[ 56.829900] audit: type=1800 audit(1542884466.879:26): pid=6566 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 56.849362] audit: type=1800 audit(1542884466.889:27): pid=6566 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [ 56.868995] audit: type=1800 audit(1542884466.909:28): pid=6566 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 58.555910] audit: type=1800 audit(1542884468.609:29): pid=6566 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.103' (ECDSA) to the list of known hosts. 2018/11/22 11:01:20 fuzzer started 2018/11/22 11:01:25 dialing manager at 10.128.0.26:34299 2018/11/22 11:01:25 syscalls: 1 2018/11/22 11:01:25 code coverage: enabled 2018/11/22 11:01:25 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled 2018/11/22 11:01:25 setuid sandbox: enabled 2018/11/22 11:01:25 namespace sandbox: enabled 2018/11/22 11:01:25 Android sandbox: /sys/fs/selinux/policy does not exist 2018/11/22 11:01:25 fault injection: enabled 2018/11/22 11:01:25 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2018/11/22 11:01:25 net packet injection: enabled 2018/11/22 11:01:25 net device setup: enabled 11:03:45 executing program 0: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x2, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, [@sadb_x_nat_t_type={0x1, 0x8}, @sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0xfffffffb}]}, 0x40}}, 0x0) syzkaller login: [ 216.576632] IPVS: ftp: loaded support on port[0] = 21 [ 218.627250] bridge0: port 1(bridge_slave_0) entered blocking state [ 218.633800] bridge0: port 1(bridge_slave_0) entered disabled state [ 218.642242] device bridge_slave_0 entered promiscuous mode [ 218.762815] bridge0: port 2(bridge_slave_1) entered blocking state [ 218.769274] bridge0: port 2(bridge_slave_1) entered disabled state [ 218.777685] device bridge_slave_1 entered promiscuous mode [ 218.899536] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 219.020458] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 219.390788] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 219.516272] bond0: Enslaving bond_slave_1 as an active interface with an up link 11:03:49 executing program 1: perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x5, 0x108000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x80002, 0x0) getsockopt$IP6T_SO_GET_REVISION_MATCH(r0, 0x29, 0x44, &(0x7f0000000000)={'TPROXY\x00'}, &(0x7f0000000080)=0x1e) [ 220.247594] IPVS: ftp: loaded support on port[0] = 21 [ 220.288759] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 220.296755] team0: Port device team_slave_0 added [ 220.419029] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 220.427043] team0: Port device team_slave_1 added [ 220.667471] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 220.675726] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 220.684607] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 220.834295] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 221.043267] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 221.050910] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 221.059940] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 221.273390] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 221.280915] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 221.290387] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 223.608226] bridge0: port 2(bridge_slave_1) entered blocking state [ 223.614920] bridge0: port 2(bridge_slave_1) entered forwarding state [ 223.621948] bridge0: port 1(bridge_slave_0) entered blocking state [ 223.628386] bridge0: port 1(bridge_slave_0) entered forwarding state [ 223.636934] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 223.652275] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 223.732646] bridge0: port 1(bridge_slave_0) entered blocking state [ 223.739222] bridge0: port 1(bridge_slave_0) entered disabled state [ 223.747656] device bridge_slave_0 entered promiscuous mode [ 223.872095] bridge0: port 2(bridge_slave_1) entered blocking state [ 223.878568] bridge0: port 2(bridge_slave_1) entered disabled state [ 223.887103] device bridge_slave_1 entered promiscuous mode [ 224.026250] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 224.190694] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 224.728621] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 224.877066] bond0: Enslaving bond_slave_1 as an active interface with an up link 11:03:55 executing program 2: r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2) ioctl$RNDGETENTCNT(r0, 0x80045200, &(0x7f00000002c0)) [ 224.999608] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 225.006997] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 225.171492] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 225.178719] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 225.862075] IPVS: ftp: loaded support on port[0] = 21 [ 225.923830] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 225.931571] team0: Port device team_slave_0 added [ 226.193258] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 226.201049] team0: Port device team_slave_1 added [ 226.438180] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 226.445368] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 226.454015] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 226.734616] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 226.741851] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 226.750281] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 227.015282] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 227.023027] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 227.031992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 227.308149] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 227.315864] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 227.325023] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 228.030546] not chained 10000 origins [ 228.034428] CPU: 0 PID: 6959 Comm: ip Not tainted 4.20.0-rc3+ #92 [ 228.040662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 228.050021] Call Trace: [ 228.052627] dump_stack+0x32d/0x480 [ 228.056276] ? save_stack_trace+0xc6/0x110 [ 228.060530] kmsan_internal_chain_origin+0x222/0x240 [ 228.065666] ? kmsan_internal_chain_origin+0x136/0x240 [ 228.070954] ? __msan_chain_origin+0x6d/0xb0 [ 228.075546] ? __save_stack_trace+0x8be/0xc60 [ 228.080048] ? save_stack_trace+0xc6/0x110 [ 228.084297] ? kmsan_internal_chain_origin+0x136/0x240 [ 228.089580] ? kmsan_memcpy_origins+0x13d/0x190 [ 228.094279] ? __msan_memcpy+0x6f/0x80 [ 228.098179] ? nla_put+0x20a/0x2d0 [ 228.101732] ? br_port_fill_attrs+0x366/0x1ea0 [ 228.106328] ? br_port_fill_slave_info+0xff/0x120 [ 228.111184] ? rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 228.115692] ? rtnl_dump_ifinfo+0x18b5/0x2140 [ 228.120200] ? netlink_dump+0xc79/0x1c90 [ 228.124281] ? netlink_recvmsg+0xec2/0x19d0 [ 228.128632] ? sock_recvmsg+0x1d1/0x230 [ 228.132619] ? ___sys_recvmsg+0x444/0xae0 [ 228.136773] ? __se_sys_recvmsg+0x2fa/0x450 [ 228.141103] ? __x64_sys_recvmsg+0x4a/0x70 [ 228.145354] ? do_syscall_64+0xcf/0x110 [ 228.149337] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 228.154721] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 228.159835] ? kmsan_internal_chain_origin+0x1e3/0x240 [ 228.165134] ? kmsan_internal_chain_origin+0x136/0x240 [ 228.170425] ? __msan_chain_origin+0x6d/0xb0 [ 228.174845] ? save_stack_trace+0xfa/0x110 [ 228.179107] ? kmsan_internal_chain_origin+0x136/0x240 [ 228.184401] ? kmsan_memcpy_origins+0x13d/0x190 [ 228.189086] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 228.194548] ? in_task_stack+0x12c/0x210 [ 228.198626] __msan_chain_origin+0x6d/0xb0 [ 228.202881] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 228.208252] __save_stack_trace+0x8be/0xc60 [ 228.212610] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 228.217986] save_stack_trace+0xc6/0x110 [ 228.222062] kmsan_internal_chain_origin+0x136/0x240 [ 228.227194] ? kmsan_internal_chain_origin+0x136/0x240 [ 228.232485] ? kmsan_memcpy_origins+0x13d/0x190 [ 228.237170] ? __msan_memcpy+0x6f/0x80 [ 228.241071] ? nla_put+0x20a/0x2d0 [ 228.244623] ? br_port_fill_attrs+0x366/0x1ea0 [ 228.249236] ? br_port_fill_slave_info+0xff/0x120 [ 228.254089] ? rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 228.258588] ? rtnl_dump_ifinfo+0x18b5/0x2140 [ 228.263088] ? netlink_dump+0xc79/0x1c90 [ 228.267160] ? netlink_recvmsg+0xec2/0x19d0 [ 228.271487] ? sock_recvmsg+0x1d1/0x230 [ 228.275466] ? ___sys_recvmsg+0x444/0xae0 [ 228.279621] ? __se_sys_recvmsg+0x2fa/0x450 [ 228.283947] ? __x64_sys_recvmsg+0x4a/0x70 [ 228.288547] ? do_syscall_64+0xcf/0x110 [ 228.292548] ? __msan_poison_alloca+0x1e0/0x270 [ 228.297240] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 228.302610] ? find_next_bit+0x25b/0x2a0 [ 228.306679] ? vmalloc_to_page+0x585/0x6c0 [ 228.310931] ? kmsan_set_origin+0x7f/0x100 [ 228.315192] kmsan_memcpy_origins+0x13d/0x190 [ 228.319726] __msan_memcpy+0x6f/0x80 [ 228.323452] nla_put+0x20a/0x2d0 [ 228.326845] br_port_fill_attrs+0x366/0x1ea0 [ 228.331276] br_port_fill_slave_info+0xff/0x120 [ 228.335976] ? br_port_get_slave_size+0x30/0x30 [ 228.340654] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 228.345014] rtnl_dump_ifinfo+0x18b5/0x2140 [ 228.349407] ? kmsan_set_origin+0x7f/0x100 [ 228.353657] ? kmsan_internal_unpoison_shadow+0x26/0x30 [ 228.359035] ? rtnl_getlink+0xec0/0xec0 [ 228.363021] netlink_dump+0xc79/0x1c90 [ 228.366942] netlink_recvmsg+0xec2/0x19d0 [ 228.371124] sock_recvmsg+0x1d1/0x230 [ 228.374946] ? netlink_sendmsg+0x1440/0x1440 [ 228.379368] ___sys_recvmsg+0x444/0xae0 [ 228.383371] ? __msan_poison_alloca+0x1e0/0x270 [ 228.388062] ? __se_sys_recvmsg+0xca/0x450 [ 228.392484] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 228.397862] ? __fdget+0x23c/0x440 [ 228.401428] __se_sys_recvmsg+0x2fa/0x450 [ 228.405597] __x64_sys_recvmsg+0x4a/0x70 [ 228.409667] do_syscall_64+0xcf/0x110 [ 228.413490] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 228.418685] RIP: 0033:0x7fc233915210 [ 228.422415] Code: 31 d2 48 29 c2 64 89 11 48 83 c8 ff eb ea 90 90 90 90 90 90 90 90 90 90 90 90 83 3d e5 d3 2a 00 00 75 10 b8 2f 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 6e bb 00 00 48 89 04 24 [ 228.441323] RSP: 002b:00007fffa5ab9528 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 228.449036] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc233915210 [ 228.456320] RDX: 0000000000000000 RSI: 00007fffa5ab9570 RDI: 0000000000000003 [ 228.463595] RBP: 0000000000001fe4 R08: 00007fc233bbeec8 R09: 0000000000000000 [ 228.470956] R10: 0000000000000008 R11: 0000000000000246 R12: 00000000006395c0 [ 228.478234] R13: 00007fffa5abd600 R14: 0000000000001fe4 R15: 00007fffa5abb594 [ 228.485521] Uninit was stored to memory at: [ 228.489857] kmsan_internal_chain_origin+0x136/0x240 [ 228.494973] __msan_chain_origin+0x6d/0xb0 [ 228.499225] __save_stack_trace+0x8be/0xc60 [ 228.503554] save_stack_trace+0xc6/0x110 [ 228.507623] kmsan_internal_chain_origin+0x136/0x240 [ 228.512738] kmsan_memcpy_origins+0x13d/0x190 [ 228.517250] __msan_memcpy+0x6f/0x80 [ 228.520969] nla_put+0x20a/0x2d0 [ 228.524358] br_port_fill_attrs+0x366/0x1ea0 [ 228.528772] br_port_fill_slave_info+0xff/0x120 [ 228.533449] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 228.537779] rtnl_dump_ifinfo+0x18b5/0x2140 [ 228.542113] netlink_dump+0xc79/0x1c90 [ 228.546017] netlink_recvmsg+0xec2/0x19d0 [ 228.550180] sock_recvmsg+0x1d1/0x230 [ 228.553989] ___sys_recvmsg+0x444/0xae0 [ 228.557968] __se_sys_recvmsg+0x2fa/0x450 [ 228.562119] __x64_sys_recvmsg+0x4a/0x70 [ 228.566199] do_syscall_64+0xcf/0x110 [ 228.570011] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 228.575288] [ 228.576919] Uninit was stored to memory at: [ 228.581260] kmsan_internal_chain_origin+0x136/0x240 [ 228.586378] __msan_chain_origin+0x6d/0xb0 [ 228.590622] __save_stack_trace+0x8be/0xc60 [ 228.594951] save_stack_trace+0xc6/0x110 [ 228.599019] kmsan_internal_chain_origin+0x136/0x240 [ 228.604135] kmsan_memcpy_origins+0x13d/0x190 [ 228.608664] __msan_memcpy+0x6f/0x80 [ 228.612386] nla_put+0x20a/0x2d0 [ 228.615758] br_port_fill_attrs+0x366/0x1ea0 [ 228.620176] br_port_fill_slave_info+0xff/0x120 [ 228.624857] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 228.629187] rtnl_dump_ifinfo+0x18b5/0x2140 [ 228.633523] netlink_dump+0xc79/0x1c90 [ 228.637416] netlink_recvmsg+0xec2/0x19d0 [ 228.641569] sock_recvmsg+0x1d1/0x230 [ 228.645373] ___sys_recvmsg+0x444/0xae0 [ 228.649348] __se_sys_recvmsg+0x2fa/0x450 [ 228.653500] __x64_sys_recvmsg+0x4a/0x70 [ 228.657562] do_syscall_64+0xcf/0x110 [ 228.661368] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 228.666553] [ 228.668192] Uninit was stored to memory at: [ 228.672531] kmsan_internal_chain_origin+0x136/0x240 [ 228.677647] __msan_chain_origin+0x6d/0xb0 [ 228.681888] __save_stack_trace+0x8be/0xc60 [ 228.686212] save_stack_trace+0xc6/0x110 [ 228.690282] kmsan_internal_chain_origin+0x136/0x240 [ 228.695400] kmsan_memcpy_origins+0x13d/0x190 [ 228.699901] __msan_memcpy+0x6f/0x80 [ 228.703624] nla_put+0x20a/0x2d0 [ 228.706999] br_port_fill_attrs+0x366/0x1ea0 [ 228.711411] br_port_fill_slave_info+0xff/0x120 [ 228.716090] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 228.720502] rtnl_dump_ifinfo+0x18b5/0x2140 [ 228.724828] netlink_dump+0xc79/0x1c90 [ 228.728721] netlink_recvmsg+0xec2/0x19d0 [ 228.732874] sock_recvmsg+0x1d1/0x230 [ 228.736682] ___sys_recvmsg+0x444/0xae0 [ 228.740747] __se_sys_recvmsg+0x2fa/0x450 [ 228.744901] __x64_sys_recvmsg+0x4a/0x70 [ 228.748968] do_syscall_64+0xcf/0x110 [ 228.752779] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 228.757965] [ 228.759596] Uninit was stored to memory at: [ 228.763924] kmsan_internal_chain_origin+0x136/0x240 [ 228.769030] __msan_chain_origin+0x6d/0xb0 [ 228.773272] __save_stack_trace+0x8be/0xc60 [ 228.777604] save_stack_trace+0xc6/0x110 [ 228.781671] kmsan_internal_chain_origin+0x136/0x240 [ 228.786782] kmsan_memcpy_origins+0x13d/0x190 [ 228.791280] __msan_memcpy+0x6f/0x80 [ 228.795008] nla_put+0x20a/0x2d0 [ 228.798384] br_port_fill_attrs+0x366/0x1ea0 [ 228.802798] br_port_fill_slave_info+0xff/0x120 [ 228.807469] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 228.811814] rtnl_dump_ifinfo+0x18b5/0x2140 [ 228.816152] netlink_dump+0xc79/0x1c90 [ 228.820045] netlink_recvmsg+0xec2/0x19d0 [ 228.824198] sock_recvmsg+0x1d1/0x230 [ 228.828006] ___sys_recvmsg+0x444/0xae0 [ 228.831985] __se_sys_recvmsg+0x2fa/0x450 [ 228.836146] __x64_sys_recvmsg+0x4a/0x70 [ 228.840215] do_syscall_64+0xcf/0x110 [ 228.844033] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 228.849222] [ 228.850851] Uninit was stored to memory at: [ 228.855199] kmsan_internal_chain_origin+0x136/0x240 [ 228.860394] __msan_chain_origin+0x6d/0xb0 [ 228.864635] __save_stack_trace+0x8be/0xc60 [ 228.868963] save_stack_trace+0xc6/0x110 [ 228.873039] kmsan_internal_chain_origin+0x136/0x240 [ 228.878159] kmsan_memcpy_origins+0x13d/0x190 [ 228.882658] __msan_memcpy+0x6f/0x80 [ 228.886382] nla_put+0x20a/0x2d0 [ 228.889755] br_port_fill_attrs+0x366/0x1ea0 [ 228.894182] br_port_fill_slave_info+0xff/0x120 [ 228.898855] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 228.903179] rtnl_dump_ifinfo+0x18b5/0x2140 [ 228.907508] netlink_dump+0xc79/0x1c90 [ 228.911403] netlink_recvmsg+0xec2/0x19d0 [ 228.915581] sock_recvmsg+0x1d1/0x230 [ 228.919389] ___sys_recvmsg+0x444/0xae0 [ 228.923369] __se_sys_recvmsg+0x2fa/0x450 [ 228.927518] __x64_sys_recvmsg+0x4a/0x70 [ 228.931583] do_syscall_64+0xcf/0x110 [ 228.935397] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 228.940582] [ 228.942209] Uninit was stored to memory at: [ 228.946541] kmsan_internal_chain_origin+0x136/0x240 [ 228.951650] __msan_chain_origin+0x6d/0xb0 [ 228.955897] __save_stack_trace+0x8be/0xc60 [ 228.960238] save_stack_trace+0xc6/0x110 [ 228.964313] kmsan_internal_chain_origin+0x136/0x240 [ 228.969420] kmsan_memcpy_origins+0x13d/0x190 [ 228.973921] __msan_memcpy+0x6f/0x80 [ 228.977641] nla_put+0x20a/0x2d0 [ 228.981014] br_port_fill_attrs+0x366/0x1ea0 [ 228.985429] br_port_fill_slave_info+0xff/0x120 [ 228.990106] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 228.994442] rtnl_dump_ifinfo+0x18b5/0x2140 [ 228.998780] netlink_dump+0xc79/0x1c90 [ 229.002672] netlink_recvmsg+0xec2/0x19d0 [ 229.006821] sock_recvmsg+0x1d1/0x230 [ 229.010624] ___sys_recvmsg+0x444/0xae0 [ 229.014602] __se_sys_recvmsg+0x2fa/0x450 [ 229.018752] __x64_sys_recvmsg+0x4a/0x70 [ 229.022817] do_syscall_64+0xcf/0x110 [ 229.026625] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 229.031807] [ 229.033436] Uninit was stored to memory at: [ 229.037765] kmsan_internal_chain_origin+0x136/0x240 [ 229.042885] __msan_chain_origin+0x6d/0xb0 [ 229.047125] __save_stack_trace+0x8be/0xc60 [ 229.051459] save_stack_trace+0xc6/0x110 [ 229.055545] kmsan_internal_chain_origin+0x136/0x240 [ 229.060655] kmsan_memcpy_origins+0x13d/0x190 [ 229.065164] __msan_memcpy+0x6f/0x80 [ 229.068901] nla_put+0x20a/0x2d0 [ 229.072279] br_port_fill_attrs+0x366/0x1ea0 [ 229.076703] br_port_fill_slave_info+0xff/0x120 [ 229.081380] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 229.085807] rtnl_dump_ifinfo+0x18b5/0x2140 [ 229.090136] netlink_dump+0xc79/0x1c90 [ 229.094036] netlink_recvmsg+0xec2/0x19d0 [ 229.098192] sock_recvmsg+0x1d1/0x230 [ 229.102013] ___sys_recvmsg+0x444/0xae0 [ 229.105994] __se_sys_recvmsg+0x2fa/0x450 [ 229.110148] __x64_sys_recvmsg+0x4a/0x70 [ 229.114216] do_syscall_64+0xcf/0x110 [ 229.118028] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 229.123213] [ 229.124841] Local variable description: ----c.i.i@should_fail [ 229.130722] Variable was created at: [ 229.134451] should_fail+0x162/0x13c0 [ 229.138278] __alloc_pages_nodemask+0x73f/0x63e0 [ 231.064158] bridge0: port 1(bridge_slave_0) entered blocking state [ 231.070636] bridge0: port 1(bridge_slave_0) entered disabled state [ 231.079152] device bridge_slave_0 entered promiscuous mode [ 231.347550] bridge0: port 2(bridge_slave_1) entered blocking state [ 231.354269] bridge0: port 2(bridge_slave_1) entered disabled state [ 231.362877] device bridge_slave_1 entered promiscuous mode [ 231.487777] bridge0: port 2(bridge_slave_1) entered blocking state [ 231.494342] bridge0: port 2(bridge_slave_1) entered forwarding state [ 231.501216] bridge0: port 1(bridge_slave_0) entered blocking state [ 231.507808] bridge0: port 1(bridge_slave_0) entered forwarding state [ 231.516307] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 231.537704] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready 11:04:01 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x1000085) r1 = memfd_create(&(0x7f0000000100)='\x00', 0x0) getegid() keyctl$chown(0x4, 0x0, 0x0, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x1081806) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) write$P9_RFSYNC(r0, &(0x7f0000000000)={0x7, 0x33, 0x1}, 0x7) [ 231.820112] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 231.941939] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 232.596324] IPVS: ftp: loaded support on port[0] = 21 [ 232.655602] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 232.996821] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 233.327001] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 233.334266] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 233.660806] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 233.668036] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 234.587535] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 234.595542] team0: Port device team_slave_0 added [ 234.922002] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 234.929863] team0: Port device team_slave_1 added [ 235.125749] 8021q: adding VLAN 0 to HW filter on device bond0 [ 235.293306] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 235.300367] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 235.309116] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 235.601266] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 235.608506] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 235.617334] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 235.932154] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 235.939796] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 235.949049] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 236.292633] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 236.342925] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 236.350504] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 236.359470] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 237.390679] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 237.397121] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 237.405051] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 237.684087] bridge0: port 1(bridge_slave_0) entered blocking state [ 237.690656] bridge0: port 1(bridge_slave_0) entered disabled state [ 237.699252] device bridge_slave_0 entered promiscuous mode [ 238.154035] bridge0: port 2(bridge_slave_1) entered blocking state [ 238.160540] bridge0: port 2(bridge_slave_1) entered disabled state [ 238.168974] device bridge_slave_1 entered promiscuous mode [ 238.544933] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 238.564311] 8021q: adding VLAN 0 to HW filter on device team0 [ 238.834594] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 239.679908] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 239.767768] bridge0: port 2(bridge_slave_1) entered blocking state [ 239.774316] bridge0: port 2(bridge_slave_1) entered forwarding state [ 239.781178] bridge0: port 1(bridge_slave_0) entered blocking state [ 239.787735] bridge0: port 1(bridge_slave_0) entered forwarding state [ 239.796310] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 240.066453] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 240.264561] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 240.365095] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 240.372359] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 240.584279] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 240.592760] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 241.495954] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 241.504045] team0: Port device team_slave_0 added 11:04:11 executing program 4: r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0xfffffffc) mmap(&(0x7f00006fc000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) close(r0) [ 241.846871] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 241.854918] team0: Port device team_slave_1 added [ 242.304155] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 242.311322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 242.320014] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 242.643425] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 242.650597] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 242.659372] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 242.886342] IPVS: ftp: loaded support on port[0] = 21 [ 243.053925] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 243.062686] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 243.071539] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 243.426041] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 243.433703] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 243.442603] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 244.910578] 8021q: adding VLAN 0 to HW filter on device bond0 [ 246.257101] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready 11:04:16 executing program 0: add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000080)={'syz'}, &(0x7f00000000c0)='(', 0x1, 0xfffffffffffffffc) 11:04:17 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r0) r1 = memfd_create(&(0x7f0000000380)="6b657972696e676c6f00f9e33210d477f0fbca82bfc24b1c95aa5076be6e8bd7af0c6eddf0182722feff2b9a00cef0fb6984e56060deb090815d9ef9fbc9febcd2657d98065f630f14bce0d32e2c81a5bf34f60344d5d17455fd1b7f26602b74c3463c13bfbdc263e8e6c0e4fdb0b353d96e05f4afdaa5e9a2311e0b0437b3d7794fd33ecc811f6db806da54ef2b3ac66cdb41bdb6422d389ef53b016cb127cbae7c676758e1997524ea6f57fe8e3158a0b89339f54d6d86b3f1d5eb4e932e4a22b6da0d1d3eaff939d9312019fc9882c37b64cc3ff3e001281c7623c89116a7dd8aef6a2110b5c822717d7f9d03016128ea6e95a66f6bb417583bf0dd54d1cd015b30f296d8f6e5ee438b267cf4039a905f6a8309927696e6dcfba61b16107585a2a188ba10ea576bd699bc9078d3edeccfbdbfc55f43dd89399ed35844e77bf95ba79f17bb93bf85e16cf62a13b52c25c252b7e4514f011c9da6b2cb7f1908fe58ce657216b2a5190e0a727099ab0d83ccdddbaa6792f2bebf9a8b716b3dd88d1590c1d4fcc1e818dc823246d6d59e449fcff4970ff888ef63c1277d76c859f6eba08c013d2bba0d79187403bfe45d22a2b8dcb5ff679e748156c57b3265256f7397f6c18c9122db5bdfb67076ee1a04dccfd32699aad47199bde505", 0x0) write(r1, &(0x7f0000000300)="6963e64243ea486da3a74e3deec6fc7bb9650b5de56946c568f95d22467190ba3b6d59a5958d6fa9259c8a2ac4677b00000000000000000000200000f8bf54da32", 0x41) ioctl$EVIOCSABS20(r1, 0x401845e0, &(0x7f0000000000)={0xffffffffffffffff, 0x7, 0xffff, 0x401, 0x8001, 0x6}) ioctl$KVM_GET_PIT(r0, 0xc048ae65, &(0x7f00000000c0)) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r1, 0x0) creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$EVIOCGABS20(r0, 0x80184560, &(0x7f0000000580)=""/4096) unlink(&(0x7f0000000040)='./file0\x00') 11:04:17 executing program 0: r0 = socket$inet_smc(0x2b, 0x1, 0x0) readv(r0, &(0x7f0000001580)=[{&(0x7f00000001c0)=""/119, 0x77}, {&(0x7f0000000240)=""/98, 0x62}, {&(0x7f00000002c0)=""/4096, 0x1000}, {&(0x7f00000012c0)=""/86, 0x56}, {&(0x7f0000001340)=""/153, 0x99}, {&(0x7f0000001400)=""/136, 0x88}, {&(0x7f00000014c0)=""/139, 0x8b}, {&(0x7f0000000040)=""/59, 0x3b}], 0x8) r1 = syz_open_dev$sndctrl(&(0x7f0000000000)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000080)={{0x0, 0x0, 0x0, 0x0, 'syz1\x00'}, 0x6, 0x0, 0x2b, 0x0, 0x0, 0x0, 'syz1\x00', &(0x7f0000000040), 0x0, [], [0x7, 0x3]}) [ 247.583027] bridge0: port 2(bridge_slave_1) entered blocking state [ 247.589585] bridge0: port 2(bridge_slave_1) entered forwarding state [ 247.596577] bridge0: port 1(bridge_slave_0) entered blocking state [ 247.603077] bridge0: port 1(bridge_slave_0) entered forwarding state [ 247.611526] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 247.799068] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 247.805630] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 247.813419] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 11:04:18 executing program 0: clone(0x41fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = getpid() r1 = syz_open_dev$adsp(&(0x7f0000000180)='/dev/adsp#\x00', 0x5, 0x101040) ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000300)) ptrace$setregset(0x4205, r0, 0x202, &(0x7f0000000040)={&(0x7f0000000000)="aac50297e0f466e66b43dc6ba230ed018fb34c", 0x13}) rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f00000000c0)) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vhost-vsock\x00', 0x2, 0x0) syz_open_dev$rtc(&(0x7f0000000080)='/dev/rtc#\x00', 0x0, 0x0) ptrace(0x10, r0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000000)) ptrace$setregs(0xf, r0, 0x0, &(0x7f0000000140)="ee3a29b6b3") getrlimit(0xf, &(0x7f00000001c0)) ptrace$getregset(0x4204, r0, 0x2, &(0x7f0000000280)={&(0x7f0000000100), 0xfffffe8c}) openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000200)='/dev/video37\x00', 0x2, 0x0) [ 248.163345] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready 11:04:18 executing program 0: syz_open_dev$sndseq(&(0x7f0000000780)='/dev/snd/seq\x00', 0x0, 0x0) r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240)='/dev/sequencer2\x00', 0x6006, 0x0) ioctl$IOC_PR_RELEASE(r0, 0x401070ca, &(0x7f0000000000)={0x4a, 0x64f}) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000040)={0x0, 0x1000, 0x20}, &(0x7f0000000080)=0xc) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f00000000c0)={r1, 0x6c}, 0x8) [ 248.987410] bridge0: port 1(bridge_slave_0) entered blocking state [ 248.994100] bridge0: port 1(bridge_slave_0) entered disabled state [ 249.002547] device bridge_slave_0 entered promiscuous mode [ 249.166112] 8021q: adding VLAN 0 to HW filter on device team0 11:04:19 executing program 0: syz_open_dev$sndseq(&(0x7f0000000780)='/dev/snd/seq\x00', 0x0, 0x0) r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240)='/dev/sequencer2\x00', 0x6006, 0x0) ioctl$IOC_PR_RELEASE(r0, 0x401070ca, &(0x7f0000000000)={0x4a, 0x64f}) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000040)={0x0, 0x1000, 0x20}, &(0x7f0000000080)=0xc) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f00000000c0)={r1, 0x6c}, 0x8) [ 249.385290] bridge0: port 2(bridge_slave_1) entered blocking state [ 249.392260] bridge0: port 2(bridge_slave_1) entered disabled state [ 249.400378] device bridge_slave_1 entered promiscuous mode [ 249.734459] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready 11:04:19 executing program 0: socket$inet_tcp(0x2, 0x1, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000240)='/dev/net/tun\x00', 0x1, 0x0) syz_open_dev$sndseq(&(0x7f00000001c0)='/dev/snd/seq\x00', 0x0, 0x0) pipe(&(0x7f0000000180)) r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff81}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$perf(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0) pselect6(0x40, &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140)={0x1b7}, &(0x7f0000000200), &(0x7f0000000300)={&(0x7f00000002c0), 0x8}) [ 250.164118] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready 11:04:20 executing program 0: rt_sigprocmask(0x1, &(0x7f0000000540)={0xfffffffffffffffa}, 0x0, 0x8) add_key(&(0x7f0000000480)='asymmetric\x00', &(0x7f00000004c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) r0 = socket$bt_bnep(0x1f, 0x3, 0x4) setsockopt$bt_BT_SNDMTU(r0, 0x112, 0xc, &(0x7f0000000500)=0x9, 0x2) setrlimit(0x1, &(0x7f0000011000)) r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vsock\x00', 0x42000, 0x0) ioctl$VHOST_SET_LOG_BASE(r1, 0x4008af04, &(0x7f0000000440)=&(0x7f0000000400)) add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040), &(0x7f00000000c0)="e49d3a49e27b51ab5ca04eecf864c546d9b328f71c6f03825f0c0bbfc43e2825f06757518152d0426420b48dc2d77ea8466334961dd69645cd5d8df929835058f24d19d01dd22b152664bccbfe07c13d9fb7a2e2f9746b9fa4ad4cd311031586d6e27b1ce315a27cd5ac870291b26c0852055002a50471df1405b7e0b1f282b5cc9d9d6d2d889234b408f035bb61f04bf6b937b27b5cd0c72aeb7ec5fc8b44c6760906f5df2d651a16989eb11c5b9feafddd4ada6952546c187b246f70715daa5c7e200a63ec649c364cf20e88c23870461d10e9d09d9010da644b0d51807ac6f802e0c2f71e19087eb009da980f66a14ebccae5992f5ee96df41b5d7e479e079406691485990d78149f4a466f08f11577ebd436e9bb695089f87dbe0a9b04b23be1a76637b1e9369185b10beb53b5354b6a9215bc45e5782e923f69c8d575bfe07375ad16112dd102bdb01ae0fe7fa317aaf99ba7b7216a5dbe3944703ec528040ca6fbc97da671079d97db0292f578953416960651748673fe85464af6ce8e7bbba28d19808e41ece979b39b029b8bb51e4229cdeb8d656ed9327aff9fe90ed8f93f4552ae88343a2b8902e206543b0d11dd5abe90409ce867b83c4221c5a0b9eb102fb7f1d58c2e269735dbf07495d7e94715955c7b3460be05f3e3bd328dada07824006ef27f7c4698cc0035837137f7d2aa880fd05b5e86e89db93c08994df7bbe1658bdc8f0b3050f9a53b9031c0ed29b60d4a182002f06900eea6bfa1c8608b4d076be29878ec37dcce0b005082a6859ce760473acab8408e444ac4ecd187bedd393eec03f8e4a2c774ff9593d9105e07be7394344352c2606a0008634052f4db17f8627e0aabaa32a835849edc2d03c26accff057e125d5b192bb7e5e0ed8597e8d693d8a6278c481dc99f14f1b052bf64afc65b9e79e3a336ec5a8dd9cfef60fcf900b3c92ba53082c0dd88c57adb38babd4d2de286fe9a06f78d2a1e882dc16f610d1548706a4aefaf2918a609edb63428d1ea92e50648285da541337456749d2891303c51f3c154d4082847e553f381d0351c6bfb0b955845fbf97b3eedb2d8ee29e6f4fd3704f859270676", 0x311, 0xfffffffffffffffe) [ 250.382979] Unknown ioctl 1074310916 [ 251.210538] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 251.545575] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 251.863885] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 251.871069] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 252.191993] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 252.199065] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 252.493500] not chained 20000 origins [ 252.497373] CPU: 1 PID: 7601 Comm: ip Not tainted 4.20.0-rc3+ #92 [ 252.503607] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 252.512974] Call Trace: [ 252.515583] dump_stack+0x32d/0x480 [ 252.519233] ? save_stack_trace+0xc6/0x110 [ 252.523488] kmsan_internal_chain_origin+0x222/0x240 [ 252.528620] ? kmsan_internal_chain_origin+0x136/0x240 [ 252.533911] ? __msan_chain_origin+0x6d/0xb0 [ 252.538333] ? __save_stack_trace+0x833/0xc60 [ 252.542835] ? save_stack_trace+0xc6/0x110 [ 252.547073] ? kmsan_internal_chain_origin+0x136/0x240 [ 252.552352] ? kmsan_memcpy_origins+0x13d/0x190 [ 252.557028] ? __msan_memcpy+0x6f/0x80 [ 252.560921] ? nla_put+0x20a/0x2d0 [ 252.564476] ? br_port_fill_attrs+0x366/0x1ea0 [ 252.569065] ? br_port_fill_slave_info+0xff/0x120 [ 252.573922] ? rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 252.578432] ? rtnl_dump_ifinfo+0x18b5/0x2140 [ 252.582935] ? netlink_dump+0xc79/0x1c90 [ 252.587004] ? netlink_recvmsg+0xec2/0x19d0 [ 252.591335] ? sock_recvmsg+0x1d1/0x230 [ 252.595312] ? ___sys_recvmsg+0x444/0xae0 [ 252.599463] ? __se_sys_recvmsg+0x2fa/0x450 [ 252.603794] ? __x64_sys_recvmsg+0x4a/0x70 [ 252.608034] ? do_syscall_64+0xcf/0x110 [ 252.612018] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 252.617388] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 252.622501] ? kmsan_internal_chain_origin+0x1e3/0x240 [ 252.627796] ? kmsan_internal_chain_origin+0x136/0x240 [ 252.633084] ? __msan_chain_origin+0x6d/0xb0 [ 252.637508] ? save_stack_trace+0xfa/0x110 [ 252.641847] ? kmsan_internal_chain_origin+0x136/0x240 [ 252.647149] ? kmsan_memcpy_origins+0x13d/0x190 [ 252.651844] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 252.657318] ? in_task_stack+0x12c/0x210 [ 252.661402] __msan_chain_origin+0x6d/0xb0 [ 252.665655] ? netlink_recvmsg+0xec2/0x19d0 [ 252.669993] __save_stack_trace+0x8be/0xc60 [ 252.674348] ? netlink_recvmsg+0xec2/0x19d0 [ 252.678684] save_stack_trace+0xc6/0x110 [ 252.682763] kmsan_internal_chain_origin+0x136/0x240 [ 252.687882] ? kmsan_internal_chain_origin+0x136/0x240 [ 252.693165] ? kmsan_memcpy_origins+0x13d/0x190 [ 252.697839] ? __msan_memcpy+0x6f/0x80 [ 252.701732] ? nla_put+0x20a/0x2d0 [ 252.705297] ? br_port_fill_attrs+0x366/0x1ea0 [ 252.709886] ? br_port_fill_slave_info+0xff/0x120 [ 252.714737] ? rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 252.719236] ? rtnl_dump_ifinfo+0x18b5/0x2140 [ 252.723736] ? netlink_dump+0xc79/0x1c90 [ 252.727813] ? __msan_poison_alloca+0x1e0/0x270 [ 252.732496] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 252.737864] ? find_next_bit+0x25b/0x2a0 [ 252.741927] ? vmalloc_to_page+0x585/0x6c0 [ 252.746173] ? kmsan_set_origin+0x7f/0x100 [ 252.750421] kmsan_memcpy_origins+0x13d/0x190 [ 252.754939] __msan_memcpy+0x6f/0x80 [ 252.758658] nla_put+0x20a/0x2d0 [ 252.762040] br_port_fill_attrs+0x366/0x1ea0 [ 252.766462] br_port_fill_slave_info+0xff/0x120 [ 252.771147] ? br_port_get_slave_size+0x30/0x30 [ 252.775823] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 252.780182] rtnl_dump_ifinfo+0x18b5/0x2140 [ 252.784576] ? kmsan_set_origin+0x7f/0x100 [ 252.788823] ? kmsan_internal_unpoison_shadow+0x26/0x30 [ 252.794215] ? rtnl_getlink+0xec0/0xec0 [ 252.798193] netlink_dump+0xc79/0x1c90 [ 252.802108] netlink_recvmsg+0xec2/0x19d0 [ 252.806287] sock_recvmsg+0x1d1/0x230 [ 252.810091] ? netlink_sendmsg+0x1440/0x1440 [ 252.814510] ___sys_recvmsg+0x444/0xae0 [ 252.818504] ? __msan_poison_alloca+0x1e0/0x270 [ 252.823182] ? __se_sys_recvmsg+0xca/0x450 [ 252.827422] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 252.832790] ? __fdget+0x23c/0x440 [ 252.836354] __se_sys_recvmsg+0x2fa/0x450 [ 252.840521] __x64_sys_recvmsg+0x4a/0x70 [ 252.844585] do_syscall_64+0xcf/0x110 [ 252.848395] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 252.853584] RIP: 0033:0x7fb9d6f45210 [ 252.857306] Code: 31 d2 48 29 c2 64 89 11 48 83 c8 ff eb ea 90 90 90 90 90 90 90 90 90 90 90 90 83 3d e5 d3 2a 00 00 75 10 b8 2f 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 6e bb 00 00 48 89 04 24 [ 252.876215] RSP: 002b:00007ffdf4b4ece8 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 252.883924] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fb9d6f45210 [ 252.891194] RDX: 0000000000000000 RSI: 00007ffdf4b4ed30 RDI: 0000000000000003 [ 252.898467] RBP: 0000000000001f1c R08: 00007fb9d71eeec8 R09: 00007fb9d6f8b800 [ 252.905736] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006395c0 [ 252.913011] R13: 00007ffdf4b52dc0 R14: 0000000000001f1c R15: 00007ffdf4b50c8c [ 252.920292] Uninit was stored to memory at: [ 252.924622] kmsan_internal_chain_origin+0x136/0x240 [ 252.929942] __msan_chain_origin+0x6d/0xb0 [ 252.934195] __save_stack_trace+0x8be/0xc60 [ 252.938518] save_stack_trace+0xc6/0x110 [ 252.942581] kmsan_internal_chain_origin+0x136/0x240 [ 252.947687] kmsan_memcpy_origins+0x13d/0x190 [ 252.952186] __msan_memcpy+0x6f/0x80 [ 252.955902] nla_put+0x20a/0x2d0 [ 252.959270] br_port_fill_attrs+0x366/0x1ea0 [ 252.963682] br_port_fill_slave_info+0xff/0x120 [ 252.968352] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 252.972673] rtnl_dump_ifinfo+0x18b5/0x2140 [ 252.976996] netlink_dump+0xc79/0x1c90 [ 252.980882] netlink_recvmsg+0xec2/0x19d0 [ 252.985035] sock_recvmsg+0x1d1/0x230 [ 252.988837] ___sys_recvmsg+0x444/0xae0 [ 252.992815] __se_sys_recvmsg+0x2fa/0x450 [ 252.996962] __x64_sys_recvmsg+0x4a/0x70 [ 253.001023] do_syscall_64+0xcf/0x110 [ 253.004826] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 253.010007] [ 253.011630] Uninit was stored to memory at: [ 253.015963] kmsan_internal_chain_origin+0x136/0x240 [ 253.021070] __msan_chain_origin+0x6d/0xb0 [ 253.025308] __save_stack_trace+0x8be/0xc60 [ 253.029643] save_stack_trace+0xc6/0x110 [ 253.033706] kmsan_internal_chain_origin+0x136/0x240 [ 253.038811] kmsan_memcpy_origins+0x13d/0x190 [ 253.043311] __msan_memcpy+0x6f/0x80 [ 253.047028] nla_put+0x20a/0x2d0 [ 253.050395] br_port_fill_attrs+0x366/0x1ea0 [ 253.054808] br_port_fill_slave_info+0xff/0x120 [ 253.059496] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 253.063817] rtnl_dump_ifinfo+0x18b5/0x2140 [ 253.068157] netlink_dump+0xc79/0x1c90 [ 253.072139] netlink_recvmsg+0xec2/0x19d0 [ 253.076377] sock_recvmsg+0x1d1/0x230 [ 253.080176] ___sys_recvmsg+0x444/0xae0 [ 253.084161] __se_sys_recvmsg+0x2fa/0x450 [ 253.088307] __x64_sys_recvmsg+0x4a/0x70 [ 253.092377] do_syscall_64+0xcf/0x110 [ 253.096180] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 253.101359] [ 253.102984] Uninit was stored to memory at: [ 253.107313] kmsan_internal_chain_origin+0x136/0x240 [ 253.112435] __msan_chain_origin+0x6d/0xb0 [ 253.116676] __save_stack_trace+0x8be/0xc60 [ 253.121000] save_stack_trace+0xc6/0x110 [ 253.125066] kmsan_internal_chain_origin+0x136/0x240 [ 253.130173] kmsan_memcpy_origins+0x13d/0x190 [ 253.134673] __msan_memcpy+0x6f/0x80 [ 253.138391] nla_put+0x20a/0x2d0 [ 253.141762] br_port_fill_attrs+0x366/0x1ea0 [ 253.146181] br_port_fill_slave_info+0xff/0x120 [ 253.150852] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 253.155174] rtnl_dump_ifinfo+0x18b5/0x2140 [ 253.159501] netlink_dump+0xc79/0x1c90 [ 253.163395] netlink_recvmsg+0xec2/0x19d0 [ 253.167547] sock_recvmsg+0x1d1/0x230 [ 253.171359] ___sys_recvmsg+0x444/0xae0 [ 253.175337] __se_sys_recvmsg+0x2fa/0x450 [ 253.179488] __x64_sys_recvmsg+0x4a/0x70 [ 253.183548] do_syscall_64+0xcf/0x110 [ 253.187355] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 253.192537] [ 253.194183] Uninit was stored to memory at: [ 253.198508] kmsan_internal_chain_origin+0x136/0x240 [ 253.203614] __msan_chain_origin+0x6d/0xb0 [ 253.207852] __save_stack_trace+0x8be/0xc60 [ 253.212178] save_stack_trace+0xc6/0x110 [ 253.216241] kmsan_internal_chain_origin+0x136/0x240 [ 253.221348] kmsan_memcpy_origins+0x13d/0x190 [ 253.225848] __msan_memcpy+0x6f/0x80 [ 253.229565] nla_put+0x20a/0x2d0 [ 253.232938] br_port_fill_attrs+0x366/0x1ea0 [ 253.237352] br_port_fill_slave_info+0xff/0x120 [ 253.242019] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 253.246344] rtnl_dump_ifinfo+0x18b5/0x2140 [ 253.250666] netlink_dump+0xc79/0x1c90 [ 253.254552] netlink_recvmsg+0xec2/0x19d0 [ 253.258699] sock_recvmsg+0x1d1/0x230 [ 253.262516] ___sys_recvmsg+0x444/0xae0 [ 253.266488] __se_sys_recvmsg+0x2fa/0x450 [ 253.270638] __x64_sys_recvmsg+0x4a/0x70 [ 253.274699] do_syscall_64+0xcf/0x110 [ 253.278507] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 253.283688] [ 253.285311] Uninit was stored to memory at: [ 253.290131] kmsan_internal_chain_origin+0x136/0x240 [ 253.295242] __msan_chain_origin+0x6d/0xb0 [ 253.299476] __save_stack_trace+0x8be/0xc60 [ 253.303802] save_stack_trace+0xc6/0x110 [ 253.307869] kmsan_internal_chain_origin+0x136/0x240 [ 253.312975] kmsan_memcpy_origins+0x13d/0x190 [ 253.317471] __msan_memcpy+0x6f/0x80 [ 253.321187] nla_put+0x20a/0x2d0 [ 253.324559] br_port_fill_attrs+0x366/0x1ea0 [ 253.328980] br_port_fill_slave_info+0xff/0x120 [ 253.333648] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 253.337970] rtnl_dump_ifinfo+0x18b5/0x2140 [ 253.342296] netlink_dump+0xc79/0x1c90 [ 253.346183] netlink_recvmsg+0xec2/0x19d0 [ 253.350333] sock_recvmsg+0x1d1/0x230 [ 253.354147] ___sys_recvmsg+0x444/0xae0 [ 253.358122] __se_sys_recvmsg+0x2fa/0x450 [ 253.362278] __x64_sys_recvmsg+0x4a/0x70 [ 253.366347] do_syscall_64+0xcf/0x110 [ 253.370158] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 253.375338] [ 253.376963] Uninit was stored to memory at: [ 253.381299] kmsan_internal_chain_origin+0x136/0x240 [ 253.386404] __msan_chain_origin+0x6d/0xb0 [ 253.390641] __save_stack_trace+0x8be/0xc60 [ 253.394966] save_stack_trace+0xc6/0x110 [ 253.399028] kmsan_internal_chain_origin+0x136/0x240 [ 253.404141] kmsan_memcpy_origins+0x13d/0x190 [ 253.408637] __msan_memcpy+0x6f/0x80 [ 253.412352] nla_put+0x20a/0x2d0 [ 253.415732] br_port_fill_attrs+0x366/0x1ea0 [ 253.420148] br_port_fill_slave_info+0xff/0x120 [ 253.424819] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 253.429146] rtnl_dump_ifinfo+0x18b5/0x2140 [ 253.433471] netlink_dump+0xc79/0x1c90 [ 253.437364] netlink_recvmsg+0xec2/0x19d0 [ 253.441514] sock_recvmsg+0x1d1/0x230 [ 253.445317] ___sys_recvmsg+0x444/0xae0 [ 253.449295] __se_sys_recvmsg+0x2fa/0x450 [ 253.453444] __x64_sys_recvmsg+0x4a/0x70 [ 253.458019] do_syscall_64+0xcf/0x110 [ 253.462147] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 253.467326] [ 253.468946] Uninit was stored to memory at: [ 253.473276] kmsan_internal_chain_origin+0x136/0x240 [ 253.478382] __msan_chain_origin+0x6d/0xb0 [ 253.482621] __save_stack_trace+0x8be/0xc60 [ 253.486946] save_stack_trace+0xc6/0x110 [ 253.491009] kmsan_internal_chain_origin+0x136/0x240 [ 253.496116] kmsan_memcpy_origins+0x13d/0x190 [ 253.500619] __msan_memcpy+0x6f/0x80 [ 253.504335] nla_put+0x20a/0x2d0 [ 253.507704] br_port_fill_attrs+0x366/0x1ea0 [ 253.512120] br_port_fill_slave_info+0xff/0x120 [ 253.516800] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 253.521129] rtnl_dump_ifinfo+0x18b5/0x2140 [ 253.525453] netlink_dump+0xc79/0x1c90 [ 253.529342] netlink_recvmsg+0xec2/0x19d0 [ 253.533493] sock_recvmsg+0x1d1/0x230 [ 253.537294] ___sys_recvmsg+0x444/0xae0 [ 253.541274] __se_sys_recvmsg+0x2fa/0x450 [ 253.545426] __x64_sys_recvmsg+0x4a/0x70 [ 253.549490] do_syscall_64+0xcf/0x110 [ 253.553291] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 253.558471] [ 253.560081] Local variable description: ----c.i.i@should_fail [ 253.565942] Variable was created at: [ 253.569639] should_fail+0x162/0x13c0 [ 253.573423] __alloc_pages_nodemask+0x73f/0x63e0 [ 254.040880] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 254.048907] team0: Port device team_slave_0 added [ 254.262026] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 254.270121] team0: Port device team_slave_1 added [ 254.495525] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 254.505044] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 254.513807] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 254.756691] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 254.763959] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 254.772751] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 254.908665] 8021q: adding VLAN 0 to HW filter on device bond0 [ 254.981795] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 254.989971] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 254.998824] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 255.193335] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 255.200916] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 255.210003] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 255.984671] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 256.937190] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 256.943895] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 256.951792] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 11:04:27 executing program 1: r0 = socket$inet6(0x10, 0x803, 0x0) sendmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000240)="5500000018007f0860fe01b2a4a280930a600800ffa84302910000003900090023000c00140000001b000500fe0b0b000000c78b80082314e9030b9d566885b167320b00070038d54400009b84136ef75afb83de48", 0x55}], 0x1}, 0x0) [ 257.257418] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 257.264119] IPv6: NLM_F_CREATE should be set when creating new route [ 257.270668] IPv6: NLM_F_CREATE should be set when creating new route [ 257.715130] bridge0: port 2(bridge_slave_1) entered blocking state [ 257.721742] bridge0: port 2(bridge_slave_1) entered forwarding state [ 257.728631] bridge0: port 1(bridge_slave_0) entered blocking state [ 257.735166] bridge0: port 1(bridge_slave_0) entered forwarding state [ 257.743513] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 257.877074] 8021q: adding VLAN 0 to HW filter on device team0 [ 257.953623] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 259.778418] 8021q: adding VLAN 0 to HW filter on device bond0 [ 260.545746] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 261.365095] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 261.371520] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 261.379625] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 11:04:31 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @broadcast}, {0x2, 0x0, @broadcast}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) [ 262.176805] 8021q: adding VLAN 0 to HW filter on device team0 [ 264.271324] 8021q: adding VLAN 0 to HW filter on device bond0 [ 264.729197] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready 11:04:35 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x7fff, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0xfffffffffffffff8, 0xff}) [ 265.193338] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 265.199831] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 265.207793] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 265.548993] 8021q: adding VLAN 0 to HW filter on device team0 11:04:37 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000200)=[@text16={0x10, &(0x7f0000000180)="2e65f32efe0a6766c7442400008000006766c7442402000000006766c744240600000000670f011c24b866000f00d066b88044a2b20f23c80f21f866350400d0000f23f80f0766b80500000066b9080000000f01c10f0766b8010000000f01c10f01dfb835008ee0", 0x68}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(0xffffffffffffffff, 0x4008ae93, &(0x7f00000000c0)=0x6002) restart_syscall() getsockopt$inet6_tcp_buf(r2, 0x6, 0x3f, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000100)="460f300f07c483614804ee08440f20c03506000000440f22c0c402f93473230f09f20f013cb9b805000000b9c00000000f01d90fc728c4c1f9e79f2e000000", 0x3f}], 0x1, 0x0, &(0x7f0000000200), 0x1) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x400, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000440)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$vhci(0xffffffffffffff9c, &(0x7f0000000640)='/dev/vhci\x00', 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) mremap(&(0x7f0000fed000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000ff9000/0x4000)=nil) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f00000005c0)) syz_open_dev$rtc(&(0x7f0000000300)='/dev/rtc#\x00', 0x8, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) 11:04:37 executing program 0: r0 = socket$inet(0x2, 0x3, 0x1) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x31, 0xffffffffffffffff, 0x0) getsockopt(r0, 0xff, 0x1, &(0x7f0000000140)=""/166, &(0x7f0000000040)=0xa6) 11:04:37 executing program 5: r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x200001, 0x0) r1 = socket$can_bcm(0x1d, 0x2, 0x2) r2 = socket$key(0xf, 0x3, 0x2) ioctl$sock_bt_hidp_HIDPCONNADD(r0, 0x400448c8, &(0x7f0000000100)={r1, r2, 0x0, 0x7, &(0x7f0000000040)="e737b7a7cb487544d43fd73a14ce71c614f144e6441d3c068a746dea4851a3790078607b5ef4acc18a7cd48238d9bb4d3a0585e8f1845c23e2c1da508a6354727cd745b1b191f48435bdaca2393dc32e58c344adc979f335deb793d9cb7305053c4ed74ceb0da3fd34987c28d91ceed0e9219a87060b1b9ece63f0d53ca4ac3996a015aa7d172585f986d10a560e66cfa1f24d13bfa51e85181d", 0x6, 0x3, 0x4ccd, 0xa7, 0x2, 0x9, 0x101, "06614236733f3465ead731fa4ca8c84ab90f2f3e21393c55a4c7e0fe52823fca41a518f224347ba9199e64308e657e60e68f4453a8ea028e4aaf52b3135a22ece3fcdfc3b6d3b00af51d2c7f287141132d321d5b8d1c3f6ca69d31cb4a5a985e11bde5fe3b7b0585d1a34ac77d43452a948d2d0270798540879805f49ba6ad9bad9260bcffb00c01d5f5e04c58f6d1356adef22028cfdbdf33b527aa91246e3664109c95ca655fc339cbc7699804ebf7e72232690dfa7a"}) r3 = syz_open_dev$cec(&(0x7f0000000200)='/dev/cec#\x00', 0x3, 0x2) unlinkat(r0, &(0x7f0000000240)='./file0\x00', 0x0) syncfs(r0) ioctl$KVM_TPR_ACCESS_REPORTING(r0, 0xc028ae92, &(0x7f0000000280)={0x1, 0x3}) recvfrom$inet(r0, &(0x7f00000002c0)=""/56, 0x38, 0x20, &(0x7f0000000300)={0x2, 0x4e23}, 0x10) ioctl$sock_inet_SIOCSIFDSTADDR(r2, 0x8918, &(0x7f0000000340)={'\x00', {0x2, 0x4e22, @broadcast}}) setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0x5, &(0x7f0000000380)=0xfffffffffffffffd, 0x4) setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f0000000400)={&(0x7f00000003c0), 0x1005000, 0x1000, 0x4}, 0x18) ioctl$KVM_RUN(r3, 0xae80, 0x0) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000480)={r0, 0x28, &(0x7f0000000440)={0x0, 0x0}}, 0x10) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000004c0)={r4, 0x2976f273, 0x8}, 0xc) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000600)={0x0, 0x18, 0xfa00, {0x1, &(0x7f00000005c0)={0xffffffffffffffff}, 0x106, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_INIT_QP_ATTR(r0, &(0x7f0000000640)={0xb, 0x10, 0xfa00, {&(0x7f0000000500), r5, 0x5}}, 0x18) fcntl$addseals(r0, 0x409, 0x8) setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000680)='tls\x00', 0x4) r6 = openat$vicodec0(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/video36\x00', 0x2, 0x0) getsockopt$bt_BT_POWER(r0, 0x112, 0x9, &(0x7f0000000700)=0xfffffffffffffff1, &(0x7f0000000740)=0x1) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000780)={0x4, 0xffffffff, 0x7f, 0xffff, 0x1}) write$RDMA_USER_CM_CMD_GET_EVENT(r3, &(0x7f0000000940)={0xc, 0x8, 0xfa00, {&(0x7f00000007c0)}}, 0x10) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000a80)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4={[], [], @loopback}}, 0x0, @in6=@loopback}}, &(0x7f0000000b80)=0xe8) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000bc0)={{{@in6, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}}}, &(0x7f0000000cc0)=0xe8) sendmsg$nl_xfrm(r0, &(0x7f0000000ec0)={&(0x7f0000000980)={0x10, 0x0, 0x0, 0x84000200}, 0xc, &(0x7f0000000e80)={&(0x7f0000000d00)=@newsa={0x160, 0x10, 0x8, 0x70bd29, 0x25dfdbfb, {{@in=@rand_addr=0x2, @in=@multicast2, 0x4e22, 0x1f, 0x4e22, 0x4, 0x0, 0x0, 0x80, 0x84, r7, r8}, {@in6, 0x4d5, 0x3c}, @in=@multicast2, {0x6, 0x10001, 0x5, 0x6c0, 0x0, 0xfffffffffffeffff, 0x5, 0x100000001}, {0x25, 0xf4f, 0x7, 0x8}, {0x4, 0x6, 0xf4}, 0x70bd27, 0x3503, 0x2, 0x1, 0x200, 0x12}, [@proto={0x8, 0x19, 0xff}, @algo_comp={0x68, 0x3, {{'lzjh\x00'}, 0x100, "324415c5c69828efd3be385a023cc31c1f79dc5e4d0b4b2c086e65c24be5c443"}}]}, 0x160}, 0x1, 0x0, 0x0, 0x4}, 0x4000000) connect$vsock_dgram(r6, &(0x7f0000000f00)={0x28, 0x0, 0x2711, @host}, 0x10) write$P9_RRENAMEAT(r3, &(0x7f0000000f40)={0x7, 0x4b, 0x2}, 0x7) ioctl$RTC_RD_TIME(r0, 0x80247009, &(0x7f0000000f80)) getsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r3, 0x84, 0xc, &(0x7f0000000fc0), &(0x7f0000001000)=0x4) 11:04:37 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)="2e2f6367726f7570000c239fd085acc49b812db3d73d43ea", 0x200002, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000000)='./file1\x00', 0x0) ioctl$EXT4_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000100)=0x8) ioctl$EXT4_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000440)) 11:04:37 executing program 1: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) execveat(r0, &(0x7f0000000080)='./bus\x00', &(0x7f00000006c0)=[&(0x7f0000000100)='trusted$\x00', &(0x7f00000001c0)="776c616e31dd5e76626f786e65743100", &(0x7f0000000540)='eth0]security}vmnet1\x00', &(0x7f0000000580)='./cgroup.cpu\x00', &(0x7f00000005c0)='lo\x00', &(0x7f0000000600)='@cgroup({\x00', &(0x7f0000000640)='*ppp1\x00', &(0x7f0000000680)='threaded\x00'], &(0x7f0000000800)=[&(0x7f0000000740)='./cgroup.cpu\x00', &(0x7f0000000780)='threaded\x00', &(0x7f00000007c0)='{.\x00'], 0x100) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000300)='./cgroup.cpu\x00', 0x200002, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f0000000880)='IPVS\x00') sendmsg$IPVS_CMD_SET_SERVICE(r1, &(0x7f0000000940)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000900)={&(0x7f00000008c0)={0x14, 0x0, 0x200, 0x70bd29, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x1) fchdir(r2) socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000740), 0x0) r3 = creat(&(0x7f0000000700)='./bus\x00', 0x0) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) pwritev(r4, &(0x7f0000003e00)=[{&(0x7f0000002e00)="13235cdf7cdea95c39673091256ce298c055291cad9fc90e445ad6de6b0dec0a382361a1ef1a5aff2903761419cac5df846878b98a621219d94581abb8f9488a4eee66cb54db2a045620cbad742e2514c1374eb84cb7c99d4e6824056c694b66f9fbff10f1da8e0a7a977d6bd602f9bb0c6a89b674414ca35c19375bac35b4b0ca0ad4034e9d82f80a08ce65df22fe3fdaa7c90b510fb4cd8469cf3868a90a13274308b0d53e486d3e2634950a2b41fd39d16d38815fad9baa85e5cba1540841337b3996f0cca5142fa09c012abf1bb8cfd804d96600895ae45bbd34cd98382921be9e9ff65fcb2d12b6d3340baa4ff96ae7faf93543399c9846d5d18e0e924f11989d641765c49199face9964387fd204f8d4c5bb6010bfa8a98a2c46b0ba619763ea52720945f05567d452b4e9689e63780a54ee9f7cc15b738e39384779e1e2fcee2158e6a85132df40bad2f8af9248a251f5e4e9d54a61349a41d0ef84764a1a4cfc94c132c3fa3218224a50a27f81c0c44598f4fbe14914506ba42e65502519d88e5d2ee387da8d4ad91fdd5ae262b342ea5161e861863ca36161f6c5b9e0653e5918c40e6beec3ad22fda5da4e4c8f4e1a2d4347acc25180cb4ff796c8f3e74212f096d0ea1d52e35152a985203de08ff5adc1d6b57fdc5d5398d38dfca3b4b9fd6170453a86d8ebb9472b0eb9f5829cb1bdbfb93fe609045682ef3f2354ba32e80813030a8166efdd8da2f6c02bac9c38a967d9a5a1722f6cf00fcab08e46babbe82cb0d8f66a967550e66498f0735b5f35a262c9c2d393102dd07185fbd8c7d4326b1e68d8155248667a9cd17e0ea9cd2865e7673f6565ac240d68c2b6a582ced38e460fb291c6bfaeb38845cb7437fa9b5ed0761dd1118330365bdba3e362b35ff3f425e5bf2969366a0ee9b99dd363f06f47bdcd5c3802d26767a9d1c97f96c57c653f8151ea1890870b86f02e1e8b10e2615cd313c91a8b480bd34a4ba040f5bc4dc24340bc56ce49b2a2327d9db6543d392c0355ad9086065a4f2a11e4de932fb9e0be4d413c76971268a46dc00b0d153dcaa356105463513e35fcfe3371ef062cf8651a9f0f81c4ed78f5c1f2b347b5afad8f6732903195e32a3b65438d044e7c08453e74592c0cc79988921f21bc71869534b39f640d890f85568e1352be00cf748095089eba7dc9db6df5d1fc186c08b7aeaee7e056f9caae6a1c73c133edf680610effc9e4a3e06dba8a6a3d2ee44eeeb93dbe0c70681520a8b6c6a903e14f26def223c56d98d4be54ad385052dcb54f9973f862b0af4bf0e5a7be2c4998c1799c0d160bfb81fab04b23bf64809ac7c6741b93ba0714fd56a13d2ab34c42a55c8feb36136b2ec88d940e913834f19e97d693ab61853399d7bc0a0bfae537c513ba4d2ecc6de1e9bd036cfb353f7c913f1d62afa3333b50f3cde3c6d8cf1b802c8d51780ef93da08ac54b1860b537b2ee49e6e6ef07178ce15f37d3e34a18a0ccff73b9843ab7b5200bcb5bf04eda04fce5a2910d2dba086b4e4290819102ab0d6d206de68f1b420508f340d111783fb67e85eb8a8ef9a11d969fddd90f1b768a1d9e8b74824cb9f65b06551c280c9298f3917befd8af546eb37546536adfbd44594fb20ef3d40105940415fc4c66aa11f972025196de1ecf961b826abc71448d64ebbb5fdd4d81caff8f75e791300001df01ba3a186343b055cdf192f3c6aa79583adb416e905ac9cad837c6121cb9c32da16e6649c6096b71f6c1f12c2816835600fde1cb931c53758f6dfc6a2cf49270f2500034d58abb868303c1b2a4bb1291077a3f2a3ec24121ec6ed7bb30785440566c04560511ead6658b0d1d03faf62f063cb439b9babe5efdee27208344a321ad033f8b9507e031efaaef2008bbc24926df08a44022add80e4d9d97cfcc4f637e74d138ce513f033b6530d73d71a5d01d946c4e7c7297df8853258fbec806f14f2fbd096577f55b9f93596ba515d7d768eaa7fba049dc01d39603c4f174f1f8f8b4c097035a5894a756d4fc1cda2ba70111bdcf5fba8bc568179ad6c528f33c4bcb1258a7fbece77250a8d488b1620fdecb9fddf8d0fe3bc00b207741b463b716474baa83b0028090823ba7614298b55167dbff1e855d18a94714cde177aff74f62ad91178402fa34bbb7952ca690a086fd4b822e85d6de45e7835c796b2f2e24c282532795647e4c9fba19608d073f7669d7321e92a5f8689dc0febb9ad189da67c2e7d39176c96af8d35fe597fef15079702174520a4d2d25e96bb248d824f8c91244f433f0909fe71cb818fc5aa1db8c6e0ed859168a1b9c1a68892cba8bb70d9c84db5dd2cfb36b9d3d308bc779aad46974bf8682c0b78fe2346fa1fa7a69751862040b981f9154270570fee21266df43dbd908624cd479684c3cd258b0928ca0b7707d502ba34227b54d4f4691c8bf4e5f119e57f33c8f78b46621a4f38bcea44e32678473811375ff34860db369253a1fab894407968dcea152723c0ab8a3fdba1eee1c799a140385126edc9bb3ae3ffa12e283916f1b4de7952d86925ac016afc6dedba3cfd8da4906f3c46a09663012adf15f3cb612b2d7d324bba9aeddb39e3c8a049bba59c9e9153ef0d187bc33550426070637676300547807f14250ae46ac2fd88e50eed78e26c4d9df9e37f451063555dcfe76a24d306c3cb00de0e37320c22f7b1628b91d627f5bc1c86b47553e9abcd0bddb8c2182d4ad747cea5fff7b9fb7726aa6b0eaef31eb2159711a5884b1e4a66c2febf7d1c06161873717122d190b9db10450a6bee2a37645ffdb1c29085cd87ec9d1e57d544195c085c9b3d606faf68696fa1eca3ef80cde32ca44980f68570984d86674267e066729bc3d7a041dec5e6a89eb7b7e193e1b75725d74aab3849034eac9ae05ab2867c507e7f6ffcaf6e118efd699f83d655dfa9e0f80c4199baeef4f1cfe6aaadbb15410b3c2b071f0bff1ba131a6bda0c108addd1249aa2ade2ce26aa61c5364033344d4bda07213cc1eefc8fa7e5188dee8ed2dccb820e1e75d34b51fa56f3fea1208b1ce76ab4a17cb98f03da38acb31ae5120206c5bb9719d72774b8330936298a531ae7b46326c8913a72b881c5fdeeed0cd45186ece59854116233c856e3eb6cb50f8b7542838e89e703f32b623deef546f06b44a32639cc6ddad2786e5a84e183b67afcd710441b07027144cdeb6a2afa893959c7b18669ca6abfc4b86182f695ce50302efaab318a49645739e5e6ab059645dc50f165c6b7c6bdd42eaccabb2ce3dac4d557c6b7ea3818f49773e8b52418854df207855acc56f73debc8330149d07604379bae23ef84a20c1d1300ec74bc3c06b7087d8e930d86577692af0e44fbbf40133dc2e65439193d60e9ef722f602e5e9991580fd692bd2d77734e053d98bba625ddf6501d5144bec1fd64d233390d46a76ab42f91632895e25a90ce844f8d0a6075f1e3c03cb3a80491f25de05741efbb9b8d2b918feac072074d9c33b8042a143dd470e238270ca8f51bdfbebc45e15240f931d7186f2fdc701dd26966b29bbfba4ff3eacf5a2e3a37c5cb37c25136cc95ebd13c89d61eb94ad6c9297629f1cc32583654ba9caae512d39d4e1a8034d79a2997285b09c6b8c01cfebd33af517a02f6b66c75a9604a74aca6d856eb379d5420989d678c5a8a57f9b268fa1f7f44789d80799794ef4ac9fbfd46e1dfdf5c4120868964aa2113853dbc2aefc05af3167207790f8ca0959108226bb9a573c5a472acaf033ec565c7aef659265ff8547aa948e56f8afb92d56eec14bd5dd541d4cd466c1bbcee9973527585f5e97f37665c6f42acce02a2f2e56da0a8ea2fb84344188e2101eae938c540a8bb5e622b7d8a8abb3874034e61952079ff3a12488a101fc1dc8f1b0b4a16a6fba526f982cffa8935b2511be2f75530d46f2b6d33d9917668a202646563c219e51f77b45d94262543f50b9b1ba737e29e7bfd16d764876a998783f28ed17e88acda8fc2b86523119a1b876c04a6b562ee29775378b4ce63903fee17bbce552f5d5252c347e270279a0eac5a46f481f33ba254e730cae268ea395b4d51cdbf90cc96110dda0872aacfeebbe306f931435370cb104b58dc29ce36e3ba4c604d3405467d7bca8c5b5ce5c8f7d6394e7cd30fde745100dad5769eddad75c3c6d6b7bd8bc29570f0f7bdca0e27d902995fc631c2fca187b5f4ef7dc90345945201296960e9fe6d7a2a9951a85f61d3d8aaf5a1d719f7f3838c611c7866ec769c67d3b934a560f03fda2e71059b5018701c49e009ecce6436fe8bec5d47337673c6d980617a8ce324bc51b31b4b07f558c1a270270e3250eac0b7b52db67ea369446a9aa2a61253acd469a2c1942be7aab03d44f1bbe103b196fa2a0a4b63dc21781fc9a1c4370dc7a7b933eb6d284e819a8df2ae881f5832b3adb1702d65a41cbeab6a649420198901372386e3415f246a0daa4ccbe8a7049f9b06d9b573a422f7ef7702c14613420e489f77972e2ef806268bf17d1bcfea25f9c37223822d3200e5ce2f5eb8ca9e5b4e0d33cdf83fbfc41c989c6b1ed691778121752f3b5f405689b5f11cf0b7fabd6efe096998d69d746de30fd4aea2df27da9c906dc42982ce041c00d06e729dcb72d1a773f9c1e5897c901609e734bd8547492df435c36ae5a23fca882435c0a64137bb60ea265be166826a9133d0273c4b73b405343fbb98695ecf893aafda757cf02a3004e0398abd69d5b4ee9c63cb954632dc9f75fd51abe26beb3db1fd3bccac7c252e5b31524d8ef50ff7109e3e0f5c3650d28c109a80ac6963e5b47e58f6a2bc0c490ddcff5c27677a6b85a0f39bbea6787212dead16e73a0f834ecb1639b78d46b91a5a85e618ee5539fbe2a69f878e8f53fc84286378deb4c5fd3f12bf0870cc6976af263b8822168f82ad07458768801ec5fe5090b3aaaa4626493b4770dc", 0xdc5}], 0x1, 0x0) socketpair$inet_udplite(0x2, 0x2, 0x88, &(0x7f0000000180)={0xffffffffffffffff}) fchmod(r6, 0x100) write(r5, &(0x7f00000001c0), 0xfffffef3) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000980)='./cgroup/syz0\x00', 0x200002, 0x0) ioctl$BLKGETSIZE64(0xffffffffffffffff, 0x80081272, &(0x7f0000000000)) read(r4, &(0x7f0000000200)=""/250, 0x50c7e3e3) ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454d1, &(0x7f0000000440)=ANY=[@ANYBLOB="010005006f501c41241f0000000000000180c200004d08446d95564f250f398a324d7938dd8ef16d6196fe2ca896fc7ba691fd99d502c80ca9c8ea03f68be82eb24922afc7c4fc2931428f289a95293d17ebb74620450f4d383ca25089dea389f990e8479859b5d2801a111fb3e3292ff16448dfd9c2df157a783ba99313a7d49cc61e0cef4119e9eef69c41269f16e2c669dec956e32cbc97ea713f1a3a90cf8474fe58e6624f3d89421483de48"]) write$cgroup_type(r3, &(0x7f0000000200)='threaded\x00', 0xfffffeb3) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000140)={'lo\x00', &(0x7f0000000340)=ANY=[@ANYBLOB="2c00000000000000000000000000000000000000000000000000000000000000000000000000000000000000c3f7e2154138171af73643d0e9db84a528211e5a9e5f782d6c302beeebd002119d254884283d8f93560c07aaa9b8ff83fa771e919ee16cff48f1c11cc4785ba5e889fad2cfcde8eebb669f1a775865d8e3a3df8253db87fa6a23b6305fe4c194607b8c7365ef12805b63a83c3699905af15c717dde75f5269cf24a683d4dc528d4a2d3f3bd87159ed0812da24248b9e855f044984b8a32e647c188e9195255f7c05003eff14bfab1d62677b37d50ecd62ed1"]}) sync() lstat(&(0x7f0000000a00)='./bus\x00', &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000000ac0)='./bus\x00', &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) lchown(&(0x7f00000009c0)='./bus/file0\x00', r7, r8) 11:04:37 executing program 3: r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000002980)='/dev/vsock\x00', 0x0, 0x0) ioctl$TCSBRKP(r0, 0x7b9, 0x710003) [ 267.416187] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details. 11:04:37 executing program 2: 11:04:37 executing program 3: 11:04:37 executing program 0: [ 267.654109] hrtimer: interrupt took 94653 ns 11:04:37 executing program 2: 11:04:38 executing program 3: 11:04:38 executing program 2: 11:04:38 executing program 4: 11:04:38 executing program 0: [ 268.732993] IPVS: ftp: loaded support on port[0] = 21 [ 269.940300] bridge0: port 1(bridge_slave_0) entered blocking state [ 269.946821] bridge0: port 1(bridge_slave_0) entered disabled state [ 269.954754] device bridge_slave_0 entered promiscuous mode [ 270.026676] bridge0: port 2(bridge_slave_1) entered blocking state [ 270.033313] bridge0: port 2(bridge_slave_1) entered disabled state [ 270.040850] device bridge_slave_1 entered promiscuous mode [ 270.112189] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 270.183616] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 270.402565] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 270.478513] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 270.619684] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 270.626907] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 270.844206] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 270.851915] team0: Port device team_slave_0 added [ 270.922670] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 270.930165] team0: Port device team_slave_1 added [ 271.004044] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 271.081025] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 271.155911] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 271.163838] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 271.172651] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 271.245821] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 271.253144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 271.261920] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 272.080051] bridge0: port 2(bridge_slave_1) entered blocking state [ 272.086532] bridge0: port 2(bridge_slave_1) entered forwarding state [ 272.093464] bridge0: port 1(bridge_slave_0) entered blocking state [ 272.099861] bridge0: port 1(bridge_slave_0) entered forwarding state [ 272.107923] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 272.622040] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 272.907785] not chained 30000 origins [ 272.911639] CPU: 1 PID: 8240 Comm: ip Not tainted 4.20.0-rc3+ #92 [ 272.917864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 272.927252] Call Trace: [ 272.929845] dump_stack+0x32d/0x480 [ 272.933465] ? save_stack_trace+0xc6/0x110 [ 272.937732] kmsan_internal_chain_origin+0x222/0x240 [ 272.942846] ? kmsan_internal_chain_origin+0x136/0x240 [ 272.948107] ? __msan_chain_origin+0x6d/0xb0 [ 272.952519] ? __save_stack_trace+0x8be/0xc60 [ 272.957083] ? save_stack_trace+0xc6/0x110 [ 272.961302] ? kmsan_internal_chain_origin+0x136/0x240 [ 272.966571] ? kmsan_memcpy_origins+0x13d/0x190 [ 272.971230] ? __msan_memcpy+0x6f/0x80 [ 272.975101] ? nla_put+0x20a/0x2d0 [ 272.978662] ? br_port_fill_attrs+0x366/0x1ea0 [ 272.983229] ? br_port_fill_slave_info+0xff/0x120 [ 272.988057] ? rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 272.992534] ? rtnl_dump_ifinfo+0x18b5/0x2140 [ 272.997022] ? netlink_dump+0xc79/0x1c90 [ 273.001067] ? netlink_recvmsg+0xec2/0x19d0 [ 273.005376] ? sock_recvmsg+0x1d1/0x230 [ 273.009337] ? ___sys_recvmsg+0x444/0xae0 [ 273.013470] ? __se_sys_recvmsg+0x2fa/0x450 [ 273.017777] ? __x64_sys_recvmsg+0x4a/0x70 [ 273.022001] ? do_syscall_64+0xcf/0x110 [ 273.025960] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 273.031311] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 273.036405] ? kmsan_internal_chain_origin+0x1e3/0x240 [ 273.041676] ? kmsan_internal_chain_origin+0x136/0x240 [ 273.046941] ? __msan_chain_origin+0x6d/0xb0 [ 273.051335] ? save_stack_trace+0xfa/0x110 [ 273.055557] ? kmsan_internal_chain_origin+0x136/0x240 [ 273.060819] ? kmsan_memcpy_origins+0x13d/0x190 [ 273.065493] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 273.070945] ? in_task_stack+0x12c/0x210 [ 273.074996] __msan_chain_origin+0x6d/0xb0 [ 273.079305] ? ___sys_recvmsg+0x444/0xae0 [ 273.083440] __save_stack_trace+0x8be/0xc60 [ 273.087760] ? ___sys_recvmsg+0x444/0xae0 [ 273.091900] save_stack_trace+0xc6/0x110 [ 273.095949] kmsan_internal_chain_origin+0x136/0x240 [ 273.101041] ? kmsan_internal_chain_origin+0x136/0x240 [ 273.106310] ? kmsan_memcpy_origins+0x13d/0x190 [ 273.110983] ? __msan_memcpy+0x6f/0x80 [ 273.114866] ? nla_put+0x20a/0x2d0 [ 273.118391] ? br_port_fill_attrs+0x366/0x1ea0 [ 273.122995] ? br_port_fill_slave_info+0xff/0x120 [ 273.127825] ? rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 273.132322] ? rtnl_dump_ifinfo+0x18b5/0x2140 [ 273.136804] ? netlink_dump+0xc79/0x1c90 [ 273.140848] ? netlink_recvmsg+0xec2/0x19d0 [ 273.145158] ? sock_recvmsg+0x1d1/0x230 [ 273.149141] ? __msan_poison_alloca+0x1e0/0x270 [ 273.153803] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 273.159154] ? find_next_bit+0x25b/0x2a0 [ 273.163203] ? vmalloc_to_page+0x585/0x6c0 [ 273.167427] ? kmsan_set_origin+0x7f/0x100 [ 273.171665] kmsan_memcpy_origins+0x13d/0x190 [ 273.176169] __msan_memcpy+0x6f/0x80 [ 273.179869] nla_put+0x20a/0x2d0 [ 273.183227] br_port_fill_attrs+0x366/0x1ea0 [ 273.187642] br_port_fill_slave_info+0xff/0x120 [ 273.192298] ? br_port_get_slave_size+0x30/0x30 [ 273.196950] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 273.201276] rtnl_dump_ifinfo+0x18b5/0x2140 [ 273.205619] ? kmsan_set_origin+0x7f/0x100 [ 273.209839] ? kmsan_internal_unpoison_shadow+0x26/0x30 [ 273.215213] ? rtnl_getlink+0xec0/0xec0 [ 273.219172] netlink_dump+0xc79/0x1c90 [ 273.223075] netlink_recvmsg+0xec2/0x19d0 [ 273.227226] sock_recvmsg+0x1d1/0x230 [ 273.231011] ? netlink_sendmsg+0x1440/0x1440 [ 273.235408] ___sys_recvmsg+0x444/0xae0 [ 273.239378] ? __msan_poison_alloca+0x1e0/0x270 [ 273.244054] ? __se_sys_recvmsg+0xca/0x450 [ 273.248279] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 273.253636] ? __fdget+0x23c/0x440 [ 273.257167] __se_sys_recvmsg+0x2fa/0x450 [ 273.261310] __x64_sys_recvmsg+0x4a/0x70 [ 273.265363] do_syscall_64+0xcf/0x110 [ 273.269155] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 273.274332] RIP: 0033:0x7f10c05ce210 [ 273.278033] Code: 31 d2 48 29 c2 64 89 11 48 83 c8 ff eb ea 90 90 90 90 90 90 90 90 90 90 90 90 83 3d e5 d3 2a 00 00 75 10 b8 2f 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 6e bb 00 00 48 89 04 24 [ 273.296923] RSP: 002b:00007fff2a4585a8 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 273.304912] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f10c05ce210 [ 273.312284] RDX: 0000000000000000 RSI: 00007fff2a4585f0 RDI: 0000000000000003 [ 273.319547] RBP: 0000000000001f1c R08: 00007f10c0877ec8 R09: 00007f10c0614800 [ 273.326800] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006395c0 [ 273.334056] R13: 00007fff2a45c680 R14: 0000000000001f1c R15: 00007fff2a45a54c [ 273.341434] Uninit was stored to memory at: [ 273.345754] kmsan_internal_chain_origin+0x136/0x240 [ 273.350844] __msan_chain_origin+0x6d/0xb0 [ 273.355066] __save_stack_trace+0x8be/0xc60 [ 273.359371] save_stack_trace+0xc6/0x110 [ 273.363416] kmsan_internal_chain_origin+0x136/0x240 [ 273.368595] kmsan_memcpy_origins+0x13d/0x190 [ 273.373075] __msan_memcpy+0x6f/0x80 [ 273.376778] nla_put+0x20a/0x2d0 [ 273.380136] br_port_fill_attrs+0x366/0x1ea0 [ 273.384530] br_port_fill_slave_info+0xff/0x120 [ 273.389198] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 273.393507] rtnl_dump_ifinfo+0x18b5/0x2140 [ 273.397815] netlink_dump+0xc79/0x1c90 [ 273.401685] netlink_recvmsg+0xec2/0x19d0 [ 273.405825] sock_recvmsg+0x1d1/0x230 [ 273.409614] ___sys_recvmsg+0x444/0xae0 [ 273.413573] __se_sys_recvmsg+0x2fa/0x450 [ 273.417722] __x64_sys_recvmsg+0x4a/0x70 [ 273.421776] do_syscall_64+0xcf/0x110 [ 273.425564] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 273.430730] [ 273.432337] Uninit was stored to memory at: [ 273.436645] kmsan_internal_chain_origin+0x136/0x240 [ 273.441734] __msan_chain_origin+0x6d/0xb0 [ 273.445951] __save_stack_trace+0x8be/0xc60 [ 273.450560] save_stack_trace+0xc6/0x110 [ 273.454611] kmsan_internal_chain_origin+0x136/0x240 [ 273.459870] kmsan_memcpy_origins+0x13d/0x190 [ 273.464356] __msan_memcpy+0x6f/0x80 [ 273.468053] nla_put+0x20a/0x2d0 [ 273.471404] br_port_fill_attrs+0x366/0x1ea0 [ 273.475800] br_port_fill_slave_info+0xff/0x120 [ 273.480455] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 273.484760] rtnl_dump_ifinfo+0x18b5/0x2140 [ 273.489191] netlink_dump+0xc79/0x1c90 [ 273.493063] netlink_recvmsg+0xec2/0x19d0 [ 273.497236] sock_recvmsg+0x1d1/0x230 [ 273.501129] ___sys_recvmsg+0x444/0xae0 [ 273.505085] __se_sys_recvmsg+0x2fa/0x450 [ 273.509230] __x64_sys_recvmsg+0x4a/0x70 [ 273.513280] do_syscall_64+0xcf/0x110 [ 273.517064] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 273.522318] [ 273.523930] Uninit was stored to memory at: [ 273.528235] kmsan_internal_chain_origin+0x136/0x240 [ 273.533324] __msan_chain_origin+0x6d/0xb0 [ 273.537541] __save_stack_trace+0x8be/0xc60 [ 273.541846] save_stack_trace+0xc6/0x110 [ 273.545891] kmsan_internal_chain_origin+0x136/0x240 [ 273.550984] kmsan_memcpy_origins+0x13d/0x190 [ 273.555465] __msan_memcpy+0x6f/0x80 [ 273.559190] nla_put+0x20a/0x2d0 [ 273.562542] br_port_fill_attrs+0x366/0x1ea0 [ 273.566933] br_port_fill_slave_info+0xff/0x120 [ 273.571584] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 273.575898] rtnl_dump_ifinfo+0x18b5/0x2140 [ 273.580205] netlink_dump+0xc79/0x1c90 [ 273.584218] netlink_recvmsg+0xec2/0x19d0 [ 273.588350] sock_recvmsg+0x1d1/0x230 [ 273.592138] ___sys_recvmsg+0x444/0xae0 [ 273.596094] __se_sys_recvmsg+0x2fa/0x450 [ 273.600228] __x64_sys_recvmsg+0x4a/0x70 [ 273.604287] do_syscall_64+0xcf/0x110 [ 273.608079] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 273.613251] [ 273.614862] Uninit was stored to memory at: [ 273.619174] kmsan_internal_chain_origin+0x136/0x240 [ 273.624275] __msan_chain_origin+0x6d/0xb0 [ 273.628495] __save_stack_trace+0x8be/0xc60 [ 273.632802] save_stack_trace+0xc6/0x110 [ 273.636845] kmsan_internal_chain_origin+0x136/0x240 [ 273.641932] kmsan_memcpy_origins+0x13d/0x190 [ 273.646413] __msan_memcpy+0x6f/0x80 [ 273.650118] nla_put+0x20a/0x2d0 [ 273.653468] br_port_fill_attrs+0x366/0x1ea0 [ 273.657862] br_port_fill_slave_info+0xff/0x120 [ 273.662511] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 273.666817] rtnl_dump_ifinfo+0x18b5/0x2140 [ 273.671124] netlink_dump+0xc79/0x1c90 [ 273.674994] netlink_recvmsg+0xec2/0x19d0 [ 273.679133] sock_recvmsg+0x1d1/0x230 [ 273.682935] ___sys_recvmsg+0x444/0xae0 [ 273.686907] __se_sys_recvmsg+0x2fa/0x450 [ 273.691037] __x64_sys_recvmsg+0x4a/0x70 [ 273.695204] do_syscall_64+0xcf/0x110 [ 273.698992] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 273.704177] [ 273.705790] Uninit was stored to memory at: [ 273.710095] kmsan_internal_chain_origin+0x136/0x240 [ 273.715194] __msan_chain_origin+0x6d/0xb0 [ 273.719413] __save_stack_trace+0x8be/0xc60 [ 273.723717] save_stack_trace+0xc6/0x110 [ 273.727771] kmsan_internal_chain_origin+0x136/0x240 [ 273.732860] kmsan_memcpy_origins+0x13d/0x190 [ 273.737338] __msan_memcpy+0x6f/0x80 [ 273.741034] nla_put+0x20a/0x2d0 [ 273.744485] br_port_fill_attrs+0x366/0x1ea0 [ 273.748880] br_port_fill_slave_info+0xff/0x120 [ 273.753654] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 273.757960] rtnl_dump_ifinfo+0x18b5/0x2140 [ 273.762284] netlink_dump+0xc79/0x1c90 [ 273.766164] netlink_recvmsg+0xec2/0x19d0 [ 273.770298] sock_recvmsg+0x1d1/0x230 [ 273.774169] ___sys_recvmsg+0x444/0xae0 [ 273.778129] __se_sys_recvmsg+0x2fa/0x450 [ 273.782278] __x64_sys_recvmsg+0x4a/0x70 [ 273.786348] do_syscall_64+0xcf/0x110 [ 273.790137] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 273.795303] [ 273.796910] Uninit was stored to memory at: [ 273.801234] kmsan_internal_chain_origin+0x136/0x240 [ 273.806322] __msan_chain_origin+0x6d/0xb0 [ 273.810662] __save_stack_trace+0x8be/0xc60 [ 273.814968] save_stack_trace+0xc6/0x110 [ 273.819012] kmsan_internal_chain_origin+0x136/0x240 [ 273.824103] kmsan_memcpy_origins+0x13d/0x190 [ 273.828607] __msan_memcpy+0x6f/0x80 [ 273.832308] nla_put+0x20a/0x2d0 [ 273.835660] br_port_fill_attrs+0x366/0x1ea0 [ 273.840053] br_port_fill_slave_info+0xff/0x120 [ 273.844707] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 273.849013] rtnl_dump_ifinfo+0x18b5/0x2140 [ 273.853317] netlink_dump+0xc79/0x1c90 [ 273.857192] netlink_recvmsg+0xec2/0x19d0 [ 273.861324] sock_recvmsg+0x1d1/0x230 [ 273.865108] ___sys_recvmsg+0x444/0xae0 [ 273.869091] __se_sys_recvmsg+0x2fa/0x450 [ 273.873240] __x64_sys_recvmsg+0x4a/0x70 [ 273.877287] do_syscall_64+0xcf/0x110 [ 273.881094] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 273.886271] [ 273.887881] Uninit was stored to memory at: [ 273.892190] kmsan_internal_chain_origin+0x136/0x240 [ 273.897277] __msan_chain_origin+0x6d/0xb0 [ 273.901496] __save_stack_trace+0x8be/0xc60 [ 273.905804] save_stack_trace+0xc6/0x110 [ 273.909853] kmsan_internal_chain_origin+0x136/0x240 [ 273.914942] kmsan_memcpy_origins+0x13d/0x190 [ 273.919441] __msan_memcpy+0x6f/0x80 [ 273.923141] nla_put+0x20a/0x2d0 [ 273.926496] br_port_fill_attrs+0x366/0x1ea0 [ 273.930890] br_port_fill_slave_info+0xff/0x120 [ 273.935545] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 273.939850] rtnl_dump_ifinfo+0x18b5/0x2140 [ 273.944160] netlink_dump+0xc79/0x1c90 [ 273.948035] netlink_recvmsg+0xec2/0x19d0 [ 273.952170] sock_recvmsg+0x1d1/0x230 [ 273.956067] ___sys_recvmsg+0x444/0xae0 [ 273.960028] __se_sys_recvmsg+0x2fa/0x450 [ 273.964160] __x64_sys_recvmsg+0x4a/0x70 [ 273.968222] do_syscall_64+0xcf/0x110 [ 273.972011] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 273.977178] [ 273.978790] Local variable description: ----c.i.i@should_fail [ 273.984653] Variable was created at: [ 273.988352] should_fail+0x162/0x13c0 [ 273.992159] __alloc_pages_nodemask+0x73f/0x63e0 [ 276.155014] 8021q: adding VLAN 0 to HW filter on device bond0 [ 276.426643] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 276.689798] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 276.696302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 276.704224] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 276.970159] 8021q: adding VLAN 0 to HW filter on device team0 11:04:48 executing program 5: 11:04:48 executing program 3: 11:04:48 executing program 1: 11:04:48 executing program 0: 11:04:48 executing program 2: 11:04:48 executing program 4: 11:04:49 executing program 3: 11:04:49 executing program 2: 11:04:49 executing program 5: 11:04:49 executing program 4: 11:04:49 executing program 0: 11:04:49 executing program 1: 11:04:49 executing program 3: 11:04:49 executing program 2: 11:04:49 executing program 4: 11:04:49 executing program 5: 11:04:49 executing program 0: 11:04:49 executing program 2: 11:04:49 executing program 1: 11:04:49 executing program 3: 11:04:50 executing program 5: 11:04:50 executing program 2: 11:04:50 executing program 4: 11:04:50 executing program 0: 11:04:50 executing program 1: 11:04:50 executing program 3: 11:04:50 executing program 5: 11:04:50 executing program 4: 11:04:50 executing program 2: 11:04:50 executing program 0: 11:04:50 executing program 1: 11:04:50 executing program 5: 11:04:50 executing program 2: 11:04:50 executing program 4: 11:04:50 executing program 3: 11:04:50 executing program 0: 11:04:50 executing program 1: r0 = socket$inet6(0xa, 0x100000000002, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x5}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x400806e, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @ipv4={[], [], @multicast2}}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={[], [], @dev}}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 11:04:51 executing program 5: r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e23}, 0x1c) listen(r0, 0x5eb857) r1 = socket$inet_dccp(0x2, 0x6, 0x0) connect$inet(r1, &(0x7f0000000780)={0x2, 0x4e23, @remote}, 0x10) sendmmsg(r1, &(0x7f0000003f00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000940)=[{0x10}], 0x10, 0x4}}], 0x1, 0x40000) 11:04:51 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r0, 0x6, 0xb, &(0x7f0000bfcffc), &(0x7f0000000000)=0x4) [ 281.151084] ================================================================== [ 281.158535] BUG: KMSAN: uninit-value in gre_rcv+0x11a3/0x1900 [ 281.164438] CPU: 0 PID: 8453 Comm: syz-executor1 Not tainted 4.20.0-rc3+ #92 [ 281.171631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 281.180992] Call Trace: [ 281.183587] [ 281.185758] dump_stack+0x32d/0x480 [ 281.189394] ? gre_rcv+0x11a3/0x1900 [ 281.193140] kmsan_report+0x19f/0x300 [ 281.196960] __msan_warning+0x76/0xc0 [ 281.200783] gre_rcv+0x11a3/0x1900 [ 281.204342] ? raw_local_deliver+0xa0/0x1890 [ 281.208759] ? ip_local_deliver_finish+0x28c/0xff0 [ 281.213719] ? erspan_xmit+0x35d0/0x35d0 [ 281.217789] gre_rcv+0x2e6/0x3c0 [ 281.221176] ? gre_parse_header+0x1470/0x1470 [ 281.225689] ip_local_deliver_finish+0x8d8/0xff0 [ 281.230507] ip_local_deliver+0x44b/0x510 [ 281.234684] ? ip_local_deliver+0x510/0x510 [ 281.239024] ? ip_call_ra_chain+0x7a0/0x7a0 [ 281.243448] ip_rcv+0x6b6/0x740 [ 281.246749] ? ip_rcv_core+0x1370/0x1370 [ 281.250828] process_backlog+0x82b/0x11e0 [ 281.254990] ? ip_local_deliver_finish+0xff0/0xff0 [ 281.259944] ? rps_trigger_softirq+0x2e0/0x2e0 [ 281.264538] net_rx_action+0x98f/0x1d50 [ 281.268546] ? net_tx_action+0xf20/0xf20 [ 281.272622] __do_softirq+0x721/0xc7f [ 281.276466] do_softirq_own_stack+0x49/0x80 [ 281.280785] [ 281.283039] __local_bh_enable_ip+0x228/0x260 [ 281.287555] local_bh_enable+0x36/0x40 [ 281.292003] ip_finish_output2+0x1430/0x1560 [ 281.296443] ip_finish_output+0xd93/0x10f0 11:04:51 executing program 4: pipe(&(0x7f0000001600)={0xffffffffffffffff, 0xffffffffffffffff}) io_setup(0x990, &(0x7f0000000140)=0x0) io_submit(r2, 0x1, &(0x7f00000015c0)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)='"', 0x1}]) close(r0) openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x8000000002, 0x0) splice(r0, 0x0, r1, 0x0, 0x200, 0x0) 11:04:51 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) perf_event_open(&(0x7f0000aaa000)={0x2, 0x70, 0x859, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000540)={"6cdd4237dd245c8404721ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c0000000047ecee377a5fece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dd56ca097ddda7c21a984c2b9ca4bbb7a87165c0c3abc75d7ea4df10010174a3ac8694525952f44500a1f0db509c32cc7ace842c2bf37f06e4ea9f1e5f000100000cc58bfa2fcde317fad4825aa1b6a6c2d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404993ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dab05cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4eaff4c0a4f72445ef30dcd2c569319d6e9bb2058d023f669a64fc7c9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd35428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc95d48fda552726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b69836ce17a570d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b81cf438a3de1b1eee8faffa8f6347b4951f97b5703dc78b1ca9d74ea6a9ae16ab367c0de2659cc38d2f33d5c6c45fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a3fdb288ec502f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809b7169bbfdcff4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec85b21d0e1b962d2fc43fa01a047526865c888c9ff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0x4400ae8f, &(0x7f0000000c00)) [ 281.300706] ip_output+0x55c/0x630 [ 281.304272] ? ip_mc_finish_output+0x440/0x440 [ 281.308866] ? ip_finish_output+0x10f0/0x10f0 [ 281.313374] ip_send_skb+0x178/0x370 [ 281.317123] udp_send_skb+0x1439/0x1920 [ 281.321137] udp_sendmsg+0x1496/0x4350 [ 281.325037] ? ip_copy_metadata+0x1710/0x1710 [ 281.329579] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 281.334954] ? finish_task_switch+0x380/0x410 [ 281.339481] ? kmsan_internal_unpoison_shadow+0x26/0x30 [ 281.344870] ? kmsan_set_origin+0x7f/0x100 [ 281.349232] udpv6_sendmsg+0x123e/0x4960 [ 281.353312] ? aa_label_sk_perm+0xda/0x960 [ 281.357594] ? kmsan_set_origin+0x7f/0x100 [ 281.361848] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 281.367227] ? aa_sk_perm+0x7ab/0x9e0 [ 281.371068] ? __msan_poison_alloca+0x1e0/0x270 [ 281.375770] ? __sys_sendto+0x940/0xb80 [ 281.379758] ? __udp6_lib_rcv+0x3ea0/0x3ea0 [ 281.384120] inet_sendmsg+0x4e9/0x800 [ 281.387938] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 281.393320] ? security_socket_sendmsg+0x1bd/0x200 [ 281.398281] ? inet_getname+0x490/0x490 [ 281.402291] __sys_sendto+0x940/0xb80 [ 281.406141] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 281.411609] ? prepare_exit_to_usermode+0x182/0x4c0 [ 281.416647] __se_sys_sendto+0x107/0x130 [ 281.420735] __x64_sys_sendto+0x6e/0x90 [ 281.424723] do_syscall_64+0xcf/0x110 [ 281.428541] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 281.433743] RIP: 0033:0x457569 [ 281.436947] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 281.456074] RSP: 002b:00007f4bfd0ebc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 281.463806] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457569 [ 281.471435] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 281.478721] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 281.486005] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4bfd0ec6d4 [ 281.493297] R13: 00000000004c407b R14: 00000000004d6910 R15: 00000000ffffffff [ 281.500590] 11:04:51 executing program 0: r0 = epoll_create1(0x80000) r1 = epoll_create1(0x0) close(r0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r2, 0x40045431, &(0x7f00003b3fdc)) r3 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x0) r4 = syz_open_pts(r2, 0x0) r5 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f0000000200)) dup3(r5, r2, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000c85000)) setsockopt$bt_BT_FLUSHABLE(r3, 0x112, 0x8, &(0x7f0000000040)=0x2, 0x4) [ 281.502242] Uninit was stored to memory at: [ 281.506584] kmsan_internal_chain_origin+0x136/0x240 [ 281.511704] kmsan_memcpy_origins+0x13d/0x190 [ 281.516214] __msan_memcpy+0x6f/0x80 [ 281.519945] pskb_expand_head+0x436/0x1d20 [ 281.524190] ip_tunnel_xmit+0x35a3/0x3d90 [ 281.528347] erspan_xmit+0x1bce/0x35d0 [ 281.532279] dev_hard_start_xmit+0x6dc/0xde0 [ 281.536712] sch_direct_xmit+0x59b/0x890 [ 281.540801] __qdisc_run+0x1bac/0x3600 [ 281.544697] __dev_queue_xmit+0x2131/0x3e00 [ 281.549027] dev_queue_xmit+0x4b/0x60 [ 281.552840] neigh_resolve_output+0xab7/0xb50 [ 281.557363] ip_finish_output2+0x141a/0x1560 [ 281.561784] ip_finish_output+0xd93/0x10f0 [ 281.566029] ip_output+0x55c/0x630 [ 281.569588] ip_send_skb+0x178/0x370 [ 281.573312] udp_send_skb+0x1439/0x1920 [ 281.577300] udp_sendmsg+0x1496/0x4350 [ 281.581196] udpv6_sendmsg+0x123e/0x4960 [ 281.585271] inet_sendmsg+0x4e9/0x800 [ 281.589084] __sys_sendto+0x940/0xb80 [ 281.592907] __se_sys_sendto+0x107/0x130 [ 281.596979] __x64_sys_sendto+0x6e/0x90 [ 281.600966] do_syscall_64+0xcf/0x110 [ 281.604777] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 281.609966] [ 281.611593] Uninit was created at: [ 281.615148] kmsan_internal_poison_shadow+0x68/0x130 [ 281.620261] kmsan_kmalloc+0xa1/0x100 [ 281.624078] kmsan_slab_alloc+0xe/0x10 [ 281.627995] __kmalloc_node_track_caller+0xf62/0x14e0 [ 281.633198] __alloc_skb+0x42b/0xeb0 [ 281.636921] alloc_skb_with_frags+0x1c9/0xa80 [ 281.641433] sock_alloc_send_pskb+0xeb3/0x14c0 [ 281.646122] sock_alloc_send_skb+0xca/0xe0 11:04:51 executing program 2: r0 = socket(0x10, 0x3, 0xc) fcntl$notify(r0, 0x402, 0x1) write(r0, &(0x7f00000001c0)="25447c6e7e78b94c8f793227fa1f8c55bb172c8aedf4af913bd7c2003b85ab44d869bb1514e5dfccba61f925f5e070073d044e8a691023501f22e3793c40624ecf76291b40b380c08a3ea0875c961251693cceff99523ff7ae32bc884b5263b551235da44bda73da6d7cbf2760830b7432acfc11c099f7c052c985bab4933c2f9f357653d55825b90608f812d095e80a9cf721be2126c2141ca9c7d515443ae26333cfc18d4e5c1bc533e3d5ab494d29c23882e2d896aa9e0159a5d482fa6de4fc7786b5702747f2fca2117cffd251dc7f6decae568417c0895ef68e645742a64e3a94ed91ebb098066c9d9945bcd64234fed220d7b9d44c9f54f583fdc15056347478f97b3e067ae21d02195a76a2e59c955b724ec9df71a15aa19ce62d99c7be2f7956435f32d47ae218199d037fb30158bd0b92fd958505d2dd27adbb500f17a0a9e240c5c1c49d02cfbc2d3cbd8d68420c90728e8079c0b87c2f1ef5651de8379571796e4d50d38868429f8f81f904ec9108d16f3a2afd76848585214e25bb02360662869435ad21aadbd4ab2ea0cb64b5e29e38f2600da0e5b77431d6e3d8f25e163f37af1a4084a5a8851db6de0eeac612fbd0e360159de93af900d72ec20b3e1a1b90c60fba520665856cdc017b439ca78f4e42636ddebc79eaa2b36c2f34a559302ae7c24b6a16c6f07cb8091ffdef7888cf9e1e64442fe59f02997a13581b03d1fa108c585ae26b39af845e62818e62bc3feeab480a96d8e5d7e388326f557b0452dcc4ffec4be37088732aeb9912ca88c4dc9993b6acc6c29d4aacdd56cd518e9907a2d4c7a6a2fa4e83a22e28bde8e141d93bfbaffb84687c2de2d2e5b18a092bdb0ff2f2df764eab4b213514c1836628ff89289588a4c84ad45962c002a5edb03bf48cf79c7965f6298b2a098c9f1785d7b457909be61b36f9fd17f480f6951ff97c9fae28424d87834020a6f2f8687f2f5d4cfc0df0fbe9d308026b8e11ec6eab51ddd4c44abe057509dabf1cfeb4135018d93f0dbbf9c29b7b36f1967200b507496b66f18c0fd2ad4f6350f2c77ff23e036b13402c0b2b5f1c3defbe7dc6e5ea6352471adb2eed2c5cb2953af3997b9812e5fd2f6465a79381d6e837ff8a0431eb4d598695ab37b462f51f1dab001c126523f67ab03bb32ec1658087a4b5395de3063050f28398e07fabaf76a40a62e5a7f7ca4ba4634ba5b716a7223826e8bcbc58fec955fb0a61c9782d57ff54e99d7d6a948ec6a4e8720a50af6a04e398fd796b40ae25a848fed6b120cc94a2833540c6691e4935b605402cd3ebcc65d84a75b7274cc822d8c462402384f2841698b9341bdd4638b3a46b77b6176b66b6d002e6b43fac807ce2d8f593745f802699a8c7615a4a6c0c2b310b11c57e854948fe3a831ae166276366e0ecd435abf21615ea511e66bee5b68642c16732fe2f0c7e8811bcc54ac20a6d060301ba4eaa4500013b8114db051bee67f0b056835f8a5365ec62b4d142a80fc47390c74dcc679fca09d270385ea3e3979b784dd6e7de5ecf3abc6b2cf3bd4ebf55f810735357c1283515f0f41c12f3d7c6b3479f1bef3d02d9358554e8aa0739a509de77159404c6efd7af2dde939439cda95c5230ad9c69b577fe4e17125ea36279f3c9c0319030180770c3f3f5db2c7f715b2daa250a086d0b1998b8593469e9bccd0e3f134524b2abb54450bb9648f1ae8d1e60268bab14922cf283d4d98039397d94663ff9976e5907f654d54499f738620fbc1b26a063dabf409598563a97b1dc035dfda08ed569361860247a5b60e26a54a46fb5c312936ced4225d62c34bacfb22d8d587b9502b7ae1dca0cd99415ed28f9fb22d5c686401a510ff5ad83ef6469d478639272a75b776cbedf015ae6907d5416d305bb96e243e6ad06348a62f83f15eb4a720f67c8978c0ffa3d7ed2bff55eb7aa08431044dd2178c58912ba4cc2382dd43b313e9b2ce86980ef71a493e2a800e15e4d8582e6e24188b45679a9796495d192e366b3b27dd978df2b062f2c26a338c1800a8a09a372a18ba2237cbe13511dd453126f643d706fdb8b21e2b6cbfb6c44ee07a6c0a61a33c39ff10276bbdd901f3ada3714648d2488ea3e1d1591dfab3a46940150f52a8765658bdbe545fde18fbead107646d6c429266316b54dd2b4c8db9e8c0fdcc2649ee0536780ed5da4d0a059cc1f91ae9d8d449f20868330730dba41823491f5bf9f4ef39614c2a1c3833010f34c45821a06730275aeb2d2b2e7ad540e83dad39fccd58f9183936a0024242155c7f96cefc89bbd61284c94735c2ed5b18aa1fa15fe3f3820693a5fb9e68958ec4af810e0b639683eac4c8b92c09ee60fded5f72df47f38f1604a48caeb31bdbee089c6d8242ca34f9158c2640b4e4f93a66fcc98cdd83b7a8284e7cc6dd671ffa71c974a673ee9c397ad5153f60ad966570f44aa15e46a99f74acfc25b1b9d3585533b53016dfc4333245746469739294e27c3318702dd07dd472210c442b758f445d05606d7c0b9850b4f064f9bd845c8cf7a3fade5f47256c893f7667390e2dcca720a564d6d71c8a77809b963cc4b4ff46b2ed7c6c23486c57cc7e266c238d709d58eb7d8b003532fe842275eef5188e59bbdb1b85006d2ab53618850e36c6ea7552effaf40e435f3482d12b8900f98edd09924826b6f8fb5a40f095ee684ce55add3aa132c611a655c357f6cca723e59eebe64a59dd21325b01d0568fa5d7c9db4f988da10b546761d4d86821301a58e90fb638625e3657ca234747217e61fb66a0916a09831d93a2ef00f7e1b4e2120e1205c228aabfbc5818d8534a5054ec190341bb9784d42f82c2e0fe19d8318c6dcefa97a1675a8c8f5ea2aad4aeba7289fa35d8e31092e807fe391cfcdc0fc67e65cf82a537fccd7282459610a3d82393e56cbcfc8aa3d5234d8e56e1a5089f7fe36aa484fe42ca5389743939ae1b0dd19f41816e4d8c56670b60e7768122d01913bf443b4954850117800d56e65985eaac5e415ce0554a5601b3c26ddf248310cf30e5316c0d1939819ce6c84b0a1468a5ddec4a2f1f3bf28b2c94ae11a15c3154d229da94024bc28e065905f17b7c173f531661b4b84e5d798cb59767d384f3c80ce186b9448b0774272a7d7dbfb127e589720e74d2ff9f0ff634924a18719cc68494fc1016b38f3147a676b654731009759c56037f88657422b6b4484db46ee84b454abd9978ac21760cda07e0dde9f001c4dcaa7cd6b2d01397940f15b73c06d7b9909b48d164dedba02ce74dc93b14e9ae2edea2c1e2b1e2e32c8624cc7e3543a3568bff50d1490f382a4a0a3c44a00a3a78c820984ec7e2e7dbde908740fa1f7f61ec120e77734f9c5cf5d58fe589712b4fc39a098576013d81a3735139e57abd98725cee79cc78fcc09babdba3b63407cc4de68499d517c9ab7d4a50c756124a1f829b76f870b198b83b824eb52cc26d2a1fc700cfe4f3e55e1e8fc527f25ad826ceef7d84760e8afc5e4248d7e3c2f0ffca18891de8afa02b76fc8cbaba2da02907602d408f95e4acdf2f635ed767c75b0db66c86e738044d9aabf35ef643df798735ca9a45cab25c9c0218f3f775fc409f250b4d8489a73ce450c9dda038641312f2470a0a174505f60a7c57dd70d13cae2efbc065d6cd551ef95beb30e71258ee8b0aeabb053d4381723dcfbfe0db382aab8213b24729106bc6680b4f47aba1c344bff6e162b79696412a8176d2f28004c429fcb0803c686cbc43f5a51c26534c911c9bdb1c21e159d70736969277384c47702bf8236aa1d92b1bcf1e6ab9061f184a0e1e1e5177c68b2be018d77087abd9028269582819eb0bab526460fda68e94d8184fe25acbb7a47a618633b7c88c09458f38386c6a20d1531808c8f46d0ce3520aaacf67fb358b652298a667df483362b86d2443f64e2b60b820f1426b6d4978fa9d303e05b916b332b21ca58431d5934416fb621a2010f5d100e8fcb5952a3c7f64af0714ec9578af571236e8f6128146f03eb98f1e77a732dc627cf15361be3d080c5d73b982195550dd3d15d876f07f0d61c9759135e1261af52b98c19347a399bf1120f139b0680d0424561ea9f7800a7906c6ac4d7d215930638dd8e628f8d850ad23b635f758ef534af5060e73ce7ece48b81626554c8a39f8f3379d18c93b305da4ac157fcbc948d37136b75701f0f5ea30184dcc15ff88495c99aa5075c1f5b52dff6af134d38fb0b140982a5e298d740e3f08de5fec33cc3a156a8301f83508f8060c85194c10953253817d2722747ad5358652bb44d2b5ea7abf3bd37a05ec7f889ce08d7a9e2b52326e195dfe728e5c857e4ea58d8a337473bf5a0942a1e7b06c78e8d9a401d8b6ce1e48151f14ca7e11795032dcf73b4e59235310dcd4db98be81c68eaa93cd7aa7cff895651c49f82fbce10fa92046c45b93113649bfce5577aa39e89c0745cabdcce0cc3d30fc0571cb0750907127374865a3f1a75f7f0cc128955aa23a7d11bcc4a68ecf95b5cc2d0211283ff1bc298000e93ec3bc01ca3a43e6152d6572239eb9b0db005450b97b1410bf0374eaa6b5f6ae4864b89c707132cf42e8f2184e20c3a711060e5e21da33609650f9e2fd525d23f56a5b6eddd5464f64f2537c087195968b3552d6d22321cba383f516b45a9d8f8b4573ec316061766b92c56a51c38d31953b922fc78b33ff44fe7834a9f70a866940494e35f10fefc4e94542cf7db93e8241bf1c1891cf90f1a2987ed5aa2028e2d477000ff9869be8d934d68381bbdbc03510db29c41f49f78fecff2ac420ba85d5a311f30ed2ef931c5eb47899eee72831abd9fe667d8b4ac188bceaf4ea3c456b3455e8aafa7a6e62d75a1d59d9aca43060de9d74786b71bd1f2bd0737af1ae9b1d197f4e366771f57d078490708ff6a08d21a3001b7a010a58fe33b6e66d4a9a217541e32b7c2dc337cb0940bd76b8c16b7f38bdfe6428735c8fe12449bc7f61a3321467d18c4ff99bfef90bd61ba2b3a30374f43a82c9aefb46a3a59a5ec1bb830772e792fd94ec67765d6bb19f80812fb4047f2c7765f3dc22040c23f3039ae0c01f327c68c2d4af2985321168afe6c4478d4ecf6fcbf8b57f6829f0cb26b74aa7221526d8dd0247dac26717575b574f5c45865c41e0cb9f2f4142bd8f55c6119053b6a4acc485ab4f3198ed8eb90863ffa7714d887d1d4fc33827e3f839da195c36775f472f5caa4f8b094cff5b5a35b277520b2d4765ae25a330acea89890bf98d1f3af706057a99d3907c1066bad505392c2f4600a24c316327b1a6d9b66ee2a94d49f41608502", 0xec1) [ 281.650368] __ip_append_data+0x2bd2/0x4460 [ 281.654697] ip_append_data+0x30c/0x450 [ 281.658682] udp_sendmsg+0x74e/0x4350 [ 281.662494] udpv6_sendmsg+0x123e/0x4960 [ 281.666569] inet_sendmsg+0x4e9/0x800 [ 281.670396] __sys_sendto+0x940/0xb80 [ 281.674214] __se_sys_sendto+0x107/0x130 [ 281.678290] __x64_sys_sendto+0x6e/0x90 [ 281.682298] do_syscall_64+0xcf/0x110 [ 281.686223] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 281.691434] ================================================================== [ 281.698801] Disabling lock debugging due to kernel taint [ 281.704265] Kernel panic - not syncing: panic_on_warn set ... [ 281.710164] CPU: 0 PID: 8453 Comm: syz-executor1 Tainted: G B 4.20.0-rc3+ #92 [ 281.718741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 281.728102] Call Trace: [ 281.730707] [ 281.732877] dump_stack+0x32d/0x480 [ 281.736542] panic+0x624/0xc08 [ 281.739771] kmsan_report+0x300/0x300 [ 281.743595] __msan_warning+0x76/0xc0 [ 281.747411] gre_rcv+0x11a3/0x1900 [ 281.750964] ? raw_local_deliver+0xa0/0x1890 [ 281.755385] ? ip_local_deliver_finish+0x28c/0xff0 [ 281.760364] ? erspan_xmit+0x35d0/0x35d0 [ 281.764444] gre_rcv+0x2e6/0x3c0 [ 281.767834] ? gre_parse_header+0x1470/0x1470 [ 281.772348] ip_local_deliver_finish+0x8d8/0xff0 [ 281.777149] ip_local_deliver+0x44b/0x510 [ 281.781321] ? ip_local_deliver+0x510/0x510 [ 281.785663] ? ip_call_ra_chain+0x7a0/0x7a0 [ 281.790004] ip_rcv+0x6b6/0x740 [ 281.793434] ? ip_rcv_core+0x1370/0x1370 [ 281.797517] process_backlog+0x82b/0x11e0 [ 281.801686] ? ip_local_deliver_finish+0xff0/0xff0 [ 281.806650] ? rps_trigger_softirq+0x2e0/0x2e0 [ 281.811254] net_rx_action+0x98f/0x1d50 [ 281.815290] ? net_tx_action+0xf20/0xf20 [ 281.819374] __do_softirq+0x721/0xc7f [ 281.823218] do_softirq_own_stack+0x49/0x80 [ 281.827544] [ 281.829799] __local_bh_enable_ip+0x228/0x260 [ 281.834316] local_bh_enable+0x36/0x40 [ 281.838231] ip_finish_output2+0x1430/0x1560 [ 281.842674] ip_finish_output+0xd93/0x10f0 [ 281.846935] ip_output+0x55c/0x630 [ 281.850502] ? ip_mc_finish_output+0x440/0x440 [ 281.855098] ? ip_finish_output+0x10f0/0x10f0 [ 281.859615] ip_send_skb+0x178/0x370 [ 281.863358] udp_send_skb+0x1439/0x1920 [ 281.867364] udp_sendmsg+0x1496/0x4350 [ 281.871266] ? ip_copy_metadata+0x1710/0x1710 [ 281.875800] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 281.881180] ? finish_task_switch+0x380/0x410 [ 281.885711] ? kmsan_internal_unpoison_shadow+0x26/0x30 [ 281.891114] ? kmsan_set_origin+0x7f/0x100 [ 281.895375] udpv6_sendmsg+0x123e/0x4960 [ 281.899452] ? aa_label_sk_perm+0xda/0x960 [ 281.903730] ? kmsan_set_origin+0x7f/0x100 [ 281.907988] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 281.913372] ? aa_sk_perm+0x7ab/0x9e0 [ 281.917196] ? __msan_poison_alloca+0x1e0/0x270 [ 281.921900] ? __sys_sendto+0x940/0xb80 [ 281.925926] ? __udp6_lib_rcv+0x3ea0/0x3ea0 [ 281.930267] inet_sendmsg+0x4e9/0x800 [ 281.934088] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 281.939473] ? security_socket_sendmsg+0x1bd/0x200 [ 281.944425] ? inet_getname+0x490/0x490 [ 281.948427] __sys_sendto+0x940/0xb80 [ 281.952276] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 281.957741] ? prepare_exit_to_usermode+0x182/0x4c0 [ 281.962776] __se_sys_sendto+0x107/0x130 [ 281.966866] __x64_sys_sendto+0x6e/0x90 [ 281.970852] do_syscall_64+0xcf/0x110 [ 281.974679] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 281.979882] RIP: 0033:0x457569 [ 281.983091] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 11:04:52 executing program 5: r0 = syz_open_dev$sg(&(0x7f00000001c0)='/dev/sg#\x00', 0x0, 0x82) clock_gettime(0x0, &(0x7f0000000340)={0x0, 0x0}) ppoll(&(0x7f0000000300), 0x0, &(0x7f00000003c0)={0x0, r1+10000000}, &(0x7f0000000400), 0x8) add_key$keyring(&(0x7f0000000240)='keyring\x00', &(0x7f0000000280)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000080)="91d0926b274dd75648bfc4072e33c3f37c326d45375b393aa8d660faeac020d61b98706c4d084e3e99013bb3471c7093934f6bc73f6574071e6f25622066c3c471f154d42d341425803d7695d3ba74e0061fe03d88e91f2517bd8070ceed512f5255206b3486674d24e0981f2bd5ffb019ead0f2ecb6bca7a93b91b9a7a8cd2564ab10c1bb82eae1d7d349db3bf677cc0412277a7447143ebbb08c66176dbc07c75018dfb59bc7702a643444", 0xac, 0x0) keyctl$restrict_keyring(0x1d, r2, &(0x7f0000000140)='id_legacy\x00', 0x0) writev(r0, &(0x7f0000000380)=[{&(0x7f0000002580), 0x3af}], 0x100000000000032f) r3 = syz_open_dev$admmidi(&(0x7f0000000180)='/dev/admmidi#\x00', 0x0, 0x2000) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r3, 0x28, 0x2, &(0x7f0000000200)=0xf7, 0x8) 11:04:52 executing program 3: syz_open_dev$video(&(0x7f00000000c0)='/dev/video#\x00', 0x3d, 0x0) [ 282.002012] RSP: 002b:00007f4bfd0ebc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 282.009737] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457569 [ 282.017020] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 282.024310] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 282.031595] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4bfd0ec6d4 [ 282.038883] R13: 00000000004c407b R14: 00000000004d6910 R15: 00000000ffffffff [ 282.047655] Kernel Offset: disabled [ 282.051317] Rebooting in 86400 seconds..