 926.664750][T19757] do_int80_syscall_32+0x1d/0x30 [ 926.669662][T19757] entry_INT80_compat+0x71/0x76 [ 926.674485][T19757] [ 926.676785][T19757] Uninit was stored to memory at: [ 926.681797][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 926.687515][T19757] __msan_chain_origin+0x50/0x90 [ 926.692450][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 926.697592][T19757] get_compat_msghdr+0x108/0x2b0 [ 926.702524][T19757] do_recvmmsg+0xdba/0x22c0 [ 926.707014][T19757] __sys_recvmmsg+0x5dd/0x610 [ 926.711665][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 926.717722][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 926.723866][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 926.729141][T19757] do_int80_syscall_32+0x1d/0x30 [ 926.734073][T19757] entry_INT80_compat+0x71/0x76 [ 926.738890][T19757] [ 926.741197][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 926.747849][T19757] do_recvmmsg+0xc2/0x22c0 [ 926.752353][T19757] do_recvmmsg+0xc2/0x22c0 [ 926.910863][T19757] not chained 60000 origins [ 926.915413][T19757] CPU: 0 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 926.924172][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 926.934214][T19757] Call Trace: [ 926.937482][T19757] dump_stack+0x21c/0x280 [ 926.941803][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 926.947536][T19757] ? kmsan_get_metadata+0x116/0x180 [ 926.952741][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 926.958523][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 926.964568][T19757] ? kmsan_get_metadata+0x116/0x180 [ 926.969742][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 926.975268][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 926.981314][T19757] ? _copy_from_user+0x221/0x330 [ 926.986233][T19757] ? kmsan_get_metadata+0x116/0x180 [ 926.991407][T19757] __msan_chain_origin+0x50/0x90 [ 926.996325][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 927.001427][T19757] get_compat_msghdr+0x108/0x2b0 [ 927.006350][T19757] do_recvmmsg+0xdba/0x22c0 [ 927.010830][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 927.016971][T19757] ? kmsan_get_metadata+0x116/0x180 [ 927.022170][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 927.027818][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 927.033110][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 927.037867][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 927.042608][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 927.048654][T19757] __sys_recvmmsg+0x5dd/0x610 [ 927.053337][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 927.059414][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 927.065546][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 927.070821][T19757] do_int80_syscall_32+0x1d/0x30 [ 927.075873][T19757] entry_INT80_compat+0x71/0x76 [ 927.080695][T19757] RIP: 0023:0xf7f85549 [ 927.084749][T19757] Code: Bad RIP value. [ 927.088790][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 927.097203][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 927.105167][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 927.113143][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 927.121126][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 927.129075][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 927.137159][T19757] Uninit was stored to memory at: [ 927.142181][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 927.147884][T19757] __msan_chain_origin+0x50/0x90 [ 927.152831][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 927.157931][T19757] get_compat_msghdr+0x108/0x2b0 [ 927.162844][T19757] do_recvmmsg+0xdba/0x22c0 [ 927.167330][T19757] __sys_recvmmsg+0x5dd/0x610 [ 927.171999][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 927.178084][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 927.184301][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 927.190382][T19757] do_int80_syscall_32+0x1d/0x30 [ 927.195303][T19757] entry_INT80_compat+0x71/0x76 [ 927.200246][T19757] [ 927.202556][T19757] Uninit was stored to memory at: [ 927.207559][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 927.213265][T19757] __msan_chain_origin+0x50/0x90 [ 927.218278][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 927.223382][T19757] get_compat_msghdr+0x108/0x2b0 [ 927.228308][T19757] do_recvmmsg+0xdba/0x22c0 [ 927.232797][T19757] __sys_recvmmsg+0x5dd/0x610 [ 927.237462][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 927.243514][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 927.249657][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 927.255096][T19757] do_int80_syscall_32+0x1d/0x30 [ 927.260012][T19757] entry_INT80_compat+0x71/0x76 [ 927.264832][T19757] [ 927.267135][T19757] Uninit was stored to memory at: [ 927.272144][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 927.277941][T19757] __msan_chain_origin+0x50/0x90 [ 927.282857][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 927.287943][T19757] get_compat_msghdr+0x108/0x2b0 [ 927.292872][T19757] do_recvmmsg+0xdba/0x22c0 [ 927.297368][T19757] __sys_recvmmsg+0x5dd/0x610 [ 927.302138][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 927.308191][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 927.314338][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 927.319614][T19757] do_int80_syscall_32+0x1d/0x30 [ 927.324540][T19757] entry_INT80_compat+0x71/0x76 [ 927.329355][T19757] [ 927.331657][T19757] Uninit was stored to memory at: [ 927.336680][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 927.342388][T19757] __msan_chain_origin+0x50/0x90 [ 927.347313][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 927.352427][T19757] get_compat_msghdr+0x108/0x2b0 [ 927.357371][T19757] do_recvmmsg+0xdba/0x22c0 [ 927.361996][T19757] __sys_recvmmsg+0x5dd/0x610 [ 927.366651][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 927.372703][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 927.378847][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 927.384109][T19757] do_int80_syscall_32+0x1d/0x30 [ 927.389021][T19757] entry_INT80_compat+0x71/0x76 [ 927.393842][T19757] [ 927.396154][T19757] Uninit was stored to memory at: [ 927.401156][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 927.406865][T19757] __msan_chain_origin+0x50/0x90 [ 927.411876][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 927.417004][T19757] get_compat_msghdr+0x108/0x2b0 [ 927.421927][T19757] do_recvmmsg+0xdba/0x22c0 [ 927.426418][T19757] __sys_recvmmsg+0x5dd/0x610 [ 927.431165][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 927.437222][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 927.443352][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 927.448633][T19757] do_int80_syscall_32+0x1d/0x30 [ 927.453561][T19757] entry_INT80_compat+0x71/0x76 [ 927.458508][T19757] [ 927.460846][T19757] Uninit was stored to memory at: [ 927.465872][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 927.471588][T19757] __msan_chain_origin+0x50/0x90 [ 927.476506][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 927.481596][T19757] get_compat_msghdr+0x108/0x2b0 [ 927.487308][T19757] do_recvmmsg+0xdba/0x22c0 [ 927.491828][T19757] __sys_recvmmsg+0x5dd/0x610 [ 927.496498][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 927.502556][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 927.508806][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 927.514079][T19757] do_int80_syscall_32+0x1d/0x30 [ 927.519004][T19757] entry_INT80_compat+0x71/0x76 [ 927.523823][T19757] [ 927.526123][T19757] Uninit was stored to memory at: [ 927.531231][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 927.536934][T19757] __msan_chain_origin+0x50/0x90 [ 927.541860][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 927.546950][T19757] get_compat_msghdr+0x108/0x2b0 [ 927.551874][T19757] do_recvmmsg+0xdba/0x22c0 [ 927.556459][T19757] __sys_recvmmsg+0x5dd/0x610 [ 927.561112][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 927.567159][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 927.573384][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 927.578782][T19757] do_int80_syscall_32+0x1d/0x30 [ 927.583709][T19757] entry_INT80_compat+0x71/0x76 [ 927.588541][T19757] [ 927.590845][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 927.597506][T19757] do_recvmmsg+0xc2/0x22c0 [ 927.601898][T19757] do_recvmmsg+0xc2/0x22c0 [ 928.009573][T19757] not chained 70000 origins [ 928.014111][T19757] CPU: 1 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 928.022778][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 928.032830][T19757] Call Trace: [ 928.036128][T19757] dump_stack+0x21c/0x280 [ 928.040466][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 928.046229][T19757] ? kmsan_get_metadata+0x116/0x180 [ 928.051435][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 928.057250][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 928.063323][T19757] ? kmsan_get_metadata+0x116/0x180 [ 928.068639][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 928.074196][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 928.080267][T19757] ? _copy_from_user+0x221/0x330 [ 928.085210][T19757] ? kmsan_get_metadata+0x116/0x180 [ 928.090412][T19757] __msan_chain_origin+0x50/0x90 [ 928.095360][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 928.100487][T19757] get_compat_msghdr+0x108/0x2b0 [ 928.105447][T19757] do_recvmmsg+0xdba/0x22c0 [ 928.109956][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 928.116136][T19757] ? kmsan_get_metadata+0x116/0x180 [ 928.121346][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 928.126982][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 928.132270][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 928.137041][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 928.142063][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 928.148145][T19757] __sys_recvmmsg+0x5dd/0x610 [ 928.152847][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 928.158949][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 928.165113][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 928.170420][T19757] do_int80_syscall_32+0x1d/0x30 [ 928.175373][T19757] entry_INT80_compat+0x71/0x76 [ 928.180223][T19757] RIP: 0023:0xf7f85549 [ 928.184289][T19757] Code: Bad RIP value. [ 928.188350][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 928.196763][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 928.204747][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 928.212721][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 928.220688][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 928.228657][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 928.236635][T19757] Uninit was stored to memory at: [ 928.241666][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 928.247383][T19757] __msan_chain_origin+0x50/0x90 [ 928.252414][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 928.257522][T19757] get_compat_msghdr+0x108/0x2b0 [ 928.262462][T19757] do_recvmmsg+0xdba/0x22c0 [ 928.266963][T19757] __sys_recvmmsg+0x5dd/0x610 [ 928.271637][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 928.277700][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 928.283947][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 928.289236][T19757] do_int80_syscall_32+0x1d/0x30 [ 928.294170][T19757] entry_INT80_compat+0x71/0x76 [ 928.299005][T19757] [ 928.301326][T19757] Uninit was stored to memory at: [ 928.306351][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 928.312085][T19757] __msan_chain_origin+0x50/0x90 [ 928.317029][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 928.322159][T19757] get_compat_msghdr+0x108/0x2b0 [ 928.327108][T19757] do_recvmmsg+0xdba/0x22c0 [ 928.331705][T19757] __sys_recvmmsg+0x5dd/0x610 [ 928.336498][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 928.342566][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 928.348728][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 928.354013][T19757] do_int80_syscall_32+0x1d/0x30 [ 928.358939][T19757] entry_INT80_compat+0x71/0x76 [ 928.363847][T19757] [ 928.366151][T19757] Uninit was stored to memory at: [ 928.371393][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 928.377116][T19757] __msan_chain_origin+0x50/0x90 [ 928.382210][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 928.387354][T19757] get_compat_msghdr+0x108/0x2b0 [ 928.392268][T19757] do_recvmmsg+0xdba/0x22c0 [ 928.396743][T19757] __sys_recvmmsg+0x5dd/0x610 [ 928.401395][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 928.407494][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 928.413627][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 928.418888][T19757] do_int80_syscall_32+0x1d/0x30 [ 928.423801][T19757] entry_INT80_compat+0x71/0x76 [ 928.428620][T19757] [ 928.430919][T19757] Uninit was stored to memory at: [ 928.435931][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 928.441639][T19757] __msan_chain_origin+0x50/0x90 [ 928.446610][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 928.451718][T19757] get_compat_msghdr+0x108/0x2b0 [ 928.456727][T19757] do_recvmmsg+0xdba/0x22c0 [ 928.461321][T19757] __sys_recvmmsg+0x5dd/0x610 [ 928.465982][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 928.472110][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 928.478269][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 928.483536][T19757] do_int80_syscall_32+0x1d/0x30 [ 928.488470][T19757] entry_INT80_compat+0x71/0x76 [ 928.493387][T19757] [ 928.495691][T19757] Uninit was stored to memory at: [ 928.500696][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 928.506394][T19757] __msan_chain_origin+0x50/0x90 [ 928.511306][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 928.516392][T19757] get_compat_msghdr+0x108/0x2b0 [ 928.521302][T19757] do_recvmmsg+0xdba/0x22c0 [ 928.525795][T19757] __sys_recvmmsg+0x5dd/0x610 [ 928.530448][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 928.536491][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 928.542627][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 928.547887][T19757] do_int80_syscall_32+0x1d/0x30 [ 928.552800][T19757] entry_INT80_compat+0x71/0x76 [ 928.557621][T19757] [ 928.559921][T19757] Uninit was stored to memory at: [ 928.564923][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 928.570616][T19757] __msan_chain_origin+0x50/0x90 [ 928.575536][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 928.580623][T19757] get_compat_msghdr+0x108/0x2b0 [ 928.585536][T19757] do_recvmmsg+0xdba/0x22c0 [ 928.590014][T19757] __sys_recvmmsg+0x5dd/0x610 [ 928.594805][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 928.600850][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 928.606992][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 928.612267][T19757] do_int80_syscall_32+0x1d/0x30 [ 928.617181][T19757] entry_INT80_compat+0x71/0x76 [ 928.622001][T19757] [ 928.624303][T19757] Uninit was stored to memory at: [ 928.629303][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 928.635010][T19757] __msan_chain_origin+0x50/0x90 [ 928.639947][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 928.645051][T19757] get_compat_msghdr+0x108/0x2b0 [ 928.650051][T19757] do_recvmmsg+0xdba/0x22c0 [ 928.654543][T19757] __sys_recvmmsg+0x5dd/0x610 [ 928.659196][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 928.665237][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 928.671377][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 928.676747][T19757] do_int80_syscall_32+0x1d/0x30 [ 928.681781][T19757] entry_INT80_compat+0x71/0x76 [ 928.686602][T19757] [ 928.688907][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 928.695553][T19757] do_recvmmsg+0xc2/0x22c0 [ 928.700033][T19757] do_recvmmsg+0xc2/0x22c0 [ 928.910525][T19757] not chained 80000 origins [ 928.915075][T19757] CPU: 1 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 928.923747][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 928.933799][T19757] Call Trace: [ 928.937103][T19757] dump_stack+0x21c/0x280 [ 928.941446][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 928.947193][T19757] ? kmsan_get_metadata+0x116/0x180 [ 928.952398][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 928.958224][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 928.964491][T19757] ? kmsan_get_metadata+0x116/0x180 [ 928.969696][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 928.975339][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 928.981414][T19757] ? _copy_from_user+0x221/0x330 [ 928.986361][T19757] ? kmsan_get_metadata+0x116/0x180 [ 928.991562][T19757] __msan_chain_origin+0x50/0x90 [ 928.996520][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 929.001651][T19757] get_compat_msghdr+0x108/0x2b0 [ 929.006606][T19757] do_recvmmsg+0xdba/0x22c0 [ 929.011114][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 929.017298][T19757] ? kmsan_get_metadata+0x116/0x180 [ 929.022630][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 929.028267][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 929.033559][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 929.038324][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 929.043130][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 929.049199][T19757] __sys_recvmmsg+0x5dd/0x610 [ 929.053906][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 929.059984][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 929.066118][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 929.071388][T19757] do_int80_syscall_32+0x1d/0x30 [ 929.076304][T19757] entry_INT80_compat+0x71/0x76 [ 929.081145][T19757] RIP: 0023:0xf7f85549 [ 929.085185][T19757] Code: Bad RIP value. [ 929.089228][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 929.097630][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 929.105581][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 929.113531][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 929.121566][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 929.129520][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 929.137477][T19757] Uninit was stored to memory at: [ 929.142488][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 929.148203][T19757] __msan_chain_origin+0x50/0x90 [ 929.153118][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 929.158204][T19757] get_compat_msghdr+0x108/0x2b0 [ 929.163116][T19757] do_recvmmsg+0xdba/0x22c0 [ 929.167595][T19757] __sys_recvmmsg+0x5dd/0x610 [ 929.172349][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 929.178426][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 929.184559][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 929.189828][T19757] do_int80_syscall_32+0x1d/0x30 [ 929.194759][T19757] entry_INT80_compat+0x71/0x76 [ 929.199579][T19757] [ 929.201881][T19757] Uninit was stored to memory at: [ 929.206895][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 929.212700][T19757] __msan_chain_origin+0x50/0x90 [ 929.217611][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 929.222696][T19757] get_compat_msghdr+0x108/0x2b0 [ 929.227623][T19757] do_recvmmsg+0xdba/0x22c0 [ 929.232229][T19757] __sys_recvmmsg+0x5dd/0x610 [ 929.236883][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 929.242922][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 929.249050][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 929.254310][T19757] do_int80_syscall_32+0x1d/0x30 [ 929.259220][T19757] entry_INT80_compat+0x71/0x76 [ 929.264037][T19757] [ 929.266337][T19757] Uninit was stored to memory at: [ 929.271348][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 929.277044][T19757] __msan_chain_origin+0x50/0x90 [ 929.281953][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 929.287054][T19757] get_compat_msghdr+0x108/0x2b0 [ 929.291967][T19757] do_recvmmsg+0xdba/0x22c0 [ 929.296445][T19757] __sys_recvmmsg+0x5dd/0x610 [ 929.301098][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 929.307156][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 929.313286][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 929.318547][T19757] do_int80_syscall_32+0x1d/0x30 [ 929.323467][T19757] entry_INT80_compat+0x71/0x76 [ 929.328296][T19757] [ 929.330610][T19757] Uninit was stored to memory at: [ 929.335611][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 929.341315][T19757] __msan_chain_origin+0x50/0x90 [ 929.346228][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 929.351311][T19757] get_compat_msghdr+0x108/0x2b0 [ 929.356223][T19757] do_recvmmsg+0xdba/0x22c0 [ 929.360724][T19757] __sys_recvmmsg+0x5dd/0x610 [ 929.365376][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 929.371417][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 929.377547][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 929.382803][T19757] do_int80_syscall_32+0x1d/0x30 [ 929.387715][T19757] entry_INT80_compat+0x71/0x76 [ 929.392548][T19757] [ 929.394850][T19757] Uninit was stored to memory at: [ 929.399848][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 929.405542][T19757] __msan_chain_origin+0x50/0x90 [ 929.410460][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 929.415633][T19757] get_compat_msghdr+0x108/0x2b0 [ 929.420543][T19757] do_recvmmsg+0xdba/0x22c0 [ 929.425020][T19757] __sys_recvmmsg+0x5dd/0x610 [ 929.429673][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 929.435716][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 929.441845][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 929.447120][T19757] do_int80_syscall_32+0x1d/0x30 [ 929.452032][T19757] entry_INT80_compat+0x71/0x76 [ 929.456852][T19757] [ 929.459157][T19757] Uninit was stored to memory at: [ 929.464180][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 929.469871][T19757] __msan_chain_origin+0x50/0x90 [ 929.474788][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 929.479893][T19757] get_compat_msghdr+0x108/0x2b0 [ 929.484810][T19757] do_recvmmsg+0xdba/0x22c0 [ 929.489289][T19757] __sys_recvmmsg+0x5dd/0x610 [ 929.493944][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 929.500010][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 929.506140][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 929.511400][T19757] do_int80_syscall_32+0x1d/0x30 [ 929.516313][T19757] entry_INT80_compat+0x71/0x76 [ 929.521132][T19757] [ 929.523442][T19757] Uninit was stored to memory at: [ 929.528450][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 929.534172][T19757] __msan_chain_origin+0x50/0x90 [ 929.539105][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 929.544193][T19757] get_compat_msghdr+0x108/0x2b0 [ 929.549105][T19757] do_recvmmsg+0xdba/0x22c0 [ 929.553670][T19757] __sys_recvmmsg+0x5dd/0x610 [ 929.558322][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 929.564467][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 929.570598][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 929.575860][T19757] do_int80_syscall_32+0x1d/0x30 [ 929.580771][T19757] entry_INT80_compat+0x71/0x76 [ 929.585591][T19757] [ 929.587893][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 929.594540][T19757] do_recvmmsg+0xc2/0x22c0 [ 929.598927][T19757] do_recvmmsg+0xc2/0x22c0 [ 929.759481][T19757] not chained 90000 origins [ 929.764107][T19757] CPU: 1 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 929.772772][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 929.782927][T19757] Call Trace: [ 929.786228][T19757] dump_stack+0x21c/0x280 [ 929.790570][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 929.796306][T19757] ? kmsan_get_metadata+0x116/0x180 [ 929.801507][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 929.807314][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 929.813383][T19757] ? kmsan_get_metadata+0x116/0x180 [ 929.818603][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 929.824157][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 929.830230][T19757] ? _copy_from_user+0x221/0x330 [ 929.835176][T19757] ? kmsan_get_metadata+0x116/0x180 [ 929.840375][T19757] __msan_chain_origin+0x50/0x90 [ 929.845322][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 929.850464][T19757] get_compat_msghdr+0x108/0x2b0 [ 929.855420][T19757] do_recvmmsg+0xdba/0x22c0 [ 929.859923][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 929.866107][T19757] ? kmsan_get_metadata+0x116/0x180 [ 929.871307][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 929.876962][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 929.882248][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 929.887040][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 929.891819][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 929.897887][T19757] __sys_recvmmsg+0x5dd/0x610 [ 929.902589][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 929.908668][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 929.914826][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 929.920091][T19757] do_int80_syscall_32+0x1d/0x30 [ 929.925095][T19757] entry_INT80_compat+0x71/0x76 [ 929.929919][T19757] RIP: 0023:0xf7f85549 [ 929.933982][T19757] Code: Bad RIP value. [ 929.938022][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 929.946421][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 929.954368][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 929.962313][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 929.970257][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 929.978203][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 929.986167][T19757] Uninit was stored to memory at: [ 929.991267][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 929.996960][T19757] __msan_chain_origin+0x50/0x90 [ 930.001876][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 930.006963][T19757] get_compat_msghdr+0x108/0x2b0 [ 930.011875][T19757] do_recvmmsg+0xdba/0x22c0 [ 930.016354][T19757] __sys_recvmmsg+0x5dd/0x610 [ 930.021008][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 930.027050][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 930.033267][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 930.038534][T19757] do_int80_syscall_32+0x1d/0x30 [ 930.043460][T19757] entry_INT80_compat+0x71/0x76 [ 930.048277][T19757] [ 930.050586][T19757] Uninit was stored to memory at: [ 930.055589][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 930.061283][T19757] __msan_chain_origin+0x50/0x90 [ 930.066195][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 930.071284][T19757] get_compat_msghdr+0x108/0x2b0 [ 930.076198][T19757] do_recvmmsg+0xdba/0x22c0 [ 930.080676][T19757] __sys_recvmmsg+0x5dd/0x610 [ 930.085345][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 930.091392][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 930.097563][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 930.102821][T19757] do_int80_syscall_32+0x1d/0x30 [ 930.107730][T19757] entry_INT80_compat+0x71/0x76 [ 930.112547][T19757] [ 930.114847][T19757] Uninit was stored to memory at: [ 930.119856][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 930.125550][T19757] __msan_chain_origin+0x50/0x90 [ 930.130462][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 930.135548][T19757] get_compat_msghdr+0x108/0x2b0 [ 930.140458][T19757] do_recvmmsg+0xdba/0x22c0 [ 930.145023][T19757] __sys_recvmmsg+0x5dd/0x610 [ 930.149675][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 930.155717][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 930.161846][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 930.167104][T19757] do_int80_syscall_32+0x1d/0x30 [ 930.172015][T19757] entry_INT80_compat+0x71/0x76 [ 930.176832][T19757] [ 930.179151][T19757] Uninit was stored to memory at: [ 930.184153][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 930.189851][T19757] __msan_chain_origin+0x50/0x90 [ 930.194770][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 930.199853][T19757] get_compat_msghdr+0x108/0x2b0 [ 930.204769][T19757] do_recvmmsg+0xdba/0x22c0 [ 930.209246][T19757] __sys_recvmmsg+0x5dd/0x610 [ 930.213914][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 930.220043][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 930.226197][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 930.231462][T19757] do_int80_syscall_32+0x1d/0x30 [ 930.236381][T19757] entry_INT80_compat+0x71/0x76 [ 930.241204][T19757] [ 930.243547][T19757] Uninit was stored to memory at: [ 930.248560][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 930.254370][T19757] __msan_chain_origin+0x50/0x90 [ 930.259292][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 930.264384][T19757] get_compat_msghdr+0x108/0x2b0 [ 930.269294][T19757] do_recvmmsg+0xdba/0x22c0 [ 930.273773][T19757] __sys_recvmmsg+0x5dd/0x610 [ 930.278426][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 930.284471][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 930.290599][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 930.295868][T19757] do_int80_syscall_32+0x1d/0x30 [ 930.300780][T19757] entry_INT80_compat+0x71/0x76 [ 930.305600][T19757] [ 930.307906][T19757] Uninit was stored to memory at: [ 930.312913][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 930.318625][T19757] __msan_chain_origin+0x50/0x90 [ 930.323635][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 930.328822][T19757] get_compat_msghdr+0x108/0x2b0 [ 930.333734][T19757] do_recvmmsg+0xdba/0x22c0 [ 930.338211][T19757] __sys_recvmmsg+0x5dd/0x610 [ 930.342862][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 930.348904][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 930.355042][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 930.360348][T19757] do_int80_syscall_32+0x1d/0x30 [ 930.365283][T19757] entry_INT80_compat+0x71/0x76 [ 930.370133][T19757] [ 930.372437][T19757] Uninit was stored to memory at: [ 930.377439][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 930.383134][T19757] __msan_chain_origin+0x50/0x90 [ 930.388046][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 930.393136][T19757] get_compat_msghdr+0x108/0x2b0 [ 930.398051][T19757] do_recvmmsg+0xdba/0x22c0 [ 930.402532][T19757] __sys_recvmmsg+0x5dd/0x610 [ 930.407186][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 930.413239][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 930.419379][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 930.424646][T19757] do_int80_syscall_32+0x1d/0x30 [ 930.429645][T19757] entry_INT80_compat+0x71/0x76 [ 930.434464][T19757] [ 930.436768][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 930.443416][T19757] do_recvmmsg+0xc2/0x22c0 [ 930.447805][T19757] do_recvmmsg+0xc2/0x22c0 [ 930.617752][T19757] not chained 100000 origins [ 930.622525][T19757] CPU: 1 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 930.631187][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 930.641240][T19757] Call Trace: [ 930.644541][T19757] dump_stack+0x21c/0x280 [ 930.648880][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 930.654616][T19757] ? kmsan_get_metadata+0x116/0x180 [ 930.659822][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 930.665634][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 930.671704][T19757] ? kmsan_get_metadata+0x116/0x180 [ 930.676905][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 930.682460][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 930.688540][T19757] ? _copy_from_user+0x221/0x330 [ 930.693483][T19757] ? kmsan_get_metadata+0x116/0x180 [ 930.698680][T19757] __msan_chain_origin+0x50/0x90 [ 930.703625][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 930.708755][T19757] get_compat_msghdr+0x108/0x2b0 [ 930.713706][T19757] do_recvmmsg+0xdba/0x22c0 [ 930.718213][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 930.724392][T19757] ? kmsan_get_metadata+0x116/0x180 [ 930.729616][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 930.735252][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 930.740536][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 930.745297][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 930.750064][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 930.756135][T19757] __sys_recvmmsg+0x5dd/0x610 [ 930.760828][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 930.766908][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 930.773069][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 930.778395][T19757] do_int80_syscall_32+0x1d/0x30 [ 930.783353][T19757] entry_INT80_compat+0x71/0x76 [ 930.788195][T19757] RIP: 0023:0xf7f85549 [ 930.792236][T19757] Code: Bad RIP value. [ 930.796287][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 930.804765][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 930.812835][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 930.820783][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 930.828730][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 930.836676][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 930.844628][T19757] Uninit was stored to memory at: [ 930.849635][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 930.855431][T19757] __msan_chain_origin+0x50/0x90 [ 930.860347][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 930.865534][T19757] get_compat_msghdr+0x108/0x2b0 [ 930.870455][T19757] do_recvmmsg+0xdba/0x22c0 [ 930.874941][T19757] __sys_recvmmsg+0x5dd/0x610 [ 930.879600][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 930.885642][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 930.891773][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 930.897061][T19757] do_int80_syscall_32+0x1d/0x30 [ 930.901978][T19757] entry_INT80_compat+0x71/0x76 [ 930.906795][T19757] [ 930.909095][T19757] Uninit was stored to memory at: [ 930.914097][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 930.919819][T19757] __msan_chain_origin+0x50/0x90 [ 930.924854][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 930.929938][T19757] get_compat_msghdr+0x108/0x2b0 [ 930.934852][T19757] do_recvmmsg+0xdba/0x22c0 [ 930.939329][T19757] __sys_recvmmsg+0x5dd/0x610 [ 930.943980][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 930.950022][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 930.956149][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 930.961420][T19757] do_int80_syscall_32+0x1d/0x30 [ 930.966350][T19757] entry_INT80_compat+0x71/0x76 [ 930.971252][T19757] [ 930.973551][T19757] Uninit was stored to memory at: [ 930.978550][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 930.984243][T19757] __msan_chain_origin+0x50/0x90 [ 930.989151][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 930.994236][T19757] get_compat_msghdr+0x108/0x2b0 [ 930.999167][T19757] do_recvmmsg+0xdba/0x22c0 [ 931.003662][T19757] __sys_recvmmsg+0x5dd/0x610 [ 931.008405][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 931.014447][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 931.020693][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 931.025974][T19757] do_int80_syscall_32+0x1d/0x30 [ 931.030885][T19757] entry_INT80_compat+0x71/0x76 [ 931.035702][T19757] [ 931.038002][T19757] Uninit was stored to memory at: [ 931.043016][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 931.048710][T19757] __msan_chain_origin+0x50/0x90 [ 931.053623][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 931.058706][T19757] get_compat_msghdr+0x108/0x2b0 [ 931.063617][T19757] do_recvmmsg+0xdba/0x22c0 [ 931.068094][T19757] __sys_recvmmsg+0x5dd/0x610 [ 931.072748][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 931.078790][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 931.084919][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 931.090184][T19757] do_int80_syscall_32+0x1d/0x30 [ 931.095097][T19757] entry_INT80_compat+0x71/0x76 [ 931.099913][T19757] [ 931.102214][T19757] Uninit was stored to memory at: [ 931.107213][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 931.112992][T19757] __msan_chain_origin+0x50/0x90 [ 931.117903][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 931.123073][T19757] get_compat_msghdr+0x108/0x2b0 [ 931.127981][T19757] do_recvmmsg+0xdba/0x22c0 [ 931.132457][T19757] __sys_recvmmsg+0x5dd/0x610 [ 931.137109][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 931.143161][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 931.149286][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 931.154663][T19757] do_int80_syscall_32+0x1d/0x30 [ 931.159604][T19757] entry_INT80_compat+0x71/0x76 [ 931.164436][T19757] [ 931.166741][T19757] Uninit was stored to memory at: [ 931.171741][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 931.177442][T19757] __msan_chain_origin+0x50/0x90 [ 931.182371][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 931.187457][T19757] get_compat_msghdr+0x108/0x2b0 [ 931.192369][T19757] do_recvmmsg+0xdba/0x22c0 [ 931.196933][T19757] __sys_recvmmsg+0x5dd/0x610 [ 931.201598][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 931.207678][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 931.213802][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 931.219057][T19757] do_int80_syscall_32+0x1d/0x30 [ 931.223987][T19757] entry_INT80_compat+0x71/0x76 [ 931.228824][T19757] [ 931.231125][T19757] Uninit was stored to memory at: [ 931.236123][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 931.241815][T19757] __msan_chain_origin+0x50/0x90 [ 931.246740][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 931.251826][T19757] get_compat_msghdr+0x108/0x2b0 [ 931.256756][T19757] do_recvmmsg+0xdba/0x22c0 [ 931.261333][T19757] __sys_recvmmsg+0x5dd/0x610 [ 931.266005][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 931.272085][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 931.278235][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 931.283581][T19757] do_int80_syscall_32+0x1d/0x30 [ 931.288495][T19757] entry_INT80_compat+0x71/0x76 [ 931.293314][T19757] [ 931.295620][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 931.302275][T19757] do_recvmmsg+0xc2/0x22c0 [ 931.306670][T19757] do_recvmmsg+0xc2/0x22c0 [ 931.455236][T19757] not chained 110000 origins [ 931.459870][T19757] CPU: 1 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 931.468534][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 931.478584][T19757] Call Trace: [ 931.481902][T19757] dump_stack+0x21c/0x280 [ 931.486243][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 931.491986][T19757] ? kmsan_get_metadata+0x116/0x180 [ 931.497186][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 931.502995][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 931.509062][T19757] ? kmsan_get_metadata+0x116/0x180 [ 931.514266][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 931.519826][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 931.525922][T19757] ? _copy_from_user+0x221/0x330 [ 931.530863][T19757] ? kmsan_get_metadata+0x116/0x180 [ 931.536073][T19757] __msan_chain_origin+0x50/0x90 [ 931.541015][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 931.546147][T19757] get_compat_msghdr+0x108/0x2b0 [ 931.551097][T19757] do_recvmmsg+0xdba/0x22c0 [ 931.555603][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 931.561784][T19757] ? kmsan_get_metadata+0x116/0x180 [ 931.566988][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 931.572625][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 931.577909][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 931.582670][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 931.587437][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 931.593506][T19757] __sys_recvmmsg+0x5dd/0x610 [ 931.598198][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 931.604281][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 931.610439][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 931.615833][T19757] do_int80_syscall_32+0x1d/0x30 [ 931.620785][T19757] entry_INT80_compat+0x71/0x76 [ 931.625634][T19757] RIP: 0023:0xf7f85549 [ 931.629771][T19757] Code: Bad RIP value. [ 931.633813][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 931.642198][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 931.650147][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 931.658091][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 931.666035][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 931.673982][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 931.681935][T19757] Uninit was stored to memory at: [ 931.686939][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 931.692633][T19757] __msan_chain_origin+0x50/0x90 [ 931.697547][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 931.702632][T19757] get_compat_msghdr+0x108/0x2b0 [ 931.707545][T19757] do_recvmmsg+0xdba/0x22c0 [ 931.712038][T19757] __sys_recvmmsg+0x5dd/0x610 [ 931.716776][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 931.722822][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 931.728954][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 931.734234][T19757] do_int80_syscall_32+0x1d/0x30 [ 931.739151][T19757] entry_INT80_compat+0x71/0x76 [ 931.743967][T19757] [ 931.746272][T19757] Uninit was stored to memory at: [ 931.751272][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 931.756964][T19757] __msan_chain_origin+0x50/0x90 [ 931.761874][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 931.766959][T19757] get_compat_msghdr+0x108/0x2b0 [ 931.771869][T19757] do_recvmmsg+0xdba/0x22c0 [ 931.776362][T19757] __sys_recvmmsg+0x5dd/0x610 [ 931.781015][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 931.787057][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 931.793187][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 931.798473][T19757] do_int80_syscall_32+0x1d/0x30 [ 931.803386][T19757] entry_INT80_compat+0x71/0x76 [ 931.808210][T19757] [ 931.810509][T19757] Uninit was stored to memory at: [ 931.815509][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 931.821289][T19757] __msan_chain_origin+0x50/0x90 [ 931.826210][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 931.831295][T19757] get_compat_msghdr+0x108/0x2b0 [ 931.836206][T19757] do_recvmmsg+0xdba/0x22c0 [ 931.840683][T19757] __sys_recvmmsg+0x5dd/0x610 [ 931.845336][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 931.851379][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 931.857509][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 931.862768][T19757] do_int80_syscall_32+0x1d/0x30 [ 931.867679][T19757] entry_INT80_compat+0x71/0x76 [ 931.872498][T19757] [ 931.874799][T19757] Uninit was stored to memory at: [ 931.879798][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 931.885490][T19757] __msan_chain_origin+0x50/0x90 [ 931.890421][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 931.895543][T19757] get_compat_msghdr+0x108/0x2b0 [ 931.900454][T19757] do_recvmmsg+0xdba/0x22c0 [ 931.904947][T19757] __sys_recvmmsg+0x5dd/0x610 [ 931.909601][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 931.915646][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 931.921777][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 931.927037][T19757] do_int80_syscall_32+0x1d/0x30 [ 931.931948][T19757] entry_INT80_compat+0x71/0x76 [ 931.936765][T19757] [ 931.939065][T19757] Uninit was stored to memory at: [ 931.944068][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 931.949760][T19757] __msan_chain_origin+0x50/0x90 [ 931.954676][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 931.959768][T19757] get_compat_msghdr+0x108/0x2b0 [ 931.964677][T19757] do_recvmmsg+0xdba/0x22c0 [ 931.969181][T19757] __sys_recvmmsg+0x5dd/0x610 [ 931.973921][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 931.979989][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 931.986129][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 931.991568][T19757] do_int80_syscall_32+0x1d/0x30 [ 931.996480][T19757] entry_INT80_compat+0x71/0x76 [ 932.001298][T19757] [ 932.004470][T19757] Uninit was stored to memory at: [ 932.009473][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 932.015165][T19757] __msan_chain_origin+0x50/0x90 [ 932.020090][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 932.025191][T19757] get_compat_msghdr+0x108/0x2b0 [ 932.030102][T19757] do_recvmmsg+0xdba/0x22c0 [ 932.034840][T19757] __sys_recvmmsg+0x5dd/0x610 [ 932.039492][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 932.045534][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 932.051665][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 932.056926][T19757] do_int80_syscall_32+0x1d/0x30 [ 932.061839][T19757] entry_INT80_compat+0x71/0x76 [ 932.066665][T19757] [ 932.068979][T19757] Uninit was stored to memory at: [ 932.073979][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 932.079670][T19757] __msan_chain_origin+0x50/0x90 [ 932.084580][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 932.089664][T19757] get_compat_msghdr+0x108/0x2b0 [ 932.094573][T19757] do_recvmmsg+0xdba/0x22c0 [ 932.099047][T19757] __sys_recvmmsg+0x5dd/0x610 [ 932.103714][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 932.109755][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 932.115895][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 932.121262][T19757] do_int80_syscall_32+0x1d/0x30 [ 932.126174][T19757] entry_INT80_compat+0x71/0x76 [ 932.130991][T19757] [ 932.133294][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 932.140038][T19757] do_recvmmsg+0xc2/0x22c0 [ 932.144434][T19757] do_recvmmsg+0xc2/0x22c0 [ 932.317206][T19757] not chained 120000 origins [ 932.321835][T19757] CPU: 1 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 932.330507][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 932.340560][T19757] Call Trace: [ 932.343860][T19757] dump_stack+0x21c/0x280 [ 932.348208][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 932.353950][T19757] ? kmsan_get_metadata+0x116/0x180 [ 932.359153][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 932.364964][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 932.371052][T19757] ? kmsan_get_metadata+0x116/0x180 [ 932.376343][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 932.381900][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 932.387975][T19757] ? _copy_from_user+0x221/0x330 [ 932.392944][T19757] ? kmsan_get_metadata+0x116/0x180 [ 932.398145][T19757] __msan_chain_origin+0x50/0x90 [ 932.403196][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 932.408326][T19757] get_compat_msghdr+0x108/0x2b0 [ 932.413280][T19757] do_recvmmsg+0xdba/0x22c0 [ 932.417784][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 932.424074][T19757] ? kmsan_get_metadata+0x116/0x180 [ 932.429279][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 932.434915][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 932.440207][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 932.444973][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 932.449746][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 932.455905][T19757] __sys_recvmmsg+0x5dd/0x610 [ 932.460607][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 932.466672][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 932.472902][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 932.478182][T19757] do_int80_syscall_32+0x1d/0x30 [ 932.483095][T19757] entry_INT80_compat+0x71/0x76 [ 932.487922][T19757] RIP: 0023:0xf7f85549 [ 932.491960][T19757] Code: Bad RIP value. [ 932.496000][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 932.504489][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 932.512439][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 932.520475][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 932.528427][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 932.536512][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 932.544470][T19757] Uninit was stored to memory at: [ 932.549476][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 932.555172][T19757] __msan_chain_origin+0x50/0x90 [ 932.560083][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 932.565170][T19757] get_compat_msghdr+0x108/0x2b0 [ 932.570083][T19757] do_recvmmsg+0xdba/0x22c0 [ 932.574574][T19757] __sys_recvmmsg+0x5dd/0x610 [ 932.579270][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 932.585314][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 932.591451][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 932.596744][T19757] do_int80_syscall_32+0x1d/0x30 [ 932.601681][T19757] entry_INT80_compat+0x71/0x76 [ 932.606498][T19757] [ 932.608797][T19757] Uninit was stored to memory at: [ 932.613799][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 932.619491][T19757] __msan_chain_origin+0x50/0x90 [ 932.624451][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 932.629534][T19757] get_compat_msghdr+0x108/0x2b0 [ 932.634532][T19757] do_recvmmsg+0xdba/0x22c0 [ 932.639037][T19757] __sys_recvmmsg+0x5dd/0x610 [ 932.643694][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 932.649732][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 932.655874][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 932.661135][T19757] do_int80_syscall_32+0x1d/0x30 [ 932.666048][T19757] entry_INT80_compat+0x71/0x76 [ 932.670863][T19757] [ 932.673164][T19757] Uninit was stored to memory at: [ 932.678165][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 932.683879][T19757] __msan_chain_origin+0x50/0x90 [ 932.688795][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 932.693905][T19757] get_compat_msghdr+0x108/0x2b0 [ 932.698814][T19757] do_recvmmsg+0xdba/0x22c0 [ 932.703289][T19757] __sys_recvmmsg+0x5dd/0x610 [ 932.707942][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 932.713982][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 932.720111][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 932.725387][T19757] do_int80_syscall_32+0x1d/0x30 [ 932.730300][T19757] entry_INT80_compat+0x71/0x76 [ 932.735116][T19757] [ 932.737420][T19757] Uninit was stored to memory at: [ 932.742419][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 932.748110][T19757] __msan_chain_origin+0x50/0x90 [ 932.753038][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 932.758126][T19757] get_compat_msghdr+0x108/0x2b0 [ 932.763036][T19757] do_recvmmsg+0xdba/0x22c0 [ 932.767515][T19757] __sys_recvmmsg+0x5dd/0x610 [ 932.772171][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 932.778245][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 932.784373][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 932.789631][T19757] do_int80_syscall_32+0x1d/0x30 [ 932.794547][T19757] entry_INT80_compat+0x71/0x76 [ 932.799366][T19757] [ 932.801779][T19757] Uninit was stored to memory at: [ 932.806796][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 932.812490][T19757] __msan_chain_origin+0x50/0x90 [ 932.817401][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 932.822498][T19757] get_compat_msghdr+0x108/0x2b0 [ 932.827408][T19757] do_recvmmsg+0xdba/0x22c0 [ 932.831886][T19757] __sys_recvmmsg+0x5dd/0x610 [ 932.836538][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 932.842580][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 932.848711][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 932.853981][T19757] do_int80_syscall_32+0x1d/0x30 [ 932.859205][T19757] entry_INT80_compat+0x71/0x76 [ 932.864032][T19757] [ 932.866347][T19757] Uninit was stored to memory at: [ 932.871345][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 932.877038][T19757] __msan_chain_origin+0x50/0x90 [ 932.881958][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 932.887039][T19757] get_compat_msghdr+0x108/0x2b0 [ 932.891947][T19757] do_recvmmsg+0xdba/0x22c0 [ 932.896557][T19757] __sys_recvmmsg+0x5dd/0x610 [ 932.901208][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 932.907249][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 932.913378][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 932.918638][T19757] do_int80_syscall_32+0x1d/0x30 [ 932.923553][T19757] entry_INT80_compat+0x71/0x76 [ 932.928383][T19757] [ 932.930682][T19757] Uninit was stored to memory at: [ 932.935779][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 932.941482][T19757] __msan_chain_origin+0x50/0x90 [ 932.946399][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 932.951492][T19757] get_compat_msghdr+0x108/0x2b0 [ 932.956427][T19757] do_recvmmsg+0xdba/0x22c0 [ 932.960902][T19757] __sys_recvmmsg+0x5dd/0x610 [ 932.965555][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 932.971600][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 932.977834][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 932.983095][T19757] do_int80_syscall_32+0x1d/0x30 [ 932.988008][T19757] entry_INT80_compat+0x71/0x76 [ 932.992829][T19757] [ 932.995134][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 933.001875][T19757] do_recvmmsg+0xc2/0x22c0 [ 933.006267][T19757] do_recvmmsg+0xc2/0x22c0 [ 933.174043][T19757] not chained 130000 origins [ 933.178776][T19757] CPU: 1 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 933.187442][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 933.197493][T19757] Call Trace: [ 933.200795][T19757] dump_stack+0x21c/0x280 [ 933.205158][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 933.210906][T19757] ? kmsan_get_metadata+0x116/0x180 [ 933.216109][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 933.221919][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 933.227984][T19757] ? kmsan_get_metadata+0x116/0x180 [ 933.233182][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 933.238736][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 933.244911][T19757] ? _copy_from_user+0x221/0x330 [ 933.249941][T19757] ? kmsan_get_metadata+0x116/0x180 [ 933.255152][T19757] __msan_chain_origin+0x50/0x90 [ 933.260096][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 933.265230][T19757] get_compat_msghdr+0x108/0x2b0 [ 933.270178][T19757] do_recvmmsg+0xdba/0x22c0 [ 933.274748][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 933.281105][T19757] ? kmsan_get_metadata+0x116/0x180 [ 933.286311][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 933.291948][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 933.297239][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 933.302005][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 933.306784][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 933.312861][T19757] __sys_recvmmsg+0x5dd/0x610 [ 933.317576][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 933.323631][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 933.329761][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 933.335030][T19757] do_int80_syscall_32+0x1d/0x30 [ 933.339950][T19757] entry_INT80_compat+0x71/0x76 [ 933.344779][T19757] RIP: 0023:0xf7f85549 [ 933.349036][T19757] Code: Bad RIP value. [ 933.353078][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 933.361473][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 933.369423][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 933.377405][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 933.385456][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 933.393405][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 933.401358][T19757] Uninit was stored to memory at: [ 933.406364][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 933.412059][T19757] __msan_chain_origin+0x50/0x90 [ 933.416971][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 933.422061][T19757] get_compat_msghdr+0x108/0x2b0 [ 933.426973][T19757] do_recvmmsg+0xdba/0x22c0 [ 933.431496][T19757] __sys_recvmmsg+0x5dd/0x610 [ 933.436148][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 933.442190][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 933.448335][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 933.453770][T19757] do_int80_syscall_32+0x1d/0x30 [ 933.458769][T19757] entry_INT80_compat+0x71/0x76 [ 933.463589][T19757] [ 933.465898][T19757] Uninit was stored to memory at: [ 933.470900][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 933.476631][T19757] __msan_chain_origin+0x50/0x90 [ 933.481547][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 933.486636][T19757] get_compat_msghdr+0x108/0x2b0 [ 933.491551][T19757] do_recvmmsg+0xdba/0x22c0 [ 933.496029][T19757] __sys_recvmmsg+0x5dd/0x610 [ 933.500780][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 933.506934][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 933.513079][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 933.518369][T19757] do_int80_syscall_32+0x1d/0x30 [ 933.523306][T19757] entry_INT80_compat+0x71/0x76 [ 933.528127][T19757] [ 933.530429][T19757] Uninit was stored to memory at: [ 933.535431][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 933.541127][T19757] __msan_chain_origin+0x50/0x90 [ 933.546045][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 933.551185][T19757] get_compat_msghdr+0x108/0x2b0 [ 933.556121][T19757] do_recvmmsg+0xdba/0x22c0 [ 933.560620][T19757] __sys_recvmmsg+0x5dd/0x610 [ 933.565278][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 933.571319][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 933.577444][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 933.582701][T19757] do_int80_syscall_32+0x1d/0x30 [ 933.587610][T19757] entry_INT80_compat+0x71/0x76 [ 933.592428][T19757] [ 933.594814][T19757] Uninit was stored to memory at: [ 933.599815][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 933.605511][T19757] __msan_chain_origin+0x50/0x90 [ 933.610424][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 933.615513][T19757] get_compat_msghdr+0x108/0x2b0 [ 933.620426][T19757] do_recvmmsg+0xdba/0x22c0 [ 933.624902][T19757] __sys_recvmmsg+0x5dd/0x610 [ 933.629567][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 933.635612][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 933.641742][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 933.647004][T19757] do_int80_syscall_32+0x1d/0x30 [ 933.651914][T19757] entry_INT80_compat+0x71/0x76 [ 933.656731][T19757] [ 933.659030][T19757] Uninit was stored to memory at: [ 933.664029][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 933.669740][T19757] __msan_chain_origin+0x50/0x90 [ 933.674668][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 933.679768][T19757] get_compat_msghdr+0x108/0x2b0 [ 933.684695][T19757] do_recvmmsg+0xdba/0x22c0 [ 933.689172][T19757] __sys_recvmmsg+0x5dd/0x610 [ 933.693825][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 933.699878][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 933.706003][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 933.711283][T19757] do_int80_syscall_32+0x1d/0x30 [ 933.716195][T19757] entry_INT80_compat+0x71/0x76 [ 933.721012][T19757] [ 933.723312][T19757] Uninit was stored to memory at: [ 933.728311][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 933.734009][T19757] __msan_chain_origin+0x50/0x90 [ 933.738919][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 933.744014][T19757] get_compat_msghdr+0x108/0x2b0 [ 933.748931][T19757] do_recvmmsg+0xdba/0x22c0 [ 933.753409][T19757] __sys_recvmmsg+0x5dd/0x610 [ 933.758063][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 933.764116][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 933.770243][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 933.775506][T19757] do_int80_syscall_32+0x1d/0x30 [ 933.780417][T19757] entry_INT80_compat+0x71/0x76 [ 933.785251][T19757] [ 933.787557][T19757] Uninit was stored to memory at: [ 933.792557][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 933.798249][T19757] __msan_chain_origin+0x50/0x90 [ 933.803164][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 933.808254][T19757] get_compat_msghdr+0x108/0x2b0 [ 933.813177][T19757] do_recvmmsg+0xdba/0x22c0 [ 933.817667][T19757] __sys_recvmmsg+0x5dd/0x610 [ 933.822322][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 933.828363][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 933.834517][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 933.839776][T19757] do_int80_syscall_32+0x1d/0x30 [ 933.844698][T19757] entry_INT80_compat+0x71/0x76 [ 933.849525][T19757] [ 933.851830][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 933.858476][T19757] do_recvmmsg+0xc2/0x22c0 [ 933.862987][T19757] do_recvmmsg+0xc2/0x22c0 [ 934.021037][T19757] not chained 140000 origins [ 934.025756][T19757] CPU: 1 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 934.034506][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 934.044555][T19757] Call Trace: [ 934.047854][T19757] dump_stack+0x21c/0x280 [ 934.052196][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 934.057933][T19757] ? kmsan_get_metadata+0x116/0x180 [ 934.063142][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 934.068951][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 934.075021][T19757] ? kmsan_get_metadata+0x116/0x180 [ 934.080318][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 934.085873][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 934.091951][T19757] ? _copy_from_user+0x221/0x330 [ 934.096895][T19757] ? kmsan_get_metadata+0x116/0x180 [ 934.102100][T19757] __msan_chain_origin+0x50/0x90 [ 934.107043][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 934.112266][T19757] get_compat_msghdr+0x108/0x2b0 [ 934.117215][T19757] do_recvmmsg+0xdba/0x22c0 [ 934.121721][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 934.127900][T19757] ? kmsan_get_metadata+0x116/0x180 [ 934.133097][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 934.138729][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 934.144035][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 934.148801][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 934.153567][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 934.159646][T19757] __sys_recvmmsg+0x5dd/0x610 [ 934.164344][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 934.170424][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 934.176572][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 934.181886][T19757] do_int80_syscall_32+0x1d/0x30 [ 934.186804][T19757] entry_INT80_compat+0x71/0x76 [ 934.191629][T19757] RIP: 0023:0xf7f85549 [ 934.195666][T19757] Code: Bad RIP value. [ 934.199704][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 934.208209][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 934.216156][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 934.224225][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 934.232266][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 934.240212][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 934.248187][T19757] Uninit was stored to memory at: [ 934.253208][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 934.258993][T19757] __msan_chain_origin+0x50/0x90 [ 934.263919][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 934.269004][T19757] get_compat_msghdr+0x108/0x2b0 [ 934.273925][T19757] do_recvmmsg+0xdba/0x22c0 [ 934.278402][T19757] __sys_recvmmsg+0x5dd/0x610 [ 934.283057][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 934.289104][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 934.295233][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 934.300493][T19757] do_int80_syscall_32+0x1d/0x30 [ 934.305407][T19757] entry_INT80_compat+0x71/0x76 [ 934.310230][T19757] [ 934.312591][T19757] Uninit was stored to memory at: [ 934.317600][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 934.323296][T19757] __msan_chain_origin+0x50/0x90 [ 934.328295][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 934.333381][T19757] get_compat_msghdr+0x108/0x2b0 [ 934.338333][T19757] do_recvmmsg+0xdba/0x22c0 [ 934.342942][T19757] __sys_recvmmsg+0x5dd/0x610 [ 934.347596][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 934.353638][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 934.359768][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 934.365030][T19757] do_int80_syscall_32+0x1d/0x30 [ 934.369949][T19757] entry_INT80_compat+0x71/0x76 [ 934.374768][T19757] [ 934.377117][T19757] Uninit was stored to memory at: [ 934.382165][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 934.387871][T19757] __msan_chain_origin+0x50/0x90 [ 934.392789][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 934.397877][T19757] get_compat_msghdr+0x108/0x2b0 [ 934.402790][T19757] do_recvmmsg+0xdba/0x22c0 [ 934.407269][T19757] __sys_recvmmsg+0x5dd/0x610 [ 934.411928][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 934.417975][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 934.424108][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 934.429380][T19757] do_int80_syscall_32+0x1d/0x30 [ 934.434441][T19757] entry_INT80_compat+0x71/0x76 [ 934.439277][T19757] [ 934.441615][T19757] Uninit was stored to memory at: [ 934.446620][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 934.452316][T19757] __msan_chain_origin+0x50/0x90 [ 934.457235][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 934.462359][T19757] get_compat_msghdr+0x108/0x2b0 [ 934.467285][T19757] do_recvmmsg+0xdba/0x22c0 [ 934.471927][T19757] __sys_recvmmsg+0x5dd/0x610 [ 934.476615][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 934.482658][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 934.488783][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 934.494044][T19757] do_int80_syscall_32+0x1d/0x30 [ 934.498996][T19757] entry_INT80_compat+0x71/0x76 [ 934.503919][T19757] [ 934.506223][T19757] Uninit was stored to memory at: [ 934.511412][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 934.517117][T19757] __msan_chain_origin+0x50/0x90 [ 934.522122][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 934.527220][T19757] get_compat_msghdr+0x108/0x2b0 [ 934.532135][T19757] do_recvmmsg+0xdba/0x22c0 [ 934.536700][T19757] __sys_recvmmsg+0x5dd/0x610 [ 934.541362][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 934.547444][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 934.553577][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 934.558834][T19757] do_int80_syscall_32+0x1d/0x30 [ 934.563861][T19757] entry_INT80_compat+0x71/0x76 [ 934.568683][T19757] [ 934.570982][T19757] Uninit was stored to memory at: [ 934.576006][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 934.582000][T19757] __msan_chain_origin+0x50/0x90 [ 934.586922][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 934.592096][T19757] get_compat_msghdr+0x108/0x2b0 [ 934.597200][T19757] do_recvmmsg+0xdba/0x22c0 [ 934.601678][T19757] __sys_recvmmsg+0x5dd/0x610 [ 934.606329][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 934.612369][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 934.618508][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 934.623798][T19757] do_int80_syscall_32+0x1d/0x30 [ 934.628744][T19757] entry_INT80_compat+0x71/0x76 [ 934.633564][T19757] [ 934.635881][T19757] Uninit was stored to memory at: [ 934.640881][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 934.646576][T19757] __msan_chain_origin+0x50/0x90 [ 934.651577][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 934.656660][T19757] get_compat_msghdr+0x108/0x2b0 [ 934.661574][T19757] do_recvmmsg+0xdba/0x22c0 [ 934.666062][T19757] __sys_recvmmsg+0x5dd/0x610 [ 934.670716][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 934.676772][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 934.682900][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 934.688160][T19757] do_int80_syscall_32+0x1d/0x30 [ 934.693171][T19757] entry_INT80_compat+0x71/0x76 [ 934.697989][T19757] [ 934.700413][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 934.707063][T19757] do_recvmmsg+0xc2/0x22c0 [ 934.711474][T19757] do_recvmmsg+0xc2/0x22c0 [ 934.858492][T19757] not chained 150000 origins [ 934.863127][T19757] CPU: 1 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 934.871809][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 934.881859][T19757] Call Trace: [ 934.885154][T19757] dump_stack+0x21c/0x280 [ 934.889496][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 934.895239][T19757] ? kmsan_get_metadata+0x116/0x180 [ 934.900440][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 934.906257][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 934.912328][T19757] ? kmsan_get_metadata+0x116/0x180 [ 934.917549][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 934.923209][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 934.929297][T19757] ? _copy_from_user+0x221/0x330 [ 934.934238][T19757] ? kmsan_get_metadata+0x116/0x180 [ 934.939472][T19757] __msan_chain_origin+0x50/0x90 [ 934.944418][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 934.949546][T19757] get_compat_msghdr+0x108/0x2b0 [ 934.954497][T19757] do_recvmmsg+0xdba/0x22c0 [ 934.959098][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 934.965296][T19757] ? kmsan_get_metadata+0x116/0x180 [ 934.970501][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 934.976234][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 934.981528][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 934.986303][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 934.991074][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 934.997148][T19757] __sys_recvmmsg+0x5dd/0x610 [ 935.001850][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 935.008054][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 935.014220][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 935.019634][T19757] do_int80_syscall_32+0x1d/0x30 [ 935.024571][T19757] entry_INT80_compat+0x71/0x76 [ 935.029518][T19757] RIP: 0023:0xf7f85549 [ 935.033559][T19757] Code: Bad RIP value. [ 935.037603][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 935.045993][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 935.053943][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 935.061894][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 935.069839][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 935.077787][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 935.085742][T19757] Uninit was stored to memory at: [ 935.090747][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 935.096444][T19757] __msan_chain_origin+0x50/0x90 [ 935.101368][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 935.106468][T19757] get_compat_msghdr+0x108/0x2b0 [ 935.111407][T19757] do_recvmmsg+0xdba/0x22c0 [ 935.115893][T19757] __sys_recvmmsg+0x5dd/0x610 [ 935.120561][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 935.126622][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 935.132762][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 935.138041][T19757] do_int80_syscall_32+0x1d/0x30 [ 935.142969][T19757] entry_INT80_compat+0x71/0x76 [ 935.147792][T19757] [ 935.150095][T19757] Uninit was stored to memory at: [ 935.155100][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 935.160797][T19757] __msan_chain_origin+0x50/0x90 [ 935.165713][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 935.170800][T19757] get_compat_msghdr+0x108/0x2b0 [ 935.175712][T19757] do_recvmmsg+0xdba/0x22c0 [ 935.180197][T19757] __sys_recvmmsg+0x5dd/0x610 [ 935.184850][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 935.190890][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 935.197022][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 935.202369][T19757] do_int80_syscall_32+0x1d/0x30 [ 935.207336][T19757] entry_INT80_compat+0x71/0x76 [ 935.212160][T19757] [ 935.214462][T19757] Uninit was stored to memory at: [ 935.219464][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 935.225160][T19757] __msan_chain_origin+0x50/0x90 [ 935.230072][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 935.235161][T19757] get_compat_msghdr+0x108/0x2b0 [ 935.240074][T19757] do_recvmmsg+0xdba/0x22c0 [ 935.244553][T19757] __sys_recvmmsg+0x5dd/0x610 [ 935.249205][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 935.255338][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 935.261468][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 935.266728][T19757] do_int80_syscall_32+0x1d/0x30 [ 935.271643][T19757] entry_INT80_compat+0x71/0x76 [ 935.276464][T19757] [ 935.278766][T19757] Uninit was stored to memory at: [ 935.283767][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 935.289479][T19757] __msan_chain_origin+0x50/0x90 [ 935.294411][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 935.299503][T19757] get_compat_msghdr+0x108/0x2b0 [ 935.304422][T19757] do_recvmmsg+0xdba/0x22c0 [ 935.308902][T19757] __sys_recvmmsg+0x5dd/0x610 [ 935.313556][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 935.319599][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 935.325731][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 935.330994][T19757] do_int80_syscall_32+0x1d/0x30 [ 935.335997][T19757] entry_INT80_compat+0x71/0x76 [ 935.340817][T19757] [ 935.343208][T19757] Uninit was stored to memory at: [ 935.348227][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 935.353978][T19757] __msan_chain_origin+0x50/0x90 [ 935.358904][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 935.364002][T19757] get_compat_msghdr+0x108/0x2b0 [ 935.368916][T19757] do_recvmmsg+0xdba/0x22c0 [ 935.373396][T19757] __sys_recvmmsg+0x5dd/0x610 [ 935.378049][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 935.384105][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 935.390237][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 935.395498][T19757] do_int80_syscall_32+0x1d/0x30 [ 935.400409][T19757] entry_INT80_compat+0x71/0x76 [ 935.405229][T19757] [ 935.407534][T19757] Uninit was stored to memory at: [ 935.412537][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 935.418229][T19757] __msan_chain_origin+0x50/0x90 [ 935.423141][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 935.428243][T19757] get_compat_msghdr+0x108/0x2b0 [ 935.433157][T19757] do_recvmmsg+0xdba/0x22c0 [ 935.437632][T19757] __sys_recvmmsg+0x5dd/0x610 [ 935.442390][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 935.448432][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 935.454564][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 935.459825][T19757] do_int80_syscall_32+0x1d/0x30 [ 935.464738][T19757] entry_INT80_compat+0x71/0x76 [ 935.469680][T19757] [ 935.472087][T19757] Uninit was stored to memory at: [ 935.477091][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 935.482791][T19757] __msan_chain_origin+0x50/0x90 [ 935.487704][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 935.492807][T19757] get_compat_msghdr+0x108/0x2b0 [ 935.497721][T19757] do_recvmmsg+0xdba/0x22c0 [ 935.502199][T19757] __sys_recvmmsg+0x5dd/0x610 [ 935.506852][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 935.512896][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 935.519032][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 935.524295][T19757] do_int80_syscall_32+0x1d/0x30 [ 935.529316][T19757] entry_INT80_compat+0x71/0x76 [ 935.534134][T19757] [ 935.536440][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 935.543200][T19757] do_recvmmsg+0xc2/0x22c0 [ 935.547591][T19757] do_recvmmsg+0xc2/0x22c0 [ 935.710498][T19757] not chained 160000 origins [ 935.715233][T19757] CPU: 1 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 935.723900][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 935.734087][T19757] Call Trace: [ 935.737406][T19757] dump_stack+0x21c/0x280 [ 935.741751][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 935.747490][T19757] ? kmsan_get_metadata+0x116/0x180 [ 935.752695][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 935.758511][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 935.764586][T19757] ? kmsan_get_metadata+0x116/0x180 [ 935.769791][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 935.775345][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 935.781428][T19757] ? _copy_from_user+0x221/0x330 [ 935.786379][T19757] ? kmsan_get_metadata+0x116/0x180 [ 935.791593][T19757] __msan_chain_origin+0x50/0x90 [ 935.796539][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 935.801681][T19757] get_compat_msghdr+0x108/0x2b0 [ 935.806638][T19757] do_recvmmsg+0xdba/0x22c0 [ 935.811146][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 935.817378][T19757] ? kmsan_get_metadata+0x116/0x180 [ 935.822580][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 935.828228][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 935.833539][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 935.838324][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 935.843093][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 935.849167][T19757] __sys_recvmmsg+0x5dd/0x610 [ 935.853969][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 935.860021][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 935.866240][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 935.871505][T19757] do_int80_syscall_32+0x1d/0x30 [ 935.876421][T19757] entry_INT80_compat+0x71/0x76 [ 935.881244][T19757] RIP: 0023:0xf7f85549 [ 935.885300][T19757] Code: Bad RIP value. [ 935.889346][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 935.897732][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 935.905681][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 935.913644][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 935.921612][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 935.929573][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 935.937525][T19757] Uninit was stored to memory at: [ 935.942556][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 935.948248][T19757] __msan_chain_origin+0x50/0x90 [ 935.953160][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 935.958245][T19757] get_compat_msghdr+0x108/0x2b0 [ 935.963157][T19757] do_recvmmsg+0xdba/0x22c0 [ 935.967635][T19757] __sys_recvmmsg+0x5dd/0x610 [ 935.972289][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 935.978354][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 935.984502][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 935.989763][T19757] do_int80_syscall_32+0x1d/0x30 [ 935.994678][T19757] entry_INT80_compat+0x71/0x76 [ 935.999502][T19757] [ 936.001804][T19757] Uninit was stored to memory at: [ 936.006806][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 936.012501][T19757] __msan_chain_origin+0x50/0x90 [ 936.017414][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 936.022500][T19757] get_compat_msghdr+0x108/0x2b0 [ 936.027498][T19757] do_recvmmsg+0xdba/0x22c0 [ 936.031991][T19757] __sys_recvmmsg+0x5dd/0x610 [ 936.036733][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 936.042776][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 936.048906][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 936.054168][T19757] do_int80_syscall_32+0x1d/0x30 [ 936.059082][T19757] entry_INT80_compat+0x71/0x76 [ 936.063901][T19757] [ 936.066204][T19757] Uninit was stored to memory at: [ 936.071203][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 936.076899][T19757] __msan_chain_origin+0x50/0x90 [ 936.081811][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 936.086897][T19757] get_compat_msghdr+0x108/0x2b0 [ 936.091809][T19757] do_recvmmsg+0xdba/0x22c0 [ 936.096293][T19757] __sys_recvmmsg+0x5dd/0x610 [ 936.100946][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 936.107003][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 936.113134][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 936.118393][T19757] do_int80_syscall_32+0x1d/0x30 [ 936.123443][T19757] entry_INT80_compat+0x71/0x76 [ 936.128264][T19757] [ 936.130568][T19757] Uninit was stored to memory at: [ 936.135591][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 936.141426][T19757] __msan_chain_origin+0x50/0x90 [ 936.146342][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 936.151430][T19757] get_compat_msghdr+0x108/0x2b0 [ 936.156348][T19757] do_recvmmsg+0xdba/0x22c0 [ 936.160829][T19757] __sys_recvmmsg+0x5dd/0x610 [ 936.165483][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 936.171527][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 936.177659][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 936.182924][T19757] do_int80_syscall_32+0x1d/0x30 [ 936.187856][T19757] entry_INT80_compat+0x71/0x76 [ 936.192688][T19757] [ 936.195003][T19757] Uninit was stored to memory at: [ 936.200020][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 936.205862][T19757] __msan_chain_origin+0x50/0x90 [ 936.210793][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 936.215886][T19757] get_compat_msghdr+0x108/0x2b0 [ 936.220800][T19757] do_recvmmsg+0xdba/0x22c0 [ 936.225281][T19757] __sys_recvmmsg+0x5dd/0x610 [ 936.229933][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 936.236014][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 936.242147][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 936.247409][T19757] do_int80_syscall_32+0x1d/0x30 [ 936.252322][T19757] entry_INT80_compat+0x71/0x76 [ 936.257141][T19757] [ 936.259441][T19757] Uninit was stored to memory at: [ 936.264444][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 936.270152][T19757] __msan_chain_origin+0x50/0x90 [ 936.275075][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 936.280167][T19757] get_compat_msghdr+0x108/0x2b0 [ 936.285087][T19757] do_recvmmsg+0xdba/0x22c0 [ 936.289570][T19757] __sys_recvmmsg+0x5dd/0x610 [ 936.294351][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 936.300485][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 936.306631][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 936.312006][T19757] do_int80_syscall_32+0x1d/0x30 [ 936.316923][T19757] entry_INT80_compat+0x71/0x76 [ 936.321744][T19757] [ 936.324136][T19757] Uninit was stored to memory at: [ 936.329159][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 936.334897][T19757] __msan_chain_origin+0x50/0x90 [ 936.339813][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 936.344927][T19757] get_compat_msghdr+0x108/0x2b0 [ 936.349842][T19757] do_recvmmsg+0xdba/0x22c0 [ 936.354355][T19757] __sys_recvmmsg+0x5dd/0x610 [ 936.359008][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 936.365051][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 936.371180][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 936.376527][T19757] do_int80_syscall_32+0x1d/0x30 [ 936.381440][T19757] entry_INT80_compat+0x71/0x76 [ 936.386260][T19757] [ 936.388562][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 936.395222][T19757] do_recvmmsg+0xc2/0x22c0 [ 936.399613][T19757] do_recvmmsg+0xc2/0x22c0 [ 936.578078][T19757] not chained 170000 origins [ 936.582715][T19757] CPU: 1 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 936.591379][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 936.601606][T19757] Call Trace: [ 936.604908][T19757] dump_stack+0x21c/0x280 [ 936.609259][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 936.615024][T19757] ? kmsan_get_metadata+0x116/0x180 [ 936.620230][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 936.626044][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 936.632117][T19757] ? kmsan_get_metadata+0x116/0x180 [ 936.637325][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 936.642981][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 936.649057][T19757] ? _copy_from_user+0x221/0x330 [ 936.654003][T19757] ? kmsan_get_metadata+0x116/0x180 [ 936.659205][T19757] __msan_chain_origin+0x50/0x90 [ 936.664155][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 936.669287][T19757] get_compat_msghdr+0x108/0x2b0 [ 936.674236][T19757] do_recvmmsg+0xdba/0x22c0 [ 936.678776][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 936.684963][T19757] ? kmsan_get_metadata+0x116/0x180 [ 936.690168][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 936.695806][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 936.701096][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 936.705877][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 936.710648][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 936.716723][T19757] __sys_recvmmsg+0x5dd/0x610 [ 936.721424][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 936.727679][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 936.733842][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 936.739132][T19757] do_int80_syscall_32+0x1d/0x30 [ 936.744052][T19757] entry_INT80_compat+0x71/0x76 [ 936.748966][T19757] RIP: 0023:0xf7f85549 [ 936.753018][T19757] Code: Bad RIP value. [ 936.757060][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 936.765447][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 936.773395][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 936.781344][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 936.789289][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 936.797236][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 936.805186][T19757] Uninit was stored to memory at: [ 936.810190][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 936.815884][T19757] __msan_chain_origin+0x50/0x90 [ 936.820797][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 936.825893][T19757] get_compat_msghdr+0x108/0x2b0 [ 936.830814][T19757] do_recvmmsg+0xdba/0x22c0 [ 936.835296][T19757] __sys_recvmmsg+0x5dd/0x610 [ 936.839959][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 936.846001][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 936.852131][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 936.857391][T19757] do_int80_syscall_32+0x1d/0x30 [ 936.862305][T19757] entry_INT80_compat+0x71/0x76 [ 936.867123][T19757] [ 936.869422][T19757] Uninit was stored to memory at: [ 936.874422][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 936.880117][T19757] __msan_chain_origin+0x50/0x90 [ 936.885029][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 936.890115][T19757] get_compat_msghdr+0x108/0x2b0 [ 936.895030][T19757] do_recvmmsg+0xdba/0x22c0 [ 936.899506][T19757] __sys_recvmmsg+0x5dd/0x610 [ 936.904159][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 936.910199][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 936.916373][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 936.921633][T19757] do_int80_syscall_32+0x1d/0x30 [ 936.926543][T19757] entry_INT80_compat+0x71/0x76 [ 936.931362][T19757] [ 936.933662][T19757] Uninit was stored to memory at: [ 936.938663][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 936.944361][T19757] __msan_chain_origin+0x50/0x90 [ 936.949279][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 936.954475][T19757] get_compat_msghdr+0x108/0x2b0 [ 936.959512][T19757] do_recvmmsg+0xdba/0x22c0 [ 936.963996][T19757] __sys_recvmmsg+0x5dd/0x610 [ 936.968647][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 936.974705][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 936.980844][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 936.986114][T19757] do_int80_syscall_32+0x1d/0x30 [ 936.991035][T19757] entry_INT80_compat+0x71/0x76 [ 936.995859][T19757] [ 936.998164][T19757] Uninit was stored to memory at: [ 937.003172][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 937.008868][T19757] __msan_chain_origin+0x50/0x90 [ 937.013784][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 937.018870][T19757] get_compat_msghdr+0x108/0x2b0 [ 937.023784][T19757] do_recvmmsg+0xdba/0x22c0 [ 937.028268][T19757] __sys_recvmmsg+0x5dd/0x610 [ 937.032923][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 937.038978][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 937.045108][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 937.050371][T19757] do_int80_syscall_32+0x1d/0x30 [ 937.055284][T19757] entry_INT80_compat+0x71/0x76 [ 937.060100][T19757] [ 937.062403][T19757] Uninit was stored to memory at: [ 937.067401][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 937.073116][T19757] __msan_chain_origin+0x50/0x90 [ 937.078028][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 937.083131][T19757] get_compat_msghdr+0x108/0x2b0 [ 937.088074][T19757] do_recvmmsg+0xdba/0x22c0 [ 937.092640][T19757] __sys_recvmmsg+0x5dd/0x610 [ 937.097299][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 937.103355][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 937.109484][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 937.114771][T19757] do_int80_syscall_32+0x1d/0x30 [ 937.119681][T19757] entry_INT80_compat+0x71/0x76 [ 937.124501][T19757] [ 937.126804][T19757] Uninit was stored to memory at: [ 937.131820][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 937.137512][T19757] __msan_chain_origin+0x50/0x90 [ 937.142425][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 937.147509][T19757] get_compat_msghdr+0x108/0x2b0 [ 937.152422][T19757] do_recvmmsg+0xdba/0x22c0 [ 937.156899][T19757] __sys_recvmmsg+0x5dd/0x610 [ 937.161567][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 937.167607][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 937.173734][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 937.178996][T19757] do_int80_syscall_32+0x1d/0x30 [ 937.183909][T19757] entry_INT80_compat+0x71/0x76 [ 937.188726][T19757] [ 937.191025][T19757] Uninit was stored to memory at: [ 937.196037][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 937.201731][T19757] __msan_chain_origin+0x50/0x90 [ 937.206641][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 937.211729][T19757] get_compat_msghdr+0x108/0x2b0 [ 937.216653][T19757] do_recvmmsg+0xdba/0x22c0 [ 937.221131][T19757] __sys_recvmmsg+0x5dd/0x610 [ 937.225826][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 937.231868][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 937.238009][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 937.243358][T19757] do_int80_syscall_32+0x1d/0x30 [ 937.248269][T19757] entry_INT80_compat+0x71/0x76 [ 937.253105][T19757] [ 937.255424][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 937.262078][T19757] do_recvmmsg+0xc2/0x22c0 [ 937.266469][T19757] do_recvmmsg+0xc2/0x22c0 [ 937.443010][T19757] not chained 180000 origins [ 937.447650][T19757] CPU: 1 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 937.456316][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 937.466368][T19757] Call Trace: [ 937.469668][T19757] dump_stack+0x21c/0x280 [ 937.474013][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 937.479751][T19757] ? kmsan_get_metadata+0x116/0x180 [ 937.484961][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 937.490779][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 937.496850][T19757] ? kmsan_get_metadata+0x116/0x180 [ 937.502053][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 937.507608][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 937.513806][T19757] ? _copy_from_user+0x221/0x330 [ 937.518748][T19757] ? kmsan_get_metadata+0x116/0x180 [ 937.523955][T19757] __msan_chain_origin+0x50/0x90 [ 937.528904][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 937.534034][T19757] get_compat_msghdr+0x108/0x2b0 [ 937.538984][T19757] do_recvmmsg+0xdba/0x22c0 [ 937.543492][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 937.549678][T19757] ? kmsan_get_metadata+0x116/0x180 [ 937.554880][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 937.560522][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 937.565813][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 937.570563][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 937.575306][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 937.581349][T19757] __sys_recvmmsg+0x5dd/0x610 [ 937.586013][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 937.592059][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 937.598191][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 937.603456][T19757] do_int80_syscall_32+0x1d/0x30 [ 937.608381][T19757] entry_INT80_compat+0x71/0x76 [ 937.613207][T19757] RIP: 0023:0xf7f85549 [ 937.617243][T19757] Code: Bad RIP value. [ 937.621284][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 937.629670][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 937.637618][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 937.645678][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 937.653714][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 937.661677][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 937.669631][T19757] Uninit was stored to memory at: [ 937.674638][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 937.680340][T19757] __msan_chain_origin+0x50/0x90 [ 937.685344][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 937.690432][T19757] get_compat_msghdr+0x108/0x2b0 [ 937.695344][T19757] do_recvmmsg+0xdba/0x22c0 [ 937.699826][T19757] __sys_recvmmsg+0x5dd/0x610 [ 937.704479][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 937.710520][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 937.716687][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 937.721949][T19757] do_int80_syscall_32+0x1d/0x30 [ 937.726898][T19757] entry_INT80_compat+0x71/0x76 [ 937.731716][T19757] [ 937.734016][T19757] Uninit was stored to memory at: [ 937.739016][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 937.744712][T19757] __msan_chain_origin+0x50/0x90 [ 937.749657][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 937.754747][T19757] get_compat_msghdr+0x108/0x2b0 [ 937.759659][T19757] do_recvmmsg+0xdba/0x22c0 [ 937.764139][T19757] __sys_recvmmsg+0x5dd/0x610 [ 937.768806][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 937.774858][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 937.780988][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 937.786255][T19757] do_int80_syscall_32+0x1d/0x30 [ 937.791169][T19757] entry_INT80_compat+0x71/0x76 [ 937.796008][T19757] [ 937.798310][T19757] Uninit was stored to memory at: [ 937.803311][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 937.809005][T19757] __msan_chain_origin+0x50/0x90 [ 937.813919][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 937.819005][T19757] get_compat_msghdr+0x108/0x2b0 [ 937.823918][T19757] do_recvmmsg+0xdba/0x22c0 [ 937.828406][T19757] __sys_recvmmsg+0x5dd/0x610 [ 937.833062][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 937.839104][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 937.845321][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 937.850580][T19757] do_int80_syscall_32+0x1d/0x30 [ 937.855510][T19757] entry_INT80_compat+0x71/0x76 [ 937.860336][T19757] [ 937.862638][T19757] Uninit was stored to memory at: [ 937.867640][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 937.873333][T19757] __msan_chain_origin+0x50/0x90 [ 937.878251][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 937.883337][T19757] get_compat_msghdr+0x108/0x2b0 [ 937.888251][T19757] do_recvmmsg+0xdba/0x22c0 [ 937.892729][T19757] __sys_recvmmsg+0x5dd/0x610 [ 937.897401][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 937.903531][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 937.909660][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 937.914972][T19757] do_int80_syscall_32+0x1d/0x30 [ 937.919887][T19757] entry_INT80_compat+0x71/0x76 [ 937.924738][T19757] [ 937.927040][T19757] Uninit was stored to memory at: [ 937.932043][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 937.937738][T19757] __msan_chain_origin+0x50/0x90 [ 937.942949][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 937.948077][T19757] get_compat_msghdr+0x108/0x2b0 [ 937.952989][T19757] do_recvmmsg+0xdba/0x22c0 [ 937.957486][T19757] __sys_recvmmsg+0x5dd/0x610 [ 937.962141][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 937.968183][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 937.974311][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 937.979571][T19757] do_int80_syscall_32+0x1d/0x30 [ 937.984671][T19757] entry_INT80_compat+0x71/0x76 [ 937.989497][T19757] [ 937.991801][T19757] Uninit was stored to memory at: [ 937.996804][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 938.002497][T19757] __msan_chain_origin+0x50/0x90 [ 938.007533][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 938.012621][T19757] get_compat_msghdr+0x108/0x2b0 [ 938.017535][T19757] do_recvmmsg+0xdba/0x22c0 [ 938.022013][T19757] __sys_recvmmsg+0x5dd/0x610 [ 938.026668][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 938.032712][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 938.038843][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 938.044103][T19757] do_int80_syscall_32+0x1d/0x30 [ 938.049014][T19757] entry_INT80_compat+0x71/0x76 [ 938.053833][T19757] [ 938.056135][T19757] Uninit was stored to memory at: [ 938.061136][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 938.066831][T19757] __msan_chain_origin+0x50/0x90 [ 938.071748][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 938.076922][T19757] get_compat_msghdr+0x108/0x2b0 [ 938.081967][T19757] do_recvmmsg+0xdba/0x22c0 [ 938.086662][T19757] __sys_recvmmsg+0x5dd/0x610 [ 938.091316][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 938.097359][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 938.103490][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 938.108751][T19757] do_int80_syscall_32+0x1d/0x30 [ 938.113685][T19757] entry_INT80_compat+0x71/0x76 [ 938.118690][T19757] [ 938.121007][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 938.127674][T19757] do_recvmmsg+0xc2/0x22c0 [ 938.132072][T19757] do_recvmmsg+0xc2/0x22c0 [ 938.355195][T19757] not chained 190000 origins [ 938.359834][T19757] CPU: 1 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 938.368500][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 938.378555][T19757] Call Trace: [ 938.381862][T19757] dump_stack+0x21c/0x280 [ 938.386203][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 938.391941][T19757] ? kmsan_get_metadata+0x116/0x180 [ 938.397232][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 938.403129][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 938.409286][T19757] ? kmsan_get_metadata+0x116/0x180 [ 938.414498][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 938.420051][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 938.426129][T19757] ? _copy_from_user+0x221/0x330 [ 938.431077][T19757] ? kmsan_get_metadata+0x116/0x180 [ 938.436376][T19757] __msan_chain_origin+0x50/0x90 [ 938.441306][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 938.446412][T19757] get_compat_msghdr+0x108/0x2b0 [ 938.451333][T19757] do_recvmmsg+0xdba/0x22c0 [ 938.455815][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 938.461960][T19757] ? kmsan_get_metadata+0x116/0x180 [ 938.467134][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 938.472745][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 938.478008][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 938.482869][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 938.487611][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 938.493661][T19757] __sys_recvmmsg+0x5dd/0x610 [ 938.498381][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 938.504432][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 938.510563][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 938.515936][T19757] do_int80_syscall_32+0x1d/0x30 [ 938.520852][T19757] entry_INT80_compat+0x71/0x76 [ 938.525678][T19757] RIP: 0023:0xf7f85549 [ 938.529734][T19757] Code: Bad RIP value. [ 938.533777][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 938.542166][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 938.550114][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 938.558087][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 938.566039][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 938.573988][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 938.581944][T19757] Uninit was stored to memory at: [ 938.586952][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 938.592648][T19757] __msan_chain_origin+0x50/0x90 [ 938.597567][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 938.602664][T19757] get_compat_msghdr+0x108/0x2b0 [ 938.607577][T19757] do_recvmmsg+0xdba/0x22c0 [ 938.612076][T19757] __sys_recvmmsg+0x5dd/0x610 [ 938.616739][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 938.622780][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 938.628910][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 938.634269][T19757] do_int80_syscall_32+0x1d/0x30 [ 938.639198][T19757] entry_INT80_compat+0x71/0x76 [ 938.644024][T19757] [ 938.646326][T19757] Uninit was stored to memory at: [ 938.651329][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 938.657022][T19757] __msan_chain_origin+0x50/0x90 [ 938.661937][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 938.667024][T19757] get_compat_msghdr+0x108/0x2b0 [ 938.671945][T19757] do_recvmmsg+0xdba/0x22c0 [ 938.676447][T19757] __sys_recvmmsg+0x5dd/0x610 [ 938.681118][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 938.687168][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 938.693299][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 938.698559][T19757] do_int80_syscall_32+0x1d/0x30 [ 938.703473][T19757] entry_INT80_compat+0x71/0x76 [ 938.708290][T19757] [ 938.710591][T19757] Uninit was stored to memory at: [ 938.715593][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 938.721394][T19757] __msan_chain_origin+0x50/0x90 [ 938.726309][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 938.731495][T19757] get_compat_msghdr+0x108/0x2b0 [ 938.736408][T19757] do_recvmmsg+0xdba/0x22c0 [ 938.740888][T19757] __sys_recvmmsg+0x5dd/0x610 [ 938.745543][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 938.751587][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 938.757753][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 938.763014][T19757] do_int80_syscall_32+0x1d/0x30 [ 938.767927][T19757] entry_INT80_compat+0x71/0x76 [ 938.772746][T19757] [ 938.775150][T19757] Uninit was stored to memory at: [ 938.780155][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 938.785861][T19757] __msan_chain_origin+0x50/0x90 [ 938.790773][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 938.795861][T19757] get_compat_msghdr+0x108/0x2b0 [ 938.800780][T19757] do_recvmmsg+0xdba/0x22c0 [ 938.805263][T19757] __sys_recvmmsg+0x5dd/0x610 [ 938.809919][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 938.815962][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 938.822090][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 938.827352][T19757] do_int80_syscall_32+0x1d/0x30 [ 938.832268][T19757] entry_INT80_compat+0x71/0x76 [ 938.837087][T19757] [ 938.839389][T19757] Uninit was stored to memory at: [ 938.844476][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 938.850168][T19757] __msan_chain_origin+0x50/0x90 [ 938.855080][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 938.860166][T19757] get_compat_msghdr+0x108/0x2b0 [ 938.865078][T19757] do_recvmmsg+0xdba/0x22c0 [ 938.869571][T19757] __sys_recvmmsg+0x5dd/0x610 [ 938.874222][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 938.880266][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 938.886398][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 938.891659][T19757] do_int80_syscall_32+0x1d/0x30 [ 938.896605][T19757] entry_INT80_compat+0x71/0x76 [ 938.901435][T19757] [ 938.903776][T19757] Uninit was stored to memory at: [ 938.908787][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 938.914573][T19757] __msan_chain_origin+0x50/0x90 [ 938.919497][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 938.924607][T19757] get_compat_msghdr+0x108/0x2b0 [ 938.929521][T19757] do_recvmmsg+0xdba/0x22c0 [ 938.933998][T19757] __sys_recvmmsg+0x5dd/0x610 [ 938.938649][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 938.944694][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 938.950823][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 938.956088][T19757] do_int80_syscall_32+0x1d/0x30 [ 938.960999][T19757] entry_INT80_compat+0x71/0x76 [ 938.965817][T19757] [ 938.968118][T19757] Uninit was stored to memory at: [ 938.973118][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 938.978934][T19757] __msan_chain_origin+0x50/0x90 [ 938.983864][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 938.988953][T19757] get_compat_msghdr+0x108/0x2b0 [ 938.993868][T19757] do_recvmmsg+0xdba/0x22c0 [ 938.998350][T19757] __sys_recvmmsg+0x5dd/0x610 [ 939.003128][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 939.009170][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 939.015302][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 939.020573][T19757] do_int80_syscall_32+0x1d/0x30 [ 939.025496][T19757] entry_INT80_compat+0x71/0x76 [ 939.030403][T19757] [ 939.032708][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 939.039372][T19757] do_recvmmsg+0xc2/0x22c0 [ 939.043764][T19757] do_recvmmsg+0xc2/0x22c0 [ 939.248376][T19757] not chained 200000 origins [ 939.253118][T19757] CPU: 1 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 939.261784][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 939.271838][T19757] Call Trace: [ 939.275141][T19757] dump_stack+0x21c/0x280 [ 939.279481][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 939.285230][T19757] ? kmsan_get_metadata+0x116/0x180 [ 939.290453][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 939.296394][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 939.302469][T19757] ? kmsan_get_metadata+0x116/0x180 [ 939.307675][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 939.313264][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 939.319340][T19757] ? _copy_from_user+0x221/0x330 [ 939.324287][T19757] ? kmsan_get_metadata+0x116/0x180 [ 939.329493][T19757] __msan_chain_origin+0x50/0x90 [ 939.334441][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 939.339575][T19757] get_compat_msghdr+0x108/0x2b0 [ 939.344514][T19757] do_recvmmsg+0xdba/0x22c0 [ 939.348999][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 939.355144][T19757] ? kmsan_get_metadata+0x116/0x180 [ 939.360319][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 939.365931][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 939.371312][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 939.376054][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 939.380794][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 939.386840][T19757] __sys_recvmmsg+0x5dd/0x610 [ 939.391504][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 939.397551][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 939.403684][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 939.408969][T19757] do_int80_syscall_32+0x1d/0x30 [ 939.413883][T19757] entry_INT80_compat+0x71/0x76 [ 939.418712][T19757] RIP: 0023:0xf7f85549 [ 939.422752][T19757] Code: Bad RIP value. [ 939.426796][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 939.435183][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 939.443132][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 939.451096][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 939.459061][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 939.467010][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 939.475087][T19757] Uninit was stored to memory at: [ 939.480089][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 939.485796][T19757] __msan_chain_origin+0x50/0x90 [ 939.490719][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 939.495808][T19757] get_compat_msghdr+0x108/0x2b0 [ 939.500721][T19757] do_recvmmsg+0xdba/0x22c0 [ 939.505201][T19757] __sys_recvmmsg+0x5dd/0x610 [ 939.509859][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 939.515901][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 939.522034][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 939.527295][T19757] do_int80_syscall_32+0x1d/0x30 [ 939.532207][T19757] entry_INT80_compat+0x71/0x76 [ 939.537057][T19757] [ 939.539371][T19757] Uninit was stored to memory at: [ 939.544389][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 939.550183][T19757] __msan_chain_origin+0x50/0x90 [ 939.555236][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 939.560325][T19757] get_compat_msghdr+0x108/0x2b0 [ 939.565241][T19757] do_recvmmsg+0xdba/0x22c0 [ 939.569722][T19757] __sys_recvmmsg+0x5dd/0x610 [ 939.574380][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 939.580457][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 939.586587][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 939.591851][T19757] do_int80_syscall_32+0x1d/0x30 [ 939.596765][T19757] entry_INT80_compat+0x71/0x76 [ 939.601597][T19757] [ 939.603900][T19757] Uninit was stored to memory at: [ 939.608898][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 939.614595][T19757] __msan_chain_origin+0x50/0x90 [ 939.619512][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 939.624598][T19757] get_compat_msghdr+0x108/0x2b0 [ 939.629513][T19757] do_recvmmsg+0xdba/0x22c0 [ 939.633992][T19757] __sys_recvmmsg+0x5dd/0x610 [ 939.638752][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 939.644798][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 939.650928][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 939.656191][T19757] do_int80_syscall_32+0x1d/0x30 [ 939.661111][T19757] entry_INT80_compat+0x71/0x76 [ 939.665957][T19757] [ 939.668258][T19757] Uninit was stored to memory at: [ 939.673276][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 939.678971][T19757] __msan_chain_origin+0x50/0x90 [ 939.683998][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 939.689184][T19757] get_compat_msghdr+0x108/0x2b0 [ 939.694184][T19757] do_recvmmsg+0xdba/0x22c0 [ 939.698762][T19757] __sys_recvmmsg+0x5dd/0x610 [ 939.703430][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 939.709469][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 939.715599][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 939.720863][T19757] do_int80_syscall_32+0x1d/0x30 [ 939.725787][T19757] entry_INT80_compat+0x71/0x76 [ 939.730608][T19757] [ 939.732909][T19757] Uninit was stored to memory at: [ 939.737911][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 939.743627][T19757] __msan_chain_origin+0x50/0x90 [ 939.748546][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 939.753631][T19757] get_compat_msghdr+0x108/0x2b0 [ 939.758631][T19757] do_recvmmsg+0xdba/0x22c0 [ 939.763111][T19757] __sys_recvmmsg+0x5dd/0x610 [ 939.767765][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 939.773816][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 939.779944][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 939.785204][T19757] do_int80_syscall_32+0x1d/0x30 [ 939.790117][T19757] entry_INT80_compat+0x71/0x76 [ 939.794935][T19757] [ 939.797243][T19757] Uninit was stored to memory at: [ 939.802244][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 939.807937][T19757] __msan_chain_origin+0x50/0x90 [ 939.812848][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 939.817933][T19757] get_compat_msghdr+0x108/0x2b0 [ 939.822843][T19757] do_recvmmsg+0xdba/0x22c0 [ 939.827345][T19757] __sys_recvmmsg+0x5dd/0x610 [ 939.832002][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 939.838042][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 939.844274][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 939.849531][T19757] do_int80_syscall_32+0x1d/0x30 [ 939.854469][T19757] entry_INT80_compat+0x71/0x76 [ 939.859287][T19757] [ 939.861592][T19757] Uninit was stored to memory at: [ 939.866680][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 939.872371][T19757] __msan_chain_origin+0x50/0x90 [ 939.877300][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 939.882390][T19757] get_compat_msghdr+0x108/0x2b0 [ 939.887302][T19757] do_recvmmsg+0xdba/0x22c0 [ 939.891780][T19757] __sys_recvmmsg+0x5dd/0x610 [ 939.896433][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 939.902474][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 939.908712][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 939.913999][T19757] do_int80_syscall_32+0x1d/0x30 [ 939.918938][T19757] entry_INT80_compat+0x71/0x76 [ 939.923758][T19757] [ 939.926062][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 939.932711][T19757] do_recvmmsg+0xc2/0x22c0 [ 939.937153][T19757] do_recvmmsg+0xc2/0x22c0 [ 940.100497][T19757] not chained 210000 origins [ 940.105224][T19757] CPU: 0 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 940.114072][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 940.124131][T19757] Call Trace: [ 940.127435][T19757] dump_stack+0x21c/0x280 [ 940.131778][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 940.137519][T19757] ? kmsan_get_metadata+0x116/0x180 [ 940.142728][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 940.148544][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 940.154621][T19757] ? kmsan_get_metadata+0x116/0x180 [ 940.159829][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 940.165384][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 940.171548][T19757] ? _copy_from_user+0x221/0x330 [ 940.176581][T19757] ? kmsan_get_metadata+0x116/0x180 [ 940.181786][T19757] __msan_chain_origin+0x50/0x90 [ 940.186734][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 940.191868][T19757] get_compat_msghdr+0x108/0x2b0 [ 940.196820][T19757] do_recvmmsg+0xdba/0x22c0 [ 940.201328][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 940.207511][T19757] ? kmsan_get_metadata+0x116/0x180 [ 940.212718][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 940.218359][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 940.223651][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 940.228416][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 940.233187][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 940.239260][T19757] __sys_recvmmsg+0x5dd/0x610 [ 940.243969][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 940.250054][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 940.256223][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 940.261524][T19757] do_int80_syscall_32+0x1d/0x30 [ 940.266466][T19757] entry_INT80_compat+0x71/0x76 [ 940.271319][T19757] RIP: 0023:0xf7f85549 [ 940.275379][T19757] Code: Bad RIP value. [ 940.279440][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 940.287855][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 940.295829][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 940.303809][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 940.311782][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 940.319759][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 940.327740][T19757] Uninit was stored to memory at: [ 940.332782][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 940.338502][T19757] __msan_chain_origin+0x50/0x90 [ 940.343447][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 940.348556][T19757] get_compat_msghdr+0x108/0x2b0 [ 940.353485][T19757] do_recvmmsg+0xdba/0x22c0 [ 940.357978][T19757] __sys_recvmmsg+0x5dd/0x610 [ 940.362635][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 940.368713][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 940.374851][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 940.380111][T19757] do_int80_syscall_32+0x1d/0x30 [ 940.385026][T19757] entry_INT80_compat+0x71/0x76 [ 940.389853][T19757] [ 940.392181][T19757] Uninit was stored to memory at: [ 940.397218][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 940.402937][T19757] __msan_chain_origin+0x50/0x90 [ 940.407857][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 940.413073][T19757] get_compat_msghdr+0x108/0x2b0 [ 940.418004][T19757] do_recvmmsg+0xdba/0x22c0 [ 940.422487][T19757] __sys_recvmmsg+0x5dd/0x610 [ 940.427158][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 940.433218][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 940.439368][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 940.444633][T19757] do_int80_syscall_32+0x1d/0x30 [ 940.449554][T19757] entry_INT80_compat+0x71/0x76 [ 940.454380][T19757] [ 940.456684][T19757] Uninit was stored to memory at: [ 940.461736][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 940.467431][T19757] __msan_chain_origin+0x50/0x90 [ 940.472358][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 940.477470][T19757] get_compat_msghdr+0x108/0x2b0 [ 940.482386][T19757] do_recvmmsg+0xdba/0x22c0 [ 940.486880][T19757] __sys_recvmmsg+0x5dd/0x610 [ 940.491548][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 940.498741][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 940.504887][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 940.510196][T19757] do_int80_syscall_32+0x1d/0x30 [ 940.515114][T19757] entry_INT80_compat+0x71/0x76 [ 940.519937][T19757] [ 940.522326][T19757] Uninit was stored to memory at: [ 940.527330][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 940.533126][T19757] __msan_chain_origin+0x50/0x90 [ 940.538053][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 940.543145][T19757] get_compat_msghdr+0x108/0x2b0 [ 940.548058][T19757] do_recvmmsg+0xdba/0x22c0 [ 940.552549][T19757] __sys_recvmmsg+0x5dd/0x610 [ 940.557219][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 940.563264][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 940.569396][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 940.574668][T19757] do_int80_syscall_32+0x1d/0x30 [ 940.579585][T19757] entry_INT80_compat+0x71/0x76 [ 940.584509][T19757] [ 940.586812][T19757] Uninit was stored to memory at: [ 940.591828][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 940.597539][T19757] __msan_chain_origin+0x50/0x90 [ 940.602467][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 940.607564][T19757] get_compat_msghdr+0x108/0x2b0 [ 940.612488][T19757] do_recvmmsg+0xdba/0x22c0 [ 940.616997][T19757] __sys_recvmmsg+0x5dd/0x610 [ 940.621679][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 940.627745][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 940.633898][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 940.639165][T19757] do_int80_syscall_32+0x1d/0x30 [ 940.644082][T19757] entry_INT80_compat+0x71/0x76 [ 940.648902][T19757] [ 940.651320][T19757] Uninit was stored to memory at: [ 940.656338][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 940.662122][T19757] __msan_chain_origin+0x50/0x90 [ 940.667050][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 940.672162][T19757] get_compat_msghdr+0x108/0x2b0 [ 940.677088][T19757] do_recvmmsg+0xdba/0x22c0 [ 940.681569][T19757] __sys_recvmmsg+0x5dd/0x610 [ 940.686225][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 940.692282][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 940.698462][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 940.703729][T19757] do_int80_syscall_32+0x1d/0x30 [ 940.708765][T19757] entry_INT80_compat+0x71/0x76 [ 940.713609][T19757] [ 940.715925][T19757] Uninit was stored to memory at: [ 940.720928][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 940.726635][T19757] __msan_chain_origin+0x50/0x90 [ 940.731574][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 940.736676][T19757] get_compat_msghdr+0x108/0x2b0 [ 940.741608][T19757] do_recvmmsg+0xdba/0x22c0 [ 940.746109][T19757] __sys_recvmmsg+0x5dd/0x610 [ 940.750776][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 940.756831][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 940.763008][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 940.768272][T19757] do_int80_syscall_32+0x1d/0x30 [ 940.773194][T19757] entry_INT80_compat+0x71/0x76 [ 940.778112][T19757] [ 940.780416][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 940.787078][T19757] do_recvmmsg+0xc2/0x22c0 [ 940.791478][T19757] do_recvmmsg+0xc2/0x22c0 [ 940.934680][T19757] not chained 220000 origins [ 940.939334][T19757] CPU: 0 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 940.947996][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 940.958047][T19757] Call Trace: [ 940.961349][T19757] dump_stack+0x21c/0x280 [ 940.965692][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 940.971433][T19757] ? kmsan_get_metadata+0x116/0x180 [ 940.976639][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 940.982464][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 940.988575][T19757] ? kmsan_get_metadata+0x116/0x180 [ 940.993782][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 940.999352][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 941.005433][T19757] ? _copy_from_user+0x221/0x330 [ 941.010378][T19757] ? kmsan_get_metadata+0x116/0x180 [ 941.015587][T19757] __msan_chain_origin+0x50/0x90 [ 941.020563][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 941.025701][T19757] get_compat_msghdr+0x108/0x2b0 [ 941.030661][T19757] do_recvmmsg+0xdba/0x22c0 [ 941.035177][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 941.041365][T19757] ? kmsan_get_metadata+0x116/0x180 [ 941.046598][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 941.052368][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 941.057661][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 941.062435][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 941.067231][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 941.073303][T19757] __sys_recvmmsg+0x5dd/0x610 [ 941.078002][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 941.084117][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 941.090275][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 941.095577][T19757] do_int80_syscall_32+0x1d/0x30 [ 941.100532][T19757] entry_INT80_compat+0x71/0x76 [ 941.105387][T19757] RIP: 0023:0xf7f85549 [ 941.109450][T19757] Code: Bad RIP value. [ 941.113521][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 941.121934][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 941.130074][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 941.138034][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 941.146080][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 941.154037][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 941.162005][T19757] Uninit was stored to memory at: [ 941.167030][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 941.172748][T19757] __msan_chain_origin+0x50/0x90 [ 941.177683][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 941.182792][T19757] get_compat_msghdr+0x108/0x2b0 [ 941.187757][T19757] do_recvmmsg+0xdba/0x22c0 [ 941.192250][T19757] __sys_recvmmsg+0x5dd/0x610 [ 941.196921][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 941.203084][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 941.209334][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 941.214599][T19757] do_int80_syscall_32+0x1d/0x30 [ 941.219515][T19757] entry_INT80_compat+0x71/0x76 [ 941.224337][T19757] [ 941.226642][T19757] Uninit was stored to memory at: [ 941.231693][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 941.237488][T19757] __msan_chain_origin+0x50/0x90 [ 941.242402][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 941.247490][T19757] get_compat_msghdr+0x108/0x2b0 [ 941.252413][T19757] do_recvmmsg+0xdba/0x22c0 [ 941.256912][T19757] __sys_recvmmsg+0x5dd/0x610 [ 941.261577][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 941.267624][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 941.273770][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 941.279068][T19757] do_int80_syscall_32+0x1d/0x30 [ 941.283987][T19757] entry_INT80_compat+0x71/0x76 [ 941.288805][T19757] [ 941.291237][T19757] Uninit was stored to memory at: [ 941.296253][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 941.301948][T19757] __msan_chain_origin+0x50/0x90 [ 941.306880][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 941.312076][T19757] get_compat_msghdr+0x108/0x2b0 [ 941.317015][T19757] do_recvmmsg+0xdba/0x22c0 [ 941.321509][T19757] __sys_recvmmsg+0x5dd/0x610 [ 941.326162][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 941.332320][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 941.338497][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 941.343763][T19757] do_int80_syscall_32+0x1d/0x30 [ 941.348682][T19757] entry_INT80_compat+0x71/0x76 [ 941.353513][T19757] [ 941.355837][T19757] Uninit was stored to memory at: [ 941.360857][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 941.366555][T19757] __msan_chain_origin+0x50/0x90 [ 941.371485][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 941.376630][T19757] get_compat_msghdr+0x108/0x2b0 [ 941.381556][T19757] do_recvmmsg+0xdba/0x22c0 [ 941.386052][T19757] __sys_recvmmsg+0x5dd/0x610 [ 941.390712][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 941.396763][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 941.402914][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 941.408191][T19757] do_int80_syscall_32+0x1d/0x30 [ 941.413203][T19757] entry_INT80_compat+0x71/0x76 [ 941.418036][T19757] [ 941.420425][T19757] Uninit was stored to memory at: [ 941.425435][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 941.431143][T19757] __msan_chain_origin+0x50/0x90 [ 941.436073][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 941.441174][T19757] get_compat_msghdr+0x108/0x2b0 [ 941.446126][T19757] do_recvmmsg+0xdba/0x22c0 [ 941.450620][T19757] __sys_recvmmsg+0x5dd/0x610 [ 941.455278][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 941.461332][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 941.467465][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 941.472737][T19757] do_int80_syscall_32+0x1d/0x30 [ 941.477665][T19757] entry_INT80_compat+0x71/0x76 [ 941.482497][T19757] [ 941.484888][T19757] Uninit was stored to memory at: [ 941.489890][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 941.495597][T19757] __msan_chain_origin+0x50/0x90 [ 941.500526][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 941.505615][T19757] get_compat_msghdr+0x108/0x2b0 [ 941.510530][T19757] do_recvmmsg+0xdba/0x22c0 [ 941.515011][T19757] __sys_recvmmsg+0x5dd/0x610 [ 941.519666][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 941.525710][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 941.531852][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 941.537127][T19757] do_int80_syscall_32+0x1d/0x30 [ 941.542044][T19757] entry_INT80_compat+0x71/0x76 [ 941.546862][T19757] [ 941.549163][T19757] Uninit was stored to memory at: [ 941.554167][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 941.559862][T19757] __msan_chain_origin+0x50/0x90 [ 941.564777][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 941.569863][T19757] get_compat_msghdr+0x108/0x2b0 [ 941.574778][T19757] do_recvmmsg+0xdba/0x22c0 [ 941.579254][T19757] __sys_recvmmsg+0x5dd/0x610 [ 941.584085][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 941.590128][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 941.596263][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 941.601541][T19757] do_int80_syscall_32+0x1d/0x30 [ 941.606486][T19757] entry_INT80_compat+0x71/0x76 [ 941.611310][T19757] [ 941.613633][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 941.620294][T19757] do_recvmmsg+0xc2/0x22c0 [ 941.624686][T19757] do_recvmmsg+0xc2/0x22c0 [ 941.878826][T19757] not chained 230000 origins [ 941.883568][T19757] CPU: 0 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 941.892250][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 941.902291][T19757] Call Trace: [ 941.905581][T19757] dump_stack+0x21c/0x280 [ 941.909891][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 941.915687][T19757] ? kmsan_get_metadata+0x116/0x180 [ 941.920878][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 941.926666][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 941.932723][T19757] ? kmsan_get_metadata+0x116/0x180 [ 941.937916][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 941.943575][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 941.949651][T19757] ? _copy_from_user+0x221/0x330 [ 941.954581][T19757] ? kmsan_get_metadata+0x116/0x180 [ 941.959779][T19757] __msan_chain_origin+0x50/0x90 [ 941.964702][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 941.969798][T19757] get_compat_msghdr+0x108/0x2b0 [ 941.974908][T19757] do_recvmmsg+0xdba/0x22c0 [ 941.979420][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 941.985570][T19757] ? kmsan_get_metadata+0x116/0x180 [ 941.990747][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 941.996357][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 942.001638][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 942.006410][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 942.011163][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 942.017221][T19757] __sys_recvmmsg+0x5dd/0x610 [ 942.021904][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 942.027970][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 942.034104][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 942.039369][T19757] do_int80_syscall_32+0x1d/0x30 [ 942.044310][T19757] entry_INT80_compat+0x71/0x76 [ 942.049272][T19757] RIP: 0023:0xf7f85549 [ 942.053313][T19757] Code: Bad RIP value. [ 942.057354][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 942.065751][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 942.073984][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 942.081950][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 942.089907][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 942.097860][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 942.105989][T19757] Uninit was stored to memory at: [ 942.111011][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 942.116740][T19757] __msan_chain_origin+0x50/0x90 [ 942.121677][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 942.126765][T19757] get_compat_msghdr+0x108/0x2b0 [ 942.131688][T19757] do_recvmmsg+0xdba/0x22c0 [ 942.136178][T19757] __sys_recvmmsg+0x5dd/0x610 [ 942.140829][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 942.146877][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 942.153019][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 942.158297][T19757] do_int80_syscall_32+0x1d/0x30 [ 942.163219][T19757] entry_INT80_compat+0x71/0x76 [ 942.168038][T19757] [ 942.170338][T19757] Uninit was stored to memory at: [ 942.175344][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 942.181053][T19757] __msan_chain_origin+0x50/0x90 [ 942.185981][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 942.191088][T19757] get_compat_msghdr+0x108/0x2b0 [ 942.196015][T19757] do_recvmmsg+0xdba/0x22c0 [ 942.200493][T19757] __sys_recvmmsg+0x5dd/0x610 [ 942.205165][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 942.211221][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 942.217365][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 942.222650][T19757] do_int80_syscall_32+0x1d/0x30 [ 942.227678][T19757] entry_INT80_compat+0x71/0x76 [ 942.232504][T19757] [ 942.234836][T19757] Uninit was stored to memory at: [ 942.239838][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 942.245549][T19757] __msan_chain_origin+0x50/0x90 [ 942.250470][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 942.255634][T19757] get_compat_msghdr+0x108/0x2b0 [ 942.260747][T19757] do_recvmmsg+0xdba/0x22c0 [ 942.265248][T19757] __sys_recvmmsg+0x5dd/0x610 [ 942.270056][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 942.276105][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 942.282259][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 942.287524][T19757] do_int80_syscall_32+0x1d/0x30 [ 942.292458][T19757] entry_INT80_compat+0x71/0x76 [ 942.297293][T19757] [ 942.299692][T19757] Uninit was stored to memory at: [ 942.304806][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 942.310502][T19757] __msan_chain_origin+0x50/0x90 [ 942.315425][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 942.320520][T19757] get_compat_msghdr+0x108/0x2b0 [ 942.325438][T19757] do_recvmmsg+0xdba/0x22c0 [ 942.329953][T19757] __sys_recvmmsg+0x5dd/0x610 [ 942.334610][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 942.340651][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 942.346811][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 942.352087][T19757] do_int80_syscall_32+0x1d/0x30 [ 942.357014][T19757] entry_INT80_compat+0x71/0x76 [ 942.361921][T19757] [ 942.364225][T19757] Uninit was stored to memory at: [ 942.369225][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 942.374933][T19757] __msan_chain_origin+0x50/0x90 [ 942.379860][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 942.384959][T19757] get_compat_msghdr+0x108/0x2b0 [ 942.389984][T19757] do_recvmmsg+0xdba/0x22c0 [ 942.394485][T19757] __sys_recvmmsg+0x5dd/0x610 [ 942.399167][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 942.406891][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 942.413043][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 942.418321][T19757] do_int80_syscall_32+0x1d/0x30 [ 942.423237][T19757] entry_INT80_compat+0x71/0x76 [ 942.428072][T19757] [ 942.430404][T19757] Uninit was stored to memory at: [ 942.435409][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 942.441117][T19757] __msan_chain_origin+0x50/0x90 [ 942.446126][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 942.451225][T19757] get_compat_msghdr+0x108/0x2b0 [ 942.456235][T19757] do_recvmmsg+0xdba/0x22c0 [ 942.460710][T19757] __sys_recvmmsg+0x5dd/0x610 [ 942.465366][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 942.471422][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 942.477593][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 942.482867][T19757] do_int80_syscall_32+0x1d/0x30 [ 942.487836][T19757] entry_INT80_compat+0x71/0x76 [ 942.492677][T19757] [ 942.494998][T19757] Uninit was stored to memory at: [ 942.500014][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 942.505728][T19757] __msan_chain_origin+0x50/0x90 [ 942.510653][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 942.515750][T19757] get_compat_msghdr+0x108/0x2b0 [ 942.520670][T19757] do_recvmmsg+0xdba/0x22c0 [ 942.525191][T19757] __sys_recvmmsg+0x5dd/0x610 [ 942.529983][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 942.536036][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 942.542170][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 942.547537][T19757] do_int80_syscall_32+0x1d/0x30 [ 942.552480][T19757] entry_INT80_compat+0x71/0x76 [ 942.557312][T19757] [ 942.559619][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 942.566282][T19757] do_recvmmsg+0xc2/0x22c0 [ 942.570670][T19757] do_recvmmsg+0xc2/0x22c0 [ 942.784134][T19757] not chained 240000 origins [ 942.788767][T19757] CPU: 0 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 942.797450][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 942.807502][T19757] Call Trace: [ 942.810804][T19757] dump_stack+0x21c/0x280 [ 942.815149][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 942.820923][T19757] ? kmsan_get_metadata+0x116/0x180 [ 942.826127][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 942.832024][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 942.838110][T19757] ? kmsan_get_metadata+0x116/0x180 [ 942.843313][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 942.848847][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 942.854895][T19757] ? _copy_from_user+0x221/0x330 [ 942.859898][T19757] ? kmsan_get_metadata+0x116/0x180 [ 942.865094][T19757] __msan_chain_origin+0x50/0x90 [ 942.870013][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 942.875220][T19757] get_compat_msghdr+0x108/0x2b0 [ 942.880152][T19757] do_recvmmsg+0xdba/0x22c0 [ 942.884631][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 942.890776][T19757] ? kmsan_get_metadata+0x116/0x180 [ 942.895950][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 942.901560][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 942.906834][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 942.911577][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 942.916320][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 942.922401][T19757] __sys_recvmmsg+0x5dd/0x610 [ 942.927059][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 942.933104][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 942.939241][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 942.944507][T19757] do_int80_syscall_32+0x1d/0x30 [ 942.949421][T19757] entry_INT80_compat+0x71/0x76 [ 942.954256][T19757] RIP: 0023:0xf7f85549 [ 942.958298][T19757] Code: Bad RIP value. [ 942.962575][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 942.970974][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 942.978998][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 942.986942][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 942.994976][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 943.002941][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 943.010907][T19757] Uninit was stored to memory at: [ 943.015922][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 943.021720][T19757] __msan_chain_origin+0x50/0x90 [ 943.026632][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 943.031718][T19757] get_compat_msghdr+0x108/0x2b0 [ 943.036629][T19757] do_recvmmsg+0xdba/0x22c0 [ 943.041105][T19757] __sys_recvmmsg+0x5dd/0x610 [ 943.045758][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 943.051804][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 943.057934][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 943.063284][T19757] do_int80_syscall_32+0x1d/0x30 [ 943.068195][T19757] entry_INT80_compat+0x71/0x76 [ 943.073011][T19757] [ 943.075313][T19757] Uninit was stored to memory at: [ 943.080315][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 943.086013][T19757] __msan_chain_origin+0x50/0x90 [ 943.090935][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 943.096036][T19757] get_compat_msghdr+0x108/0x2b0 [ 943.100958][T19757] do_recvmmsg+0xdba/0x22c0 [ 943.105445][T19757] __sys_recvmmsg+0x5dd/0x610 [ 943.110115][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 943.116158][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 943.122298][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 943.127564][T19757] do_int80_syscall_32+0x1d/0x30 [ 943.132480][T19757] entry_INT80_compat+0x71/0x76 [ 943.137410][T19757] [ 943.139724][T19757] Uninit was stored to memory at: [ 943.144750][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 943.150443][T19757] __msan_chain_origin+0x50/0x90 [ 943.155363][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 943.160450][T19757] get_compat_msghdr+0x108/0x2b0 [ 943.165393][T19757] do_recvmmsg+0xdba/0x22c0 [ 943.169871][T19757] __sys_recvmmsg+0x5dd/0x610 [ 943.174526][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 943.180571][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 943.186703][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 943.192086][T19757] do_int80_syscall_32+0x1d/0x30 [ 943.197001][T19757] entry_INT80_compat+0x71/0x76 [ 943.201821][T19757] [ 943.204124][T19757] Uninit was stored to memory at: [ 943.209127][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 943.214822][T19757] __msan_chain_origin+0x50/0x90 [ 943.219753][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 943.224840][T19757] get_compat_msghdr+0x108/0x2b0 [ 943.229767][T19757] do_recvmmsg+0xdba/0x22c0 [ 943.234262][T19757] __sys_recvmmsg+0x5dd/0x610 [ 943.238913][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 943.244957][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 943.251103][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 943.256370][T19757] do_int80_syscall_32+0x1d/0x30 [ 943.261285][T19757] entry_INT80_compat+0x71/0x76 [ 943.266102][T19757] [ 943.268416][T19757] Uninit was stored to memory at: [ 943.273433][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 943.279141][T19757] __msan_chain_origin+0x50/0x90 [ 943.284083][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 943.289171][T19757] get_compat_msghdr+0x108/0x2b0 [ 943.294083][T19757] do_recvmmsg+0xdba/0x22c0 [ 943.298561][T19757] __sys_recvmmsg+0x5dd/0x610 [ 943.303217][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 943.309261][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 943.315395][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 943.320657][T19757] do_int80_syscall_32+0x1d/0x30 [ 943.325587][T19757] entry_INT80_compat+0x71/0x76 [ 943.330407][T19757] [ 943.332708][T19757] Uninit was stored to memory at: [ 943.337707][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 943.343425][T19757] __msan_chain_origin+0x50/0x90 [ 943.348425][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 943.353514][T19757] get_compat_msghdr+0x108/0x2b0 [ 943.358425][T19757] do_recvmmsg+0xdba/0x22c0 [ 943.362906][T19757] __sys_recvmmsg+0x5dd/0x610 [ 943.367560][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 943.373714][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 943.379841][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 943.385230][T19757] do_int80_syscall_32+0x1d/0x30 [ 943.390167][T19757] entry_INT80_compat+0x71/0x76 [ 943.394986][T19757] [ 943.397290][T19757] Uninit was stored to memory at: [ 943.402292][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 943.407988][T19757] __msan_chain_origin+0x50/0x90 [ 943.412900][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 943.418004][T19757] get_compat_msghdr+0x108/0x2b0 [ 943.422919][T19757] do_recvmmsg+0xdba/0x22c0 [ 943.427398][T19757] __sys_recvmmsg+0x5dd/0x610 [ 943.432050][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 943.438102][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 943.444232][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 943.449493][T19757] do_int80_syscall_32+0x1d/0x30 [ 943.454407][T19757] entry_INT80_compat+0x71/0x76 [ 943.459226][T19757] [ 943.461532][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 943.468179][T19757] do_recvmmsg+0xc2/0x22c0 [ 943.472587][T19757] do_recvmmsg+0xc2/0x22c0 [ 943.630729][T19757] not chained 250000 origins [ 943.635370][T19757] CPU: 0 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 943.644042][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 943.654092][T19757] Call Trace: [ 943.657395][T19757] dump_stack+0x21c/0x280 [ 943.661737][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 943.667481][T19757] ? kmsan_get_metadata+0x116/0x180 [ 943.672687][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 943.678498][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 943.684571][T19757] ? kmsan_get_metadata+0x116/0x180 [ 943.689776][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 943.695333][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 943.701423][T19757] ? _copy_from_user+0x221/0x330 [ 943.706368][T19757] ? kmsan_get_metadata+0x116/0x180 [ 943.711658][T19757] __msan_chain_origin+0x50/0x90 [ 943.716610][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 943.721753][T19757] get_compat_msghdr+0x108/0x2b0 [ 943.726713][T19757] do_recvmmsg+0xdba/0x22c0 [ 943.731221][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 943.737533][T19757] ? kmsan_get_metadata+0x116/0x180 [ 943.742741][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 943.748392][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 943.753686][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 943.758452][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 943.763224][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 943.769304][T19757] __sys_recvmmsg+0x5dd/0x610 [ 943.774000][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 943.780079][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 943.786242][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 943.791575][T19757] do_int80_syscall_32+0x1d/0x30 [ 943.796531][T19757] entry_INT80_compat+0x71/0x76 [ 943.801379][T19757] RIP: 0023:0xf7f85549 [ 943.805438][T19757] Code: Bad RIP value. [ 943.809499][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 943.817910][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 943.825882][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 943.833847][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 943.841797][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 943.849745][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 943.857699][T19757] Uninit was stored to memory at: [ 943.862709][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 943.868405][T19757] __msan_chain_origin+0x50/0x90 [ 943.873329][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 943.878438][T19757] get_compat_msghdr+0x108/0x2b0 [ 943.883351][T19757] do_recvmmsg+0xdba/0x22c0 [ 943.887832][T19757] __sys_recvmmsg+0x5dd/0x610 [ 943.892594][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 943.898638][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 943.904772][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 943.910031][T19757] do_int80_syscall_32+0x1d/0x30 [ 943.914975][T19757] entry_INT80_compat+0x71/0x76 [ 943.919795][T19757] [ 943.922109][T19757] Uninit was stored to memory at: [ 943.928339][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 943.934033][T19757] __msan_chain_origin+0x50/0x90 [ 943.938947][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 943.944035][T19757] get_compat_msghdr+0x108/0x2b0 [ 943.948946][T19757] do_recvmmsg+0xdba/0x22c0 [ 943.953428][T19757] __sys_recvmmsg+0x5dd/0x610 [ 943.958082][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 943.964414][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 943.970543][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 943.975894][T19757] do_int80_syscall_32+0x1d/0x30 [ 943.980821][T19757] entry_INT80_compat+0x71/0x76 [ 943.985641][T19757] [ 943.987943][T19757] Uninit was stored to memory at: [ 943.992943][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 943.998739][T19757] __msan_chain_origin+0x50/0x90 [ 944.003670][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 944.008756][T19757] get_compat_msghdr+0x108/0x2b0 [ 944.013668][T19757] do_recvmmsg+0xdba/0x22c0 [ 944.018161][T19757] __sys_recvmmsg+0x5dd/0x610 [ 944.022816][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 944.028859][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 944.034990][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 944.040250][T19757] do_int80_syscall_32+0x1d/0x30 [ 944.045166][T19757] entry_INT80_compat+0x71/0x76 [ 944.049984][T19757] [ 944.052288][T19757] Uninit was stored to memory at: [ 944.057289][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 944.062982][T19757] __msan_chain_origin+0x50/0x90 [ 944.067897][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 944.072998][T19757] get_compat_msghdr+0x108/0x2b0 [ 944.077917][T19757] do_recvmmsg+0xdba/0x22c0 [ 944.082401][T19757] __sys_recvmmsg+0x5dd/0x610 [ 944.087063][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 944.093109][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 944.099242][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 944.104506][T19757] do_int80_syscall_32+0x1d/0x30 [ 944.109420][T19757] entry_INT80_compat+0x71/0x76 [ 944.114241][T19757] [ 944.116544][T19757] Uninit was stored to memory at: [ 944.121547][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 944.127358][T19757] __msan_chain_origin+0x50/0x90 [ 944.132283][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 944.137373][T19757] get_compat_msghdr+0x108/0x2b0 [ 944.142303][T19757] do_recvmmsg+0xdba/0x22c0 [ 944.146784][T19757] __sys_recvmmsg+0x5dd/0x610 [ 944.151442][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 944.157489][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 944.163621][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 944.168884][T19757] do_int80_syscall_32+0x1d/0x30 [ 944.173798][T19757] entry_INT80_compat+0x71/0x76 [ 944.178621][T19757] [ 944.180927][T19757] Uninit was stored to memory at: [ 944.185930][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 944.191626][T19757] __msan_chain_origin+0x50/0x90 [ 944.196540][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 944.201628][T19757] get_compat_msghdr+0x108/0x2b0 [ 944.206543][T19757] do_recvmmsg+0xdba/0x22c0 [ 944.211036][T19757] __sys_recvmmsg+0x5dd/0x610 [ 944.215691][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 944.221854][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 944.227992][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 944.233268][T19757] do_int80_syscall_32+0x1d/0x30 [ 944.238186][T19757] entry_INT80_compat+0x71/0x76 [ 944.243028][T19757] [ 944.245332][T19757] Uninit was stored to memory at: [ 944.250332][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 944.256024][T19757] __msan_chain_origin+0x50/0x90 [ 944.260937][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 944.266025][T19757] get_compat_msghdr+0x108/0x2b0 [ 944.271022][T19757] do_recvmmsg+0xdba/0x22c0 [ 944.275499][T19757] __sys_recvmmsg+0x5dd/0x610 [ 944.280149][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 944.286202][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 944.292337][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 944.297615][T19757] do_int80_syscall_32+0x1d/0x30 [ 944.302644][T19757] entry_INT80_compat+0x71/0x76 [ 944.307468][T19757] [ 944.309776][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 944.316518][T19757] do_recvmmsg+0xc2/0x22c0 [ 944.321028][T19757] do_recvmmsg+0xc2/0x22c0 [ 944.535519][T19757] not chained 260000 origins [ 944.540239][T19757] CPU: 0 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 944.548989][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 944.559039][T19757] Call Trace: [ 944.562341][T19757] dump_stack+0x21c/0x280 [ 944.566693][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 944.572437][T19757] ? kmsan_get_metadata+0x116/0x180 [ 944.577642][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 944.583445][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 944.589575][T19757] ? kmsan_get_metadata+0x116/0x180 [ 944.594763][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 944.600287][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 944.606335][T19757] ? _copy_from_user+0x221/0x330 [ 944.611253][T19757] ? kmsan_get_metadata+0x116/0x180 [ 944.616524][T19757] __msan_chain_origin+0x50/0x90 [ 944.621443][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 944.626541][T19757] get_compat_msghdr+0x108/0x2b0 [ 944.631462][T19757] do_recvmmsg+0xdba/0x22c0 [ 944.635953][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 944.642098][T19757] ? kmsan_get_metadata+0x116/0x180 [ 944.647378][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 944.652994][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 944.658256][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 944.662996][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 944.667736][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 944.673795][T19757] __sys_recvmmsg+0x5dd/0x610 [ 944.678456][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 944.684605][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 944.690770][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 944.696035][T19757] do_int80_syscall_32+0x1d/0x30 [ 944.700948][T19757] entry_INT80_compat+0x71/0x76 [ 944.705785][T19757] RIP: 0023:0xf7f85549 [ 944.709822][T19757] Code: Bad RIP value. [ 944.713861][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 944.722248][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 944.730218][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 944.738165][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 944.746111][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 944.754082][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 944.762033][T19757] Uninit was stored to memory at: [ 944.767039][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 944.772734][T19757] __msan_chain_origin+0x50/0x90 [ 944.777668][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 944.782757][T19757] get_compat_msghdr+0x108/0x2b0 [ 944.787672][T19757] do_recvmmsg+0xdba/0x22c0 [ 944.792150][T19757] __sys_recvmmsg+0x5dd/0x610 [ 944.796812][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 944.802854][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 944.808983][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 944.814242][T19757] do_int80_syscall_32+0x1d/0x30 [ 944.819157][T19757] entry_INT80_compat+0x71/0x76 [ 944.823975][T19757] [ 944.826279][T19757] Uninit was stored to memory at: [ 944.831483][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 944.837179][T19757] __msan_chain_origin+0x50/0x90 [ 944.842091][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 944.847179][T19757] get_compat_msghdr+0x108/0x2b0 [ 944.852214][T19757] do_recvmmsg+0xdba/0x22c0 [ 944.856690][T19757] __sys_recvmmsg+0x5dd/0x610 [ 944.861342][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 944.867387][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 944.873518][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 944.878779][T19757] do_int80_syscall_32+0x1d/0x30 [ 944.883691][T19757] entry_INT80_compat+0x71/0x76 [ 944.888511][T19757] [ 944.890817][T19757] Uninit was stored to memory at: [ 944.895832][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 944.901528][T19757] __msan_chain_origin+0x50/0x90 [ 944.906440][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 944.911527][T19757] get_compat_msghdr+0x108/0x2b0 [ 944.916438][T19757] do_recvmmsg+0xdba/0x22c0 [ 944.920918][T19757] __sys_recvmmsg+0x5dd/0x610 [ 944.925571][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 944.931612][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 944.937745][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 944.943003][T19757] do_int80_syscall_32+0x1d/0x30 [ 944.947914][T19757] entry_INT80_compat+0x71/0x76 [ 944.952732][T19757] [ 944.955032][T19757] Uninit was stored to memory at: [ 944.960031][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 944.965727][T19757] __msan_chain_origin+0x50/0x90 [ 944.970640][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 944.975727][T19757] get_compat_msghdr+0x108/0x2b0 [ 944.980638][T19757] do_recvmmsg+0xdba/0x22c0 [ 944.985150][T19757] __sys_recvmmsg+0x5dd/0x610 [ 944.989801][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 944.995844][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 945.001972][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 945.007233][T19757] do_int80_syscall_32+0x1d/0x30 [ 945.012149][T19757] entry_INT80_compat+0x71/0x76 [ 945.016975][T19757] [ 945.019277][T19757] Uninit was stored to memory at: [ 945.024279][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 945.029971][T19757] __msan_chain_origin+0x50/0x90 [ 945.034886][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 945.039974][T19757] get_compat_msghdr+0x108/0x2b0 [ 945.044888][T19757] do_recvmmsg+0xdba/0x22c0 [ 945.049364][T19757] __sys_recvmmsg+0x5dd/0x610 [ 945.054016][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 945.060143][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 945.066272][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 945.071547][T19757] do_int80_syscall_32+0x1d/0x30 [ 945.076560][T19757] entry_INT80_compat+0x71/0x76 [ 945.081381][T19757] [ 945.083682][T19757] Uninit was stored to memory at: [ 945.088690][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 945.094392][T19757] __msan_chain_origin+0x50/0x90 [ 945.099314][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 945.104404][T19757] get_compat_msghdr+0x108/0x2b0 [ 945.109318][T19757] do_recvmmsg+0xdba/0x22c0 [ 945.113798][T19757] __sys_recvmmsg+0x5dd/0x610 [ 945.118452][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 945.124493][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 945.130623][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 945.135882][T19757] do_int80_syscall_32+0x1d/0x30 [ 945.140794][T19757] entry_INT80_compat+0x71/0x76 [ 945.145656][T19757] [ 945.148010][T19757] Uninit was stored to memory at: [ 945.153024][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 945.158732][T19757] __msan_chain_origin+0x50/0x90 [ 945.163699][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 945.168794][T19757] get_compat_msghdr+0x108/0x2b0 [ 945.173745][T19757] do_recvmmsg+0xdba/0x22c0 [ 945.178225][T19757] __sys_recvmmsg+0x5dd/0x610 [ 945.182916][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 945.188960][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 945.195092][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 945.200356][T19757] do_int80_syscall_32+0x1d/0x30 [ 945.205273][T19757] entry_INT80_compat+0x71/0x76 [ 945.210090][T19757] [ 945.212411][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 945.219095][T19757] do_recvmmsg+0xc2/0x22c0 [ 945.223485][T19757] do_recvmmsg+0xc2/0x22c0 [ 945.366006][T19757] not chained 270000 origins [ 945.370726][T19757] CPU: 0 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 945.379389][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 945.389435][T19757] Call Trace: [ 945.392741][T19757] dump_stack+0x21c/0x280 [ 945.397080][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 945.402828][T19757] ? kmsan_get_metadata+0x116/0x180 [ 945.408034][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 945.413933][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 945.420121][T19757] ? kmsan_get_metadata+0x116/0x180 [ 945.425336][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 945.430904][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 945.436978][T19757] ? _copy_from_user+0x221/0x330 [ 945.441919][T19757] ? kmsan_get_metadata+0x116/0x180 [ 945.447128][T19757] __msan_chain_origin+0x50/0x90 [ 945.452076][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 945.457297][T19757] get_compat_msghdr+0x108/0x2b0 [ 945.462252][T19757] do_recvmmsg+0xdba/0x22c0 [ 945.466765][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 945.472958][T19757] ? kmsan_get_metadata+0x116/0x180 [ 945.478179][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 945.483834][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 945.489132][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 945.493902][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 945.498672][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 945.504765][T19757] __sys_recvmmsg+0x5dd/0x610 [ 945.509493][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 945.515665][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 945.521919][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 945.527216][T19757] do_int80_syscall_32+0x1d/0x30 [ 945.532165][T19757] entry_INT80_compat+0x71/0x76 [ 945.537015][T19757] RIP: 0023:0xf7f85549 [ 945.541095][T19757] Code: Bad RIP value. [ 945.545159][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 945.553655][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 945.561624][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 945.569594][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 945.577562][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 945.585573][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 945.593527][T19757] Uninit was stored to memory at: [ 945.598545][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 945.604240][T19757] __msan_chain_origin+0x50/0x90 [ 945.609161][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 945.614251][T19757] get_compat_msghdr+0x108/0x2b0 [ 945.619168][T19757] do_recvmmsg+0xdba/0x22c0 [ 945.623666][T19757] __sys_recvmmsg+0x5dd/0x610 [ 945.628318][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 945.634362][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 945.640492][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 945.645755][T19757] do_int80_syscall_32+0x1d/0x30 [ 945.650669][T19757] entry_INT80_compat+0x71/0x76 [ 945.655486][T19757] [ 945.657788][T19757] Uninit was stored to memory at: [ 945.662789][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 945.668593][T19757] __msan_chain_origin+0x50/0x90 [ 945.673512][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 945.678599][T19757] get_compat_msghdr+0x108/0x2b0 [ 945.683513][T19757] do_recvmmsg+0xdba/0x22c0 [ 945.687990][T19757] __sys_recvmmsg+0x5dd/0x610 [ 945.692646][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 945.698686][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 945.704818][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 945.710120][T19757] do_int80_syscall_32+0x1d/0x30 [ 945.715040][T19757] entry_INT80_compat+0x71/0x76 [ 945.719859][T19757] [ 945.722159][T19757] Uninit was stored to memory at: [ 945.727159][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 945.732852][T19757] __msan_chain_origin+0x50/0x90 [ 945.737761][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 945.742846][T19757] get_compat_msghdr+0x108/0x2b0 [ 945.747758][T19757] do_recvmmsg+0xdba/0x22c0 [ 945.752235][T19757] __sys_recvmmsg+0x5dd/0x610 [ 945.756922][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 945.762964][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 945.769101][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 945.774359][T19757] do_int80_syscall_32+0x1d/0x30 [ 945.779275][T19757] entry_INT80_compat+0x71/0x76 [ 945.784111][T19757] [ 945.786410][T19757] Uninit was stored to memory at: [ 945.791422][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 945.797126][T19757] __msan_chain_origin+0x50/0x90 [ 945.802037][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 945.807131][T19757] get_compat_msghdr+0x108/0x2b0 [ 945.812044][T19757] do_recvmmsg+0xdba/0x22c0 [ 945.816519][T19757] __sys_recvmmsg+0x5dd/0x610 [ 945.821170][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 945.827209][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 945.833341][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 945.838617][T19757] do_int80_syscall_32+0x1d/0x30 [ 945.843546][T19757] entry_INT80_compat+0x71/0x76 [ 945.848551][T19757] [ 945.850855][T19757] Uninit was stored to memory at: [ 945.855873][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 945.861571][T19757] __msan_chain_origin+0x50/0x90 [ 945.866484][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 945.871608][T19757] get_compat_msghdr+0x108/0x2b0 [ 945.876520][T19757] do_recvmmsg+0xdba/0x22c0 [ 945.881000][T19757] __sys_recvmmsg+0x5dd/0x610 [ 945.885675][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 945.891718][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 945.897845][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 945.903129][T19757] do_int80_syscall_32+0x1d/0x30 [ 945.908040][T19757] entry_INT80_compat+0x71/0x76 [ 945.912861][T19757] [ 945.915163][T19757] Uninit was stored to memory at: [ 945.920249][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 945.925942][T19757] __msan_chain_origin+0x50/0x90 [ 945.930856][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 945.935939][T19757] get_compat_msghdr+0x108/0x2b0 [ 945.940938][T19757] do_recvmmsg+0xdba/0x22c0 [ 945.945414][T19757] __sys_recvmmsg+0x5dd/0x610 [ 945.950075][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 945.956132][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 945.962262][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 945.967531][T19757] do_int80_syscall_32+0x1d/0x30 [ 945.972464][T19757] entry_INT80_compat+0x71/0x76 [ 945.977282][T19757] [ 945.979583][T19757] Uninit was stored to memory at: [ 945.984584][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 945.990294][T19757] __msan_chain_origin+0x50/0x90 [ 945.995211][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 946.000384][T19757] get_compat_msghdr+0x108/0x2b0 [ 946.005313][T19757] do_recvmmsg+0xdba/0x22c0 [ 946.009802][T19757] __sys_recvmmsg+0x5dd/0x610 [ 946.014457][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 946.020499][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 946.026628][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 946.031898][T19757] do_int80_syscall_32+0x1d/0x30 [ 946.037017][T19757] entry_INT80_compat+0x71/0x76 [ 946.041839][T19757] [ 946.044143][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 946.050799][T19757] do_recvmmsg+0xc2/0x22c0 [ 946.055218][T19757] do_recvmmsg+0xc2/0x22c0 [ 946.197467][T19757] not chained 280000 origins [ 946.202189][T19757] CPU: 0 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 946.210854][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 946.220944][T19757] Call Trace: [ 946.224248][T19757] dump_stack+0x21c/0x280 [ 946.228590][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 946.234327][T19757] ? kmsan_get_metadata+0x116/0x180 [ 946.239532][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 946.245345][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 946.251435][T19757] ? kmsan_get_metadata+0x116/0x180 [ 946.256641][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 946.262194][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 946.268269][T19757] ? _copy_from_user+0x221/0x330 [ 946.273223][T19757] ? kmsan_get_metadata+0x116/0x180 [ 946.278426][T19757] __msan_chain_origin+0x50/0x90 [ 946.283373][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 946.288502][T19757] get_compat_msghdr+0x108/0x2b0 [ 946.293450][T19757] do_recvmmsg+0xdba/0x22c0 [ 946.297959][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 946.304152][T19757] ? kmsan_get_metadata+0x116/0x180 [ 946.309360][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 946.314996][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 946.320289][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 946.325063][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 946.329832][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 946.335891][T19757] __sys_recvmmsg+0x5dd/0x610 [ 946.340553][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 946.346602][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 946.352738][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 946.358010][T19757] do_int80_syscall_32+0x1d/0x30 [ 946.363024][T19757] entry_INT80_compat+0x71/0x76 [ 946.367853][T19757] RIP: 0023:0xf7f85549 [ 946.371988][T19757] Code: Bad RIP value. [ 946.376035][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 946.384553][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 946.392559][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 946.400562][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 946.408522][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 946.416469][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 946.424422][T19757] Uninit was stored to memory at: [ 946.429425][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 946.435122][T19757] __msan_chain_origin+0x50/0x90 [ 946.440038][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 946.445126][T19757] get_compat_msghdr+0x108/0x2b0 [ 946.450041][T19757] do_recvmmsg+0xdba/0x22c0 [ 946.454524][T19757] __sys_recvmmsg+0x5dd/0x610 [ 946.459178][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 946.465221][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 946.471350][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 946.476699][T19757] do_int80_syscall_32+0x1d/0x30 [ 946.481612][T19757] entry_INT80_compat+0x71/0x76 [ 946.486432][T19757] [ 946.488731][T19757] Uninit was stored to memory at: [ 946.493819][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 946.499509][T19757] __msan_chain_origin+0x50/0x90 [ 946.504438][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 946.509523][T19757] get_compat_msghdr+0x108/0x2b0 [ 946.514453][T19757] do_recvmmsg+0xdba/0x22c0 [ 946.518930][T19757] __sys_recvmmsg+0x5dd/0x610 [ 946.523583][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 946.529634][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 946.535763][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 946.541027][T19757] do_int80_syscall_32+0x1d/0x30 [ 946.545941][T19757] entry_INT80_compat+0x71/0x76 [ 946.550766][T19757] [ 946.553077][T19757] Uninit was stored to memory at: [ 946.558078][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 946.563773][T19757] __msan_chain_origin+0x50/0x90 [ 946.568685][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 946.573774][T19757] get_compat_msghdr+0x108/0x2b0 [ 946.578686][T19757] do_recvmmsg+0xdba/0x22c0 [ 946.583181][T19757] __sys_recvmmsg+0x5dd/0x610 [ 946.587851][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 946.593892][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 946.600143][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 946.605404][T19757] do_int80_syscall_32+0x1d/0x30 [ 946.610313][T19757] entry_INT80_compat+0x71/0x76 [ 946.615133][T19757] [ 946.617434][T19757] Uninit was stored to memory at: [ 946.622460][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 946.628153][T19757] __msan_chain_origin+0x50/0x90 [ 946.633158][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 946.638368][T19757] get_compat_msghdr+0x108/0x2b0 [ 946.643283][T19757] do_recvmmsg+0xdba/0x22c0 [ 946.647762][T19757] __sys_recvmmsg+0x5dd/0x610 [ 946.652414][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 946.658458][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 946.664585][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 946.669846][T19757] do_int80_syscall_32+0x1d/0x30 [ 946.674768][T19757] entry_INT80_compat+0x71/0x76 [ 946.679588][T19757] [ 946.681891][T19757] Uninit was stored to memory at: [ 946.686893][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 946.692592][T19757] __msan_chain_origin+0x50/0x90 [ 946.697504][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 946.702606][T19757] get_compat_msghdr+0x108/0x2b0 [ 946.707518][T19757] do_recvmmsg+0xdba/0x22c0 [ 946.711997][T19757] __sys_recvmmsg+0x5dd/0x610 [ 946.716680][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 946.722724][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 946.728855][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 946.734116][T19757] do_int80_syscall_32+0x1d/0x30 [ 946.739028][T19757] entry_INT80_compat+0x71/0x76 [ 946.743848][T19757] [ 946.746148][T19757] Uninit was stored to memory at: [ 946.751149][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 946.756846][T19757] __msan_chain_origin+0x50/0x90 [ 946.761760][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 946.766862][T19757] get_compat_msghdr+0x108/0x2b0 [ 946.771774][T19757] do_recvmmsg+0xdba/0x22c0 [ 946.776252][T19757] __sys_recvmmsg+0x5dd/0x610 [ 946.780904][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 946.786944][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 946.793074][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 946.798346][T19757] do_int80_syscall_32+0x1d/0x30 [ 946.803261][T19757] entry_INT80_compat+0x71/0x76 [ 946.808078][T19757] [ 946.810378][T19757] Uninit was stored to memory at: [ 946.815378][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 946.821072][T19757] __msan_chain_origin+0x50/0x90 [ 946.825988][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 946.831078][T19757] get_compat_msghdr+0x108/0x2b0 [ 946.835990][T19757] do_recvmmsg+0xdba/0x22c0 [ 946.840473][T19757] __sys_recvmmsg+0x5dd/0x610 [ 946.845128][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 946.851173][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 946.857301][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 946.862559][T19757] do_int80_syscall_32+0x1d/0x30 [ 946.867484][T19757] entry_INT80_compat+0x71/0x76 [ 946.872301][T19757] [ 946.874602][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 946.881252][T19757] do_recvmmsg+0xc2/0x22c0 [ 946.885658][T19757] do_recvmmsg+0xc2/0x22c0 [ 947.074861][T19757] not chained 290000 origins [ 947.079496][T19757] CPU: 0 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 947.088163][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 947.098218][T19757] Call Trace: [ 947.101524][T19757] dump_stack+0x21c/0x280 [ 947.105866][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 947.111634][T19757] ? kmsan_get_metadata+0x116/0x180 [ 947.116841][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 947.122655][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 947.128727][T19757] ? kmsan_get_metadata+0x116/0x180 [ 947.134052][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 947.139610][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 947.145692][T19757] ? _copy_from_user+0x221/0x330 [ 947.150642][T19757] ? kmsan_get_metadata+0x116/0x180 [ 947.155849][T19757] __msan_chain_origin+0x50/0x90 [ 947.160798][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 947.165934][T19757] get_compat_msghdr+0x108/0x2b0 [ 947.170884][T19757] do_recvmmsg+0xdba/0x22c0 [ 947.175389][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 947.181576][T19757] ? kmsan_get_metadata+0x116/0x180 [ 947.186781][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 947.192419][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 947.197717][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 947.202492][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 947.207261][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 947.213333][T19757] __sys_recvmmsg+0x5dd/0x610 [ 947.218043][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 947.224127][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 947.230277][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 947.235545][T19757] do_int80_syscall_32+0x1d/0x30 [ 947.240461][T19757] entry_INT80_compat+0x71/0x76 [ 947.245290][T19757] RIP: 0023:0xf7f85549 [ 947.249330][T19757] Code: Bad RIP value. [ 947.253373][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 947.261769][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 947.269725][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 947.277679][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 947.285640][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 947.293596][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 947.301553][T19757] Uninit was stored to memory at: [ 947.306591][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 947.312297][T19757] __msan_chain_origin+0x50/0x90 [ 947.317265][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 947.322356][T19757] get_compat_msghdr+0x108/0x2b0 [ 947.327269][T19757] do_recvmmsg+0xdba/0x22c0 [ 947.331749][T19757] __sys_recvmmsg+0x5dd/0x610 [ 947.336402][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 947.342460][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 947.348590][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 947.353874][T19757] do_int80_syscall_32+0x1d/0x30 [ 947.358787][T19757] entry_INT80_compat+0x71/0x76 [ 947.363604][T19757] [ 947.365911][T19757] Uninit was stored to memory at: [ 947.370911][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 947.376697][T19757] __msan_chain_origin+0x50/0x90 [ 947.381609][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 947.386708][T19757] get_compat_msghdr+0x108/0x2b0 [ 947.391622][T19757] do_recvmmsg+0xdba/0x22c0 [ 947.396098][T19757] __sys_recvmmsg+0x5dd/0x610 [ 947.400758][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 947.406814][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 947.412945][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 947.418234][T19757] do_int80_syscall_32+0x1d/0x30 [ 947.423287][T19757] entry_INT80_compat+0x71/0x76 [ 947.428105][T19757] [ 947.430405][T19757] Uninit was stored to memory at: [ 947.435410][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 947.441109][T19757] __msan_chain_origin+0x50/0x90 [ 947.446023][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 947.451110][T19757] get_compat_msghdr+0x108/0x2b0 [ 947.456023][T19757] do_recvmmsg+0xdba/0x22c0 [ 947.460501][T19757] __sys_recvmmsg+0x5dd/0x610 [ 947.465160][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 947.471210][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 947.477352][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 947.482614][T19757] do_int80_syscall_32+0x1d/0x30 [ 947.487532][T19757] entry_INT80_compat+0x71/0x76 [ 947.492350][T19757] [ 947.494650][T19757] Uninit was stored to memory at: [ 947.499676][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 947.505384][T19757] __msan_chain_origin+0x50/0x90 [ 947.510296][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 947.515398][T19757] get_compat_msghdr+0x108/0x2b0 [ 947.520309][T19757] do_recvmmsg+0xdba/0x22c0 [ 947.524874][T19757] __sys_recvmmsg+0x5dd/0x610 [ 947.529525][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 947.535569][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 947.541701][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 947.546968][T19757] do_int80_syscall_32+0x1d/0x30 [ 947.551885][T19757] entry_INT80_compat+0x71/0x76 [ 947.556704][T19757] [ 947.559003][T19757] Uninit was stored to memory at: [ 947.564017][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 947.569716][T19757] __msan_chain_origin+0x50/0x90 [ 947.574630][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 947.579723][T19757] get_compat_msghdr+0x108/0x2b0 [ 947.584639][T19757] do_recvmmsg+0xdba/0x22c0 [ 947.589140][T19757] __sys_recvmmsg+0x5dd/0x610 [ 947.593815][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 947.599871][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 947.606009][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 947.611276][T19757] do_int80_syscall_32+0x1d/0x30 [ 947.616192][T19757] entry_INT80_compat+0x71/0x76 [ 947.621011][T19757] [ 947.623312][T19757] Uninit was stored to memory at: [ 947.628314][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 947.634018][T19757] __msan_chain_origin+0x50/0x90 [ 947.638947][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 947.644048][T19757] get_compat_msghdr+0x108/0x2b0 [ 947.648962][T19757] do_recvmmsg+0xdba/0x22c0 [ 947.653440][T19757] __sys_recvmmsg+0x5dd/0x610 [ 947.658093][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 947.664138][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 947.670267][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 947.675527][T19757] do_int80_syscall_32+0x1d/0x30 [ 947.680468][T19757] entry_INT80_compat+0x71/0x76 [ 947.685302][T19757] [ 947.687603][T19757] Uninit was stored to memory at: [ 947.692616][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 947.698312][T19757] __msan_chain_origin+0x50/0x90 [ 947.703228][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 947.708317][T19757] get_compat_msghdr+0x108/0x2b0 [ 947.713229][T19757] do_recvmmsg+0xdba/0x22c0 [ 947.717710][T19757] __sys_recvmmsg+0x5dd/0x610 [ 947.722371][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 947.728428][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 947.734557][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 947.739829][T19757] do_int80_syscall_32+0x1d/0x30 [ 947.744762][T19757] entry_INT80_compat+0x71/0x76 [ 947.749593][T19757] [ 947.751896][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 947.758565][T19757] do_recvmmsg+0xc2/0x22c0 [ 947.762982][T19757] do_recvmmsg+0xc2/0x22c0 [ 947.940163][T19757] not chained 300000 origins [ 947.944887][T19757] CPU: 0 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 947.953638][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 947.963695][T19757] Call Trace: [ 947.967113][T19757] dump_stack+0x21c/0x280 [ 947.971556][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 947.977300][T19757] ? kmsan_get_metadata+0x116/0x180 [ 947.982510][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 947.988322][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 947.994395][T19757] ? kmsan_get_metadata+0x116/0x180 [ 947.999602][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 948.006227][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 948.012317][T19757] ? _copy_from_user+0x221/0x330 [ 948.017263][T19757] ? kmsan_get_metadata+0x116/0x180 [ 948.022467][T19757] __msan_chain_origin+0x50/0x90 [ 948.027418][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 948.032550][T19757] get_compat_msghdr+0x108/0x2b0 [ 948.037499][T19757] do_recvmmsg+0xdba/0x22c0 [ 948.042020][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 948.048223][T19757] ? kmsan_get_metadata+0x116/0x180 [ 948.053434][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 948.059081][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 948.064374][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 948.069129][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 948.073873][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 948.079923][T19757] __sys_recvmmsg+0x5dd/0x610 [ 948.084589][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 948.090637][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 948.096925][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 948.102195][T19757] do_int80_syscall_32+0x1d/0x30 [ 948.107114][T19757] entry_INT80_compat+0x71/0x76 [ 948.111942][T19757] RIP: 0023:0xf7f85549 [ 948.115983][T19757] Code: Bad RIP value. [ 948.120025][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 948.128423][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 948.136387][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 948.144341][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 948.152415][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 948.160382][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 948.168372][T19757] Uninit was stored to memory at: [ 948.173387][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 948.179082][T19757] __msan_chain_origin+0x50/0x90 [ 948.184103][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 948.189277][T19757] get_compat_msghdr+0x108/0x2b0 [ 948.194189][T19757] do_recvmmsg+0xdba/0x22c0 [ 948.198667][T19757] __sys_recvmmsg+0x5dd/0x610 [ 948.203335][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 948.209379][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 948.215524][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 948.220898][T19757] do_int80_syscall_32+0x1d/0x30 [ 948.225814][T19757] entry_INT80_compat+0x71/0x76 [ 948.230631][T19757] [ 948.232942][T19757] Uninit was stored to memory at: [ 948.237943][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 948.243639][T19757] __msan_chain_origin+0x50/0x90 [ 948.248551][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 948.253650][T19757] get_compat_msghdr+0x108/0x2b0 [ 948.258562][T19757] do_recvmmsg+0xdba/0x22c0 [ 948.263056][T19757] __sys_recvmmsg+0x5dd/0x610 [ 948.267797][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 948.273855][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 948.280050][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 948.285323][T19757] do_int80_syscall_32+0x1d/0x30 [ 948.290244][T19757] entry_INT80_compat+0x71/0x76 [ 948.295114][T19757] [ 948.297424][T19757] Uninit was stored to memory at: [ 948.302428][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 948.308123][T19757] __msan_chain_origin+0x50/0x90 [ 948.313137][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 948.318224][T19757] get_compat_msghdr+0x108/0x2b0 [ 948.323137][T19757] do_recvmmsg+0xdba/0x22c0 [ 948.327625][T19757] __sys_recvmmsg+0x5dd/0x610 [ 948.332282][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 948.338326][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 948.344464][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 948.349726][T19757] do_int80_syscall_32+0x1d/0x30 [ 948.354662][T19757] entry_INT80_compat+0x71/0x76 [ 948.359634][T19757] [ 948.361945][T19757] Uninit was stored to memory at: [ 948.366954][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 948.372656][T19757] __msan_chain_origin+0x50/0x90 [ 948.377622][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 948.382799][T19757] get_compat_msghdr+0x108/0x2b0 [ 948.387724][T19757] do_recvmmsg+0xdba/0x22c0 [ 948.392213][T19757] __sys_recvmmsg+0x5dd/0x610 [ 948.396879][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 948.403018][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 948.409181][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 948.414444][T19757] do_int80_syscall_32+0x1d/0x30 [ 948.419357][T19757] entry_INT80_compat+0x71/0x76 [ 948.424174][T19757] [ 948.426482][T19757] Uninit was stored to memory at: [ 948.431484][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 948.437195][T19757] __msan_chain_origin+0x50/0x90 [ 948.442110][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 948.447212][T19757] get_compat_msghdr+0x108/0x2b0 [ 948.452122][T19757] do_recvmmsg+0xdba/0x22c0 [ 948.456700][T19757] __sys_recvmmsg+0x5dd/0x610 [ 948.461446][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 948.467611][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 948.473745][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 948.479009][T19757] do_int80_syscall_32+0x1d/0x30 [ 948.483936][T19757] entry_INT80_compat+0x71/0x76 [ 948.488754][T19757] [ 948.491056][T19757] Uninit was stored to memory at: [ 948.496060][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 948.501756][T19757] __msan_chain_origin+0x50/0x90 [ 948.506679][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 948.511788][T19757] get_compat_msghdr+0x108/0x2b0 [ 948.516702][T19757] do_recvmmsg+0xdba/0x22c0 [ 948.521183][T19757] __sys_recvmmsg+0x5dd/0x610 [ 948.525852][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 948.531901][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 948.538033][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 948.543294][T19757] do_int80_syscall_32+0x1d/0x30 [ 948.548206][T19757] entry_INT80_compat+0x71/0x76 [ 948.553024][T19757] [ 948.555325][T19757] Uninit was stored to memory at: [ 948.560324][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 948.566020][T19757] __msan_chain_origin+0x50/0x90 [ 948.570932][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 948.576020][T19757] get_compat_msghdr+0x108/0x2b0 [ 948.580932][T19757] do_recvmmsg+0xdba/0x22c0 [ 948.585408][T19757] __sys_recvmmsg+0x5dd/0x610 [ 948.590062][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 948.596279][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 948.602424][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 948.607685][T19757] do_int80_syscall_32+0x1d/0x30 [ 948.612595][T19757] entry_INT80_compat+0x71/0x76 [ 948.617421][T19757] [ 948.619764][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 948.626410][T19757] do_recvmmsg+0xc2/0x22c0 [ 948.630803][T19757] do_recvmmsg+0xc2/0x22c0 [ 948.829353][T19757] not chained 310000 origins [ 948.834117][T19757] CPU: 0 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 948.842783][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 948.852839][T19757] Call Trace: [ 948.856142][T19757] dump_stack+0x21c/0x280 [ 948.860499][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 948.866365][T19757] ? kmsan_get_metadata+0x116/0x180 [ 948.871572][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 948.877382][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 948.883448][T19757] ? kmsan_get_metadata+0x116/0x180 [ 948.888661][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 948.894333][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 948.900410][T19757] ? _copy_from_user+0x221/0x330 [ 948.905361][T19757] ? kmsan_get_metadata+0x116/0x180 [ 948.910566][T19757] __msan_chain_origin+0x50/0x90 [ 948.915515][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 948.920644][T19757] get_compat_msghdr+0x108/0x2b0 [ 948.925595][T19757] do_recvmmsg+0xdba/0x22c0 [ 948.930113][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 948.936298][T19757] ? kmsan_get_metadata+0x116/0x180 [ 948.941526][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 948.947182][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 948.952474][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 948.957241][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 948.962013][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 948.968074][T19757] __sys_recvmmsg+0x5dd/0x610 [ 948.972760][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 948.978826][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 948.985046][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 948.990314][T19757] do_int80_syscall_32+0x1d/0x30 [ 948.995230][T19757] entry_INT80_compat+0x71/0x76 [ 949.000075][T19757] RIP: 0023:0xf7f85549 [ 949.004115][T19757] Code: Bad RIP value. [ 949.008276][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 949.016751][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 949.024788][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 949.032761][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 949.040709][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 949.048657][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 949.056608][T19757] Uninit was stored to memory at: [ 949.061621][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 949.067322][T19757] __msan_chain_origin+0x50/0x90 [ 949.072370][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 949.077462][T19757] get_compat_msghdr+0x108/0x2b0 [ 949.082390][T19757] do_recvmmsg+0xdba/0x22c0 [ 949.086873][T19757] __sys_recvmmsg+0x5dd/0x610 [ 949.091530][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 949.097581][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 949.103714][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 949.108978][T19757] do_int80_syscall_32+0x1d/0x30 [ 949.113893][T19757] entry_INT80_compat+0x71/0x76 [ 949.118711][T19757] [ 949.121016][T19757] Uninit was stored to memory at: [ 949.126023][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 949.131722][T19757] __msan_chain_origin+0x50/0x90 [ 949.136768][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 949.141869][T19757] get_compat_msghdr+0x108/0x2b0 [ 949.146788][T19757] do_recvmmsg+0xdba/0x22c0 [ 949.151268][T19757] __sys_recvmmsg+0x5dd/0x610 [ 949.156097][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 949.162153][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 949.168282][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 949.173542][T19757] do_int80_syscall_32+0x1d/0x30 [ 949.178555][T19757] entry_INT80_compat+0x71/0x76 [ 949.183381][T19757] [ 949.185683][T19757] Uninit was stored to memory at: [ 949.190686][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 949.196381][T19757] __msan_chain_origin+0x50/0x90 [ 949.201297][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 949.206383][T19757] get_compat_msghdr+0x108/0x2b0 [ 949.211298][T19757] do_recvmmsg+0xdba/0x22c0 [ 949.215781][T19757] __sys_recvmmsg+0x5dd/0x610 [ 949.220433][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 949.226490][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 949.232622][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 949.237882][T19757] do_int80_syscall_32+0x1d/0x30 [ 949.242797][T19757] entry_INT80_compat+0x71/0x76 [ 949.247617][T19757] [ 949.249919][T19757] Uninit was stored to memory at: [ 949.254920][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 949.260626][T19757] __msan_chain_origin+0x50/0x90 [ 949.265550][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 949.270648][T19757] get_compat_msghdr+0x108/0x2b0 [ 949.275570][T19757] do_recvmmsg+0xdba/0x22c0 [ 949.280048][T19757] __sys_recvmmsg+0x5dd/0x610 [ 949.284727][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 949.290786][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 949.296915][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 949.302304][T19757] do_int80_syscall_32+0x1d/0x30 [ 949.307230][T19757] entry_INT80_compat+0x71/0x76 [ 949.312049][T19757] [ 949.314364][T19757] Uninit was stored to memory at: [ 949.319451][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 949.325233][T19757] __msan_chain_origin+0x50/0x90 [ 949.330245][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 949.335469][T19757] get_compat_msghdr+0x108/0x2b0 [ 949.340381][T19757] do_recvmmsg+0xdba/0x22c0 [ 949.344947][T19757] __sys_recvmmsg+0x5dd/0x610 [ 949.349707][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 949.355752][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 949.361899][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 949.367242][T19757] do_int80_syscall_32+0x1d/0x30 [ 949.372156][T19757] entry_INT80_compat+0x71/0x76 [ 949.376981][T19757] [ 949.379282][T19757] Uninit was stored to memory at: [ 949.384282][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 949.389981][T19757] __msan_chain_origin+0x50/0x90 [ 949.394904][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 949.400173][T19757] get_compat_msghdr+0x108/0x2b0 [ 949.405087][T19757] do_recvmmsg+0xdba/0x22c0 [ 949.409575][T19757] __sys_recvmmsg+0x5dd/0x610 [ 949.414228][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 949.420270][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 949.426405][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 949.431666][T19757] do_int80_syscall_32+0x1d/0x30 [ 949.436604][T19757] entry_INT80_compat+0x71/0x76 [ 949.441422][T19757] [ 949.443724][T19757] Uninit was stored to memory at: [ 949.448727][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 949.454422][T19757] __msan_chain_origin+0x50/0x90 [ 949.459334][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 949.464422][T19757] get_compat_msghdr+0x108/0x2b0 [ 949.469349][T19757] do_recvmmsg+0xdba/0x22c0 [ 949.473843][T19757] __sys_recvmmsg+0x5dd/0x610 [ 949.478496][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 949.484625][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 949.490778][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 949.496041][T19757] do_int80_syscall_32+0x1d/0x30 [ 949.500953][T19757] entry_INT80_compat+0x71/0x76 [ 949.505774][T19757] [ 949.508077][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 949.514723][T19757] do_recvmmsg+0xc2/0x22c0 [ 949.519126][T19757] do_recvmmsg+0xc2/0x22c0 [ 949.676784][T19757] not chained 320000 origins [ 949.681420][T19757] CPU: 0 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 949.690192][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 949.700247][T19757] Call Trace: [ 949.703551][T19757] dump_stack+0x21c/0x280 [ 949.707897][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 949.713641][T19757] ? kmsan_get_metadata+0x116/0x180 [ 949.718849][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 949.724789][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 949.730860][T19757] ? kmsan_get_metadata+0x116/0x180 [ 949.736065][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 949.741653][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 949.747781][T19757] ? _copy_from_user+0x221/0x330 [ 949.752723][T19757] ? kmsan_get_metadata+0x116/0x180 [ 949.757969][T19757] __msan_chain_origin+0x50/0x90 [ 949.762950][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 949.768083][T19757] get_compat_msghdr+0x108/0x2b0 [ 949.773035][T19757] do_recvmmsg+0xdba/0x22c0 [ 949.777545][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 949.783734][T19757] ? kmsan_get_metadata+0x116/0x180 [ 949.788958][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 949.794598][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 949.799891][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 949.806310][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 949.811104][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 949.817201][T19757] __sys_recvmmsg+0x5dd/0x610 [ 949.821900][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 949.828070][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 949.834236][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 949.839523][T19757] do_int80_syscall_32+0x1d/0x30 [ 949.844441][T19757] entry_INT80_compat+0x71/0x76 [ 949.849266][T19757] RIP: 0023:0xf7f85549 [ 949.853304][T19757] Code: Bad RIP value. [ 949.857345][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 949.865738][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 949.873728][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 949.881679][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 949.889629][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 949.897574][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 949.905540][T19757] Uninit was stored to memory at: [ 949.910577][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 949.916416][T19757] __msan_chain_origin+0x50/0x90 [ 949.921332][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 949.926431][T19757] get_compat_msghdr+0x108/0x2b0 [ 949.931342][T19757] do_recvmmsg+0xdba/0x22c0 [ 949.935818][T19757] __sys_recvmmsg+0x5dd/0x610 [ 949.940468][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 949.946510][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 949.952641][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 949.957902][T19757] do_int80_syscall_32+0x1d/0x30 [ 949.962831][T19757] entry_INT80_compat+0x71/0x76 [ 949.967667][T19757] [ 949.969967][T19757] Uninit was stored to memory at: [ 949.975080][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 949.980773][T19757] __msan_chain_origin+0x50/0x90 [ 949.985688][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 949.990788][T19757] get_compat_msghdr+0x108/0x2b0 [ 949.995868][T19757] do_recvmmsg+0xdba/0x22c0 [ 950.000368][T19757] __sys_recvmmsg+0x5dd/0x610 [ 950.005034][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 950.011169][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 950.017301][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 950.022566][T19757] do_int80_syscall_32+0x1d/0x30 [ 950.027600][T19757] entry_INT80_compat+0x71/0x76 [ 950.032447][T19757] [ 950.034762][T19757] Uninit was stored to memory at: [ 950.039774][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 950.045469][T19757] __msan_chain_origin+0x50/0x90 [ 950.050384][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 950.055474][T19757] get_compat_msghdr+0x108/0x2b0 [ 950.060393][T19757] do_recvmmsg+0xdba/0x22c0 [ 950.064880][T19757] __sys_recvmmsg+0x5dd/0x610 [ 950.069533][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 950.075577][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 950.081714][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 950.086988][T19757] do_int80_syscall_32+0x1d/0x30 [ 950.091991][T19757] entry_INT80_compat+0x71/0x76 [ 950.096810][T19757] [ 950.099111][T19757] Uninit was stored to memory at: [ 950.104111][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 950.109819][T19757] __msan_chain_origin+0x50/0x90 [ 950.114842][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 950.119925][T19757] get_compat_msghdr+0x108/0x2b0 [ 950.124854][T19757] do_recvmmsg+0xdba/0x22c0 [ 950.129349][T19757] __sys_recvmmsg+0x5dd/0x610 [ 950.134197][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 950.140239][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 950.146478][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 950.151740][T19757] do_int80_syscall_32+0x1d/0x30 [ 950.156785][T19757] entry_INT80_compat+0x71/0x76 [ 950.161605][T19757] [ 950.163908][T19757] Uninit was stored to memory at: [ 950.168926][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 950.174626][T19757] __msan_chain_origin+0x50/0x90 [ 950.179542][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 950.184643][T19757] get_compat_msghdr+0x108/0x2b0 [ 950.189579][T19757] do_recvmmsg+0xdba/0x22c0 [ 950.194144][T19757] __sys_recvmmsg+0x5dd/0x610 [ 950.198798][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 950.204841][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 950.211087][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 950.216365][T19757] do_int80_syscall_32+0x1d/0x30 [ 950.221280][T19757] entry_INT80_compat+0x71/0x76 [ 950.226126][T19757] [ 950.228430][T19757] Uninit was stored to memory at: [ 950.233539][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 950.239231][T19757] __msan_chain_origin+0x50/0x90 [ 950.244145][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 950.249232][T19757] get_compat_msghdr+0x108/0x2b0 [ 950.254234][T19757] do_recvmmsg+0xdba/0x22c0 [ 950.258736][T19757] __sys_recvmmsg+0x5dd/0x610 [ 950.263390][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 950.269539][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 950.275672][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 950.280939][T19757] do_int80_syscall_32+0x1d/0x30 [ 950.285918][T19757] entry_INT80_compat+0x71/0x76 [ 950.290752][T19757] [ 950.293076][T19757] Uninit was stored to memory at: [ 950.298092][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 950.303789][T19757] __msan_chain_origin+0x50/0x90 [ 950.308707][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 950.313805][T19757] get_compat_msghdr+0x108/0x2b0 [ 950.318727][T19757] do_recvmmsg+0xdba/0x22c0 [ 950.323209][T19757] __sys_recvmmsg+0x5dd/0x610 [ 950.327869][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 950.333918][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 950.340049][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 950.345317][T19757] do_int80_syscall_32+0x1d/0x30 [ 950.350232][T19757] entry_INT80_compat+0x71/0x76 [ 950.355054][T19757] [ 950.357378][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 950.364037][T19757] do_recvmmsg+0xc2/0x22c0 [ 950.368427][T19757] do_recvmmsg+0xc2/0x22c0 [ 950.524577][T19757] not chained 330000 origins [ 950.529327][T19757] CPU: 0 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 950.538008][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 950.548063][T19757] Call Trace: [ 950.551370][T19757] dump_stack+0x21c/0x280 [ 950.555803][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 950.561542][T19757] ? kmsan_get_metadata+0x116/0x180 [ 950.566755][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 950.572569][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 950.578669][T19757] ? kmsan_get_metadata+0x116/0x180 [ 950.583875][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 950.589429][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 950.595508][T19757] ? _copy_from_user+0x221/0x330 [ 950.600455][T19757] ? kmsan_get_metadata+0x116/0x180 [ 950.605661][T19757] __msan_chain_origin+0x50/0x90 [ 950.610612][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 950.615754][T19757] get_compat_msghdr+0x108/0x2b0 [ 950.620711][T19757] do_recvmmsg+0xdba/0x22c0 [ 950.625228][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 950.631414][T19757] ? kmsan_get_metadata+0x116/0x180 [ 950.636623][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 950.642270][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 950.647571][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 950.652340][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 950.657198][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 950.663288][T19757] __sys_recvmmsg+0x5dd/0x610 [ 950.667986][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 950.674155][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 950.680317][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 950.685626][T19757] do_int80_syscall_32+0x1d/0x30 [ 950.690569][T19757] entry_INT80_compat+0x71/0x76 [ 950.695419][T19757] RIP: 0023:0xf7f85549 [ 950.699480][T19757] Code: Bad RIP value. [ 950.703542][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 950.711931][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 950.720017][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 950.728008][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 950.735957][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 950.743906][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 950.751988][T19757] Uninit was stored to memory at: [ 950.756995][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 950.762688][T19757] __msan_chain_origin+0x50/0x90 [ 950.767620][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 950.772708][T19757] get_compat_msghdr+0x108/0x2b0 [ 950.777623][T19757] do_recvmmsg+0xdba/0x22c0 [ 950.782121][T19757] __sys_recvmmsg+0x5dd/0x610 [ 950.786775][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 950.792817][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 950.798947][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 950.804230][T19757] do_int80_syscall_32+0x1d/0x30 [ 950.809156][T19757] entry_INT80_compat+0x71/0x76 [ 950.813973][T19757] [ 950.816276][T19757] Uninit was stored to memory at: [ 950.821278][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 950.827075][T19757] __msan_chain_origin+0x50/0x90 [ 950.831989][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 950.837090][T19757] get_compat_msghdr+0x108/0x2b0 [ 950.842002][T19757] do_recvmmsg+0xdba/0x22c0 [ 950.846480][T19757] __sys_recvmmsg+0x5dd/0x610 [ 950.851135][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 950.857189][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 950.863319][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 950.868579][T19757] do_int80_syscall_32+0x1d/0x30 [ 950.873492][T19757] entry_INT80_compat+0x71/0x76 [ 950.878312][T19757] [ 950.880613][T19757] Uninit was stored to memory at: [ 950.885615][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 950.891308][T19757] __msan_chain_origin+0x50/0x90 [ 950.896222][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 950.901325][T19757] get_compat_msghdr+0x108/0x2b0 [ 950.906261][T19757] do_recvmmsg+0xdba/0x22c0 [ 950.910762][T19757] __sys_recvmmsg+0x5dd/0x610 [ 950.915439][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 950.921497][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 950.927627][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 950.932893][T19757] do_int80_syscall_32+0x1d/0x30 [ 950.937816][T19757] entry_INT80_compat+0x71/0x76 [ 950.942724][T19757] [ 950.945085][T19757] Uninit was stored to memory at: [ 950.950085][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 950.955782][T19757] __msan_chain_origin+0x50/0x90 [ 950.960731][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 950.965820][T19757] get_compat_msghdr+0x108/0x2b0 [ 950.970734][T19757] do_recvmmsg+0xdba/0x22c0 [ 950.975214][T19757] __sys_recvmmsg+0x5dd/0x610 [ 950.979937][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 950.985981][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 950.992111][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 950.997370][T19757] do_int80_syscall_32+0x1d/0x30 [ 951.002289][T19757] entry_INT80_compat+0x71/0x76 [ 951.007134][T19757] [ 951.009465][T19757] Uninit was stored to memory at: [ 951.014465][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 951.020172][T19757] __msan_chain_origin+0x50/0x90 [ 951.025085][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 951.030175][T19757] get_compat_msghdr+0x108/0x2b0 [ 951.035094][T19757] do_recvmmsg+0xdba/0x22c0 [ 951.039577][T19757] __sys_recvmmsg+0x5dd/0x610 [ 951.044232][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 951.050275][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 951.056426][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 951.061776][T19757] do_int80_syscall_32+0x1d/0x30 [ 951.066688][T19757] entry_INT80_compat+0x71/0x76 [ 951.071508][T19757] [ 951.073811][T19757] Uninit was stored to memory at: [ 951.078899][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 951.084596][T19757] __msan_chain_origin+0x50/0x90 [ 951.089537][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 951.094626][T19757] get_compat_msghdr+0x108/0x2b0 [ 951.099538][T19757] do_recvmmsg+0xdba/0x22c0 [ 951.104018][T19757] __sys_recvmmsg+0x5dd/0x610 [ 951.108672][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 951.114730][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 951.120862][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 951.126180][T19757] do_int80_syscall_32+0x1d/0x30 [ 951.131201][T19757] entry_INT80_compat+0x71/0x76 [ 951.136023][T19757] [ 951.138332][T19757] Uninit was stored to memory at: [ 951.143370][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 951.149070][T19757] __msan_chain_origin+0x50/0x90 [ 951.154073][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 951.159158][T19757] get_compat_msghdr+0x108/0x2b0 [ 951.164089][T19757] do_recvmmsg+0xdba/0x22c0 [ 951.168667][T19757] __sys_recvmmsg+0x5dd/0x610 [ 951.173439][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 951.179489][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 951.185627][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 951.190891][T19757] do_int80_syscall_32+0x1d/0x30 [ 951.195805][T19757] entry_INT80_compat+0x71/0x76 [ 951.200643][T19757] [ 951.202954][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 951.209607][T19757] do_recvmmsg+0xc2/0x22c0 [ 951.214088][T19757] do_recvmmsg+0xc2/0x22c0 [ 951.363973][T19757] not chained 340000 origins [ 951.368612][T19757] CPU: 0 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 951.377284][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 951.387337][T19757] Call Trace: [ 951.390649][T19757] dump_stack+0x21c/0x280 [ 951.394999][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 951.400748][T19757] ? kmsan_get_metadata+0x116/0x180 [ 951.405969][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 951.411805][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 951.417879][T19757] ? kmsan_get_metadata+0x116/0x180 [ 951.423286][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 951.428844][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 951.434925][T19757] ? _copy_from_user+0x221/0x330 [ 951.439870][T19757] ? kmsan_get_metadata+0x116/0x180 [ 951.445078][T19757] __msan_chain_origin+0x50/0x90 [ 951.450045][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 951.455179][T19757] get_compat_msghdr+0x108/0x2b0 [ 951.460130][T19757] do_recvmmsg+0xdba/0x22c0 [ 951.464642][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 951.470830][T19757] ? kmsan_get_metadata+0x116/0x180 [ 951.476030][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 951.481668][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 951.486963][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 951.491731][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 951.496507][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 951.502585][T19757] __sys_recvmmsg+0x5dd/0x610 [ 951.507282][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 951.513349][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 951.519629][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 951.524900][T19757] do_int80_syscall_32+0x1d/0x30 [ 951.529817][T19757] entry_INT80_compat+0x71/0x76 [ 951.534649][T19757] RIP: 0023:0xf7f85549 [ 951.538695][T19757] Code: Bad RIP value. [ 951.542743][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 951.551132][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 951.559081][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 951.567063][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 951.575129][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 951.583084][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 951.591064][T19757] Uninit was stored to memory at: [ 951.596084][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 951.601781][T19757] __msan_chain_origin+0x50/0x90 [ 951.606696][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 951.611788][T19757] get_compat_msghdr+0x108/0x2b0 [ 951.616718][T19757] do_recvmmsg+0xdba/0x22c0 [ 951.621217][T19757] __sys_recvmmsg+0x5dd/0x610 [ 951.625870][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 951.631914][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 951.638045][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 951.643317][T19757] do_int80_syscall_32+0x1d/0x30 [ 951.648317][T19757] entry_INT80_compat+0x71/0x76 [ 951.653133][T19757] [ 951.655438][T19757] Uninit was stored to memory at: [ 951.660440][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 951.666140][T19757] __msan_chain_origin+0x50/0x90 [ 951.671058][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 951.676145][T19757] get_compat_msghdr+0x108/0x2b0 [ 951.681057][T19757] do_recvmmsg+0xdba/0x22c0 [ 951.685553][T19757] __sys_recvmmsg+0x5dd/0x610 [ 951.690217][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 951.696489][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 951.702642][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 951.707903][T19757] do_int80_syscall_32+0x1d/0x30 [ 951.712818][T19757] entry_INT80_compat+0x71/0x76 [ 951.717636][T19757] [ 951.719939][T19757] Uninit was stored to memory at: [ 951.724940][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 951.730644][T19757] __msan_chain_origin+0x50/0x90 [ 951.735573][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 951.740676][T19757] get_compat_msghdr+0x108/0x2b0 [ 951.745590][T19757] do_recvmmsg+0xdba/0x22c0 [ 951.750067][T19757] __sys_recvmmsg+0x5dd/0x610 [ 951.754747][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 951.760801][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 951.766931][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 951.772196][T19757] do_int80_syscall_32+0x1d/0x30 [ 951.777110][T19757] entry_INT80_compat+0x71/0x76 [ 951.781946][T19757] [ 951.784250][T19757] Uninit was stored to memory at: [ 951.789509][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 951.795206][T19757] __msan_chain_origin+0x50/0x90 [ 951.800204][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 951.805291][T19757] get_compat_msghdr+0x108/0x2b0 [ 951.810203][T19757] do_recvmmsg+0xdba/0x22c0 [ 951.814698][T19757] __sys_recvmmsg+0x5dd/0x610 [ 951.819352][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 951.825396][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 951.831526][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 951.836789][T19757] do_int80_syscall_32+0x1d/0x30 [ 951.841701][T19757] entry_INT80_compat+0x71/0x76 [ 951.846523][T19757] [ 951.848824][T19757] Uninit was stored to memory at: [ 951.853825][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 951.859517][T19757] __msan_chain_origin+0x50/0x90 [ 951.864430][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 951.869515][T19757] get_compat_msghdr+0x108/0x2b0 [ 951.874442][T19757] do_recvmmsg+0xdba/0x22c0 [ 951.878936][T19757] __sys_recvmmsg+0x5dd/0x610 [ 951.883590][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 951.889646][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 951.895775][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 951.901036][T19757] do_int80_syscall_32+0x1d/0x30 [ 951.905952][T19757] entry_INT80_compat+0x71/0x76 [ 951.910787][T19757] [ 951.913095][T19757] Uninit was stored to memory at: [ 951.918096][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 951.923789][T19757] __msan_chain_origin+0x50/0x90 [ 951.928702][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 951.933792][T19757] get_compat_msghdr+0x108/0x2b0 [ 951.938704][T19757] do_recvmmsg+0xdba/0x22c0 [ 951.943186][T19757] __sys_recvmmsg+0x5dd/0x610 [ 951.947838][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 951.953881][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 951.960024][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 951.965288][T19757] do_int80_syscall_32+0x1d/0x30 [ 951.970201][T19757] entry_INT80_compat+0x71/0x76 [ 951.975018][T19757] [ 951.977319][T19757] Uninit was stored to memory at: [ 951.982321][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 951.988013][T19757] __msan_chain_origin+0x50/0x90 [ 951.992930][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 951.998117][T19757] get_compat_msghdr+0x108/0x2b0 [ 952.003031][T19757] do_recvmmsg+0xdba/0x22c0 [ 952.007515][T19757] __sys_recvmmsg+0x5dd/0x610 [ 952.012166][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 952.018210][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 952.024339][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 952.029602][T19757] do_int80_syscall_32+0x1d/0x30 [ 952.034514][T19757] entry_INT80_compat+0x71/0x76 [ 952.039334][T19757] [ 952.041637][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 952.048284][T19757] do_recvmmsg+0xc2/0x22c0 [ 952.052675][T19757] do_recvmmsg+0xc2/0x22c0 [ 952.196502][T19757] not chained 350000 origins [ 952.201247][T19757] CPU: 0 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 952.209911][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 952.219963][T19757] Call Trace: [ 952.223270][T19757] dump_stack+0x21c/0x280 [ 952.227614][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 952.233356][T19757] ? kmsan_get_metadata+0x116/0x180 [ 952.238572][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 952.244385][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 952.250453][T19757] ? kmsan_get_metadata+0x116/0x180 [ 952.255656][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 952.261213][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 952.267294][T19757] ? _copy_from_user+0x221/0x330 [ 952.272240][T19757] ? kmsan_get_metadata+0x116/0x180 [ 952.277442][T19757] __msan_chain_origin+0x50/0x90 [ 952.282505][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 952.287643][T19757] get_compat_msghdr+0x108/0x2b0 [ 952.292592][T19757] do_recvmmsg+0xdba/0x22c0 [ 952.297113][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 952.303307][T19757] ? kmsan_get_metadata+0x116/0x180 [ 952.308527][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 952.314175][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 952.319468][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 952.324239][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 952.329053][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 952.335133][T19757] __sys_recvmmsg+0x5dd/0x610 [ 952.339833][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 952.345919][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 952.352083][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 952.357400][T19757] do_int80_syscall_32+0x1d/0x30 [ 952.362348][T19757] entry_INT80_compat+0x71/0x76 [ 952.367200][T19757] RIP: 0023:0xf7f85549 [ 952.371262][T19757] Code: Bad RIP value. [ 952.375326][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 952.383781][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 952.391731][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 952.399679][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 952.407631][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 952.415583][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 952.423539][T19757] Uninit was stored to memory at: [ 952.428549][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 952.434246][T19757] __msan_chain_origin+0x50/0x90 [ 952.439160][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 952.444249][T19757] get_compat_msghdr+0x108/0x2b0 [ 952.449178][T19757] do_recvmmsg+0xdba/0x22c0 [ 952.453666][T19757] __sys_recvmmsg+0x5dd/0x610 [ 952.458332][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 952.464382][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 952.470606][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 952.475921][T19757] do_int80_syscall_32+0x1d/0x30 [ 952.480837][T19757] entry_INT80_compat+0x71/0x76 [ 952.485655][T19757] [ 952.487972][T19757] Uninit was stored to memory at: [ 952.493093][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 952.498802][T19757] __msan_chain_origin+0x50/0x90 [ 952.503727][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 952.508939][T19757] get_compat_msghdr+0x108/0x2b0 [ 952.514130][T19757] do_recvmmsg+0xdba/0x22c0 [ 952.518623][T19757] __sys_recvmmsg+0x5dd/0x610 [ 952.523278][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 952.529320][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 952.535453][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 952.540718][T19757] do_int80_syscall_32+0x1d/0x30 [ 952.545636][T19757] entry_INT80_compat+0x71/0x76 [ 952.550566][T19757] [ 952.552870][T19757] Uninit was stored to memory at: [ 952.557897][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 952.563592][T19757] __msan_chain_origin+0x50/0x90 [ 952.568595][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 952.573695][T19757] get_compat_msghdr+0x108/0x2b0 [ 952.578606][T19757] do_recvmmsg+0xdba/0x22c0 [ 952.583101][T19757] __sys_recvmmsg+0x5dd/0x610 [ 952.587775][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 952.593925][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 952.600069][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 952.605331][T19757] do_int80_syscall_32+0x1d/0x30 [ 952.610242][T19757] entry_INT80_compat+0x71/0x76 [ 952.615161][T19757] [ 952.617461][T19757] Uninit was stored to memory at: [ 952.622461][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 952.628170][T19757] __msan_chain_origin+0x50/0x90 [ 952.633085][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 952.638181][T19757] get_compat_msghdr+0x108/0x2b0 [ 952.643103][T19757] do_recvmmsg+0xdba/0x22c0 [ 952.647580][T19757] __sys_recvmmsg+0x5dd/0x610 [ 952.652232][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 952.658354][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 952.664529][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 952.669823][T19757] do_int80_syscall_32+0x1d/0x30 [ 952.674744][T19757] entry_INT80_compat+0x71/0x76 [ 952.679652][T19757] [ 952.681955][T19757] Uninit was stored to memory at: [ 952.686965][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 952.692659][T19757] __msan_chain_origin+0x50/0x90 [ 952.697707][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 952.702800][T19757] get_compat_msghdr+0x108/0x2b0 [ 952.707718][T19757] do_recvmmsg+0xdba/0x22c0 [ 952.712201][T19757] __sys_recvmmsg+0x5dd/0x610 [ 952.716910][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 952.722959][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 952.729095][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 952.734644][T19757] do_int80_syscall_32+0x1d/0x30 [ 952.739568][T19757] entry_INT80_compat+0x71/0x76 [ 952.744476][T19757] [ 952.746781][T19757] Uninit was stored to memory at: [ 952.751787][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 952.757494][T19757] __msan_chain_origin+0x50/0x90 [ 952.762430][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 952.767516][T19757] get_compat_msghdr+0x108/0x2b0 [ 952.772536][T19757] do_recvmmsg+0xdba/0x22c0 [ 952.777013][T19757] __sys_recvmmsg+0x5dd/0x610 [ 952.781688][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 952.787732][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 952.793862][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 952.799125][T19757] do_int80_syscall_32+0x1d/0x30 [ 952.804144][T19757] entry_INT80_compat+0x71/0x76 [ 952.808962][T19757] [ 952.811288][T19757] Uninit was stored to memory at: [ 952.816290][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 952.822097][T19757] __msan_chain_origin+0x50/0x90 [ 952.827026][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 952.832113][T19757] get_compat_msghdr+0x108/0x2b0 [ 952.837026][T19757] do_recvmmsg+0xdba/0x22c0 [ 952.841518][T19757] __sys_recvmmsg+0x5dd/0x610 [ 952.846172][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 952.852216][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 952.858344][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 952.863606][T19757] do_int80_syscall_32+0x1d/0x30 [ 952.868557][T19757] entry_INT80_compat+0x71/0x76 [ 952.873374][T19757] [ 952.875683][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 952.882347][T19757] do_recvmmsg+0xc2/0x22c0 [ 952.886738][T19757] do_recvmmsg+0xc2/0x22c0 [ 953.074582][T19757] not chained 360000 origins [ 953.079222][T19757] CPU: 0 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 953.087887][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 953.098015][T19757] Call Trace: [ 953.101351][T19757] dump_stack+0x21c/0x280 [ 953.105699][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 953.111442][T19757] ? kmsan_get_metadata+0x116/0x180 [ 953.116658][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 953.122511][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 953.128585][T19757] ? kmsan_get_metadata+0x116/0x180 [ 953.133792][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 953.139349][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 953.145519][T19757] ? _copy_from_user+0x221/0x330 [ 953.150469][T19757] ? kmsan_get_metadata+0x116/0x180 [ 953.155699][T19757] __msan_chain_origin+0x50/0x90 [ 953.160674][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 953.165806][T19757] get_compat_msghdr+0x108/0x2b0 [ 953.170756][T19757] do_recvmmsg+0xdba/0x22c0 [ 953.175265][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 953.181481][T19757] ? kmsan_get_metadata+0x116/0x180 [ 953.186682][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 953.192331][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 953.197624][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 953.202381][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 953.207125][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 953.213181][T19757] __sys_recvmmsg+0x5dd/0x610 [ 953.217846][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 953.223895][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 953.230023][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 953.235290][T19757] do_int80_syscall_32+0x1d/0x30 [ 953.240223][T19757] entry_INT80_compat+0x71/0x76 [ 953.245084][T19757] RIP: 0023:0xf7f85549 [ 953.249121][T19757] Code: Bad RIP value. [ 953.253161][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 953.261547][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 953.269582][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 953.277530][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 953.285486][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 953.293444][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 953.301396][T19757] Uninit was stored to memory at: [ 953.306417][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 953.312112][T19757] __msan_chain_origin+0x50/0x90 [ 953.317028][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 953.322121][T19757] get_compat_msghdr+0x108/0x2b0 [ 953.327070][T19757] do_recvmmsg+0xdba/0x22c0 [ 953.331552][T19757] __sys_recvmmsg+0x5dd/0x610 [ 953.336207][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 953.342253][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 953.348383][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 953.353675][T19757] do_int80_syscall_32+0x1d/0x30 [ 953.358601][T19757] entry_INT80_compat+0x71/0x76 [ 953.363420][T19757] [ 953.365728][T19757] Uninit was stored to memory at: [ 953.370732][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 953.376426][T19757] __msan_chain_origin+0x50/0x90 [ 953.381342][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 953.386428][T19757] get_compat_msghdr+0x108/0x2b0 [ 953.391358][T19757] do_recvmmsg+0xdba/0x22c0 [ 953.395839][T19757] __sys_recvmmsg+0x5dd/0x610 [ 953.400493][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 953.406537][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 953.412666][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 953.417940][T19757] do_int80_syscall_32+0x1d/0x30 [ 953.422863][T19757] entry_INT80_compat+0x71/0x76 [ 953.427680][T19757] [ 953.429994][T19757] Uninit was stored to memory at: [ 953.435008][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 953.440732][T19757] __msan_chain_origin+0x50/0x90 [ 953.445647][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 953.450735][T19757] get_compat_msghdr+0x108/0x2b0 [ 953.455647][T19757] do_recvmmsg+0xdba/0x22c0 [ 953.460123][T19757] __sys_recvmmsg+0x5dd/0x610 [ 953.464780][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 953.470824][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 953.476954][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 953.482233][T19757] do_int80_syscall_32+0x1d/0x30 [ 953.487161][T19757] entry_INT80_compat+0x71/0x76 [ 953.491980][T19757] [ 953.494279][T19757] Uninit was stored to memory at: [ 953.499280][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 953.504988][T19757] __msan_chain_origin+0x50/0x90 [ 953.509900][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 953.515085][T19757] get_compat_msghdr+0x108/0x2b0 [ 953.519995][T19757] do_recvmmsg+0xdba/0x22c0 [ 953.524474][T19757] __sys_recvmmsg+0x5dd/0x610 [ 953.529126][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 953.535182][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 953.541313][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 953.546576][T19757] do_int80_syscall_32+0x1d/0x30 [ 953.551505][T19757] entry_INT80_compat+0x71/0x76 [ 953.556322][T19757] [ 953.558625][T19757] Uninit was stored to memory at: [ 953.563628][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 953.569321][T19757] __msan_chain_origin+0x50/0x90 [ 953.574236][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 953.579322][T19757] get_compat_msghdr+0x108/0x2b0 [ 953.584235][T19757] do_recvmmsg+0xdba/0x22c0 [ 953.588734][T19757] __sys_recvmmsg+0x5dd/0x610 [ 953.593387][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 953.599453][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 953.605584][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 953.610854][T19757] do_int80_syscall_32+0x1d/0x30 [ 953.615855][T19757] entry_INT80_compat+0x71/0x76 [ 953.620765][T19757] [ 953.623104][T19757] Uninit was stored to memory at: [ 953.628103][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 953.633814][T19757] __msan_chain_origin+0x50/0x90 [ 953.638743][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 953.643831][T19757] get_compat_msghdr+0x108/0x2b0 [ 953.648742][T19757] do_recvmmsg+0xdba/0x22c0 [ 953.653218][T19757] __sys_recvmmsg+0x5dd/0x610 [ 953.657881][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 953.663939][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 953.670068][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 953.675329][T19757] do_int80_syscall_32+0x1d/0x30 [ 953.680246][T19757] entry_INT80_compat+0x71/0x76 [ 953.685066][T19757] [ 953.687376][T19757] Uninit was stored to memory at: [ 953.692381][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 953.698073][T19757] __msan_chain_origin+0x50/0x90 [ 953.703030][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 953.708229][T19757] get_compat_msghdr+0x108/0x2b0 [ 953.713154][T19757] do_recvmmsg+0xdba/0x22c0 [ 953.717742][T19757] __sys_recvmmsg+0x5dd/0x610 [ 953.722396][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 953.728527][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 953.734655][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 953.739934][T19757] do_int80_syscall_32+0x1d/0x30 [ 953.745043][T19757] entry_INT80_compat+0x71/0x76 [ 953.749875][T19757] [ 953.752267][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 953.759014][T19757] do_recvmmsg+0xc2/0x22c0 [ 953.763413][T19757] do_recvmmsg+0xc2/0x22c0 [ 953.977693][T19757] not chained 370000 origins [ 953.982414][T19757] CPU: 0 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 953.991084][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 954.001136][T19757] Call Trace: [ 954.004446][T19757] dump_stack+0x21c/0x280 [ 954.008790][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 954.014534][T19757] ? kmsan_get_metadata+0x116/0x180 [ 954.019758][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 954.025572][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 954.031650][T19757] ? kmsan_get_metadata+0x116/0x180 [ 954.036890][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 954.042559][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 954.048644][T19757] ? _copy_from_user+0x221/0x330 [ 954.053595][T19757] ? kmsan_get_metadata+0x116/0x180 [ 954.058811][T19757] __msan_chain_origin+0x50/0x90 [ 954.063760][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 954.068920][T19757] get_compat_msghdr+0x108/0x2b0 [ 954.073875][T19757] do_recvmmsg+0xdba/0x22c0 [ 954.078474][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 954.084755][T19757] ? kmsan_get_metadata+0x116/0x180 [ 954.089959][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 954.095590][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 954.100891][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 954.105634][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 954.110396][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 954.116496][T19757] __sys_recvmmsg+0x5dd/0x610 [ 954.121165][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 954.127217][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 954.133354][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 954.138741][T19757] do_int80_syscall_32+0x1d/0x30 [ 954.143666][T19757] entry_INT80_compat+0x71/0x76 [ 954.148510][T19757] RIP: 0023:0xf7f85549 [ 954.152552][T19757] Code: Bad RIP value. [ 954.156635][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 954.165111][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 954.173092][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 954.181040][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 954.188990][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 954.197041][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 954.204999][T19757] Uninit was stored to memory at: [ 954.210004][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 954.215810][T19757] __msan_chain_origin+0x50/0x90 [ 954.220838][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 954.225923][T19757] get_compat_msghdr+0x108/0x2b0 [ 954.230839][T19757] do_recvmmsg+0xdba/0x22c0 [ 954.235422][T19757] __sys_recvmmsg+0x5dd/0x610 [ 954.240161][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 954.246254][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 954.252389][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 954.257650][T19757] do_int80_syscall_32+0x1d/0x30 [ 954.262564][T19757] entry_INT80_compat+0x71/0x76 [ 954.267412][T19757] [ 954.269715][T19757] Uninit was stored to memory at: [ 954.274747][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 954.280441][T19757] __msan_chain_origin+0x50/0x90 [ 954.285359][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 954.290449][T19757] get_compat_msghdr+0x108/0x2b0 [ 954.295413][T19757] do_recvmmsg+0xdba/0x22c0 [ 954.299909][T19757] __sys_recvmmsg+0x5dd/0x610 [ 954.304569][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 954.310615][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 954.316844][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 954.322114][T19757] do_int80_syscall_32+0x1d/0x30 [ 954.327032][T19757] entry_INT80_compat+0x71/0x76 [ 954.331858][T19757] [ 954.334164][T19757] Uninit was stored to memory at: [ 954.339181][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 954.344882][T19757] __msan_chain_origin+0x50/0x90 [ 954.349805][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 954.354896][T19757] get_compat_msghdr+0x108/0x2b0 [ 954.359847][T19757] do_recvmmsg+0xdba/0x22c0 [ 954.364334][T19757] __sys_recvmmsg+0x5dd/0x610 [ 954.369003][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 954.375056][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 954.381211][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 954.386482][T19757] do_int80_syscall_32+0x1d/0x30 [ 954.391403][T19757] entry_INT80_compat+0x71/0x76 [ 954.396224][T19757] [ 954.398544][T19757] Uninit was stored to memory at: [ 954.403578][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 954.409292][T19757] __msan_chain_origin+0x50/0x90 [ 954.414204][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 954.419325][T19757] get_compat_msghdr+0x108/0x2b0 [ 954.424243][T19757] do_recvmmsg+0xdba/0x22c0 [ 954.428731][T19757] __sys_recvmmsg+0x5dd/0x610 [ 954.433385][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 954.439428][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 954.445566][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 954.450925][T19757] do_int80_syscall_32+0x1d/0x30 [ 954.455868][T19757] entry_INT80_compat+0x71/0x76 [ 954.460688][T19757] [ 954.462990][T19757] Uninit was stored to memory at: [ 954.467992][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 954.473713][T19757] __msan_chain_origin+0x50/0x90 [ 954.478816][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 954.483953][T19757] get_compat_msghdr+0x108/0x2b0 [ 954.488895][T19757] do_recvmmsg+0xdba/0x22c0 [ 954.493426][T19757] __sys_recvmmsg+0x5dd/0x610 [ 954.498225][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 954.504284][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 954.510419][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 954.515684][T19757] do_int80_syscall_32+0x1d/0x30 [ 954.520598][T19757] entry_INT80_compat+0x71/0x76 [ 954.525516][T19757] [ 954.527905][T19757] Uninit was stored to memory at: [ 954.532909][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 954.538602][T19757] __msan_chain_origin+0x50/0x90 [ 954.543519][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 954.548605][T19757] get_compat_msghdr+0x108/0x2b0 [ 954.553523][T19757] do_recvmmsg+0xdba/0x22c0 [ 954.557999][T19757] __sys_recvmmsg+0x5dd/0x610 [ 954.562656][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 954.568702][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 954.575058][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 954.580323][T19757] do_int80_syscall_32+0x1d/0x30 [ 954.585269][T19757] entry_INT80_compat+0x71/0x76 [ 954.590088][T19757] [ 954.592386][T19757] Uninit was stored to memory at: [ 954.597386][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 954.603098][T19757] __msan_chain_origin+0x50/0x90 [ 954.608012][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 954.613099][T19757] get_compat_msghdr+0x108/0x2b0 [ 954.618008][T19757] do_recvmmsg+0xdba/0x22c0 [ 954.622487][T19757] __sys_recvmmsg+0x5dd/0x610 [ 954.627139][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 954.633185][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 954.639316][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 954.644582][T19757] do_int80_syscall_32+0x1d/0x30 [ 954.649496][T19757] entry_INT80_compat+0x71/0x76 [ 954.654318][T19757] [ 954.656625][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 954.663292][T19757] do_recvmmsg+0xc2/0x22c0 [ 954.667683][T19757] do_recvmmsg+0xc2/0x22c0 [ 954.833602][T19757] not chained 380000 origins [ 954.838235][T19757] CPU: 0 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 954.846928][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 954.856983][T19757] Call Trace: [ 954.860378][T19757] dump_stack+0x21c/0x280 [ 954.864745][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 954.870492][T19757] ? kmsan_get_metadata+0x116/0x180 [ 954.875695][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 954.881597][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 954.887777][T19757] ? kmsan_get_metadata+0x116/0x180 [ 954.892983][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 954.898535][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 954.904611][T19757] ? _copy_from_user+0x221/0x330 [ 954.909557][T19757] ? kmsan_get_metadata+0x116/0x180 [ 954.914773][T19757] __msan_chain_origin+0x50/0x90 [ 954.919719][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 954.924852][T19757] get_compat_msghdr+0x108/0x2b0 [ 954.929803][T19757] do_recvmmsg+0xdba/0x22c0 [ 954.934322][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 954.940508][T19757] ? kmsan_get_metadata+0x116/0x180 [ 954.945712][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 954.951353][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 954.956667][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 954.961424][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 954.966168][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 954.972210][T19757] __sys_recvmmsg+0x5dd/0x610 [ 954.976873][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 954.982929][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 954.989064][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 954.994333][T19757] do_int80_syscall_32+0x1d/0x30 [ 954.999252][T19757] entry_INT80_compat+0x71/0x76 [ 955.004077][T19757] RIP: 0023:0xf7f85549 [ 955.008115][T19757] Code: Bad RIP value. [ 955.012173][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 955.020579][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 955.028538][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 955.036486][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 955.044448][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 955.052394][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 955.060356][T19757] Uninit was stored to memory at: [ 955.065363][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 955.071056][T19757] __msan_chain_origin+0x50/0x90 [ 955.075969][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 955.081054][T19757] get_compat_msghdr+0x108/0x2b0 [ 955.085968][T19757] do_recvmmsg+0xdba/0x22c0 [ 955.090449][T19757] __sys_recvmmsg+0x5dd/0x610 [ 955.095103][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 955.101144][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 955.107273][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 955.112555][T19757] do_int80_syscall_32+0x1d/0x30 [ 955.117468][T19757] entry_INT80_compat+0x71/0x76 [ 955.122290][T19757] [ 955.124591][T19757] Uninit was stored to memory at: [ 955.129593][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 955.135324][T19757] __msan_chain_origin+0x50/0x90 [ 955.140244][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 955.145339][T19757] get_compat_msghdr+0x108/0x2b0 [ 955.150262][T19757] do_recvmmsg+0xdba/0x22c0 [ 955.154779][T19757] __sys_recvmmsg+0x5dd/0x610 [ 955.159439][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 955.165549][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 955.171681][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 955.176956][T19757] do_int80_syscall_32+0x1d/0x30 [ 955.181868][T19757] entry_INT80_compat+0x71/0x76 [ 955.186686][T19757] [ 955.189006][T19757] Uninit was stored to memory at: [ 955.194008][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 955.199702][T19757] __msan_chain_origin+0x50/0x90 [ 955.204617][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 955.209789][T19757] get_compat_msghdr+0x108/0x2b0 [ 955.214714][T19757] do_recvmmsg+0xdba/0x22c0 [ 955.219191][T19757] __sys_recvmmsg+0x5dd/0x610 [ 955.223844][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 955.229883][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 955.236014][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 955.241313][T19757] do_int80_syscall_32+0x1d/0x30 [ 955.246224][T19757] entry_INT80_compat+0x71/0x76 [ 955.251042][T19757] [ 955.253352][T19757] Uninit was stored to memory at: [ 955.258353][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 955.264044][T19757] __msan_chain_origin+0x50/0x90 [ 955.268953][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 955.274039][T19757] get_compat_msghdr+0x108/0x2b0 [ 955.279007][T19757] do_recvmmsg+0xdba/0x22c0 [ 955.283486][T19757] __sys_recvmmsg+0x5dd/0x610 [ 955.288139][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 955.294197][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 955.300348][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 955.305637][T19757] do_int80_syscall_32+0x1d/0x30 [ 955.310560][T19757] entry_INT80_compat+0x71/0x76 [ 955.315380][T19757] [ 955.317694][T19757] Uninit was stored to memory at: [ 955.322711][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 955.328474][T19757] __msan_chain_origin+0x50/0x90 [ 955.333402][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 955.338490][T19757] get_compat_msghdr+0x108/0x2b0 [ 955.343424][T19757] do_recvmmsg+0xdba/0x22c0 [ 955.347918][T19757] __sys_recvmmsg+0x5dd/0x610 [ 955.352681][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 955.358741][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 955.364885][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 955.370147][T19757] do_int80_syscall_32+0x1d/0x30 [ 955.375062][T19757] entry_INT80_compat+0x71/0x76 [ 955.379881][T19757] [ 955.382212][T19757] Uninit was stored to memory at: [ 955.387216][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 955.392912][T19757] __msan_chain_origin+0x50/0x90 [ 955.397827][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 955.402916][T19757] get_compat_msghdr+0x108/0x2b0 [ 955.407844][T19757] do_recvmmsg+0xdba/0x22c0 [ 955.412443][T19757] __sys_recvmmsg+0x5dd/0x610 [ 955.417099][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 955.423158][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 955.429288][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 955.434550][T19757] do_int80_syscall_32+0x1d/0x30 [ 955.439464][T19757] entry_INT80_compat+0x71/0x76 [ 955.444282][T19757] [ 955.446583][T19757] Uninit was stored to memory at: [ 955.451585][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 955.457279][T19757] __msan_chain_origin+0x50/0x90 [ 955.462206][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 955.467295][T19757] get_compat_msghdr+0x108/0x2b0 [ 955.472206][T19757] do_recvmmsg+0xdba/0x22c0 [ 955.476680][T19757] __sys_recvmmsg+0x5dd/0x610 [ 955.481366][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 955.487424][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 955.493564][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 955.498824][T19757] do_int80_syscall_32+0x1d/0x30 [ 955.503735][T19757] entry_INT80_compat+0x71/0x76 [ 955.508554][T19757] [ 955.510855][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 955.517505][T19757] do_recvmmsg+0xc2/0x22c0 [ 955.521913][T19757] do_recvmmsg+0xc2/0x22c0 [ 955.693528][T19757] not chained 390000 origins [ 955.698275][T19757] CPU: 0 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 955.706938][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 955.716989][T19757] Call Trace: [ 955.720290][T19757] dump_stack+0x21c/0x280 [ 955.724629][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 955.730379][T19757] ? kmsan_get_metadata+0x116/0x180 [ 955.735583][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 955.741398][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 955.747473][T19757] ? kmsan_get_metadata+0x116/0x180 [ 955.752675][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 955.758324][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 955.764442][T19757] ? _copy_from_user+0x221/0x330 [ 955.769384][T19757] ? kmsan_get_metadata+0x116/0x180 [ 955.774585][T19757] __msan_chain_origin+0x50/0x90 [ 955.779546][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 955.784684][T19757] get_compat_msghdr+0x108/0x2b0 [ 955.789721][T19757] do_recvmmsg+0xdba/0x22c0 [ 955.794228][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 955.800435][T19757] ? kmsan_get_metadata+0x116/0x180 [ 955.805638][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 955.811281][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 955.816572][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 955.821339][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 955.826222][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 955.832300][T19757] __sys_recvmmsg+0x5dd/0x610 [ 955.836963][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 955.843012][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 955.849230][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 955.854494][T19757] do_int80_syscall_32+0x1d/0x30 [ 955.859407][T19757] entry_INT80_compat+0x71/0x76 [ 955.864244][T19757] RIP: 0023:0xf7f85549 [ 955.868285][T19757] Code: Bad RIP value. [ 955.872324][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 955.880711][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 955.888657][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 955.896611][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 955.904559][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 955.912506][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 955.920477][T19757] Uninit was stored to memory at: [ 955.925501][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 955.931198][T19757] __msan_chain_origin+0x50/0x90 [ 955.936117][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 955.941211][T19757] get_compat_msghdr+0x108/0x2b0 [ 955.946131][T19757] do_recvmmsg+0xdba/0x22c0 [ 955.950611][T19757] __sys_recvmmsg+0x5dd/0x610 [ 955.955264][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 955.961303][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 955.967431][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 955.972694][T19757] do_int80_syscall_32+0x1d/0x30 [ 955.977691][T19757] entry_INT80_compat+0x71/0x76 [ 955.982512][T19757] [ 955.984815][T19757] Uninit was stored to memory at: [ 955.989814][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 955.995508][T19757] __msan_chain_origin+0x50/0x90 [ 956.000529][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 956.005651][T19757] get_compat_msghdr+0x108/0x2b0 [ 956.010569][T19757] do_recvmmsg+0xdba/0x22c0 [ 956.015047][T19757] __sys_recvmmsg+0x5dd/0x610 [ 956.019703][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 956.025748][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 956.031875][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 956.037135][T19757] do_int80_syscall_32+0x1d/0x30 [ 956.042063][T19757] entry_INT80_compat+0x71/0x76 [ 956.046880][T19757] [ 956.049195][T19757] Uninit was stored to memory at: [ 956.054303][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 956.059998][T19757] __msan_chain_origin+0x50/0x90 [ 956.064911][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 956.070049][T19757] get_compat_msghdr+0x108/0x2b0 [ 956.074967][T19757] do_recvmmsg+0xdba/0x22c0 [ 956.079445][T19757] __sys_recvmmsg+0x5dd/0x610 [ 956.084102][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 956.090147][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 956.096281][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 956.101546][T19757] do_int80_syscall_32+0x1d/0x30 [ 956.106464][T19757] entry_INT80_compat+0x71/0x76 [ 956.111284][T19757] [ 956.113591][T19757] Uninit was stored to memory at: [ 956.118602][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 956.124301][T19757] __msan_chain_origin+0x50/0x90 [ 956.129224][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 956.134313][T19757] get_compat_msghdr+0x108/0x2b0 [ 956.139228][T19757] do_recvmmsg+0xdba/0x22c0 [ 956.143718][T19757] __sys_recvmmsg+0x5dd/0x610 [ 956.148373][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 956.154418][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 956.160570][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 956.165870][T19757] do_int80_syscall_32+0x1d/0x30 [ 956.170791][T19757] entry_INT80_compat+0x71/0x76 [ 956.175620][T19757] [ 956.177925][T19757] Uninit was stored to memory at: [ 956.182934][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 956.188632][T19757] __msan_chain_origin+0x50/0x90 [ 956.193546][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 956.198634][T19757] get_compat_msghdr+0x108/0x2b0 [ 956.203549][T19757] do_recvmmsg+0xdba/0x22c0 [ 956.208029][T19757] __sys_recvmmsg+0x5dd/0x610 [ 956.212684][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 956.218729][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 956.224860][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 956.230142][T19757] do_int80_syscall_32+0x1d/0x30 [ 956.235059][T19757] entry_INT80_compat+0x71/0x76 [ 956.239877][T19757] [ 956.242185][T19757] Uninit was stored to memory at: [ 956.247191][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 956.252887][T19757] __msan_chain_origin+0x50/0x90 [ 956.257802][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 956.262889][T19757] get_compat_msghdr+0x108/0x2b0 [ 956.267817][T19757] do_recvmmsg+0xdba/0x22c0 [ 956.272307][T19757] __sys_recvmmsg+0x5dd/0x610 [ 956.276973][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 956.283023][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 956.289155][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 956.294427][T19757] do_int80_syscall_32+0x1d/0x30 [ 956.299352][T19757] entry_INT80_compat+0x71/0x76 [ 956.304178][T19757] [ 956.306486][T19757] Uninit was stored to memory at: [ 956.311626][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 956.317325][T19757] __msan_chain_origin+0x50/0x90 [ 956.322371][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 956.327463][T19757] get_compat_msghdr+0x108/0x2b0 [ 956.332381][T19757] do_recvmmsg+0xdba/0x22c0 [ 956.336861][T19757] __sys_recvmmsg+0x5dd/0x610 [ 956.341557][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 956.347602][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 956.353734][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 956.359085][T19757] do_int80_syscall_32+0x1d/0x30 [ 956.364014][T19757] entry_INT80_compat+0x71/0x76 [ 956.368835][T19757] [ 956.371154][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 956.377803][T19757] do_recvmmsg+0xc2/0x22c0 [ 956.382200][T19757] do_recvmmsg+0xc2/0x22c0 [ 956.548490][T19757] not chained 400000 origins [ 956.553127][T19757] CPU: 0 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 956.561795][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 956.571845][T19757] Call Trace: [ 956.575144][T19757] dump_stack+0x21c/0x280 [ 956.579497][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 956.585239][T19757] ? kmsan_get_metadata+0x116/0x180 [ 956.590490][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 956.596305][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 956.602376][T19757] ? kmsan_get_metadata+0x116/0x180 [ 956.607582][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 956.613135][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 956.619210][T19757] ? _copy_from_user+0x221/0x330 [ 956.624151][T19757] ? kmsan_get_metadata+0x116/0x180 [ 956.629352][T19757] __msan_chain_origin+0x50/0x90 [ 956.634309][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 956.639439][T19757] get_compat_msghdr+0x108/0x2b0 [ 956.644392][T19757] do_recvmmsg+0xdba/0x22c0 [ 956.648905][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 956.655091][T19757] ? kmsan_get_metadata+0x116/0x180 [ 956.660301][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 956.666028][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 956.671328][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 956.676094][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 956.681013][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 956.687089][T19757] __sys_recvmmsg+0x5dd/0x610 [ 956.691783][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 956.697948][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 956.704108][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 956.709415][T19757] do_int80_syscall_32+0x1d/0x30 [ 956.714357][T19757] entry_INT80_compat+0x71/0x76 [ 956.719206][T19757] RIP: 0023:0xf7f85549 [ 956.723256][T19757] Code: Bad RIP value. [ 956.727312][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 956.735708][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 956.743795][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 956.751744][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 956.759905][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 956.767852][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 956.775829][T19757] Uninit was stored to memory at: [ 956.780870][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 956.786562][T19757] __msan_chain_origin+0x50/0x90 [ 956.791479][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 956.796565][T19757] get_compat_msghdr+0x108/0x2b0 [ 956.801497][T19757] do_recvmmsg+0xdba/0x22c0 [ 956.805972][T19757] __sys_recvmmsg+0x5dd/0x610 [ 956.810625][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 956.816665][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 956.822796][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 956.828058][T19757] do_int80_syscall_32+0x1d/0x30 [ 956.832969][T19757] entry_INT80_compat+0x71/0x76 [ 956.837785][T19757] [ 956.840087][T19757] Uninit was stored to memory at: [ 956.845089][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 956.850783][T19757] __msan_chain_origin+0x50/0x90 [ 956.855696][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 956.860784][T19757] get_compat_msghdr+0x108/0x2b0 [ 956.865697][T19757] do_recvmmsg+0xdba/0x22c0 [ 956.870173][T19757] __sys_recvmmsg+0x5dd/0x610 [ 956.874839][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 956.880881][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 956.887009][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 956.892272][T19757] do_int80_syscall_32+0x1d/0x30 [ 956.897184][T19757] entry_INT80_compat+0x71/0x76 [ 956.902004][T19757] [ 956.904303][T19757] Uninit was stored to memory at: [ 956.909303][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 956.915005][T19757] __msan_chain_origin+0x50/0x90 [ 956.919935][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 956.925024][T19757] get_compat_msghdr+0x108/0x2b0 [ 956.929935][T19757] do_recvmmsg+0xdba/0x22c0 [ 956.934412][T19757] __sys_recvmmsg+0x5dd/0x610 [ 956.939063][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 956.945104][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 956.951238][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 956.956497][T19757] do_int80_syscall_32+0x1d/0x30 [ 956.961410][T19757] entry_INT80_compat+0x71/0x76 [ 956.966236][T19757] [ 956.968536][T19757] Uninit was stored to memory at: [ 956.973537][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 956.979230][T19757] __msan_chain_origin+0x50/0x90 [ 956.984143][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 956.989228][T19757] get_compat_msghdr+0x108/0x2b0 [ 956.994140][T19757] do_recvmmsg+0xdba/0x22c0 [ 956.998617][T19757] __sys_recvmmsg+0x5dd/0x610 [ 957.003276][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 957.009328][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 957.015458][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 957.020734][T19757] do_int80_syscall_32+0x1d/0x30 [ 957.025649][T19757] entry_INT80_compat+0x71/0x76 [ 957.030468][T19757] [ 957.032770][T19757] Uninit was stored to memory at: [ 957.037802][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 957.043496][T19757] __msan_chain_origin+0x50/0x90 [ 957.048422][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 957.053510][T19757] get_compat_msghdr+0x108/0x2b0 [ 957.058440][T19757] do_recvmmsg+0xdba/0x22c0 [ 957.062919][T19757] __sys_recvmmsg+0x5dd/0x610 [ 957.067573][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 957.073615][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 957.079765][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 957.085027][T19757] do_int80_syscall_32+0x1d/0x30 [ 957.089954][T19757] entry_INT80_compat+0x71/0x76 [ 957.094788][T19757] [ 957.097094][T19757] Uninit was stored to memory at: [ 957.102127][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 957.107825][T19757] __msan_chain_origin+0x50/0x90 [ 957.112756][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 957.117847][T19757] get_compat_msghdr+0x108/0x2b0 [ 957.122763][T19757] do_recvmmsg+0xdba/0x22c0 [ 957.127247][T19757] __sys_recvmmsg+0x5dd/0x610 [ 957.131919][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 957.137978][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 957.144125][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 957.149393][T19757] do_int80_syscall_32+0x1d/0x30 [ 957.154323][T19757] entry_INT80_compat+0x71/0x76 [ 957.159143][T19757] [ 957.161462][T19757] Uninit was stored to memory at: [ 957.166553][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 957.172266][T19757] __msan_chain_origin+0x50/0x90 [ 957.177182][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 957.182271][T19757] get_compat_msghdr+0x108/0x2b0 [ 957.187186][T19757] do_recvmmsg+0xdba/0x22c0 [ 957.191681][T19757] __sys_recvmmsg+0x5dd/0x610 [ 957.196339][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 957.202386][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 957.208533][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 957.213815][T19757] do_int80_syscall_32+0x1d/0x30 [ 957.218728][T19757] entry_INT80_compat+0x71/0x76 [ 957.223668][T19757] [ 957.225971][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 957.232646][T19757] do_recvmmsg+0xc2/0x22c0 [ 957.237042][T19757] do_recvmmsg+0xc2/0x22c0 [ 957.377829][T19757] not chained 410000 origins [ 957.382548][T19757] CPU: 0 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 957.391210][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 957.401468][T19757] Call Trace: [ 957.404777][T19757] dump_stack+0x21c/0x280 [ 957.409129][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 957.415156][T19757] ? kmsan_get_metadata+0x116/0x180 [ 957.420361][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 957.426173][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 957.432245][T19757] ? kmsan_get_metadata+0x116/0x180 [ 957.437447][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 957.443037][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 957.449108][T19757] ? _copy_from_user+0x221/0x330 [ 957.454068][T19757] ? kmsan_get_metadata+0x116/0x180 [ 957.459270][T19757] __msan_chain_origin+0x50/0x90 [ 957.464219][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 957.469348][T19757] get_compat_msghdr+0x108/0x2b0 [ 957.474300][T19757] do_recvmmsg+0xdba/0x22c0 [ 957.478808][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 957.484995][T19757] ? kmsan_get_metadata+0x116/0x180 [ 957.491165][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 957.496815][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 957.502109][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 957.506872][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 957.511739][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 957.517813][T19757] __sys_recvmmsg+0x5dd/0x610 [ 957.522512][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 957.528593][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 957.534769][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 957.540103][T19757] do_int80_syscall_32+0x1d/0x30 [ 957.545045][T19757] entry_INT80_compat+0x71/0x76 [ 957.549912][T19757] RIP: 0023:0xf7f85549 [ 957.554053][T19757] Code: Bad RIP value. [ 957.558094][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 957.566498][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 957.574450][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 957.582397][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 957.590519][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 957.598486][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 957.606601][T19757] Uninit was stored to memory at: [ 957.611608][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 957.617303][T19757] __msan_chain_origin+0x50/0x90 [ 957.622457][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 957.627543][T19757] get_compat_msghdr+0x108/0x2b0 [ 957.632454][T19757] do_recvmmsg+0xdba/0x22c0 [ 957.636950][T19757] __sys_recvmmsg+0x5dd/0x610 [ 957.641609][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 957.647654][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 957.653819][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 957.659079][T19757] do_int80_syscall_32+0x1d/0x30 [ 957.663990][T19757] entry_INT80_compat+0x71/0x76 [ 957.668809][T19757] [ 957.671155][T19757] Uninit was stored to memory at: [ 957.676157][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 957.681939][T19757] __msan_chain_origin+0x50/0x90 [ 957.686851][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 957.691939][T19757] get_compat_msghdr+0x108/0x2b0 [ 957.696852][T19757] do_recvmmsg+0xdba/0x22c0 [ 957.701332][T19757] __sys_recvmmsg+0x5dd/0x610 [ 957.705982][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 957.712025][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 957.718153][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 957.723416][T19757] do_int80_syscall_32+0x1d/0x30 [ 957.728327][T19757] entry_INT80_compat+0x71/0x76 [ 957.733143][T19757] [ 957.735449][T19757] Uninit was stored to memory at: [ 957.740450][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 957.746142][T19757] __msan_chain_origin+0x50/0x90 [ 957.751054][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 957.756227][T19757] get_compat_msghdr+0x108/0x2b0 [ 957.761243][T19757] do_recvmmsg+0xdba/0x22c0 [ 957.765768][T19757] __sys_recvmmsg+0x5dd/0x610 [ 957.770420][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 957.776458][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 957.782589][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 957.787850][T19757] do_int80_syscall_32+0x1d/0x30 [ 957.792768][T19757] entry_INT80_compat+0x71/0x76 [ 957.797596][T19757] [ 957.799898][T19757] Uninit was stored to memory at: [ 957.804900][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 957.810595][T19757] __msan_chain_origin+0x50/0x90 [ 957.815506][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 957.820695][T19757] get_compat_msghdr+0x108/0x2b0 [ 957.825694][T19757] do_recvmmsg+0xdba/0x22c0 [ 957.830180][T19757] __sys_recvmmsg+0x5dd/0x610 [ 957.834844][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 957.840886][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 957.847039][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 957.852300][T19757] do_int80_syscall_32+0x1d/0x30 [ 957.857322][T19757] entry_INT80_compat+0x71/0x76 [ 957.862139][T19757] [ 957.864437][T19757] Uninit was stored to memory at: [ 957.869435][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 957.875129][T19757] __msan_chain_origin+0x50/0x90 [ 957.880038][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 957.885124][T19757] get_compat_msghdr+0x108/0x2b0 [ 957.890056][T19757] do_recvmmsg+0xdba/0x22c0 [ 957.894532][T19757] __sys_recvmmsg+0x5dd/0x610 [ 957.899181][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 957.905222][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 957.911355][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 957.916616][T19757] do_int80_syscall_32+0x1d/0x30 [ 957.921526][T19757] entry_INT80_compat+0x71/0x76 [ 957.926345][T19757] [ 957.928646][T19757] Uninit was stored to memory at: [ 957.933648][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 957.939343][T19757] __msan_chain_origin+0x50/0x90 [ 957.944279][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 957.949363][T19757] get_compat_msghdr+0x108/0x2b0 [ 957.954272][T19757] do_recvmmsg+0xdba/0x22c0 [ 957.958761][T19757] __sys_recvmmsg+0x5dd/0x610 [ 957.963431][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 957.969473][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 957.975602][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 957.980865][T19757] do_int80_syscall_32+0x1d/0x30 [ 957.985777][T19757] entry_INT80_compat+0x71/0x76 [ 957.990597][T19757] [ 957.992899][T19757] Uninit was stored to memory at: [ 957.997899][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 958.003595][T19757] __msan_chain_origin+0x50/0x90 [ 958.008507][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 958.013593][T19757] get_compat_msghdr+0x108/0x2b0 [ 958.018619][T19757] do_recvmmsg+0xdba/0x22c0 [ 958.023098][T19757] __sys_recvmmsg+0x5dd/0x610 [ 958.027763][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 958.033904][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 958.040032][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 958.045294][T19757] do_int80_syscall_32+0x1d/0x30 [ 958.050212][T19757] entry_INT80_compat+0x71/0x76 [ 958.055051][T19757] [ 958.057378][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 958.064025][T19757] do_recvmmsg+0xc2/0x22c0 [ 958.068413][T19757] do_recvmmsg+0xc2/0x22c0 [ 958.210745][T19757] not chained 420000 origins [ 958.215374][T19757] CPU: 0 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 958.224042][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 958.234091][T19757] Call Trace: [ 958.237395][T19757] dump_stack+0x21c/0x280 [ 958.241737][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 958.247475][T19757] ? kmsan_get_metadata+0x116/0x180 [ 958.252714][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 958.258520][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 958.264587][T19757] ? kmsan_get_metadata+0x116/0x180 [ 958.269786][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 958.275421][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 958.281498][T19757] ? _copy_from_user+0x221/0x330 [ 958.286441][T19757] ? kmsan_get_metadata+0x116/0x180 [ 958.291643][T19757] __msan_chain_origin+0x50/0x90 [ 958.296589][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 958.301720][T19757] get_compat_msghdr+0x108/0x2b0 [ 958.306678][T19757] do_recvmmsg+0xdba/0x22c0 [ 958.311190][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 958.317375][T19757] ? kmsan_get_metadata+0x116/0x180 [ 958.322582][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 958.328218][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 958.333513][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 958.338302][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 958.343072][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 958.349141][T19757] __sys_recvmmsg+0x5dd/0x610 [ 958.353833][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 958.359912][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 958.366071][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 958.371443][T19757] do_int80_syscall_32+0x1d/0x30 [ 958.376467][T19757] entry_INT80_compat+0x71/0x76 [ 958.381292][T19757] RIP: 0023:0xf7f85549 [ 958.385332][T19757] Code: Bad RIP value. [ 958.389380][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 958.397991][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 958.405939][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 958.413971][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 958.421921][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 958.429869][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 958.437820][T19757] Uninit was stored to memory at: [ 958.442823][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 958.448517][T19757] __msan_chain_origin+0x50/0x90 [ 958.453436][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 958.458523][T19757] get_compat_msghdr+0x108/0x2b0 [ 958.463437][T19757] do_recvmmsg+0xdba/0x22c0 [ 958.467915][T19757] __sys_recvmmsg+0x5dd/0x610 [ 958.472581][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 958.478628][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 958.484841][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 958.490102][T19757] do_int80_syscall_32+0x1d/0x30 [ 958.495071][T19757] entry_INT80_compat+0x71/0x76 [ 958.499900][T19757] [ 958.502208][T19757] Uninit was stored to memory at: [ 958.507214][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 958.512999][T19757] __msan_chain_origin+0x50/0x90 [ 958.517915][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 958.523016][T19757] get_compat_msghdr+0x108/0x2b0 [ 958.527928][T19757] do_recvmmsg+0xdba/0x22c0 [ 958.532528][T19757] __sys_recvmmsg+0x5dd/0x610 [ 958.537181][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 958.543241][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 958.549371][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 958.554643][T19757] do_int80_syscall_32+0x1d/0x30 [ 958.559558][T19757] entry_INT80_compat+0x71/0x76 [ 958.564376][T19757] [ 958.566712][T19757] Uninit was stored to memory at: [ 958.571715][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 958.577424][T19757] __msan_chain_origin+0x50/0x90 [ 958.582339][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 958.587431][T19757] get_compat_msghdr+0x108/0x2b0 [ 958.592343][T19757] do_recvmmsg+0xdba/0x22c0 [ 958.596822][T19757] __sys_recvmmsg+0x5dd/0x610 [ 958.601478][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 958.607527][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 958.613658][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 958.618917][T19757] do_int80_syscall_32+0x1d/0x30 [ 958.623829][T19757] entry_INT80_compat+0x71/0x76 [ 958.628643][T19757] [ 958.630951][T19757] Uninit was stored to memory at: [ 958.635953][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 958.641651][T19757] __msan_chain_origin+0x50/0x90 [ 958.646566][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 958.651650][T19757] get_compat_msghdr+0x108/0x2b0 [ 958.656560][T19757] do_recvmmsg+0xdba/0x22c0 [ 958.661045][T19757] __sys_recvmmsg+0x5dd/0x610 [ 958.665699][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 958.671738][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 958.677881][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 958.683183][T19757] do_int80_syscall_32+0x1d/0x30 [ 958.688091][T19757] entry_INT80_compat+0x71/0x76 [ 958.692908][T19757] [ 958.695208][T19757] Uninit was stored to memory at: [ 958.700300][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 958.706099][T19757] __msan_chain_origin+0x50/0x90 [ 958.711015][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 958.716108][T19757] get_compat_msghdr+0x108/0x2b0 [ 958.721050][T19757] do_recvmmsg+0xdba/0x22c0 [ 958.725615][T19757] __sys_recvmmsg+0x5dd/0x610 [ 958.730270][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 958.736314][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 958.742444][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 958.747705][T19757] do_int80_syscall_32+0x1d/0x30 [ 958.752617][T19757] entry_INT80_compat+0x71/0x76 [ 958.757434][T19757] [ 958.759734][T19757] Uninit was stored to memory at: [ 958.764739][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 958.770458][T19757] __msan_chain_origin+0x50/0x90 [ 958.775373][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 958.780466][T19757] get_compat_msghdr+0x108/0x2b0 [ 958.785381][T19757] do_recvmmsg+0xdba/0x22c0 [ 958.789855][T19757] __sys_recvmmsg+0x5dd/0x610 [ 958.794593][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 958.800633][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 958.806761][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 958.812056][T19757] do_int80_syscall_32+0x1d/0x30 [ 958.816969][T19757] entry_INT80_compat+0x71/0x76 [ 958.821819][T19757] [ 958.824122][T19757] Uninit was stored to memory at: [ 958.829237][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 958.834933][T19757] __msan_chain_origin+0x50/0x90 [ 958.839863][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 958.844953][T19757] get_compat_msghdr+0x108/0x2b0 [ 958.849888][T19757] do_recvmmsg+0xdba/0x22c0 [ 958.854380][T19757] __sys_recvmmsg+0x5dd/0x610 [ 958.859074][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 958.865121][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 958.871263][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 958.876667][T19757] do_int80_syscall_32+0x1d/0x30 [ 958.881591][T19757] entry_INT80_compat+0x71/0x76 [ 958.886500][T19757] [ 958.888804][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 958.895460][T19757] do_recvmmsg+0xc2/0x22c0 [ 958.899850][T19757] do_recvmmsg+0xc2/0x22c0 [ 959.112414][T19757] not chained 430000 origins [ 959.117127][T19757] CPU: 0 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 959.125905][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 959.135962][T19757] Call Trace: [ 959.139264][T19757] dump_stack+0x21c/0x280 [ 959.143861][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 959.149594][T19757] ? kmsan_get_metadata+0x116/0x180 [ 959.154814][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 959.160625][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 959.166693][T19757] ? kmsan_get_metadata+0x116/0x180 [ 959.172082][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 959.177632][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 959.183708][T19757] ? _copy_from_user+0x221/0x330 [ 959.188651][T19757] ? kmsan_get_metadata+0x116/0x180 [ 959.193940][T19757] __msan_chain_origin+0x50/0x90 [ 959.198885][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 959.204020][T19757] get_compat_msghdr+0x108/0x2b0 [ 959.209060][T19757] do_recvmmsg+0xdba/0x22c0 [ 959.213568][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 959.219748][T19757] ? kmsan_get_metadata+0x116/0x180 [ 959.224937][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 959.230549][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 959.235815][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 959.240615][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 959.245369][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 959.251669][T19757] __sys_recvmmsg+0x5dd/0x610 [ 959.256332][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 959.262380][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 959.268532][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 959.273798][T19757] do_int80_syscall_32+0x1d/0x30 [ 959.278709][T19757] entry_INT80_compat+0x71/0x76 [ 959.283535][T19757] RIP: 0023:0xf7f85549 [ 959.287599][T19757] Code: Bad RIP value. [ 959.291639][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 959.300026][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 959.307975][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 959.316017][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 959.323978][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 959.332070][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 959.340023][T19757] Uninit was stored to memory at: [ 959.345028][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 959.350723][T19757] __msan_chain_origin+0x50/0x90 [ 959.355633][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 959.360759][T19757] get_compat_msghdr+0x108/0x2b0 [ 959.365680][T19757] do_recvmmsg+0xdba/0x22c0 [ 959.370164][T19757] __sys_recvmmsg+0x5dd/0x610 [ 959.374816][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 959.380859][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 959.386989][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 959.392255][T19757] do_int80_syscall_32+0x1d/0x30 [ 959.397197][T19757] entry_INT80_compat+0x71/0x76 [ 959.402137][T19757] [ 959.404437][T19757] Uninit was stored to memory at: [ 959.409438][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 959.415133][T19757] __msan_chain_origin+0x50/0x90 [ 959.420047][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 959.425137][T19757] get_compat_msghdr+0x108/0x2b0 [ 959.430047][T19757] do_recvmmsg+0xdba/0x22c0 [ 959.434629][T19757] __sys_recvmmsg+0x5dd/0x610 [ 959.439280][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 959.445326][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 959.451472][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 959.456734][T19757] do_int80_syscall_32+0x1d/0x30 [ 959.461655][T19757] entry_INT80_compat+0x71/0x76 [ 959.466490][T19757] [ 959.468794][T19757] Uninit was stored to memory at: [ 959.473796][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 959.479595][T19757] __msan_chain_origin+0x50/0x90 [ 959.484507][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 959.489600][T19757] get_compat_msghdr+0x108/0x2b0 [ 959.494507][T19757] do_recvmmsg+0xdba/0x22c0 [ 959.498984][T19757] __sys_recvmmsg+0x5dd/0x610 [ 959.503639][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 959.509767][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 959.515982][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 959.521246][T19757] do_int80_syscall_32+0x1d/0x30 [ 959.526157][T19757] entry_INT80_compat+0x71/0x76 [ 959.531002][T19757] [ 959.533304][T19757] Uninit was stored to memory at: [ 959.538303][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 959.543999][T19757] __msan_chain_origin+0x50/0x90 [ 959.548917][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 959.554002][T19757] get_compat_msghdr+0x108/0x2b0 [ 959.558949][T19757] do_recvmmsg+0xdba/0x22c0 [ 959.563428][T19757] __sys_recvmmsg+0x5dd/0x610 [ 959.568093][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 959.574132][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 959.580276][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 959.585538][T19757] do_int80_syscall_32+0x1d/0x30 [ 959.590450][T19757] entry_INT80_compat+0x71/0x76 [ 959.595268][T19757] [ 959.597571][T19757] Uninit was stored to memory at: [ 959.602573][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 959.608291][T19757] __msan_chain_origin+0x50/0x90 [ 959.613206][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 959.618296][T19757] get_compat_msghdr+0x108/0x2b0 [ 959.623208][T19757] do_recvmmsg+0xdba/0x22c0 [ 959.627684][T19757] __sys_recvmmsg+0x5dd/0x610 [ 959.632337][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 959.638381][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 959.644513][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 959.649770][T19757] do_int80_syscall_32+0x1d/0x30 [ 959.654807][T19757] entry_INT80_compat+0x71/0x76 [ 959.659622][T19757] [ 959.661921][T19757] Uninit was stored to memory at: [ 959.666919][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 959.672697][T19757] __msan_chain_origin+0x50/0x90 [ 959.677608][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 959.682799][T19757] get_compat_msghdr+0x108/0x2b0 [ 959.687711][T19757] do_recvmmsg+0xdba/0x22c0 [ 959.692188][T19757] __sys_recvmmsg+0x5dd/0x610 [ 959.696841][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 959.702881][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 959.709015][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 959.714400][T19757] do_int80_syscall_32+0x1d/0x30 [ 959.719446][T19757] entry_INT80_compat+0x71/0x76 [ 959.724263][T19757] [ 959.726582][T19757] Uninit was stored to memory at: [ 959.731594][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 959.737295][T19757] __msan_chain_origin+0x50/0x90 [ 959.742222][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 959.747504][T19757] get_compat_msghdr+0x108/0x2b0 [ 959.752437][T19757] do_recvmmsg+0xdba/0x22c0 [ 959.756916][T19757] __sys_recvmmsg+0x5dd/0x610 [ 959.761570][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 959.767609][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 959.773736][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 959.779006][T19757] do_int80_syscall_32+0x1d/0x30 [ 959.783918][T19757] entry_INT80_compat+0x71/0x76 [ 959.788735][T19757] [ 959.791043][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 959.797688][T19757] do_recvmmsg+0xc2/0x22c0 [ 959.802082][T19757] do_recvmmsg+0xc2/0x22c0 [ 959.974500][T19757] not chained 440000 origins [ 959.979216][T19757] CPU: 0 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 959.987888][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 959.997952][T19757] Call Trace: [ 960.001256][T19757] dump_stack+0x21c/0x280 [ 960.005599][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 960.011337][T19757] ? kmsan_get_metadata+0x116/0x180 [ 960.016541][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 960.022354][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 960.028437][T19757] ? kmsan_get_metadata+0x116/0x180 [ 960.033829][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 960.039393][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 960.045470][T19757] ? _copy_from_user+0x221/0x330 [ 960.050414][T19757] ? kmsan_get_metadata+0x116/0x180 [ 960.055624][T19757] __msan_chain_origin+0x50/0x90 [ 960.060571][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 960.065705][T19757] get_compat_msghdr+0x108/0x2b0 [ 960.070659][T19757] do_recvmmsg+0xdba/0x22c0 [ 960.075170][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 960.081359][T19757] ? kmsan_get_metadata+0x116/0x180 [ 960.086560][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 960.092201][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 960.097520][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 960.102286][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 960.107059][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 960.113142][T19757] __sys_recvmmsg+0x5dd/0x610 [ 960.117939][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 960.124021][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 960.130181][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 960.135473][T19757] do_int80_syscall_32+0x1d/0x30 [ 960.140391][T19757] entry_INT80_compat+0x71/0x76 [ 960.145215][T19757] RIP: 0023:0xf7f85549 [ 960.149253][T19757] Code: Bad RIP value. [ 960.153293][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 960.161677][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 960.169623][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 960.177571][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 960.185516][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 960.193463][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 960.201414][T19757] Uninit was stored to memory at: [ 960.206416][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 960.212118][T19757] __msan_chain_origin+0x50/0x90 [ 960.217048][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 960.222133][T19757] get_compat_msghdr+0x108/0x2b0 [ 960.227046][T19757] do_recvmmsg+0xdba/0x22c0 [ 960.231522][T19757] __sys_recvmmsg+0x5dd/0x610 [ 960.236174][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 960.242219][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 960.248351][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 960.253622][T19757] do_int80_syscall_32+0x1d/0x30 [ 960.258535][T19757] entry_INT80_compat+0x71/0x76 [ 960.263367][T19757] [ 960.265685][T19757] Uninit was stored to memory at: [ 960.270698][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 960.276392][T19757] __msan_chain_origin+0x50/0x90 [ 960.281309][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 960.286397][T19757] get_compat_msghdr+0x108/0x2b0 [ 960.291306][T19757] do_recvmmsg+0xdba/0x22c0 [ 960.295803][T19757] __sys_recvmmsg+0x5dd/0x610 [ 960.300655][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 960.306714][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 960.312886][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 960.318149][T19757] do_int80_syscall_32+0x1d/0x30 [ 960.323203][T19757] entry_INT80_compat+0x71/0x76 [ 960.328034][T19757] [ 960.330427][T19757] Uninit was stored to memory at: [ 960.335518][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 960.341213][T19757] __msan_chain_origin+0x50/0x90 [ 960.346130][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 960.351232][T19757] get_compat_msghdr+0x108/0x2b0 [ 960.356154][T19757] do_recvmmsg+0xdba/0x22c0 [ 960.360721][T19757] __sys_recvmmsg+0x5dd/0x610 [ 960.365376][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 960.371439][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 960.377580][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 960.382956][T19757] do_int80_syscall_32+0x1d/0x30 [ 960.387871][T19757] entry_INT80_compat+0x71/0x76 [ 960.392688][T19757] [ 960.394986][T19757] Uninit was stored to memory at: [ 960.399986][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 960.405683][T19757] __msan_chain_origin+0x50/0x90 [ 960.410602][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 960.415729][T19757] get_compat_msghdr+0x108/0x2b0 [ 960.420644][T19757] do_recvmmsg+0xdba/0x22c0 [ 960.425121][T19757] __sys_recvmmsg+0x5dd/0x610 [ 960.429773][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 960.435816][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 960.441945][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 960.447208][T19757] do_int80_syscall_32+0x1d/0x30 [ 960.452122][T19757] entry_INT80_compat+0x71/0x76 [ 960.457045][T19757] [ 960.459346][T19757] Uninit was stored to memory at: [ 960.464346][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 960.470066][T19757] __msan_chain_origin+0x50/0x90 [ 960.475111][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 960.480287][T19757] get_compat_msghdr+0x108/0x2b0 [ 960.485203][T19757] do_recvmmsg+0xdba/0x22c0 [ 960.489684][T19757] __sys_recvmmsg+0x5dd/0x610 [ 960.494341][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 960.500406][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 960.506549][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 960.511899][T19757] do_int80_syscall_32+0x1d/0x30 [ 960.516811][T19757] entry_INT80_compat+0x71/0x76 [ 960.521631][T19757] [ 960.523933][T19757] Uninit was stored to memory at: [ 960.528954][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 960.534647][T19757] __msan_chain_origin+0x50/0x90 [ 960.539564][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 960.544648][T19757] get_compat_msghdr+0x108/0x2b0 [ 960.549570][T19757] do_recvmmsg+0xdba/0x22c0 [ 960.554048][T19757] __sys_recvmmsg+0x5dd/0x610 [ 960.558711][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 960.564754][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 960.570886][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 960.576144][T19757] do_int80_syscall_32+0x1d/0x30 [ 960.581057][T19757] entry_INT80_compat+0x71/0x76 [ 960.585900][T19757] [ 960.588202][T19757] Uninit was stored to memory at: [ 960.593288][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 960.598996][T19757] __msan_chain_origin+0x50/0x90 [ 960.603913][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 960.609027][T19757] get_compat_msghdr+0x108/0x2b0 [ 960.613943][T19757] do_recvmmsg+0xdba/0x22c0 [ 960.618422][T19757] __sys_recvmmsg+0x5dd/0x610 [ 960.623075][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 960.629120][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 960.635253][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 960.640552][T19757] do_int80_syscall_32+0x1d/0x30 [ 960.645469][T19757] entry_INT80_compat+0x71/0x76 [ 960.650394][T19757] [ 960.652702][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 960.659355][T19757] do_recvmmsg+0xc2/0x22c0 [ 960.663745][T19757] do_recvmmsg+0xc2/0x22c0 [ 960.847816][T19757] not chained 450000 origins [ 960.852546][T19757] CPU: 0 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 960.861220][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 960.871268][T19757] Call Trace: [ 960.874586][T19757] dump_stack+0x21c/0x280 [ 960.878935][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 960.884676][T19757] ? kmsan_get_metadata+0x116/0x180 [ 960.889893][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 960.895702][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 960.901773][T19757] ? kmsan_get_metadata+0x116/0x180 [ 960.906978][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 960.912573][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 960.918665][T19757] ? _copy_from_user+0x221/0x330 [ 960.923695][T19757] ? kmsan_get_metadata+0x116/0x180 [ 960.928882][T19757] __msan_chain_origin+0x50/0x90 [ 960.933799][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 960.938906][T19757] get_compat_msghdr+0x108/0x2b0 [ 960.943882][T19757] do_recvmmsg+0xdba/0x22c0 [ 960.948376][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 960.954519][T19757] ? kmsan_get_metadata+0x116/0x180 [ 960.959691][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 960.965306][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 960.970570][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 960.975309][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 960.980062][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 960.986120][T19757] __sys_recvmmsg+0x5dd/0x610 [ 960.990846][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 960.997025][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 961.003162][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 961.008468][T19757] do_int80_syscall_32+0x1d/0x30 [ 961.013430][T19757] entry_INT80_compat+0x71/0x76 [ 961.018276][T19757] RIP: 0023:0xf7f85549 [ 961.022334][T19757] Code: Bad RIP value. [ 961.026373][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 961.034760][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 961.042716][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 961.050683][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 961.058646][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 961.066593][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 961.074575][T19757] Uninit was stored to memory at: [ 961.079578][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 961.085369][T19757] __msan_chain_origin+0x50/0x90 [ 961.090285][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 961.095372][T19757] get_compat_msghdr+0x108/0x2b0 [ 961.100286][T19757] do_recvmmsg+0xdba/0x22c0 [ 961.104787][T19757] __sys_recvmmsg+0x5dd/0x610 [ 961.109449][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 961.115494][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 961.121630][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 961.126894][T19757] do_int80_syscall_32+0x1d/0x30 [ 961.131812][T19757] entry_INT80_compat+0x71/0x76 [ 961.136719][T19757] [ 961.139020][T19757] Uninit was stored to memory at: [ 961.144022][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 961.149824][T19757] __msan_chain_origin+0x50/0x90 [ 961.154742][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 961.159833][T19757] get_compat_msghdr+0x108/0x2b0 [ 961.164784][T19757] do_recvmmsg+0xdba/0x22c0 [ 961.169275][T19757] __sys_recvmmsg+0x5dd/0x610 [ 961.173929][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 961.179969][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 961.186128][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 961.191402][T19757] do_int80_syscall_32+0x1d/0x30 [ 961.196323][T19757] entry_INT80_compat+0x71/0x76 [ 961.201143][T19757] [ 961.203444][T19757] Uninit was stored to memory at: [ 961.208442][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 961.214135][T19757] __msan_chain_origin+0x50/0x90 [ 961.219050][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 961.224162][T19757] get_compat_msghdr+0x108/0x2b0 [ 961.229074][T19757] do_recvmmsg+0xdba/0x22c0 [ 961.233553][T19757] __sys_recvmmsg+0x5dd/0x610 [ 961.238204][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 961.244247][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 961.250378][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 961.255839][T19757] do_int80_syscall_32+0x1d/0x30 [ 961.260754][T19757] entry_INT80_compat+0x71/0x76 [ 961.265679][T19757] [ 961.267979][T19757] Uninit was stored to memory at: [ 961.272993][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 961.278696][T19757] __msan_chain_origin+0x50/0x90 [ 961.283614][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 961.288749][T19757] get_compat_msghdr+0x108/0x2b0 [ 961.293664][T19757] do_recvmmsg+0xdba/0x22c0 [ 961.298142][T19757] __sys_recvmmsg+0x5dd/0x610 [ 961.302796][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 961.308849][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 961.314982][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 961.320246][T19757] do_int80_syscall_32+0x1d/0x30 [ 961.325177][T19757] entry_INT80_compat+0x71/0x76 [ 961.329999][T19757] [ 961.332315][T19757] Uninit was stored to memory at: [ 961.337320][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 961.343016][T19757] __msan_chain_origin+0x50/0x90 [ 961.347931][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 961.353019][T19757] get_compat_msghdr+0x108/0x2b0 [ 961.357931][T19757] do_recvmmsg+0xdba/0x22c0 [ 961.362407][T19757] __sys_recvmmsg+0x5dd/0x610 [ 961.367061][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 961.373103][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 961.379233][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 961.384510][T19757] do_int80_syscall_32+0x1d/0x30 [ 961.389420][T19757] entry_INT80_compat+0x71/0x76 [ 961.394254][T19757] [ 961.396561][T19757] Uninit was stored to memory at: [ 961.401562][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 961.407258][T19757] __msan_chain_origin+0x50/0x90 [ 961.412173][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 961.417266][T19757] get_compat_msghdr+0x108/0x2b0 [ 961.422178][T19757] do_recvmmsg+0xdba/0x22c0 [ 961.426681][T19757] __sys_recvmmsg+0x5dd/0x610 [ 961.431333][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 961.437375][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 961.443508][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 961.448769][T19757] do_int80_syscall_32+0x1d/0x30 [ 961.453682][T19757] entry_INT80_compat+0x71/0x76 [ 961.458500][T19757] [ 961.460804][T19757] Uninit was stored to memory at: [ 961.465807][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 961.471528][T19757] __msan_chain_origin+0x50/0x90 [ 961.476458][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 961.481541][T19757] get_compat_msghdr+0x108/0x2b0 [ 961.486454][T19757] do_recvmmsg+0xdba/0x22c0 [ 961.490933][T19757] __sys_recvmmsg+0x5dd/0x610 [ 961.495585][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 961.501627][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 961.507765][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 961.513026][T19757] do_int80_syscall_32+0x1d/0x30 [ 961.517938][T19757] entry_INT80_compat+0x71/0x76 [ 961.522758][T19757] [ 961.525079][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 961.531728][T19757] do_recvmmsg+0xc2/0x22c0 [ 961.536122][T19757] do_recvmmsg+0xc2/0x22c0 [ 961.732347][T19757] not chained 460000 origins [ 961.737064][T19757] CPU: 0 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 961.745819][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 961.755870][T19757] Call Trace: [ 961.759165][T19757] dump_stack+0x21c/0x280 [ 961.763539][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 961.769273][T19757] ? kmsan_get_metadata+0x116/0x180 [ 961.774475][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 961.780315][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 961.786384][T19757] ? kmsan_get_metadata+0x116/0x180 [ 961.791587][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 961.797139][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 961.803216][T19757] ? _copy_from_user+0x221/0x330 [ 961.808160][T19757] ? kmsan_get_metadata+0x116/0x180 [ 961.813377][T19757] __msan_chain_origin+0x50/0x90 [ 961.818319][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 961.823453][T19757] get_compat_msghdr+0x108/0x2b0 [ 961.828404][T19757] do_recvmmsg+0xdba/0x22c0 [ 961.832917][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 961.839094][T19757] ? kmsan_get_metadata+0x116/0x180 [ 961.844386][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 961.850037][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 961.855433][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 961.860203][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 961.865100][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 961.871158][T19757] __sys_recvmmsg+0x5dd/0x610 [ 961.875869][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 961.881918][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 961.888072][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 961.893363][T19757] do_int80_syscall_32+0x1d/0x30 [ 961.898278][T19757] entry_INT80_compat+0x71/0x76 [ 961.903102][T19757] RIP: 0023:0xf7f85549 [ 961.907156][T19757] Code: Bad RIP value. [ 961.911199][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 961.919585][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 961.927532][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 961.935482][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 961.943430][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 961.951378][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 961.959329][T19757] Uninit was stored to memory at: [ 961.964331][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 961.970028][T19757] __msan_chain_origin+0x50/0x90 [ 961.974958][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 961.980048][T19757] get_compat_msghdr+0x108/0x2b0 [ 961.984961][T19757] do_recvmmsg+0xdba/0x22c0 [ 961.989453][T19757] __sys_recvmmsg+0x5dd/0x610 [ 961.994111][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 962.000198][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 962.006333][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 962.011601][T19757] do_int80_syscall_32+0x1d/0x30 [ 962.016516][T19757] entry_INT80_compat+0x71/0x76 [ 962.021334][T19757] [ 962.023636][T19757] Uninit was stored to memory at: [ 962.028637][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 962.034346][T19757] __msan_chain_origin+0x50/0x90 [ 962.039260][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 962.044348][T19757] get_compat_msghdr+0x108/0x2b0 [ 962.049257][T19757] do_recvmmsg+0xdba/0x22c0 [ 962.053734][T19757] __sys_recvmmsg+0x5dd/0x610 [ 962.058387][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 962.064430][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 962.070560][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 962.076131][T19757] do_int80_syscall_32+0x1d/0x30 [ 962.081061][T19757] entry_INT80_compat+0x71/0x76 [ 962.085879][T19757] [ 962.088195][T19757] Uninit was stored to memory at: [ 962.093195][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 962.098889][T19757] __msan_chain_origin+0x50/0x90 [ 962.103818][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 962.108911][T19757] get_compat_msghdr+0x108/0x2b0 [ 962.113826][T19757] do_recvmmsg+0xdba/0x22c0 [ 962.118305][T19757] __sys_recvmmsg+0x5dd/0x610 [ 962.124101][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 962.130141][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 962.136385][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 962.141658][T19757] do_int80_syscall_32+0x1d/0x30 [ 962.146570][T19757] entry_INT80_compat+0x71/0x76 [ 962.151388][T19757] [ 962.153694][T19757] Uninit was stored to memory at: [ 962.158696][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 962.164386][T19757] __msan_chain_origin+0x50/0x90 [ 962.169298][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 962.174469][T19757] get_compat_msghdr+0x108/0x2b0 [ 962.179381][T19757] do_recvmmsg+0xdba/0x22c0 [ 962.183871][T19757] __sys_recvmmsg+0x5dd/0x610 [ 962.188524][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 962.194565][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 962.200695][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 962.205958][T19757] do_int80_syscall_32+0x1d/0x30 [ 962.210870][T19757] entry_INT80_compat+0x71/0x76 [ 962.215691][T19757] [ 962.217994][T19757] Uninit was stored to memory at: [ 962.222995][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 962.228689][T19757] __msan_chain_origin+0x50/0x90 [ 962.233614][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 962.238701][T19757] get_compat_msghdr+0x108/0x2b0 [ 962.243625][T19757] do_recvmmsg+0xdba/0x22c0 [ 962.248105][T19757] __sys_recvmmsg+0x5dd/0x610 [ 962.252760][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 962.258798][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 962.264925][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 962.270188][T19757] do_int80_syscall_32+0x1d/0x30 [ 962.275118][T19757] entry_INT80_compat+0x71/0x76 [ 962.279940][T19757] [ 962.282257][T19757] Uninit was stored to memory at: [ 962.287258][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 962.292964][T19757] __msan_chain_origin+0x50/0x90 [ 962.297880][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 962.302965][T19757] get_compat_msghdr+0x108/0x2b0 [ 962.307901][T19757] do_recvmmsg+0xdba/0x22c0 [ 962.312379][T19757] __sys_recvmmsg+0x5dd/0x610 [ 962.317039][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 962.323170][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 962.329301][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 962.334592][T19757] do_int80_syscall_32+0x1d/0x30 [ 962.339502][T19757] entry_INT80_compat+0x71/0x76 [ 962.344319][T19757] [ 962.346654][T19757] Uninit was stored to memory at: [ 962.351657][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 962.357356][T19757] __msan_chain_origin+0x50/0x90 [ 962.362269][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 962.367369][T19757] get_compat_msghdr+0x108/0x2b0 [ 962.372286][T19757] do_recvmmsg+0xdba/0x22c0 [ 962.376777][T19757] __sys_recvmmsg+0x5dd/0x610 [ 962.381427][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 962.387467][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 962.393596][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 962.398889][T19757] do_int80_syscall_32+0x1d/0x30 [ 962.403843][T19757] entry_INT80_compat+0x71/0x76 [ 962.408660][T19757] [ 962.410961][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 962.417608][T19757] do_recvmmsg+0xc2/0x22c0 [ 962.422030][T19757] do_recvmmsg+0xc2/0x22c0 [ 962.630190][T19757] not chained 470000 origins [ 962.634844][T19757] CPU: 0 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 962.643509][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 962.653573][T19757] Call Trace: [ 962.656871][T19757] dump_stack+0x21c/0x280 [ 962.661323][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 962.667071][T19757] ? kmsan_get_metadata+0x116/0x180 [ 962.672284][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 962.678096][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 962.684170][T19757] ? kmsan_get_metadata+0x116/0x180 [ 962.689375][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 962.694927][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 962.701015][T19757] ? _copy_from_user+0x221/0x330 [ 962.705928][T19757] ? kmsan_get_metadata+0x116/0x180 [ 962.711104][T19757] __msan_chain_origin+0x50/0x90 [ 962.716053][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 962.721148][T19757] get_compat_msghdr+0x108/0x2b0 [ 962.726064][T19757] do_recvmmsg+0xdba/0x22c0 [ 962.730545][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 962.736685][T19757] ? kmsan_get_metadata+0x116/0x180 [ 962.741872][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 962.747479][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 962.752756][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 962.757489][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 962.762229][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 962.768275][T19757] __sys_recvmmsg+0x5dd/0x610 [ 962.772933][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 962.779011][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 962.785143][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 962.790409][T19757] do_int80_syscall_32+0x1d/0x30 [ 962.795333][T19757] entry_INT80_compat+0x71/0x76 [ 962.800164][T19757] RIP: 0023:0xf7f85549 [ 962.804210][T19757] Code: Bad RIP value. [ 962.808246][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 962.816629][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 962.824578][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 962.832524][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 962.840469][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 962.848416][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 962.856370][T19757] Uninit was stored to memory at: [ 962.861376][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 962.867070][T19757] __msan_chain_origin+0x50/0x90 [ 962.871983][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 962.877066][T19757] get_compat_msghdr+0x108/0x2b0 [ 962.881976][T19757] do_recvmmsg+0xdba/0x22c0 [ 962.886453][T19757] __sys_recvmmsg+0x5dd/0x610 [ 962.891104][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 962.897139][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 962.903294][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 962.908561][T19757] do_int80_syscall_32+0x1d/0x30 [ 962.913474][T19757] entry_INT80_compat+0x71/0x76 [ 962.918289][T19757] [ 962.920589][T19757] Uninit was stored to memory at: [ 962.925596][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 962.931287][T19757] __msan_chain_origin+0x50/0x90 [ 962.936221][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 962.941312][T19757] get_compat_msghdr+0x108/0x2b0 [ 962.946221][T19757] do_recvmmsg+0xdba/0x22c0 [ 962.950714][T19757] __sys_recvmmsg+0x5dd/0x610 [ 962.955364][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 962.961418][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 962.967548][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 962.972815][T19757] do_int80_syscall_32+0x1d/0x30 [ 962.977743][T19757] entry_INT80_compat+0x71/0x76 [ 962.982559][T19757] [ 962.984862][T19757] Uninit was stored to memory at: [ 962.989888][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 962.995594][T19757] __msan_chain_origin+0x50/0x90 [ 963.000508][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 963.005593][T19757] get_compat_msghdr+0x108/0x2b0 [ 963.010506][T19757] do_recvmmsg+0xdba/0x22c0 [ 963.015001][T19757] __sys_recvmmsg+0x5dd/0x610 [ 963.019668][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 963.025710][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 963.031838][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 963.037099][T19757] do_int80_syscall_32+0x1d/0x30 [ 963.042027][T19757] entry_INT80_compat+0x71/0x76 [ 963.046844][T19757] [ 963.049144][T19757] Uninit was stored to memory at: [ 963.054143][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 963.059834][T19757] __msan_chain_origin+0x50/0x90 [ 963.064758][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 963.069846][T19757] get_compat_msghdr+0x108/0x2b0 [ 963.074808][T19757] do_recvmmsg+0xdba/0x22c0 [ 963.079305][T19757] __sys_recvmmsg+0x5dd/0x610 [ 963.083973][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 963.090015][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 963.096142][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 963.101404][T19757] do_int80_syscall_32+0x1d/0x30 [ 963.106317][T19757] entry_INT80_compat+0x71/0x76 [ 963.111133][T19757] [ 963.113433][T19757] Uninit was stored to memory at: [ 963.118462][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 963.124155][T19757] __msan_chain_origin+0x50/0x90 [ 963.129068][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 963.134153][T19757] get_compat_msghdr+0x108/0x2b0 [ 963.139060][T19757] do_recvmmsg+0xdba/0x22c0 [ 963.143672][T19757] __sys_recvmmsg+0x5dd/0x610 [ 963.148327][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 963.154367][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 963.160494][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 963.165750][T19757] do_int80_syscall_32+0x1d/0x30 [ 963.170662][T19757] entry_INT80_compat+0x71/0x76 [ 963.175478][T19757] [ 963.177778][T19757] Uninit was stored to memory at: [ 963.182778][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 963.188477][T19757] __msan_chain_origin+0x50/0x90 [ 963.193391][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 963.198476][T19757] get_compat_msghdr+0x108/0x2b0 [ 963.203389][T19757] do_recvmmsg+0xdba/0x22c0 [ 963.207864][T19757] __sys_recvmmsg+0x5dd/0x610 [ 963.212514][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 963.218555][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 963.224687][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 963.229957][T19757] do_int80_syscall_32+0x1d/0x30 [ 963.234871][T19757] entry_INT80_compat+0x71/0x76 [ 963.239685][T19757] [ 963.241993][T19757] Uninit was stored to memory at: [ 963.246992][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 963.252688][T19757] __msan_chain_origin+0x50/0x90 [ 963.257605][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 963.262689][T19757] get_compat_msghdr+0x108/0x2b0 [ 963.267613][T19757] do_recvmmsg+0xdba/0x22c0 [ 963.272090][T19757] __sys_recvmmsg+0x5dd/0x610 [ 963.276744][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 963.282785][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 963.288910][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 963.294199][T19757] do_int80_syscall_32+0x1d/0x30 [ 963.299110][T19757] entry_INT80_compat+0x71/0x76 [ 963.303962][T19757] [ 963.306273][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 963.312927][T19757] do_recvmmsg+0xc2/0x22c0 [ 963.317315][T19757] do_recvmmsg+0xc2/0x22c0 [ 963.457517][T19757] not chained 480000 origins [ 963.462140][T19757] CPU: 0 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 963.470819][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 963.480864][T19757] Call Trace: [ 963.484168][T19757] dump_stack+0x21c/0x280 [ 963.488504][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 963.494240][T19757] ? kmsan_get_metadata+0x116/0x180 [ 963.499443][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 963.505253][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 963.511320][T19757] ? kmsan_get_metadata+0x116/0x180 [ 963.516537][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 963.522089][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 963.528168][T19757] ? _copy_from_user+0x221/0x330 [ 963.533110][T19757] ? kmsan_get_metadata+0x116/0x180 [ 963.538317][T19757] __msan_chain_origin+0x50/0x90 [ 963.543266][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 963.548394][T19757] get_compat_msghdr+0x108/0x2b0 [ 963.553345][T19757] do_recvmmsg+0xdba/0x22c0 [ 963.557849][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 963.564068][T19757] ? kmsan_get_metadata+0x116/0x180 [ 963.569269][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 963.574906][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 963.580192][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 963.584954][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 963.589719][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 963.595792][T19757] __sys_recvmmsg+0x5dd/0x610 [ 963.600488][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 963.606565][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 963.612724][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 963.618021][T19757] do_int80_syscall_32+0x1d/0x30 [ 963.622963][T19757] entry_INT80_compat+0x71/0x76 [ 963.627811][T19757] RIP: 0023:0xf7f85549 [ 963.631878][T19757] Code: Bad RIP value. [ 963.635939][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 963.644349][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 963.652308][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 963.660251][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 963.668194][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 963.676178][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 963.684132][T19757] Uninit was stored to memory at: [ 963.689144][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 963.694838][T19757] __msan_chain_origin+0x50/0x90 [ 963.699768][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 963.704855][T19757] get_compat_msghdr+0x108/0x2b0 [ 963.709765][T19757] do_recvmmsg+0xdba/0x22c0 [ 963.714242][T19757] __sys_recvmmsg+0x5dd/0x610 [ 963.718897][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 963.724938][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 963.731065][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 963.736325][T19757] do_int80_syscall_32+0x1d/0x30 [ 963.741250][T19757] entry_INT80_compat+0x71/0x76 [ 963.746065][T19757] [ 963.748418][T19757] Uninit was stored to memory at: [ 963.753415][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 963.759105][T19757] __msan_chain_origin+0x50/0x90 [ 963.764017][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 963.769232][T19757] get_compat_msghdr+0x108/0x2b0 [ 963.774142][T19757] do_recvmmsg+0xdba/0x22c0 [ 963.778620][T19757] __sys_recvmmsg+0x5dd/0x610 [ 963.783273][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 963.789312][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 963.795490][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 963.800751][T19757] do_int80_syscall_32+0x1d/0x30 [ 963.805693][T19757] entry_INT80_compat+0x71/0x76 [ 963.810524][T19757] [ 963.812826][T19757] Uninit was stored to memory at: [ 963.817843][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 963.823538][T19757] __msan_chain_origin+0x50/0x90 [ 963.828446][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 963.833529][T19757] get_compat_msghdr+0x108/0x2b0 [ 963.838440][T19757] do_recvmmsg+0xdba/0x22c0 [ 963.842918][T19757] __sys_recvmmsg+0x5dd/0x610 [ 963.847583][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 963.853675][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 963.859814][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 963.865074][T19757] do_int80_syscall_32+0x1d/0x30 [ 963.869986][T19757] entry_INT80_compat+0x71/0x76 [ 963.874800][T19757] [ 963.877098][T19757] Uninit was stored to memory at: [ 963.882096][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 963.887786][T19757] __msan_chain_origin+0x50/0x90 [ 963.892696][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 963.897778][T19757] get_compat_msghdr+0x108/0x2b0 [ 963.902705][T19757] do_recvmmsg+0xdba/0x22c0 [ 963.907199][T19757] __sys_recvmmsg+0x5dd/0x610 [ 963.911853][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 963.917891][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 963.924029][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 963.929300][T19757] do_int80_syscall_32+0x1d/0x30 [ 963.934208][T19757] entry_INT80_compat+0x71/0x76 [ 963.939023][T19757] [ 963.941324][T19757] Uninit was stored to memory at: [ 963.946327][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 963.952107][T19757] __msan_chain_origin+0x50/0x90 [ 963.957017][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 963.962100][T19757] get_compat_msghdr+0x108/0x2b0 [ 963.967020][T19757] do_recvmmsg+0xdba/0x22c0 [ 963.971496][T19757] __sys_recvmmsg+0x5dd/0x610 [ 963.976146][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 963.982187][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 963.988314][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 963.993574][T19757] do_int80_syscall_32+0x1d/0x30 [ 963.998500][T19757] entry_INT80_compat+0x71/0x76 [ 964.003318][T19757] [ 964.005638][T19757] Uninit was stored to memory at: [ 964.010640][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 964.016333][T19757] __msan_chain_origin+0x50/0x90 [ 964.021247][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 964.026331][T19757] get_compat_msghdr+0x108/0x2b0 [ 964.031244][T19757] do_recvmmsg+0xdba/0x22c0 [ 964.035720][T19757] __sys_recvmmsg+0x5dd/0x610 [ 964.040372][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 964.046414][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 964.052542][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 964.057801][T19757] do_int80_syscall_32+0x1d/0x30 [ 964.062716][T19757] entry_INT80_compat+0x71/0x76 [ 964.067533][T19757] [ 964.069835][T19757] Uninit was stored to memory at: [ 964.074845][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 964.080540][T19757] __msan_chain_origin+0x50/0x90 [ 964.085452][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 964.090536][T19757] get_compat_msghdr+0x108/0x2b0 [ 964.095444][T19757] do_recvmmsg+0xdba/0x22c0 [ 964.099919][T19757] __sys_recvmmsg+0x5dd/0x610 [ 964.104572][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 964.110615][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 964.116750][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 964.122018][T19757] do_int80_syscall_32+0x1d/0x30 [ 964.126927][T19757] entry_INT80_compat+0x71/0x76 [ 964.131777][T19757] [ 964.134092][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 964.140738][T19757] do_recvmmsg+0xc2/0x22c0 [ 964.145134][T19757] do_recvmmsg+0xc2/0x22c0 [ 964.344014][T19757] not chained 490000 origins [ 964.348650][T19757] CPU: 0 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 964.357327][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 964.367375][T19757] Call Trace: [ 964.370679][T19757] dump_stack+0x21c/0x280 [ 964.375018][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 964.380759][T19757] ? kmsan_get_metadata+0x116/0x180 [ 964.385961][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 964.391771][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 964.397841][T19757] ? kmsan_get_metadata+0x116/0x180 [ 964.403039][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 964.408564][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 964.414609][T19757] ? _copy_from_user+0x221/0x330 [ 964.419521][T19757] ? kmsan_get_metadata+0x116/0x180 [ 964.424698][T19757] __msan_chain_origin+0x50/0x90 [ 964.429633][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 964.434736][T19757] get_compat_msghdr+0x108/0x2b0 [ 964.439655][T19757] do_recvmmsg+0xdba/0x22c0 [ 964.444132][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 964.450272][T19757] ? kmsan_get_metadata+0x116/0x180 [ 964.455445][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 964.461051][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 964.466329][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 964.471067][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 964.475805][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 964.481847][T19757] __sys_recvmmsg+0x5dd/0x610 [ 964.486555][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 964.492603][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 964.498732][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 964.503999][T19757] do_int80_syscall_32+0x1d/0x30 [ 964.508912][T19757] entry_INT80_compat+0x71/0x76 [ 964.513920][T19757] RIP: 0023:0xf7f85549 [ 964.517959][T19757] Code: Bad RIP value. [ 964.522029][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 964.530449][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 964.538397][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 964.546342][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 964.554286][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 964.562228][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 964.570175][T19757] Uninit was stored to memory at: [ 964.575194][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 964.580888][T19757] __msan_chain_origin+0x50/0x90 [ 964.585800][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 964.590893][T19757] get_compat_msghdr+0x108/0x2b0 [ 964.595815][T19757] do_recvmmsg+0xdba/0x22c0 [ 964.600293][T19757] __sys_recvmmsg+0x5dd/0x610 [ 964.604947][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 964.611007][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 964.617134][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 964.622406][T19757] do_int80_syscall_32+0x1d/0x30 [ 964.627318][T19757] entry_INT80_compat+0x71/0x76 [ 964.632133][T19757] [ 964.634451][T19757] Uninit was stored to memory at: [ 964.639453][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 964.645168][T19757] __msan_chain_origin+0x50/0x90 [ 964.650080][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 964.655162][T19757] get_compat_msghdr+0x108/0x2b0 [ 964.660177][T19757] do_recvmmsg+0xdba/0x22c0 [ 964.664651][T19757] __sys_recvmmsg+0x5dd/0x610 [ 964.669306][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 964.675345][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 964.681478][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 964.686742][T19757] do_int80_syscall_32+0x1d/0x30 [ 964.691659][T19757] entry_INT80_compat+0x71/0x76 [ 964.696479][T19757] [ 964.698787][T19757] Uninit was stored to memory at: [ 964.703783][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 964.709477][T19757] __msan_chain_origin+0x50/0x90 [ 964.714386][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 964.719477][T19757] get_compat_msghdr+0x108/0x2b0 [ 964.724383][T19757] do_recvmmsg+0xdba/0x22c0 [ 964.728875][T19757] __sys_recvmmsg+0x5dd/0x610 [ 964.733532][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 964.739584][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 964.745716][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 964.750974][T19757] do_int80_syscall_32+0x1d/0x30 [ 964.755884][T19757] entry_INT80_compat+0x71/0x76 [ 964.760718][T19757] [ 964.763032][T19757] Uninit was stored to memory at: [ 964.768052][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 964.773776][T19757] __msan_chain_origin+0x50/0x90 [ 964.778691][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 964.783777][T19757] get_compat_msghdr+0x108/0x2b0 [ 964.788687][T19757] do_recvmmsg+0xdba/0x22c0 [ 964.793162][T19757] __sys_recvmmsg+0x5dd/0x610 [ 964.797810][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 964.803849][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 964.809976][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 964.815236][T19757] do_int80_syscall_32+0x1d/0x30 [ 964.820148][T19757] entry_INT80_compat+0x71/0x76 [ 964.824964][T19757] [ 964.827264][T19757] Uninit was stored to memory at: [ 964.832271][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 964.837962][T19757] __msan_chain_origin+0x50/0x90 [ 964.842876][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 964.847973][T19757] get_compat_msghdr+0x108/0x2b0 [ 964.852888][T19757] do_recvmmsg+0xdba/0x22c0 [ 964.857366][T19757] __sys_recvmmsg+0x5dd/0x610 [ 964.862019][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 964.868113][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 964.874248][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 964.879512][T19757] do_int80_syscall_32+0x1d/0x30 [ 964.884457][T19757] entry_INT80_compat+0x71/0x76 [ 964.889274][T19757] [ 964.891605][T19757] Uninit was stored to memory at: [ 964.896603][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 964.902298][T19757] __msan_chain_origin+0x50/0x90 [ 964.907221][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 964.912309][T19757] get_compat_msghdr+0x108/0x2b0 [ 964.917222][T19757] do_recvmmsg+0xdba/0x22c0 [ 964.921698][T19757] __sys_recvmmsg+0x5dd/0x610 [ 964.926373][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 964.932415][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 964.938541][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 964.943800][T19757] do_int80_syscall_32+0x1d/0x30 [ 964.948717][T19757] entry_INT80_compat+0x71/0x76 [ 964.953533][T19757] [ 964.955832][T19757] Uninit was stored to memory at: [ 964.960831][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 964.966525][T19757] __msan_chain_origin+0x50/0x90 [ 964.971439][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 964.976532][T19757] get_compat_msghdr+0x108/0x2b0 [ 964.981451][T19757] do_recvmmsg+0xdba/0x22c0 [ 964.985934][T19757] __sys_recvmmsg+0x5dd/0x610 [ 964.990587][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 964.996627][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 965.002757][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 965.008037][T19757] do_int80_syscall_32+0x1d/0x30 [ 965.012950][T19757] entry_INT80_compat+0x71/0x76 [ 965.017768][T19757] [ 965.020168][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 965.026812][T19757] do_recvmmsg+0xc2/0x22c0 [ 965.031213][T19757] do_recvmmsg+0xc2/0x22c0 [ 965.235043][T19757] not chained 500000 origins [ 965.239678][T19757] CPU: 0 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 965.248343][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 965.258389][T19757] Call Trace: [ 965.261691][T19757] dump_stack+0x21c/0x280 [ 965.266030][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 965.271783][T19757] ? kmsan_get_metadata+0x116/0x180 [ 965.276986][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 965.282799][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 965.288868][T19757] ? kmsan_get_metadata+0x116/0x180 [ 965.294070][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 965.299618][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 965.305799][T19757] ? _copy_from_user+0x221/0x330 [ 965.310747][T19757] ? kmsan_get_metadata+0x116/0x180 [ 965.315954][T19757] __msan_chain_origin+0x50/0x90 [ 965.320900][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 965.326030][T19757] get_compat_msghdr+0x108/0x2b0 [ 965.330973][T19757] do_recvmmsg+0xdba/0x22c0 [ 965.335481][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 965.341688][T19757] ? kmsan_get_metadata+0x116/0x180 [ 965.346889][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 965.352526][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 965.357815][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 965.362580][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 965.367350][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 965.373414][T19757] __sys_recvmmsg+0x5dd/0x610 [ 965.378104][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 965.384193][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 965.390355][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 965.395694][T19757] do_int80_syscall_32+0x1d/0x30 [ 965.400648][T19757] entry_INT80_compat+0x71/0x76 [ 965.405472][T19757] RIP: 0023:0xf7f85549 [ 965.409508][T19757] Code: Bad RIP value. [ 965.413547][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 965.421932][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 965.429889][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 965.437835][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 965.445812][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 965.453772][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 965.461723][T19757] Uninit was stored to memory at: [ 965.466726][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 965.472423][T19757] __msan_chain_origin+0x50/0x90 [ 965.477336][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 965.482423][T19757] get_compat_msghdr+0x108/0x2b0 [ 965.487335][T19757] do_recvmmsg+0xdba/0x22c0 [ 965.491830][T19757] __sys_recvmmsg+0x5dd/0x610 [ 965.496524][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 965.502597][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 965.508725][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 965.514018][T19757] do_int80_syscall_32+0x1d/0x30 [ 965.518930][T19757] entry_INT80_compat+0x71/0x76 [ 965.523796][T19757] [ 965.526095][T19757] Uninit was stored to memory at: [ 965.531239][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 965.536951][T19757] __msan_chain_origin+0x50/0x90 [ 965.541886][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 965.546972][T19757] get_compat_msghdr+0x108/0x2b0 [ 965.551897][T19757] do_recvmmsg+0xdba/0x22c0 [ 965.556386][T19757] __sys_recvmmsg+0x5dd/0x610 [ 965.561042][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 965.567080][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 965.573208][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 965.578466][T19757] do_int80_syscall_32+0x1d/0x30 [ 965.583376][T19757] entry_INT80_compat+0x71/0x76 [ 965.588197][T19757] [ 965.590497][T19757] Uninit was stored to memory at: [ 965.595496][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 965.601191][T19757] __msan_chain_origin+0x50/0x90 [ 965.606102][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 965.611187][T19757] get_compat_msghdr+0x108/0x2b0 [ 965.616098][T19757] do_recvmmsg+0xdba/0x22c0 [ 965.620585][T19757] __sys_recvmmsg+0x5dd/0x610 [ 965.625235][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 965.631277][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 965.637409][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 965.642683][T19757] do_int80_syscall_32+0x1d/0x30 [ 965.647595][T19757] entry_INT80_compat+0x71/0x76 [ 965.652411][T19757] [ 965.654711][T19757] Uninit was stored to memory at: [ 965.659715][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 965.665412][T19757] __msan_chain_origin+0x50/0x90 [ 965.670325][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 965.675410][T19757] get_compat_msghdr+0x108/0x2b0 [ 965.680335][T19757] do_recvmmsg+0xdba/0x22c0 [ 965.684810][T19757] __sys_recvmmsg+0x5dd/0x610 [ 965.689460][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 965.695502][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 965.701639][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 965.706902][T19757] do_int80_syscall_32+0x1d/0x30 [ 965.711814][T19757] entry_INT80_compat+0x71/0x76 [ 965.716656][T19757] [ 965.718965][T19757] Uninit was stored to memory at: [ 965.723963][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 965.729654][T19757] __msan_chain_origin+0x50/0x90 [ 965.734562][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 965.739645][T19757] get_compat_msghdr+0x108/0x2b0 [ 965.744554][T19757] do_recvmmsg+0xdba/0x22c0 [ 965.749029][T19757] __sys_recvmmsg+0x5dd/0x610 [ 965.753694][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 965.759734][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 965.765871][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 965.771132][T19757] do_int80_syscall_32+0x1d/0x30 [ 965.776044][T19757] entry_INT80_compat+0x71/0x76 [ 965.780874][T19757] [ 965.783174][T19757] Uninit was stored to memory at: [ 965.788173][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 965.793868][T19757] __msan_chain_origin+0x50/0x90 [ 965.798786][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 965.803888][T19757] get_compat_msghdr+0x108/0x2b0 [ 965.808810][T19757] do_recvmmsg+0xdba/0x22c0 [ 965.813289][T19757] __sys_recvmmsg+0x5dd/0x610 [ 965.817953][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 965.823997][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 965.830125][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 965.835390][T19757] do_int80_syscall_32+0x1d/0x30 [ 965.840301][T19757] entry_INT80_compat+0x71/0x76 [ 965.845118][T19757] [ 965.847418][T19757] Uninit was stored to memory at: [ 965.852417][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 965.858108][T19757] __msan_chain_origin+0x50/0x90 [ 965.863018][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 965.868113][T19757] get_compat_msghdr+0x108/0x2b0 [ 965.873036][T19757] do_recvmmsg+0xdba/0x22c0 [ 965.877522][T19757] __sys_recvmmsg+0x5dd/0x610 [ 965.882173][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 965.888212][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 965.894339][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 965.899597][T19757] do_int80_syscall_32+0x1d/0x30 [ 965.904526][T19757] entry_INT80_compat+0x71/0x76 [ 965.909344][T19757] [ 965.911656][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 965.918323][T19757] do_recvmmsg+0xc2/0x22c0 [ 965.922712][T19757] do_recvmmsg+0xc2/0x22c0 [ 966.081045][T19757] not chained 510000 origins [ 966.085671][T19757] CPU: 0 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 966.094422][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 966.104469][T19757] Call Trace: [ 966.107783][T19757] dump_stack+0x21c/0x280 [ 966.112123][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 966.117861][T19757] ? kmsan_get_metadata+0x116/0x180 [ 966.123083][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 966.128901][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 966.134971][T19757] ? kmsan_get_metadata+0x116/0x180 [ 966.140176][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 966.145749][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 966.151830][T19757] ? _copy_from_user+0x221/0x330 [ 966.156795][T19757] ? kmsan_get_metadata+0x116/0x180 [ 966.162010][T19757] __msan_chain_origin+0x50/0x90 [ 966.166953][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 966.172095][T19757] get_compat_msghdr+0x108/0x2b0 [ 966.177042][T19757] do_recvmmsg+0xdba/0x22c0 [ 966.181551][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 966.187731][T19757] ? kmsan_get_metadata+0x116/0x180 [ 966.192933][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 966.198566][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 966.203858][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 966.208620][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 966.213384][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 966.219458][T19757] __sys_recvmmsg+0x5dd/0x610 [ 966.224153][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 966.230228][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 966.236411][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 966.241791][T19757] do_int80_syscall_32+0x1d/0x30 [ 966.246703][T19757] entry_INT80_compat+0x71/0x76 [ 966.251528][T19757] RIP: 0023:0xf7f85549 [ 966.255564][T19757] Code: Bad RIP value. [ 966.259602][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 966.267988][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 966.275935][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 966.283918][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 966.291864][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 966.299849][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 966.307806][T19757] Uninit was stored to memory at: [ 966.312947][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 966.318642][T19757] __msan_chain_origin+0x50/0x90 [ 966.323585][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 966.328670][T19757] get_compat_msghdr+0x108/0x2b0 [ 966.333584][T19757] do_recvmmsg+0xdba/0x22c0 [ 966.338059][T19757] __sys_recvmmsg+0x5dd/0x610 [ 966.342722][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 966.348762][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 966.354894][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 966.360156][T19757] do_int80_syscall_32+0x1d/0x30 [ 966.365070][T19757] entry_INT80_compat+0x71/0x76 [ 966.369887][T19757] [ 966.372188][T19757] Uninit was stored to memory at: [ 966.377186][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 966.382886][T19757] __msan_chain_origin+0x50/0x90 [ 966.387797][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 966.392897][T19757] get_compat_msghdr+0x108/0x2b0 [ 966.397809][T19757] do_recvmmsg+0xdba/0x22c0 [ 966.402284][T19757] __sys_recvmmsg+0x5dd/0x610 [ 966.406937][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 966.412978][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 966.419105][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 966.424367][T19757] do_int80_syscall_32+0x1d/0x30 [ 966.429286][T19757] entry_INT80_compat+0x71/0x76 [ 966.434103][T19757] [ 966.436403][T19757] Uninit was stored to memory at: [ 966.441404][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 966.447112][T19757] __msan_chain_origin+0x50/0x90 [ 966.452043][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 966.457126][T19757] get_compat_msghdr+0x108/0x2b0 [ 966.462036][T19757] do_recvmmsg+0xdba/0x22c0 [ 966.466510][T19757] __sys_recvmmsg+0x5dd/0x610 [ 966.471173][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 966.477214][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 966.483343][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 966.488601][T19757] do_int80_syscall_32+0x1d/0x30 [ 966.493513][T19757] entry_INT80_compat+0x71/0x76 [ 966.498331][T19757] [ 966.500629][T19757] Uninit was stored to memory at: [ 966.505628][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 966.511337][T19757] __msan_chain_origin+0x50/0x90 [ 966.516251][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 966.521336][T19757] get_compat_msghdr+0x108/0x2b0 [ 966.526254][T19757] do_recvmmsg+0xdba/0x22c0 [ 966.530855][T19757] __sys_recvmmsg+0x5dd/0x610 [ 966.535507][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 966.541548][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 966.547674][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 966.552933][T19757] do_int80_syscall_32+0x1d/0x30 [ 966.557854][T19757] entry_INT80_compat+0x71/0x76 [ 966.562671][T19757] [ 966.564972][T19757] Uninit was stored to memory at: [ 966.569972][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 966.575660][T19757] __msan_chain_origin+0x50/0x90 [ 966.580569][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 966.585654][T19757] get_compat_msghdr+0x108/0x2b0 [ 966.590565][T19757] do_recvmmsg+0xdba/0x22c0 [ 966.595039][T19757] __sys_recvmmsg+0x5dd/0x610 [ 966.599687][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 966.605734][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 966.611863][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 966.617120][T19757] do_int80_syscall_32+0x1d/0x30 [ 966.622031][T19757] entry_INT80_compat+0x71/0x76 [ 966.626847][T19757] [ 966.629147][T19757] Uninit was stored to memory at: [ 966.634151][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 966.639847][T19757] __msan_chain_origin+0x50/0x90 [ 966.644761][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 966.649849][T19757] get_compat_msghdr+0x108/0x2b0 [ 966.654763][T19757] do_recvmmsg+0xdba/0x22c0 [ 966.659236][T19757] __sys_recvmmsg+0x5dd/0x610 [ 966.663885][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 966.669923][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 966.676051][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 966.681327][T19757] do_int80_syscall_32+0x1d/0x30 [ 966.686240][T19757] entry_INT80_compat+0x71/0x76 [ 966.691061][T19757] [ 966.693360][T19757] Uninit was stored to memory at: [ 966.698355][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 966.704048][T19757] __msan_chain_origin+0x50/0x90 [ 966.708959][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 966.714041][T19757] get_compat_msghdr+0x108/0x2b0 [ 966.718950][T19757] do_recvmmsg+0xdba/0x22c0 [ 966.723426][T19757] __sys_recvmmsg+0x5dd/0x610 [ 966.728075][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 966.734116][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 966.740242][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 966.745499][T19757] do_int80_syscall_32+0x1d/0x30 [ 966.750406][T19757] entry_INT80_compat+0x71/0x76 [ 966.755230][T19757] [ 966.757530][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 966.764176][T19757] do_recvmmsg+0xc2/0x22c0 [ 966.768564][T19757] do_recvmmsg+0xc2/0x22c0 [ 966.912862][T19757] not chained 520000 origins [ 966.917579][T19757] CPU: 0 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 966.926240][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 966.936289][T19757] Call Trace: [ 966.939589][T19757] dump_stack+0x21c/0x280 [ 966.943930][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 966.949668][T19757] ? kmsan_get_metadata+0x116/0x180 [ 966.954870][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 966.960680][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 966.966837][T19757] ? kmsan_get_metadata+0x116/0x180 [ 966.972040][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 966.977587][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 966.983662][T19757] ? _copy_from_user+0x221/0x330 [ 966.988608][T19757] ? kmsan_get_metadata+0x116/0x180 [ 966.993808][T19757] __msan_chain_origin+0x50/0x90 [ 966.998750][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 967.003878][T19757] get_compat_msghdr+0x108/0x2b0 [ 967.008829][T19757] do_recvmmsg+0xdba/0x22c0 [ 967.013337][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 967.019604][T19757] ? kmsan_get_metadata+0x116/0x180 [ 967.024809][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 967.030453][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 967.035745][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 967.040509][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 967.045273][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 967.051341][T19757] __sys_recvmmsg+0x5dd/0x610 [ 967.056042][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 967.062118][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 967.068276][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 967.073587][T19757] do_int80_syscall_32+0x1d/0x30 [ 967.078512][T19757] entry_INT80_compat+0x71/0x76 [ 967.083354][T19757] RIP: 0023:0xf7f85549 [ 967.087459][T19757] Code: Bad RIP value. [ 967.091515][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 967.099898][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 967.107842][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 967.115787][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 967.123731][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 967.131725][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 967.139679][T19757] Uninit was stored to memory at: [ 967.144706][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 967.150406][T19757] __msan_chain_origin+0x50/0x90 [ 967.155319][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 967.160404][T19757] get_compat_msghdr+0x108/0x2b0 [ 967.165315][T19757] do_recvmmsg+0xdba/0x22c0 [ 967.169791][T19757] __sys_recvmmsg+0x5dd/0x610 [ 967.174443][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 967.180483][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 967.186611][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 967.191914][T19757] do_int80_syscall_32+0x1d/0x30 [ 967.196832][T19757] entry_INT80_compat+0x71/0x76 [ 967.201649][T19757] [ 967.203949][T19757] Uninit was stored to memory at: [ 967.208945][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 967.214637][T19757] __msan_chain_origin+0x50/0x90 [ 967.219548][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 967.224636][T19757] get_compat_msghdr+0x108/0x2b0 [ 967.229546][T19757] do_recvmmsg+0xdba/0x22c0 [ 967.234019][T19757] __sys_recvmmsg+0x5dd/0x610 [ 967.238666][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 967.244706][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 967.250854][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 967.256121][T19757] do_int80_syscall_32+0x1d/0x30 [ 967.261066][T19757] entry_INT80_compat+0x71/0x76 [ 967.265884][T19757] [ 967.268183][T19757] Uninit was stored to memory at: [ 967.273179][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 967.278882][T19757] __msan_chain_origin+0x50/0x90 [ 967.283842][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 967.288958][T19757] get_compat_msghdr+0x108/0x2b0 [ 967.293979][T19757] do_recvmmsg+0xdba/0x22c0 [ 967.298466][T19757] __sys_recvmmsg+0x5dd/0x610 [ 967.303123][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 967.309171][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 967.315303][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 967.320562][T19757] do_int80_syscall_32+0x1d/0x30 [ 967.325474][T19757] entry_INT80_compat+0x71/0x76 [ 967.330292][T19757] [ 967.332593][T19757] Uninit was stored to memory at: [ 967.337591][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 967.343284][T19757] __msan_chain_origin+0x50/0x90 [ 967.348247][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 967.353332][T19757] get_compat_msghdr+0x108/0x2b0 [ 967.358247][T19757] do_recvmmsg+0xdba/0x22c0 [ 967.362724][T19757] __sys_recvmmsg+0x5dd/0x610 [ 967.367378][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 967.373420][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 967.379549][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 967.384811][T19757] do_int80_syscall_32+0x1d/0x30 [ 967.389732][T19757] entry_INT80_compat+0x71/0x76 [ 967.394564][T19757] [ 967.396868][T19757] Uninit was stored to memory at: [ 967.401872][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 967.407599][T19757] __msan_chain_origin+0x50/0x90 [ 967.412515][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 967.417600][T19757] get_compat_msghdr+0x108/0x2b0 [ 967.422513][T19757] do_recvmmsg+0xdba/0x22c0 [ 967.426990][T19757] __sys_recvmmsg+0x5dd/0x610 [ 967.431641][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 967.437682][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 967.443824][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 967.449085][T19757] do_int80_syscall_32+0x1d/0x30 [ 967.454005][T19757] entry_INT80_compat+0x71/0x76 [ 967.458824][T19757] [ 967.461125][T19757] Uninit was stored to memory at: [ 967.466127][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 967.471819][T19757] __msan_chain_origin+0x50/0x90 [ 967.476730][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 967.481816][T19757] get_compat_msghdr+0x108/0x2b0 [ 967.486725][T19757] do_recvmmsg+0xdba/0x22c0 [ 967.491239][T19757] __sys_recvmmsg+0x5dd/0x610 [ 967.495893][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 967.501936][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 967.508071][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 967.513332][T19757] do_int80_syscall_32+0x1d/0x30 [ 967.518247][T19757] entry_INT80_compat+0x71/0x76 [ 967.523096][T19757] [ 967.525407][T19757] Uninit was stored to memory at: [ 967.530460][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 967.536242][T19757] __msan_chain_origin+0x50/0x90 [ 967.541173][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 967.546258][T19757] get_compat_msghdr+0x108/0x2b0 [ 967.551185][T19757] do_recvmmsg+0xdba/0x22c0 [ 967.555662][T19757] __sys_recvmmsg+0x5dd/0x610 [ 967.560314][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 967.566357][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 967.572594][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 967.577852][T19757] do_int80_syscall_32+0x1d/0x30 [ 967.582763][T19757] entry_INT80_compat+0x71/0x76 [ 967.587580][T19757] [ 967.589882][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 967.596529][T19757] do_recvmmsg+0xc2/0x22c0 [ 967.600918][T19757] do_recvmmsg+0xc2/0x22c0 [ 967.774091][T19757] not chained 530000 origins [ 967.778700][T19757] CPU: 0 PID: 19757 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 967.787357][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 967.797388][T19757] Call Trace: [ 967.800658][T19757] dump_stack+0x21c/0x280 [ 967.804969][T19757] kmsan_internal_chain_origin+0x6f/0x130 [ 967.810672][T19757] ? kmsan_get_metadata+0x116/0x180 [ 967.815957][T19757] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 967.821739][T19757] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 967.827779][T19757] ? kmsan_get_metadata+0x116/0x180 [ 967.832953][T19757] ? kmsan_set_origin_checked+0x95/0xf0 [ 967.838474][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 967.844523][T19757] ? _copy_from_user+0x221/0x330 [ 967.849456][T19757] ? kmsan_get_metadata+0x116/0x180 [ 967.854646][T19757] __msan_chain_origin+0x50/0x90 [ 967.859574][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 967.864696][T19757] get_compat_msghdr+0x108/0x2b0 [ 967.869625][T19757] do_recvmmsg+0xdba/0x22c0 [ 967.874115][T19757] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 967.880283][T19757] ? kmsan_get_metadata+0x116/0x180 [ 967.885457][T19757] ? kmsan_internal_set_origin+0x75/0xb0 [ 967.891082][T19757] ? __msan_poison_alloca+0xf0/0x120 [ 967.896360][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 967.901100][T19757] ? __sys_recvmmsg+0xbb/0x610 [ 967.905839][T19757] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 967.911880][T19757] __sys_recvmmsg+0x5dd/0x610 [ 967.916550][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 967.922597][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 967.928728][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 967.933993][T19757] do_int80_syscall_32+0x1d/0x30 [ 967.938906][T19757] entry_INT80_compat+0x71/0x76 [ 967.943729][T19757] RIP: 0023:0xf7f85549 [ 967.947765][T19757] Code: Bad RIP value. [ 967.951802][T19757] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 967.960192][T19757] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002bc0 [ 967.968152][T19757] RDX: 00000000040000fd RSI: 0000000000000000 RDI: 0000000000000000 [ 967.976098][T19757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 967.984044][T19757] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 967.991990][T19757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 967.999945][T19757] Uninit was stored to memory at: [ 968.004945][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 968.010656][T19757] __msan_chain_origin+0x50/0x90 [ 968.015578][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 968.020663][T19757] get_compat_msghdr+0x108/0x2b0 [ 968.025575][T19757] do_recvmmsg+0xdba/0x22c0 [ 968.030051][T19757] __sys_recvmmsg+0x5dd/0x610 [ 968.034700][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 968.040758][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 968.046904][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 968.052177][T19757] do_int80_syscall_32+0x1d/0x30 [ 968.057086][T19757] entry_INT80_compat+0x71/0x76 [ 968.061913][T19757] [ 968.064217][T19757] Uninit was stored to memory at: [ 968.069214][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 968.074906][T19757] __msan_chain_origin+0x50/0x90 [ 968.079829][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 968.084915][T19757] get_compat_msghdr+0x108/0x2b0 [ 968.089826][T19757] do_recvmmsg+0xdba/0x22c0 [ 968.094326][T19757] __sys_recvmmsg+0x5dd/0x610 [ 968.098993][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 968.105052][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 968.111196][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 968.116457][T19757] do_int80_syscall_32+0x1d/0x30 [ 968.121373][T19757] entry_INT80_compat+0x71/0x76 [ 968.126190][T19757] [ 968.128505][T19757] Uninit was stored to memory at: [ 968.133518][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 968.139212][T19757] __msan_chain_origin+0x50/0x90 [ 968.144124][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 968.149213][T19757] get_compat_msghdr+0x108/0x2b0 [ 968.154133][T19757] do_recvmmsg+0xdba/0x22c0 [ 968.158617][T19757] __sys_recvmmsg+0x5dd/0x610 [ 968.163273][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 968.169361][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 968.175529][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 968.180797][T19757] do_int80_syscall_32+0x1d/0x30 [ 968.185712][T19757] entry_INT80_compat+0x71/0x76 [ 968.190531][T19757] [ 968.192830][T19757] Uninit was stored to memory at: [ 968.197917][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 968.203612][T19757] __msan_chain_origin+0x50/0x90 [ 968.208526][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 968.213612][T19757] get_compat_msghdr+0x108/0x2b0 [ 968.218523][T19757] do_recvmmsg+0xdba/0x22c0 [ 968.222998][T19757] __sys_recvmmsg+0x5dd/0x610 [ 968.227684][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 968.233734][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 968.239860][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 968.245118][T19757] do_int80_syscall_32+0x1d/0x30 [ 968.250028][T19757] entry_INT80_compat+0x71/0x76 [ 968.254855][T19757] [ 968.257156][T19757] Uninit was stored to memory at: [ 968.262159][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 968.267854][T19757] __msan_chain_origin+0x50/0x90 [ 968.272769][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 968.277868][T19757] get_compat_msghdr+0x108/0x2b0 [ 968.282782][T19757] do_recvmmsg+0xdba/0x22c0 [ 968.287257][T19757] __sys_recvmmsg+0x5dd/0x610 [ 968.291909][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 968.297947][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 968.304076][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 968.309346][T19757] do_int80_syscall_32+0x1d/0x30 [ 968.314264][T19757] entry_INT80_compat+0x71/0x76 [ 968.319082][T19757] [ 968.321383][T19757] Uninit was stored to memory at: [ 968.326508][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 968.332218][T19757] __msan_chain_origin+0x50/0x90 [ 968.337128][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 968.342216][T19757] get_compat_msghdr+0x108/0x2b0 [ 968.347126][T19757] do_recvmmsg+0xdba/0x22c0 [ 968.351603][T19757] __sys_recvmmsg+0x5dd/0x610 [ 968.356270][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 968.362426][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 968.368552][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 968.373809][T19757] do_int80_syscall_32+0x1d/0x30 [ 968.378720][T19757] entry_INT80_compat+0x71/0x76 [ 968.383537][T19757] [ 968.385838][T19757] Uninit was stored to memory at: [ 968.390838][T19757] kmsan_internal_chain_origin+0xad/0x130 [ 968.396528][T19757] __msan_chain_origin+0x50/0x90 [ 968.401471][T19757] __get_compat_msghdr+0x6db/0x9d0 [ 968.406591][T19757] get_compat_msghdr+0x108/0x2b0 [ 968.411623][T19757] do_recvmmsg+0xdba/0x22c0 [ 968.416099][T19757] __sys_recvmmsg+0x5dd/0x610 [ 968.420755][T19757] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 968.426797][T19757] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 968.432944][T19757] do_syscall_32_irqs_on+0x1a0/0x310 [ 968.438203][T19757] do_int80_syscall_32+0x1d/0x30 [ 968.443116][T19757] entry_INT80_compat+0x71/0x76 [ 968.447948][T19757] [ 968.450253][T19757] Local variable ----msg_sys@do_recvmmsg created at: [ 968.456902][T19757] do_recvmmsg+0xc2/0x22c0 [ 968.461292][T19757] do_recvmmsg+0xc2/0x22c0 20:09:31 executing program 2: perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) modify_ldt$write2(0x11, &(0x7f0000000100)={0x400}, 0x10) 20:09:31 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41be, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$GIO_FONTX(0xffffffffffffffff, 0x4b6b, 0x0) ioctl$TIOCGSOFTCAR(r0, 0x5419, &(0x7f00000000c0)) 20:09:31 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280), 0x2a7) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={[], [], @local}}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x200000000204a100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@loopback, 0x0, 0x0, 0x1}, 0x20) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) wait4(0x0, 0x0, 0x0, 0x0) 20:09:31 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000200)=0x1, 0x4) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) inotify_init1(0x0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/vmallocinfo\x00', 0x0, 0x0) sendfile(r2, r3, 0x0, 0xd811) 20:09:31 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semctl$IPC_INFO(0x0, 0x0, 0x3, 0x0) bind$alg(0xffffffffffffffff, 0x0, 0x0) r0 = socket(0x1e, 0x4, 0x0) r1 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f00000002c0)=@req={0x3fc, 0x0, 0x2, 0x7}, 0x10) sendmmsg(r1, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0) r2 = socket(0x1e, 0x4, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000100)='environ\x00') accept4$packet(r1, 0x0, 0x0, 0x0) read$FUSE(r3, &(0x7f0000000140), 0xfffffefa) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f00000002c0)=@req={0x3fc, 0x0, 0x2}, 0x10) sendmmsg(r2, &(0x7f0000000a40), 0x8000000000000b0, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f00000002c0)=@req={0x3fc, 0x0, 0x2}, 0x10) sendmmsg(r0, &(0x7f0000000a40), 0x8000000000000b0, 0x0) 20:09:31 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000040000000160a01200c00000000000000010000000900010073797a30000000000900020073797a32000000e6130003"], 0xb8}}, 0x0) [ 968.762337][T19813] netlink: 15 bytes leftover after parsing attributes in process `syz-executor.4'. [ 968.836665][T19818] netlink: 15 bytes leftover after parsing attributes in process `syz-executor.4'. 20:09:31 executing program 5: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) setsockopt$inet6_int(r0, 0x29, 0x2, &(0x7f0000000140)=0xfffffffa, 0x4) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20, 0x0, @empty}, 0x1c) listen(r0, 0x400000001ffffffd) r1 = socket$inet6(0xa, 0x6, 0x0) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) r2 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg(r2, &(0x7f0000003d40)=[{{0x0, 0xffffffbf, 0x0, 0x0, 0x0, 0x0, 0xe}}], 0x4000000000000d0, 0x0) ioctl$CHAR_RAW_GETSIZE64(0xffffffffffffffff, 0x80041272, 0x0) 20:09:32 executing program 4: perf_event_open(&(0x7f0000000100)={0x2, 0x70, 0xf7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) tkill(0xffffffffffffffff, 0x0) 20:09:32 executing program 1: perf_event_open(&(0x7f0000000100)={0x2, 0x70, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000240)={0x14, 0x1e, 0x8b73102c764253c5, 0x0, 0x0, "", [@generic="01"]}, 0x14}], 0x1}, 0x0) 20:09:32 executing program 2: r0 = io_uring_setup(0x5108, &(0x7f0000000080)) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xffffffffffff0000) [ 969.600076][ T28] audit: type=1400 audit(1599768572.503:38): avc: denied { name_bind } for pid=19827 comm="syz-executor.5" src=20000 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:port_t:s0 tclass=dccp_socket permissive=1 [ 969.622559][ T28] audit: type=1400 audit(1599768572.503:39): avc: denied { node_bind } for pid=19827 comm="syz-executor.5" src=20000 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:node_t:s0 tclass=dccp_socket permissive=1 20:09:32 executing program 3: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="39000000140081ae00d175040f62b04a2bb95473585806dbb7d553b4a4000014b63e722cd43f3a2b3600000000004000"/57, 0x39}], 0x1}, 0x0) 20:09:33 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semctl$IPC_INFO(0x0, 0x0, 0x3, 0x0) bind$alg(0xffffffffffffffff, 0x0, 0x0) r0 = socket(0x1e, 0x4, 0x0) r1 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f00000002c0)=@req={0x3fc, 0x0, 0x2, 0x7}, 0x10) sendmmsg(r1, &(0x7f0000000a40), 0x8000000000000b0, 0x101d0) r2 = socket(0x1e, 0x4, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000100)='environ\x00') accept4$packet(r1, 0x0, 0x0, 0x0) read$FUSE(r3, &(0x7f0000000140), 0xfffffefa) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f00000002c0)=@req={0x3fc, 0x0, 0x2}, 0x10) sendmmsg(r2, &(0x7f0000000a40), 0x8000000000000b0, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f00000002c0)=@req={0x3fc, 0x0, 0x2}, 0x10) sendmmsg(r0, &(0x7f0000000a40), 0x8000000000000b0, 0x0) [ 970.127069][ T28] audit: type=1400 audit(1599768572.563:40): avc: denied { name_connect } for pid=19827 comm="syz-executor.5" dest=20000 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:port_t:s0 tclass=dccp_socket permissive=1 20:09:33 executing program 4: pkey_mprotect(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x4, 0xffffffffffffffff) futex(&(0x7f0000000000), 0x0, 0x0, &(0x7f00000000c0), 0x0, 0x0) 20:09:33 executing program 1: mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount(&(0x7f0000000100)=ANY=[@ANYBLOB="4b7c97e5b81c3a"], &(0x7f00000000c0)='./file0\x00', &(0x7f0000000040)='ceph\x00', 0x0, 0x0) 20:09:33 executing program 5: r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, &(0x7f0000000080), 0x0, 0x0) 20:09:33 executing program 3: bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x24, &(0x7f0000000000)='/proc/sys/net/ipv4\x00\x00s/sync_\x00le\xf44.\xab%n'}, 0x30) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') getdents(r0, &(0x7f0000000100)=""/148, 0x94) 20:09:33 executing program 2: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) [ 971.052235][T19858] libceph: resolve 'K|—å¸' (ret=-3): failed [ 971.058573][T19858] libceph: Failed to parse monitor IPs: -3 20:09:34 executing program 4: r0 = socket$kcm(0x2, 0x3, 0x2) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000000)={'geneve1\x00', @remote}) r1 = socket$kcm(0x2, 0x3, 0x2) perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f00000007c0)={'geneve1\x00', @link_local={0x5}}) 20:09:34 executing program 1: r0 = socket(0x10, 0x80002, 0x0) sendmsg$nl_xfrm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="230000002a0001"], 0x128}}, 0x0) 20:09:34 executing program 5: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect(r0, &(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @mcast1, 0x2}, 0x80) connect(r0, &(0x7f0000000100)=@in={0x2, 0x0, @local}, 0x80) connect(r0, &(0x7f0000000080)=@l2tp6={0x2, 0x0, 0xe0000001, @mcast2}, 0x80) 20:09:34 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="48000000100005070000003b0000000000000000", @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000014c0)=ANY=[@ANYBLOB="38000000240007050000004007a2a30005000000", @ANYRES32=r2, @ANYBLOB="00000000ffffffff00000000090001006866736300000000080002"], 0x38}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000002c40)=ANY=[@ANYBLOB="a00000002c00270d00"/20, @ANYRES32=r2, @ANYBLOB="0000000000000000080000000a0001006261736963000000680002"], 0xa0}}, 0x0) r3 = socket(0x1000000010, 0x80002, 0x0) sendmmsg$alg(r3, &(0x7f0000000200), 0x4924924924926d3, 0x0) 20:09:34 executing program 0: r0 = socket$inet6(0xa, 0x800000000000002, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1, 0x9}, 0x1c) setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000100)=0x2e4, 0x4) sendmmsg(r0, &(0x7f0000004d80)=[{{0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000040)="d3622fe131479cee20fb607a9585dc0b411519fd3b65066522d73df58b9257b566c6fc626776defc3a2e249c9120cab00220bc31d41e44f96f67971b8ed8a3dc9eb4123a903d58da02dd1eca653150422bc91e9585fb38", 0x57}, {&(0x7f00000011c0)="7cc3be44ec866303c11f9ec49c2fe80d4ccef580f3bf717b5e129f1dc7766fdf864b7bc35924f34bb5fd", 0x2a}], 0x2, 0x0, 0x0, 0xffffffe0}}], 0x1, 0x0) 20:09:34 executing program 2: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000780)={@in={{0x2, 0x0, @local}}, 0x0, 0x9, 0x6}, 0xd8) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200187ec, &(0x7f0000000000)={0x2, 0x4e23, @local}, 0x10) recvmsg(0xffffffffffffffff, 0x0, 0x0) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[], 0x1000001bd) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[], 0xfea7) [ 972.081156][T19885] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 972.125302][T19886] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. 20:09:35 executing program 5: r0 = socket$inet_dccp(0x2, 0x6, 0x0) poll(&(0x7f0000000000)=[{r0}], 0x1, 0x0) 20:09:35 executing program 1: perf_event_open(&(0x7f0000000100)={0x2, 0x70, 0xe7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x4000000004002, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000e, 0x13, r0, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1}, &(0x7f0000001fee)='R\trust\xe3cusgrVex:De', 0x0) 20:09:35 executing program 0: mkdir(&(0x7f0000000200)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f00000000c0)='tmpfs\x00', 0x0, 0x0) chdir(&(0x7f0000000100)='./file0\x00') symlink(&(0x7f0000000280)='.\x00', &(0x7f0000000240)='./file0\x00') chroot(&(0x7f0000000000)='./file0/../file0/file0\x00') umount2(&(0x7f0000000040)='./file0/../file0/file0\x00', 0x0) 20:09:35 executing program 2: r0 = add_key$user(&(0x7f00000000c0)='user\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000700)="585ccbe4ed83b836c1a647c7218a9169a85ea0bdc9e1587a050000000000000042e33089754c8107c3cd3923dd4af1c2ff06007b6b4816122d2550829eaa9435c99926022b8753a188748c569f435fb3bae96efb74b50ec93c152f5e8e198a2937ce003d661ff5ff70e48884ca000018cea71fcfacf40d32e4b58a8d2725561f612ffd7b06f90b5274cc5c1e298a16324fe27da2a9d5ba9ff3c009d308bd73f4772539ae11359e4e93c553e0cad0f792cff6eae3ee323e48af852e0f19f5537f", 0xc0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f00000000c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$user(&(0x7f0000000200)='user\x00', &(0x7f0000000180)={'syz', 0x0}, &(0x7f00000001c0)='\x00', 0x1, r1) r3 = add_key$user(&(0x7f00000000c0)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000140)={r2, r0, r3}, &(0x7f0000000540)=""/227, 0xe3, &(0x7f0000000300)={&(0x7f0000000240)={'blake2b-384\x00'}}) [ 972.872215][T19914] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. 20:09:35 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040)='ethtool\x00') sendmsg$ETHTOOL_MSG_PAUSE_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a00)={0x2c, r1, 0x1, 0x0, 0x0, {0xa}, [@HEADER={0x3, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan0\x00'}]}]}, 0x2c}}, 0x0) 20:09:36 executing program 1: perf_event_open(&(0x7f0000000100)={0x2, 0x70, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000640)='./file0\x00', &(0x7f0000000080)='fuse\x00', 0x0, &(0x7f0000000280)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) umount2(&(0x7f00000000c0)='./file0\x00', 0x0) [ 973.180798][T19911] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 973.180871][T19886] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 973.192982][T19914] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 973.200040][T19886] netlink: 100 bytes leftover after parsing attributes in process `syz-executor.3'. [ 973.230232][T19914] netlink: 100 bytes leftover after parsing attributes in process `syz-executor.3'. 20:09:36 executing program 4: 20:09:36 executing program 0: r0 = socket$pppl2tp(0x18, 0x1, 0x1) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000001980)={0x0, 0x0, 0x2}) perf_event_open(&(0x7f0000001340)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$RDMA_NLDEV_CMD_SET(0xffffffffffffffff, 0x0, 0xfb6e11410eea9932) openat$dsp(0xffffff9c, 0x0, 0x81c082, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r0, &(0x7f0000000340)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @multicast2}, 0x2}}, 0x2e) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @local}, 0x1c) sendmmsg(r0, &(0x7f00000038c0)=[{{0x0, 0x20000000, &(0x7f0000001500)=[{&(0x7f0000000180)="e1e06b7e8a1eb013cdf1be03e940099a4058554642325fa2d62cbd33121d1dda1c2cba2ab5ddf84c9a99332a0aa1b88862081812e1b779370bda0e9169bcabd4e5044fbe61e0d1d96fda94cc50ecf6a6b0c703f5d91a0c02bfa16234b30c26bf7bfee3c68682095f32ff2776d2985a81703f634fe3abaa9ac0aeed3b3148b1aef0ec1efb871a8500338e9de6b4ee1e17eb5847937a83b0358ef8ab6692d2b1538741dab7a9f609e75b6e55a120da346312cab143f90ebb6da62d0fc550b733200c75f715ce01bb70bc23e70dd262ef91215822298fee9709e2d1ea327aa8a6a4314e9b91dbf58300a7917cc3e4f26283937694d3a4c146", 0x8056a}, {&(0x7f0000000780)="c18af54e7facd931e259615d3a032b165331b3657a111037325376ecdcd7cdb565e908e3f8ed1619f36e1d9542c99c64220b90530a9af19cdb598be1b47a3270b2a1164ebd669a64db6fe8c93739fd45325fe94f075eb0f9b0e9f93dfe77af28d06043eb76c521af1f865c2d52eae2c88f2a33646df1d8d300ccdb466c2071b66192d92f3b8c1623c6c46f8baa6b50ee5cfc242f73de00027945540700000000fecb1e7b312558b81c0e6f8c1a0d7dc3000000d4c5afbba32d91fab46da4b75f73", 0xce}, {&(0x7f0000000040)="c39a00bb15b4d145723f765d602ef1e9ee36", 0x7ffff}, {&(0x7f00000003c0)="5683eb186eaf89d39dcfafa4e796554c67e389d4526f1202ce7e4b2da420d47a58d28c3a80a467f347ab84023a82b4a6d86659d01f5caf15e20c5d8986f18ef00cafe40e866419b00a2dceff7623c1aa9cb838fa3608f48974b4d78fe37fae1e577235d7af3d3b105f0b77a5da237b80615ed4a95fae798adfb3aa15119146bcda665356e91113231ded3948684b39093f3f8031d652fefc1d77fe94e3fccb4c4086e22fe32f63285d5d6f0faa603609e5ed282499a9c13ba06b99f837eb09ca142dec8b3c2a5e3791f0a7e1ac323f8f9dc521b145ad811a6d4fe37f04497d78281a1dcf220fe0526d52a75e0a3c13", 0x86}, {&(0x7f0000000880)="cccd8dc47691eecbd79ddc547a148d45eafe6ec8a33e827f046282553b1e97271e8d7fdd39ca80586f9f266107329f2c9bcb9af5ed4b95030cfb3b365b8e2a9dee355a8c8f19d3fcf0debf791812e612353ed2a58f46ea9b3ca877a61b540f452e942e7d36af86053898caf2661225b22b16f61dbbf509d1e900c62586fdad62bac031e362d98fdd1067108f22a17eef2edd4033c0dec88920001d41556153fcad5c15739fef634e99ff94168bbb5e6a94908760a48c3d586af761ab86bac1ea9a675a954c4ad88a5dd2335c135af1934c67ead06f894787994f57db5d1b38cd9c3cd1d9150dc506e415052f24cfd9a57a050098b13913b6da437f310b09eeb3626a09cfb0e3fa510a955c3012731b99d1371d7c2073b545c08d296b1d15e3d6dd22a93041ae58b1f2e2ec84cf80722e74373d2c2f7ea6551d1e5ac98e992d54994082fa69ce18a8c7a7fcf74c105f6f102dabb8edbd0bbcea2641e9af16696afe4eac822f62e4ba4ae18f0efb67bbf2ce02e69d90397d0551663debc7e16af73f65964e9b85af3cb456ec3b48d92dd513bc8bdf8e9377bc9b3b9aee011e12ae2dd43c63a44c71e8f558066d4002fffe0b34a7921d682964172629e214c4a912d09f6b40c49bb5eb48d00fd28427061b20be43c7090ed6298c3573e3c5a3cf3558e7a250fbe393a734c0e2b7a314665b774ece1224d8122b3c0478f801fa71105f88aae92ffbda977126e9eedf6814eedcdb8603b291ec8465ea02cc4739dc8749865d7448da5805a5eda23a5caaadb3a8f78e6856b25c1ba89572e7360148a88d4b435a4c0d81ebf8fc7b2897ddfb8e77ecb38fd41b8b9d21eed4f4aba45a362c3d9ef12149dc89e25ac77bbbfd3d5c53686d164fc0b1e1e81dcc36ca2c938fda7f4ddf20681191eca478c7451d660d06c3da5b83e71ab249b0912297d603cbc34816186ea76673ad7afb1406140525e46ba7e2f3eb370d", 0x2b7}], 0x2}}, {{0x0, 0x0, 0x0}}], 0x1a000, 0x0) 20:09:36 executing program 2: 20:09:36 executing program 3: 20:09:36 executing program 5: 20:09:36 executing program 1: 20:09:36 executing program 2: 20:09:37 executing program 4: 20:09:37 executing program 3: 20:09:37 executing program 5: 20:09:37 executing program 1: 20:09:37 executing program 2: 20:09:37 executing program 4: 20:09:38 executing program 0: 20:09:38 executing program 5: 20:09:38 executing program 1: 20:09:38 executing program 2: 20:09:38 executing program 3: 20:09:38 executing program 4: 20:09:38 executing program 1: 20:09:38 executing program 3: 20:09:38 executing program 2: 20:09:38 executing program 4: 20:09:38 executing program 5: 20:09:39 executing program 0: 20:09:39 executing program 2: 20:09:39 executing program 1: 20:09:39 executing program 4: 20:09:39 executing program 5: 20:09:39 executing program 3: 20:09:39 executing program 0: 20:09:39 executing program 2: 20:09:40 executing program 1: 20:09:40 executing program 3: 20:09:40 executing program 5: 20:09:40 executing program 4: 20:09:40 executing program 0: 20:09:40 executing program 5: 20:09:40 executing program 4: 20:09:40 executing program 2: 20:09:40 executing program 3: 20:09:40 executing program 1: 20:09:40 executing program 0: 20:09:41 executing program 5: 20:09:41 executing program 3: 20:09:41 executing program 4: 20:09:41 executing program 2: 20:09:41 executing program 1: 20:09:41 executing program 0: 20:09:41 executing program 5: 20:09:41 executing program 3: 20:09:41 executing program 1: 20:09:41 executing program 4: 20:09:41 executing program 2: 20:09:41 executing program 0: 20:09:42 executing program 5: 20:09:42 executing program 1: 20:09:42 executing program 3: 20:09:42 executing program 2: 20:09:42 executing program 4: 20:09:42 executing program 0: 20:09:42 executing program 5: 20:09:42 executing program 1: 20:09:42 executing program 2: 20:09:42 executing program 4: 20:09:42 executing program 3: 20:09:42 executing program 0: 20:09:42 executing program 5: 20:09:43 executing program 1: 20:09:43 executing program 4: 20:09:43 executing program 3: 20:09:43 executing program 2: 20:09:43 executing program 0: 20:09:43 executing program 5: 20:09:43 executing program 1: 20:09:43 executing program 3: 20:09:43 executing program 4: 20:09:43 executing program 2: 20:09:43 executing program 5: 20:09:44 executing program 0: 20:09:44 executing program 1: 20:09:44 executing program 3: 20:09:44 executing program 4: 20:09:44 executing program 2: 20:09:44 executing program 0: 20:09:44 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000040)={'syz_tun\x00', &(0x7f0000002fc0)=@ethtool_gstrings={0xe}}) 20:09:44 executing program 1: r0 = syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x127f, 0x0) 20:09:45 executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)={0xb, 0x6, 0x209e20, 0x2, 0x1}, 0x40) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000000040)={r0, &(0x7f0000000000), &(0x7f0000000440)=""/130}, 0x20) bpf$MAP_LOOKUP_ELEM(0x3, &(0x7f0000000040)={r0, &(0x7f0000000000), 0x0}, 0x20) 20:09:45 executing program 4: perf_event_open(&(0x7f0000000340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000ddc1517600"}) r2 = syz_open_pts(r1, 0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) dup2(r0, r2) 20:09:45 executing program 2: r0 = syz_open_dev$vcsu(&(0x7f0000000080)='/dev/vcsu#\x00', 0x6, 0x0) read$alg(r0, &(0x7f0000000000)=""/103, 0x67) 20:09:45 executing program 0: r0 = creat(&(0x7f00000002c0)='./file1\x00', 0x0) fallocate(r0, 0x8, 0x0, 0x8) 20:09:45 executing program 5: mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000100)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000280)='./file0\x00') r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) open(0x0, 0x0, 0x0) ftruncate(r0, 0x208200) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = open(&(0x7f0000000400)='./bus\x00', 0x14103e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x11, r1, 0x0) read(r1, &(0x7f0000000180)=""/19, 0xfffffe47) 20:09:45 executing program 1: pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socketpair$unix(0x1, 0x80000000001, 0x0, &(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r3, 0x5452, &(0x7f0000000000)=0x3) recvfrom(r3, &(0x7f0000000040)=""/184, 0xffffffc9, 0x40012500, 0x0, 0xffffffffffffff49) write$binfmt_misc(r1, &(0x7f00000002c0)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4004ffe0, 0x0) 20:09:45 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000100)={'syzkaller1\x00', 0xb732}) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8914, &(0x7f0000000000)={'syzkaller1\x00', {0x7, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000200)="fd9065f9564174", 0x7}, {&(0x7f0000000240)="bffbfff3bc88a8", 0x7}], 0x2) 20:09:45 executing program 2: mkdir(&(0x7f0000000400)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080)='/dev/fuse\x00', 0x42, 0x0) mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000002100)='fuse\x00', 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f00000021c0)={0x2020}, 0x2020) syz_fuse_handle_req(r0, &(0x7f0000000000)="9eda438838743bd4e9720bee57093515dc189a5ea685e9556c1c2c3cfc4df50d66d31a48aa312663b68d18c5826b5b55fb738208863dac0f10f423aee7a5d8ddc45ebdfeb7424bae859d7c37ecfc4b63914d5a56d91017dd22bc84f759a15969951aef9d5c88c96560896988fa18cd946cfcc3a0f1c993348377904eac32c980bdf7976ebca2b499cab63c4e841514277fc71d4620e29a92523402485de0e82896484c0ae497a4d686df23ca7b68c3fd5e624d3510d7f94838e54af877ca58a00c5a672bba11f5aa1ed1980dfef47b9973d0bf456ded5e72f1702b3dc5197fce39cba53a038d8dc0ec783ce70577107dc5e8b299e64a0b7f1191f0926bd25762370191710bab2f44e9069f55f8a3f87e4cb488a2fb3348c0bf3b3874291f83e4776b160ea73aafa3919c7c069c73c0052173a63158db8b65541d161f9c964926ad7f06bdd6cb6a32135b04e35701c2e13c49c1f75dc7a25d623378860692d172ec3f1e1f2d9dc77c015c13721efcb101c2390abb847e871132f472a37cc0163b39b1d575a5444e246a08a1afb1a696cabab29498a314429a3b9f44c43ba29f71fac1fbe0d01c3c16d22730932704bcfb0c1b7a432bc51dd3f5dd5afc3b342cbe6a6ff899039e28f9a51881b1d46fdcf31767cb6f5c5c69ab3c80615d77c4d1664fc4ec831b8cea2e752bbb7a9ce79df875b29f1e232751daf32a1a0c4ff8bd0688e2b8e2d668b8a77e20a9eb6ec2e2c23b94e507baeacbcfa31fb6e1ca3343668f43e3aa6d85e7c29bf0bb4dbdabddc92be7f4a6f5d21b19e6da17bfb6cc926e3847532fae29c7b62fb909130ec372d3c16cfe6aaf3ce2af0fe7610fde7aad61bc80d2f96b999c8ccf6d22cf903ca8ae8b879ec4a416f334982e9810c0140a18d4dc81b5edaae23e9f4abaf40ed71512aebbba5bb251545e188db789558a845a2877b14bdaeec3c738b7d730c0860531bf5517d4f0e8f95ed3571f8a35816d5116fcb8d7cbf42b7d5d5e65541508c898bb2e0fe96297d2ab7135662de39df099ebaed5871111f5346278cee5728cec512e6c0a0d65b51e3d627873195b84103341c2bc83b6c8fdd8ba17f5957413f61c69d618c9b9d0b1f08dc81921b6c662ee1da3bfa019b095e9a03c2db4d645ccb7364e895098cbf7d932c72d80663c7a1694d122f7348393079223c11d36c64a5856eae0397ab9a9d948204b74e56525a9d552dd0916de81cbb5af3c59b3d7f8f9154423ce2cb45a5bc808e24bef13212019a19545fe54ba84d01534358380192b8c7b0eda907810375bb66a578a58fec392b47991271c8367b91d710e8a176bc1a4e96f0e137d4c25fbb03eddc392f9f170dd744472b864fbbae7c93d86e682308b21b73c5652065d72cf02e1152b44024a90a3b52eb0bb3cb412e518d37a68aa4c7f46789c54ab30d3a73d0a8712fde612294cda2aa1ccf164930b9b1d17801d4fbb06e849d39bf2b5141330caa0d2618b616f1c67e1ca57080e79ed9092ba7a55e8121cfc825cd26a0199a479a7ab1b7b23d2a4dd82fa6d04ee41ca680435efc934f0451e865e8632ac2f1115f4cdd33b0fccb7a2326127faf20cba37c828613dba5a98f4e1ad25eb6b91078cf73d873df9ef91531476f64b83559ff7ccdc4c070d478b18196ea05fe8d4ea0216ee5273dfabbd04582f40f064c9781afd2cbf30901f28cd09cc934f1b2d50883778274177e3dba8af0a1b931d80ce1a6c4085780ea2195b65ecfd2953f78a5290fe560d0cd6a5e73890a5a82dc410b92a3ef2be05ec5607820fd4ca6b9c3aa258d59022fdcb21665f1ce4e8aad8fd918c43bd3c2afe3dc223ff9f48831d401c8b6996190793d1dd7551f8511b69283992398d8f9b4bd2b3398d3b8c6f3c5d8b802ca5282b70242df2b7be4b38e70c3065f8da888631375afcc05ce578089c4f783776b286b7a60d1b5e189e2742a3240c1036a953d886885422eef01413c38099b64505fd5a73488acb4e611820674c58ae74d6c64a885d4beda9bd7903bcdc71e3711e2a057c0eab2100c321050ab14c6e453c53182577ad3178603cd9afde40a701120e9a36074fd582428c74e02781318e6c65450f8f020bd22475696fe13b8c59260e53a06d16eabd135e887a0a6bbc8ad21be7661df76fec5b13844f68b8eed1a7379713738beac9f23c7a26520e19797a910cde9fb285179526889b908b7eb49bb06f70f6271fba8712c1a4269ebcf4b7d043e924e3d2c4c753fd7e547d95841e335179836f76424e728810d7f32b78256ea30c79d9238a6588426e1f2d4c0b03d5605bd826ed24f0f11326b4cf958632b86e017aa80e142db1580c44f76d9c98196f3f6852ab2bfc6a01a3553a130c2d171957f5a45c3550fbbc990ef8742a98a86b280a57b9f198ff436bc01161ada50e6f23026c3254adf2321bff7e20aa54080bbb57d8d52c6a6df6107706a2e5bc6da68f17b474c0edd39401d765086e885cf7992405f856557915603cbe8894676e996bbadbb649a5e7498b91f9bd2f697dd9ebbe4d386050258b9f4c94781e61c660651c3f1e3ae51f8c035eca365bf15d6db48ea9ce183515f4a208d010f7c23dcacbd6e225490d7e9c133525f5c9018d752b21b4897bf18b64b6a9936f538a0a8958fc934440aeeaad2b68ac844d76f0900a6c95bd0b353d85d4fb62eb88360112237fd8c636a80e3130b21d66ae8ec58a4b76cba0602f96da919f7e84fd37e3ec2379f58e389a39c78d2482e03c379e3c4649ad63a76e3707ecff07d2fcb0c9dfc524cab49e69a09c92e4f88714335cb57d3f6184d07bef9657280fb5c9fd2d8f940f7ac6c5407e3077aa2e4ba8e217e0ee19e302d6d90e3be05a86dade35d2e454e511afb5cf5936f1d11f2fa6be6ceaa817dbdc7a6aabf2fad8ff3efa8382a25099f0c5989d2ad56ae0f4968b2cfcfc67b4f1c161c75900b4848f59a3c0376dfcb7997bf28e9e85d6dd942a360516de38e1c1a038a796f9a77ff2b0c7e5e8f4932391a0e58e76dacc6f9764178a211dfde3e75d367d2911ff398126ffdf83cf2fbdf1ad5232bed9155f7a168638a572094a9e934d4969b358cf6e121d7fd2aeae2f499068b42c152f0e3403a230885d6f92f038ddaa23499f804ffb06abdbabb51f6c38c92fb1a6271a4b13d6d11125b8ec12efa5907dc65062797fb9cca15e2f254e76b182d3fcdb4e96ac4de36d6df7e7bba5c32f422286b1be3b79bffb6fd693761952d195a84ad9ceb07287a0fbefab9e0347b513c5f60233ccd4b52d90ec144a2f896d9dc7f279f8aa93038f3efa286e1c3006933a4d7183d952f8d28b141b28b2af355b5bd8198dfde1ffb8d09202aff0d16ca3fec194662892a49f829813970a4520f1228aa03d211a45bed3b2e05bf1f10b1a152761e7b6c6ddea863a3c02224256092c70ca70dc185c4c385dd98b09e2682661e1e66f71d9c4037048eb70e8a1cbe57de87ec43713abf5fdcf63b9c482f318e3bec37e878dadbae15a02d731e6c8574eb14c059d72f73be5174add786d06b585a28a06d349d8e434a491b34897b3c1ad786ec8280d7f57edd4fbc6aea5485d659b59d393e331cf91e6ed76f340fcf7cf460892fa7318fc42b883f61d888ad982a751accb613c66661fba5f3d6de751a6a9ef8a4700316aaad04e991aab7903f4ef012ec2a8c092234e74ef335daf360ae47bbd2bbc6ad8c1a4f81efe8bbd703cb55ef36b32b4e30cb5a3b165c02ba295d0e1c40ce6ff8f479a74f01275f113ebfa8ade37a59ce70e6ca2a6f48f1be085f61bf772e2c2da523a2cfe63e99c57bdb1ff23139d4fca49eff7547e9880eefd3f7511a677efa23b52098ba89037c48dfcda2e8c1cfb9f892161049e53f8cee55256279512aecab8c441600dae0fd957883273047cf5c66ba209f830aa2ce0cbe41ca08c0cef4aed7f4324009200661a7ce680e5a8df2d051c1d8b2f63d25d8d74d05c75c46c8f3f24d625539e63459650960498a54ec3b16225bbbf4d3930009df265839d72611f5332a904cdebada108236e4414a2909ad01ec44b9d7f75de4385ad7ca5152e890a0919b3639fd1bcbca3b737ebb8d9ae541b1271cf2166ba15830e66f3d3afd3b754a7f81ad4f0999704ae99c114907c5be4a4797f13b80564f234723a34dbe137dabfd7fa23562df679f54a6ab54def6d63deae9844f72fd73efd0413551f5c4b9ee826eb3b7faf92a59ea34a16723b4fea14d1c8815a4e2d39fc48d1dbce526a7c53f5a96d0ef6463a0cee73fd3505f5c764a264b83c4a21f80e8b61c82d24442d13da99d18dc1b2538e7a510f6093d9ef2bc5cc777d4f98411e93919eddfd69d6e20d227cb61c50f358ea227f4de941fb080c1cf6b1f6e25533768fe133dbfc3f9d29c603bed38aa3c5af5b81a706b0067b40b88f992610d04c7cc36b8f649697cd6a93fae51138161891ae75a7147780fc59af5a6e18c54f9d2a4fe7fa92314b399afba9a40d0cc24f70a2593acf8d179215e06b7a9a88224bafcb2cbf60caf5fe4ff38208a70793b5dc33cd572956260e1c86312d3ba9b3a4b2b44376f2e78c616a6c0880ac8dcbaa30b9f761d500fd03a8518dd0509157b184a2d95e0caf3ffc8ac2db6c54d80c71a1e5b9ea3bf51071e2118af204123daceeb04e4f6f31f32a4d3fbb76ee49440cabda2c121c1b99acab5b87cecc37c3f9066af34ab29d6598bbfd91047a2ac7ce3a8f3027ff5e6d743506f161087278896a98ed37122ba208b61cf54d3929555ab06b564cd5e4f46f4755a6cfa2ef2b30d29ea66f2749d4060d411fa9160c91b6f55cf071ac8222c6313df18759e2958cddfe3db4cbeb9cd39abcf5f0beaecae8437813995cb7ed0b87d42ca942ff7245ece204798d01361c5f008e0d82bdf76660515bc78f7f8f409ccf68614b2cb50f5af2615661326fd971bc57eeeade60ea906b8df1cb0dfafd318cd2c396309c329d0469ca192aa8f51d7c4227685440f073983255baf054b97b9d7be1d1470d7eabd5c09b2116b4e86b0567b7e97e088717a4fe3dbdd310a1c39136ea4d2c47492001f9885dba03bf97e7da376171d666441cdc2f999db137603d57df32b4260fa0165e82917bb1631ea314e7a7437e66fc68cef22cda8f456d6e583f6e3237e0bc79987a9103f7cf0918e26881f67ea582e1ff3a49177599d385bf6e42572a2547933aeddb826530e9adf30dd84c3a7fae5c4c26f6c6f3a9f0906decd314e2407825abef959c5416d18a92ff34e6c521a16e8a0a29937c77d4ee99b41d530a732acbe0bf5d274df9d496b47a9a624546bdcf9976cde12ec989cb2a70b33a7c8a3a77652023164695f9db30dfcf587f0cd4f73e385730bcbdd688f6dcb08ba0efbb9f579220afefa4acfea522e864fce9b1782ce9f14824d16e9d33a2609c23ba3c5a1af02549357a0dcc12e37819d778021762cf895abeac1125b744c8b8225a091e7be9ded9993cfa3ca9abb83e25c8f559009977a2ed9374a89619fae5ef6d164bb73d242004dc8428e44689b33ee3bbe88bb4962ab0a32a90e7aea044f08410752cb2d7aeaf3196648a3a99092665b478bb394b48f79b36db0efc7f50d6a5179c945f5298cfaac5e5dea715296f92abce7281d48a0c9c6b785a35ef5f1697c047ddb254fe9a8ab9f498b0c1ae09ffd01a3d8d427fee7e36c51e0e5c2fee2245fb8464626ab5c9857ebce91f7d22bf024d10c2d71021cd69268472de419e6cefd970cc3a8e4d1bbe6496799aa7f100411766e712aff08b731460f14f9d7356db12cf8e1c6121968dc68b1d81c086b325ca4ce6fe1f476707e08fa913144b757c6be17cf93150db29544d207f09a896f33b7335d9339215da751e7af2c6bdd19db6f521af2c8a5998dc607f97026d07111488741134c1c86eba123273d1fd5ee4b471e86f9ae9478a04c7482076ab34a1eca5c64f89e5106eed44bceec019c67c12fb4db4fdac153f4ac3b63ffeb6d30de58ec039e2dd3c181e254cd94d0a2b0b44490384cc5915b54ee1db2b6d059879bf8126c9ca976d0f7862da07ecd350930a081810a7afd72b2ad3f65b96ae9c7f91227a2b5513a559f36b90fe01be9ae5ad3ca65e2c26f358fc26b858a3633fda7ae49a5fb705220a5819b3cca41b1ccc21d7c40f5fa9c422288efa5394e4312675899d704a2aab62b8363f58fd4bc12a8bea6ffc45b4414237bf5f019321206dbba439acb5ef26641f30fdac20f964354bce94e4c9d73e137f9806deefaf6f4acaa0e76ad4fef9f6cb7fc01bbabda9612c05adbe46afcf94819e8a4b4b49ff764784fa432d47fb6d4230900043d1b4521cd6839fe8c5df4d1899fdfb13880e207cac73f0a29020bdd563bd9c2f6bcd1ec523b3e03ebf6164fc65af001830c51396f9df2d346f83a59cfc82201cf1150ea57259d579fc2ed199b3fbe42d5188c84e4354610743e5b23a265246313cc63913f17412fa00d98b379b80b96d936969572e11316bc8926cb23115186f3b2387b82c3898fa41bf16a308da62d5a3eb3609af1943fddde08a4036eb2a41b7292caad9eb082614b02a1fa255bc7abd4d0e3b4ec1801e131e68c7aa9da1a0ff10f9de87dec8fad1ad8bfa99caa49e203a7b9c33e044d4544a537471e7a452468b821959bc488c6b8cbf81e90081a26de273ad1203cc06adb6af242ab19f96c1c66b58c37e2c9309704fba63af99a8d9c5efc651afb631fe9f546b938cc3b8e526c4159e5c9f7afb29fd1d55fabf09367ce2a63a35e7a2062d1c772ed981fd77157a847f687a177cf9886ce41df8cc509302b46bc1e2ba896b1c1656a1bbfdf4cd9ac39cf8510d1c823075f16550fd044aacc8d42a56f03718f7b18475cdc3999faeb25ab3dd8a807ee04d8e5d831d08b4e309dff50330685138797e10c6362636f53f22bfc1f3d5090a5d369282d9de36bb4e2505411ccc6ea395afa1567b15a2fb4be2adeea7126b1a8e80034105e0d98bdd78e796ce1cdc06a4ae666fc0baec5c52614340ed997673e26ec47c88846c000bb7c9077337cd44f5c041fdcc64986e5e1c0f488148f0ee6f842c44c0b72e82109270341bba6e9080b70fcf930d0f10be5a36798e70111fed72727b72282ff164fc08319d74f1f57cde71b57cb397a9e753f87b97729bafba017a24cbfdee5dfe7fc296c112e93bb8fce560ca80a3afd8370baaa79ad783b51352b5440b144a47378c9ae22eda5794328e95bcca220fd07bb56915529b155c61858efe89ad36a79288e74c0e251addcfaf797432175a5562b46eff5e3aebeb74623e18beef85389383c604d8884431b07dc4bea0174aadc337ff41f558a63f16690feae47efa2a5d1318b7397e1e4ba398727d286791b71610e1d78d32800e7e113c12abf0f60b6ca4401ecd23b7aacd990633b2b017daf6bfef1b2361ece74b7dbcbb1a73d4bc1f9d2e5c9fb0b7980d25cc44d1b10c09ef5a6a05c84669294a5cadf0cd88ab449f9f0bcdd8c48590d416c5c1feaa494a2145949c2a3373df7c6014225f2745bbeb20ff294d22c0d96ca111e6926946207cab56a03162a49e68968e398f70690188ee3ca847ef421742d60b9a6ad029e8a3d607950b2bf8ad8ff297cb39acc94905635770436e134435e28205140331b5100d9f64469792fffac87bca0835cbc617446ff86a7b50418c305f32e658b32130e491e38709fd3697017ac8084cdf1ed81a28375aed092ab4e32ca88a933154dd3a9e99351acbada926b67b310c7070ac1a414a28c5abfe1f45476249a12f18ca2d981528d881ed3c5072e46a6eff3cdf37dcbc89c7f79c88a1f8d15d15beb66a0e4440c7b93e379c4e2bac1d5c8e85f1852887e2cfeb178fba1c67dc2adb0c87df8ca4444ca7f455509f492effb5001328b8cc696e2933207a2d78bbce8562ca34a248193c914406b161c8141479d891b0c6110ec1e25cad38299b489f2ec437017cadba67dcb58abd4933c95b3526f1d4747b8701a7d71e446e4b62e2941d4281faca0cf22914be5aad80f47100000000ceb24e82508fe55a92fb6db70d03d1c1ec09cfee31639341756a4630a0eaaecac7bfbddf9d30c42cbd45eb181d5bd341307ad26f496bb042e2b655c03ac3dcc587acbf50f79b5c239be9938b62d3251b199f8413b020605d5d0552cfd9c39c9132719d6d0a326b000e12fcb51bc274df79d11430060d05978cdd50583f1bca82c57dbee605e2d00fcb5414af13a596d35cb5ba62de6a28cbccc857d23547b1c7fd5ac8fbf6758d5b8451fa46d9acc00344dc2e565674b1dd3547eb8f8aa5fff99042f8d1d59e6ad2f53379211e6832fcb68f5777eb2db85b28f724f4e4ce6342cf55713ff7b0cb4f7f47dd12a6566b86709eaefae024373267ce72a89e7f3e42ab48edcccc96b5d0403fe93a927e5ccf470014f220b8257393226cd7b996f20e6a34f81206733a9fdce03b701943c1b560d3eab68c2c225cf7f7f2b56123be2bb173e9e5b37f4d3348f6b987764ad07c2acd44514ff264d7eda31e5e517a179414841ad4553d51c08f435e05f10aa82d74b97a9ba3a133e6c9175fdcd4f3dc9c16d3be1d5bbaf13240177081ac1d56681bfa988a93af09868afd608520c0bfd71d857a6661fdaf6f2e166987eb007449dd26334ae932c5003fefc0f983b9e49cbfcea325f2de16a9ae935caa46f5b3433957fb370971ed957f138f08a60fed5b84995e428e7ae7d5c22021ff016baef0e713a118344c016a99ad469313ba7f2452da0dd82e019f64aa229cf80a69b3e08ac5847f10d247179855546313232f23e055c2f74ecef14e0fdcc29a9bf0976fbb249bd5c7903183d2a53c70960a183630e7d4928daa7091a85ad987d2a4a5b8f6be6612fa72d9fbb33c67bb38eff19f2e784f94e0354cf6d35a5b2c62233c039de3734b38e97ec72bd673fef09fd56fec329818cc68cdf12cb52f7d37a8350c16e94208880bfcd3e895d7aa4489e3dd15db4a9026f0d2a46f1e89c35845dbd976a1992b87c15a0c7580e6424b8792a7bb7b933d7c5433d4133ba4dbbcf7995d6ed3feaa32f876a287feeb9cc6107778c1f83e0119d980b9e994c2a3ae3de24a103efb3cacb746b49d1ad85746b233ab4aaf0e988ec2a786bc93f32040d3bdc3008031634cdfded5ac95b2279e096243228296591e7ba53c4a127772cc4620e6b238ccad250629194533d0a669ff3366c52d64928693e0b0cbb0b8e2c6029089d4dfe2b4b6c5dcd85f1a02770611e65001e48a32a8b0431a3b9d77fa3a95be38a0436a704c05a8e0183f3214c25531a63796f679bf72885aa766468d42b2543542d7e82544efc5c5e81e6a91a0f5d4e68000cff687d63e45c9a11d4ef515050daa592c9a828ac7c0488e7cdb3d6fdaef5e9176ee68d981ea50d386d74df3b40660351736deb03bfceb721878cf9894b0302df15964242ab6b9f77f98ba1c7993735983d2b022600ab74a19e3636e1400d08ba45d3a5c2774cb06a1c358bbfc11d27efaf7ca53c2e7757c8c76da24707d91a4a5244262898d68083ff91c514d9b9b1ebaa0cb0b10254fda1b1e82b9a1a47f117b5b280ddbec1f6732d11117ef1a7a674699df87fe795d1243cb9c4527e364e2b711b6562a87fafc130ce0baf1701686639b05f0c8dc708f008b1e6ab89e8d623bb83f3d54b7bcdbdacd055ac4eccbd36bbe0af0f65a00e3d6dd985ae8851d176976cfb5816d1fc2a63d3546aecaa4e712ca6961d1f181315d553de6b53485faed0dcfcf819a1ba3badffe797377d3d1ddaed8e7a0acc0c3d277762262a139f94de49faca167b11bf04f2104a5ab9a73367a6461f7124c91a2c4229ef98e6ebde9aac283c7d029400d71293f488ba169b62c1e94689cf5b248ed4aea62b88d65bb764cfe27d5231a58486e7381df518f4ed81cb905108c54a5050a94ca0e94da20d3794bc5fab9127dc95b6404b1e27b4e28136fc27806f7be798444c33aca88ffd45b860eba0d5033839f5a092863954604f1952bd61dad23b11643fe14f3ade08116aa2c13eee701ccd13e506bd65a1060bf69579aea8c8143cd38c0891a3065f251eba0c20ab9c69ddf28e3bd6400cc203bac8de1882239ad4e1b97b0ae2f1abb7bac7c0d8ef82b97ebfb1f5577f06a3a1377b09ada4db87d342f20ab0eca4b9c206042471307511429cb57a578211f92d3647189861cad9145f5eb26ab696abe50a2a6c1b469df97da28aba4e79b586c348a430f5ea61c4be1032fa61d18581f05a07fb8707c8996e0fff1c3eda59b992687fa12483b9327e10224b20d42e8b3fc4670bf070ced602283273d6818acd1f6da567c44d3f5e1377065d43d87d889843ae48e7fa8ba1634815695b8c480ca271e6e833799c70da80fd79acc09b989667a2294de5da73f0363df9a33ad4dab8d27cf7bed0a06838672e3d07d52b6396e9b5576021d5e925abd533bf161c944795065fdd44e8462e3070c479f1c118276653488dd9b2f1a673f8cad3612ca1fab4388ec9c8f834a01a499adb7b3a9a977672f6d75b41bbdd7f91ceb7e7a88568d17bb432be9e4e96e115075bce197ef4754d2914c2c59e2d7f4c08f0dbe34d31f229428f211bf1d7e8f5c319ed4a8273cb6255eb318851ac4557b0278fac63107a54d407c42f300b843a12abd3b893b46c7efac2e388ab42b87aebe2543bd4c15f459bc50aad10ffe1c1196fb52c26e54bdaa7fbd52451f207ffb073ef4b3f71eedd7da40c89505019739e3fa733bcdc84ff4919e8fe2358129ef28291be1d6426b8bafe88463b1d3cd7273745381c7f65221898e6ad361e88b24c54ccc7ac9a830145b6dc096e2d71ef71ec4f03524cb870b724e08d223bdec2f6fdde6200217a13b5136004d455d66547f5a1793e0cad85677d49e5c558852107007c8136812cf021afaf6f7e8f59883371be46cda412dd9c6fcf187c31252ceb5758901d39cd5355ab386d9a7fe6ea46ebf277aaf809c3023211ea9aa189de4d422080ebb9fec50ffab6b95ba4ae5018accc497e79149ed6047ce561ccc10e9194cdccd5c9fb75175c8dbc9d0a916ad59288f010defbbb50d263041ab37aac0f93253bef6f898cd0825d99d27224f26181f9713b8979da64756c95e7505f25a2688960d6155c3613dcc31b6c337a6dbfc6b12cfde1db22b93bbd5e48534fb0bda8b212577a14dcf665c834b0bd24e5f624d2455fe048dbe930328d7cb632db3b0e244bb5d43390b420b15157a339487fc78976f867d3a361aafdd3f50a93c01882da7c220089a544381db22e2c86b228dc2be01820468460437588952a549d37498e529e62aa62bad1580546bcb1e9a6ed1870b7838d05d12f6e3a041e78b1bdb80894626f20889ccb3a468aa4fb24b9c87cbb28623ce59c6b3c6286db366d08004551a25fe4d8d194a2bb7c52e1c85a5fbe4cb15b171489da121bea1c469a6bb185d63213084e3a81ee54dc03a94dc5ecdda7bfaad1df68021aaf4627c9d529f13e5c81b5ee4dd228949ca16b9a61d186211d153294470907557e5e14ae665013f285fe4d3766e7b3d8ce5e2a14692072d4d8f79354bcc8db8a2a36c8bcd", 0x2000, &(0x7f00000069c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) umount2(&(0x7f0000000080)='./file0\x00', 0x0) 20:09:46 executing program 0: r0 = syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c00, 0x0) syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x0, 0x0) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000000)=[0x0], 0x1}) ioctl$LOOP_SET_CAPACITY(r0, 0x4c07) 20:09:46 executing program 4: r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) epoll_pwait(r0, &(0x7f0000000080)=[{}], 0x1, 0x0, 0x0, 0x0) 20:09:46 executing program 2: creat(0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x7e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000140)='./file0\x00', 0x0) close(r0) 20:09:47 executing program 0: bind$inet(0xffffffffffffffff, 0x0, 0x0) r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x46802) io_setup(0xc328, &(0x7f00000002c0)=0x0) sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0) write$P9_RLINK(0xffffffffffffffff, 0x0, 0x0) r2 = open(&(0x7f0000000140)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x1012, r2, 0x0) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40046602, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffffe}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) io_submit(r1, 0x4, &(0x7f0000000540)=[&(0x7f00000000c0)={0x13a90100e4ffffff, 0x400000000000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xd01000}]) 20:09:47 executing program 1: dup(0xffffffffffffffff) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x2000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x800000000000002, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={[], [], @local}}, 0x1c) connect$inet6(r0, &(0x7f0000004540)={0xa, 0x4e20, 0x0, @ipv4={[], [], @multicast2}}, 0x1c) sendmmsg(r0, &(0x7f0000004d80)=[{{0x0, 0x2000000, &(0x7f0000001500)=[{&(0x7f0000000040)="d3622fe131479cee20fb607a9585dc0b411519fd3b65066522d73df58b9257b566c6fc626776defc3a2e249c9120cab00220bc31d41e44f96f67971b8ed8a3dc9eb4123a903d58da02dd1eca653150422bc91e9585fb38", 0x57}, {&(0x7f00000011c0)="7cc3be44ec866303c11f9ec49c2fe80d4ccef580f3bf717b5e129f1dc7766fdf864b7bc35924f34bb5fd1dd89172a4b0db90eea51bdfec78bb53e8d41773cba7f1305a8a40b7368445a71ef7870273f1544930baf73a8bfa6ece09d54376b821b65fdf1e0704f1f3c5a823fa67f635159af010053f5b909f8e944c43d6fb1c4fca639b470d3e6ad140d0838958ecf0fc98a780205474fdeb93a97d27b4f3314a9585129aaec893d7fe36d87fd746841ac5c60b31e1732a1a3ca0afcc4068cdde63b142700c563c1ab59dc0b7200723bf21c694583ed8fed1b2bc5c204df3812c223ce0de2f40b69e7f4e8ba1c3ebc31de2f4190e3f1ceb", 0xf7}, {&(0x7f00000012c0), 0x80fe}, {&(0x7f0000000280)="0c22fcc306e8a4d628dc3f33cd1758b784d34ef62ecd943b96c5573b05e34886b55503a08eeac42aafc204e9fec654b4b0853f4c32d8d6e0968a96b81710a9ed49ae96ea22eb07accdc99ed31fb48b921b4c9ae0278829eb32247169da3593e5e73371e82e3558cd87b9c876b91e091e933496ae3a6b5a00a79f50110980c83af2fd44e0f08908f806be4146080def894a3ac87c3d214e32b0e031c8873b6ed3cdb9c160ee236576cb5a749ee356d4f5df961b35ec3667bcfa641e2c812a5eefbd78546783b6bd280dc4ec1cd015bee7d07f0993d6", 0xd5}, {&(0x7f0000001440)="7b18908bcd34b2f4eef2193c5f89bb79551b5d7000ccc31628374b03e7f0b8bbfe45", 0x22}], 0x5, 0x0, 0x0, 0xffffffe0}}], 0x400000000000132, 0x4000000) ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611) 20:09:47 executing program 4: shmat(0x0, &(0x7f0000ffc000/0x2000)=nil, 0x6000) msync(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x6) 20:09:48 executing program 2: timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080)) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) rmdir(0x0) timer_settime(0x0, 0x0, &(0x7f0000000100)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r0 = gettid() timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x4, @tid=r0}, &(0x7f0000000200)=0x0) timer_settime(r1, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) futex(&(0x7f0000000240)=0x1, 0x6, 0x0, 0x0, 0x0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000200)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) [ 985.328603][ T28] audit: type=1804 audit(1599768588.224:41): pid=20085 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir044505471/syzkaller.ZcX4Vx/550/bus" dev="sda1" ino=16252 res=1 [ 985.616139][ T28] audit: type=1804 audit(1599768588.524:42): pid=20080 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir044505471/syzkaller.ZcX4Vx/550/bus" dev="sda1" ino=16252 res=1 20:09:48 executing program 4: creat(&(0x7f0000000080)='./bus\x00', 0x0) r0 = open(&(0x7f0000000400)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x11, r0, 0x0) [ 985.901689][ T28] audit: type=1804 audit(1599768588.554:43): pid=20085 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir044505471/syzkaller.ZcX4Vx/550/bus" dev="sda1" ino=16252 res=1 [ 985.926724][ T28] audit: type=1800 audit(1599768588.634:44): pid=20052 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed comm="syz-executor.5" name="bus" dev="ramfs" ino=65089 res=0 [ 986.538566][ T28] audit: type=1804 audit(1599768589.444:45): pid=20102 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir755755819/syzkaller.USEPLv/474/bus" dev="sda1" ino=16277 res=1 [ 986.564276][ T28] audit: type=1804 audit(1599768589.474:46): pid=20101 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir755755819/syzkaller.USEPLv/474/bus" dev="sda1" ino=16277 res=1 [ 986.589150][ T28] audit: type=1804 audit(1599768589.474:47): pid=20101 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir755755819/syzkaller.USEPLv/474/bus" dev="sda1" ino=16277 res=1 [ 986.614021][ T28] audit: type=1804 audit(1599768589.474:48): pid=20102 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir755755819/syzkaller.USEPLv/474/bus" dev="sda1" ino=16277 res=1 20:09:50 executing program 5: mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000100)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000280)='./file0\x00') r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) open(0x0, 0x0, 0x0) ftruncate(r0, 0x208200) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = open(&(0x7f0000000400)='./bus\x00', 0x14103e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x11, r1, 0x0) read(r1, &(0x7f0000000180)=""/19, 0xfffffe47) 20:09:50 executing program 0: r0 = perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000ddc1517600"}) r2 = syz_open_pts(r1, 0x0) read(0xffffffffffffffff, 0x0, 0x6c00) dup2(r0, r2) dup3(r2, r1, 0x0) 20:09:50 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001480)=ANY=[@ANYBLOB="3400000010000100"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000000a000100aaaaaaaaaa00000008001b"], 0x34}}, 0x0) 20:09:50 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) clock_gettime(0x0, &(0x7f0000000280)={0x0, 0x0}) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ppoll(&(0x7f0000000500)=[{r1, 0x2103, 0x64}], 0x1, &(0x7f0000000580)={0x0, r2+10000000}, 0x0, 0x0) 20:09:50 executing program 4: perf_event_open(&(0x7f0000000340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000ddc1517600"}) keyctl$search(0xa, 0x0, 0x0, 0x0, 0x0) r1 = syz_open_pts(r0, 0x0) dup3(r1, r0, 0x0) 20:09:50 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f000005bb80)={0x0, 0x0, "eb726e341a51b46f327e15a7aa60e74975fed6fea9908bcbfca205f010033396cc0e496dadf7dd00e6d52ab7b9489f1b2d24e35de0c7d9738e044981146406392eb84ebf8ff9f48b0ea033b4cee16072471036f9c8a47cddc28580445801b26240d107b5ef6e603fc6653a08bddfe33c6fe5cca51ef6dcb86561a17724bbfcd9228ad6944fe59cf4250efc5ef96902a95a34244b6685e51b9f80419ee62d0018d8b1dae1b82fa59c4b4743d2abd609be41a6da19d48d8a6c8d5e1201fa529495b2d74e71085aa4f1611df480eaf928110aea5611396099a5244ffabbd4c161c4379ffdeebfbcb4247983a21266c1841fd8d73f86be40439a086e7a6355c02662", "254c4d8eb2a39c08f2e36d90a255719a9cfe4f5c85d1099b3a83a9f6eaec2ae60356fe63d70462f2de9aa72d275cb508b2b2ef37693cf4d5652ae36144c2e89b0fec5087aa9fa360a64f9d7e4156128fb7a37bcbe36f916126bdebbfdf528d8a7b92f2dd66a9ed0214505cb71172f73e4c0369927fef9cf048f1ee89c11cede6749432b378bcc5dbee5e96d3e7125a2aa92e79ef0ca02bcc161b713c6ee1ede9943312291f232be64854988436cc059b157cdc83839d23e87e49c1925069052624f7178e90654deda5075f554fa59d88324b527b31dde7570abd982717cce968baf7da6795ab875e35f34c66dd25ce7fc3a4dcd7f125ecc715e17ffaa3edb02d1deabc3d92d357509ee0aef1a2761b030336638f987a3d701cfcfd9494e2a37a6c1385b63e50c957e6a82672ea6cdbc9840805dcabb06ef245247edcd2ca94ad90c410f7b18edf9e551a17d29cf54f1a3acbe51ec892ccd2bc18d62069b3c547aa0857eafd6284380b87a53534dd288b340c1ebdda09aedd121883f38420bc65eb44e16a79541954aa90900ab6e5004ac73b6ea5427d0646ef5364d0029f611abaa32204fdadd4df9bf77ce4847e17e6b139afefeca5a4703e4907fbc407d3bb8b83dd1b49e9d72ba65e2dfd023636ab451bd4cff4f206c51161043978da7b31d717e847a040da455174bf41824cf135ce40ddf50715ed254463f3653f8e00af38f24a78233869be73ecea3d3c49c8ca01aa7428cbf0e5594af07444a379c58c0c5dda55f0b66fbe5a16250f9e7e39b4b3cdac2ada8e4b842ca80aeaa98a6aca8941bd2a552e52805906a99db5a90a1b6cd108abff1f0843f31541797be3307467875998c2659abeb529a97875db4e6246f964ddbb07febfbbb57d8f215fc42ce13370f5c23dfb8c78b945ab5039296e17db7b4ba76d2a7f7e8df1d5cd9f810f3618c21844e5ddad958cd2a527152f18bd356e06748e0efb9d86b75b3611099379a3171699d9a7b8c09b00186ebc4620bff5165c0be6d9201c95e7ef19ef1cab3f77cf4d8cb9cdf424a735eb4bd20424605007f5e7cc0cf061c2b12e226f358668e069fc1932fc3579dde72931452a162c1475ce154720e808347f3aa64170ecc21839058e18de8b61aa46c4e94102f7d85fd90c33d70e7a7bf23e3cdc88e6f3ac8d3542d561ec8078790fe710780a2d6f6518ae5041f56862d8014d8a65d62805280f9b7f566fa723a206e4ef96e733aaca17f213ffd5b7bbb3be3d5b1856bb75cbafa32d845fe467e22768fcfc284935e70f1ba5303041b1f7961775e5e7ba3328d22dd9860c7f9996608eca1cb9bbdb1c368baa11b899c56cad3b59ec5cd92015206c68f9c71a8242bbec395f9c3e9f9761f12047b7bad0448f85392a213165a05f8fb1243b84b0ad9f9ed51a3ae4e6ad1c11ca92ffbc488878388bacecbfc8825504a2bcaca7e8dda735ad3a56e7bf18d055a2bda33b7e80d8ac310500b59a0930bfb8ed72c64635318271ddedb50797e82ef894deefed65e3be9e6573d90fc0a67a4c0d1d5fef3b33c089cdbeb53389833c57c38631e36bdf4e761127421fbade3ce6baff69554c163e965330d8d27a51da8c64b0ba9798e7aa5db423f491852007a983be2fcde1c25dbc94cd098922f58a3179098b8c71ccd1f266c7b28af2126449f8b18a485a944bc18001538b3cd4d24ce2c9ff94db0fdc72fa90204234b5f8f045d06ec36ee52217a84fa3d385f2db7367b883cf00d2dd4bfd8b7e710f8c232f1cd3307316efe0bf6299390de1eb06fddba3b911a2826d3e562971fca9c561f7a83f95491a2e9f4dbac5aaf43689c993b0b7492d9f39dd46b7cdcf8bd62e692f497664d67f9946697726c0aab0663ba6910d8f5b2e244b718e882c2dd6e474e7c589029722512e90a38ad32a16b68e4658fe7f22a069562fbe5326969d869c6f53f8000ecb951094a02754579588f48306a2089dd587bd80073ff2f10c80dff36af01165dd5cd1ec5facfb536b9153dfb7fd39220b1d9ee6a2887a97be64cbec1df981059b59dd49fd933617a3a162a53f61136349a71fb197a8077c9ad75329bc89eda29bbfff725a2e3beb5927c8f8c5fc8c2181ab403b6d63c46e83282060d34b1f65f769cfda7447c066802a32545f5d85270a2e65c6a61ccd61e00ec58d095a3d4f72314d89f711048e33347072af420501f656888baa94e6bf15a2f2c25acb3a8ce98b723ce3f56c67ecc84fb1e70347a86604d2718aa98b600a401760e115be3dfbcdfa65ac726fda4ae8af07e782d18b0f5adcdb7d6252567f1a584af2ffe65dcad5169086a5133e67f2295a138f7680e778c6169556c25e875540e2f5cce83dcf57f89a6dbc478ad93a7873d159dd77489cfb365f39bbbcf9e5dd61fd17ec7455cba76ca458bb041bfbbc8e724eddede4ead0ee713fb3f0f6df871ca5a8b76079883e72e1707b81cd7563b8d977218589451db4964ebfc00c61d14cb6f5ca6de4df68d50977ece7640d59996a5fd89132c85c35a126d1b278e5742b06e9a5e0bb55efe5c7faa70936b25ba75708ef195f4ea3471a185439432c25b5421e0573e6196e30da4d676bb2f016597bdd9b3b5ec7d770c862667cf410f76b8517775d9847c3350bc4b66c4b103df3049b2760bf680b508f1e6f18a0abdf57477dccecb9aea897a1275789e049ad09023c2d8696a71ccd5e5531ea6dd02272d07766f6192ee13e3c550173c4c3fbd2f0852817621bc986229aea1e6e4e223efdd3f100c8772c9ec13363d172872c36607c3a8ddeacfb65c0cbef588bb76a1087735da882f57f7016c5964979eb628ebfad468ce7360845b2d4618702ad68cda8ebdcffe15b317d6091a12a5160418849f017d68b83c50b5d830fab4c30f97793ec6473ea0f1259c9d73e7553db8ab38c1a4def87db06878dce7642e189db183144ab8ad85ec1fd755504ae610c24ebb2ce40871f2754dc949fbceb94d351eaa49a4392a42da14cb788c9e7a6266557c80a3e818cfd0d6a52d826967b109e464e42eb99910df1026194aca24d101d8f994c7ec242423a522c87e66d2bd20c08d43dc8171209e400c3cbbc1db3bc8209761720ccfbec9f6ce7c8b60bb3db24dce8aec223e45c8175f9917434071d550ac0ce5e015ba552a9011389e3eccad21f3647d90462f43d810bd40a564bb4117e9ffef34420490b14c7d9231e9ebacd585ba8eb15e3e0d17602f95e3ac27b2039278662249bdd9191b61b4d9b102fc23fa036656da232f06a6319882aa608bf6cc671d9485ebbfe83987dc83555dbf8305c447ac677c64de8f7085044b74541b48f53c935cff612574c351510103258dbe07d3c256687fc5e54818721f8ee6dbc497c2c755b00634373893b42cc1a526b416deafad67be2d465f9e25c48d6b8f54e3d5b4ae735540c1bb6cef0ce72c660ad9ebf65dcb172159f94f2995e422c87e6707826dee979ad622947b02eaa270720ed75b814bf22aa309d35011cf0cf2977100f828befac109468aa14dfe6759c878cbb18b0043df4d0599c6a2d99d4d55b63cd70ac7fc29bd73cbe77276e26e2f505f40d720287486ac84ce8e2998cbede83bf4d30ac67f310ed18cd89e4b91d0d19872b9cc87c53c41aecbf233c6622bcdac343199e97b035527213e2111846df23195c3edd2b15492fc64120b869b7dea2d062fd800cffbd589052f11f13eaa06c52ab90017372e8ee60677052bba2cbf853c7a82b9259e1632cd352f26500a8aef017856d592c1bb2ff8f1d57cedf858e5c72d5dd0370a2dc3cc4e623eeea39fac834a9a833ca611f642ffdf35d782fed25df8c318d07b55c7f876caf2cd12229021d54803631352b10edd79302f0115f6e01b5212a74835634b012ba361d6b63a9a18f7df20ea5400bf725fd760ee9054ffe5aea56697bb7c6c83c3aa2a912237bdf79917f8566945a7134a9779df916d2f0fa126e6e1020d3ffc40676756ca1a6a3aab122618585211febdeee79ec6c1ae3d1ef727d674efdd88af65c9c6995de26385620a3853fa8bec7f48fb844d3673aa549f2f3ee6d4e64fbee10c45fc9b8b343cef60ff91b9352cd12593a710291ee882292298e358a709732915bd83065f6f99995f5736a8ed3dc115e2b7181f64fd284f1f2a9e3e7546a15872b230055d43923c5fa78f320f30927d87e3d032f982bbb007f00772f746256ce3ef66b138c66898fe1883c7d7775d96b754d4f9f5e1eb8c4a9bb706ddc0829ff435dfb59457d98f58f6e66b37c86cbaf855ac7ad91d7e4890ec47331da6aeb5e24ada86b2bafcd00f6fd6e51240b68c288198b4a5ac9f33ee2afae45881c5cb0988a6fcee6af1cbc9e0c4622f0ef932fee857c23329357c2b6c92f9a0106607b7506a884cae80ee343d704b82b725ecbb70037068aa5faf2f7df43b7cf2ceed785bd39e1da3d2d915dbb3a5530fe88acef481e17e960aac207fc11e81c3687306754f92e2db7047557437af5adadfd554d359b737f94914acb48e57d70e5f5583e4f8bde342dfe993a227025080cd4cd66cdf363525445228252084612131c1278ea90afc0999e2ee86e60dfa0c61df89a364932bcb7f8e37044b510cf6adbda14233e6625cb77e4e05bbaff8b33d70885d2ba6e2f238008986baa2a99a075b5e97f23fc563a0aafeb2d29a32ecdc8648d11d387f75c3cd5b5527cf5bed4373ae5b21ca99fdb0024730ebf9c1d1c1e4cc1f7f9718407d99040f540f634aa26b09b512e1eb3b0866667f7d527bffe7c6f647b56a6dfb53e775efb9eccf5651507dedb7b177f1b2580598c39b5eb78a38bd19b8f29dbecab9ba27d8f3a193775fd1990efc2c29a820b478d1d31d4fb25011cd36eddff1c2982dca541537fa30999bee314c1acd6b434cf0af1a3456575ad9c12b6c6847e1ff187a770d520f61d992c2f85a7a6214a541c9ee65b14246d57847b7b7f38e22cc8bc1ef8d076d35879d1cb9c402c554dee56dbd389ece0c8064c961a8d38a9bc6a8ec4430e6aa1bb022b86278ea752e97a818c8c9e34c179f3f3edafbb27123a8aaf635d9e05859c065af9255fee80eb1e5ef2cff46b9840ad8834517ac7579fa9e0e47c9ca5471b62aabd513fee1cfd69ffa6a8bd7d005aab0b63ffc0f5983a942bdb28af92ab5ca01c0de68255adb53475cd4cc3d85e279d206926d6e17259082f07d2c2d148293b16406a75d8f8a949a8e89f7f2aac66648296b42256195d39d577271f3734779b07c45839c50e006c5ae05e6dc6dd6fc19af5e99e67a6c8ac1412c1c1d0343cfa6ad6f39003b10f7cacc2fca0d4a8a30ce14b476e0751e352512d8703929b54d4ac7daaa9363d57830c3713a67e7328a5ae6d3f1bd4bd9f18373b58446ee1390756d8744fbb3742f78cffe94b"}) write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[], 0x10132) recvmmsg(r1, &(0x7f0000000940)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/220, 0xdc}}], 0x7fffffee, 0x2, 0x0) 20:09:51 executing program 4: perf_event_open(&(0x7f0000000340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000ddc1517600"}) keyctl$search(0xa, 0x0, 0x0, 0x0, 0x0) r1 = syz_open_pts(r0, 0x0) dup3(r1, r0, 0x0) 20:09:51 executing program 0: clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) futex(&(0x7f0000000140), 0x0, 0x0, 0x0, 0x0, 0x0) r0 = getpid() rt_tgsigqueueinfo(r0, r0, 0x4000000000000016, &(0x7f00000004c0)) ptrace(0x10, r0) ptrace(0xffffffffffffffff, r0) [ 988.737905][T20115] not chained 540000 origins [ 988.742624][T20115] CPU: 0 PID: 20115 Comm: syz-executor.2 Not tainted 5.8.0-rc5-syzkaller #0 [ 988.751306][T20115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 988.761357][T20115] Call Trace: [ 988.764679][T20115] dump_stack+0x21c/0x280 [ 988.769016][T20115] kmsan_internal_chain_origin+0x6f/0x130 [ 988.774771][T20115] ? kmsan_get_metadata+0x116/0x180 [ 988.779981][T20115] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 988.785790][T20115] ? kmsan_get_metadata+0x116/0x180 [ 988.790995][T20115] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 988.796810][T20115] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 988.802934][T20115] ? sched_clock_cpu+0x65/0x8e0 [ 988.807790][T20115] ? kmsan_get_metadata+0x116/0x180 [ 988.812993][T20115] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 988.818809][T20115] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 988.824880][T20115] ? kmsan_get_metadata+0x116/0x180 [ 988.830082][T20115] ? kmsan_set_origin_checked+0x95/0xf0 [ 988.835636][T20115] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 988.841714][T20115] ? _copy_from_user+0x221/0x330 [ 988.846658][T20115] ? kmsan_get_metadata+0x116/0x180 [ 988.851860][T20115] __msan_chain_origin+0x50/0x90 [ 988.856803][T20115] __get_compat_msghdr+0x6db/0x9d0 [ 988.861932][T20115] get_compat_msghdr+0x108/0x2b0 [ 988.866880][T20115] do_recvmmsg+0xdba/0x22c0 [ 988.871394][T20115] ? kmsan_get_metadata+0x116/0x180 [ 988.876594][T20115] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 988.882490][T20115] ? kmsan_get_metadata+0x116/0x180 [ 988.887691][T20115] ? kmsan_internal_set_origin+0x75/0xb0 [ 988.893329][T20115] ? __msan_poison_alloca+0xf0/0x120 [ 988.898615][T20115] ? __sys_recvmmsg+0xbb/0x610 [ 988.903378][T20115] ? __sys_recvmmsg+0xbb/0x610 [ 988.908142][T20115] __sys_recvmmsg+0x5dd/0x610 [ 988.912838][T20115] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 988.918915][T20115] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 988.925076][T20115] __do_fast_syscall_32+0x2af/0x480 [ 988.930279][T20115] do_fast_syscall_32+0x6b/0xd0 [ 988.935131][T20115] do_SYSENTER_32+0x73/0x90 [ 988.939646][T20115] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 988.945982][T20115] RIP: 0023:0xf7f85549 [ 988.950039][T20115] Code: Bad RIP value. [ 988.954097][T20115] RSP: 002b:00000000f557f0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 988.962509][T20115] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000940 [ 988.970481][T20115] RDX: 000000007fffffee RSI: 0000000000000002 RDI: 0000000000000000 [ 988.978450][T20115] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 988.986419][T20115] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 988.994392][T20115] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 989.002371][T20115] Uninit was stored to memory at: [ 989.007399][T20115] kmsan_internal_chain_origin+0xad/0x130 [ 989.013117][T20115] __msan_chain_origin+0x50/0x90 [ 989.018055][T20115] __get_compat_msghdr+0x6db/0x9d0 [ 989.023179][T20115] get_compat_msghdr+0x108/0x2b0 [ 989.028116][T20115] do_recvmmsg+0xdba/0x22c0 [ 989.032619][T20115] __sys_recvmmsg+0x5dd/0x610 [ 989.037297][T20115] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 989.043367][T20115] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 989.049528][T20115] __do_fast_syscall_32+0x2af/0x480 [ 989.054728][T20115] do_fast_syscall_32+0x6b/0xd0 [ 989.059613][T20115] do_SYSENTER_32+0x73/0x90 [ 989.064118][T20115] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 989.070434][T20115] [ 989.072753][T20115] Uninit was stored to memory at: [ 989.077778][T20115] kmsan_internal_chain_origin+0xad/0x130 [ 989.083618][T20115] __msan_chain_origin+0x50/0x90 [ 989.088568][T20115] __get_compat_msghdr+0x6db/0x9d0 [ 989.093677][T20115] get_compat_msghdr+0x108/0x2b0 [ 989.098612][T20115] do_recvmmsg+0xdba/0x22c0 [ 989.103117][T20115] __sys_recvmmsg+0x5dd/0x610 [ 989.108235][T20115] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 989.114303][T20115] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 989.120462][T20115] __do_fast_syscall_32+0x2af/0x480 [ 989.125661][T20115] do_fast_syscall_32+0x6b/0xd0 [ 989.130510][T20115] do_SYSENTER_32+0x73/0x90 [ 989.135017][T20115] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 989.141334][T20115] [ 989.143655][T20115] Uninit was stored to memory at: [ 989.148681][T20115] kmsan_internal_chain_origin+0xad/0x130 [ 989.154398][T20115] __msan_chain_origin+0x50/0x90 [ 989.159337][T20115] __get_compat_msghdr+0x6db/0x9d0 [ 989.164449][T20115] get_compat_msghdr+0x108/0x2b0 [ 989.169388][T20115] do_recvmmsg+0xdba/0x22c0 [ 989.173890][T20115] __sys_recvmmsg+0x5dd/0x610 [ 989.178569][T20115] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 989.184637][T20115] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 989.190790][T20115] __do_fast_syscall_32+0x2af/0x480 [ 989.195991][T20115] do_fast_syscall_32+0x6b/0xd0 [ 989.200846][T20115] do_SYSENTER_32+0x73/0x90 [ 989.205352][T20115] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 989.211682][T20115] [ 989.214024][T20115] Uninit was stored to memory at: [ 989.219048][T20115] kmsan_internal_chain_origin+0xad/0x130 [ 989.224768][T20115] __msan_chain_origin+0x50/0x90 [ 989.229706][T20115] __get_compat_msghdr+0x6db/0x9d0 [ 989.234834][T20115] get_compat_msghdr+0x108/0x2b0 [ 989.239770][T20115] do_recvmmsg+0xdba/0x22c0 [ 989.244277][T20115] __sys_recvmmsg+0x5dd/0x610 [ 989.248954][T20115] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 989.255024][T20115] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 989.261176][T20115] __do_fast_syscall_32+0x2af/0x480 [ 989.266377][T20115] do_fast_syscall_32+0x6b/0xd0 [ 989.271236][T20115] do_SYSENTER_32+0x73/0x90 [ 989.275743][T20115] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 989.282059][T20115] [ 989.284406][T20115] Uninit was stored to memory at: [ 989.289445][T20115] kmsan_internal_chain_origin+0xad/0x130 [ 989.295167][T20115] __msan_chain_origin+0x50/0x90 [ 989.300115][T20115] __get_compat_msghdr+0x6db/0x9d0 [ 989.305679][T20115] get_compat_msghdr+0x108/0x2b0 [ 989.310623][T20115] do_recvmmsg+0xdba/0x22c0 [ 989.315128][T20115] __sys_recvmmsg+0x5dd/0x610 [ 989.319808][T20115] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 989.325876][T20115] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 989.332034][T20115] __do_fast_syscall_32+0x2af/0x480 [ 989.337236][T20115] do_fast_syscall_32+0x6b/0xd0 [ 989.342089][T20115] do_SYSENTER_32+0x73/0x90 [ 989.346596][T20115] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 989.352912][T20115] [ 989.355233][T20115] Uninit was stored to memory at: [ 989.360259][T20115] kmsan_internal_chain_origin+0xad/0x130 [ 989.365979][T20115] __msan_chain_origin+0x50/0x90 [ 989.370935][T20115] __get_compat_msghdr+0x6db/0x9d0 [ 989.376044][T20115] get_compat_msghdr+0x108/0x2b0 [ 989.380994][T20115] do_recvmmsg+0xdba/0x22c0 [ 989.385508][T20115] __sys_recvmmsg+0x5dd/0x610 [ 989.390187][T20115] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 989.396256][T20115] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 989.402412][T20115] __do_fast_syscall_32+0x2af/0x480 [ 989.407614][T20115] do_fast_syscall_32+0x6b/0xd0 [ 989.412464][T20115] do_SYSENTER_32+0x73/0x90 [ 989.416974][T20115] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 989.423285][T20115] [ 989.425605][T20115] Uninit was stored to memory at: [ 989.430628][T20115] kmsan_internal_chain_origin+0xad/0x130 [ 989.436362][T20115] __msan_chain_origin+0x50/0x90 [ 989.441302][T20115] __get_compat_msghdr+0x6db/0x9d0 [ 989.446412][T20115] get_compat_msghdr+0x108/0x2b0 [ 989.451348][T20115] do_recvmmsg+0xdba/0x22c0 [ 989.455848][T20115] __sys_recvmmsg+0x5dd/0x610 [ 989.460554][T20115] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 989.466619][T20115] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 989.472793][T20115] __do_fast_syscall_32+0x2af/0x480 [ 989.477990][T20115] do_fast_syscall_32+0x6b/0xd0 [ 989.482864][T20115] do_SYSENTER_32+0x73/0x90 [ 989.487373][T20115] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 989.493682][T20115] [ 989.496005][T20115] Local variable ----msg_sys@do_recvmmsg created at: [ 989.502760][T20115] do_recvmmsg+0xc2/0x22c0 [ 989.507174][T20115] do_recvmmsg+0xc2/0x22c0 20:09:52 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$NLBL_CALIPSO_C_REMOVE(0xffffffffffffffff, 0x0, 0x0) sysinfo(&(0x7f00000007c0)=""/154) r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/nf_conntrack\x00') preadv(r2, &(0x7f0000000480), 0x100000000000022c, 0x0, 0x0) [ 990.120618][T20117] not chained 550000 origins [ 990.125265][T20117] CPU: 1 PID: 20117 Comm: syz-executor.3 Not tainted 5.8.0-rc5-syzkaller #0 [ 990.133928][T20117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 990.144087][T20117] Call Trace: [ 990.147388][T20117] dump_stack+0x21c/0x280 [ 990.151730][T20117] kmsan_internal_chain_origin+0x6f/0x130 [ 990.157461][T20117] ? kmsan_get_metadata+0x116/0x180 [ 990.162684][T20117] ? kmsan_set_origin_checked+0x95/0xf0 [ 990.168230][T20117] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 990.174305][T20117] ? kmsan_get_metadata+0x116/0x180 [ 990.179513][T20117] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 990.185326][T20117] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 990.191400][T20117] ? kmsan_get_metadata+0x116/0x180 [ 990.196603][T20117] ? kmsan_set_origin_checked+0x95/0xf0 [ 990.202155][T20117] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 990.208225][T20117] ? _copy_from_user+0x221/0x330 [ 990.213186][T20117] ? kmsan_get_metadata+0x116/0x180 [ 990.218389][T20117] __msan_chain_origin+0x50/0x90 [ 990.223337][T20117] __get_compat_msghdr+0x6db/0x9d0 [ 990.228463][T20117] get_compat_msghdr+0x108/0x2b0 [ 990.233411][T20117] do_recvmmsg+0xdba/0x22c0 [ 990.237933][T20117] ? kmsan_get_metadata+0x116/0x180 [ 990.243140][T20117] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 990.249035][T20117] ? kmsan_get_metadata+0x116/0x180 [ 990.254234][T20117] ? kmsan_internal_set_origin+0x75/0xb0 [ 990.259889][T20117] ? __msan_poison_alloca+0xf0/0x120 [ 990.265179][T20117] ? __sys_recvmmsg+0xbb/0x610 [ 990.269943][T20117] ? __sys_recvmmsg+0xbb/0x610 [ 990.274714][T20117] __sys_recvmmsg+0x5dd/0x610 [ 990.279429][T20117] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 990.285502][T20117] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 990.291663][T20117] __do_fast_syscall_32+0x2af/0x480 [ 990.296876][T20117] do_fast_syscall_32+0x6b/0xd0 [ 990.301768][T20117] do_SYSENTER_32+0x73/0x90 [ 990.306286][T20117] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 990.312612][T20117] RIP: 0023:0xf7ff5549 [ 990.316670][T20117] Code: Bad RIP value. [ 990.320732][T20117] RSP: 002b:00000000f55ce0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 990.329149][T20117] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 990.337113][T20117] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 990.345074][T20117] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 990.353071][T20117] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 990.361116][T20117] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 990.369080][T20117] Uninit was stored to memory at: [ 990.374096][T20117] kmsan_internal_chain_origin+0xad/0x130 [ 990.379801][T20117] __msan_chain_origin+0x50/0x90 [ 990.384729][T20117] __get_compat_msghdr+0x6db/0x9d0 [ 990.389846][T20117] get_compat_msghdr+0x108/0x2b0 [ 990.394786][T20117] do_recvmmsg+0xdba/0x22c0 [ 990.399278][T20117] __sys_recvmmsg+0x5dd/0x610 [ 990.403944][T20117] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 990.410014][T20117] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 990.416156][T20117] __do_fast_syscall_32+0x2af/0x480 [ 990.421348][T20117] do_fast_syscall_32+0x6b/0xd0 [ 990.426188][T20117] do_SYSENTER_32+0x73/0x90 [ 990.430683][T20117] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 990.436999][T20117] [ 990.439315][T20117] Uninit was stored to memory at: [ 990.444331][T20117] kmsan_internal_chain_origin+0xad/0x130 [ 990.450051][T20117] __msan_chain_origin+0x50/0x90 [ 990.454976][T20117] __get_compat_msghdr+0x6db/0x9d0 [ 990.460075][T20117] get_compat_msghdr+0x108/0x2b0 [ 990.464999][T20117] do_recvmmsg+0xdba/0x22c0 [ 990.469492][T20117] __sys_recvmmsg+0x5dd/0x610 [ 990.474159][T20117] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 990.480218][T20117] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 990.486362][T20117] __do_fast_syscall_32+0x2af/0x480 [ 990.491547][T20117] do_fast_syscall_32+0x6b/0xd0 [ 990.496400][T20117] do_SYSENTER_32+0x73/0x90 [ 990.500895][T20117] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 990.507202][T20117] [ 990.509512][T20117] Uninit was stored to memory at: [ 990.514632][T20117] kmsan_internal_chain_origin+0xad/0x130 [ 990.520346][T20117] __msan_chain_origin+0x50/0x90 [ 990.525273][T20117] __get_compat_msghdr+0x6db/0x9d0 [ 990.530373][T20117] get_compat_msghdr+0x108/0x2b0 [ 990.535297][T20117] do_recvmmsg+0xdba/0x22c0 [ 990.539786][T20117] __sys_recvmmsg+0x5dd/0x610 [ 990.544458][T20117] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 990.550508][T20117] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 990.556650][T20117] __do_fast_syscall_32+0x2af/0x480 [ 990.561835][T20117] do_fast_syscall_32+0x6b/0xd0 [ 990.566675][T20117] do_SYSENTER_32+0x73/0x90 [ 990.571166][T20117] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 990.577480][T20117] [ 990.579794][T20117] Uninit was stored to memory at: [ 990.584812][T20117] kmsan_internal_chain_origin+0xad/0x130 [ 990.590534][T20117] __msan_chain_origin+0x50/0x90 [ 990.595457][T20117] __get_compat_msghdr+0x6db/0x9d0 [ 990.600558][T20117] get_compat_msghdr+0x108/0x2b0 [ 990.605483][T20117] do_recvmmsg+0xdba/0x22c0 [ 990.609974][T20117] __sys_recvmmsg+0x5dd/0x610 [ 990.614638][T20117] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 990.620695][T20117] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 990.626837][T20117] __do_fast_syscall_32+0x2af/0x480 [ 990.632021][T20117] do_fast_syscall_32+0x6b/0xd0 [ 990.636856][T20117] do_SYSENTER_32+0x73/0x90 [ 990.641348][T20117] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 990.647649][T20117] [ 990.649967][T20117] Uninit was stored to memory at: [ 990.654979][T20117] kmsan_internal_chain_origin+0xad/0x130 [ 990.660683][T20117] __msan_chain_origin+0x50/0x90 [ 990.665604][T20117] __get_compat_msghdr+0x6db/0x9d0 [ 990.670702][T20117] get_compat_msghdr+0x108/0x2b0 [ 990.675624][T20117] do_recvmmsg+0xdba/0x22c0 [ 990.680113][T20117] __sys_recvmmsg+0x5dd/0x610 [ 990.684784][T20117] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 990.690840][T20117] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 990.696980][T20117] __do_fast_syscall_32+0x2af/0x480 [ 990.702167][T20117] do_fast_syscall_32+0x6b/0xd0 [ 990.707006][T20117] do_SYSENTER_32+0x73/0x90 [ 990.711497][T20117] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 990.717800][T20117] [ 990.720112][T20117] Uninit was stored to memory at: [ 990.725123][T20117] kmsan_internal_chain_origin+0xad/0x130 [ 990.730826][T20117] __msan_chain_origin+0x50/0x90 [ 990.735749][T20117] __get_compat_msghdr+0x6db/0x9d0 [ 990.740858][T20117] get_compat_msghdr+0x108/0x2b0 [ 990.745784][T20117] do_recvmmsg+0xdba/0x22c0 [ 990.750273][T20117] __sys_recvmmsg+0x5dd/0x610 [ 990.754939][T20117] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 990.760994][T20117] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 990.767134][T20117] __do_fast_syscall_32+0x2af/0x480 [ 990.772319][T20117] do_fast_syscall_32+0x6b/0xd0 [ 990.777154][T20117] do_SYSENTER_32+0x73/0x90 [ 990.781656][T20117] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 990.787957][T20117] [ 990.790269][T20117] Uninit was stored to memory at: [ 990.795286][T20117] kmsan_internal_chain_origin+0xad/0x130 [ 990.800991][T20117] __msan_chain_origin+0x50/0x90 [ 990.805919][T20117] __get_compat_msghdr+0x6db/0x9d0 [ 990.811016][T20117] get_compat_msghdr+0x108/0x2b0 [ 990.815943][T20117] do_recvmmsg+0xdba/0x22c0 [ 990.820433][T20117] __sys_recvmmsg+0x5dd/0x610 [ 990.825097][T20117] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 990.831151][T20117] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 990.837294][T20117] __do_fast_syscall_32+0x2af/0x480 [ 990.842497][T20117] do_fast_syscall_32+0x6b/0xd0 [ 990.847344][T20117] do_SYSENTER_32+0x73/0x90 [ 990.851836][T20117] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 990.858135][T20117] [ 990.860449][T20117] Local variable ----msg_sys@do_recvmmsg created at: [ 990.867107][T20117] do_recvmmsg+0xc2/0x22c0 [ 990.871508][T20117] do_recvmmsg+0xc2/0x22c0 20:09:53 executing program 0: r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fuse\x00', 0x42, 0x0) openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000140)='fuse\x00', 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x8000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x2008200}}, 0x50) syz_fuse_handle_req(r0, &(0x7f00000042c0), 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r2 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0) read$FUSE(r2, &(0x7f00000021c0)={0x2020}, 0x2020) syz_fuse_handle_req(r0, &(0x7f0000006380)="f7709f77945ec10b4eecea480cce6641402373da5e6d7f24014f7acee96be0135b59ce90b463223252169e036a4daf3dae250a1e6de526211d43d9512ae526730f553268794994fd54868ec480d09862b687b463a8fc5058903593b9bb4d50879635cbf67a9e7d1110fa0e8ef89dbd2abdae33183737b8c0b907f5cc74ad6ab0383f8240e091417d2816317f40abb64224f616136f93d932f2223ef42fa3c3155d53075d3eb1db73beb32bc364e3fc246d3dcaca2dc91a634815412bae915cdb1a6da7884559403b545235541ddac97d7b1ea8135539ebcfac1edfa2fee8cf78bb46da7644a8f9e42ae06ca7a188b83fa537b0962a10411b67fc4d7dfe9e95cce2aef82e75f4680b8ff9976b6569523b72a86bd3a8c96f30e85812fe33a610c2be0a3c1063e2ee864c6e8bbf331f2768accfea78700a7321e4af2db46fd162457e439369da2217992b77502b9b958df27bc086369963793854d7f8b00c537de3216898b8f2c1dd925049eef1ab57bb6f63b2d88850b49b3c54d71f545afafa16bd2d06ae501344987623890fdf9ac04b179d2131070a34cf143697b6642bf5da67437aaf5e78e7e6be85e44ad7b265d78d2baf92ee5ccb0a452eb32fb3fdd1a41abf3a68086acd20458af55c086f77c30bbbce4c19542f92ab1e68393ffa58b140586b49761aacdf6aeb7682561f01e0869f503c4a161fd405046d3e6523bd4071c09b7516e4e784f4d11706f1c2eb170e735e563c43317a5a9afad28511163cdb63660beb699f7b8a7eaf57d48517974ffa766fe8deab0cfb11562b9c281bce2493d08c40a259e0325c52124e303064c6fbae2826355e531543863030fef484621a381a945b6ec7253e20047e7294bd069442f72672e6dfe1ca17d75d8c6b16c931438cec72e6ee53f3db89a10a38a93cc84c7393773461db5074b4f5060dd0a04a069a7a9b078856a3fa1786fc8dab621ba622acafd0781b523ea097283afb0c59222a316c6ddc0554bcaccc70288e524ed7719fc02a86283b57690a7320af028efbaedd5bd158a9dc9ea8e4f53c7da7566cdbdd4f4d9f01a9dfa6251a355e338efc8eee258add8731c7d22161482b7e3c8bc83f30482f9935fcc5974d9d0685b5fba3b07d7f85cc8fef18ac4e8e915b8476bb44d7384c996921ae40a4fdd2dd2a70ba17e1c2d6ec67b8f7b45568c105d52afa9c82bdc1dc7fd951b1e4fc1212bf29231d8e41ed4dacafec9a823a672dceeee0e4048b5620373c53ab8f3553c842a5a6d914f8334d6d8a4af785f418e6b4aab3965f94ca9d80a74a5a034fb6edd0322696aa1060d82c7b104983f8889026819ffdf3d45c604e53066b03dfae13fad499e3894120c10944eaf752989daee4e172decca9c2b324a817a7c787e6bc59fc2884e358a1a9b14b3704cabe374d23c002b8112be68f409302d3dad0a4c02105cb54c4350c24e6f3b7588bf1c28ae321eaebb930cf0c3b607acff20663eab8a593320c518eba8f9205350f11a9c1530115f7e00f2aa335c92e1305ffcfeac7cdecd6f1b6a33710ec77ce428484712d66bad137b6c8da5aa51d1b7196d981a14a40df8406b292f385cb149cfc0a86701566674e089b88487f34fdb0bf16ca94d9da4a837f15d5cf8f11d9c226844d3eb18d848420f344a3992772125319abb641ea56f03fc626f092f67a8b6716b29cf8585cf5fe25a35f5dab0e3e075ba3c84116fb6cbbf99a8153d179ffc1e64356f1fa0bca6823ebd8e1a176636962cff271cee5c5bafcb68fad4921e070c4ae08cd8fa0b94534f11e66403d129a5e8253bd3a9dc09a8189895819ff618532bf6743b17a243d515e63868bdf9287fd1bad0d525759953624c8e82debf88159b2c22945535d9379c911f89c7856be1438bd02df70c939b80741ddad245082a72556a2ab3c2390b84c17b6119103a0b8126dbc55e05b153ef9a12cc67f649c14160c698a7127b39fe88fb91d19b2a381c08114c6e3e6d3d42b77602c838c421a9a414f1eb182d0197ff67dcfb5d79404afbdf9c96f475a0d5afc9a4d7cdad458eed6b1de6c13b11c46004243db779e7ad6dbbf15e69ee34bd2524cf72e49a5352992a9251a86c3dc30d7d5fe61ae538928e8fdca0e04fdb5917523d8266b7b4f1679a5082e798f587c5ed9084c70965e94e12f643ab0191e606c2eb0c3359a2b8504f3bb2e721cfbcfdd90c31cde10992c9400273bbc45fe5ba34d7ede773036e2fd1fec1f001c495accdf8ff572de3eb2aeebad29acfe3d2b1448fd67368d0c37f8bfbbf09bafc8f99a44b187f4f443c82b21f66f722fb59f40ce0f9d83c52b9b3358a80e102b21795a1cfcb986c787ccbb9f9c96c2b66d2f7a94ef2c2a5b65d5c2970ba6f3107609f4a67432835c2ce1682d260f6826072a6b6d4b113a5b06311677ca01260f3567ff1ab6be13b455f93916906273c5430fcccb57e0d78224ebec422763ee3a6b94528749a7ee5f70c9036cf30600000000000000c18733a0c7da76814f2ff741582a9d96eb798426065764fcf86e40b6490f545494b48749fa8d398c5938d6bc7dbe183deecb913ef4c61aef27ea6bb77c23af09c3dec453f01d8e0cf1a3df30d73d44c4e147d9ff2853cb05b1d9fcd2d80815016f65368c477f3e8b676ee1ef5b9154850f02951060f5335d7b8b1c395151b443130d27b4aa0cdd9c1badc38e1825cbaea22480e1d8a986b001a4464fea618707f43bdf8449f500f3f9293b7f7f28170d45eb3e9422d7a107d5dfab18b8e7a2cbc4b42a818384136a49a021721fe07dff4fb2f26e74ee6b5725166409d794c69a1a5b27cb6263c387b81612add3c9e9e509845843a6ffb2250d37c365e3f57f0ad6e908fab119211e7679b41c8e298f9e85558be25ec0a4e6c9aa3d523ef3771971bfd272fcb736d10fa98a87b78c532fcc322f5e24baa21f2a3c84a90ec9b546869400bad19dec3575ebc69c8e512210b81667ed3cede89d10ee5871a6fb166b2f5c96f079cd5bf97f41327930b210627106c4cb6d77e3793b808c425b8a4118bbaa2d1a1454b162cf9886ec17e215d12223a65348ab33185861ab1f3166a4a925d25a63def895a5b01deea11bcaf17c79d27a922834a32aa0f8676793c7257e44d3f7768de19292a385a7a4b3fc992abfb9f8f3ada57b83dc7955c0b2edef1a8214dd8ea2cc9679685137dd63f3918020e2e2f38602005a4a6e84422867b9160f65e92e053d0b58191eadcd5a8a69b18e3216ea63df3f31869c81de88fc75a1d9e15cbdf8d68ba50cd8dfa55259aa362c2615ccab13489844d5ed995383e334074f561a4a67e1060e64a818fc96135d34e604cabe3d9195cf1283725c7700e397ecb72fc8b36f38cd0830b19b439101e4b3839c48ddc95367bff87b888407a517f94fbe58a7033db1123c0a0074c730e34ce821e12f43d84d3b4f0310c6ecd8afe7779671d7b825bb3892825c762b86f0ffd182b6aafd477fadf0c7a931cb61e2b05fc11267bf0a9882e7c2f8e84d3480d9e4576cc03f0e1dbfbef9f66840ad37e76da3ff8a419730a0076de67e9b913f03f5b637287d981eafa1223feafb86bcff5b2ce987f6fa8386ee036a3f75fe014ef90b05a744e038c43766b5fd552e66b9b4996f774988d2a70fa0bf05fbc453cc4fd0ab642db1bc71e1b63919f3c49254f177306f9b00af5782c0633d68ecb85f93fc1afd8dee3dd1ca8b0d7ba0ea463de0b6e3e05c080f832e129cec16853923cf15f06d9a38e20a5a6fa5125d03c1b72680547eafd9fdf246af08dcb4d4d746577478fbc72d7a36bb4bd3b5ba4dc5e407babfcd64b8c413d7dd5433d6a4ee17d5b4835a74c81414a9397d73e15ae387f04a5012a37c88b226207aba933d68a67bcd38f5e0fb8b24c4434c3a0109deaef4f9ab1d230ea6a4acd6db0c3962d0de3bb64e33a29af8dcbf39d48a27c1649a66d4aecdce2db60c50bcec31677559369184608db197f2ebed81ca8fbeb9d2f8c486ec9839e765df69ea634f2815e75eac613febfa26012767c28eae207ed9315bf19c42de9602f44f45a9cb9913a67548787a30c9e56f3399ab281c537751a28d98392655a60ceb9f2515772d2f1d5d2843952312e2a59061b60f128def6795e0c8eb7b12a710c1afacc84f498a29d683d1949c17f3aeeb8b9a32eb10bb242d61a2db5902d592224fb8e1e713ef33caaec6f8516333ca4886345555166e91a6469d67f39241d144c6457c0f74c60e662439281a660b3c802eafa5825fab36b764d4753b33920dc72ec4b7136be556c7d0d528eef67049f5a7bd9cc7e4e94a4874ad8d06595ed38a5f1cafff1018c1351d1d7eab144edba6d4f9eeb7924a25b9f7a3eb20984919d9ade66a18c33f92b65031472ca657a724d86053a3fc60fc5502acec81822bc609954e402a406081cfe7931a1adbfc45a3168e30a451561302a131ff702b4d6c5d3603ea9d1b54c64aad93407e078d6b435154236ba594e8d2f798bbdface489b43120bc0bd7e1bcb6658c2c192ccf18f278e9c5bb14dbdf1a4eb3412f9dc64a31abefd79bd7c91bb7297c9f694840a75cae5d3482d15a2d148092a6545972b7f95a23206bda509260bb370a012b744c2bb46b57da12367d35e778b7d7f463fd8230368b5a5636f28e2cddd03c69adc9c913027a726130c95d818fa38ca7ba8421d3fcf0736cd3001ffcf80701cf6d737cc3dd8f905af39fb2806d2f22289d0001c74eb482f4faf0a1863099cc1b236edd1cfa206b21a2ed86affb4e6a3a4dfb54fab46c8c06cd3e370b50e08e1b7a08864269d867eba5fae8a49560e9479209966002c09719ab8ca58702bfb0071d3859df0193a956ed4d8ad19a2c79656c6dd42eb5a44b808df394333683b605ad0cf176bfcfdc89b01317a802df0ab02fc3673822b55fcfba512792c9e40a150cfae4dcd40b2b12296ba95063a2f50f552b4682c4d461b1efb7555816b5b836ff0319af6935ae5b41e67329a7b21da93c36fcd87cbba1653c0d00077b14cfcb824f891d62219c157b6354300837d211fbcf1881f5e98d6195fb782479e106c072020b56285107e2fd7947bc64ec9a43a0b239c140ec0456685ac3eba988952e641d2eb16cd0132d2bb25576fc6bcd5e29eb9da2d40e8b50776abe5cd7ea45da8442a311977c51755015b3e4995739edef0567a3f169e980addb1705224175372339de904eb952e13f648449722258fa21f7e53f4a1956e8e9a39dbb18c6d2d10d9146358158a0ab7ce3f54120b705e1ccb7a13fb7e9103d0b80faaac31cab07f6d2d9f668c707b5e3bdf259923a1057816a31e8c771267fd974193d90e1a9837a987d9ba52f7af599c1aeed13f6619cc0b334396b750c9017f84cff56c0dfecc12faee59e37cf7d44575bb448abb19616d4fa79f4fdf96631328dd8d0717f125f2b943db577bbe78eaa7b0acace3b79776b5d2e77942c57745e347ec766170e90cc66a5191bff3ad49d423bfb0a92df92c32d1d3cc6274a20bade324638d57a27f2fea01d4670bc1ad5ec4d006492ff5fa616a0010be824766f12acec9b26a7606cc8453382c3dd1f5f5c85354569123824002c44d0ae4cd2e1ebb4e33e3d7b69fe14e05fb53af9d66f53990a830120cd618cfaa10e5f6deab4ef4522afd380ea52f90b181fd5b538f424900aac643d118c33dbb6ffe0b2428844f51943412d8fda4a327b71c814cd6345b3690a4716f04fc7323ff1af08e82ef5e571c9fbf7a9b22af40948febda32ea14ecf61700eb02967d09bfd078ace6cea259952c0be90fab1ce841f1022d2da82f173c580d43effdb424b1729aa9fe40292c082043a7c901bc76426ef6e3de788db31e50f54458ca4e360bb803b48d5a4be50724c1f48b504b086d9dca3ae74eae76a1849d14a4074f389aba805b793f9662f072405026afc3ef108ede69dbd2c769886dfc75a9a2e093137d92b38e34a050eca73cd3067d56dfd58fedaff2857e720b09d676607a1e8eeeb06b26494cc2b844f5e856271732477f384af839e98889d5c9cc28651f6eb74029f839150f947d180e48776ef1c829509e12016c6d1b717713e6325751a944cd259b1b86b1f5e793cdb5551ea99038be09c2cebdd70159c77abc7c64af2e2de1a860a3e9dd8646b7a6866e1891fcf97a2b3ea47c0c57c5fa9a94129c2e27940ab9fe996eb1813d21d48fb6dbc9b8071c50dc26b4ed21588211fc5edb1ca873c70b606678ae7de9c10d2d083f372421a3038c592a38aec69020862f4432ef9ae7f400ed53b44bb58e92b022ac8b62a6b459337af339dc3346a809b715f9974d21e606244d23cf4dcb0956f93c14047243172adc97a1fed868bc49fb57ecc123425a21e94dd5b9d1ff52bc45965a7be2f5ea8218750e2cc8f174fbd2c7811742f5f17fa1f954b8423c403fd2e4e96296e37e0bfe2edd52e8c3b921dac771c61524455b401017ab5f655eca76139557a4a87cc30210b052ae17a5ca8b634322657ea4d87e0da2392c470f8951ac0560a01b4d0befe632ee311d0b87af31465d6cf7854f573debfa1d7381c74f45eea08c06d4ddc9e811d1a33394a35efdb7121cdfaf1603343df8431c87718a5d4cf3b2e593508d8b63f0d1e82f9ebc40d4022ba06327cc8233f29c0995da512b318bfa212e9582cb880d9bd6a02050a014294ef321bb2c65e4638a4fd2c8c27fd9ac28c9e49cdae6dd9eb05dafb38a4a003a56dba826e386f5fd3ab0d54b92f53ec11c850927fc4c5b669c67505ce59304fd86460b480b711d4b31c512829b7037d1c45b5b84c0be40a038b5e975c57c860476318a22df2e4f90009c38481e519b9511e54dc59e89a6593bc53ae03224466513930c5ed3689793f00be192a58a919db9ad1267962c0ee60327ee710accb0da037610ef8aaff63f6582f691096fbdfb1996abc4443cd4ffe04fcad3608413044b978d86d3a18bdf86fdb70cf7e7bbb0e4db9d36176d0ba8a4cf81369fa84ee55466df70e6d4431a873000c19bb5caff30c01c7f7f928cde86bea5c401e525fb8a938fd016bffd5c9d52b279e867bc64f575b80eec74e7f66fe92aef613636e50c8f32831ab4b7eabbc89ce6d7bbfd03b6b005e0c5ba27268369f5083b2ded32c1f9e8cd73a1daee26cf03dbbf9c476fd0f14935244eb7b544f8db1c19d8a21de7e8a88f540e8949f721f20d7a47cfad3f52d93c11a796fbe9fbe415194193e5c70b33237f70790905816b856c252a30e72c081a8bac6a1c9fd2c372b9f870831d6ba6671fd8684f25e60cc7e3a1a02ed5f1a4fe426373bf61404a68571e93f35659b6c37f939233ca6663603b053c8fc74da84dd971b9319a1260fa2f5d66609962e93f7f33a40b22066b86a74fb38bf1444d025f27f14e922661471ef8ad503e97f8e7dd6b9c9a420885e519e085a1f26f7149b82881908021f601679f79c944549bcb431a7d2b12f75aa54cae39f9caafefc01e7eb589d2eb574937abbe18b419d7d27309acb330293456337cb9d753e08f7b890bbf76c4d6ef548bc3b5965302bc65ab08a2420527c1ad8be374cae7cc858376219d39a7a6d58c478a721678e789bcc317a4d1acbf47870a4802a07ac0332f7fdad7156065de511862c2a076e264138b98e7abd1a2555ef2e1ca44ee68f06725508891051f6bd24479a616606024841c8203744b999868b9f2b3b5e8a42f454d25fcddf8f5569594716a4022c3ac8ba67115b93d8bb50684b0fb100dabca7f6b7e29b723007776435829c6f21223d7a2556766d198c76ab6cce3b6e6da5c4d14a26b7cda1cebe6792ce4c1498fe644fb4408189e472efde923506ea4d18aa3284ec311fa942dfa5d8b939e509a10c69461993cc9d3ace2fef29afee8d0894764ffd82371d5ed363b5968447ad3c0962b86584cc97740d7bc3838ab1c1b0198ea830f122b200722d3c2c8815a2a5f90382e1c58f2348dbd38449e28c67ed85f66ea3e383b91c782a4e77ad4aa538db6d15ab90dd464318ded6fd293a1b0279852335e3c94bcce6f37950fb23d96f84465aeaa8fc2f71ce61a1416e579399c363bb37ded602fbea1ba5de87ab12bc7aeb5c62f026f648ab2babea2517c3ade2828109da58c010e6efef544088ba412ea57d3cd4fad3fd85b17e386ffc8a700664b2604c8a71c011e894ac03a109d9ddbe0b6d625d33d7d16fba5bcbc1ee1cdcfc6a475a23aff414e5b4f83e9d18e10f9e6dc49e518561ad53a110794d2ad9c7fee95a03b632b2acbebac42c996e1b856b2f18a2a3bf7cb0726c10b6aa3ec2d78bebd26e86ecf78b87736017cffa7d654b357be120985c553d11dbc932139ea6e1efdb7ef34598db568e66d42429e414b5903ad6e616ff7faff6ecedec529cf16b280c18dd4c3c8cd5192f625965e15c29104855364565a4a52ac5ff78eb31a6e7602e84226a87364708c2a9fdcf2f66f5dd0951aacb7b6c8f9bd0e534ae44b47799cdb8f683db5a3258d6f1943e04e59b11fbc6f57d16ff150c94a22717c1b483ad064c25f09022cc4ce09e76fed2b2ce84e9a50623f84cb013d00b8ee3fd2eaf1ed84df2b29d3119865f5df8fbb6d7440ec6da33deff5c60f466f91959c0d7c7800937cf59fdc6e2d53e809a6f6754ed545fc71c42a95d198df6329a3f32ecd091e7e643727ee34241b9244ea9a2118ccc6d5b52f8dbd61dbc7a4b65e8a4b0e937669a8a6377022df74ac0d2d42008edfa83a71c2e14c8cb7f3e54612cbe5b64b31371f445ea6235467b339b285bffaad0acd9af5159b84f58a3e0230a7e6f055a016a0737b893e0d1b2dba11de53529c825bea86a455bba90eb4f10ea5425d498c18c0bc643a5bb07491a8b6d89b1c92329aaff3a9cb9302f81100d97b78a09d1f5c512c26409796608b77c969c070f6e55037c97bef2c30ebb373110c2356e0663c0a7010d13f18f9b7b1d4a5de88b110efe433a5dc9dd03ac7621a6de39584de91e9b43c5ef4cb435eeb45b8865540355030acddeaf451a453a0b0a76cb064ea1e939dc5491f2c591973c741cf1f73ef4451a1b43ed9d9e0c7b126b869e7cd326900a470dc08a15fb176346f7431dadd6b820ec10cba33d7097ebac9c1ff147fe39d9cedad2828facd8c37cb22a8b7d55b63170f55ccf45fc25715d00e7eb7c3f32c5a7dce02bb07073daa170caa4813b2102648cf6a5bc9ae5ef3fc4c6240447190340469cea21650f79f5ff0ab60e6fa8a30a45f29ca7f4356c275ef4dad63b07f73cc672d26091db75eff3e19b51272b0b786609333f6580a3ad3c83673df3776d04cd05fa86b7b8066076b71377580d8b226d9daec174cf2a62ffd48259ca04821e949021b3f540b5268c794a5314de9cb143dafce0575c06750f0c125b507bf39bf0abfc25b9bc39ddbc4450f0f3a70c312905a5c2d11f7b39a3cb0fd08be6f8b74c5d74fdfb0477c942caac42ae596e0aa36db5f10e1571231ebfc327e5a6111eb2f2a0e1be0b0752018973500f1b7c832cf36078c24717f66983bb72649829af53389e89694bce146f8cb358d7922ba07dfa9da6fbd65b7f5159010b1bc6847967b9eebd738c8b0f48b1c1a7ab63481809111b2876c73c375064bdca8064ee8d6d7b3817db8f5dc82709c586afea5850f415ca7641b5e6f45ff93b9dbc2f62c40c47dbe61a069d88e3664c8dfc9be2b35f8896e6d5c8a35b864b50d50364d3cec828a4f7dcff3cb314c9f7ab03c93e1fd8c5bfa2c303d76cb0954b401927a000babc400497d3f3a37c1f7a685ecc12b28db4b9b75debccfb132a4bb3b19ba91a441a94403eef6ad8222edd1dcecf215580296020731cab55029a189561499d34faef21eadfc370f98872c2192aef73f0cdf80de61cc9157d1e08d7153a49f7d1151fb9f110febc34e760c1afb87eb36c9df1d6aa047cb655b3ec5fdae8e2d93861070f98bd5f1c53c26f07d7c43cb295440af75e87671a552e39f9bfe1853222eb8ba0c8013944ee61dbe21281b1d4e3ea3dc0353d4ded5db0128504b97491353120c63bea1c5656be047a77bebe93efbab10375cb0946624e076a93a6ffdc284f4aa9fcf54ebda3653d5abf7da76f19c165d0982d48279ba8ee9f33b2fb060491aa26517e39f2cb4d4ce7726b249f070aeefca6843a813026e45c6ddfccd1e0b8883a7170644c43b227a2a3c03cbd17b8f3dc0910685169ada487a72251eeb6e6a1dd5661294337cf4cee2d74fdfbe00ff6d07847e63880059bcd12951e8b649cca1dc6a355a7d2c26ef8cabd467b2102bbe28b108b385ffff7304d96b03500c912efd2af7c45f81f5f2f0e3357ec7da616f81ead2f823a128696ec7dd65a6587e5ecb56a8fba1bdea28909da5e085e164b046310182fad711d4e46abaa61281c88c729810c615ce9636b5c96e4150e2fcec6c111469ba8b0c010963d4338fba8a8a080e384198e1410af15f7ee18e5396b721fc331860e072207da236b35dd94fa7dab288a114ea46e754f1d0b4bfa1a5b216706652e52c489e9a3a1cee8ab4fe5d416ac22c2649673715909c27f31684f6e103913bfd28e02fca507940b86405cebb8084d1c6532a5508b716070c67ba544a1593895f4cc1a8d075415feb69d50fb674c3a89b59f80032cdfa8d1181856817bb16f50bafd0e21aa656661bf3b6bfc207a7a645a8edc15ff1cb706b6292a3263ef5ad1479338f59058d08ce76dc801d8e11e280badd5a0c0dcf1c6285d95cc087e7f0dd823b6b7c353d22f1e7ed03c1461cc4c170e33cd06c45f17fe1af233cca638611449493d533f701d77163f6784202d995e17b797d4d2f0d87d05a00728e8fdda47c70ecf919a2a110371da3474580720e8eae934888cf84f1f1a5530baf815e7c16129732ec4af417c1be0970b845dbced563f00a86135bda35c525aa020f285116b00071858e6eacf7b124b635ff7b62410e8c27a4c76adcdec10f5180130e8c554d2d8038677650171a2f6c3da4c04e340b48df92cf41d08a499f680a2cd6ab099fcede2f8b1888aa052c7f2dffdb203e19fb1e2740c89cce311ff168437500a6eec570780938c3291a19482656a8d53b19bde3d4148bf1a9f2ea67ae835df675662f27b5b6f5e2652d0471c81740acef306d9605b4ca09a2c4c0f3f8063b6fa5fe01109c5e348eb318074785771ab2cedc48d0f5e15b3a368ace5aea415aa2d566063f25571b7a218b9e95117aaf0a389284e763e448c88b49205392fe032ed206ca8e27fb1c65a72d125cc860913dabe714be1a2a85120066cad66d53dec9a30664bfdd33e25398199211b15fe0770cb243bee320e95e506be4617c3e5e6825342c769bc1da3127f8d34c922f60ed2727f5d9209fc28099ec86c29572fc7159f6ced79b0a2a2653100230a55f7a578e2f1d90f6301069ed04106de45b976f2aabe769ed17d59a53116b74fa2f598c0d1e9919ca8d9cc21265ebc218ab9808b094eebd9a48d8349cf3faeaaa7c8ddb07f6eb874f70cdfafe050de69c6e7da6c8d2f71d581d6c604f4bb29243e9d1bbcb0890b436cb43d1a33c4b96a08af4137135a8c8fe74034dcaf1581856f80077100", 0x2000, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x8000000000b8d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}}}, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_fuse_handle_req(r0, &(0x7f0000008380)="798dc8180e85559d2b38c394077a05367590fc7cb11c4db39f8fa61ce9c978812f1b5f74b662ff75dae25945aae35cdc2db9279510b8b88fd68c4a3a91482bee655ada90ff0a5d8d56aa4e6aecf602bc8000068942ace87ceb30ce2d6c0e7e5f1092a3a4c8c0a5a895b483acc2481ddf8fcebf868b33ebb5fa36a5ca6abc55b3d01fe1a969f623d75db4421c3b1238c53607e52eb90267ead0253b868f919f8a1aa8a3259226cde95ad6e40e1daa49806d561835beaff4db601262e5bfdead7ed100fe528cd258c5bca8b98a1d3f7bddf51ca615bd13464180b1af09eb4c0a1eac614892410ecabc0b1816ed8592ad6b6d40ce2c1e82c1b37ceeea91b9d339ebf6ca487481cc592436c958a2130e08489d8e3c25ae440d4f8e5f5f4611f2439e83e26445cf8d0729f1f7e9e1ce85b937ad10f5a572880d19e0ab944342ea31e08d305a8a3c1ebbe9c22479ec44db8638a488b18ebfe67a8b7aff2c8805f9c735478cf259c6523948f1d0e0da390e767e1c43828bacb7707a71b043f3ea6c3b9f0cd26dc08cb5df262bf0ba634d8295b33f229cb6e8d23d459310eea0ec16eafbc5f343fcf12bde869c2af55987d3de6f3f4d76928262fa66def9198a10959902e6f6faa17c193ecedc52a70d20b2ae9c4078675ccdc44b2a625fdc9e1d759bcc2a52163b34fe62065141d8f3531411b712952463c7aee03b0f491d5879119006d7ac2a463ea69d6277e28b597c21f6acc9b5a7c23412c08b7842692d783f17bf08864ede734f554221fa1550ccae92aa796801fc70a89bebf5e70fa6f7ce5ab0413470d44809b4bb5e6a0a82aedd4665e2798449c8bab74fb21af61e45b12900c56ca0bf141584a5c33d9433030a2f3dc64409a3761305d8d898edcaa3b290a6997bb739edac2d4a5ccbf5edd64649685934687e794445b6b3752a4bab7971fb0e19b29cc1456094efe17bdb97efd26bfccb7c85a9d9a8cab76b5762680533ee01e3f13e52270a901b61a5dbd22e7429d0a67c86d567ce3904821c12c976657fbb2221d152f09ba9dfa47b18b0563bd1d41080cf3e9be9322b8dc76884f29f2c60b6bbb78a95973a11f4573a02c291fe5cf0e1e9f63281fd74d9c84a3829a0c8adc70733948cd87c3331cd866cf41d0ddbae9c0bf2ba90d6f4d003019dd7cd3e0bc2fa420a3a64a7030cd59538a539c8f010608f5609bc30a948fcc355e7c93c302aed051521dfed180abd092d4df9c78e01914e04216413052284a62646a9b21f2a89d9317e3df7d0c27abc4f5de93db68f212ac1fac50df5f00f37d70826d698b3bea49d342e08db2c616f2732b11583bfa871823cd0da941b6a80d45f251af7ef2543d8e2229a9a97459170df844f31846e9df6c2a27c415e558f480ece81fb3e66093bb58df92abfe56a955f29a4a158d809a490352ebacd45682e9a5100c4170c72fb1c22855d20e64f3c6362de79d6483d1a84fc75342b7e67d09cc578f457925d0235015e4f1ce7e8fce7c6e0401423d5f7e0b73bdc10cfebfc08c1485ff1ead00a54c0e217cdc45716ae8fdfd43026c2f1eb7574f021654fa6c9ab11741b569f35f46c341335a278e54c9492f2d7ed2118d5ac573082373549450c024edce0059d5964850d1b735054b9f1231b2126f981cd6933dfe068718aa90d2b722764693375b624780073bd151e6d09501cfc875e5484e023d14ba72051327781237ebc8707e29418284f6e8b039ceb5e01929c56debbfa338861e94301851ecbe9bd5c49230dfe48364c2bd6917627b563bde04d816b416f550a91e3065a37bd53f49a4f0425241035a9dc5801054ecc419db54ca4e6d9f1b4834f54705264c16a159b65251517d7da07519644c5961e71dd67c5d16e06e06b2fb15e6266820262e576c5938996e05728804137d99558e0c1286cf387eb6fdf35494ab5dbef958fe7b05888268768475c681238c7080155054dd2b7f1e00edb7fdba18615415afa0b81aef052e088fd09a42a6652e8b1eae8d2c02e305856111c112721f8fce515643034e6746d3fb475a117c471fe3bd3b6bb73f0a65f6c74c4c9a5de5b9d343e2212a93e429ceae0da78f41a18c078137283ddeb1ae7b79cce75b435b6bc16e8dbc41a94d58cbcad44b0462d3f3caded137e560f3102ef576e2333fd680eda74085a147c89466dd0c432c3951bdef665c577d61fdfb9407bb67e3b7e1cfd3df28476986e3e81703746f32ed8bf83e830080b5d07a256762c694f5f64c6c1d4857a191d53ca98c5c6d6c410880607dbdb6c8a06fbc1436425c0571a93379ead6453bd448f79e40c562f71acac9454c5decd013554fe5ab2e7af2c05d7b0bb6093b30882d31540fdf5c47cc2686656567dcf0362662b2ef158e805adebaeb2da9bbbf227811048251b6832c0b601cc2d0cd8551ca95b658fa5041c6ac2d5e61a9272ecafdf24b9940feda9163a714d7521603ae85695721f221623bd011c679d591910dd417128022aec222ea658d1dd3ce15d9284c7b46c251fce5a5458b164115746f40d33aa0262158341a106b92bd7fb67af985cac17b878e583f60c9d0275224c7fb8b4f8e18fe94182d86a7bfed08edb5454697109d2208af5b4f68b6ca58c512f6a05ea8dc25840e1d58b7b259165c89a889439eed057b9ca6bc0c45bd076bb8e2b20d1780d01185920e104df4b1a9f612b686b998fa583e1fe1156bfda7933264b6bd534b9384571ca6dcf2c3dfb78d9f1daf6ac2ca723de29ea69b83cf39596ebfc0b861ad82a3c868107939bc328e6ae6c7f285b64b3e89ba5975c14bd30dd4231c4adeb0d165431cbd73c20e044a3a0c0339514ea8f2f2b7ccb4880a20e2b3a371d7028c7408a10e9ce51862cda3e0d99c83a1f3b144427a23ee7416d164307f20769e1c63693cc5293841accca369a6ca01ec72cba629d3f3af74ee9a5a5f135478cf2316c009cb785b174f8ff389aa06b94af059e7638948063da94a96f29e0261f4e8266b734f1a4788024e361606df541fbe58c3e4ae466ef2dec7a4424ce010ab2021b4ee649b72a21484ddb6ee4604d2e8c3d96751e1ef664c1b30ea0acd9a2df83d45ca182f986c7e6d63ac8a2e1029e0998aa378c4255a75718cba48a9fbc82f0b7abe430c64525c6fa90582f60314771f3bd74242e6be65908b7609379d557cd115f7def6b752a16f385dc9ce3ab5c1712ed05ec2b6aef286218b9e1bd285991adf79681d2491884057456692875592d742c39c2c3690d79535b4f56bfe3a352fccb45f3cf4ac09689bf9f6c81ac6dfe30f968b26d26f7077baa5b5401b00c7042f5d3eab45c5788d2fb3a645469a316ef6e1d0355deca85d540a9c2a29581d23444cf0a71bd4537272d36de4d4b3e1dddbb0fe555b6cfc619f0940a7058567f272d4404103eeb959b13a1d0e6ba829886125b834b2c4c6ec7068f66c6f036700e1501f11dee843f15077712b5abc2697888532def9f1219154140b32fa35bdfeb6e35b3b1d4bb70f2a060dd786f143cbb236ba88c96bbe15526b02aa76e3360cb139e79047a8685ba3320cb2c097bdbaf0f70d3ae46ee5d3d3ef0b1d19de4a289dd5bd5196966680254f2af8de9cf7c6fd6e200390e3cad1bf07162f0424e836afaad40565f2d355f02c7ce7e1a47563a9771dc50e408f174cbf163196db9835362c440ee8d063baa1c6b8ee9169a9ba06d719f3335fe66b40c3258d47c30e3a1ff58eb55db0ba5c4e3da71fdc1d195175be60df2b22b5b7b2e1f3d482f1274b0a90da36a70829afdb35d3529378411e1c56d7ffb5f28903a8c49e85dd9ecef9822c9e034c0254ba661a6fafa76f6d4e746a98154f7832eae3fe89e32032e2920ad7af7a66fc4f67a76af35f42b89e71d36529ca2dfc036b4166f62e82b72308ba16c23d3cc6f7264c30b1177d6fa70f74131bc6f683b3a935bdffa6d0c8c4f3850926a59762dc59706e0d2b46fa77c4cc1699e2bc1c07f34a6df926c10da87275407a8455fd5373d731fd19437b44140de1fdcac3cb836ecbf9541a4d5e858b5b786dc527afafb765068d40f7685cc71584eefabdeb6695464fd28b742a7489337ee43e84bb904db0a765ace2eaaa510dac21c5462545f0013399a55a014cd605d4fb658b249b41b1a9aa1eab62d436e195c7bc96277fe4558075fe535a8c606b4af21db53e7fa8c75f19e5200efdb5eb5261ebeff45fb8c502449907c492a18b6511b3e9a2eaa5be51d36ea70210be43092cfad7536dde60f811f8e4babb115613a63da8e745c4956e7561d6ac4f842e624b84f1f1ca60e4b29d101ad460986f8324eabf4a750410b6e95a5307505d88b7e81096c8f4306d8b910760f4e92ea82741b73e631b32094845801814c95aa93fd943f01402a5dee9dc740c7977f55df57235633c173690d8bc24a1fb19768268a352340d8383967023972f3190eaacd2e68591146b9bd46148b1287be171e7537285224f8d4f44c6d669d1cb1149fbe1b187c8297b461c7e1b7b59cf64e65d13a9f9b60a4be800c7eb40ea43a80a532594a08d09e221bb0e6f17580d048347754e357dab99b07becdc61a83e490dbb6a17bf9caa409df67c2210b61126086ffc344ce69f6a9d87b236665fce5d1b5f2d4fd3f301033904445aa56125d8c7682e135c2021fafe9923e442f09595c1b0bc65978756ac207b5462448f7812e50307987452e2256902aaaa099d45a96b2528324f1ce630ab9b50eae3c00f66bc83d1e17fb341ce6c98ff66c8374b1d73717b6d0421d09fced68ff159d3b388ec1869cc78c926d55cf4907f9ced76fe9e7fb91e4ac5005703e1a3ab6a8196f65cf146c592a19907a609dd8819ced0ee66c261e7c87275b3648141e019e515ef2f3bf9ac85434b88474f709868d9df5ac06ecae8c1a965b1a0ee9e18d2b9370abd9f4220429bf39f28618d99e331dc8648023bb3c2e11de94a67d199cf4c528f46b9ed3f5de4e29a41c180117c11f2f73bed5b61bf7181e12c4731d0d1c923f53ea116d9e60b72f558c98a32ae0ffd9634126a3bd89aafdab24da3090441ee4b812412a8559be71f7122cfed6a191229ae4a14cb82274d97e3bae609411bae03ec74521319927ab4a1a3bd59cfae7b20ccd02a0f9a56f90663cb0e613d7476df3bd5bcf06f05ec31848173a01c2e444bf87f4d547bc33e2af613ddfad2944dc4775657c9a513b930c48f82bb1c6f7ab5ae8432fdf405cccb00fe4f5da02e983b97a69ba5d7dc851b925e6db5ec936d1b3d14be3f1fb16a82292ffba53a63f345ed39121d1ccf2ce95821122538044a21b79075c7b166f78f7389ba4ec25f234e7d9b74b0d6127e5d3e014e4b6b8a6dac8b287b64f7876028b6cfed0b7b3b86d9444f875517c9bd69f1e42282bb25613e486445c766efed94a06738919aab1470edb950afb9843460469f2a14b1329afc06eb3bd244ffec8505ed44d0938b3f2a999a8e51a22181db1f95f14c691f68b95319b436162aa5b3c8e5fe62baf5773298eaf3863fcc41e7af87bf4151d31a488ff84b5487c5a20cbce8f3c82f9441294ef007b1b76de8a73da0cde798183db8f99f88a6e69b4464dc257a667b1bd637497075b2a135c4296400551784eb3c1bad0313afc7b87c53f2125fb799a01c4923a6d136f83696c786c99f8892a15281c596476ce21d2620cafbcc8cb6df0a9722fe5618795a7ead894111c40da33d9a00df834d334bc5e2ee7fe1682081798cd874d4f0b8431fb768276855e54a9647480f38590e7d7b6e48800cf53bf2202ecd9a9488535a8f06063e011bd367315c83196d1380c76d7ed82838e95113c1d1a5e41a99b7378a3e56960eb0f286826b07e4fc4dd32412ae125166d3058d04a76a69e39a31992ffe8d53289c62a89bbb550326cc20dfa704354290c393401e9b7ca2a090f06ed5233f7cc66dd131cdff7363bb99e8f4f5cc6213ba0ef3361c2a2d4bb2a249614fe608897f3a14e64c931773801019aa4c27f46261928c0bca77f169f382a5b3fa00d575b27be5edfc04c860fb5cfa26618ceb64c4621cd075d9e82d6ffc709b5deab05da6d8ec3194a92b65ec5a1e36257f9bc8aeb1e2a5dec530ac855b29c86768314c35ddfb8d9ca6a196a3f4b222c548d763dc92b9e89073805a2c55282b56c38f5ab545097623e7cf335245ff5ad9f28fb08cc36b06b5aef807da43260f24ab801673a463beb04d0a115912212750310e33a179fc796fd6ba9f4a1407808e049244d421f876bb5d1ba0314a8a1f2dd065b5e4c34787297964a5a2d040554fed935f5752062e3c2586b874f580dce3eb10845d69f9005c578a01c56dbb6ad015625350131e5bff6f33e181d8ccef2518dc06ec3a3f8c28d57e0b09bfdc5b91ebbfb3b3c365a6544a703cce8b5857c0a6f9d94dd20027174b04c022a2bad2dd9f2da94c5c7a5a996f6970c44687c5002a002ab421f4c268de1991189d9fe25f898ff0e033ad2eb18bd8545c5d13a61c697a90f3df7e07d6b04d82cd9c2b48ea5c1266ec6f440c6a5619c7c70e724e5c21cf5bd76c14141d46d6155bdba06df8534391849a66a890c68e7b451d8efbf2032b717e9425ed4b98b1ef12115540dec868669986c492c0b7d5e2e8488182eed694af4a1024289588e7a03884950925340e66d1c82a88d3bc82d1c93397bdd41815dc38b865c80fe20991523c2d1b0b3a711f354fe07b7b644c865f9881ce18e266d92665a0230369d9178bb361fceda26bf4a35ee2cb377dd894d72a9f735fc73e507757138431c0fd20cdbeea3d7af023b0371f13de168aaec06a0b97a0af3fa2d7a83f929674c6bb2c130db7c7bb08a38f64c9083155705199a12247dc0a53fbf1937c3f67a6a2e5dbd6f2010db6e1df3d0cd9bd7a1c9f2138dfc7c29cc5c5b0d6c9093fb9e6527389b437a9c0390c7f7624c39da8bd38acc27f6a01c5ed942be2536730457dd16303d67ed5f654334f514f6a21c283fd3f65d3c4342a89a63c34f9436f5516410202381073e8567e3149e44386580064cc49e627df7f0ba4e49b2a4ccee027dbb46d14ef32bc59543e8970ac7726051a0352b373538d5c197e229931b950422603869a57291fd2bb374b0b1edc6b801f1a0a6205d29fcd436840c7ead61c44ac237b75278fdf60f31695a27d754fa9b88972165e9bde188b74711a202f7025a09c742e157667b61182f2eac69b9205b8a84d04efecdcd0871f9fb994552116d38b5b598d8dd9c7ca07afb4f91283b216dfa4573f59c1b4a0cb2d1f1d00c4b5216f43eb8aaa902be37efd334363d9294fc337d03c0ca9ea4937339829860686d6d9b5500f4c614f6d951c15f095e1c14625bf60fa14e26fdec44320cd720872c17ffd020f0d2e769c0d18944d5fd9bb2008c900aa6ec00a25ca08b60857939ed67a18159695d7c24f46692590e55fa6b646f97aa3eb34cf74d5ad2da689c2bec6f9257408b42245b47007b96dc47a082808fbdf1bea07e6776a715b3f3771e477cf429ef71ef7c3dbaa4a18e263a9c8c78decbf0ce553f786df4f5e18358531b359dbbe3369a71899aab9b10a9b9ad47236ec1cbfe39f5a2ceab9588af99efbdec0340066dcca8f4c8bb2ee9c6f9caeff786285e900ed91062a7f06c88d4454af379d63416cd4c1e860f24c22eb275f53e1c95f833b49cfcecb272cc5e9e89fe47bd6458803b7b29dc89c0ca06aeb86d8708ae7a7eb56b53b6f288855583c84a7120cb161f7dbd44f1bc11cee378ea7a40a5fc4d49bd2f42772d621d407363c2ea9bd00ba7a97dc899bfedc53b114dc3b98e972175c737bfe31a9d065d6532119ca2d7840aa4f680ed625175f690dbfee2ccce9a8234dd871f9795b28c2dabb1a2a410c4304407617c15ec4e18737d6a0b1b57a7e761aacb866d486d7d29b757d3492dbf1c94ea826005febc53e4a9f45160d5f01b0b5b086bc43fb7a6aedc0d808c14335cfc64a8177e5c834e679be05e93249d3069a1df79d439db4a8a448c26aed9a05c871e0a7abdcfc8c18370cde114dfbff1f756036598b126b9310d7ebd81feec5faf15b52c1b5edb867ef91483170c62264e44ec23d723051d171bf1233ca186571a320cceb24219ae91a43645b693c0b33bc7c9f6c3ade2da2ecb016f7f5ea6f74b7c66314a62995bd3085ff6679f90d5464d103bd3418525a37ebb5f0f8e8ce889be1010a579a6657979956d92b178d230a2e2c4206f28957ebdf3feb3edbf6c699e9e59a9db6aaf27e0ac3e32afb6b130e66402077571c75161e50b8d74c00464869f3219c756c378951cc76af36b72688c38dc32df66597fd01886a8a060334067a209e75a1bff46305d9d3d7ed2d4da63db502d3150fa6cae17d58883958dada65b831a636016e717bc6af29fa7f59bff8bff6f9e5320159ea56b9df815596281f0af01a95be0677830ec7e4cfc255552e460c2a30d75753ce518c31e792fce420ca752c1e9fee70613774b9b3194302a94b4be1fcaeef3db98b01beba98eff594ed81a85dc944f24091d0477925a94486818a417c037e4d1501c5bc020cc51702a9afb9d4734de1106c30d890c4253dd7403992acf2a2ec4ebb538a9d1f68f74939fd6ee52a180f8fe98fa00367d9cab15cbbcc71bde13eacb480e3d56602ff98023efcdb18315151a74a3afe9883c2369b9cf1f24bcf68931be9eeefd1068e9799a2da8d6f7347eb3e55543239510c886399e99e749aaf7d201ad02ae16dc3bdff03c7b49c478d7ba322c2f6af738782cc9cc88e08ace3eea0598b1bc3be01d5f91fd2cf237ca09f006408d1421b46bedb5eeb84f09bd75f8bc00b1a8f98afd6962bd46f27511569a793c614fe2d0aebbe0e12e0b7442742dc250ecf7b8b33ba4518387e04e5ec1bdad8fdbdca1e403bfe68a413f0da2cee28a1cf0d6417049758377809d3e30f9556728bde66f103e9301bd01ba5f4fcf34426493e0277460ab2745b3d860cf640aa249f95d0cbe596a564db8c9816c81677df7a1f781f902dd602e5522eee772e133e89f139cad3f34536575f35402d0742903309772464c340e3376859e368bf6c37017c12eb24bae9a09563d54b5287c67d214b08c33ae22301409490e2a573605b164b4dffd403de765ad439b255de248a6ed34ce7ed7aa4690224b581feb0655f9032325c719fa927064857208e29098a7a0c154885674d40f0ab7963a1a12353bd385825c654e96940d405f24292b22fcd2effc892c31d6444244f38bffde1f62f8e293b83e3a14f0d6a7f6ec042c5aa6a5343f23d4b2c090e622a785d2ba60d719162c9455aa372785f6137a16111886a2edb5b21de6e5c2a700a266634780de9628115209146a4610a2cc3c6714258df3875c660c3184dc294d19a6769e6cf589fc8cca621b8178ef8d07c0378e3cf3086c650cd7da30f1aca9d166089481b31072eb50bb50ce3902a0b36321412e6d410d51a246ea84895cf8bd4db3c1776809924c38487adef730e85cf8f59f444307c4e3d87d632db4163158b040d186f8907570f2e8917a66b5df41e251aaa444f7148b0e41b3283a475bbaf0bbc8e5dcca35d21d0f90136df654628e0d1bc038eae961be3c558a12ded2b936df5c585266ca2774b6f6fd5e25cd1331760476d01e33c3b118d03840e30d7100dd0b6ce8bac6e8ab1189a078dfefdf1c7d8fba127f12a12afdb8677d1afa0769158f4d79d585be636efec813ce1b42169326986dd64fdb4cf75b97f1275f018efa15a30169956b5f25f3bcc61c37efe78800ba5cccca6cd53fe69201152ebd00159fb7fad9777ca3a0d99831ac0cf9a19a4bf9159337e74bfce2968111636f176dc38a28ca4ecbaa0c9d383d53dd643eb530b8185f8b8b4f16a9a934191fcfceda2887e456a471220cd0c8a2a76b33292469d5b69003bcbc26f6c4f0eb5415cdd8141abc0525c6d6bcdbbc7f789b11e26d239bfa8c5769813f3fa51db6057eb9c412cd24ecc9e6a2fc23bb385579f71719280346863448ff1efc8720a97eedff38cbfe7af443fbdcabaa419cc55515549076b20daa0f4f3f20e599aa30752af92fb3ca8d98026e0778944c75be7a1f3195388b2068d10eeb9544420b58c2a741f5b388904f69081a870b4c6d991d4c05ba55bb4935a9b84012e583a2e8c3bdc1a2e9d8d373f85ec17f770d17f728a9d4112e255ae78e2a998a859c3f314e725ce81b29903ea58af05f6628a723dea0d72b93507eaf27b4d8dc917a618a6c84dbdd21264115eb55ed6a972198c120df075d161c9050bcb049fd3dc2754b78d13bbda61ce5287b53780df530c7919eb8360e07825cc957c80dc14165187736e9c4a3e58ba48cd88fb2fb1e37d60512fe74590855d4e8cfa1640529d7d269ad2937e9a02093bbf626309098633dffeb603ea9dd0ff68e7f523c8fd4e588f87f46d11d76527c437c2c5fd0335390ff92043715f0ecb477f9c1ab5d02a62b4778b0fe8dee8af2ea9046c5e292a267d86cf41d466c84a7c3131a20eabf4c2f7b0b1d2910273e76101e54cacab25e6392c7e03b515cfb57e615225c79e7f42812ff92be635fa8fbdfa6f2989752996b5b746506828188ffdf1af1814cf7584f06246c9bedcf94ba131b87dacb985796997a540ddc987df20c81c194d3fd9936c67f21f5a61510f608cd5f5123956e6e82441a6c87b6bcb01c10c74f5aa376412b00b625f9992f4caa9502d4abf97eb8f6dc759ef55bfeea2f1827a65ba55350f5d5e1d89de1edac785af2ae35cecb7f3e9dd64ea1be56b09678b34d2755894e9214b93853c399141c55560f184c535e240962b4f4b870ded3acfd6b9f76510a967d4cc84ae214d87e5e9cbdce193afba53f8fca2790341026328f65c169b34ce6c66b2ce845e678eabfefc6ca2c5c11859160ae9fc234e885605e74af645d8ed9bcc110ee1bea935a541c9af1c65cb3a2323027f7ef7f11cded9187dcda5df22d02b65aba0b11d869e734798d9864f26d522a26f0a818ca63cc5c99bf4f3a3f5a563bf6f6b46cf1ea6a43410ce115915f6f533323cc6ff8853267e9d6bfd49fbdf4a00388b046fa55a60027b6834a9a20cbd8e1b94a17df745f6dde66255a09247bb752bf1b9c13d68405923d7c3d1571d4dc3eeeb9713e6929a4efebf74417f810d994f5bea37f2ce9f0c043571c1aed4a4ac840d520636ce46317507d65cb940dce05997f5dfdb6635ef989d64c571c94f2a5d19fb7fda71fc2a2e7a6eba4a9ce77786a4723f0074d621ffd25a7b33846041409f73b75f83dfb7f9ab0b45491cc627d24f23f7865b1bf2fa803f45c20ddf3d600dad0628d1b00799c98f2a42b5331bd1682e16aa113b2741a7f42365e211ffdc63eb2d5eb83071f38d9c8e0fe8b7b3b4e2f1f29e8b896274c1db2cc073b918d53f20b52060cc7bd2801092791f22eb792ccc74e9e77caff3c702b301422fa238411b0261447284d1e0fd350bf8c67c5b14e042bfbfb393977bdbcf483798893eb3d0da8959819d98fd7b3049493ca8253feaf790bc97ac7845a66c65b127d604ab16fc08ff3394b63b999471ba37044616f22cbf86eb90e10ce365ba709abc361976a8c15de09b9", 0x2000, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f000000a5c0)={0x2030}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 20:09:53 executing program 4: msgrcv(0x0, 0x0, 0x0, 0x0, 0x3000) msgrcv(0x0, &(0x7f0000000080)={0x0, ""/12}, 0x10, 0x0, 0x0) [ 991.062557][ T28] audit: type=1800 audit(1599768593.974:49): pid=20123 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed comm="syz-executor.5" name="bus" dev="ramfs" ino=65194 res=0 [ 991.602339][ T28] audit: type=1800 audit(1599768594.384:50): pid=20146 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="sda1" ino=15905 res=0 20:09:54 executing program 4: perf_event_open(&(0x7f00000012c0)={0x1, 0x6b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = dup(r0) write$UHID_INPUT(r1, &(0x7f0000001440)={0x8, {"a2e3ad21ed6b52f99cfbf4c087f719b4d04fe7ff7fc6e5539b360a0e8b546a9b375094370890e0878fdb1ac6e7049b75b4956c409a472a5b67f3988f7ef31952a981ffe8d178708c523c921b1b4d4b0a169b71d336cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae193973735b36d5b1b63e91c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca5b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b4124351601611c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202fef5952a5391fd5615d429a04a689b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1388dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44060bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e67d1d7232f17696294378ce716dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f7927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb77ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a39973132f02768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e05130935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b3110b932a4d02da711b757fe43c06d21e35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc238a081ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed714887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee658e4cb5e930ed624806c43a006dc9336d07c2b8081c128ad2706f48261f7897084c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90195c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264d2700c838fa2c7b34252600c9654e502dcea39cb6bc3eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b010a3ad0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa70826ad01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0xfd95) [ 992.278855][ T28] audit: type=1800 audit(1599768595.185:51): pid=20149 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.0" name="/" dev="fuse" ino=1 res=0 [ 992.366269][ T28] audit: type=1800 audit(1599768595.275:52): pid=20149 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.0" name="/" dev="fuse" ino=1 res=0 20:09:56 executing program 5: mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000100)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000280)='./file0\x00') r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) open(0x0, 0x0, 0x0) ftruncate(r0, 0x208200) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = open(&(0x7f0000000400)='./bus\x00', 0x14103e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x11, r1, 0x0) read(r1, &(0x7f0000000180)=""/19, 0xfffffe47) 20:09:56 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f0000000240)='./file0\x00') socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) [ 994.219557][T20119] not chained 560000 origins [ 994.224182][T20119] CPU: 1 PID: 20119 Comm: syz-executor.3 Not tainted 5.8.0-rc5-syzkaller #0 [ 994.232852][T20119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 994.242900][T20119] Call Trace: [ 994.246195][T20119] dump_stack+0x21c/0x280 [ 994.250532][T20119] kmsan_internal_chain_origin+0x6f/0x130 [ 994.256255][T20119] ? kmsan_get_metadata+0x116/0x180 [ 994.261455][T20119] ? kmsan_set_origin_checked+0x95/0xf0 [ 994.267030][T20119] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 994.273100][T20119] ? kmsan_get_metadata+0x116/0x180 [ 994.278301][T20119] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 994.284116][T20119] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 994.290200][T20119] ? kmsan_get_metadata+0x116/0x180 [ 994.295399][T20119] ? kmsan_set_origin_checked+0x95/0xf0 [ 994.300948][T20119] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 994.307037][T20119] ? _copy_from_user+0x221/0x330 [ 994.311983][T20119] ? kmsan_get_metadata+0x116/0x180 [ 994.317182][T20119] __msan_chain_origin+0x50/0x90 [ 994.322124][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 994.327248][T20119] get_compat_msghdr+0x108/0x2b0 [ 994.332194][T20119] do_recvmmsg+0xdba/0x22c0 [ 994.336707][T20119] ? kmsan_get_metadata+0x116/0x180 [ 994.341916][T20119] ? kmsan_get_metadata+0x116/0x180 [ 994.347121][T20119] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 994.353017][T20119] ? kmsan_get_metadata+0x116/0x180 [ 994.358217][T20119] ? kmsan_internal_set_origin+0x75/0xb0 [ 994.363848][T20119] ? __msan_poison_alloca+0xf0/0x120 [ 994.369142][T20119] ? __sys_recvmmsg+0xbb/0x610 [ 994.373911][T20119] ? __sys_recvmmsg+0xbb/0x610 [ 994.378676][T20119] __sys_recvmmsg+0x5dd/0x610 [ 994.383367][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 994.389443][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 994.395596][T20119] __do_fast_syscall_32+0x2af/0x480 [ 994.400804][T20119] do_fast_syscall_32+0x6b/0xd0 [ 994.405656][T20119] do_SYSENTER_32+0x73/0x90 [ 994.410165][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 994.416483][T20119] RIP: 0023:0xf7ff5549 [ 994.420538][T20119] Code: Bad RIP value. [ 994.424692][T20119] RSP: 002b:00000000f55ad0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 994.433123][T20119] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 994.441094][T20119] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 994.449058][T20119] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 994.457023][T20119] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 994.464998][T20119] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 994.472988][T20119] Uninit was stored to memory at: [ 994.478023][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 994.483738][T20119] __msan_chain_origin+0x50/0x90 [ 994.488673][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 994.493779][T20119] get_compat_msghdr+0x108/0x2b0 [ 994.498719][T20119] do_recvmmsg+0xdba/0x22c0 [ 994.503222][T20119] __sys_recvmmsg+0x5dd/0x610 [ 994.507913][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 994.513985][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 994.520139][T20119] __do_fast_syscall_32+0x2af/0x480 [ 994.525335][T20119] do_fast_syscall_32+0x6b/0xd0 [ 994.530183][T20119] do_SYSENTER_32+0x73/0x90 [ 994.534686][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 994.540997][T20119] [ 994.543317][T20119] Uninit was stored to memory at: [ 994.548343][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 994.554074][T20119] __msan_chain_origin+0x50/0x90 [ 994.559014][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 994.564119][T20119] get_compat_msghdr+0x108/0x2b0 [ 994.569051][T20119] do_recvmmsg+0xdba/0x22c0 [ 994.573552][T20119] __sys_recvmmsg+0x5dd/0x610 [ 994.578225][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 994.584289][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 994.590438][T20119] __do_fast_syscall_32+0x2af/0x480 [ 994.595631][T20119] do_fast_syscall_32+0x6b/0xd0 [ 994.600480][T20119] do_SYSENTER_32+0x73/0x90 [ 994.604983][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 994.611298][T20119] [ 994.613620][T20119] Uninit was stored to memory at: [ 994.618642][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 994.624361][T20119] __msan_chain_origin+0x50/0x90 [ 994.629295][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 994.634405][T20119] get_compat_msghdr+0x108/0x2b0 [ 994.639337][T20119] do_recvmmsg+0xdba/0x22c0 [ 994.643839][T20119] __sys_recvmmsg+0x5dd/0x610 [ 994.648513][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 994.654576][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 994.660730][T20119] __do_fast_syscall_32+0x2af/0x480 [ 994.665927][T20119] do_fast_syscall_32+0x6b/0xd0 [ 994.670781][T20119] do_SYSENTER_32+0x73/0x90 [ 994.675296][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 994.681606][T20119] [ 994.683926][T20119] Uninit was stored to memory at: [ 994.688963][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 994.694678][T20119] __msan_chain_origin+0x50/0x90 [ 994.699613][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 994.704725][T20119] get_compat_msghdr+0x108/0x2b0 [ 994.709661][T20119] do_recvmmsg+0xdba/0x22c0 [ 994.714157][T20119] __sys_recvmmsg+0x5dd/0x610 [ 994.718831][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 994.724900][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 994.731050][T20119] __do_fast_syscall_32+0x2af/0x480 [ 994.736242][T20119] do_fast_syscall_32+0x6b/0xd0 [ 994.741094][T20119] do_SYSENTER_32+0x73/0x90 [ 994.745598][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 994.751911][T20119] [ 994.754232][T20119] Uninit was stored to memory at: [ 994.759253][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 994.764971][T20119] __msan_chain_origin+0x50/0x90 [ 994.769905][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 994.775026][T20119] get_compat_msghdr+0x108/0x2b0 [ 994.779967][T20119] do_recvmmsg+0xdba/0x22c0 [ 994.784472][T20119] __sys_recvmmsg+0x5dd/0x610 [ 994.789150][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 994.795219][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 994.801370][T20119] __do_fast_syscall_32+0x2af/0x480 [ 994.806565][T20119] do_fast_syscall_32+0x6b/0xd0 [ 994.811410][T20119] do_SYSENTER_32+0x73/0x90 [ 994.815910][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 994.822238][T20119] [ 994.824555][T20119] Uninit was stored to memory at: [ 994.829578][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 994.835296][T20119] __msan_chain_origin+0x50/0x90 [ 994.840231][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 994.845338][T20119] get_compat_msghdr+0x108/0x2b0 [ 994.850275][T20119] do_recvmmsg+0xdba/0x22c0 [ 994.854795][T20119] __sys_recvmmsg+0x5dd/0x610 [ 994.859474][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 994.865540][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 994.871694][T20119] __do_fast_syscall_32+0x2af/0x480 [ 994.876889][T20119] do_fast_syscall_32+0x6b/0xd0 [ 994.881760][T20119] do_SYSENTER_32+0x73/0x90 [ 994.886261][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 994.892572][T20119] [ 994.894887][T20119] Uninit was stored to memory at: [ 994.899912][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 994.905635][T20119] __msan_chain_origin+0x50/0x90 [ 994.910575][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 994.915684][T20119] get_compat_msghdr+0x108/0x2b0 [ 994.920618][T20119] do_recvmmsg+0xdba/0x22c0 [ 994.925128][T20119] __sys_recvmmsg+0x5dd/0x610 [ 994.929814][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 994.935886][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 994.942045][T20119] __do_fast_syscall_32+0x2af/0x480 [ 994.947257][T20119] do_fast_syscall_32+0x6b/0xd0 [ 994.952109][T20119] do_SYSENTER_32+0x73/0x90 [ 994.956618][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 994.962937][T20119] [ 994.965265][T20119] Local variable ----msg_sys@do_recvmmsg created at: [ 994.971941][T20119] do_recvmmsg+0xc2/0x22c0 [ 994.976370][T20119] do_recvmmsg+0xc2/0x22c0 [ 995.163805][T20119] not chained 570000 origins [ 995.168443][T20119] CPU: 0 PID: 20119 Comm: syz-executor.3 Not tainted 5.8.0-rc5-syzkaller #0 [ 995.177106][T20119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 995.187156][T20119] Call Trace: [ 995.190453][T20119] dump_stack+0x21c/0x280 [ 995.194808][T20119] kmsan_internal_chain_origin+0x6f/0x130 [ 995.200539][T20119] ? kmsan_get_metadata+0x116/0x180 [ 995.205741][T20119] ? kmsan_set_origin_checked+0x95/0xf0 [ 995.211288][T20119] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 995.217356][T20119] ? kmsan_get_metadata+0x116/0x180 [ 995.222556][T20119] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 995.228360][T20119] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 995.234437][T20119] ? kmsan_get_metadata+0x116/0x180 [ 995.239641][T20119] ? kmsan_set_origin_checked+0x95/0xf0 [ 995.245197][T20119] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 995.251272][T20119] ? _copy_from_user+0x221/0x330 [ 995.256222][T20119] ? kmsan_get_metadata+0x116/0x180 [ 995.261437][T20119] __msan_chain_origin+0x50/0x90 [ 995.266383][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 995.271554][T20119] get_compat_msghdr+0x108/0x2b0 [ 995.276501][T20119] do_recvmmsg+0xdba/0x22c0 [ 995.281012][T20119] ? kmsan_get_metadata+0x116/0x180 [ 995.286227][T20119] ? kmsan_get_metadata+0x116/0x180 [ 995.291435][T20119] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 995.297334][T20119] ? kmsan_get_metadata+0x116/0x180 [ 995.302534][T20119] ? kmsan_internal_set_origin+0x75/0xb0 [ 995.308171][T20119] ? __msan_poison_alloca+0xf0/0x120 [ 995.313472][T20119] ? __sys_recvmmsg+0xbb/0x610 [ 995.318236][T20119] ? __sys_recvmmsg+0xbb/0x610 [ 995.323004][T20119] __sys_recvmmsg+0x5dd/0x610 [ 995.327704][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 995.333790][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 995.339953][T20119] __do_fast_syscall_32+0x2af/0x480 [ 995.345171][T20119] do_fast_syscall_32+0x6b/0xd0 [ 995.350029][T20119] do_SYSENTER_32+0x73/0x90 [ 995.354539][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 995.360860][T20119] RIP: 0023:0xf7ff5549 [ 995.364917][T20119] Code: Bad RIP value. [ 995.368982][T20119] RSP: 002b:00000000f55ad0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 995.377398][T20119] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 995.385367][T20119] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 995.393453][T20119] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 995.401422][T20119] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 995.409395][T20119] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 995.417371][T20119] Uninit was stored to memory at: [ 995.422409][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 995.428127][T20119] __msan_chain_origin+0x50/0x90 [ 995.433161][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 995.438266][T20119] get_compat_msghdr+0x108/0x2b0 [ 995.443203][T20119] do_recvmmsg+0xdba/0x22c0 [ 995.447699][T20119] __sys_recvmmsg+0x5dd/0x610 [ 995.452374][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 995.458444][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 995.464614][T20119] __do_fast_syscall_32+0x2af/0x480 [ 995.469814][T20119] do_fast_syscall_32+0x6b/0xd0 [ 995.474670][T20119] do_SYSENTER_32+0x73/0x90 [ 995.479176][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 995.485493][T20119] [ 995.487813][T20119] Uninit was stored to memory at: [ 995.492837][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 995.498572][T20119] __msan_chain_origin+0x50/0x90 [ 995.503599][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 995.508710][T20119] get_compat_msghdr+0x108/0x2b0 [ 995.513640][T20119] do_recvmmsg+0xdba/0x22c0 [ 995.518140][T20119] __sys_recvmmsg+0x5dd/0x610 [ 995.522817][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 995.528885][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 995.535042][T20119] __do_fast_syscall_32+0x2af/0x480 [ 995.540247][T20119] do_fast_syscall_32+0x6b/0xd0 [ 995.545099][T20119] do_SYSENTER_32+0x73/0x90 [ 995.549607][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 995.555920][T20119] [ 995.558238][T20119] Uninit was stored to memory at: [ 995.563259][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 995.568973][T20119] __msan_chain_origin+0x50/0x90 [ 995.573927][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 995.579034][T20119] get_compat_msghdr+0x108/0x2b0 [ 995.583972][T20119] do_recvmmsg+0xdba/0x22c0 [ 995.588471][T20119] __sys_recvmmsg+0x5dd/0x610 [ 995.593147][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 995.599211][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 995.605373][T20119] __do_fast_syscall_32+0x2af/0x480 [ 995.610576][T20119] do_fast_syscall_32+0x6b/0xd0 [ 995.615431][T20119] do_SYSENTER_32+0x73/0x90 [ 995.619934][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 995.626257][T20119] [ 995.628586][T20119] Uninit was stored to memory at: [ 995.633695][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 995.639432][T20119] __msan_chain_origin+0x50/0x90 [ 995.644371][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 995.649475][T20119] get_compat_msghdr+0x108/0x2b0 [ 995.654426][T20119] do_recvmmsg+0xdba/0x22c0 [ 995.658929][T20119] __sys_recvmmsg+0x5dd/0x610 [ 995.663606][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 995.669677][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 995.675831][T20119] __do_fast_syscall_32+0x2af/0x480 [ 995.681025][T20119] do_fast_syscall_32+0x6b/0xd0 [ 995.685878][T20119] do_SYSENTER_32+0x73/0x90 [ 995.690385][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 995.696707][T20119] [ 995.699029][T20119] Uninit was stored to memory at: [ 995.704055][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 995.709771][T20119] __msan_chain_origin+0x50/0x90 [ 995.714714][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 995.719825][T20119] get_compat_msghdr+0x108/0x2b0 [ 995.724800][T20119] do_recvmmsg+0xdba/0x22c0 [ 995.729302][T20119] __sys_recvmmsg+0x5dd/0x610 [ 995.733979][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 995.740043][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 995.746195][T20119] __do_fast_syscall_32+0x2af/0x480 [ 995.751392][T20119] do_fast_syscall_32+0x6b/0xd0 [ 995.756242][T20119] do_SYSENTER_32+0x73/0x90 [ 995.760855][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 995.767179][T20119] [ 995.769486][T20119] Uninit was stored to memory at: [ 995.774494][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 995.780199][T20119] __msan_chain_origin+0x50/0x90 [ 995.785124][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 995.790234][T20119] get_compat_msghdr+0x108/0x2b0 [ 995.795261][T20119] do_recvmmsg+0xdba/0x22c0 [ 995.799751][T20119] __sys_recvmmsg+0x5dd/0x610 [ 995.804435][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 995.810490][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 995.816631][T20119] __do_fast_syscall_32+0x2af/0x480 [ 995.821816][T20119] do_fast_syscall_32+0x6b/0xd0 [ 995.826653][T20119] do_SYSENTER_32+0x73/0x90 [ 995.831152][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 995.837455][T20119] [ 995.839767][T20119] Uninit was stored to memory at: [ 995.844794][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 995.850497][T20119] __msan_chain_origin+0x50/0x90 [ 995.855420][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 995.860526][T20119] get_compat_msghdr+0x108/0x2b0 [ 995.865447][T20119] do_recvmmsg+0xdba/0x22c0 [ 995.869939][T20119] __sys_recvmmsg+0x5dd/0x610 [ 995.874606][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 995.880657][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 995.886796][T20119] __do_fast_syscall_32+0x2af/0x480 [ 995.891990][T20119] do_fast_syscall_32+0x6b/0xd0 [ 995.896828][T20119] do_SYSENTER_32+0x73/0x90 [ 995.901321][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 995.907629][T20119] [ 995.909941][T20119] Local variable ----msg_sys@do_recvmmsg created at: 20:09:58 executing program 2: r0 = socket$inet(0x2, 0x5, 0x0) r1 = socket$inet6_sctp(0x1c, 0x5, 0x84) connect$inet6(r1, &(0x7f0000000000)={0x1c, 0x1c, 0x3}, 0x1c) dup2(r1, r0) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x104, &(0x7f00000001c0), &(0x7f0000000200)=0x4) 20:09:58 executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000100)="8199ee7e00ff010000008107008d0200000000a440f03562e3363c000000000018000001040000000000604d6c7d00000000545c4d88107d9792055f000055aa", 0x40, 0x1c0}]) [ 995.916609][T20119] do_recvmmsg+0xc2/0x22c0 [ 995.921011][T20119] do_recvmmsg+0xc2/0x22c0 [ 996.510500][ T28] audit: type=1800 audit(1599768599.415:53): pid=20168 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed comm="syz-executor.5" name="bus" dev="ramfs" ino=65260 res=0 [ 996.656950][T20119] not chained 580000 origins [ 996.661617][T20119] CPU: 0 PID: 20119 Comm: syz-executor.3 Not tainted 5.8.0-rc5-syzkaller #0 [ 996.670284][T20119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 996.680339][T20119] Call Trace: [ 996.683644][T20119] dump_stack+0x21c/0x280 [ 996.687988][T20119] kmsan_internal_chain_origin+0x6f/0x130 [ 996.693720][T20119] ? kmsan_get_metadata+0x116/0x180 [ 996.698926][T20119] ? kmsan_set_origin_checked+0x95/0xf0 [ 996.704477][T20119] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 996.710550][T20119] ? kmsan_get_metadata+0x116/0x180 [ 996.715760][T20119] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 996.721578][T20119] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 996.727647][T20119] ? kmsan_get_metadata+0x116/0x180 [ 996.732848][T20119] ? kmsan_set_origin_checked+0x95/0xf0 [ 996.738406][T20119] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 996.744487][T20119] ? _copy_from_user+0x221/0x330 [ 996.749448][T20119] ? kmsan_get_metadata+0x116/0x180 [ 996.754659][T20119] __msan_chain_origin+0x50/0x90 [ 996.759611][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 996.764745][T20119] get_compat_msghdr+0x108/0x2b0 [ 996.769714][T20119] do_recvmmsg+0xdba/0x22c0 [ 996.774222][T20119] ? kmsan_get_metadata+0x116/0x180 [ 996.779427][T20119] ? kmsan_get_metadata+0x116/0x180 [ 996.784619][T20119] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 996.790504][T20119] ? kmsan_get_metadata+0x116/0x180 [ 996.795697][T20119] ? kmsan_internal_set_origin+0x75/0xb0 [ 996.801330][T20119] ? __msan_poison_alloca+0xf0/0x120 [ 996.806605][T20119] ? __sys_recvmmsg+0xbb/0x610 [ 996.811354][T20119] ? __sys_recvmmsg+0xbb/0x610 [ 996.816108][T20119] __sys_recvmmsg+0x5dd/0x610 [ 996.820791][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 996.826859][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 996.833011][T20119] __do_fast_syscall_32+0x2af/0x480 [ 996.838214][T20119] do_fast_syscall_32+0x6b/0xd0 [ 996.843057][T20119] do_SYSENTER_32+0x73/0x90 [ 996.847553][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 996.853869][T20119] RIP: 0023:0xf7ff5549 [ 996.857916][T20119] Code: Bad RIP value. [ 996.861969][T20119] RSP: 002b:00000000f55ad0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 996.870366][T20119] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 996.878324][T20119] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 996.886282][T20119] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 996.894238][T20119] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 996.902199][T20119] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 996.910168][T20119] Uninit was stored to memory at: [ 996.915185][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 996.920889][T20119] __msan_chain_origin+0x50/0x90 [ 996.925812][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 996.930925][T20119] get_compat_msghdr+0x108/0x2b0 [ 996.935848][T20119] do_recvmmsg+0xdba/0x22c0 [ 996.940339][T20119] __sys_recvmmsg+0x5dd/0x610 [ 996.945004][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 996.951057][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 996.957196][T20119] __do_fast_syscall_32+0x2af/0x480 [ 996.962486][T20119] do_fast_syscall_32+0x6b/0xd0 [ 996.967323][T20119] do_SYSENTER_32+0x73/0x90 [ 996.971815][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 996.978117][T20119] [ 996.980427][T20119] Uninit was stored to memory at: [ 996.985451][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 996.991162][T20119] __msan_chain_origin+0x50/0x90 [ 996.996087][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 997.001188][T20119] get_compat_msghdr+0x108/0x2b0 [ 997.006112][T20119] do_recvmmsg+0xdba/0x22c0 [ 997.010601][T20119] __sys_recvmmsg+0x5dd/0x610 [ 997.015283][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 997.021349][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 997.027494][T20119] __do_fast_syscall_32+0x2af/0x480 [ 997.032687][T20119] do_fast_syscall_32+0x6b/0xd0 [ 997.037531][T20119] do_SYSENTER_32+0x73/0x90 [ 997.042030][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 997.048335][T20119] [ 997.050649][T20119] Uninit was stored to memory at: [ 997.055759][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 997.061464][T20119] __msan_chain_origin+0x50/0x90 [ 997.066395][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 997.071495][T20119] get_compat_msghdr+0x108/0x2b0 [ 997.076420][T20119] do_recvmmsg+0xdba/0x22c0 [ 997.080910][T20119] __sys_recvmmsg+0x5dd/0x610 [ 997.085577][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 997.091632][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 997.097783][T20119] __do_fast_syscall_32+0x2af/0x480 [ 997.102977][T20119] do_fast_syscall_32+0x6b/0xd0 [ 997.107814][T20119] do_SYSENTER_32+0x73/0x90 [ 997.112307][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 997.118609][T20119] [ 997.120938][T20119] Uninit was stored to memory at: [ 997.125950][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 997.131669][T20119] __msan_chain_origin+0x50/0x90 [ 997.136602][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 997.141701][T20119] get_compat_msghdr+0x108/0x2b0 [ 997.146628][T20119] do_recvmmsg+0xdba/0x22c0 [ 997.151119][T20119] __sys_recvmmsg+0x5dd/0x610 [ 997.155788][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 997.161853][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 997.168006][T20119] __do_fast_syscall_32+0x2af/0x480 [ 997.173215][T20119] do_fast_syscall_32+0x6b/0xd0 [ 997.178056][T20119] do_SYSENTER_32+0x73/0x90 [ 997.182570][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 997.188872][T20119] [ 997.191184][T20119] Uninit was stored to memory at: [ 997.196225][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 997.201934][T20119] __msan_chain_origin+0x50/0x90 [ 997.206860][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 997.211961][T20119] get_compat_msghdr+0x108/0x2b0 [ 997.216884][T20119] do_recvmmsg+0xdba/0x22c0 [ 997.221376][T20119] __sys_recvmmsg+0x5dd/0x610 [ 997.226052][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 997.232124][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 997.238264][T20119] __do_fast_syscall_32+0x2af/0x480 [ 997.243450][T20119] do_fast_syscall_32+0x6b/0xd0 [ 997.248288][T20119] do_SYSENTER_32+0x73/0x90 [ 997.252782][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 997.259082][T20119] [ 997.261400][T20119] Uninit was stored to memory at: [ 997.266410][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 997.272126][T20119] __msan_chain_origin+0x50/0x90 [ 997.277054][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 997.282153][T20119] get_compat_msghdr+0x108/0x2b0 [ 997.287079][T20119] do_recvmmsg+0xdba/0x22c0 [ 997.291591][T20119] __sys_recvmmsg+0x5dd/0x610 [ 997.296259][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 997.302333][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 997.308480][T20119] __do_fast_syscall_32+0x2af/0x480 [ 997.313666][T20119] do_fast_syscall_32+0x6b/0xd0 [ 997.318507][T20119] do_SYSENTER_32+0x73/0x90 [ 997.323000][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 997.329304][T20119] [ 997.331616][T20119] Uninit was stored to memory at: [ 997.336630][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 997.342337][T20119] __msan_chain_origin+0x50/0x90 [ 997.347277][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 997.352397][T20119] get_compat_msghdr+0x108/0x2b0 [ 997.357326][T20119] do_recvmmsg+0xdba/0x22c0 [ 997.361814][T20119] __sys_recvmmsg+0x5dd/0x610 [ 997.366478][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 997.372532][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 997.378673][T20119] __do_fast_syscall_32+0x2af/0x480 [ 997.383867][T20119] do_fast_syscall_32+0x6b/0xd0 [ 997.388792][T20119] do_SYSENTER_32+0x73/0x90 [ 997.393285][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 997.399587][T20119] [ 997.401897][T20119] Local variable ----msg_sys@do_recvmmsg created at: [ 997.408554][T20119] do_recvmmsg+0xc2/0x22c0 [ 997.412955][T20119] do_recvmmsg+0xc2/0x22c0 [ 997.867554][T20119] not chained 590000 origins [ 997.872193][T20119] CPU: 0 PID: 20119 Comm: syz-executor.3 Not tainted 5.8.0-rc5-syzkaller #0 [ 997.880868][T20119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 997.890913][T20119] Call Trace: [ 997.894200][T20119] dump_stack+0x21c/0x280 [ 997.898527][T20119] kmsan_internal_chain_origin+0x6f/0x130 [ 997.904242][T20119] ? kmsan_get_metadata+0x116/0x180 [ 997.909450][T20119] ? kmsan_set_origin_checked+0x95/0xf0 [ 997.914986][T20119] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 997.921045][T20119] ? kmsan_get_metadata+0x116/0x180 [ 997.926235][T20119] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 997.932041][T20119] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 997.938095][T20119] ? kmsan_get_metadata+0x116/0x180 [ 997.943281][T20119] ? kmsan_set_origin_checked+0x95/0xf0 [ 997.948812][T20119] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 997.954874][T20119] ? _copy_from_user+0x221/0x330 [ 997.959805][T20119] ? kmsan_get_metadata+0x116/0x180 [ 997.964991][T20119] __msan_chain_origin+0x50/0x90 [ 997.969927][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 997.975038][T20119] get_compat_msghdr+0x108/0x2b0 [ 997.979972][T20119] do_recvmmsg+0xdba/0x22c0 [ 997.984468][T20119] ? kmsan_get_metadata+0x116/0x180 [ 997.989679][T20119] ? kmsan_get_metadata+0x116/0x180 [ 997.994871][T20119] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 998.000759][T20119] ? kmsan_get_metadata+0x116/0x180 [ 998.005949][T20119] ? kmsan_internal_set_origin+0x75/0xb0 [ 998.011575][T20119] ? __msan_poison_alloca+0xf0/0x120 [ 998.016868][T20119] ? __sys_recvmmsg+0xbb/0x610 [ 998.021640][T20119] ? __sys_recvmmsg+0xbb/0x610 [ 998.026393][T20119] __sys_recvmmsg+0x5dd/0x610 [ 998.031070][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 998.037134][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 998.043279][T20119] __do_fast_syscall_32+0x2af/0x480 [ 998.048473][T20119] do_fast_syscall_32+0x6b/0xd0 [ 998.053329][T20119] do_SYSENTER_32+0x73/0x90 [ 998.057835][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 998.064146][T20119] RIP: 0023:0xf7ff5549 [ 998.068277][T20119] Code: Bad RIP value. [ 998.072432][T20119] RSP: 002b:00000000f55ad0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 998.080830][T20119] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 998.088893][T20119] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 998.096850][T20119] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 998.104817][T20119] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 998.112775][T20119] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 998.120745][T20119] Uninit was stored to memory at: [ 998.125766][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 998.131471][T20119] __msan_chain_origin+0x50/0x90 [ 998.136394][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 998.141498][T20119] get_compat_msghdr+0x108/0x2b0 [ 998.146423][T20119] do_recvmmsg+0xdba/0x22c0 [ 998.150915][T20119] __sys_recvmmsg+0x5dd/0x610 [ 998.155578][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 998.161635][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 998.167783][T20119] __do_fast_syscall_32+0x2af/0x480 [ 998.172969][T20119] do_fast_syscall_32+0x6b/0xd0 [ 998.177808][T20119] do_SYSENTER_32+0x73/0x90 [ 998.182298][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 998.188601][T20119] [ 998.190910][T20119] Uninit was stored to memory at: [ 998.195924][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 998.201630][T20119] __msan_chain_origin+0x50/0x90 [ 998.206557][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 998.211659][T20119] get_compat_msghdr+0x108/0x2b0 [ 998.216601][T20119] do_recvmmsg+0xdba/0x22c0 [ 998.221108][T20119] __sys_recvmmsg+0x5dd/0x610 [ 998.225773][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 998.231828][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 998.237975][T20119] __do_fast_syscall_32+0x2af/0x480 [ 998.243168][T20119] do_fast_syscall_32+0x6b/0xd0 [ 998.248011][T20119] do_SYSENTER_32+0x73/0x90 [ 998.252523][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 998.258830][T20119] [ 998.261141][T20119] Uninit was stored to memory at: [ 998.266160][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 998.271868][T20119] __msan_chain_origin+0x50/0x90 [ 998.276794][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 998.281896][T20119] get_compat_msghdr+0x108/0x2b0 [ 998.286820][T20119] do_recvmmsg+0xdba/0x22c0 [ 998.291312][T20119] __sys_recvmmsg+0x5dd/0x610 [ 998.295980][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 998.302042][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 998.308186][T20119] __do_fast_syscall_32+0x2af/0x480 [ 998.313369][T20119] do_fast_syscall_32+0x6b/0xd0 [ 998.318207][T20119] do_SYSENTER_32+0x73/0x90 [ 998.322696][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 998.328995][T20119] [ 998.331305][T20119] Uninit was stored to memory at: [ 998.336316][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 998.342020][T20119] __msan_chain_origin+0x50/0x90 [ 998.346946][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 998.352045][T20119] get_compat_msghdr+0x108/0x2b0 [ 998.356968][T20119] do_recvmmsg+0xdba/0x22c0 [ 998.361469][T20119] __sys_recvmmsg+0x5dd/0x610 [ 998.366137][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 998.372194][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 998.378337][T20119] __do_fast_syscall_32+0x2af/0x480 [ 998.383534][T20119] do_fast_syscall_32+0x6b/0xd0 [ 998.388375][T20119] do_SYSENTER_32+0x73/0x90 [ 998.392868][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 998.399170][T20119] [ 998.401482][T20119] Uninit was stored to memory at: [ 998.406496][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 998.412224][T20119] __msan_chain_origin+0x50/0x90 [ 998.417152][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 998.422264][T20119] get_compat_msghdr+0x108/0x2b0 [ 998.427192][T20119] do_recvmmsg+0xdba/0x22c0 [ 998.431697][T20119] __sys_recvmmsg+0x5dd/0x610 [ 998.436363][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 998.442419][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 998.448561][T20119] __do_fast_syscall_32+0x2af/0x480 [ 998.453748][T20119] do_fast_syscall_32+0x6b/0xd0 [ 998.458587][T20119] do_SYSENTER_32+0x73/0x90 [ 998.463083][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 998.469405][T20119] [ 998.471714][T20119] Uninit was stored to memory at: [ 998.476725][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 998.482430][T20119] __msan_chain_origin+0x50/0x90 [ 998.487354][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 998.492448][T20119] get_compat_msghdr+0x108/0x2b0 [ 998.497367][T20119] do_recvmmsg+0xdba/0x22c0 [ 998.501854][T20119] __sys_recvmmsg+0x5dd/0x610 [ 998.506521][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 998.512575][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 998.518716][T20119] __do_fast_syscall_32+0x2af/0x480 [ 998.523899][T20119] do_fast_syscall_32+0x6b/0xd0 [ 998.528734][T20119] do_SYSENTER_32+0x73/0x90 [ 998.533223][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 998.539523][T20119] [ 998.541831][T20119] Uninit was stored to memory at: [ 998.546839][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 998.552560][T20119] __msan_chain_origin+0x50/0x90 [ 998.557503][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 998.562604][T20119] get_compat_msghdr+0x108/0x2b0 [ 998.567525][T20119] do_recvmmsg+0xdba/0x22c0 [ 998.572015][T20119] __sys_recvmmsg+0x5dd/0x610 [ 998.576681][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 998.582737][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 998.588879][T20119] __do_fast_syscall_32+0x2af/0x480 [ 998.594065][T20119] do_fast_syscall_32+0x6b/0xd0 [ 998.598902][T20119] do_SYSENTER_32+0x73/0x90 [ 998.603395][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 998.609697][T20119] [ 998.612009][T20119] Local variable ----msg_sys@do_recvmmsg created at: [ 998.618669][T20119] do_recvmmsg+0xc2/0x22c0 [ 998.623071][T20119] do_recvmmsg+0xc2/0x22c0 [ 998.927709][T20119] not chained 600000 origins [ 998.932364][T20119] CPU: 0 PID: 20119 Comm: syz-executor.3 Not tainted 5.8.0-rc5-syzkaller #0 [ 998.941047][T20119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 998.951094][T20119] Call Trace: [ 998.954392][T20119] dump_stack+0x21c/0x280 [ 998.958750][T20119] kmsan_internal_chain_origin+0x6f/0x130 [ 998.964477][T20119] ? kmsan_get_metadata+0x116/0x180 [ 998.969683][T20119] ? kmsan_set_origin_checked+0x95/0xf0 [ 998.975237][T20119] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 998.981308][T20119] ? kmsan_get_metadata+0x116/0x180 [ 998.986509][T20119] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 998.992317][T20119] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 998.998386][T20119] ? kmsan_get_metadata+0x116/0x180 [ 999.003592][T20119] ? kmsan_set_origin_checked+0x95/0xf0 [ 999.009155][T20119] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 999.015232][T20119] ? _copy_from_user+0x221/0x330 [ 999.020180][T20119] ? kmsan_get_metadata+0x116/0x180 [ 999.025378][T20119] __msan_chain_origin+0x50/0x90 [ 999.030327][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 999.035456][T20119] get_compat_msghdr+0x108/0x2b0 [ 999.040402][T20119] do_recvmmsg+0xdba/0x22c0 [ 999.044914][T20119] ? kmsan_get_metadata+0x116/0x180 [ 999.050124][T20119] ? kmsan_get_metadata+0x116/0x180 [ 999.055330][T20119] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 999.061231][T20119] ? kmsan_get_metadata+0x116/0x180 [ 999.066430][T20119] ? kmsan_internal_set_origin+0x75/0xb0 [ 999.072069][T20119] ? __msan_poison_alloca+0xf0/0x120 [ 999.077369][T20119] ? __sys_recvmmsg+0xbb/0x610 [ 999.082131][T20119] ? __sys_recvmmsg+0xbb/0x610 [ 999.086900][T20119] __sys_recvmmsg+0x5dd/0x610 [ 999.091604][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 999.097691][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 999.103861][T20119] __do_fast_syscall_32+0x2af/0x480 [ 999.109068][T20119] do_fast_syscall_32+0x6b/0xd0 [ 999.114026][T20119] do_SYSENTER_32+0x73/0x90 [ 999.118550][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 999.124873][T20119] RIP: 0023:0xf7ff5549 [ 999.128929][T20119] Code: Bad RIP value. [ 999.132989][T20119] RSP: 002b:00000000f55ad0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 999.141415][T20119] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 999.149386][T20119] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 999.157359][T20119] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 999.165330][T20119] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 999.173300][T20119] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 999.181285][T20119] Uninit was stored to memory at: [ 999.186312][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 999.192029][T20119] __msan_chain_origin+0x50/0x90 [ 999.197074][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 999.202188][T20119] get_compat_msghdr+0x108/0x2b0 [ 999.207126][T20119] do_recvmmsg+0xdba/0x22c0 [ 999.211630][T20119] __sys_recvmmsg+0x5dd/0x610 [ 999.216320][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 999.222385][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 999.228537][T20119] __do_fast_syscall_32+0x2af/0x480 [ 999.233737][T20119] do_fast_syscall_32+0x6b/0xd0 [ 999.238588][T20119] do_SYSENTER_32+0x73/0x90 [ 999.243095][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 999.249407][T20119] [ 999.251726][T20119] Uninit was stored to memory at: [ 999.256754][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 999.262480][T20119] __msan_chain_origin+0x50/0x90 [ 999.267418][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 999.272532][T20119] get_compat_msghdr+0x108/0x2b0 [ 999.277470][T20119] do_recvmmsg+0xdba/0x22c0 [ 999.281977][T20119] __sys_recvmmsg+0x5dd/0x610 [ 999.286658][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 999.292721][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 999.298871][T20119] __do_fast_syscall_32+0x2af/0x480 [ 999.304092][T20119] do_fast_syscall_32+0x6b/0xd0 [ 999.308964][T20119] do_SYSENTER_32+0x73/0x90 [ 999.313470][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 999.319781][T20119] [ 999.322100][T20119] Uninit was stored to memory at: [ 999.327134][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 999.332851][T20119] __msan_chain_origin+0x50/0x90 [ 999.337793][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 999.342908][T20119] get_compat_msghdr+0x108/0x2b0 [ 999.347842][T20119] do_recvmmsg+0xdba/0x22c0 [ 999.352344][T20119] __sys_recvmmsg+0x5dd/0x610 [ 999.357020][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 999.363093][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 999.369246][T20119] __do_fast_syscall_32+0x2af/0x480 [ 999.374449][T20119] do_fast_syscall_32+0x6b/0xd0 [ 999.379297][T20119] do_SYSENTER_32+0x73/0x90 [ 999.383805][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 999.390120][T20119] [ 999.392439][T20119] Uninit was stored to memory at: [ 999.397464][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 999.403185][T20119] __msan_chain_origin+0x50/0x90 [ 999.408124][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 999.413232][T20119] get_compat_msghdr+0x108/0x2b0 [ 999.418173][T20119] do_recvmmsg+0xdba/0x22c0 [ 999.422687][T20119] __sys_recvmmsg+0x5dd/0x610 [ 999.427403][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 999.433474][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 999.439631][T20119] __do_fast_syscall_32+0x2af/0x480 [ 999.444843][T20119] do_fast_syscall_32+0x6b/0xd0 [ 999.449694][T20119] do_SYSENTER_32+0x73/0x90 [ 999.454194][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 999.460501][T20119] [ 999.462830][T20119] Uninit was stored to memory at: [ 999.467856][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 999.473667][T20119] __msan_chain_origin+0x50/0x90 [ 999.478608][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 999.483729][T20119] get_compat_msghdr+0x108/0x2b0 [ 999.488671][T20119] do_recvmmsg+0xdba/0x22c0 [ 999.493184][T20119] __sys_recvmmsg+0x5dd/0x610 [ 999.497859][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 999.503923][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 999.510078][T20119] __do_fast_syscall_32+0x2af/0x480 [ 999.515275][T20119] do_fast_syscall_32+0x6b/0xd0 [ 999.520127][T20119] do_SYSENTER_32+0x73/0x90 [ 999.524637][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 999.530954][T20119] [ 999.533277][T20119] Uninit was stored to memory at: [ 999.538307][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 999.544024][T20119] __msan_chain_origin+0x50/0x90 [ 999.548959][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 999.554066][T20119] get_compat_msghdr+0x108/0x2b0 [ 999.559002][T20119] do_recvmmsg+0xdba/0x22c0 [ 999.563501][T20119] __sys_recvmmsg+0x5dd/0x610 [ 999.568182][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 999.574243][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 999.580449][T20119] __do_fast_syscall_32+0x2af/0x480 [ 999.585649][T20119] do_fast_syscall_32+0x6b/0xd0 [ 999.590498][T20119] do_SYSENTER_32+0x73/0x90 [ 999.594999][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 999.601315][T20119] [ 999.603632][T20119] Uninit was stored to memory at: [ 999.608660][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 999.614378][T20119] __msan_chain_origin+0x50/0x90 [ 999.619318][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 999.624425][T20119] get_compat_msghdr+0x108/0x2b0 [ 999.629358][T20119] do_recvmmsg+0xdba/0x22c0 [ 999.633905][T20119] __sys_recvmmsg+0x5dd/0x610 [ 999.638585][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 999.644650][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 999.650793][T20119] __do_fast_syscall_32+0x2af/0x480 [ 999.655983][T20119] do_fast_syscall_32+0x6b/0xd0 [ 999.660820][T20119] do_SYSENTER_32+0x73/0x90 [ 999.665422][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 999.671740][T20119] [ 999.674053][T20119] Local variable ----msg_sys@do_recvmmsg created at: [ 999.680708][T20119] do_recvmmsg+0xc2/0x22c0 [ 999.685104][T20119] do_recvmmsg+0xc2/0x22c0 [ 999.826403][T20119] not chained 610000 origins [ 999.831032][T20119] CPU: 0 PID: 20119 Comm: syz-executor.3 Not tainted 5.8.0-rc5-syzkaller #0 [ 999.839699][T20119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 999.849745][T20119] Call Trace: [ 999.853035][T20119] dump_stack+0x21c/0x280 [ 999.857368][T20119] kmsan_internal_chain_origin+0x6f/0x130 [ 999.863089][T20119] ? kmsan_get_metadata+0x116/0x180 [ 999.868287][T20119] ? kmsan_set_origin_checked+0x95/0xf0 [ 999.873839][T20119] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 999.879902][T20119] ? kmsan_get_metadata+0x116/0x180 [ 999.885093][T20119] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 999.890898][T20119] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 999.896955][T20119] ? kmsan_get_metadata+0x116/0x180 [ 999.902142][T20119] ? kmsan_set_origin_checked+0x95/0xf0 [ 999.907696][T20119] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 999.913756][T20119] ? _copy_from_user+0x221/0x330 [ 999.918683][T20119] ? kmsan_get_metadata+0x116/0x180 [ 999.923869][T20119] __msan_chain_origin+0x50/0x90 [ 999.928798][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 999.933908][T20119] get_compat_msghdr+0x108/0x2b0 [ 999.938841][T20119] do_recvmmsg+0xdba/0x22c0 [ 999.943337][T20119] ? kmsan_get_metadata+0x116/0x180 [ 999.948532][T20119] ? kmsan_get_metadata+0x116/0x180 [ 999.953720][T20119] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 999.959603][T20119] ? kmsan_get_metadata+0x116/0x180 [ 999.964799][T20119] ? kmsan_internal_set_origin+0x75/0xb0 [ 999.970433][T20119] ? __msan_poison_alloca+0xf0/0x120 [ 999.975709][T20119] ? __sys_recvmmsg+0xbb/0x610 [ 999.980462][T20119] ? __sys_recvmmsg+0xbb/0x610 [ 999.985216][T20119] __sys_recvmmsg+0x5dd/0x610 [ 999.989893][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 999.995974][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1000.002121][T20119] __do_fast_syscall_32+0x2af/0x480 [ 1000.007318][T20119] do_fast_syscall_32+0x6b/0xd0 [ 1000.012161][T20119] do_SYSENTER_32+0x73/0x90 [ 1000.016675][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1000.022989][T20119] RIP: 0023:0xf7ff5549 [ 1000.027058][T20119] Code: Bad RIP value. [ 1000.031106][T20119] RSP: 002b:00000000f55ad0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1000.039508][T20119] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1000.047467][T20119] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1000.055428][T20119] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1000.063399][T20119] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1000.071359][T20119] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1000.079325][T20119] Uninit was stored to memory at: [ 1000.084336][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 1000.090055][T20119] __msan_chain_origin+0x50/0x90 [ 1000.094978][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 1000.100086][T20119] get_compat_msghdr+0x108/0x2b0 [ 1000.105014][T20119] do_recvmmsg+0xdba/0x22c0 [ 1000.109503][T20119] __sys_recvmmsg+0x5dd/0x610 [ 1000.114192][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1000.120244][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1000.126383][T20119] __do_fast_syscall_32+0x2af/0x480 [ 1000.131569][T20119] do_fast_syscall_32+0x6b/0xd0 [ 1000.136410][T20119] do_SYSENTER_32+0x73/0x90 [ 1000.140908][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1000.147227][T20119] [ 1000.149538][T20119] Uninit was stored to memory at: [ 1000.154552][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 1000.160257][T20119] __msan_chain_origin+0x50/0x90 [ 1000.165197][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 1000.170297][T20119] get_compat_msghdr+0x108/0x2b0 [ 1000.175221][T20119] do_recvmmsg+0xdba/0x22c0 [ 1000.179711][T20119] __sys_recvmmsg+0x5dd/0x610 [ 1000.184377][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1000.190434][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1000.196576][T20119] __do_fast_syscall_32+0x2af/0x480 [ 1000.201765][T20119] do_fast_syscall_32+0x6b/0xd0 [ 1000.206604][T20119] do_SYSENTER_32+0x73/0x90 [ 1000.211098][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1000.217397][T20119] [ 1000.219709][T20119] Uninit was stored to memory at: [ 1000.224727][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 1000.230465][T20119] __msan_chain_origin+0x50/0x90 [ 1000.235397][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 1000.240501][T20119] get_compat_msghdr+0x108/0x2b0 [ 1000.245438][T20119] do_recvmmsg+0xdba/0x22c0 [ 1000.249946][T20119] __sys_recvmmsg+0x5dd/0x610 [ 1000.254617][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1000.260673][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1000.266826][T20119] __do_fast_syscall_32+0x2af/0x480 [ 1000.272020][T20119] do_fast_syscall_32+0x6b/0xd0 [ 1000.276859][T20119] do_SYSENTER_32+0x73/0x90 [ 1000.281352][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1000.287655][T20119] [ 1000.289966][T20119] Uninit was stored to memory at: [ 1000.294980][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 1000.300690][T20119] __msan_chain_origin+0x50/0x90 [ 1000.305629][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 1000.310739][T20119] get_compat_msghdr+0x108/0x2b0 [ 1000.315664][T20119] do_recvmmsg+0xdba/0x22c0 [ 1000.320156][T20119] __sys_recvmmsg+0x5dd/0x610 [ 1000.324828][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1000.330887][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1000.337045][T20119] __do_fast_syscall_32+0x2af/0x480 [ 1000.342247][T20119] do_fast_syscall_32+0x6b/0xd0 [ 1000.347087][T20119] do_SYSENTER_32+0x73/0x90 [ 1000.351578][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1000.357878][T20119] [ 1000.360196][T20119] Uninit was stored to memory at: [ 1000.365212][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 1000.370920][T20119] __msan_chain_origin+0x50/0x90 [ 1000.375850][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 1000.380957][T20119] get_compat_msghdr+0x108/0x2b0 [ 1000.385881][T20119] do_recvmmsg+0xdba/0x22c0 [ 1000.390380][T20119] __sys_recvmmsg+0x5dd/0x610 [ 1000.395064][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1000.401121][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1000.407265][T20119] __do_fast_syscall_32+0x2af/0x480 [ 1000.412543][T20119] do_fast_syscall_32+0x6b/0xd0 [ 1000.417388][T20119] do_SYSENTER_32+0x73/0x90 [ 1000.421881][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1000.428185][T20119] [ 1000.430495][T20119] Uninit was stored to memory at: [ 1000.435509][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 1000.441228][T20119] __msan_chain_origin+0x50/0x90 [ 1000.446172][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 1000.451383][T20119] get_compat_msghdr+0x108/0x2b0 [ 1000.456304][T20119] do_recvmmsg+0xdba/0x22c0 [ 1000.460793][T20119] __sys_recvmmsg+0x5dd/0x610 [ 1000.465473][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1000.471531][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1000.477672][T20119] __do_fast_syscall_32+0x2af/0x480 [ 1000.482858][T20119] do_fast_syscall_32+0x6b/0xd0 [ 1000.487694][T20119] do_SYSENTER_32+0x73/0x90 [ 1000.492277][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1000.498579][T20119] [ 1000.500892][T20119] Uninit was stored to memory at: [ 1000.505908][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 1000.511615][T20119] __msan_chain_origin+0x50/0x90 [ 1000.516555][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 1000.521656][T20119] get_compat_msghdr+0x108/0x2b0 [ 1000.526580][T20119] do_recvmmsg+0xdba/0x22c0 [ 1000.531072][T20119] __sys_recvmmsg+0x5dd/0x610 [ 1000.535739][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1000.541799][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1000.547945][T20119] __do_fast_syscall_32+0x2af/0x480 [ 1000.553156][T20119] do_fast_syscall_32+0x6b/0xd0 [ 1000.558003][T20119] do_SYSENTER_32+0x73/0x90 [ 1000.562523][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1000.568841][T20119] [ 1000.571151][T20119] Local variable ----msg_sys@do_recvmmsg created at: [ 1000.577808][T20119] do_recvmmsg+0xc2/0x22c0 [ 1000.582209][T20119] do_recvmmsg+0xc2/0x22c0 [ 1000.791279][T20119] not chained 620000 origins [ 1000.795914][T20119] CPU: 0 PID: 20119 Comm: syz-executor.3 Not tainted 5.8.0-rc5-syzkaller #0 [ 1000.804578][T20119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1000.814624][T20119] Call Trace: [ 1000.817920][T20119] dump_stack+0x21c/0x280 [ 1000.822264][T20119] kmsan_internal_chain_origin+0x6f/0x130 [ 1000.827988][T20119] ? kmsan_get_metadata+0x116/0x180 [ 1000.833188][T20119] ? kmsan_set_origin_checked+0x95/0xf0 [ 1000.838738][T20119] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1000.844812][T20119] ? kmsan_get_metadata+0x116/0x180 [ 1000.850016][T20119] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 1000.855825][T20119] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1000.861891][T20119] ? kmsan_get_metadata+0x116/0x180 [ 1000.867094][T20119] ? kmsan_set_origin_checked+0x95/0xf0 [ 1000.872641][T20119] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1000.878713][T20119] ? _copy_from_user+0x221/0x330 [ 1000.883655][T20119] ? kmsan_get_metadata+0x116/0x180 [ 1000.888852][T20119] __msan_chain_origin+0x50/0x90 [ 1000.893923][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 1000.899052][T20119] get_compat_msghdr+0x108/0x2b0 [ 1000.903997][T20119] do_recvmmsg+0xdba/0x22c0 [ 1000.908566][T20119] ? kmsan_get_metadata+0x116/0x180 [ 1000.913777][T20119] ? kmsan_get_metadata+0x116/0x180 [ 1000.918980][T20119] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 1000.924879][T20119] ? kmsan_get_metadata+0x116/0x180 [ 1000.930083][T20119] ? kmsan_internal_set_origin+0x75/0xb0 [ 1000.935719][T20119] ? __msan_poison_alloca+0xf0/0x120 [ 1000.941008][T20119] ? __sys_recvmmsg+0xbb/0x610 [ 1000.945770][T20119] ? __sys_recvmmsg+0xbb/0x610 [ 1000.950542][T20119] __sys_recvmmsg+0x5dd/0x610 [ 1000.955238][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1000.961319][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1000.967476][T20119] __do_fast_syscall_32+0x2af/0x480 [ 1000.972685][T20119] do_fast_syscall_32+0x6b/0xd0 [ 1000.977541][T20119] do_SYSENTER_32+0x73/0x90 [ 1000.982048][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1000.988368][T20119] RIP: 0023:0xf7ff5549 [ 1000.992422][T20119] Code: Bad RIP value. [ 1000.996479][T20119] RSP: 002b:00000000f55ad0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1001.004892][T20119] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1001.012866][T20119] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1001.020833][T20119] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1001.028808][T20119] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1001.036774][T20119] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1001.044791][T20119] Uninit was stored to memory at: [ 1001.049825][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 1001.055541][T20119] __msan_chain_origin+0x50/0x90 [ 1001.060478][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 1001.065585][T20119] get_compat_msghdr+0x108/0x2b0 [ 1001.070512][T20119] do_recvmmsg+0xdba/0x22c0 [ 1001.075000][T20119] __sys_recvmmsg+0x5dd/0x610 [ 1001.079677][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1001.085752][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1001.091892][T20119] __do_fast_syscall_32+0x2af/0x480 [ 1001.097082][T20119] do_fast_syscall_32+0x6b/0xd0 [ 1001.101921][T20119] do_SYSENTER_32+0x73/0x90 [ 1001.106413][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1001.112715][T20119] [ 1001.115025][T20119] Uninit was stored to memory at: [ 1001.120038][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 1001.125741][T20119] __msan_chain_origin+0x50/0x90 [ 1001.130752][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 1001.135861][T20119] get_compat_msghdr+0x108/0x2b0 [ 1001.140784][T20119] do_recvmmsg+0xdba/0x22c0 [ 1001.145271][T20119] __sys_recvmmsg+0x5dd/0x610 [ 1001.149932][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1001.155992][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1001.162130][T20119] __do_fast_syscall_32+0x2af/0x480 [ 1001.167321][T20119] do_fast_syscall_32+0x6b/0xd0 [ 1001.172159][T20119] do_SYSENTER_32+0x73/0x90 [ 1001.176649][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1001.182947][T20119] [ 1001.185254][T20119] Uninit was stored to memory at: [ 1001.190263][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 1001.195975][T20119] __msan_chain_origin+0x50/0x90 [ 1001.200903][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 1001.205998][T20119] get_compat_msghdr+0x108/0x2b0 [ 1001.210923][T20119] do_recvmmsg+0xdba/0x22c0 [ 1001.215412][T20119] __sys_recvmmsg+0x5dd/0x610 [ 1001.220092][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1001.226147][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1001.232290][T20119] __do_fast_syscall_32+0x2af/0x480 [ 1001.237478][T20119] do_fast_syscall_32+0x6b/0xd0 [ 1001.242315][T20119] do_SYSENTER_32+0x73/0x90 [ 1001.246803][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1001.253104][T20119] [ 1001.255413][T20119] Uninit was stored to memory at: [ 1001.260425][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 1001.266133][T20119] __msan_chain_origin+0x50/0x90 [ 1001.271055][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 1001.276156][T20119] get_compat_msghdr+0x108/0x2b0 [ 1001.281082][T20119] do_recvmmsg+0xdba/0x22c0 [ 1001.285571][T20119] __sys_recvmmsg+0x5dd/0x610 [ 1001.290237][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1001.296290][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1001.302448][T20119] __do_fast_syscall_32+0x2af/0x480 [ 1001.307650][T20119] do_fast_syscall_32+0x6b/0xd0 [ 1001.312600][T20119] do_SYSENTER_32+0x73/0x90 [ 1001.317092][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1001.323396][T20119] [ 1001.325707][T20119] Uninit was stored to memory at: [ 1001.330756][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 1001.336464][T20119] __msan_chain_origin+0x50/0x90 [ 1001.341393][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 1001.346495][T20119] get_compat_msghdr+0x108/0x2b0 [ 1001.351423][T20119] do_recvmmsg+0xdba/0x22c0 [ 1001.355912][T20119] __sys_recvmmsg+0x5dd/0x610 [ 1001.360579][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1001.366639][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1001.372780][T20119] __do_fast_syscall_32+0x2af/0x480 [ 1001.377978][T20119] do_fast_syscall_32+0x6b/0xd0 [ 1001.382820][T20119] do_SYSENTER_32+0x73/0x90 [ 1001.387407][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1001.393713][T20119] [ 1001.396041][T20119] Uninit was stored to memory at: [ 1001.401068][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 1001.406796][T20119] __msan_chain_origin+0x50/0x90 [ 1001.411722][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 1001.416820][T20119] get_compat_msghdr+0x108/0x2b0 [ 1001.421751][T20119] do_recvmmsg+0xdba/0x22c0 [ 1001.426243][T20119] __sys_recvmmsg+0x5dd/0x610 [ 1001.430910][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1001.436971][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1001.443110][T20119] __do_fast_syscall_32+0x2af/0x480 [ 1001.448293][T20119] do_fast_syscall_32+0x6b/0xd0 [ 1001.453131][T20119] do_SYSENTER_32+0x73/0x90 [ 1001.457618][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1001.463920][T20119] [ 1001.466242][T20119] Uninit was stored to memory at: [ 1001.471272][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 1001.476980][T20119] __msan_chain_origin+0x50/0x90 [ 1001.481907][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 1001.487004][T20119] get_compat_msghdr+0x108/0x2b0 [ 1001.491929][T20119] do_recvmmsg+0xdba/0x22c0 [ 1001.496424][T20119] __sys_recvmmsg+0x5dd/0x610 [ 1001.501093][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1001.507147][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1001.513289][T20119] __do_fast_syscall_32+0x2af/0x480 [ 1001.518477][T20119] do_fast_syscall_32+0x6b/0xd0 [ 1001.523324][T20119] do_SYSENTER_32+0x73/0x90 [ 1001.527844][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1001.534152][T20119] [ 1001.536466][T20119] Local variable ----msg_sys@do_recvmmsg created at: [ 1001.543128][T20119] do_recvmmsg+0xc2/0x22c0 [ 1001.547534][T20119] do_recvmmsg+0xc2/0x22c0 [ 1001.606783][T20119] not chained 630000 origins [ 1001.611396][T20119] CPU: 0 PID: 20119 Comm: syz-executor.3 Not tainted 5.8.0-rc5-syzkaller #0 [ 1001.620055][T20119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1001.630107][T20119] Call Trace: [ 1001.633408][T20119] dump_stack+0x21c/0x280 [ 1001.637794][T20119] kmsan_internal_chain_origin+0x6f/0x130 [ 1001.643551][T20119] ? kmsan_get_metadata+0x116/0x180 [ 1001.648751][T20119] ? kmsan_set_origin_checked+0x95/0xf0 [ 1001.654301][T20119] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1001.660369][T20119] ? kmsan_get_metadata+0x116/0x180 [ 1001.665569][T20119] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 1001.671380][T20119] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1001.677451][T20119] ? kmsan_get_metadata+0x116/0x180 [ 1001.682651][T20119] ? kmsan_set_origin_checked+0x95/0xf0 [ 1001.688198][T20119] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1001.694270][T20119] ? _copy_from_user+0x221/0x330 [ 1001.699219][T20119] ? kmsan_get_metadata+0x116/0x180 [ 1001.704415][T20119] __msan_chain_origin+0x50/0x90 [ 1001.709351][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 1001.714463][T20119] get_compat_msghdr+0x108/0x2b0 [ 1001.719396][T20119] do_recvmmsg+0xdba/0x22c0 [ 1001.723886][T20119] ? kmsan_get_metadata+0x116/0x180 [ 1001.729084][T20119] ? kmsan_get_metadata+0x116/0x180 [ 1001.734275][T20119] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 1001.740158][T20119] ? kmsan_get_metadata+0x116/0x180 [ 1001.745363][T20119] ? kmsan_internal_set_origin+0x75/0xb0 [ 1001.750985][T20119] ? __msan_poison_alloca+0xf0/0x120 [ 1001.756258][T20119] ? __sys_recvmmsg+0xbb/0x610 [ 1001.761006][T20119] ? __sys_recvmmsg+0xbb/0x610 [ 1001.765759][T20119] __sys_recvmmsg+0x5dd/0x610 [ 1001.770436][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1001.776501][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1001.782644][T20119] __do_fast_syscall_32+0x2af/0x480 [ 1001.787837][T20119] do_fast_syscall_32+0x6b/0xd0 [ 1001.792680][T20119] do_SYSENTER_32+0x73/0x90 [ 1001.797175][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1001.803485][T20119] RIP: 0023:0xf7ff5549 [ 1001.807530][T20119] Code: Bad RIP value. [ 1001.811581][T20119] RSP: 002b:00000000f55ad0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1001.819984][T20119] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1001.827949][T20119] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1001.835910][T20119] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1001.843867][T20119] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1001.851925][T20119] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1001.859886][T20119] Uninit was stored to memory at: [ 1001.864901][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 1001.870606][T20119] __msan_chain_origin+0x50/0x90 [ 1001.875533][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 1001.880630][T20119] get_compat_msghdr+0x108/0x2b0 [ 1001.885552][T20119] do_recvmmsg+0xdba/0x22c0 [ 1001.890045][T20119] __sys_recvmmsg+0x5dd/0x610 [ 1001.894717][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1001.900775][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1001.906918][T20119] __do_fast_syscall_32+0x2af/0x480 [ 1001.912104][T20119] do_fast_syscall_32+0x6b/0xd0 [ 1001.916941][T20119] do_SYSENTER_32+0x73/0x90 [ 1001.921431][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1001.927746][T20119] [ 1001.930056][T20119] Uninit was stored to memory at: [ 1001.935067][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 1001.940774][T20119] __msan_chain_origin+0x50/0x90 [ 1001.945701][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 1001.950800][T20119] get_compat_msghdr+0x108/0x2b0 [ 1001.955721][T20119] do_recvmmsg+0xdba/0x22c0 [ 1001.960208][T20119] __sys_recvmmsg+0x5dd/0x610 [ 1001.964873][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1001.970928][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1001.977067][T20119] __do_fast_syscall_32+0x2af/0x480 [ 1001.982253][T20119] do_fast_syscall_32+0x6b/0xd0 [ 1001.987085][T20119] do_SYSENTER_32+0x73/0x90 [ 1001.991577][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1001.997879][T20119] [ 1002.000188][T20119] Uninit was stored to memory at: [ 1002.005201][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 1002.010907][T20119] __msan_chain_origin+0x50/0x90 [ 1002.015835][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 1002.020932][T20119] get_compat_msghdr+0x108/0x2b0 [ 1002.025855][T20119] do_recvmmsg+0xdba/0x22c0 [ 1002.030347][T20119] __sys_recvmmsg+0x5dd/0x610 [ 1002.035011][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1002.041071][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1002.047213][T20119] __do_fast_syscall_32+0x2af/0x480 [ 1002.052401][T20119] do_fast_syscall_32+0x6b/0xd0 [ 1002.057236][T20119] do_SYSENTER_32+0x73/0x90 [ 1002.061743][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1002.068047][T20119] [ 1002.070360][T20119] Uninit was stored to memory at: [ 1002.075392][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 1002.081101][T20119] __msan_chain_origin+0x50/0x90 [ 1002.086025][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 1002.091120][T20119] get_compat_msghdr+0x108/0x2b0 [ 1002.096045][T20119] do_recvmmsg+0xdba/0x22c0 [ 1002.100533][T20119] __sys_recvmmsg+0x5dd/0x610 [ 1002.105198][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1002.111251][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1002.117391][T20119] __do_fast_syscall_32+0x2af/0x480 [ 1002.122585][T20119] do_fast_syscall_32+0x6b/0xd0 [ 1002.127420][T20119] do_SYSENTER_32+0x73/0x90 [ 1002.131922][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1002.138317][T20119] [ 1002.140634][T20119] Uninit was stored to memory at: [ 1002.145647][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 1002.151366][T20119] __msan_chain_origin+0x50/0x90 [ 1002.156302][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 1002.161402][T20119] get_compat_msghdr+0x108/0x2b0 [ 1002.166336][T20119] do_recvmmsg+0xdba/0x22c0 [ 1002.170827][T20119] __sys_recvmmsg+0x5dd/0x610 [ 1002.175496][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1002.181549][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1002.187699][T20119] __do_fast_syscall_32+0x2af/0x480 [ 1002.192896][T20119] do_fast_syscall_32+0x6b/0xd0 [ 1002.197735][T20119] do_SYSENTER_32+0x73/0x90 [ 1002.202241][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1002.208545][T20119] [ 1002.210855][T20119] Uninit was stored to memory at: [ 1002.215867][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 1002.221571][T20119] __msan_chain_origin+0x50/0x90 [ 1002.226500][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 1002.231600][T20119] get_compat_msghdr+0x108/0x2b0 [ 1002.236541][T20119] do_recvmmsg+0xdba/0x22c0 [ 1002.241035][T20119] __sys_recvmmsg+0x5dd/0x610 [ 1002.245701][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1002.251758][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1002.257906][T20119] __do_fast_syscall_32+0x2af/0x480 [ 1002.263098][T20119] do_fast_syscall_32+0x6b/0xd0 [ 1002.267940][T20119] do_SYSENTER_32+0x73/0x90 [ 1002.272431][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1002.278758][T20119] [ 1002.281083][T20119] Uninit was stored to memory at: [ 1002.286097][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 1002.291808][T20119] __msan_chain_origin+0x50/0x90 [ 1002.296733][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 1002.301833][T20119] get_compat_msghdr+0x108/0x2b0 [ 1002.306760][T20119] do_recvmmsg+0xdba/0x22c0 [ 1002.311263][T20119] __sys_recvmmsg+0x5dd/0x610 [ 1002.315933][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1002.321989][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1002.328132][T20119] __do_fast_syscall_32+0x2af/0x480 [ 1002.333405][T20119] do_fast_syscall_32+0x6b/0xd0 [ 1002.338243][T20119] do_SYSENTER_32+0x73/0x90 [ 1002.342735][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1002.349037][T20119] [ 1002.351348][T20119] Local variable ----msg_sys@do_recvmmsg created at: [ 1002.358011][T20119] do_recvmmsg+0xc2/0x22c0 [ 1002.362412][T20119] do_recvmmsg+0xc2/0x22c0 [ 1002.490394][T20117] not chained 640000 origins [ 1002.495120][T20117] CPU: 1 PID: 20117 Comm: syz-executor.3 Not tainted 5.8.0-rc5-syzkaller #0 [ 1002.503776][T20117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1002.513823][T20117] Call Trace: [ 1002.517110][T20117] dump_stack+0x21c/0x280 [ 1002.521438][T20117] kmsan_internal_chain_origin+0x6f/0x130 [ 1002.527149][T20117] ? kmsan_get_metadata+0x116/0x180 [ 1002.532339][T20117] ? kmsan_set_origin_checked+0x95/0xf0 [ 1002.537877][T20117] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1002.543952][T20117] ? kmsan_get_metadata+0x116/0x180 [ 1002.549159][T20117] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 1002.554958][T20117] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1002.561012][T20117] ? kmsan_get_metadata+0x116/0x180 [ 1002.566214][T20117] ? kmsan_set_origin_checked+0x95/0xf0 [ 1002.571851][T20117] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1002.577919][T20117] ? _copy_from_user+0x221/0x330 [ 1002.582855][T20117] ? kmsan_get_metadata+0x116/0x180 [ 1002.588060][T20117] __msan_chain_origin+0x50/0x90 [ 1002.592989][T20117] __get_compat_msghdr+0x6db/0x9d0 [ 1002.598106][T20117] get_compat_msghdr+0x108/0x2b0 [ 1002.603039][T20117] do_recvmmsg+0xdba/0x22c0 [ 1002.607545][T20117] ? kmsan_get_metadata+0x116/0x180 [ 1002.612749][T20117] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 1002.618633][T20117] ? kmsan_get_metadata+0x116/0x180 [ 1002.623820][T20117] ? kmsan_internal_set_origin+0x75/0xb0 [ 1002.629440][T20117] ? __msan_poison_alloca+0xf0/0x120 [ 1002.634720][T20117] ? __sys_recvmmsg+0xbb/0x610 [ 1002.639474][T20117] ? __sys_recvmmsg+0xbb/0x610 [ 1002.644222][T20117] __sys_recvmmsg+0x5dd/0x610 [ 1002.648981][T20117] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1002.655043][T20117] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1002.661192][T20117] __do_fast_syscall_32+0x2af/0x480 [ 1002.666401][T20117] do_fast_syscall_32+0x6b/0xd0 [ 1002.671243][T20117] do_SYSENTER_32+0x73/0x90 [ 1002.675742][T20117] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1002.682052][T20117] RIP: 0023:0xf7ff5549 [ 1002.686099][T20117] Code: Bad RIP value. [ 1002.690152][T20117] RSP: 002b:00000000f55ce0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1002.698564][T20117] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1002.706524][T20117] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1002.714482][T20117] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1002.722448][T20117] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1002.730446][T20117] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1002.738420][T20117] Uninit was stored to memory at: [ 1002.743437][T20117] kmsan_internal_chain_origin+0xad/0x130 [ 1002.749144][T20117] __msan_chain_origin+0x50/0x90 [ 1002.754072][T20117] __get_compat_msghdr+0x6db/0x9d0 [ 1002.759172][T20117] get_compat_msghdr+0x108/0x2b0 [ 1002.764113][T20117] do_recvmmsg+0xdba/0x22c0 [ 1002.768602][T20117] __sys_recvmmsg+0x5dd/0x610 [ 1002.773274][T20117] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1002.779329][T20117] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1002.785471][T20117] __do_fast_syscall_32+0x2af/0x480 [ 1002.790746][T20117] do_fast_syscall_32+0x6b/0xd0 [ 1002.795583][T20117] do_SYSENTER_32+0x73/0x90 [ 1002.800076][T20117] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1002.806378][T20117] [ 1002.808708][T20117] Uninit was stored to memory at: [ 1002.813720][T20117] kmsan_internal_chain_origin+0xad/0x130 [ 1002.819425][T20117] __msan_chain_origin+0x50/0x90 [ 1002.824351][T20117] __get_compat_msghdr+0x6db/0x9d0 [ 1002.829446][T20117] get_compat_msghdr+0x108/0x2b0 [ 1002.834369][T20117] do_recvmmsg+0xdba/0x22c0 [ 1002.838859][T20117] __sys_recvmmsg+0x5dd/0x610 [ 1002.843523][T20117] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1002.849577][T20117] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1002.855723][T20117] __do_fast_syscall_32+0x2af/0x480 [ 1002.860907][T20117] do_fast_syscall_32+0x6b/0xd0 [ 1002.865752][T20117] do_SYSENTER_32+0x73/0x90 [ 1002.870351][T20117] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1002.876654][T20117] [ 1002.878965][T20117] Uninit was stored to memory at: [ 1002.883978][T20117] kmsan_internal_chain_origin+0xad/0x130 [ 1002.889711][T20117] __msan_chain_origin+0x50/0x90 [ 1002.894631][T20117] __get_compat_msghdr+0x6db/0x9d0 [ 1002.899727][T20117] get_compat_msghdr+0x108/0x2b0 [ 1002.904660][T20117] do_recvmmsg+0xdba/0x22c0 [ 1002.909154][T20117] __sys_recvmmsg+0x5dd/0x610 [ 1002.913832][T20117] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1002.919885][T20117] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1002.926024][T20117] __do_fast_syscall_32+0x2af/0x480 [ 1002.931211][T20117] do_fast_syscall_32+0x6b/0xd0 [ 1002.936048][T20117] do_SYSENTER_32+0x73/0x90 [ 1002.940805][T20117] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1002.947110][T20117] [ 1002.949420][T20117] Uninit was stored to memory at: [ 1002.954430][T20117] kmsan_internal_chain_origin+0xad/0x130 [ 1002.960135][T20117] __msan_chain_origin+0x50/0x90 [ 1002.965061][T20117] __get_compat_msghdr+0x6db/0x9d0 [ 1002.970160][T20117] get_compat_msghdr+0x108/0x2b0 [ 1002.975083][T20117] do_recvmmsg+0xdba/0x22c0 [ 1002.979573][T20117] __sys_recvmmsg+0x5dd/0x610 [ 1002.984256][T20117] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1002.990318][T20117] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1002.996457][T20117] __do_fast_syscall_32+0x2af/0x480 [ 1003.001856][T20117] do_fast_syscall_32+0x6b/0xd0 [ 1003.006693][T20117] do_SYSENTER_32+0x73/0x90 [ 1003.011183][T20117] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1003.017482][T20117] [ 1003.019792][T20117] Uninit was stored to memory at: [ 1003.024825][T20117] kmsan_internal_chain_origin+0xad/0x130 [ 1003.030532][T20117] __msan_chain_origin+0x50/0x90 [ 1003.035457][T20117] __get_compat_msghdr+0x6db/0x9d0 [ 1003.040575][T20117] get_compat_msghdr+0x108/0x2b0 [ 1003.045500][T20117] do_recvmmsg+0xdba/0x22c0 [ 1003.049987][T20117] __sys_recvmmsg+0x5dd/0x610 [ 1003.054653][T20117] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1003.060705][T20117] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1003.066841][T20117] __do_fast_syscall_32+0x2af/0x480 [ 1003.072028][T20117] do_fast_syscall_32+0x6b/0xd0 [ 1003.076863][T20117] do_SYSENTER_32+0x73/0x90 [ 1003.081358][T20117] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1003.087683][T20117] [ 1003.090003][T20117] Uninit was stored to memory at: [ 1003.095015][T20117] kmsan_internal_chain_origin+0xad/0x130 [ 1003.100719][T20117] __msan_chain_origin+0x50/0x90 [ 1003.105643][T20117] __get_compat_msghdr+0x6db/0x9d0 [ 1003.110750][T20117] get_compat_msghdr+0x108/0x2b0 [ 1003.115763][T20117] do_recvmmsg+0xdba/0x22c0 [ 1003.120256][T20117] __sys_recvmmsg+0x5dd/0x610 [ 1003.124920][T20117] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1003.130974][T20117] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1003.137148][T20117] __do_fast_syscall_32+0x2af/0x480 [ 1003.142342][T20117] do_fast_syscall_32+0x6b/0xd0 [ 1003.147182][T20117] do_SYSENTER_32+0x73/0x90 [ 1003.151678][T20117] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1003.157983][T20117] [ 1003.160297][T20117] Uninit was stored to memory at: [ 1003.165312][T20117] kmsan_internal_chain_origin+0xad/0x130 [ 1003.171021][T20117] __msan_chain_origin+0x50/0x90 [ 1003.175945][T20117] __get_compat_msghdr+0x6db/0x9d0 [ 1003.181055][T20117] get_compat_msghdr+0x108/0x2b0 [ 1003.185981][T20117] do_recvmmsg+0xdba/0x22c0 [ 1003.190475][T20117] __sys_recvmmsg+0x5dd/0x610 [ 1003.195141][T20117] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1003.201199][T20117] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1003.207348][T20117] __do_fast_syscall_32+0x2af/0x480 [ 1003.212535][T20117] do_fast_syscall_32+0x6b/0xd0 [ 1003.217379][T20117] do_SYSENTER_32+0x73/0x90 [ 1003.221871][T20117] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1003.228172][T20117] [ 1003.230485][T20117] Local variable ----msg_sys@do_recvmmsg created at: [ 1003.237143][T20117] do_recvmmsg+0xc2/0x22c0 [ 1003.241545][T20117] do_recvmmsg+0xc2/0x22c0 [ 1003.585650][T20119] not chained 650000 origins [ 1003.590282][T20119] CPU: 1 PID: 20119 Comm: syz-executor.3 Not tainted 5.8.0-rc5-syzkaller #0 [ 1003.598947][T20119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1003.609000][T20119] Call Trace: [ 1003.612303][T20119] dump_stack+0x21c/0x280 [ 1003.616643][T20119] kmsan_internal_chain_origin+0x6f/0x130 [ 1003.622375][T20119] ? kmsan_get_metadata+0x116/0x180 [ 1003.627578][T20119] ? kmsan_set_origin_checked+0x95/0xf0 [ 1003.633136][T20119] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1003.639207][T20119] ? kmsan_get_metadata+0x116/0x180 [ 1003.644411][T20119] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 1003.650222][T20119] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1003.656326][T20119] ? kmsan_get_metadata+0x116/0x180 [ 1003.661530][T20119] ? kmsan_set_origin_checked+0x95/0xf0 [ 1003.667082][T20119] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1003.673159][T20119] ? _copy_from_user+0x221/0x330 [ 1003.678108][T20119] ? kmsan_get_metadata+0x116/0x180 [ 1003.683310][T20119] __msan_chain_origin+0x50/0x90 [ 1003.688253][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 1003.693383][T20119] get_compat_msghdr+0x108/0x2b0 [ 1003.698328][T20119] do_recvmmsg+0xdba/0x22c0 [ 1003.702843][T20119] ? kmsan_get_metadata+0x116/0x180 [ 1003.708052][T20119] ? kmsan_get_metadata+0x116/0x180 [ 1003.713257][T20119] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 1003.719161][T20119] ? kmsan_get_metadata+0x116/0x180 [ 1003.724365][T20119] ? kmsan_internal_set_origin+0x75/0xb0 [ 1003.729998][T20119] ? __msan_poison_alloca+0xf0/0x120 [ 1003.735287][T20119] ? __sys_recvmmsg+0xbb/0x610 [ 1003.740053][T20119] ? __sys_recvmmsg+0xbb/0x610 [ 1003.744823][T20119] __sys_recvmmsg+0x5dd/0x610 [ 1003.749517][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1003.755596][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1003.761758][T20119] __do_fast_syscall_32+0x2af/0x480 [ 1003.766969][T20119] do_fast_syscall_32+0x6b/0xd0 [ 1003.771824][T20119] do_SYSENTER_32+0x73/0x90 [ 1003.776334][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1003.782658][T20119] RIP: 0023:0xf7ff5549 [ 1003.786714][T20119] Code: Bad RIP value. [ 1003.790786][T20119] RSP: 002b:00000000f55ad0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1003.799196][T20119] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1003.807164][T20119] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1003.815137][T20119] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1003.823109][T20119] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1003.831076][T20119] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1003.839052][T20119] Uninit was stored to memory at: [ 1003.844081][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 1003.849801][T20119] __msan_chain_origin+0x50/0x90 [ 1003.854742][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 1003.859861][T20119] get_compat_msghdr+0x108/0x2b0 [ 1003.864814][T20119] do_recvmmsg+0xdba/0x22c0 [ 1003.869316][T20119] __sys_recvmmsg+0x5dd/0x610 [ 1003.873992][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1003.880057][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1003.886209][T20119] __do_fast_syscall_32+0x2af/0x480 [ 1003.891422][T20119] do_fast_syscall_32+0x6b/0xd0 [ 1003.896270][T20119] do_SYSENTER_32+0x73/0x90 [ 1003.900775][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1003.907089][T20119] [ 1003.909410][T20119] Uninit was stored to memory at: [ 1003.914438][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 1003.920161][T20119] __msan_chain_origin+0x50/0x90 [ 1003.925100][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 1003.930213][T20119] get_compat_msghdr+0x108/0x2b0 [ 1003.935150][T20119] do_recvmmsg+0xdba/0x22c0 [ 1003.939656][T20119] __sys_recvmmsg+0x5dd/0x610 [ 1003.944341][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1003.950409][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1003.956561][T20119] __do_fast_syscall_32+0x2af/0x480 [ 1003.961760][T20119] do_fast_syscall_32+0x6b/0xd0 [ 1003.966613][T20119] do_SYSENTER_32+0x73/0x90 [ 1003.971117][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1003.977433][T20119] [ 1003.979755][T20119] Uninit was stored to memory at: [ 1003.984782][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 1003.990501][T20119] __msan_chain_origin+0x50/0x90 [ 1003.995439][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 1004.000552][T20119] get_compat_msghdr+0x108/0x2b0 [ 1004.005488][T20119] do_recvmmsg+0xdba/0x22c0 [ 1004.010010][T20119] __sys_recvmmsg+0x5dd/0x610 [ 1004.014690][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1004.020763][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1004.026919][T20119] __do_fast_syscall_32+0x2af/0x480 [ 1004.032115][T20119] do_fast_syscall_32+0x6b/0xd0 [ 1004.036968][T20119] do_SYSENTER_32+0x73/0x90 [ 1004.041477][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1004.047788][T20119] [ 1004.050111][T20119] Uninit was stored to memory at: [ 1004.055145][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 1004.060871][T20119] __msan_chain_origin+0x50/0x90 [ 1004.065811][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 1004.070923][T20119] get_compat_msghdr+0x108/0x2b0 [ 1004.075860][T20119] do_recvmmsg+0xdba/0x22c0 [ 1004.080359][T20119] __sys_recvmmsg+0x5dd/0x610 [ 1004.085076][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1004.091148][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1004.097303][T20119] __do_fast_syscall_32+0x2af/0x480 [ 1004.102505][T20119] do_fast_syscall_32+0x6b/0xd0 [ 1004.107362][T20119] do_SYSENTER_32+0x73/0x90 [ 1004.111866][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1004.118181][T20119] [ 1004.120502][T20119] Uninit was stored to memory at: [ 1004.125525][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 1004.131245][T20119] __msan_chain_origin+0x50/0x90 [ 1004.136182][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 1004.141291][T20119] get_compat_msghdr+0x108/0x2b0 [ 1004.146227][T20119] do_recvmmsg+0xdba/0x22c0 [ 1004.150734][T20119] __sys_recvmmsg+0x5dd/0x610 [ 1004.155411][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1004.161478][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1004.167628][T20119] __do_fast_syscall_32+0x2af/0x480 [ 1004.172824][T20119] do_fast_syscall_32+0x6b/0xd0 [ 1004.177673][T20119] do_SYSENTER_32+0x73/0x90 [ 1004.182176][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1004.188484][T20119] [ 1004.190801][T20119] Uninit was stored to memory at: [ 1004.195824][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 1004.201542][T20119] __msan_chain_origin+0x50/0x90 [ 1004.206485][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 1004.211597][T20119] get_compat_msghdr+0x108/0x2b0 [ 1004.216538][T20119] do_recvmmsg+0xdba/0x22c0 [ 1004.221062][T20119] __sys_recvmmsg+0x5dd/0x610 [ 1004.225743][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1004.231818][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1004.240067][T20119] __do_fast_syscall_32+0x2af/0x480 [ 1004.245377][T20119] do_fast_syscall_32+0x6b/0xd0 [ 1004.250228][T20119] do_SYSENTER_32+0x73/0x90 [ 1004.254736][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1004.261049][T20119] [ 1004.263369][T20119] Uninit was stored to memory at: [ 1004.268396][T20119] kmsan_internal_chain_origin+0xad/0x130 [ 1004.274124][T20119] __msan_chain_origin+0x50/0x90 [ 1004.279062][T20119] __get_compat_msghdr+0x6db/0x9d0 [ 1004.284174][T20119] get_compat_msghdr+0x108/0x2b0 [ 1004.289112][T20119] do_recvmmsg+0xdba/0x22c0 [ 1004.293611][T20119] __sys_recvmmsg+0x5dd/0x610 [ 1004.298290][T20119] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1004.304359][T20119] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1004.310515][T20119] __do_fast_syscall_32+0x2af/0x480 [ 1004.315801][T20119] do_fast_syscall_32+0x6b/0xd0 [ 1004.320652][T20119] do_SYSENTER_32+0x73/0x90 [ 1004.325163][T20119] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1004.331477][T20119] [ 1004.333797][T20119] Local variable ----msg_sys@do_recvmmsg created at: [ 1004.340468][T20119] do_recvmmsg+0xc2/0x22c0 [ 1004.344879][T20119] do_recvmmsg+0xc2/0x22c0 [ 1004.363548][T20117] not chained 660000 origins [ 1004.368169][T20117] CPU: 0 PID: 20117 Comm: syz-executor.3 Not tainted 5.8.0-rc5-syzkaller #0 [ 1004.376826][T20117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1004.386856][T20117] Call Trace: [ 1004.390123][T20117] dump_stack+0x21c/0x280 [ 1004.394444][T20117] kmsan_internal_chain_origin+0x6f/0x130 [ 1004.400149][T20117] ? kmsan_get_metadata+0x116/0x180 [ 1004.405324][T20117] ? kmsan_set_origin_checked+0x95/0xf0 [ 1004.410847][T20117] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1004.416894][T20117] ? kmsan_get_metadata+0x116/0x180 [ 1004.422072][T20117] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 1004.427870][T20117] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1004.433915][T20117] ? kmsan_get_metadata+0x116/0x180 [ 1004.439129][T20117] ? kmsan_set_origin_checked+0x95/0xf0 [ 1004.444658][T20117] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1004.450707][T20117] ? _copy_from_user+0x221/0x330 [ 1004.455627][T20117] ? kmsan_get_metadata+0x116/0x180 [ 1004.460808][T20117] __msan_chain_origin+0x50/0x90 [ 1004.465763][T20117] __get_compat_msghdr+0x6db/0x9d0 [ 1004.470872][T20117] get_compat_msghdr+0x108/0x2b0 [ 1004.475789][T20117] do_recvmmsg+0xdba/0x22c0 [ 1004.480278][T20117] ? kmsan_get_metadata+0x116/0x180 [ 1004.485456][T20117] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 1004.491325][T20117] ? kmsan_get_metadata+0x116/0x180 [ 1004.496501][T20117] ? kmsan_internal_set_origin+0x75/0xb0 [ 1004.502112][T20117] ? __msan_poison_alloca+0xf0/0x120 [ 1004.507373][T20117] ? __sys_recvmmsg+0xbb/0x610 [ 1004.512113][T20117] ? __sys_recvmmsg+0xbb/0x610 [ 1004.516856][T20117] __sys_recvmmsg+0x5dd/0x610 [ 1004.521519][T20117] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1004.527562][T20117] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1004.533691][T20117] __do_fast_syscall_32+0x2af/0x480 [ 1004.538870][T20117] do_fast_syscall_32+0x6b/0xd0 [ 1004.543709][T20117] do_SYSENTER_32+0x73/0x90 [ 1004.548191][T20117] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1004.554503][T20117] RIP: 0023:0xf7ff5549 [ 1004.558539][T20117] Code: Bad RIP value. [ 1004.562576][T20117] RSP: 002b:00000000f55ce0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1004.570977][T20117] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1004.578925][T20117] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1004.586919][T20117] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1004.594878][T20117] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1004.602829][T20117] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1004.610871][T20117] Uninit was stored to memory at: [ 1004.615922][T20117] kmsan_internal_chain_origin+0xad/0x130 [ 1004.621614][T20117] __msan_chain_origin+0x50/0x90 [ 1004.626527][T20117] __get_compat_msghdr+0x6db/0x9d0 [ 1004.631613][T20117] get_compat_msghdr+0x108/0x2b0 [ 1004.636524][T20117] do_recvmmsg+0xdba/0x22c0 [ 1004.641003][T20117] __sys_recvmmsg+0x5dd/0x610 [ 1004.645653][T20117] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1004.651695][T20117] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1004.657833][T20117] __do_fast_syscall_32+0x2af/0x480 [ 1004.663017][T20117] do_fast_syscall_32+0x6b/0xd0 [ 1004.667851][T20117] do_SYSENTER_32+0x73/0x90 [ 1004.672331][T20117] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1004.678742][T20117] [ 1004.681051][T20117] Uninit was stored to memory at: [ 1004.686051][T20117] kmsan_internal_chain_origin+0xad/0x130 [ 1004.691743][T20117] __msan_chain_origin+0x50/0x90 [ 1004.696667][T20117] __get_compat_msghdr+0x6db/0x9d0 [ 1004.701755][T20117] get_compat_msghdr+0x108/0x2b0 [ 1004.706664][T20117] do_recvmmsg+0xdba/0x22c0 [ 1004.711140][T20117] __sys_recvmmsg+0x5dd/0x610 [ 1004.715794][T20117] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1004.721849][T20117] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1004.727989][T20117] __do_fast_syscall_32+0x2af/0x480 [ 1004.733160][T20117] do_fast_syscall_32+0x6b/0xd0 [ 1004.738011][T20117] do_SYSENTER_32+0x73/0x90 [ 1004.742491][T20117] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1004.748914][T20117] [ 1004.751239][T20117] Uninit was stored to memory at: [ 1004.756248][T20117] kmsan_internal_chain_origin+0xad/0x130 [ 1004.761945][T20117] __msan_chain_origin+0x50/0x90 [ 1004.766856][T20117] __get_compat_msghdr+0x6db/0x9d0 [ 1004.771940][T20117] get_compat_msghdr+0x108/0x2b0 [ 1004.776851][T20117] do_recvmmsg+0xdba/0x22c0 [ 1004.781329][T20117] __sys_recvmmsg+0x5dd/0x610 [ 1004.785979][T20117] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1004.792017][T20117] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1004.798144][T20117] __do_fast_syscall_32+0x2af/0x480 [ 1004.803314][T20117] do_fast_syscall_32+0x6b/0xd0 [ 1004.808142][T20117] do_SYSENTER_32+0x73/0x90 [ 1004.812617][T20117] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1004.818920][T20117] [ 1004.821218][T20117] Uninit was stored to memory at: [ 1004.826213][T20117] kmsan_internal_chain_origin+0xad/0x130 [ 1004.831904][T20117] __msan_chain_origin+0x50/0x90 [ 1004.836815][T20117] __get_compat_msghdr+0x6db/0x9d0 [ 1004.841906][T20117] get_compat_msghdr+0x108/0x2b0 [ 1004.846814][T20117] do_recvmmsg+0xdba/0x22c0 [ 1004.851288][T20117] __sys_recvmmsg+0x5dd/0x610 [ 1004.855938][T20117] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1004.861983][T20117] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1004.868212][T20117] __do_fast_syscall_32+0x2af/0x480 [ 1004.873384][T20117] do_fast_syscall_32+0x6b/0xd0 [ 1004.878210][T20117] do_SYSENTER_32+0x73/0x90 [ 1004.882700][T20117] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1004.888992][T20117] [ 1004.891301][T20117] Uninit was stored to memory at: [ 1004.896298][T20117] kmsan_internal_chain_origin+0xad/0x130 [ 1004.901990][T20117] __msan_chain_origin+0x50/0x90 [ 1004.906903][T20117] __get_compat_msghdr+0x6db/0x9d0 [ 1004.911989][T20117] get_compat_msghdr+0x108/0x2b0 [ 1004.916910][T20117] do_recvmmsg+0xdba/0x22c0 [ 1004.921385][T20117] __sys_recvmmsg+0x5dd/0x610 [ 1004.926036][T20117] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1004.932094][T20117] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1004.938222][T20117] __do_fast_syscall_32+0x2af/0x480 [ 1004.943394][T20117] do_fast_syscall_32+0x6b/0xd0 [ 1004.948216][T20117] do_SYSENTER_32+0x73/0x90 [ 1004.952802][T20117] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1004.965108][T20117] [ 1004.967411][T20117] Uninit was stored to memory at: [ 1004.972438][T20117] kmsan_internal_chain_origin+0xad/0x130 [ 1004.978143][T20117] __msan_chain_origin+0x50/0x90 [ 1004.983053][T20117] __get_compat_msghdr+0x6db/0x9d0 [ 1004.988140][T20117] get_compat_msghdr+0x108/0x2b0 [ 1004.993049][T20117] do_recvmmsg+0xdba/0x22c0 [ 1004.997530][T20117] __sys_recvmmsg+0x5dd/0x610 [ 1005.002183][T20117] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1005.008313][T20117] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1005.014440][T20117] __do_fast_syscall_32+0x2af/0x480 [ 1005.019613][T20117] do_fast_syscall_32+0x6b/0xd0 [ 1005.024451][T20117] do_SYSENTER_32+0x73/0x90 [ 1005.028928][T20117] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1005.035220][T20117] [ 1005.037519][T20117] Uninit was stored to memory at: [ 1005.042529][T20117] kmsan_internal_chain_origin+0xad/0x130 [ 1005.048235][T20117] __msan_chain_origin+0x50/0x90 [ 1005.053143][T20117] __get_compat_msghdr+0x6db/0x9d0 [ 1005.058227][T20117] get_compat_msghdr+0x108/0x2b0 [ 1005.063138][T20117] do_recvmmsg+0xdba/0x22c0 [ 1005.067613][T20117] __sys_recvmmsg+0x5dd/0x610 [ 1005.072269][T20117] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1005.078310][T20117] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1005.084436][T20117] __do_fast_syscall_32+0x2af/0x480 [ 1005.089621][T20117] do_fast_syscall_32+0x6b/0xd0 [ 1005.094449][T20117] do_SYSENTER_32+0x73/0x90 [ 1005.098925][T20117] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1005.105321][T20117] [ 1005.107622][T20117] Local variable ----msg_sys@do_recvmmsg created at: [ 1005.114273][T20117] do_recvmmsg+0xc2/0x22c0 [ 1005.118664][T20117] do_recvmmsg+0xc2/0x22c0 [ 1005.449919][T20117] not chained 670000 origins [ 1005.454555][T20117] CPU: 1 PID: 20117 Comm: syz-executor.3 Not tainted 5.8.0-rc5-syzkaller #0 [ 1005.463218][T20117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1005.473267][T20117] Call Trace: [ 1005.476571][T20117] dump_stack+0x21c/0x280 [ 1005.480914][T20117] kmsan_internal_chain_origin+0x6f/0x130 [ 1005.486644][T20117] ? kmsan_get_metadata+0x116/0x180 [ 1005.491845][T20117] ? kmsan_set_origin_checked+0x95/0xf0 [ 1005.497393][T20117] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1005.503465][T20117] ? kmsan_get_metadata+0x116/0x180 [ 1005.508667][T20117] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 1005.514469][T20117] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1005.520534][T20117] ? kmsan_get_metadata+0x116/0x180 [ 1005.525724][T20117] ? kmsan_set_origin_checked+0x95/0xf0 [ 1005.531261][T20117] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 1005.537321][T20117] ? _copy_from_user+0x221/0x330 [ 1005.542251][T20117] ? kmsan_get_metadata+0x116/0x180 [ 1005.547442][T20117] __msan_chain_origin+0x50/0x90 [ 1005.552375][T20117] __get_compat_msghdr+0x6db/0x9d0 [ 1005.557487][T20117] get_compat_msghdr+0x108/0x2b0 [ 1005.562418][T20117] do_recvmmsg+0xdba/0x22c0 [ 1005.566926][T20117] ? kmsan_get_metadata+0x116/0x180 [ 1005.572118][T20117] ? kmsan_internal_check_memory+0xb1/0x3d0 [ 1005.578004][T20117] ? kmsan_get_metadata+0x116/0x180 [ 1005.583191][T20117] ? kmsan_internal_set_origin+0x75/0xb0 [ 1005.588820][T20117] ? __msan_poison_alloca+0xf0/0x120 [ 1005.594091][T20117] ? __sys_recvmmsg+0xbb/0x610 [ 1005.598842][T20117] ? __sys_recvmmsg+0xbb/0x610 [ 1005.603598][T20117] __sys_recvmmsg+0x5dd/0x610 [ 1005.608280][T20117] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1005.614347][T20117] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1005.620495][T20117] __do_fast_syscall_32+0x2af/0x480 [ 1005.625692][T20117] do_fast_syscall_32+0x6b/0xd0 [ 1005.630555][T20117] do_SYSENTER_32+0x73/0x90 [ 1005.635053][T20117] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1005.641372][T20117] RIP: 0023:0xf7ff5549 [ 1005.645421][T20117] Code: Bad RIP value. [ 1005.649470][T20117] RSP: 002b:00000000f55ce0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1005.657867][T20117] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1005.665841][T20117] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000 [ 1005.673797][T20117] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1005.681754][T20117] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1005.689709][T20117] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1005.697671][T20117] Uninit was stored to memory at: [ 1005.702684][T20117] kmsan_internal_chain_origin+0xad/0x130 [ 1005.708391][T20117] __msan_chain_origin+0x50/0x90 [ 1005.713314][T20117] __get_compat_msghdr+0x6db/0x9d0 [ 1005.718423][T20117] get_compat_msghdr+0x108/0x2b0 [ 1005.723359][T20117] do_recvmmsg+0xdba/0x22c0 [ 1005.727847][T20117] __sys_recvmmsg+0x5dd/0x610 [ 1005.732513][T20117] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1005.738566][T20117] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1005.744707][T20117] __do_fast_syscall_32+0x2af/0x480 [ 1005.749910][T20117] do_fast_syscall_32+0x6b/0xd0 [ 1005.754744][T20117] do_SYSENTER_32+0x73/0x90 [ 1005.759240][T20117] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1005.765540][T20117] [ 1005.767849][T20117] Uninit was stored to memory at: [ 1005.772859][T20117] kmsan_internal_chain_origin+0xad/0x130 [ 1005.778561][T20117] __msan_chain_origin+0x50/0x90 [ 1005.783484][T20117] __get_compat_msghdr+0x6db/0x9d0 [ 1005.788588][T20117] get_compat_msghdr+0x108/0x2b0 [ 1005.793514][T20117] do_recvmmsg+0xdba/0x22c0 [ 1005.798003][T20117] __sys_recvmmsg+0x5dd/0x610 [ 1005.802675][T20117] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1005.808730][T20117] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1005.814871][T20117] __do_fast_syscall_32+0x2af/0x480 [ 1005.820054][T20117] do_fast_syscall_32+0x6b/0xd0 [ 1005.824891][T20117] do_SYSENTER_32+0x73/0x90 [ 1005.829381][T20117] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1005.835681][T20117] [ 1005.837992][T20117] Uninit was stored to memory at: [ 1005.843002][T20117] kmsan_internal_chain_origin+0xad/0x130 [ 1005.848706][T20117] __msan_chain_origin+0x50/0x90 [ 1005.853629][T20117] __get_compat_msghdr+0x6db/0x9d0 [ 1005.858726][T20117] get_compat_msghdr+0x108/0x2b0 [ 1005.863647][T20117] do_recvmmsg+0xdba/0x22c0 [ 1005.868133][T20117] __sys_recvmmsg+0x5dd/0x610 [ 1005.872805][T20117] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1005.878860][T20117] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1005.884997][T20117] __do_fast_syscall_32+0x2af/0x480 [ 1005.890183][T20117] do_fast_syscall_32+0x6b/0xd0 [ 1005.895022][T20117] do_SYSENTER_32+0x73/0x90 [ 1005.899529][T20117] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1005.905845][T20117] [ 1005.908158][T20117] Uninit was stored to memory at: [ 1005.913168][T20117] kmsan_internal_chain_origin+0xad/0x130 [ 1005.918878][T20117] __msan_chain_origin+0x50/0x90 [ 1005.923800][T20117] __get_compat_msghdr+0x6db/0x9d0 [ 1005.928918][T20117] get_compat_msghdr+0x108/0x2b0 [ 1005.933839][T20117] do_recvmmsg+0xdba/0x22c0 [ 1005.938328][T20117] __sys_recvmmsg+0x5dd/0x610 [ 1005.942992][T20117] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1005.949047][T20117] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1005.955187][T20117] __do_fast_syscall_32+0x2af/0x480 [ 1005.960376][T20117] do_fast_syscall_32+0x6b/0xd0 [ 1005.965217][T20117] do_SYSENTER_32+0x73/0x90 [ 1005.969733][T20117] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1005.976039][T20117] [ 1005.978349][T20117] Uninit was stored to memory at: [ 1005.983362][T20117] kmsan_internal_chain_origin+0xad/0x130 [ 1005.989067][T20117] __msan_chain_origin+0x50/0x90 [ 1005.994003][T20117] __get_compat_msghdr+0x6db/0x9d0 [ 1005.999113][T20117] get_compat_msghdr+0x108/0x2b0 [ 1006.004041][T20117] do_recvmmsg+0xdba/0x22c0 [ 1006.008545][T20117] __sys_recvmmsg+0x5dd/0x610 [ 1006.013216][T20117] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1006.019271][T20117] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1006.025413][T20117] __do_fast_syscall_32+0x2af/0x480 [ 1006.030610][T20117] do_fast_syscall_32+0x6b/0xd0 [ 1006.035446][T20117] do_SYSENTER_32+0x73/0x90 [ 1006.039938][T20117] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1006.046240][T20117] [ 1006.048550][T20117] Uninit was stored to memory at: [ 1006.053556][T20117] kmsan_internal_chain_origin+0xad/0x130 [ 1006.059260][T20117] __msan_chain_origin+0x50/0x90 [ 1006.064189][T20117] __get_compat_msghdr+0x6db/0x9d0 [ 1006.069293][T20117] get_compat_msghdr+0x108/0x2b0 [ 1006.074214][T20117] do_recvmmsg+0xdba/0x22c0 [ 1006.078705][T20117] __sys_recvmmsg+0x5dd/0x610 [ 1006.083369][T20117] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1006.089423][T20117] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1006.095561][T20117] __do_fast_syscall_32+0x2af/0x480 [ 1006.100747][T20117] do_fast_syscall_32+0x6b/0xd0 [ 1006.105587][T20117] do_SYSENTER_32+0x73/0x90 [ 1006.110077][T20117] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1006.116376][T20117] [ 1006.118685][T20117] Uninit was stored to memory at: [ 1006.123696][T20117] kmsan_internal_chain_origin+0xad/0x130 [ 1006.129401][T20117] __msan_chain_origin+0x50/0x90 [ 1006.134336][T20117] __get_compat_msghdr+0x6db/0x9d0 [ 1006.139471][T20117] get_compat_msghdr+0x108/0x2b0 [ 1006.144403][T20117] do_recvmmsg+0xdba/0x22c0 [ 1006.148895][T20117] __sys_recvmmsg+0x5dd/0x610 [ 1006.153571][T20117] __se_compat_sys_recvmmsg_time32+0xfb/0x120 [ 1006.159641][T20117] __ia32_compat_sys_recvmmsg_time32+0x62/0x80 [ 1006.165782][T20117] __do_fast_syscall_32+0x2af/0x480 [ 1006.170972][T20117] do_fast_syscall_32+0x6b/0xd0 [ 1006.175812][T20117] do_SYSENTER_32+0x73/0x90 [ 1006.180307][T20117] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1006.186610][T20117] [ 1006.188926][T20117] Local variable ----msg_sys@do_recvmmsg created at: [ 1006.195597][T20117] do_recvmmsg+0xc2/0x22c0 [ 1006.199999][T20117] do_recvmmsg+0xc2/0x22c0 20:10:09 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000280)={'syztnl0\x00', &(0x7f0000000300)={'gre0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0xb, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, @rand_addr, @broadcast, {[@ssrr={0x89, 0xf, 0x0, [@private, @multicast2, @multicast2]}, @ra={0x94, 0x4}, @timestamp_addr={0x44, 0x4}]}}}}}) 20:10:09 executing program 4: r0 = socket$inet(0x2, 0x5, 0x0) r1 = socket$inet6_sctp(0x1c, 0x1, 0x84) r2 = dup2(r1, r0) setsockopt$inet_sctp_SCTP_DELAYED_SACK(r2, 0x84, 0xf, &(0x7f0000000000), 0x6) 20:10:09 executing program 1: r0 = socket$inet6_sctp(0x1c, 0x5, 0x84) bind$inet6(r0, &(0x7f0000000180)={0x1c, 0x1c, 0x3}, 0x1c) 20:10:09 executing program 0: socket$inet_icmp_raw(0x2, 0x3, 0x1) syz_emit_ethernet(0x3e, &(0x7f0000000040)={@broadcast, @empty, @val, {@ipv4}}, 0x0) 20:10:09 executing program 2: r0 = socket$inet6_sctp(0x1c, 0x5, 0x84) r1 = dup(r0) r2 = socket$inet6_sctp(0x1c, 0x5, 0x84) r3 = socket$inet6_sctp(0x1c, 0x5, 0x84) connect$inet6(r3, &(0x7f0000000000)={0x1c, 0x1c, 0x3}, 0x1c) r4 = dup2(r3, r3) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x105, &(0x7f00000016c0)={0x1, [0x0]}, &(0x7f0000001700)=0x8) r5 = dup2(r2, r2) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x105, &(0x7f00000016c0)={0x1, [0x0]}, &(0x7f0000001700)=0x8) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x21, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, r6}, &(0x7f00000000c0)=0x10) 20:10:09 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000007c0)=ANY=[@ANYBLOB="2800000002030707000000000000000000000010090002000000000002001b000800010001"], 0x28}}, 0x0) 20:10:09 executing program 0: r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm-control\x00', 0x8001, 0x0) write$capi20_data(r0, &(0x7f0000000240)={{0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x56, "c603bab955177c2c0d5ea0b6d32ffdedf7e3b5741f02164bcaae3cbfc3965362caeebeebe8ccacf43e1dc70468f0de9973fc23a096e5f54f2cad658f761877018a8a49fc35ce08495419d7042561da42146618ddd964"}, 0x68) 20:10:09 executing program 5: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c) ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, 0x0) listen(r1, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x20004004, &(0x7f0000000040)={0xa, 0x20004e22, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000000)='tls\x00', 0xc498ead121f97dd6) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, '\x00', "d3b2ccc2d70ccf2acede253b8ca65b33", '\x00', "9676e64fbcbdb666"}, 0x28) sendto$inet6(r0, &(0x7f0000000080)="39a110", 0xffffffffffffffc1, 0x40, 0x0, 0xfffffffffffffe5b) 20:10:09 executing program 4: perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c) listen(r1, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x20004004, &(0x7f0000000040)={0xa, 0x20004e22, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000000)='tls\x00', 0xc498ead121f97dd6) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, '\x00', "d3b2ccc2d70ccf2acede253b8ca65b33", '\x00', "9676e64fbcbdb666"}, 0x28) sendto$inet6(r0, &(0x7f0000000080)="39a110", 0xffffffffffffffc1, 0x40, 0x0, 0xfffffffffffffe5b) 20:10:10 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000280)='batadv\x00') sendmsg$BATADV_CMD_GET_MESH(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x1c, r1, 0x1, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}]}, 0x1c}}, 0x0) 20:10:10 executing program 2: perf_event_open(&(0x7f00000012c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sched_setscheduler(0x0, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = fcntl$dupfd(r0, 0x0, r0) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080)='TIPCv2\x00') sendmsg$TIPC_NL_BEARER_GET(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=ANY=[@ANYBLOB="6c010000", @ANYRES16=r2, @ANYBLOB="010325bd7000fedbdf2512"], 0x16c}}, 0x0) [ 1007.384897][T20221] dlm: no locking on control device 20:10:10 executing program 3: [ 1007.579022][ C1] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. 20:10:10 executing program 0: [ 1007.774416][ C1] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. 20:10:10 executing program 5: 20:10:10 executing program 1: 20:10:11 executing program 2: 20:10:11 executing program 3: 20:10:11 executing program 0: 20:10:11 executing program 1: 20:10:11 executing program 5: 20:10:11 executing program 4: 20:10:11 executing program 2: 20:10:11 executing program 3: 20:10:11 executing program 0: 20:10:12 executing program 1: 20:10:12 executing program 5: 20:10:12 executing program 4: 20:10:12 executing program 2: 20:10:12 executing program 3: 20:10:12 executing program 0: 20:10:12 executing program 1: 20:10:13 executing program 0: 20:10:13 executing program 1: 20:10:13 executing program 2: 20:10:13 executing program 4: 20:10:13 executing program 5: 20:10:13 executing program 3: 20:10:13 executing program 0: 20:10:13 executing program 2: 20:10:13 executing program 1: 20:10:13 executing program 4: 20:10:13 executing program 5: r0 = socket(0xa, 0x80801, 0x0) setsockopt$bt_l2cap_L2CAP_CONNINFO(r0, 0x6, 0x4, &(0x7f0000000000)={0x0, "8e197b"}, 0x6) 20:10:13 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x7) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x4, 0x0, 0x0) 20:10:14 executing program 0: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000080)=@assoc_value={0x0}, &(0x7f00000000c0)=0x4) getsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0x10, &(0x7f00000000c0)=@assoc_value={r2}, &(0x7f0000000100)=0x8) 20:10:14 executing program 1: openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', &(0x7f0000000080)={0x82740}, 0x18) mount(0x0, &(0x7f0000000100)='./file1\x00', &(0x7f0000000140)='ecryptfs\x00', 0x0, 0x0) 20:10:14 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x1c, &(0x7f0000000040)=[@in6={0xa, 0x0, 0x0, @dev, 0x1}]}, &(0x7f0000000240)=0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000000)={0x1, [0x0]}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x10, &(0x7f00000000c0)={r1}, &(0x7f0000000100)=0x8) 20:10:14 executing program 4: r0 = io_uring_setup(0x5108, &(0x7f0000000000)) fcntl$setownex(r0, 0x10, &(0x7f0000000040)) 20:10:14 executing program 5: r0 = creat(&(0x7f0000000180)='./bus\x00', 0x0) write$UHID_GET_REPORT_REPLY(r0, &(0x7f00000001c0), 0xa) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)) [ 1011.605645][T20283] sctp: [Deprecated]: syz-executor.0 (pid 20283) Use of int in max_burst socket option. [ 1011.605645][T20283] Use struct sctp_assoc_value instead 20:10:14 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f00000001c0)={0x32c}, 0x8) sendmsg$AUDIT_USER_AVC(r0, &(0x7f0000000440)={&(0x7f00000002c0)={0x2, 0x0, 0xfea9}, 0x1c, &(0x7f0000000400)={&(0x7f0000000300)={0x10}, 0x801}}, 0xfec0) [ 1011.670835][T20284] sctp: [Deprecated]: syz-executor.0 (pid 20284) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1011.670835][T20284] Use struct sctp_sack_info instead [ 1011.789740][T20287] Error parsing options; rc = [-22] [ 1011.791326][T20283] sctp: [Deprecated]: syz-executor.0 (pid 20283) Use of int in max_burst socket option. [ 1011.791326][T20283] Use struct sctp_assoc_value instead 20:10:14 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCOUTQ(r0, 0x5412, &(0x7f0000000080)) pselect6(0x40, &(0x7f0000000140)={0x9}, 0x0, 0x0, 0x0, 0x0) [ 1011.947238][T20298] sctp: [Deprecated]: syz-executor.2 (pid 20298) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1011.947238][T20298] Use struct sctp_sack_info instead 20:10:15 executing program 0: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x1c, &(0x7f0000000040)=[@in6={0xa, 0x0, 0x0, @dev, 0x1}]}, &(0x7f0000000240)=0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000000)={0x1, [0x0]}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x6d, &(0x7f00000000c0)={r1}, &(0x7f0000000100)=0x8) 20:10:15 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000140)={'batadv0\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCGET6RD(r1, 0x89f8, &(0x7f0000000280)={'sit0\x00', &(0x7f0000000200)={'ip6tnl0\x00', r2, 0x0, 0x0, 0x0, 0x0, 0x0, @empty, @empty}}) 20:10:15 executing program 5: r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8918, 0x0) 20:10:15 executing program 1: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r0, 0x8912, 0x0) 20:10:15 executing program 3: r0 = socket$packet(0x11, 0x3, 0x300) close(r0) 20:10:15 executing program 2: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000040)={{{@in6=@initdev={0xfe, 0x88, [], 0x0, 0x0}, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x2}, {{@in=@empty, 0x0, 0x3c}, 0x0, @in=@remote}}, 0xe8) 20:10:15 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_ifreq(r0, 0x89f0, &(0x7f0000000040)={'tunl0\x00', @ifru_mtu=0x531101}) clock_getres(0x5, 0x0) 20:10:15 executing program 4: r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x2b, &(0x7f00000004c0), 0x4) 20:10:16 executing program 1: r0 = socket(0x2, 0x5, 0x0) getsockopt$kcm_KCM_RECV_DISABLE(r0, 0x84, 0x7d, 0x0, 0x400600) 20:10:16 executing program 0: r0 = socket(0xa, 0x5, 0x0) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x480, 0x0, &(0x7f0000000180)) 20:10:16 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCOUTQ(r0, 0x4b4c, &(0x7f0000000100)) 20:10:16 executing program 2: r0 = socket$inet6(0xa, 0x3, 0x7) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x17, &(0x7f0000000740)=@raw={'raw\x00', 0x3c1, 0x3, 0x390, 0x0, 0x2b8, 0x0, 0x1d0, 0x0, 0x2c0, 0x3a8, 0x3a8, 0x2c0, 0x3a8, 0x3, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, [], 0x0, 0x0}, @empty, [], [], 'macvlan0\x00', 'vlan0\x00'}, 0x0, 0xa8, 0x1d0}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'system_u:object_r:dhcpc_var_run_t:s0\x00'}}}, {{@ipv6={@empty, @private0, [], [], 'veth1_to_team\x00', 'team_slave_0\x00'}, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@loopback, 'netpci0\x00'}}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3f0) 20:10:16 executing program 3: r0 = socket$inet(0x2, 0x6, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x541b, &(0x7f0000000600)={'gre0\x00', 0x0}) 20:10:16 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_ifreq(r0, 0x8946, &(0x7f0000000040)={'tunl0\x00', @ifru_data=&(0x7f0000000000)="13000000262a7e663b1d717e5882d1d44d1ef182c5b0214c2f27e929605c0bf7"}) 20:10:16 executing program 1: r0 = socket(0xa, 0x5, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f00000001c0)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}], 0x14) 20:10:17 executing program 5: r0 = socket$inet(0x2, 0xa, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'veth0_virt_wifi\x00'}) 20:10:17 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_ifreq(r0, 0x89f0, &(0x7f0000000200)={'tunl0\x00', @ifru_mtu=0x531101}) modify_ldt$read(0x0, 0x0, 0x0) 20:10:17 executing program 2: socketpair(0x1e, 0x4, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000040)={'ip_vti0\x00', &(0x7f0000000000)={'ip_vti0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x2, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @local}}}}) 20:10:17 executing program 3: keyctl$dh_compute(0xc, 0x0, &(0x7f0000000140)=""/177, 0xfffffffffffffe00, 0x0) 20:10:17 executing program 1: r0 = socket(0xa, 0x5, 0x0) setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f0000000240)=0x1, 0x4) 20:10:17 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000001680)={0x0, 0x0, &(0x7f0000001640)={0x0}, 0x1, 0xa04901, 0x24}, 0x0) 20:10:17 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0xc008ae88, &(0x7f00000002c0)={0x1, 0x0, [{0x4d0}]}) 20:10:17 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0xc008ae88, &(0x7f00000002c0)={0x1, 0x0, [{0x176}]}) 20:10:17 executing program 3: r0 = creat(&(0x7f0000000180)='./bus\x00', 0x0) write$UHID_GET_REPORT_REPLY(r0, &(0x7f00000001c0), 0xa) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x10) 20:10:17 executing program 5: r0 = socket(0x2, 0x5, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x891d, &(0x7f0000000000)={'batadv0\x00'}) 20:10:18 executing program 1: r0 = socket$inet_sctp(0x2, 0x1, 0x84) ioctl$sock_SIOCDELRT(r0, 0x890c, &(0x7f0000000100)={0x0, @ax25={0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}}, @ethernet={0x0, @link_local}, @can}) 20:10:18 executing program 4: r0 = socket(0x2, 0x3, 0x100) setsockopt$bt_rfcomm_RFCOMM_LM(r0, 0x12, 0x3, 0x0, 0x0) 20:10:18 executing program 0: r0 = socket(0x26, 0x5, 0x0) setsockopt$bt_BT_FLUSHABLE(r0, 0x117, 0x8, 0x0, 0x0) 20:10:18 executing program 2: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_buf(r0, 0x107, 0x8, &(0x7f00000000c0)="0af89194", 0x4) 20:10:18 executing program 3: setreuid(0xee01, 0xee01) shmat(0x0, &(0x7f0000ffa000/0x4000)=nil, 0x0) 20:10:18 executing program 5: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'veth1_virt_wifi\x00', &(0x7f0000000000)=@ethtool_wolinfo={0x4b, 0x0, 0x0, "075fd99d649e"}}) 20:10:18 executing program 4: r0 = socket(0x15, 0x5, 0x0) bind$x25(r0, &(0x7f0000000000)={0x9, @null=' \x00'}, 0x12) 20:10:18 executing program 1: r0 = socket$inet6(0xa, 0x3, 0x7) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x4, &(0x7f0000000740)=@raw={'raw\x00', 0x3c1, 0x3, 0x390, 0x0, 0x2b8, 0x0, 0x1d0, 0x0, 0x2c0, 0x3a8, 0x3a8, 0x2c0, 0x3a8, 0x3, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, [], 0x0, 0x0}, @empty, [], [], 'macvlan0\x00', 'vlan0\x00'}, 0x0, 0xa8, 0x1d0}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'system_u:object_r:dhcpc_var_run_t:s0\x00'}}}, {{@ipv6={@empty, @private0, [], [], 'veth1_to_team\x00', 'team_slave_0\x00'}, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@loopback, 'netpci0\x00'}}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3f0) 20:10:19 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_ifreq(r0, 0x89f0, &(0x7f0000000040)={'tunl0\x00', @ifru_mtu=0x531101}) socket$inet6(0x2, 0x5, 0xbe) 20:10:19 executing program 2: r0 = socket(0x11, 0x80002, 0x0) bind$packet(r0, &(0x7f0000000040)={0x11, 0x4}, 0x14) bind$packet(r0, &(0x7f0000001440)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, 0x14) 20:10:19 executing program 3: r0 = socket(0x18, 0x0, 0x0) bind$bt_l2cap(r0, 0x0, 0x0) 20:10:19 executing program 5: socketpair(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_ipv6_tunnel_SIOCGET6RD(r0, 0x8940, 0x0) 20:10:19 executing program 4: openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x890b, &(0x7f0000000000)={'wg2\x00'}) 20:10:19 executing program 1: r0 = socket(0x26, 0x5, 0x0) fsetxattr$trusted_overlay_upper(r0, &(0x7f0000000080)='trusted.overlay.upper\x00', 0x0, 0x0, 0x0) 20:10:19 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCETHTOOL(r0, 0x890b, 0x0) 20:10:19 executing program 5: r0 = socket$inet6(0xa, 0x3, 0x7) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x37, &(0x7f0000000740)=@raw={'raw\x00', 0x3c1, 0x3, 0x390, 0x0, 0x2b8, 0x0, 0x1d0, 0x0, 0x2c0, 0x3a8, 0x3a8, 0x2c0, 0x3a8, 0x3, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, [], 0x0, 0x0}, @empty, [], [], 'macvlan0\x00', 'vlan0\x00'}, 0x0, 0xa8, 0x1d0}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'system_u:object_r:dhcpc_var_run_t:s0\x00'}}}, {{@ipv6={@empty, @private0, [], [], 'veth1_to_team\x00', 'team_slave_0\x00'}, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@loopback, 'netpci0\x00'}}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3f0) 20:10:19 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$FUSE_DIRENT(r0, &(0x7f0000000000)={0x68, 0x0, 0x0, [{0x0, 0x0, 0xd, 0x0, '*%!@'}, {0x0, 0x0, 0x6, 0x0, ':.{/(!'}, {}]}, 0x68) 20:10:20 executing program 0: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x0, 0x0) read$snapshot(r0, &(0x7f00000000c0)=""/27, 0x200000db) 20:10:20 executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$nfc_llcp(r0, &(0x7f0000000000)={0xa, 0x0, 0x80fe, 0x0, 0x0, 0x8, "e066f1948bb72b000000cf73549711326409169694d60dad757f7eeb173044a20f229b79cfa30656e1327800f54cf792f4e34c311f628735695d31ad2dbd56"}, 0x60) 20:10:20 executing program 1: r0 = socket$inet6(0xa, 0x3, 0x7) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f0000000740)=@raw={'raw\x00', 0x3c1, 0x3, 0x390, 0x0, 0x2b8, 0x0, 0x1d0, 0x0, 0x2c0, 0x3a8, 0x3a8, 0x2c0, 0x3a8, 0x3, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, [], 0x0, 0x0}, @empty, [], [], 'macvlan0\x00', 'vlan0\x00'}, 0x0, 0xa8, 0x1d0}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'system_u:object_r:dhcpc_var_run_t:s0\x00'}}}, {{@ipv6={@empty, @private0, [], [], 'veth1_to_team\x00', 'team_slave_0\x00'}, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@loopback, 'netpci0\x00'}}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3f0) 20:10:20 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$FUSE_DIRENT(0xffffffffffffffff, &(0x7f0000000000)={0x90, 0x0, 0x0, [{0x0, 0x0, 0x4, 0x0, '*%!@'}, {0x0, 0x0, 0x6, 0x0, ':.{/(!'}, {0x0, 0x0, 0x1, 0x0, ','}, {0x0, 0x0, 0x3, 0x0, '\\)$'}]}, 0x90) ioctl$TIOCOUTQ(r0, 0x5402, &(0x7f0000000080)) 20:10:20 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$FUSE_DIRENT(r0, &(0x7f0000002300)={0x98, 0x0, 0x0, [{0x0, 0x0, 0x6e, 0x0, '.@%^,*!(\xb7\xff\xbawL\x16\x97\x1a#[\xbb\xc83\xe9\x0e\xbc\x9bn\xc5Tg\xd3\x93\xbf\xe1\x9b\xaaK\x1eMhT\x81\xf4\x1b8b\x14\xd7\x94z\xc0\xa4\xe9\xc6\xcc\x00\xe3FJE\xa20\xcb\x91)\b\\\x86\xf5\x01\xd1\x81\x88@_qj\xd7\x9f\xeev?\xb0\xba!(\xde=G\x82\x89\xd2^\xf2I\xe92j\xf6-lv\xb2\x1f\xb5\xa2Ssx\x7fM'}]}, 0x98) 20:10:20 executing program 3: r0 = socket(0x21, 0x2, 0xa) bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'streebog256-generic\x00'}, 0x58) 20:10:20 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0x4008ae89, &(0x7f00000002c0)={0x1, 0x0, [{0xc0010141}]}) 20:10:20 executing program 4: openat$pfkey(0xffffffffffffff9c, &(0x7f0000003cc0)='/proc/self/net/pfkey\x00', 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_ifreq(r0, 0x89f0, &(0x7f0000000200)={'tunl0\x00', @ifru_mtu=0x531101}) select(0x40, &(0x7f0000000140), 0x0, &(0x7f00000001c0)={0x8}, &(0x7f0000000200)={0x0, 0x2710}) 20:10:21 executing program 2: r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x2f, &(0x7f00000004c0), 0x4) 20:10:21 executing program 5: r0 = socket(0x21, 0x2, 0x2) setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT(r0, 0x110, 0x6, 0x0, 0x0) 20:10:21 executing program 3: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_SETINTERFACE(r0, 0x8010550e, &(0x7f00000000c0)) 20:10:21 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_ifreq(r0, 0x89f0, &(0x7f0000000040)={'tunl0\x00', @ifru_mtu=0x531101}) syz_mount_image$reiserfs(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f00000004c0)=[{0x0, 0x0, 0x6}, {&(0x7f0000000400)="df", 0x1}], 0x0, 0x0) 20:10:21 executing program 0: r0 = socket(0x2, 0x5, 0x0) getsockopt$kcm_KCM_RECV_DISABLE(r0, 0x84, 0x1a, 0x0, 0x400600) 20:10:21 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_ifreq(r0, 0x89f0, &(0x7f0000000200)={'tunl0\x00', @ifru_mtu=0x531101}) select(0x40, &(0x7f0000000140), 0x0, &(0x7f00000001c0)={0x8}, &(0x7f0000000200)) 20:10:21 executing program 2: socketpair(0x1e, 0x80802, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={0x0}}, 0x0) 20:10:21 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCOUTQ(r0, 0x560e, &(0x7f0000000100)) 20:10:21 executing program 3: r0 = socket(0x28, 0x1, 0x0) sendmsg$ETHTOOL_MSG_EEE_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x1) 20:10:22 executing program 1: r0 = socket(0x2c, 0x3, 0x0) setsockopt$bt_hci_HCI_FILTER(r0, 0x88, 0x21, 0x0, 0x0) 20:10:22 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_ipv6_tunnel_SIOCADD6RD(r0, 0x8980, 0x0) 20:10:22 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'veth1_virt_wifi\x00', &(0x7f0000000000)=@ethtool_wolinfo={0x1e, 0x0, 0x0, "075fd99d649e"}}) 20:10:22 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0xae80, &(0x7f00000002c0)) 20:10:22 executing program 3: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x1c, &(0x7f0000000040)=[@in6={0xa, 0x0, 0x0, @dev, 0x1}]}, &(0x7f0000000240)=0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000000)=ANY=[@ANYRES32=0x0], &(0x7f0000000080)=0x8) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x23, &(0x7f0000000000)={r2}, 0x8) 20:10:22 executing program 4: r0 = openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x82740}, 0x18) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r0, 0x800c6613, 0x0) 20:10:22 executing program 1: r0 = socket$inet6(0xa, 0x3, 0x7) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x30, 0x0, 0x0) 20:10:22 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_ifreq(r0, 0x89f0, &(0x7f0000000040)={'tunl0\x00', @ifru_mtu=0x531101}) io_cancel(0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0) 20:10:22 executing program 2: r0 = socket(0x18, 0x0, 0x2) bind$l2tp6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @private2}, 0x20) connect$l2tp6(r0, &(0x7f00000000c0)={0xa, 0x2, 0x0, @local}, 0x20) 20:10:23 executing program 5: r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcsa\x00', 0x101481, 0x0) write$UHID_CREATE(r0, &(0x7f0000000280)={0x0, {'syz1\x00', 'syz1\x00', 'syz1\x00', 0x0}}, 0x120) write$6lowpan_enable(r0, &(0x7f0000000000)='1', 0x1) 20:10:23 executing program 4: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/clients\x00', 0x0, 0x0) preadv2(r0, &(0x7f0000000080)=[{&(0x7f0000000040)=""/50, 0x32}], 0x1, 0xffffffff, 0x0, 0x0) 20:10:23 executing program 0: r0 = socket(0x28, 0x1, 0x0) accept4$unix(r0, 0x0, 0x0, 0x0) 20:10:23 executing program 1: r0 = socket(0x2, 0x1, 0x0) getsockopt$kcm_KCM_RECV_DISABLE(r0, 0x6, 0x1b, 0x0, 0x531000) 20:10:23 executing program 2: r0 = socket(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000000)=@assoc_value={0x0, 0x5}, 0x8) 20:10:23 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$netlink_NETLINK_PKTINFO(r0, 0x10e, 0x3, &(0x7f0000000000)=0x8, 0x4) 20:10:23 executing program 4: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_SETINTERFACE(r0, 0x80085504, &(0x7f0000000000)={0xffff77dd}) [ 1020.973110][T20511] sctp: [Deprecated]: syz-executor.2 (pid 20511) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1020.973110][T20511] Use struct sctp_sack_info instead 20:10:24 executing program 0: 20:10:24 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x71, &(0x7f0000001080)=@assoc_value, 0x8) 20:10:24 executing program 1: setresuid(0x0, 0xee00, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x1, &(0x7f00000000c0)=[{}]}) 20:10:24 executing program 2: r0 = socket(0x21, 0x2, 0xa) sendmmsg(r0, &(0x7f0000006000)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=[{0x10}, {0x10}], 0x20}}], 0x1, 0x0) 20:10:24 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_ifreq(r0, 0x8946, &(0x7f0000000040)={'tunl0\x00', @ifru_data=&(0x7f0000000000)="43000000262a7e663b1d717e5882d1d44d1ef182c5b0214c2f27e929605c0bf7"}) 20:10:24 executing program 4: r0 = socket(0x29, 0x80002, 0x0) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, 0x0, 0x0) 20:10:24 executing program 0: r0 = socket(0x22, 0x2, 0x4) setresuid(0x0, 0xee00, 0x0) fcntl$dupfd(r0, 0x4, 0xffffffffffffffff) 20:10:24 executing program 1: fsopen(&(0x7f0000000340)='sysfs\x00', 0x0) 20:10:24 executing program 3: r0 = socket(0x10, 0x803, 0x0) bind$tipc(r0, 0x0, 0x0) 20:10:24 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}], 0x10) 20:10:24 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$FUSE_DIRENT(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYRES64=0x0, @ANYBLOB="0000000000000000000000000000000004000000000000002a152148000000000000000000000000000000000000000006000000000000003a2e7b2f282100000000000000000000000000000000000001000000ffffffff2c000000000000000000000000000000000000000000000003000000000000005c292400000000000000000000000000000000000000000004000000000000005b2b2340000000000000000000000000000000000000000008000000000000002e"], 0xd0) ioctl$TIOCOUTQ(r0, 0x5423, &(0x7f00000000c0)) 20:10:25 executing program 4: migrate_pages(0xffffffffffffffff, 0x215, &(0x7f0000000040), &(0x7f0000000080)=0x3) 20:10:25 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0xc008ae88, &(0x7f00000002c0)={0x1, 0x0, [{0x175}]}) 20:10:25 executing program 1: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_buf(r0, 0x107, 0x11, 0x0, 0x0) 20:10:25 executing program 3: r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x6, &(0x7f00000004c0), 0x4) 20:10:25 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x8922, &(0x7f00000000c0)={'ip_vti0\x00', &(0x7f0000000040)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @dev, @local}}}}) 20:10:25 executing program 2: openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x82740}, 0x18) mount(&(0x7f0000000180)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000001280)='./file1\x00', &(0x7f00000012c0)='ocfs2\x00', 0x0, &(0x7f0000001600)='hfs\x00') 20:10:25 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0xc008ae88, &(0x7f00000002c0)={0x1, 0x0, [{0x175}]}) 20:10:25 executing program 4: r0 = socket(0x10, 0x80002, 0x0) sendmsg$TIPC_CMD_SET_LINK_TOL(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="68000000120037"], 0x68}}, 0x0) 20:10:25 executing program 1: r0 = creat(&(0x7f0000000180)='./bus\x00', 0x0) write$UHID_GET_REPORT_REPLY(r0, &(0x7f00000001c0), 0xa) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x4000) 20:10:25 executing program 3: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_buf(r0, 0x84, 0x64, &(0x7f0000000000)="f6", 0x1) [ 1022.987885][T20559] (syz-executor.2,20559,0):ocfs2_parse_options:1469 ERROR: Unrecognized mount option "hfs" or missing value [ 1022.999572][T20559] (syz-executor.2,20559,0):ocfs2_fill_super:1190 ERROR: status = -22 20:10:26 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000780)={0xffffffffffffffff}) getpeername$unix(r0, 0x0, &(0x7f0000000840)) [ 1023.109274][T20563] __nla_validate_parse: 2 callbacks suppressed [ 1023.109309][T20563] netlink: 72 bytes leftover after parsing attributes in process `syz-executor.4'. 20:10:26 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0xc008ae88, &(0x7f00000002c0)={0x1, 0x0, [{0x175}]}) 20:10:26 executing program 1: r0 = socket(0xa, 0x5, 0x0) sendto$l2tp6(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 20:10:26 executing program 2: r0 = socket(0x2, 0x5, 0x0) getsockopt$kcm_KCM_RECV_DISABLE(r0, 0x84, 0x10, 0x0, 0x400600) 20:10:26 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_ifreq(r0, 0x8946, &(0x7f0000000040)={'tunl0\x00', @ifru_data=&(0x7f0000000000)="2a000000262a7e663b1d717e5882d1d44d1ef182c5b0214c2f27e929605c0bf7"}) 20:10:26 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$inet(r0, &(0x7f0000000340)={&(0x7f00000001c0)={0x2, 0x4e22, @multicast1=0xe0000300}, 0x10, 0x0, 0x0, &(0x7f00000000c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r2, @local, @broadcast}}}], 0x20}, 0x0) 20:10:26 executing program 5: r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000000), 0x8, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, 0x0, 0x0) 20:10:26 executing program 2: r0 = socket$xdp(0x2c, 0x3, 0x0) sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0) 20:10:26 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) bind(r0, &(0x7f0000000040)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0, {0xa, 0x0, 0x0, @initdev={0xfe, 0x88, [], 0x0, 0x0}}}}, 0x80) 20:10:27 executing program 3: r0 = open(&(0x7f0000000600)='./file0\x00', 0xc0, 0x0) r1 = getpid() r2 = getpid() kcmp(r1, r2, 0x0, r0, r0) 20:10:27 executing program 4: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x9, 0x0, 0x0) 20:10:27 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0xc008ae88, &(0x7f00000002c0)={0x1, 0x0, [{0x175}]}) 20:10:27 executing program 5: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x43, &(0x7f00000006c0)={0x0, {{0xa, 0x0, 0x0, @ipv4={[], [], @dev}}}}, 0x88) 20:10:27 executing program 2: r0 = socket(0x2b, 0x1, 0x0) sendmsg$kcm(r0, &(0x7f0000000a00)={0x0, 0x0, 0x0}, 0x20000005) setsockopt$pppl2tp_PPPOL2TP_SO_SENDSEQ(r0, 0x6, 0x4, 0x400006, 0x38) 20:10:27 executing program 1: r0 = socket(0xa, 0x5, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={&(0x7f0000000080)={0x2, 0x6, 0xffffff7f}, 0x2000008c, &(0x7f0000000240)={0x0, 0x2c}}, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f00000001c0)=[@in={0x2, 0x0, @remote}], 0x10) 20:10:27 executing program 5: r0 = socket$inet6(0xa, 0x3, 0x7) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x11, &(0x7f0000000740)=@raw={'raw\x00', 0x3c1, 0x3, 0x390, 0x0, 0x2b8, 0x0, 0x1d0, 0x0, 0x2c0, 0x3a8, 0x3a8, 0x2c0, 0x3a8, 0x3, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, [], 0x0, 0x0}, @empty, [], [], 'macvlan0\x00', 'vlan0\x00'}, 0x0, 0xa8, 0x1d0}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'system_u:object_r:dhcpc_var_run_t:s0\x00'}}}, {{@ipv6={@empty, @private0, [], [], 'veth1_to_team\x00', 'team_slave_0\x00'}, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@loopback, 'netpci0\x00'}}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3f0) 20:10:27 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x0, 0x0) mmap$usbmon(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x40010, r0, 0x0) 20:10:27 executing program 3: syz_mount_image$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) setxattr$system_posix_acl(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='system.posix_acl_access\x00', &(0x7f00000000c0)={{}, {0x4}}, 0x24, 0x0) 20:10:27 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0xc008ae88, &(0x7f00000002c0)={0x1, 0x0, [{0x175}]}) 20:10:28 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000080)=@assoc_value={0x0}, &(0x7f00000000c0)=0x4) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x76, &(0x7f0000000180)={r1}, &(0x7f00000001c0)=0x8) 20:10:28 executing program 5: r0 = socket$inet6(0xa, 0x3, 0x7) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x37, 0x0, 0x0) 20:10:28 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_ifreq(r0, 0x8946, &(0x7f0000000040)={'tunl0\x00', @ifru_data=&(0x7f0000000000)="4f000000262a7e663b1d717e5882d1d44d1ef182c5b0214c2f27e929605c0bf7"}) [ 1025.607129][T20628] sctp: [Deprecated]: syz-executor.2 (pid 20628) Use of int in max_burst socket option. [ 1025.607129][T20628] Use struct sctp_assoc_value instead 20:10:28 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0xc008ae88, &(0x7f00000002c0)={0x1, 0x0, [{0x175}]}) 20:10:28 executing program 4: r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000740)='/dev/vhost-net\x00', 0x2, 0x0) ioctl$VHOST_GET_FEATURES(r0, 0x541b, 0x0) 20:10:28 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000000)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_DQBUF(r0, 0xc038563b, &(0x7f0000000080)={0x0, 0x0, 0x4, 0x0, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "a400"}, 0x0, 0x0, @userptr}) 20:10:28 executing program 2: r0 = socket(0xa, 0x80801, 0x0) getsockopt$bt_l2cap_L2CAP_CONNINFO(r0, 0x6, 0x2, 0x0, &(0x7f0000000040)) 20:10:29 executing program 5: r0 = socket(0xa, 0x80002, 0x0) setsockopt$bt_hci_HCI_FILTER(r0, 0x0, 0x4, 0x0, 0x11) 20:10:29 executing program 4: r0 = socket(0x2, 0x1, 0x0) sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={0x0}}, 0x4004040) 20:10:29 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0xc008ae88, &(0x7f00000002c0)={0x1, 0x0, [{0x175}]}) 20:10:29 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) connect$pppl2tp(r0, &(0x7f0000000440)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}}}, 0x26) 20:10:29 executing program 3: shmat(0x0, &(0x7f0000000000/0x1000)=nil, 0x5000) fsopen(&(0x7f0000000340)='erofs\x00', 0x0) 20:10:29 executing program 2: socket(0x0, 0x3, 0x2) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket(0x0, 0x80000, 0x0) perf_event_open(&(0x7f0000000000)={0x1, 0x70, 0xc0, 0x57, 0xff, 0x0, 0x0, 0x1, 0x10000, 0x8, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xff, 0x0, @perf_config_ext={0x0, 0x3}, 0x10142, 0x3f, 0x0, 0x0, 0xb544, 0x5, 0x1}, 0x0, 0x0, r0, 0x2) prctl$PR_SVE_GET_VL(0x33, 0xd90f) clone3(&(0x7f0000000900)={0x400a0100, &(0x7f0000000140), 0x0, 0x0, {}, 0x0, 0x0, &(0x7f0000000300)=""/173, 0x0}, 0x58) 20:10:29 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x19, 0x0, 0x0) 20:10:29 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x1c, &(0x7f0000000040)=[@in6={0xa, 0x0, 0x0, @dev, 0x1}]}, &(0x7f0000000240)=0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000000)=ANY=[@ANYRES32=0x0], &(0x7f0000000080)=0x8) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x10, &(0x7f0000000000)={r2}, 0x8) 20:10:29 executing program 5: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_buf(r0, 0x107, 0x17, 0x0, 0x0) 20:10:29 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r0, 0xc008ae88, &(0x7f00000002c0)={0x1, 0x0, [{0x175}]}) 20:10:30 executing program 3: r0 = socket(0x11, 0x80002, 0x0) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000000)={'wg0\x00', 0x0}) sendmsg(r0, &(0x7f0000006300)={&(0x7f0000005d40)=@xdp={0x2c, 0x8, r1}, 0x80, 0x0}, 0x0) [ 1027.084140][T20662] IPVS: ftp: loaded support on port[0] = 21 [ 1027.237460][T20662] lo speed is unknown, defaulting to 1000 [ 1027.287750][T20674] sctp: [Deprecated]: syz-executor.4 (pid 20674) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1027.287750][T20674] Use struct sctp_sack_info instead [ 1027.543194][ T8534] tipc: TX() has been purged, node left! 20:10:30 executing program 1: r0 = creat(&(0x7f0000000180)='./bus\x00', 0x0) r1 = dup2(r0, r0) fallocate(r1, 0x40, 0x0, 0x3) 20:10:30 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r0, 0xc008ae88, &(0x7f00000002c0)={0x1, 0x0, [{0x175}]}) 20:10:30 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_ifreq(r0, 0x89f0, &(0x7f0000000040)={'tunl0\x00', @ifru_mtu=0x531101}) socket$inet6(0x2c, 0x3, 0x0) 20:10:30 executing program 3: r0 = socket(0xa, 0x5, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f00000000c0)=[@in6={0xa, 0x0, 0x0, @ipv4={[], [], @initdev={0xac, 0x1e, 0x0, 0x0}}}], 0x1c) 20:10:30 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000300)={'ip6gre0\x00', 0x0}) [ 1028.069757][T20709] sctp: [Deprecated]: syz-executor.4 (pid 20709) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1028.069757][T20709] Use struct sctp_sack_info instead 20:10:31 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r0, 0xc008ae88, &(0x7f00000002c0)={0x1, 0x0, [{0x175}]}) 20:10:31 executing program 4: r0 = socket(0xa, 0x5, 0x0) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x4, 0x0, &(0x7f0000000180)) 20:10:31 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0xc008ae88, &(0x7f00000002c0)={0x1, 0x0, [{0x198}]}) 20:10:31 executing program 1: r0 = fsopen(&(0x7f0000000040)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsopen(&(0x7f0000000040)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) 20:10:31 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_ifreq(r0, 0x8946, &(0x7f0000000040)={'tunl0\x00', @ifru_data=&(0x7f0000000000)="44000000262a7e663b1d717e5882d1d44d1ef182c5b0214c2f27e929605c0bf7"}) 20:10:31 executing program 0: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r1, 0xc008ae88, &(0x7f00000002c0)={0x1, 0x0, [{0x175}]}) 20:10:31 executing program 5: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_buf(r0, 0x107, 0x2, &(0x7f00000000c0)="0af89194a711f6a29185763884817c19", 0x10) 20:10:32 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000002c0)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) connect(r0, &(0x7f0000000000)=@vsock={0xa}, 0x80) 20:10:32 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x7) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x5, 0x0, 0x0) 20:10:32 executing program 1: r0 = socket(0x15, 0x5, 0x0) recvfrom$rose(r0, 0x0, 0x0, 0x10121, &(0x7f0000000100)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x0, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x400000) 20:10:32 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x72, 0x0, 0x0) 20:10:32 executing program 0: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r1, 0xc008ae88, &(0x7f00000002c0)={0x1, 0x0, [{0x175}]}) 20:10:32 executing program 5: r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl$KVM_GET_DIRTY_LOG(r0, 0x4cce, 0x0) 20:10:32 executing program 1: r0 = socket(0xa, 0x5, 0x0) getsockopt$inet_mreqn(r0, 0x0, 0x17, 0x0, &(0x7f0000000080)) 20:10:32 executing program 3: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0x6d, &(0x7f00000000c0)=@assoc_value, &(0x7f0000000100)=0x8) 20:10:33 executing program 2: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x0, 0x0) read$snapshot(r0, &(0x7f00000000c0)=""/27, 0xfffffffffffffdef) 20:10:33 executing program 0: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r1, 0xc008ae88, &(0x7f00000002c0)={0x1, 0x0, [{0x175}]}) 20:10:33 executing program 5: r0 = socket$inet6(0xa, 0x3, 0x7) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x19, 0x0, 0x0) 20:10:33 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9c0}) 20:10:34 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0xc008ae88, &(0x7f00000002c0)={0x1, 0x0, [{0x175}]}) 20:10:34 executing program 1: r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) r1 = pkey_alloc(0x0, 0x0) pkey_mprotect(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x4, r1) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000040)={0x0}) 20:10:34 executing program 3: r0 = socket(0x2, 0x1, 0x0) getsockopt$kcm_KCM_RECV_DISABLE(r0, 0x6, 0x6, 0x0, 0x7fffffffefff) 20:10:34 executing program 4: r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) ioctl$KVM_GET_DIRTY_LOG(r0, 0x4c09, 0x0) 20:10:34 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCOUTQ(r0, 0x4bfa, 0x0) 20:10:34 executing program 5: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/mixer\x00', 0x0, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000080)) 20:10:34 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)={0x1c, 0x0, 0x8, 0x5, 0x0, 0x0, {}, [@typed={0x8, 0x5, 0x0, 0x0, @ipv4=@remote}]}, 0x1c}}, 0x0) 20:10:34 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0xc008ae88, &(0x7f00000002c0)={0x1, 0x0, [{0x175}]}) 20:10:34 executing program 5: r0 = socket(0x10, 0x80002, 0x0) sendmsg$nl_xfrm(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@delpolicy={0x50, 0x15, 0x1, 0x0, 0x0, {{@in=@private=0xa010100, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee00}}}, 0x50}}, 0x0) 20:10:35 executing program 1: r0 = socket(0x1e, 0x5, 0x0) recvmmsg(r0, &(0x7f0000007500)=[{{0x0, 0x0, &(0x7f0000003b40)=[{&(0x7f0000002680)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0) 20:10:35 executing program 2: r0 = socket(0xa, 0x3, 0x200000000000ff) sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0x0, @local}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)="729378bb038606177e20a3920100000011d2ef3e8fd7f82ec7de62b990b01f10fd8b9d54000fcc9716ab1b89", 0x2c}], 0x1}, 0x0) 20:10:35 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_ifreq(r0, 0x89f0, &(0x7f0000000200)={'tunl0\x00', @ifru_mtu=0x531101}) openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x909c0, 0x0) 20:10:35 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0xc008ae88, &(0x7f00000002c0)={0x1, 0x0, [{0x140}]}) [ 1032.522320][T20799] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.5'. 20:10:35 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0xc008ae88, &(0x7f00000002c0)={0x1, 0x0, [{0x175}]}) 20:10:35 executing program 1: r0 = socket(0xa, 0x80801, 0x0) setsockopt$bt_l2cap_L2CAP_CONNINFO(r0, 0x6, 0x7, &(0x7f0000000000)={0x0, "8e197b"}, 0x6) 20:10:35 executing program 2: r0 = socket(0x28, 0x1, 0x0) setsockopt$pppl2tp_PPPOL2TP_SO_SENDSEQ(r0, 0x28, 0x1b, 0x0, 0x38) 20:10:35 executing program 5: r0 = socket(0x1d, 0x3, 0x1) sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={0x0}}, 0x0) 20:10:35 executing program 4: r0 = socket(0xa, 0x3, 0x5) setsockopt$MISDN_TIME_STAMP(r0, 0x0, 0x1, 0x0, 0x0) 20:10:36 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r1, 0xc008ae88, &(0x7f00000002c0)={0x1, 0x0, [{0x175}]}) 20:10:36 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_udp_int(r0, 0x11, 0x68, &(0x7f0000000000), 0x4) 20:10:36 executing program 1: r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000740)='/dev/vhost-net\x00', 0x2, 0x0) ioctl$VHOST_GET_FEATURES(r0, 0x40049409, &(0x7f0000000000)) 20:10:36 executing program 2: ioctl$sock_bt_hidp_HIDPCONNADD(0xffffffffffffffff, 0x400448c8, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000000)="05", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00'}) keyctl$dh_compute(0x14, 0x0, &(0x7f0000000140)=""/177, 0xb1, 0x0) 20:10:36 executing program 5: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$TIPC_MCAST_BROADCAST(r0, 0x10f, 0x85) 20:10:36 executing program 4: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000000)={0xe4db}) 20:10:36 executing program 3: r0 = socket(0xa, 0x6, 0x0) setsockopt$bt_hci_HCI_FILTER(r0, 0x10d, 0x2, &(0x7f0000000000), 0x20000004) 20:10:36 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r1, 0xc008ae88, &(0x7f00000002c0)={0x1, 0x0, [{0x175}]}) 20:10:36 executing program 2: socket(0xf, 0x3, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x1a, 0x80000, 0x8) ioctl$BLKTRACESTART(0xffffffffffffffff, 0x1274, 0x0) setpriority(0x0, 0x0, 0x9) perf_event_open(&(0x7f0000000000)={0x1, 0x70, 0x0, 0x57, 0xff, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xff, 0x4, @perf_config_ext={0xffffffff, 0x3}, 0x10142, 0x0, 0x80000001, 0x0, 0xb544, 0x5, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x2) prctl$PR_SVE_GET_VL(0x33, 0x0) getpid() clone3(&(0x7f0000000900)={0x400a0100, &(0x7f0000000140), 0x0, 0x0, {}, 0x0, 0x0, &(0x7f0000000300)=""/173, 0x0}, 0x58) 20:10:36 executing program 1: socketpair(0x0, 0x40804, 0x0, 0x0) 20:10:37 executing program 5: r0 = socket$inet(0x2, 0x3, 0x60) sendmsg$AUDIT_TTY_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0xf0ff7f}}, 0x0) 20:10:37 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000040)={{{@in6=@initdev={0xfe, 0x88, [], 0x0, 0x0}, @in=@empty}}, {{@in=@empty}, 0x0, @in=@remote}}, 0x20000128) 20:10:37 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r1, 0xc008ae88, &(0x7f00000002c0)={0x1, 0x0, [{0x175}]}) [ 1034.515697][T20843] IPVS: ftp: loaded support on port[0] = 21 20:10:37 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x79, &(0x7f0000001080)=@assoc_value, 0x8) 20:10:37 executing program 1: r0 = socket(0xa, 0x80002, 0x0) setsockopt$bt_hci_HCI_FILTER(r0, 0x0, 0x24, 0x0, 0x0) 20:10:37 executing program 5: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x13, 0x0, 0x0) 20:10:37 executing program 4: r0 = syz_open_dev$evdev(&(0x7f0000000180)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGABS0(r0, 0x80004518, 0x0) 20:10:37 executing program 3: r0 = socket(0x1d, 0x3, 0x1) setsockopt$netlink_NETLINK_PKTINFO(r0, 0x65, 0x3, 0x0, 0x0) 20:10:37 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r1, 0xc008ae88, &(0x7f00000002c0)={0x1, 0x0, [{0x175}]}) 20:10:38 executing program 1: syz_mount_image$xfs(&(0x7f0000000080)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x885082, &(0x7f0000000000)) [ 1035.519012][T20843] lo speed is unknown, defaulting to 1000 [ 1038.190066][ T611] tipc: TX() has been purged, node left! 20:10:41 executing program 2: socket(0xf, 0x3, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x1a, 0x80000, 0x8) ioctl$BLKTRACESTART(0xffffffffffffffff, 0x1274, 0x0) setpriority(0x0, 0x0, 0x9) perf_event_open(&(0x7f0000000000)={0x1, 0x70, 0x0, 0x57, 0xff, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xff, 0x4, @perf_config_ext={0xffffffff, 0x3}, 0x10142, 0x0, 0x80000001, 0x0, 0xb544, 0x5, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x2) prctl$PR_SVE_GET_VL(0x33, 0x0) getpid() clone3(&(0x7f0000000900)={0x400a0100, &(0x7f0000000140), 0x0, 0x0, {}, 0x0, 0x0, &(0x7f0000000300)=""/173, 0x0}, 0x58) 20:10:41 executing program 5: openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x418f00, 0x0) 20:10:41 executing program 4: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x7c, 0x0, 0x0) 20:10:41 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r1, 0xc008ae88, &(0x7f00000002c0)={0x1, 0x0, [{0x175}]}) 20:10:41 executing program 1: r0 = socket(0x28, 0x1, 0x0) setsockopt$pppl2tp_PPPOL2TP_SO_SENDSEQ(r0, 0x28, 0x6, 0x0, 0x38) 20:10:41 executing program 3: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x0, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x5008, 0x0) 20:10:42 executing program 4: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCOUTQ(r0, 0x4b46, &(0x7f0000000100)) 20:10:42 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x83, &(0x7f0000001080)=@assoc_value, 0x8) [ 1039.237833][T20918] IPVS: ftp: loaded support on port[0] = 21 20:10:42 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000659000)='/dev/sg#\x00', 0x0, 0x101801) write$FUSE_DIRENTPLUS(r0, &(0x7f0000001480)=ANY=[@ANYBLOB="b000000000dc23002f779d8e3c08307e9a258c0c6f3e74711f5c6ce43bcc55bbc60bbb6c28bf039e94b94f00eb"], 0xb0) 20:10:42 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r1, 0xc008ae88, &(0x7f00000002c0)={0x1, 0x0, [{0x175}]}) 20:10:42 executing program 3: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$IP_VS_SO_SET_TIMEOUT(r0, 0x84, 0x3, 0x0, 0x0) [ 1039.789411][T20925] sg_write: data in/out 2350044/130 bytes for SCSI command 0x28-- guessing data in; [ 1039.789411][T20925] program syz-executor.5 not setting count and/or reply_len properly 20:10:42 executing program 1: r0 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r0, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10) write$P9_RSETATTR(r0, 0x0, 0x0) [ 1040.985483][T20918] lo speed is unknown, defaulting to 1000 20:10:46 executing program 2: r0 = socket(0x10, 0x80002, 0x4) sendmsg$nl_route_sched(r0, &(0x7f0000002980)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=@newtaction={0x14, 0x14, 0x53b}, 0x14}}, 0x0) 20:10:46 executing program 4: r0 = syz_open_dev$loop(&(0x7f00000002c0)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS(r0, 0x1279, &(0x7f0000000000)={0x0, {}, 0x0, {}, 0x0, 0x0, 0x0, 0x0, "d91cd8c88ddf50914be63869266a820f9c29b8476f642eb24c9aa651bca04bef91954d4c2a4f6dd90d4a221fd47eb5394fff32eeac0c87d96e358c1477c2342d", "002c5bebc641618c7cbcee07547e2add4db1f9a0ae03d4437aa059baf5c7eecd"}) 20:10:46 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0xc008ae88, &(0x7f00000002c0)={0x1, 0x0, [{0x175}]}) 20:10:46 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_ifreq(r0, 0x8946, &(0x7f0000000040)={'tunl0\x00', @ifru_data=&(0x7f0000000000)="2c000000262a7e663b1d717e5882d1d44d1ef182c5b0214c2f27e929605c0bf7"}) 20:10:46 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89a1, &(0x7f00000000c0)={'ip_vti0\x00', 0x0}) 20:10:46 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_ifreq(r0, 0x89f0, &(0x7f0000000040)={'tunl0\x00', @ifru_mtu=0x531101}) request_key(&(0x7f0000000080)='keyring\x00', &(0x7f00000000c0)={'syz', 0x2}, &(0x7f0000000100)='tunl0\x00', 0xffffffffffffffff) [ 1043.683454][ T8534] tipc: TX() has been purged, node left! 20:10:47 executing program 1: setreuid(0xee01, 0xee01) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x16, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x40) 20:10:47 executing program 4: r0 = socket(0x1d, 0x2, 0x2) connect$vsock_stream(r0, &(0x7f0000000080)={0x28, 0x0, 0x11, @local}, 0x10) 20:10:47 executing program 5: r0 = socket(0xf, 0x3, 0x2) sendmsg$AUDIT_USER_AVC(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0, 0xf8}}, 0x0) 20:10:47 executing program 3: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x4, 0x0) read$FUSE(r0, 0x0, 0x0) 20:10:47 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0xc008ae88, &(0x7f00000002c0)={0x1, 0x0, [{0x175}]}) 20:10:47 executing program 2: socketpair(0x1e, 0x1, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$rxrpc(r1, &(0x7f0000000200)=""/96, 0x60, 0x0, 0x0, 0x0) r2 = io_uring_setup(0x1911, &(0x7f0000000080)) mmap$IORING_OFF_SQ_RING(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3000009, 0x11, r2, 0x0) write$bt_hci(r0, &(0x7f0000000780)=ANY=[], 0x5) 20:10:47 executing program 1: r0 = socket(0x2, 0x1, 0x0) getsockopt$kcm_KCM_RECV_DISABLE(r0, 0x6, 0x23, 0x0, 0x400000) 20:10:47 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0xc008ae88, &(0x7f00000002c0)={0x1, 0x0, [{0x175}]}) 20:10:47 executing program 3: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) setsockopt$inet_sctp_SCTP_HMAC_IDENT(r0, 0x106, 0x16, 0x0, 0x0) 20:10:47 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_ifreq(r0, 0x8946, &(0x7f0000000040)={'tunl0\x00', @ifru_data=&(0x7f0000000000)="33000000262a7e663b1d717e5882d1d44d1ef182c5b0214c2f27e929605c0bf7"}) 20:10:48 executing program 2: r0 = io_uring_setup(0x5108, &(0x7f0000000000)) fcntl$setownex(r0, 0x3, 0x0) 20:10:48 executing program 1: r0 = socket$inet6(0xa, 0x3, 0x7) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x46, 0x0, 0x0) 20:10:48 executing program 3: r0 = socket$packet(0x11, 0x2, 0x300) sendmsg(r0, &(0x7f0000001780)={&(0x7f0000000000)=@tipc=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x80, 0x0, 0x0, &(0x7f0000001700)=ANY=[@ANYBLOB="88"], 0x78}, 0x0) 20:10:49 executing program 4: r0 = socket(0x11, 0x3, 0x0) sendmmsg$nfc_llcp(r0, &(0x7f00000003c0)=[{&(0x7f00000000c0)={0x27, 0x1, 0x0, 0x0, 0x0, 0x0, "c5b432795d59a37822d79114bff730d57a25f709c0c79b190fb17e30113c9723cf61385a27aee7b83d8334f97da7c38d3796822e6aaa58046d81597dcea6ff"}, 0x60, &(0x7f0000000300)=[{&(0x7f0000000280)="36f6b8994362575beed0cf5305de", 0xe}], 0x1}], 0x1, 0x0) 20:10:49 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0xc008ae88, 0x0) 20:10:49 executing program 5: r0 = socket$inet6(0xa, 0x3, 0x7) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x31, &(0x7f0000000740)=@raw={'raw\x00', 0x3c1, 0x3, 0x390, 0x0, 0x2b8, 0x0, 0x1d0, 0x0, 0x2c0, 0x3a8, 0x3a8, 0x2c0, 0x3a8, 0x3, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, [], 0x0, 0x0}, @empty, [], [], 'macvlan0\x00', 'vlan0\x00'}, 0x0, 0xa8, 0x1d0}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'system_u:object_r:dhcpc_var_run_t:s0\x00'}}}, {{@ipv6={@empty, @private0, [], [], 'veth1_to_team\x00', 'team_slave_0\x00'}, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@loopback, 'netpci0\x00'}}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3f0) 20:10:49 executing program 1: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000440)='net/rt6_stats\x00') read$usbmon(r0, 0x0, 0x0) 20:10:49 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$FUSE_DIRENT(r0, &(0x7f0000002300)={0x98, 0x0, 0x0, [{0x0, 0x0, 0x6e, 0x0, '.@%^,*!(\xb7\xff\xbawL\x16\x97\x1a#[\xbb\xc83\xe9\x0e\xbc\x9bn\xc5Tg\xd3\x93\xbf\xe1\x9b\xaaK\x1eMhT\x81\xf4\x1bDb\x14\xd7\x94z\xc0\xa4\xe9\xc6\xcc\x00\xe3FJE\xa20\xcb\x91)\b\\\x86\xf5\x01\xd1\x81\x88@_qj\xd7\x9f\xeev?\xb0\xba!(\xde=G\x82\x89\xd2^\xf2I\xe92j\xf6-lv\xb2\x1f\xb5\xa2Ssx\x7fM'}]}, 0x98) 20:10:49 executing program 3: r0 = syz_open_dev$video4linux(&(0x7f0000000000)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_DQBUF(r0, 0xc038563c, &(0x7f0000000080)={0x0, 0x0, 0x4, 0x0, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "a400"}, 0x0, 0x0, @userptr}) 20:10:49 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_ifreq(r0, 0x89f0, &(0x7f0000000040)={'tunl0\x00', @ifru_mtu=0x531101}) keyctl$setperm(0x5, 0x0, 0xa2e75f38249d696) 20:10:50 executing program 5: r0 = socket$inet6(0xa, 0x3, 0x7) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x4c, 0x0, 0x0) 20:10:50 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0x4008ae89, &(0x7f00000002c0)={0x1, 0x0, [{0x1d9}]}) 20:10:50 executing program 1: r0 = open(&(0x7f0000000600)='./file0\x00', 0xc0, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc080661a, 0x0) 20:10:50 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0xc008ae88, 0x0) 20:10:50 executing program 4: r0 = syz_io_uring_setup(0xff, &(0x7f0000000000), &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000640)) fsetxattr$trusted_overlay_upper(r0, &(0x7f0000000080)='trusted.overlay.upper\x00', 0x0, 0x31, 0x0) 20:10:50 executing program 2: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)) pwritev(r0, &(0x7f0000000240)=[{&(0x7f0000001200)='v', 0x1}, {0x0}], 0x2, 0x7, 0x1ff) 20:10:50 executing program 1: r0 = socket(0xa, 0x6, 0x0) setsockopt$bt_hci_HCI_FILTER(r0, 0x0, 0x14, &(0x7f0000000000)={0xffffffff}, 0x10) 20:10:50 executing program 5: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x7b, &(0x7f0000001080)=@assoc_value, 0x8) 20:10:50 executing program 3: socket(0xf, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x1a, 0x80000, 0x8) ioctl$BLKTRACESTART(0xffffffffffffffff, 0x1274, 0x0) setpriority(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000000)={0x1, 0x70, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xff, 0x4, @perf_config_ext={0xffffffff, 0x3}, 0x0, 0x0, 0x80000001, 0x0, 0xb544, 0x5, 0x1}, 0x0, 0xfffffffffffffffc, 0xffffffffffffffff, 0x2) prctl$PR_SVE_GET_VL(0x33, 0x0) getpid() clone3(&(0x7f0000000900)={0x400a0100, &(0x7f0000000140), 0x0, 0x0, {}, 0x0, 0x0, &(0x7f0000000300)=""/173, 0x0}, 0x58) 20:10:50 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0xc008ae88, 0x0) 20:10:50 executing program 4: r0 = syz_open_dev$dri(&(0x7f0000000380)='/dev/dri/card#\x00', 0x0, 0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, 0x0) [ 1048.318540][T21084] IPVS: ftp: loaded support on port[0] = 21 [ 1048.415256][T21084] lo speed is unknown, defaulting to 1000 20:10:51 executing program 5: r0 = socket(0x15, 0x5, 0x0) setsockopt$bt_hci_HCI_FILTER(r0, 0x0, 0x2, 0x0, 0x0) 20:10:51 executing program 2: r0 = socket(0x2, 0x1, 0x0) getsockopt$kcm_KCM_RECV_DISABLE(r0, 0x6, 0x5, 0x0, 0x531000) 20:10:51 executing program 1: r0 = creat(&(0x7f0000000180)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0xc020662a, &(0x7f0000000000)) 20:10:51 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0x1b, &(0x7f00000000c0)=@assoc_value, &(0x7f0000000100)=0x8) 20:10:51 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0xc008ae88, &(0x7f00000002c0)) 20:10:52 executing program 5: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x1e, 0x0, 0x0) 20:10:52 executing program 1: connect$pppoe(0xffffffffffffffff, 0x0, 0x0) 20:10:52 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0xc008ae88, &(0x7f00000002c0)) 20:10:52 executing program 2: pipe2$9p(0x0, 0x100000) [ 1049.754949][ T8534] tipc: TX() has been purged, node left! 20:10:52 executing program 3: r0 = socket(0x26, 0x5, 0x0) fsetxattr$trusted_overlay_upper(r0, &(0x7f0000000080)='trusted.overlay.upper\x00', 0x0, 0xffffffff00000000, 0x0) 20:10:52 executing program 4: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x1000, 0x0) 20:10:52 executing program 1: r0 = socket$inet(0x2, 0x3, 0x60) sendmsg$AUDIT_TTY_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x4001) 20:10:53 executing program 5: r0 = socket(0xa, 0x5, 0x0) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x15, 0x0, &(0x7f0000000180)) 20:10:53 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0xc008ae88, &(0x7f00000002c0)) 20:10:53 executing program 2: r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201) ioctl$USBDEVFS_SETINTERFACE(r0, 0x80045510, &(0x7f00000000c0)) 20:10:53 executing program 1: r0 = socket(0xa, 0x5, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f00000001c0)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}], 0x200001d0) 20:10:53 executing program 4: syz_mount_image$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) setxattr$trusted_overlay_redirect(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='trusted.overlay.redirect\x00', 0x0, 0x0, 0x0) lgetxattr(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000500)=@known='trusted.overlay.redirect\x00', 0x0, 0x0) 20:10:53 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000002c0)={'team0\x00', &(0x7f0000000200)=@ethtool_stats}) 20:10:54 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x29, 0x4b, 0x0, 0x0) 20:10:54 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0xc008ae88, &(0x7f00000002c0)={0x1, 0x0, [{}]}) 20:10:54 executing program 5: r0 = socket$inet6(0xa, 0x3, 0x7) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x42, &(0x7f0000000740)=@raw={'raw\x00', 0x3c1, 0x3, 0x390, 0x0, 0x2b8, 0x0, 0x1d0, 0x0, 0x2c0, 0x3a8, 0x3a8, 0x2c0, 0x3a8, 0x3, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, [], 0x0, 0x0}, @empty, [], [], 'macvlan0\x00', 'vlan0\x00'}, 0x0, 0xa8, 0x1d0}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'system_u:object_r:dhcpc_var_run_t:s0\x00'}}}, {{@ipv6={@empty, @private0, [], [], 'veth1_to_team\x00', 'team_slave_0\x00'}, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@loopback, 'netpci0\x00'}}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3f0) 20:10:54 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xb, 0x7, 0x7, 0xfd5, 0x1}, 0x40) bpf$MAP_UPDATE_ELEM(0x15, &(0x7f0000000300)={r0, 0x0, 0x0}, 0x20) 20:10:54 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'blake2s-128-generic\x00'}, 0x58) 20:10:54 executing program 2: r0 = socket(0x28, 0x1, 0x0) setsockopt$pppl2tp_PPPOL2TP_SO_SENDSEQ(r0, 0x6, 0x1b, 0x0, 0x38) 20:10:54 executing program 3: clock_gettime(0x4b693baa6dcf5260, 0x0) 20:10:54 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0xc008ae88, &(0x7f00000002c0)={0x1, 0x0, [{}]}) 20:10:55 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0xc008ae88, &(0x7f00000002c0)={0x1, 0x0, [{0x1a0}]}) 20:10:55 executing program 1: r0 = socket(0x2, 0x5, 0x0) getsockopt$kcm_KCM_RECV_DISABLE(r0, 0x84, 0x76, 0x0, 0x400600) 20:10:55 executing program 4: r0 = socket(0x1d, 0x2, 0x2) connect$vsock_stream(r0, &(0x7f0000000080)={0x28, 0x0, 0x2711, @local}, 0x10) 20:10:55 executing program 3: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x4, 0x180882) write$FUSE_WRITE(r0, &(0x7f0000006500)={0x18}, 0x18) 20:10:55 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000000)='batadv\x00') sendmsg$BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="3103000000800000000005"], 0x24}}, 0x0) 20:10:55 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0xc008ae88, &(0x7f00000002c0)={0x1, 0x0, [{}]}) 20:10:55 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x8982, &(0x7f00000000c0)={'ip_vti0\x00', 0x0}) 20:10:55 executing program 5: r0 = socket(0xa, 0x5, 0x0) getsockopt$inet_IP_XFRM_POLICY(r0, 0x29, 0x11, 0x0, 0x0) 20:10:55 executing program 3: r0 = socket(0x15, 0x5, 0x0) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, 0x0, 0x0) 20:10:56 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0x5000aea5, &(0x7f0000000000)={0x1, 0x0, [{0x0, 0x0, 0x0, 0x0, 0x4000000}]}) 20:10:56 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$FUSE_DIRENT(0xffffffffffffffff, &(0x7f00000002c0)={0x10}, 0x10) ioctl$TIOCOUTQ(r0, 0x4b4b, &(0x7f0000000100)) 20:10:56 executing program 0: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$FUSE_DIRENT(0xffffffffffffffff, &(0x7f00000002c0)={0x10}, 0x10) ioctl$TIOCOUTQ(r0, 0x4b3b, &(0x7f0000000100)) 20:10:56 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCOUTQ(r0, 0x4b30, &(0x7f0000000100)) 20:10:56 executing program 3: r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0xc, &(0x7f00000004c0)=0x80, 0x4) 20:10:57 executing program 4: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000180)='/dev/nullb0\x00', 0x0, 0x0) ioctl$BLKGETSIZE64(r0, 0xc0101282, 0x0) 20:10:57 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCOUTQ(r0, 0x80045438, &(0x7f0000000000)) 20:10:57 executing program 0: r0 = socket(0x2, 0x2, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, 0x0, 0xfffffffffffffffe) 20:10:57 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'veth1_virt_wifi\x00', &(0x7f0000000000)=@ethtool_wolinfo={0x48, 0x0, 0x0, "075fd99d649e"}}) 20:10:57 executing program 3: setreuid(0xee01, 0xee01) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) 20:10:57 executing program 5: r0 = socket$inet(0x2, 0x3, 0x60) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x5411, 0x0) 20:10:57 executing program 0: r0 = socket$inet6(0xa, 0x3, 0x7) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x2, 0x0, 0x0) 20:10:57 executing program 3: r0 = socket$packet(0x11, 0x2, 0x300) sendmsg(r0, &(0x7f0000001780)={&(0x7f0000000000)=@tipc=@nameseq={0x1e, 0x8, 0x0, {0x41}}, 0x80, 0x0, 0x0, &(0x7f0000001700)=ANY=[@ANYBLOB='x'], 0x78}, 0x0) 20:10:57 executing program 1: r0 = socket(0xa, 0x6, 0x0) setsockopt$bt_hci_HCI_FILTER(r0, 0x0, 0xf, &(0x7f0000000000), 0x10) 20:10:57 executing program 5: r0 = socket(0x11, 0x3, 0x0) bind$unix(r0, &(0x7f0000000000)=@file={0x11, './file0\x00'}, 0x6e) 20:10:57 executing program 2: r0 = socket(0xa, 0x80002, 0x0) setsockopt$bt_hci_HCI_FILTER(r0, 0x0, 0x25, 0x0, 0x0) [ 1054.946255][T21253] ===================================================== [ 1054.953302][T21253] BUG: KMSAN: uninit-value in iptable_mangle_hook+0x75b/0x870 [ 1054.960768][T21253] CPU: 1 PID: 21253 Comm: syz-executor.3 Not tainted 5.8.0-rc5-syzkaller #0 [ 1054.969421][T21253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1054.979462][T21253] Call Trace: [ 1054.982754][T21253] dump_stack+0x21c/0x280 [ 1054.987086][T21253] kmsan_report+0xf7/0x1e0 [ 1054.991497][T21253] __msan_warning+0x58/0xa0 [ 1054.995998][T21253] iptable_mangle_hook+0x75b/0x870 [ 1055.001110][T21253] ? iptable_mangle_net_exit+0x100/0x100 [ 1055.006774][T21253] nf_hook_slow+0x17b/0x460 [ 1055.011283][T21253] __ip_local_out+0x71a/0x840 [ 1055.016048][T21253] ? __ip_local_out+0x840/0x840 [ 1055.020888][T21253] ip_local_out+0xa1/0x1e0 [ 1055.025317][T21253] iptunnel_xmit+0x9b6/0xf00 [ 1055.029918][T21253] udp_tunnel_xmit_skb+0x52a/0x650 [ 1055.035075][T21253] geneve_xmit+0x180e/0x3200 [ 1055.039688][T21253] ? geneve_stop+0x400/0x400 [ 1055.044306][T21253] xmit_one+0x3cf/0x750 [ 1055.048459][T21253] ? kmsan_get_metadata+0x116/0x180 [ 1055.053652][T21253] __dev_queue_xmit+0x3aad/0x4470 [ 1055.058684][T21253] dev_queue_xmit+0x4b/0x60 [ 1055.063179][T21253] ? netdev_core_pick_tx+0x5a0/0x5a0 [ 1055.068495][T21253] packet_sendmsg+0x8542/0x9a80 [ 1055.073346][T21253] ? kmsan_get_metadata+0x116/0x180 [ 1055.078534][T21253] ? kmsan_get_metadata+0x116/0x180 [ 1055.083722][T21253] ? kmsan_get_metadata+0x116/0x180 [ 1055.088911][T21253] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 1055.094709][T21253] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1055.100767][T21253] ? kmsan_get_metadata+0x116/0x180 [ 1055.105960][T21253] ? kmsan_internal_set_origin+0x75/0xb0 [ 1055.111583][T21253] ? __msan_poison_alloca+0xf0/0x120 [ 1055.116862][T21253] ? kmsan_get_metadata+0x116/0x180 [ 1055.122050][T21253] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 1055.127902][T21253] ? tomoyo_socket_sendmsg_permission+0x4a5/0x5f0 [ 1055.134361][T21253] ____sys_sendmsg+0xc82/0x1240 [ 1055.139249][T21253] ? compat_packet_setsockopt+0x3c0/0x3c0 [ 1055.144984][T21253] __sys_sendmsg+0x6d1/0x840 [ 1055.149583][T21253] ? kmsan_copy_to_user+0x81/0x90 [ 1055.154614][T21253] ? _copy_to_user+0x203/0x2b0 [ 1055.159395][T21253] __se_compat_sys_sendmsg+0xa7/0xc0 [ 1055.164684][T21253] __ia32_compat_sys_sendmsg+0x4a/0x70 [ 1055.170145][T21253] __do_fast_syscall_32+0x2af/0x480 [ 1055.175343][T21253] do_fast_syscall_32+0x6b/0xd0 [ 1055.180187][T21253] do_SYSENTER_32+0x73/0x90 [ 1055.184684][T21253] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1055.190999][T21253] RIP: 0023:0xf7ff5549 [ 1055.195051][T21253] Code: Bad RIP value. [ 1055.199102][T21253] RSP: 002b:00000000f55ef0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 1055.207505][T21253] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020001780 [ 1055.215463][T21253] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1055.223426][T21253] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1055.231384][T21253] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1055.239344][T21253] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1055.247317][T21253] [ 1055.249642][T21253] Uninit was stored to memory at: [ 1055.254672][T21253] kmsan_internal_chain_origin+0xad/0x130 [ 1055.260394][T21253] __msan_chain_origin+0x50/0x90 [ 1055.265324][T21253] iptunnel_xmit+0xbb8/0xf00 [ 1055.269907][T21253] udp_tunnel_xmit_skb+0x52a/0x650 [ 1055.275005][T21253] geneve_xmit+0x180e/0x3200 [ 1055.279583][T21253] xmit_one+0x3cf/0x750 [ 1055.283732][T21253] __dev_queue_xmit+0x3aad/0x4470 [ 1055.288746][T21253] dev_queue_xmit+0x4b/0x60 [ 1055.293242][T21253] packet_sendmsg+0x8542/0x9a80 [ 1055.298089][T21253] ____sys_sendmsg+0xc82/0x1240 [ 1055.302939][T21253] __sys_sendmsg+0x6d1/0x840 [ 1055.307539][T21253] __se_compat_sys_sendmsg+0xa7/0xc0 [ 1055.312837][T21253] __ia32_compat_sys_sendmsg+0x4a/0x70 [ 1055.318282][T21253] __do_fast_syscall_32+0x2af/0x480 [ 1055.323471][T21253] do_fast_syscall_32+0x6b/0xd0 [ 1055.328312][T21253] do_SYSENTER_32+0x73/0x90 [ 1055.332808][T21253] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1055.339123][T21253] [ 1055.341436][T21253] Uninit was created at: [ 1055.345668][T21253] kmsan_internal_poison_shadow+0x66/0xd0 [ 1055.351373][T21253] kmsan_slab_alloc+0x8a/0xe0 [ 1055.356092][T21253] __kmalloc_node_track_caller+0xeab/0x12e0 [ 1055.361975][T21253] __alloc_skb+0x35f/0xb30 [ 1055.366394][T21253] alloc_skb_with_frags+0x1f2/0xc10 [ 1055.371580][T21253] sock_alloc_send_pskb+0xc83/0xe50 [ 1055.376781][T21253] packet_sendmsg+0x6abb/0x9a80 [ 1055.381617][T21253] ____sys_sendmsg+0xc82/0x1240 [ 1055.386455][T21253] __sys_sendmsg+0x6d1/0x840 [ 1055.391034][T21253] __se_compat_sys_sendmsg+0xa7/0xc0 [ 1055.396311][T21253] __ia32_compat_sys_sendmsg+0x4a/0x70 [ 1055.401771][T21253] __do_fast_syscall_32+0x2af/0x480 [ 1055.406960][T21253] do_fast_syscall_32+0x6b/0xd0 [ 1055.412061][T21253] do_SYSENTER_32+0x73/0x90 [ 1055.416557][T21253] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1055.422867][T21253] ===================================================== [ 1055.429781][T21253] Disabling lock debugging due to kernel taint [ 1055.435932][T21253] Kernel panic - not syncing: panic_on_warn set ... [ 1055.442545][T21253] CPU: 1 PID: 21253 Comm: syz-executor.3 Tainted: G B 5.8.0-rc5-syzkaller #0 [ 1055.452599][T21253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1055.462638][T21253] Call Trace: [ 1055.465923][T21253] dump_stack+0x21c/0x280 [ 1055.470292][T21253] panic+0x4d7/0xef7 [ 1055.474201][T21253] ? add_taint+0x17c/0x210 [ 1055.478620][T21253] kmsan_report+0x1df/0x1e0 [ 1055.483123][T21253] __msan_warning+0x58/0xa0 [ 1055.487619][T21253] iptable_mangle_hook+0x75b/0x870 [ 1055.492738][T21253] ? iptable_mangle_net_exit+0x100/0x100 [ 1055.498365][T21253] nf_hook_slow+0x17b/0x460 [ 1055.502870][T21253] __ip_local_out+0x71a/0x840 [ 1055.507558][T21253] ? __ip_local_out+0x840/0x840 [ 1055.512401][T21253] ip_local_out+0xa1/0x1e0 [ 1055.516815][T21253] iptunnel_xmit+0x9b6/0xf00 [ 1055.521417][T21253] udp_tunnel_xmit_skb+0x52a/0x650 [ 1055.526532][T21253] geneve_xmit+0x180e/0x3200 [ 1055.531135][T21253] ? geneve_stop+0x400/0x400 [ 1055.535717][T21253] xmit_one+0x3cf/0x750 [ 1055.539865][T21253] ? kmsan_get_metadata+0x116/0x180 [ 1055.545055][T21253] __dev_queue_xmit+0x3aad/0x4470 [ 1055.550086][T21253] dev_queue_xmit+0x4b/0x60 [ 1055.554581][T21253] ? netdev_core_pick_tx+0x5a0/0x5a0 [ 1055.559858][T21253] packet_sendmsg+0x8542/0x9a80 [ 1055.564822][T21253] ? kmsan_get_metadata+0x116/0x180 [ 1055.570015][T21253] ? kmsan_get_metadata+0x116/0x180 [ 1055.575211][T21253] ? kmsan_get_metadata+0x116/0x180 [ 1055.580400][T21253] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 1055.586199][T21253] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 1055.592255][T21253] ? kmsan_get_metadata+0x116/0x180 [ 1055.597444][T21253] ? kmsan_internal_set_origin+0x75/0xb0 [ 1055.603071][T21253] ? __msan_poison_alloca+0xf0/0x120 [ 1055.608346][T21253] ? kmsan_get_metadata+0x116/0x180 [ 1055.613543][T21253] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 1055.619345][T21253] ? tomoyo_socket_sendmsg_permission+0x4a5/0x5f0 [ 1055.625775][T21253] ____sys_sendmsg+0xc82/0x1240 [ 1055.630622][T21253] ? compat_packet_setsockopt+0x3c0/0x3c0 [ 1055.636338][T21253] __sys_sendmsg+0x6d1/0x840 [ 1055.640932][T21253] ? kmsan_copy_to_user+0x81/0x90 [ 1055.645945][T21253] ? _copy_to_user+0x203/0x2b0 [ 1055.650717][T21253] __se_compat_sys_sendmsg+0xa7/0xc0 [ 1055.655995][T21253] __ia32_compat_sys_sendmsg+0x4a/0x70 [ 1055.661448][T21253] __do_fast_syscall_32+0x2af/0x480 [ 1055.666645][T21253] do_fast_syscall_32+0x6b/0xd0 [ 1055.671488][T21253] do_SYSENTER_32+0x73/0x90 [ 1055.675996][T21253] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 1055.682330][T21253] RIP: 0023:0xf7ff5549 [ 1055.686381][T21253] Code: Bad RIP value. [ 1055.690437][T21253] RSP: 002b:00000000f55ef0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 1055.698837][T21253] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020001780 [ 1055.706797][T21253] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1055.714754][T21253] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1055.722722][T21253] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1055.730684][T21253] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1055.739966][T21253] Kernel Offset: disabled [ 1055.744292][T21253] Rebooting in 86400 seconds..