:26 executing program 5:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f00000000c0)=ANY=[], 0x8)
connect$inet6(r0, &(0x7f00000003c0)={0xa, 0x0, 0x0, @mcast2, 0x9}, 0x1c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10)
write(r0, &(0x7f0000000400)="82fc150519f02b3b0000000012b8219b00"/28, 0x1c)

01:08:26 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000180)=0x5d1, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x75d, 0x44000122, 0x0)

01:08:26 executing program 4:
r0 = openat$null(0xffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000040)={0x9, 0xfffd, 0xff01, 0x8}, 0x8)
r1 = openat$drirender128(0xffffff9c, &(0x7f0000000540)='/dev/dri/renderD128\x00', 0x40040, 0x0)
ioctl$DRM_IOCTL_VERSION(r1, 0xc0246400, &(0x7f0000001680)={0x8, 0x0, 0xbc0, 0x1000, &(0x7f0000000580)=""/4096, 0x19, &(0x7f0000001580)=""/25, 0xba, &(0x7f00000015c0)=""/186})

01:08:26 executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200), 0xf000)
sendfile(r0, r1, 0x0, 0xf03b0000)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

01:08:26 executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(r0, r1, 0x0, 0xf03b0000)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

01:08:27 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)
sendfile(r1, r2, 0x0, 0xf03b0000)
sendfile(r1, r0, 0x0, 0x8000000000004)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=<r3=>0x0)
timer_settime(r3, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
pause()

01:08:27 executing program 4:
openat$null(0xffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x1, 0x0)
r0 = openat$drirender128(0xffffff9c, &(0x7f0000000540)='/dev/dri/renderD128\x00', 0x40040, 0x0)
ioctl$DRM_IOCTL_VERSION(r0, 0xc0246400, &(0x7f0000001680)={0x8, 0x0, 0xbc0, 0x1000, &(0x7f0000000580)=""/4096, 0x19, &(0x7f0000001580)=""/25, 0xba, &(0x7f00000015c0)=""/186})

[  519.523869][ T8691] Bluetooth: hci5: command 0x040f tx timeout
01:08:27 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x13648, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback}, 0x1c)
shutdown(0xffffffffffffffff, 0x2)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000000)={0x0, 0x0, 0x20}, &(0x7f0000000040)=0xc)

01:08:27 executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, 0x0, 0x0)
sendfile(r0, r1, 0x0, 0xf03b0000)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

01:08:27 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000180)=0x5d1, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x75d, 0x44000122, 0x0)

01:08:28 executing program 4:
r0 = openat$drirender128(0xffffff9c, &(0x7f0000000540)='/dev/dri/renderD128\x00', 0x40040, 0x0)
ioctl$DRM_IOCTL_VERSION(r0, 0xc0246400, &(0x7f0000001680)={0x8, 0x0, 0xbc0, 0x1000, &(0x7f0000000580)=""/4096, 0x19, &(0x7f0000001580)=""/25, 0xba, &(0x7f00000015c0)=""/186})

01:08:28 executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(r0, r1, 0x0, 0xf03b0000)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

01:08:28 executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, 0x0, 0x0)
sendfile(r0, r1, 0x0, 0xf03b0000)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

01:08:28 executing program 5:
r0 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0x0, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x0)
write$UHID_INPUT(r1, &(0x7f0000001440), 0xfffffc41)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="340000001000010400000000000000004f000000", @ANYBLOB="0010000000000000140012000c0001006272"], 0x34}, 0x1, 0x0, 0x0, 0x2400c825}, 0x0)

01:08:29 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000180)=0x5d1, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x75d, 0x44000122, 0x0)

01:08:29 executing program 4:
r0 = openat$drirender128(0xffffff9c, 0x0, 0x40040, 0x0)
ioctl$DRM_IOCTL_VERSION(r0, 0xc0246400, &(0x7f0000001680)={0x8, 0x0, 0xbc0, 0x1000, &(0x7f0000000580)=""/4096, 0x19, &(0x7f0000001580)=""/25, 0xba, &(0x7f00000015c0)=""/186})

01:08:29 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x13648, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback}, 0x1c)
shutdown(0xffffffffffffffff, 0x2)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000000)={0x0, 0x0, 0x20}, &(0x7f0000000040)=0xc)

[  521.593367][   T12] Bluetooth: hci5: command 0x0419 tx timeout
01:08:29 executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, 0x0, 0x0)
sendfile(r0, r1, 0x0, 0xf03b0000)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

[  521.691016][T11199] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'.
[  522.089438][T11202] not chained 30000 origins
[  522.094036][T11202] CPU: 1 PID: 11202 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0
[  522.102722][T11202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  522.112811][T11202] Call Trace:
[  522.116130][T11202]  dump_stack+0x21c/0x280
[  522.120497][T11202]  kmsan_internal_chain_origin+0x6f/0x130
[  522.126242][T11202]  ? __msan_metadata_ptr_for_load_4+0x10/0x20
[  522.132332][T11202]  ? udpv6_recvmsg+0x28dc/0x2bc0
[  522.137299][T11202]  ? kmsan_get_shadow_origin_ptr+0x81/0xb0
[  522.143159][T11202]  ? kmsan_get_metadata+0x116/0x180
[  522.148387][T11202]  ? kmsan_set_origin_checked+0x95/0xf0
[  522.153963][T11202]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  522.160063][T11202]  ? _copy_from_user+0x201/0x310
[  522.165029][T11202]  ? kmsan_get_metadata+0x116/0x180
[  522.170271][T11202]  __msan_chain_origin+0x50/0x90
[  522.175231][T11202]  __get_compat_msghdr+0x6db/0x9d0
[  522.180414][T11202]  get_compat_msghdr+0x108/0x2b0
[  522.185393][T11202]  do_recvmmsg+0xdbb/0x22b0
[  522.189951][T11202]  ? __msan_poison_alloca+0xf0/0x120
[  522.195277][T11202]  ? kmsan_get_metadata+0x116/0x180
[  522.200499][T11202]  ? kmsan_internal_set_origin+0x75/0xb0
[  522.206166][T11202]  ? __msan_poison_alloca+0xf0/0x120
[  522.211490][T11202]  ? __sys_recvmmsg+0xbb/0x610
[  522.216278][T11202]  ? __sys_recvmmsg+0xbb/0x610
[  522.221077][T11202]  __sys_recvmmsg+0x5dd/0x610
[  522.225802][T11202]  ? kmsan_get_metadata+0x116/0x180
[  522.231033][T11202]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  522.237137][T11202]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  522.243322][T11202]  __do_fast_syscall_32+0x129/0x180
[  522.248559][T11202]  do_fast_syscall_32+0x6a/0xc0
[  522.253434][T11202]  do_SYSENTER_32+0x73/0x90
[  522.257965][T11202]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  522.264324][T11202] RIP: 0023:0xf7f7f549
[  522.268412][T11202] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  522.288990][T11202] RSP: 002b:00000000f55790cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  522.297420][T11202] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020008880
[  522.305422][T11202] RDX: 000000000000075d RSI: 0000000044000122 RDI: 0000000000000000
[  522.313436][T11202] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  522.321423][T11202] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  522.329429][T11202] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  522.337432][T11202] Uninit was stored to memory at:
[  522.342485][T11202]  kmsan_internal_chain_origin+0xad/0x130
[  522.348221][T11202]  __msan_chain_origin+0x50/0x90
[  522.353177][T11202]  __get_compat_msghdr+0x6db/0x9d0
[  522.358307][T11202]  get_compat_msghdr+0x108/0x2b0
[  522.363264][T11202]  do_recvmmsg+0xdbb/0x22b0
[  522.367781][T11202]  __sys_recvmmsg+0x5dd/0x610
[  522.372471][T11202]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  522.378584][T11202]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  522.384755][T11202]  __do_fast_syscall_32+0x129/0x180
[  522.389964][T11202]  do_fast_syscall_32+0x6a/0xc0
[  522.394825][T11202]  do_SYSENTER_32+0x73/0x90
[  522.399378][T11202]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  522.405704][T11202] 
[  522.408033][T11202] Uninit was stored to memory at:
[  522.413085][T11202]  kmsan_internal_chain_origin+0xad/0x130
[  522.418818][T11202]  __msan_chain_origin+0x50/0x90
[  522.423768][T11202]  __get_compat_msghdr+0x6db/0x9d0
[  522.428893][T11202]  get_compat_msghdr+0x108/0x2b0
[  522.433848][T11202]  do_recvmmsg+0xdbb/0x22b0
[  522.438364][T11202]  __sys_recvmmsg+0x5dd/0x610
[  522.443065][T11202]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  522.449168][T11202]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  522.455337][T11202]  __do_fast_syscall_32+0x129/0x180
[  522.460914][T11202]  do_fast_syscall_32+0x6a/0xc0
[  522.465873][T11202]  do_SYSENTER_32+0x73/0x90
[  522.470390][T11202]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  522.476723][T11202] 
[  522.479061][T11202] Uninit was stored to memory at:
[  522.484105][T11202]  kmsan_internal_chain_origin+0xad/0x130
[  522.489863][T11202]  __msan_chain_origin+0x50/0x90
[  522.494815][T11202]  __get_compat_msghdr+0x6db/0x9d0
[  522.499941][T11202]  get_compat_msghdr+0x108/0x2b0
[  522.504918][T11202]  do_recvmmsg+0xdbb/0x22b0
[  522.509438][T11202]  __sys_recvmmsg+0x5dd/0x610
[  522.514121][T11202]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  522.520190][T11202]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  522.526351][T11202]  __do_fast_syscall_32+0x129/0x180
[  522.531552][T11202]  do_fast_syscall_32+0x6a/0xc0
[  522.536412][T11202]  do_SYSENTER_32+0x73/0x90
[  522.540924][T11202]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  522.547247][T11202] 
[  522.549584][T11202] Uninit was stored to memory at:
[  522.554627][T11202]  kmsan_internal_chain_origin+0xad/0x130
[  522.560351][T11202]  __msan_chain_origin+0x50/0x90
[  522.565298][T11202]  __get_compat_msghdr+0x6db/0x9d0
[  522.570411][T11202]  get_compat_msghdr+0x108/0x2b0
[  522.575354][T11202]  do_recvmmsg+0xdbb/0x22b0
[  522.579859][T11202]  __sys_recvmmsg+0x5dd/0x610
[  522.584540][T11202]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  522.590611][T11202]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  522.596770][T11202]  __do_fast_syscall_32+0x129/0x180
[  522.601971][T11202]  do_fast_syscall_32+0x6a/0xc0
[  522.606828][T11202]  do_SYSENTER_32+0x73/0x90
[  522.611357][T11202]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  522.617672][T11202] 
[  522.619998][T11202] Uninit was stored to memory at:
[  522.625745][T11202]  kmsan_internal_chain_origin+0xad/0x130
[  522.631479][T11202]  __msan_chain_origin+0x50/0x90
[  522.636425][T11202]  __get_compat_msghdr+0x6db/0x9d0
[  522.641546][T11202]  get_compat_msghdr+0x108/0x2b0
[  522.646495][T11202]  do_recvmmsg+0xdbb/0x22b0
[  522.651003][T11202]  __sys_recvmmsg+0x5dd/0x610
[  522.655864][T11202]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  522.661945][T11202]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  522.668116][T11202]  __do_fast_syscall_32+0x129/0x180
[  522.673342][T11202]  do_fast_syscall_32+0x6a/0xc0
[  522.678199][T11202]  do_SYSENTER_32+0x73/0x90
[  522.682708][T11202]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  522.689049][T11202] 
[  522.691397][T11202] Uninit was stored to memory at:
[  522.696435][T11202]  kmsan_internal_chain_origin+0xad/0x130
[  522.702168][T11202]  __msan_chain_origin+0x50/0x90
[  522.707113][T11202]  __get_compat_msghdr+0x6db/0x9d0
[  522.712229][T11202]  get_compat_msghdr+0x108/0x2b0
[  522.717227][T11202]  do_recvmmsg+0xdbb/0x22b0
[  522.721760][T11202]  __sys_recvmmsg+0x5dd/0x610
[  522.726471][T11202]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  522.732553][T11202]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  522.740460][T11202]  __do_fast_syscall_32+0x129/0x180
[  522.745670][T11202]  do_fast_syscall_32+0x6a/0xc0
[  522.750530][T11202]  do_SYSENTER_32+0x73/0x90
[  522.755063][T11202]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  522.761410][T11202] 
[  522.763747][T11202] Uninit was stored to memory at:
[  522.768782][T11202]  kmsan_internal_chain_origin+0xad/0x130
[  522.774507][T11202]  __msan_chain_origin+0x50/0x90
[  522.779449][T11202]  __get_compat_msghdr+0x6db/0x9d0
[  522.784567][T11202]  get_compat_msghdr+0x108/0x2b0
[  522.789516][T11202]  do_recvmmsg+0xdbb/0x22b0
[  522.794025][T11202]  __sys_recvmmsg+0x5dd/0x610
[  522.798711][T11202]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  522.804784][T11202]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  522.810945][T11202]  __do_fast_syscall_32+0x129/0x180
[  522.816152][T11202]  do_fast_syscall_32+0x6a/0xc0
[  522.821007][T11202]  do_SYSENTER_32+0x73/0x90
[  522.825518][T11202]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  522.831843][T11202] 
[  522.834171][T11202] Local variable ----msg_sys@do_recvmmsg created at:
01:08:30 executing program 4:
r0 = openat$drirender128(0xffffff9c, 0x0, 0x40040, 0x0)
ioctl$DRM_IOCTL_VERSION(r0, 0xc0246400, &(0x7f0000001680)={0x8, 0x0, 0xbc0, 0x1000, &(0x7f0000000580)=""/4096, 0x19, &(0x7f0000001580)=""/25, 0xba, &(0x7f00000015c0)=""/186})

[  522.840850][T11202]  do_recvmmsg+0xbf/0x22b0
[  522.845273][T11202]  do_recvmmsg+0xbf/0x22b0
01:08:30 executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(r0, r1, 0x0, 0xf03b0000)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

01:08:31 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x13648, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback}, 0x1c)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000000)={0x0, 0x0, 0x20}, &(0x7f0000000040)=0xc)

01:08:31 executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(0xffffffffffffffff, r1, 0x0, 0xf03b0000)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

01:08:31 executing program 5:
r0 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x0)
write$UHID_INPUT(r1, &(0x7f0000001440), 0xfffffc41)
getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
socket$netlink(0x10, 0x3, 0x0)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000a40)={&(0x7f0000000280)=@abs={0x0, 0x0, 0x4e22}, 0x6e, &(0x7f0000000840)=[{&(0x7f0000000900)="e462a3d64dfff6cca11011f310ad5ba70ac1f282047b4ecb80b160ac5b9d86bafcb0fb8e8973c421b2988f2df3a8e85b9dbf59154a78f359026ee7c0d36293e199db54a19e9ea357e7511d0f1191dea70cf06fc086eff10487cc22931f9de4b3b096772c087aeb0e234050dc416e87eb3f37ebf292f482df45a0980a6842a92a03a9dbc16d8a7216cd3c258b169f81b281d87a04309748e0a84f62147a659270aacf54e855e7809661", 0xa9}, {&(0x7f0000000080)="32c026737c4c01ee73872e4b90974531a35c637a3b8421c7b9799ea484f50d92bd434f11ab7e8ebda1a3fa5369928694c9f9ef18b467b24b0e4dc0", 0x3b}, {&(0x7f0000000400)="b0bfad987aa1cb907ed708edd5215ff597e5ab0da60a7c545a803cb4a65bf253da546ee403e7471bfb45cd632012e80046087cb375dc6664359c2d2034a757d081cc9a9aaa5355539a2ac98c2bc8535655fb10a7d83ca4848e3da2c5938b5c51e67a3ccd421119d698bf6c6ac6573b5d735058be50fac8fdcb14e02d332ac15f1c44faff931f8eca9a22ae2259823d6704fb154cf7794545862f9aff772b516715c7", 0xa2}, {&(0x7f0000000500)}, {&(0x7f0000000580)="8cbbd848e5b78d5ebedd92c52af93d35f40cc20b36481d121a4107e577a9d1607b73b2e2673443dac2cb49937e7c758c89d0b07c5ccc3f898906e3af7c33b1dc15", 0x41}, {&(0x7f0000000600)="04c4552a97706d9e48f5175ad3d9be3200f11c77ddef7fb27e976bb7d84b9d7ea349d075c0d55ce4962ae87364f95aab21dce256594a173212eb897f160f838b9d29f925e4ee69d967a11488ce8479791fbe7f311b4a1be2dcc570527c6c1d257aba14680a969699740da4ae829b0855f6db", 0x72}, {0x0}, {&(0x7f0000002480)="15b254c10ee30253768787b276f09f2933f00901a18cb420ec8f41f5fdd00d76e16130848c2a11540377862ff4fbd3eba5f45e545200247a0c4dc1202b22ad876f2a1fc42e938b63ddd01a98404b0596145fe87fd7bb5f32c3c2163140e996f94e122fd43075332061aefc4e3edf826ca4964c3c31d9a32e15dd0127f27f471b98b103dfb12005a1fe6f1093e566aa05fd9d45c189c2858e7c9f3cb744c9392a82421b3f7091bbe63f06384448597b7646e5025d3b6c30f05c8ee743970cca6fd4d86b73d0f78503bca08a66ef87f8b167433c74874c987db23e7821742a0af9011ff51a1fafb7a83b62edcb50d99f90dc3dc1424b7da4c1f5104513d6caecb91b51a36f02e1eb4ea2b5432ea4647c599691e5069e23e56dec7b4cdcdc0d610dc87be5205b74657253ed815d6ddabf8c2860f89b3b6476afd3a6c057a5b4d030d03b1f46c8b7fa7f252d2aa476846cc5ba8116a94344a20fee7afa13be243a6f707b00fd08a63fd9ace38095635b34b2dc2bd8a027ace25046db6811b64976180518a3f1ebb374ab840cb953a856ffc602ba0af66f74a0e4ae635e62b281590771fd0dbf516c6a32013f3166a47109c30e910cc4d61df988482a691879fc315480e80fa58a843502f4ea72cf8c63e444d9cb8fa4790fcc3982574c7bff8a719804c734e8e4e93849ede0cf3d55dd653be64786a4feb09517449a071aec4a3afc930783ce34bde018bae1f32dcb8ef41c384bfd411a36c18c80eaacaa188143d7d871d8a6e3438d3d2e8090b709444a5608a466a0cc41a49117002a40bbf5d084a49a4bfbcd4a781ec0a2a2c878153ca457cab1776166dd53f61449051aeb6b82770f43248c46981997762c70045e4e6e5f797da289bcc62b69edd87d6570d115130db064cb3901e5c7cc0a5d0c8a341b0d636df5f20f2e81f9452ce47556de6ef1217e3989fad87db4c9fb9eadb7186d66597de57bb19e2df5177171503a6b58d53e653c39093e5a364578a7f7fb68d5ebcd24417f2db34adff611644ed37f7df5ddab41c47fb1caa893ea32e2a98f6e354a89bdaa6a78b4e82a9814078f08e87d0286f635b996d51d7ddf507368c080e29664be3a65ae3da7a1248b3996fdc9f4a4bece389f397d2d0b519c311133ab1a14e65ff37cc03f7ca7a204e2133e4c75fdbe864f83e9dff404cb7a195b86adc266dd9678710b6e2e06b6799364cf57f6fb39b4594db480093943ee6a964402145d16e14871b38494e352097e656b16ea4599d816ef2f1918ea4a455825fcfa760ca9ecc941e8d48c8823af11ddba05562caa35adec8e53ae23eaa369e21b98f007cbc27d2c0ac6f8afddbac2e82788e96757858bba8a4b1175add4cd85ed4883aede8de91b5a84369f562ff16d146eee8ebf0ff5f3d93757994ababb4e99813700d31ab66563602e06f69db33bb0006c430ada29159d79f319913c851052167989c65d142f42deff8695594ca5bd4168f13cee437067a3271970b0ef1edbd794844838de05d9bcd57a865026a3a938734efcca482bc5ae1f4ce5f8e2484f2493fca2bc36e49a2e7afb1eb8c553571ab445341154598ac64f22338207878008a3f33c53ea1bda356ab5e45c70ae6e1c73ec03f924d5afe205259b5b4dc8bb73ba50e5661abb81461a432a053b29a9a194c1077636425fa9772e519bc54e8112cf07a30c9b8a408568f829048fd46493a7332c57081545a13d251fe118105686016609e14251e6f438e9f313449e9b00553313a9c6ea01215141fc63b9258821d25c84b11f2375d37d837dc01099bc8aa3b6395c158ee217292aa5a354cca91759e928858bc8439291648be177f1682855dfc60066528a7824782e8d55b57aa90e8d33bb1cf6bb479a387ebf836f9cd0b440c50db78fd08250c0ac68f9b512de82fc0ba735c0e0add8b760ec87ea30cd271af3d776ccbab8ac5a4b922185d43ab018036f760396316774ae6d18055075ac61c275f324980741bc51166da35988315a4bf676e5152c89a82a7d6f8b14317179d635e9049b754ae5bd4360c1d66c07715880e842b08eaf2da8e40094a5770d09bcfd59500a49beabe6939bd3d779f0bd1575c9bc9ada858f2e9e46832740cc9b3f20d0716affde822f4c384198110dff1fdceaaebf8daa74f00e41742bde4e7c91319eae7623f76727e6a32c31ac926e78b7881f55dbc706e4678c7b54937eb16fb340161354083f3858666439ecd6336caf1cc0d7c0187ba71ffa69236938ce9d28aff52e12e0e4f2390d1df0d3d1885a7c721aeffe89465d60a4aab57f218cd635bcd23ad3c76af4e6fdd900aa57ed780707b9abb93f41b39837dfc73d2bed0647dfdda6bd4bd8249d8cf3dce5f9f599a07bcce16e82c70c78ba17dbccd72e2594223b9434786ea00cc5beb0a82d13360d1a84321671699e8297b8db8ab13c82adda7308ffb0e2afaf6c819c496b4a5da618348575ffa307564209f04b65f3b73a4b799fa00020eb7c6602f7e191b20159db52b7844209876b75e2e22cd21476561e4a5736bcfc10b65cc286fbe6f2882dbcde33de1b206bb6bb08bfd9e0bec681cdcec19200e6e8fd78e30255f98892b205260b4b3efc527df701658f20e9dd32991de2280115de6145838bf5c5bc7fbc4b24c9ac965da503d3c9a7948a0be4700a553219282eeab22c4ec10f694a1262fd0064cb38524b6cd76601558a1deede599131d0316dcf094db288d6ca5ea9233e9b2441f6ca97a80c28c49125bf02502f4b4f312e2f30052dcdf55ec8e3d65a5502e96decd95b28f6f68bd7c320ebaddad43cde70bdfbc0086cf28ca3b5abf9b070a570735f50c8b5bdf648aa2dc051cbb13cc73151ba75f99b9222a5b0ea2d2060a528482a9e5a087b33695b68e7eb5d76c8026a004de82c4c4eea9e2a955f98cfd8066464e1114a023a9405a2efe27ec728f28a02b4078a9381af96f633903d68a946222f842e819f23cff139a863246f26e9ce6d488abe8f12728e3fc6c7e158ab8d9cf2231fd67162d97257ee1e6ac248c014bd44482f04763a0202c26d8f6031f9200c96762d81e140c0d9fd527911546c0b71abb2d01152d889f6cc0a9f30514a4bd98dc972711cc0a4678758186cad0425e904a5c6fdfc9619803b756b1f49d8778c8fd5afe34c17eb9f18932d8fd5b0d7e0bf5801f7a1e3c53b28f366868d7b202455339fcfa91e7aa9fc8bd7572ef14898fcddbc92a3ef3e44ce3b1eac1fbe8f3dc9748cd5686951ca450c68b4951d97e8376418b923607d9175016f908c396b0983e4a108d6ff2621d86fd2a1ce89e914144d92e74ba5de62490716043c27959158f6107bdee6a34e307e09dd08a9670dabeb307881b481f29384b5dbf468f255d8bd6da1bce5870596e512398f6789ada87fe25c6c48cbfa85abfd9da064e18073ff50efdd57f8c984903b50f231df08090e5930d6dbc9538b0279845d92685deea2b436a072c1662966288259525f2a3ad34cfe67e17d2324d27de1194362cbecd76f6e9186a1fef046cb9d397106623ebc2371f3b661fd021693915b0e03234c97bf034d2b00b41a81849856bfe9f02da3e628a6747d23cc3a26fb9825bbe04109068124c9af4095fd866ddd4eedbf43f7418133314c27259a0e512281f6f3112e5aa490e781693f4fd5ac6ffdf667c98b51949479b4d21a89e0771142e83addc90b8830f6d39eb315b853cb6e7950065292a29d84978d7b51deae0550d40567b46663e2dc1c69ddf0fb7dde5f693f3e0509bb8b5b101c642fb4eb40f4cb6abef2811df071ebbbdd0372258f2b669587fd92d19f744d2c59c2f8e497146064378aae7dffc81471b6af72a06e2b00b1e8ac32c7a82fb2872e0abed310f544824a1044afd8d9396c428e94c6a12d01a6131cdbe6a89489646b80a6fc96597e9cd86b3d05b2b38f5f507b27e7fe667faed51da812dbd721ccbfbab2d5e2a19877b9a01502e94adc047ce5a7d400be0ebf86070603173d49eab6001dcf4555da7d95f2da8e991fd164ba522ae402f962b64b1225fc875622a95ca5d5632890224c9a695bfbb20f23b15ef1e00f695adae518995cae786e3aa1dad2c1d8125aac42c49227fb0cee4fdc99e40574cb9d390c6a7f6d8ac4606e926a4d8188b74969ec24df0de0bab27ce88c36d082752a08e0b850dacdc2cfd435c3f407af4d25bcbf8c977871b842c27dab629f008efe210c4f6703303281baa8f66b8b67086080d86e554defac2f34486c41444e3b99a3ed022c6db1f8a4d4be173f2b352b83ae74a6640bb93da15e0df4a7d1992d766288ab329c14e17b061a62ca00847a67c46d518a5348849d3d4b33e73c0b2842ccd34b069f7ce4666e00d7fac7c018638afa96f576988ab93c3a31819e56414cb71839b964cd44fb1dd37b4de385f2051caf4d0b167327870a3c2be03d2c2212804fef8192016f3032f0eb85ed7934243b1bee1e1a807827afd09f603f9f27ff1aef3a06145b2d58167476a83628f5c2904a3ac424fe7146c9aee240faf085adb033777573a25a6f8596716caee2c45e64e6a9c3d90ac3966e884a7c47d21ec675c3111f3a16f64fcf3ece8a11a551620489c1b6cbe60d4fea9899f1e969c771a0bfde7810d94abd4c9977202c8443060462e083495e23e35fb1c18a64bb60911835723936aa2e8acdb7cfec8c68ae8edb99125aaf9bdcf6edbccad56a6eb07a18ac1a8351fc7837246c55f2bb4c016dc416e390b677551dd3b08f6cc069ee19099d1772db1e2c131da7bad87d34b0bfe9908477bf1681d35b6d4ea235e2ec72b4f2cdf51df24a4954c9f7deb620cdba893af004837b4c4c35aed6925aed3842e4", 0xd69}], 0x8, &(0x7f0000000a00)=[@cred={{0x1c, 0x1, 0x2, {r0}}}], 0x20, 0x4008444}, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000180)={{{@in6=@private0, @in6=@mcast2}}, {{@in6=@dev}, 0x0, @in6=@empty}}, &(0x7f0000000040)=0xe8)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'bridge_slave_0\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x3d2}}, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000005240)=[{{0x0, 0xffffff7f, 0x0}}], 0x300, 0x401eb94)
sendmsg$nl_route(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="340000001000010400000000000000004f000000", @ANYRES32=r6, @ANYBLOB="0010000000000000140012000c000100627269646765"], 0x34}, 0x1, 0x0, 0x0, 0x2400c825}, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000000c0)=@newlink={0x28, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_MASTER={0x8, 0xa, r6}]}, 0x28}}, 0x0)

[  523.434814][   T12] Bluetooth: hci0: command 0x0406 tx timeout
01:08:31 executing program 4:
r0 = openat$drirender128(0xffffff9c, 0x0, 0x40040, 0x0)
ioctl$DRM_IOCTL_VERSION(r0, 0xc0246400, &(0x7f0000001680)={0x8, 0x0, 0xbc0, 0x1000, &(0x7f0000000580)=""/4096, 0x19, &(0x7f0000001580)=""/25, 0xba, &(0x7f00000015c0)=""/186})

01:08:32 executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(0xffffffffffffffff, r1, 0x0, 0xf03b0000)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

[  524.244013][T11227] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
01:08:32 executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(r0, r1, 0x0, 0xf03b0000)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

[  525.311701][T11228] device bridge_slave_0 left promiscuous mode
[  525.318968][T11228] bridge0: port 1(bridge_slave_0) entered disabled state
[  525.349024][T11235] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
01:08:33 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x0, &(0x7f0000000180)=0x5d1, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x75d, 0x44000122, 0x0)

01:08:33 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x13648, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback}, 0x1c)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000000)={0x0, 0x0, 0x20}, &(0x7f0000000040)=0xc)

01:08:33 executing program 4:
r0 = openat$drirender128(0xffffff9c, &(0x7f0000000540)='/dev/dri/renderD128\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_VERSION(r0, 0xc0246400, &(0x7f0000001680)={0x8, 0x0, 0xbc0, 0x1000, &(0x7f0000000580)=""/4096, 0x19, &(0x7f0000001580)=""/25, 0xba, &(0x7f00000015c0)=""/186})

01:08:33 executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(0xffffffffffffffff, r1, 0x0, 0xf03b0000)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

01:08:33 executing program 5:
r0 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x0)
write$UHID_INPUT(r1, &(0x7f0000001440), 0xfffffc41)
getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f0000000200))
socket$netlink(0x10, 0x3, 0x0)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000a40)={&(0x7f0000000280)=@abs={0x0, 0x0, 0x4e22}, 0x6e, &(0x7f0000000840)=[{&(0x7f0000000900)="e462a3d64dfff6cca11011f310ad5ba70ac1f282047b4ecb80b160ac5b9d86bafcb0fb8e8973c421b2988f2df3a8e85b9dbf59154a78f359026ee7c0d36293e199db54a19e9ea357e7511d0f1191dea70cf06fc086eff10487cc22931f9de4b3b096772c087aeb0e234050dc416e87eb3f37ebf292f482df45a0980a6842a92a03a9dbc16d8a7216cd3c258b169f81b281d87a04309748e0a84f62147a659270aacf54e855e7809661", 0xa9}, {&(0x7f0000000080)="32c026737c4c01ee73872e4b90974531a35c637a3b8421c7b9799ea484f50d92bd434f11ab7e8ebda1a3fa5369928694c9f9ef18b467b24b0e4dc0", 0x3b}, {&(0x7f0000000400)="b0bfad987aa1cb907ed708edd5215ff597e5ab0da60a7c545a803cb4a65bf253da546ee403e7471bfb45cd632012e80046087cb375dc6664359c2d2034a757d081cc9a9aaa5355539a2ac98c2bc8535655fb10a7d83ca4848e3da2c5938b5c51e67a3ccd421119d698bf6c6ac6573b5d735058be50fac8fdcb14e02d332ac15f1c44faff931f8eca9a22ae2259823d6704fb154cf7794545862f9aff772b516715c7", 0xa2}, {&(0x7f0000000500)}, {&(0x7f0000000580)="8cbbd848e5b78d5ebedd92c52af93d35f40cc20b36481d121a4107e577a9d1607b73b2e2673443dac2cb49937e7c758c89d0b07c5ccc3f898906e3af7c33b1dc15", 0x41}, {&(0x7f0000000600)="04c4552a97706d9e48f5175ad3d9be3200f11c77ddef7fb27e976bb7d84b9d7ea349d075c0d55ce4962ae87364f95aab21dce256594a173212eb897f160f838b9d29f925e4ee69d967a11488ce8479791fbe7f311b4a1be2dcc570527c6c1d257aba14680a969699740da4ae829b0855f6db", 0x72}, {0x0}, {&(0x7f0000002480)="15b254c10ee30253768787b276f09f2933f00901a18cb420ec8f41f5fdd00d76e16130848c2a11540377862ff4fbd3eba5f45e545200247a0c4dc1202b22ad876f2a1fc42e938b63ddd01a98404b0596145fe87fd7bb5f32c3c2163140e996f94e122fd43075332061aefc4e3edf826ca4964c3c31d9a32e15dd0127f27f471b98b103dfb12005a1fe6f1093e566aa05fd9d45c189c2858e7c9f3cb744c9392a82421b3f7091bbe63f06384448597b7646e5025d3b6c30f05c8ee743970cca6fd4d86b73d0f78503bca08a66ef87f8b167433c74874c987db23e7821742a0af9011ff51a1fafb7a83b62edcb50d99f90dc3dc1424b7da4c1f5104513d6caecb91b51a36f02e1eb4ea2b5432ea4647c599691e5069e23e56dec7b4cdcdc0d610dc87be5205b74657253ed815d6ddabf8c2860f89b3b6476afd3a6c057a5b4d030d03b1f46c8b7fa7f252d2aa476846cc5ba8116a94344a20fee7afa13be243a6f707b00fd08a63fd9ace38095635b34b2dc2bd8a027ace25046db6811b64976180518a3f1ebb374ab840cb953a856ffc602ba0af66f74a0e4ae635e62b281590771fd0dbf516c6a32013f3166a47109c30e910cc4d61df988482a691879fc315480e80fa58a843502f4ea72cf8c63e444d9cb8fa4790fcc3982574c7bff8a719804c734e8e4e93849ede0cf3d55dd653be64786a4feb09517449a071aec4a3afc930783ce34bde018bae1f32dcb8ef41c384bfd411a36c18c80eaacaa188143d7d871d8a6e3438d3d2e8090b709444a5608a466a0cc41a49117002a40bbf5d084a49a4bfbcd4a781ec0a2a2c878153ca457cab1776166dd53f61449051aeb6b82770f43248c46981997762c70045e4e6e5f797da289bcc62b69edd87d6570d115130db064cb3901e5c7cc0a5d0c8a341b0d636df5f20f2e81f9452ce47556de6ef1217e3989fad87db4c9fb9eadb7186d66597de57bb19e2df5177171503a6b58d53e653c39093e5a364578a7f7fb68d5ebcd24417f2db34adff611644ed37f7df5ddab41c47fb1caa893ea32e2a98f6e354a89bdaa6a78b4e82a9814078f08e87d0286f635b996d51d7ddf507368c080e29664be3a65ae3da7a1248b3996fdc9f4a4bece389f397d2d0b519c311133ab1a14e65ff37cc03f7ca7a204e2133e4c75fdbe864f83e9dff404cb7a195b86adc266dd9678710b6e2e06b6799364cf57f6fb39b4594db480093943ee6a964402145d16e14871b38494e352097e656b16ea4599d816ef2f1918ea4a455825fcfa760ca9ecc941e8d48c8823af11ddba05562caa35adec8e53ae23eaa369e21b98f007cbc27d2c0ac6f8afddbac2e82788e96757858bba8a4b1175add4cd85ed4883aede8de91b5a84369f562ff16d146eee8ebf0ff5f3d93757994ababb4e99813700d31ab66563602e06f69db33bb0006c430ada29159d79f319913c851052167989c65d142f42deff8695594ca5bd4168f13cee437067a3271970b0ef1edbd794844838de05d9bcd57a865026a3a938734efcca482bc5ae1f4ce5f8e2484f2493fca2bc36e49a2e7afb1eb8c553571ab445341154598ac64f22338207878008a3f33c53ea1bda356ab5e45c70ae6e1c73ec03f924d5afe205259b5b4dc8bb73ba50e5661abb81461a432a053b29a9a194c1077636425fa9772e519bc54e8112cf07a30c9b8a408568f829048fd46493a7332c57081545a13d251fe118105686016609e14251e6f438e9f313449e9b00553313a9c6ea01215141fc63b9258821d25c84b11f2375d37d837dc01099bc8aa3b6395c158ee217292aa5a354cca91759e928858bc8439291648be177f1682855dfc60066528a7824782e8d55b57aa90e8d33bb1cf6bb479a387ebf836f9cd0b440c50db78fd08250c0ac68f9b512de82fc0ba735c0e0add8b760ec87ea30cd271af3d776ccbab8ac5a4b922185d43ab018036f760396316774ae6d18055075ac61c275f324980741bc51166da35988315a4bf676e5152c89a82a7d6f8b14317179d635e9049b754ae5bd4360c1d66c07715880e842b08eaf2da8e40094a5770d09bcfd59500a49beabe6939bd3d779f0bd1575c9bc9ada858f2e9e46832740cc9b3f20d0716affde822f4c384198110dff1fdceaaebf8daa74f00e41742bde4e7c91319eae7623f76727e6a32c31ac926e78b7881f55dbc706e4678c7b54937eb16fb340161354083f3858666439ecd6336caf1cc0d7c0187ba71ffa69236938ce9d28aff52e12e0e4f2390d1df0d3d1885a7c721aeffe89465d60a4aab57f218cd635bcd23ad3c76af4e6fdd900aa57ed780707b9abb93f41b39837dfc73d2bed0647dfdda6bd4bd8249d8cf3dce5f9f599a07bcce16e82c70c78ba17dbccd72e2594223b9434786ea00cc5beb0a82d13360d1a84321671699e8297b8db8ab13c82adda7308ffb0e2afaf6c819c496b4a5da618348575ffa307564209f04b65f3b73a4b799fa00020eb7c6602f7e191b20159db52b7844209876b75e2e22cd21476561e4a5736bcfc10b65cc286fbe6f2882dbcde33de1b206bb6bb08bfd9e0bec681cdcec19200e6e8fd78e30255f98892b205260b4b3efc527df701658f20e9dd32991de2280115de6145838bf5c5bc7fbc4b24c9ac965da503d3c9a7948a0be4700a553219282eeab22c4ec10f694a1262fd0064cb38524b6cd76601558a1deede599131d0316dcf094db288d6ca5ea9233e9b2441f6ca97a80c28c49125bf02502f4b4f312e2f30052dcdf55ec8e3d65a5502e96decd95b28f6f68bd7c320ebaddad43cde70bdfbc0086cf28ca3b5abf9b070a570735f50c8b5bdf648aa2dc051cbb13cc73151ba75f99b9222a5b0ea2d2060a528482a9e5a087b33695b68e7eb5d76c8026a004de82c4c4eea9e2a955f98cfd8066464e1114a023a9405a2efe27ec728f28a02b4078a9381af96f633903d68a946222f842e819f23cff139a863246f26e9ce6d488abe8f12728e3fc6c7e158ab8d9cf2231fd67162d97257ee1e6ac248c014bd44482f04763a0202c26d8f6031f9200c96762d81e140c0d9fd527911546c0b71abb2d01152d889f6cc0a9f30514a4bd98dc972711cc0a4678758186cad0425e904a5c6fdfc9619803b756b1f49d8778c8fd5afe34c17eb9f18932d8fd5b0d7e0bf5801f7a1e3c53b28f366868d7b202455339fcfa91e7aa9fc8bd7572ef14898fcddbc92a3ef3e44ce3b1eac1fbe8f3dc9748cd5686951ca450c68b4951d97e8376418b923607d9175016f908c396b0983e4a108d6ff2621d86fd2a1ce89e914144d92e74ba5de62490716043c27959158f6107bdee6a34e307e09dd08a9670dabeb307881b481f29384b5dbf468f255d8bd6da1bce5870596e512398f6789ada87fe25c6c48cbfa85abfd9da064e18073ff50efdd57f8c984903b50f231df08090e5930d6dbc9538b0279845d92685deea2b436a072c1662966288259525f2a3ad34cfe67e17d2324d27de1194362cbecd76f6e9186a1fef046cb9d397106623ebc2371f3b661fd021693915b0e03234c97bf034d2b00b41a81849856bfe9f02da3e628a6747d23cc3a26fb9825bbe04109068124c9af4095fd866ddd4eedbf43f7418133314c27259a0e512281f6f3112e5aa490e781693f4fd5ac6ffdf667c98b51949479b4d21a89e0771142e83addc90b8830f6d39eb315b853cb6e7950065292a29d84978d7b51deae0550d40567b46663e2dc1c69ddf0fb7dde5f693f3e0509bb8b5b101c642fb4eb40f4cb6abef2811df071ebbbdd0372258f2b669587fd92d19f744d2c59c2f8e497146064378aae7dffc81471b6af72a06e2b00b1e8ac32c7a82fb2872e0abed310f544824a1044afd8d9396c428e94c6a12d01a6131cdbe6a89489646b80a6fc96597e9cd86b3d05b2b38f5f507b27e7fe667faed51da812dbd721ccbfbab2d5e2a19877b9a01502e94adc047ce5a7d400be0ebf86070603173d49eab6001dcf4555da7d95f2da8e991fd164ba522ae402f962b64b1225fc875622a95ca5d5632890224c9a695bfbb20f23b15ef1e00f695adae518995cae786e3aa1dad2c1d8125aac42c49227fb0cee4fdc99e40574cb9d390c6a7f6d8ac4606e926a4d8188b74969ec24df0de0bab27ce88c36d082752a08e0b850dacdc2cfd435c3f407af4d25bcbf8c977871b842c27dab629f008efe210c4f6703303281baa8f66b8b67086080d86e554defac2f34486c41444e3b99a3ed022c6db1f8a4d4be173f2b352b83ae74a6640bb93da15e0df4a7d1992d766288ab329c14e17b061a62ca00847a67c46d518a5348849d3d4b33e73c0b2842ccd34b069f7ce4666e00d7fac7c018638afa96f576988ab93c3a31819e56414cb71839b964cd44fb1dd37b4de385f2051caf4d0b167327870a3c2be03d2c2212804fef8192016f3032f0eb85ed7934243b1bee1e1a807827afd09f603f9f27ff1aef3a06145b2d58167476a83628f5c2904a3ac424fe7146c9aee240faf085adb033777573a25a6f8596716caee2c45e64e6a9c3d90ac3966e884a7c47d21ec675c3111f3a16f64fcf3ece8a11a551620489c1b6cbe60d4fea9899f1e969c771a0bfde7810d94abd4c9977202c8443060462e083495e23e35fb1c18a64bb60911835723936aa2e8acdb7cfec8c68ae8edb99125aaf9bdcf6edbccad56a6eb07a18ac1a8351fc7837246c55f2bb4c016dc416e390b677551dd3b08f6cc069ee19099d1772db1e2c131da7bad87d34b0bfe9908477bf1681d35b6d4ea235e2ec72b4f2cdf51df24a4954c9f7deb620cdba893af004837b4c4c35aed6925aed3842e4", 0xd69}], 0x8, &(0x7f0000000a00)=[@cred={{0x1c, 0x1, 0x2, {r0}}}], 0x20, 0x4008444}, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000180)={{{@in6=@private0, @in6=@mcast2}}, {{@in6=@dev}, 0x0, @in6=@empty}}, &(0x7f0000000040)=0xe8)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'bridge_slave_0\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x3d2}}, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000005240)=[{{0x0, 0xffffff7f, 0x0}}], 0x300, 0x401eb94)
sendmsg$nl_route(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="340000001000010400000000000000004f000000", @ANYRES32=r6, @ANYBLOB="0010000000000000140012000c000100627269646765"], 0x34}, 0x1, 0x0, 0x0, 0x2400c825}, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000000c0)=@newlink={0x28, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_MASTER={0x8, 0xa, r6}]}, 0x28}}, 0x0)

01:08:34 executing program 4:
r0 = openat$drirender128(0xffffff9c, &(0x7f0000000540)='/dev/dri/renderD128\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_VERSION(r0, 0xc0246400, &(0x7f0000001680)={0x8, 0x0, 0xbc0, 0x1000, &(0x7f0000000580)=""/4096, 0x19, &(0x7f0000001580)=""/25, 0xba, &(0x7f00000015c0)=""/186})

01:08:34 executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xf03b0000)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

01:08:34 executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(r0, r1, 0x0, 0xf03b0000)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

01:08:34 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x0, &(0x7f0000000180)=0x5d1, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x75d, 0x44000122, 0x0)

[  526.649756][T11255] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
01:08:34 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x13648, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback}, 0x1c)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000000)={0x0, 0x0, 0x20}, &(0x7f0000000040)=0xc)

01:08:35 executing program 4:
openat$drirender128(0xffffff9c, &(0x7f0000000540)='/dev/dri/renderD128\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_VERSION(0xffffffffffffffff, 0xc0246400, &(0x7f0000001680)={0x8, 0x0, 0xbc0, 0x1000, &(0x7f0000000580)=""/4096, 0x19, &(0x7f0000001580)=""/25, 0xba, &(0x7f00000015c0)=""/186})

01:08:35 executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xf03b0000)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

01:08:36 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x0, &(0x7f0000000180)=0x5d1, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x75d, 0x44000122, 0x0)

01:08:36 executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(r0, r1, 0x0, 0xf03b0000)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

01:08:36 executing program 4:
openat$drirender128(0xffffff9c, &(0x7f0000000540)='/dev/dri/renderD128\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_VERSION(0xffffffffffffffff, 0xc0246400, &(0x7f0000001680)={0x8, 0x0, 0xbc0, 0x1000, &(0x7f0000000580)=""/4096, 0x19, &(0x7f0000001580)=""/25, 0xba, &(0x7f00000015c0)=""/186})

01:08:36 executing program 5:
r0 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000001440), 0xfffffc41)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000900)="e462a3d64dfff6cca11011f310ad5ba70ac1f282047b4ecb80b160ac5b9d86bafcb0fb8e8973c421b2988f2df3a8e85b9dbf59154a78f359026ee7c0d36293e199db54a19e9ea357e751", 0x4a}, {&(0x7f0000000080)="32c026737c4c01ee73872e4b90974531a35c637a3b8421c7b9799ea484f50d92bd434f11ab7e8ebda1a3fa5369928694c9f9ef18b467b24b0e4dc0", 0x3b}, {&(0x7f0000000400)="b0bfad987aa1cb907ed708edd5215ff597e5ab0da60a7c545a803cb4a65bf253da546ee403e7471bfb45cd632012e80046087cb375dc6664359c2d2034a757d081cc9a9aaa5355539a2ac98c2bc8535655fb10a7d83ca4848e3da2c5938b5c51e67a3ccd421119d698bf6c6ac6573b5d735058be50fac8fdcb14e02d332ac15f1c44faff931f8eca9a22ae2259823d6704fb154cf7794545862f9aff772b516715c7d63e51dc5a96454ea7c7b9bfd7965960b439e66be00e5ec5df455b75f870456b2950d02c23efab39a2d4a0fca05df10d3351fae7fa21", 0xd8}, {&(0x7f0000000500)="6641cf4f1b15a36fadc0a9cc0e884bc666cc9c73f9e19a63daff4eb8ccbd429a073676e54c0cfd990e97fe4fbf3898e8fae7ff6329bc91f83876116a12fdf2619817152c91eecd89b20405c147102ff909e3d75558a69be5a22c5a7be488ff32f55f3f7ef91aee58b42312b7aba8ec43255adbcfdcff581df81f0ed488e8", 0x7e}, {0x0}, {&(0x7f0000000600)="04c4552a97706d9e48f5175ad3d9be3200f11c77ddef7fb27e976bb7d84b9d7ea349d075c0d55ce4962ae87364f95aab21dce256594a173212eb897f160f838b9d29f925e4ee69d967a11488ce8479791fbe7f311b4a1be2dcc570527c6c1d257aba14680a969699740da4ae829b0855f6db5181647f7fe62159f28fc280de0d64ee511e9cf25d6b00707a90e3a7ad72c29229ec", 0x94}, {0x0}, {&(0x7f0000003480)="c19667074290b196f3de3c12dbe5da6ff346c7238390389cdf4e06e66a2652ab000856caecda628b235e4314135c16514db1723543338e1d59ddce8462511640557bcdcfe4a7baf59b99de5daa9f8166b0065720ceaa9feb9527bb4baa055d5fecf65bf1d6b1ad717a54d90034616d0fcf168b087ce85e63fccc4a635a46a283ba636691a8eef2c3a6a5230162a159981a54f2de1a0b627819ab7844e01af1438e104fd67a4fffc0bbc8efec9cc33e700202d6c3d1f8adf6fba6f6a6c510d8fce49d154c0e947d7770b88ddb7a983be1f336b4c8309bf078b469b83ea9d0730ea84bf04c978e5ee43bb0c4a819950a2b6b1ed05c53df97a8dddc0cdf19e33d0f6000398e9e327b307e8c8e24a0695f5b3771d3dfc2742c4c1dde5864e0b38f741a6f9f0ddec7d1a43128ed22a00d39aba7f4a829a0960e8fb8d635533ed7f2f75d4cffd599196ea0ab0d19dfe27a97956bbd7ae002752847b9af3c7bdd0e3e6e020980ad02316fa7ed3665787a810888722b74c74b32937a6e1286e0306b367fced3fcfaf8ade871a5ba88c2a952f87ca23e605199e3397f730b379fdc0016ae0f1dd1f7b01bf59b46734e0587d019cd37af4ad582d53e727c235e6d325556e12dda2c3720cc827b14b180aa9baf8a447cd0eb3cfc80f9747d473e43465711a4e835c20f28858883306d29c1e060ecd8b26c7daa8937bd86419f5ec9ae3a715db87e0fc38d299c9c0ffb0d9507e2defcc21281f8ca8521cbdb9fba1ab6e40923be3c64f319a09bea19618be4f180486893baed76037b1fa7be416f4a0e2151d73dc540c1d9d59f0268391efd8abc532cfbeaf247849ac21ad8eb3e75d5c8e5592bd3c4bd71b30c1b26f6c11860b87d32b4c92c033e3acd4ef6f41dd09fcc2c0991c9f561a2aebeb6d8b126993d47bd833040083f2e86ca424f733fea14c0924ef76f0e45f954d8d5185169e23e5e67c7b4663da0a150078ac202bef90be42f05c493a120872f46b9c7562492cfa06525f7b8e2a8207f2f7f475e15daf13e3344a7e362932bef43a01aa148a0e4a0f02bf8da13dd1a8bfda22fa9b209dcd1a37be80142f7f988f7784f308cfa8cecaa735f8e42e1bc3a1f974206a2d2a5dfdec39ad75f8f8d48fc9283697b35b3f1c6fc597204948f0a194f54d29f34b5658ef1b483078404625f5b5782ea88e0184dbcf60d2294a1707e7dde751938e1c7ccb42c3578917affca40a7660fdedf34231ccbfeb286329e0029f97e5aa2cbef2d98a154d70bca0fdefe76e416beded878d3fd3af296f7b03e778d0e0565712f3e1bcf3016a1589d27764f68532164ac55fe0c724f10bb219b918454cc46f07ccc69d034143fd110f8f4c1287a397a136da230385bec531aa9b5cb4d3755fe051f33f9f3b3da5609f1d439cf21bf2ce9bbd5830835fb76646eb6ab514025a1fb4eff48cad2c4f8102743157eae39daf69fdb2a33d7c4cd38fb749cad9ebe50e3cdd74d8cc663ad3eb53448c3b13e822f245b9485135b0f86bd7ad9c1acc28dc496ae311b812d1a178e4abd7d948095a23d415d322d90bcc1e9a1fab54c98c25175053b06d1afbd3d0c8d78ec0a201bc0c38ec6ad2e43179ccba5e06281c6c3e857e1592ff2cc27ce891a8b84634c221458c0528ecbdb86eab79c40e52f24e030b0b5993efbcb6b97b3a6b0ac0c8f21c55c3a05c2789b3b1bb8ff618ede28e9490580d1d130c1c4c73cc287466d2dff6eae8133fd38527a9f5feee9dff91a06a61cfe6b269afd9a12d18266f2e7749cbc8950740233e261214b404778b9367fbf37b344914e2e4f4f39860814337e8308c20365866b7415009aea46d477b91e0afb636ecb535ef413f1c2cac0406e5eb508c5903034e6e3dcbdfd925e9ea27db574cc3ff6193e4a5326d71b226291627df08f8944f99cb917babef370877151381d2642a02a2719b33939d187b0d8856cc5d5947de78de9ddd44f941bbfaffffa835d65253dbb8c142e4e0f5c9734b88ae4b1535ec481d7411edded2ab918b1b1050d445913d03ee6450f1f2b6e0f3c2deca6c3bbd29d3be914911ccae4ed57ed79886f7e53f29b065b6066716dbd5c0c66d07f8458635fc5f13640e2e9381d2c0650d60a080362599ed6d2ff9dd7f37e7a1a385ebd91aed8895e916c5759a4dbd758808ba48b8088979aa99a9a1ee2d5bd442694a20950ebe0bedbd55b24fa507293387ac53c850df45c12c00ef2cc8bad2c9ccab8a7789ec9bd1002153f737de902b9430b8af0d4b0f7ccb41eca8b388af8d475f290a2b809d2285c48038db17c385a5c09f1ace05bd03ca1aa6267f11448591965f75f1427d5e6704501bc524413615ae095cb9f111d12455a41df245517e378814d42498e0810bb1e24f94e3815cdd58cde99668bdb5b81aa4ebaeef2624072eacf92288740c46bc33061b23228ad946b90da48778d7e26eaffad1b7c40369dc26b8e66ac3cc2e73730a6b4eec00072507f31e9df7cbba42e0b4c76ed59dfa2e68fed19f6debc02247e07a334145834292928617f3a0a9dfb791e0015dc1bf927e0a63888f82887c28468e8558e15565566d18dad680448025a92a9d1a59070cc40dbe5fcde3b0bdb1498e989195336c752b94a2130b0f876b2fbfcce5e04ec266cac3b14f87086ea9e8ac3ebce8a22a442dfdc3f12e75cdacc0c50b4e1bfc5d01ef147caa1a4b45bc86c62548214ad78590b51d7f29627dea3b6c418d4439641c371899ca47cb1e7d7f654f0950efcb7cba06821aa2b734d81a1e9ddc25ac67145f653247f4be3f2fc87d81435036b990383cc6159c77544499d2787c6a59421556dae970ba83dd6eaf93079e16574594e7fbdb5bb99591cefba8a65421ec4f328c150c6cca774bddfbd528431b3f27224753328150a2a1261abf44af8d02ad165133cf39b04ef8a52679789855b6febc2e60298ee6a96451f91ceb8d5126dbab52bc3c3ee4aee81208799f9a8af99732f9979bbcfddd9e3ce931303c27710c7762b42a8b29c08521a8dd3554fe9a878a6f543d5bd920aa4cd73480711632c2cf42ec09a1be74380d51c7ee3ed5b8502552be6a3dd62b2a62854198ff04dcc54f1f8d40fe8f4ac665221a0c7d1184e213198228169589a7c7310804cc40a008c5a84aa3b4a067376da331d22371e63b71e2651236120f64559ed9b206e4f6862f918aba247c90c76009ce23be9218629edf47fccaa50037eb60e4f485c5ae7c19b980dc5c677b87e163df3a03217aba28d8e4c2b224d52c278ceafb5c4a39dc2054cfc73ed80ce5b7413de1cf78c3bbaabae8ac971c2eeef386de3d7c0221dda7a29923f5bd6a1c6ebd47f8eb84763edec9e0b3f7e9379face9774f3d84a952861498f5877d10157ea72c7275bf7a139f0d8ab7cb34f9781701ba2af714810891fdf7e3cfe45558e0db5c9d61d68b993fd82db289f63ea9d137eee23745d28c5de3a28c4dfe93dc73f11de33e226151f0d3b1904bfe06b5e614feffecbbe3ebbcd6cac1af1ef43380637fb4fd6e7af426b36c4bc22a6e13f832be7ffe2fdef81a965f1f2c8157cbeb2bc421e341bc7c26e4bef9e386ea8b02cc5b4b67f7f634a9b779023485c38da750afee5565812b26204b9b8f039c43a1fff1bb6faf889f198e0b2cb7706404e4950e3e5b82f3da146d1ae553b62c517f99b9ba5c28cae90285a469672af99d9e969e6c43d347c6b5937df4ed8b5f29081753ac1ad7d3b8bae3c65d7e7f35059b7201ba5a6cbbdba9e9572a563a2e36303dfbdc0f786c8074c2dcb4781a3daeae908a4280ae133d36f22786ca6948a7520db6e9ee98a236ebfc046ca738de50b24ad7896d30ed1585f58f6f7a2b9cc0c5a5215a0aaf3ee8b4a50e4cba0c73386eb34a53ee87437e5b110426aadfb9411ac4e3e0db20313a3712bd1dfa46527b65b010fd45b67ff44ad9009ce557bbca412cc4c336b006fb8ba435ad793e4d5fbd2cd8c86cfcea094e2bdf8f97ce3d8abeaf657c3f056e56c370d3f03bf63b09f6d3d2253d45db0a717ea0414ec6d4b9a3ce4715134219237b9f173f51f48d9c5b3dbd784c748b69c85a727f1e7752e4fe739b1431f24f6170367fca5c5913308ce75166cd95820c81afa68882539b5c92767d5e049448ec2069a085f2631fe5776e2fbb54c334174b5d7f73d0970921257ccdf644b28bbaefc0261d342485b764a9f6a26e64c770f0dca00c55ded87b3a298a051e1683633a1efb16ec9a410b77e227970974b2cdf63f6cd971b3849a3a18ee41686f8fd56c42f4c41af038aa1c675255c766c9611254c5470438e033b3449248332842cde7fd554e9b89343fbb5f0ff2e5a80207df3d3481ab8fe42364ac2cb58440e896e018ed8e9e9c01cdee2e6452eaa9f9951a3fbca62aaa0a333ca553d0450c3df590d08ddcd29692cfd567e03a66cfbe30082a990ab64c7f8058a689256042a92511416cb6f4d1f50a35ae61e089c31d7581bbc20eddf8acb5308e92b10656249b9a9ccc6df8e6687fe190a4c8e1087e6d493b5f044c2eb48f7f31187bd41fbc369cffb6e69eca3497b7c3e911d99c79315e5db503a8835d9dcec846118a322d8254c73a2e7b8ae463ed4be3e471c9e23d4c813941411ac0714963ce271f76053790c2f3d4e3bf52232ab46b6eff7bacb6d793c9cf3d63a79ab7d34140ee699da55d16c17c7fe289928e8ade0f89104dc8c3676cdf7a2849f9d4dca91a922480c6acdd79fe9e2eb852e6bef00b3cd7bf33b7e44f985e57ed1c82d21f3f831be430b7c74db6ec7d157fe35da2a986b50088cea17d73249e60d3fc9a3b16ea7dbb39e44dd81239039c2cbd317ee6124a5be750f0c10475225cb3b99b1a90f5f819d0e665abfe0518f2938902b3dff6e160a61a3aee1b34dda00c4e38b5b80afa2bea0c606aa0f8c9bb1fcd2ca964e06f7984811f6ed55df1bf231b52e82b0428fde967de28116ccbc3ea75202f13b71c3eaf220b4fbc7206d776da6aa9e888cab602a6fd173bb450f047df692f12ea438d40851036c47becd087aff8bab0117b369c870da0fdf3b32b1c34be85bfb5b5ea8e820d23175b485dc3cc189fec160c8387e7be7e5969bb33c1ebfc73b29f54e286f619b6fba212b8f27bc500687accad2b76bcb86a9897020983d527d6a64c8cf6957d1e51efdcb0c8b485a5d5c1c982e88623e008fc58ce1c330c9d20befc759a7718cf73a22d3700d8d9e6f336fae13c004e7f6f9086e03ad21dfe054aef9d2410a30bc6980f4c3f48dcd2f8dc34d70186a807c0a1c79d85742e631c77c93a3414956b20fd785a13b6464209b799949ac5edc663a752fbf4c17d4361ee119e8fa539dd060a0970f46917d13569dbb7c94bfe7948a2da86c9177f238ae107280f4df5f1536a68e06f88f7e50332a67a2a404bf6d59ea084984b990a944c8abc94fa4c1159814140f9d47ac00ff1d3484f45bc2b9e923fac4b0fa00d01b60839d009210fbf643a3c7d35aa138328948c8349e9eeaaaaf445e3b6d7340fe4278384bf408bf5ce3021b9dcd526164033f1ea1d56f98e34797f3f5392952ef61f82464ff2f36a214652a2f8ec172f454fb32277e1175d926a702dcfd8e523caf63ea9205fd6ddc78d93730cf15d81212f1044fb6e59f843bd7f2f8ceb7669bddccda5a3041b3c5f02ab9a2faf455d8a32f31e81ecb7943499a50745352c64540370e58b96f24b95f406a59fec0e3959f7f284e54137d21f0", 0xfd8}], 0x8, &(0x7f0000000a00)=[@cred={{0x1c, 0x1, 0x2, {r0}}}], 0x20, 0x4008444}, 0x4000)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000180)={{{@in6=@private0, @in6=@mcast2}}, {{@in6=@dev}, 0x0, @in6=@empty}}, &(0x7f0000000040)=0xe8)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bridge_slave_0\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x3d2}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000005240)=[{{0x0, 0xffffff7f, 0x0}}], 0x300, 0x401eb94)
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="340000001000010400000000000000004f000000", @ANYRES32=r5, @ANYBLOB="0010000000000000140012000c000100627269646765"], 0x34}, 0x1, 0x0, 0x0, 0x2400c825}, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000000c0)=@newlink={0x28, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_MASTER={0x8, 0xa, r5}]}, 0x28}}, 0x0)

01:08:36 executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xf03b0000)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

01:08:36 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x13648, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback}, 0x1c)
shutdown(r0, 0x2)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000000)={0x0, 0x0, 0x20}, &(0x7f0000000040)=0xc)

01:08:37 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, 0x0, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x75d, 0x44000122, 0x0)

01:08:37 executing program 4:
openat$drirender128(0xffffff9c, &(0x7f0000000540)='/dev/dri/renderD128\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_VERSION(0xffffffffffffffff, 0xc0246400, &(0x7f0000001680)={0x8, 0x0, 0xbc0, 0x1000, &(0x7f0000000580)=""/4096, 0x19, &(0x7f0000001580)=""/25, 0xba, &(0x7f00000015c0)=""/186})

[  529.613389][T11291] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
01:08:37 executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(r0, r1, 0x0, 0x0)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

01:08:37 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x13648, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback}, 0x1c)
shutdown(r0, 0x2)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000000)={0x0, 0x0, 0x20}, &(0x7f0000000040)=0xc)

01:08:37 executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(r0, r1, 0x0, 0xf03b0000)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

[  530.266061][T11291] bridge0: port 2(bridge_slave_1) entered disabled state
01:08:38 executing program 4:
r0 = openat$drirender128(0xffffff9c, &(0x7f0000000540)='/dev/dri/renderD128\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_VERSION(r0, 0xc0246400, 0x0)

01:08:38 executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(r0, r1, 0x0, 0x0)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

[  530.785908][T11299] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
01:08:38 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x13648, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback}, 0x1c)
shutdown(r0, 0x2)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000000)={0x0, 0x0, 0x20}, &(0x7f0000000040)=0xc)

01:08:38 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, 0x0, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x75d, 0x44000122, 0x0)

01:08:39 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d0f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000540)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000000040)="ed41000000040000d07f655fd1f4655fd1f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000000500)=ANY=[])
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x410481, 0x0)
pwritev(r0, &(0x7f00000014c0)=[{&(0x7f0000000080)="d69f22713f08dc", 0xffffff30}], 0x1, 0x2, 0x20)
fallocate(r0, 0x3, 0x0, 0xffe0)

01:08:39 executing program 4:
r0 = openat$drirender128(0xffffff9c, &(0x7f0000000540)='/dev/dri/renderD128\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_VERSION(r0, 0xc0246400, 0x0)

01:08:39 executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(r0, r1, 0x0, 0xf03b0000)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

01:08:39 executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(r0, r1, 0x0, 0x0)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

[  531.851047][T11318] not chained 40000 origins
[  531.855619][T11318] CPU: 1 PID: 11318 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0
[  531.874023][T11318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  531.884088][T11318] Call Trace:
[  531.887417][T11318]  dump_stack+0x21c/0x280
[  531.891785][T11318]  kmsan_internal_chain_origin+0x6f/0x130
[  531.897528][T11318]  ? __msan_metadata_ptr_for_load_4+0x10/0x20
[  531.903625][T11318]  ? udpv6_recvmsg+0x28dc/0x2bc0
[  531.908659][T11318]  ? kmsan_get_metadata+0x116/0x180
[  531.913906][T11318]  ? kmsan_set_origin_checked+0x95/0xf0
[  531.919467][T11318]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  531.926079][T11318]  ? _copy_from_user+0x201/0x310
[  531.931060][T11318]  ? kmsan_get_metadata+0x116/0x180
[  531.936293][T11318]  __msan_chain_origin+0x50/0x90
[  531.941246][T11318]  __get_compat_msghdr+0x6db/0x9d0
[  531.946420][T11318]  get_compat_msghdr+0x108/0x2b0
[  531.951388][T11318]  do_recvmmsg+0xdbb/0x22b0
[  531.955912][T11318]  ? __msan_get_context_state+0x9/0x20
[  531.961410][T11318]  ? __msan_poison_alloca+0xf0/0x120
[  531.966725][T11318]  ? kmsan_get_metadata+0x116/0x180
[  531.971939][T11318]  ? kmsan_internal_set_origin+0x75/0xb0
[  531.977592][T11318]  ? __msan_poison_alloca+0xf0/0x120
[  531.982906][T11318]  ? __sys_recvmmsg+0xbb/0x610
[  531.987682][T11318]  ? __sys_recvmmsg+0xbb/0x610
[  531.992468][T11318]  __sys_recvmmsg+0x5dd/0x610
[  531.997176][T11318]  ? kmsan_get_metadata+0x116/0x180
[  532.002496][T11318]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  532.009464][T11318]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  532.015697][T11318]  __do_fast_syscall_32+0x129/0x180
[  532.021004][T11318]  do_fast_syscall_32+0x6a/0xc0
[  532.025873][T11318]  do_SYSENTER_32+0x73/0x90
[  532.030391][T11318]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  532.037348][T11318] RIP: 0023:0xf7f7f549
[  532.041422][T11318] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  532.062087][T11318] RSP: 002b:00000000f55790cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  532.070523][T11318] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020008880
[  532.078507][T11318] RDX: 000000000000075d RSI: 0000000044000122 RDI: 0000000000000000
[  532.086499][T11318] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  532.094505][T11318] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  532.102500][T11318] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  532.110497][T11318] Uninit was stored to memory at:
[  532.115547][T11318]  kmsan_internal_chain_origin+0xad/0x130
[  532.121284][T11318]  __msan_chain_origin+0x50/0x90
[  532.126233][T11318]  __get_compat_msghdr+0x6db/0x9d0
[  532.131370][T11318]  get_compat_msghdr+0x108/0x2b0
[  532.136318][T11318]  do_recvmmsg+0xdbb/0x22b0
[  532.140844][T11318]  __sys_recvmmsg+0x5dd/0x610
[  532.148223][T11318]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  532.154304][T11318]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  532.160466][T11318]  __do_fast_syscall_32+0x129/0x180
[  532.165673][T11318]  do_fast_syscall_32+0x6a/0xc0
[  532.171137][T11318]  do_SYSENTER_32+0x73/0x90
[  532.175648][T11318]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  532.183201][T11318] 
[  532.185524][T11318] Uninit was stored to memory at:
[  532.190561][T11318]  kmsan_internal_chain_origin+0xad/0x130
[  532.196725][T11318]  __msan_chain_origin+0x50/0x90
[  532.201668][T11318]  __get_compat_msghdr+0x6db/0x9d0
[  532.206785][T11318]  get_compat_msghdr+0x108/0x2b0
[  532.211729][T11318]  do_recvmmsg+0xdbb/0x22b0
[  532.216239][T11318]  __sys_recvmmsg+0x5dd/0x610
[  532.220921][T11318]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  532.226994][T11318]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  532.233167][T11318]  __do_fast_syscall_32+0x129/0x180
[  532.238369][T11318]  do_fast_syscall_32+0x6a/0xc0
[  532.243224][T11318]  do_SYSENTER_32+0x73/0x90
[  532.247753][T11318]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  532.254069][T11318] 
[  532.256396][T11318] Uninit was stored to memory at:
[  532.261432][T11318]  kmsan_internal_chain_origin+0xad/0x130
[  532.267157][T11318]  __msan_chain_origin+0x50/0x90
[  532.272094][T11318]  __get_compat_msghdr+0x6db/0x9d0
[  532.277214][T11318]  get_compat_msghdr+0x108/0x2b0
[  532.282171][T11318]  do_recvmmsg+0xdbb/0x22b0
[  532.286767][T11318]  __sys_recvmmsg+0x5dd/0x610
[  532.291467][T11318]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  532.297898][T11318]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  532.304056][T11318]  __do_fast_syscall_32+0x129/0x180
[  532.309290][T11318]  do_fast_syscall_32+0x6a/0xc0
[  532.314147][T11318]  do_SYSENTER_32+0x73/0x90
[  532.318658][T11318]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  532.324974][T11318] 
[  532.327304][T11318] Uninit was stored to memory at:
[  532.332348][T11318]  kmsan_internal_chain_origin+0xad/0x130
[  532.338093][T11318]  __msan_chain_origin+0x50/0x90
[  532.343032][T11318]  __get_compat_msghdr+0x6db/0x9d0
[  532.348149][T11318]  get_compat_msghdr+0x108/0x2b0
[  532.353093][T11318]  do_recvmmsg+0xdbb/0x22b0
[  532.357723][T11318]  __sys_recvmmsg+0x5dd/0x610
[  532.362413][T11318]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  532.368489][T11318]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  532.374654][T11318]  __do_fast_syscall_32+0x129/0x180
[  532.379883][T11318]  do_fast_syscall_32+0x6a/0xc0
[  532.384758][T11318]  do_SYSENTER_32+0x73/0x90
[  532.389279][T11318]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  532.395946][T11318] 
[  532.398277][T11318] Uninit was stored to memory at:
[  532.403312][T11318]  kmsan_internal_chain_origin+0xad/0x130
[  532.409037][T11318]  __msan_chain_origin+0x50/0x90
[  532.413981][T11318]  __get_compat_msghdr+0x6db/0x9d0
[  532.419112][T11318]  get_compat_msghdr+0x108/0x2b0
[  532.424057][T11318]  do_recvmmsg+0xdbb/0x22b0
[  532.428573][T11318]  __sys_recvmmsg+0x5dd/0x610
[  532.433281][T11318]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  532.439357][T11318]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  532.446316][T11318]  __do_fast_syscall_32+0x129/0x180
[  532.452250][T11318]  do_fast_syscall_32+0x6a/0xc0
[  532.457115][T11318]  do_SYSENTER_32+0x73/0x90
[  532.461634][T11318]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  532.468907][T11318] 
[  532.471237][T11318] Uninit was stored to memory at:
[  532.476279][T11318]  kmsan_internal_chain_origin+0xad/0x130
[  532.482020][T11318]  __msan_chain_origin+0x50/0x90
[  532.487003][T11318]  __get_compat_msghdr+0x6db/0x9d0
[  532.492122][T11318]  get_compat_msghdr+0x108/0x2b0
[  532.497070][T11318]  do_recvmmsg+0xdbb/0x22b0
[  532.501583][T11318]  __sys_recvmmsg+0x5dd/0x610
[  532.506276][T11318]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  532.512354][T11318]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  532.518519][T11318]  __do_fast_syscall_32+0x129/0x180
[  532.523745][T11318]  do_fast_syscall_32+0x6a/0xc0
[  532.528605][T11318]  do_SYSENTER_32+0x73/0x90
[  532.533119][T11318]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  532.539874][T11318] 
[  532.542210][T11318] Uninit was stored to memory at:
[  532.547597][T11318]  kmsan_internal_chain_origin+0xad/0x130
[  532.553326][T11318]  __msan_chain_origin+0x50/0x90
[  532.558270][T11318]  __get_compat_msghdr+0x6db/0x9d0
[  532.568452][T11318]  get_compat_msghdr+0x108/0x2b0
[  532.573409][T11318]  do_recvmmsg+0xdbb/0x22b0
[  532.577939][T11318]  __sys_recvmmsg+0x5dd/0x610
[  532.582646][T11318]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  532.588725][T11318]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  532.594898][T11318]  __do_fast_syscall_32+0x129/0x180
[  532.600368][T11318]  do_fast_syscall_32+0x6a/0xc0
[  532.605231][T11318]  do_SYSENTER_32+0x73/0x90
[  532.609766][T11318]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  532.616087][T11318] 
[  532.618417][T11318] Local variable ----msg_sys@do_recvmmsg created at:
[  532.625124][T11318]  do_recvmmsg+0xbf/0x22b0
[  532.630220][T11318]  do_recvmmsg+0xbf/0x22b0
[  532.754324][T11324] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
01:08:40 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x13648, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback}, 0x1c)
shutdown(r0, 0x2)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, 0x0, &(0x7f0000000040))

01:08:41 executing program 5:

01:08:41 executing program 4:
r0 = openat$drirender128(0xffffff9c, &(0x7f0000000540)='/dev/dri/renderD128\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_VERSION(r0, 0xc0246400, 0x0)

01:08:41 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, 0x0, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x75d, 0x44000122, 0x0)

[  533.678746][ T8691] Bluetooth: hci1: command 0x0406 tx timeout
01:08:42 executing program 4:
r0 = openat$drirender128(0xffffff9c, &(0x7f0000000540)='/dev/dri/renderD128\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_VERSION(r0, 0xc0246400, &(0x7f0000001680)={0x0, 0x0, 0xbc0, 0x1000, &(0x7f0000000580)=""/4096, 0x19, &(0x7f0000001580)=""/25, 0xba, &(0x7f00000015c0)=""/186})

01:08:42 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x13648, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback}, 0x1c)
shutdown(r0, 0x2)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, 0x0, &(0x7f0000000040))

01:08:42 executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(r0, r1, 0x0, 0xf03b0000)
timer_create(0x0, 0x0, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

01:08:42 executing program 5:

01:08:42 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000180), 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x75d, 0x44000122, 0x0)

01:08:42 executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(r0, r1, 0x0, 0xf03b0000)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=<r2=>0x0)
timer_settime(r2, 0x0, 0x0, 0x0)

01:08:43 executing program 4:
r0 = openat$drirender128(0xffffff9c, &(0x7f0000000540)='/dev/dri/renderD128\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_VERSION(r0, 0xc0246400, &(0x7f0000001680)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000000580)=""/4096, 0x19, &(0x7f0000001580)=""/25, 0xba, &(0x7f00000015c0)=""/186})

01:08:43 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x13648, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback}, 0x1c)
shutdown(r0, 0x2)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, 0x0, &(0x7f0000000040))

01:08:43 executing program 5:

01:08:43 executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(r0, r1, 0x0, 0xf03b0000)
timer_create(0x0, 0x0, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

01:08:43 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000180), 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x75d, 0x44000122, 0x0)

01:08:44 executing program 5:

01:08:44 executing program 4:
r0 = openat$drirender128(0xffffff9c, &(0x7f0000000540)='/dev/dri/renderD128\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_VERSION(r0, 0xc0246400, &(0x7f0000001680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x19, &(0x7f0000001580)=""/25, 0xba, &(0x7f00000015c0)=""/186})

01:08:44 executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(r0, r1, 0x0, 0xf03b0000)
timer_create(0x0, 0x0, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

01:08:44 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x13648, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback}, 0x1c)
shutdown(r0, 0x2)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000000), &(0x7f0000000040)=0xc)

01:08:44 executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(r0, r1, 0x0, 0xf03b0000)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=<r2=>0x0)
timer_settime(r2, 0x0, 0x0, 0x0)

01:08:44 executing program 5:

01:08:45 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000180), 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x75d, 0x44000122, 0x0)

01:08:45 executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(r0, r1, 0x0, 0xf03b0000)
timer_create(0x0, &(0x7f0000066000), &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

01:08:45 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x13648, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback}, 0x1c)
shutdown(r0, 0x2)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000000), 0x0)

01:08:45 executing program 4:
r0 = openat$drirender128(0xffffff9c, &(0x7f0000000540)='/dev/dri/renderD128\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_VERSION(r0, 0xc0246400, &(0x7f0000001680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x19, &(0x7f0000001580)=""/25, 0xba, &(0x7f00000015c0)=""/186})

01:08:45 executing program 5:

01:08:45 executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(r0, r1, 0x0, 0xf03b0000)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=<r2=>0x0)
timer_settime(r2, 0x0, 0x0, 0x0)

01:08:46 executing program 4:
r0 = openat$drirender128(0xffffff9c, &(0x7f0000000540)='/dev/dri/renderD128\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_VERSION(r0, 0xc0246400, &(0x7f0000001680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x19, &(0x7f0000001580)=""/25, 0xba, &(0x7f00000015c0)=""/186})

01:08:46 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x13648, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback}, 0x1c)
shutdown(r0, 0x2)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000000), 0x0)

01:08:46 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000180)=0x5d1, 0x4)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x75d, 0x44000122, 0x0)

01:08:46 executing program 5:

01:08:46 executing program 4:
r0 = openat$drirender128(0xffffff9c, &(0x7f0000000540)='/dev/dri/renderD128\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_VERSION(r0, 0xc0246400, &(0x7f0000001680)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000000580)=""/4096, 0x0, 0x0, 0xba, &(0x7f00000015c0)=""/186})

01:08:46 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x13648, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback}, 0x1c)
shutdown(r0, 0x2)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000000), 0x0)

01:08:47 executing program 5:

01:08:48 executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(r0, r1, 0x0, 0xf03b0000)
timer_create(0x0, &(0x7f0000066000), &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

01:08:48 executing program 0:

01:08:48 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000180)=0x5d1, 0x4)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x75d, 0x44000122, 0x0)

01:08:48 executing program 4:
r0 = openat$drirender128(0xffffff9c, &(0x7f0000000540)='/dev/dri/renderD128\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_VERSION(r0, 0xc0246400, &(0x7f0000001680)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000000580)=""/4096, 0x0, 0x0, 0xba, &(0x7f00000015c0)=""/186})

01:08:48 executing program 1:

01:08:48 executing program 5:

01:08:49 executing program 0:

01:08:49 executing program 1:

01:08:49 executing program 5:

01:08:49 executing program 4:
r0 = openat$drirender128(0xffffff9c, &(0x7f0000000540)='/dev/dri/renderD128\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_VERSION(r0, 0xc0246400, &(0x7f0000001680)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000000580)=""/4096, 0x0, 0x0, 0xba, &(0x7f00000015c0)=""/186})

01:08:49 executing program 0:

01:08:49 executing program 5:

01:08:52 executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(r0, r1, 0x0, 0xf03b0000)
timer_create(0x0, &(0x7f0000066000), &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

01:08:52 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000180)=0x5d1, 0x4)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x75d, 0x44000122, 0x0)

01:08:52 executing program 1:

01:08:52 executing program 4:
r0 = openat$drirender128(0xffffff9c, &(0x7f0000000540)='/dev/dri/renderD128\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_VERSION(r0, 0xc0246400, &(0x7f0000001680)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000000580)=""/4096, 0x19, &(0x7f0000001580)=""/25, 0x0, 0x0})

01:08:52 executing program 0:

01:08:52 executing program 5:
pipe(&(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000100)={'syzkaller1\x00', 0xa732})
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = dup2(r4, r4)
ioctl$sock_inet_SIOCSIFADDR(r5, 0x8914, &(0x7f0000000000)={'syzkaller1\x00', {0x7, 0x0, @empty}})
write$tun(0xffffffffffffffff, &(0x7f0000000140)={@void, @void, @eth={@multicast, @broadcast, @val, {@ipv4={0x800, @generic={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x1, 0x0, @empty, @multicast1}, "ca43132309256f28"}}}}}, 0x32)
write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x10005, 0x0)

01:08:52 executing program 0:

01:08:52 executing program 4:

01:08:52 executing program 1:

01:08:53 executing program 0:

01:08:53 executing program 1:

01:08:53 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000180)=0x5d1, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000008880), 0x75d, 0x44000122, 0x0)

01:08:55 executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(r0, r1, 0x0, 0xf03b0000)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

01:08:55 executing program 4:

01:08:55 executing program 0:

01:08:55 executing program 5:

01:08:55 executing program 1:

01:08:55 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000180)=0x5d1, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000008880), 0x75d, 0x44000122, 0x0)

01:08:56 executing program 0:

01:08:56 executing program 1:

01:08:56 executing program 5:

01:08:56 executing program 4:

01:08:56 executing program 1:

01:08:56 executing program 0:

01:08:59 executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(r0, r1, 0x0, 0xf03b0000)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

01:08:59 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000180)=0x5d1, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000008880), 0x75d, 0x44000122, 0x0)

01:08:59 executing program 5:

01:08:59 executing program 4:

01:08:59 executing program 1:

01:08:59 executing program 0:

01:08:59 executing program 1:

01:08:59 executing program 0:

01:08:59 executing program 5:

01:08:59 executing program 4:

01:09:00 executing program 4:
clock_settime(0x1, 0x0)

01:09:00 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000180)=0x5d1, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x0, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x75d, 0x44000122, 0x0)

[  554.156190][ T3240] Bluetooth: hci2: command 0x0406 tx timeout
01:09:02 executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(r0, r1, 0x0, 0xf03b0000)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

01:09:02 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0)
pipe(&(0x7f0000000100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$setpipe(r3, 0x407, 0x0)
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(r2, &(0x7f0000000000)=[{0x0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x0, 0x6}, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='fdinfo/4\x00')
preadv(r4, &(0x7f00000017c0), 0x375, 0x0, 0x0)

01:09:02 executing program 0:
madvise(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x6b)

01:09:02 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000040000000030000002d0000000f00000000000000020000000200000000800000008000002000000028c4645f28c4645f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000013a00))

01:09:02 executing program 4:
syz_mount_image$msdos(&(0x7f0000000040)='msdos\x00', &(0x7f00000003c0)='./file1\x00', 0x79d7, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x90, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
io_setup(0x21, &(0x7f00000004c0)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000e00)=[&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000340)='b', 0x1}])

01:09:02 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000180)=0x5d1, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x0, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x75d, 0x44000122, 0x0)

01:09:03 executing program 0:
io_setup(0xcd8c, &(0x7f00000020c0)=<r0=>0x0)
io_pgetevents(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

[  555.034851][T11552] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  555.045179][T11552] EXT4-fs (loop5): group descriptors corrupted!
[  555.244400][T11552] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  555.254633][T11552] EXT4-fs (loop5): group descriptors corrupted!
01:09:03 executing program 4:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000022c0)='/proc/diskstats\x00', 0x0, 0x0)
fsconfig$FSCONFIG_SET_FD(r0, 0x5, 0x0, 0x0, 0xffffffffffffffff)

01:09:03 executing program 5:
perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x7c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ttyS3\x00', 0x0, 0x0)

01:09:03 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:09:03 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000180)=0x5d1, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x0, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x75d, 0x44000122, 0x0)

01:09:03 executing program 0:
io_setup(0xcd8c, &(0x7f00000020c0)=<r0=>0x0)
io_pgetevents(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

[  556.534893][T11581] EXT4-fs (loop1): mounted filesystem without journal. Opts: auto_da_alloc=0x0000000000000000,nolazytime,,errors=continue
01:09:06 executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(r0, r1, 0x0, 0xf03b0000)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

01:09:06 executing program 5:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000080)='devpts\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='lowerdir=.:file0'])
mkdir(&(0x7f00000002c0)='./file1\x00', 0x0)
mkdir(&(0x7f0000000140)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./bus\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='upperdir=./bus,workdir=./file1,lowerdir=./file0'])
chdir(&(0x7f00000001c0)='./bus\x00')
open(&(0x7f00000002c0)='./file0\x00', 0x4000, 0x0)

01:09:06 executing program 4:
epoll_pwait(0xffffffffffffffff, &(0x7f00000004c0)=[{}], 0x1, 0x0, &(0x7f00000000c0), 0x8)

01:09:06 executing program 0:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}]})

01:09:06 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000180)=0x5d1, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x75d, 0x44000122, 0x0)

01:09:06 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

[  558.634861][T11603] EXT4-fs (loop1): mounted filesystem without journal. Opts: auto_da_alloc=0x0000000000000000,nolazytime,,errors=continue
[  558.705414][T11604] EXT4-fs (loop0): mounted filesystem without journal. Opts: auto_da_alloc=0x0000000000000000,,errors=continue
[  558.828757][T11610] overlayfs: failed to resolve './file0': -2
01:09:06 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x4000000000000, 0x40, &(0x7f0000000940)=@raw={'raw\x00', 0x2, 0x3, 0x2c8, 0x158, 0x0, 0x0, 0x158, 0x0, 0x230, 0x230, 0x230, 0x230, 0x230, 0x3, 0x0, {[{{@uncond=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0xf0, 0x158, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x0, 0x1, 0x0, 0x0, 0x0, 0x2000}}, @common=@unspec=@time={{0x38, 'time\x00'}, {0x0, 0x0, 0x28f5c}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', 'syz1\x00'}}}], {{[], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x328)

[  559.005817][T11610] overlayfs: overlapping lowerdir path
01:09:07 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000180)=0x5d1, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x75d, 0x44000122, 0x0)

01:09:07 executing program 4:
syz_usb_connect$printer(0x2, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x7, 0x1, 0x0, 0x0, "", {{}, [{{0x9, 0x5, 0x82, 0x2, 0x8}}]}}}]}}]}}, 0x0)

01:09:07 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

[  559.146822][T11607] overlayfs: failed to resolve './file0': -2
01:09:07 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000940)='tmpfs\x00', 0x0, 0x0)
chdir(&(0x7f0000000180)='./file0\x00')
r0 = memfd_create(&(0x7f0000000040)='system.snckprotoname\x00', 0x0)
mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x4, 0x11, r0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
write(r0, &(0x7f00000005c0)="75502217f9b5d18c0f80c2864f3cfd037f8866ff8113d026555e67808fc0452b0cc9a95e6b12218aab2dfcf06b220d9657e03942a99a95fd97110ec232d70476a9bf8197b41d7cfbfb4eefd393ea938611531e61b8abe6fbf1783fdb7b6195796b410957de2bc3cc167f8b55db1506422b054a0427c74b85e6017c2cffb8f9a0", 0x80)
symlink(&(0x7f0000001000)='./file0\x00', &(0x7f0000000280)='./file0\x00')
creat(&(0x7f0000000180)='./file0\x00', 0x0)

01:09:07 executing program 0:
ioprio_set$uid(0x0, 0xffffffffffffffff, 0x2)

[  559.912566][T11630] EXT4-fs (loop1): mounted filesystem without journal. Opts: auto_da_alloc=0x0000000000000000,nolazytime,,errors=continue
[  560.035629][T11310] usb 5-1: new full-speed USB device number 2 using dummy_hcd
[  560.412527][T11310] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0
[  560.586639][T11310] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  560.599082][T11310] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  560.608570][T11310] usb 5-1: Product: syz
[  560.612902][T11310] usb 5-1: Manufacturer: syz
[  560.617803][T11310] usb 5-1: SerialNumber: syz
[  560.676297][T11310] usbip-host 5-1: 5-1 is not in match_busid table... skip!
01:09:09 executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(r0, r1, 0x0, 0xf03b0000)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

01:09:09 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000180)=0x5d1, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x75d, 0x44000122, 0x0)

01:09:09 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:09:09 executing program 0:
unshare(0x24020400)
execveat(0xffffffffffffffff, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0)

01:09:09 executing program 5:
r0 = socket$inet6(0xa, 0x401000000001, 0x0)
r1 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x11, r2, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, r2)
close(r0)
syz_open_procfs(0x0, &(0x7f00000002c0)='comm\x00')
r3 = open(&(0x7f0000000100)='./bus\x00', 0x1141042, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff})
r5 = dup(r4)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
r6 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
ftruncate(r6, 0x208200)
sendfile(r0, r3, 0x0, 0x8000fffffffe)

[  562.052030][T11654] EXT4-fs (loop1): mounted filesystem without journal. Opts: auto_da_alloc=0x0000000000000000,nolazytime,,errors=continue
01:09:10 executing program 0:
prlimit64(0x0, 0xe, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0)
pipe(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(r1, &(0x7f0000000340), 0x41395527)
vmsplice(r0, &(0x7f0000000000)=[{0x0}], 0x1, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f00000002c0)='fdinfo/4\x00')
preadv(r2, &(0x7f00000017c0), 0x375, 0x0, 0x0)

01:09:10 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000180)=0x5d1, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, 0x0, 0x0, 0x44000122, 0x0)

[  562.407153][   T28] audit: type=1800 audit(1600736950.320:13): pid=11653 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed comm="syz-executor.5" name="bus" dev="sda1" ino=16239 res=0 errno=0
01:09:10 executing program 1:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:09:10 executing program 4:
keyctl$describe(0x1d, 0x0, 0x0, 0x0)

01:09:10 executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(r0, r1, 0x0, 0xf03b0000)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

01:09:10 executing program 5:
syz_mount_image$msdos(&(0x7f0000000040)='msdos\x00', &(0x7f00000003c0)='./file1\x00', 0x10000079d7, 0x1, &(0x7f0000000300)=[{&(0x7f0000000200)="040005090000000066617400040409000200027400f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
unshare(0x24020400)
ioctl$LOOP_SET_STATUS(r0, 0x80047213, &(0x7f0000000080)={0x0, {}, 0x0, {}, 0x0, 0x0, 0x0, 0x0, "e902c680a5d2511dd78f74eed6048fd85cbfdbeb6b562793b2a63f21bb00d79413c19cc20f2bb1deb3cae035d40486951376b67d15b1ae6ecb5b9fd83b12e359", "e9a1c8a3b5022b2eb7512ca58da9fd611d24d7fa8bb987c9003c3c2a07370ec7"})

[  562.833496][ T8990] usb 5-1: USB disconnect, device number 2
01:09:11 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000180)=0x5d1, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, 0x0, 0x0, 0x44000122, 0x0)

01:09:11 executing program 5:
futex(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

01:09:11 executing program 1:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:09:11 executing program 4:
mprotect(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1000000)

01:09:11 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000180)=0x5d1, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, 0x0, 0x0, 0x44000122, 0x0)

01:09:11 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/timer\x00', 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000500)={<r1=>0xffffffffffffffff})
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000000)={{0x2}})

01:09:12 executing program 4:
r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201)
ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[])

01:09:12 executing program 1:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:09:12 executing program 5:
r0 = add_key$keyring(&(0x7f0000004440)='keyring\x00', &(0x7f0000004480)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$chown(0x4, r0, 0xee01, 0x0)

01:09:12 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000180)=0x5d1, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x75d, 0x0, 0x0)

01:09:14 executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(r0, r1, 0x0, 0xf03b0000)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, 0x0, &(0x7f0000000040)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

01:09:14 executing program 0:
clock_adjtime(0x4, &(0x7f0000000040))

01:09:14 executing program 5:
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
recvmmsg(r1, &(0x7f0000003200)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$setpipe(r3, 0x407, 0x0)
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
dup(0xffffffffffffffff)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000180)='mountinfo\x00')
preadv(r4, &(0x7f0000000940)=[{&(0x7f0000000040)=""/42, 0x2a}, {&(0x7f00000008c0)=""/106, 0x5b}, {&(0x7f00000007c0)=""/242, 0xf2}, {&(0x7f0000001380)=""/239, 0xfc36}], 0xc7, 0x0, 0x0)

01:09:14 executing program 4:
r0 = syz_open_dev$usbfs(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x76, 0x141201)
ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[])

01:09:14 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', 0x0, 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:09:14 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000180)=0x5d1, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x75d, 0x0, 0x0)

01:09:14 executing program 0:
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000100)={0x40000000, 0x0, &(0x7f00008feff0)={&(0x7f0000000000)={0x2, 0x16, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, [@sadb_x_policy={0x8, 0x12, 0x0, 0x0, 0x0, 0x0, 0x0, {0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @in6=@loopback, @in=@remote}}]}, 0x50}}, 0x0)

01:09:14 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', 0x0, 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:09:14 executing program 4:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="1f5583624999c46653", 0x9}], 0x4, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xee01, 0x0, 0xffffffff}}}, 0x78)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x25)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
r3 = fcntl$dupfd(r2, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x1f, r0, 0x0, 0x0)

01:09:15 executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(r0, r1, 0x0, 0xf03b0000)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, 0x0, &(0x7f0000000040)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

01:09:15 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
setsockopt$inet6_MRT6_ADD_MFC_PROXY(0xffffffffffffffff, 0x29, 0xd2, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0)
pipe(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$setpipe(r1, 0x407, 0x0)
write(r1, 0x0, 0x0)
vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x0, 0x6}, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f00000002c0)='fdinfo/4\x00')
preadv(r2, &(0x7f00000017c0), 0x375, 0x0, 0x0)

[  567.215794][T11756] ptrace attach of "/root/syz-executor.4"[11755] was attempted by "/root/syz-executor.4"[11756]
01:09:15 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', 0x0, 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:09:15 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2}, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0)
pipe(&(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x0, 0x6}, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f00000002c0)='fdinfo/4\x00')
preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0)

01:09:15 executing program 0:
keyctl$describe(0x3, 0x0, 0x0, 0x0)

01:09:15 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000180)=0x5d1, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x75d, 0x0, 0x0)

01:09:15 executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(r0, r1, 0x0, 0xf03b0000)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, 0x0, &(0x7f0000000040)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

01:09:16 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:09:16 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000080)='devpts\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='lowerdir=.:file0'])
mkdir(&(0x7f00000002c0)='./file1\x00', 0x0)
mkdir(&(0x7f0000000140)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./bus\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='upperdir=./bus,workdir=./file1,lowerdir=./file0'])
chdir(&(0x7f00000001c0)='./bus\x00')
rename(&(0x7f0000000000)='./bus\x00', &(0x7f0000000180)='./file1\x00')

01:09:16 executing program 4:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000000, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ioctl$KDFONTOP_SET_DEF(0xffffffffffffffff, 0x4b72, &(0x7f00000000c0)={0x2, 0x0, 0x0, 0x0, 0x105, 0x0})
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x17)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
r1 = gettid()
tkill(r1, 0x1b)

01:09:16 executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(r0, r1, 0x0, 0xf03b0000)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

[  568.831871][T11786] EXT4-fs (loop1): bad geometry: block count 128 exceeds size of device (69 blocks)
[  568.882633][T11785] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
01:09:16 executing program 5:
syz_mount_image$msdos(&(0x7f0000000140)='msdos\x00', &(0x7f0000000000)='./file0\x00', 0xffc00007, 0x2, &(0x7f0000000240)=[{&(0x7f0000000040)="040800090000ff01e66174000404090a0200027400f8", 0x16}, {&(0x7f0000000280)="dbed7d4cac17", 0x6, 0x1f}], 0x0, &(0x7f0000000080)=ANY=[])
r0 = open(&(0x7f0000000300)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)
r2 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
write(r1, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200)
sendfile(r1, r2, 0x0, 0x7fffffff)

[  568.980339][T11788] overlayfs: maximum fs stacking depth exceeded
[  569.015098][T11785] overlayfs: filesystem on './bus' not supported as upperdir
01:09:17 executing program 3:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000022c0)='/proc/diskstats\x00', 0x0, 0x0)
fsconfig$FSCONFIG_SET_FD(r0, 0x2, 0x0, 0x0, 0xffffffffffffffff)

01:09:17 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:09:17 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000080)='devpts\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='lowerdir=.:file0'])
mkdir(&(0x7f00000002c0)='./file1\x00', 0x0)
mkdir(&(0x7f0000000140)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./bus\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='upperdir=./bus,workdir=./file1,lowerdir=./file0'])
chdir(&(0x7f00000001c0)='./bus\x00')
rename(&(0x7f0000000000)='./bus\x00', &(0x7f0000000180)='./file1\x00')

[  569.681958][   T28] audit: type=1800 audit(1600736957.590:14): pid=11803 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=15752 res=0 errno=0
[  569.714987][T11798] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1)
01:09:17 executing program 4:
syz_mount_image$msdos(&(0x7f0000000040)='msdos\x00', &(0x7f00000003c0)='./file1\x00', 0x79d7, 0x1, &(0x7f0000000300)=[{&(0x7f0000000140)="040005090000000066617400040409000200027400f801", 0x17}], 0x90, &(0x7f0000000080)=ANY=[])
chdir(&(0x7f0000000000)='./file1\x00')
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
ftruncate(r0, 0x800)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8400fffffffa)

[  569.734984][   T28] audit: type=1804 audit(1600736957.640:15): pid=11805 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/35/file0/file0" dev="sda1" ino=15752 res=1 errno=0
01:09:17 executing program 3:
futex(&(0x7f000000cffc), 0x800000000006, 0x0, 0x0, 0x0, 0x0)

[  569.826023][T11804] EXT4-fs (loop1): bad geometry: block count 128 exceeds size of device (69 blocks)
[  570.173282][T11812] attempt to access beyond end of device
[  570.179459][T11812] loop4: rw=2049, want=66, limit=60
01:09:18 executing program 5:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae774529311452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb07ff85854dfc6adb6d3eae5b76064e90dab39e80df4b1d6bce693f9876b0eb2df1885653c837ac67ff4d11066eb224dae91b1818e3fae5d49d149c0bd5ea32ffe593748dddd917246644e6648940ea6fdac32054", 0x119}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x18, r0, 0x0, 0x0)

[  570.235037][   T28] audit: type=1804 audit(1600736958.140:16): pid=11814 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir319397440/syzkaller.P3GlO7/62/file1/bus" dev="loop4" ino=4 res=1 errno=0
[  570.261397][   T28] audit: type=1800 audit(1600736958.140:17): pid=11814 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed comm="syz-executor.4" name="bus" dev="loop4" ino=4 res=0 errno=0
01:09:18 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:09:18 executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(r0, r1, 0x0, 0xf03b0000)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

01:09:18 executing program 4:
r0 = socket$unix(0x1, 0x2, 0x0)
r1 = socket(0x10, 0x3, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = dup(r3)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x4000000000000, 0x40, &(0x7f0000000940)=@raw={'raw\x00', 0x2, 0x3, 0x2c8, 0x158, 0x0, 0x0, 0x158, 0x0, 0x230, 0x230, 0x230, 0x230, 0x230, 0x3, 0x0, {[{{@uncond=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0xf0, 0x158, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x0, 0x1, 0x0, 0x0, 0x0, 0x2000}}, @common=@unspec=@time={{0x38, 'time\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', 'syz1\x00'}}}], {{[], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x328)

[  570.672349][T11817] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
01:09:18 executing program 5:
syz_mount_image$msdos(&(0x7f0000000140)='msdos\x00', &(0x7f0000000000)='./file0\x00', 0xffc00007, 0x2, &(0x7f0000000240)=[{&(0x7f0000000040)="040800090000ff01e66174000404090a0200027400f8", 0x16}, {&(0x7f0000000280)="dbed7d4cac17", 0x6, 0x1f}], 0x0, &(0x7f0000000080)=ANY=[])
r0 = open(&(0x7f0000000300)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
write(r1, &(0x7f0000000600)='4', 0x1)

[  570.869626][T11826] ptrace attach of "/root/syz-executor.5"[11824] was attempted by "/root/syz-executor.5"[11826]
01:09:18 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x7ff}}, {@nolazytime='nolazytime'}]})

01:09:18 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000080)='devpts\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='lowerdir=.:file0'])
mkdir(&(0x7f00000002c0)='./file1\x00', 0x0)
mkdir(&(0x7f0000000140)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./bus\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='upperdir=./bus,workdir=./file1,lowerdir=./file0'])
chdir(&(0x7f00000001c0)='./bus\x00')
rename(&(0x7f0000000000)='./bus\x00', &(0x7f0000000180)='./file1\x00')

[  571.061495][T11829] EXT4-fs (loop1): bad geometry: block count 128 exceeds size of device (69 blocks)
01:09:19 executing program 4:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000340)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d87", 0xab}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r0, 0x0, 0x6)

01:09:19 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x0, 0x0, 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

[  571.480878][T11840] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1)
[  571.556545][   T28] audit: type=1800 audit(1600736959.460:18): pid=11840 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="loop5" ino=5 res=0 errno=0
[  571.713642][T11844] EXT4-fs (loop3): mounted filesystem without journal. Opts: auto_da_alloc=0x00000000000007ff,nolazytime,,errors=continue
01:09:19 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r0, 0x0, 0x321, 0x200007ff, &(0x7f0000deaff0)={0x2, 0x0, @loopback}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000000ac0)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f00000000c0)=""/199, 0xc7}], 0x1}}], 0x40003a0, 0x0, 0x0)

[  571.805997][T11853] ptrace attach of "/root/syz-executor.4"[11852] was attempted by "/root/syz-executor.4"[11853]
01:09:19 executing program 5:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae774529311452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb07ff85854dfc6adb6d3eae5b76064e90dab39e80df4b1d6bce693f9876b0eb2df1885653c837ac67ff4d11066eb224dae9", 0xf6}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x18, r0, 0x0, 0x0)

01:09:19 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000080)='devpts\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='lowerdir=.:file0'])
r0 = open(&(0x7f00000002c0)='./file0\x00', 0x0, 0x0)
lseek(r0, 0x0, 0x0)

[  571.949192][ T8553] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1)
01:09:20 executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(r0, r1, 0x0, 0xf03b0000)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

01:09:20 executing program 3:
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000100)={0x40000000, 0x0, &(0x7f00008feff0)={&(0x7f0000000000)={0x2, 0x16, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, [@sadb_x_policy={0x8, 0x12, 0x0, 0x0, 0x0, 0x0, 0x0, {0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @in6=@loopback, @in=@remote}}]}, 0x50}}, 0x0)

[  572.385027][T11859] not chained 50000 origins
[  572.389611][T11859] CPU: 0 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  572.398567][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  572.408634][T11859] Call Trace:
[  572.411948][T11859]  dump_stack+0x21c/0x280
[  572.416744][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  572.422492][T11859]  ? __msan_metadata_ptr_for_store_8+0x13/0x20
[  572.428688][T11859]  ? kmsan_get_metadata+0x116/0x180
[  572.433907][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  572.440273][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  572.446378][T11859]  ? _copy_from_user+0x201/0x310
[  572.451342][T11859]  ? kmsan_get_metadata+0x116/0x180
[  572.456567][T11859]  __msan_chain_origin+0x50/0x90
[  572.461533][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  572.466689][T11859]  get_compat_msghdr+0x108/0x2b0
[  572.471663][T11859]  do_recvmmsg+0xdbb/0x22b0
[  572.476200][T11859]  ? __msan_get_context_state+0x9/0x20
[  572.481708][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  572.487036][T11859]  ? kmsan_get_metadata+0x116/0x180
[  572.492279][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  572.497595][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  572.502408][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  572.507201][T11859]  __sys_recvmmsg+0x5dd/0x610
[  572.511910][T11859]  ? kmsan_get_metadata+0x116/0x180
[  572.517139][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  572.523585][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  572.529767][T11859]  __do_fast_syscall_32+0x129/0x180
[  572.534985][T11859]  do_fast_syscall_32+0x6a/0xc0
[  572.539863][T11859]  do_SYSENTER_32+0x73/0x90
[  572.544395][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  572.550902][T11859] RIP: 0023:0xf7ff7549
[  572.554979][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  572.575033][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  572.583478][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  572.591459][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  572.599439][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  572.607417][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  572.615396][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  572.623388][T11859] Uninit was stored to memory at:
[  572.628432][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  572.634157][T11859]  __msan_chain_origin+0x50/0x90
[  572.639116][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  572.644233][T11859]  get_compat_msghdr+0x108/0x2b0
[  572.649179][T11859]  do_recvmmsg+0xdbb/0x22b0
[  572.653786][T11859]  __sys_recvmmsg+0x5dd/0x610
[  572.658472][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  572.664557][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  572.670720][T11859]  __do_fast_syscall_32+0x129/0x180
[  572.675926][T11859]  do_fast_syscall_32+0x6a/0xc0
[  572.680788][T11859]  do_SYSENTER_32+0x73/0x90
[  572.685324][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  572.693208][T11859] 
[  572.695539][T11859] Uninit was stored to memory at:
[  572.700576][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  572.706303][T11859]  __msan_chain_origin+0x50/0x90
[  572.711249][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  572.716365][T11859]  get_compat_msghdr+0x108/0x2b0
[  572.721311][T11859]  do_recvmmsg+0xdbb/0x22b0
[  572.725825][T11859]  __sys_recvmmsg+0x5dd/0x610
[  572.730514][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  572.736588][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  572.742752][T11859]  __do_fast_syscall_32+0x129/0x180
[  572.747957][T11859]  do_fast_syscall_32+0x6a/0xc0
[  572.752812][T11859]  do_SYSENTER_32+0x73/0x90
[  572.757361][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  572.763676][T11859] 
[  572.766004][T11859] Uninit was stored to memory at:
[  572.771043][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  572.777225][T11859]  __msan_chain_origin+0x50/0x90
[  572.782175][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  572.787290][T11859]  get_compat_msghdr+0x108/0x2b0
[  572.792236][T11859]  do_recvmmsg+0xdbb/0x22b0
[  572.796756][T11859]  __sys_recvmmsg+0x5dd/0x610
[  572.801442][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  572.807953][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  572.814115][T11859]  __do_fast_syscall_32+0x129/0x180
[  572.819333][T11859]  do_fast_syscall_32+0x6a/0xc0
[  572.824190][T11859]  do_SYSENTER_32+0x73/0x90
[  572.828725][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  572.835040][T11859] 
[  572.837370][T11859] Uninit was stored to memory at:
[  572.842410][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  572.848139][T11859]  __msan_chain_origin+0x50/0x90
[  572.853086][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  572.858201][T11859]  get_compat_msghdr+0x108/0x2b0
[  572.863409][T11859]  do_recvmmsg+0xdbb/0x22b0
[  572.867920][T11859]  __sys_recvmmsg+0x5dd/0x610
[  572.872602][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  572.878674][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  572.884840][T11859]  __do_fast_syscall_32+0x129/0x180
[  572.890047][T11859]  do_fast_syscall_32+0x6a/0xc0
[  572.894902][T11859]  do_SYSENTER_32+0x73/0x90
[  572.899411][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  572.905731][T11859] 
[  572.908095][T11859] Uninit was stored to memory at:
[  572.913157][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  572.918890][T11859]  __msan_chain_origin+0x50/0x90
[  572.923851][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  572.928976][T11859]  get_compat_msghdr+0x108/0x2b0
[  572.933923][T11859]  do_recvmmsg+0xdbb/0x22b0
[  572.938435][T11859]  __sys_recvmmsg+0x5dd/0x610
[  572.943118][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  572.949218][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  572.955664][T11859]  __do_fast_syscall_32+0x129/0x180
[  572.960896][T11859]  do_fast_syscall_32+0x6a/0xc0
[  572.965752][T11859]  do_SYSENTER_32+0x73/0x90
[  572.970265][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  572.976582][T11859] 
[  572.978905][T11859] Uninit was stored to memory at:
[  572.984825][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  572.990563][T11859]  __msan_chain_origin+0x50/0x90
[  572.995506][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  573.000642][T11859]  get_compat_msghdr+0x108/0x2b0
[  573.005593][T11859]  do_recvmmsg+0xdbb/0x22b0
[  573.010128][T11859]  __sys_recvmmsg+0x5dd/0x610
[  573.014809][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  573.020883][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  573.027055][T11859]  __do_fast_syscall_32+0x129/0x180
[  573.032259][T11859]  do_fast_syscall_32+0x6a/0xc0
[  573.037118][T11859]  do_SYSENTER_32+0x73/0x90
[  573.041624][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  573.047939][T11859] 
[  573.050267][T11859] Uninit was stored to memory at:
[  573.055303][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  573.061036][T11859]  __msan_chain_origin+0x50/0x90
[  573.065982][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  573.071099][T11859]  get_compat_msghdr+0x108/0x2b0
[  573.076304][T11859]  do_recvmmsg+0xdbb/0x22b0
[  573.080813][T11859]  __sys_recvmmsg+0x5dd/0x610
[  573.085499][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  573.091591][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  573.097761][T11859]  __do_fast_syscall_32+0x129/0x180
[  573.102967][T11859]  do_fast_syscall_32+0x6a/0xc0
[  573.107834][T11859]  do_SYSENTER_32+0x73/0x90
[  573.112357][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  573.118674][T11859] 
[  573.121009][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  573.127694][T11859]  do_recvmmsg+0xbf/0x22b0
[  573.132124][T11859]  do_recvmmsg+0xbf/0x22b0
01:09:21 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x0, 0x0, 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:09:21 executing program 5:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e23, @multicast1}, 0x10)
r1 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3e, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x7, 0x0, 0x0, 0x0, 0x0, 0x3, 0x16088, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r1, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r2, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, r2)
sendto$inet(r0, 0x0, 0x10b, 0x200007fe, &(0x7f0000000100)={0x2, 0x10004e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10)

[  573.300859][T11867] ptrace attach of "/root/syz-executor.5"[11865] was attempted by "/root/syz-executor.5"[11867]
01:09:21 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2}, 0x0)
socket$inet6(0xa, 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0)
pipe(&(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
fcntl$setpipe(r2, 0x407, 0x0)
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, 0x0, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x0, 0x6}, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f00000002c0)='fdinfo/4\x00')
preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0)
ioctl$TUNSETGROUP(r3, 0x400454ce, 0x0)

01:09:21 executing program 3:
futex(0x0, 0xc, 0xfffffffd, 0x0, 0x0, 0x0)

01:09:21 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x0, 0x0, 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:09:22 executing program 5:
futex(0x0, 0xa69d44f34c6e7949, 0x0, 0x0, 0x0, 0x0)

01:09:22 executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(r0, r1, 0x0, 0xf03b0000)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

[  575.602813][T11859] not chained 60000 origins
[  575.607382][T11859] CPU: 1 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  575.616050][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  575.626113][T11859] Call Trace:
[  575.629426][T11859]  dump_stack+0x21c/0x280
[  575.633785][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  575.639561][T11859]  ? kmsan_get_metadata+0x116/0x180
[  575.644770][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  575.650310][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  575.656394][T11859]  ? _copy_from_user+0x201/0x310
[  575.661356][T11859]  ? kmsan_get_metadata+0x116/0x180
[  575.666582][T11859]  __msan_chain_origin+0x50/0x90
[  575.671543][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  575.676697][T11859]  get_compat_msghdr+0x108/0x2b0
[  575.681674][T11859]  do_recvmmsg+0xdbb/0x22b0
[  575.686247][T11859]  ? __msan_get_context_state+0x9/0x20
[  575.691750][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  575.697069][T11859]  ? kmsan_get_metadata+0x116/0x180
[  575.702362][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  575.707677][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  575.712455][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  575.717261][T11859]  __sys_recvmmsg+0x5dd/0x610
[  575.722318][T11859]  ? kmsan_get_metadata+0x116/0x180
[  575.727542][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  575.733648][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  575.739848][T11859]  __do_fast_syscall_32+0x129/0x180
[  575.745072][T11859]  do_fast_syscall_32+0x6a/0xc0
[  575.749947][T11859]  do_SYSENTER_32+0x73/0x90
[  575.754482][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  575.760821][T11859] RIP: 0023:0xf7ff7549
[  575.764902][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  575.784521][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  575.792974][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  575.800959][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  575.808946][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  575.816937][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  575.824919][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  575.832920][T11859] Uninit was stored to memory at:
[  575.837966][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  575.843700][T11859]  __msan_chain_origin+0x50/0x90
[  575.848655][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  575.853800][T11859]  get_compat_msghdr+0x108/0x2b0
[  575.858751][T11859]  do_recvmmsg+0xdbb/0x22b0
[  575.863269][T11859]  __sys_recvmmsg+0x5dd/0x610
[  575.867962][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  575.874963][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  575.881154][T11859]  __do_fast_syscall_32+0x129/0x180
[  575.886366][T11859]  do_fast_syscall_32+0x6a/0xc0
[  575.891251][T11859]  do_SYSENTER_32+0x73/0x90
[  575.895775][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  575.902097][T11859] 
[  575.904428][T11859] Uninit was stored to memory at:
[  575.909471][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  575.915229][T11859]  __msan_chain_origin+0x50/0x90
[  575.920186][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  575.925307][T11859]  get_compat_msghdr+0x108/0x2b0
[  575.930283][T11859]  do_recvmmsg+0xdbb/0x22b0
[  575.934798][T11859]  __sys_recvmmsg+0x5dd/0x610
[  575.939485][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  575.945565][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  575.951752][T11859]  __do_fast_syscall_32+0x129/0x180
[  575.956962][T11859]  do_fast_syscall_32+0x6a/0xc0
[  575.962088][T11859]  do_SYSENTER_32+0x73/0x90
[  575.966609][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  575.972934][T11859] 
[  575.975262][T11859] Uninit was stored to memory at:
[  575.980303][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  575.986035][T11859]  __msan_chain_origin+0x50/0x90
[  575.990986][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  575.996104][T11859]  get_compat_msghdr+0x108/0x2b0
[  576.001052][T11859]  do_recvmmsg+0xdbb/0x22b0
[  576.005568][T11859]  __sys_recvmmsg+0x5dd/0x610
[  576.010258][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  576.016334][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  576.022498][T11859]  __do_fast_syscall_32+0x129/0x180
[  576.027707][T11859]  do_fast_syscall_32+0x6a/0xc0
[  576.032571][T11859]  do_SYSENTER_32+0x73/0x90
[  576.037089][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  576.043409][T11859] 
[  576.045737][T11859] Uninit was stored to memory at:
[  576.050780][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  576.056511][T11859]  __msan_chain_origin+0x50/0x90
[  576.061457][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  576.066577][T11859]  get_compat_msghdr+0x108/0x2b0
[  576.071526][T11859]  do_recvmmsg+0xdbb/0x22b0
[  576.076040][T11859]  __sys_recvmmsg+0x5dd/0x610
[  576.080726][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  576.086810][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  576.092978][T11859]  __do_fast_syscall_32+0x129/0x180
[  576.098190][T11859]  do_fast_syscall_32+0x6a/0xc0
[  576.103051][T11859]  do_SYSENTER_32+0x73/0x90
[  576.107576][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  576.113899][T11859] 
[  576.116228][T11859] Uninit was stored to memory at:
[  576.121271][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  576.127005][T11859]  __msan_chain_origin+0x50/0x90
[  576.131951][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  576.137073][T11859]  get_compat_msghdr+0x108/0x2b0
[  576.142023][T11859]  do_recvmmsg+0xdbb/0x22b0
[  576.146537][T11859]  __sys_recvmmsg+0x5dd/0x610
[  576.151225][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  576.157310][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  576.163484][T11859]  __do_fast_syscall_32+0x129/0x180
[  576.168699][T11859]  do_fast_syscall_32+0x6a/0xc0
[  576.173560][T11859]  do_SYSENTER_32+0x73/0x90
[  576.178078][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  576.184405][T11859] 
[  576.186736][T11859] Uninit was stored to memory at:
[  576.191777][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  576.197512][T11859]  __msan_chain_origin+0x50/0x90
[  576.202493][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  576.207636][T11859]  get_compat_msghdr+0x108/0x2b0
[  576.212608][T11859]  do_recvmmsg+0xdbb/0x22b0
[  576.217150][T11859]  __sys_recvmmsg+0x5dd/0x610
[  576.221849][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  576.227926][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  576.234100][T11859]  __do_fast_syscall_32+0x129/0x180
[  576.239309][T11859]  do_fast_syscall_32+0x6a/0xc0
[  576.244173][T11859]  do_SYSENTER_32+0x73/0x90
[  576.248698][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  576.255023][T11859] 
[  576.257353][T11859] Uninit was stored to memory at:
[  576.262395][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  576.268130][T11859]  __msan_chain_origin+0x50/0x90
[  576.273098][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  576.278219][T11859]  get_compat_msghdr+0x108/0x2b0
[  576.283197][T11859]  do_recvmmsg+0xdbb/0x22b0
[  576.287718][T11859]  __sys_recvmmsg+0x5dd/0x610
[  576.292406][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  576.298485][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  576.304653][T11859]  __do_fast_syscall_32+0x129/0x180
[  576.309865][T11859]  do_fast_syscall_32+0x6a/0xc0
[  576.314748][T11859]  do_SYSENTER_32+0x73/0x90
[  576.319264][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  576.325600][T11859] 
[  576.327938][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  576.334805][T11859]  do_recvmmsg+0xbf/0x22b0
[  576.339257][T11859]  do_recvmmsg+0xbf/0x22b0
[  576.758471][T11859] not chained 70000 origins
[  576.763031][T11859] CPU: 1 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  576.771710][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  576.781767][T11859] Call Trace:
[  576.785097][T11859]  dump_stack+0x21c/0x280
[  576.789460][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  576.795235][T11859]  ? kmsan_get_metadata+0x116/0x180
[  576.800458][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  576.806029][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  576.812127][T11859]  ? _copy_from_user+0x201/0x310
[  576.817091][T11859]  ? kmsan_get_metadata+0x116/0x180
[  576.822397][T11859]  __msan_chain_origin+0x50/0x90
[  576.827369][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  576.832523][T11859]  get_compat_msghdr+0x108/0x2b0
[  576.837502][T11859]  do_recvmmsg+0xdbb/0x22b0
[  576.842046][T11859]  ? __msan_get_context_state+0x9/0x20
[  576.847558][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  576.852878][T11859]  ? kmsan_get_metadata+0x116/0x180
[  576.858111][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  576.863426][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  576.868223][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  576.873014][T11859]  __sys_recvmmsg+0x5dd/0x610
[  576.877727][T11859]  ? kmsan_get_metadata+0x116/0x180
[  576.882949][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  576.889043][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  576.895225][T11859]  __do_fast_syscall_32+0x129/0x180
[  576.900448][T11859]  do_fast_syscall_32+0x6a/0xc0
[  576.905316][T11859]  do_SYSENTER_32+0x73/0x90
[  576.909843][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  576.916375][T11859] RIP: 0023:0xf7ff7549
[  576.920464][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  576.940086][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  576.948513][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  576.956497][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  576.964481][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  576.972483][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  576.980469][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  576.988467][T11859] Uninit was stored to memory at:
[  576.993512][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  576.999242][T11859]  __msan_chain_origin+0x50/0x90
[  577.004192][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  577.009319][T11859]  get_compat_msghdr+0x108/0x2b0
[  577.014270][T11859]  do_recvmmsg+0xdbb/0x22b0
[  577.018787][T11859]  __sys_recvmmsg+0x5dd/0x610
[  577.023478][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  577.029554][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  577.035722][T11859]  __do_fast_syscall_32+0x129/0x180
[  577.040935][T11859]  do_fast_syscall_32+0x6a/0xc0
[  577.046499][T11859]  do_SYSENTER_32+0x73/0x90
[  577.051016][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  577.057347][T11859] 
[  577.059679][T11859] Uninit was stored to memory at:
[  577.064721][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  577.070475][T11859]  __msan_chain_origin+0x50/0x90
[  577.075425][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  577.080550][T11859]  get_compat_msghdr+0x108/0x2b0
[  577.085502][T11859]  do_recvmmsg+0xdbb/0x22b0
[  577.090266][T11859]  __sys_recvmmsg+0x5dd/0x610
[  577.094959][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  577.101391][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  577.107562][T11859]  __do_fast_syscall_32+0x129/0x180
[  577.112899][T11859]  do_fast_syscall_32+0x6a/0xc0
[  577.117762][T11859]  do_SYSENTER_32+0x73/0x90
[  577.122279][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  577.128601][T11859] 
[  577.130930][T11859] Uninit was stored to memory at:
[  577.135969][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  577.141705][T11859]  __msan_chain_origin+0x50/0x90
[  577.146650][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  577.151790][T11859]  get_compat_msghdr+0x108/0x2b0
[  577.156742][T11859]  do_recvmmsg+0xdbb/0x22b0
[  577.161257][T11859]  __sys_recvmmsg+0x5dd/0x610
[  577.165946][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  577.172022][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  577.178191][T11859]  __do_fast_syscall_32+0x129/0x180
[  577.183401][T11859]  do_fast_syscall_32+0x6a/0xc0
[  577.188264][T11859]  do_SYSENTER_32+0x73/0x90
[  577.192777][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  577.199117][T11859] 
[  577.201464][T11859] Uninit was stored to memory at:
[  577.206510][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  577.212239][T11859]  __msan_chain_origin+0x50/0x90
[  577.217192][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  577.222316][T11859]  get_compat_msghdr+0x108/0x2b0
[  577.227267][T11859]  do_recvmmsg+0xdbb/0x22b0
[  577.231782][T11859]  __sys_recvmmsg+0x5dd/0x610
[  577.236473][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  577.242554][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  577.248739][T11859]  __do_fast_syscall_32+0x129/0x180
[  577.253948][T11859]  do_fast_syscall_32+0x6a/0xc0
[  577.258827][T11859]  do_SYSENTER_32+0x73/0x90
[  577.263343][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  577.269663][T11859] 
[  577.271994][T11859] Uninit was stored to memory at:
[  577.277039][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  577.282780][T11859]  __msan_chain_origin+0x50/0x90
[  577.287731][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  577.292859][T11859]  get_compat_msghdr+0x108/0x2b0
[  577.297810][T11859]  do_recvmmsg+0xdbb/0x22b0
[  577.302323][T11859]  __sys_recvmmsg+0x5dd/0x610
[  577.307009][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  577.313779][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  577.319946][T11859]  __do_fast_syscall_32+0x129/0x180
[  577.325241][T11859]  do_fast_syscall_32+0x6a/0xc0
[  577.330125][T11859]  do_SYSENTER_32+0x73/0x90
[  577.334649][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  577.340969][T11859] 
[  577.343300][T11859] Uninit was stored to memory at:
[  577.348360][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  577.354099][T11859]  __msan_chain_origin+0x50/0x90
[  577.359049][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  577.364173][T11859]  get_compat_msghdr+0x108/0x2b0
[  577.369148][T11859]  do_recvmmsg+0xdbb/0x22b0
[  577.373668][T11859]  __sys_recvmmsg+0x5dd/0x610
[  577.378371][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  577.384551][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  577.390776][T11859]  __do_fast_syscall_32+0x129/0x180
[  577.395988][T11859]  do_fast_syscall_32+0x6a/0xc0
[  577.400866][T11859]  do_SYSENTER_32+0x73/0x90
[  577.405402][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  577.411729][T11859] 
[  577.414061][T11859] Uninit was stored to memory at:
[  577.419113][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  577.424849][T11859]  __msan_chain_origin+0x50/0x90
[  577.429823][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  577.434962][T11859]  get_compat_msghdr+0x108/0x2b0
[  577.439914][T11859]  do_recvmmsg+0xdbb/0x22b0
[  577.444434][T11859]  __sys_recvmmsg+0x5dd/0x610
[  577.449132][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  577.455207][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  577.461378][T11859]  __do_fast_syscall_32+0x129/0x180
[  577.466615][T11859]  do_fast_syscall_32+0x6a/0xc0
[  577.471476][T11859]  do_SYSENTER_32+0x73/0x90
[  577.475992][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  577.482340][T11859] 
[  577.484679][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  577.491367][T11859]  do_recvmmsg+0xbf/0x22b0
[  577.495811][T11859]  do_recvmmsg+0xbf/0x22b0
[  577.794872][T11859] not chained 80000 origins
[  577.799431][T11859] CPU: 1 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  577.808976][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  577.819040][T11859] Call Trace:
[  577.822387][T11859]  dump_stack+0x21c/0x280
[  577.826773][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  577.832569][T11859]  ? kmsan_get_metadata+0x116/0x180
[  577.837795][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  577.843388][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  577.850179][T11859]  ? _copy_from_user+0x201/0x310
[  577.855148][T11859]  ? kmsan_get_metadata+0x116/0x180
[  577.860368][T11859]  __msan_chain_origin+0x50/0x90
[  577.865329][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  577.870485][T11859]  get_compat_msghdr+0x108/0x2b0
[  577.875737][T11859]  do_recvmmsg+0xdbb/0x22b0
[  577.880282][T11859]  ? __msan_get_context_state+0x9/0x20
[  577.885780][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  577.891100][T11859]  ? kmsan_get_metadata+0x116/0x180
[  577.896330][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  577.901638][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  577.906460][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  577.911250][T11859]  __sys_recvmmsg+0x5dd/0x610
[  577.915964][T11859]  ? kmsan_get_metadata+0x116/0x180
[  577.921188][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  577.927636][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  577.933829][T11859]  __do_fast_syscall_32+0x129/0x180
[  577.939060][T11859]  do_fast_syscall_32+0x6a/0xc0
[  577.943936][T11859]  do_SYSENTER_32+0x73/0x90
[  577.948465][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  577.954803][T11859] RIP: 0023:0xf7ff7549
[  577.958886][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  577.978506][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  577.986946][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  577.994930][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  578.002913][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  578.010897][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  578.018879][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  578.026877][T11859] Uninit was stored to memory at:
[  578.031923][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  578.037654][T11859]  __msan_chain_origin+0x50/0x90
[  578.043035][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  578.048155][T11859]  get_compat_msghdr+0x108/0x2b0
[  578.053104][T11859]  do_recvmmsg+0xdbb/0x22b0
[  578.057624][T11859]  __sys_recvmmsg+0x5dd/0x610
[  578.062310][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  578.068391][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  578.074556][T11859]  __do_fast_syscall_32+0x129/0x180
[  578.079765][T11859]  do_fast_syscall_32+0x6a/0xc0
[  578.084711][T11859]  do_SYSENTER_32+0x73/0x90
[  578.089245][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  578.095575][T11859] 
[  578.097899][T11859] Uninit was stored to memory at:
[  578.102939][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  578.108669][T11859]  __msan_chain_origin+0x50/0x90
[  578.113617][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  578.118735][T11859]  get_compat_msghdr+0x108/0x2b0
[  578.123686][T11859]  do_recvmmsg+0xdbb/0x22b0
[  578.128200][T11859]  __sys_recvmmsg+0x5dd/0x610
[  578.132906][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  578.138983][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  578.145150][T11859]  __do_fast_syscall_32+0x129/0x180
[  578.150363][T11859]  do_fast_syscall_32+0x6a/0xc0
[  578.155225][T11859]  do_SYSENTER_32+0x73/0x90
[  578.159740][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  578.166060][T11859] 
[  578.168392][T11859] Uninit was stored to memory at:
[  578.173449][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  578.179181][T11859]  __msan_chain_origin+0x50/0x90
[  578.184135][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  578.189262][T11859]  get_compat_msghdr+0x108/0x2b0
[  578.194225][T11859]  do_recvmmsg+0xdbb/0x22b0
[  578.198737][T11859]  __sys_recvmmsg+0x5dd/0x610
[  578.203457][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  578.209543][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  578.215719][T11859]  __do_fast_syscall_32+0x129/0x180
[  578.221069][T11859]  do_fast_syscall_32+0x6a/0xc0
[  578.225984][T11859]  do_SYSENTER_32+0x73/0x90
[  578.230504][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  578.236829][T11859] 
[  578.239160][T11859] Uninit was stored to memory at:
[  578.244203][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  578.249941][T11859]  __msan_chain_origin+0x50/0x90
[  578.254893][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  578.260027][T11859]  get_compat_msghdr+0x108/0x2b0
[  578.264979][T11859]  do_recvmmsg+0xdbb/0x22b0
[  578.269493][T11859]  __sys_recvmmsg+0x5dd/0x610
[  578.274187][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  578.280289][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  578.286458][T11859]  __do_fast_syscall_32+0x129/0x180
[  578.291665][T11859]  do_fast_syscall_32+0x6a/0xc0
[  578.296529][T11859]  do_SYSENTER_32+0x73/0x90
[  578.301045][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  578.307379][T11859] 
[  578.309732][T11859] Uninit was stored to memory at:
[  578.314775][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  578.320506][T11859]  __msan_chain_origin+0x50/0x90
[  578.325494][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  578.330620][T11859]  get_compat_msghdr+0x108/0x2b0
[  578.335574][T11859]  do_recvmmsg+0xdbb/0x22b0
[  578.340087][T11859]  __sys_recvmmsg+0x5dd/0x610
[  578.344780][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  578.350871][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  578.357051][T11859]  __do_fast_syscall_32+0x129/0x180
[  578.362269][T11859]  do_fast_syscall_32+0x6a/0xc0
[  578.367136][T11859]  do_SYSENTER_32+0x73/0x90
[  578.371659][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  578.377984][T11859] 
[  578.380318][T11859] Uninit was stored to memory at:
[  578.385360][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  578.391103][T11859]  __msan_chain_origin+0x50/0x90
[  578.396071][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  578.401189][T11859]  get_compat_msghdr+0x108/0x2b0
[  578.406148][T11859]  do_recvmmsg+0xdbb/0x22b0
[  578.410683][T11859]  __sys_recvmmsg+0x5dd/0x610
[  578.415376][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  578.422407][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  578.428589][T11859]  __do_fast_syscall_32+0x129/0x180
[  578.433800][T11859]  do_fast_syscall_32+0x6a/0xc0
[  578.438668][T11859]  do_SYSENTER_32+0x73/0x90
[  578.443188][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  578.449511][T11859] 
[  578.451841][T11859] Uninit was stored to memory at:
[  578.456886][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  578.462624][T11859]  __msan_chain_origin+0x50/0x90
[  578.467575][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  578.472718][T11859]  get_compat_msghdr+0x108/0x2b0
[  578.477671][T11859]  do_recvmmsg+0xdbb/0x22b0
[  578.482191][T11859]  __sys_recvmmsg+0x5dd/0x610
[  578.486883][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  578.492966][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  578.499241][T11859]  __do_fast_syscall_32+0x129/0x180
[  578.504456][T11859]  do_fast_syscall_32+0x6a/0xc0
[  578.509328][T11859]  do_SYSENTER_32+0x73/0x90
[  578.513847][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  578.520169][T11859] 
[  578.522501][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  578.529626][T11859]  do_recvmmsg+0xbf/0x22b0
[  578.534057][T11859]  do_recvmmsg+0xbf/0x22b0
[  578.765058][T11859] not chained 90000 origins
[  578.769633][T11859] CPU: 1 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  578.779022][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  578.789092][T11859] Call Trace:
[  578.792411][T11859]  dump_stack+0x21c/0x280
[  578.796777][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  578.802566][T11859]  ? kmsan_get_metadata+0x116/0x180
[  578.807807][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  578.813399][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  578.819503][T11859]  ? _copy_from_user+0x201/0x310
[  578.824482][T11859]  ? kmsan_get_metadata+0x116/0x180
[  578.829708][T11859]  __msan_chain_origin+0x50/0x90
[  578.834674][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  578.839837][T11859]  get_compat_msghdr+0x108/0x2b0
[  578.844809][T11859]  do_recvmmsg+0xdbb/0x22b0
[  578.849367][T11859]  ? __msan_get_context_state+0x9/0x20
[  578.854866][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  578.860201][T11859]  ? kmsan_get_metadata+0x116/0x180
[  578.865429][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  578.870744][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  578.875533][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  578.880346][T11859]  __sys_recvmmsg+0x5dd/0x610
[  578.885057][T11859]  ? kmsan_get_metadata+0x116/0x180
[  578.890296][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  578.896399][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  578.902577][T11859]  __do_fast_syscall_32+0x129/0x180
[  578.907802][T11859]  do_fast_syscall_32+0x6a/0xc0
[  578.912682][T11859]  do_SYSENTER_32+0x73/0x90
[  578.917241][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  578.923582][T11859] RIP: 0023:0xf7ff7549
[  578.927667][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  578.947295][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  578.955817][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  578.963806][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  578.971792][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  578.979785][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  578.987777][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  578.995784][T11859] Uninit was stored to memory at:
[  579.000851][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  579.006587][T11859]  __msan_chain_origin+0x50/0x90
[  579.011539][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  579.016663][T11859]  get_compat_msghdr+0x108/0x2b0
[  579.021614][T11859]  do_recvmmsg+0xdbb/0x22b0
[  579.026134][T11859]  __sys_recvmmsg+0x5dd/0x610
[  579.030826][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  579.036904][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  579.043074][T11859]  __do_fast_syscall_32+0x129/0x180
[  579.048290][T11859]  do_fast_syscall_32+0x6a/0xc0
[  579.053158][T11859]  do_SYSENTER_32+0x73/0x90
[  579.057696][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  579.064025][T11859] 
[  579.066354][T11859] Uninit was stored to memory at:
[  579.071397][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  579.077132][T11859]  __msan_chain_origin+0x50/0x90
[  579.082080][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  579.087205][T11859]  get_compat_msghdr+0x108/0x2b0
[  579.094980][T11859]  do_recvmmsg+0xdbb/0x22b0
[  579.099501][T11859]  __sys_recvmmsg+0x5dd/0x610
[  579.104200][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  579.110286][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  579.116467][T11859]  __do_fast_syscall_32+0x129/0x180
[  579.121685][T11859]  do_fast_syscall_32+0x6a/0xc0
[  579.126561][T11859]  do_SYSENTER_32+0x73/0x90
[  579.133376][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  579.139918][T11859] 
[  579.142256][T11859] Uninit was stored to memory at:
[  579.147318][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  579.153066][T11859]  __msan_chain_origin+0x50/0x90
[  579.158027][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  579.163288][T11859]  get_compat_msghdr+0x108/0x2b0
[  579.168248][T11859]  do_recvmmsg+0xdbb/0x22b0
[  579.172768][T11859]  __sys_recvmmsg+0x5dd/0x610
[  579.177458][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  579.183538][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  579.189709][T11859]  __do_fast_syscall_32+0x129/0x180
[  579.194926][T11859]  do_fast_syscall_32+0x6a/0xc0
[  579.199788][T11859]  do_SYSENTER_32+0x73/0x90
[  579.204307][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  579.211033][T11859] 
[  579.214150][T11859] Uninit was stored to memory at:
[  579.219209][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  579.224970][T11859]  __msan_chain_origin+0x50/0x90
[  579.229926][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  579.235070][T11859]  get_compat_msghdr+0x108/0x2b0
[  579.240025][T11859]  do_recvmmsg+0xdbb/0x22b0
[  579.244584][T11859]  __sys_recvmmsg+0x5dd/0x610
[  579.249293][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  579.255380][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  579.261839][T11859]  __do_fast_syscall_32+0x129/0x180
[  579.267053][T11859]  do_fast_syscall_32+0x6a/0xc0
[  579.271924][T11859]  do_SYSENTER_32+0x73/0x90
[  579.276443][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  579.282765][T11859] 
[  579.285093][T11859] Uninit was stored to memory at:
[  579.290138][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  579.295879][T11859]  __msan_chain_origin+0x50/0x90
[  579.300830][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  579.305955][T11859]  get_compat_msghdr+0x108/0x2b0
[  579.310907][T11859]  do_recvmmsg+0xdbb/0x22b0
[  579.315448][T11859]  __sys_recvmmsg+0x5dd/0x610
[  579.320138][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  579.326225][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  579.332409][T11859]  __do_fast_syscall_32+0x129/0x180
[  579.337631][T11859]  do_fast_syscall_32+0x6a/0xc0
[  579.342502][T11859]  do_SYSENTER_32+0x73/0x90
[  579.347027][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  579.353376][T11859] 
[  579.356669][T11859] Uninit was stored to memory at:
[  579.361719][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  579.367462][T11859]  __msan_chain_origin+0x50/0x90
[  579.372422][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  579.377547][T11859]  get_compat_msghdr+0x108/0x2b0
[  579.382503][T11859]  do_recvmmsg+0xdbb/0x22b0
[  579.387018][T11859]  __sys_recvmmsg+0x5dd/0x610
[  579.391726][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  579.397810][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  579.403978][T11859]  __do_fast_syscall_32+0x129/0x180
[  579.409189][T11859]  do_fast_syscall_32+0x6a/0xc0
[  579.414052][T11859]  do_SYSENTER_32+0x73/0x90
[  579.418579][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  579.424899][T11859] 
[  579.427230][T11859] Uninit was stored to memory at:
[  579.432279][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  579.438028][T11859]  __msan_chain_origin+0x50/0x90
[  579.442974][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  579.448095][T11859]  get_compat_msghdr+0x108/0x2b0
[  579.453044][T11859]  do_recvmmsg+0xdbb/0x22b0
[  579.457559][T11859]  __sys_recvmmsg+0x5dd/0x610
[  579.462253][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  579.468331][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  579.474497][T11859]  __do_fast_syscall_32+0x129/0x180
[  579.479706][T11859]  do_fast_syscall_32+0x6a/0xc0
[  579.484577][T11859]  do_SYSENTER_32+0x73/0x90
[  579.489104][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  579.495451][T11859] 
[  579.497786][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  579.504480][T11859]  do_recvmmsg+0xbf/0x22b0
[  579.508911][T11859]  do_recvmmsg+0xbf/0x22b0
[  579.756133][ T8691] Bluetooth: hci3: command 0x0406 tx timeout
[  580.428702][T11859] not chained 100000 origins
[  580.433357][T11859] CPU: 1 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  580.442031][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  580.452791][T11859] Call Trace:
[  580.456231][T11859]  dump_stack+0x21c/0x280
[  580.460598][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  580.466364][T11859]  ? kmsan_get_shadow_origin_ptr+0x81/0xb0
[  580.472236][T11859]  ? kmsan_get_metadata+0x116/0x180
[  580.477463][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  580.483033][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  580.489124][T11859]  ? _copy_from_user+0x201/0x310
[  580.494111][T11859]  ? kmsan_get_metadata+0x116/0x180
[  580.499333][T11859]  __msan_chain_origin+0x50/0x90
[  580.504294][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  580.509452][T11859]  get_compat_msghdr+0x108/0x2b0
[  580.514428][T11859]  do_recvmmsg+0xdbb/0x22b0
[  580.518958][T11859]  ? __msan_get_context_state+0x9/0x20
[  580.524456][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  580.529777][T11859]  ? kmsan_get_metadata+0x116/0x180
[  580.535286][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  580.540595][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  580.545383][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  580.550175][T11859]  __sys_recvmmsg+0x5dd/0x610
[  580.554880][T11859]  ? kmsan_get_metadata+0x116/0x180
[  580.560102][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  580.566201][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  580.572376][T11859]  __do_fast_syscall_32+0x129/0x180
[  580.577605][T11859]  do_fast_syscall_32+0x6a/0xc0
[  580.582493][T11859]  do_SYSENTER_32+0x73/0x90
[  580.587040][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  580.593383][T11859] RIP: 0023:0xf7ff7549
[  580.597467][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  580.617091][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  580.625536][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  580.633531][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  580.641531][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  580.649519][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  580.657510][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  580.665513][T11859] Uninit was stored to memory at:
[  580.670573][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  580.676333][T11859]  __msan_chain_origin+0x50/0x90
[  580.681290][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  580.686414][T11859]  get_compat_msghdr+0x108/0x2b0
[  580.691409][T11859]  do_recvmmsg+0xdbb/0x22b0
[  580.695930][T11859]  __sys_recvmmsg+0x5dd/0x610
[  580.700625][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  580.706745][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  580.712941][T11859]  __do_fast_syscall_32+0x129/0x180
[  580.718193][T11859]  do_fast_syscall_32+0x6a/0xc0
[  580.723069][T11859]  do_SYSENTER_32+0x73/0x90
[  580.727596][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  580.733922][T11859] 
[  580.736253][T11859] Uninit was stored to memory at:
[  580.741319][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  580.747511][T11859]  __msan_chain_origin+0x50/0x90
[  580.752493][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  580.757643][T11859]  get_compat_msghdr+0x108/0x2b0
[  580.762598][T11859]  do_recvmmsg+0xdbb/0x22b0
[  580.767114][T11859]  __sys_recvmmsg+0x5dd/0x610
[  580.771813][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  580.777898][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  580.784075][T11859]  __do_fast_syscall_32+0x129/0x180
[  580.789297][T11859]  do_fast_syscall_32+0x6a/0xc0
[  580.794159][T11859]  do_SYSENTER_32+0x73/0x90
[  580.798675][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  580.804997][T11859] 
[  580.807325][T11859] Uninit was stored to memory at:
[  580.812367][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  580.818099][T11859]  __msan_chain_origin+0x50/0x90
[  580.823049][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  580.828189][T11859]  get_compat_msghdr+0x108/0x2b0
[  580.833141][T11859]  do_recvmmsg+0xdbb/0x22b0
[  580.837655][T11859]  __sys_recvmmsg+0x5dd/0x610
[  580.842344][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  580.848424][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  580.854588][T11859]  __do_fast_syscall_32+0x129/0x180
[  580.859801][T11859]  do_fast_syscall_32+0x6a/0xc0
[  580.864671][T11859]  do_SYSENTER_32+0x73/0x90
[  580.869187][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  580.875511][T11859] 
[  580.877876][T11859] Uninit was stored to memory at:
[  580.883947][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  580.889668][T11859]  __msan_chain_origin+0x50/0x90
[  580.894604][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  580.899712][T11859]  get_compat_msghdr+0x108/0x2b0
[  580.904650][T11859]  do_recvmmsg+0xdbb/0x22b0
[  580.909147][T11859]  __sys_recvmmsg+0x5dd/0x610
[  580.913808][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  580.919861][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  580.926122][T11859]  __do_fast_syscall_32+0x129/0x180
[  580.931307][T11859]  do_fast_syscall_32+0x6a/0xc0
[  580.936176][T11859]  do_SYSENTER_32+0x73/0x90
[  580.940699][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  580.947001][T11859] 
[  580.949309][T11859] Uninit was stored to memory at:
[  580.954361][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  580.960070][T11859]  __msan_chain_origin+0x50/0x90
[  580.965011][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  580.970111][T11859]  get_compat_msghdr+0x108/0x2b0
[  580.975045][T11859]  do_recvmmsg+0xdbb/0x22b0
[  580.979539][T11859]  __sys_recvmmsg+0x5dd/0x610
[  580.984203][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  580.990259][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  580.996400][T11859]  __do_fast_syscall_32+0x129/0x180
[  581.001586][T11859]  do_fast_syscall_32+0x6a/0xc0
[  581.006440][T11859]  do_SYSENTER_32+0x73/0x90
[  581.010955][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  581.017273][T11859] 
[  581.019579][T11859] Uninit was stored to memory at:
[  581.024606][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  581.030312][T11859]  __msan_chain_origin+0x50/0x90
[  581.035244][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  581.040364][T11859]  get_compat_msghdr+0x108/0x2b0
[  581.045322][T11859]  do_recvmmsg+0xdbb/0x22b0
[  581.049826][T11859]  __sys_recvmmsg+0x5dd/0x610
[  581.054484][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  581.060549][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  581.066689][T11859]  __do_fast_syscall_32+0x129/0x180
[  581.071876][T11859]  do_fast_syscall_32+0x6a/0xc0
[  581.076725][T11859]  do_SYSENTER_32+0x73/0x90
[  581.081231][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  581.087544][T11859] 
[  581.089850][T11859] Uninit was stored to memory at:
[  581.094863][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  581.100568][T11859]  __msan_chain_origin+0x50/0x90
[  581.105500][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  581.110618][T11859]  get_compat_msghdr+0x108/0x2b0
[  581.115557][T11859]  do_recvmmsg+0xdbb/0x22b0
[  581.120068][T11859]  __sys_recvmmsg+0x5dd/0x610
[  581.124744][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  581.130884][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  581.137031][T11859]  __do_fast_syscall_32+0x129/0x180
[  581.142213][T11859]  do_fast_syscall_32+0x6a/0xc0
[  581.147049][T11859]  do_SYSENTER_32+0x73/0x90
[  581.151554][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  581.157864][T11859] 
[  581.160247][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  581.167167][T11859]  do_recvmmsg+0xbf/0x22b0
[  581.171572][T11859]  do_recvmmsg+0xbf/0x22b0
[  581.415165][T11859] not chained 110000 origins
[  581.419836][T11859] CPU: 0 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  581.428533][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  581.438594][T11859] Call Trace:
[  581.441909][T11859]  dump_stack+0x21c/0x280
[  581.446291][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  581.452086][T11859]  ? kmsan_get_metadata+0x116/0x180
[  581.458092][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  581.463665][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  581.469760][T11859]  ? _copy_from_user+0x201/0x310
[  581.475244][T11859]  ? kmsan_get_metadata+0x116/0x180
[  581.480467][T11859]  __msan_chain_origin+0x50/0x90
[  581.485435][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  581.490594][T11859]  get_compat_msghdr+0x108/0x2b0
[  581.495569][T11859]  do_recvmmsg+0xdbb/0x22b0
[  581.500237][T11859]  ? __msan_get_context_state+0x9/0x20
[  581.505740][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  581.511062][T11859]  ? kmsan_get_metadata+0x116/0x180
[  581.516290][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  581.521597][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  581.526401][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  581.531203][T11859]  __sys_recvmmsg+0x5dd/0x610
[  581.535912][T11859]  ? kmsan_get_metadata+0x116/0x180
[  581.541134][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  581.547272][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  581.553517][T11859]  __do_fast_syscall_32+0x129/0x180
[  581.558742][T11859]  do_fast_syscall_32+0x6a/0xc0
[  581.563616][T11859]  do_SYSENTER_32+0x73/0x90
[  581.568138][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  581.574521][T11859] RIP: 0023:0xf7ff7549
[  581.578610][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  581.598296][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  581.606704][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  581.614684][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  581.622661][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  581.630631][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  581.638598][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  581.646578][T11859] Uninit was stored to memory at:
[  581.651595][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  581.657329][T11859]  __msan_chain_origin+0x50/0x90
[  581.662260][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  581.667354][T11859]  get_compat_msghdr+0x108/0x2b0
[  581.672276][T11859]  do_recvmmsg+0xdbb/0x22b0
[  581.676763][T11859]  __sys_recvmmsg+0x5dd/0x610
[  581.681423][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  581.687475][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  581.693631][T11859]  __do_fast_syscall_32+0x129/0x180
[  581.698831][T11859]  do_fast_syscall_32+0x6a/0xc0
[  581.703686][T11859]  do_SYSENTER_32+0x73/0x90
[  581.708176][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  581.714482][T11859] 
[  581.716799][T11859] Uninit was stored to memory at:
[  581.721818][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  581.727532][T11859]  __msan_chain_origin+0x50/0x90
[  581.732451][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  581.737543][T11859]  get_compat_msghdr+0x108/0x2b0
[  581.742465][T11859]  do_recvmmsg+0xdbb/0x22b0
[  581.746953][T11859]  __sys_recvmmsg+0x5dd/0x610
[  581.751612][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  581.757669][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  581.763807][T11859]  __do_fast_syscall_32+0x129/0x180
[  581.768987][T11859]  do_fast_syscall_32+0x6a/0xc0
[  581.773829][T11859]  do_SYSENTER_32+0x73/0x90
[  581.778325][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  581.784643][T11859] 
[  581.786985][T11859] Uninit was stored to memory at:
[  581.791998][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  581.797731][T11859]  __msan_chain_origin+0x50/0x90
[  581.802677][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  581.807775][T11859]  get_compat_msghdr+0x108/0x2b0
[  581.812712][T11859]  do_recvmmsg+0xdbb/0x22b0
[  581.817209][T11859]  __sys_recvmmsg+0x5dd/0x610
[  581.821873][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  581.827924][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  581.834062][T11859]  __do_fast_syscall_32+0x129/0x180
[  581.839259][T11859]  do_fast_syscall_32+0x6a/0xc0
[  581.844093][T11859]  do_SYSENTER_32+0x73/0x90
[  581.848586][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  581.854886][T11859] 
[  581.857199][T11859] Uninit was stored to memory at:
[  581.862217][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  581.867927][T11859]  __msan_chain_origin+0x50/0x90
[  581.872873][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  581.877971][T11859]  get_compat_msghdr+0x108/0x2b0
[  581.882895][T11859]  do_recvmmsg+0xdbb/0x22b0
[  581.887395][T11859]  __sys_recvmmsg+0x5dd/0x610
[  581.892056][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  581.898107][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  581.904256][T11859]  __do_fast_syscall_32+0x129/0x180
[  581.909439][T11859]  do_fast_syscall_32+0x6a/0xc0
[  581.914281][T11859]  do_SYSENTER_32+0x73/0x90
[  581.918772][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  581.925088][T11859] 
[  581.927407][T11859] Uninit was stored to memory at:
[  581.932424][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  581.938133][T11859]  __msan_chain_origin+0x50/0x90
[  581.943070][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  581.948165][T11859]  get_compat_msghdr+0x108/0x2b0
[  581.953100][T11859]  do_recvmmsg+0xdbb/0x22b0
[  581.957595][T11859]  __sys_recvmmsg+0x5dd/0x610
[  581.962255][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  581.968307][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  581.974541][T11859]  __do_fast_syscall_32+0x129/0x180
[  581.980417][T11859]  do_fast_syscall_32+0x6a/0xc0
[  581.985263][T11859]  do_SYSENTER_32+0x73/0x90
[  581.989852][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  581.996344][T11859] 
[  581.998664][T11859] Uninit was stored to memory at:
[  582.003686][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  582.009390][T11859]  __msan_chain_origin+0x50/0x90
[  582.014312][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  582.019406][T11859]  get_compat_msghdr+0x108/0x2b0
[  582.024330][T11859]  do_recvmmsg+0xdbb/0x22b0
[  582.028816][T11859]  __sys_recvmmsg+0x5dd/0x610
[  582.033484][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  582.039633][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  582.045771][T11859]  __do_fast_syscall_32+0x129/0x180
[  582.050952][T11859]  do_fast_syscall_32+0x6a/0xc0
[  582.055809][T11859]  do_SYSENTER_32+0x73/0x90
[  582.060297][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  582.066604][T11859] 
[  582.068914][T11859] Uninit was stored to memory at:
[  582.073937][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  582.079678][T11859]  __msan_chain_origin+0x50/0x90
[  582.084608][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  582.089732][T11859]  get_compat_msghdr+0x108/0x2b0
[  582.094697][T11859]  do_recvmmsg+0xdbb/0x22b0
[  582.099189][T11859]  __sys_recvmmsg+0x5dd/0x610
[  582.103864][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  582.109916][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  582.116056][T11859]  __do_fast_syscall_32+0x129/0x180
[  582.121240][T11859]  do_fast_syscall_32+0x6a/0xc0
[  582.126077][T11859]  do_SYSENTER_32+0x73/0x90
[  582.130564][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  582.137298][T11859] 
[  582.139609][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  582.146268][T11859]  do_recvmmsg+0xbf/0x22b0
[  582.150668][T11859]  do_recvmmsg+0xbf/0x22b0
[  582.372413][T11859] not chained 120000 origins
[  582.377074][T11859] CPU: 0 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  582.386116][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  582.396179][T11859] Call Trace:
[  582.399495][T11859]  dump_stack+0x21c/0x280
[  582.404117][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  582.409893][T11859]  ? kmsan_get_metadata+0x116/0x180
[  582.415289][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  582.420860][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  582.427477][T11859]  ? _copy_from_user+0x201/0x310
[  582.432440][T11859]  ? kmsan_get_metadata+0x116/0x180
[  582.437658][T11859]  __msan_chain_origin+0x50/0x90
[  582.442634][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  582.447788][T11859]  get_compat_msghdr+0x108/0x2b0
[  582.452762][T11859]  do_recvmmsg+0xdbb/0x22b0
[  582.457289][T11859]  ? __msan_get_context_state+0x9/0x20
[  582.462800][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  582.468127][T11859]  ? kmsan_get_metadata+0x116/0x180
[  582.473354][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  582.478662][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  582.483476][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  582.488373][T11859]  __sys_recvmmsg+0x5dd/0x610
[  582.493089][T11859]  ? kmsan_get_metadata+0x116/0x180
[  582.498312][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  582.504527][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  582.510737][T11859]  __do_fast_syscall_32+0x129/0x180
[  582.515961][T11859]  do_fast_syscall_32+0x6a/0xc0
[  582.520848][T11859]  do_SYSENTER_32+0x73/0x90
[  582.525371][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  582.531705][T11859] RIP: 0023:0xf7ff7549
[  582.535774][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  582.555406][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  582.564275][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  582.572236][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  582.580193][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  582.588154][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  582.596115][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  582.604097][T11859] Uninit was stored to memory at:
[  582.609115][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  582.614817][T11859]  __msan_chain_origin+0x50/0x90
[  582.619738][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  582.624839][T11859]  get_compat_msghdr+0x108/0x2b0
[  582.629760][T11859]  do_recvmmsg+0xdbb/0x22b0
[  582.634265][T11859]  __sys_recvmmsg+0x5dd/0x610
[  582.638936][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  582.644991][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  582.651145][T11859]  __do_fast_syscall_32+0x129/0x180
[  582.656332][T11859]  do_fast_syscall_32+0x6a/0xc0
[  582.661166][T11859]  do_SYSENTER_32+0x73/0x90
[  582.665669][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  582.671974][T11859] 
[  582.674285][T11859] Uninit was stored to memory at:
[  582.679300][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  582.685003][T11859]  __msan_chain_origin+0x50/0x90
[  582.689940][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  582.695039][T11859]  get_compat_msghdr+0x108/0x2b0
[  582.699969][T11859]  do_recvmmsg+0xdbb/0x22b0
[  582.704478][T11859]  __sys_recvmmsg+0x5dd/0x610
[  582.709156][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  582.715217][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  582.721380][T11859]  __do_fast_syscall_32+0x129/0x180
[  582.726566][T11859]  do_fast_syscall_32+0x6a/0xc0
[  582.731419][T11859]  do_SYSENTER_32+0x73/0x90
[  582.735918][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  582.742232][T11859] 
[  582.744549][T11859] Uninit was stored to memory at:
[  582.749587][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  582.755299][T11859]  __msan_chain_origin+0x50/0x90
[  582.760228][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  582.765320][T11859]  get_compat_msghdr+0x108/0x2b0
[  582.770240][T11859]  do_recvmmsg+0xdbb/0x22b0
[  582.774742][T11859]  __sys_recvmmsg+0x5dd/0x610
[  582.779404][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  582.785454][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  582.791600][T11859]  __do_fast_syscall_32+0x129/0x180
[  582.796781][T11859]  do_fast_syscall_32+0x6a/0xc0
[  582.801623][T11859]  do_SYSENTER_32+0x73/0x90
[  582.806129][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  582.812439][T11859] 
[  582.814745][T11859] Uninit was stored to memory at:
[  582.819769][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  582.825517][T11859]  __msan_chain_origin+0x50/0x90
[  582.830525][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  582.835621][T11859]  get_compat_msghdr+0x108/0x2b0
[  582.840547][T11859]  do_recvmmsg+0xdbb/0x22b0
[  582.845040][T11859]  __sys_recvmmsg+0x5dd/0x610
[  582.849700][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  582.855749][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  582.861886][T11859]  __do_fast_syscall_32+0x129/0x180
[  582.867072][T11859]  do_fast_syscall_32+0x6a/0xc0
[  582.871904][T11859]  do_SYSENTER_32+0x73/0x90
[  582.876402][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  582.882745][T11859] 
[  582.885070][T11859] Uninit was stored to memory at:
[  582.890098][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  582.895805][T11859]  __msan_chain_origin+0x50/0x90
[  582.900735][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  582.905828][T11859]  get_compat_msghdr+0x108/0x2b0
[  582.910749][T11859]  do_recvmmsg+0xdbb/0x22b0
[  582.915259][T11859]  __sys_recvmmsg+0x5dd/0x610
[  582.919937][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  582.925988][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  582.932139][T11859]  __do_fast_syscall_32+0x129/0x180
[  582.937328][T11859]  do_fast_syscall_32+0x6a/0xc0
[  582.942161][T11859]  do_SYSENTER_32+0x73/0x90
[  582.946665][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  582.952969][T11859] 
[  582.955291][T11859] Uninit was stored to memory at:
[  582.960319][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  582.966024][T11859]  __msan_chain_origin+0x50/0x90
[  582.970947][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  582.976042][T11859]  get_compat_msghdr+0x108/0x2b0
[  582.980963][T11859]  do_recvmmsg+0xdbb/0x22b0
[  582.985477][T11859]  __sys_recvmmsg+0x5dd/0x610
[  582.990153][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  582.996206][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  583.002348][T11859]  __do_fast_syscall_32+0x129/0x180
[  583.007547][T11859]  do_fast_syscall_32+0x6a/0xc0
[  583.012405][T11859]  do_SYSENTER_32+0x73/0x90
[  583.016897][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  583.023197][T11859] 
[  583.025518][T11859] Uninit was stored to memory at:
[  583.030532][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  583.036238][T11859]  __msan_chain_origin+0x50/0x90
[  583.041169][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  583.046276][T11859]  get_compat_msghdr+0x108/0x2b0
[  583.051198][T11859]  do_recvmmsg+0xdbb/0x22b0
[  583.055689][T11859]  __sys_recvmmsg+0x5dd/0x610
[  583.060349][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  583.066402][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  583.072549][T11859]  __do_fast_syscall_32+0x129/0x180
[  583.077749][T11859]  do_fast_syscall_32+0x6a/0xc0
[  583.082587][T11859]  do_SYSENTER_32+0x73/0x90
[  583.087077][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  583.093395][T11859] 
[  583.095714][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  583.102400][T11859]  do_recvmmsg+0xbf/0x22b0
[  583.106810][T11859]  do_recvmmsg+0xbf/0x22b0
[  583.378132][T11859] not chained 130000 origins
[  583.382776][T11859] CPU: 0 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  583.391452][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  583.401516][T11859] Call Trace:
[  583.404842][T11859]  dump_stack+0x21c/0x280
[  583.409206][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  583.414997][T11859]  ? kmsan_get_metadata+0x116/0x180
[  583.420221][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  583.425791][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  583.431883][T11859]  ? _copy_from_user+0x201/0x310
[  583.436846][T11859]  ? kmsan_get_metadata+0x116/0x180
[  583.442068][T11859]  __msan_chain_origin+0x50/0x90
[  583.447033][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  583.452709][T11859]  get_compat_msghdr+0x108/0x2b0
[  583.457686][T11859]  do_recvmmsg+0xdbb/0x22b0
[  583.462221][T11859]  ? __msan_get_context_state+0x9/0x20
[  583.467718][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  583.473041][T11859]  ? kmsan_get_metadata+0x116/0x180
[  583.478267][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  583.483585][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  583.488421][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  583.493263][T11859]  __sys_recvmmsg+0x5dd/0x610
[  583.497983][T11859]  ? kmsan_get_metadata+0x116/0x180
[  583.503265][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  583.509379][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  583.515566][T11859]  __do_fast_syscall_32+0x129/0x180
[  583.520796][T11859]  do_fast_syscall_32+0x6a/0xc0
[  583.525686][T11859]  do_SYSENTER_32+0x73/0x90
[  583.530212][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  583.536724][T11859] RIP: 0023:0xf7ff7549
[  583.540792][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  583.560396][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  583.568805][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  583.576773][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  583.584739][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  583.592696][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  583.600653][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  583.608710][T11859] Uninit was stored to memory at:
[  583.613727][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  583.619433][T11859]  __msan_chain_origin+0x50/0x90
[  583.624364][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  583.629459][T11859]  get_compat_msghdr+0x108/0x2b0
[  583.638041][T11859]  do_recvmmsg+0xdbb/0x22b0
[  583.642545][T11859]  __sys_recvmmsg+0x5dd/0x610
[  583.647209][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  583.653269][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  583.659415][T11859]  __do_fast_syscall_32+0x129/0x180
[  583.664629][T11859]  do_fast_syscall_32+0x6a/0xc0
[  583.669463][T11859]  do_SYSENTER_32+0x73/0x90
[  583.673964][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  583.680264][T11859] 
[  583.682571][T11859] Uninit was stored to memory at:
[  583.687684][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  583.694349][T11859]  __msan_chain_origin+0x50/0x90
[  583.699270][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  583.704362][T11859]  get_compat_msghdr+0x108/0x2b0
[  583.709302][T11859]  do_recvmmsg+0xdbb/0x22b0
[  583.713790][T11859]  __sys_recvmmsg+0x5dd/0x610
[  583.718466][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  583.724523][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  583.730674][T11859]  __do_fast_syscall_32+0x129/0x180
[  583.736301][T11859]  do_fast_syscall_32+0x6a/0xc0
[  583.741147][T11859]  do_SYSENTER_32+0x73/0x90
[  583.745642][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  583.751963][T11859] 
[  583.754298][T11859] Uninit was stored to memory at:
[  583.759324][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  583.765025][T11859]  __msan_chain_origin+0x50/0x90
[  583.769959][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  583.775053][T11859]  get_compat_msghdr+0x108/0x2b0
[  583.779977][T11859]  do_recvmmsg+0xdbb/0x22b0
[  583.784461][T11859]  __sys_recvmmsg+0x5dd/0x610
[  583.789123][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  583.795175][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  583.801326][T11859]  __do_fast_syscall_32+0x129/0x180
[  583.806509][T11859]  do_fast_syscall_32+0x6a/0xc0
[  583.811344][T11859]  do_SYSENTER_32+0x73/0x90
[  583.815849][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  583.822155][T11859] 
[  583.824466][T11859] Uninit was stored to memory at:
[  583.829483][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  583.835194][T11859]  __msan_chain_origin+0x50/0x90
[  583.840145][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  583.845251][T11859]  get_compat_msghdr+0x108/0x2b0
[  583.850188][T11859]  do_recvmmsg+0xdbb/0x22b0
[  583.854761][T11859]  __sys_recvmmsg+0x5dd/0x610
[  583.859424][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  583.865489][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  583.871654][T11859]  __do_fast_syscall_32+0x129/0x180
[  583.876856][T11859]  do_fast_syscall_32+0x6a/0xc0
[  583.881699][T11859]  do_SYSENTER_32+0x73/0x90
[  583.886208][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  583.892514][T11859] 
[  583.894849][T11859] Uninit was stored to memory at:
[  583.899868][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  583.905581][T11859]  __msan_chain_origin+0x50/0x90
[  583.910528][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  583.915626][T11859]  get_compat_msghdr+0x108/0x2b0
[  583.920578][T11859]  do_recvmmsg+0xdbb/0x22b0
[  583.925074][T11859]  __sys_recvmmsg+0x5dd/0x610
[  583.929744][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  583.935818][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  583.941963][T11859]  __do_fast_syscall_32+0x129/0x180
[  583.947158][T11859]  do_fast_syscall_32+0x6a/0xc0
[  583.952862][T11859]  do_SYSENTER_32+0x73/0x90
[  583.957363][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  583.963665][T11859] 
[  583.965987][T11859] Uninit was stored to memory at:
[  583.971020][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  583.976724][T11859]  __msan_chain_origin+0x50/0x90
[  583.981675][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  583.986783][T11859]  get_compat_msghdr+0x108/0x2b0
[  583.991713][T11859]  do_recvmmsg+0xdbb/0x22b0
[  583.996214][T11859]  __sys_recvmmsg+0x5dd/0x610
[  584.000887][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  584.006947][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  584.013083][T11859]  __do_fast_syscall_32+0x129/0x180
[  584.018266][T11859]  do_fast_syscall_32+0x6a/0xc0
[  584.023104][T11859]  do_SYSENTER_32+0x73/0x90
[  584.027613][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  584.033914][T11859] 
[  584.036259][T11859] Uninit was stored to memory at:
[  584.041273][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  584.046992][T11859]  __msan_chain_origin+0x50/0x90
[  584.051913][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  584.057009][T11859]  get_compat_msghdr+0x108/0x2b0
[  584.061941][T11859]  do_recvmmsg+0xdbb/0x22b0
[  584.066439][T11859]  __sys_recvmmsg+0x5dd/0x610
[  584.071105][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  584.077157][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  584.083310][T11859]  __do_fast_syscall_32+0x129/0x180
[  584.088496][T11859]  do_fast_syscall_32+0x6a/0xc0
[  584.093334][T11859]  do_SYSENTER_32+0x73/0x90
[  584.097841][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  584.104141][T11859] 
[  584.106471][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  584.113148][T11859]  do_recvmmsg+0xbf/0x22b0
[  584.117572][T11859]  do_recvmmsg+0xbf/0x22b0
[  584.300727][T11859] not chained 140000 origins
[  584.305475][T11859] CPU: 0 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  584.315121][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  584.325194][T11859] Call Trace:
[  584.328510][T11859]  dump_stack+0x21c/0x280
[  584.332876][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  584.338656][T11859]  ? kmsan_get_metadata+0x116/0x180
[  584.343899][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  584.349730][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  584.355850][T11859]  ? _copy_from_user+0x201/0x310
[  584.370022][T11859]  ? kmsan_get_metadata+0x116/0x180
[  584.375269][T11859]  __msan_chain_origin+0x50/0x90
[  584.380232][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  584.385392][T11859]  get_compat_msghdr+0x108/0x2b0
[  584.390367][T11859]  do_recvmmsg+0xdbb/0x22b0
[  584.394917][T11859]  ? __msan_get_context_state+0x9/0x20
[  584.400411][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  584.405742][T11859]  ? kmsan_get_metadata+0x116/0x180
[  584.410968][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  584.416281][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  584.421068][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  584.430190][T11859]  __sys_recvmmsg+0x5dd/0x610
[  584.434902][T11859]  ? kmsan_get_metadata+0x116/0x180
[  584.440128][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  584.446226][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  584.452405][T11859]  __do_fast_syscall_32+0x129/0x180
[  584.457652][T11859]  do_fast_syscall_32+0x6a/0xc0
[  584.462548][T11859]  do_SYSENTER_32+0x73/0x90
[  584.467081][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  584.473421][T11859] RIP: 0023:0xf7ff7549
[  584.477506][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  584.497129][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  584.505565][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  584.513642][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  584.521641][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  584.529619][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  584.538806][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  584.546812][T11859] Uninit was stored to memory at:
[  584.551859][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  584.557575][T11859]  __msan_chain_origin+0x50/0x90
[  584.562527][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  584.567650][T11859]  get_compat_msghdr+0x108/0x2b0
[  584.572696][T11859]  do_recvmmsg+0xdbb/0x22b0
[  584.577187][T11859]  __sys_recvmmsg+0x5dd/0x610
[  584.581862][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  584.587925][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  584.594066][T11859]  __do_fast_syscall_32+0x129/0x180
[  584.599250][T11859]  do_fast_syscall_32+0x6a/0xc0
[  584.605045][T11859]  do_SYSENTER_32+0x73/0x90
[  584.609551][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  584.615862][T11859] 
[  584.618180][T11859] Uninit was stored to memory at:
[  584.623209][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  584.628935][T11859]  __msan_chain_origin+0x50/0x90
[  584.633856][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  584.638951][T11859]  get_compat_msghdr+0x108/0x2b0
[  584.643894][T11859]  do_recvmmsg+0xdbb/0x22b0
[  584.648398][T11859]  __sys_recvmmsg+0x5dd/0x610
[  584.653058][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  584.659110][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  584.665264][T11859]  __do_fast_syscall_32+0x129/0x180
[  584.670468][T11859]  do_fast_syscall_32+0x6a/0xc0
[  584.675318][T11859]  do_SYSENTER_32+0x73/0x90
[  584.679821][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  584.686122][T11859] 
[  584.688430][T11859] Uninit was stored to memory at:
[  584.693457][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  584.699854][T11859]  __msan_chain_origin+0x50/0x90
[  584.704789][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  584.713486][T11859]  get_compat_msghdr+0x108/0x2b0
[  584.719288][T11859]  do_recvmmsg+0xdbb/0x22b0
[  584.723799][T11859]  __sys_recvmmsg+0x5dd/0x610
[  584.728465][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  584.734532][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  584.740682][T11859]  __do_fast_syscall_32+0x129/0x180
[  584.745889][T11859]  do_fast_syscall_32+0x6a/0xc0
[  584.750745][T11859]  do_SYSENTER_32+0x73/0x90
[  584.755248][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  584.761565][T11859] 
[  584.763897][T11859] Uninit was stored to memory at:
[  584.768932][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  584.774650][T11859]  __msan_chain_origin+0x50/0x90
[  584.779572][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  584.784669][T11859]  get_compat_msghdr+0x108/0x2b0
[  584.789601][T11859]  do_recvmmsg+0xdbb/0x22b0
[  584.794087][T11859]  __sys_recvmmsg+0x5dd/0x610
[  584.798766][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  584.804817][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  584.810960][T11859]  __do_fast_syscall_32+0x129/0x180
[  584.816142][T11859]  do_fast_syscall_32+0x6a/0xc0
[  584.820974][T11859]  do_SYSENTER_32+0x73/0x90
[  584.825462][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  584.831778][T11859] 
[  584.834087][T11859] Uninit was stored to memory at:
[  584.839334][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  584.845050][T11859]  __msan_chain_origin+0x50/0x90
[  584.849976][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  584.855072][T11859]  get_compat_msghdr+0x108/0x2b0
[  584.859998][T11859]  do_recvmmsg+0xdbb/0x22b0
[  584.864494][T11859]  __sys_recvmmsg+0x5dd/0x610
[  584.869166][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  584.875236][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  584.881405][T11859]  __do_fast_syscall_32+0x129/0x180
[  584.886608][T11859]  do_fast_syscall_32+0x6a/0xc0
[  584.891442][T11859]  do_SYSENTER_32+0x73/0x90
[  584.895935][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  584.903975][T11859] 
[  584.906303][T11859] Uninit was stored to memory at:
[  584.911325][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  584.917046][T11859]  __msan_chain_origin+0x50/0x90
[  584.922098][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  584.927195][T11859]  get_compat_msghdr+0x108/0x2b0
[  584.932118][T11859]  do_recvmmsg+0xdbb/0x22b0
[  584.936636][T11859]  __sys_recvmmsg+0x5dd/0x610
[  584.941299][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  584.947366][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  584.953508][T11859]  __do_fast_syscall_32+0x129/0x180
[  584.958704][T11859]  do_fast_syscall_32+0x6a/0xc0
[  584.963537][T11859]  do_SYSENTER_32+0x73/0x90
[  584.968049][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  584.974366][T11859] 
[  584.976692][T11859] Uninit was stored to memory at:
[  584.981710][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  584.987416][T11859]  __msan_chain_origin+0x50/0x90
[  584.992339][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  584.997451][T11859]  get_compat_msghdr+0x108/0x2b0
[  585.002377][T11859]  do_recvmmsg+0xdbb/0x22b0
[  585.006866][T11859]  __sys_recvmmsg+0x5dd/0x610
[  585.011527][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  585.017607][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  585.023753][T11859]  __do_fast_syscall_32+0x129/0x180
[  585.028954][T11859]  do_fast_syscall_32+0x6a/0xc0
[  585.033788][T11859]  do_SYSENTER_32+0x73/0x90
[  585.038277][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  585.045552][T11859] 
[  585.047879][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  585.054558][T11859]  do_recvmmsg+0xbf/0x22b0
[  585.058988][T11859]  do_recvmmsg+0xbf/0x22b0
[  585.269088][T11859] not chained 150000 origins
[  585.274747][T11859] CPU: 0 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  585.283442][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  585.293505][T11859] Call Trace:
[  585.296818][T11859]  dump_stack+0x21c/0x280
[  585.301183][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  585.306965][T11859]  ? kmsan_get_metadata+0x116/0x180
[  585.312185][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  585.317756][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  585.323846][T11859]  ? _copy_from_user+0x201/0x310
[  585.328811][T11859]  ? kmsan_get_metadata+0x116/0x180
[  585.334027][T11859]  __msan_chain_origin+0x50/0x90
[  585.339010][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  585.344164][T11859]  get_compat_msghdr+0x108/0x2b0
[  585.349139][T11859]  do_recvmmsg+0xdbb/0x22b0
[  585.353669][T11859]  ? __msan_get_context_state+0x9/0x20
[  585.359174][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  585.364499][T11859]  ? kmsan_get_metadata+0x116/0x180
[  585.369732][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  585.375041][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  585.379845][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  585.384636][T11859]  __sys_recvmmsg+0x5dd/0x610
[  585.389351][T11859]  ? kmsan_get_metadata+0x116/0x180
[  585.394574][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  585.400685][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  585.406859][T11859]  __do_fast_syscall_32+0x129/0x180
[  585.412082][T11859]  do_fast_syscall_32+0x6a/0xc0
[  585.416946][T11859]  do_SYSENTER_32+0x73/0x90
[  585.421446][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  585.427756][T11859] RIP: 0023:0xf7ff7549
[  585.431856][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  585.451714][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  585.460114][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  585.468079][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  585.476048][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  585.484006][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  585.491968][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  585.500379][T11859] Uninit was stored to memory at:
[  585.505401][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  585.511113][T11859]  __msan_chain_origin+0x50/0x90
[  585.516038][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  585.521138][T11859]  get_compat_msghdr+0x108/0x2b0
[  585.526073][T11859]  do_recvmmsg+0xdbb/0x22b0
[  585.530562][T11859]  __sys_recvmmsg+0x5dd/0x610
[  585.535242][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  585.541325][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  585.547465][T11859]  __do_fast_syscall_32+0x129/0x180
[  585.552648][T11859]  do_fast_syscall_32+0x6a/0xc0
[  585.557497][T11859]  do_SYSENTER_32+0x73/0x90
[  585.561998][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  585.568301][T11859] 
[  585.570612][T11859] Uninit was stored to memory at:
[  585.575629][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  585.581341][T11859]  __msan_chain_origin+0x50/0x90
[  585.586262][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  585.591367][T11859]  get_compat_msghdr+0x108/0x2b0
[  585.596308][T11859]  do_recvmmsg+0xdbb/0x22b0
[  585.608106][T11859]  __sys_recvmmsg+0x5dd/0x610
[  585.612781][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  585.618855][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  585.625008][T11859]  __do_fast_syscall_32+0x129/0x180
[  585.630194][T11859]  do_fast_syscall_32+0x6a/0xc0
[  585.635028][T11859]  do_SYSENTER_32+0x73/0x90
[  585.639529][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  585.645880][T11859] 
[  585.648202][T11859] Uninit was stored to memory at:
[  585.653226][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  585.658930][T11859]  __msan_chain_origin+0x50/0x90
[  585.663853][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  585.668947][T11859]  get_compat_msghdr+0x108/0x2b0
[  585.673878][T11859]  do_recvmmsg+0xdbb/0x22b0
[  585.678363][T11859]  __sys_recvmmsg+0x5dd/0x610
[  585.683036][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  585.689091][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  585.695246][T11859]  __do_fast_syscall_32+0x129/0x180
[  585.700440][T11859]  do_fast_syscall_32+0x6a/0xc0
[  585.705276][T11859]  do_SYSENTER_32+0x73/0x90
[  585.709764][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  585.716084][T11859] 
[  585.718395][T11859] Uninit was stored to memory at:
[  585.723416][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  585.729138][T11859]  __msan_chain_origin+0x50/0x90
[  585.734075][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  585.739182][T11859]  get_compat_msghdr+0x108/0x2b0
[  585.744105][T11859]  do_recvmmsg+0xdbb/0x22b0
[  585.748592][T11859]  __sys_recvmmsg+0x5dd/0x610
[  585.753262][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  585.759312][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  585.765450][T11859]  __do_fast_syscall_32+0x129/0x180
[  585.770628][T11859]  do_fast_syscall_32+0x6a/0xc0
[  585.775477][T11859]  do_SYSENTER_32+0x73/0x90
[  585.779962][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  585.786273][T11859] 
[  585.788599][T11859] Uninit was stored to memory at:
[  585.793616][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  585.799330][T11859]  __msan_chain_origin+0x50/0x90
[  585.804250][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  585.809345][T11859]  get_compat_msghdr+0x108/0x2b0
[  585.814280][T11859]  do_recvmmsg+0xdbb/0x22b0
[  585.818767][T11859]  __sys_recvmmsg+0x5dd/0x610
[  585.823436][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  585.829930][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  585.836088][T11859]  __do_fast_syscall_32+0x129/0x180
[  585.841287][T11859]  do_fast_syscall_32+0x6a/0xc0
[  585.846136][T11859]  do_SYSENTER_32+0x73/0x90
[  585.850625][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  585.856948][T11859] 
[  585.859259][T11859] Uninit was stored to memory at:
[  585.864287][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  585.870001][T11859]  __msan_chain_origin+0x50/0x90
[  585.874939][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  585.880036][T11859]  get_compat_msghdr+0x108/0x2b0
[  585.884963][T11859]  do_recvmmsg+0xdbb/0x22b0
[  585.889457][T11859]  __sys_recvmmsg+0x5dd/0x610
[  585.894133][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  585.900191][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  585.906351][T11859]  __do_fast_syscall_32+0x129/0x180
[  585.911548][T11859]  do_fast_syscall_32+0x6a/0xc0
[  585.916398][T11859]  do_SYSENTER_32+0x73/0x90
[  585.920888][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  585.927201][T11859] 
[  585.929512][T11859] Uninit was stored to memory at:
[  585.934532][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  585.940253][T11859]  __msan_chain_origin+0x50/0x90
[  585.945238][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  585.950367][T11859]  get_compat_msghdr+0x108/0x2b0
[  585.956393][T11859]  do_recvmmsg+0xdbb/0x22b0
[  585.960885][T11859]  __sys_recvmmsg+0x5dd/0x610
[  585.966505][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  585.972561][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  585.978713][T11859]  __do_fast_syscall_32+0x129/0x180
[  585.983897][T11859]  do_fast_syscall_32+0x6a/0xc0
[  585.988731][T11859]  do_SYSENTER_32+0x73/0x90
[  585.993238][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  585.999568][T11859] 
[  586.001889][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  586.008601][T11859]  do_recvmmsg+0xbf/0x22b0
[  586.013008][T11859]  do_recvmmsg+0xbf/0x22b0
[  586.292997][T11859] not chained 160000 origins
[  586.297658][T11859] CPU: 0 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  586.306363][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  586.316694][T11859] Call Trace:
[  586.320009][T11859]  dump_stack+0x21c/0x280
[  586.324401][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  586.330200][T11859]  ? kmsan_get_metadata+0x116/0x180
[  586.335422][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  586.341013][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  586.347112][T11859]  ? _copy_from_user+0x201/0x310
[  586.352100][T11859]  ? kmsan_get_metadata+0x116/0x180
[  586.357321][T11859]  __msan_chain_origin+0x50/0x90
[  586.362281][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  586.367458][T11859]  get_compat_msghdr+0x108/0x2b0
[  586.372435][T11859]  do_recvmmsg+0xdbb/0x22b0
[  586.376965][T11859]  ? __msan_get_context_state+0x9/0x20
[  586.382465][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  586.387787][T11859]  ? kmsan_get_metadata+0x116/0x180
[  586.397290][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  586.402607][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  586.407377][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  586.412133][T11859]  __sys_recvmmsg+0x5dd/0x610
[  586.416834][T11859]  ? kmsan_get_metadata+0x116/0x180
[  586.422049][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  586.428131][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  586.434276][T11859]  __do_fast_syscall_32+0x129/0x180
[  586.439485][T11859]  do_fast_syscall_32+0x6a/0xc0
[  586.444377][T11859]  do_SYSENTER_32+0x73/0x90
[  586.449065][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  586.455385][T11859] RIP: 0023:0xf7ff7549
[  586.459448][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  586.479058][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  586.487474][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  586.495448][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  586.503428][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  586.511389][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  586.519368][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  586.527337][T11859] Uninit was stored to memory at:
[  586.532358][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  586.538083][T11859]  __msan_chain_origin+0x50/0x90
[  586.543003][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  586.548113][T11859]  get_compat_msghdr+0x108/0x2b0
[  586.553047][T11859]  do_recvmmsg+0xdbb/0x22b0
[  586.557535][T11859]  __sys_recvmmsg+0x5dd/0x610
[  586.562251][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  586.568301][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  586.574440][T11859]  __do_fast_syscall_32+0x129/0x180
[  586.579623][T11859]  do_fast_syscall_32+0x6a/0xc0
[  586.584459][T11859]  do_SYSENTER_32+0x73/0x90
[  586.588957][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  586.595265][T11859] 
[  586.597582][T11859] Uninit was stored to memory at:
[  586.602598][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  586.608323][T11859]  __msan_chain_origin+0x50/0x90
[  586.613249][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  586.618355][T11859]  get_compat_msghdr+0x108/0x2b0
[  586.623286][T11859]  do_recvmmsg+0xdbb/0x22b0
[  586.627781][T11859]  __sys_recvmmsg+0x5dd/0x610
[  586.632490][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  586.638551][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  586.644698][T11859]  __do_fast_syscall_32+0x129/0x180
[  586.649883][T11859]  do_fast_syscall_32+0x6a/0xc0
[  586.654722][T11859]  do_SYSENTER_32+0x73/0x90
[  586.659213][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  586.665515][T11859] 
[  586.667833][T11859] Uninit was stored to memory at:
[  586.672848][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  586.678564][T11859]  __msan_chain_origin+0x50/0x90
[  586.683496][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  586.688592][T11859]  get_compat_msghdr+0x108/0x2b0
[  586.693534][T11859]  do_recvmmsg+0xdbb/0x22b0
[  586.698043][T11859]  __sys_recvmmsg+0x5dd/0x610
[  586.702707][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  586.708761][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  586.714986][T11859]  __do_fast_syscall_32+0x129/0x180
[  586.720180][T11859]  do_fast_syscall_32+0x6a/0xc0
[  586.725015][T11859]  do_SYSENTER_32+0x73/0x90
[  586.729515][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  586.735816][T11859] 
[  586.738136][T11859] Uninit was stored to memory at:
[  586.743151][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  586.748874][T11859]  __msan_chain_origin+0x50/0x90
[  586.753796][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  586.758892][T11859]  get_compat_msghdr+0x108/0x2b0
[  586.763812][T11859]  do_recvmmsg+0xdbb/0x22b0
[  586.768309][T11859]  __sys_recvmmsg+0x5dd/0x610
[  586.772969][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  586.779026][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  586.785172][T11859]  __do_fast_syscall_32+0x129/0x180
[  586.790368][T11859]  do_fast_syscall_32+0x6a/0xc0
[  586.795226][T11859]  do_SYSENTER_32+0x73/0x90
[  586.799718][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  586.806017][T11859] 
[  586.808341][T11859] Uninit was stored to memory at:
[  586.813359][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  586.819072][T11859]  __msan_chain_origin+0x50/0x90
[  586.823992][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  586.829097][T11859]  get_compat_msghdr+0x108/0x2b0
[  586.834017][T11859]  do_recvmmsg+0xdbb/0x22b0
[  586.838515][T11859]  __sys_recvmmsg+0x5dd/0x610
[  586.843174][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  586.849223][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  586.855362][T11859]  __do_fast_syscall_32+0x129/0x180
[  586.860541][T11859]  do_fast_syscall_32+0x6a/0xc0
[  586.865393][T11859]  do_SYSENTER_32+0x73/0x90
[  586.869882][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  586.876182][T11859] 
[  586.878509][T11859] Uninit was stored to memory at:
[  586.883528][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  586.889234][T11859]  __msan_chain_origin+0x50/0x90
[  586.894152][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  586.899243][T11859]  get_compat_msghdr+0x108/0x2b0
[  586.904424][T11859]  do_recvmmsg+0xdbb/0x22b0
[  586.908909][T11859]  __sys_recvmmsg+0x5dd/0x610
[  586.913587][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  586.919681][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  586.925835][T11859]  __do_fast_syscall_32+0x129/0x180
[  586.931018][T11859]  do_fast_syscall_32+0x6a/0xc0
[  586.935855][T11859]  do_SYSENTER_32+0x73/0x90
[  586.940343][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  586.946651][T11859] 
[  586.948968][T11859] Uninit was stored to memory at:
[  586.953987][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  586.959713][T11859]  __msan_chain_origin+0x50/0x90
[  586.964642][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  586.969743][T11859]  get_compat_msghdr+0x108/0x2b0
[  586.974684][T11859]  do_recvmmsg+0xdbb/0x22b0
[  586.979180][T11859]  __sys_recvmmsg+0x5dd/0x610
[  586.983858][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  586.989908][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  586.996048][T11859]  __do_fast_syscall_32+0x129/0x180
[  587.001226][T11859]  do_fast_syscall_32+0x6a/0xc0
[  587.006146][T11859]  do_SYSENTER_32+0x73/0x90
[  587.010645][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  587.016962][T11859] 
[  587.019270][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  587.026543][T11859]  do_recvmmsg+0xbf/0x22b0
[  587.030942][T11859]  do_recvmmsg+0xbf/0x22b0
[  587.191852][T11859] not chained 170000 origins
[  587.196500][T11859] CPU: 0 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  587.205432][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  587.215490][T11859] Call Trace:
[  587.218802][T11859]  dump_stack+0x21c/0x280
[  587.223162][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  587.228942][T11859]  ? kmsan_get_metadata+0x116/0x180
[  587.234160][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  587.239733][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  587.245824][T11859]  ? _copy_from_user+0x201/0x310
[  587.250783][T11859]  ? kmsan_get_metadata+0x116/0x180
[  587.255997][T11859]  __msan_chain_origin+0x50/0x90
[  587.260955][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  587.266115][T11859]  get_compat_msghdr+0x108/0x2b0
[  587.271123][T11859]  do_recvmmsg+0xdbb/0x22b0
[  587.275659][T11859]  ? __msan_get_context_state+0x9/0x20
[  587.281156][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  587.287233][T11859]  ? kmsan_get_metadata+0x116/0x180
[  587.293066][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  587.298463][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  587.303241][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  587.308028][T11859]  __sys_recvmmsg+0x5dd/0x610
[  587.312747][T11859]  ? kmsan_get_metadata+0x116/0x180
[  587.317971][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  587.324067][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  587.330246][T11859]  __do_fast_syscall_32+0x129/0x180
[  587.335470][T11859]  do_fast_syscall_32+0x6a/0xc0
[  587.340347][T11859]  do_SYSENTER_32+0x73/0x90
[  587.344873][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  587.351210][T11859] RIP: 0023:0xf7ff7549
[  587.355293][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  587.374914][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  587.383346][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  587.392303][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  587.400291][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  587.408368][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  587.416359][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  587.424365][T11859] Uninit was stored to memory at:
[  587.429413][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  587.435233][T11859]  __msan_chain_origin+0x50/0x90
[  587.440201][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  587.445325][T11859]  get_compat_msghdr+0x108/0x2b0
[  587.450347][T11859]  do_recvmmsg+0xdbb/0x22b0
[  587.455148][T11859]  __sys_recvmmsg+0x5dd/0x610
[  587.459847][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  587.465924][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  587.472082][T11859]  __do_fast_syscall_32+0x129/0x180
[  587.477568][T11859]  do_fast_syscall_32+0x6a/0xc0
[  587.482406][T11859]  do_SYSENTER_32+0x73/0x90
[  587.486918][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  587.493230][T11859] 
[  587.495552][T11859] Uninit was stored to memory at:
[  587.500567][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  587.506280][T11859]  __msan_chain_origin+0x50/0x90
[  587.511213][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  587.517102][T11859]  get_compat_msghdr+0x108/0x2b0
[  587.522023][T11859]  do_recvmmsg+0xdbb/0x22b0
[  587.526512][T11859]  __sys_recvmmsg+0x5dd/0x610
[  587.531182][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  587.537236][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  587.543374][T11859]  __do_fast_syscall_32+0x129/0x180
[  587.548559][T11859]  do_fast_syscall_32+0x6a/0xc0
[  587.553393][T11859]  do_SYSENTER_32+0x73/0x90
[  587.557881][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  587.564181][T11859] 
[  587.566507][T11859] Uninit was stored to memory at:
[  587.571522][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  587.577225][T11859]  __msan_chain_origin+0x50/0x90
[  587.582143][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  587.587246][T11859]  get_compat_msghdr+0x108/0x2b0
[  587.592166][T11859]  do_recvmmsg+0xdbb/0x22b0
[  587.597610][T11859]  __sys_recvmmsg+0x5dd/0x610
[  587.602269][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  587.608326][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  587.614465][T11859]  __do_fast_syscall_32+0x129/0x180
[  587.619647][T11859]  do_fast_syscall_32+0x6a/0xc0
[  587.624481][T11859]  do_SYSENTER_32+0x73/0x90
[  587.628967][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  587.635267][T11859] 
[  587.637574][T11859] Uninit was stored to memory at:
[  587.642599][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  587.648306][T11859]  __msan_chain_origin+0x50/0x90
[  587.653247][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  587.658341][T11859]  get_compat_msghdr+0x108/0x2b0
[  587.663267][T11859]  do_recvmmsg+0xdbb/0x22b0
[  587.667768][T11859]  __sys_recvmmsg+0x5dd/0x610
[  587.672438][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  587.678487][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  587.684625][T11859]  __do_fast_syscall_32+0x129/0x180
[  587.689804][T11859]  do_fast_syscall_32+0x6a/0xc0
[  587.694632][T11859]  do_SYSENTER_32+0x73/0x90
[  587.699133][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  587.705435][T11859] 
[  587.707738][T11859] Uninit was stored to memory at:
[  587.712750][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  587.718464][T11859]  __msan_chain_origin+0x50/0x90
[  587.723383][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  587.728489][T11859]  get_compat_msghdr+0x108/0x2b0
[  587.733410][T11859]  do_recvmmsg+0xdbb/0x22b0
[  587.737907][T11859]  __sys_recvmmsg+0x5dd/0x610
[  587.742579][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  587.748628][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  587.754768][T11859]  __do_fast_syscall_32+0x129/0x180
[  587.759950][T11859]  do_fast_syscall_32+0x6a/0xc0
[  587.764795][T11859]  do_SYSENTER_32+0x73/0x90
[  587.769290][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  587.775603][T11859] 
[  587.777911][T11859] Uninit was stored to memory at:
[  587.782922][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  587.788628][T11859]  __msan_chain_origin+0x50/0x90
[  587.793546][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  587.798637][T11859]  get_compat_msghdr+0x108/0x2b0
[  587.803567][T11859]  do_recvmmsg+0xdbb/0x22b0
[  587.808053][T11859]  __sys_recvmmsg+0x5dd/0x610
[  587.812713][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  587.818780][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  587.824915][T11859]  __do_fast_syscall_32+0x129/0x180
[  587.830113][T11859]  do_fast_syscall_32+0x6a/0xc0
[  587.834944][T11859]  do_SYSENTER_32+0x73/0x90
[  587.839532][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  587.845831][T11859] 
[  587.848138][T11859] Uninit was stored to memory at:
[  587.853156][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  587.858869][T11859]  __msan_chain_origin+0x50/0x90
[  587.863804][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  587.868896][T11859]  get_compat_msghdr+0x108/0x2b0
[  587.873827][T11859]  do_recvmmsg+0xdbb/0x22b0
[  587.879183][T11859]  __sys_recvmmsg+0x5dd/0x610
[  587.883852][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  587.889902][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  587.896042][T11859]  __do_fast_syscall_32+0x129/0x180
[  587.901238][T11859]  do_fast_syscall_32+0x6a/0xc0
[  587.906085][T11859]  do_SYSENTER_32+0x73/0x90
[  587.910582][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  587.916892][T11859] 
[  587.919209][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  587.925875][T11859]  do_recvmmsg+0xbf/0x22b0
[  587.930284][T11859]  do_recvmmsg+0xbf/0x22b0
[  588.090145][T11859] not chained 180000 origins
[  588.094790][T11859] CPU: 0 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  588.103459][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  588.113606][T11859] Call Trace:
[  588.116920][T11859]  dump_stack+0x21c/0x280
[  588.121279][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  588.127054][T11859]  ? kmsan_get_metadata+0x116/0x180
[  588.132274][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  588.137839][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  588.143946][T11859]  ? _copy_from_user+0x201/0x310
[  588.148907][T11859]  ? kmsan_get_metadata+0x116/0x180
[  588.154161][T11859]  __msan_chain_origin+0x50/0x90
[  588.159138][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  588.164291][T11859]  get_compat_msghdr+0x108/0x2b0
[  588.169282][T11859]  do_recvmmsg+0xdbb/0x22b0
[  588.173810][T11859]  ? __msan_get_context_state+0x9/0x20
[  588.179303][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  588.184705][T11859]  ? kmsan_get_metadata+0x116/0x180
[  588.189935][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  588.195244][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  588.200023][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  588.204809][T11859]  __sys_recvmmsg+0x5dd/0x610
[  588.209524][T11859]  ? kmsan_get_metadata+0x116/0x180
[  588.215182][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  588.221282][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  588.227457][T11859]  __do_fast_syscall_32+0x129/0x180
[  588.232679][T11859]  do_fast_syscall_32+0x6a/0xc0
[  588.237567][T11859]  do_SYSENTER_32+0x73/0x90
[  588.242091][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  588.248537][T11859] RIP: 0023:0xf7ff7549
[  588.252628][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  588.272438][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  588.280894][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  588.288897][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  588.296878][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  588.304852][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  588.312808][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  588.320951][T11859] Uninit was stored to memory at:
[  588.325970][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  588.331681][T11859]  __msan_chain_origin+0x50/0x90
[  588.336620][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  588.341711][T11859]  get_compat_msghdr+0x108/0x2b0
[  588.346685][T11859]  do_recvmmsg+0xdbb/0x22b0
[  588.351174][T11859]  __sys_recvmmsg+0x5dd/0x610
[  588.355848][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  588.361899][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  588.368038][T11859]  __do_fast_syscall_32+0x129/0x180
[  588.373220][T11859]  do_fast_syscall_32+0x6a/0xc0
[  588.378052][T11859]  do_SYSENTER_32+0x73/0x90
[  588.382552][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  588.388852][T11859] 
[  588.391160][T11859] Uninit was stored to memory at:
[  588.396270][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  588.402059][T11859]  __msan_chain_origin+0x50/0x90
[  588.406990][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  588.412083][T11859]  get_compat_msghdr+0x108/0x2b0
[  588.417006][T11859]  do_recvmmsg+0xdbb/0x22b0
[  588.421492][T11859]  __sys_recvmmsg+0x5dd/0x610
[  588.426155][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  588.432203][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  588.438353][T11859]  __do_fast_syscall_32+0x129/0x180
[  588.443537][T11859]  do_fast_syscall_32+0x6a/0xc0
[  588.448372][T11859]  do_SYSENTER_32+0x73/0x90
[  588.452870][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  588.459182][T11859] 
[  588.461502][T11859] Uninit was stored to memory at:
[  588.466519][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  588.472224][T11859]  __msan_chain_origin+0x50/0x90
[  588.477147][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  588.482286][T11859]  get_compat_msghdr+0x108/0x2b0
[  588.487225][T11859]  do_recvmmsg+0xdbb/0x22b0
[  588.491759][T11859]  __sys_recvmmsg+0x5dd/0x610
[  588.496442][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  588.502502][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  588.508653][T11859]  __do_fast_syscall_32+0x129/0x180
[  588.513833][T11859]  do_fast_syscall_32+0x6a/0xc0
[  588.518667][T11859]  do_SYSENTER_32+0x73/0x90
[  588.523158][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  588.529458][T11859] 
[  588.531765][T11859] Uninit was stored to memory at:
[  588.536777][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  588.542476][T11859]  __msan_chain_origin+0x50/0x90
[  588.547396][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  588.552498][T11859]  get_compat_msghdr+0x108/0x2b0
[  588.557429][T11859]  do_recvmmsg+0xdbb/0x22b0
[  588.561913][T11859]  __sys_recvmmsg+0x5dd/0x610
[  588.566588][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  588.572646][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  588.578784][T11859]  __do_fast_syscall_32+0x129/0x180
[  588.583977][T11859]  do_fast_syscall_32+0x6a/0xc0
[  588.588823][T11859]  do_SYSENTER_32+0x73/0x90
[  588.593320][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  588.599621][T11859] 
[  588.601928][T11859] Uninit was stored to memory at:
[  588.606940][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  588.612642][T11859]  __msan_chain_origin+0x50/0x90
[  588.617564][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  588.622658][T11859]  get_compat_msghdr+0x108/0x2b0
[  588.627578][T11859]  do_recvmmsg+0xdbb/0x22b0
[  588.632079][T11859]  __sys_recvmmsg+0x5dd/0x610
[  588.636750][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  588.642798][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  588.648937][T11859]  __do_fast_syscall_32+0x129/0x180
[  588.654148][T11859]  do_fast_syscall_32+0x6a/0xc0
[  588.658993][T11859]  do_SYSENTER_32+0x73/0x90
[  588.663484][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  588.669782][T11859] 
[  588.672101][T11859] Uninit was stored to memory at:
[  588.677123][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  588.682834][T11859]  __msan_chain_origin+0x50/0x90
[  588.687772][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  588.692864][T11859]  get_compat_msghdr+0x108/0x2b0
[  588.697786][T11859]  do_recvmmsg+0xdbb/0x22b0
[  588.702283][T11859]  __sys_recvmmsg+0x5dd/0x610
[  588.706961][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  588.713010][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  588.719151][T11859]  __do_fast_syscall_32+0x129/0x180
[  588.724391][T11859]  do_fast_syscall_32+0x6a/0xc0
[  588.729248][T11859]  do_SYSENTER_32+0x73/0x90
[  588.733754][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  588.740053][T11859] 
[  588.742362][T11859] Uninit was stored to memory at:
[  588.747374][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  588.753083][T11859]  __msan_chain_origin+0x50/0x90
[  588.758014][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  588.763106][T11859]  get_compat_msghdr+0x108/0x2b0
[  588.768035][T11859]  do_recvmmsg+0xdbb/0x22b0
[  588.772520][T11859]  __sys_recvmmsg+0x5dd/0x610
[  588.777180][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  588.783924][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  588.790070][T11859]  __do_fast_syscall_32+0x129/0x180
[  588.795264][T11859]  do_fast_syscall_32+0x6a/0xc0
[  588.800093][T11859]  do_SYSENTER_32+0x73/0x90
[  588.804596][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  588.810907][T11859] 
[  588.813215][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  588.819884][T11859]  do_recvmmsg+0xbf/0x22b0
[  588.824285][T11859]  do_recvmmsg+0xbf/0x22b0
[  588.984208][T11859] not chained 190000 origins
[  588.988851][T11859] CPU: 0 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  588.997547][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  589.007697][T11859] Call Trace:
[  589.011008][T11859]  dump_stack+0x21c/0x280
[  589.015397][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  589.021175][T11859]  ? kmsan_get_metadata+0x116/0x180
[  589.026414][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  589.031981][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  589.038071][T11859]  ? _copy_from_user+0x201/0x310
[  589.043987][T11859]  ? kmsan_get_metadata+0x116/0x180
[  589.049208][T11859]  __msan_chain_origin+0x50/0x90
[  589.054163][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  589.059334][T11859]  get_compat_msghdr+0x108/0x2b0
[  589.064331][T11859]  do_recvmmsg+0xdbb/0x22b0
[  589.068877][T11859]  ? __msan_get_context_state+0x9/0x20
[  589.074372][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  589.079693][T11859]  ? kmsan_get_metadata+0x116/0x180
[  589.084918][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  589.090225][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  589.095000][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  589.099786][T11859]  __sys_recvmmsg+0x5dd/0x610
[  589.104495][T11859]  ? kmsan_get_metadata+0x116/0x180
[  589.109720][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  589.115873][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  589.122048][T11859]  __do_fast_syscall_32+0x129/0x180
[  589.127321][T11859]  do_fast_syscall_32+0x6a/0xc0
[  589.132213][T11859]  do_SYSENTER_32+0x73/0x90
[  589.136738][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  589.143116][T11859] RIP: 0023:0xf7ff7549
[  589.147195][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  589.166811][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  589.175242][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  589.183228][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  589.193121][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  589.201799][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  589.209772][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  589.217770][T11859] Uninit was stored to memory at:
[  589.222789][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  589.228500][T11859]  __msan_chain_origin+0x50/0x90
[  589.233421][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  589.238527][T11859]  get_compat_msghdr+0x108/0x2b0
[  589.243448][T11859]  do_recvmmsg+0xdbb/0x22b0
[  589.247933][T11859]  __sys_recvmmsg+0x5dd/0x610
[  589.252597][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  589.258656][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  589.264796][T11859]  __do_fast_syscall_32+0x129/0x180
[  589.269979][T11859]  do_fast_syscall_32+0x6a/0xc0
[  589.274811][T11859]  do_SYSENTER_32+0x73/0x90
[  589.279311][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  589.285627][T11859] 
[  589.288137][T11859] Uninit was stored to memory at:
[  589.293171][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  589.299830][T11859]  __msan_chain_origin+0x50/0x90
[  589.304762][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  589.309865][T11859]  get_compat_msghdr+0x108/0x2b0
[  589.314795][T11859]  do_recvmmsg+0xdbb/0x22b0
[  589.319282][T11859]  __sys_recvmmsg+0x5dd/0x610
[  589.323943][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  589.329991][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  589.336130][T11859]  __do_fast_syscall_32+0x129/0x180
[  589.341321][T11859]  do_fast_syscall_32+0x6a/0xc0
[  589.346154][T11859]  do_SYSENTER_32+0x73/0x90
[  589.350642][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  589.356945][T11859] 
[  589.359266][T11859] Uninit was stored to memory at:
[  589.364281][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  589.369983][T11859]  __msan_chain_origin+0x50/0x90
[  589.379189][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  589.384290][T11859]  get_compat_msghdr+0x108/0x2b0
[  589.389223][T11859]  do_recvmmsg+0xdbb/0x22b0
[  589.393711][T11859]  __sys_recvmmsg+0x5dd/0x610
[  589.398381][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  589.404431][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  589.410575][T11859]  __do_fast_syscall_32+0x129/0x180
[  589.415757][T11859]  do_fast_syscall_32+0x6a/0xc0
[  589.420598][T11859]  do_SYSENTER_32+0x73/0x90
[  589.425085][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  589.431398][T11859] 
[  589.433717][T11859] Uninit was stored to memory at:
[  589.438739][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  589.444474][T11859]  __msan_chain_origin+0x50/0x90
[  589.449427][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  589.454537][T11859]  get_compat_msghdr+0x108/0x2b0
[  589.459464][T11859]  do_recvmmsg+0xdbb/0x22b0
[  589.463950][T11859]  __sys_recvmmsg+0x5dd/0x610
[  589.468612][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  589.474668][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  589.480897][T11859]  __do_fast_syscall_32+0x129/0x180
[  589.486092][T11859]  do_fast_syscall_32+0x6a/0xc0
[  589.490929][T11859]  do_SYSENTER_32+0x73/0x90
[  589.495424][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  589.501745][T11859] 
[  589.504060][T11859] Uninit was stored to memory at:
[  589.509086][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  589.514798][T11859]  __msan_chain_origin+0x50/0x90
[  589.519732][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  589.524835][T11859]  get_compat_msghdr+0x108/0x2b0
[  589.529763][T11859]  do_recvmmsg+0xdbb/0x22b0
[  589.534248][T11859]  __sys_recvmmsg+0x5dd/0x610
[  589.538909][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  589.544959][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  589.551098][T11859]  __do_fast_syscall_32+0x129/0x180
[  589.556279][T11859]  do_fast_syscall_32+0x6a/0xc0
[  589.561122][T11859]  do_SYSENTER_32+0x73/0x90
[  589.565611][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  589.571914][T11859] 
[  589.574229][T11859] Uninit was stored to memory at:
[  589.579241][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  589.584949][T11859]  __msan_chain_origin+0x50/0x90
[  589.590566][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  589.595689][T11859]  get_compat_msghdr+0x108/0x2b0
[  589.600639][T11859]  do_recvmmsg+0xdbb/0x22b0
[  589.605134][T11859]  __sys_recvmmsg+0x5dd/0x610
[  589.609810][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  589.615871][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  589.622017][T11859]  __do_fast_syscall_32+0x129/0x180
[  589.627220][T11859]  do_fast_syscall_32+0x6a/0xc0
[  589.632065][T11859]  do_SYSENTER_32+0x73/0x90
[  589.636556][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  589.642854][T11859] 
[  589.645167][T11859] Uninit was stored to memory at:
[  589.650194][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  589.655913][T11859]  __msan_chain_origin+0x50/0x90
[  589.660832][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  589.665940][T11859]  get_compat_msghdr+0x108/0x2b0
[  589.670860][T11859]  do_recvmmsg+0xdbb/0x22b0
[  589.675361][T11859]  __sys_recvmmsg+0x5dd/0x610
[  589.680022][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  589.686085][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  589.692221][T11859]  __do_fast_syscall_32+0x129/0x180
[  589.697405][T11859]  do_fast_syscall_32+0x6a/0xc0
[  589.702239][T11859]  do_SYSENTER_32+0x73/0x90
[  589.706727][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  589.713026][T11859] 
[  589.715335][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  589.722010][T11859]  do_recvmmsg+0xbf/0x22b0
[  589.726420][T11859]  do_recvmmsg+0xbf/0x22b0
[  589.884212][T11859] not chained 200000 origins
[  589.888889][T11859] CPU: 0 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  589.897572][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  589.907811][T11859] Call Trace:
[  589.911126][T11859]  dump_stack+0x21c/0x280
[  589.915488][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  589.921278][T11859]  ? kmsan_get_metadata+0x116/0x180
[  589.927280][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  589.932846][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  589.938937][T11859]  ? _copy_from_user+0x201/0x310
[  589.943901][T11859]  ? kmsan_get_metadata+0x116/0x180
[  589.949123][T11859]  __msan_chain_origin+0x50/0x90
[  589.954079][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  589.959228][T11859]  get_compat_msghdr+0x108/0x2b0
[  589.964205][T11859]  do_recvmmsg+0xdbb/0x22b0
[  589.968731][T11859]  ? __msan_get_context_state+0x9/0x20
[  589.974232][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  589.979553][T11859]  ? kmsan_get_metadata+0x116/0x180
[  589.984782][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  589.990105][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  589.994881][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  589.999674][T11859]  __sys_recvmmsg+0x5dd/0x610
[  590.004378][T11859]  ? kmsan_get_metadata+0x116/0x180
[  590.009600][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  590.015703][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  590.021875][T11859]  __do_fast_syscall_32+0x129/0x180
[  590.027100][T11859]  do_fast_syscall_32+0x6a/0xc0
[  590.031970][T11859]  do_SYSENTER_32+0x73/0x90
[  590.036499][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  590.042853][T11859] RIP: 0023:0xf7ff7549
[  590.046934][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  590.066547][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  590.075034][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  590.083015][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  590.090998][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  590.098978][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  590.106958][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  590.114957][T11859] Uninit was stored to memory at:
[  590.120178][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  590.126526][T11859]  __msan_chain_origin+0x50/0x90
[  590.131474][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  590.136584][T11859]  get_compat_msghdr+0x108/0x2b0
[  590.141525][T11859]  do_recvmmsg+0xdbb/0x22b0
[  590.146013][T11859]  __sys_recvmmsg+0x5dd/0x610
[  590.150675][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  590.156726][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  590.162873][T11859]  __do_fast_syscall_32+0x129/0x180
[  590.168076][T11859]  do_fast_syscall_32+0x6a/0xc0
[  590.172907][T11859]  do_SYSENTER_32+0x73/0x90
[  590.177395][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  590.183695][T11859] 
[  590.186000][T11859] Uninit was stored to memory at:
[  590.191010][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  590.196725][T11859]  __msan_chain_origin+0x50/0x90
[  590.201650][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  590.206752][T11859]  get_compat_msghdr+0x108/0x2b0
[  590.211710][T11859]  do_recvmmsg+0xdbb/0x22b0
[  590.216318][T11859]  __sys_recvmmsg+0x5dd/0x610
[  590.220995][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  590.227065][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  590.233466][T11859]  __do_fast_syscall_32+0x129/0x180
[  590.238652][T11859]  do_fast_syscall_32+0x6a/0xc0
[  590.243505][T11859]  do_SYSENTER_32+0x73/0x90
[  590.247998][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  590.254303][T11859] 
[  590.256612][T11859] Uninit was stored to memory at:
[  590.261675][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  590.267384][T11859]  __msan_chain_origin+0x50/0x90
[  590.272329][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  590.277428][T11859]  get_compat_msghdr+0x108/0x2b0
[  590.282348][T11859]  do_recvmmsg+0xdbb/0x22b0
[  590.286849][T11859]  __sys_recvmmsg+0x5dd/0x610
[  590.291510][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  590.297560][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  590.303694][T11859]  __do_fast_syscall_32+0x129/0x180
[  590.308873][T11859]  do_fast_syscall_32+0x6a/0xc0
[  590.313715][T11859]  do_SYSENTER_32+0x73/0x90
[  590.318209][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  590.324525][T11859] 
[  590.326833][T11859] Uninit was stored to memory at:
[  590.331845][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  590.337552][T11859]  __msan_chain_origin+0x50/0x90
[  590.342529][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  590.347630][T11859]  get_compat_msghdr+0x108/0x2b0
[  590.352551][T11859]  do_recvmmsg+0xdbb/0x22b0
[  590.357043][T11859]  __sys_recvmmsg+0x5dd/0x610
[  590.362690][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  590.368741][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  590.374883][T11859]  __do_fast_syscall_32+0x129/0x180
[  590.380067][T11859]  do_fast_syscall_32+0x6a/0xc0
[  590.384900][T11859]  do_SYSENTER_32+0x73/0x90
[  590.389407][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  590.395721][T11859] 
[  590.398031][T11859] Uninit was stored to memory at:
[  590.403155][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  590.408860][T11859]  __msan_chain_origin+0x50/0x90
[  590.413796][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  590.418890][T11859]  get_compat_msghdr+0x108/0x2b0
[  590.423811][T11859]  do_recvmmsg+0xdbb/0x22b0
[  590.428303][T11859]  __sys_recvmmsg+0x5dd/0x610
[  590.432977][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  590.439035][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  590.445182][T11859]  __do_fast_syscall_32+0x129/0x180
[  590.450369][T11859]  do_fast_syscall_32+0x6a/0xc0
[  590.455224][T11859]  do_SYSENTER_32+0x73/0x90
[  590.459713][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  590.466012][T11859] 
[  590.468318][T11859] Uninit was stored to memory at:
[  590.473350][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  590.479080][T11859]  __msan_chain_origin+0x50/0x90
[  590.484041][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  590.489177][T11859]  get_compat_msghdr+0x108/0x2b0
[  590.494101][T11859]  do_recvmmsg+0xdbb/0x22b0
[  590.498590][T11859]  __sys_recvmmsg+0x5dd/0x610
[  590.503264][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  590.509324][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  590.515475][T11859]  __do_fast_syscall_32+0x129/0x180
[  590.520657][T11859]  do_fast_syscall_32+0x6a/0xc0
[  590.525491][T11859]  do_SYSENTER_32+0x73/0x90
[  590.529980][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  590.536375][T11859] 
[  590.538685][T11859] Uninit was stored to memory at:
[  590.543698][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  590.549399][T11859]  __msan_chain_origin+0x50/0x90
[  590.554317][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  590.559419][T11859]  get_compat_msghdr+0x108/0x2b0
[  590.564339][T11859]  do_recvmmsg+0xdbb/0x22b0
[  590.569532][T11859]  __sys_recvmmsg+0x5dd/0x610
[  590.574211][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  590.580269][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  590.586408][T11859]  __do_fast_syscall_32+0x129/0x180
[  590.591601][T11859]  do_fast_syscall_32+0x6a/0xc0
[  590.596446][T11859]  do_SYSENTER_32+0x73/0x90
[  590.600959][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  590.607260][T11859] 
[  590.609580][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  590.616237][T11859]  do_recvmmsg+0xbf/0x22b0
[  590.620643][T11859]  do_recvmmsg+0xbf/0x22b0
[  590.781200][T11859] not chained 210000 origins
[  590.785847][T11859] CPU: 0 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  590.794521][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  590.804589][T11859] Call Trace:
[  590.807899][T11859]  dump_stack+0x21c/0x280
[  590.812268][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  590.818048][T11859]  ? kmsan_get_metadata+0x116/0x180
[  590.823294][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  590.828901][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  590.834996][T11859]  ? _copy_from_user+0x201/0x310
[  590.839958][T11859]  ? kmsan_get_metadata+0x116/0x180
[  590.845171][T11859]  __msan_chain_origin+0x50/0x90
[  590.850139][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  590.855896][T11859]  get_compat_msghdr+0x108/0x2b0
[  590.860866][T11859]  do_recvmmsg+0xdbb/0x22b0
[  590.865391][T11859]  ? __msan_get_context_state+0x9/0x20
[  590.870890][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  590.876224][T11859]  ? kmsan_get_metadata+0x116/0x180
[  590.881448][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  590.886753][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  590.891532][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  590.896326][T11859]  __sys_recvmmsg+0x5dd/0x610
[  590.901030][T11859]  ? kmsan_get_metadata+0x116/0x180
[  590.906247][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  590.912340][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  590.918516][T11859]  __do_fast_syscall_32+0x129/0x180
[  590.923741][T11859]  do_fast_syscall_32+0x6a/0xc0
[  590.928628][T11859]  do_SYSENTER_32+0x73/0x90
[  590.933152][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  590.939487][T11859] RIP: 0023:0xf7ff7549
[  590.943574][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  590.963191][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  590.971637][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  590.979618][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  590.987607][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  590.995606][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  591.003609][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  591.011594][T11859] Uninit was stored to memory at:
[  591.016616][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  591.022346][T11859]  __msan_chain_origin+0x50/0x90
[  591.027964][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  591.033066][T11859]  get_compat_msghdr+0x108/0x2b0
[  591.039310][T11859]  do_recvmmsg+0xdbb/0x22b0
[  591.043805][T11859]  __sys_recvmmsg+0x5dd/0x610
[  591.048464][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  591.055467][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  591.061614][T11859]  __do_fast_syscall_32+0x129/0x180
[  591.066795][T11859]  do_fast_syscall_32+0x6a/0xc0
[  591.071635][T11859]  do_SYSENTER_32+0x73/0x90
[  591.076139][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  591.082438][T11859] 
[  591.084745][T11859] Uninit was stored to memory at:
[  591.089768][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  591.095471][T11859]  __msan_chain_origin+0x50/0x90
[  591.100912][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  591.106005][T11859]  get_compat_msghdr+0x108/0x2b0
[  591.111895][T11859]  do_recvmmsg+0xdbb/0x22b0
[  591.116380][T11859]  __sys_recvmmsg+0x5dd/0x610
[  591.121042][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  591.127089][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  591.133323][T11859]  __do_fast_syscall_32+0x129/0x180
[  591.138506][T11859]  do_fast_syscall_32+0x6a/0xc0
[  591.143341][T11859]  do_SYSENTER_32+0x73/0x90
[  591.147828][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  591.154127][T11859] 
[  591.156436][T11859] Uninit was stored to memory at:
[  591.161460][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  591.167162][T11859]  __msan_chain_origin+0x50/0x90
[  591.172094][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  591.177191][T11859]  get_compat_msghdr+0x108/0x2b0
[  591.182139][T11859]  do_recvmmsg+0xdbb/0x22b0
[  591.186624][T11859]  __sys_recvmmsg+0x5dd/0x610
[  591.191288][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  591.197345][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  591.203501][T11859]  __do_fast_syscall_32+0x129/0x180
[  591.208681][T11859]  do_fast_syscall_32+0x6a/0xc0
[  591.213512][T11859]  do_SYSENTER_32+0x73/0x90
[  591.218011][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  591.224324][T11859] 
[  591.226636][T11859] Uninit was stored to memory at:
[  591.231656][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  591.237363][T11859]  __msan_chain_origin+0x50/0x90
[  591.242296][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  591.247402][T11859]  get_compat_msghdr+0x108/0x2b0
[  591.252325][T11859]  do_recvmmsg+0xdbb/0x22b0
[  591.256809][T11859]  __sys_recvmmsg+0x5dd/0x610
[  591.261477][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  591.267524][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  591.273659][T11859]  __do_fast_syscall_32+0x129/0x180
[  591.278840][T11859]  do_fast_syscall_32+0x6a/0xc0
[  591.283679][T11859]  do_SYSENTER_32+0x73/0x90
[  591.288165][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  591.294464][T11859] 
[  591.296789][T11859] Uninit was stored to memory at:
[  591.301798][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  591.307520][T11859]  __msan_chain_origin+0x50/0x90
[  591.312439][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  591.317547][T11859]  get_compat_msghdr+0x108/0x2b0
[  591.322468][T11859]  do_recvmmsg+0xdbb/0x22b0
[  591.327305][T11859]  __sys_recvmmsg+0x5dd/0x610
[  591.331975][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  591.338023][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  591.344156][T11859]  __do_fast_syscall_32+0x129/0x180
[  591.349355][T11859]  do_fast_syscall_32+0x6a/0xc0
[  591.354192][T11859]  do_SYSENTER_32+0x73/0x90
[  591.358697][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  591.365008][T11859] 
[  591.367314][T11859] Uninit was stored to memory at:
[  591.372336][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  591.378042][T11859]  __msan_chain_origin+0x50/0x90
[  591.382960][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  591.388051][T11859]  get_compat_msghdr+0x108/0x2b0
[  591.392971][T11859]  do_recvmmsg+0xdbb/0x22b0
[  591.397459][T11859]  __sys_recvmmsg+0x5dd/0x610
[  591.402120][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  591.408209][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  591.414351][T11859]  __do_fast_syscall_32+0x129/0x180
[  591.419542][T11859]  do_fast_syscall_32+0x6a/0xc0
[  591.424389][T11859]  do_SYSENTER_32+0x73/0x90
[  591.428876][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  591.435178][T11859] 
[  591.437483][T11859] Uninit was stored to memory at:
[  591.442491][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  591.448204][T11859]  __msan_chain_origin+0x50/0x90
[  591.453122][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  591.458218][T11859]  get_compat_msghdr+0x108/0x2b0
[  591.463150][T11859]  do_recvmmsg+0xdbb/0x22b0
[  591.467636][T11859]  __sys_recvmmsg+0x5dd/0x610
[  591.472294][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  591.478346][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  591.484483][T11859]  __do_fast_syscall_32+0x129/0x180
[  591.489665][T11859]  do_fast_syscall_32+0x6a/0xc0
[  591.494503][T11859]  do_SYSENTER_32+0x73/0x90
[  591.499029][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  591.505343][T11859] 
[  591.507672][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  591.514333][T11859]  do_recvmmsg+0xbf/0x22b0
[  591.518755][T11859]  do_recvmmsg+0xbf/0x22b0
[  591.673109][T11859] not chained 220000 origins
[  591.677761][T11859] CPU: 0 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  591.686460][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  591.696536][T11859] Call Trace:
[  591.699852][T11859]  dump_stack+0x21c/0x280
[  591.704214][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  591.709994][T11859]  ? kmsan_get_metadata+0x116/0x180
[  591.715213][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  591.721302][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  591.727425][T11859]  ? _copy_from_user+0x201/0x310
[  591.732388][T11859]  ? kmsan_get_metadata+0x116/0x180
[  591.737607][T11859]  __msan_chain_origin+0x50/0x90
[  591.742570][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  591.747731][T11859]  get_compat_msghdr+0x108/0x2b0
[  591.752736][T11859]  do_recvmmsg+0xdbb/0x22b0
[  591.757268][T11859]  ? __msan_get_context_state+0x9/0x20
[  591.762770][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  591.768090][T11859]  ? kmsan_get_metadata+0x116/0x180
[  591.773320][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  591.778630][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  591.783436][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  591.788230][T11859]  __sys_recvmmsg+0x5dd/0x610
[  591.792937][T11859]  ? kmsan_get_metadata+0x116/0x180
[  591.798160][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  591.804260][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  591.810436][T11859]  __do_fast_syscall_32+0x129/0x180
[  591.815666][T11859]  do_fast_syscall_32+0x6a/0xc0
[  591.820567][T11859]  do_SYSENTER_32+0x73/0x90
[  591.825095][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  591.831434][T11859] RIP: 0023:0xf7ff7549
[  591.835516][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  591.855163][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  591.863591][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  591.871574][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  591.879643][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  591.887632][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  591.895615][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  591.903617][T11859] Uninit was stored to memory at:
[  591.908661][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  591.914400][T11859]  __msan_chain_origin+0x50/0x90
[  591.919354][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  591.924456][T11859]  get_compat_msghdr+0x108/0x2b0
[  591.929402][T11859]  do_recvmmsg+0xdbb/0x22b0
[  591.933887][T11859]  __sys_recvmmsg+0x5dd/0x610
[  591.938554][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  591.944610][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  591.950748][T11859]  __do_fast_syscall_32+0x129/0x180
[  591.956106][T11859]  do_fast_syscall_32+0x6a/0xc0
[  591.960940][T11859]  do_SYSENTER_32+0x73/0x90
[  591.965428][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  591.971729][T11859] 
[  591.974045][T11859] Uninit was stored to memory at:
[  591.979065][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  591.984768][T11859]  __msan_chain_origin+0x50/0x90
[  591.989689][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  591.994794][T11859]  get_compat_msghdr+0x108/0x2b0
[  591.999755][T11859]  do_recvmmsg+0xdbb/0x22b0
[  592.004593][T11859]  __sys_recvmmsg+0x5dd/0x610
[  592.009259][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  592.015334][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  592.021473][T11859]  __do_fast_syscall_32+0x129/0x180
[  592.026753][T11859]  do_fast_syscall_32+0x6a/0xc0
[  592.031798][T11859]  do_SYSENTER_32+0x73/0x90
[  592.036299][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  592.043568][T11859] 
[  592.045875][T11859] Uninit was stored to memory at:
[  592.050890][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  592.056594][T11859]  __msan_chain_origin+0x50/0x90
[  592.061517][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  592.066627][T11859]  get_compat_msghdr+0x108/0x2b0
[  592.071565][T11859]  do_recvmmsg+0xdbb/0x22b0
[  592.076055][T11859]  __sys_recvmmsg+0x5dd/0x610
[  592.080742][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  592.087592][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  592.093767][T11859]  __do_fast_syscall_32+0x129/0x180
[  592.098969][T11859]  do_fast_syscall_32+0x6a/0xc0
[  592.103815][T11859]  do_SYSENTER_32+0x73/0x90
[  592.108321][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  592.114622][T11859] 
[  592.117027][T11859] Uninit was stored to memory at:
[  592.122049][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  592.127770][T11859]  __msan_chain_origin+0x50/0x90
[  592.132704][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  592.137815][T11859]  get_compat_msghdr+0x108/0x2b0
[  592.142740][T11859]  do_recvmmsg+0xdbb/0x22b0
[  592.147242][T11859]  __sys_recvmmsg+0x5dd/0x610
[  592.151904][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  592.157954][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  592.164091][T11859]  __do_fast_syscall_32+0x129/0x180
[  592.169282][T11859]  do_fast_syscall_32+0x6a/0xc0
[  592.174224][T11859]  do_SYSENTER_32+0x73/0x90
[  592.178740][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  592.185079][T11859] 
[  592.187438][T11859] Uninit was stored to memory at:
[  592.192450][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  592.198151][T11859]  __msan_chain_origin+0x50/0x90
[  592.203071][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  592.208179][T11859]  get_compat_msghdr+0x108/0x2b0
[  592.213099][T11859]  do_recvmmsg+0xdbb/0x22b0
[  592.217613][T11859]  __sys_recvmmsg+0x5dd/0x610
[  592.222273][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  592.228445][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  592.234588][T11859]  __do_fast_syscall_32+0x129/0x180
[  592.239770][T11859]  do_fast_syscall_32+0x6a/0xc0
[  592.244601][T11859]  do_SYSENTER_32+0x73/0x90
[  592.249090][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  592.255391][T11859] 
[  592.257710][T11859] Uninit was stored to memory at:
[  592.263427][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  592.269133][T11859]  __msan_chain_origin+0x50/0x90
[  592.274053][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  592.279146][T11859]  get_compat_msghdr+0x108/0x2b0
[  592.284084][T11859]  do_recvmmsg+0xdbb/0x22b0
[  592.288612][T11859]  __sys_recvmmsg+0x5dd/0x610
[  592.293451][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  592.299515][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  592.305668][T11859]  __do_fast_syscall_32+0x129/0x180
[  592.310861][T11859]  do_fast_syscall_32+0x6a/0xc0
[  592.315698][T11859]  do_SYSENTER_32+0x73/0x90
[  592.320246][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  592.326558][T11859] 
[  592.328875][T11859] Uninit was stored to memory at:
[  592.334152][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  592.339875][T11859]  __msan_chain_origin+0x50/0x90
[  592.344803][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  592.349906][T11859]  get_compat_msghdr+0x108/0x2b0
[  592.354827][T11859]  do_recvmmsg+0xdbb/0x22b0
[  592.359314][T11859]  __sys_recvmmsg+0x5dd/0x610
[  592.363975][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  592.370034][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  592.376175][T11859]  __do_fast_syscall_32+0x129/0x180
[  592.381368][T11859]  do_fast_syscall_32+0x6a/0xc0
[  592.386201][T11859]  do_SYSENTER_32+0x73/0x90
[  592.390699][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  592.396998][T11859] 
[  592.399308][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  592.405966][T11859]  do_recvmmsg+0xbf/0x22b0
[  592.410366][T11859]  do_recvmmsg+0xbf/0x22b0
[  592.583876][T11859] not chained 230000 origins
[  592.588505][T11859] CPU: 0 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  592.597195][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  592.607250][T11859] Call Trace:
[  592.610544][T11859]  dump_stack+0x21c/0x280
[  592.614867][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  592.620596][T11859]  ? kmsan_get_metadata+0x116/0x180
[  592.625784][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  592.631320][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  592.637399][T11859]  ? _copy_from_user+0x201/0x310
[  592.642329][T11859]  ? kmsan_get_metadata+0x116/0x180
[  592.647514][T11859]  __msan_chain_origin+0x50/0x90
[  592.652443][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  592.657563][T11859]  get_compat_msghdr+0x108/0x2b0
[  592.662503][T11859]  do_recvmmsg+0xdbb/0x22b0
[  592.666999][T11859]  ? __msan_get_context_state+0x9/0x20
[  592.672457][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  592.677755][T11859]  ? kmsan_get_metadata+0x116/0x180
[  592.682946][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  592.688232][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  592.692978][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  592.697818][T11859]  __sys_recvmmsg+0x5dd/0x610
[  592.702490][T11859]  ? kmsan_get_metadata+0x116/0x180
[  592.707680][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  592.713740][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  592.719891][T11859]  __do_fast_syscall_32+0x129/0x180
[  592.725108][T11859]  do_fast_syscall_32+0x6a/0xc0
[  592.729963][T11859]  do_SYSENTER_32+0x73/0x90
[  592.734464][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  592.740779][T11859] RIP: 0023:0xf7ff7549
[  592.744839][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  592.764428][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  592.772826][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  592.781043][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  592.789001][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  592.796968][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  592.804937][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  592.812912][T11859] Uninit was stored to memory at:
[  592.817936][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  592.823644][T11859]  __msan_chain_origin+0x50/0x90
[  592.828571][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  592.833673][T11859]  get_compat_msghdr+0x108/0x2b0
[  592.838596][T11859]  do_recvmmsg+0xdbb/0x22b0
[  592.843080][T11859]  __sys_recvmmsg+0x5dd/0x610
[  592.847749][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  592.853796][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  592.859944][T11859]  __do_fast_syscall_32+0x129/0x180
[  592.865151][T11859]  do_fast_syscall_32+0x6a/0xc0
[  592.870000][T11859]  do_SYSENTER_32+0x73/0x90
[  592.874486][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  592.880803][T11859] 
[  592.883108][T11859] Uninit was stored to memory at:
[  592.888134][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  592.893849][T11859]  __msan_chain_origin+0x50/0x90
[  592.898773][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  592.903879][T11859]  get_compat_msghdr+0x108/0x2b0
[  592.908814][T11859]  do_recvmmsg+0xdbb/0x22b0
[  592.913324][T11859]  __sys_recvmmsg+0x5dd/0x610
[  592.917996][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  592.924046][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  592.930184][T11859]  __do_fast_syscall_32+0x129/0x180
[  592.935365][T11859]  do_fast_syscall_32+0x6a/0xc0
[  592.940197][T11859]  do_SYSENTER_32+0x73/0x90
[  592.944681][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  592.950983][T11859] 
[  592.953295][T11859] Uninit was stored to memory at:
[  592.958312][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  592.964018][T11859]  __msan_chain_origin+0x50/0x90
[  592.968947][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  592.974043][T11859]  get_compat_msghdr+0x108/0x2b0
[  592.978967][T11859]  do_recvmmsg+0xdbb/0x22b0
[  592.983474][T11859]  __sys_recvmmsg+0x5dd/0x610
[  592.988148][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  592.994211][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  593.000353][T11859]  __do_fast_syscall_32+0x129/0x180
[  593.005545][T11859]  do_fast_syscall_32+0x6a/0xc0
[  593.010376][T11859]  do_SYSENTER_32+0x73/0x90
[  593.016860][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  593.023246][T11859] 
[  593.025552][T11859] Uninit was stored to memory at:
[  593.030569][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  593.036280][T11859]  __msan_chain_origin+0x50/0x90
[  593.041298][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  593.046404][T11859]  get_compat_msghdr+0x108/0x2b0
[  593.051338][T11859]  do_recvmmsg+0xdbb/0x22b0
[  593.055824][T11859]  __sys_recvmmsg+0x5dd/0x610
[  593.060484][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  593.066532][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  593.072669][T11859]  __do_fast_syscall_32+0x129/0x180
[  593.077850][T11859]  do_fast_syscall_32+0x6a/0xc0
[  593.082692][T11859]  do_SYSENTER_32+0x73/0x90
[  593.087178][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  593.093485][T11859] 
[  593.095802][T11859] Uninit was stored to memory at:
[  593.101087][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  593.106792][T11859]  __msan_chain_origin+0x50/0x90
[  593.111710][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  593.116803][T11859]  get_compat_msghdr+0x108/0x2b0
[  593.122070][T11859]  do_recvmmsg+0xdbb/0x22b0
[  593.126558][T11859]  __sys_recvmmsg+0x5dd/0x610
[  593.131223][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  593.137271][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  593.143754][T11859]  __do_fast_syscall_32+0x129/0x180
[  593.148941][T11859]  do_fast_syscall_32+0x6a/0xc0
[  593.153783][T11859]  do_SYSENTER_32+0x73/0x90
[  593.158284][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  593.164591][T11859] 
[  593.166910][T11859] Uninit was stored to memory at:
[  593.171923][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  593.177625][T11859]  __msan_chain_origin+0x50/0x90
[  593.182551][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  593.187659][T11859]  get_compat_msghdr+0x108/0x2b0
[  593.192597][T11859]  do_recvmmsg+0xdbb/0x22b0
[  593.197085][T11859]  __sys_recvmmsg+0x5dd/0x610
[  593.201746][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  593.207802][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  593.213940][T11859]  __do_fast_syscall_32+0x129/0x180
[  593.219142][T11859]  do_fast_syscall_32+0x6a/0xc0
[  593.223976][T11859]  do_SYSENTER_32+0x73/0x90
[  593.228466][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  593.234776][T11859] 
[  593.237084][T11859] Uninit was stored to memory at:
[  593.242103][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  593.247804][T11859]  __msan_chain_origin+0x50/0x90
[  593.252731][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  593.257823][T11859]  get_compat_msghdr+0x108/0x2b0
[  593.262743][T11859]  do_recvmmsg+0xdbb/0x22b0
[  593.267244][T11859]  __sys_recvmmsg+0x5dd/0x610
[  593.271912][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  593.277972][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  593.284129][T11859]  __do_fast_syscall_32+0x129/0x180
[  593.289316][T11859]  do_fast_syscall_32+0x6a/0xc0
[  593.294148][T11859]  do_SYSENTER_32+0x73/0x90
[  593.298657][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  593.304961][T11859] 
[  593.307311][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  593.313972][T11859]  do_recvmmsg+0xbf/0x22b0
[  593.318376][T11859]  do_recvmmsg+0xbf/0x22b0
[  593.618696][T11859] not chained 240000 origins
[  593.624298][T11859] CPU: 1 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  593.632993][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  593.651597][T11859] Call Trace:
[  593.654933][T11859]  dump_stack+0x21c/0x280
[  593.659306][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  593.665090][T11859]  ? kmsan_get_metadata+0x116/0x180
[  593.670374][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  593.675954][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  593.682058][T11859]  ? _copy_from_user+0x201/0x310
[  593.687027][T11859]  ? kmsan_get_metadata+0x116/0x180
[  593.692258][T11859]  __msan_chain_origin+0x50/0x90
[  593.697226][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  593.702385][T11859]  get_compat_msghdr+0x108/0x2b0
[  593.707368][T11859]  do_recvmmsg+0xdbb/0x22b0
[  593.711925][T11859]  ? __msan_get_context_state+0x9/0x20
[  593.717430][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  593.722757][T11859]  ? kmsan_get_metadata+0x116/0x180
[  593.727986][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  593.733317][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  593.738100][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  593.742886][T11859]  __sys_recvmmsg+0x5dd/0x610
[  593.747624][T11859]  ? kmsan_get_metadata+0x116/0x180
[  593.752851][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  593.758946][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  593.765130][T11859]  __do_fast_syscall_32+0x129/0x180
[  593.770351][T11859]  do_fast_syscall_32+0x6a/0xc0
[  593.775222][T11859]  do_SYSENTER_32+0x73/0x90
[  593.779752][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  593.795735][T11859] RIP: 0023:0xf7ff7549
[  593.799820][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  593.820392][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  593.828823][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  593.836811][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  593.844814][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  593.852796][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  593.860777][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  593.868777][T11859] Uninit was stored to memory at:
[  593.873822][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  593.879591][T11859]  __msan_chain_origin+0x50/0x90
[  593.884545][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  593.889675][T11859]  get_compat_msghdr+0x108/0x2b0
[  593.894638][T11859]  do_recvmmsg+0xdbb/0x22b0
[  593.899172][T11859]  __sys_recvmmsg+0x5dd/0x610
[  593.903906][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  593.909995][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  593.916181][T11859]  __do_fast_syscall_32+0x129/0x180
[  593.921421][T11859]  do_fast_syscall_32+0x6a/0xc0
[  593.926290][T11859]  do_SYSENTER_32+0x73/0x90
[  593.930809][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  593.937133][T11859] 
[  593.939466][T11859] Uninit was stored to memory at:
[  593.945082][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  593.950819][T11859]  __msan_chain_origin+0x50/0x90
[  593.955770][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  593.960890][T11859]  get_compat_msghdr+0x108/0x2b0
[  593.965846][T11859]  do_recvmmsg+0xdbb/0x22b0
[  593.970363][T11859]  __sys_recvmmsg+0x5dd/0x610
[  593.975050][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  593.981141][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  593.987312][T11859]  __do_fast_syscall_32+0x129/0x180
[  593.992527][T11859]  do_fast_syscall_32+0x6a/0xc0
[  594.000089][T11859]  do_SYSENTER_32+0x73/0x90
[  594.004658][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  594.010998][T11859] 
[  594.013327][T11859] Uninit was stored to memory at:
[  594.018376][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  594.024107][T11859]  __msan_chain_origin+0x50/0x90
[  594.031321][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  594.036464][T11859]  get_compat_msghdr+0x108/0x2b0
[  594.041436][T11859]  do_recvmmsg+0xdbb/0x22b0
[  594.045952][T11859]  __sys_recvmmsg+0x5dd/0x610
[  594.050639][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  594.056718][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  594.062906][T11859]  __do_fast_syscall_32+0x129/0x180
[  594.068116][T11859]  do_fast_syscall_32+0x6a/0xc0
[  594.072980][T11859]  do_SYSENTER_32+0x73/0x90
[  594.077496][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  594.083819][T11859] 
[  594.086165][T11859] Uninit was stored to memory at:
[  594.091207][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  594.096943][T11859]  __msan_chain_origin+0x50/0x90
[  594.101894][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  594.107030][T11859]  get_compat_msghdr+0x108/0x2b0
[  594.111985][T11859]  do_recvmmsg+0xdbb/0x22b0
[  594.116501][T11859]  __sys_recvmmsg+0x5dd/0x610
[  594.121190][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  594.127283][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  594.133448][T11859]  __do_fast_syscall_32+0x129/0x180
[  594.138850][T11859]  do_fast_syscall_32+0x6a/0xc0
[  594.143717][T11859]  do_SYSENTER_32+0x73/0x90
[  594.148257][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  594.154578][T11859] 
[  594.156955][T11859] Uninit was stored to memory at:
[  594.161999][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  594.167734][T11859]  __msan_chain_origin+0x50/0x90
[  594.172685][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  594.177828][T11859]  get_compat_msghdr+0x108/0x2b0
[  594.182780][T11859]  do_recvmmsg+0xdbb/0x22b0
[  594.187303][T11859]  __sys_recvmmsg+0x5dd/0x610
[  594.191999][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  594.198085][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  594.204255][T11859]  __do_fast_syscall_32+0x129/0x180
[  594.209484][T11859]  do_fast_syscall_32+0x6a/0xc0
[  594.214358][T11859]  do_SYSENTER_32+0x73/0x90
[  594.218882][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  594.225305][T11859] 
[  594.227721][T11859] Uninit was stored to memory at:
[  594.232764][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  594.238551][T11859]  __msan_chain_origin+0x50/0x90
[  594.243791][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  594.248943][T11859]  get_compat_msghdr+0x108/0x2b0
[  594.253914][T11859]  do_recvmmsg+0xdbb/0x22b0
[  594.258438][T11859]  __sys_recvmmsg+0x5dd/0x610
[  594.263132][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  594.269221][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  594.275810][T11859]  __do_fast_syscall_32+0x129/0x180
[  594.281058][T11859]  do_fast_syscall_32+0x6a/0xc0
[  594.285941][T11859]  do_SYSENTER_32+0x73/0x90
[  594.291409][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  594.297733][T11859] 
[  594.300046][T11859] Uninit was stored to memory at:
[  594.305099][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  594.310831][T11859]  __msan_chain_origin+0x50/0x90
[  594.315781][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  594.320942][T11859]  get_compat_msghdr+0x108/0x2b0
[  594.325927][T11859]  do_recvmmsg+0xdbb/0x22b0
[  594.330441][T11859]  __sys_recvmmsg+0x5dd/0x610
[  594.335123][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  594.341196][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  594.347342][T11859]  __do_fast_syscall_32+0x129/0x180
[  594.352549][T11859]  do_fast_syscall_32+0x6a/0xc0
[  594.357409][T11859]  do_SYSENTER_32+0x73/0x90
[  594.361926][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  594.368241][T11859] 
[  594.370573][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  594.377240][T11859]  do_recvmmsg+0xbf/0x22b0
[  594.381641][T11859]  do_recvmmsg+0xbf/0x22b0
[  594.531834][T11859] not chained 250000 origins
[  594.536468][T11859] CPU: 1 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  594.545162][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  594.555227][T11859] Call Trace:
[  594.558542][T11859]  dump_stack+0x21c/0x280
[  594.562906][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  594.568672][T11859]  ? kmsan_get_metadata+0x116/0x180
[  594.573878][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  594.579433][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  594.585511][T11859]  ? _copy_from_user+0x201/0x310
[  594.590457][T11859]  ? kmsan_get_metadata+0x116/0x180
[  594.595669][T11859]  __msan_chain_origin+0x50/0x90
[  594.600622][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  594.605775][T11859]  get_compat_msghdr+0x108/0x2b0
[  594.610752][T11859]  do_recvmmsg+0xdbb/0x22b0
[  594.615270][T11859]  ? __msan_get_context_state+0x9/0x20
[  594.620754][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  594.626058][T11859]  ? kmsan_get_metadata+0x116/0x180
[  594.631278][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  594.636606][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  594.641372][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  594.646166][T11859]  __sys_recvmmsg+0x5dd/0x610
[  594.650875][T11859]  ? kmsan_get_metadata+0x116/0x180
[  594.656095][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  594.662180][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  594.668347][T11859]  __do_fast_syscall_32+0x129/0x180
[  594.673572][T11859]  do_fast_syscall_32+0x6a/0xc0
[  594.678421][T11859]  do_SYSENTER_32+0x73/0x90
[  594.682919][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  594.689250][T11859] RIP: 0023:0xf7ff7549
[  594.693329][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  594.712936][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  594.721354][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  594.729330][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  594.737306][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  594.745272][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  594.753245][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  594.761229][T11859] Uninit was stored to memory at:
[  594.766282][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  594.772021][T11859]  __msan_chain_origin+0x50/0x90
[  594.777050][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  594.782178][T11859]  get_compat_msghdr+0x108/0x2b0
[  594.787118][T11859]  do_recvmmsg+0xdbb/0x22b0
[  594.791633][T11859]  __sys_recvmmsg+0x5dd/0x610
[  594.796308][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  594.802403][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  594.808550][T11859]  __do_fast_syscall_32+0x129/0x180
[  594.813734][T11859]  do_fast_syscall_32+0x6a/0xc0
[  594.818579][T11859]  do_SYSENTER_32+0x73/0x90
[  594.823086][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  594.829392][T11859] 
[  594.831723][T11859] Uninit was stored to memory at:
[  594.836745][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  594.842468][T11859]  __msan_chain_origin+0x50/0x90
[  594.851489][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  594.856584][T11859]  get_compat_msghdr+0x108/0x2b0
[  594.861524][T11859]  do_recvmmsg+0xdbb/0x22b0
[  594.866034][T11859]  __sys_recvmmsg+0x5dd/0x610
[  594.870719][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  594.876788][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  594.882954][T11859]  __do_fast_syscall_32+0x129/0x180
[  594.888158][T11859]  do_fast_syscall_32+0x6a/0xc0
[  594.893013][T11859]  do_SYSENTER_32+0x73/0x90
[  594.897526][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  594.903852][T11859] 
[  594.906175][T11859] Uninit was stored to memory at:
[  594.911229][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  594.916944][T11859]  __msan_chain_origin+0x50/0x90
[  594.921891][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  594.927023][T11859]  get_compat_msghdr+0x108/0x2b0
[  594.932051][T11859]  do_recvmmsg+0xdbb/0x22b0
[  594.936550][T11859]  __sys_recvmmsg+0x5dd/0x610
[  594.941213][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  594.947298][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  594.953458][T11859]  __do_fast_syscall_32+0x129/0x180
[  594.958683][T11859]  do_fast_syscall_32+0x6a/0xc0
[  594.963543][T11859]  do_SYSENTER_32+0x73/0x90
[  594.968054][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  594.974360][T11859] 
[  594.976678][T11859] Uninit was stored to memory at:
[  594.981723][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  594.987442][T11859]  __msan_chain_origin+0x50/0x90
[  594.992366][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  594.997478][T11859]  get_compat_msghdr+0x108/0x2b0
[  595.002451][T11859]  do_recvmmsg+0xdbb/0x22b0
[  595.006964][T11859]  __sys_recvmmsg+0x5dd/0x610
[  595.011679][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  595.017760][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  595.023913][T11859]  __do_fast_syscall_32+0x129/0x180
[  595.029123][T11859]  do_fast_syscall_32+0x6a/0xc0
[  595.033961][T11859]  do_SYSENTER_32+0x73/0x90
[  595.038461][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  595.044766][T11859] 
[  595.047085][T11859] Uninit was stored to memory at:
[  595.052177][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  595.057894][T11859]  __msan_chain_origin+0x50/0x90
[  595.062825][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  595.067949][T11859]  get_compat_msghdr+0x108/0x2b0
[  595.072887][T11859]  do_recvmmsg+0xdbb/0x22b0
[  595.077391][T11859]  __sys_recvmmsg+0x5dd/0x610
[  595.082051][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  595.088116][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  595.094287][T11859]  __do_fast_syscall_32+0x129/0x180
[  595.099472][T11859]  do_fast_syscall_32+0x6a/0xc0
[  595.104319][T11859]  do_SYSENTER_32+0x73/0x90
[  595.108824][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  595.115145][T11859] 
[  595.117470][T11859] Uninit was stored to memory at:
[  595.122482][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  595.128190][T11859]  __msan_chain_origin+0x50/0x90
[  595.133114][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  595.138210][T11859]  get_compat_msghdr+0x108/0x2b0
[  595.143144][T11859]  do_recvmmsg+0xdbb/0x22b0
[  595.147636][T11859]  __sys_recvmmsg+0x5dd/0x610
[  595.152313][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  595.158377][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  595.164535][T11859]  __do_fast_syscall_32+0x129/0x180
[  595.169722][T11859]  do_fast_syscall_32+0x6a/0xc0
[  595.174556][T11859]  do_SYSENTER_32+0x73/0x90
[  595.179054][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  595.185364][T11859] 
[  595.187687][T11859] Uninit was stored to memory at:
[  595.192703][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  595.198424][T11859]  __msan_chain_origin+0x50/0x90
[  595.204247][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  595.210058][T11859]  get_compat_msghdr+0x108/0x2b0
[  595.215448][T11859]  do_recvmmsg+0xdbb/0x22b0
[  595.219955][T11859]  __sys_recvmmsg+0x5dd/0x610
[  595.224620][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  595.230684][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  595.236842][T11859]  __do_fast_syscall_32+0x129/0x180
[  595.242037][T11859]  do_fast_syscall_32+0x6a/0xc0
[  595.246887][T11859]  do_SYSENTER_32+0x73/0x90
[  595.251395][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  595.257712][T11859] 
[  595.260037][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  595.266714][T11859]  do_recvmmsg+0xbf/0x22b0
[  595.271219][T11859]  do_recvmmsg+0xbf/0x22b0
[  595.426339][T11859] not chained 260000 origins
[  595.430995][T11859] CPU: 1 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  595.440556][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  595.450630][T11859] Call Trace:
[  595.453964][T11859]  dump_stack+0x21c/0x280
[  595.458323][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  595.464119][T11859]  ? kmsan_get_metadata+0x116/0x180
[  595.469356][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  595.474946][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  595.481040][T11859]  ? _copy_from_user+0x201/0x310
[  595.486004][T11859]  ? kmsan_get_metadata+0x116/0x180
[  595.491229][T11859]  __msan_chain_origin+0x50/0x90
[  595.496194][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  595.501349][T11859]  get_compat_msghdr+0x108/0x2b0
[  595.506322][T11859]  do_recvmmsg+0xdbb/0x22b0
[  595.510851][T11859]  ? __msan_get_context_state+0x9/0x20
[  595.516352][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  595.521672][T11859]  ? kmsan_get_metadata+0x116/0x180
[  595.526896][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  595.532206][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  595.536985][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  595.541773][T11859]  __sys_recvmmsg+0x5dd/0x610
[  595.546484][T11859]  ? kmsan_get_metadata+0x116/0x180
[  595.551702][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  595.557797][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  595.564943][T11859]  __do_fast_syscall_32+0x129/0x180
[  595.570163][T11859]  do_fast_syscall_32+0x6a/0xc0
[  595.575068][T11859]  do_SYSENTER_32+0x73/0x90
[  595.579858][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  595.586202][T11859] RIP: 0023:0xf7ff7549
[  595.590316][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  595.610119][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  595.618560][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  595.632133][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  595.640126][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  595.648112][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  595.657233][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  595.665230][T11859] Uninit was stored to memory at:
[  595.670275][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  595.676008][T11859]  __msan_chain_origin+0x50/0x90
[  595.680955][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  595.686071][T11859]  get_compat_msghdr+0x108/0x2b0
[  595.691022][T11859]  do_recvmmsg+0xdbb/0x22b0
[  595.695798][T11859]  __sys_recvmmsg+0x5dd/0x610
[  595.700564][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  595.706645][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  595.712810][T11859]  __do_fast_syscall_32+0x129/0x180
[  595.718019][T11859]  do_fast_syscall_32+0x6a/0xc0
[  595.722880][T11859]  do_SYSENTER_32+0x73/0x90
[  595.727396][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  595.733773][T11859] 
[  595.736102][T11859] Uninit was stored to memory at:
[  595.741149][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  595.746885][T11859]  __msan_chain_origin+0x50/0x90
[  595.751832][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  595.756972][T11859]  get_compat_msghdr+0x108/0x2b0
[  595.761944][T11859]  do_recvmmsg+0xdbb/0x22b0
[  595.766458][T11859]  __sys_recvmmsg+0x5dd/0x610
[  595.771145][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  595.777231][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  595.783396][T11859]  __do_fast_syscall_32+0x129/0x180
[  595.788608][T11859]  do_fast_syscall_32+0x6a/0xc0
[  595.793474][T11859]  do_SYSENTER_32+0x73/0x90
[  595.797990][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  595.804311][T11859] 
[  595.806641][T11859] Uninit was stored to memory at:
[  595.811681][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  595.817413][T11859]  __msan_chain_origin+0x50/0x90
[  595.822358][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  595.827482][T11859]  get_compat_msghdr+0x108/0x2b0
[  595.832608][T11859]  do_recvmmsg+0xdbb/0x22b0
[  595.837124][T11859]  __sys_recvmmsg+0x5dd/0x610
[  595.841811][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  595.847892][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  595.854057][T11859]  __do_fast_syscall_32+0x129/0x180
[  595.859272][T11859]  do_fast_syscall_32+0x6a/0xc0
[  595.864138][T11859]  do_SYSENTER_32+0x73/0x90
[  595.868663][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  595.874982][T11859] 
[  595.877313][T11859] Uninit was stored to memory at:
[  595.882354][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  595.888090][T11859]  __msan_chain_origin+0x50/0x90
[  595.893042][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  595.898206][T11859]  get_compat_msghdr+0x108/0x2b0
[  595.903163][T11859]  do_recvmmsg+0xdbb/0x22b0
[  595.907688][T11859]  __sys_recvmmsg+0x5dd/0x610
[  595.912400][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  595.918485][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  595.924655][T11859]  __do_fast_syscall_32+0x129/0x180
[  595.929882][T11859]  do_fast_syscall_32+0x6a/0xc0
[  595.934745][T11859]  do_SYSENTER_32+0x73/0x90
[  595.939260][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  595.945581][T11859] 
[  595.947910][T11859] Uninit was stored to memory at:
[  595.952948][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  595.958938][T11859]  __msan_chain_origin+0x50/0x90
[  595.963888][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  595.969030][T11859]  get_compat_msghdr+0x108/0x2b0
[  595.973984][T11859]  do_recvmmsg+0xdbb/0x22b0
[  595.978501][T11859]  __sys_recvmmsg+0x5dd/0x610
[  595.983205][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  595.989298][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  595.995464][T11859]  __do_fast_syscall_32+0x129/0x180
[  596.000672][T11859]  do_fast_syscall_32+0x6a/0xc0
[  596.005586][T11859]  do_SYSENTER_32+0x73/0x90
[  596.010107][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  596.017035][T11859] 
[  596.019364][T11859] Uninit was stored to memory at:
[  596.024408][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  596.030141][T11859]  __msan_chain_origin+0x50/0x90
[  596.035096][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  596.040206][T11859]  get_compat_msghdr+0x108/0x2b0
[  596.045144][T11859]  do_recvmmsg+0xdbb/0x22b0
[  596.049660][T11859]  __sys_recvmmsg+0x5dd/0x610
[  596.054330][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  596.060398][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  596.066540][T11859]  __do_fast_syscall_32+0x129/0x180
[  596.071738][T11859]  do_fast_syscall_32+0x6a/0xc0
[  596.076587][T11859]  do_SYSENTER_32+0x73/0x90
[  596.081092][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  596.087411][T11859] 
[  596.089718][T11859] Uninit was stored to memory at:
[  596.094751][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  596.100490][T11859]  __msan_chain_origin+0x50/0x90
[  596.105428][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  596.110520][T11859]  get_compat_msghdr+0x108/0x2b0
[  596.115452][T11859]  do_recvmmsg+0xdbb/0x22b0
[  596.119952][T11859]  __sys_recvmmsg+0x5dd/0x610
[  596.124611][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  596.130926][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  596.137082][T11859]  __do_fast_syscall_32+0x129/0x180
[  596.142278][T11859]  do_fast_syscall_32+0x6a/0xc0
[  596.147116][T11859]  do_SYSENTER_32+0x73/0x90
[  596.151618][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  596.158010][T11859] 
[  596.160352][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  596.167016][T11859]  do_recvmmsg+0xbf/0x22b0
[  596.171428][T11859]  do_recvmmsg+0xbf/0x22b0
[  596.351351][T11859] not chained 270000 origins
[  596.355989][T11859] CPU: 1 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  596.364662][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  596.374708][T11859] Call Trace:
[  596.378021][T11859]  dump_stack+0x21c/0x280
[  596.382351][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  596.388114][T11859]  ? kmsan_get_metadata+0x116/0x180
[  596.393338][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  596.398977][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  596.405066][T11859]  ? _copy_from_user+0x201/0x310
[  596.410039][T11859]  ? kmsan_get_metadata+0x116/0x180
[  596.416206][T11859]  __msan_chain_origin+0x50/0x90
[  596.421168][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  596.426309][T11859]  get_compat_msghdr+0x108/0x2b0
[  596.431281][T11859]  do_recvmmsg+0xdbb/0x22b0
[  596.436245][T11859]  ? __msan_get_context_state+0x9/0x20
[  596.441720][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  596.447024][T11859]  ? kmsan_get_metadata+0x116/0x180
[  596.452227][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  596.457505][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  596.462271][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  596.467043][T11859]  __sys_recvmmsg+0x5dd/0x610
[  596.471732][T11859]  ? kmsan_get_metadata+0x116/0x180
[  596.477443][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  596.483517][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  596.489676][T11859]  __do_fast_syscall_32+0x129/0x180
[  596.494865][T11859]  do_fast_syscall_32+0x6a/0xc0
[  596.506066][T11859]  do_SYSENTER_32+0x73/0x90
[  596.510580][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  596.516915][T11859] RIP: 0023:0xf7ff7549
[  596.520968][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  596.540572][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  596.540603][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  596.540619][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  596.540633][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  596.540646][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  596.540659][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  596.540688][T11859] Uninit was stored to memory at:
[  596.540718][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  596.540738][T11859]  __msan_chain_origin+0x50/0x90
[  596.540758][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  596.540820][T11859]  get_compat_msghdr+0x108/0x2b0
[  596.615761][T11859]  do_recvmmsg+0xdbb/0x22b0
[  596.620251][T11859]  __sys_recvmmsg+0x5dd/0x610
[  596.624922][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  596.630987][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  596.637137][T11859]  __do_fast_syscall_32+0x129/0x180
[  596.642345][T11859]  do_fast_syscall_32+0x6a/0xc0
[  596.647226][T11859]  do_SYSENTER_32+0x73/0x90
[  596.651740][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  596.658229][T11859] 
[  596.660542][T11859] Uninit was stored to memory at:
[  596.665568][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  596.671312][T11859]  __msan_chain_origin+0x50/0x90
[  596.676252][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  596.681344][T11859]  get_compat_msghdr+0x108/0x2b0
[  596.686278][T11859]  do_recvmmsg+0xdbb/0x22b0
[  596.690789][T11859]  __sys_recvmmsg+0x5dd/0x610
[  596.695457][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  596.701505][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  596.707668][T11859]  __do_fast_syscall_32+0x129/0x180
[  596.712863][T11859]  do_fast_syscall_32+0x6a/0xc0
[  596.717710][T11859]  do_SYSENTER_32+0x73/0x90
[  596.722220][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  596.728566][T11859] 
[  596.730884][T11859] Uninit was stored to memory at:
[  596.735909][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  596.741614][T11859]  __msan_chain_origin+0x50/0x90
[  596.746546][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  596.751659][T11859]  get_compat_msghdr+0x108/0x2b0
[  596.756601][T11859]  do_recvmmsg+0xdbb/0x22b0
[  596.761101][T11859]  __sys_recvmmsg+0x5dd/0x610
[  596.765777][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  596.771854][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  596.777994][T11859]  __do_fast_syscall_32+0x129/0x180
[  596.783174][T11859]  do_fast_syscall_32+0x6a/0xc0
[  596.788018][T11859]  do_SYSENTER_32+0x73/0x90
[  596.792525][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  596.798837][T11859] 
[  596.801152][T11859] Uninit was stored to memory at:
[  596.806175][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  596.811900][T11859]  __msan_chain_origin+0x50/0x90
[  596.816823][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  596.821924][T11859]  get_compat_msghdr+0x108/0x2b0
[  596.826859][T11859]  do_recvmmsg+0xdbb/0x22b0
[  596.831366][T11859]  __sys_recvmmsg+0x5dd/0x610
[  596.836031][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  596.843036][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  596.849175][T11859]  __do_fast_syscall_32+0x129/0x180
[  596.854365][T11859]  do_fast_syscall_32+0x6a/0xc0
[  596.859199][T11859]  do_SYSENTER_32+0x73/0x90
[  596.863686][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  596.869993][T11859] 
[  596.872348][T11859] Uninit was stored to memory at:
[  596.877385][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  596.883087][T11859]  __msan_chain_origin+0x50/0x90
[  596.888702][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  596.893795][T11859]  get_compat_msghdr+0x108/0x2b0
[  596.898729][T11859]  do_recvmmsg+0xdbb/0x22b0
[  596.903215][T11859]  __sys_recvmmsg+0x5dd/0x610
[  596.907887][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  596.914907][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  596.921046][T11859]  __do_fast_syscall_32+0x129/0x180
[  596.926247][T11859]  do_fast_syscall_32+0x6a/0xc0
[  596.931101][T11859]  do_SYSENTER_32+0x73/0x90
[  596.935590][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  596.941898][T11859] 
[  596.944214][T11859] Uninit was stored to memory at:
[  596.949241][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  596.954978][T11859]  __msan_chain_origin+0x50/0x90
[  596.959913][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  596.965017][T11859]  get_compat_msghdr+0x108/0x2b0
[  596.969965][T11859]  do_recvmmsg+0xdbb/0x22b0
[  596.974467][T11859]  __sys_recvmmsg+0x5dd/0x610
[  596.979143][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  596.985221][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  596.991392][T11859]  __do_fast_syscall_32+0x129/0x180
[  596.996577][T11859]  do_fast_syscall_32+0x6a/0xc0
[  597.001421][T11859]  do_SYSENTER_32+0x73/0x90
[  597.005923][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  597.012247][T11859] 
[  597.014554][T11859] Uninit was stored to memory at:
[  597.019567][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  597.025310][T11859]  __msan_chain_origin+0x50/0x90
[  597.030242][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  597.035338][T11859]  get_compat_msghdr+0x108/0x2b0
[  597.040258][T11859]  do_recvmmsg+0xdbb/0x22b0
[  597.044750][T11859]  __sys_recvmmsg+0x5dd/0x610
[  597.049552][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  597.055618][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  597.061774][T11859]  __do_fast_syscall_32+0x129/0x180
[  597.066986][T11859]  do_fast_syscall_32+0x6a/0xc0
[  597.071834][T11859]  do_SYSENTER_32+0x73/0x90
[  597.076334][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  597.082655][T11859] 
[  597.084967][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  597.091657][T11859]  do_recvmmsg+0xbf/0x22b0
[  597.096090][T11859]  do_recvmmsg+0xbf/0x22b0
[  597.343648][T11859] not chained 280000 origins
[  597.348304][T11859] CPU: 1 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  597.356998][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  597.368016][T11859] Call Trace:
[  597.371332][T11859]  dump_stack+0x21c/0x280
[  597.375703][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  597.381480][T11859]  ? kmsan_get_metadata+0x116/0x180
[  597.386749][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  597.392320][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  597.398411][T11859]  ? _copy_from_user+0x201/0x310
[  597.403389][T11859]  ? kmsan_get_metadata+0x116/0x180
[  597.408652][T11859]  __msan_chain_origin+0x50/0x90
[  597.413620][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  597.418777][T11859]  get_compat_msghdr+0x108/0x2b0
[  597.423751][T11859]  do_recvmmsg+0xdbb/0x22b0
[  597.428287][T11859]  ? __msan_get_context_state+0x9/0x20
[  597.433783][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  597.439106][T11859]  ? kmsan_get_metadata+0x116/0x180
[  597.444331][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  597.449646][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  597.454428][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  597.459215][T11859]  __sys_recvmmsg+0x5dd/0x610
[  597.464305][T11859]  ? kmsan_get_metadata+0x116/0x180
[  597.469528][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  597.475638][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  597.481813][T11859]  __do_fast_syscall_32+0x129/0x180
[  597.487038][T11859]  do_fast_syscall_32+0x6a/0xc0
[  597.491891][T11859]  do_SYSENTER_32+0x73/0x90
[  597.496393][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  597.502701][T11859] RIP: 0023:0xf7ff7549
[  597.506772][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  597.526375][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  597.534788][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  597.542744][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  597.550716][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  597.558682][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  597.566649][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  597.574621][T11859] Uninit was stored to memory at:
[  597.579636][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  597.585353][T11859]  __msan_chain_origin+0x50/0x90
[  597.590288][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  597.595398][T11859]  get_compat_msghdr+0x108/0x2b0
[  597.600352][T11859]  do_recvmmsg+0xdbb/0x22b0
[  597.604866][T11859]  __sys_recvmmsg+0x5dd/0x610
[  597.609553][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  597.615616][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  597.621772][T11859]  __do_fast_syscall_32+0x129/0x180
[  597.626965][T11859]  do_fast_syscall_32+0x6a/0xc0
[  597.631814][T11859]  do_SYSENTER_32+0x73/0x90
[  597.636319][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  597.642638][T11859] 
[  597.644946][T11859] Uninit was stored to memory at:
[  597.649969][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  597.655682][T11859]  __msan_chain_origin+0x50/0x90
[  597.660600][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  597.665694][T11859]  get_compat_msghdr+0x108/0x2b0
[  597.670619][T11859]  do_recvmmsg+0xdbb/0x22b0
[  597.675119][T11859]  __sys_recvmmsg+0x5dd/0x610
[  597.679818][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  597.685883][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  597.692031][T11859]  __do_fast_syscall_32+0x129/0x180
[  597.697228][T11859]  do_fast_syscall_32+0x6a/0xc0
[  597.702060][T11859]  do_SYSENTER_32+0x73/0x90
[  597.706558][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  597.712858][T11859] 
[  597.715169][T11859] Uninit was stored to memory at:
[  597.720183][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  597.725883][T11859]  __msan_chain_origin+0x50/0x90
[  597.730802][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  597.735909][T11859]  get_compat_msghdr+0x108/0x2b0
[  597.740856][T11859]  do_recvmmsg+0xdbb/0x22b0
[  597.745360][T11859]  __sys_recvmmsg+0x5dd/0x610
[  597.750135][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  597.756218][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  597.762372][T11859]  __do_fast_syscall_32+0x129/0x180
[  597.767555][T11859]  do_fast_syscall_32+0x6a/0xc0
[  597.772400][T11859]  do_SYSENTER_32+0x73/0x90
[  597.776887][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  597.783199][T11859] 
[  597.785521][T11859] Uninit was stored to memory at:
[  597.790545][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  597.796337][T11859]  __msan_chain_origin+0x50/0x90
[  597.801271][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  597.806374][T11859]  get_compat_msghdr+0x108/0x2b0
[  597.811293][T11859]  do_recvmmsg+0xdbb/0x22b0
[  597.815778][T11859]  __sys_recvmmsg+0x5dd/0x610
[  597.820523][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  597.826575][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  597.832711][T11859]  __do_fast_syscall_32+0x129/0x180
[  597.837893][T11859]  do_fast_syscall_32+0x6a/0xc0
[  597.842728][T11859]  do_SYSENTER_32+0x73/0x90
[  597.847234][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  597.853551][T11859] 
[  597.855864][T11859] Uninit was stored to memory at:
[  597.860888][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  597.866608][T11859]  __msan_chain_origin+0x50/0x90
[  597.871535][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  597.876636][T11859]  get_compat_msghdr+0x108/0x2b0
[  597.881569][T11859]  do_recvmmsg+0xdbb/0x22b0
[  597.886054][T11859]  __sys_recvmmsg+0x5dd/0x610
[  597.890713][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  597.896763][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  597.902913][T11859]  __do_fast_syscall_32+0x129/0x180
[  597.908097][T11859]  do_fast_syscall_32+0x6a/0xc0
[  597.912933][T11859]  do_SYSENTER_32+0x73/0x90
[  597.917950][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  597.924262][T11859] 
[  597.926575][T11859] Uninit was stored to memory at:
[  597.931592][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  597.937314][T11859]  __msan_chain_origin+0x50/0x90
[  597.942606][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  597.947704][T11859]  get_compat_msghdr+0x108/0x2b0
[  597.952628][T11859]  do_recvmmsg+0xdbb/0x22b0
[  597.957224][T11859]  __sys_recvmmsg+0x5dd/0x610
[  597.961903][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  597.967967][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  597.974133][T11859]  __do_fast_syscall_32+0x129/0x180
[  597.979348][T11859]  do_fast_syscall_32+0x6a/0xc0
[  597.984186][T11859]  do_SYSENTER_32+0x73/0x90
[  597.988678][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  597.994983][T11859] 
[  597.997323][T11859] Uninit was stored to memory at:
[  598.002338][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  598.008042][T11859]  __msan_chain_origin+0x50/0x90
[  598.012961][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  598.018066][T11859]  get_compat_msghdr+0x108/0x2b0
[  598.022999][T11859]  do_recvmmsg+0xdbb/0x22b0
[  598.027501][T11859]  __sys_recvmmsg+0x5dd/0x610
[  598.032173][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  598.038242][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  598.044381][T11859]  __do_fast_syscall_32+0x129/0x180
[  598.049585][T11859]  do_fast_syscall_32+0x6a/0xc0
[  598.054418][T11859]  do_SYSENTER_32+0x73/0x90
[  598.058908][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  598.065244][T11859] 
[  598.067576][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  598.074272][T11859]  do_recvmmsg+0xbf/0x22b0
[  598.078695][T11859]  do_recvmmsg+0xbf/0x22b0
[  598.374281][T11859] not chained 290000 origins
[  598.378938][T11859] CPU: 1 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  598.387615][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  598.397704][T11859] Call Trace:
[  598.401034][T11859]  dump_stack+0x21c/0x280
[  598.405402][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  598.411179][T11859]  ? kmsan_get_metadata+0x116/0x180
[  598.416427][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  598.422029][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  598.428113][T11859]  ? _copy_from_user+0x201/0x310
[  598.433045][T11859]  ? kmsan_get_metadata+0x116/0x180
[  598.438254][T11859]  __msan_chain_origin+0x50/0x90
[  598.443187][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  598.448319][T11859]  get_compat_msghdr+0x108/0x2b0
[  598.453258][T11859]  do_recvmmsg+0xdbb/0x22b0
[  598.457759][T11859]  ? __msan_get_context_state+0x9/0x20
[  598.463228][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  598.468511][T11859]  ? kmsan_get_metadata+0x116/0x180
[  598.473700][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  598.478980][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  598.483728][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  598.488617][T11859]  __sys_recvmmsg+0x5dd/0x610
[  598.493301][T11859]  ? kmsan_get_metadata+0x116/0x180
[  598.498512][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  598.504615][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  598.511315][T11859]  __do_fast_syscall_32+0x129/0x180
[  598.516530][T11859]  do_fast_syscall_32+0x6a/0xc0
[  598.521411][T11859]  do_SYSENTER_32+0x73/0x90
[  598.525911][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  598.532221][T11859] RIP: 0023:0xf7ff7549
[  598.536292][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  598.555917][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  598.564338][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  598.572307][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  598.580264][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  598.588222][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  598.596180][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  598.604248][T11859] Uninit was stored to memory at:
[  598.609280][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  598.615000][T11859]  __msan_chain_origin+0x50/0x90
[  598.619956][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  598.625070][T11859]  get_compat_msghdr+0x108/0x2b0
[  598.630022][T11859]  do_recvmmsg+0xdbb/0x22b0
[  598.634542][T11859]  __sys_recvmmsg+0x5dd/0x610
[  598.639222][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  598.645354][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  598.651623][T11859]  __do_fast_syscall_32+0x129/0x180
[  598.656811][T11859]  do_fast_syscall_32+0x6a/0xc0
[  598.661648][T11859]  do_SYSENTER_32+0x73/0x90
[  598.666150][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  598.672454][T11859] 
[  598.674765][T11859] Uninit was stored to memory at:
[  598.679787][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  598.685495][T11859]  __msan_chain_origin+0x50/0x90
[  598.690440][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  598.695555][T11859]  get_compat_msghdr+0x108/0x2b0
[  598.700481][T11859]  do_recvmmsg+0xdbb/0x22b0
[  598.704978][T11859]  __sys_recvmmsg+0x5dd/0x610
[  598.709656][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  598.715747][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  598.721908][T11859]  __do_fast_syscall_32+0x129/0x180
[  598.727108][T11859]  do_fast_syscall_32+0x6a/0xc0
[  598.731961][T11859]  do_SYSENTER_32+0x73/0x90
[  598.736464][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  598.742781][T11859] 
[  598.745097][T11859] Uninit was stored to memory at:
[  598.750139][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  598.755844][T11859]  __msan_chain_origin+0x50/0x90
[  598.760775][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  598.765870][T11859]  get_compat_msghdr+0x108/0x2b0
[  598.770794][T11859]  do_recvmmsg+0xdbb/0x22b0
[  598.775298][T11859]  __sys_recvmmsg+0x5dd/0x610
[  598.779970][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  598.786019][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  598.792175][T11859]  __do_fast_syscall_32+0x129/0x180
[  598.797374][T11859]  do_fast_syscall_32+0x6a/0xc0
[  598.802240][T11859]  do_SYSENTER_32+0x73/0x90
[  598.806751][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  598.813062][T11859] 
[  598.815371][T11859] Uninit was stored to memory at:
[  598.820385][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  598.826091][T11859]  __msan_chain_origin+0x50/0x90
[  598.831009][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  598.836117][T11859]  get_compat_msghdr+0x108/0x2b0
[  598.841064][T11859]  do_recvmmsg+0xdbb/0x22b0
[  598.845572][T11859]  __sys_recvmmsg+0x5dd/0x610
[  598.850262][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  598.856341][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  598.862492][T11859]  __do_fast_syscall_32+0x129/0x180
[  598.867687][T11859]  do_fast_syscall_32+0x6a/0xc0
[  598.872537][T11859]  do_SYSENTER_32+0x73/0x90
[  598.877026][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  598.883941][T11859] 
[  598.886252][T11859] Uninit was stored to memory at:
[  598.891268][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  598.896974][T11859]  __msan_chain_origin+0x50/0x90
[  598.901911][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  598.907020][T11859]  get_compat_msghdr+0x108/0x2b0
[  598.911942][T11859]  do_recvmmsg+0xdbb/0x22b0
[  598.916436][T11859]  __sys_recvmmsg+0x5dd/0x610
[  598.921881][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  598.927935][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  598.934075][T11859]  __do_fast_syscall_32+0x129/0x180
[  598.939283][T11859]  do_fast_syscall_32+0x6a/0xc0
[  598.944136][T11859]  do_SYSENTER_32+0x73/0x90
[  598.948642][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  598.954959][T11859] 
[  598.957287][T11859] Uninit was stored to memory at:
[  598.962331][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  598.968050][T11859]  __msan_chain_origin+0x50/0x90
[  598.972972][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  598.978066][T11859]  get_compat_msghdr+0x108/0x2b0
[  598.983004][T11859]  do_recvmmsg+0xdbb/0x22b0
[  598.987509][T11859]  __sys_recvmmsg+0x5dd/0x610
[  598.992179][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  598.998230][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  599.005174][T11859]  __do_fast_syscall_32+0x129/0x180
[  599.010375][T11859]  do_fast_syscall_32+0x6a/0xc0
[  599.015223][T11859]  do_SYSENTER_32+0x73/0x90
[  599.019737][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  599.026039][T11859] 
[  599.028367][T11859] Uninit was stored to memory at:
[  599.033400][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  599.039104][T11859]  __msan_chain_origin+0x50/0x90
[  599.044024][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  599.049127][T11859]  get_compat_msghdr+0x108/0x2b0
[  599.054049][T11859]  do_recvmmsg+0xdbb/0x22b0
[  599.058536][T11859]  __sys_recvmmsg+0x5dd/0x610
[  599.063196][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  599.069260][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  599.075429][T11859]  __do_fast_syscall_32+0x129/0x180
[  599.081574][T11859]  do_fast_syscall_32+0x6a/0xc0
[  599.086419][T11859]  do_SYSENTER_32+0x73/0x90
[  599.090907][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  599.097217][T11859] 
[  599.099558][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  599.106218][T11859]  do_recvmmsg+0xbf/0x22b0
[  599.110614][T11859]  do_recvmmsg+0xbf/0x22b0
[  599.273363][T11859] not chained 300000 origins
[  599.277999][T11859] CPU: 1 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  599.286674][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  599.296734][T11859] Call Trace:
[  599.300047][T11859]  dump_stack+0x21c/0x280
[  599.304437][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  599.310217][T11859]  ? kmsan_get_metadata+0x116/0x180
[  599.315552][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  599.321165][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  599.327257][T11859]  ? _copy_from_user+0x201/0x310
[  599.332218][T11859]  ? kmsan_get_metadata+0x116/0x180
[  599.337446][T11859]  __msan_chain_origin+0x50/0x90
[  599.342415][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  599.347832][T11859]  get_compat_msghdr+0x108/0x2b0
[  599.352815][T11859]  do_recvmmsg+0xdbb/0x22b0
[  599.357352][T11859]  ? __msan_get_context_state+0x9/0x20
[  599.362855][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  599.368191][T11859]  ? kmsan_get_metadata+0x116/0x180
[  599.373445][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  599.378939][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  599.383732][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  599.388526][T11859]  __sys_recvmmsg+0x5dd/0x610
[  599.393242][T11859]  ? kmsan_get_metadata+0x116/0x180
[  599.398492][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  599.404594][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  599.410770][T11859]  __do_fast_syscall_32+0x129/0x180
[  599.415994][T11859]  do_fast_syscall_32+0x6a/0xc0
[  599.421730][T11859]  do_SYSENTER_32+0x73/0x90
[  599.426253][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  599.432681][T11859] RIP: 0023:0xf7ff7549
[  599.436765][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  599.456470][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  599.464900][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  599.472898][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  599.480895][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  599.488876][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  599.496859][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  599.504864][T11859] Uninit was stored to memory at:
[  599.509911][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  599.515656][T11859]  __msan_chain_origin+0x50/0x90
[  599.520606][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  599.525744][T11859]  get_compat_msghdr+0x108/0x2b0
[  599.530692][T11859]  do_recvmmsg+0xdbb/0x22b0
[  599.535287][T11859]  __sys_recvmmsg+0x5dd/0x610
[  599.540001][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  599.546097][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  599.552355][T11859]  __do_fast_syscall_32+0x129/0x180
[  599.557565][T11859]  do_fast_syscall_32+0x6a/0xc0
[  599.562459][T11859]  do_SYSENTER_32+0x73/0x90
[  599.566975][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  599.573303][T11859] 
[  599.575664][T11859] Uninit was stored to memory at:
[  599.580706][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  599.586440][T11859]  __msan_chain_origin+0x50/0x90
[  599.591389][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  599.596512][T11859]  get_compat_msghdr+0x108/0x2b0
[  599.601464][T11859]  do_recvmmsg+0xdbb/0x22b0
[  599.605983][T11859]  __sys_recvmmsg+0x5dd/0x610
[  599.610675][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  599.616764][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  599.622933][T11859]  __do_fast_syscall_32+0x129/0x180
[  599.628155][T11859]  do_fast_syscall_32+0x6a/0xc0
[  599.633022][T11859]  do_SYSENTER_32+0x73/0x90
[  599.637541][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  599.643870][T11859] 
[  599.646202][T11859] Uninit was stored to memory at:
[  599.651244][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  599.656976][T11859]  __msan_chain_origin+0x50/0x90
[  599.661922][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  599.667044][T11859]  get_compat_msghdr+0x108/0x2b0
[  599.671994][T11859]  do_recvmmsg+0xdbb/0x22b0
[  599.676509][T11859]  __sys_recvmmsg+0x5dd/0x610
[  599.681284][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  599.687378][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  599.693544][T11859]  __do_fast_syscall_32+0x129/0x180
[  599.698755][T11859]  do_fast_syscall_32+0x6a/0xc0
[  599.703884][T11859]  do_SYSENTER_32+0x73/0x90
[  599.708404][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  599.714744][T11859] 
[  599.717100][T11859] Uninit was stored to memory at:
[  599.722170][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  599.727922][T11859]  __msan_chain_origin+0x50/0x90
[  599.732871][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  599.737995][T11859]  get_compat_msghdr+0x108/0x2b0
[  599.742951][T11859]  do_recvmmsg+0xdbb/0x22b0
[  599.747471][T11859]  __sys_recvmmsg+0x5dd/0x610
[  599.752174][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  599.758260][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  599.764433][T11859]  __do_fast_syscall_32+0x129/0x180
[  599.769644][T11859]  do_fast_syscall_32+0x6a/0xc0
[  599.774508][T11859]  do_SYSENTER_32+0x73/0x90
[  599.779026][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  599.785347][T11859] 
[  599.787702][T11859] Uninit was stored to memory at:
[  599.792745][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  599.798488][T11859]  __msan_chain_origin+0x50/0x90
[  599.803435][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  599.808647][T11859]  get_compat_msghdr+0x108/0x2b0
[  599.813602][T11859]  do_recvmmsg+0xdbb/0x22b0
[  599.818163][T11859]  __sys_recvmmsg+0x5dd/0x610
[  599.822839][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  599.828923][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  599.835091][T11859]  __do_fast_syscall_32+0x129/0x180
[  599.840305][T11859]  do_fast_syscall_32+0x6a/0xc0
[  599.845164][T11859]  do_SYSENTER_32+0x73/0x90
[  599.849682][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  599.855981][T11859] 
[  599.858290][T11859] Uninit was stored to memory at:
[  599.863304][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  599.869010][T11859]  __msan_chain_origin+0x50/0x90
[  599.873945][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  599.879053][T11859]  get_compat_msghdr+0x108/0x2b0
[  599.883986][T11859]  do_recvmmsg+0xdbb/0x22b0
[  599.888478][T11859]  __sys_recvmmsg+0x5dd/0x610
[  599.893143][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  599.899198][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  599.905462][T11859]  __do_fast_syscall_32+0x129/0x180
[  599.911364][T11859]  do_fast_syscall_32+0x6a/0xc0
[  599.916206][T11859]  do_SYSENTER_32+0x73/0x90
[  599.920709][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  599.927016][T11859] 
[  599.929340][T11859] Uninit was stored to memory at:
[  599.934355][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  599.940060][T11859]  __msan_chain_origin+0x50/0x90
[  599.944995][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  599.950115][T11859]  get_compat_msghdr+0x108/0x2b0
[  599.955084][T11859]  do_recvmmsg+0xdbb/0x22b0
[  599.959594][T11859]  __sys_recvmmsg+0x5dd/0x610
[  599.964252][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  599.970317][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  599.977424][T11859]  __do_fast_syscall_32+0x129/0x180
[  599.982604][T11859]  do_fast_syscall_32+0x6a/0xc0
[  599.987453][T11859]  do_SYSENTER_32+0x73/0x90
[  599.991974][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  599.998623][T11859] 
[  600.000945][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  600.007620][T11859]  do_recvmmsg+0xbf/0x22b0
[  600.012047][T11859]  do_recvmmsg+0xbf/0x22b0
[  600.176587][T11859] not chained 310000 origins
[  600.181207][T11859] CPU: 1 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  600.189854][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  600.199900][T11859] Call Trace:
[  600.203188][T11859]  dump_stack+0x21c/0x280
[  600.207540][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  600.213301][T11859]  ? kmsan_get_metadata+0x116/0x180
[  600.218504][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  600.224042][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  600.230125][T11859]  ? _copy_from_user+0x201/0x310
[  600.235072][T11859]  ? kmsan_get_metadata+0x116/0x180
[  600.240288][T11859]  __msan_chain_origin+0x50/0x90
[  600.245231][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  600.250379][T11859]  get_compat_msghdr+0x108/0x2b0
[  600.255319][T11859]  do_recvmmsg+0xdbb/0x22b0
[  600.259817][T11859]  ? __msan_get_context_state+0x9/0x20
[  600.265301][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  600.270623][T11859]  ? kmsan_get_metadata+0x116/0x180
[  600.275847][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  600.281136][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  600.285898][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  600.290679][T11859]  __sys_recvmmsg+0x5dd/0x610
[  600.295548][T11859]  ? kmsan_get_metadata+0x116/0x180
[  600.300747][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  600.306830][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  600.312987][T11859]  __do_fast_syscall_32+0x129/0x180
[  600.318177][T11859]  do_fast_syscall_32+0x6a/0xc0
[  600.323014][T11859]  do_SYSENTER_32+0x73/0x90
[  600.329261][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  600.335586][T11859] RIP: 0023:0xf7ff7549
[  600.339654][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  600.359261][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  600.368494][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  600.376481][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  600.384452][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  600.392428][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  600.400402][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  600.408389][T11859] Uninit was stored to memory at:
[  600.413406][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  600.419816][T11859]  __msan_chain_origin+0x50/0x90
[  600.424735][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  600.429830][T11859]  get_compat_msghdr+0x108/0x2b0
[  600.434751][T11859]  do_recvmmsg+0xdbb/0x22b0
[  600.439246][T11859]  __sys_recvmmsg+0x5dd/0x610
[  600.443904][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  600.449957][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  600.456108][T11859]  __do_fast_syscall_32+0x129/0x180
[  600.461307][T11859]  do_fast_syscall_32+0x6a/0xc0
[  600.466154][T11859]  do_SYSENTER_32+0x73/0x90
[  600.470655][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  600.476966][T11859] 
[  600.479275][T11859] Uninit was stored to memory at:
[  600.484286][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  600.490100][T11859]  __msan_chain_origin+0x50/0x90
[  600.495054][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  600.500176][T11859]  get_compat_msghdr+0x108/0x2b0
[  600.505129][T11859]  do_recvmmsg+0xdbb/0x22b0
[  600.509635][T11859]  __sys_recvmmsg+0x5dd/0x610
[  600.514307][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  600.520358][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  600.526510][T11859]  __do_fast_syscall_32+0x129/0x180
[  600.531703][T11859]  do_fast_syscall_32+0x6a/0xc0
[  600.536550][T11859]  do_SYSENTER_32+0x73/0x90
[  600.541053][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  600.547359][T11859] 
[  600.549691][T11859] Uninit was stored to memory at:
[  600.554702][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  600.560405][T11859]  __msan_chain_origin+0x50/0x90
[  600.565345][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  600.570452][T11859]  get_compat_msghdr+0x108/0x2b0
[  600.575375][T11859]  do_recvmmsg+0xdbb/0x22b0
[  600.579861][T11859]  __sys_recvmmsg+0x5dd/0x610
[  600.584520][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  600.590591][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  600.596757][T11859]  __do_fast_syscall_32+0x129/0x180
[  600.602654][T11859]  do_fast_syscall_32+0x6a/0xc0
[  600.607505][T11859]  do_SYSENTER_32+0x73/0x90
[  600.612021][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  600.618337][T11859] 
[  600.620657][T11859] Uninit was stored to memory at:
[  600.625686][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  600.631408][T11859]  __msan_chain_origin+0x50/0x90
[  600.636342][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  600.641448][T11859]  get_compat_msghdr+0x108/0x2b0
[  600.646386][T11859]  do_recvmmsg+0xdbb/0x22b0
[  600.650891][T11859]  __sys_recvmmsg+0x5dd/0x610
[  600.655568][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  600.661617][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  600.667766][T11859]  __do_fast_syscall_32+0x129/0x180
[  600.672961][T11859]  do_fast_syscall_32+0x6a/0xc0
[  600.677795][T11859]  do_SYSENTER_32+0x73/0x90
[  600.682285][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  600.688599][T11859] 
[  600.690904][T11859] Uninit was stored to memory at:
[  600.695915][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  600.701618][T11859]  __msan_chain_origin+0x50/0x90
[  600.706550][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  600.711660][T11859]  get_compat_msghdr+0x108/0x2b0
[  600.716605][T11859]  do_recvmmsg+0xdbb/0x22b0
[  600.721152][T11859]  __sys_recvmmsg+0x5dd/0x610
[  600.725843][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  600.731918][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  600.738084][T11859]  __do_fast_syscall_32+0x129/0x180
[  600.743285][T11859]  do_fast_syscall_32+0x6a/0xc0
[  600.748136][T11859]  do_SYSENTER_32+0x73/0x90
[  600.752634][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  600.758936][T11859] 
[  600.761253][T11859] Uninit was stored to memory at:
[  600.766276][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  600.771994][T11859]  __msan_chain_origin+0x50/0x90
[  600.776937][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  600.782030][T11859]  get_compat_msghdr+0x108/0x2b0
[  600.786952][T11859]  do_recvmmsg+0xdbb/0x22b0
[  600.791456][T11859]  __sys_recvmmsg+0x5dd/0x610
[  600.796130][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  600.802203][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  600.808342][T11859]  __do_fast_syscall_32+0x129/0x180
[  600.813526][T11859]  do_fast_syscall_32+0x6a/0xc0
[  600.818379][T11859]  do_SYSENTER_32+0x73/0x90
[  600.822880][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  600.829187][T11859] 
[  600.831517][T11859] Uninit was stored to memory at:
[  600.836644][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  600.842346][T11859]  __msan_chain_origin+0x50/0x90
[  600.847267][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  600.852363][T11859]  get_compat_msghdr+0x108/0x2b0
[  600.857289][T11859]  do_recvmmsg+0xdbb/0x22b0
[  600.861794][T11859]  __sys_recvmmsg+0x5dd/0x610
[  600.866470][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  600.872568][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  600.884279][T11859]  __do_fast_syscall_32+0x129/0x180
[  600.889464][T11859]  do_fast_syscall_32+0x6a/0xc0
[  600.894308][T11859]  do_SYSENTER_32+0x73/0x90
[  600.898808][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  600.905116][T11859] 
[  600.907455][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  600.914113][T11859]  do_recvmmsg+0xbf/0x22b0
[  600.918527][T11859]  do_recvmmsg+0xbf/0x22b0
[  601.073258][T11859] not chained 320000 origins
[  601.077900][T11859] CPU: 1 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  601.086572][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  601.096651][T11859] Call Trace:
[  601.099965][T11859]  dump_stack+0x21c/0x280
[  601.104340][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  601.110123][T11859]  ? kmsan_get_metadata+0x116/0x180
[  601.115347][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  601.120944][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  601.127058][T11859]  ? _copy_from_user+0x201/0x310
[  601.132020][T11859]  ? kmsan_get_metadata+0x116/0x180
[  601.137256][T11859]  __msan_chain_origin+0x50/0x90
[  601.142238][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  601.147400][T11859]  get_compat_msghdr+0x108/0x2b0
[  601.152378][T11859]  do_recvmmsg+0xdbb/0x22b0
[  601.156907][T11859]  ? __msan_get_context_state+0x9/0x20
[  601.162424][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  601.167745][T11859]  ? kmsan_get_metadata+0x116/0x180
[  601.172972][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  601.178276][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  601.183054][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  601.187839][T11859]  __sys_recvmmsg+0x5dd/0x610
[  601.192550][T11859]  ? kmsan_get_metadata+0x116/0x180
[  601.197779][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  601.203872][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  601.210050][T11859]  __do_fast_syscall_32+0x129/0x180
[  601.215272][T11859]  do_fast_syscall_32+0x6a/0xc0
[  601.220142][T11859]  do_SYSENTER_32+0x73/0x90
[  601.225633][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  601.232663][T11859] RIP: 0023:0xf7ff7549
[  601.236741][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  601.256351][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  601.265746][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  601.273729][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  601.281710][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  601.289695][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  601.297698][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  601.305694][T11859] Uninit was stored to memory at:
[  601.310742][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  601.316477][T11859]  __msan_chain_origin+0x50/0x90
[  601.321430][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  601.326751][T11859]  get_compat_msghdr+0x108/0x2b0
[  601.331706][T11859]  do_recvmmsg+0xdbb/0x22b0
[  601.336224][T11859]  __sys_recvmmsg+0x5dd/0x610
[  601.340915][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  601.346994][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  601.353163][T11859]  __do_fast_syscall_32+0x129/0x180
[  601.358377][T11859]  do_fast_syscall_32+0x6a/0xc0
[  601.363265][T11859]  do_SYSENTER_32+0x73/0x90
[  601.367788][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  601.374116][T11859] 
[  601.376449][T11859] Uninit was stored to memory at:
[  601.381491][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  601.387223][T11859]  __msan_chain_origin+0x50/0x90
[  601.392170][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  601.397289][T11859]  get_compat_msghdr+0x108/0x2b0
[  601.402236][T11859]  do_recvmmsg+0xdbb/0x22b0
[  601.406757][T11859]  __sys_recvmmsg+0x5dd/0x610
[  601.411448][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  601.417526][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  601.423699][T11859]  __do_fast_syscall_32+0x129/0x180
[  601.428909][T11859]  do_fast_syscall_32+0x6a/0xc0
[  601.433772][T11859]  do_SYSENTER_32+0x73/0x90
[  601.438292][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  601.444620][T11859] 
[  601.446951][T11859] Uninit was stored to memory at:
[  601.451988][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  601.457721][T11859]  __msan_chain_origin+0x50/0x90
[  601.462691][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  601.467811][T11859]  get_compat_msghdr+0x108/0x2b0
[  601.472761][T11859]  do_recvmmsg+0xdbb/0x22b0
[  601.477278][T11859]  __sys_recvmmsg+0x5dd/0x610
[  601.481988][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  601.488068][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  601.494235][T11859]  __do_fast_syscall_32+0x129/0x180
[  601.499447][T11859]  do_fast_syscall_32+0x6a/0xc0
[  601.504314][T11859]  do_SYSENTER_32+0x73/0x90
[  601.508832][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  601.515937][T11859] 
[  601.518272][T11859] Uninit was stored to memory at:
[  601.523345][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  601.529079][T11859]  __msan_chain_origin+0x50/0x90
[  601.534030][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  601.539153][T11859]  get_compat_msghdr+0x108/0x2b0
[  601.544107][T11859]  do_recvmmsg+0xdbb/0x22b0
[  601.548624][T11859]  __sys_recvmmsg+0x5dd/0x610
[  601.553313][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  601.559402][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  601.565608][T11859]  __do_fast_syscall_32+0x129/0x180
[  601.570845][T11859]  do_fast_syscall_32+0x6a/0xc0
[  601.575715][T11859]  do_SYSENTER_32+0x73/0x90
[  601.580234][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  601.586562][T11859] 
[  601.588888][T11859] Uninit was stored to memory at:
[  601.593927][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  601.599662][T11859]  __msan_chain_origin+0x50/0x90
[  601.604612][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  601.609909][T11859]  get_compat_msghdr+0x108/0x2b0
[  601.614862][T11859]  do_recvmmsg+0xdbb/0x22b0
[  601.619381][T11859]  __sys_recvmmsg+0x5dd/0x610
[  601.624072][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  601.630152][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  601.636324][T11859]  __do_fast_syscall_32+0x129/0x180
[  601.641531][T11859]  do_fast_syscall_32+0x6a/0xc0
[  601.646395][T11859]  do_SYSENTER_32+0x73/0x90
[  601.650910][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  601.657259][T11859] 
[  601.659567][T11859] Uninit was stored to memory at:
[  601.664579][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  601.670547][T11859]  __msan_chain_origin+0x50/0x90
[  601.676436][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  601.681545][T11859]  get_compat_msghdr+0x108/0x2b0
[  601.686484][T11859]  do_recvmmsg+0xdbb/0x22b0
[  601.690997][T11859]  __sys_recvmmsg+0x5dd/0x610
[  601.695658][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  601.702056][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  601.708210][T11859]  __do_fast_syscall_32+0x129/0x180
[  601.713445][T11859]  do_fast_syscall_32+0x6a/0xc0
[  601.718313][T11859]  do_SYSENTER_32+0x73/0x90
[  601.722801][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  601.729120][T11859] 
[  601.731437][T11859] Uninit was stored to memory at:
[  601.736449][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  601.742167][T11859]  __msan_chain_origin+0x50/0x90
[  601.747102][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  601.752213][T11859]  get_compat_msghdr+0x108/0x2b0
[  601.757149][T11859]  do_recvmmsg+0xdbb/0x22b0
[  601.761661][T11859]  __sys_recvmmsg+0x5dd/0x610
[  601.766349][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  601.772443][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  601.778601][T11859]  __do_fast_syscall_32+0x129/0x180
[  601.783781][T11859]  do_fast_syscall_32+0x6a/0xc0
[  601.788633][T11859]  do_SYSENTER_32+0x73/0x90
[  601.793125][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  601.804227][T11859] 
[  601.806567][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  601.813244][T11859]  do_recvmmsg+0xbf/0x22b0
[  601.817679][T11859]  do_recvmmsg+0xbf/0x22b0
[  602.029957][T11859] not chained 330000 origins
[  602.034942][T11859] CPU: 0 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  602.043598][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  602.053638][T11859] Call Trace:
[  602.056935][T11859]  dump_stack+0x21c/0x280
[  602.061260][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  602.066991][T11859]  ? kmsan_get_metadata+0x116/0x180
[  602.072176][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  602.077722][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  602.083788][T11859]  ? _copy_from_user+0x201/0x310
[  602.088726][T11859]  ? kmsan_get_metadata+0x116/0x180
[  602.093921][T11859]  __msan_chain_origin+0x50/0x90
[  602.098941][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  602.104089][T11859]  get_compat_msghdr+0x108/0x2b0
[  602.109033][T11859]  do_recvmmsg+0xdbb/0x22b0
[  602.113560][T11859]  ? __msan_get_context_state+0x9/0x20
[  602.119023][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  602.124304][T11859]  ? kmsan_get_metadata+0x116/0x180
[  602.129496][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  602.134770][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  602.139517][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  602.144271][T11859]  __sys_recvmmsg+0x5dd/0x610
[  602.148944][T11859]  ? kmsan_get_metadata+0x116/0x180
[  602.154132][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  602.160237][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  602.166383][T11859]  __do_fast_syscall_32+0x129/0x180
[  602.171573][T11859]  do_fast_syscall_32+0x6a/0xc0
[  602.176417][T11859]  do_SYSENTER_32+0x73/0x90
[  602.180909][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  602.187231][T11859] RIP: 0023:0xf7ff7549
[  602.191301][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  602.211071][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  602.219467][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  602.227533][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  602.235501][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  602.243456][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  602.251422][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  602.259403][T11859] Uninit was stored to memory at:
[  602.264429][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  602.270136][T11859]  __msan_chain_origin+0x50/0x90
[  602.275073][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  602.280175][T11859]  get_compat_msghdr+0x108/0x2b0
[  602.285098][T11859]  do_recvmmsg+0xdbb/0x22b0
[  602.289583][T11859]  __sys_recvmmsg+0x5dd/0x610
[  602.294259][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  602.300312][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  602.306452][T11859]  __do_fast_syscall_32+0x129/0x180
[  602.311651][T11859]  do_fast_syscall_32+0x6a/0xc0
[  602.316582][T11859]  do_SYSENTER_32+0x73/0x90
[  602.321079][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  602.327392][T11859] 
[  602.329703][T11859] Uninit was stored to memory at:
[  602.334715][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  602.340416][T11859]  __msan_chain_origin+0x50/0x90
[  602.345347][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  602.350463][T11859]  get_compat_msghdr+0x108/0x2b0
[  602.355409][T11859]  do_recvmmsg+0xdbb/0x22b0
[  602.359904][T11859]  __sys_recvmmsg+0x5dd/0x610
[  602.364568][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  602.370660][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  602.376801][T11859]  __do_fast_syscall_32+0x129/0x180
[  602.381990][T11859]  do_fast_syscall_32+0x6a/0xc0
[  602.386833][T11859]  do_SYSENTER_32+0x73/0x90
[  602.391341][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  602.397660][T11859] 
[  602.399967][T11859] Uninit was stored to memory at:
[  602.404993][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  602.410698][T11859]  __msan_chain_origin+0x50/0x90
[  602.415625][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  602.420736][T11859]  get_compat_msghdr+0x108/0x2b0
[  602.425666][T11859]  do_recvmmsg+0xdbb/0x22b0
[  602.430152][T11859]  __sys_recvmmsg+0x5dd/0x610
[  602.434813][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  602.440864][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  602.447267][T11859]  __do_fast_syscall_32+0x129/0x180
[  602.452453][T11859]  do_fast_syscall_32+0x6a/0xc0
[  602.457303][T11859]  do_SYSENTER_32+0x73/0x90
[  602.461801][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  602.468104][T11859] 
[  602.470413][T11859] Uninit was stored to memory at:
[  602.475429][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  602.481145][T11859]  __msan_chain_origin+0x50/0x90
[  602.486188][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  602.491287][T11859]  get_compat_msghdr+0x108/0x2b0
[  602.496212][T11859]  do_recvmmsg+0xdbb/0x22b0
[  602.500710][T11859]  __sys_recvmmsg+0x5dd/0x610
[  602.505371][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  602.511423][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  602.517574][T11859]  __do_fast_syscall_32+0x129/0x180
[  602.522768][T11859]  do_fast_syscall_32+0x6a/0xc0
[  602.527600][T11859]  do_SYSENTER_32+0x73/0x90
[  602.532097][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  602.538397][T11859] 
[  602.540707][T11859] Uninit was stored to memory at:
[  602.545720][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  602.551420][T11859]  __msan_chain_origin+0x50/0x90
[  602.556341][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  602.561444][T11859]  get_compat_msghdr+0x108/0x2b0
[  602.566367][T11859]  do_recvmmsg+0xdbb/0x22b0
[  602.570859][T11859]  __sys_recvmmsg+0x5dd/0x610
[  602.575529][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  602.581588][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  602.587727][T11859]  __do_fast_syscall_32+0x129/0x180
[  602.592908][T11859]  do_fast_syscall_32+0x6a/0xc0
[  602.597743][T11859]  do_SYSENTER_32+0x73/0x90
[  602.602227][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  602.608526][T11859] 
[  602.610844][T11859] Uninit was stored to memory at:
[  602.615870][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  602.621583][T11859]  __msan_chain_origin+0x50/0x90
[  602.626515][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  602.631607][T11859]  get_compat_msghdr+0x108/0x2b0
[  602.636535][T11859]  do_recvmmsg+0xdbb/0x22b0
[  602.641019][T11859]  __sys_recvmmsg+0x5dd/0x610
[  602.645679][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  602.651737][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  602.657875][T11859]  __do_fast_syscall_32+0x129/0x180
[  602.663052][T11859]  do_fast_syscall_32+0x6a/0xc0
[  602.667884][T11859]  do_SYSENTER_32+0x73/0x90
[  602.672370][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  602.678679][T11859] 
[  602.681001][T11859] Uninit was stored to memory at:
[  602.686012][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  602.691796][T11859]  __msan_chain_origin+0x50/0x90
[  602.696736][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  602.701831][T11859]  get_compat_msghdr+0x108/0x2b0
[  602.706754][T11859]  do_recvmmsg+0xdbb/0x22b0
[  602.711253][T11859]  __sys_recvmmsg+0x5dd/0x610
[  602.715915][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  602.721971][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  602.728110][T11859]  __do_fast_syscall_32+0x129/0x180
[  602.733302][T11859]  do_fast_syscall_32+0x6a/0xc0
[  602.738148][T11859]  do_SYSENTER_32+0x73/0x90
[  602.742654][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  602.748957][T11859] 
[  602.751270][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  602.757932][T11859]  do_recvmmsg+0xbf/0x22b0
[  602.762332][T11859]  do_recvmmsg+0xbf/0x22b0
[  602.959956][T11859] not chained 340000 origins
[  602.964614][T11859] CPU: 0 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  602.973297][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  602.983366][T11859] Call Trace:
[  602.986706][T11859]  dump_stack+0x21c/0x280
[  602.991081][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  602.996864][T11859]  ? kmsan_get_metadata+0x116/0x180
[  603.003540][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  603.009119][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  603.015218][T11859]  ? _copy_from_user+0x201/0x310
[  603.020185][T11859]  ? kmsan_get_metadata+0x116/0x180
[  603.025411][T11859]  __msan_chain_origin+0x50/0x90
[  603.030372][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  603.035528][T11859]  get_compat_msghdr+0x108/0x2b0
[  603.040501][T11859]  do_recvmmsg+0xdbb/0x22b0
[  603.045030][T11859]  ? __msan_get_context_state+0x9/0x20
[  603.050532][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  603.055911][T11859]  ? kmsan_get_metadata+0x116/0x180
[  603.061141][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  603.066452][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  603.071235][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  603.076068][T11859]  __sys_recvmmsg+0x5dd/0x610
[  603.080784][T11859]  ? kmsan_get_metadata+0x116/0x180
[  603.086003][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  603.092100][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  603.098364][T11859]  __do_fast_syscall_32+0x129/0x180
[  603.103592][T11859]  do_fast_syscall_32+0x6a/0xc0
[  603.108464][T11859]  do_SYSENTER_32+0x73/0x90
[  603.112990][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  603.119330][T11859] RIP: 0023:0xf7ff7549
[  603.123415][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  603.143033][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  603.151461][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  603.159449][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  603.167453][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  603.175455][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  603.183440][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  603.191438][T11859] Uninit was stored to memory at:
[  603.196486][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  603.202221][T11859]  __msan_chain_origin+0x50/0x90
[  603.207170][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  603.212295][T11859]  get_compat_msghdr+0x108/0x2b0
[  603.217251][T11859]  do_recvmmsg+0xdbb/0x22b0
[  603.221766][T11859]  __sys_recvmmsg+0x5dd/0x610
[  603.226461][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  603.232541][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  603.238737][T11859]  __do_fast_syscall_32+0x129/0x180
[  603.243948][T11859]  do_fast_syscall_32+0x6a/0xc0
[  603.248800][T11859]  do_SYSENTER_32+0x73/0x90
[  603.253299][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  603.259633][T11859] 
[  603.261940][T11859] Uninit was stored to memory at:
[  603.266973][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  603.272701][T11859]  __msan_chain_origin+0x50/0x90
[  603.277622][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  603.282726][T11859]  get_compat_msghdr+0x108/0x2b0
[  603.287663][T11859]  do_recvmmsg+0xdbb/0x22b0
[  603.292149][T11859]  __sys_recvmmsg+0x5dd/0x610
[  603.296826][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  603.305155][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  603.311297][T11859]  __do_fast_syscall_32+0x129/0x180
[  603.316484][T11859]  do_fast_syscall_32+0x6a/0xc0
[  603.321320][T11859]  do_SYSENTER_32+0x73/0x90
[  603.325808][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  603.332107][T11859] 
[  603.334414][T11859] Uninit was stored to memory at:
[  603.339429][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  603.345149][T11859]  __msan_chain_origin+0x50/0x90
[  603.350085][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  603.355367][T11859]  get_compat_msghdr+0x108/0x2b0
[  603.360299][T11859]  do_recvmmsg+0xdbb/0x22b0
[  603.364786][T11859]  __sys_recvmmsg+0x5dd/0x610
[  603.369459][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  603.375539][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  603.381686][T11859]  __do_fast_syscall_32+0x129/0x180
[  603.386890][T11859]  do_fast_syscall_32+0x6a/0xc0
[  603.391726][T11859]  do_SYSENTER_32+0x73/0x90
[  603.396216][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  603.402526][T11859] 
[  603.404841][T11859] Uninit was stored to memory at:
[  603.409967][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  603.415679][T11859]  __msan_chain_origin+0x50/0x90
[  603.420598][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  603.425692][T11859]  get_compat_msghdr+0x108/0x2b0
[  603.430626][T11859]  do_recvmmsg+0xdbb/0x22b0
[  603.435125][T11859]  __sys_recvmmsg+0x5dd/0x610
[  603.439786][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  603.445849][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  603.451997][T11859]  __do_fast_syscall_32+0x129/0x180
[  603.457188][T11859]  do_fast_syscall_32+0x6a/0xc0
[  603.462035][T11859]  do_SYSENTER_32+0x73/0x90
[  603.466525][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  603.472838][T11859] 
[  603.475151][T11859] Uninit was stored to memory at:
[  603.480174][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  603.485886][T11859]  __msan_chain_origin+0x50/0x90
[  603.490836][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  603.495934][T11859]  get_compat_msghdr+0x108/0x2b0
[  603.500860][T11859]  do_recvmmsg+0xdbb/0x22b0
[  603.505347][T11859]  __sys_recvmmsg+0x5dd/0x610
[  603.510006][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  603.516059][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  603.522212][T11859]  __do_fast_syscall_32+0x129/0x180
[  603.527400][T11859]  do_fast_syscall_32+0x6a/0xc0
[  603.532249][T11859]  do_SYSENTER_32+0x73/0x90
[  603.536741][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  603.543041][T11859] 
[  603.545349][T11859] Uninit was stored to memory at:
[  603.550363][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  603.556073][T11859]  __msan_chain_origin+0x50/0x90
[  603.560997][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  603.566089][T11859]  get_compat_msghdr+0x108/0x2b0
[  603.571009][T11859]  do_recvmmsg+0xdbb/0x22b0
[  603.579923][T11859]  __sys_recvmmsg+0x5dd/0x610
[  603.584596][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  603.590656][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  603.596805][T11859]  __do_fast_syscall_32+0x129/0x180
[  603.601989][T11859]  do_fast_syscall_32+0x6a/0xc0
[  603.606830][T11859]  do_SYSENTER_32+0x73/0x90
[  603.611333][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  603.617635][T11859] 
[  603.619941][T11859] Uninit was stored to memory at:
[  603.625514][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  603.631217][T11859]  __msan_chain_origin+0x50/0x90
[  603.636148][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  603.641247][T11859]  get_compat_msghdr+0x108/0x2b0
[  603.646168][T11859]  do_recvmmsg+0xdbb/0x22b0
[  603.650653][T11859]  __sys_recvmmsg+0x5dd/0x610
[  603.655315][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  603.661363][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  603.668299][T11859]  __do_fast_syscall_32+0x129/0x180
[  603.673482][T11859]  do_fast_syscall_32+0x6a/0xc0
[  603.678334][T11859]  do_SYSENTER_32+0x73/0x90
[  603.682821][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  603.689119][T11859] 
[  603.691442][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  603.698107][T11859]  do_recvmmsg+0xbf/0x22b0
[  603.702516][T11859]  do_recvmmsg+0xbf/0x22b0
[  603.973113][T11859] not chained 350000 origins
[  603.977758][T11859] CPU: 0 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  603.986442][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  603.996512][T11859] Call Trace:
[  603.999850][T11859]  dump_stack+0x21c/0x280
[  604.004220][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  604.010628][T11859]  ? kmsan_get_metadata+0x116/0x180
[  604.015878][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  604.021452][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  604.027603][T11859]  ? _copy_from_user+0x201/0x310
[  604.032583][T11859]  ? kmsan_get_metadata+0x116/0x180
[  604.037808][T11859]  __msan_chain_origin+0x50/0x90
[  604.042777][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  604.048059][T11859]  get_compat_msghdr+0x108/0x2b0
[  604.053034][T11859]  do_recvmmsg+0xdbb/0x22b0
[  604.057614][T11859]  ? __msan_get_context_state+0x9/0x20
[  604.063207][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  604.068534][T11859]  ? kmsan_get_metadata+0x116/0x180
[  604.073772][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  604.079091][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  604.083885][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  604.093118][T11859]  __sys_recvmmsg+0x5dd/0x610
[  604.097847][T11859]  ? kmsan_get_metadata+0x116/0x180
[  604.103093][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  604.109473][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  604.115704][T11859]  __do_fast_syscall_32+0x129/0x180
[  604.120922][T11859]  do_fast_syscall_32+0x6a/0xc0
[  604.125778][T11859]  do_SYSENTER_32+0x73/0x90
[  604.130306][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  604.136625][T11859] RIP: 0023:0xf7ff7549
[  604.140686][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  604.160371][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  604.168973][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  604.176947][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  604.186016][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  604.193985][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  604.201953][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  604.209969][T11859] Uninit was stored to memory at:
[  604.215167][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  604.220887][T11859]  __msan_chain_origin+0x50/0x90
[  604.225968][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  604.231258][T11859]  get_compat_msghdr+0x108/0x2b0
[  604.236198][T11859]  do_recvmmsg+0xdbb/0x22b0
[  604.240726][T11859]  __sys_recvmmsg+0x5dd/0x610
[  604.245474][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  604.251608][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  604.257799][T11859]  __do_fast_syscall_32+0x129/0x180
[  604.263034][T11859]  do_fast_syscall_32+0x6a/0xc0
[  604.268041][T11859]  do_SYSENTER_32+0x73/0x90
[  604.272545][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  604.279077][T11859] 
[  604.281445][T11859] Uninit was stored to memory at:
[  604.286476][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  604.292296][T11859]  __msan_chain_origin+0x50/0x90
[  604.297725][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  604.303097][T11859]  get_compat_msghdr+0x108/0x2b0
[  604.308041][T11859]  do_recvmmsg+0xdbb/0x22b0
[  604.312652][T11859]  __sys_recvmmsg+0x5dd/0x610
[  604.317523][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  604.323706][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  604.330273][T11859]  __do_fast_syscall_32+0x129/0x180
[  604.335950][T11859]  do_fast_syscall_32+0x6a/0xc0
[  604.341456][T11859]  do_SYSENTER_32+0x73/0x90
[  604.346286][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  604.356307][T11859] 
[  604.358860][T11859] Uninit was stored to memory at:
[  604.363899][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  604.371351][T11859]  __msan_chain_origin+0x50/0x90
[  604.376804][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  604.382600][T11859]  get_compat_msghdr+0x108/0x2b0
[  604.387600][T11859]  do_recvmmsg+0xdbb/0x22b0
[  604.392229][T11859]  __sys_recvmmsg+0x5dd/0x610
[  604.396906][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  604.406583][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  604.413090][T11859]  __do_fast_syscall_32+0x129/0x180
[  604.418480][T11859]  do_fast_syscall_32+0x6a/0xc0
[  604.423609][T11859]  do_SYSENTER_32+0x73/0x90
[  604.428167][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  604.434909][T11859] 
[  604.437449][T11859] Uninit was stored to memory at:
[  604.442497][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  604.448260][T11859]  __msan_chain_origin+0x50/0x90
[  604.453245][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  604.458355][T11859]  get_compat_msghdr+0x108/0x2b0
[  604.463293][T11859]  do_recvmmsg+0xdbb/0x22b0
[  604.467799][T11859]  __sys_recvmmsg+0x5dd/0x610
[  604.472887][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  604.479278][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  604.485618][T11859]  __do_fast_syscall_32+0x129/0x180
[  604.490999][T11859]  do_fast_syscall_32+0x6a/0xc0
[  604.495852][T11859]  do_SYSENTER_32+0x73/0x90
[  604.500353][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  604.506842][T11859] 
[  604.509353][T11859] Uninit was stored to memory at:
[  604.514744][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  604.521040][T11859]  __msan_chain_origin+0x50/0x90
[  604.526276][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  604.531431][T11859]  get_compat_msghdr+0x108/0x2b0
[  604.536613][T11859]  do_recvmmsg+0xdbb/0x22b0
[  604.541283][T11859]  __sys_recvmmsg+0x5dd/0x610
[  604.546096][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  604.552162][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  604.558708][T11859]  __do_fast_syscall_32+0x129/0x180
[  604.563910][T11859]  do_fast_syscall_32+0x6a/0xc0
[  604.568867][T11859]  do_SYSENTER_32+0x73/0x90
[  604.573372][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  604.579726][T11859] 
[  604.582048][T11859] Uninit was stored to memory at:
[  604.587120][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  604.592845][T11859]  __msan_chain_origin+0x50/0x90
[  604.597943][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  604.603056][T11859]  get_compat_msghdr+0x108/0x2b0
[  604.608045][T11859]  do_recvmmsg+0xdbb/0x22b0
[  604.612747][T11859]  __sys_recvmmsg+0x5dd/0x610
[  604.618600][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  604.624720][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  604.631050][T11859]  __do_fast_syscall_32+0x129/0x180
[  604.636251][T11859]  do_fast_syscall_32+0x6a/0xc0
[  604.641251][T11859]  do_SYSENTER_32+0x73/0x90
[  604.645843][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  604.652348][T11859] 
[  604.654715][T11859] Uninit was stored to memory at:
[  604.659880][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  604.665871][T11859]  __msan_chain_origin+0x50/0x90
[  604.670977][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  604.676088][T11859]  get_compat_msghdr+0x108/0x2b0
[  604.681203][T11859]  do_recvmmsg+0xdbb/0x22b0
[  604.685749][T11859]  __sys_recvmmsg+0x5dd/0x610
[  604.690487][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  604.696557][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  604.702884][T11859]  __do_fast_syscall_32+0x129/0x180
[  604.708174][T11859]  do_fast_syscall_32+0x6a/0xc0
[  604.713035][T11859]  do_SYSENTER_32+0x73/0x90
[  604.717922][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  604.724238][T11859] 
[  604.726662][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  604.736078][T11859]  do_recvmmsg+0xbf/0x22b0
[  604.740658][T11859]  do_recvmmsg+0xbf/0x22b0
[  605.049023][T11859] not chained 360000 origins
[  605.053957][T11859] CPU: 0 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  605.062951][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  605.073267][T11859] Call Trace:
[  605.076840][T11859]  dump_stack+0x21c/0x280
[  605.081318][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  605.087563][T11859]  ? kmsan_get_metadata+0x116/0x180
[  605.093203][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  605.099185][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  605.105694][T11859]  ? _copy_from_user+0x201/0x310
[  605.110660][T11859]  ? kmsan_get_metadata+0x116/0x180
[  605.116223][T11859]  __msan_chain_origin+0x50/0x90
[  605.121338][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  605.128885][T11859]  get_compat_msghdr+0x108/0x2b0
[  605.134147][T11859]  do_recvmmsg+0xdbb/0x22b0
[  605.139717][T11859]  ? __msan_get_context_state+0x9/0x20
[  605.145758][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  605.151106][T11859]  ? kmsan_get_metadata+0x116/0x180
[  605.156910][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  605.165041][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  605.169942][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  605.174713][T11859]  __sys_recvmmsg+0x5dd/0x610
[  605.179637][T11859]  ? kmsan_get_metadata+0x116/0x180
[  605.185110][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  605.191276][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  605.197613][T11859]  __do_fast_syscall_32+0x129/0x180
[  605.202814][T11859]  do_fast_syscall_32+0x6a/0xc0
[  605.207934][T11859]  do_SYSENTER_32+0x73/0x90
[  605.213214][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  605.219737][T11859] RIP: 0023:0xf7ff7549
[  605.223807][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  605.244482][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  605.253763][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  605.261962][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  605.269936][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  605.278167][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  605.288608][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  605.296892][T11859] Uninit was stored to memory at:
[  605.302225][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  605.308249][T11859]  __msan_chain_origin+0x50/0x90
[  605.313233][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  605.318391][T11859]  get_compat_msghdr+0x108/0x2b0
[  605.323452][T11859]  do_recvmmsg+0xdbb/0x22b0
[  605.328129][T11859]  __sys_recvmmsg+0x5dd/0x610
[  605.333015][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  605.339332][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  605.345535][T11859]  __do_fast_syscall_32+0x129/0x180
[  605.350892][T11859]  do_fast_syscall_32+0x6a/0xc0
[  605.356092][T11859]  do_SYSENTER_32+0x73/0x90
[  605.360802][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  605.367484][T11859] 
[  605.370038][T11859] Uninit was stored to memory at:
[  605.376665][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  605.386252][T11859]  __msan_chain_origin+0x50/0x90
[  605.392506][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  605.397708][T11859]  get_compat_msghdr+0x108/0x2b0
[  605.402907][T11859]  do_recvmmsg+0xdbb/0x22b0
[  605.407415][T11859]  __sys_recvmmsg+0x5dd/0x610
[  605.412090][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  605.418202][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  605.424495][T11859]  __do_fast_syscall_32+0x129/0x180
[  605.429918][T11859]  do_fast_syscall_32+0x6a/0xc0
[  605.434790][T11859]  do_SYSENTER_32+0x73/0x90
[  605.439610][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  605.445930][T11859] 
[  605.457717][T11859] Uninit was stored to memory at:
[  605.462744][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  605.468551][T11859]  __msan_chain_origin+0x50/0x90
[  605.473587][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  605.478698][T11859]  get_compat_msghdr+0x108/0x2b0
[  605.483638][T11859]  do_recvmmsg+0xdbb/0x22b0
[  605.488368][T11859]  __sys_recvmmsg+0x5dd/0x610
[  605.493370][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  605.499439][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  605.505642][T11859]  __do_fast_syscall_32+0x129/0x180
[  605.511169][T11859]  do_fast_syscall_32+0x6a/0xc0
[  605.516163][T11859]  do_SYSENTER_32+0x73/0x90
[  605.520889][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  605.527383][T11859] 
[  605.530056][T11859] Uninit was stored to memory at:
[  605.535206][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  605.540973][T11859]  __msan_chain_origin+0x50/0x90
[  605.545953][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  605.551136][T11859]  get_compat_msghdr+0x108/0x2b0
[  605.556162][T11859]  do_recvmmsg+0xdbb/0x22b0
[  605.561247][T11859]  __sys_recvmmsg+0x5dd/0x610
[  605.566061][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  605.572453][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  605.578902][T11859]  __do_fast_syscall_32+0x129/0x180
[  605.584376][T11859]  do_fast_syscall_32+0x6a/0xc0
[  605.589228][T11859]  do_SYSENTER_32+0x73/0x90
[  605.593775][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  605.600234][T11859] 
[  605.602580][T11859] Uninit was stored to memory at:
[  605.607628][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  605.613799][T11859]  __msan_chain_origin+0x50/0x90
[  605.618867][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  605.624041][T11859]  get_compat_msghdr+0x108/0x2b0
[  605.629250][T11859]  do_recvmmsg+0xdbb/0x22b0
[  605.633827][T11859]  __sys_recvmmsg+0x5dd/0x610
[  605.638653][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  605.644863][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  605.651406][T11859]  __do_fast_syscall_32+0x129/0x180
[  605.656747][T11859]  do_fast_syscall_32+0x6a/0xc0
[  605.661686][T11859]  do_SYSENTER_32+0x73/0x90
[  605.666973][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  605.673516][T11859] 
[  605.675850][T11859] Uninit was stored to memory at:
[  605.680935][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  605.687058][T11859]  __msan_chain_origin+0x50/0x90
[  605.692997][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  605.698436][T11859]  get_compat_msghdr+0x108/0x2b0
[  605.703578][T11859]  do_recvmmsg+0xdbb/0x22b0
[  605.708457][T11859]  __sys_recvmmsg+0x5dd/0x610
[  605.713414][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  605.719731][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  605.725972][T11859]  __do_fast_syscall_32+0x129/0x180
[  605.731341][T11859]  do_fast_syscall_32+0x6a/0xc0
[  605.736241][T11859]  do_SYSENTER_32+0x73/0x90
[  605.740897][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  605.747310][T11859] 
[  605.749687][T11859] Uninit was stored to memory at:
[  605.755038][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  605.761092][T11859]  __msan_chain_origin+0x50/0x90
[  605.766192][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  605.772049][T11859]  get_compat_msghdr+0x108/0x2b0
[  605.777025][T11859]  do_recvmmsg+0xdbb/0x22b0
[  605.782258][T11859]  __sys_recvmmsg+0x5dd/0x610
[  605.787363][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  605.793973][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  605.800128][T11859]  __do_fast_syscall_32+0x129/0x180
[  605.806971][T11859]  do_fast_syscall_32+0x6a/0xc0
[  605.812157][T11859]  do_SYSENTER_32+0x73/0x90
[  605.816751][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  605.823278][T11859] 
[  605.825776][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  605.832540][T11859]  do_recvmmsg+0xbf/0x22b0
[  605.837518][T11859]  do_recvmmsg+0xbf/0x22b0
[  606.003351][T11859] not chained 370000 origins
[  606.008484][T11859] CPU: 0 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  606.017243][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  606.027407][T11859] Call Trace:
[  606.030859][T11859]  dump_stack+0x21c/0x280
[  606.035407][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  606.041319][T11859]  ? kmsan_get_metadata+0x116/0x180
[  606.046557][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  606.052141][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  606.058253][T11859]  ? _copy_from_user+0x201/0x310
[  606.063331][T11859]  ? kmsan_get_metadata+0x116/0x180
[  606.068741][T11859]  __msan_chain_origin+0x50/0x90
[  606.073812][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  606.079255][T11859]  get_compat_msghdr+0x108/0x2b0
[  606.084357][T11859]  do_recvmmsg+0xdbb/0x22b0
[  606.088985][T11859]  ? __msan_get_context_state+0x9/0x20
[  606.094681][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  606.100018][T11859]  ? kmsan_get_metadata+0x116/0x180
[  606.105474][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  606.110998][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  606.116231][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  606.121124][T11859]  __sys_recvmmsg+0x5dd/0x610
[  606.125937][T11859]  ? kmsan_get_metadata+0x116/0x180
[  606.131450][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  606.137688][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  606.143879][T11859]  __do_fast_syscall_32+0x129/0x180
[  606.149116][T11859]  do_fast_syscall_32+0x6a/0xc0
[  606.153999][T11859]  do_SYSENTER_32+0x73/0x90
[  606.158623][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  606.164979][T11859] RIP: 0023:0xf7ff7549
[  606.169211][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  606.189974][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  606.198418][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  606.206597][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  606.214946][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  606.224234][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  606.232238][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  606.240250][T11859] Uninit was stored to memory at:
[  606.245319][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  606.251071][T11859]  __msan_chain_origin+0x50/0x90
[  606.256207][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  606.261698][T11859]  get_compat_msghdr+0x108/0x2b0
[  606.266667][T11859]  do_recvmmsg+0xdbb/0x22b0
[  606.272276][T11859]  __sys_recvmmsg+0x5dd/0x610
[  606.277168][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  606.283369][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  606.289710][T11859]  __do_fast_syscall_32+0x129/0x180
[  606.295981][T11859]  do_fast_syscall_32+0x6a/0xc0
[  606.300857][T11859]  do_SYSENTER_32+0x73/0x90
[  606.305547][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  606.311973][T11859] 
[  606.314408][T11859] Uninit was stored to memory at:
[  606.319467][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  606.325398][T11859]  __msan_chain_origin+0x50/0x90
[  606.338303][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  606.343607][T11859]  get_compat_msghdr+0x108/0x2b0
[  606.348633][T11859]  do_recvmmsg+0xdbb/0x22b0
[  606.353136][T11859]  __sys_recvmmsg+0x5dd/0x610
[  606.357929][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  606.364081][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  606.370668][T11859]  __do_fast_syscall_32+0x129/0x180
[  606.376396][T11859]  do_fast_syscall_32+0x6a/0xc0
[  606.381463][T11859]  do_SYSENTER_32+0x73/0x90
[  606.386015][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  606.392520][T11859] 
[  606.394960][T11859] Uninit was stored to memory at:
[  606.400659][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  606.407440][T11859]  __msan_chain_origin+0x50/0x90
[  606.412585][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  606.417793][T11859]  get_compat_msghdr+0x108/0x2b0
[  606.422886][T11859]  do_recvmmsg+0xdbb/0x22b0
[  606.427617][T11859]  __sys_recvmmsg+0x5dd/0x610
[  606.432545][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  606.438701][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  606.445132][T11859]  __do_fast_syscall_32+0x129/0x180
[  606.450418][T11859]  do_fast_syscall_32+0x6a/0xc0
[  606.455341][T11859]  do_SYSENTER_32+0x73/0x90
[  606.459962][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  606.466551][T11859] 
[  606.468872][T11859] Uninit was stored to memory at:
[  606.474684][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  606.480896][T11859]  __msan_chain_origin+0x50/0x90
[  606.486083][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  606.491192][T11859]  get_compat_msghdr+0x108/0x2b0
[  606.496178][T11859]  do_recvmmsg+0xdbb/0x22b0
[  606.500714][T11859]  __sys_recvmmsg+0x5dd/0x610
[  606.505399][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  606.512623][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  606.518880][T11859]  __do_fast_syscall_32+0x129/0x180
[  606.524208][T11859]  do_fast_syscall_32+0x6a/0xc0
[  606.529057][T11859]  do_SYSENTER_32+0x73/0x90
[  606.533674][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  606.540417][T11859] 
[  606.542783][T11859] Uninit was stored to memory at:
[  606.548019][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  606.553824][T11859]  __msan_chain_origin+0x50/0x90
[  606.559097][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  606.564228][T11859]  get_compat_msghdr+0x108/0x2b0
[  606.569165][T11859]  do_recvmmsg+0xdbb/0x22b0
[  606.573773][T11859]  __sys_recvmmsg+0x5dd/0x610
[  606.578606][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  606.584958][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  606.591411][T11859]  __do_fast_syscall_32+0x129/0x180
[  606.596690][T11859]  do_fast_syscall_32+0x6a/0xc0
[  606.601821][T11859]  do_SYSENTER_32+0x73/0x90
[  606.606540][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  606.613539][T11859] 
[  606.615951][T11859] Uninit was stored to memory at:
[  606.621259][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  606.626982][T11859]  __msan_chain_origin+0x50/0x90
[  606.632950][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  606.638141][T11859]  get_compat_msghdr+0x108/0x2b0
[  606.643403][T11859]  do_recvmmsg+0xdbb/0x22b0
[  606.647954][T11859]  __sys_recvmmsg+0x5dd/0x610
[  606.652881][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  606.659058][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  606.665430][T11859]  __do_fast_syscall_32+0x129/0x180
[  606.671236][T11859]  do_fast_syscall_32+0x6a/0xc0
[  606.676098][T11859]  do_SYSENTER_32+0x73/0x90
[  606.681551][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  606.693265][T11859] 
[  606.695682][T11859] Uninit was stored to memory at:
[  606.700940][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  606.706865][T11859]  __msan_chain_origin+0x50/0x90
[  606.712328][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  606.717521][T11859]  get_compat_msghdr+0x108/0x2b0
[  606.722584][T11859]  do_recvmmsg+0xdbb/0x22b0
[  606.727220][T11859]  __sys_recvmmsg+0x5dd/0x610
[  606.731988][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  606.738275][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  606.744617][T11859]  __do_fast_syscall_32+0x129/0x180
[  606.750773][T11859]  do_fast_syscall_32+0x6a/0xc0
[  606.755629][T11859]  do_SYSENTER_32+0x73/0x90
[  606.760394][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  606.766713][T11859] 
[  606.769038][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  606.775800][T11859]  do_recvmmsg+0xbf/0x22b0
[  606.780419][T11859]  do_recvmmsg+0xbf/0x22b0
[  606.952490][T11859] not chained 380000 origins
[  606.957440][T11859] CPU: 0 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  606.966455][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  606.977921][T11859] Call Trace:
[  606.981544][T11859]  dump_stack+0x21c/0x280
[  606.985929][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  606.991865][T11859]  ? kmsan_get_metadata+0x116/0x180
[  606.997271][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  607.003287][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  607.009481][T11859]  ? _copy_from_user+0x201/0x310
[  607.014459][T11859]  ? kmsan_get_metadata+0x116/0x180
[  607.019691][T11859]  __msan_chain_origin+0x50/0x90
[  607.024665][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  607.029920][T11859]  get_compat_msghdr+0x108/0x2b0
[  607.036187][T11859]  do_recvmmsg+0xdbb/0x22b0
[  607.041018][T11859]  ? __msan_get_context_state+0x9/0x20
[  607.046630][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  607.051968][T11859]  ? kmsan_get_metadata+0x116/0x180
[  607.060856][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  607.066551][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  607.071569][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  607.076488][T11859]  __sys_recvmmsg+0x5dd/0x610
[  607.081281][T11859]  ? kmsan_get_metadata+0x116/0x180
[  607.086786][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  607.093049][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  607.099675][T11859]  __do_fast_syscall_32+0x129/0x180
[  607.106296][T11859]  do_fast_syscall_32+0x6a/0xc0
[  607.111509][T11859]  do_SYSENTER_32+0x73/0x90
[  607.116159][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  607.122961][T11859] RIP: 0023:0xf7ff7549
[  607.128036][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  607.148044][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  607.156821][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  607.165025][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  607.174159][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  607.182665][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  607.190727][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  607.198913][T11859] Uninit was stored to memory at:
[  607.203943][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  607.209881][T11859]  __msan_chain_origin+0x50/0x90
[  607.214833][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  607.220044][T11859]  get_compat_msghdr+0x108/0x2b0
[  607.226155][T11859]  do_recvmmsg+0xdbb/0x22b0
[  607.230699][T11859]  __sys_recvmmsg+0x5dd/0x610
[  607.235425][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  607.241607][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  607.248025][T11859]  __do_fast_syscall_32+0x129/0x180
[  607.253314][T11859]  do_fast_syscall_32+0x6a/0xc0
[  607.258638][T11859]  do_SYSENTER_32+0x73/0x90
[  607.263270][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  607.269593][T11859] 
[  607.271926][T11859] Uninit was stored to memory at:
[  607.277167][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  607.282972][T11859]  __msan_chain_origin+0x50/0x90
[  607.288409][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  607.294155][T11859]  get_compat_msghdr+0x108/0x2b0
[  607.299186][T11859]  do_recvmmsg+0xdbb/0x22b0
[  607.303691][T11859]  __sys_recvmmsg+0x5dd/0x610
[  607.308427][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  607.314597][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  607.320889][T11859]  __do_fast_syscall_32+0x129/0x180
[  607.327388][T11859]  do_fast_syscall_32+0x6a/0xc0
[  607.332294][T11859]  do_SYSENTER_32+0x73/0x90
[  607.337380][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  607.348107][T11859] 
[  607.350432][T11859] Uninit was stored to memory at:
[  607.355598][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  607.361438][T11859]  __msan_chain_origin+0x50/0x90
[  607.366509][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  607.371985][T11859]  get_compat_msghdr+0x108/0x2b0
[  607.377016][T11859]  do_recvmmsg+0xdbb/0x22b0
[  607.381736][T11859]  __sys_recvmmsg+0x5dd/0x610
[  607.386429][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  607.392745][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  607.398976][T11859]  __do_fast_syscall_32+0x129/0x180
[  607.404526][T11859]  do_fast_syscall_32+0x6a/0xc0
[  607.409636][T11859]  do_SYSENTER_32+0x73/0x90
[  607.414145][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  607.420691][T11859] 
[  607.423064][T11859] Uninit was stored to memory at:
[  607.428319][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  607.434213][T11859]  __msan_chain_origin+0x50/0x90
[  607.439159][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  607.451379][T11859]  get_compat_msghdr+0x108/0x2b0
[  607.456556][T11859]  do_recvmmsg+0xdbb/0x22b0
[  607.469390][T11859]  __sys_recvmmsg+0x5dd/0x610
[  607.474076][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  607.480300][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  607.486845][T11859]  __do_fast_syscall_32+0x129/0x180
[  607.492135][T11859]  do_fast_syscall_32+0x6a/0xc0
[  607.496989][T11859]  do_SYSENTER_32+0x73/0x90
[  607.501497][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  607.508115][T11859] 
[  607.510454][T11859] Uninit was stored to memory at:
[  607.515761][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  607.521764][T11859]  __msan_chain_origin+0x50/0x90
[  607.526752][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  607.531952][T11859]  get_compat_msghdr+0x108/0x2b0
[  607.537005][T11859]  do_recvmmsg+0xdbb/0x22b0
[  607.542029][T11859]  __sys_recvmmsg+0x5dd/0x610
[  607.546928][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  607.552993][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  607.559675][T11859]  __do_fast_syscall_32+0x129/0x180
[  607.564889][T11859]  do_fast_syscall_32+0x6a/0xc0
[  607.569743][T11859]  do_SYSENTER_32+0x73/0x90
[  607.574291][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  607.581043][T11859] 
[  607.583674][T11859] Uninit was stored to memory at:
[  607.588919][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  607.594836][T11859]  __msan_chain_origin+0x50/0x90
[  607.600189][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  607.605301][T11859]  get_compat_msghdr+0x108/0x2b0
[  607.610497][T11859]  do_recvmmsg+0xdbb/0x22b0
[  607.615100][T11859]  __sys_recvmmsg+0x5dd/0x610
[  607.619824][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  607.628842][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  607.635437][T11859]  __do_fast_syscall_32+0x129/0x180
[  607.641897][T11859]  do_fast_syscall_32+0x6a/0xc0
[  607.646919][T11859]  do_SYSENTER_32+0x73/0x90
[  607.651608][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  607.658855][T11859] 
[  607.662140][T11859] Uninit was stored to memory at:
[  607.668333][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  607.674186][T11859]  __msan_chain_origin+0x50/0x90
[  607.680052][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  607.685330][T11859]  get_compat_msghdr+0x108/0x2b0
[  607.690280][T11859]  do_recvmmsg+0xdbb/0x22b0
[  607.694879][T11859]  __sys_recvmmsg+0x5dd/0x610
[  607.699576][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  607.705727][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  607.712047][T11859]  __do_fast_syscall_32+0x129/0x180
[  607.717839][T11859]  do_fast_syscall_32+0x6a/0xc0
[  607.722779][T11859]  do_SYSENTER_32+0x73/0x90
[  607.727285][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  607.733601][T11859] 
[  607.735928][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  607.742643][T11859]  do_recvmmsg+0xbf/0x22b0
[  607.747267][T11859]  do_recvmmsg+0xbf/0x22b0
[  607.956600][T11859] not chained 390000 origins
[  607.961545][T11859] CPU: 1 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  607.970494][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  607.980981][T11859] Call Trace:
[  607.984312][T11859]  dump_stack+0x21c/0x280
[  607.988853][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  607.994907][T11859]  ? kmsan_get_metadata+0x116/0x180
[  608.000234][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  608.006169][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  608.012742][T11859]  ? _copy_from_user+0x201/0x310
[  608.017811][T11859]  ? kmsan_get_metadata+0x116/0x180
[  608.023207][T11859]  __msan_chain_origin+0x50/0x90
[  608.028547][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  608.034164][T11859]  get_compat_msghdr+0x108/0x2b0
[  608.039242][T11859]  do_recvmmsg+0xdbb/0x22b0
[  608.043877][T11859]  ? __msan_get_context_state+0x9/0x20
[  608.049397][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  608.054734][T11859]  ? kmsan_get_metadata+0x116/0x180
[  608.060124][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  608.065546][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  608.070496][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  608.075338][T11859]  __sys_recvmmsg+0x5dd/0x610
[  608.080210][T11859]  ? kmsan_get_metadata+0x116/0x180
[  608.085447][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  608.091664][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  608.097859][T11859]  __do_fast_syscall_32+0x129/0x180
[  608.103619][T11859]  do_fast_syscall_32+0x6a/0xc0
[  608.108527][T11859]  do_SYSENTER_32+0x73/0x90
[  608.113069][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  608.120287][T11859] RIP: 0023:0xf7ff7549
[  608.124648][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  608.144549][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  608.153174][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  608.161352][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  608.169960][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  608.178361][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  608.186538][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  608.195081][T11859] Uninit was stored to memory at:
[  608.200161][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  608.207101][T11859]  __msan_chain_origin+0x50/0x90
[  608.212885][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  608.218571][T11859]  get_compat_msghdr+0x108/0x2b0
[  608.224830][T11859]  do_recvmmsg+0xdbb/0x22b0
[  608.229397][T11859]  __sys_recvmmsg+0x5dd/0x610
[  608.234077][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  608.240285][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  608.246620][T11859]  __do_fast_syscall_32+0x129/0x180
[  608.251984][T11859]  do_fast_syscall_32+0x6a/0xc0
[  608.256837][T11859]  do_SYSENTER_32+0x73/0x90
[  608.261609][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  608.267932][T11859] 
[  608.270560][T11859] Uninit was stored to memory at:
[  608.275722][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  608.281582][T11859]  __msan_chain_origin+0x50/0x90
[  608.286525][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  608.291917][T11859]  get_compat_msghdr+0x108/0x2b0
[  608.297067][T11859]  do_recvmmsg+0xdbb/0x22b0
[  608.301569][T11859]  __sys_recvmmsg+0x5dd/0x610
[  608.306264][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  608.312480][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  608.318784][T11859]  __do_fast_syscall_32+0x129/0x180
[  608.324198][T11859]  do_fast_syscall_32+0x6a/0xc0
[  608.329144][T11859]  do_SYSENTER_32+0x73/0x90
[  608.333655][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  608.340119][T11859] 
[  608.342449][T11859] Uninit was stored to memory at:
[  608.347644][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  608.353405][T11859]  __msan_chain_origin+0x50/0x90
[  608.358350][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  608.363455][T11859]  get_compat_msghdr+0x108/0x2b0
[  608.368458][T11859]  do_recvmmsg+0xdbb/0x22b0
[  608.373322][T11859]  __sys_recvmmsg+0x5dd/0x610
[  608.378483][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  608.384549][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  608.390913][T11859]  __do_fast_syscall_32+0x129/0x180
[  608.396247][T11859]  do_fast_syscall_32+0x6a/0xc0
[  608.401473][T11859]  do_SYSENTER_32+0x73/0x90
[  608.405977][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  608.412553][T11859] 
[  608.414899][T11859] Uninit was stored to memory at:
[  608.419963][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  608.426145][T11859]  __msan_chain_origin+0x50/0x90
[  608.431262][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  608.436905][T11859]  get_compat_msghdr+0x108/0x2b0
[  608.441846][T11859]  do_recvmmsg+0xdbb/0x22b0
[  608.446350][T11859]  __sys_recvmmsg+0x5dd/0x610
[  608.451116][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  608.457500][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  608.463935][T11859]  __do_fast_syscall_32+0x129/0x180
[  608.469382][T11859]  do_fast_syscall_32+0x6a/0xc0
[  608.474232][T11859]  do_SYSENTER_32+0x73/0x90
[  608.479109][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  608.485785][T11859] 
[  608.488203][T11859] Uninit was stored to memory at:
[  608.493322][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  608.499054][T11859]  __msan_chain_origin+0x50/0x90
[  608.504263][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  608.509863][T11859]  get_compat_msghdr+0x108/0x2b0
[  608.515074][T11859]  do_recvmmsg+0xdbb/0x22b0
[  608.519944][T11859]  __sys_recvmmsg+0x5dd/0x610
[  608.524725][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  608.531827][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  608.538196][T11859]  __do_fast_syscall_32+0x129/0x180
[  608.543522][T11859]  do_fast_syscall_32+0x6a/0xc0
[  608.548471][T11859]  do_SYSENTER_32+0x73/0x90
[  608.553085][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  608.559404][T11859] 
[  608.561814][T11859] Uninit was stored to memory at:
[  608.566888][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  608.572748][T11859]  __msan_chain_origin+0x50/0x90
[  608.577688][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  608.582841][T11859]  get_compat_msghdr+0x108/0x2b0
[  608.587953][T11859]  do_recvmmsg+0xdbb/0x22b0
[  608.592578][T11859]  __sys_recvmmsg+0x5dd/0x610
[  608.597381][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  608.603793][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  608.610129][T11859]  __do_fast_syscall_32+0x129/0x180
[  608.615771][T11859]  do_fast_syscall_32+0x6a/0xc0
[  608.621008][T11859]  do_SYSENTER_32+0x73/0x90
[  608.625875][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  608.632566][T11859] 
[  608.634998][T11859] Uninit was stored to memory at:
[  608.640546][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  608.646624][T11859]  __msan_chain_origin+0x50/0x90
[  608.651605][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  608.657043][T11859]  get_compat_msghdr+0x108/0x2b0
[  608.662675][T11859]  do_recvmmsg+0xdbb/0x22b0
[  608.668388][T11859]  __sys_recvmmsg+0x5dd/0x610
[  608.673066][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  608.680152][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  608.686566][T11859]  __do_fast_syscall_32+0x129/0x180
[  608.691935][T11859]  do_fast_syscall_32+0x6a/0xc0
[  608.696923][T11859]  do_SYSENTER_32+0x73/0x90
[  608.702322][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  608.708943][T11859] 
[  608.711390][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  608.718567][T11859]  do_recvmmsg+0xbf/0x22b0
[  608.723070][T11859]  do_recvmmsg+0xbf/0x22b0
[  608.939775][T11859] not chained 400000 origins
[  608.944847][T11859] CPU: 1 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  608.954062][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  608.965573][T11859] Call Trace:
[  608.968914][T11859]  dump_stack+0x21c/0x280
[  608.973288][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  608.979166][T11859]  ? kmsan_get_metadata+0x116/0x180
[  608.984611][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  608.990323][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  608.996519][T11859]  ? _copy_from_user+0x201/0x310
[  609.001495][T11859]  ? kmsan_get_metadata+0x116/0x180
[  609.007175][T11859]  __msan_chain_origin+0x50/0x90
[  609.012152][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  609.017408][T11859]  get_compat_msghdr+0x108/0x2b0
[  609.022711][T11859]  do_recvmmsg+0xdbb/0x22b0
[  609.027344][T11859]  ? __msan_get_context_state+0x9/0x20
[  609.032964][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  609.038477][T11859]  ? kmsan_get_metadata+0x116/0x180
[  609.043808][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  609.049408][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  609.054201][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  609.059090][T11859]  __sys_recvmmsg+0x5dd/0x610
[  609.063820][T11859]  ? kmsan_get_metadata+0x116/0x180
[  609.069173][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  609.075297][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  609.081798][T11859]  __do_fast_syscall_32+0x129/0x180
[  609.087038][T11859]  do_fast_syscall_32+0x6a/0xc0
[  609.091933][T11859]  do_SYSENTER_32+0x73/0x90
[  609.096619][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  609.103233][T11859] RIP: 0023:0xf7ff7549
[  609.107550][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  609.127886][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  609.136419][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  609.144693][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  609.153163][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  609.161363][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  609.169341][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  609.177619][T11859] Uninit was stored to memory at:
[  609.182890][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  609.188718][T11859]  __msan_chain_origin+0x50/0x90
[  609.194707][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  609.200051][T11859]  get_compat_msghdr+0x108/0x2b0
[  609.205158][T11859]  do_recvmmsg+0xdbb/0x22b0
[  609.209832][T11859]  __sys_recvmmsg+0x5dd/0x610
[  609.214776][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  609.220988][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  609.227367][T11859]  __do_fast_syscall_32+0x129/0x180
[  609.232791][T11859]  do_fast_syscall_32+0x6a/0xc0
[  609.237737][T11859]  do_SYSENTER_32+0x73/0x90
[  609.242326][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  609.249054][T11859] 
[  609.251404][T11859] Uninit was stored to memory at:
[  609.256454][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  609.262436][T11859]  __msan_chain_origin+0x50/0x90
[  609.267814][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  609.273168][T11859]  get_compat_msghdr+0x108/0x2b0
[  609.278207][T11859]  do_recvmmsg+0xdbb/0x22b0
[  609.282958][T11859]  __sys_recvmmsg+0x5dd/0x610
[  609.287955][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  609.294332][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  609.300505][T11859]  __do_fast_syscall_32+0x129/0x180
[  609.305896][T11859]  do_fast_syscall_32+0x6a/0xc0
[  609.311720][T11859]  do_SYSENTER_32+0x73/0x90
[  609.316240][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  609.322830][T11859] 
[  609.325333][T11859] Uninit was stored to memory at:
[  609.330670][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  609.337384][T11859]  __msan_chain_origin+0x50/0x90
[  609.342610][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  609.347735][T11859]  get_compat_msghdr+0x108/0x2b0
[  609.353140][T11859]  do_recvmmsg+0xdbb/0x22b0
[  609.358065][T11859]  __sys_recvmmsg+0x5dd/0x610
[  609.362945][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  609.369020][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  609.375414][T11859]  __do_fast_syscall_32+0x129/0x180
[  609.381110][T11859]  do_fast_syscall_32+0x6a/0xc0
[  609.386225][T11859]  do_SYSENTER_32+0x73/0x90
[  609.390977][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  609.397600][T11859] 
[  609.399998][T11859] Uninit was stored to memory at:
[  609.406627][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  609.413185][T11859]  __msan_chain_origin+0x50/0x90
[  609.418411][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  609.424142][T11859]  get_compat_msghdr+0x108/0x2b0
[  609.429250][T11859]  do_recvmmsg+0xdbb/0x22b0
[  609.433883][T11859]  __sys_recvmmsg+0x5dd/0x610
[  609.438563][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  609.444906][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  609.451312][T11859]  __do_fast_syscall_32+0x129/0x180
[  609.456694][T11859]  do_fast_syscall_32+0x6a/0xc0
[  609.463222][T11859]  do_SYSENTER_32+0x73/0x90
[  609.468009][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  609.475509][T11859] 
[  609.478039][T11859] Uninit was stored to memory at:
[  609.483534][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  609.489686][T11859]  __msan_chain_origin+0x50/0x90
[  609.494753][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  609.499932][T11859]  get_compat_msghdr+0x108/0x2b0
[  609.505258][T11859]  do_recvmmsg+0xdbb/0x22b0
[  609.510319][T11859]  __sys_recvmmsg+0x5dd/0x610
[  609.515143][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  609.521545][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  609.527940][T11859]  __do_fast_syscall_32+0x129/0x180
[  609.534289][T11859]  do_fast_syscall_32+0x6a/0xc0
[  609.539319][T11859]  do_SYSENTER_32+0x73/0x90
[  609.543911][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  609.550506][T11859] 
[  609.552828][T11859] Uninit was stored to memory at:
[  609.558293][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  609.564175][T11859]  __msan_chain_origin+0x50/0x90
[  609.570861][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  609.576121][T11859]  get_compat_msghdr+0x108/0x2b0
[  609.582245][T11859]  do_recvmmsg+0xdbb/0x22b0
[  609.586753][T11859]  __sys_recvmmsg+0x5dd/0x610
[  609.591703][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  609.598066][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  609.605262][T11859]  __do_fast_syscall_32+0x129/0x180
[  609.615777][T11859]  do_fast_syscall_32+0x6a/0xc0
[  609.620983][T11859]  do_SYSENTER_32+0x73/0x90
[  609.625721][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  609.632178][T11859] 
[  609.634500][T11859] Uninit was stored to memory at:
[  609.639779][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  609.645657][T11859]  __msan_chain_origin+0x50/0x90
[  609.650640][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  609.655763][T11859]  get_compat_msghdr+0x108/0x2b0
[  609.660938][T11859]  do_recvmmsg+0xdbb/0x22b0
[  609.665456][T11859]  __sys_recvmmsg+0x5dd/0x610
[  609.670326][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  609.676661][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  609.682984][T11859]  __do_fast_syscall_32+0x129/0x180
[  609.688377][T11859]  do_fast_syscall_32+0x6a/0xc0
[  609.693344][T11859]  do_SYSENTER_32+0x73/0x90
[  609.698013][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  609.704348][T11859] 
[  609.706835][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  609.713534][T11859]  do_recvmmsg+0xbf/0x22b0
[  609.717991][T11859]  do_recvmmsg+0xbf/0x22b0
[  609.991362][T11859] not chained 410000 origins
[  609.996023][T11859] CPU: 1 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  610.004887][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  610.015403][T11859] Call Trace:
[  610.018760][T11859]  dump_stack+0x21c/0x280
[  610.023323][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  610.029074][T11859]  ? kmsan_get_metadata+0x116/0x180
[  610.034328][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  610.039966][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  610.046179][T11859]  ? _copy_from_user+0x201/0x310
[  610.051120][T11859]  ? kmsan_get_metadata+0x116/0x180
[  610.056381][T11859]  __msan_chain_origin+0x50/0x90
[  610.061367][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  610.066530][T11859]  get_compat_msghdr+0x108/0x2b0
[  610.071627][T11859]  do_recvmmsg+0xdbb/0x22b0
[  610.076295][T11859]  ? __msan_get_context_state+0x9/0x20
[  610.081965][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  610.087292][T11859]  ? kmsan_get_metadata+0x116/0x180
[  610.092657][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  610.098251][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  610.103061][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  610.107963][T11859]  __sys_recvmmsg+0x5dd/0x610
[  610.112737][T11859]  ? kmsan_get_metadata+0x116/0x180
[  610.118124][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  610.124316][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  610.130566][T11859]  __do_fast_syscall_32+0x129/0x180
[  610.135790][T11859]  do_fast_syscall_32+0x6a/0xc0
[  610.141514][T11859]  do_SYSENTER_32+0x73/0x90
[  610.146026][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  610.152576][T11859] RIP: 0023:0xf7ff7549
[  610.156777][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  610.176660][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  610.185520][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  610.194000][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  610.202238][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  610.210488][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  610.218459][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  610.226527][T11859] Uninit was stored to memory at:
[  610.231560][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  610.237489][T11859]  __msan_chain_origin+0x50/0x90
[  610.242694][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  610.247999][T11859]  get_compat_msghdr+0x108/0x2b0
[  610.252980][T11859]  do_recvmmsg+0xdbb/0x22b0
[  610.258175][T11859]  __sys_recvmmsg+0x5dd/0x610
[  610.263064][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  610.269300][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  610.275509][T11859]  __do_fast_syscall_32+0x129/0x180
[  610.286299][T11859]  do_fast_syscall_32+0x6a/0xc0
[  610.291401][T11859]  do_SYSENTER_32+0x73/0x90
[  610.295909][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  610.302224][T11859] 
[  610.304638][T11859] Uninit was stored to memory at:
[  610.309809][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  610.315713][T11859]  __msan_chain_origin+0x50/0x90
[  610.320781][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  610.326033][T11859]  get_compat_msghdr+0x108/0x2b0
[  610.331057][T11859]  do_recvmmsg+0xdbb/0x22b0
[  610.335698][T11859]  __sys_recvmmsg+0x5dd/0x610
[  610.340376][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  610.346527][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  610.352680][T11859]  __do_fast_syscall_32+0x129/0x180
[  610.358052][T11859]  do_fast_syscall_32+0x6a/0xc0
[  610.363086][T11859]  do_SYSENTER_32+0x73/0x90
[  610.367746][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  610.374151][T11859] 
[  610.376685][T11859] Uninit was stored to memory at:
[  610.381811][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  610.387656][T11859]  __msan_chain_origin+0x50/0x90
[  610.392956][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  610.398083][T11859]  get_compat_msghdr+0x108/0x2b0
[  610.403149][T11859]  do_recvmmsg+0xdbb/0x22b0
[  610.407987][T11859]  __sys_recvmmsg+0x5dd/0x610
[  610.412665][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  610.419618][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  610.425959][T11859]  __do_fast_syscall_32+0x129/0x180
[  610.431350][T11859]  do_fast_syscall_32+0x6a/0xc0
[  610.436334][T11859]  do_SYSENTER_32+0x73/0x90
[  610.440929][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  610.447558][T11859] 
[  610.449939][T11859] Uninit was stored to memory at:
[  610.455422][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  610.461230][T11859]  __msan_chain_origin+0x50/0x90
[  610.466329][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  610.471442][T11859]  get_compat_msghdr+0x108/0x2b0
[  610.474917][ T3240] Bluetooth: hci4: command 0x0406 tx timeout
[  610.476571][T11859]  do_recvmmsg+0xdbb/0x22b0
[  610.489047][T11859]  __sys_recvmmsg+0x5dd/0x610
[  610.493839][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  610.499937][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  610.506219][T11859]  __do_fast_syscall_32+0x129/0x180
[  610.511531][T11859]  do_fast_syscall_32+0x6a/0xc0
[  610.516707][T11859]  do_SYSENTER_32+0x73/0x90
[  610.521494][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  610.527833][T11859] 
[  610.530343][T11859] Uninit was stored to memory at:
[  610.535647][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  610.541398][T11859]  __msan_chain_origin+0x50/0x90
[  610.546360][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  610.551720][T11859]  get_compat_msghdr+0x108/0x2b0
[  610.556714][T11859]  do_recvmmsg+0xdbb/0x22b0
[  610.561393][T11859]  __sys_recvmmsg+0x5dd/0x610
[  610.566191][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  610.572291][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  610.578578][T11859]  __do_fast_syscall_32+0x129/0x180
[  610.583962][T11859]  do_fast_syscall_32+0x6a/0xc0
[  610.589024][T11859]  do_SYSENTER_32+0x73/0x90
[  610.593802][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  610.600153][T11859] 
[  610.602503][T11859] Uninit was stored to memory at:
[  610.607571][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  610.613458][T11859]  __msan_chain_origin+0x50/0x90
[  610.618971][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  610.624370][T11859]  get_compat_msghdr+0x108/0x2b0
[  610.629363][T11859]  do_recvmmsg+0xdbb/0x22b0
[  610.634028][T11859]  __sys_recvmmsg+0x5dd/0x610
[  610.639030][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  610.645307][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  610.651655][T11859]  __do_fast_syscall_32+0x129/0x180
[  610.656882][T11859]  do_fast_syscall_32+0x6a/0xc0
[  610.661909][T11859]  do_SYSENTER_32+0x73/0x90
[  610.666623][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  610.673046][T11859] 
[  610.675528][T11859] Uninit was stored to memory at:
[  610.680584][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  610.686488][T11859]  __msan_chain_origin+0x50/0x90
[  610.691563][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  610.696813][T11859]  get_compat_msghdr+0x108/0x2b0
[  610.701787][T11859]  do_recvmmsg+0xdbb/0x22b0
[  610.706409][T11859]  __sys_recvmmsg+0x5dd/0x610
[  610.711118][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  610.717391][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  610.723664][T11859]  __do_fast_syscall_32+0x129/0x180
[  610.729040][T11859]  do_fast_syscall_32+0x6a/0xc0
[  610.734189][T11859]  do_SYSENTER_32+0x73/0x90
[  610.738723][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  610.745073][T11859] 
[  610.747419][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  610.754119][T11859]  do_recvmmsg+0xbf/0x22b0
[  610.767071][T11859]  do_recvmmsg+0xbf/0x22b0
[  610.884577][T11859] not chained 420000 origins
[  610.889670][T11859] CPU: 1 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  610.899674][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  610.909872][T11859] Call Trace:
[  610.913263][T11859]  dump_stack+0x21c/0x280
[  610.917770][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  610.923676][T11859]  ? kmsan_get_metadata+0x116/0x180
[  610.928882][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  610.934442][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  610.940836][T11859]  ? _copy_from_user+0x201/0x310
[  610.946023][T11859]  ? kmsan_get_metadata+0x116/0x180
[  610.951289][T11859]  __msan_chain_origin+0x50/0x90
[  610.956384][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  610.961742][T11859]  get_compat_msghdr+0x108/0x2b0
[  610.967892][T11859]  do_recvmmsg+0xdbb/0x22b0
[  610.972931][T11859]  ? __msan_get_context_state+0x9/0x20
[  610.978442][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  610.984120][T11859]  ? kmsan_get_metadata+0x116/0x180
[  610.989356][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  610.994786][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  610.999657][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  611.004479][T11859]  __sys_recvmmsg+0x5dd/0x610
[  611.009336][T11859]  ? kmsan_get_metadata+0x116/0x180
[  611.015808][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  611.022386][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  611.028548][T11859]  __do_fast_syscall_32+0x129/0x180
[  611.033894][T11859]  do_fast_syscall_32+0x6a/0xc0
[  611.039953][T11859]  do_SYSENTER_32+0x73/0x90
[  611.044667][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  611.051148][T11859] RIP: 0023:0xf7ff7549
[  611.055519][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  611.076169][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  611.084798][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  611.092915][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  611.101067][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  611.109180][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  611.117377][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  611.125376][T11859] Uninit was stored to memory at:
[  611.130582][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  611.136422][T11859]  __msan_chain_origin+0x50/0x90
[  611.141834][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  611.147187][T11859]  get_compat_msghdr+0x108/0x2b0
[  611.152268][T11859]  do_recvmmsg+0xdbb/0x22b0
[  611.156790][T11859]  __sys_recvmmsg+0x5dd/0x610
[  611.161640][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  611.169111][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  611.175595][T11859]  __do_fast_syscall_32+0x129/0x180
[  611.180814][T11859]  do_fast_syscall_32+0x6a/0xc0
[  611.185717][T11859]  do_SYSENTER_32+0x73/0x90
[  611.190608][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  611.197072][T11859] 
[  611.199526][T11859] Uninit was stored to memory at:
[  611.204806][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  611.210748][T11859]  __msan_chain_origin+0x50/0x90
[  611.215991][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  611.221118][T11859]  get_compat_msghdr+0x108/0x2b0
[  611.226282][T11859]  do_recvmmsg+0xdbb/0x22b0
[  611.230815][T11859]  __sys_recvmmsg+0x5dd/0x610
[  611.235502][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  611.241739][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  611.248053][T11859]  __do_fast_syscall_32+0x129/0x180
[  611.253297][T11859]  do_fast_syscall_32+0x6a/0xc0
[  611.258221][T11859]  do_SYSENTER_32+0x73/0x90
[  611.263809][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  611.270132][T11859] 
[  611.272588][T11859] Uninit was stored to memory at:
[  611.277629][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  611.283488][T11859]  __msan_chain_origin+0x50/0x90
[  611.288580][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  611.294034][T11859]  get_compat_msghdr+0x108/0x2b0
[  611.299063][T11859]  do_recvmmsg+0xdbb/0x22b0
[  611.303803][T11859]  __sys_recvmmsg+0x5dd/0x610
[  611.309401][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  611.315749][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  611.322092][T11859]  __do_fast_syscall_32+0x129/0x180
[  611.327539][T11859]  do_fast_syscall_32+0x6a/0xc0
[  611.332513][T11859]  do_SYSENTER_32+0x73/0x90
[  611.337266][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  611.343933][T11859] 
[  611.346556][T11859] Uninit was stored to memory at:
[  611.351890][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  611.357712][T11859]  __msan_chain_origin+0x50/0x90
[  611.363498][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  611.368761][T11859]  get_compat_msghdr+0x108/0x2b0
[  611.374213][T11859]  do_recvmmsg+0xdbb/0x22b0
[  611.378816][T11859]  __sys_recvmmsg+0x5dd/0x610
[  611.383698][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  611.389780][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  611.395958][T11859]  __do_fast_syscall_32+0x129/0x180
[  611.401181][T11859]  do_fast_syscall_32+0x6a/0xc0
[  611.406171][T11859]  do_SYSENTER_32+0x73/0x90
[  611.411076][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  611.417412][T11859] 
[  611.419780][T11859] Uninit was stored to memory at:
[  611.425123][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  611.430842][T11859]  __msan_chain_origin+0x50/0x90
[  611.435902][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  611.441026][T11859]  get_compat_msghdr+0x108/0x2b0
[  611.446101][T11859]  do_recvmmsg+0xdbb/0x22b0
[  611.450604][T11859]  __sys_recvmmsg+0x5dd/0x610
[  611.456861][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  611.463730][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  611.469932][T11859]  __do_fast_syscall_32+0x129/0x180
[  611.475145][T11859]  do_fast_syscall_32+0x6a/0xc0
[  611.480181][T11859]  do_SYSENTER_32+0x73/0x90
[  611.484981][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  611.491302][T11859] 
[  611.493626][T11859] Uninit was stored to memory at:
[  611.498669][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  611.504546][T11859]  __msan_chain_origin+0x50/0x90
[  611.509707][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  611.514830][T11859]  get_compat_msghdr+0x108/0x2b0
[  611.520050][T11859]  do_recvmmsg+0xdbb/0x22b0
[  611.524882][T11859]  __sys_recvmmsg+0x5dd/0x610
[  611.529624][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  611.535719][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  611.541971][T11859]  __do_fast_syscall_32+0x129/0x180
[  611.547169][T11859]  do_fast_syscall_32+0x6a/0xc0
[  611.552235][T11859]  do_SYSENTER_32+0x73/0x90
[  611.556924][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  611.563419][T11859] 
[  611.565797][T11859] Uninit was stored to memory at:
[  611.571041][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  611.576774][T11859]  __msan_chain_origin+0x50/0x90
[  611.581726][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  611.587094][T11859]  get_compat_msghdr+0x108/0x2b0
[  611.592166][T11859]  do_recvmmsg+0xdbb/0x22b0
[  611.596683][T11859]  __sys_recvmmsg+0x5dd/0x610
[  611.601410][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  611.608108][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  611.614818][T11859]  __do_fast_syscall_32+0x129/0x180
[  611.620509][T11859]  do_fast_syscall_32+0x6a/0xc0
[  611.625612][T11859]  do_SYSENTER_32+0x73/0x90
[  611.630244][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  611.636572][T11859] 
[  611.639005][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  611.645974][T11859]  do_recvmmsg+0xbf/0x22b0
[  611.650452][T11859]  do_recvmmsg+0xbf/0x22b0
[  611.870302][T11859] not chained 430000 origins
[  611.874968][T11859] CPU: 1 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  611.884202][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  611.894557][T11859] Call Trace:
[  611.897897][T11859]  dump_stack+0x21c/0x280
[  611.904193][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  611.911054][T11859]  ? kmsan_get_metadata+0x116/0x180
[  611.916648][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  611.922570][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  611.928967][T11859]  ? _copy_from_user+0x201/0x310
[  611.934225][T11859]  ? kmsan_get_metadata+0x116/0x180
[  611.939642][T11859]  __msan_chain_origin+0x50/0x90
[  611.944615][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  611.950276][T11859]  get_compat_msghdr+0x108/0x2b0
[  611.955353][T11859]  do_recvmmsg+0xdbb/0x22b0
[  611.959897][T11859]  ? __msan_get_context_state+0x9/0x20
[  611.965617][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  611.971210][T11859]  ? kmsan_get_metadata+0x116/0x180
[  611.976613][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  611.982169][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  611.987137][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  611.992181][T11859]  __sys_recvmmsg+0x5dd/0x610
[  611.996972][T11859]  ? kmsan_get_metadata+0x116/0x180
[  612.002303][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  612.008746][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  612.015050][T11859]  __do_fast_syscall_32+0x129/0x180
[  612.020294][T11859]  do_fast_syscall_32+0x6a/0xc0
[  612.025406][T11859]  do_SYSENTER_32+0x73/0x90
[  612.030120][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  612.037083][T11859] RIP: 0023:0xf7ff7549
[  612.041179][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  612.062612][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  612.071842][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  612.080076][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  612.088282][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  612.096646][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  612.105091][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  612.113503][T11859] Uninit was stored to memory at:
[  612.118719][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  612.124490][T11859]  __msan_chain_origin+0x50/0x90
[  612.129804][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  612.135350][T11859]  get_compat_msghdr+0x108/0x2b0
[  612.140408][T11859]  do_recvmmsg+0xdbb/0x22b0
[  612.145257][T11859]  __sys_recvmmsg+0x5dd/0x610
[  612.150110][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  612.156384][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  612.163118][T11859]  __do_fast_syscall_32+0x129/0x180
[  612.168347][T11859]  do_fast_syscall_32+0x6a/0xc0
[  612.173351][T11859]  do_SYSENTER_32+0x73/0x90
[  612.178155][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  612.184810][T11859] 
[  612.187306][T11859] Uninit was stored to memory at:
[  612.192912][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  612.198843][T11859]  __msan_chain_origin+0x50/0x90
[  612.204091][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  612.209239][T11859]  get_compat_msghdr+0x108/0x2b0
[  612.216519][T11859]  do_recvmmsg+0xdbb/0x22b0
[  612.224441][T11859]  __sys_recvmmsg+0x5dd/0x610
[  612.229463][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  612.235676][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  612.249668][T11859]  __do_fast_syscall_32+0x129/0x180
[  612.254971][T11859]  do_fast_syscall_32+0x6a/0xc0
[  612.259928][T11859]  do_SYSENTER_32+0x73/0x90
[  612.264665][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  612.271118][T11859] 
[  612.273444][T11859] Uninit was stored to memory at:
[  612.278612][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  612.284421][T11859]  __msan_chain_origin+0x50/0x90
[  612.289658][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  612.294784][T11859]  get_compat_msghdr+0x108/0x2b0
[  612.299754][T11859]  do_recvmmsg+0xdbb/0x22b0
[  612.304262][T11859]  __sys_recvmmsg+0x5dd/0x610
[  612.309016][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  612.315411][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  612.323222][T11859]  __do_fast_syscall_32+0x129/0x180
[  612.329049][T11859]  do_fast_syscall_32+0x6a/0xc0
[  612.334986][T11859]  do_SYSENTER_32+0x73/0x90
[  612.339727][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  612.346099][T11859] 
[  612.348512][T11859] Uninit was stored to memory at:
[  612.353546][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  612.359586][T11859]  __msan_chain_origin+0x50/0x90
[  612.365140][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  612.370350][T11859]  get_compat_msghdr+0x108/0x2b0
[  612.375346][T11859]  do_recvmmsg+0xdbb/0x22b0
[  612.379994][T11859]  __sys_recvmmsg+0x5dd/0x610
[  612.384701][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  612.391028][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  612.397287][T11859]  __do_fast_syscall_32+0x129/0x180
[  612.402708][T11859]  do_fast_syscall_32+0x6a/0xc0
[  612.408106][T11859]  do_SYSENTER_32+0x73/0x90
[  612.412959][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  612.419575][T11859] 
[  612.421961][T11859] Uninit was stored to memory at:
[  612.427365][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  612.433473][T11859]  __msan_chain_origin+0x50/0x90
[  612.438724][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  612.444108][T11859]  get_compat_msghdr+0x108/0x2b0
[  612.449450][T11859]  do_recvmmsg+0xdbb/0x22b0
[  612.454495][T11859]  __sys_recvmmsg+0x5dd/0x610
[  612.459182][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  612.465602][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  612.471853][T11859]  __do_fast_syscall_32+0x129/0x180
[  612.477480][T11859]  do_fast_syscall_32+0x6a/0xc0
[  612.482587][T11859]  do_SYSENTER_32+0x73/0x90
[  612.487305][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  612.494125][T11859] 
[  612.496543][T11859] Uninit was stored to memory at:
[  612.501703][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  612.507563][T11859]  __msan_chain_origin+0x50/0x90
[  612.512940][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  612.518138][T11859]  get_compat_msghdr+0x108/0x2b0
[  612.523082][T11859]  do_recvmmsg+0xdbb/0x22b0
[  612.527743][T11859]  __sys_recvmmsg+0x5dd/0x610
[  612.532425][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  612.538812][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  612.545142][T11859]  __do_fast_syscall_32+0x129/0x180
[  612.550713][T11859]  do_fast_syscall_32+0x6a/0xc0
[  612.556236][T11859]  do_SYSENTER_32+0x73/0x90
[  612.561374][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  612.568274][T11859] 
[  612.570651][T11859] Uninit was stored to memory at:
[  612.575791][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  612.581778][T11859]  __msan_chain_origin+0x50/0x90
[  612.586718][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  612.592056][T11859]  get_compat_msghdr+0x108/0x2b0
[  612.597647][T11859]  do_recvmmsg+0xdbb/0x22b0
[  612.602404][T11859]  __sys_recvmmsg+0x5dd/0x610
[  612.607655][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  612.614540][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  612.620986][T11859]  __do_fast_syscall_32+0x129/0x180
[  612.626513][T11859]  do_fast_syscall_32+0x6a/0xc0
[  612.631408][T11859]  do_SYSENTER_32+0x73/0x90
[  612.636292][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  612.643603][T11859] 
[  612.646153][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  612.653049][T11859]  do_recvmmsg+0xbf/0x22b0
[  612.657710][T11859]  do_recvmmsg+0xbf/0x22b0
[  612.863906][T11859] not chained 440000 origins
[  612.869913][T11859] CPU: 1 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  612.878958][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  612.894042][T11859] Call Trace:
[  612.897375][T11859]  dump_stack+0x21c/0x280
[  612.901945][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  612.907858][T11859]  ? kmsan_get_metadata+0x116/0x180
[  612.913684][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  612.919277][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  612.925620][T11859]  ? _copy_from_user+0x201/0x310
[  612.930694][T11859]  ? kmsan_get_metadata+0x116/0x180
[  612.936897][T11859]  __msan_chain_origin+0x50/0x90
[  612.942065][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  612.947233][T11859]  get_compat_msghdr+0x108/0x2b0
[  612.952374][T11859]  do_recvmmsg+0xdbb/0x22b0
[  612.957043][T11859]  ? __msan_get_context_state+0x9/0x20
[  612.963061][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  612.968773][T11859]  ? kmsan_get_metadata+0x116/0x180
[  612.974131][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  612.979868][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  612.984843][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  612.989861][T11859]  __sys_recvmmsg+0x5dd/0x610
[  612.994725][T11859]  ? kmsan_get_metadata+0x116/0x180
[  613.000408][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  613.006545][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  613.012994][T11859]  __do_fast_syscall_32+0x129/0x180
[  613.018568][T11859]  do_fast_syscall_32+0x6a/0xc0
[  613.023601][T11859]  do_SYSENTER_32+0x73/0x90
[  613.036569][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  613.043371][T11859] RIP: 0023:0xf7ff7549
[  613.047471][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  613.071759][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  613.080319][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  613.088393][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  613.096599][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  613.104798][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  613.113010][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  613.121153][T11859] Uninit was stored to memory at:
[  613.126210][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  613.131994][T11859]  __msan_chain_origin+0x50/0x90
[  613.137286][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  613.142486][T11859]  get_compat_msghdr+0x108/0x2b0
[  613.147683][T11859]  do_recvmmsg+0xdbb/0x22b0
[  613.152203][T11859]  __sys_recvmmsg+0x5dd/0x610
[  613.157070][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  613.163155][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  613.169869][T11859]  __do_fast_syscall_32+0x129/0x180
[  613.175280][T11859]  do_fast_syscall_32+0x6a/0xc0
[  613.180268][T11859]  do_SYSENTER_32+0x73/0x90
[  613.184786][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  613.191253][T11859] 
[  613.193674][T11859] Uninit was stored to memory at:
[  613.199059][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  613.204884][T11859]  __msan_chain_origin+0x50/0x90
[  613.209841][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  613.215198][T11859]  get_compat_msghdr+0x108/0x2b0
[  613.220366][T11859]  do_recvmmsg+0xdbb/0x22b0
[  613.225131][T11859]  __sys_recvmmsg+0x5dd/0x610
[  613.229921][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  613.236071][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  613.242231][T11859]  __do_fast_syscall_32+0x129/0x180
[  613.247440][T11859]  do_fast_syscall_32+0x6a/0xc0
[  613.252550][T11859]  do_SYSENTER_32+0x73/0x90
[  613.257159][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  613.263580][T11859] 
[  613.266084][T11859] Uninit was stored to memory at:
[  613.271128][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  613.277175][T11859]  __msan_chain_origin+0x50/0x90
[  613.282250][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  613.287830][T11859]  get_compat_msghdr+0x108/0x2b0
[  613.293569][T11859]  do_recvmmsg+0xdbb/0x22b0
[  613.298158][T11859]  __sys_recvmmsg+0x5dd/0x610
[  613.303049][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  613.309520][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  613.316001][T11859]  __do_fast_syscall_32+0x129/0x180
[  613.321292][T11859]  do_fast_syscall_32+0x6a/0xc0
[  613.326162][T11859]  do_SYSENTER_32+0x73/0x90
[  613.331009][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  613.337478][T11859] 
[  613.339805][T11859] Uninit was stored to memory at:
[  613.345934][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  613.352205][T11859]  __msan_chain_origin+0x50/0x90
[  613.357188][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  613.362365][T11859]  get_compat_msghdr+0x108/0x2b0
[  613.367376][T11859]  do_recvmmsg+0xdbb/0x22b0
[  613.372032][T11859]  __sys_recvmmsg+0x5dd/0x610
[  613.376839][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  613.382921][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  613.389081][T11859]  __do_fast_syscall_32+0x129/0x180
[  613.395588][T11859]  do_fast_syscall_32+0x6a/0xc0
[  613.400578][T11859]  do_SYSENTER_32+0x73/0x90
[  613.405134][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  613.418894][T11859] 
[  613.421220][T11859] Uninit was stored to memory at:
[  613.426364][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  613.432233][T11859]  __msan_chain_origin+0x50/0x90
[  613.438051][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  613.443340][T11859]  get_compat_msghdr+0x108/0x2b0
[  613.448481][T11859]  do_recvmmsg+0xdbb/0x22b0
[  613.453075][T11859]  __sys_recvmmsg+0x5dd/0x610
[  613.457801][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  613.464016][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  613.470523][T11859]  __do_fast_syscall_32+0x129/0x180
[  613.480493][T11859]  do_fast_syscall_32+0x6a/0xc0
[  613.485814][T11859]  do_SYSENTER_32+0x73/0x90
[  613.490349][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  613.496957][T11859] 
[  613.499517][T11859] Uninit was stored to memory at:
[  613.504933][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  613.510887][T11859]  __msan_chain_origin+0x50/0x90
[  613.515927][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  613.521155][T11859]  get_compat_msghdr+0x108/0x2b0
[  613.526461][T11859]  do_recvmmsg+0xdbb/0x22b0
[  613.530991][T11859]  __sys_recvmmsg+0x5dd/0x610
[  613.536074][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  613.542789][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  613.549399][T11859]  __do_fast_syscall_32+0x129/0x180
[  613.554858][T11859]  do_fast_syscall_32+0x6a/0xc0
[  613.559814][T11859]  do_SYSENTER_32+0x73/0x90
[  613.564325][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  613.570731][T11859] 
[  613.573172][T11859] Uninit was stored to memory at:
[  613.578417][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  613.584258][T11859]  __msan_chain_origin+0x50/0x90
[  613.589373][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  613.595116][T11859]  get_compat_msghdr+0x108/0x2b0
[  613.600087][T11859]  do_recvmmsg+0xdbb/0x22b0
[  613.604771][T11859]  __sys_recvmmsg+0x5dd/0x610
[  613.609770][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  613.615951][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  613.622507][T11859]  __do_fast_syscall_32+0x129/0x180
[  613.627799][T11859]  do_fast_syscall_32+0x6a/0xc0
[  613.632647][T11859]  do_SYSENTER_32+0x73/0x90
[  613.637304][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  613.643845][T11859] 
[  613.646498][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  613.653369][T11859]  do_recvmmsg+0xbf/0x22b0
[  613.657801][T11859]  do_recvmmsg+0xbf/0x22b0
[  613.886404][T11859] not chained 450000 origins
[  613.891066][T11859] CPU: 0 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  613.900642][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  613.912239][T11859] Call Trace:
[  613.915683][T11859]  dump_stack+0x21c/0x280
[  613.920153][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  613.927255][T11859]  ? kmsan_get_metadata+0x116/0x180
[  613.933901][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  613.939504][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  613.945965][T11859]  ? _copy_from_user+0x201/0x310
[  613.950982][T11859]  ? kmsan_get_metadata+0x116/0x180
[  613.956319][T11859]  __msan_chain_origin+0x50/0x90
[  613.961383][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  613.967435][T11859]  get_compat_msghdr+0x108/0x2b0
[  613.972511][T11859]  do_recvmmsg+0xdbb/0x22b0
[  613.977196][T11859]  ? __msan_get_context_state+0x9/0x20
[  613.982893][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  613.988279][T11859]  ? kmsan_get_metadata+0x116/0x180
[  613.993530][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  613.998853][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  614.003650][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  614.008687][T11859]  __sys_recvmmsg+0x5dd/0x610
[  614.013419][T11859]  ? kmsan_get_metadata+0x116/0x180
[  614.018748][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  614.024990][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  614.031204][T11859]  __do_fast_syscall_32+0x129/0x180
[  614.037484][T11859]  do_fast_syscall_32+0x6a/0xc0
[  614.042596][T11859]  do_SYSENTER_32+0x73/0x90
[  614.047140][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  614.053499][T11859] RIP: 0023:0xf7ff7549
[  614.057675][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  614.077813][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  614.086563][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  614.095164][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  614.103448][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  614.111588][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  614.119749][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  614.127846][T11859] Uninit was stored to memory at:
[  614.132906][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  614.138886][T11859]  __msan_chain_origin+0x50/0x90
[  614.144100][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  614.150211][T11859]  get_compat_msghdr+0x108/0x2b0
[  614.155372][T11859]  do_recvmmsg+0xdbb/0x22b0
[  614.159876][T11859]  __sys_recvmmsg+0x5dd/0x610
[  614.164969][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  614.171036][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  614.177386][T11859]  __do_fast_syscall_32+0x129/0x180
[  614.182856][T11859]  do_fast_syscall_32+0x6a/0xc0
[  614.187781][T11859]  do_SYSENTER_32+0x73/0x90
[  614.192421][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  614.198860][T11859] 
[  614.201185][T11859] Uninit was stored to memory at:
[  614.207420][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  614.213143][T11859]  __msan_chain_origin+0x50/0x90
[  614.218258][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  614.223433][T11859]  get_compat_msghdr+0x108/0x2b0
[  614.228378][T11859]  do_recvmmsg+0xdbb/0x22b0
[  614.233052][T11859]  __sys_recvmmsg+0x5dd/0x610
[  614.238341][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  614.244507][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  614.250893][T11859]  __do_fast_syscall_32+0x129/0x180
[  614.256205][T11859]  do_fast_syscall_32+0x6a/0xc0
[  614.261762][T11859]  do_SYSENTER_32+0x73/0x90
[  614.266501][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  614.274111][T11859] 
[  614.276439][T11859] Uninit was stored to memory at:
[  614.282320][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  614.288506][T11859]  __msan_chain_origin+0x50/0x90
[  614.293696][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  614.298807][T11859]  get_compat_msghdr+0x108/0x2b0
[  614.303796][T11859]  do_recvmmsg+0xdbb/0x22b0
[  614.308521][T11859]  __sys_recvmmsg+0x5dd/0x610
[  614.313348][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  614.319566][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  614.325724][T11859]  __do_fast_syscall_32+0x129/0x180
[  614.330964][T11859]  do_fast_syscall_32+0x6a/0xc0
[  614.335946][T11859]  do_SYSENTER_32+0x73/0x90
[  614.340454][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  614.349800][T11859] 
[  614.352214][T11859] Uninit was stored to memory at:
[  614.357314][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  614.363034][T11859]  __msan_chain_origin+0x50/0x90
[  614.368127][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  614.373418][T11859]  get_compat_msghdr+0x108/0x2b0
[  614.378803][T11859]  do_recvmmsg+0xdbb/0x22b0
[  614.383568][T11859]  __sys_recvmmsg+0x5dd/0x610
[  614.388297][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  614.394402][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  614.400552][T11859]  __do_fast_syscall_32+0x129/0x180
[  614.405749][T11859]  do_fast_syscall_32+0x6a/0xc0
[  614.410625][T11859]  do_SYSENTER_32+0x73/0x90
[  614.415211][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  614.421662][T11859] 
[  614.424006][T11859] Uninit was stored to memory at:
[  614.429035][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  614.434780][T11859]  __msan_chain_origin+0x50/0x90
[  614.439728][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  614.444834][T11859]  get_compat_msghdr+0x108/0x2b0
[  614.449780][T11859]  do_recvmmsg+0xdbb/0x22b0
[  614.454286][T11859]  __sys_recvmmsg+0x5dd/0x610
[  614.458967][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  614.465022][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  614.471197][T11859]  __do_fast_syscall_32+0x129/0x180
[  614.476387][T11859]  do_fast_syscall_32+0x6a/0xc0
[  614.481220][T11859]  do_SYSENTER_32+0x73/0x90
[  614.485722][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  614.492024][T11859] 
[  614.494333][T11859] Uninit was stored to memory at:
[  614.499351][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  614.505094][T11859]  __msan_chain_origin+0x50/0x90
[  614.510026][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  614.515121][T11859]  get_compat_msghdr+0x108/0x2b0
[  614.520045][T11859]  do_recvmmsg+0xdbb/0x22b0
[  614.524557][T11859]  __sys_recvmmsg+0x5dd/0x610
[  614.529246][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  614.536007][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  614.542163][T11859]  __do_fast_syscall_32+0x129/0x180
[  614.547345][T11859]  do_fast_syscall_32+0x6a/0xc0
[  614.552176][T11859]  do_SYSENTER_32+0x73/0x90
[  614.556664][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  614.562961][T11859] 
[  614.566233][T11859] Uninit was stored to memory at:
[  614.571257][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  614.576976][T11859]  __msan_chain_origin+0x50/0x90
[  614.581913][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  614.587016][T11859]  get_compat_msghdr+0x108/0x2b0
[  614.592023][T11859]  do_recvmmsg+0xdbb/0x22b0
[  614.596510][T11859]  __sys_recvmmsg+0x5dd/0x610
[  614.601179][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  614.607235][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  614.613373][T11859]  __do_fast_syscall_32+0x129/0x180
[  614.618553][T11859]  do_fast_syscall_32+0x6a/0xc0
[  614.623392][T11859]  do_SYSENTER_32+0x73/0x90
[  614.627879][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  614.634176][T11859] 
[  614.636499][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  614.643159][T11859]  do_recvmmsg+0xbf/0x22b0
[  614.647558][T11859]  do_recvmmsg+0xbf/0x22b0
[  614.815266][T11859] not chained 460000 origins
[  614.819911][T11859] CPU: 0 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  614.828585][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  614.838643][T11859] Call Trace:
[  614.841955][T11859]  dump_stack+0x21c/0x280
[  614.846327][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  614.852101][T11859]  ? kmsan_get_metadata+0x116/0x180
[  614.857339][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  614.862906][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  614.868997][T11859]  ? _copy_from_user+0x201/0x310
[  614.873957][T11859]  ? kmsan_get_metadata+0x116/0x180
[  614.879171][T11859]  __msan_chain_origin+0x50/0x90
[  614.884130][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  614.889307][T11859]  get_compat_msghdr+0x108/0x2b0
[  614.894278][T11859]  do_recvmmsg+0xdbb/0x22b0
[  614.898804][T11859]  ? __msan_get_context_state+0x9/0x20
[  614.904327][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  614.909646][T11859]  ? kmsan_get_metadata+0x116/0x180
[  614.914871][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  614.920199][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  614.924978][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  614.929788][T11859]  __sys_recvmmsg+0x5dd/0x610
[  614.934493][T11859]  ? kmsan_get_metadata+0x116/0x180
[  614.939715][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  614.945814][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  614.951985][T11859]  __do_fast_syscall_32+0x129/0x180
[  614.957208][T11859]  do_fast_syscall_32+0x6a/0xc0
[  614.962076][T11859]  do_SYSENTER_32+0x73/0x90
[  614.966607][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  614.972957][T11859] RIP: 0023:0xf7ff7549
[  614.977035][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  614.996666][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  615.005431][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  615.013414][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  615.021404][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  615.029383][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  615.037364][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  615.045389][T11859] Uninit was stored to memory at:
[  615.050455][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  615.056187][T11859]  __msan_chain_origin+0x50/0x90
[  615.061150][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  615.067223][T11859]  get_compat_msghdr+0x108/0x2b0
[  615.072173][T11859]  do_recvmmsg+0xdbb/0x22b0
[  615.076688][T11859]  __sys_recvmmsg+0x5dd/0x610
[  615.081377][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  615.087443][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  615.093667][T11859]  __do_fast_syscall_32+0x129/0x180
[  615.098848][T11859]  do_fast_syscall_32+0x6a/0xc0
[  615.103680][T11859]  do_SYSENTER_32+0x73/0x90
[  615.108179][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  615.114486][T11859] 
[  615.116818][T11859] Uninit was stored to memory at:
[  615.121827][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  615.127532][T11859]  __msan_chain_origin+0x50/0x90
[  615.132461][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  615.137554][T11859]  get_compat_msghdr+0x108/0x2b0
[  615.142477][T11859]  do_recvmmsg+0xdbb/0x22b0
[  615.146963][T11859]  __sys_recvmmsg+0x5dd/0x610
[  615.151620][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  615.157678][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  615.163812][T11859]  __do_fast_syscall_32+0x129/0x180
[  615.169005][T11859]  do_fast_syscall_32+0x6a/0xc0
[  615.173845][T11859]  do_SYSENTER_32+0x73/0x90
[  615.178335][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  615.184634][T11859] 
[  615.186949][T11859] Uninit was stored to memory at:
[  615.191968][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  615.197681][T11859]  __msan_chain_origin+0x50/0x90
[  615.202599][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  615.207692][T11859]  get_compat_msghdr+0x108/0x2b0
[  615.213568][T11859]  do_recvmmsg+0xdbb/0x22b0
[  615.218064][T11859]  __sys_recvmmsg+0x5dd/0x610
[  615.222740][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  615.228796][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  615.234935][T11859]  __do_fast_syscall_32+0x129/0x180
[  615.240113][T11859]  do_fast_syscall_32+0x6a/0xc0
[  615.244956][T11859]  do_SYSENTER_32+0x73/0x90
[  615.249452][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  615.255766][T11859] 
[  615.258072][T11859] Uninit was stored to memory at:
[  615.263083][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  615.268795][T11859]  __msan_chain_origin+0x50/0x90
[  615.273715][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  615.278807][T11859]  get_compat_msghdr+0x108/0x2b0
[  615.283727][T11859]  do_recvmmsg+0xdbb/0x22b0
[  615.289146][T11859]  __sys_recvmmsg+0x5dd/0x610
[  615.293946][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  615.300004][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  615.306303][T11859]  __do_fast_syscall_32+0x129/0x180
[  615.311484][T11859]  do_fast_syscall_32+0x6a/0xc0
[  615.316317][T11859]  do_SYSENTER_32+0x73/0x90
[  615.320965][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  615.327452][T11859] 
[  615.329778][T11859] Uninit was stored to memory at:
[  615.334804][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  615.340508][T11859]  __msan_chain_origin+0x50/0x90
[  615.345445][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  615.350548][T11859]  get_compat_msghdr+0x108/0x2b0
[  615.355472][T11859]  do_recvmmsg+0xdbb/0x22b0
[  615.359968][T11859]  __sys_recvmmsg+0x5dd/0x610
[  615.364629][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  615.370937][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  615.377075][T11859]  __do_fast_syscall_32+0x129/0x180
[  615.382273][T11859]  do_fast_syscall_32+0x6a/0xc0
[  615.387132][T11859]  do_SYSENTER_32+0x73/0x90
[  615.391630][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  615.397930][T11859] 
[  615.400935][T11859] Uninit was stored to memory at:
[  615.405945][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  615.411648][T11859]  __msan_chain_origin+0x50/0x90
[  615.416575][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  615.421676][T11859]  get_compat_msghdr+0x108/0x2b0
[  615.426599][T11859]  do_recvmmsg+0xdbb/0x22b0
[  615.431084][T11859]  __sys_recvmmsg+0x5dd/0x610
[  615.435753][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  615.441800][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  615.447938][T11859]  __do_fast_syscall_32+0x129/0x180
[  615.453115][T11859]  do_fast_syscall_32+0x6a/0xc0
[  615.457948][T11859]  do_SYSENTER_32+0x73/0x90
[  615.462437][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  615.468764][T11859] 
[  615.471080][T11859] Uninit was stored to memory at:
[  615.476096][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  615.481804][T11859]  __msan_chain_origin+0x50/0x90
[  615.486729][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  615.491841][T11859]  get_compat_msghdr+0x108/0x2b0
[  615.496768][T11859]  do_recvmmsg+0xdbb/0x22b0
[  615.501256][T11859]  __sys_recvmmsg+0x5dd/0x610
[  615.505917][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  615.511973][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  615.518111][T11859]  __do_fast_syscall_32+0x129/0x180
[  615.523289][T11859]  do_fast_syscall_32+0x6a/0xc0
[  615.528131][T11859]  do_SYSENTER_32+0x73/0x90
[  615.532627][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  615.538936][T11859] 
[  615.541246][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  615.547902][T11859]  do_recvmmsg+0xbf/0x22b0
[  615.552311][T11859]  do_recvmmsg+0xbf/0x22b0
[  615.719226][T11859] not chained 470000 origins
[  615.723870][T11859] CPU: 0 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  615.732543][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  615.742602][T11859] Call Trace:
[  615.745920][T11859]  dump_stack+0x21c/0x280
[  615.750302][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  615.756070][T11859]  ? kmsan_get_metadata+0x116/0x180
[  615.761288][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  615.766854][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  615.772942][T11859]  ? _copy_from_user+0x201/0x310
[  615.777897][T11859]  ? kmsan_get_metadata+0x116/0x180
[  615.784065][T11859]  __msan_chain_origin+0x50/0x90
[  615.789024][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  615.794173][T11859]  get_compat_msghdr+0x108/0x2b0
[  615.799148][T11859]  do_recvmmsg+0xdbb/0x22b0
[  615.803675][T11859]  ? __msan_get_context_state+0x9/0x20
[  615.809171][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  615.814511][T11859]  ? kmsan_get_metadata+0x116/0x180
[  615.819737][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  615.825044][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  615.829826][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  615.834618][T11859]  __sys_recvmmsg+0x5dd/0x610
[  615.839324][T11859]  ? kmsan_get_metadata+0x116/0x180
[  615.844547][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  615.850668][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  615.856858][T11859]  __do_fast_syscall_32+0x129/0x180
[  615.862099][T11859]  do_fast_syscall_32+0x6a/0xc0
[  615.867015][T11859]  do_SYSENTER_32+0x73/0x90
[  615.871541][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  615.877895][T11859] RIP: 0023:0xf7ff7549
[  615.881977][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  615.901628][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  615.910062][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  615.918065][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  615.926045][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  615.934025][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  615.941982][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  615.949959][T11859] Uninit was stored to memory at:
[  615.954975][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  615.960678][T11859]  __msan_chain_origin+0x50/0x90
[  615.965605][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  615.970706][T11859]  get_compat_msghdr+0x108/0x2b0
[  615.975974][T11859]  do_recvmmsg+0xdbb/0x22b0
[  615.980457][T11859]  __sys_recvmmsg+0x5dd/0x610
[  615.985125][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  615.991182][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  615.997320][T11859]  __do_fast_syscall_32+0x129/0x180
[  616.002509][T11859]  do_fast_syscall_32+0x6a/0xc0
[  616.007343][T11859]  do_SYSENTER_32+0x73/0x90
[  616.011916][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  616.018216][T11859] 
[  616.020522][T11859] Uninit was stored to memory at:
[  616.025533][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  616.031245][T11859]  __msan_chain_origin+0x50/0x90
[  616.036164][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  616.041527][T11859]  get_compat_msghdr+0x108/0x2b0
[  616.046461][T11859]  do_recvmmsg+0xdbb/0x22b0
[  616.050956][T11859]  __sys_recvmmsg+0x5dd/0x610
[  616.055625][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  616.061673][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  616.067818][T11859]  __do_fast_syscall_32+0x129/0x180
[  616.072997][T11859]  do_fast_syscall_32+0x6a/0xc0
[  616.077831][T11859]  do_SYSENTER_32+0x73/0x90
[  616.082336][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  616.088635][T11859] 
[  616.090951][T11859] Uninit was stored to memory at:
[  616.095973][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  616.101673][T11859]  __msan_chain_origin+0x50/0x90
[  616.106591][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  616.111688][T11859]  get_compat_msghdr+0x108/0x2b0
[  616.116627][T11859]  do_recvmmsg+0xdbb/0x22b0
[  616.121122][T11859]  __sys_recvmmsg+0x5dd/0x610
[  616.125781][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  616.131827][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  616.137974][T11859]  __do_fast_syscall_32+0x129/0x180
[  616.143161][T11859]  do_fast_syscall_32+0x6a/0xc0
[  616.148004][T11859]  do_SYSENTER_32+0x73/0x90
[  616.152491][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  616.158803][T11859] 
[  616.161994][T11859] Uninit was stored to memory at:
[  616.167092][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  616.172804][T11859]  __msan_chain_origin+0x50/0x90
[  616.177755][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  616.182854][T11859]  get_compat_msghdr+0x108/0x2b0
[  616.187778][T11859]  do_recvmmsg+0xdbb/0x22b0
[  616.192272][T11859]  __sys_recvmmsg+0x5dd/0x610
[  616.196932][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  616.202990][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  616.209140][T11859]  __do_fast_syscall_32+0x129/0x180
[  616.214318][T11859]  do_fast_syscall_32+0x6a/0xc0
[  616.219151][T11859]  do_SYSENTER_32+0x73/0x90
[  616.223639][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  616.229936][T11859] 
[  616.232247][T11859] Uninit was stored to memory at:
[  616.237266][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  616.242978][T11859]  __msan_chain_origin+0x50/0x90
[  616.247906][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  616.252997][T11859]  get_compat_msghdr+0x108/0x2b0
[  616.257919][T11859]  do_recvmmsg+0xdbb/0x22b0
[  616.262401][T11859]  __sys_recvmmsg+0x5dd/0x610
[  616.267062][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  616.273113][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  616.279250][T11859]  __do_fast_syscall_32+0x129/0x180
[  616.284440][T11859]  do_fast_syscall_32+0x6a/0xc0
[  616.289294][T11859]  do_SYSENTER_32+0x73/0x90
[  616.293779][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  616.300086][T11859] 
[  616.302397][T11859] Uninit was stored to memory at:
[  616.307423][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  616.313123][T11859]  __msan_chain_origin+0x50/0x90
[  616.318041][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  616.323131][T11859]  get_compat_msghdr+0x108/0x2b0
[  616.328112][T11859]  do_recvmmsg+0xdbb/0x22b0
[  616.332602][T11859]  __sys_recvmmsg+0x5dd/0x610
[  616.337265][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  616.343316][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  616.349454][T11859]  __do_fast_syscall_32+0x129/0x180
[  616.354638][T11859]  do_fast_syscall_32+0x6a/0xc0
[  616.359480][T11859]  do_SYSENTER_32+0x73/0x90
[  616.363978][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  616.370278][T11859] 
[  616.372596][T11859] Uninit was stored to memory at:
[  616.377617][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  616.383332][T11859]  __msan_chain_origin+0x50/0x90
[  616.391296][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  616.396394][T11859]  get_compat_msghdr+0x108/0x2b0
[  616.401331][T11859]  do_recvmmsg+0xdbb/0x22b0
[  616.405820][T11859]  __sys_recvmmsg+0x5dd/0x610
[  616.410480][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  616.416536][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  616.422673][T11859]  __do_fast_syscall_32+0x129/0x180
[  616.427872][T11859]  do_fast_syscall_32+0x6a/0xc0
[  616.432722][T11859]  do_SYSENTER_32+0x73/0x90
[  616.437218][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  616.443532][T11859] 
[  616.445890][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  616.452572][T11859]  do_recvmmsg+0xbf/0x22b0
[  616.457022][T11859]  do_recvmmsg+0xbf/0x22b0
[  616.677893][T11859] not chained 480000 origins
[  616.682570][T11859] CPU: 0 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  616.691241][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  616.701300][T11859] Call Trace:
[  616.704613][T11859]  dump_stack+0x21c/0x280
[  616.708976][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  616.714766][T11859]  ? kmsan_get_metadata+0x116/0x180
[  616.719984][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  616.725559][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  616.731668][T11859]  ? _copy_from_user+0x201/0x310
[  616.736650][T11859]  ? kmsan_get_metadata+0x116/0x180
[  616.741866][T11859]  __msan_chain_origin+0x50/0x90
[  616.746826][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  616.751984][T11859]  get_compat_msghdr+0x108/0x2b0
[  616.756958][T11859]  do_recvmmsg+0xdbb/0x22b0
[  616.761490][T11859]  ? __msan_get_context_state+0x9/0x20
[  616.766986][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  616.772318][T11859]  ? kmsan_get_metadata+0x116/0x180
[  616.777667][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  616.782969][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  616.788676][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  616.793432][T11859]  __sys_recvmmsg+0x5dd/0x610
[  616.798111][T11859]  ? kmsan_get_metadata+0x116/0x180
[  616.803300][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  616.809364][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  616.815507][T11859]  __do_fast_syscall_32+0x129/0x180
[  616.820714][T11859]  do_fast_syscall_32+0x6a/0xc0
[  616.825572][T11859]  do_SYSENTER_32+0x73/0x90
[  616.830075][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  616.836385][T11859] RIP: 0023:0xf7ff7549
[  616.840454][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  616.860049][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  616.868458][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  616.876418][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  616.884378][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  616.892364][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  616.900344][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  616.908336][T11859] Uninit was stored to memory at:
[  616.913352][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  616.919064][T11859]  __msan_chain_origin+0x50/0x90
[  616.923992][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  616.929109][T11859]  get_compat_msghdr+0x108/0x2b0
[  616.934662][T11859]  do_recvmmsg+0xdbb/0x22b0
[  616.939151][T11859]  __sys_recvmmsg+0x5dd/0x610
[  616.943816][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  616.949867][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  616.956018][T11859]  __do_fast_syscall_32+0x129/0x180
[  616.961214][T11859]  do_fast_syscall_32+0x6a/0xc0
[  616.966049][T11859]  do_SYSENTER_32+0x73/0x90
[  616.970539][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  616.976844][T11859] 
[  616.979151][T11859] Uninit was stored to memory at:
[  616.984165][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  616.989872][T11859]  __msan_chain_origin+0x50/0x90
[  616.994813][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  616.999912][T11859]  get_compat_msghdr+0x108/0x2b0
[  617.004836][T11859]  do_recvmmsg+0xdbb/0x22b0
[  617.009323][T11859]  __sys_recvmmsg+0x5dd/0x610
[  617.014006][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  617.020168][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  617.026322][T11859]  __do_fast_syscall_32+0x129/0x180
[  617.031502][T11859]  do_fast_syscall_32+0x6a/0xc0
[  617.036352][T11859]  do_SYSENTER_32+0x73/0x90
[  617.041795][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  617.048098][T11859] 
[  617.050406][T11859] Uninit was stored to memory at:
[  617.055418][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  617.061122][T11859]  __msan_chain_origin+0x50/0x90
[  617.066042][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  617.071136][T11859]  get_compat_msghdr+0x108/0x2b0
[  617.076058][T11859]  do_recvmmsg+0xdbb/0x22b0
[  617.080546][T11859]  __sys_recvmmsg+0x5dd/0x610
[  617.085211][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  617.091270][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  617.097422][T11859]  __do_fast_syscall_32+0x129/0x180
[  617.102607][T11859]  do_fast_syscall_32+0x6a/0xc0
[  617.107460][T11859]  do_SYSENTER_32+0x73/0x90
[  617.111950][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  617.118252][T11859] 
[  617.120584][T11859] Uninit was stored to memory at:
[  617.125624][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  617.131330][T11859]  __msan_chain_origin+0x50/0x90
[  617.136302][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  617.141414][T11859]  get_compat_msghdr+0x108/0x2b0
[  617.146352][T11859]  do_recvmmsg+0xdbb/0x22b0
[  617.150841][T11859]  __sys_recvmmsg+0x5dd/0x610
[  617.155519][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  617.161590][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  617.167735][T11859]  __do_fast_syscall_32+0x129/0x180
[  617.172914][T11859]  do_fast_syscall_32+0x6a/0xc0
[  617.177751][T11859]  do_SYSENTER_32+0x73/0x90
[  617.182239][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  617.188539][T11859] 
[  617.190882][T11859] Uninit was stored to memory at:
[  617.195898][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  617.201612][T11859]  __msan_chain_origin+0x50/0x90
[  617.206533][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  617.211642][T11859]  get_compat_msghdr+0x108/0x2b0
[  617.216591][T11859]  do_recvmmsg+0xdbb/0x22b0
[  617.221077][T11859]  __sys_recvmmsg+0x5dd/0x610
[  617.225754][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  617.231815][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  617.237955][T11859]  __do_fast_syscall_32+0x129/0x180
[  617.243149][T11859]  do_fast_syscall_32+0x6a/0xc0
[  617.247987][T11859]  do_SYSENTER_32+0x73/0x90
[  617.252486][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  617.259233][T11859] 
[  617.261586][T11859] Uninit was stored to memory at:
[  617.267576][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  617.273281][T11859]  __msan_chain_origin+0x50/0x90
[  617.278215][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  617.283310][T11859]  get_compat_msghdr+0x108/0x2b0
[  617.288243][T11859]  do_recvmmsg+0xdbb/0x22b0
[  617.292729][T11859]  __sys_recvmmsg+0x5dd/0x610
[  617.297389][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  617.303448][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  617.309594][T11859]  __do_fast_syscall_32+0x129/0x180
[  617.314779][T11859]  do_fast_syscall_32+0x6a/0xc0
[  617.319611][T11859]  do_SYSENTER_32+0x73/0x90
[  617.324098][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  617.330425][T11859] 
[  617.332737][T11859] Uninit was stored to memory at:
[  617.337752][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  617.344340][T11859]  __msan_chain_origin+0x50/0x90
[  617.349290][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  617.354416][T11859]  get_compat_msghdr+0x108/0x2b0
[  617.359354][T11859]  do_recvmmsg+0xdbb/0x22b0
[  617.363854][T11859]  __sys_recvmmsg+0x5dd/0x610
[  617.368541][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  617.374627][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  617.380816][T11859]  __do_fast_syscall_32+0x129/0x180
[  617.386014][T11859]  do_fast_syscall_32+0x6a/0xc0
[  617.390870][T11859]  do_SYSENTER_32+0x73/0x90
[  617.395391][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  617.401751][T11859] 
[  617.404071][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  617.410752][T11859]  do_recvmmsg+0xbf/0x22b0
[  617.415154][T11859]  do_recvmmsg+0xbf/0x22b0
[  617.640747][T11859] not chained 490000 origins
[  617.645398][T11859] CPU: 0 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  617.654079][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  617.664183][T11859] Call Trace:
[  617.668459][T11859]  dump_stack+0x21c/0x280
[  617.672831][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  617.678666][T11859]  ? kmsan_get_metadata+0x116/0x180
[  617.683890][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  617.689466][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  617.695568][T11859]  ? _copy_from_user+0x201/0x310
[  617.700543][T11859]  ? kmsan_get_metadata+0x116/0x180
[  617.705761][T11859]  __msan_chain_origin+0x50/0x90
[  617.710723][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  617.715879][T11859]  get_compat_msghdr+0x108/0x2b0
[  617.725802][T11859]  do_recvmmsg+0xdbb/0x22b0
[  617.730333][T11859]  ? __msan_get_context_state+0x9/0x20
[  617.735833][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  617.741261][T11859]  ? kmsan_get_metadata+0x116/0x180
[  617.746486][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  617.751793][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  617.756580][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  617.761372][T11859]  __sys_recvmmsg+0x5dd/0x610
[  617.766089][T11859]  ? kmsan_get_metadata+0x116/0x180
[  617.771312][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  617.777961][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  617.784111][T11859]  __do_fast_syscall_32+0x129/0x180
[  617.789317][T11859]  do_fast_syscall_32+0x6a/0xc0
[  617.794175][T11859]  do_SYSENTER_32+0x73/0x90
[  617.798669][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  617.804999][T11859] RIP: 0023:0xf7ff7549
[  617.809075][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  617.828675][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  617.837092][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  617.845058][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  617.853030][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  617.861008][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  617.868972][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  617.876941][T11859] Uninit was stored to memory at:
[  617.881971][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  617.887678][T11859]  __msan_chain_origin+0x50/0x90
[  617.892613][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  617.897723][T11859]  get_compat_msghdr+0x108/0x2b0
[  617.902660][T11859]  do_recvmmsg+0xdbb/0x22b0
[  617.907149][T11859]  __sys_recvmmsg+0x5dd/0x610
[  617.911823][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  617.917887][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  617.924028][T11859]  __do_fast_syscall_32+0x129/0x180
[  617.929232][T11859]  do_fast_syscall_32+0x6a/0xc0
[  617.934070][T11859]  do_SYSENTER_32+0x73/0x90
[  617.938583][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  617.944895][T11859] 
[  617.947204][T11859] Uninit was stored to memory at:
[  617.952219][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  617.958018][T11859]  __msan_chain_origin+0x50/0x90
[  617.962943][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  617.968049][T11859]  get_compat_msghdr+0x108/0x2b0
[  617.972981][T11859]  do_recvmmsg+0xdbb/0x22b0
[  617.977475][T11859]  __sys_recvmmsg+0x5dd/0x610
[  617.982235][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  617.988306][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  617.994464][T11859]  __do_fast_syscall_32+0x129/0x180
[  617.999657][T11859]  do_fast_syscall_32+0x6a/0xc0
[  618.004493][T11859]  do_SYSENTER_32+0x73/0x90
[  618.008992][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  618.015293][T11859] 
[  618.017617][T11859] Uninit was stored to memory at:
[  618.022658][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  618.028369][T11859]  __msan_chain_origin+0x50/0x90
[  618.033292][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  618.038385][T11859]  get_compat_msghdr+0x108/0x2b0
[  618.043320][T11859]  do_recvmmsg+0xdbb/0x22b0
[  618.047807][T11859]  __sys_recvmmsg+0x5dd/0x610
[  618.052475][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  618.058524][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  618.064662][T11859]  __do_fast_syscall_32+0x129/0x180
[  618.069841][T11859]  do_fast_syscall_32+0x6a/0xc0
[  618.074687][T11859]  do_SYSENTER_32+0x73/0x90
[  618.079187][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  618.085543][T11859] 
[  618.087867][T11859] Uninit was stored to memory at:
[  618.092895][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  618.098613][T11859]  __msan_chain_origin+0x50/0x90
[  618.103535][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  618.108632][T11859]  get_compat_msghdr+0x108/0x2b0
[  618.113572][T11859]  do_recvmmsg+0xdbb/0x22b0
[  618.118059][T11859]  __sys_recvmmsg+0x5dd/0x610
[  618.122731][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  618.128790][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  618.134929][T11859]  __do_fast_syscall_32+0x129/0x180
[  618.140112][T11859]  do_fast_syscall_32+0x6a/0xc0
[  618.144963][T11859]  do_SYSENTER_32+0x73/0x90
[  618.149456][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  618.155771][T11859] 
[  618.158089][T11859] Uninit was stored to memory at:
[  618.163101][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  618.168815][T11859]  __msan_chain_origin+0x50/0x90
[  618.173744][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  618.178836][T11859]  get_compat_msghdr+0x108/0x2b0
[  618.183767][T11859]  do_recvmmsg+0xdbb/0x22b0
[  618.188252][T11859]  __sys_recvmmsg+0x5dd/0x610
[  618.192920][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  618.198969][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  618.205107][T11859]  __do_fast_syscall_32+0x129/0x180
[  618.210289][T11859]  do_fast_syscall_32+0x6a/0xc0
[  618.215122][T11859]  do_SYSENTER_32+0x73/0x90
[  618.219610][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  618.225920][T11859] 
[  618.228226][T11859] Uninit was stored to memory at:
[  618.234380][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  618.240098][T11859]  __msan_chain_origin+0x50/0x90
[  618.245019][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  618.250113][T11859]  get_compat_msghdr+0x108/0x2b0
[  618.255036][T11859]  do_recvmmsg+0xdbb/0x22b0
[  618.259550][T11859]  __sys_recvmmsg+0x5dd/0x610
[  618.264221][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  618.270274][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  618.276435][T11859]  __do_fast_syscall_32+0x129/0x180
[  618.281618][T11859]  do_fast_syscall_32+0x6a/0xc0
[  618.286454][T11859]  do_SYSENTER_32+0x73/0x90
[  618.290943][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  618.297251][T11859] 
[  618.299560][T11859] Uninit was stored to memory at:
[  618.304579][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  618.310281][T11859]  __msan_chain_origin+0x50/0x90
[  618.315204][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  618.320306][T11859]  get_compat_msghdr+0x108/0x2b0
[  618.325228][T11859]  do_recvmmsg+0xdbb/0x22b0
[  618.329714][T11859]  __sys_recvmmsg+0x5dd/0x610
[  618.334386][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  618.340453][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  618.346603][T11859]  __do_fast_syscall_32+0x129/0x180
[  618.351796][T11859]  do_fast_syscall_32+0x6a/0xc0
[  618.356632][T11859]  do_SYSENTER_32+0x73/0x90
[  618.361131][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  618.367437][T11859] 
[  618.369756][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  618.376418][T11859]  do_recvmmsg+0xbf/0x22b0
[  618.380828][T11859]  do_recvmmsg+0xbf/0x22b0
[  618.552015][T11859] not chained 500000 origins
[  618.556768][T11859] CPU: 0 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  618.565469][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  618.575529][T11859] Call Trace:
[  618.578868][T11859]  dump_stack+0x21c/0x280
[  618.583239][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  618.589632][T11859]  ? kmsan_get_metadata+0x116/0x180
[  618.594916][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  618.600486][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  618.606578][T11859]  ? _copy_from_user+0x201/0x310
[  618.612517][T11859]  ? kmsan_get_metadata+0x116/0x180
[  618.617734][T11859]  __msan_chain_origin+0x50/0x90
[  618.622699][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  618.627896][T11859]  get_compat_msghdr+0x108/0x2b0
[  618.632872][T11859]  do_recvmmsg+0xdbb/0x22b0
[  618.637399][T11859]  ? __msan_get_context_state+0x9/0x20
[  618.642895][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  618.648233][T11859]  ? kmsan_get_metadata+0x116/0x180
[  618.653458][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  618.658772][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  618.663549][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  618.668340][T11859]  __sys_recvmmsg+0x5dd/0x610
[  618.673047][T11859]  ? kmsan_get_metadata+0x116/0x180
[  618.678272][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  618.684391][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  618.690567][T11859]  __do_fast_syscall_32+0x129/0x180
[  618.695791][T11859]  do_fast_syscall_32+0x6a/0xc0
[  618.700664][T11859]  do_SYSENTER_32+0x73/0x90
[  618.705187][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  618.711526][T11859] RIP: 0023:0xf7ff7549
[  618.715617][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  618.736192][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  618.744625][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  618.752631][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  618.760625][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  618.768620][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  618.776648][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  618.785608][T11859] Uninit was stored to memory at:
[  618.790673][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  618.796405][T11859]  __msan_chain_origin+0x50/0x90
[  618.801342][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  618.806450][T11859]  get_compat_msghdr+0x108/0x2b0
[  618.811374][T11859]  do_recvmmsg+0xdbb/0x22b0
[  618.815859][T11859]  __sys_recvmmsg+0x5dd/0x610
[  618.820519][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  618.826566][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  618.832715][T11859]  __do_fast_syscall_32+0x129/0x180
[  618.837898][T11859]  do_fast_syscall_32+0x6a/0xc0
[  618.842742][T11859]  do_SYSENTER_32+0x73/0x90
[  618.847229][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  618.853545][T11859] 
[  618.855851][T11859] Uninit was stored to memory at:
[  618.860863][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  618.866578][T11859]  __msan_chain_origin+0x50/0x90
[  618.871561][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  618.876654][T11859]  get_compat_msghdr+0x108/0x2b0
[  618.881587][T11859]  do_recvmmsg+0xdbb/0x22b0
[  618.886081][T11859]  __sys_recvmmsg+0x5dd/0x610
[  618.890741][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  618.896794][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  618.902949][T11859]  __do_fast_syscall_32+0x129/0x180
[  618.908140][T11859]  do_fast_syscall_32+0x6a/0xc0
[  618.912976][T11859]  do_SYSENTER_32+0x73/0x90
[  618.917468][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  618.923767][T11859] 
[  618.926088][T11859] Uninit was stored to memory at:
[  618.931102][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  618.936804][T11859]  __msan_chain_origin+0x50/0x90
[  618.941724][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  618.946822][T11859]  get_compat_msghdr+0x108/0x2b0
[  618.951754][T11859]  do_recvmmsg+0xdbb/0x22b0
[  618.956242][T11859]  __sys_recvmmsg+0x5dd/0x610
[  618.960913][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  618.966963][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  618.973100][T11859]  __do_fast_syscall_32+0x129/0x180
[  618.978290][T11859]  do_fast_syscall_32+0x6a/0xc0
[  618.983134][T11859]  do_SYSENTER_32+0x73/0x90
[  618.987624][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  618.993924][T11859] 
[  618.996232][T11859] Uninit was stored to memory at:
[  619.001427][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  619.007135][T11859]  __msan_chain_origin+0x50/0x90
[  619.012079][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  619.017184][T11859]  get_compat_msghdr+0x108/0x2b0
[  619.022103][T11859]  do_recvmmsg+0xdbb/0x22b0
[  619.026601][T11859]  __sys_recvmmsg+0x5dd/0x610
[  619.031279][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  619.037348][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  619.043484][T11859]  __do_fast_syscall_32+0x129/0x180
[  619.048676][T11859]  do_fast_syscall_32+0x6a/0xc0
[  619.053509][T11859]  do_SYSENTER_32+0x73/0x90
[  619.058003][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  619.064309][T11859] 
[  619.066646][T11859] Uninit was stored to memory at:
[  619.071657][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  619.077363][T11859]  __msan_chain_origin+0x50/0x90
[  619.082282][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  619.087481][T11859]  get_compat_msghdr+0x108/0x2b0
[  619.092405][T11859]  do_recvmmsg+0xdbb/0x22b0
[  619.096893][T11859]  __sys_recvmmsg+0x5dd/0x610
[  619.101554][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  619.107668][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  619.113819][T11859]  __do_fast_syscall_32+0x129/0x180
[  619.119002][T11859]  do_fast_syscall_32+0x6a/0xc0
[  619.123833][T11859]  do_SYSENTER_32+0x73/0x90
[  619.128322][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  619.134624][T11859] 
[  619.136932][T11859] Uninit was stored to memory at:
[  619.141943][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  619.147645][T11859]  __msan_chain_origin+0x50/0x90
[  619.152577][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  619.157675][T11859]  get_compat_msghdr+0x108/0x2b0
[  619.162598][T11859]  do_recvmmsg+0xdbb/0x22b0
[  619.167084][T11859]  __sys_recvmmsg+0x5dd/0x610
[  619.171753][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  619.177804][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  619.183940][T11859]  __do_fast_syscall_32+0x129/0x180
[  619.189122][T11859]  do_fast_syscall_32+0x6a/0xc0
[  619.193964][T11859]  do_SYSENTER_32+0x73/0x90
[  619.198453][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  619.204792][T11859] 
[  619.207113][T11859] Uninit was stored to memory at:
[  619.212134][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  619.217845][T11859]  __msan_chain_origin+0x50/0x90
[  619.222771][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  619.227876][T11859]  get_compat_msghdr+0x108/0x2b0
[  619.232797][T11859]  do_recvmmsg+0xdbb/0x22b0
[  619.237296][T11859]  __sys_recvmmsg+0x5dd/0x610
[  619.241965][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  619.248023][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  619.254171][T11859]  __do_fast_syscall_32+0x129/0x180
[  619.259873][T11859]  do_fast_syscall_32+0x6a/0xc0
[  619.265664][T11859]  do_SYSENTER_32+0x73/0x90
[  619.270162][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  619.276476][T11859] 
[  619.278804][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  619.285463][T11859]  do_recvmmsg+0xbf/0x22b0
[  619.289871][T11859]  do_recvmmsg+0xbf/0x22b0
[  619.589855][T11859] not chained 510000 origins
[  619.594512][T11859] CPU: 0 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  619.603882][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  619.613947][T11859] Call Trace:
[  619.617260][T11859]  dump_stack+0x21c/0x280
[  619.621618][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  619.627395][T11859]  ? kmsan_get_metadata+0x116/0x180
[  619.632628][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  619.638198][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  619.644293][T11859]  ? _copy_from_user+0x201/0x310
[  619.649244][T11859]  ? kmsan_get_metadata+0x116/0x180
[  619.654474][T11859]  __msan_chain_origin+0x50/0x90
[  619.659400][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  619.664529][T11859]  get_compat_msghdr+0x108/0x2b0
[  619.669463][T11859]  do_recvmmsg+0xdbb/0x22b0
[  619.673967][T11859]  ? __msan_get_context_state+0x9/0x20
[  619.679436][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  619.684718][T11859]  ? kmsan_get_metadata+0x116/0x180
[  619.689907][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  619.695179][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  619.699926][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  619.704692][T11859]  __sys_recvmmsg+0x5dd/0x610
[  619.709376][T11859]  ? kmsan_get_metadata+0x116/0x180
[  619.714580][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  619.720642][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  619.726783][T11859]  __do_fast_syscall_32+0x129/0x180
[  619.731982][T11859]  do_fast_syscall_32+0x6a/0xc0
[  619.736819][T11859]  do_SYSENTER_32+0x73/0x90
[  619.741311][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  619.747618][T11859] RIP: 0023:0xf7ff7549
[  619.751670][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  619.771275][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  619.779684][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  619.787640][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  619.795603][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  619.803558][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  619.811522][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  619.819503][T11859] Uninit was stored to memory at:
[  619.824888][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  619.830606][T11859]  __msan_chain_origin+0x50/0x90
[  619.835537][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  619.840655][T11859]  get_compat_msghdr+0x108/0x2b0
[  619.845601][T11859]  do_recvmmsg+0xdbb/0x22b0
[  619.850099][T11859]  __sys_recvmmsg+0x5dd/0x610
[  619.854761][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  619.860811][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  619.866950][T11859]  __do_fast_syscall_32+0x129/0x180
[  619.872129][T11859]  do_fast_syscall_32+0x6a/0xc0
[  619.876964][T11859]  do_SYSENTER_32+0x73/0x90
[  619.881452][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  619.887764][T11859] 
[  619.890082][T11859] Uninit was stored to memory at:
[  619.895097][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  619.900841][T11859]  __msan_chain_origin+0x50/0x90
[  619.905777][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  619.910877][T11859]  get_compat_msghdr+0x108/0x2b0
[  619.915816][T11859]  do_recvmmsg+0xdbb/0x22b0
[  619.920310][T11859]  __sys_recvmmsg+0x5dd/0x610
[  619.924984][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  619.931031][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  619.937170][T11859]  __do_fast_syscall_32+0x129/0x180
[  619.942351][T11859]  do_fast_syscall_32+0x6a/0xc0
[  619.947193][T11859]  do_SYSENTER_32+0x73/0x90
[  619.951679][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  619.957998][T11859] 
[  619.960323][T11859] Uninit was stored to memory at:
[  619.965338][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  619.971054][T11859]  __msan_chain_origin+0x50/0x90
[  619.975976][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  619.981088][T11859]  get_compat_msghdr+0x108/0x2b0
[  619.986025][T11859]  do_recvmmsg+0xdbb/0x22b0
[  619.990512][T11859]  __sys_recvmmsg+0x5dd/0x610
[  619.995174][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  620.001237][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  620.007410][T11859]  __do_fast_syscall_32+0x129/0x180
[  620.012599][T11859]  do_fast_syscall_32+0x6a/0xc0
[  620.017433][T11859]  do_SYSENTER_32+0x73/0x90
[  620.021921][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  620.028240][T11859] 
[  620.030550][T11859] Uninit was stored to memory at:
[  620.035564][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  620.041282][T11859]  __msan_chain_origin+0x50/0x90
[  620.046203][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  620.051300][T11859]  get_compat_msghdr+0x108/0x2b0
[  620.056223][T11859]  do_recvmmsg+0xdbb/0x22b0
[  620.060736][T11859]  __sys_recvmmsg+0x5dd/0x610
[  620.065399][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  620.071490][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  620.077673][T11859]  __do_fast_syscall_32+0x129/0x180
[  620.082853][T11859]  do_fast_syscall_32+0x6a/0xc0
[  620.087694][T11859]  do_SYSENTER_32+0x73/0x90
[  620.092181][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  620.098497][T11859] 
[  620.100814][T11859] Uninit was stored to memory at:
[  620.105836][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  620.111554][T11859]  __msan_chain_origin+0x50/0x90
[  620.116487][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  620.121580][T11859]  get_compat_msghdr+0x108/0x2b0
[  620.126506][T11859]  do_recvmmsg+0xdbb/0x22b0
[  620.131004][T11859]  __sys_recvmmsg+0x5dd/0x610
[  620.135663][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  620.141737][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  620.147887][T11859]  __do_fast_syscall_32+0x129/0x180
[  620.153080][T11859]  do_fast_syscall_32+0x6a/0xc0
[  620.157926][T11859]  do_SYSENTER_32+0x73/0x90
[  620.162410][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  620.168717][T11859] 
[  620.171044][T11859] Uninit was stored to memory at:
[  620.176059][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  620.181759][T11859]  __msan_chain_origin+0x50/0x90
[  620.187377][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  620.192467][T11859]  get_compat_msghdr+0x108/0x2b0
[  620.197392][T11859]  do_recvmmsg+0xdbb/0x22b0
[  620.201876][T11859]  __sys_recvmmsg+0x5dd/0x610
[  620.206534][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  620.212583][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  620.218746][T11859]  __do_fast_syscall_32+0x129/0x180
[  620.223927][T11859]  do_fast_syscall_32+0x6a/0xc0
[  620.228760][T11859]  do_SYSENTER_32+0x73/0x90
[  620.233260][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  620.239645][T11859] 
[  620.241961][T11859] Uninit was stored to memory at:
[  620.246985][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  620.252699][T11859]  __msan_chain_origin+0x50/0x90
[  620.257625][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  620.262716][T11859]  get_compat_msghdr+0x108/0x2b0
[  620.267651][T11859]  do_recvmmsg+0xdbb/0x22b0
[  620.272138][T11859]  __sys_recvmmsg+0x5dd/0x610
[  620.276812][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  620.282860][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  620.288997][T11859]  __do_fast_syscall_32+0x129/0x180
[  620.294186][T11859]  do_fast_syscall_32+0x6a/0xc0
[  620.299032][T11859]  do_SYSENTER_32+0x73/0x90
[  620.303517][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  620.309816][T11859] 
[  620.312123][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  620.321058][T11859]  do_recvmmsg+0xbf/0x22b0
[  620.325462][T11859]  do_recvmmsg+0xbf/0x22b0
[  620.581298][T11859] not chained 520000 origins
[  620.585955][T11859] CPU: 0 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  620.594629][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  620.605731][T11859] Call Trace:
[  620.609049][T11859]  dump_stack+0x21c/0x280
[  620.613423][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  620.619195][T11859]  ? kmsan_get_metadata+0x116/0x180
[  620.624411][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  620.629975][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  620.636068][T11859]  ? _copy_from_user+0x201/0x310
[  620.641045][T11859]  ? kmsan_get_metadata+0x116/0x180
[  620.646264][T11859]  __msan_chain_origin+0x50/0x90
[  620.651222][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  620.656376][T11859]  get_compat_msghdr+0x108/0x2b0
[  620.661348][T11859]  do_recvmmsg+0xdbb/0x22b0
[  620.665873][T11859]  ? __msan_get_context_state+0x9/0x20
[  620.671369][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  620.676688][T11859]  ? kmsan_get_metadata+0x116/0x180
[  620.681912][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  620.687219][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  620.691995][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  620.696780][T11859]  __sys_recvmmsg+0x5dd/0x610
[  620.701487][T11859]  ? kmsan_get_metadata+0x116/0x180
[  620.706709][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  620.712805][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  620.718978][T11859]  __do_fast_syscall_32+0x129/0x180
[  620.724199][T11859]  do_fast_syscall_32+0x6a/0xc0
[  620.729068][T11859]  do_SYSENTER_32+0x73/0x90
[  620.733595][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  620.739930][T11859] RIP: 0023:0xf7ff7549
[  620.744016][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  620.763632][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  620.772073][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  620.780044][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  620.788030][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  620.795987][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  620.803941][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  620.811907][T11859] Uninit was stored to memory at:
[  620.816928][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  620.822644][T11859]  __msan_chain_origin+0x50/0x90
[  620.827567][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  620.832662][T11859]  get_compat_msghdr+0x108/0x2b0
[  620.837584][T11859]  do_recvmmsg+0xdbb/0x22b0
[  620.842070][T11859]  __sys_recvmmsg+0x5dd/0x610
[  620.846729][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  620.852779][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  620.858919][T11859]  __do_fast_syscall_32+0x129/0x180
[  620.864098][T11859]  do_fast_syscall_32+0x6a/0xc0
[  620.868933][T11859]  do_SYSENTER_32+0x73/0x90
[  620.873430][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  620.879746][T11859] 
[  620.882056][T11859] Uninit was stored to memory at:
[  620.887077][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  620.892779][T11859]  __msan_chain_origin+0x50/0x90
[  620.897712][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  620.902816][T11859]  get_compat_msghdr+0x108/0x2b0
[  620.907748][T11859]  do_recvmmsg+0xdbb/0x22b0
[  620.912235][T11859]  __sys_recvmmsg+0x5dd/0x610
[  620.917850][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  620.923898][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  620.930045][T11859]  __do_fast_syscall_32+0x129/0x180
[  620.935229][T11859]  do_fast_syscall_32+0x6a/0xc0
[  620.940063][T11859]  do_SYSENTER_32+0x73/0x90
[  620.944552][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  620.950866][T11859] 
[  620.953172][T11859] Uninit was stored to memory at:
[  620.958210][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  620.963911][T11859]  __msan_chain_origin+0x50/0x90
[  620.968840][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  620.973948][T11859]  get_compat_msghdr+0x108/0x2b0
[  620.978880][T11859]  do_recvmmsg+0xdbb/0x22b0
[  620.983366][T11859]  __sys_recvmmsg+0x5dd/0x610
[  620.988033][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  620.994098][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  621.000236][T11859]  __do_fast_syscall_32+0x129/0x180
[  621.005418][T11859]  do_fast_syscall_32+0x6a/0xc0
[  621.010266][T11859]  do_SYSENTER_32+0x73/0x90
[  621.014758][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  621.021057][T11859] 
[  621.023378][T11859] Uninit was stored to memory at:
[  621.028395][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  621.034100][T11859]  __msan_chain_origin+0x50/0x90
[  621.039021][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  621.044113][T11859]  get_compat_msghdr+0x108/0x2b0
[  621.049034][T11859]  do_recvmmsg+0xdbb/0x22b0
[  621.053520][T11859]  __sys_recvmmsg+0x5dd/0x610
[  621.058178][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  621.064249][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  621.070399][T11859]  __do_fast_syscall_32+0x129/0x180
[  621.075590][T11859]  do_fast_syscall_32+0x6a/0xc0
[  621.080422][T11859]  do_SYSENTER_32+0x73/0x90
[  621.084921][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  621.091218][T11859] 
[  621.093535][T11859] Uninit was stored to memory at:
[  621.098549][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  621.104260][T11859]  __msan_chain_origin+0x50/0x90
[  621.109898][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  621.114992][T11859]  get_compat_msghdr+0x108/0x2b0
[  621.119922][T11859]  do_recvmmsg+0xdbb/0x22b0
[  621.124408][T11859]  __sys_recvmmsg+0x5dd/0x610
[  621.129067][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  621.135134][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  621.141269][T11859]  __do_fast_syscall_32+0x129/0x180
[  621.147237][T11859]  do_fast_syscall_32+0x6a/0xc0
[  621.152069][T11859]  do_SYSENTER_32+0x73/0x90
[  621.156556][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  621.162867][T11859] 
[  621.165175][T11859] Uninit was stored to memory at:
[  621.170185][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  621.175906][T11859]  __msan_chain_origin+0x50/0x90
[  621.180824][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  621.185915][T11859]  get_compat_msghdr+0x108/0x2b0
[  621.191799][T11859]  do_recvmmsg+0xdbb/0x22b0
[  621.196289][T11859]  __sys_recvmmsg+0x5dd/0x610
[  621.200946][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  621.206994][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  621.213128][T11859]  __do_fast_syscall_32+0x129/0x180
[  621.218492][T11859]  do_fast_syscall_32+0x6a/0xc0
[  621.223324][T11859]  do_SYSENTER_32+0x73/0x90
[  621.227817][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  621.234122][T11859] 
[  621.236452][T11859] Uninit was stored to memory at:
[  621.241466][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  621.247169][T11859]  __msan_chain_origin+0x50/0x90
[  621.252100][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  621.257204][T11859]  get_compat_msghdr+0x108/0x2b0
[  621.262124][T11859]  do_recvmmsg+0xdbb/0x22b0
[  621.266609][T11859]  __sys_recvmmsg+0x5dd/0x610
[  621.271279][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  621.277330][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  621.283468][T11859]  __do_fast_syscall_32+0x129/0x180
[  621.288660][T11859]  do_fast_syscall_32+0x6a/0xc0
[  621.293504][T11859]  do_SYSENTER_32+0x73/0x90
[  621.297990][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  621.304298][T11859] 
[  621.306609][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  621.313276][T11859]  do_recvmmsg+0xbf/0x22b0
[  621.317674][T11859]  do_recvmmsg+0xbf/0x22b0
[  621.531464][T11859] not chained 530000 origins
[  621.536110][T11859] CPU: 0 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  621.544801][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  621.554860][T11859] Call Trace:
[  621.558171][T11859]  dump_stack+0x21c/0x280
[  621.562536][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  621.568319][T11859]  ? kmsan_get_metadata+0x116/0x180
[  621.573539][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  621.579163][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  621.585263][T11859]  ? _copy_from_user+0x201/0x310
[  621.590235][T11859]  ? kmsan_get_metadata+0x116/0x180
[  621.595450][T11859]  __msan_chain_origin+0x50/0x90
[  621.600409][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  621.605565][T11859]  get_compat_msghdr+0x108/0x2b0
[  621.610546][T11859]  do_recvmmsg+0xdbb/0x22b0
[  621.615072][T11859]  ? __msan_get_context_state+0x9/0x20
[  621.620585][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  621.625911][T11859]  ? kmsan_get_metadata+0x116/0x180
[  621.631131][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  621.636440][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  621.641235][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  621.646023][T11859]  __sys_recvmmsg+0x5dd/0x610
[  621.650729][T11859]  ? kmsan_get_metadata+0x116/0x180
[  621.655966][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  621.662061][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  621.668232][T11859]  __do_fast_syscall_32+0x129/0x180
[  621.673475][T11859]  do_fast_syscall_32+0x6a/0xc0
[  621.678371][T11859]  do_SYSENTER_32+0x73/0x90
[  621.682895][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  621.689232][T11859] RIP: 0023:0xf7ff7549
[  621.693348][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  621.712965][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  621.721392][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  621.729357][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  621.737329][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  621.745337][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  621.753302][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  621.761456][T11859] Uninit was stored to memory at:
[  621.766475][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  621.772186][T11859]  __msan_chain_origin+0x50/0x90
[  621.777108][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  621.782199][T11859]  get_compat_msghdr+0x108/0x2b0
[  621.787119][T11859]  do_recvmmsg+0xdbb/0x22b0
[  621.791621][T11859]  __sys_recvmmsg+0x5dd/0x610
[  621.796292][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  621.802358][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  621.808511][T11859]  __do_fast_syscall_32+0x129/0x180
[  621.813690][T11859]  do_fast_syscall_32+0x6a/0xc0
[  621.818524][T11859]  do_SYSENTER_32+0x73/0x90
[  621.823022][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  621.829330][T11859] 
[  621.831636][T11859] Uninit was stored to memory at:
[  621.836647][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  621.842348][T11859]  __msan_chain_origin+0x50/0x90
[  621.847266][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  621.852357][T11859]  get_compat_msghdr+0x108/0x2b0
[  621.857367][T11859]  do_recvmmsg+0xdbb/0x22b0
[  621.861853][T11859]  __sys_recvmmsg+0x5dd/0x610
[  621.866515][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  621.872574][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  621.878732][T11859]  __do_fast_syscall_32+0x129/0x180
[  621.883913][T11859]  do_fast_syscall_32+0x6a/0xc0
[  621.888748][T11859]  do_SYSENTER_32+0x73/0x90
[  621.893244][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  621.899545][T11859] 
[  621.901850][T11859] Uninit was stored to memory at:
[  621.906863][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  621.912578][T11859]  __msan_chain_origin+0x50/0x90
[  621.917542][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  621.922649][T11859]  get_compat_msghdr+0x108/0x2b0
[  621.927573][T11859]  do_recvmmsg+0xdbb/0x22b0
[  621.932075][T11859]  __sys_recvmmsg+0x5dd/0x610
[  621.936742][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  621.942793][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  621.948932][T11859]  __do_fast_syscall_32+0x129/0x180
[  621.954124][T11859]  do_fast_syscall_32+0x6a/0xc0
[  621.958967][T11859]  do_SYSENTER_32+0x73/0x90
[  621.963452][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  621.969774][T11859] 
[  621.972102][T11859] Uninit was stored to memory at:
[  621.977125][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  621.982840][T11859]  __msan_chain_origin+0x50/0x90
[  621.987781][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  621.992884][T11859]  get_compat_msghdr+0x108/0x2b0
[  621.997808][T11859]  do_recvmmsg+0xdbb/0x22b0
[  622.002297][T11859]  __sys_recvmmsg+0x5dd/0x610
[  622.006969][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  622.013017][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  622.019158][T11859]  __do_fast_syscall_32+0x129/0x180
[  622.024339][T11859]  do_fast_syscall_32+0x6a/0xc0
[  622.029606][T11859]  do_SYSENTER_32+0x73/0x90
[  622.034096][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  622.040408][T11859] 
[  622.042714][T11859] Uninit was stored to memory at:
[  622.047739][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  622.053451][T11859]  __msan_chain_origin+0x50/0x90
[  622.058375][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  622.063469][T11859]  get_compat_msghdr+0x108/0x2b0
[  622.068393][T11859]  do_recvmmsg+0xdbb/0x22b0
[  622.072879][T11859]  __sys_recvmmsg+0x5dd/0x610
[  622.077556][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  622.083603][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  622.089746][T11859]  __do_fast_syscall_32+0x129/0x180
[  622.094937][T11859]  do_fast_syscall_32+0x6a/0xc0
[  622.099792][T11859]  do_SYSENTER_32+0x73/0x90
[  622.104297][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  622.110602][T11859] 
[  622.112909][T11859] Uninit was stored to memory at:
[  622.117924][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  622.123637][T11859]  __msan_chain_origin+0x50/0x90
[  622.128564][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  622.133659][T11859]  get_compat_msghdr+0x108/0x2b0
[  622.138594][T11859]  do_recvmmsg+0xdbb/0x22b0
[  622.143077][T11859]  __sys_recvmmsg+0x5dd/0x610
[  622.147736][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  622.153784][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  622.159922][T11859]  __do_fast_syscall_32+0x129/0x180
[  622.165100][T11859]  do_fast_syscall_32+0x6a/0xc0
[  622.169930][T11859]  do_SYSENTER_32+0x73/0x90
[  622.174419][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  622.180718][T11859] 
[  622.183024][T11859] Uninit was stored to memory at:
[  622.188036][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  622.193755][T11859]  __msan_chain_origin+0x50/0x90
[  622.198674][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  622.203765][T11859]  get_compat_msghdr+0x108/0x2b0
[  622.208708][T11859]  do_recvmmsg+0xdbb/0x22b0
[  622.213203][T11859]  __sys_recvmmsg+0x5dd/0x610
[  622.217864][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  622.223922][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  622.230069][T11859]  __do_fast_syscall_32+0x129/0x180
[  622.235269][T11859]  do_fast_syscall_32+0x6a/0xc0
[  622.240112][T11859]  do_SYSENTER_32+0x73/0x90
[  622.244598][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  622.250907][T11859] 
[  622.253219][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  622.259888][T11859]  do_recvmmsg+0xbf/0x22b0
[  622.264288][T11859]  do_recvmmsg+0xbf/0x22b0
[  622.456346][T11859] not chained 540000 origins
[  622.461078][T11859] CPU: 0 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  622.469755][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  622.479817][T11859] Call Trace:
[  622.483131][T11859]  dump_stack+0x21c/0x280
[  622.487499][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  622.493273][T11859]  ? kmsan_get_metadata+0x116/0x180
[  622.498491][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  622.504066][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  622.511560][T11859]  ? _copy_from_user+0x201/0x310
[  622.516551][T11859]  ? kmsan_get_metadata+0x116/0x180
[  622.521772][T11859]  __msan_chain_origin+0x50/0x90
[  622.526729][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  622.531882][T11859]  get_compat_msghdr+0x108/0x2b0
[  622.536856][T11859]  do_recvmmsg+0xdbb/0x22b0
[  622.541825][T11859]  ? __msan_get_context_state+0x9/0x20
[  622.547327][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  622.552648][T11859]  ? kmsan_get_metadata+0x116/0x180
[  622.557870][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  622.563179][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  622.567955][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  622.572745][T11859]  __sys_recvmmsg+0x5dd/0x610
[  622.577456][T11859]  ? kmsan_get_metadata+0x116/0x180
[  622.582676][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  622.588772][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  622.594946][T11859]  __do_fast_syscall_32+0x129/0x180
[  622.600171][T11859]  do_fast_syscall_32+0x6a/0xc0
[  622.605043][T11859]  do_SYSENTER_32+0x73/0x90
[  622.609570][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  622.615904][T11859] RIP: 0023:0xf7ff7549
[  622.619957][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  622.639561][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  622.647993][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  622.655960][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  622.663916][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  622.671871][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  622.679826][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  622.687793][T11859] Uninit was stored to memory at:
[  622.692818][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  622.698521][T11859]  __msan_chain_origin+0x50/0x90
[  622.703452][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  622.708548][T11859]  get_compat_msghdr+0x108/0x2b0
[  622.713478][T11859]  do_recvmmsg+0xdbb/0x22b0
[  622.717963][T11859]  __sys_recvmmsg+0x5dd/0x610
[  622.722622][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  622.728680][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  622.734818][T11859]  __do_fast_syscall_32+0x129/0x180
[  622.739996][T11859]  do_fast_syscall_32+0x6a/0xc0
[  622.744828][T11859]  do_SYSENTER_32+0x73/0x90
[  622.749344][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  622.755642][T11859] 
[  622.757959][T11859] Uninit was stored to memory at:
[  622.762968][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  622.768670][T11859]  __msan_chain_origin+0x50/0x90
[  622.773594][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  622.778691][T11859]  get_compat_msghdr+0x108/0x2b0
[  622.783612][T11859]  do_recvmmsg+0xdbb/0x22b0
[  622.788115][T11859]  __sys_recvmmsg+0x5dd/0x610
[  622.793641][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  622.799700][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  622.805850][T11859]  __do_fast_syscall_32+0x129/0x180
[  622.811028][T11859]  do_fast_syscall_32+0x6a/0xc0
[  622.815858][T11859]  do_SYSENTER_32+0x73/0x90
[  622.820344][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  622.826667][T11859] 
[  622.828984][T11859] Uninit was stored to memory at:
[  622.833995][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  622.839698][T11859]  __msan_chain_origin+0x50/0x90
[  622.844619][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  622.849711][T11859]  get_compat_msghdr+0x108/0x2b0
[  622.854642][T11859]  do_recvmmsg+0xdbb/0x22b0
[  622.859125][T11859]  __sys_recvmmsg+0x5dd/0x610
[  622.863783][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  622.869832][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  622.875969][T11859]  __do_fast_syscall_32+0x129/0x180
[  622.881147][T11859]  do_fast_syscall_32+0x6a/0xc0
[  622.885983][T11859]  do_SYSENTER_32+0x73/0x90
[  622.890467][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  622.896764][T11859] 
[  622.899069][T11859] Uninit was stored to memory at:
[  622.904082][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  622.909797][T11859]  __msan_chain_origin+0x50/0x90
[  622.914719][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  622.919809][T11859]  get_compat_msghdr+0x108/0x2b0
[  622.924729][T11859]  do_recvmmsg+0xdbb/0x22b0
[  622.929224][T11859]  __sys_recvmmsg+0x5dd/0x610
[  622.933885][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  622.939934][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  622.946081][T11859]  __do_fast_syscall_32+0x129/0x180
[  622.951272][T11859]  do_fast_syscall_32+0x6a/0xc0
[  622.956114][T11859]  do_SYSENTER_32+0x73/0x90
[  622.960623][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  622.966922][T11859] 
[  622.969228][T11859] Uninit was stored to memory at:
[  622.974255][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  622.979958][T11859]  __msan_chain_origin+0x50/0x90
[  622.984878][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  622.989970][T11859]  get_compat_msghdr+0x108/0x2b0
[  622.994892][T11859]  do_recvmmsg+0xdbb/0x22b0
[  622.999391][T11859]  __sys_recvmmsg+0x5dd/0x610
[  623.004047][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  623.010096][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  623.016237][T11859]  __do_fast_syscall_32+0x129/0x180
[  623.021418][T11859]  do_fast_syscall_32+0x6a/0xc0
[  623.026250][T11859]  do_SYSENTER_32+0x73/0x90
[  623.030737][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  623.037035][T11859] 
[  623.039339][T11859] Uninit was stored to memory at:
[  623.044348][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  623.050049][T11859]  __msan_chain_origin+0x50/0x90
[  623.054967][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  623.060069][T11859]  get_compat_msghdr+0x108/0x2b0
[  623.064990][T11859]  do_recvmmsg+0xdbb/0x22b0
[  623.069474][T11859]  __sys_recvmmsg+0x5dd/0x610
[  623.074145][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  623.080208][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  623.086345][T11859]  __do_fast_syscall_32+0x129/0x180
[  623.091535][T11859]  do_fast_syscall_32+0x6a/0xc0
[  623.096412][T11859]  do_SYSENTER_32+0x73/0x90
[  623.100943][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  623.107280][T11859] 
[  623.109587][T11859] Uninit was stored to memory at:
[  623.115552][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  623.121268][T11859]  __msan_chain_origin+0x50/0x90
[  623.126194][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  623.131558][T11859]  get_compat_msghdr+0x108/0x2b0
[  623.136482][T11859]  do_recvmmsg+0xdbb/0x22b0
[  623.140978][T11859]  __sys_recvmmsg+0x5dd/0x610
[  623.145656][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  623.151715][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  623.157863][T11859]  __do_fast_syscall_32+0x129/0x180
[  623.163044][T11859]  do_fast_syscall_32+0x6a/0xc0
[  623.167889][T11859]  do_SYSENTER_32+0x73/0x90
[  623.172374][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  623.178685][T11859] 
[  623.181009][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  623.187680][T11859]  do_recvmmsg+0xbf/0x22b0
[  623.192086][T11859]  do_recvmmsg+0xbf/0x22b0
[  623.359321][T11859] not chained 550000 origins
[  623.363995][T11859] CPU: 0 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  623.372675][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  623.382738][T11859] Call Trace:
[  623.386079][T11859]  dump_stack+0x21c/0x280
[  623.390438][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  623.396212][T11859]  ? kmsan_get_metadata+0x116/0x180
[  623.401435][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  623.407000][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  623.413100][T11859]  ? _copy_from_user+0x201/0x310
[  623.418064][T11859]  ? kmsan_get_metadata+0x116/0x180
[  623.423312][T11859]  __msan_chain_origin+0x50/0x90
[  623.428327][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  623.433481][T11859]  get_compat_msghdr+0x108/0x2b0
[  623.438476][T11859]  do_recvmmsg+0xdbb/0x22b0
[  623.443007][T11859]  ? __msan_get_context_state+0x9/0x20
[  623.448502][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  623.453844][T11859]  ? kmsan_get_metadata+0x116/0x180
[  623.459161][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  623.464469][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  623.469250][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  623.474056][T11859]  __sys_recvmmsg+0x5dd/0x610
[  623.478771][T11859]  ? kmsan_get_metadata+0x116/0x180
[  623.483995][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  623.490097][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  623.496637][T11859]  __do_fast_syscall_32+0x129/0x180
[  623.501903][T11859]  do_fast_syscall_32+0x6a/0xc0
[  623.506774][T11859]  do_SYSENTER_32+0x73/0x90
[  623.511301][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  623.521028][T11859] RIP: 0023:0xf7ff7549
[  623.525121][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  623.544742][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  623.553174][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  623.561164][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  623.569151][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  623.577141][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  623.585131][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  623.593137][T11859] Uninit was stored to memory at:
[  623.598186][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  623.603923][T11859]  __msan_chain_origin+0x50/0x90
[  623.608872][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  623.613995][T11859]  get_compat_msghdr+0x108/0x2b0
[  623.618946][T11859]  do_recvmmsg+0xdbb/0x22b0
[  623.623555][T11859]  __sys_recvmmsg+0x5dd/0x610
[  623.628251][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  623.634306][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  623.640454][T11859]  __do_fast_syscall_32+0x129/0x180
[  623.645637][T11859]  do_fast_syscall_32+0x6a/0xc0
[  623.650477][T11859]  do_SYSENTER_32+0x73/0x90
[  623.656096][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  623.662399][T11859] 
[  623.664707][T11859] Uninit was stored to memory at:
[  623.669815][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  623.675520][T11859]  __msan_chain_origin+0x50/0x90
[  623.680440][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  623.685535][T11859]  get_compat_msghdr+0x108/0x2b0
[  623.690457][T11859]  do_recvmmsg+0xdbb/0x22b0
[  623.694957][T11859]  __sys_recvmmsg+0x5dd/0x610
[  623.699634][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  623.705692][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  623.711831][T11859]  __do_fast_syscall_32+0x129/0x180
[  623.717024][T11859]  do_fast_syscall_32+0x6a/0xc0
[  623.721858][T11859]  do_SYSENTER_32+0x73/0x90
[  623.726359][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  623.732672][T11859] 
[  623.734983][T11859] Uninit was stored to memory at:
[  623.739999][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  623.745720][T11859]  __msan_chain_origin+0x50/0x90
[  623.750652][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  623.755748][T11859]  get_compat_msghdr+0x108/0x2b0
[  623.760696][T11859]  do_recvmmsg+0xdbb/0x22b0
[  623.765204][T11859]  __sys_recvmmsg+0x5dd/0x610
[  623.769878][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  623.775929][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  623.782064][T11859]  __do_fast_syscall_32+0x129/0x180
[  623.787259][T11859]  do_fast_syscall_32+0x6a/0xc0
[  623.792093][T11859]  do_SYSENTER_32+0x73/0x90
[  623.796582][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  623.802884][T11859] 
[  623.805201][T11859] Uninit was stored to memory at:
[  623.810301][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  623.816115][T11859]  __msan_chain_origin+0x50/0x90
[  623.821038][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  623.826134][T11859]  get_compat_msghdr+0x108/0x2b0
[  623.831055][T11859]  do_recvmmsg+0xdbb/0x22b0
[  623.835559][T11859]  __sys_recvmmsg+0x5dd/0x610
[  623.840243][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  623.846295][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  623.852457][T11859]  __do_fast_syscall_32+0x129/0x180
[  623.857672][T11859]  do_fast_syscall_32+0x6a/0xc0
[  623.862503][T11859]  do_SYSENTER_32+0x73/0x90
[  623.873767][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  623.880077][T11859] 
[  623.882395][T11859] Uninit was stored to memory at:
[  623.887424][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  623.893129][T11859]  __msan_chain_origin+0x50/0x90
[  623.898049][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  623.903144][T11859]  get_compat_msghdr+0x108/0x2b0
[  623.908067][T11859]  do_recvmmsg+0xdbb/0x22b0
[  623.912556][T11859]  __sys_recvmmsg+0x5dd/0x610
[  623.917219][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  623.923285][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  623.929439][T11859]  __do_fast_syscall_32+0x129/0x180
[  623.934626][T11859]  do_fast_syscall_32+0x6a/0xc0
[  623.939459][T11859]  do_SYSENTER_32+0x73/0x90
[  623.943959][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  623.951214][T11859] 
[  623.953523][T11859] Uninit was stored to memory at:
[  623.958538][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  623.964247][T11859]  __msan_chain_origin+0x50/0x90
[  623.969181][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  623.974286][T11859]  get_compat_msghdr+0x108/0x2b0
[  623.979221][T11859]  do_recvmmsg+0xdbb/0x22b0
[  623.983704][T11859]  __sys_recvmmsg+0x5dd/0x610
[  623.988375][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  623.994423][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  624.000560][T11859]  __do_fast_syscall_32+0x129/0x180
[  624.005752][T11859]  do_fast_syscall_32+0x6a/0xc0
[  624.010599][T11859]  do_SYSENTER_32+0x73/0x90
[  624.015106][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  624.021406][T11859] 
[  624.023725][T11859] Uninit was stored to memory at:
[  624.028749][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  624.034454][T11859]  __msan_chain_origin+0x50/0x90
[  624.039373][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  624.044478][T11859]  get_compat_msghdr+0x108/0x2b0
[  624.049399][T11859]  do_recvmmsg+0xdbb/0x22b0
[  624.053885][T11859]  __sys_recvmmsg+0x5dd/0x610
[  624.058545][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  624.064594][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  624.070749][T11859]  __do_fast_syscall_32+0x129/0x180
[  624.075939][T11859]  do_fast_syscall_32+0x6a/0xc0
[  624.080771][T11859]  do_SYSENTER_32+0x73/0x90
[  624.085272][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  624.091580][T11859] 
[  624.093900][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  624.100559][T11859]  do_recvmmsg+0xbf/0x22b0
[  624.104971][T11859]  do_recvmmsg+0xbf/0x22b0
[  624.272187][T11859] not chained 560000 origins
[  624.276835][T11859] CPU: 0 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  624.285527][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  624.295595][T11859] Call Trace:
[  624.298914][T11859]  dump_stack+0x21c/0x280
[  624.303274][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  624.309061][T11859]  ? kmsan_get_metadata+0x116/0x180
[  624.314286][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  624.319853][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  624.325944][T11859]  ? _copy_from_user+0x201/0x310
[  624.330908][T11859]  ? kmsan_get_metadata+0x116/0x180
[  624.336125][T11859]  __msan_chain_origin+0x50/0x90
[  624.341082][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  624.346233][T11859]  get_compat_msghdr+0x108/0x2b0
[  624.351240][T11859]  do_recvmmsg+0xdbb/0x22b0
[  624.355773][T11859]  ? __msan_get_context_state+0x9/0x20
[  624.361276][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  624.366599][T11859]  ? kmsan_get_metadata+0x116/0x180
[  624.371827][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  624.377182][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  624.381961][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  624.386747][T11859]  __sys_recvmmsg+0x5dd/0x610
[  624.391454][T11859]  ? kmsan_get_metadata+0x116/0x180
[  624.396673][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  624.402770][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  624.408945][T11859]  __do_fast_syscall_32+0x129/0x180
[  624.414168][T11859]  do_fast_syscall_32+0x6a/0xc0
[  624.419063][T11859]  do_SYSENTER_32+0x73/0x90
[  624.423590][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  624.429924][T11859] RIP: 0023:0xf7ff7549
[  624.434005][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  624.453735][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  624.462861][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  624.470844][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  624.478825][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  624.486801][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  624.494759][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  624.502729][T11859] Uninit was stored to memory at:
[  624.507761][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  624.513478][T11859]  __msan_chain_origin+0x50/0x90
[  624.518425][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  624.523530][T11859]  get_compat_msghdr+0x108/0x2b0
[  624.528456][T11859]  do_recvmmsg+0xdbb/0x22b0
[  624.532986][T11859]  __sys_recvmmsg+0x5dd/0x610
[  624.537656][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  624.543716][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  624.549854][T11859]  __do_fast_syscall_32+0x129/0x180
[  624.555057][T11859]  do_fast_syscall_32+0x6a/0xc0
[  624.559889][T11859]  do_SYSENTER_32+0x73/0x90
[  624.564378][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  624.570687][T11859] 
[  624.572993][T11859] Uninit was stored to memory at:
[  624.578352][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  624.584052][T11859]  __msan_chain_origin+0x50/0x90
[  624.588988][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  624.594084][T11859]  get_compat_msghdr+0x108/0x2b0
[  624.599026][T11859]  do_recvmmsg+0xdbb/0x22b0
[  624.603513][T11859]  __sys_recvmmsg+0x5dd/0x610
[  624.608186][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  624.614240][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  624.620379][T11859]  __do_fast_syscall_32+0x129/0x180
[  624.625560][T11859]  do_fast_syscall_32+0x6a/0xc0
[  624.630417][T11859]  do_SYSENTER_32+0x73/0x90
[  624.634904][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  624.641202][T11859] 
[  624.643509][T11859] Uninit was stored to memory at:
[  624.648522][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  624.654225][T11859]  __msan_chain_origin+0x50/0x90
[  624.659837][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  624.664931][T11859]  get_compat_msghdr+0x108/0x2b0
[  624.669869][T11859]  do_recvmmsg+0xdbb/0x22b0
[  624.674368][T11859]  __sys_recvmmsg+0x5dd/0x610
[  624.679026][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  624.685075][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  624.691252][T11859]  __do_fast_syscall_32+0x129/0x180
[  624.696443][T11859]  do_fast_syscall_32+0x6a/0xc0
[  624.701282][T11859]  do_SYSENTER_32+0x73/0x90
[  624.705776][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  624.712095][T11859] 
[  624.714414][T11859] Uninit was stored to memory at:
[  624.719425][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  624.725135][T11859]  __msan_chain_origin+0x50/0x90
[  624.730066][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  624.735161][T11859]  get_compat_msghdr+0x108/0x2b0
[  624.740082][T11859]  do_recvmmsg+0xdbb/0x22b0
[  624.744568][T11859]  __sys_recvmmsg+0x5dd/0x610
[  624.749237][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  624.755287][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  624.761424][T11859]  __do_fast_syscall_32+0x129/0x180
[  624.766631][T11859]  do_fast_syscall_32+0x6a/0xc0
[  624.771474][T11859]  do_SYSENTER_32+0x73/0x90
[  624.775966][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  624.782274][T11859] 
[  624.784597][T11859] Uninit was stored to memory at:
[  624.789640][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  624.795358][T11859]  __msan_chain_origin+0x50/0x90
[  624.800278][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  624.805385][T11859]  get_compat_msghdr+0x108/0x2b0
[  624.810316][T11859]  do_recvmmsg+0xdbb/0x22b0
[  624.814803][T11859]  __sys_recvmmsg+0x5dd/0x610
[  624.819461][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  624.825520][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  624.831691][T11859]  __do_fast_syscall_32+0x129/0x180
[  624.836878][T11859]  do_fast_syscall_32+0x6a/0xc0
[  624.841715][T11859]  do_SYSENTER_32+0x73/0x90
[  624.846216][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  624.852515][T11859] 
[  624.854823][T11859] Uninit was stored to memory at:
[  624.859833][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  624.865539][T11859]  __msan_chain_origin+0x50/0x90
[  624.870457][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  624.875552][T11859]  get_compat_msghdr+0x108/0x2b0
[  624.880483][T11859]  do_recvmmsg+0xdbb/0x22b0
[  624.884969][T11859]  __sys_recvmmsg+0x5dd/0x610
[  624.889646][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  624.895697][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  624.901835][T11859]  __do_fast_syscall_32+0x129/0x180
[  624.907022][T11859]  do_fast_syscall_32+0x6a/0xc0
[  624.911860][T11859]  do_SYSENTER_32+0x73/0x90
[  624.916362][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  624.922665][T11859] 
[  624.925605][T11859] Uninit was stored to memory at:
[  624.930625][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  624.936330][T11859]  __msan_chain_origin+0x50/0x90
[  624.941256][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  624.946350][T11859]  get_compat_msghdr+0x108/0x2b0
[  624.951279][T11859]  do_recvmmsg+0xdbb/0x22b0
[  624.955771][T11859]  __sys_recvmmsg+0x5dd/0x610
[  624.960430][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  624.966481][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  624.972625][T11859]  __do_fast_syscall_32+0x129/0x180
[  624.978159][T11859]  do_fast_syscall_32+0x6a/0xc0
[  624.983006][T11859]  do_SYSENTER_32+0x73/0x90
[  624.987506][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  624.993805][T11859] 
[  624.996113][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  625.002793][T11859]  do_recvmmsg+0xbf/0x22b0
[  625.007194][T11859]  do_recvmmsg+0xbf/0x22b0
[  625.176786][T11859] not chained 570000 origins
[  625.181430][T11859] CPU: 0 PID: 11859 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  625.190186][T11859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  625.200264][T11859] Call Trace:
[  625.203575][T11859]  dump_stack+0x21c/0x280
[  625.207941][T11859]  kmsan_internal_chain_origin+0x6f/0x130
[  625.213733][T11859]  ? kmsan_get_metadata+0x116/0x180
[  625.218965][T11859]  ? kmsan_set_origin_checked+0x95/0xf0
[  625.224535][T11859]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  625.230636][T11859]  ? _copy_from_user+0x201/0x310
[  625.235605][T11859]  ? kmsan_get_metadata+0x116/0x180
[  625.240824][T11859]  __msan_chain_origin+0x50/0x90
[  625.245782][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  625.250934][T11859]  get_compat_msghdr+0x108/0x2b0
[  625.255904][T11859]  do_recvmmsg+0xdbb/0x22b0
[  625.260453][T11859]  ? __msan_get_context_state+0x9/0x20
[  625.265944][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  625.271263][T11859]  ? kmsan_get_metadata+0x116/0x180
[  625.276488][T11859]  ? __msan_poison_alloca+0xf0/0x120
[  625.281793][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  625.286568][T11859]  ? __sys_recvmmsg+0xbb/0x610
[  625.292263][T11859]  __sys_recvmmsg+0x5dd/0x610
[  625.296971][T11859]  ? kmsan_get_metadata+0x116/0x180
[  625.302192][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  625.308288][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  625.314459][T11859]  __do_fast_syscall_32+0x129/0x180
[  625.319677][T11859]  do_fast_syscall_32+0x6a/0xc0
[  625.324548][T11859]  do_SYSENTER_32+0x73/0x90
[  625.329077][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  625.335411][T11859] RIP: 0023:0xf7ff7549
[  625.339511][T11859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  625.359209][T11859] RSP: 002b:00000000f55f10cc EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  625.367725][T11859] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000ac0
[  625.375716][T11859] RDX: 00000000040003a0 RSI: 0000000000000000 RDI: 0000000000000000
[  625.383698][T11859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  625.391700][T11859] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  625.399698][T11859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  625.407691][T11859] Uninit was stored to memory at:
[  625.412724][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  625.418440][T11859]  __msan_chain_origin+0x50/0x90
[  625.423360][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  625.428453][T11859]  get_compat_msghdr+0x108/0x2b0
[  625.433403][T11859]  do_recvmmsg+0xdbb/0x22b0
[  625.437905][T11859]  __sys_recvmmsg+0x5dd/0x610
[  625.442588][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  625.448639][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  625.454777][T11859]  __do_fast_syscall_32+0x129/0x180
[  625.459960][T11859]  do_fast_syscall_32+0x6a/0xc0
[  625.464792][T11859]  do_SYSENTER_32+0x73/0x90
[  625.469289][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  625.475592][T11859] 
[  625.477898][T11859] Uninit was stored to memory at:
[  625.482921][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  625.488632][T11859]  __msan_chain_origin+0x50/0x90
[  625.493553][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  625.498654][T11859]  get_compat_msghdr+0x108/0x2b0
[  625.503578][T11859]  do_recvmmsg+0xdbb/0x22b0
[  625.508075][T11859]  __sys_recvmmsg+0x5dd/0x610
[  625.512745][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  625.518805][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  625.524958][T11859]  __do_fast_syscall_32+0x129/0x180
[  625.530149][T11859]  do_fast_syscall_32+0x6a/0xc0
[  625.534995][T11859]  do_SYSENTER_32+0x73/0x90
[  625.539487][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  625.545787][T11859] 
[  625.548093][T11859] Uninit was stored to memory at:
[  625.553119][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  625.558834][T11859]  __msan_chain_origin+0x50/0x90
[  625.563762][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  625.568864][T11859]  get_compat_msghdr+0x108/0x2b0
[  625.573785][T11859]  do_recvmmsg+0xdbb/0x22b0
[  625.578275][T11859]  __sys_recvmmsg+0x5dd/0x610
[  625.583032][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  625.589081][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  625.595233][T11859]  __do_fast_syscall_32+0x129/0x180
[  625.600447][T11859]  do_fast_syscall_32+0x6a/0xc0
[  625.605283][T11859]  do_SYSENTER_32+0x73/0x90
[  625.609771][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  625.616071][T11859] 
[  625.618374][T11859] Uninit was stored to memory at:
[  625.624090][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  625.629806][T11859]  __msan_chain_origin+0x50/0x90
[  625.634738][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  625.639831][T11859]  get_compat_msghdr+0x108/0x2b0
[  625.644761][T11859]  do_recvmmsg+0xdbb/0x22b0
[  625.649257][T11859]  __sys_recvmmsg+0x5dd/0x610
[  625.653925][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  625.659982][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  625.666129][T11859]  __do_fast_syscall_32+0x129/0x180
[  625.671309][T11859]  do_fast_syscall_32+0x6a/0xc0
[  625.676143][T11859]  do_SYSENTER_32+0x73/0x90
[  625.680648][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  625.686949][T11859] 
[  625.689257][T11859] Uninit was stored to memory at:
[  625.694279][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  625.700074][T11859]  __msan_chain_origin+0x50/0x90
[  625.705002][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  625.710095][T11859]  get_compat_msghdr+0x108/0x2b0
[  625.715017][T11859]  do_recvmmsg+0xdbb/0x22b0
[  625.719502][T11859]  __sys_recvmmsg+0x5dd/0x610
[  625.724265][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  625.730314][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  625.736453][T11859]  __do_fast_syscall_32+0x129/0x180
[  625.741642][T11859]  do_fast_syscall_32+0x6a/0xc0
[  625.746488][T11859]  do_SYSENTER_32+0x73/0x90
[  625.750996][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  625.757299][T11859] 
[  625.759606][T11859] Uninit was stored to memory at:
[  625.764620][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  625.770593][T11859]  __msan_chain_origin+0x50/0x90
[  625.775515][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  625.780608][T11859]  get_compat_msghdr+0x108/0x2b0
[  625.785530][T11859]  do_recvmmsg+0xdbb/0x22b0
[  625.790016][T11859]  __sys_recvmmsg+0x5dd/0x610
[  625.794675][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  625.800734][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  625.806885][T11859]  __do_fast_syscall_32+0x129/0x180
[  625.812076][T11859]  do_fast_syscall_32+0x6a/0xc0
[  625.816910][T11859]  do_SYSENTER_32+0x73/0x90
[  625.821396][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  625.827693][T11859] 
[  625.830000][T11859] Uninit was stored to memory at:
[  625.835011][T11859]  kmsan_internal_chain_origin+0xad/0x130
[  625.840712][T11859]  __msan_chain_origin+0x50/0x90
[  625.845639][T11859]  __get_compat_msghdr+0x6db/0x9d0
[  625.850750][T11859]  get_compat_msghdr+0x108/0x2b0
[  625.855674][T11859]  do_recvmmsg+0xdbb/0x22b0
[  625.860160][T11859]  __sys_recvmmsg+0x5dd/0x610
[  625.864831][T11859]  __se_compat_sys_recvmmsg_time32+0xfb/0x120
[  625.871230][T11859]  __ia32_compat_sys_recvmmsg_time32+0x62/0x80
[  625.877368][T11859]  __do_fast_syscall_32+0x129/0x180
[  625.882553][T11859]  do_fast_syscall_32+0x6a/0xc0
[  625.887387][T11859]  do_SYSENTER_32+0x73/0x90
[  625.891872][T11859]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  625.898169][T11859] 
[  625.900480][T11859] Local variable ----msg_sys@do_recvmmsg created at:
[  625.907149][T11859]  do_recvmmsg+0xbf/0x22b0
[  625.911545][T11859]  do_recvmmsg+0xbf/0x22b0
01:10:14 executing program 4:
modify_ldt$write(0x1, &(0x7f0000000000), 0x10)

01:10:14 executing program 3:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000000, 0x0)
ptrace$setregs(0xffffffffffffffff, 0xffffffffffffffff, 0x0, &(0x7f0000000080)="17aa772d0310a24aa638502cc9ad43a3ae91174f0677b64c582199698ae18c160f283d9da74ae7ceb5")
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ioctl$KDFONTOP_SET_DEF(0xffffffffffffffff, 0x4b72, &(0x7f00000000c0)={0x2, 0x0, 0x0, 0x0, 0x109, 0x0})
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x17)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
r1 = gettid()
tkill(r1, 0x1b)

01:10:14 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:10:14 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xd}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0)
pipe(&(0x7f0000000100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x0, 0x0, 0x6}, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000140)='maps\x00')
preadv(r4, &(0x7f00000017c0), 0x375, 0x0, 0x0)

01:10:14 executing program 0:
prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0xe4}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
recvmmsg(r1, &(0x7f0000003200)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$setpipe(r3, 0x407, 0x0)
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
r4 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
getsockopt$packet_int(r4, 0x107, 0x13, &(0x7f0000000100), &(0x7f0000000140)=0x4)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000180)='mountinfo\x00')
preadv(r5, &(0x7f0000000940)=[{&(0x7f0000000040)=""/42, 0x2a}, {&(0x7f00000008c0)=""/106, 0x5b}, {&(0x7f00000007c0)=""/242, 0xf2}, {&(0x7f0000001380)=""/239, 0xfc36}], 0xc7, 0x0, 0x0)
clone(0x50000103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)

01:10:14 executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(r0, r1, 0x0, 0xf03b0000)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

[  626.332697][T11917] ptrace attach of "/root/syz-executor.3"[11916] was attempted by "/root/syz-executor.3"[11917]
[  626.383893][T11911] EXT4-fs error (device loop1): ext4_fill_super:4709: inode #2: comm syz-executor.1: iget: root inode unallocated
01:10:14 executing program 3:
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0)
r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x2401)
gettid()
ioctl$MON_IOCX_MFETCH(r0, 0xc0109207, &(0x7f00000000c0)={0x0})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
dup(0xffffffffffffffff)
ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x600}, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[  626.548511][T11911] EXT4-fs (loop1): get root inode failed
[  626.554796][T11911] EXT4-fs (loop1): mount failed
[  626.582531][   T28] audit: type=1400 audit(1600737014.491:19): avc:  denied  { sys_admin } for  pid=11908 comm="syz-executor.0" capability=21  scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=cap_userns permissive=1
[  626.594963][T11926] IPVS: ftp: loaded support on port[0] = 21
01:10:15 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

[  627.201486][T11941] IPVS: ftp: loaded support on port[0] = 21
01:10:15 executing program 5:
perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ttyS3\x00', 0x185400, 0x0)

01:10:15 executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(r0, r1, 0x0, 0xf03b0000)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

[  627.532167][T11127] tipc: TX() has been purged, node left!
01:10:15 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000040000000030000002d0000000f00000000000000020000000200000000800000008000002000000028c4645f28c4645f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000000280)="ed41e949d361000027c4645f0300645f28c4645f00000000000004000894634ab5c95192fd130a539169dc6eeb8b4e8a61f1efcadca8aaff077d62fec1fa1f35ccbc4930eefcf54077940b48ebc5a0ed55c64d12d60e62c882bd707b9706e9cbfb2df60b41ecbde2f6", 0x69, 0x4080}], 0x0, &(0x7f0000013a00))

01:10:15 executing program 3:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='sessionid\x00')
exit(0x0)
read$FUSE(r0, 0x0, 0x0)

[  628.023320][T11961] EXT4-fs error (device loop1): ext4_fill_super:4709: inode #2: comm syz-executor.1: iget: root inode unallocated
[  628.230586][T11961] EXT4-fs (loop1): get root inode failed
[  628.239175][T11961] EXT4-fs (loop1): mount failed
[  628.350000][T11972] EXT4-fs error (device loop4): ext4_fill_super:4709: inode #2: comm syz-executor.4: iget: bad extended attribute block 246
01:10:16 executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(r0, r1, 0x0, 0xf03b0000)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

[  628.540509][T11972] EXT4-fs (loop4): get root inode failed
[  628.546708][T11972] EXT4-fs (loop4): mount failed
01:10:16 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

[  628.712731][T11972] EXT4-fs error (device loop4): ext4_fill_super:4709: inode #2: comm syz-executor.4: iget: bad extended attribute block 246
01:10:16 executing program 5:

[  628.836134][T11972] EXT4-fs (loop4): get root inode failed
[  628.841987][T11972] EXT4-fs (loop4): mount failed
01:10:17 executing program 4:

[  629.674391][T11991] EXT4-fs error (device loop1): ext4_fill_super:4709: inode #2: comm syz-executor.1: iget: root inode unallocated
[  629.814243][T11991] EXT4-fs (loop1): get root inode failed
[  629.819977][T11991] EXT4-fs (loop1): mount failed
01:10:18 executing program 0:

01:10:18 executing program 4:

01:10:18 executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(r0, r1, 0x0, 0xf03b0000)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

01:10:18 executing program 3:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='sessionid\x00')
exit(0x0)
read$FUSE(r0, 0x0, 0x0)

01:10:18 executing program 5:

01:10:18 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {0x0, 0x0, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

[  631.063382][T12006] EXT4-fs error (device loop1): ext4_fill_super:4709: inode #2: comm syz-executor.1: iget: root inode unallocated
[  631.103685][T12006] EXT4-fs (loop1): get root inode failed
[  631.109763][T12006] EXT4-fs (loop1): mount failed
01:10:19 executing program 4:

01:10:19 executing program 5:

01:10:19 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {0x0, 0x0, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:10:19 executing program 0:

01:10:19 executing program 4:

01:10:19 executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(r0, r1, 0x0, 0xf03b0000)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

01:10:20 executing program 3:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='sessionid\x00')
exit(0x0)
read$FUSE(r0, 0x0, 0x0)

01:10:20 executing program 5:

[  632.444758][T12022] EXT4-fs error (device loop1): ext4_fill_super:4709: inode #2: comm syz-executor.1: iget: root inode unallocated
01:10:20 executing program 0:

[  632.579728][T12022] EXT4-fs (loop1): get root inode failed
[  632.585846][T12022] EXT4-fs (loop1): mount failed
01:10:20 executing program 4:

01:10:20 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {0x0, 0x0, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:10:21 executing program 5:

01:10:21 executing program 0:

01:10:21 executing program 4:

01:10:21 executing program 3:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='sessionid\x00')
exit(0x0)
read$FUSE(r0, 0x0, 0x0)

01:10:21 executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(r0, r1, 0x0, 0xf03b0000)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=<r2=>0x0)
timer_settime(r2, 0x0, 0x0, 0x0)

[  633.895937][T12040] EXT4-fs error (device loop1): ext4_fill_super:4709: inode #2: comm syz-executor.1: iget: root inode unallocated
[  634.061767][T12040] EXT4-fs (loop1): get root inode failed
[  634.068014][T12040] EXT4-fs (loop1): mount failed
01:10:22 executing program 5:

01:10:22 executing program 0:

01:10:22 executing program 4:

01:10:22 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200), 0x0, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:10:22 executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(r0, r1, 0x0, 0xf03b0000)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=<r2=>0x0)
timer_settime(r2, 0x0, 0x0, 0x0)

01:10:22 executing program 0:

01:10:22 executing program 5:

[  635.170410][T12058] EXT4-fs error (device loop1): ext4_fill_super:4709: inode #2: comm syz-executor.1: iget: root inode unallocated
[  635.358692][T12058] EXT4-fs (loop1): get root inode failed
[  635.364805][T12058] EXT4-fs (loop1): mount failed
01:10:23 executing program 4:

01:10:23 executing program 0:

01:10:23 executing program 3:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='sessionid\x00')
read$FUSE(r0, 0x0, 0x0)

01:10:23 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200), 0x0, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:10:24 executing program 5:

[  636.073992][ T8691] Bluetooth: hci5: command 0x0406 tx timeout
01:10:24 executing program 0:

01:10:24 executing program 4:

01:10:24 executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
sendfile(r0, r1, 0x0, 0xf03b0000)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=<r2=>0x0)
timer_settime(r2, 0x0, 0x0, 0x0)

01:10:24 executing program 3:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='sessionid\x00')
read$FUSE(r0, 0x0, 0x0)

[  636.678148][T12075] EXT4-fs error (device loop1): ext4_fill_super:4709: inode #2: comm syz-executor.1: iget: root inode unallocated
01:10:24 executing program 0:

[  636.782492][T12075] EXT4-fs (loop1): get root inode failed
[  636.788512][T12075] EXT4-fs (loop1): mount failed
01:10:24 executing program 5:

01:10:25 executing program 4:

01:10:25 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200), 0x0, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:10:25 executing program 3:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='sessionid\x00')
read$FUSE(r0, 0x0, 0x0)

01:10:25 executing program 0:

01:10:25 executing program 4:

01:10:26 executing program 5:

[  638.074960][T12092] EXT4-fs error (device loop1): ext4_fill_super:4709: inode #2: comm syz-executor.1: iget: root inode unallocated
01:10:26 executing program 3:
exit(0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)

[  638.210390][T12092] EXT4-fs (loop1): get root inode failed
[  638.216319][T12092] EXT4-fs (loop1): mount failed
01:10:26 executing program 0:

01:10:26 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af30100040000000000000000000000010000000300"/74, 0x4a, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:10:26 executing program 2:

01:10:26 executing program 5:

01:10:26 executing program 4:

01:10:27 executing program 0:

[  639.202978][T12109] EXT4-fs error (device loop1): ext4_fill_super:4709: inode #2: comm syz-executor.1: iget: checksum invalid
01:10:27 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x4)
syz_emit_ethernet(0x4e, &(0x7f0000000240)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "083ff2", 0x18, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@exp_fastopen={0xfe, 0x4}]}}}}}}}}, 0x0)

[  639.262603][T12109] EXT4-fs (loop1): get root inode failed
[  639.268624][T12109] EXT4-fs (loop1): mount failed
01:10:27 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:10:27 executing program 3:
exit(0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)

01:10:27 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000006c0)=@filter={'filter\x00', 0xe, 0x4, 0x3c8, 0xd0, 0xd0, 0xd0, 0x0, 0xd0, 0x2c0, 0x2f8, 0x2f8, 0x2f8, 0x2c0, 0x4, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x0, 0xfffa, 0x1}}}, {{@ipv6={@initdev={0xfe, 0x88, [], 0x0, 0x0}, @local}, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@local, 'wg1\x00'}}}, {{@ipv6={@local, @dev, [], [], 'bridge_slave_1\x00', 'ipvlan0\x00', {}, {}, 0x11}, 0x0, 0xf8, 0x138, 0x0, {}, [@common=@inet=@multiport={{0x50, 'multiport\x00'}}]}, @common=@unspec=@ERROR={0x40, 'ERROR\x00', 0x0, "20179705e5402a1b2e9ae53bfcc85dc329505d2fda1a43a570438f34d27f"}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x428)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001})
r2 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @empty}})
write$tun(r1, &(0x7f0000000a00)={@void, @val={0x1}, @ipv6=@gre_packet={0x0, 0x6, "bc7d94", 0x44, 0x2c, 0x0, @local, @mcast2, {[], {{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6558}}}}}, 0x76)

01:10:27 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af30100040000000000000000000000010000000300"/74, 0x4a, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:10:27 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000001c0)='syz_tun\x00', 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x9, &(0x7f0000000200)=0xfffffff5, 0x48)
setsockopt$sock_int(r0, 0x1, 0x9, &(0x7f0000000140), 0x4)

[  640.063260][   T28] audit: type=1804 audit(1600737027.972:20): pid=12122 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/54/file0" dev="sda1" ino=15937 res=1 errno=0
01:10:28 executing program 2:

[  640.372228][T12132] EXT4-fs error (device loop1): ext4_fill_super:4709: inode #2: comm syz-executor.1: iget: checksum invalid
01:10:28 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

[  640.418302][T12132] EXT4-fs (loop1): get root inode failed
[  640.424326][T12132] EXT4-fs (loop1): mount failed
01:10:28 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af30100040000000000000000000000010000000300"/74, 0x4a, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

[  640.977057][   T28] audit: type=1804 audit(1600737028.892:21): pid=12145 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/55/file0" dev="sda1" ino=15761 res=1 errno=0
01:10:29 executing program 3:
exit(0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)

01:10:29 executing program 2:

01:10:29 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:10:29 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000006c0)=@filter={'filter\x00', 0xe, 0x4, 0x3c8, 0xd0, 0xd0, 0xd0, 0x0, 0xd0, 0x2c0, 0x2f8, 0x2f8, 0x2f8, 0x2c0, 0x4, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x0, 0xfffa, 0x1}}}, {{@ipv6={@initdev={0xfe, 0x88, [], 0x0, 0x0}, @local}, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@local, 'wg1\x00'}}}, {{@ipv6={@local, @dev, [], [], 'bridge_slave_1\x00', 'ipvlan0\x00', {}, {}, 0x11}, 0x0, 0xf8, 0x138, 0x0, {}, [@common=@inet=@multiport={{0x50, 'multiport\x00'}}]}, @common=@unspec=@ERROR={0x40, 'ERROR\x00', 0x0, "20179705e5402a1b2e9ae53bfcc85dc329505d2fda1a43a570438f34d27f"}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x428)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x88002, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x420000015001})
r2 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', {0x7, 0x0, @empty}})
write$tun(r1, &(0x7f0000000a00)={@void, @val={0x1}, @ipv6=@gre_packet={0x0, 0x6, "bc7d94", 0x44, 0x2c, 0x0, @local, @mcast2, {[], {{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6558}}}}}, 0x76)

[  641.538839][T12154] EXT4-fs error (device loop1): ext4_fill_super:4709: inode #2: comm syz-executor.1: iget: checksum invalid
01:10:29 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x4)
writev(r1, &(0x7f0000000200)=[{&(0x7f0000000440)="580000001400192340834b80040d8c560a067fbc45ff810500000000000058000b480400945f64009400050028925a01000000000000008000f0fffeffe809000000fff5dd00000010000100050810004149004006040800", 0x58}], 0x1)

[  641.631767][T12154] EXT4-fs (loop1): get root inode failed
[  641.638030][T12154] EXT4-fs (loop1): mount failed
01:10:29 executing program 0:
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r0, &(0x7f00000000c0)='./file0\x00')
mkdirat(r0, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
mount$fuse(0x20000000, &(0x7f0000000140)='./file0\x00', 0x0, 0x7a80, 0x0)
chdir(&(0x7f0000000280)='./file0\x00')
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
ioctl$FS_IOC_SETVERSION(r1, 0x40087602, &(0x7f0000000180))

[  641.938172][   T28] audit: type=1804 audit(1600737029.852:22): pid=12163 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/56/file0" dev="sda1" ino=16194 res=1 errno=0
01:10:29 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af30100040000000000000000000000010000000300"/111, 0x6f, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:10:30 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:10:30 executing program 3:
r0 = syz_open_procfs(0xffffffffffffffff, 0x0)
exit(0x0)
read$FUSE(r0, 0x0, 0x0)

[  642.701620][T12177] EXT4-fs error (device loop1): ext4_fill_super:4709: inode #2: comm syz-executor.1: iget: checksum invalid
01:10:30 executing program 2:
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000200)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$RTC_ALM_SET(r0, 0x40247007, &(0x7f0000000040)={0x0, 0x0, 0xb})

[  642.820002][T12177] EXT4-fs (loop1): get root inode failed
[  642.826453][T12177] EXT4-fs (loop1): mount failed
01:10:30 executing program 0:
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000080)='tasks\x00', 0x2, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
write$cgroup_pid(r1, &(0x7f0000000040), 0x12)

[  642.963613][   T28] audit: type=1804 audit(1600737030.872:23): pid=12182 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/57/file0" dev="sda1" ino=15761 res=1 errno=0
01:10:31 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af30100040000000000000000000000010000000300"/111, 0x6f, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:10:31 executing program 4:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000400)='oom_score\x00')
preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000240)=""/3, 0x3}], 0x1, 0x0, 0x0)

01:10:31 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:10:31 executing program 0:
r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
fsync(r0)

01:10:31 executing program 2:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket(0x10, 0x803, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r5, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r5}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:10:32 executing program 3:
r0 = syz_open_procfs(0xffffffffffffffff, 0x0)
exit(0x0)
read$FUSE(r0, 0x0, 0x0)

[  644.719748][ T3107] blk_update_request: I/O error, dev loop0, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 0 prio class 0
[  644.801814][T12207] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  644.838458][   T28] audit: type=1804 audit(1600737032.752:24): pid=12205 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/58/file0" dev="sda1" ino=16363 res=1 errno=0
[  644.941354][T12209] EXT4-fs error (device loop1): ext4_fill_super:4709: inode #2: comm syz-executor.1: iget: checksum invalid
[  644.954599][T12209] EXT4-fs (loop1): get root inode failed
[  644.960378][T12209] EXT4-fs (loop1): mount failed
01:10:32 executing program 0:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
syz_emit_ethernet(0x15, &(0x7f0000000380)={@random="fe672e0a7ea5", @link_local, @val={@void}, {@x25}}, 0x0)

01:10:33 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

[  645.177136][T12215] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:10:33 executing program 4:
perf_event_open(&(0x7f0000000000)={0x1000000002, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2000000002608100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)

01:10:33 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af30100040000000000000000000000010000000300"/111, 0x6f, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:10:33 executing program 2:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket(0x10, 0x803, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r5, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r5}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

[  645.650175][   T28] audit: type=1804 audit(1600737033.562:25): pid=12223 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/59/file0" dev="sda1" ino=16352 res=1 errno=0
01:10:33 executing program 4:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000680)=@filter={'filter\x00', 0xe, 0x4, 0x340, 0x1c0, 0x98, 0x98, 0x98, 0x0, 0x288, 0x2a8, 0x2a8, 0x2a8, 0x288, 0x4, 0x0, {[{{@ip={@rand_addr, @empty, 0x0, 0x0, '\x00', 'syzkaller0\x00'}, 0x0, 0x70, 0x98}, @REJECT={0x28, 'REJECT\x00'}}, {{@ip={@multicast2, @broadcast, 0x0, 0x0, 'vxcan1\x00', 'veth0_to_hsr\x00'}, 0x0, 0x70, 0xb8}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@dev}}}, {{@ip={@loopback, @private, 0x0, 0x0, 'gre0\x00', 'syzkaller0\x00'}, 0x0, 0x130, 0x158, 0x0, {}, [@common=@unspec=@string={{0xc0, 'string\x00'}, {0x0, 0x0, 'bm\x00', "9426a6f8e655a1092027027303b21c30ede1cbe70859dbc2a7c4e466d4312684259b63bcab9c2b060070e3ba84ba9a61bfe1d16b6155833697c536713465aa01b96ef6a93cc4414e13418a2f088bf9c41186d6a1d52b438f1f2ae7f75ae2b086d69314bca15afae5d120a2198b2966aa9e1c9fdce048b18a386028dbb5063e87", 0xd, 0x3}}]}, @REJECT={0x28, 'REJECT\x00'}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x3a0)

01:10:33 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
write$binfmt_elf32(r2, &(0x7f0000000240)=ANY=[], 0xfffffdb6)
shutdown(r3, 0x1)

01:10:33 executing program 3:
r0 = syz_open_procfs(0xffffffffffffffff, 0x0)
exit(0x0)
read$FUSE(r0, 0x0, 0x0)

[  645.921082][T12233] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:10:33 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

[  645.981607][T12229] EXT4-fs error (device loop1): ext4_fill_super:4709: inode #2: comm syz-executor.1: iget: checksum invalid
[  646.139710][T12229] EXT4-fs (loop1): get root inode failed
[  646.145721][T12229] EXT4-fs (loop1): mount failed
01:10:34 executing program 2:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket(0x10, 0x803, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r5, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r5}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:10:34 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000", 0x82, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:10:34 executing program 4:
r0 = socket(0x11, 0x800000003, 0x0)
bind(r0, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
getsockname$packet(r0, &(0x7f00000003c0)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000000)=0x14)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB='L\x00\x00\x00$\x00\v\r\x00'/20, @ANYRES32=r1, @ANYBLOB="00000000ffffffff000000000900010067726564000000001c000200100003"], 0x4c}}, 0x0)

[  646.635736][   T28] audit: type=1804 audit(1600737034.542:26): pid=12249 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/60/file0" dev="sda1" ino=16354 res=1 errno=0
[  646.810495][T12252] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:10:34 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

[  646.981408][T12257] EXT4-fs error (device loop1): ext4_fill_super:4709: inode #2: comm syz-executor.1: iget: checksum invalid
[  646.997331][T12257] EXT4-fs (loop1): get root inode failed
[  647.003424][T12257] EXT4-fs (loop1): mount failed
[  647.159758][T12262] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
01:10:35 executing program 2:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket(0x10, 0x803, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r5, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r5}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:10:35 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000", 0x82, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:10:35 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
write$binfmt_elf32(r2, &(0x7f0000000240)=ANY=[], 0xfffffdb6)
shutdown(r3, 0x1)

01:10:35 executing program 4:
pipe(&(0x7f0000000380)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r1, &(0x7f00000003c0)={0x2, 0x4e23, @broadcast}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
sendto$inet(r1, 0x0, 0x0, 0x200087fd, &(0x7f00000000c0)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r1, &(0x7f0000000180)="0c268a927f1f9d3177655992aedd7860005cf65ac618ded8974895abeaf4cc834ff922b3f1e0b02bd67a060000000000000025a3a07e758044ab4ea6f7ae55d88fecf900"/77, 0xffffffd1, 0x44870, 0x0, 0x0)
splice(r1, 0x0, r0, 0x0, 0x7fff4fec, 0xee3c0bc3f3bcf1bf)

01:10:35 executing program 3:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='sessionid\x00')
exit(0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)

[  647.704458][   T28] audit: type=1804 audit(1600737035.612:27): pid=12266 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/61/file0" dev="sda1" ino=16352 res=1 errno=0
01:10:35 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

[  648.023884][T12270] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  648.049099][T12269] EXT4-fs error (device loop1): ext4_fill_super:4709: inode #2: comm syz-executor.1: iget: checksum invalid
[  648.198906][T12269] EXT4-fs (loop1): get root inode failed
[  648.206537][T12269] EXT4-fs (loop1): mount failed
[  648.394412][   T28] audit: type=1804 audit(1600737036.302:28): pid=12288 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/62/file0" dev="sda1" ino=16383 res=1 errno=0
01:10:36 executing program 2:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket(0x10, 0x803, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r4}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:10:36 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000", 0x82, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:10:36 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:10:36 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000900)=@filter={'filter\x00', 0xe, 0x4, 0x3a8, 0xd0, 0x0, 0x0, 0xd0, 0xd0, 0x2c0, 0x2d8, 0x2d8, 0x2d8, 0x2c0, 0x4, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffe}}, {{@ipv6={@local, @remote, [], [], 'veth1_macvtap\x00', 'ip6_vti0\x00', {}, {0xff}}, 0x0, 0xa8, 0xd0}, @REJECT={0x28, 'REJECT\x00'}}, {{@ipv6={@local, @dev, [], [], 'veth0_macvtap\x00', 'ipvlan0\x00'}, 0x0, 0x110, 0x138, 0x0, {}, [@common=@inet=@iprange={{0x68, 'iprange\x00'}, {@ipv4=@empty, @ipv6=@initdev={0xfe, 0x88, [], 0x0, 0x0}, @ipv4=@private, @ipv6=@dev}}]}, @REJECT={0x28, 'REJECT\x00'}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x408)
r1 = socket$inet6(0xa, 0x2, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x200cc481, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @dev}, 0x1c)
setsockopt$inet6_udp_int(r1, 0x11, 0x1, &(0x7f0000000000), 0x4)

01:10:37 executing program 0:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getrandom(&(0x7f0000000080)=""/102388, 0x18ff4, 0x0)

01:10:37 executing program 3:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='sessionid\x00')
exit(0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)

[  649.297170][   T28] audit: type=1804 audit(1600737037.212:29): pid=12296 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/63/file0" dev="sda1" ino=16375 res=1 errno=0
01:10:37 executing program 2:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket(0x10, 0x803, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r4}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

[  649.385536][T12298] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
[  649.489125][T12295] EXT4-fs error (device loop1): ext4_fill_super:4709: inode #2: comm syz-executor.1: iget: checksum invalid
01:10:37 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

[  649.600841][T12295] EXT4-fs (loop1): get root inode failed
[  649.607550][T12295] EXT4-fs (loop1): mount failed
01:10:37 executing program 4:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
write$binfmt_elf32(r2, &(0x7f0000000240)=ANY=[], 0xfffffdb6)
shutdown(r3, 0x0)

01:10:38 executing program 2:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket(0x10, 0x803, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r4}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:10:38 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef", 0x8b, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

[  650.165540][   T28] audit: type=1804 audit(1600737038.082:30): pid=12311 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/64/file0" dev="sda1" ino=16345 res=1 errno=0
01:10:38 executing program 0:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x86a01780, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000002c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x116, 0x116, 0x2, [@int, @datasec={0x0, 0x8, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}, {}, {}], 'p'}, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{}, {}, {}, {}, {}, {}], '\x00'}, @var, @enum={0x0, 0x5, 0x0, 0x6, 0x4, [{}, {}, {}, {}, {}]}]}}, 0x0, 0x132}, 0x20)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x0, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x33)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

01:10:38 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

[  650.634152][T12317] EXT4-fs error (device loop1): ext4_fill_super:4709: inode #2: comm syz-executor.1: iget: checksum invalid
[  650.718353][T12317] EXT4-fs (loop1): get root inode failed
[  650.724644][T12317] EXT4-fs (loop1): mount failed
01:10:38 executing program 2:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket(0x10, 0x803, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:10:38 executing program 4:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
write$binfmt_elf32(r2, &(0x7f0000000240)=ANY=[], 0xfffffdb6)
shutdown(r3, 0x0)

[  650.973655][   T28] audit: type=1804 audit(1600737038.883:31): pid=12325 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/65/file0" dev="sda1" ino=16375 res=1 errno=0
01:10:38 executing program 3:
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='sessionid\x00')
exit(0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)

01:10:39 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:10:39 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r2, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r2, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

[  651.364680][T12331] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:10:39 executing program 2:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket(0x10, 0x803, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

[  651.698848][T12342] raw_sendmsg: syz-executor.0 forgot to set AF_INET. Fix it!
[  651.727187][   T28] audit: type=1804 audit(1600737039.643:32): pid=12343 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/66/file0" dev="sda1" ino=16347 res=1 errno=0
01:10:39 executing program 4:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
write$binfmt_elf32(r2, &(0x7f0000000240)=ANY=[], 0xfffffdb6)
shutdown(r3, 0x0)

01:10:39 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:10:40 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r2, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r2, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

[  652.247180][T12349] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  652.439522][   T28] audit: type=1804 audit(1600737040.353:33): pid=12355 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/67/file0" dev="sda1" ino=16368 res=1 errno=0
01:10:40 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef", 0x8b, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:10:40 executing program 4:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
write$binfmt_elf32(r2, &(0x7f0000000240)=ANY=[], 0xfffffdb6)
shutdown(r3, 0x0)

01:10:40 executing program 2:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket(0x10, 0x803, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:10:40 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r0, &(0x7f0000000180)='t', 0x1, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvmmsg(r0, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000023, 0x0)

01:10:40 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r2, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r2, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

01:10:40 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

[  653.097073][   T28] audit: type=1804 audit(1600737041.013:34): pid=12359 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/68/file0" dev="sda1" ino=16367 res=1 errno=0
[  653.218933][T12368] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:10:41 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:10:41 executing program 4:
syz_emit_ethernet(0x2a, &(0x7f0000000380)={@local, @link_local, @void, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x1, @dev, @broadcast, @multicast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}}, 0x0)

01:10:41 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r2, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r2, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

01:10:41 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r0, &(0x7f0000000180)='t', 0x1, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvmmsg(r0, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000023, 0x0)

01:10:41 executing program 2:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket(0x10, 0x803, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r5, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r5}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:10:41 executing program 4:
syz_emit_ethernet(0x2a, &(0x7f0000000380)={@local, @link_local, @void, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x1, @dev, @broadcast, @multicast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}}, 0x0)

[  653.969513][   T28] audit: type=1804 audit(1600737041.883:35): pid=12380 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/69/file0" dev="sda1" ino=16372 res=1 errno=0
[  654.072201][T12383] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  655.122044][T12374] EXT4-fs: failed to create workqueue
[  655.127665][T12374] EXT4-fs (loop1): mount failed
01:10:43 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef", 0x8b, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:10:43 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:10:43 executing program 2:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket(0x10, 0x803, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r5, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r5}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:10:43 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r0, &(0x7f0000000180)='t', 0x1, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvmmsg(r0, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000023, 0x0)

01:10:43 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r2, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
recvmsg(r2, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

01:10:43 executing program 4:
syz_emit_ethernet(0x2a, &(0x7f0000000380)={@local, @link_local, @void, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x1, @dev, @broadcast, @multicast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}}, 0x0)

[  655.699231][T12397] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  655.832929][   T28] audit: type=1804 audit(1600737043.743:36): pid=12402 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/70/file0" dev="sda1" ino=16374 res=1 errno=0
01:10:44 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:10:44 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r0, &(0x7f0000000180)='t', 0x1, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvmmsg(r0, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000023, 0x0)

01:10:44 executing program 4:
syz_emit_ethernet(0x2a, &(0x7f0000000380)={@local, @link_local, @void, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x1, @dev, @broadcast, @multicast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}}, 0x0)

01:10:44 executing program 2:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket(0x10, 0x803, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r5, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r5}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:10:44 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r2, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
recvmsg(r2, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

[  656.706687][T12410] EXT4-fs error (device loop1): ext4_fill_super:4709: inode #2: comm syz-executor.1: iget: checksum invalid
[  656.745061][T12410] EXT4-fs (loop1): get root inode failed
[  656.750877][T12410] EXT4-fs (loop1): mount failed
[  656.846556][T12414] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  657.128255][   T28] audit: type=1804 audit(1600737045.043:37): pid=12425 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/71/file0" dev="sda1" ino=16369 res=1 errno=0
01:10:45 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
recvmmsg(r0, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000023, 0x0)

01:10:46 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b00000000", 0x90, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:10:46 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r2, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
recvmsg(r2, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

01:10:46 executing program 2:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket(0x10, 0x803, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r4, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r4}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:10:46 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:10:46 executing program 4:
syz_emit_ethernet(0x0, 0x0, 0x0)

01:10:46 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
recvmmsg(r0, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000023, 0x0)

[  659.006653][   T28] audit: type=1804 audit(1600737046.923:38): pid=12439 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/72/file0" dev="sda1" ino=16373 res=1 errno=0
[  659.101425][T12444] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:10:47 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
recvmmsg(r0, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000023, 0x0)

01:10:47 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r2, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

01:10:47 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000))
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:10:47 executing program 4:
syz_emit_ethernet(0x0, 0x0, 0x0)

01:10:47 executing program 2:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket(0x10, 0x803, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r4, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r4}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

[  660.093812][   T28] audit: type=1804 audit(1600737048.003:39): pid=12459 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/73/file0" dev="sda1" ino=16366 res=1 errno=0
[  660.101242][T12461] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:10:48 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
sendto$inet(r0, &(0x7f0000000180)='t', 0x1, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvmmsg(r0, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000023, 0x0)

[  661.023211][T12449] EXT4-fs: failed to create workqueue
[  661.028809][T12449] EXT4-fs (loop1): mount failed
01:10:49 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b00000000", 0x90, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:10:49 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000))
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:10:49 executing program 4:
syz_emit_ethernet(0x0, 0x0, 0x0)

01:10:49 executing program 2:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket(0x10, 0x803, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r4, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r4}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:10:49 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
sendto$inet(r0, &(0x7f0000000180)='t', 0x1, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvmmsg(r0, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000023, 0x0)

01:10:49 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r2, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

[  661.434672][T12474] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  661.480846][   T28] audit: type=1804 audit(1600737049.393:40): pid=12475 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/74/file0" dev="sda1" ino=16373 res=1 errno=0
01:10:49 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
sendto$inet(r0, &(0x7f0000000180)='t', 0x1, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvmmsg(r0, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000023, 0x0)

01:10:49 executing program 4:
syz_emit_ethernet(0x2a, &(0x7f0000000380)={@local, @link_local, @void, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x0, @dev, @broadcast, @multicast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}}, 0x0)

01:10:49 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000))
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:10:49 executing program 2:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket(0x10, 0x803, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r4, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r4}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:10:50 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r2, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

[  662.491181][   T28] audit: type=1804 audit(1600737050.403:41): pid=12493 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/75/file0" dev="sda1" ino=16366 res=1 errno=0
01:10:50 executing program 3:
bind$inet(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(0xffffffffffffffff, &(0x7f0000000180)='t', 0x1, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvmmsg(0xffffffffffffffff, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000023, 0x0)

[  663.171723][T12484] EXT4-fs: failed to create workqueue
[  663.177557][T12484] EXT4-fs (loop1): mount failed
01:10:51 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b00000000", 0x90, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:10:51 executing program 4:
syz_emit_ethernet(0x2a, &(0x7f0000000380)={@local, @link_local, @void, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x0, @dev, @broadcast, @multicast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}}, 0x0)

01:10:51 executing program 2:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket(0x10, 0x803, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r4, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r4}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:10:51 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:10:51 executing program 3:
bind$inet(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(0xffffffffffffffff, &(0x7f0000000180)='t', 0x1, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvmmsg(0xffffffffffffffff, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000023, 0x0)

[  663.729194][   T28] audit: type=1804 audit(1600737051.643:42): pid=12510 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/76/file0" dev="sda1" ino=16379 res=1 errno=0
01:10:51 executing program 2:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket(0x10, 0x803, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r4, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r4}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:10:51 executing program 4:
syz_emit_ethernet(0x2a, &(0x7f0000000380)={@local, @link_local, @void, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x0, @dev, @broadcast, @multicast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}}, 0x0)

01:10:51 executing program 3:
bind$inet(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(0xffffffffffffffff, &(0x7f0000000180)='t', 0x1, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvmmsg(0xffffffffffffffff, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000023, 0x0)

01:10:51 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket(0x40000000002, 0x3, 0x2)
sendto$unix(r2, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r2, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

01:10:52 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

[  664.071596][T12514] EXT4-fs error (device loop1): ext4_fill_super:4709: inode #2: comm syz-executor.1: iget: checksum invalid
[  664.163308][T12514] EXT4-fs (loop1): get root inode failed
[  664.169026][T12514] EXT4-fs (loop1): mount failed
01:10:52 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4", 0x92, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

[  664.647312][   T28] audit: type=1804 audit(1600737052.563:43): pid=12527 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/77/file0" dev="sda1" ino=16373 res=1 errno=0
01:10:52 executing program 4:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10)

01:10:52 executing program 2:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r4, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r4}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:10:52 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:10:52 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r0, &(0x7f0000000180)='t', 0x1, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvmmsg(r0, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000023, 0x0)

[  665.202914][T12531] EXT4-fs error (device loop1): ext4_fill_super:4709: inode #2: comm syz-executor.1: iget: checksum invalid
[  665.241220][T12531] EXT4-fs (loop1): get root inode failed
[  665.247228][T12531] EXT4-fs (loop1): mount failed
[  665.266209][T12536] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:10:53 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4", 0x92, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

[  665.584158][   T28] audit: type=1804 audit(1600737053.493:44): pid=12543 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/78/file0" dev="sda1" ino=16371 res=1 errno=0
01:10:53 executing program 2:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r4, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r4}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:10:53 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket(0x40000000002, 0x3, 0x2)
sendto$unix(r2, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r2, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

01:10:53 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000900)=@filter={'filter\x00', 0xe, 0x4, 0x3a8, 0xd0, 0x0, 0x0, 0xd0, 0xd0, 0x2c0, 0x2d8, 0x2d8, 0x2d8, 0x2c0, 0x4, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffe}}, {{@ipv6={@local, @remote, [], [], 'veth1_macvtap\x00', 'ip6_vti0\x00', {}, {0xff}}, 0x0, 0xa8, 0xd0}, @REJECT={0x28, 'REJECT\x00'}}, {{@ipv6={@local, @dev, [], [], 'veth0_macvtap\x00', 'ipvlan0\x00'}, 0x0, 0x110, 0x138, 0x0, {}, [@common=@inet=@iprange={{0x68, 'iprange\x00'}, {@ipv4=@empty, @ipv6=@initdev={0xfe, 0x88, [], 0x0, 0x0}, @ipv4=@private, @ipv6=@dev, 0x22}}]}, @REJECT={0x28, 'REJECT\x00'}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x408)
r1 = socket$inet6(0xa, 0x2, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)

01:10:53 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x72109c5fef5d34d3)
r0 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(0xffffffffffffffff, 0xf, &(0x7f0000000000)={0x0, r0})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(0xffffffffffffffff, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:10:53 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r0, &(0x7f0000000180)='t', 0x1, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvmmsg(r0, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000023, 0x0)

[  666.133038][T12554] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  666.211908][T12555] EXT4-fs error (device loop1): ext4_fill_super:4709: inode #2: comm syz-executor.1: iget: checksum invalid
[  666.291486][   T28] audit: type=1804 audit(1600737054.203:45): pid=12562 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/79/file0" dev="sda1" ino=16380 res=1 errno=0
01:10:54 executing program 4:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0x4)
syz_open_procfs(0x0, &(0x7f0000272000))

[  666.355612][T12555] EXT4-fs (loop1): get root inode failed
[  666.361601][T12555] EXT4-fs (loop1): mount failed
01:10:54 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x72109c5fef5d34d3)
r0 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(0xffffffffffffffff, 0xf, &(0x7f0000000000)={0x0, r0})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(0xffffffffffffffff, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:10:54 executing program 2:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r4, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r4}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:10:54 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4", 0x92, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:10:54 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r0, &(0x7f0000000180)='t', 0x1, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvmmsg(r0, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000023, 0x0)

[  667.030600][   T28] audit: type=1804 audit(1600737054.943:46): pid=12570 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/80/file0" dev="sda1" ino=15723 res=1 errno=0
01:10:55 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket(0x40000000002, 0x3, 0x2)
sendto$unix(r2, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r2, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

[  667.232382][T12574] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:10:55 executing program 4:
pipe(&(0x7f0000000380)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r1, &(0x7f00000003c0)={0x2, 0x4e23, @broadcast}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
sendto$inet(r1, 0x0, 0x0, 0x200087fd, &(0x7f00000000c0)={0x2, 0x4e23, @loopback}, 0x10)
sendto$inet(r1, &(0x7f0000000180)="0c268a927f1f9d3177655992aedd7860005cf65ac618ded8974895abeaf4cc834ff922b3f1e0b02bd67a060000000000000025a3a07e758044ab4ea6f7ae55d88fecf900"/77, 0xffffffd1, 0x44870, 0x0, 0x0)
splice(r1, 0x0, r0, 0x0, 0x7fff4fec, 0x0)

01:10:55 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x72109c5fef5d34d3)
r0 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(0xffffffffffffffff, 0xf, &(0x7f0000000000)={0x0, r0})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(0xffffffffffffffff, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

[  667.670821][T12582] EXT4-fs error (device loop1): ext4_fill_super:4709: inode #2: comm syz-executor.1: iget: checksum invalid
[  667.680592][   T28] audit: type=1804 audit(1600737055.593:47): pid=12587 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/81/file0" dev="sda1" ino=16067 res=1 errno=0
01:10:55 executing program 2:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r0)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r4, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r4}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:10:55 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000180)='t', 0x1, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvmmsg(r0, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000023, 0x0)

[  667.837669][T12582] EXT4-fs (loop1): get root inode failed
[  667.843656][T12582] EXT4-fs (loop1): mount failed
01:10:55 executing program 5:
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

[  668.096197][T12592] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:10:56 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc464", 0x93, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:10:56 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000180)='t', 0x1, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvmmsg(r0, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000023, 0x0)

01:10:56 executing program 2:
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:10:56 executing program 5:
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:10:56 executing program 4:

01:10:56 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

[  668.900926][T12604] EXT4-fs error (device loop1): ext4_fill_super:4709: inode #2: comm syz-executor.1: iget: checksum invalid
01:10:56 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000180)='t', 0x1, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvmmsg(r0, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000023, 0x0)

[  668.997153][T12604] EXT4-fs (loop1): get root inode failed
[  669.003368][T12604] EXT4-fs (loop1): mount failed
[  669.019911][T12610] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:10:57 executing program 5:
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:10:57 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:10:57 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc464", 0x93, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:10:57 executing program 4:

01:10:57 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

01:10:57 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x0, @multicast1}, 0x10)
sendto$inet(r0, &(0x7f0000000180)='t', 0x1, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvmmsg(r0, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000023, 0x0)

[  669.984258][T12630] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  670.086571][T12629] EXT4-fs error (device loop1): ext4_fill_super:4709: inode #2: comm syz-executor.1: iget: checksum invalid
[  670.195740][T12629] EXT4-fs (loop1): get root inode failed
[  670.201560][T12629] EXT4-fs (loop1): mount failed
01:10:58 executing program 5:
creat(0x0, 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:10:58 executing program 4:

01:10:58 executing program 2:
r0 = socket(0x0, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:10:58 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc464", 0x93, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:10:58 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

01:10:58 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x0, @multicast1}, 0x10)
sendto$inet(r0, &(0x7f0000000180)='t', 0x1, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvmmsg(r0, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000023, 0x0)

01:10:58 executing program 4:

[  670.933016][T12649] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:10:58 executing program 5:
creat(0x0, 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

[  671.203707][T12656] EXT4-fs error (device loop1): ext4_fill_super:4709: inode #2: comm syz-executor.1: iget: checksum invalid
01:10:59 executing program 2:
r0 = socket(0x0, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

[  671.300071][T12656] EXT4-fs (loop1): get root inode failed
[  671.306015][T12656] EXT4-fs (loop1): mount failed
01:10:59 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
dup(r0)
r1 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r1, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

01:10:59 executing program 4:

01:10:59 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x0, @multicast1}, 0x10)
sendto$inet(r0, &(0x7f0000000180)='t', 0x1, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvmmsg(r0, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000023, 0x0)

01:10:59 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

[  671.819921][T12670] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:10:59 executing program 5:
creat(0x0, 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:11:00 executing program 0:
socket$inet_udplite(0x2, 0x2, 0x88)
r0 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

01:11:00 executing program 2:
r0 = socket(0x0, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:11:00 executing program 4:

01:11:00 executing program 0:
r0 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

[  672.460939][T12680] EXT4-fs error (device loop1): ext4_fill_super:4709: inode #2: comm syz-executor.1: iget: root inode unallocated
01:11:00 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(0xffffffffffffffff, &(0x7f0000000180)='t', 0x1, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvmmsg(r0, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000023, 0x0)

[  672.591951][T12680] EXT4-fs (loop1): get root inode failed
[  672.597687][T12680] EXT4-fs (loop1): mount failed
01:11:00 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:11:00 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

[  672.936914][T12694] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:11:01 executing program 0:
r0 = socket(0x0, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

01:11:01 executing program 4:

[  673.213819][   T28] audit: type=1804 audit(1600737061.124:48): pid=12701 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/88/file0" dev="sda1" ino=15685 res=1 errno=0
01:11:01 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:11:01 executing program 2:
r0 = socket(0x10, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:11:01 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(0xffffffffffffffff, &(0x7f0000000180)='t', 0x1, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvmmsg(r0, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000023, 0x0)

01:11:01 executing program 4:

[  673.705306][T12709] EXT4-fs error (device loop1): ext4_fill_super:4709: inode #2: comm syz-executor.1: iget: root inode unallocated
[  673.749544][T12709] EXT4-fs (loop1): get root inode failed
[  673.755679][T12709] EXT4-fs (loop1): mount failed
01:11:01 executing program 0:
r0 = socket(0x0, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

01:11:01 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

[  674.649985][   T28] audit: type=1804 audit(1600737062.564:49): pid=12716 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/89/file0" dev="sda1" ino=16381 res=1 errno=0
[  674.866369][T12724] EXT4-fs error (device loop1): ext4_fill_super:4709: inode #2: comm syz-executor.1: iget: root inode unallocated
01:11:02 executing program 4:

[  674.932252][T12729] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  675.019709][T12724] EXT4-fs (loop1): get root inode failed
[  675.025854][T12724] EXT4-fs (loop1): mount failed
01:11:03 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:11:03 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(0xffffffffffffffff, &(0x7f0000000180)='t', 0x1, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvmmsg(r0, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000023, 0x0)

01:11:03 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:11:03 executing program 0:
r0 = socket(0x0, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

01:11:03 executing program 2:
r0 = socket(0x10, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:11:03 executing program 4:

01:11:03 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvmmsg(r0, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000023, 0x0)

[  675.768443][   T28] audit: type=1804 audit(1600737063.684:50): pid=12742 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/90/file0" dev="sda1" ino=16374 res=1 errno=0
[  675.924375][T12743] EXT4-fs (loop1): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
01:11:03 executing program 0:
r0 = socket(0x40000000002, 0x0, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

[  676.019291][T12749] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:11:04 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x0)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:11:04 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:11:04 executing program 4:

01:11:04 executing program 2:
r0 = socket(0x10, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:11:04 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvmmsg(r0, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000023, 0x0)

[  676.731633][   T28] audit: type=1804 audit(1600737064.644:51): pid=12764 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/91/file0" dev="sda1" ino=16370 res=1 errno=0
[  676.850758][T12768] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:11:04 executing program 0:
r0 = socket(0x40000000002, 0x0, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

[  676.989159][T12769] EXT4-fs (loop1): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
01:11:05 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x0)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:11:05 executing program 4:

01:11:05 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvmmsg(r0, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000023, 0x0)

01:11:05 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x0, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:11:05 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

[  677.820437][   T28] audit: type=1804 audit(1600737065.734:52): pid=12785 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/92/file0" dev="sda1" ino=16378 res=1 errno=0
01:11:05 executing program 4:

01:11:06 executing program 0:
r0 = socket(0x40000000002, 0x0, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

[  678.119296][T12794] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:11:06 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x0)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

[  678.161053][T12795] EXT4-fs (loop1): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
01:11:06 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r0, &(0x7f0000000180), 0x0, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvmmsg(r0, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000023, 0x0)

01:11:06 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {0x0, 0x0, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:11:06 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x0, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

[  678.698542][   T28] audit: type=1804 audit(1600737066.614:53): pid=12806 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/93/file0" dev="sda1" ino=16379 res=1 errno=0
01:11:06 executing program 4:

01:11:06 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r0, &(0x7f0000000180), 0x0, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvmmsg(r0, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000023, 0x0)

01:11:07 executing program 0:
r0 = socket(0x40000000002, 0x3, 0x0)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

[  679.078467][T12812] EXT4-fs (loop1): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
01:11:07 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, 0x0, 0x0, 0x0)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

[  679.203287][T12816] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:11:07 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x0, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:11:07 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {0x0, 0x0, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:11:07 executing program 4:

[  679.603832][   T28] audit: type=1804 audit(1600737067.514:54): pid=12823 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/94/file0" dev="sda1" ino=16378 res=1 errno=0
01:11:07 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r0, &(0x7f0000000180), 0x0, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvmmsg(r0, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000023, 0x0)

01:11:07 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, 0x0, 0x0, 0x0)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:11:08 executing program 0:
r0 = socket(0x40000000002, 0x3, 0x0)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

[  680.113262][T12836] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  680.142550][T12833] EXT4-fs (loop1): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
01:11:08 executing program 4:

[  680.310404][   T28] audit: type=1804 audit(1600737068.224:55): pid=12840 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/95/file0" dev="sda1" ino=16382 res=1 errno=0
01:11:08 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:11:08 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {0x0, 0x0, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:11:08 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, 0x0, 0x0, 0x0)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:11:08 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r0, &(0x7f0000000180)='t', 0x1, 0x0, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvmmsg(r0, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000023, 0x0)

01:11:08 executing program 4:

[  680.888494][T12851] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  681.088034][T12855] EXT4-fs (loop1): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
01:11:09 executing program 0:
r0 = socket(0x40000000002, 0x3, 0x0)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

[  681.140135][   T28] audit: type=1804 audit(1600737069.054:56): pid=12856 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/96/file0" dev="sda1" ino=16384 res=1 errno=0
01:11:09 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r0, &(0x7f0000000180)='t', 0x1, 0x0, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvmmsg(r0, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000023, 0x0)

01:11:09 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000), 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:11:09 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:11:09 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080), 0x0, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:11:09 executing program 4:

[  681.837614][   T28] audit: type=1804 audit(1600737069.754:57): pid=12872 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/97/file0" dev="sda1" ino=16368 res=1 errno=0
[  681.891925][T12875] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:11:09 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r0, &(0x7f0000000180)='t', 0x1, 0x0, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvmmsg(r0, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000023, 0x0)

01:11:10 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000), 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:11:10 executing program 0:
r0 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

[  682.217252][T12879] EXT4-fs (loop1): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
01:11:10 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:11:10 executing program 4:

01:11:10 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080), 0x0, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:11:10 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r0, &(0x7f0000000180)='t', 0x1, 0x20008005, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000023, 0x0)

[  682.732845][T12889] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  682.785939][   T28] audit: type=1804 audit(1600737070.704:58): pid=12890 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/98/file0" dev="sda1" ino=15954 res=1 errno=0
01:11:11 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000), 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:11:11 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:11:11 executing program 4:

[  683.375412][T12896] EXT4-fs (loop1): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
01:11:11 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r0, &(0x7f0000000180)='t', 0x1, 0x20008005, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000023, 0x0)

[  683.561440][T12901] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:11:11 executing program 0:
r0 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

01:11:11 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080), 0x0, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

[  683.726622][   T28] audit: type=1804 audit(1600737071.644:59): pid=12907 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/99/file0" dev="sda1" ino=16365 res=1 errno=0
01:11:11 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:11:11 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(0xffffffffffffffff, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:11:12 executing program 4:

[  684.209688][T12914] EXT4-fs (loop1): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  684.309692][T12919] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:11:12 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r0, &(0x7f0000000180)='t', 0x1, 0x20008005, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000023, 0x0)

[  684.436490][   T28] audit: type=1804 audit(1600737072.354:60): pid=12923 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/100/file0" dev="sda1" ino=16371 res=1 errno=0
01:11:12 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff500200000012000000220000005900", 0x2e, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:11:12 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:11:12 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(0xffffffffffffffff, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:11:12 executing program 4:

[  685.009261][T12932] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  685.049054][T12930] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (41070!=0)
[  685.058836][T12930] EXT4-fs (loop1): group descriptors corrupted!
01:11:13 executing program 4:

01:11:13 executing program 0:
r0 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

01:11:13 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r0, &(0x7f0000000180)='t', 0x1, 0x20008005, &(0x7f0000000100), 0x10)
recvmmsg(r0, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000023, 0x0)

[  685.375289][   T28] audit: type=1804 audit(1600737073.295:61): pid=12938 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/101/file0" dev="sda1" ino=16382 res=1 errno=0
01:11:13 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, 0x0, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:11:13 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff500200000012000000220000005900", 0x2e, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:11:13 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(0xffffffffffffffff, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:11:13 executing program 4:

01:11:13 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r0, &(0x7f0000000180)='t', 0x1, 0x20008005, &(0x7f0000000100), 0x10)
recvmmsg(r0, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000023, 0x0)

[  685.999569][T12947] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:11:14 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, 0x0, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

[  686.204868][T12952] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (41070!=0)
[  686.214512][T12952] EXT4-fs (loop1): group descriptors corrupted!
01:11:14 executing program 4:
perf_event_open(&(0x7f0000000140)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sync()

[  686.422669][   T28] audit: type=1804 audit(1600737074.345:62): pid=12957 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/102/file0" dev="sda1" ino=16380 res=1 errno=0
01:11:14 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff500200000012000000220000005900", 0x2e, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:11:14 executing program 0:
r0 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

01:11:14 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, 0x0)
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

[  686.797397][T12963] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:11:14 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r0, &(0x7f0000000180)='t', 0x1, 0x20008005, &(0x7f0000000100), 0x10)
recvmmsg(r0, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000023, 0x0)

01:11:15 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, 0x0, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

[  687.245029][T12972] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (41070!=0)
[  687.254730][T12972] EXT4-fs (loop1): group descriptors corrupted!
[  687.326327][   T28] audit: type=1804 audit(1600737075.245:63): pid=12974 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/103/file0" dev="sda1" ino=15890 res=1 errno=0
01:11:15 executing program 4:
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080)='/dev/fuse\x00', 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000002100)='fuse\x00', 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB, @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000004440)={0x2020}, 0x2020)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="28000000100001080000000000005c5400000000", @ANYRES32=0x0, @ANYBLOB], 0x28}}, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(0xffffffffffffffff, 0x0, 0x0)
mount$bpf(0x20000000, &(0x7f0000000100)='./file0\x00', 0x0, 0x2001001, 0x0)
perf_event_open(&(0x7f00000003c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_config_ext}, 0x0, 0xfffffdffffffffff, 0xffffffffffffffff, 0x0)
gettid()
pivot_root(&(0x7f0000000340)='./file0\x00', &(0x7f0000000080)='./file0\x00')
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0xfffffef2, &(0x7f00000001c0)={&(0x7f0000000180)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_MASTER={0x8}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0xc)
setreuid(0x0, r4)

01:11:15 executing program 0:
r0 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

01:11:15 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df0000000000", 0x45, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:11:15 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, 0x0)
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:11:15 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r0, &(0x7f0000000180)='t', 0x1, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvmmsg(0xffffffffffffffff, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000023, 0x0)

[  687.775958][T12984] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  688.032532][T12991] fuse: Bad value for 'fd'
01:11:16 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

[  688.055678][T12991] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  688.137692][T12991] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  688.157783][T12991] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  688.168215][T12991] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  688.186223][T12991] device bridge_slave_0 left promiscuous mode
[  688.193338][T12991] bridge0: port 1(bridge_slave_0) entered disabled state
[  688.305559][   T28] audit: type=1804 audit(1600737076.225:64): pid=12996 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/104/file0" dev="sda1" ino=16068 res=1 errno=0
[  688.368203][T12995] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (35028!=57232)
[  688.378321][T12995] EXT4-fs (loop1): group descriptors corrupted!
[  688.618506][T12991] device bridge_slave_1 left promiscuous mode
[  688.625917][T12991] bridge0: port 2(bridge_slave_1) entered disabled state
01:11:16 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r0, &(0x7f0000000180)='t', 0x1, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvmmsg(0xffffffffffffffff, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000023, 0x0)

01:11:16 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, 0x0)
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

[  688.826723][T12991] bond0: (slave bond_slave_0): Releasing backup interface
01:11:16 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df0000000000", 0x45, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:11:16 executing program 0:
r0 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

[  689.225368][   T28] audit: type=1804 audit(1600737077.145:65): pid=13012 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/105/file0" dev="sda1" ino=16291 res=1 errno=0
[  689.370306][T12991] bond0: (slave bond_slave_1): Releasing backup interface
01:11:17 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r0, &(0x7f0000000180)='t', 0x1, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvmmsg(0xffffffffffffffff, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000023, 0x0)

[  689.612942][T13015] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (35028!=57232)
[  689.622987][T13015] EXT4-fs (loop1): group descriptors corrupted!
01:11:17 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df0000000000", 0x45, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

[  690.142141][T13021] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (35028!=57232)
[  690.152110][T13021] EXT4-fs (loop1): group descriptors corrupted!
[  690.528842][T12991] team0: Port device team_slave_0 removed
[  690.938897][T12991] team0: Port device team_slave_1 removed
[  690.948502][T12991] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  690.956667][T12991] batman_adv: batadv0: Removing interface: batadv_slave_0
[  691.097018][T12991] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  691.105367][T12991] batman_adv: batadv0: Removing interface: batadv_slave_1
[  691.210970][T13003] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:11:19 executing program 4:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETSF(r2, 0x560a, &(0x7f0000000040)={0x0, 0x0, 0xffffffff, 0x0, 0x0, "e43bfbffffffe63100c725b518b2bd1500"})

01:11:19 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000))
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:11:19 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r0, &(0x7f0000000180)='t', 0x1, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvmmsg(r0, 0x0, 0x0, 0x40000023, 0x0)

01:11:19 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df00"/81, 0x51, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:11:19 executing program 0:
r0 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

01:11:19 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

[  691.752105][   T28] audit: type=1804 audit(1600737079.675:66): pid=13034 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/106/file0" dev="sda1" ino=16376 res=1 errno=0
[  691.844679][T13036] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (35028!=57232)
[  691.854716][T13036] EXT4-fs (loop1): group descriptors corrupted!
[  691.967758][T13039] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:11:20 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df00"/81, 0x51, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:11:20 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r0, &(0x7f0000000180)='t', 0x1, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvmmsg(r0, 0x0, 0x0, 0x40000023, 0x0)

01:11:20 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000))
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:11:20 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:11:20 executing program 0:
r0 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

[  692.742911][T13050] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (35028!=57232)
[  692.753033][T13050] EXT4-fs (loop1): group descriptors corrupted!
[  692.869647][   T28] audit: type=1804 audit(1600737080.785:67): pid=13058 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/107/file0" dev="sda1" ino=16375 res=1 errno=0
01:11:21 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000))
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

[  693.610941][   T28] audit: type=1804 audit(1600737081.525:68): pid=13067 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/108/file0" dev="sda1" ino=15763 res=1 errno=0
01:11:21 executing program 4:
open_by_handle_at(0xffffffffffffff9c, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0)
signalfd(0xffffffffffffffff, &(0x7f0000000000), 0x8)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380))
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r0, 0x0)
clock_gettime(0x0, &(0x7f0000000180)={0x0, <r1=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

01:11:21 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r0, &(0x7f0000000180)='t', 0x1, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvmmsg(r0, 0x0, 0x0, 0x40000023, 0x0)

01:11:21 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df00"/81, 0x51, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

[  693.801550][T13063] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:11:21 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0x0, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

[  694.046607][T13075] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (35028!=57232)
[  694.056962][T13075] EXT4-fs (loop1): group descriptors corrupted!
01:11:22 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:11:22 executing program 0:
r0 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

01:11:22 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r0, &(0x7f0000000180)='t', 0x1, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvmmsg(r0, &(0x7f0000000c40), 0x0, 0x40000023, 0x0)

[  694.387065][ T1303] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
01:11:22 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df00"/87, 0x57, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:11:22 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0x0, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

[  694.939044][ T1303] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  695.004586][T13092] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (35028!=57232)
[  695.014624][T13092] EXT4-fs (loop1): group descriptors corrupted!
01:11:23 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r0, &(0x7f0000000180)='t', 0x1, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvmmsg(r0, &(0x7f0000000c40), 0x0, 0x40000023, 0x0)

[  695.096712][T13087] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  695.281216][   T28] audit: type=1804 audit(1600737083.195:69): pid=13096 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/110/file0" dev="sda1" ino=16338 res=1 errno=0
01:11:23 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df00"/87, 0x57, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:11:23 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

[  695.726627][ T1303] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  696.003054][T13101] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (35028!=57232)
[  696.013025][T13101] EXT4-fs (loop1): group descriptors corrupted!
01:11:24 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x11, 0x800000003, 0x0)
bind(r1, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
getsockname$packet(r1, &(0x7f0000000840)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000880)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@ipv6_newaddr={0x2c, 0x14, 0x121, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r2}, [@IFA_LOCAL={0x14, 0x2, @private1}]}, 0x2c}}, 0x0)

01:11:24 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r0, &(0x7f0000000180)='t', 0x1, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvmmsg(r0, &(0x7f0000000c40), 0x0, 0x40000023, 0x0)

01:11:24 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0x0, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:11:24 executing program 0:
r0 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

01:11:24 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df00"/87, 0x57, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

[  696.517523][   T28] audit: type=1804 audit(1600737084.435:70): pid=13113 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/111/file0" dev="sda1" ino=15691 res=1 errno=0
[  696.522023][ T1303] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  696.721239][T13104] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:11:24 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r0, &(0x7f0000000180)='t', 0x1, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvmmsg(r0, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)

01:11:24 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, 0x0, 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

[  696.833755][T13115] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (35028!=57232)
[  696.843823][T13115] EXT4-fs (loop1): group descriptors corrupted!
01:11:25 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:11:25 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b7", 0x5a, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

[  697.390871][ T1303] tipc: TX() has been purged, node left!
01:11:25 executing program 0:
r0 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

[  697.561307][   T28] audit: type=1804 audit(1600737085.475:71): pid=13134 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/112/file0" dev="sda1" ino=15843 res=1 errno=0
01:11:25 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r0, &(0x7f0000000180)='t', 0x1, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvmmsg(r0, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)

01:11:25 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, 0x0, 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

[  697.887300][T13139] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (47435!=57232)
[  697.897437][T13139] EXT4-fs (loop1): group descriptors corrupted!
[  698.129908][T13136] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  698.485060][   T28] audit: type=1804 audit(1600737086.405:72): pid=13148 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/113/file0" dev="sda1" ino=16378 res=1 errno=0
[  700.735569][ T1303] device hsr_slave_0 left promiscuous mode
[  700.755377][ T1303] device hsr_slave_1 left promiscuous mode
[  700.798301][ T1303] device veth1_macvtap left promiscuous mode
[  700.804744][ T1303] device veth0_macvtap left promiscuous mode
[  700.811063][ T1303] device veth1_vlan left promiscuous mode
[  700.816911][ T1303] device veth0_vlan left promiscuous mode
[  706.176368][ T1303] bond0 (unregistering): Released all slaves
[  706.401714][T13162] IPVS: ftp: loaded support on port[0] = 21
[  706.484145][ T8997] Bluetooth: hci4: command 0x0409 tx timeout
[  707.763138][T13162] chnl_net:caif_netlink_parms(): no params data found
[  708.163320][T13162] bridge0: port 1(bridge_slave_0) entered blocking state
[  708.170778][T13162] bridge0: port 1(bridge_slave_0) entered disabled state
[  708.181076][T13162] device bridge_slave_0 entered promiscuous mode
[  708.208269][T13162] bridge0: port 2(bridge_slave_1) entered blocking state
[  708.215718][T13162] bridge0: port 2(bridge_slave_1) entered disabled state
[  708.226111][T13162] device bridge_slave_1 entered promiscuous mode
[  708.301465][T13162] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  708.325363][T13162] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  708.388235][T13162] team0: Port device team_slave_0 added
[  708.402709][T13162] team0: Port device team_slave_1 added
[  708.466927][T13162] batman_adv: batadv0: Adding interface: batadv_slave_0
[  708.474757][T13162] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  708.505169][T13162] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  708.522316][T13162] batman_adv: batadv0: Adding interface: batadv_slave_1
[  708.529638][T13162] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  708.555932][T13162] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  708.563398][ T8997] Bluetooth: hci4: command 0x041b tx timeout
[  708.650628][T13162] device hsr_slave_0 entered promiscuous mode
[  708.663166][T13162] device hsr_slave_1 entered promiscuous mode
[  708.672047][T13162] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  708.681875][T13162] Cannot create hsr debugfs directory
[  709.098850][T13162] 8021q: adding VLAN 0 to HW filter on device bond0
[  709.137129][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  709.146339][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  709.166987][T13162] 8021q: adding VLAN 0 to HW filter on device team0
[  709.186721][T11310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  709.196178][T11310] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  709.205868][T11310] bridge0: port 1(bridge_slave_0) entered blocking state
[  709.213283][T11310] bridge0: port 1(bridge_slave_0) entered forwarding state
[  709.251494][T11310] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  709.261777][T11310] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  709.271917][T11310] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  709.281610][T11310] bridge0: port 2(bridge_slave_1) entered blocking state
[  709.288748][T11310] bridge0: port 2(bridge_slave_1) entered forwarding state
[  709.298207][T11310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  709.309880][T11310] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  709.331575][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  709.343174][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  709.359178][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  709.380796][T11310] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  709.391712][T11310] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  709.421095][T11310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  709.432007][T11310] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  709.461188][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  709.471350][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  709.491093][T13162] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  709.540285][T11310] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  709.547880][T11310] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  709.579023][T13162] 8021q: adding VLAN 0 to HW filter on device batadv0
[  709.716590][T11310] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  709.727594][T11310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  709.780252][T11310] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  709.789999][T11310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  709.803774][T11310] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  709.813420][T11310] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  709.834977][T13162] device veth0_vlan entered promiscuous mode
[  709.862197][T13162] device veth1_vlan entered promiscuous mode
[  709.926867][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  709.936469][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  709.946346][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  709.956020][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  709.976734][T13162] device veth0_macvtap entered promiscuous mode
[  710.001691][T13162] device veth1_macvtap entered promiscuous mode
[  710.037624][T13162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  710.048251][T13162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  710.059006][T13162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  710.069614][T13162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  710.079909][T13162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  710.091423][T13162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  710.101462][T13162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  710.112118][T13162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  710.122161][T13162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  710.132781][T13162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  710.146085][T13162] batman_adv: batadv0: Interface activated: batadv_slave_0
[  710.178757][T11310] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  710.189451][T11310] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  710.198813][T11310] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  710.209974][T11310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  710.236367][T13162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  710.247114][T13162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  710.257702][T13162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  710.268328][T13162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  710.278364][T13162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  710.288980][T13162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  710.299074][T13162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  710.309722][T13162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  710.319761][T13162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  710.330442][T13162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  710.345358][T13162] batman_adv: batadv0: Interface activated: batadv_slave_1
[  710.357309][ T8990] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  710.367806][ T8990] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  710.637706][ T8997] Bluetooth: hci4: command 0x040f tx timeout
[  710.923762][T13389] netlink: 'syz-executor.4': attribute type 2 has an invalid length.
[  710.947086][T13390] netlink: 'syz-executor.4': attribute type 2 has an invalid length.
01:11:38 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000140)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8dd0f0f6300bfc7442402c43a727fc7442406000000000f011424f30f090f013a360f0666b8c0008ec066baa100ed", 0x4e}], 0x1, 0x0, 0x0, 0x0)
sendmsg$NFT_MSG_GETOBJ_RESET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x20, 0x15, 0xa, 0x301, 0x0, 0x0, {0x0, 0x0, 0x9}, [@NFTA_OBJ_NAME={0x9, 0x2, 'syz0\x00'}]}, 0x20}}, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, 0x0}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]})
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
r4 = dup(r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, @perf_bp={0x0, 0xc}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

01:11:38 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r0, &(0x7f0000000180)='t', 0x1, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvmmsg(r0, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)

01:11:38 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, 0x0, &(0x7f0000000200))
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:11:38 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, 0x0, 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:11:38 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b7", 0x5a, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:11:38 executing program 0:
r0 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

[  711.255861][T13399] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  711.301718][T13400] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (47435!=57232)
[  711.311727][T13400] EXT4-fs (loop1): group descriptors corrupted!
[  711.380207][   T28] audit: type=1804 audit(1600737099.296:73): pid=13402 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/114/file0" dev="sda1" ino=16364 res=1 errno=0
01:11:39 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, 0x0, &(0x7f0000000200))
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:11:39 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0x41a0ae8d, 0x0)

01:11:39 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b7", 0x5a, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

[  711.761086][T13408] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
01:11:39 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:11:39 executing program 4:
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080)='/dev/fuse\x00', 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000002100)='fuse\x00', 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB, @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000004440)={0x2020, 0x0, <r1=>0x0}, 0x2020)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="28000000100001080000000000005c5400000000", @ANYRES32=0x0, @ANYBLOB="00000000d7faf00008001b0000000000c5b4e444b8e0cb839db2f6884504ff"], 0x28}}, 0x0)
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(0xffffffffffffffff, 0x0, 0x0)
mount$bpf(0x20000000, &(0x7f0000000100)='./file0\x00', 0x0, 0x2001001, 0x0)
perf_event_open(&(0x7f00000003c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_config_ext}, 0x0, 0xfffffdffffffffff, 0xffffffffffffffff, 0x0)
gettid()
pivot_root(&(0x7f0000000340)='./file0\x00', &(0x7f0000000080)='./file0\x00')
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0xfffffef2, &(0x7f00000001c0)={&(0x7f0000000180)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_MASTER={0x8}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
setreuid(0x0, 0x0)
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x0, 0x0, 0x5}}, 0x50)

[  712.147440][T13415] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:11:40 executing program 0:
r0 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

01:11:40 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, 0x0, &(0x7f0000000200))
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

[  712.485410][T13422] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (47435!=57232)
[  712.494408][   T28] audit: type=1804 audit(1600737100.416:74): pid=13429 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/115/file0" dev="sda1" ino=16364 res=1 errno=0
[  712.495467][T13422] EXT4-fs (loop1): group descriptors corrupted!
01:11:40 executing program 3:
perf_event_open(&(0x7f00000002c0)={0x2, 0x70, 0xaf, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket(0x11, 0x800000003, 0x0)
bind(r0, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
getsockname$packet(r0, &(0x7f00000003c0)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000000)=0x14)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000100)=@newqdisc={0x38, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd, 0x1, 'fq_codel\x00'}, {0x4}}]}, 0x38}, 0x1, 0x4}, 0x0)

01:11:40 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

[  712.713344][ T8997] Bluetooth: hci4: command 0x0419 tx timeout
01:11:41 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79e", 0x5b, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

[  713.433949][   T28] audit: type=1804 audit(1600737101.356:75): pid=13445 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/116/file0" dev="sda1" ino=16380 res=1 errno=0
01:11:41 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

[  713.613439][T13449] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (45320!=57232)
[  713.624261][T13449] EXT4-fs (loop1): group descriptors corrupted!
01:11:41 executing program 0:
r0 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

01:11:41 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79e", 0x5b, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

[  714.024395][   T28] audit: type=1804 audit(1600737101.946:76): pid=13456 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/117/file0" dev="sda1" ino=16360 res=1 errno=0
01:11:42 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, 0x0, 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

[  714.355064][T13461] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (45320!=57232)
[  714.365043][T13461] EXT4-fs (loop1): group descriptors corrupted!
[  714.622553][   T28] audit: type=1804 audit(1600737102.546:77): pid=13465 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/118/file0" dev="sda1" ino=16375 res=1 errno=0
01:11:42 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79e", 0x5b, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:11:42 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, 0x0, 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

[  715.095552][T13468] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (45320!=57232)
[  715.106464][T13468] EXT4-fs (loop1): group descriptors corrupted!
[  715.204066][   T28] audit: type=1804 audit(1600737103.127:78): pid=13472 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/119/file0" dev="sda1" ino=16375 res=1 errno=0
[  718.016554][T13433] bridge0: port 2(bridge_slave_1) entered disabled state
[  718.025152][T13433] bridge0: port 1(bridge_slave_0) entered disabled state
[  720.706812][T13433] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  720.930983][T13433] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  723.083399][T13434] device bridge_slave_0 left promiscuous mode
[  723.090624][T13434] bridge0: port 1(bridge_slave_0) entered disabled state
[  723.108422][T13434] device bridge_slave_1 left promiscuous mode
[  723.115401][T13434] bridge0: port 2(bridge_slave_1) entered disabled state
[  723.137054][T13434] bond0: (slave bond_slave_0): Releasing backup interface
[  723.155132][T13434] bond0: (slave bond_slave_1): Releasing backup interface
[  723.177562][T13434] team0: Port device team_slave_0 removed
[  723.196728][T13434] team0: Port device team_slave_1 removed
[  723.203908][T13434] batman_adv: batadv0: Removing interface: batadv_slave_0
[  723.215364][T13434] batman_adv: batadv0: Removing interface: batadv_slave_1
[  723.226953][T13437] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:11:51 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:11:51 executing program 4:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
request_key(&(0x7f000000aff5)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0xffffffffffffffff, 0x6c}, &(0x7f0000001fee)='R\x05rist\xe3cusgrVid:De', 0x0)

01:11:51 executing program 0:
r0 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

01:11:51 executing program 3:
write$binfmt_misc(0xffffffffffffffff, 0x0, 0xa8)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000002140)='/dev/ttyS3\x00', 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$sock(0xffffffffffffffff, 0x0, 0x0)
fcntl$F_GET_FILE_RW_HINT(r0, 0x40d, &(0x7f0000000340))
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='hugetlbfs\x00', 0x0, 0x0)
syz_mount_image$tmpfs(&(0x7f0000000000)='tmpfs\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x4a6420, &(0x7f0000000200)=ANY=[@ANYBLOB='size=0'])
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

01:11:51 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, 0x0, 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:11:51 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

[  723.554317][T13491] EXT4-fs (loop1): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  723.621655][T13495] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  723.699242][   T28] audit: type=1804 audit(1600737111.617:79): pid=13497 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/120/file0" dev="sda1" ino=16097 res=1 errno=0
01:11:51 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:11:51 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:11:51 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0x0)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:11:51 executing program 4:
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$LOOP_CLR_FD(r2, 0x80086601)

[  724.314889][T13515] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:11:52 executing program 3:

01:11:52 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:11:52 executing program 0:
r0 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

[  724.593446][T13519] EXT4-fs (loop1): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  724.679349][T13524] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  724.760508][   T28] audit: type=1804 audit(1600737112.677:80): pid=13525 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/121/file0" dev="sda1" ino=15937 res=1 errno=0
01:11:52 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:11:53 executing program 4:

01:11:53 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0x0)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:11:53 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r2, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r2}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:11:53 executing program 3:

01:11:53 executing program 0:
r0 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

[  725.464637][T13536] EXT4-fs (loop1): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  725.567283][   T28] audit: type=1804 audit(1600737113.487:81): pid=13541 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/122/file0" dev="sda1" ino=16273 res=1 errno=0
01:11:53 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0x0)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:11:53 executing program 4:

01:11:53 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:11:53 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r2, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r2}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:11:54 executing program 3:

[  726.169577][   T28] audit: type=1804 audit(1600737114.087:82): pid=13550 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/123/file0" dev="sda1" ino=16382 res=1 errno=0
01:11:54 executing program 0:
r0 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

01:11:54 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(0xffffffffffffffff, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

[  726.437334][T13554] EXT4-fs (loop1): VFS: Found ext4 filesystem with unknown checksum algorithm.
01:11:54 executing program 4:

01:11:54 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r2, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r2}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:11:54 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

[  726.805978][   T28] audit: type=1804 audit(1600737114.727:83): pid=13562 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/124/file0" dev="sda1" ino=15969 res=1 errno=0
01:11:54 executing program 3:

01:11:55 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(0xffffffffffffffff, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:11:55 executing program 4:

01:11:55 executing program 0:
r0 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x0, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

[  727.266389][T13567] EXT4-fs (loop1): VFS: Found ext4 filesystem with unknown checksum algorithm.
01:11:55 executing program 4:

01:11:55 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

[  727.637714][   T28] audit: type=1804 audit(1600737115.557:84): pid=13576 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/125/file0" dev="sda1" ino=16373 res=1 errno=0
01:11:55 executing program 3:

01:11:55 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:11:55 executing program 0:
r0 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x0, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

01:11:55 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(0xffffffffffffffff, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:11:55 executing program 4:

[  728.359118][T13585] EXT4-fs (loop1): VFS: Found ext4 filesystem with unknown checksum algorithm.
01:11:56 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:11:56 executing program 3:

[  728.624664][   T28] audit: type=1804 audit(1600737116.547:85): pid=13592 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/126/file0" dev="sda1" ino=15873 res=1 errno=0
01:11:56 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {0x0, 0x0, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:11:56 executing program 0:
r0 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x0, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

01:11:56 executing program 4:

01:11:56 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x0)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:11:57 executing program 3:

01:11:57 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

[  729.278221][   T28] audit: type=1804 audit(1600737117.198:86): pid=13605 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/127/file0" dev="sda1" ino=16372 res=1 errno=0
[  729.327569][T13601] EXT4-fs (loop1): VFS: Found ext4 filesystem with unknown checksum algorithm.
01:11:57 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x0)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

01:11:57 executing program 4:

01:11:57 executing program 0:
r0 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, 0x0, 0x0)
recvmsg(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

01:11:57 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {0x0, 0x0, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:11:57 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

[  729.948701][   T28] audit: type=1804 audit(1600737117.868:87): pid=13612 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/128/file0" dev="sda1" ino=16373 res=1 errno=0
01:11:58 executing program 3:

01:11:58 executing program 4:

01:11:58 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x0)
open(&(0x7f00000000c0)='./file0\x00', 0xe00, 0x0)

[  730.221182][T13618] EXT4-fs (loop1): VFS: Found ext4 filesystem with unknown checksum algorithm.
01:11:58 executing program 0:
r0 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, 0x0, 0x0)
recvmsg(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

01:11:58 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {0x0, 0x0, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:11:58 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:11:58 executing program 3:

[  730.826682][   T28] audit: type=1804 audit(1600737118.748:88): pid=13627 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/129/file0" dev="sda1" ino=16367 res=1 errno=0
01:11:58 executing program 4:

01:11:59 executing program 0:
r0 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, 0x0, 0x0)
recvmsg(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

[  731.079435][T13632] EXT4-fs (loop1): VFS: Found ext4 filesystem with unknown checksum algorithm.
01:11:59 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(0x0, 0xe00, 0x0)

01:11:59 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200), 0x0, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:11:59 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:11:59 executing program 3:

01:11:59 executing program 4:

[  731.884496][T13647] EXT4-fs (loop1): VFS: Found ext4 filesystem with unknown checksum algorithm.
01:11:59 executing program 0:
r0 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000001280), 0x4)
recvmsg(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

01:12:00 executing program 4:

01:12:00 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200), 0x0, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:12:00 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(0x0, 0xe00, 0x0)

01:12:00 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:12:00 executing program 3:

[  732.700679][T13662] EXT4-fs (loop1): VFS: Found ext4 filesystem with unknown checksum algorithm.
01:12:00 executing program 3:

01:12:00 executing program 0:
r0 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000001280), 0x4)
recvmsg(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

01:12:00 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(0x0, 0xe00, 0x0)

01:12:00 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:12:00 executing program 4:

01:12:00 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200), 0x0, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:12:01 executing program 0:
r0 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000001280), 0x4)
recvmsg(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

[  733.496245][T13680] EXT4-fs (loop1): VFS: Found ext4 filesystem with unknown checksum algorithm.
01:12:01 executing program 4:

01:12:01 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)

01:12:01 executing program 3:

01:12:01 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:12:01 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 ', 0x1d, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

[  734.201892][   T28] audit: type=1804 audit(1600737122.128:89): pid=13689 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/133/file0" dev="sda1" ino=16382 res=1 errno=0
01:12:02 executing program 4:

01:12:02 executing program 0:
r0 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

01:12:02 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)

01:12:02 executing program 3:

01:12:02 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

[  734.589009][T13693] EXT4-fs (loop1): VFS: Found ext4 filesystem with unknown checksum algorithm.
01:12:02 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 ', 0x1d, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

[  734.958130][   T28] audit: type=1804 audit(1600737122.878:90): pid=13702 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/134/file0" dev="sda1" ino=16364 res=1 errno=0
01:12:02 executing program 4:

01:12:03 executing program 3:

01:12:03 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x72109c5fef5d34d3)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f000003b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r1})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0xa400295e)
fcntl$notify(r0, 0xa, 0x34)
open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)

01:12:03 executing program 0:
r0 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

[  735.749594][   T28] audit: type=1804 audit(1600737123.678:91): pid=13708 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir877858162/syzkaller.gzLgFo/135/file0" dev="sda1" ino=16382 res=1 errno=0
[  735.762922][T13711] EXT4-fs (loop1): VFS: Found ext4 filesystem with unknown checksum algorithm.
[  735.806990][T13714] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'.
01:12:03 executing program 3:

01:12:03 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 ', 0x1d, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:12:04 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:12:04 executing program 4:

01:12:04 executing program 0:
r0 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x0)

01:12:04 executing program 5:

[  736.546370][T13723] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'.
01:12:04 executing program 3:

[  736.647005][T13726] EXT4-fs (loop1): VFS: Found ext4 filesystem with unknown checksum algorithm.
01:12:04 executing program 5:

01:12:04 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:12:04 executing program 4:

01:12:04 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="00000000000000000000000000000000000000000000000000000000200020000500"/43, 0x2b, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:12:05 executing program 0:
r0 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r0, 0x0, 0x0)

[  737.197703][T13735] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'.
01:12:05 executing program 5:

01:12:05 executing program 3:

01:12:05 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3, @ANYBLOB], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

[  737.679438][T13741] EXT4-fs (loop1): VFS: Found ext4 filesystem with unknown checksum algorithm.
01:12:05 executing program 4:

[  737.869521][T13747] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'.
01:12:05 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="00000000000000000000000000000000000000000000000000000000200020000500"/43, 0x2b, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:12:05 executing program 0:
r0 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r0, 0x0, 0x0)

01:12:05 executing program 5:

01:12:06 executing program 3:

01:12:06 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3, @ANYBLOB], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:12:06 executing program 4:

[  738.495844][T13755] EXT4-fs (loop1): VFS: Found ext4 filesystem with unknown checksum algorithm.
[  738.573518][T13759] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'.
01:12:06 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3, @ANYBLOB], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:12:06 executing program 5:

01:12:06 executing program 0:
r0 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10)
sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000001280)=0x150, 0x4)
recvmsg(r0, 0x0, 0x0)

01:12:06 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="00000000000000000000000000000000000000000000000000000000200020000500"/43, 0x2b, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:12:06 executing program 3:

01:12:07 executing program 4:

[  739.233445][T13766] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'.
01:12:07 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3, @ANYBLOB="ddffffffff000000140012"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:12:07 executing program 5:

01:12:07 executing program 0:

01:12:07 executing program 3:
mknod(&(0x7f0000000040)='./file0\x00', 0x1040, 0x0)
r0 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x6}}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000280)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc))
creat(&(0x7f0000000100)='./file0\x00', 0x0)
acct(&(0x7f00000000c0)='./file0\x00')
syz_open_dev$tty1(0xc, 0x4, 0x1)
clock_gettime(0x0, &(0x7f0000001780)={<r1=>0x0})
timer_settime(0x0, 0x1, &(0x7f00000017c0)={{0x0, 0x989680}, {r1}}, 0x0)
unlink(&(0x7f0000000140)='./file0\x00')
r2 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000080))
r3 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x4000000000010046)
getsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x22, &(0x7f00000001c0), &(0x7f00000002c0)=0x4)
epoll_pwait(r3, &(0x7f0000000200)=[{}, {}, {}, {}, {}, {}, {}], 0x7, 0x4, &(0x7f0000000180)={[0xffffffffffff53cc]}, 0x8)
r4 = gettid()
tkill(r4, 0x1000000000016)

01:12:07 executing program 4:
syz_open_dev$usbmon(&(0x7f0000000300)='/dev/usbmon#\x00', 0x0, 0x4041)

[  739.781768][T13771] EXT4-fs (loop1): VFS: Found ext4 filesystem with unknown checksum algorithm.
[  739.938639][T13777] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'.
01:12:08 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="00000000000000000000000000000000000000000000000000000000200020000500"/50, 0x32, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:12:08 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3, @ANYBLOB="ddffffffff000000140012"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:12:08 executing program 4:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
setuid(0xee01)
timer_create(0x8, 0x0, &(0x7f0000000040))

01:12:08 executing program 5:
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0)
ioctl$SG_SCSI_RESET(r0, 0x227d, 0x747000)

01:12:08 executing program 0:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2)
write$evdev(r0, &(0x7f000004d000)=[{}], 0xfffffe82)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r2 = open(&(0x7f00000000c0)='./file0\x00', 0x1013c1, 0x0)
r3 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r2, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad", 0x2b6)
sendfile(r2, r3, 0x0, 0x1c500)
dup(r1)
syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_PASTESEL(0xffffffffffffffff, 0x560f, 0x0)

[  740.634466][T13789] EXT4-fs (loop1): VFS: Found ext4 filesystem with unknown checksum algorithm.
[  740.655704][T13795] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'.
01:12:08 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3, @ANYBLOB="ddffffffff000000140012"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:12:08 executing program 5:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87b", 0xce}], 0x4, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01, 0xfffffffc}}}, 0x78)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x1f, r0, 0x0, 0x0)

01:12:08 executing program 4:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
syz_open_dev$evdev(0x0, 0x0, 0x0)
timer_create(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r1=>0xffffffffffffffff})
r2 = fcntl$dupfd(r1, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100)='nl80211\x00')

[  741.014043][T13783] Process accounting resumed
01:12:09 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="00000000000000000000000000000000000000000000000000000000200020000500"/50, 0x32, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:12:09 executing program 3:
mknod(&(0x7f0000000040)='./file0\x00', 0x1040, 0x0)
r0 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x6}}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000280)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc))
creat(&(0x7f0000000100)='./file0\x00', 0x0)
acct(&(0x7f00000000c0)='./file0\x00')
syz_open_dev$tty1(0xc, 0x4, 0x1)
clock_gettime(0x0, &(0x7f0000001780)={<r1=>0x0})
timer_settime(0x0, 0x1, &(0x7f00000017c0)={{0x0, 0x989680}, {r1}}, 0x0)
unlink(&(0x7f0000000140)='./file0\x00')
r2 = open(&(0x7f0000000180)='./bus\x00', 0x151042, 0x0)
ioctl$F2FS_IOC_GET_PIN_FILE(r2, 0x8004f50e, &(0x7f0000000080))
r3 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x4000000000010046)
getsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x22, &(0x7f00000001c0), &(0x7f00000002c0)=0x4)
epoll_pwait(r3, &(0x7f0000000200)=[{}, {}, {}, {}, {}, {}, {}], 0x7, 0x4, &(0x7f0000000180)={[0xffffffffffff53cc]}, 0x8)
r4 = gettid()
tkill(r4, 0x1000000000016)

[  741.075312][   T28] audit: type=1804 audit(1600737128.988:92): pid=13802 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir632869924/syzkaller.xudwgW/198/file0" dev="sda1" ino=15857 res=1 errno=0
[  741.275432][T13806] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'.
01:12:09 executing program 5:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETFLOWTABLE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)={0x14, 0x17, 0xa, 0x301}, 0x14}}, 0x0)

[  741.385133][T13809] ptrace attach of "/root/syz-executor.5"[13808] was attempted by "/root/syz-executor.5"[13809]
01:12:09 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3, @ANYBLOB="ddffffffff000000140012000c00010062"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

[  741.872953][T13819] EXT4-fs (loop1): VFS: Found ext4 filesystem with unknown checksum algorithm.
01:12:09 executing program 5:
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r0 = signalfd(0xffffffffffffffff, &(0x7f0000000000)={[0xd9]}, 0x8)
r1 = syz_genetlink_get_family_id$tipc(0x0)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000080), 0xc, &(0x7f0000000300)={&(0x7f0000000200)={0x1c, r1, 0x10, 0x70bd2a, 0x25dfdbfc, {}, ["", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x400c800}, 0x40000)
sendmsg$TIPC_CMD_GET_NETID(r0, 0x0, 0x0)
clone(0x7a900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
madvise(&(0x7f0000388000/0x1000)=nil, 0x1000, 0x65)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
perf_event_open(&(0x7f00000003c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
r4 = creat(&(0x7f0000000140)='./file0\x00', 0x0)
fallocate(r4, 0x0, 0x0, 0x8020001)

01:12:09 executing program 4:
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r0 = signalfd(0xffffffffffffffff, &(0x7f0000000000)={[0xd9]}, 0x8)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x520e, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0)='TIPC\x00')
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(r2, &(0x7f0000000340)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x833000}, 0xc, &(0x7f0000000300)={&(0x7f0000000200)={0x1c, r3, 0x10, 0x70bd2a, 0x25dfdbfc, {}, ["", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x400c800}, 0x40000)
sendmsg$TIPC_CMD_GET_NETID(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r3, 0x2, 0x70bd26, 0x25dfdbfb, {}, ["", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x9235599b852ed87d)
clone(0x7a900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
madvise(&(0x7f0000388000/0x1000)=nil, 0x1000, 0x65)
r4 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x84842, 0x0)
perf_event_open(&(0x7f00000003c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = dup(r5)
ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200)
ioctl$RTC_PLL_SET(0xffffffffffffffff, 0x40207012, 0x0)
r7 = creat(&(0x7f0000000140)='./file0\x00', 0x0)
fallocate(r7, 0x0, 0x0, 0x8020001)
write(r4, &(0x7f0000004200), 0x0)

01:12:10 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="00000000000000000000000000000000000000000000000000000000200020000500"/50, 0x32, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

[  742.291595][T13825] Process accounting resumed
01:12:10 executing program 3:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x100, 0x0, 0xcc4b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000140)=0x32, 0x4)
connect$inet(r0, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x0, &(0x7f0000000000), 0x4)
sendmmsg(r0, &(0x7f00000038c0), 0x4000000000000a8, 0x0)

[  742.364522][T13832] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  743.070470][T13841] EXT4-fs (loop1): VFS: Found ext4 filesystem with unknown checksum algorithm.
01:12:16 executing program 0:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2)
write$evdev(r0, 0x0, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r2 = open(&(0x7f00000000c0)='./file0\x00', 0x1013c1, 0x0)
r3 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r2, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987", 0x15c)
sendfile(r2, r3, 0x0, 0x1c500)
ioctl$EVIOCGKEYCODE_V2(r2, 0x80284504, &(0x7f0000000080)=""/164)
dup(r1)
syz_open_dev$tty1(0xc, 0x4, 0x1)

01:12:16 executing program 5:
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
fcntl$setlease(r0, 0x400, 0x1)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000140)=0x32, 0x4)
connect$inet(r0, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x0, &(0x7f0000000000), 0x4)
sendmmsg(0xffffffffffffffff, &(0x7f0000001b00)=[{{&(0x7f0000000200)=@phonet={0x23, 0x48, 0x2}, 0x80, &(0x7f00000013c0)=[{&(0x7f00000012c0)}], 0x1, &(0x7f0000001400)=ANY=[@ANYBLOB="38000000000000002900000004000000d0f0861e8a40da8346252766e3b3861cb88a5bd7f5da1cf4d13280b63c84e883e14504000000000000010000000000000e010000ff0000002ca9be82120be9203179b4979d2fbb0dd45a055df8c943e4547a8becf7de7c7804c58f2f5c3e319a87b22b2dfb1777540cadd28f4526923163ac367bcbd60002560bd23eb792ea4589d0dbf175d62d2c0e8c2c7ddcac52798e0193d0017d51988300491a26b45d869518ebe6f9361a82deeae10cd451cee74acfc84062e796736fe7fc3518a074fd01e06c9edf83a149b940ca8ff3078322fe43d7484ebe9082582ebd321eeb7da13f07e258fa8d60555fea9f4903fa3d5737b7ffc6b33fc51634a7dd21311c1351136c5e06644fd1f3be97f7406c98b2abafbfd4b216bb48738eec8fe3f1ad5d6ec06e4560bc15000000f000000000000000ff0000000800000021da5f64ca7f30d245e508344abb1e8b4a8acd47a24220849763b9b7973fbcb8ba3d5c99c6e9ac1b726bc1c98a281f173d474ecd4726b4615ad463477e728a4717ef805d85352ad6b8778b75d4345c88addbebe9ab459dc2981324e8b7cf28caa184398550f34e35d5ae9a8b62029f4a08e66a4712e49da6ce99d2d16d4c488049b3b0c24a8527"], 0x3c0}}], 0x1, 0x0)
sendmmsg(r0, &(0x7f00000038c0), 0x4000000000000a8, 0x0)
fcntl$setstatus(r0, 0x4, 0x0)

01:12:16 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3, @ANYBLOB="ddffffffff000000140012000c00010062"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:12:16 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
dup(r0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
clone(0x86a01780, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r3 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = dup(r4)
poll(&(0x7f00000000c0)=[{}, {}, {r5}], 0x3, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b90cb6974f527cc14538d1efb1ffe03284f6d33265be9c604c893f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x0, 0x0)
ptrace$setopts(0x4206, r3, 0x0, 0x0)
tkill(r3, 0x33)
ptrace$setregs(0xd, r3, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r3, 0x0, 0x0)

01:12:16 executing program 3:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket(0x10, 0x2, 0x0)
write(r2, &(0x7f0000000280)="1c0000001a009b8a14e5f4070009042400000000ff00000000000000", 0x1e5)

01:12:16 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401", 0x36, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

[  748.999931][T13866] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  749.075866][T13868] EXT4-fs (loop1): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
01:12:17 executing program 3:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d)
setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000300)={@in={{0x2, 0x0, @local}}, 0x0, 0x0, 0xe, 0x0, "a6d142dc40d208830e493f7f2e2d7f49fac608b362938039f867c261e2e4843032ea2ff5d58bd6e2ea289f7ddc21761ed9663902603879e6c6e0386d5e6e23d244a1fab18abaa869e6d0ca91ea09bc75"}, 0xd8)
bind$inet(r0, &(0x7f0000000440)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @local}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600), 0x4)
sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860005cf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x1df8, 0x11, 0x0, 0x27)
recvmsg(r0, &(0x7f0000001500)={0x0, 0x0, &(0x7f0000002200)=[{&(0x7f0000002240)=""/4113, 0x1011}], 0x1}, 0x100)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)

01:12:17 executing program 4:
r0 = perf_event_open(&(0x7f0000000140)={0x1, 0x70, 0x6, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0x6fff)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x2400, 0x1)

01:12:17 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3, @ANYBLOB="ddffffffff000000140012000c00010062"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:12:17 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401", 0x36, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

[  749.961858][   T28] audit: type=1804 audit(1600737137.879:93): pid=13882 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir632869924/syzkaller.xudwgW/199/file0" dev="sda1" ino=15954 res=1 errno=0
[  750.393642][T13893] EXT4-fs (loop1): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  750.566994][T13899] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:12:18 executing program 4:
mkdir(&(0x7f0000000240)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000000)='fuse\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
pivot_root(&(0x7f00000000c0)='.\x00', &(0x7f0000000040)='./file0/file0\x00')
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./file0/file0\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
umount2(&(0x7f0000000080)='./file0\x00', 0x2)
r3 = socket$netlink(0x10, 0x3, 0x0)
dup3(r3, r0, 0x0)

[  750.736785][   T28] audit: type=1804 audit(1600737138.649:94): pid=13882 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir632869924/syzkaller.xudwgW/199/file0" dev="sda1" ino=15954 res=1 errno=0
01:12:18 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401", 0x36, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:12:19 executing program 0:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2)
write$evdev(r0, 0x0, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r2 = open(&(0x7f00000000c0)='./file0\x00', 0x1013c1, 0x0)
r3 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r2, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987", 0x15c)
sendfile(r2, r3, 0x0, 0x1c500)
ioctl$EVIOCGKEYCODE_V2(r2, 0x80284504, &(0x7f0000000080)=""/164)
dup(r1)
syz_open_dev$tty1(0xc, 0x4, 0x1)

01:12:19 executing program 5:
r0 = perf_event_open(&(0x7f000025c000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x143ca, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfffbffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1)
mmap(&(0x7f00006d1000/0x10000)=nil, 0x10000, 0x1000004, 0x8031, 0xffffffffffffffff, 0x0)

01:12:19 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3, @ANYBLOB="ddffffffff000000140012000c00010062726964"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:12:19 executing program 3:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d)
setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000300)={@in={{0x2, 0x0, @local}}, 0x0, 0x0, 0xe, 0x0, "a6d142dc40d208830e493f7f2e2d7f49fac608b362938039f867c261e2e4843032ea2ff5d58bd6e2ea289f7ddc21761ed9663902603879e6c6e0386d5e6e23d244a1fab18abaa869e6d0ca91ea09bc75"}, 0xd8)
bind$inet(r0, &(0x7f0000000440)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @local}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600), 0x4)
sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860005cf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x1df8, 0x11, 0x0, 0x27)
recvmsg(r0, &(0x7f0000001500)={0x0, 0x0, &(0x7f0000002200)=[{&(0x7f0000002240)=""/4113, 0x1011}], 0x1}, 0x100)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)

[  751.529097][T13917] EXT4-fs (loop1): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
01:12:19 executing program 4:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
writev(r0, &(0x7f0000000240)=[{&(0x7f00000000c0)="390000001300034700bb65e1c3e4ffff06000000010000005600000025000000190004000400000007fd17e5ff8e0606040000000000000000", 0x39}], 0x1)
socket$netlink(0x10, 0x3, 0x0)

[  751.689180][   T28] audit: type=1804 audit(1600737139.599:95): pid=13919 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir632869924/syzkaller.xudwgW/200/file0" dev="sda1" ino=16114 res=1 errno=0
[  751.923221][T13930] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:12:19 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="0000000000000000000000000000000000000000000000000000000020002000050000000000000000000000000000000000000004010000", 0x38, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:12:20 executing program 3:
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000000, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x17)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
write$FUSE_IOCTL(0xffffffffffffffff, &(0x7f00000000c0)={0x20, 0x0, 0x0, {0x2b}}, 0x20)
r2 = dup(r1)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
r3 = gettid()
read$char_usb(r2, &(0x7f00000001c0)=""/157, 0x9d)
tkill(r3, 0x39)

01:12:20 executing program 5:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
r2 = accept4$inet(r1, &(0x7f0000000040)={0x2, 0x0, @multicast2}, &(0x7f0000000140)=0x10, 0x800)
ioctl$F2FS_IOC_WRITE_CHECKPOINT(r2, 0xf507, 0x0)
clock_gettime(0x0, &(0x7f0000000240)={<r3=>0x0, <r4=>0x0})
utimes(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)={{r3, r4/1000+60000}, {0x0, 0x2710}})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x20, 0x2, 0x0, 0x0, 0x41c1, 0x50804, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x9}, 0x0, 0x0, 0x6, 0x6, 0x10000, 0x0, 0x1}, 0x0, 0x7, r1, 0x0)
clone(0x2000000000200500, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x20000080000000, 0x0)
syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000200)='NLBL_CALIPSO\x00')
r5 = memfd_create(&(0x7f0000000180)='B\'%nod\x05\x00\x00\x1d-v\xcak\xf7\xccX\xe2^)]\x00'/35, 0x0)
write(r5, &(0x7f0000002000)='/', 0x1)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x6, 0x11, r5, 0x0)
mincore(&(0x7f0000002000/0x2000)=nil, 0x2000, &(0x7f0000000080)=""/135)
r6 = gettid()
r7 = syz_open_procfs(0x0, &(0x7f0000000500)='map_files\x00')
fchdir(r7)
mount(&(0x7f0000000000)=ANY=[], &(0x7f00000001c0)='.', 0x0, 0x5010, 0x0)
tkill(r6, 0x35)

[  752.420025][T13935] netlink: 'syz-executor.4': attribute type 4 has an invalid length.
01:12:20 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3, @ANYBLOB="ddffffffff000000140012000c00010062726964"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

[  752.531692][T13936] netlink: 'syz-executor.4': attribute type 4 has an invalid length.
01:12:20 executing program 0:
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000280)='tmpfs\x00', 0x0, 0x0)
umount2(&(0x7f0000000000)='./file0\x00', 0x4)
r0 = open(&(0x7f0000000100)='./bus\x00', 0x40842, 0x0)
pwritev(r0, &(0x7f0000000080)=[{&(0x7f0000000140)="02", 0x1}], 0x1, 0x0, 0x0)
fallocate(r0, 0x3, 0x0, 0x10000101)
umount2(&(0x7f00000000c0)='./file0\x00', 0xc)

[  752.709451][T13944] ptrace attach of "/root/syz-executor.3"[13942] was attempted by "/root/syz-executor.3"[13944]
[  752.736858][T13941] EXT4-fs (loop1): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
01:12:20 executing program 3:
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = dup(r0)
setsockopt$ARPT_SO_SET_REPLACE(r1, 0xa02000000000000, 0x60, &(0x7f0000000840)={'filter\x00', 0x1002, 0x4, 0x3d0, 0x5202, 0x0, 0xe8, 0x2e8, 0x2e8, 0x2e8, 0x4, 0x0, {[{{@arp={@initdev={0xac, 0x1e, 0x0, 0x0}, @empty, 0x0, 0x0, 0x0, 0x0, {@empty=[0x0, 0x2, 0x0, 0x0, 0xa]}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth1_vlan\x00', 'tunl0\x00'}, 0xc0, 0xe8}, @unspec=@STANDARD={0x27, '\x00', 0x0, 0xe8}}, {{@arp={@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'netdevsim0\x00', 'ip6tnl0\x00'}, 0xc0, 0xf0}, @unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@dev, @empty, @local, @loopback}}}], {{[], 0xc0, 0xe8}, {0x28}}}}, 0x420)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040)='ethtool\x00')
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(0xffffffffffffffff, 0x0, 0x4000000)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x0)

01:12:20 executing program 4:
r0 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet(r0, &(0x7f0000000880)=[{{&(0x7f0000000080)={0x2, 0x0, @rand_addr=0x4}, 0x10, &(0x7f0000000100)=[{&(0x7f00000000c0)='Q', 0x1}], 0x1}}], 0x1, 0x0)
close(r0)

[  752.857622][T13949] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  752.931033][   T28] audit: type=1400 audit(1600737140.849:96): avc:  denied  { mounton } for  pid=13953 comm="syz-executor.5" path="/proc/13953/map_files" dev="proc" ino=39625 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dir permissive=1
01:12:21 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="0000000000000000000000000000000000000000000000000000000020002000050000000000000000000000000000000000000004010000", 0x38, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:12:21 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3, @ANYBLOB="ddffffffff000000140012000c00010062726964"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:12:21 executing program 5:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
r2 = accept4$inet(r1, &(0x7f0000000040)={0x2, 0x0, @multicast2}, &(0x7f0000000140)=0x10, 0x800)
ioctl$F2FS_IOC_WRITE_CHECKPOINT(r2, 0xf507, 0x0)
clock_gettime(0x0, &(0x7f0000000240)={<r3=>0x0, <r4=>0x0})
utimes(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)={{r3, r4/1000+60000}, {0x0, 0x2710}})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x20, 0x2, 0x0, 0x0, 0x41c1, 0x50804, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x9}, 0x0, 0x0, 0x6, 0x6, 0x10000, 0x0, 0x1}, 0x0, 0x7, r1, 0x0)
clone(0x2000000000200500, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x20000080000000, 0x0)
syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000200)='NLBL_CALIPSO\x00')
r5 = memfd_create(&(0x7f0000000180)='B\'%nod\x05\x00\x00\x1d-v\xcak\xf7\xccX\xe2^)]\x00'/35, 0x0)
write(r5, &(0x7f0000002000)='/', 0x1)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x6, 0x11, r5, 0x0)
mincore(&(0x7f0000002000/0x2000)=nil, 0x2000, &(0x7f0000000080)=""/135)
r6 = gettid()
r7 = syz_open_procfs(0x0, &(0x7f0000000500)='map_files\x00')
fchdir(r7)
mount(&(0x7f0000000000)=ANY=[], &(0x7f00000001c0)='.', 0x0, 0x5010, 0x0)
tkill(r6, 0x35)

01:12:21 executing program 3:
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000000)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x29f, 0x0, 0xd0}, 0x9c)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x118a8, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
socket$nl_generic(0x10, 0x3, 0x10)
writev(r0, &(0x7f0000000140)=[{&(0x7f00000000c0)='8', 0x8758}], 0x1)

01:12:21 executing program 4:
syz_emit_ethernet(0x2a, &(0x7f0000000080)={@local, @dev, @void, {@ipv4={0x800, @generic={{0x7, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, @remote, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@lsrr={0x83, 0x3, 0xb7}, @timestamp={0x7, 0x4, 0x0, 0x3}]}}}}}}, 0x0)

[  753.594959][T13969] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  753.744995][T13975] EXT4-fs (loop1): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
01:12:21 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000040)=ANY=[], 0x208e24b)
ioctl(0xffffffffffffffff, 0x0, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, 0x0, 0x0)
ioctl$TUNSETNOCSUM(r0, 0x400454c8, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
sendfile(r3, r2, 0x0, 0x100000001)
sendmsg$alg(0xffffffffffffffff, 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x1)
r4 = syz_genetlink_get_family_id$nl80211(0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x54, 0x2, 0x6, 0x405, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x54}}, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r5, 0x40106614, &(0x7f0000000100))
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x28, r4, 0x2, 0x70bd2d, 0x25dfdbfd, {}, [@NL80211_ATTR_WIPHY={0x8, 0x1, 0x5}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x8}}]}, 0x28}}, 0x48000)
r6 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r6, 0x11b, 0x4, &(0x7f0000000880)={&(0x7f0000001000)=""/102400, 0x120000, 0x1000, 0x0, 0x2c620}, 0x1a)

01:12:22 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="0000000000000000000000000000000000000000000000000000000020002000050000000000000000000000000000000000000004010000", 0x38, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:12:22 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3, @ANYBLOB="ddffffffff000000140012000c0001006272696467"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:12:22 executing program 3:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, [], 0x1c}, 0xd}, 0x1c)

01:12:22 executing program 5:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
r2 = accept4$inet(r1, &(0x7f0000000040)={0x2, 0x0, @multicast2}, &(0x7f0000000140)=0x10, 0x800)
ioctl$F2FS_IOC_WRITE_CHECKPOINT(r2, 0xf507, 0x0)
clock_gettime(0x0, &(0x7f0000000240)={<r3=>0x0, <r4=>0x0})
utimes(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)={{r3, r4/1000+60000}, {0x0, 0x2710}})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x20, 0x2, 0x0, 0x0, 0x41c1, 0x50804, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x9}, 0x0, 0x0, 0x6, 0x6, 0x10000, 0x0, 0x1}, 0x0, 0x7, r1, 0x0)
clone(0x2000000000200500, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x20000080000000, 0x0)
syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000200)='NLBL_CALIPSO\x00')
r5 = memfd_create(&(0x7f0000000180)='B\'%nod\x05\x00\x00\x1d-v\xcak\xf7\xccX\xe2^)]\x00'/35, 0x0)
write(r5, &(0x7f0000002000)='/', 0x1)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x6, 0x11, r5, 0x0)
mincore(&(0x7f0000002000/0x2000)=nil, 0x2000, &(0x7f0000000080)=""/135)
r6 = gettid()
r7 = syz_open_procfs(0x0, &(0x7f0000000500)='map_files\x00')
fchdir(r7)
mount(&(0x7f0000000000)=ANY=[], &(0x7f00000001c0)='.', 0x0, 0x5010, 0x0)
tkill(r6, 0x35)

01:12:22 executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$cgroup_type(r0, &(0x7f0000000000)='threaded\x00', 0x100000)

[  754.415578][   T28] audit: type=1804 audit(1600737142.329:97): pid=13990 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir632869924/syzkaller.xudwgW/202/cgroup.controllers" dev="sda1" ino=15954 res=1 errno=0
[  754.610670][T13995] EXT4-fs (loop1): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
01:12:22 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c00000010000d0700000000ff03000000000010", @ANYRES32=r2, @ANYBLOB="00000000e60000001c0012000c000100626f6e64"], 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x3000000, &(0x7f0000000040)={&(0x7f00000000c0)=@newlink={0x28, 0x10, 0x825, 0x0, 0x0, {0xa, 0x0, 0x0, r5}, [@IFLA_PROTO_DOWN={0x8, 0xa, 0x10}]}, 0x28}}, 0x0)

[  754.687770][T14001] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:12:22 executing program 5:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
r2 = accept4$inet(r1, &(0x7f0000000040)={0x2, 0x0, @multicast2}, &(0x7f0000000140)=0x10, 0x800)
ioctl$F2FS_IOC_WRITE_CHECKPOINT(r2, 0xf507, 0x0)
clock_gettime(0x0, &(0x7f0000000240)={<r3=>0x0, <r4=>0x0})
utimes(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)={{r3, r4/1000+60000}, {0x0, 0x2710}})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x20, 0x2, 0x0, 0x0, 0x41c1, 0x50804, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x9}, 0x0, 0x0, 0x6, 0x6, 0x10000, 0x0, 0x1}, 0x0, 0x7, r1, 0x0)
clone(0x2000000000200500, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x20000080000000, 0x0)
syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000200)='NLBL_CALIPSO\x00')
r5 = memfd_create(&(0x7f0000000180)='B\'%nod\x05\x00\x00\x1d-v\xcak\xf7\xccX\xe2^)]\x00'/35, 0x0)
write(r5, &(0x7f0000002000)='/', 0x1)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x6, 0x11, r5, 0x0)
mincore(&(0x7f0000002000/0x2000)=nil, 0x2000, &(0x7f0000000080)=""/135)
r6 = gettid()
r7 = syz_open_procfs(0x0, &(0x7f0000000500)='map_files\x00')
fchdir(r7)
mount(&(0x7f0000000000)=ANY=[], &(0x7f00000001c0)='.', 0x0, 0x5010, 0x0)
tkill(r6, 0x35)

01:12:22 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:12:23 executing program 3:
r0 = socket$rxrpc(0x21, 0x2, 0x2)
setsockopt$RXRPC_SECURITY_KEY(r0, 0x110, 0x1, &(0x7f0000000940)=']^.&%)(\x00', 0x8)

01:12:23 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3, @ANYBLOB="ddffffffff000000140012000c0001006272696467"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

[  755.200507][T14010] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  755.298088][T14013] 8021q: adding VLAN 0 to HW filter on device bond1
[  755.309232][T14013] team0: Port device bond1 added
[  755.418674][T14013] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
01:12:23 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(serpent)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000100)="ab", 0x1)

[  755.762749][T14053] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:12:23 executing program 5:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
r2 = accept4$inet(r1, &(0x7f0000000040)={0x2, 0x0, @multicast2}, &(0x7f0000000140)=0x10, 0x800)
ioctl$F2FS_IOC_WRITE_CHECKPOINT(r2, 0xf507, 0x0)
clock_gettime(0x0, &(0x7f0000000240)={<r3=>0x0, <r4=>0x0})
utimes(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)={{r3, r4/1000+60000}, {0x0, 0x2710}})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x20, 0x2, 0x0, 0x0, 0x41c1, 0x50804, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x9}, 0x0, 0x0, 0x6, 0x6, 0x10000, 0x0, 0x1}, 0x0, 0x7, r1, 0x0)
clone(0x2000000000200500, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x20000080000000, 0x0)
syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000200)='NLBL_CALIPSO\x00')
r5 = memfd_create(&(0x7f0000000180)='B\'%nod\x05\x00\x00\x1d-v\xcak\xf7\xccX\xe2^)]\x00'/35, 0x0)
write(r5, &(0x7f0000002000)='/', 0x1)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x6, 0x11, r5, 0x0)
mincore(&(0x7f0000002000/0x2000)=nil, 0x2000, &(0x7f0000000080)=""/135)
r6 = gettid()
r7 = syz_open_procfs(0x0, &(0x7f0000000500)='map_files\x00')
fchdir(r7)
tkill(r6, 0x35)

01:12:23 executing program 4:
pipe(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
r3 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r3, &(0x7f0000000040)={0xa, 0x0, 0x0, @remote, 0x2}, 0x1c)
write$binfmt_misc(0xffffffffffffffff, 0x0, 0x4)
sendmsg$NLBL_CIPSOV4_C_LISTALL(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x14}, 0x14}}, 0x0)
write$binfmt_misc(r1, &(0x7f0000000100)=ANY=[], 0x37cb1133)
splice(r0, 0x0, r2, 0x0, 0x19404, 0x0)

[  755.896180][T14055] EXT4-fs (loop1): VFS: Found ext4 filesystem with unknown checksum algorithm.
01:12:23 executing program 3:
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_SET(r0, &(0x7f0000001980)={0x0, 0x0, &(0x7f0000001940)={&(0x7f0000000100)=ANY=[@ANYBLOB="24000000021401001adc000000000000090002000001000000000000080001"], 0x24}}, 0x0)

01:12:24 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32=r3, @ANYBLOB="ddffffffff000000140012000c0001006272696467"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:12:24 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:12:24 executing program 0:
r0 = socket$inet(0x10, 0x2000000002, 0x0)
sendmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="240000002e0007031dfffd946fa2830020200a0000000000000000e50c1be3a20400ff7e280000005e00ffffba16a0aa1c0009b3ebea966cf0554edc7de8ddeb133c2b3ce9fad90f15a36a15", 0x4c}], 0x1}, 0x0)
recvmmsg(r0, &(0x7f0000002540)=[{{0x0, 0x1b3, &(0x7f0000001600)=[{&(0x7f00000002c0)=""/160, 0x437}, {&(0x7f0000000380)=""/65, 0x41}, {&(0x7f0000000400)=""/96, 0x60}, {&(0x7f0000002580)=""/4096, 0x1008}, {&(0x7f0000000480)=""/119, 0x77}, {&(0x7f0000000040)=""/14, 0xe}], 0x6, 0x0, 0x0, 0x8}}], 0x4000000000004da, 0x42, 0x0)
getsockopt$nfc_llcp(0xffffffffffffffff, 0x118, 0x0, 0x0, 0x0)

01:12:24 executing program 5:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
r2 = accept4$inet(r1, &(0x7f0000000040)={0x2, 0x0, @multicast2}, &(0x7f0000000140)=0x10, 0x800)
ioctl$F2FS_IOC_WRITE_CHECKPOINT(r2, 0xf507, 0x0)
clock_gettime(0x0, &(0x7f0000000240)={<r3=>0x0, <r4=>0x0})
utimes(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)={{r3, r4/1000+60000}, {0x0, 0x2710}})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x20, 0x2, 0x0, 0x0, 0x41c1, 0x50804, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x9}, 0x0, 0x0, 0x6, 0x6, 0x10000, 0x0, 0x1}, 0x0, 0x7, r1, 0x0)
clone(0x2000000000200500, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x20000080000000, 0x0)
syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000200)='NLBL_CALIPSO\x00')
r5 = memfd_create(&(0x7f0000000180)='B\'%nod\x05\x00\x00\x1d-v\xcak\xf7\xccX\xe2^)]\x00'/35, 0x0)
write(r5, &(0x7f0000002000)='/', 0x1)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x6, 0x11, r5, 0x0)
mincore(&(0x7f0000002000/0x2000)=nil, 0x2000, &(0x7f0000000080)=""/135)
r6 = gettid()
r7 = syz_open_procfs(0x0, &(0x7f0000000500)='map_files\x00')
fchdir(r7)
tkill(r6, 0x35)

[  756.713716][T14079] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  756.768637][T14080] EXT4-fs (loop1): VFS: Found ext4 filesystem with unknown checksum algorithm.
01:12:24 executing program 3:
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_SET(r0, &(0x7f0000001980)={0x0, 0x0, &(0x7f0000001940)={&(0x7f0000000100)=ANY=[@ANYBLOB="24000000021401001adc000000000000090002000300000000000000080001"], 0x24}}, 0x0)

01:12:25 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:12:25 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100)="0000000000000000000000000e62162f64a54c278e3e916fa9463c88010040000c000000000000002bc4645f", 0x2c, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:12:25 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='cdg\x00', 0x4)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, [], 0x1c}, 0xd}, 0x1c)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
write$cgroup_int(r1, &(0x7f0000000000), 0xffffff6a)
socket$kcm(0x29, 0x0, 0x0)
r2 = socket$l2tp6(0xa, 0x2, 0x73)
getsockopt$IP6T_SO_GET_REVISION_TARGET(r2, 0x29, 0x45, &(0x7f0000000100)={'ipvs\x00'}, &(0x7f0000000140)=0x1e)
syz_init_net_socket$llc(0x1a, 0x3, 0x0)
ioctl$SIOCX25SENDCALLACCPT(0xffffffffffffffff, 0x89e9)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x6db6e559)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
sendto$inet6(r0, &(0x7f0000000200)="03", 0x1, 0x0, 0x0, 0x0)

01:12:25 executing program 5:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
r2 = accept4$inet(r1, &(0x7f0000000040)={0x2, 0x0, @multicast2}, &(0x7f0000000140)=0x10, 0x800)
ioctl$F2FS_IOC_WRITE_CHECKPOINT(r2, 0xf507, 0x0)
clock_gettime(0x0, &(0x7f0000000240)={<r3=>0x0, <r4=>0x0})
utimes(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)={{r3, r4/1000+60000}, {0x0, 0x2710}})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x20, 0x2, 0x0, 0x0, 0x41c1, 0x50804, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x9}, 0x0, 0x0, 0x6, 0x6, 0x10000, 0x0, 0x1}, 0x0, 0x7, r1, 0x0)
clone(0x2000000000200500, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x20000080000000, 0x0)
syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000200)='NLBL_CALIPSO\x00')
r5 = memfd_create(&(0x7f0000000180)='B\'%nod\x05\x00\x00\x1d-v\xcak\xf7\xccX\xe2^)]\x00'/35, 0x0)
write(r5, &(0x7f0000002000)='/', 0x1)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x6, 0x11, r5, 0x0)
mincore(&(0x7f0000002000/0x2000)=nil, 0x2000, &(0x7f0000000080)=""/135)
r6 = gettid()
r7 = syz_open_procfs(0x0, &(0x7f0000000500)='map_files\x00')
fchdir(r7)
tkill(r6, 0x35)

01:12:25 executing program 3:
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1, 0x3}, 0x1c)

01:12:25 executing program 0:
r0 = socket$inet(0x10, 0x2000000002, 0x0)
sendmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="240000002e0007031dfffd946fa2830020200a0000000000000000e50c1be3a20400ff7e280000005e00ffffba16a0aa1c0009b3ebea966cf0554edc7de8ddeb133c2b3ce9fad90f15a36a15", 0x4c}], 0x1}, 0x0)
recvmmsg(r0, &(0x7f0000002540)=[{{0x0, 0x1b3, &(0x7f0000001600)=[{&(0x7f00000002c0)=""/160, 0x437}, {&(0x7f0000000380)=""/65, 0x41}, {&(0x7f0000000400)=""/96, 0x60}, {&(0x7f0000002580)=""/4096, 0x1008}, {&(0x7f0000000480)=""/119, 0x77}, {&(0x7f0000000040)=""/14, 0xe}], 0x6, 0x0, 0x0, 0x8}}], 0x4000000000004da, 0x42, 0x0)
getsockopt$nfc_llcp(0xffffffffffffffff, 0x118, 0x0, 0x0, 0x0)

[  757.691830][T14097] EXT4-fs (loop1): VFS: Found ext4 filesystem with unknown checksum algorithm.
[  757.745029][T14101] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
01:12:26 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:12:26 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:12:26 executing program 5:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
r2 = accept4$inet(r1, &(0x7f0000000040)={0x2, 0x0, @multicast2}, &(0x7f0000000140)=0x10, 0x800)
ioctl$F2FS_IOC_WRITE_CHECKPOINT(r2, 0xf507, 0x0)
clock_gettime(0x0, &(0x7f0000000240)={<r3=>0x0, <r4=>0x0})
utimes(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)={{r3, r4/1000+60000}, {0x0, 0x2710}})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x20, 0x2, 0x0, 0x0, 0x41c1, 0x50804, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x9}, 0x0, 0x0, 0x6, 0x6, 0x10000, 0x0, 0x1}, 0x0, 0x7, r1, 0x0)
clone(0x2000000000200500, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x20000080000000, 0x0)
syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000200)='NLBL_CALIPSO\x00')
r5 = memfd_create(&(0x7f0000000180)='B\'%nod\x05\x00\x00\x1d-v\xcak\xf7\xccX\xe2^)]\x00'/35, 0x0)
write(r5, &(0x7f0000002000)='/', 0x1)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x6, 0x11, r5, 0x0)
mincore(&(0x7f0000002000/0x2000)=nil, 0x2000, &(0x7f0000000080)=""/135)
r6 = gettid()
syz_open_procfs(0x0, &(0x7f0000000500)='map_files\x00')
mount(&(0x7f0000000000)=ANY=[], &(0x7f00000001c0)='.', 0x0, 0x5010, 0x0)
tkill(r6, 0x35)

01:12:26 executing program 4:
socket$kcm(0x29, 0x7, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x78)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.current\x00', 0x26e1, 0x0)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000000040), 0x8)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000140))
write$cgroup_int(r0, &(0x7f0000000080), 0x87f1a7)
ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000180)=ANY=[@ANYBLOB="000000000000000000f0ff"])

01:12:26 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
r6 = socket$can_j1939(0x1d, 0x2, 0x7)
setsockopt$SO_J1939_FILTER(r6, 0x6b, 0x1, &(0x7f0000000600)=[{0x0, 0x10, {0x0, 0xff}, {0x0, 0x1}}, {0x1, 0x3, {0x1, 0xff, 0x4}, {0x0, 0x1, 0x1}, 0xfe, 0xfe}, {0x1, 0x2, {0x2, 0xf0}, {0x2, 0xf0, 0x1}, 0xfd}], 0xfffffffffffffdd8)
getsockopt$IP_VS_SO_GET_SERVICES(r6, 0x0, 0x482, &(0x7f0000000140)=""/55, &(0x7f0000000240)=0x37)
socketpair(0x2a, 0x5, 0x7, &(0x7f0000000300)={<r7=>0xffffffffffffffff})
getsockname$llc(r7, &(0x7f0000000440)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000480)=0x10)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, &(0x7f0000000540)={'broute\x00', 0x0, 0x4, 0x41, [], 0x6, &(0x7f00000003c0)=[{}, {}, {}, {}, {}, {}], &(0x7f00000004c0)=""/65}, &(0x7f0000000280)=0x78)
sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x1d7)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r8, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002011400010000000000", @ANYRES32=0x0, @ANYBLOB="0000000000c76f4503775e3a23a7073ab87e54d66704d2654729"], 0x48}}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="2000000014000104000000000000000002000000", @ANYRES32=r8, @ANYBLOB="08000200ffffe53c"], 0x20}}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=@ipv4_newaddr={0x20, 0x14, 0x401, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r8}, [@IFA_LOCAL={0x8, 0x2, @multicast2}]}, 0x20}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="2000000014000104000000000000000002000000", @ANYRES32=r8, @ANYBLOB="080002001a19a621"], 0x20}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=@newlink={0x20, 0x11, 0xa2b, 0x0, 0x0, {0x0, 0x0, 0x0, r8}}, 0x20}}, 0x0)

[  758.608787][T14120] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
01:12:26 executing program 0:
r0 = socket$inet(0x10, 0x2000000002, 0x0)
sendmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="240000002e0007031dfffd946fa2830020200a0000000000000000e50c1be3a20400ff7e280000005e00ffffba16a0aa1c0009b3ebea966cf0554edc7de8ddeb133c2b3ce9fad90f15a36a15", 0x4c}], 0x1}, 0x0)
recvmmsg(r0, &(0x7f0000002540)=[{{0x0, 0x1b3, &(0x7f0000001600)=[{&(0x7f00000002c0)=""/160, 0x437}, {&(0x7f0000000380)=""/65, 0x41}, {&(0x7f0000000400)=""/96, 0x60}, {&(0x7f0000002580)=""/4096, 0x1008}, {&(0x7f0000000480)=""/119, 0x77}, {&(0x7f0000000040)=""/14, 0xe}], 0x6, 0x0, 0x0, 0x8}}], 0x4000000000004da, 0x42, 0x0)
getsockopt$nfc_llcp(0xffffffffffffffff, 0x118, 0x0, 0x0, 0x0)

[  758.682301][T14121] EXT4-fs (loop1): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
01:12:26 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:12:27 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:12:27 executing program 5:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
r2 = accept4$inet(r1, &(0x7f0000000040)={0x2, 0x0, @multicast2}, &(0x7f0000000140)=0x10, 0x800)
ioctl$F2FS_IOC_WRITE_CHECKPOINT(r2, 0xf507, 0x0)
clock_gettime(0x0, &(0x7f0000000240)={<r3=>0x0, <r4=>0x0})
utimes(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)={{r3, r4/1000+60000}, {0x0, 0x2710}})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x20, 0x2, 0x0, 0x0, 0x41c1, 0x50804, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x9}, 0x0, 0x0, 0x6, 0x6, 0x10000, 0x0, 0x1}, 0x0, 0x7, r1, 0x0)
clone(0x2000000000200500, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x20000080000000, 0x0)
syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000200)='NLBL_CALIPSO\x00')
r5 = memfd_create(&(0x7f0000000180)='B\'%nod\x05\x00\x00\x1d-v\xcak\xf7\xccX\xe2^)]\x00'/35, 0x0)
write(r5, &(0x7f0000002000)='/', 0x1)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x6, 0x11, r5, 0x0)
mincore(&(0x7f0000002000/0x2000)=nil, 0x2000, &(0x7f0000000080)=""/135)
r6 = gettid()
syz_open_procfs(0x0, &(0x7f0000000500)='map_files\x00')
mount(&(0x7f0000000000)=ANY=[], &(0x7f00000001c0)='.', 0x0, 0x5010, 0x0)
tkill(r6, 0x35)

[  759.629892][T14161] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  759.652260][T14160] EXT4-fs (loop1): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
01:12:27 executing program 5:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
r2 = accept4$inet(r1, &(0x7f0000000040)={0x2, 0x0, @multicast2}, &(0x7f0000000140)=0x10, 0x800)
ioctl$F2FS_IOC_WRITE_CHECKPOINT(r2, 0xf507, 0x0)
clock_gettime(0x0, &(0x7f0000000240)={<r3=>0x0, <r4=>0x0})
utimes(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)={{r3, r4/1000+60000}, {0x0, 0x2710}})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x20, 0x2, 0x0, 0x0, 0x41c1, 0x50804, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x9}, 0x0, 0x0, 0x6, 0x6, 0x10000, 0x0, 0x1}, 0x0, 0x7, r1, 0x0)
clone(0x2000000000200500, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x20000080000000, 0x0)
syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000200)='NLBL_CALIPSO\x00')
r5 = memfd_create(&(0x7f0000000180)='B\'%nod\x05\x00\x00\x1d-v\xcak\xf7\xccX\xe2^)]\x00'/35, 0x0)
write(r5, &(0x7f0000002000)='/', 0x1)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x6, 0x11, r5, 0x0)
mincore(&(0x7f0000002000/0x2000)=nil, 0x2000, &(0x7f0000000080)=""/135)
r6 = gettid()
syz_open_procfs(0x0, &(0x7f0000000500)='map_files\x00')
mount(&(0x7f0000000000)=ANY=[], &(0x7f00000001c0)='.', 0x0, 0x5010, 0x0)
tkill(r6, 0x35)

01:12:27 executing program 3:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
connect$bt_l2cap(r0, &(0x7f00000000c0)={0x1f, 0x21, @fixed={[], 0x10}}, 0xe)

01:12:28 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:12:28 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:12:28 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
renameat(r0, &(0x7f0000000500)='./file2\x00', 0xffffffffffffffff, 0x0)

01:12:28 executing program 0:
r0 = socket$inet(0x10, 0x2000000002, 0x0)
sendmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="240000002e0007031dfffd946fa2830020200a0000000000000000e50c1be3a20400ff7e280000005e00ffffba16a0aa1c0009b3ebea966cf0554edc7de8ddeb133c2b3ce9fad90f15a36a15", 0x4c}], 0x1}, 0x0)
recvmmsg(r0, &(0x7f0000002540)=[{{0x0, 0x1b3, &(0x7f0000001600)=[{&(0x7f00000002c0)=""/160, 0x437}, {&(0x7f0000000380)=""/65, 0x41}, {&(0x7f0000000400)=""/96, 0x60}, {&(0x7f0000002580)=""/4096, 0x1008}, {&(0x7f0000000480)=""/119, 0x77}, {&(0x7f0000000040)=""/14, 0xe}], 0x6, 0x0, 0x0, 0x8}}], 0x4000000000004da, 0x42, 0x0)
getsockopt$nfc_llcp(0xffffffffffffffff, 0x118, 0x0, 0x0, 0x0)

01:12:28 executing program 5:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
r2 = accept4$inet(r1, &(0x7f0000000040)={0x2, 0x0, @multicast2}, &(0x7f0000000140)=0x10, 0x800)
ioctl$F2FS_IOC_WRITE_CHECKPOINT(r2, 0xf507, 0x0)
clock_gettime(0x0, &(0x7f0000000240)={<r3=>0x0, <r4=>0x0})
utimes(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)={{r3, r4/1000+60000}, {0x0, 0x2710}})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x20, 0x2, 0x0, 0x0, 0x41c1, 0x50804, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x9}, 0x0, 0x0, 0x6, 0x6, 0x10000, 0x0, 0x1}, 0x0, 0x7, r1, 0x0)
clone(0x2000000000200500, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x20000080000000, 0x0)
syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000200)='NLBL_CALIPSO\x00')
r5 = memfd_create(&(0x7f0000000180)='B\'%nod\x05\x00\x00\x1d-v\xcak\xf7\xccX\xe2^)]\x00'/35, 0x0)
write(r5, &(0x7f0000002000)='/', 0x1)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x6, 0x11, r5, 0x0)
mincore(&(0x7f0000002000/0x2000)=nil, 0x2000, &(0x7f0000000080)=""/135)
r6 = gettid()
fchdir(0xffffffffffffffff)
mount(&(0x7f0000000000)=ANY=[], &(0x7f00000001c0)='.', 0x0, 0x5010, 0x0)
tkill(r6, 0x35)

[  760.517634][T14180] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  760.540941][T14179] EXT4-fs (loop1): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
01:12:28 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {0x0, 0x0, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:12:28 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:12:28 executing program 0:
r0 = socket$inet(0x10, 0x2000000002, 0x0)
sendmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="240000002e0007031dfffd946fa2830020200a0000000000000000e50c1be3a20400ff7e280000005e00ffffba16a0aa1c0009b3ebea966cf0554edc7de8ddeb133c2b3ce9fad90f15a36a15", 0x4c}], 0x1}, 0x0)
recvmmsg(r0, &(0x7f0000002540)=[{{0x0, 0x1b3, &(0x7f0000001600)=[{&(0x7f00000002c0)=""/160, 0x437}, {&(0x7f0000000380)=""/65, 0x41}, {&(0x7f0000000400)=""/96, 0x60}, {&(0x7f0000002580)=""/4096, 0x1008}, {&(0x7f0000000480)=""/119, 0x77}, {&(0x7f0000000040)=""/14, 0xe}], 0x6, 0x0, 0x0, 0x8}}], 0x4000000000004da, 0x42, 0x0)

01:12:29 executing program 4:
getuid()
syz_mount_image$nfs(&(0x7f0000000040)='nfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{'ntfs\x00'}]})

01:12:29 executing program 5:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
r2 = accept4$inet(r1, &(0x7f0000000040)={0x2, 0x0, @multicast2}, &(0x7f0000000140)=0x10, 0x800)
ioctl$F2FS_IOC_WRITE_CHECKPOINT(r2, 0xf507, 0x0)
clock_gettime(0x0, &(0x7f0000000240)={<r3=>0x0, <r4=>0x0})
utimes(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)={{r3, r4/1000+60000}, {0x0, 0x2710}})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x20, 0x2, 0x0, 0x0, 0x41c1, 0x50804, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x9}, 0x0, 0x0, 0x6, 0x6, 0x10000, 0x0, 0x1}, 0x0, 0x7, r1, 0x0)
clone(0x2000000000200500, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x20000080000000, 0x0)
syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000200)='NLBL_CALIPSO\x00')
r5 = memfd_create(&(0x7f0000000180)='B\'%nod\x05\x00\x00\x1d-v\xcak\xf7\xccX\xe2^)]\x00'/35, 0x0)
write(r5, &(0x7f0000002000)='/', 0x1)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x6, 0x11, r5, 0x0)
mincore(&(0x7f0000002000/0x2000)=nil, 0x2000, &(0x7f0000000080)=""/135)
r6 = gettid()
fchdir(0xffffffffffffffff)
mount(&(0x7f0000000000)=ANY=[], &(0x7f00000001c0)='.', 0x0, 0x5010, 0x0)
tkill(r6, 0x35)

[  761.467754][T14196] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  761.510309][T14197] EXT4-fs (loop1): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  761.524260][T14203] nfs: Unknown parameter 'ntfs'
01:12:29 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736661e36600080820000400008000f8000020004000030000000000000001", 0x25}, {&(0x7f0000010100)='RRaA', 0x4, 0x800}, {&(0x7f0000000040)="0000000072724161050000ff", 0xc, 0x9e0}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}], 0x0, &(0x7f0000011200))

01:12:29 executing program 3:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
connect$bt_l2cap(r0, &(0x7f00000000c0)={0x1f, 0x21, @fixed={[], 0x10}}, 0xe)

01:12:29 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000001000007c", @ANYRES32, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:12:29 executing program 0:
r0 = socket$inet(0x10, 0x2000000002, 0x0)
sendmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="240000002e0007031dfffd946fa2830020200a0000000000000000e50c1be3a20400ff7e280000005e00ffffba16a0aa1c0009b3ebea966cf0554edc7de8ddeb133c2b3ce9fad90f15a36a15", 0x4c}], 0x1}, 0x0)
recvmmsg(r0, &(0x7f0000002540)=[{{0x0, 0x1b3, &(0x7f0000001600)=[{&(0x7f00000002c0)=""/160, 0x437}, {&(0x7f0000000380)=""/65, 0x41}, {&(0x7f0000000400)=""/96, 0x60}, {&(0x7f0000002580)=""/4096, 0x1008}, {&(0x7f0000000480)=""/119, 0x77}, {&(0x7f0000000040)=""/14, 0xe}], 0x6, 0x0, 0x0, 0x8}}], 0x4000000000004da, 0x42, 0x0)

01:12:29 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {0x0, 0x0, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

[  762.126963][T14215] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  762.284788][T14222] EXT4-fs (loop1): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
01:12:30 executing program 5:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
r2 = accept4$inet(r1, &(0x7f0000000040)={0x2, 0x0, @multicast2}, &(0x7f0000000140)=0x10, 0x800)
ioctl$F2FS_IOC_WRITE_CHECKPOINT(r2, 0xf507, 0x0)
clock_gettime(0x0, &(0x7f0000000240)={<r3=>0x0, <r4=>0x0})
utimes(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)={{r3, r4/1000+60000}, {0x0, 0x2710}})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x20, 0x2, 0x0, 0x0, 0x41c1, 0x50804, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x9}, 0x0, 0x0, 0x6, 0x6, 0x10000, 0x0, 0x1}, 0x0, 0x7, r1, 0x0)
clone(0x2000000000200500, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x20000080000000, 0x0)
syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000200)='NLBL_CALIPSO\x00')
r5 = memfd_create(&(0x7f0000000180)='B\'%nod\x05\x00\x00\x1d-v\xcak\xf7\xccX\xe2^)]\x00'/35, 0x0)
write(r5, &(0x7f0000002000)='/', 0x1)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x6, 0x11, r5, 0x0)
mincore(&(0x7f0000002000/0x2000)=nil, 0x2000, &(0x7f0000000080)=""/135)
r6 = gettid()
fchdir(0xffffffffffffffff)
mount(&(0x7f0000000000)=ANY=[], &(0x7f00000001c0)='.', 0x0, 0x5010, 0x0)
tkill(r6, 0x35)

01:12:30 executing program 0:
r0 = socket$inet(0x10, 0x2000000002, 0x0)
sendmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="240000002e0007031dfffd946fa2830020200a0000000000000000e50c1be3a20400ff7e280000005e00ffffba16a0aa1c0009b3ebea966cf0554edc7de8ddeb133c2b3ce9fad90f15a36a15", 0x4c}], 0x1}, 0x0)
recvmmsg(r0, &(0x7f0000002540)=[{{0x0, 0x1b3, &(0x7f0000001600)=[{&(0x7f00000002c0)=""/160, 0x437}, {&(0x7f0000000380)=""/65, 0x41}, {&(0x7f0000000400)=""/96, 0x60}, {&(0x7f0000002580)=""/4096, 0x1008}, {&(0x7f0000000480)=""/119, 0x77}, {&(0x7f0000000040)=""/14, 0xe}], 0x6, 0x0, 0x0, 0x8}}], 0x4000000000004da, 0x42, 0x0)

01:12:30 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYRES32=r3, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:12:30 executing program 4:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="1020f5f201000b0009000000030000000c000000090000000100000001000000000000000040000000000000180000001f0000000200000002000000020000000100000018000000000200000002000000060000000a0000000e000000100000030000000100000002", 0x69, 0x400}, {&(0x7f0000010a00)="4379d52700000000001000000000000002000000000000000d0000001000000012000000170000001600000015000000ffffffffffffffffffffffffffffffffffffffff01000000000000000000000000000000140000000100000000000000ffffffffffffffffffffffffffffffffffffffff010000000000000000000000000000008501000006000000010000000100000001000000040000004000000040000000fc0f", 0xa6, 0x200000}, {&(0x7f0000010b00)="000000000000000000000000000000000000000000000000000000002964039d0100030000000003000000003e", 0x2d, 0x200fe0}, {&(0x7f0000010c00)="000000000000000000000000000000000000000000000000000000060017000000010c80", 0x24, 0x2011e0}, {&(0x7f0000011600)="00000000000000000000000000000000000000000000000000000001000000004379d52700000000001000000000000002000000000000000d0000001000000012000000170000001600000015000000ffffffffffffffffffffffffffffffffffffffff01000000000000000000000000000000140000000100000000000000ffffffffffffffffffffffffffffffffffffffff010000000000000000000000000000008501000006000000010000000100000001000000040000004000000040000000fc0f", 0xc6, 0x204fe0}, {&(0x7f0000011700)="000000000000000000000000000000000000000000000000000000002964039d", 0x20, 0x205fe0}, {&(0x7f0000012100)="ed4100005cf90100535f010002000000001000000000000002", 0x19, 0x3e00000}, {&(0x7f0000012300)="00000000000000000300000003", 0xd, 0x3e00fe0}], 0x10014, &(0x7f00000015c0)=ANY=[])
pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
getuid()
getuid()
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000980)='./file0/file0\x00', 0x2f042, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file2\x00', 0x1417c2, 0x0)
pwritev(r1, &(0x7f0000000140)=[{&(0x7f0000000000)="c3", 0xfffffdef}], 0x1, 0x0, 0x0)
copy_file_range(r1, 0x0, r0, 0x0, 0xfffffffffffffffc, 0x0)

01:12:30 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {0x0, 0x0, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

01:12:31 executing program 3:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
connect$bt_l2cap(r0, &(0x7f00000000c0)={0x1f, 0x21, @fixed={[], 0x10}}, 0xe)

[  763.120335][T14236] EXT4-fs (loop1): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
01:12:31 executing program 5:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
r2 = accept4$inet(r1, &(0x7f0000000040)={0x2, 0x0, @multicast2}, &(0x7f0000000140)=0x10, 0x800)
ioctl$F2FS_IOC_WRITE_CHECKPOINT(r2, 0xf507, 0x0)
clock_gettime(0x0, &(0x7f0000000240)={<r3=>0x0, <r4=>0x0})
utimes(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)={{r3, r4/1000+60000}, {0x0, 0x2710}})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x20, 0x2, 0x0, 0x0, 0x41c1, 0x50804, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x9}, 0x0, 0x0, 0x6, 0x6, 0x10000, 0x0, 0x1}, 0x0, 0x7, r1, 0x0)
clone(0x2000000000200500, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x20000080000000, 0x0)
syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000200)='NLBL_CALIPSO\x00')
r5 = memfd_create(&(0x7f0000000180)='B\'%nod\x05\x00\x00\x1d-v\xcak\xf7\xccX\xe2^)]\x00'/35, 0x0)
write(r5, &(0x7f0000002000)='/', 0x1)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x6, 0x11, r5, 0x0)
mincore(&(0x7f0000002000/0x2000)=nil, 0x2000, &(0x7f0000000080)=""/135)
r6 = syz_open_procfs(0x0, &(0x7f0000000500)='map_files\x00')
fchdir(r6)
mount(&(0x7f0000000000)=ANY=[], &(0x7f00000001c0)='.', 0x0, 0x5010, 0x0)
tkill(0x0, 0x35)

01:12:31 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYRES32=r3, @ANYBLOB="ddffffffff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @ipv4={[], [], @local}}, @IFA_FLAGS={0x8, 0x8, 0x12}]}, 0x34}}, 0x0)

01:12:31 executing program 0:
r0 = socket$inet(0x10, 0x2000000002, 0x0)
recvmmsg(r0, &(0x7f0000002540)=[{{0x0, 0x1b3, &(0x7f0000001600)=[{&(0x7f00000002c0)=""/160, 0x437}, {&(0x7f0000000380)=""/65, 0x41}, {&(0x7f0000000400)=""/96, 0x60}, {&(0x7f0000002580)=""/4096, 0x1008}, {&(0x7f0000000480)=""/119, 0x77}, {&(0x7f0000000040)=""/14, 0xe}], 0x6, 0x0, 0x0, 0x8}}], 0x4000000000004da, 0x42, 0x0)

[  763.305625][T14238] F2FS-fs (loop4): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  763.314244][T14238] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[  763.381707][   T28] audit: type=1800 audit(1600737151.300:98): pid=14242 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="sda1" ino=16361 res=0 errno=0
[  763.477240][T14238] F2FS-fs (loop4): invalid crc_offset: 0
01:12:31 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000590000000f0000000000000001000000010000000040000000400000200000002bc4645f2bc4645f0100ffff53ef0100010000002bc4645f000000000000000001000000000000000b0000000004000038000000c20200006b0400000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e393338313134303934", 0xa2, 0x400}, {&(0x7f0000010100), 0x0, 0x4e0}, {&(0x7f0000010200)="000000000000000000000000000000000000000000000000000000002000200005000000000000000000000000000000000000000401000046", 0x39, 0x540}, {&(0x7f0000000080)="00000000000000000000000000000000000000000000000000000000f604ff5002000000120000002200000059000f0003000400000000008a5d5cf20f0090df000000000000000000000000000000000000000000000000a7b79ee9", 0x5c, 0x7e0}, {&(0x7f0000012200)="ed410000000800002bc4645f2bc4645f2bc4645f00000000000004000400000000000800050000000af301000400000000000000000000000100000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542400002000e39dbc3eef8bbc3eef8b000000002bc4645f", 0x94, 0x11400}], 0x0, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc'}}, {@nolazytime='nolazytime'}]})

[  763.691281][T14238] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0
[  763.698536][T14238] F2FS-fs (loop4): Mounted with checkpoint version = 27d57943
[  763.738587][T14241] =====================================================
[  763.745696][T14241] BUG: KMSAN: uninit-value in f2fs_lookup+0xe05/0x1a80
[  763.752565][T14241] CPU: 0 PID: 14241 Comm: syz-executor.4 Not tainted 5.9.0-rc4-syzkaller #0
[  763.761244][T14241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  763.771302][T14241] Call Trace:
[  763.774616][T14241]  dump_stack+0x21c/0x280
[  763.778982][T14241]  kmsan_report+0xf7/0x1e0
[  763.783426][T14241]  __msan_warning+0x58/0xa0
[  763.787956][T14241]  f2fs_lookup+0xe05/0x1a80
[  763.792495][T14241]  ? kmsan_get_shadow_origin_ptr+0x81/0xb0
[  763.798342][T14241]  ? f2fs_encrypted_get_link+0x570/0x570
[  763.804083][T14241]  path_openat+0x2729/0x6a90
[  763.808751][T14241]  ? kmsan_get_metadata+0x116/0x180
[  763.813983][T14241]  do_filp_open+0x2b8/0x710
[  763.818556][T14241]  do_sys_openat2+0xa88/0x1140
[  763.823402][T14241]  __se_compat_sys_openat+0x2a4/0x310
[  763.828827][T14241]  __ia32_compat_sys_openat+0x56/0x70
[  763.834218][T14241]  __do_fast_syscall_32+0x129/0x180
[  763.839443][T14241]  do_fast_syscall_32+0x6a/0xc0
[  763.844320][T14241]  do_SYSENTER_32+0x73/0x90
[  763.848850][T14241]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  763.855190][T14241] RIP: 0023:0xf7f2a549
[  763.859273][T14241] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  763.878891][T14241] RSP: 002b:00000000f55030cc EFLAGS: 00000296 ORIG_RAX: 0000000000000127
[  763.887328][T14241] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000980
[  763.895327][T14241] RDX: 000000000002f042 RSI: 0000000000000000 RDI: 0000000000000000
[  763.903323][T14241] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  763.911315][T14241] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  763.919311][T14241] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  763.927315][T14241] 
[  763.929658][T14241] Local variable ----page@f2fs_lookup created at:
[  763.936092][T14241]  f2fs_lookup+0x8f/0x1a80
[  763.940519][T14241]  f2fs_lookup+0x8f/0x1a80
[  763.944928][T14241] =====================================================
[  763.952551][T14241] Disabling lock debugging due to kernel taint
[  763.958706][T14241] Kernel panic - not syncing: panic_on_warn set ...
[  763.965309][T14241] CPU: 0 PID: 14241 Comm: syz-executor.4 Tainted: G    B             5.9.0-rc4-syzkaller #0
[  763.975375][T14241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  763.985448][T14241] Call Trace:
[  763.988762][T14241]  dump_stack+0x21c/0x280
[  763.993204][T14241]  panic+0x4d7/0xef7
[  763.997152][T14241]  ? add_taint+0x17c/0x210
[  764.001604][T14241]  kmsan_report+0x1df/0x1e0
[  764.006128][T14241]  __msan_warning+0x58/0xa0
[  764.010668][T14241]  f2fs_lookup+0xe05/0x1a80
[  764.015200][T14241]  ? kmsan_get_shadow_origin_ptr+0x81/0xb0
[  764.021036][T14241]  ? f2fs_encrypted_get_link+0x570/0x570
[  764.026679][T14241]  path_openat+0x2729/0x6a90
[  764.031351][T14241]  ? kmsan_get_metadata+0x116/0x180
[  764.036572][T14241]  do_filp_open+0x2b8/0x710
[  764.041155][T14241]  do_sys_openat2+0xa88/0x1140
[  764.045955][T14241]  __se_compat_sys_openat+0x2a4/0x310
[  764.051357][T14241]  __ia32_compat_sys_openat+0x56/0x70
[  764.056742][T14241]  __do_fast_syscall_32+0x129/0x180
[  764.061957][T14241]  do_fast_syscall_32+0x6a/0xc0
[  764.066825][T14241]  do_SYSENTER_32+0x73/0x90
[  764.071345][T14241]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  764.077675][T14241] RIP: 0023:0xf7f2a549
[  764.081748][T14241] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  764.101363][T14241] RSP: 002b:00000000f55030cc EFLAGS: 00000296 ORIG_RAX: 0000000000000127
[  764.109796][T14241] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000980
[  764.117776][T14241] RDX: 000000000002f042 RSI: 0000000000000000 RDI: 0000000000000000
[  764.125769][T14241] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  764.133743][T14241] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  764.141718][T14241] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  764.150978][T14241] Kernel Offset: disabled
[  764.155346][T14241] Rebooting in 86400 seconds..